Docker is a tool designed to make it easier to create, deploy, and run applications
by using containers. Containers allow a developer to package up
an application with all of the parts it needs, such as libraries and other dependencies,
and ship it all out as one package. By doing so, thanks to the
container, the developer can rest assured that the application will run on
any other Linux machine regardless of any customized settings that machine
might have that could differ from the machine used for writing and testing
the code.
In a way, Docker is a bit like a virtual machine. But unlike a virtual
machine, rather than creating a whole virtual operating system, Docker allows
applications to use the same Linux kernel as the system that they’re
running on and only requires applications be shipped with things not already
running on the host computer. This gives a significant performance boost
and reduces the size of the application.
A Secure and Reliable Document Management System is Essential.docx
Docker
1.
2.
3. Contents
• Introduction to Docker, Containers
• Why people care: Separation of Concerns
• Technical Discussion
• Ecosystem
• Use Cases
• Docker Futures
4. What is Docker?
• Docker is an open platform for developing, shipping, and running
applications
• Docker provides a way to run almost any application securely isolated
in a container. The isolation and security allow you to run many
containers simultaneously on your host
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15. Static website
Web frontend
User DB
Queue Analytics DB
Background workers
API endpoint
nginx 1.5 + modsecurity + openssl + bootstrap 2
postgresql + pgv8 + v8
hadoop + hive + thrift + OpenJDK
Ruby + Rails + sass + Unicorn
Redis + redis-sentinel
Python 3.0 + celery + pyredis + libcurl + ffmpeg + libopencv + nodejs +
phantomjs
Python 2.7 + Flask + pyredis + celery + psycopg + postgresql-client
Development VM
QA server
Public Cloud
Disaster recovery
Contributor’s laptop
Production Servers
MultiplicityofStacks
Multiplicityof
hardware
environments
Production Cluster
Customer Data Center
Doservicesandapps
interact
appropriately?
CanImigrate
smoothlyand
quickly?
16. Static website Web frontendUser DB Queue Analytics DB
Development
VM
QA server Public Cloud Contributor’s
laptop
MultiplicityofStacks
Multiplicityof
hardware
environments
Production
Cluster
Customer Data
Center
Doservicesandapps
interact
appropriately?
CanImigrate
smoothlyandquickly
…that can be manipulated using
standard operations and run
consistently on virtually any
hardware platform
An engine that enables any
payload to be encapsulated
as a lightweight, portable,
self-sufficient container…
17. Static website
Web frontend
Background workers
User DB
Analytics DB
Queue
Development
VM
QA Server
Single Prod
Server
Onsite
Cluster
Public Cloud
Contributor’s
laptop
Customer
Servers
19. Why Docker?
• Faster delivery of your applications
• Deploying and scaling more easily
• Achieving higher density and running more workloads
20. • Docker seperates application from infrastructure using Container
Technology , similar how virtual machines separate the os from bare
metal
• Dockerized apps can run anywhere on anything
• Build app in any language using any stack
Why Docker?
21. Why Developers Cares?
• Configure once…run anything
• Make the entire lifecycle more efficient, consistent, and repeatable
• Increase the quality of code produced by developers.
• Eliminate inconsistencies between development, test, production, and customer
environments
• Support segregation of duties
• Significantly improves the speed and reliability of continuous deployment and
continuous integration systems
• Because the containers are so lightweight, address significant performance, costs,
deployment, and portability issues normally associated with VMs
22. Why it works—separation of concerns
• Dan the Developer
• Worries about what’s “inside” the
container
• His code
• His Libraries
• His Package Manager
• His Apps
• His Data
• All Linux servers look the same
• Oscar the Ops Guy
• Worries about what’s “outside” the
container
• Logging
• Remote access
• Monitoring
• Network config
• All containers start, stop, copy, attach,
migrate, etc. the same way
23. • High Level—It’s a lightweight VM
• Own process space
• Own network interface
• Can run stuff as root
• Can have its own /sbin/init (different
from host)
• <<machine container>>
• Low Level—It’s chroot on steroids
• Can also not have its own /sbin/init
• Container=isolated processes
• Share kernel with host
• No device emulation (neither HVM
nor PV) from host)
• <<application container>>
• Run everywhere
• Regardless of kernel version
(2.6.32+)
• Regardless of host distro
• Physical or virtual, cloud or not
• Container and host architecture must
match*
• Run anything
• If it can run on the host, it can run in
the container
• i.e. if it can run on a Linux kernel, it
can run
WHY WHAT
More technical explanation
24.
25. Docker v/s VM Containers are isolated,
but share OS and, where
appropriate, bins/libraries
…result is significantly faster deployment,
much less overhead, easier migration,
faster restart
26. Bins/
Libs
App
A
Original App
(No OS to take
up space, resources,
or require restart)
AppΔ
Bins/
App
A
Bins/
Libs
App
A’
Guest
OS
Bins/
Libs
Modified App
Copy on write
capabilities allow
us to only save the diffs
Between container A
and container
A’
VMs
Every app, every copy of an
app, and every slight modification
of the app requires a new virtual server
App
A
Guest
OS
Bins/
Libs
Copy of
App
No OS. Can
Share bins/libs
App
A
Guest
OS
Guest
OS
VMs Containers
Why are Docker containers lightweight?
30. Changes and Updates
Docker Engine Docker Engine
Push
Update
Bins/
Libs
App
A
AppΔ
Bins/
Base
Container
Image
Host is now running A’’
Container
Mod A’’
AppΔ
Bins/
Bins/
Libs
App
A
Bins/
Bins/
Libs
App
A’’
Host running A wants to upgrade to A’’.
Requests update. Gets only diffs
Container
Mod A’
Docker
Container
Image
Registry
31. • Docker daemon
The Docker daemon runs on a host machine. The user does not
directly interact with the daemon, but instead through the Docker
client.
• Docker client
The Docker client, in the form of the docker binary, is the primary user
interface to Docker. It accepts commands from the user and communicates back
and forth with a Docker daemon.
33. Docker images
• libvirt: Platform Virtualization
• LXC (LinuX Containers): Multiple
isolated Linux systems (containers) on
a single host
• Layered File System
39. • [1] Charles Anderson : Docker [Software engineering] , Year: 2015, Volume: 32, Issue: 3 Pages: 102 - c3, DOI:
10.1109/MS.2015.62 , IEEE
• [2] J. Petazzoni : Linux Containers (LXC), Docker, and Security , 31 Jan. 2014; www.slideshare.net/jpetazzo/ linux-
containers-lxc-docker-and security.
• [3] D. Bernstein : Containers and Cloud: From LXC to Docker to Kubernetes,IEEE Cloud Computing, vol. 1, no. 3, 2014,
pp. 81–84.
• [4] N. Kratzke : A Lightweight Virtualization Cluster Reference Architecture Derived from Open Source PaaS
Platforms,Open J. Mobile Computing and Cloud Computing, vol. 1, no. 2, 2014, pp. 17–30.
• [5] J. Turnbull: The Docker Book, 2014,www .dockerbook.com.
• [6] S. Soltesz et al : Container-Based Operating System Virtualization: A Scalable, High-Performance Alternative to
Hypervisors,ACM SIGOPS Operating Systems Rev., vol. 41, no. 3, 2007, pp. 275–287
• [7] B. Butler : Containers: Buzzword du Jour,or Game-Changing Technology?,NetworkWorld, 3 Sept. 2014;
www.networkworld.com/article/ 2601925/cloud-computing/container -party-vmware-microsoft-ciscoand -red-hat-
all-get-in-on-app-hoopla .html.