CC Unit VI
CC Unit VI
CC Unit VI
Computing
Topics
Docker at a Glance: Process Simplification, Broad Support
and Adoption, Architecture, The Docker Workflow, Docker
compose file, Docker volume, Docker storage.
Kubernetes: Introduction to Kubernetes, Features of
Kubernetes, Kubernetes API, Basic Architecture, Minikube.
Git Hub and DevOps: Introductions and applications
Docker at Glance
What is Docker?
• Docker is an open platform for developing, shipping, and running
applications.
• Docker enables us to separate our applications from our infrastructure so
we can deliver software quickly.
• With Docker, we can manage our infrastructure in the same ways we
manage our applications.
• By taking advantage of Docker's methodologies for shipping, testing, and
deploying code, we can significantly reduce the delay between writing
code and running it in production.
What is a container?
• Container ≠ VM
• Isolated
• Share OS
• and sometimes bins/libs
Source: docs.docker.com
Container ≠ VM
• Both Container and Virtual Machines serve for similar purpose but operate in different manner
Virtual Machine Container
VMs emulate a physical computer and require a full Containers share the host system's kernel and only
operating system to be installed, which consumes a package the application and its dependencies, leading
significant amount of system resources. to much lower resource overhead.
VMs provide strong isolation because each VM runs Containers share the host system's kernel, so they offer
its own operating system instance, leading to better a lighter form of isolation, which can be both a benefit
security but also higher resource usage. and a limitation depending on the use case.
Virtual machine performance can vary depending on Due to their lightweight nature and minimal overhead,
several factors, including the virtualization technology containers generally offer better performance than
being used, the hardware of the host machine, and how VMs, especially in terms of startup time and resource
the VM is configured. utilization.
VMs, on the other hand, are less portable due to their Docker containers are highly portable because they
heavier footprint and dependency on specific encapsulate the application and its dependencies,
virtualization software. making it easy to deploy the same containerized
application across different environments with
minimal modifications.
Process Simplification
Docker architecture
• Docker uses a client-server architecture.
• The Docker client talks to the Docker daemon, which
does the heavy lifting of building, running, and
distributing Docker containers.
• The Docker client and daemon communicate using a
REST API, over UNIX sockets or a network interface.
• Another Docker client is Docker Compose, that
works with applications consisting of a set of
containers.
The Docker daemon
• The Docker daemon (dockerd) listens for Docker API
requests and manages Docker objects such as images,
containers, networks, and volumes.
• A daemon can also communicate with other daemons
to manage Docker services.
The Docker client
• The Docker client (docker) is the primary way that many
Docker users interact with Docker.
• When you use commands such as “docker run”, the client
sends these commands to dockerd, which carries them
out.
• The docker command uses the Docker API.
• The Docker client can communicate with more than one
daemon.
Docker Desktop
• Docker Desktop is an easy-to-install application for
your Mac, Windows or Linux environment that enables
you to build and share containerized applications and
microservices.
• Docker Desktop includes the Docker daemon
(dockerd), the Docker client (docker), Docker
Compose, Docker Content Trust, Kubernetes, and
Credential Helper.
Docker registries
• A Docker registry stores Docker images.
• Docker Hub is a public registry that anyone can use, and
Docker looks for images on Docker Hub by default.
• We can even run your own private registry.
• When we use the “docker pull” or “docker run” commands,
• Docker pulls the required images from configured registry.
• When we use the docker push command, Docker pushes image
to configured registry.
Docker objects
• When we use Docker, we are creating and using
images, containers, networks, volumes, plugins, and
other objects.
• Images:
• An image is a read-only template with instructions for
creating a Docker container.
• Often, an image is based on another image, with some
additional customization.
• We might create our own images or we might only use
those created by others and published in a registry.
• To build our own image, we create a Dockerfile with a
simple syntax for defining the steps needed to create the
image and run it.
• Each instruction in a Dockerfile creates a layer in the
image.
• When we change the Dockerfile and rebuild the image,
only those layers which have changed are rebuilt.
• Containers:
• A container is a runnable instance of an image.
• We can create, start, stop, move, or delete a container using the
Docker API or CLI.
• We can connect a container to one or more networks, attach storage
to it, or even create a new image based on its current state.
• By default, a container is relatively well isolated from other
containers and its host machine.
• We can control isolated container's network, storage, or other
underlying subsystems from other containers or from the host
machine.
• A container is defined by its image as well as any configuration
options you provide to it when you create or start it.
Docker compose file
• Docker Compose is a tool that makes it easier to create and run multi-container
applications. It automates the process of managing several Docker containers
simultaneously, such as a website frontend, API, and database service.
• Docker Compose allows us to define our application’s containers as code inside a
YAML file we can commit to our source repository.
• Once we’ve created our file (normally named docker-compose.yml), we can start
all our containers (called “services”) with a single Compose command.
• Compared with manually starting and linking containers,
• Compose is quicker, easier, and more repeatable.
• Containers will run with the same configuration every time—there’s no risk of
forgetting to include an important docker run flag.
Volumes
• Volumes are the preferred mechanism for persisting data generated by and
used by Docker containers.
• While “bind mounts” are dependent on the directory structure and OS of
the host machine, volumes are completely managed by Docker.
• Bind mounts have been around since the early days of Docker.
• Bind mounts have limited functionality compared to volumes.
• When we use a bind mount, a file or directory on the host machine is
mounted into a container.
Volumes have several advantages over bind mounts:
• Volumes are easier to back up or migrate than bind mounts.
• We can manage volumes using Docker CLI commands or the Docker API.
• Volumes work on both Linux and Windows containers.
• Volumes can be more safely shared among multiple containers.
• Volume drivers store volumes on remote hosts or cloud providers, encrypt
the contents of volumes, or add other functionality.
• New volumes can have their content pre-populated by a container.
• Volumes on Docker Desktop have much higher performance than bind
mounts from Mac and Windows hosts.
What Is Docker Storage
• Containers don’t write data permanently to any storage location.
• Docker storage must be configured if we would like our container to store
data permanently.
• The data doesn’t prevail when the container is deleted (using the remove
command); this happens because when the container is deleted, the writable
layer is also deleted.
Kubernetes