ibm container service overview

© 2015 IBM Corporation

IBM Bluemix

Kyle Brown

Distinguished Engineer

IBM Cloud Lab Services

Docker and IBM Bluemix

May 2015


Agenda

• What is Docker• Docker and Bluemix• What’s next?


IBM Bluemix

What is Docker?


Static website Web frontend User DB Queue Analytics DB

Development VM

QA server Public Cloud Contributor’s laptop

4

Docker is a shipping container system for code M

ultip

licity

of S

tack

sM

ultip

licity

of h

ardw

are

envi

ronm

ents

Production Cluster

Customer Data Center

Do services and apps

interact appropriately?

Can I migrate sm

oothly and quickly

…that can be manipulated using standard operations and run consistently on virtually any hardware platform

An engine that enables any payload to be encapsulated as a lightweight, portable, self-sufficient container…


Docker Engine

• Open source project

• Supported on every major Linux distro (MS Windows in 2015)

• Client-server architecture with daemon deployed on physical or virtual host

• Uses Linux kernel cgroups and namespaces for process resource management and

isolation

• Uses copy-on-write filesystem for git-like image change management

A portable, lightweight application runtime and packaging tool built on top of kernel container primitives

Build Ship Run

Docker Engine


Containers

App A’

Host OSServer

Bins/LibsApp A

Bins/Libs

App B

App B’

App B’

App B’Container

What is a Container• An isolated user space within a running Linux OS• Shared kernel across containers• Direct device access• All packages and data in an isolated run-time, saved as a filesystem.• Resource management implemented with cgroups• Resource isolation through namespaces

Run


Docker Terminology

Image – layered file system where each layer references the layer below

Dockerfile – build script that defines:• an existing image as the starting point• a set of instructions to augment that image (each of which results in a new

layer in the file system)• meta-data such as the ports exposed• the command to execute when the image is run

Container – runtime instance of an image plus a read/write layer

bootfs (Kernel)

ubuntu:14.04 debian:wheezy

ibm-jre:8.0

websphere-liberty:8.5.5 websphere-liberty:beta

app-a app-b app-c app-eapp-d

c1 c2 c3 c4 c5 c6

mongo:latest

c7 c8= container

= image


Docker Containers: Shared / Layered FS

Docker uses a copy-on-write (union) filesystem

New files(& edits) are only visible to current/above layers

Layers allow for reuse• More containers per host• Faster start-up/download time – base layers are "cached"

Images• Tarball of layers (each layer is a tarball)

8

Filesystem

Base OS / Kernel

Fedora Ubuntu

tomcat tomcatliberty

CNTR1 CNTR2 CNTR3 CNTR4

app1 app2 app4app3

Layer

Layer

Layer


Other important concepts

• Container Group• A group of containers, which all share the same image.

• Docker Registry• A registry server for Docker that helps hosting and delivery of repositories

and images.• Repository

• Set of images on local Docker or registry server.


Docker Orchestration projects

Docker Machine

Provision Docker daemon onto hosts

Common CLI for all Docker hosts

10 integrations, including AWS, VMware…

Docker Swarm

Cluster Docker hosts into a single pool

Schedule Docker container workloads based on resource availability

Docker Compose

Define multi-container distributed apps

Control all containers via single command

$ machine create


Docker Hub

Ship

Enable sharing and collab of Docker Images

Private and public repositories of images

Certified base images by ISVs

Docker Hub

$ docker push $ docker pull


Why should you care about Containers?• Demand for Increased Application Development Efficiency

• Enable Continuous Integration/Continuous Delivery• Developer Laptops, through automated test, to production, and through scaling without

modification

• DevOps Requires Improved Deployment Efficiency• Higher Density of Compute Resources (CPU, Memory, Storage)

• Hybrid Cloud and Choice Require Portability • Cross Cloud Deployment - move the same application across multiple clouds. • Eliminate “lock-in”, become a “Cloud Broker”

12

Pain points User scenarios How this offering helps

Need resources faster Get a working environment up and running in minutes, not hours or weeks

Users can instantiate new container instances in seconds with the consistent experience working directly with Docker

Innovation requires agility and DevOps

Continuous delivery pipeline IBM Containers integrates with Bluemix apps including a continuous delivery pipeline, partnered with the fast deployments of containers

Ability to migrate workload from on-prem to off-prem infrastructure

Changes made on developer’s local image is ready to deploy to production cloud

Portability as images can be developed on a local workstation, tested in a staging cloud on-prem, and finally to the production off-prem cloud

Environment to facilitate incremental production deployment

Business wants to deploy in a phased approach to validate the expected experience of the new version

Users can deploy new releases in a controlled manner enabling them to monitor the performance and behavior with the ability to roll back if needed


IBM Bluemix

IBM Bluemix and the Container Service


Docker Containers simplifies cloud portability

Developers & SysAdmins love the flexibility and standardization of Docker

Standardization Application portabilityPackage, ship, and run applications anywhere

The Docker Hub Registry has 5,000+ "Dockerized" applications

LightweightContainers are “light” users of system resources, smaller than VMs,

start up much faster, and have better performance

Ecosystem-friendly A new industry standard, with a vibrant ecosystem of partners.

730+ community contributors; 50,000 third-party Docker projects on GitHub

User-friendlyDevelopers build with ease and ship higher-quality applicationsSysAdmins deploy workloads based on business priorities and policies.

"Flexibility and portability are becoming paramount in developing, deploying and managing applications in the cloud, particularly at scale and among large enterprise organizations," Jay Lyman, a senior analyst for enterprise software at 451 Research, told Linux.com.1 1Linux.com

http://www.linux.com/news/enterprise/cloud-computing/731454-docker-a-shipping-container-for-linux-code


IBM Container Runtime on Bluemix

Automate the build of Docker images

Manage and distribute Docker images in private image registries

Easily host containers in the cloud

Scale and auto-recovery built-in

Logging and Monitoring built-in


Local Development with Containers

IBM Container Service

IBM Container Image Registry Service

Containers support portability making them ideal for local development and hybrid cloud

deployment


Develop/Test locally while using Bluemix Services

boot2docker(Vagrant with Docker host)

Leverage portability of containers and convenience of Bluemix services.


ICE (IBM Containers Extension) Tool

ICE both wraps the docker command line tool for managing local docker images and containers and also adds additional functionality specific to the Bluemix docker hosting

Including:

Management of Floating IP addresses (request/bind/undbind/list) and routes

Pushing local docker images to the registry in Bluemix

Building and managing container groups

managing/monitoring state of containers running in Bluemix

ICE is downloaded from https://www.ng.bluemix.net/docs/cli/cli.html#container_cli

Run ice commands as you would docker commands:

sudo ice login -a https://api.ng.bluemix.net -H https://api-ice.ng.bluemix.net/v2/containers -R registry-ice.ng.bluemix.net

sudo ice ps – shows the running docker containers on Bluemix

sudo ice –help will list out all commands

https://api-ice.ng.bluemix.net/v2/containers%20-R%20registry-ice.ng.bluemix.net

https://api-ice.ng.bluemix.net/v2/containers%20-R%20registry-ice.ng.bluemix.net


Simple ICE demonstration

We’ll start with creating a simple Dockerfile:

FROM registry-ice.ng.bluemix.net/ibmnode:latest

ADD app.js /app.js

EXPOSE 9085

CMD ["node", "app.js"]

Steps

1. Pull image from the bluemix registry (optional)

2. Build image locally

3. Tag the image

4. Push the image to bluemix

5. Validate that the image is uploaded correctly

6. Run the container in bluemix

7. Bind a floating IP address to the running container

© 2015 IBM Corporation20

Docker and WebSphere Application Server

Support for WebSphere Application Server Liberty Profileand Full Profile running under Docker

WebSphere Application Server Liberty Profile image on IBM Bluemix Registry

Dockerfiles on WASDev to:• Upgrade the Docker Hub image with a Liberty Core, Base or ND license• Build your own Docker image for Liberty or Full Profile


Deploying a WebSphere Application

Build a layer on top of the image containing the application

Dockerfile

FROM registry-ice.ng.bluemix.net/ibmliberty:latestADD app.war /opt/ibm/wlp/usr/servers/defaultServer/dropins/ ENV LICENSE accept

sudo ice –local build –t=“kbrown/helloliberty” .sudo ice –local run –i -t –p=80:9080 –p=443:9443 “kbrown/helloliberty”

Modifying the application requires rebuilding and redeploying just the application layer


IBM Bluemix

What’s next?


Moving from monolithic applications to microservices

23

Monolithic app Micro services

Scaling Scaling


IBM and Docker Partnership • Strategic partnership announced December, 2014

https://www-03.ibm.com/press/us/en/pressrelease/45597.wss

• Objective: Deliver next generation enterprise-grade, portable, distributed applications that are composed of interoperable Docker containers

• Enables hybrid cloud use cases for the enterprise

Initiatives Underway

• IBM Enterprise Containers on Bluemix enables enterprises to launch Docker containers

to automate application deployment on or off premise

• IBM UrbanCode automates the deployment of multiple Docker containers to various

dev/test and staging environments, as part of the DevOps pipeline

• PureApplication Systems & Services builds, deploys and runs Pure patterns with Docker

containers

• Docker Hub Enterprise (DHE) integration • Extend IBM DevOps and IBM cloud solutions by integrating with and reselling

Docker Hub Enterprise software & support

24




IBM MobileFirst Platform Foundation• IBM® MobileFirst Platform Foundation, formerly known as

IBM Worklight, helps organizations extend their business to mobile devices. It provides an open and comprehensive platform to not only build, but test, run and manage native, hybrid and mobile web apps.

• It is available as an on-premise or private cloud solutions

• Why run MFP Foundation solution on Docker? Easy installation

Quick, cloud friendly development

An agile hosting solution

Sharing between team members


MFP Foundation in a Bluemix Container

Server Container

MFP Server v6.3

Admin Console

Runtime

App1 App2 Add1

Add2

SQL DatabaseService

admin

wl

Bluemix Helper Application

bind

copy VCAP_SERVICES

reports

IBM® Bluemix™


How is this different from Virtualization?

Containers & VMsUnderstanding both technologies

27

Virtualization Approach Build

• Package the (guest) operating system • Add required files and programs

Deploy:• This entire “package” can be moved and

reconfigured across different physical machineChange:

• Change details of the software within the virtual machine and then create a new virtual machine.Value:

• Traditional cloud-enabled workloads

Container ApproachBuild:

• Software stack can be individually packagedDeploy:

• Software stack in a Docker container can be easily moved between deployment environments

Change:• Recomposed software into new stacks

Value:• Built-on-the-cloud applications• Loosely coupled, elastic architectures

Standardization and choice for delivering the best business value


Support for Docker in other Clouds

Amazon• Amazon EC2 Container Service supports the Docker platform and enables you to run and

manage Docker containers across a cluster of Amazon EC2 instances.• Each EC2 instance in a cluster managed by EC2 Container Service runs a Docker daemon, so

whatever application you package as a container locally will deploy and run on EC2 Container Service without the need for any configuration changes.

Google• Google container Engine allows you to run and manage Docker containers on Google's Cloud

Platform's VMs (it is in alpha release)• Container Engine uses Google Compute Engine instances for the nodes in the cluster and,

similar to Amazon, you are billed for those instances/resources

Microsoft• Docker Engine open source runtime will work with the next version of Windows Server and

Docker Engine images for Windows Server will be available in the Docker Hub. • The Docker Hub will also be integrated directly into Azure so that it is accessible through the

Azure Management Portal and Azure Gallery

28

ibm container service overview

Internet