what is container public v0 1

1

What is Container?

• Dennis Ong

© Dennis Ong

2

Agenda

• Why is Docker/Container important?

• What is Docker/Container?

• What is Container?

• What is Docker?

• Docker/Container Demo

• Comparison between VM and Docker/Container

• Conclusion

© Dennis Ong

3

Why is Docker/Container important? Many cloud vendors and some operators are actively participating in the Open Container Initiative

Google runs all of its applications (e.g. search, gmail,…) in containers. 2B containers a week.

1000+ developers contributing to GitHub’s Docker/Container (top 20 top project in GitHub)

© Dennis Ong

4

What is a Container?

• The open-source Linux Containers (LXC) project introduced public code in 2007 that provides support for multiple containers on the same physical host

• Each container includes only the services that it needs, paring down the size of the software stack running on each container.

• Two features of the Linux kernel are at the core of the functionality that underlies Linux containers:

- Cgroups provides the ability to govern and measure the use of resources such as memory, processor usage, and disk I/O by collections of processes called “control groups.”

- Namespace isolation provides a software-based means of limiting each control group’s view of global resources, such as details about file systems, processes, network interfaces, IPC, host and domain names, and user IDs.

© Dennis Ong

5

How Container is Solving Different Challenges?

© Dennis Ong

6

Why Container hasn’t taken off untill 2014?

Create and maintain containers

Create cgroup to control resources

Create namespaces to provide isolation

© Dennis Ong

7

What is Docker?

• You can build Docker images that hold your applications

• You can create Docker containers from those Docker images to run your applications.

• You can share those Docker images via Docker Hub or your own registry

© Dennis Ong

8

•  Like a Makefile (shell script with keywords)

•  Extends from a Base Image

•  Results in a new Docker Image

•  Imperative, not Declarative

• A Docker file lists the steps needed to build an images

• docker build is used to run a Docker file

• Can define default command for docker run, ports to expose, etc

Dockerfile ……

© Dennis Ong

9

Docker Architecture (One of many different implementations)

Servers

OS

Container

Orchestrator

Docker

Mesos + Marathon + Zookeeper

© Dennis Ong

10

Demo – Creating Container using Docker

• Create an account at digitalocean.com

• get $10 free digital ocean credit if you sign up here: http://webdev.willstern.com/digitalocean

• A docker is created with IP address 104.236.197.131

• Create a docker environment

© Dennis Ong

11

Demo – Creating Container using Docker

This Docker command is to create a Container (Docker run –d –p 8080 80 –name web1 tutum/hello-world)

A container (cc31ba17e285) is built

The container produces “Hello world”

© Dennis Ong

12

Demo – Docker Orchestration - Marathon

• Marathon (Framework) is a scheduler and can schedule any jobs for Mesos to run

• In this example, Marathon has scheduled mesos to run “Echo World” and then sleep for 30 mins

• Marathon reserves 0.1 CPU and 16MB for this container

© Dennis Ong

13

Demo – Docker Orchestration - Mesos

Mesos is a resource controller and in this configuration has 3 servers

• Mesos will query Marathon for job(s) and then schedule accordingly

• Mesos accurately schedule more than 0.1 CPU and 16MB but schedule more since no other process is running

© Dennis Ong

14

What is the right choice? VM or Containers?

Many IT departments and enterprises are asking whether they should use VM or containers, no matter whether it is public, private, or hybrid clouds.

© Dennis Ong

15

Comparison: VM vs Container

• Containers are isolated, but share OS kernel and, where appropriate, bins/libraries

• Result is significantly faster deployment, much less overhead, easier migration, faster restart

• Can pack more containers on a host

• Containers are less secure than VM since containers can be breached through the root.

• All containers will also need to have the same OS. VMs can have different OS.

• VM is more mature, especially in the orchestration layer – OpenStack(Heat), VMware(vCenter), Nokia(CloudBand).

© Dennis Ong

16

Conclusion

• Do you need to run the maximum amount of particular applications on a minimum of servers? If that's you, then you want to use containers -- keeping in mind that you're going to need to have a close eye on your systems running containers until container security is locked down.

• If you need to run multiple applications on servers and/or have a wide variety of operating systems you'll want to use VMs. And if security is close to job number one for your company, then you're also going to want to stay with VMs for now.

• In the real world, I expect most of us are going to be running both containers and VMs on our clouds and data-centers. The economy of containers at scale makes too much financial sense for anyone to ignore. At the same time, VMs still have their virtues.

© Dennis Ong