Containers/Docker

Mirna Alaisami Matthias Haeussler What is a container? „in general“

2 What is a Container? "in General"

• The term comes originally from the transportation world!

• A shipping container is any receptacle or enclosure for holding goods, so that it can be moved from one place to another without affecting its content.

[2]

3 What problems do containers solve? What Problems Do Containers Solve?

• Let's say that we want to ship some important documents and at the same time a kind of liquid. How can we ship them together without having the danger that the liquid may ruin the documents?

[3] [4] • Simply open up two standardized shipping containers (that can be handled the same anywhere in the world), load the documents in one of them and the liquid in the other, lock the containers, and ship them next to each other with isolating their content and protecting it from being damaged or lost, using any transportation mode!

5 What Problems Do Containers Solve?

[5]

6 What Problems Do Containers Solve?

7 What Problems Do Containers Solve?

8 What Problems Do Containers Solve?

[6] 9 What Problems Do Containers Solve?

[7] 10 What Problems Do Containers Solve?

[8] 11 What is a container? "in IT world“ What is a Container? "in IT World"

• A software container is very similar to a shipping container in its purpose! • Here we simply package a piece of software along with everything that is needed to make it work. • More concretely, a software container is an isolated working environment for an application, containing all the necessary dependencies, libraries, binaries and configurations needed for the application to run seamlessly.

[9]

13 A container in technical words A Container in Technical Words

• Technically, a container is a Linux process, or many processes, which are running isolated from other processes on the system, using the chroot system call and some Linux kernel features such as cgroups and namespaces:

− A chroot system call changes the root directory of a process and its children to a new location in the filesystem. − A namespace wraps the system objects (processes, networking, filesystems, and user ID components) in an abstraction that limits the visibility an object has on other objects. Thus, container processes are limited to see only what is in the same namespace. − A cgroup (Control group) limits the usage of resources (CPU, memory, disk, I/O) for a group of processes or containers.

15 Why do software containers exist? Why Do Software Containers Exist?

“Dev” “Prod” jar + readme

Dev Ops App App Config DB [10] Java EE Java EE „App Server“ „App Server“

“Lightweight”

Infrastructure Infrastructure !

DevOps Problem 17 Why Do Software Containers Exist?

“Dev” jar + readme “Prod”

Dev Ops App App Config DB [10] Java EE Java EE „App Server“ „App Server“

“Lightweight”

Infrastructure Infrastructure “Containers”

Container Container Engine Engine ☺ Node Node Node Node 18 Why Do Software Containers Exist?

• Abstraction • Isolation • Portability • Security • Agility • Disposability • Scalability

[11]

19 Containers vs. Container Images Containers vs. Container Images

• Let us clarify the terminology before going more into details:

▪ Container ▪ Container Image − Begin lifecycle using an image − Never started, never “running” − Running instance of an image − Blueprint of a container (Inert − Many containers can be run off file, that’s the base on which you the same image instantiate containers) − Ensure reusability of containers

App

Runtime-dependency Run

Container Image Containers

21 Containers vs. Container Images

„immutable“ Image-name:v1

App

JVM

Ubuntu

22 Containers vs. Container Images

ssh

„immutable“ Image-name:v1 mkdir /tmp create file App App docker run JVM JVM

Ubuntu Ubuntu

Docker Daemon

23 Containers vs. Container Images

ssh

„immutable“ Image-name:v2 „immutable“ Image-name:v1 mkdir /tmp /tmp create file App App App docker run docker commit JVM JVM JVM

Ubuntu Ubuntu Ubuntu

Docker Daemon

24 Container technologies Container Technologies

chroot Process Containers, later: cgroups CF Warden, LMCTFY rkt, runC, Kubernetes Implementation of chroot system call in Implementation of cgroups in Linux- Container Runtimes of CloudFoundry / Competition with Docker with Unix V7 Kernel by Google Google e.g. rkt Enables separation of the file system for Limiting, accounting and isolating Slow increase in interest in containers Release of container tools like individual processes resource usage Google/LMCTFY concepts still used Kubernetes today

1979 2000-2005 2006 2008 2011-2013 2013 2013-2018

FreeBSD Jails, Linux VServer, Solaris Docker Container, OpenVZ LXC Release of Docker Platform as open Virtualization and isolation in source subsystems The first, most complete implementation of Linux container manager Significant for the development of the Required a lot of configuration and technology some kernel patches Implementation without Kernel-Patches Easy handling and management of A lot of Configuration containers Baseline for actual Runtimes

26 What is Docker? What is Docker?

• A popular container with a broad support from the cloud community but also commercially: − Linux-based docker (based on cgroups and namespaces). − Windows-based docker (cgroups and namespaces are represented differently).

[17]

28 Why Docker? Why Docker?

• Has the biggest and growing community • Provides the largest public repository of container images(Docker Hub) • Has clear and clean documentation • Is easy to use • Is an open source technology • Integrates with a number of infrastructure tools

[18]

30 Docker Hub Docker Hub

• A cloud registry service that enables storing and discovery of Docker images and automating workflows. • Provides both public and private repositories: • Free for public images • Cost for private images • https://hub.docker.com

[19]

32 Docker engine components Docker Engine Components

• Docker-Daemon: A persistent background process (the dockerd command) that manages Docker images, containers, networks, and storage volumes. It constantly listens manages manages for Docker API requests and processes them (the dockerd command). • A REST API: An API used by

applications to interact with the Docker manages manages daemon. It can be accessed by an HTTP client. • Docker-Client: A command line interface (CLI) client (the docker command) for interacting with the [21] Docker daemon. 34 How does Docker work? How does Docker Work?

Docker Client

CLI

[22] OR

Remote API [23]

36 How does Docker Work?

Docker Client Docker Host

Docker Daemon CLI Containers Images

OR

Remote API

37 How does Docker Work?

Docker Client Docker Host

Docker Daemon CLI Containers Images

OR Registry

Remote API

38 How does Docker Work?

Build (1) Dowload Base Image (1)

Docker Client Docker Host

(1) Dockerfile (1) Docker Daemon (1) CLI Containers Images

OR Registry

Remote API

39 How does Docker Work?

Build (1) Dowload Base Image (1) Push (2)

Docker Client Docker Host

(1) Dockerfile (1) (2) Docker Daemon (1) CLI Containers Images

OR Registry

(2) Remote API

40 How does Docker Work?

Build (1) Dowload Base Image (1) Push (2) Not Found Locally? (3) Get From Registry (3) Pull (3) Docker Client Docker Host

(1) Dockerfile (1) (2) (3) Docker Daemon (3) (1) CLI Containers Images

OR (3) Registry

(2) Remote API

41 How does Docker Work?

Build (1) Dowload Base Image (1) Push (2) Not Found Locally? (3) Get From Registry (3) Pull (3) Found Locally? (4) „Start Container“ (4) Run (4) Docker Client Docker Host

(1) Dockerfile (1) (2) (3) Docker Daemon (3) (4) (1) CLI Containers Images (4)

OR (4) (3) Registry

(2) Remote API

42 Sources Sources

1. https://regmedia.co.uk/2017/09/11/shutterstock_containers_in_port.jpg?x=1200&y=794 2. https://i.ytimg.com/vi/XbF-MBr0Vlk/maxresdefault.jpg 3. https://www.shareicon.net/document-file-documents-archive-interface-files-files-and-folders-817212 4. https://www.deviantart.com/thepow/art/Chemistry-Flasks-322657766 5. http://multiboxx.com/ 6. https://fr.pngtree.com/freepng/vector-maritime-transport_1639584.html 7. https://rfclipart.com/image/big/3f-89-52/cargo-container-train-with-diesel-locomotive-Download-Royalty-free- Vector-File-EPS-211474.jpg 8. https://previews.123rf.com/images/leshkasmok/leshkasmok1511/leshkasmok151100178/49155728-trasporto- aereo-di-concetto-di-trasporto-appartamento-stile-illustrazione-concetto-di-logistica-pu%C3%B2-ess.jpg 9. https://blog.risingstack.com/operating-system-containers-vs-application-containers/ 10. https://us.123rf.com/450wm/ylivdesign/ylivdesign1701/ylivdesign170101181/68586484-laptop-icon-isometric- 3d-style.jpg?ver=6 11. https://medium.com/tech-tajawal/devops-in-a-scaling-environment-9d5416ecb928

44 Sources

12. https://www.linuxfoundation.org/Projects/rkt/attachment/rkt-01/ 13. https://static.openvz.org/artwork/Logos/ovz_transparent.png 14. http://vserver.13thfloor.at/Stuff/LOGO/Linux-VServer-1.01s.png 15. https://fr.wikipedia.org/wiki/LXC 16. https://www.vectorlogo.zone/logos/docker/docker-official.svg 17. https://news.opensuse.org/2018/05/04/hands-on-with-docker-opensuse- leap-15/ 18. https://www.radcortez.com/wp-content/uploads/2015/04/docker-logo.png 19. https://hub.docker.com 20. http://www.cashadvance6online.com/data/archive/img/288163466.png 21. https://docs.docker.com/engine/docker-overview/ 22. http://icons.iconarchive.com/icons/dakirby309/simply-styled/256/Mac- Terminal-icon.png

45 Sources

23. https://vskumarblogs.files.wordpress.com/2017/11/docker-logo.png?w=625 24. https://www.slideshare.net/Docker/tips-and-tricks-of-the-docker-captains 25. https://i0.wp.com/codeblog.dotsandbrackets.com/wp-content/uploads/2016/10/compose- logo.jpg?resize=262%2C285 26. https://www.linode.com/docs/applications/containers/how-to-use-docker-compose/ 27. https://i.pinimg.com/originals/e2/e0/3c/e2e03c2a3fc0250e4e7c4b326a26a049.png 28. https://i2.wp.com/thepracticalsysadmin.com/wp-content/uploads/2018/05/k8s1.png?ssl=1 29. http://www.howtochoosealaptop.com/wp-content/uploads/2015/03/PayPal.jpg, https://expandedramblings.com/index.php/paypal-statistics/ 30. http://techgenix.com/tgwordpress/wp-content/uploads/2017/12/ADP-logo-1024x465.png, http://techgenix.com/containers-success-stories/ 31. https://blog.expedia.co.uk/holiday-habits/top-10-apps/img/main/expedialogo.png, https://www.docker.com/customers/expedia

46 Matthias Haeussler Mirna Alaisami Senior Consultant Consultant [email protected] [email protected]

Novatec Consulting GmbH Dieselstraße 18/1 D-70771 Leinfelden-Echterdingen

T. +49 711 22040-700 [email protected] www.novatec-gmbh.de