SlideShare uma empresa Scribd logo
1 de 69
Baixar para ler offline
Docker &
Daily DevOps
Tangerang, June 26th 2016
Hello!
I am Satria Ady Pradana
A man who is obsessed to low level technology.
Member of Dago Cybernesha team.
2
“
Virtualization is like a Swiss army
knife. You can use it in a number
of different situations
3
Introduction to
Docker & Container
Let’s start with basic question.
1
container
IS
A lightweight virtual machine
Why is Docker Awesome?
◉It’s like a Virtual Machine, but much
lightweight.
◉Can up and run in few seconds.
◉Easy deploy, easy remove.
◉Clear separation of concerns.
◉Scale more easily
◉Get higher density and run more workloads
Virtual Machine
Spot the Difference
Container
Container
Isolated environment, but share OS and
appropriate bins / libraries.
Virtual Machine
Impractical to store and
transfer.
If you want to replicate a VM
which used as a service,
you need full VM for each of
instance.
1 GB space for 1 instance =
1 TB for 1000 instance.
Some notes
Container
Share a bulk of space to
hundred or thousands of
containers, thanks to union
file system.
VMs are very large, which makes.
Virtual Machine
Full virtualized system
means allocate resource to
specific VM.
Heavier!
Some notes
Container
No need to create virtual
device. All container share
host, running on top op
same kernel but isolated.
Resource utilization
Virtual Machine
Takes minutes to start.
Some notes
Container
Take a few seconds, mostly.
Performance
The usage?
Let’s talk in an analogy
MultiplicityofGoods
Multipilicityof
methodsfor
transporting/storing
DoIworryabout
howgoodsinteract
(e.g.coffeebeans
nexttospices)
CanItransportquickly
andsmoothly
(e.g.fromboattotrain
totruck)
Cargo Transport Pre-1960
? ? ? ? ? ? ?
? ? ? ? ? ? ?
? ? ? ? ? ? ?
? ? ? ? ? ? ?
? ? ? ? ? ? ?
? ? ? ? ? ? ?
Then we have NxN Matrix
MultiplicityofGoods
Multiplicityof
methodsfor
transporting/storing
DoIworryabout
howgoodsinteract
(e.g.coffeebeans
nexttospices)
CanItransport
quicklyandsmoothly
(e.g.fromboatto
traintotruck)
Solution: Intermodal Shipping
Container
…in between, can be
loaded and unloaded,
stacked, transported
efficiently over long
distances, and
transferred from one
mode of transport to
another
A standard container
that is loaded with
virtually any goods,
and stays sealed until
it reaches final
delivery.
This eliminated the NXN
problem…
and spawned an Intermodal Shipping Container
Ecosystem
• 90% of all cargo now shipped in a standard container
• Order of magnitude reduction in cost and time to load and unload ships
• Massive reduction in losses due to theft or damage
• Huge reduction in freight cost as percent of final goods (from >25% to
<3%)
 massive globalizations
• 5000 ships deliver 200M containers per year
Did you figure it out?
◉It’s like our code and environment to run the
code.
◉A problem in development and deployment.
Static website
Web frontend
User DB
Queue Analytics DB
Background workers
API endpoint
nginx 1.5 + modsecurity + openssl +
bootstrap 2
postgresql + pgv8 + v8
hadoop + hive + thrift + OpenJDK
Ruby + Rails + sass + Unicorn
Redis + redis-sentinel
Python 3.0 + celery + pyredis + libcurl + ffmpeg +
libopencv + nodejs + phantomjs
Python 2.7 + Flask + pyredis + celery + psycopg +
postgresql-client
Development VM
QA server
Public Cloud
Disaster recovery
Contributor’s laptop
Production Servers
Meet Code and EnvironmentMultiplicityofStacks
Multiplicityof
hardware
environments
Production Cluster
Customer Data Center
Doservicesandapps
interact
appropriately?
CanImigrate
smoothlyand
quickly?
Static website Web frontendUser DB Queue Analytics DB
Developm
ent VM
QA server Public Cloud Contributor’
s laptop
We need a shipping container
system for code
MultiplicityofStacks
Multiplicityof
hardware
environments
Production
Cluster
Customer
Data Center
Doservicesandapps
interact
appropriately?
CanImigrate
smoothlyandquickly
…that can be
manipulated using
standard operations and
run consistently on
virtually any hardware
platform
An engine that
enables any payload
to be encapsulated
as a lightweight,
portable, self-
sufficient
container…
Why containers matter?
Physical Containers Docker
Content Agnostic The same container can hold
almost any type of cargo
Can encapsulate any payload
and its dependencies
Hardware Agnostic Standard shape and interface
allow same container to
move from ship to train to
semi-truck to warehouse to
crane without being
modified or opened
Using operating system
primitives (e.g. LXC) can run
consistently on virtually any
hardware—VMs, bare metal,
openstack, public IAAS, etc.—
without modification
Content Isolation
and Interaction
No worry about anvils
crushing bananas.
Containers can be stacked
and shipped together
Resource, network, and
content isolation. Avoids
dependency hell
Automation Standard interfaces make it
easy to automate loading,
unloading, moving, etc.
Standard operations to run,
start, stop, commit, search,
etc. Perfect for devops: CI, CD,
autoscaling, hybrid clouds
Physical Containers Docker
Highly efficient No opening or modification,
quick to move between
waypoints
Lightweight, virtually no perf
or start-up penalty, quick to
move and manipulate
Separation of duties Shipper worries about inside
of box, carrier worries about
outside of box
Developer worries about code.
Ops worries about
infrastructure.
Physical Containers Docker
Highly efficient No opening or modification,
quick to move between
waypoints
Lightweight, virtually no perf
or start-up penalty, quick to
move and manipulate
Separation of duties Shipper worries about inside
of box, carrier worries about
outside of box
Developer worries about
code. Ops worries about
infrastructure.
Now everyone happy!
Build once, run
anywhere
Configure once, run
anything
Devs
Ops
For Developers
• Build once…run anywhere
• A clean, safe, hygienic and portable runtime environment for
your app.
• No worries about missing dependencies, packages and other
pain points during subsequent deployments.
• Run each app in its own isolated container, so you can run
various versions of libraries and other dependencies for each
app without worrying
• Automate testing, integration, packaging…anything you can
script
• Reduce/eliminate concerns about compatibility on different
platforms, either your own or your customers.
• Cheap, zero-penalty containers to deploy services? A VM
without the overhead of a VM? Instant replay and reset of image
snapshots? That’s the power of Docker
For Ops / Devops
• Configure once…run anything
• Make the entire lifecycle more efficient, consistent, and
repeatable
• Increase the quality of code produced by developers.
• Eliminate inconsistencies between development, test,
production, and customer environments
• Support segregation of duties
• Significantly improves the speed and reliability of continuous
deployment and continuous integration systems
• Because the containers are so lightweight, address significant
performance, costs, deployment, and portability issues normally
associated with VMs
Trying Docker
Start experiment
2
Installing
https://docs.docker.com/engine/installation/
• $ sudo apt-get install apt-transport-https ca-
certificate
• $ sudo apt-get purge lxc-docker* docker.io*
• $ sudo echo “deb https://apt.dockerproject.org/repo
debian-stretch main” >
/etc/apt/source.list.d/docker.list
• $ sudo apt-key adv --keyserver hkp://p80.pool.sks-
keyservers.net:80 --recv-keys
58118E89F3A912897C070ADBF76221572C526
09D
• $ sudo apt-get update
• $ sudo apt-get install docker-engine
• $ sudo service docker start
• $ sudo docker info
• $ sudo groupadd docker
• $ sudo gpasswd –a ${USER} docker
• $ sudo service docker restart
Terminology
Image
Read only layer used to
build a container. They do
not change.
Container
Self contained runtime
environment using one or
more images. You can
commit your changes to a
container and create an
image.
Hub / Registry
Public or private servers
which act as repository
where pople can upload
images and share what
they made.
29
First Interaction
• xathrya@bluewyvern$ docker run -ti
ubuntu:12.04 /bin/bash
• $ cat /etc/issue
Ubuntu 12.04
We are running a container, open it in
interactive mode, and running a command
What docker really do?
• Downloaded the image from Hub / Registry
• Generated a new container
• Created a new file system
• Mounted a read/write layer
• Allocated network interface
• Setup IP
• Setup NAT
• Executed bash shell in container
Docker Registry
• https://hub.docker.com/
Officials and user generated container, such as:
• Nginx
• Ubuntu
• Redis
• Mongo
• etc
Let’s Try An App
• $ docker run -d -P training/webapp python
app.py
• $ docker ps
You must see something like: 0.0.0.0:32768-
>5000/tcp
Go to web browser and enter url:
localhost:32768
Docker exposed port 5000 (default Python Flask
port) to our host in port 32768
• $ docker run –d –p 8080:5000 training/webapp
Some Commands
• $ docker run ubuntu /bin/echo hello world
• $ docker run -d ubuntu
• $ docker images
• $ docker ps -a
• $ docker stop / start <id>
• $ docker inspect <id>
• $ docker attach <id>
• $ docker commit <id>
• $ docker rmi $(docker images -aq)
• $ docker rm $(docker ps -aq)
Building Own Image
Actually two ways
◉Update container created from an image and
commit the results to a new image
◉Create Dockerfile
If you having experience with Vagrant, it’s
similar concept.
Dockerfile is a file to create and configure a
new image so it can be instanced as container.
37
[1] Layering Image
• $ docker run -ti training/sinatra /bin/bash
Get the ID from running container
• root@ID:/# gem install json
• root@ID:/# exit
• $ docker commit -m “Added json gem” -a
“Xathrya” ID xathrya/sinatra:v2:
[2] Using Dockerfile
• https://docs.docker.com/articles/dockerfile_
best-practices/
• Useful command: FROM, RUN, WORKDIR,
EXPOSE, CMD
• $ mkdir task1 && cd task1
• $ nano Dockerfile
FROM ubuntu:14.04
RUN apt-get update && apt-get install -y ruby
ruby-dev
RUN gem install sinatra
ENV HOSTNAME sinatra
• $ docker build -t xathrya/newsinatra:v1 .
• $ docker images
Container Network
• $ docker network ls
• $ docker network create -d bridge net-bridge
• $ docker run -d --net=net-bridge --name ruby
training/sinatra
Volume & Storage
Specially-designated directory within one or
more containers that bypasses the Union File
System. Useful for persistent or shared data.
• Initialized when container is created.
• Can be shared and reused among containers
• Changes to data volume will not be included
when you update image.
• Data volume persist even if container is
deleted.
• $ docker run -d -P --name web -v /webapp
training/webapp python app.py
mapped automagically chosen by docker engine
• $ docker run -d -P --name web -v
/src/webapp:/opt/webapp training/webapp
python.py
map /src/webapp (host) to /opt/webapp
(container)
And much more!
• See
https://docs.docker/com/engine/tutorials/
Stack Example:
DAMP
Docker + Apache + MySQL + PHP.
3
Like Playing Lego
• Add container you need, like a component, by
their function.
• Every container has similar and uniform concept.
• Stack the container, to create complex
system.
• No need to worry about detail, focus and what you
need.
• Need to change a component? Just change it
• Upgrade version?
• Rollback?
Stack: MySQL
• $ docker run -p 3900:3306 --name mysql –e
MYSQL_ROOT_PASSWORD=toorsql -d
mysql:latest
• $ mysql -u root -p -h 127.0.0.1 –p 3900
• mysql> CREATE USER ‘php’@’%’ IDENTIFIED BY
‘pass’;
• mysql> GRANT ALL PRIVILEGES ON *.* TO
‘php’@’%’ WITH GRANT OPTION;
• mysql> FLUSH PRIVILEGES;
Stack: Apache (Dockerfile)
FROM ubuntu:12.04
RUN apt-get update
RUN apt-get install -y apache2
RUN apt-get install -y php5 php5-common php5-
cli php5-mysqli php5-curl
EXPOSE 80
CMD [“/usr/sbin/apache2ctl”, “-D”,
“FOREGROUND”]
• $ docker build –t xathrya/apache:v1 .
• $ docker images
• $ docker run -d -p 8080:80 --name apache --
link mysql:mysql -v
/var/www/html:/var/www/html
xathrya/apache:v1
• $ docker ps
Create index.php
<?php
phpinfo();
?>
Try http://localhost:8080/
<?php
$dsn = ‘mysql:host=‘.gethostbyname(‘mysql’);
$usr = ‘php’;
$pwd = ‘pass’;
Try {
$dbh = new PDO($dsn, $usr, $pwd);
} catch (PDOException $e) {
die (‘Connection failed: ’ . $e-
>getMessage());
}
echo ‘Connection made!!!’;
?>
DevOps and Modern
Day in Software
Engineering
Neet Dave the developer and Oscar the Operations
4
DevOps is
• Development + Operations
• Culture, movement, or practice that
emphasizes the collaboration and
communication of both software developers
and other IT professionals while automating
the process of software delivery and
infrastructure changes.
• Environment where building, testing, and
releasing software can happen rapidly,
frequently, and more reliably
Set of Toolchains
• Code – code development and review, continuous
integration tools
• Build – version control tools, code merging, build
status
• Test – test and results determine performance
• Package – artifact repository, application pre-
deployment staging
• Release – change management, release approvals,
release automation
• Configure – infrastructure configuration and
management
• Monitor – application performance monitoring
To name a few
• Docker (containerization)
• Jenkins (continuous integration)
• Puppet (infrastructure as code)
• Vagrant (virtualization platform)
Effectiveness
To practice DevOps effectively, software
application have to meet set of Architecture
Significant Requirements (ASRs)
• Deployability
• Modifiability
• Testability
• Monitorability
Most of time, microservice architectural style is
becoming standard for building continuous
deployed systems.
Three Ways Principle
• Systems Thinking
• Amplify Feedback Loops
• Culture of Continual Experimentation and
Learning
Scope of Activity
• Continuous Integration
• Continuous Delivery
• Continuous Testing
• Continuous Monitoring
Continuous Integration
• Practice of Agile Development
• Developer or Team of Developer is given sub
task
• For large project it might have multiple teams
developing different tasks.
• At the end, all tasks must be integrated to
build whole application.
• CI force devs to integrate individual work with
each other as early as possible.
Continuous Delivery
• Step after integrating, deliver to next stage of
application delivery lifecycle.
• The goal is to get the new features that devs
created as soon as possible to QA and to
production.
• Not all integration should come to QA, only
good one at a time.
• In terms of functionality, stability, and other
NFSs
• In essence: practice of regularly delivering
application to QA and operations for
validation and potential release to customers.
Continuous Testing
• Process of executing automated tests
• Scope of testing:
• Validating bottom-up requirements
• Validating user stories to assessing system
requirement associated with overarching business
goals
• Object is provided by previous phase
• Give (fast) feedback to development
regarding the level of business risk in latest
build.
Continuous Monitoring
• Detect compliance and risk issues associated
with organization financial and operational
environment.
• Correct or replace weak or poorly designed
controls
The Conflict
• Earlier: Devs vs Ops
Continuous Integration setup consists of
• Running unit test
• Compiling service
• Build Docker image that we run and deploy
• Pushing final image to Docker registry
Docker registry might be local repository.
https://docs.docker.com/registry/deploying/
Deployment might depends on infrastructure or
cloud provider. Few cloud providers support
Docker image:
• Amazon EC2 Container Service
• Digital Ocean
• Giant Swarm
What’s Next?
Futures of docker
5

Mais conteúdo relacionado

Mais procurados

Web security for developers
Web security for developersWeb security for developers
Web security for developersSunny Neo
 
Automated Malware Analysis and Cyber Security Intelligence
Automated Malware Analysis and Cyber Security IntelligenceAutomated Malware Analysis and Cyber Security Intelligence
Automated Malware Analysis and Cyber Security IntelligenceJason Choi
 
ShmooCon 2015: No Budget Threat Intelligence - Tracking Malware Campaigns on ...
ShmooCon 2015: No Budget Threat Intelligence - Tracking Malware Campaigns on ...ShmooCon 2015: No Budget Threat Intelligence - Tracking Malware Campaigns on ...
ShmooCon 2015: No Budget Threat Intelligence - Tracking Malware Campaigns on ...Andrew Morris
 
Introduction to Dynamic Malware Analysis ...Or am I "Cuckoo for Malware?"
Introduction to Dynamic Malware Analysis   ...Or am I "Cuckoo for Malware?"Introduction to Dynamic Malware Analysis   ...Or am I "Cuckoo for Malware?"
Introduction to Dynamic Malware Analysis ...Or am I "Cuckoo for Malware?"Lane Huff
 
Weekend Malware Research 2012
Weekend Malware Research 2012Weekend Malware Research 2012
Weekend Malware Research 2012Andrew Morris
 
Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...
Malware Analysis 101 -  N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...Malware Analysis 101 -  N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...
Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...grecsl
 
The Future of Automated Malware Generation
The Future of Automated Malware GenerationThe Future of Automated Malware Generation
The Future of Automated Malware GenerationStephan Chenette
 
Hunting Layered Malware by Raul Alvarez
Hunting Layered Malware by Raul AlvarezHunting Layered Malware by Raul Alvarez
Hunting Layered Malware by Raul AlvarezEC-Council
 
Android Malware Analysis
Android Malware AnalysisAndroid Malware Analysis
Android Malware AnalysisJongWon Kim
 
Basic Malware Analysis
Basic Malware AnalysisBasic Malware Analysis
Basic Malware AnalysisAlbert Hui
 
Malware analysis, threat intelligence and reverse engineering
Malware analysis, threat intelligence and reverse engineeringMalware analysis, threat intelligence and reverse engineering
Malware analysis, threat intelligence and reverse engineeringbartblaze
 
Introduction to red team operations
Introduction to red team operationsIntroduction to red team operations
Introduction to red team operationsSunny Neo
 
Malware analysis _ Threat Intelligence Morocco
Malware analysis _ Threat Intelligence MoroccoMalware analysis _ Threat Intelligence Morocco
Malware analysis _ Threat Intelligence MoroccoTouhami Kasbaoui
 
From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation...
From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation...From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation...
From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation...Priyanka Aash
 
Deploying a Shadow Threat Intel Capability at Thotcon on May 6, 2016
Deploying a Shadow Threat Intel Capability at Thotcon on May 6, 2016Deploying a Shadow Threat Intel Capability at Thotcon on May 6, 2016
Deploying a Shadow Threat Intel Capability at Thotcon on May 6, 2016grecsl
 
IoT Malware: Comprehensive Survey, Analysis Framework and Case Studies
IoT Malware: Comprehensive Survey, Analysis Framework and Case StudiesIoT Malware: Comprehensive Survey, Analysis Framework and Case Studies
IoT Malware: Comprehensive Survey, Analysis Framework and Case StudiesPriyanka Aash
 
Automatic tool for static analysis
Automatic tool for static analysisAutomatic tool for static analysis
Automatic tool for static analysisChong-Kuan Chen
 
(130119) #fitalk apt, cyber espionage threat
(130119) #fitalk   apt, cyber espionage threat(130119) #fitalk   apt, cyber espionage threat
(130119) #fitalk apt, cyber espionage threatINSIGHT FORENSIC
 

Mais procurados (20)

Web security for developers
Web security for developersWeb security for developers
Web security for developers
 
Automated Malware Analysis and Cyber Security Intelligence
Automated Malware Analysis and Cyber Security IntelligenceAutomated Malware Analysis and Cyber Security Intelligence
Automated Malware Analysis and Cyber Security Intelligence
 
ShmooCon 2015: No Budget Threat Intelligence - Tracking Malware Campaigns on ...
ShmooCon 2015: No Budget Threat Intelligence - Tracking Malware Campaigns on ...ShmooCon 2015: No Budget Threat Intelligence - Tracking Malware Campaigns on ...
ShmooCon 2015: No Budget Threat Intelligence - Tracking Malware Campaigns on ...
 
Introduction to Dynamic Malware Analysis ...Or am I "Cuckoo for Malware?"
Introduction to Dynamic Malware Analysis   ...Or am I "Cuckoo for Malware?"Introduction to Dynamic Malware Analysis   ...Or am I "Cuckoo for Malware?"
Introduction to Dynamic Malware Analysis ...Or am I "Cuckoo for Malware?"
 
Weekend Malware Research 2012
Weekend Malware Research 2012Weekend Malware Research 2012
Weekend Malware Research 2012
 
iOS Application Pentesting
iOS Application PentestingiOS Application Pentesting
iOS Application Pentesting
 
Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...
Malware Analysis 101 -  N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...Malware Analysis 101 -  N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...
Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...
 
The Future of Automated Malware Generation
The Future of Automated Malware GenerationThe Future of Automated Malware Generation
The Future of Automated Malware Generation
 
Hunting Layered Malware by Raul Alvarez
Hunting Layered Malware by Raul AlvarezHunting Layered Malware by Raul Alvarez
Hunting Layered Malware by Raul Alvarez
 
Android Malware Analysis
Android Malware AnalysisAndroid Malware Analysis
Android Malware Analysis
 
Basic Malware Analysis
Basic Malware AnalysisBasic Malware Analysis
Basic Malware Analysis
 
Malware analysis, threat intelligence and reverse engineering
Malware analysis, threat intelligence and reverse engineeringMalware analysis, threat intelligence and reverse engineering
Malware analysis, threat intelligence and reverse engineering
 
Introduction to red team operations
Introduction to red team operationsIntroduction to red team operations
Introduction to red team operations
 
Malware analysis _ Threat Intelligence Morocco
Malware analysis _ Threat Intelligence MoroccoMalware analysis _ Threat Intelligence Morocco
Malware analysis _ Threat Intelligence Morocco
 
From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation...
From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation...From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation...
From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation...
 
Deploying a Shadow Threat Intel Capability at Thotcon on May 6, 2016
Deploying a Shadow Threat Intel Capability at Thotcon on May 6, 2016Deploying a Shadow Threat Intel Capability at Thotcon on May 6, 2016
Deploying a Shadow Threat Intel Capability at Thotcon on May 6, 2016
 
Malware analysis
Malware analysisMalware analysis
Malware analysis
 
IoT Malware: Comprehensive Survey, Analysis Framework and Case Studies
IoT Malware: Comprehensive Survey, Analysis Framework and Case StudiesIoT Malware: Comprehensive Survey, Analysis Framework and Case Studies
IoT Malware: Comprehensive Survey, Analysis Framework and Case Studies
 
Automatic tool for static analysis
Automatic tool for static analysisAutomatic tool for static analysis
Automatic tool for static analysis
 
(130119) #fitalk apt, cyber espionage threat
(130119) #fitalk   apt, cyber espionage threat(130119) #fitalk   apt, cyber espionage threat
(130119) #fitalk apt, cyber espionage threat
 

Semelhante a Docker and-daily-devops

Docker - Portable Deployment
Docker - Portable DeploymentDocker - Portable Deployment
Docker - Portable Deploymentjavaonfly
 
Intro to Docker November 2013
Intro to Docker November 2013Intro to Docker November 2013
Intro to Docker November 2013Docker, Inc.
 
Demystifying Containerization Principles for Data Scientists
Demystifying Containerization Principles for Data ScientistsDemystifying Containerization Principles for Data Scientists
Demystifying Containerization Principles for Data ScientistsDr Ganesh Iyer
 
Dockers and kubernetes
Dockers and kubernetesDockers and kubernetes
Dockers and kubernetesDr Ganesh Iyer
 
Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013
Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013
Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013dotCloud
 
Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment Arun prasath
 
Intro Docker october 2013
Intro Docker october 2013Intro Docker october 2013
Intro Docker october 2013dotCloud
 
Journey to the devops automation with docker kubernetes and openshift
Journey to the devops automation with docker kubernetes and openshiftJourney to the devops automation with docker kubernetes and openshift
Journey to the devops automation with docker kubernetes and openshiftYusuf Hadiwinata Sutandar
 
Cassandra and Docker Lessons Learned
Cassandra and Docker Lessons LearnedCassandra and Docker Lessons Learned
Cassandra and Docker Lessons LearnedDataStax Academy
 
Why Docker
Why DockerWhy Docker
Why DockerdotCloud
 
Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to DockerAditya Konarde
 
Why docker | OSCON 2013
Why docker | OSCON 2013Why docker | OSCON 2013
Why docker | OSCON 2013dotCloud
 
Docker-Hanoi @DKT , Presentation about Docker Ecosystem
Docker-Hanoi @DKT , Presentation about Docker EcosystemDocker-Hanoi @DKT , Presentation about Docker Ecosystem
Docker-Hanoi @DKT , Presentation about Docker EcosystemVan Phuc
 
Docker introduction
Docker introductionDocker introduction
Docker introductionJo Ee Liew
 
Docker, Containers and the Future of Application Delivery
Docker, Containers and the Future of Application DeliveryDocker, Containers and the Future of Application Delivery
Docker, Containers and the Future of Application DeliveryDocker, Inc.
 
Docker, Containers and the Future of Application Delivery
Docker, Containers and the Future of Application DeliveryDocker, Containers and the Future of Application Delivery
Docker, Containers and the Future of Application DeliveryDocker, Inc.
 

Semelhante a Docker and-daily-devops (20)

Docker Introduction
Docker IntroductionDocker Introduction
Docker Introduction
 
Docker - Portable Deployment
Docker - Portable DeploymentDocker - Portable Deployment
Docker - Portable Deployment
 
Docker-Intro
Docker-IntroDocker-Intro
Docker-Intro
 
Intro to Docker November 2013
Intro to Docker November 2013Intro to Docker November 2013
Intro to Docker November 2013
 
Docker handons-workshop-for-charity
Docker handons-workshop-for-charityDocker handons-workshop-for-charity
Docker handons-workshop-for-charity
 
Demystifying Containerization Principles for Data Scientists
Demystifying Containerization Principles for Data ScientistsDemystifying Containerization Principles for Data Scientists
Demystifying Containerization Principles for Data Scientists
 
Dockers and kubernetes
Dockers and kubernetesDockers and kubernetes
Dockers and kubernetes
 
Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013
Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013
Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013
 
Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment
 
OpenStack Summit
OpenStack SummitOpenStack Summit
OpenStack Summit
 
Intro Docker october 2013
Intro Docker october 2013Intro Docker october 2013
Intro Docker october 2013
 
Journey to the devops automation with docker kubernetes and openshift
Journey to the devops automation with docker kubernetes and openshiftJourney to the devops automation with docker kubernetes and openshift
Journey to the devops automation with docker kubernetes and openshift
 
Cassandra and Docker Lessons Learned
Cassandra and Docker Lessons LearnedCassandra and Docker Lessons Learned
Cassandra and Docker Lessons Learned
 
Why Docker
Why DockerWhy Docker
Why Docker
 
Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to Docker
 
Why docker | OSCON 2013
Why docker | OSCON 2013Why docker | OSCON 2013
Why docker | OSCON 2013
 
Docker-Hanoi @DKT , Presentation about Docker Ecosystem
Docker-Hanoi @DKT , Presentation about Docker EcosystemDocker-Hanoi @DKT , Presentation about Docker Ecosystem
Docker-Hanoi @DKT , Presentation about Docker Ecosystem
 
Docker introduction
Docker introductionDocker introduction
Docker introduction
 
Docker, Containers and the Future of Application Delivery
Docker, Containers and the Future of Application DeliveryDocker, Containers and the Future of Application Delivery
Docker, Containers and the Future of Application Delivery
 
Docker, Containers and the Future of Application Delivery
Docker, Containers and the Future of Application DeliveryDocker, Containers and the Future of Application Delivery
Docker, Containers and the Future of Application Delivery
 

Mais de Satria Ady Pradana

Rekayasa Balik - Sebuah Hikayat dari Dunia Digital
Rekayasa Balik - Sebuah Hikayat dari Dunia DigitalRekayasa Balik - Sebuah Hikayat dari Dunia Digital
Rekayasa Balik - Sebuah Hikayat dari Dunia DigitalSatria Ady Pradana
 
The Offensive Python - Practical Python for Penetration Testing
The Offensive Python - Practical Python for Penetration TestingThe Offensive Python - Practical Python for Penetration Testing
The Offensive Python - Practical Python for Penetration TestingSatria Ady Pradana
 
From Reversing to Exploitation
From Reversing to ExploitationFrom Reversing to Exploitation
From Reversing to ExploitationSatria Ady Pradana
 
Android Security : A Hacker's Perspective
Android Security : A Hacker's PerspectiveAndroid Security : A Hacker's Perspective
Android Security : A Hacker's PerspectiveSatria Ady Pradana
 
Bypass Security Checking with Frida
Bypass Security Checking with FridaBypass Security Checking with Frida
Bypass Security Checking with FridaSatria Ady Pradana
 
(Workshop) Reverse Engineering - Protecting and Breaking the Software
(Workshop) Reverse Engineering - Protecting and Breaking the Software(Workshop) Reverse Engineering - Protecting and Breaking the Software
(Workshop) Reverse Engineering - Protecting and Breaking the SoftwareSatria Ady Pradana
 
Reverse Engineering - Protecting and Breaking the Software
Reverse Engineering - Protecting and Breaking the SoftwareReverse Engineering - Protecting and Breaking the Software
Reverse Engineering - Protecting and Breaking the SoftwareSatria Ady Pradana
 
(Workshop) Memory Forensic - Investigating Memory Artefact
(Workshop) Memory Forensic - Investigating Memory Artefact(Workshop) Memory Forensic - Investigating Memory Artefact
(Workshop) Memory Forensic - Investigating Memory ArtefactSatria Ady Pradana
 
Memory Forensic - Investigating Memory Artefact
Memory Forensic - Investigating Memory ArtefactMemory Forensic - Investigating Memory Artefact
Memory Forensic - Investigating Memory ArtefactSatria Ady Pradana
 
Drac lab automatic malware analysis &amp; repository
Drac lab   automatic malware analysis &amp; repositoryDrac lab   automatic malware analysis &amp; repository
Drac lab automatic malware analysis &amp; repositorySatria Ady Pradana
 
Tugas Akhir 13510030 - Analisis Keamanan Dalam Pengembangan Sistem Transaksi ...
Tugas Akhir 13510030 - Analisis Keamanan Dalam Pengembangan Sistem Transaksi ...Tugas Akhir 13510030 - Analisis Keamanan Dalam Pengembangan Sistem Transaksi ...
Tugas Akhir 13510030 - Analisis Keamanan Dalam Pengembangan Sistem Transaksi ...Satria Ady Pradana
 

Mais de Satria Ady Pradana (14)

Rekayasa Balik - Sebuah Hikayat dari Dunia Digital
Rekayasa Balik - Sebuah Hikayat dari Dunia DigitalRekayasa Balik - Sebuah Hikayat dari Dunia Digital
Rekayasa Balik - Sebuah Hikayat dari Dunia Digital
 
The Offensive Python - Practical Python for Penetration Testing
The Offensive Python - Practical Python for Penetration TestingThe Offensive Python - Practical Python for Penetration Testing
The Offensive Python - Practical Python for Penetration Testing
 
From Reversing to Exploitation
From Reversing to ExploitationFrom Reversing to Exploitation
From Reversing to Exploitation
 
Android Security : A Hacker's Perspective
Android Security : A Hacker's PerspectiveAndroid Security : A Hacker's Perspective
Android Security : A Hacker's Perspective
 
Bypass Security Checking with Frida
Bypass Security Checking with FridaBypass Security Checking with Frida
Bypass Security Checking with Frida
 
(Workshop) Reverse Engineering - Protecting and Breaking the Software
(Workshop) Reverse Engineering - Protecting and Breaking the Software(Workshop) Reverse Engineering - Protecting and Breaking the Software
(Workshop) Reverse Engineering - Protecting and Breaking the Software
 
Reverse Engineering - Protecting and Breaking the Software
Reverse Engineering - Protecting and Breaking the SoftwareReverse Engineering - Protecting and Breaking the Software
Reverse Engineering - Protecting and Breaking the Software
 
(Workshop) Memory Forensic - Investigating Memory Artefact
(Workshop) Memory Forensic - Investigating Memory Artefact(Workshop) Memory Forensic - Investigating Memory Artefact
(Workshop) Memory Forensic - Investigating Memory Artefact
 
Memory Forensic - Investigating Memory Artefact
Memory Forensic - Investigating Memory ArtefactMemory Forensic - Investigating Memory Artefact
Memory Forensic - Investigating Memory Artefact
 
Another Side of Hacking
Another Side of HackingAnother Side of Hacking
Another Side of Hacking
 
Drac lab automatic malware analysis &amp; repository
Drac lab   automatic malware analysis &amp; repositoryDrac lab   automatic malware analysis &amp; repository
Drac lab automatic malware analysis &amp; repository
 
Path of Cyber Security
Path of Cyber SecurityPath of Cyber Security
Path of Cyber Security
 
Defense of the assets
Defense of the assetsDefense of the assets
Defense of the assets
 
Tugas Akhir 13510030 - Analisis Keamanan Dalam Pengembangan Sistem Transaksi ...
Tugas Akhir 13510030 - Analisis Keamanan Dalam Pengembangan Sistem Transaksi ...Tugas Akhir 13510030 - Analisis Keamanan Dalam Pengembangan Sistem Transaksi ...
Tugas Akhir 13510030 - Analisis Keamanan Dalam Pengembangan Sistem Transaksi ...
 

Último

Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?SANGHEE SHIN
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopBachir Benyammi
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfDaniel Santiago Silva Capera
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 
Introduction to Quantum Computing
Introduction to Quantum ComputingIntroduction to Quantum Computing
Introduction to Quantum ComputingGDSC PJATK
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IES VE
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Websitedgelyza
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...DianaGray10
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPathCommunity
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 
Spring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfSpring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfAnna Loughnan Colquhoun
 
Things you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceThings you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceMartin Humpolec
 
Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.francesco barbera
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdfPedro Manuel
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.YounusS2
 

Último (20)

Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 
Introduction to Quantum Computing
Introduction to Quantum ComputingIntroduction to Quantum Computing
Introduction to Quantum Computing
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 
Spring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfSpring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdf
 
Things you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceThings you didn't know you can use in your Salesforce
Things you didn't know you can use in your Salesforce
 
Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.
 

Docker and-daily-devops

  • 2. Hello! I am Satria Ady Pradana A man who is obsessed to low level technology. Member of Dago Cybernesha team. 2
  • 3. “ Virtualization is like a Swiss army knife. You can use it in a number of different situations 3
  • 4. Introduction to Docker & Container Let’s start with basic question. 1
  • 6. Why is Docker Awesome? ◉It’s like a Virtual Machine, but much lightweight. ◉Can up and run in few seconds. ◉Easy deploy, easy remove. ◉Clear separation of concerns. ◉Scale more easily ◉Get higher density and run more workloads
  • 7. Virtual Machine Spot the Difference Container
  • 8. Container Isolated environment, but share OS and appropriate bins / libraries.
  • 9. Virtual Machine Impractical to store and transfer. If you want to replicate a VM which used as a service, you need full VM for each of instance. 1 GB space for 1 instance = 1 TB for 1000 instance. Some notes Container Share a bulk of space to hundred or thousands of containers, thanks to union file system. VMs are very large, which makes.
  • 10. Virtual Machine Full virtualized system means allocate resource to specific VM. Heavier! Some notes Container No need to create virtual device. All container share host, running on top op same kernel but isolated. Resource utilization
  • 11. Virtual Machine Takes minutes to start. Some notes Container Take a few seconds, mostly. Performance
  • 12. The usage? Let’s talk in an analogy
  • 14. ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? Then we have NxN Matrix
  • 15. MultiplicityofGoods Multiplicityof methodsfor transporting/storing DoIworryabout howgoodsinteract (e.g.coffeebeans nexttospices) CanItransport quicklyandsmoothly (e.g.fromboatto traintotruck) Solution: Intermodal Shipping Container …in between, can be loaded and unloaded, stacked, transported efficiently over long distances, and transferred from one mode of transport to another A standard container that is loaded with virtually any goods, and stays sealed until it reaches final delivery.
  • 16. This eliminated the NXN problem…
  • 17. and spawned an Intermodal Shipping Container Ecosystem • 90% of all cargo now shipped in a standard container • Order of magnitude reduction in cost and time to load and unload ships • Massive reduction in losses due to theft or damage • Huge reduction in freight cost as percent of final goods (from >25% to <3%)  massive globalizations • 5000 ships deliver 200M containers per year
  • 18. Did you figure it out? ◉It’s like our code and environment to run the code. ◉A problem in development and deployment.
  • 19. Static website Web frontend User DB Queue Analytics DB Background workers API endpoint nginx 1.5 + modsecurity + openssl + bootstrap 2 postgresql + pgv8 + v8 hadoop + hive + thrift + OpenJDK Ruby + Rails + sass + Unicorn Redis + redis-sentinel Python 3.0 + celery + pyredis + libcurl + ffmpeg + libopencv + nodejs + phantomjs Python 2.7 + Flask + pyredis + celery + psycopg + postgresql-client Development VM QA server Public Cloud Disaster recovery Contributor’s laptop Production Servers Meet Code and EnvironmentMultiplicityofStacks Multiplicityof hardware environments Production Cluster Customer Data Center Doservicesandapps interact appropriately? CanImigrate smoothlyand quickly?
  • 20. Static website Web frontendUser DB Queue Analytics DB Developm ent VM QA server Public Cloud Contributor’ s laptop We need a shipping container system for code MultiplicityofStacks Multiplicityof hardware environments Production Cluster Customer Data Center Doservicesandapps interact appropriately? CanImigrate smoothlyandquickly …that can be manipulated using standard operations and run consistently on virtually any hardware platform An engine that enables any payload to be encapsulated as a lightweight, portable, self- sufficient container…
  • 21. Why containers matter? Physical Containers Docker Content Agnostic The same container can hold almost any type of cargo Can encapsulate any payload and its dependencies Hardware Agnostic Standard shape and interface allow same container to move from ship to train to semi-truck to warehouse to crane without being modified or opened Using operating system primitives (e.g. LXC) can run consistently on virtually any hardware—VMs, bare metal, openstack, public IAAS, etc.— without modification Content Isolation and Interaction No worry about anvils crushing bananas. Containers can be stacked and shipped together Resource, network, and content isolation. Avoids dependency hell Automation Standard interfaces make it easy to automate loading, unloading, moving, etc. Standard operations to run, start, stop, commit, search, etc. Perfect for devops: CI, CD, autoscaling, hybrid clouds
  • 22. Physical Containers Docker Highly efficient No opening or modification, quick to move between waypoints Lightweight, virtually no perf or start-up penalty, quick to move and manipulate Separation of duties Shipper worries about inside of box, carrier worries about outside of box Developer worries about code. Ops worries about infrastructure. Physical Containers Docker Highly efficient No opening or modification, quick to move between waypoints Lightweight, virtually no perf or start-up penalty, quick to move and manipulate Separation of duties Shipper worries about inside of box, carrier worries about outside of box Developer worries about code. Ops worries about infrastructure.
  • 23. Now everyone happy! Build once, run anywhere Configure once, run anything Devs Ops
  • 24. For Developers • Build once…run anywhere • A clean, safe, hygienic and portable runtime environment for your app. • No worries about missing dependencies, packages and other pain points during subsequent deployments. • Run each app in its own isolated container, so you can run various versions of libraries and other dependencies for each app without worrying • Automate testing, integration, packaging…anything you can script • Reduce/eliminate concerns about compatibility on different platforms, either your own or your customers. • Cheap, zero-penalty containers to deploy services? A VM without the overhead of a VM? Instant replay and reset of image snapshots? That’s the power of Docker
  • 25. For Ops / Devops • Configure once…run anything • Make the entire lifecycle more efficient, consistent, and repeatable • Increase the quality of code produced by developers. • Eliminate inconsistencies between development, test, production, and customer environments • Support segregation of duties • Significantly improves the speed and reliability of continuous deployment and continuous integration systems • Because the containers are so lightweight, address significant performance, costs, deployment, and portability issues normally associated with VMs
  • 27. Installing https://docs.docker.com/engine/installation/ • $ sudo apt-get install apt-transport-https ca- certificate • $ sudo apt-get purge lxc-docker* docker.io* • $ sudo echo “deb https://apt.dockerproject.org/repo debian-stretch main” > /etc/apt/source.list.d/docker.list • $ sudo apt-key adv --keyserver hkp://p80.pool.sks- keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C526 09D
  • 28. • $ sudo apt-get update • $ sudo apt-get install docker-engine • $ sudo service docker start • $ sudo docker info • $ sudo groupadd docker • $ sudo gpasswd –a ${USER} docker • $ sudo service docker restart
  • 29. Terminology Image Read only layer used to build a container. They do not change. Container Self contained runtime environment using one or more images. You can commit your changes to a container and create an image. Hub / Registry Public or private servers which act as repository where pople can upload images and share what they made. 29
  • 30. First Interaction • xathrya@bluewyvern$ docker run -ti ubuntu:12.04 /bin/bash • $ cat /etc/issue Ubuntu 12.04 We are running a container, open it in interactive mode, and running a command
  • 31. What docker really do? • Downloaded the image from Hub / Registry • Generated a new container • Created a new file system • Mounted a read/write layer • Allocated network interface • Setup IP • Setup NAT • Executed bash shell in container
  • 32. Docker Registry • https://hub.docker.com/ Officials and user generated container, such as: • Nginx • Ubuntu • Redis • Mongo • etc
  • 33. Let’s Try An App • $ docker run -d -P training/webapp python app.py • $ docker ps You must see something like: 0.0.0.0:32768- >5000/tcp Go to web browser and enter url: localhost:32768 Docker exposed port 5000 (default Python Flask port) to our host in port 32768 • $ docker run –d –p 8080:5000 training/webapp
  • 34. Some Commands • $ docker run ubuntu /bin/echo hello world • $ docker run -d ubuntu • $ docker images • $ docker ps -a • $ docker stop / start <id> • $ docker inspect <id> • $ docker attach <id> • $ docker commit <id> • $ docker rmi $(docker images -aq) • $ docker rm $(docker ps -aq)
  • 36. Actually two ways ◉Update container created from an image and commit the results to a new image ◉Create Dockerfile If you having experience with Vagrant, it’s similar concept. Dockerfile is a file to create and configure a new image so it can be instanced as container.
  • 37. 37
  • 38. [1] Layering Image • $ docker run -ti training/sinatra /bin/bash Get the ID from running container • root@ID:/# gem install json • root@ID:/# exit • $ docker commit -m “Added json gem” -a “Xathrya” ID xathrya/sinatra:v2:
  • 39. [2] Using Dockerfile • https://docs.docker.com/articles/dockerfile_ best-practices/ • Useful command: FROM, RUN, WORKDIR, EXPOSE, CMD
  • 40. • $ mkdir task1 && cd task1 • $ nano Dockerfile FROM ubuntu:14.04 RUN apt-get update && apt-get install -y ruby ruby-dev RUN gem install sinatra ENV HOSTNAME sinatra • $ docker build -t xathrya/newsinatra:v1 . • $ docker images
  • 42. • $ docker network ls • $ docker network create -d bridge net-bridge • $ docker run -d --net=net-bridge --name ruby training/sinatra
  • 44. Specially-designated directory within one or more containers that bypasses the Union File System. Useful for persistent or shared data. • Initialized when container is created. • Can be shared and reused among containers • Changes to data volume will not be included when you update image. • Data volume persist even if container is deleted.
  • 45. • $ docker run -d -P --name web -v /webapp training/webapp python app.py mapped automagically chosen by docker engine • $ docker run -d -P --name web -v /src/webapp:/opt/webapp training/webapp python.py map /src/webapp (host) to /opt/webapp (container)
  • 48. Stack Example: DAMP Docker + Apache + MySQL + PHP. 3
  • 49. Like Playing Lego • Add container you need, like a component, by their function. • Every container has similar and uniform concept. • Stack the container, to create complex system. • No need to worry about detail, focus and what you need. • Need to change a component? Just change it • Upgrade version? • Rollback?
  • 50. Stack: MySQL • $ docker run -p 3900:3306 --name mysql –e MYSQL_ROOT_PASSWORD=toorsql -d mysql:latest • $ mysql -u root -p -h 127.0.0.1 –p 3900 • mysql> CREATE USER ‘php’@’%’ IDENTIFIED BY ‘pass’; • mysql> GRANT ALL PRIVILEGES ON *.* TO ‘php’@’%’ WITH GRANT OPTION; • mysql> FLUSH PRIVILEGES;
  • 51. Stack: Apache (Dockerfile) FROM ubuntu:12.04 RUN apt-get update RUN apt-get install -y apache2 RUN apt-get install -y php5 php5-common php5- cli php5-mysqli php5-curl EXPOSE 80 CMD [“/usr/sbin/apache2ctl”, “-D”, “FOREGROUND”]
  • 52. • $ docker build –t xathrya/apache:v1 . • $ docker images • $ docker run -d -p 8080:80 --name apache -- link mysql:mysql -v /var/www/html:/var/www/html xathrya/apache:v1 • $ docker ps
  • 54. <?php $dsn = ‘mysql:host=‘.gethostbyname(‘mysql’); $usr = ‘php’; $pwd = ‘pass’; Try { $dbh = new PDO($dsn, $usr, $pwd); } catch (PDOException $e) { die (‘Connection failed: ’ . $e- >getMessage()); } echo ‘Connection made!!!’; ?>
  • 55. DevOps and Modern Day in Software Engineering Neet Dave the developer and Oscar the Operations 4
  • 56. DevOps is • Development + Operations • Culture, movement, or practice that emphasizes the collaboration and communication of both software developers and other IT professionals while automating the process of software delivery and infrastructure changes. • Environment where building, testing, and releasing software can happen rapidly, frequently, and more reliably
  • 57. Set of Toolchains • Code – code development and review, continuous integration tools • Build – version control tools, code merging, build status • Test – test and results determine performance • Package – artifact repository, application pre- deployment staging • Release – change management, release approvals, release automation • Configure – infrastructure configuration and management • Monitor – application performance monitoring
  • 58. To name a few • Docker (containerization) • Jenkins (continuous integration) • Puppet (infrastructure as code) • Vagrant (virtualization platform)
  • 59. Effectiveness To practice DevOps effectively, software application have to meet set of Architecture Significant Requirements (ASRs) • Deployability • Modifiability • Testability • Monitorability Most of time, microservice architectural style is becoming standard for building continuous deployed systems.
  • 60. Three Ways Principle • Systems Thinking • Amplify Feedback Loops • Culture of Continual Experimentation and Learning
  • 61. Scope of Activity • Continuous Integration • Continuous Delivery • Continuous Testing • Continuous Monitoring
  • 62. Continuous Integration • Practice of Agile Development • Developer or Team of Developer is given sub task • For large project it might have multiple teams developing different tasks. • At the end, all tasks must be integrated to build whole application. • CI force devs to integrate individual work with each other as early as possible.
  • 63. Continuous Delivery • Step after integrating, deliver to next stage of application delivery lifecycle. • The goal is to get the new features that devs created as soon as possible to QA and to production. • Not all integration should come to QA, only good one at a time. • In terms of functionality, stability, and other NFSs • In essence: practice of regularly delivering application to QA and operations for validation and potential release to customers.
  • 64. Continuous Testing • Process of executing automated tests • Scope of testing: • Validating bottom-up requirements • Validating user stories to assessing system requirement associated with overarching business goals • Object is provided by previous phase • Give (fast) feedback to development regarding the level of business risk in latest build.
  • 65. Continuous Monitoring • Detect compliance and risk issues associated with organization financial and operational environment. • Correct or replace weak or poorly designed controls
  • 67. Continuous Integration setup consists of • Running unit test • Compiling service • Build Docker image that we run and deploy • Pushing final image to Docker registry Docker registry might be local repository. https://docs.docker.com/registry/deploying/
  • 68. Deployment might depends on infrastructure or cloud provider. Few cloud providers support Docker image: • Amazon EC2 Container Service • Digital Ocean • Giant Swarm