adrian mouat - docker: why, what, and for what? | codemotion milan 2015
TRANSCRIPT
ChiefScientist@ContainerSolutions
Writing"UsingDocker"forO'Reilly@adrianmouat
http://www.container-solutions.com
WhatDockerisWhyit'ssopopularWhatthemainusecasesare
BothprovideisolatedenvironmentsLargeoverlapinusecases
NovirtualisationDockerismuchmoreefficient
BootsinunderasecondMuchsmallerimagesize
Developerorientedinterface
ADockercontainerisaportablestoreforasinglecomponentanditsdependencies
LikeastoppedVMBuiltfromDockerfilesListofrepeatablestepsRedisDockerfile
RepositoryforimagesDistros
Centos,Debian,Alpine...Languages
Go,Java,C...Applications
Redis,Wordpress,RevealJS...
ControlGroupsGroupstasksControlsresources
AppliesLimitsIsolatesAccountsfor
ProcessFilesystemNetworkPlussomeothers
LimitwhatacontainercandoRestrictkernelcalls
Basisof"UnionFilesystem"ImagesmadeupofmulitplereadlayersContainersputar/wlayerontopOverlay,AUFS,ZFS,BTRFS,devicemapper...
Jails,chroot,SolarisZones,VirtuozzoBorgLXC
GluedtogethermissingpiecesFastandportableTargetteddevelopers
ContainersbecomeunitofdevelopmentShippedbetweendev,testandprodWorksthesameeverywhereContainsdependenciesandenvironment
VMstooslowandclunkyDeveloperinterfacelacking
DevelopfasterTestfasterDeployfaster
ConsistentenvironmentDeployfasterTestfasterMakesureyoushipwhatyoutest!
SmallservicesthatdoonethingwellLooselycoupledAsopposedtomonolithsScale-outasopposedtoscale-up
CansimplifysoftwareScaleonlyneededservicesEasiertochangeEasiertodistributeUsebesttoolforthejob
Howtodividesystemintomicroservices?FastfunctioncallsbecomeslowRESTcalls
Complexityismovedtonetwork
GoldenimagesDon'tallowrunningcontainerstochangeInsteadreplacewithnewcontainersSimpler,noneedforCM
Auditimages,notrunningcontainersCan'thavemovedfromimage
NotyetconsideredassecureasVMsUsebothAddingisolation
Patterns&BestPracticesSignals,logging,envvars,pods,sidecars,ambassadors...Stillbeingdeveloped
Patterns&BestPracticesSignals,logging,envvars,pods,sidecars,ambassadors...Stillbeingdeveloped
OrchestrationBattlefield!Kubernetes,Mesos,Swarm?
Patterns&BestPracticesSignals,logging,envvars,pods,sidecars,ambassadors...Stillbeingdeveloped
OrchestrationBattlefield!Kubernetes,Mesos,Swarm?
UnikernelsHugepotentialMayovertakecontainers
WhatAportablestoreforasinglecomponentanditsdependencies
WhyAgilityforthewin
WhatForMicroservicesCI/CDImmutableInfrastructure...