Containers

© Study9
LXC Technology Stack
 History of
Containerization
So what is new?

Docker Kubernetes Microservices

Event Driven
DCOS
Architectures
Microservices
© Study9
Divide and Conquer
Challenges in Monolithic Architecture
• Developer coordination due to developer inter dependency
• Large code overloading IDE runtime – impacting developer
productivity
• Nobody knows impact of refactoring - so even if alternative
technology stack /language can provide clear benefits, people are
hesitant to adopt and refactor
• One component fails and the whole app goes down
• Scaling such a monolithic application can only be accomplished by
deploying the same EAR/WAR packages in more servers – also
known as horizontal scaling. Each copy of the application in
various servers will utilize the same amount of underlying
resources.
Scale Cube
Scaling by splitting different things
Benefits
• Each microservice is relatively small
• Easier for a developer to understand
• The IDE is faster making developers more productive
• The web container starts faster, which makes developers more productive,
and speeds up deployments
• Each service can be deployed independently of other services - easier to
deploy new versions of services frequently
• Easier to scale development. It enables you to organize the development
effort around multiple teams. Each team can develop, deploy and scale their
service independently of all of the other teams.
• Improved fault isolation. For example, if there is a memory leak in one service
then only that service will be affected. The other services will continue to
handle requests. In comparison, one misbehaving component of a monolithic
architecture can bring down the entire system.
• Each service can be developed and deployed independently
• Eliminates any long-term commitment to a technology stack
 How to implement MicroServices
• Step 1: Decide on a application division strategy
• Step 2: Decide on a team division strategy
• Step 3: Have clear documented approach of service interactions
and choice of interaction method –
• Request/Response
• Event Driven with Queues (Kafka)
• Step 4: Choose and implement hosting strategy
• Container
• VM
• Bare-metal (performance focused)
Best Practices
• Design for one service per container
• Implement a service discovery solution – Dont use IP
• Etcd
• Consul
• Zookeeper
• Distribute shared assets via CDN – Shared Storage for Static Data
such as MIME
• Implement API Gateway
• Database hosting should be done outside of container
orchestration layer and preferably in a DBaaS way
Drawbacks
• Developers must deal with the additional complexity of creating a
distributed system.
• Developer tools/IDEs are oriented on building monolithic applications
and don’t provide explicit support for developing distributed
applications.
• Testing is more difficult
• Developers must implement the inter-service communication
mechanism.
• Implementing use cases that span multiple services requires careful
coordination between the teams
• Deployment complexity. In production, there is also the operational
complexity of deploying and managing a system comprised of many
different service types.
Why Docker is a Great Fit?
• Single process bundled with libs and bins required to run
• Docker is portable and can move across multiple systems ensuring HA
• Docker is fast to provision
• Docker can quickly come up, do a job and immediately remove itself
• Scaling is fast
• Using kubernetes logical service grouping, the individual app failure is
not impacting end user experience
Companies who have adopted
• Netflix, eBay, Amazon, the UK Government Digital Service,
realestate.com.au, Forward, Twitter, PayPal, Gilt, Bluemix, Soundcloud,
The Guardian, and many other large-scale websites and applications
have all evolved from monolithic to microservices architecture
• Netflix has a widespread architecture that has evolved from monolithic
to SOA. It receives more than one billion calls every day, from more
than 800 different types of devices, to its streaming-video API. Each
API call then prompts around five additional calls to the backend
service.
• Amazon has also migrated to microservices. They get countless calls
from a variety of applications—including applications that manage the
web service API as well as the website itself—which would have been
simply impossible for their old, two-tiered architecture to handle.
• The auction site eBay is yet another example that has gone through the
same transition. Their core application comprises several autonomous
applications, with each one executing the business logic for different
function areas
Docker
© Study9
What is container
■ It is a lightweight alternative to virtualization in Linux
■ In the same lines of solaris zones and BSD jails
■ The idea is to divide the shell into multiple pieces each behaving as an
independent operating system environments
■ Essentially it builds on the logic of chroot folders in which case the
contents of the folder would think of that folder as the whole
operating system.
■ Containers can have different shells while have a common kernel
What is a docker
■ Docker is not actually a container but kind of a management api for
managing linux containers which are called LXC
■ However, docker adds some really interesting abilities to the LXC,
making it quite unique in behavior.
■ Docker makes containers portable across systems that can run the
docker environment. So that a Ubuntu os will run on a CentOS.
Ubuntu and CentOS will share the kernel but have different shells.
And an application running inside Ubuntu docker container will think
as if it is running on a complete Ubuntu
■ Docker as a technology has been very popular as the chosen
containerization technology
■ The docker containers are heavily used in microservices architectures
Docker
Relevance in DevOps
Docker Commands
Using Docker
• sudo curl -sSL https://get.docker.com/ | sh
• docker pull nginx
• docker run --name docker-nginx -p 80:80 -d nginx
• docker exec -i -t docker-nginx2 /bin/bash
• docker ps
• lynx localhost:80
Benefits of Docker

• Rapid application deployment with minimum OS

overhead
• Immutable Infrastructure based Deployment
• Version Control and Reliable Rollback
• Share, Modify, Use, Share
• docker commit 0b2616b0e5a8 mydockerimage
• docker save -o /tmp/mydockerimage mydockerimage
• docker load -i /tmp/mydockerimage
• Enablement for MicroServices
Docker Image and Layer
■ When Docker mounts the
rootfs, it starts read-only, it
takes advantage of a union
mount (aufs) to add a read-
write file system over the
read only file system.
■ There may be multiple read
only file systems stacked
up on top of each other. We
think of each one of these
file systems as a layer.
■ http://docs.docker.io/terms
/layers
Understand the layer

■ Data are stored under

/var/lib/docker
■ ls –al /var/lib/docker
■ find
/var/lib/docker/aufs/diff/66* |
grep <docker_container_name>
■ Network in container is not
visible outside (using NAT)
■ The service is exposed by Port
Docker Commands:

■ List images on current system accessible by current user

– docker images
■ Pull images from docker hub
– docker pull ubuntu:trusty
■ Run image
– docker run ubuntu:trusty echo “hello world”
■ Search for an image in docker hub
– docker search opensuse
Docker Commands (contd..)
■ Running a container and logging into it
– docker run -it ubuntu bash

– -i switch implies interactive.

– -t switch allocates a pseudo-tty
■ List running containers
– docker ps
■ Non Demon Docker exits after execution of commands
– docker run -it ubuntu bash
– apt-get update
– apt-get install apache2
– exit (or control+d)
– docker ps
– (there is no docker running)
Docker Commands (contd..)

■ Docker run in background

– docker run -it ubuntu bash
– apt-get update
– apt-get install apache2
– Now to exit type ctrl+P+Q
– docker ps
– (container is still running)
■ Run Docker as demon
– docker run -d ubuntu tail -f /dev/null
– docker ps to see it running
Docker Commands (contd..)

■ Logging into existing docker

– docker exec -it <container_id> /bin/bash
– exit with exit command but it will still keep running
■ Lifecycle Management
– docker stop <container_id>
– docker start <container_id>
– docker restart <container_id>
– docker stop <container_id>
– docker rm <container_id>
Docker Commands (contd..)
■ Run a container with an image of web application and port forwarding
– docker run -d -p 80:5000 training/webapp python app.py
■ Checking the port mappings of a running container
– First get the container id by running docker ps
– then:
– docker port eabc0f2554d7 [where eabc0f2554d7 is the container id]
■ Check logs of the container
– docker logs -f eabc0f2554d7
■ Check processes of the container
– docker top eabc0f2554d7
■ Running docker as non root user
– su username
– sudo groupadd docker
– sudo gpasswd -a ${USER} docker
– sudo service docker restart
– newgrp docker
– now you should be able to run normal docker commands as this user
Docker Commands (contd..)
■ Data Volume Mapping
– docker create -v /tmp --name datacontainer ubuntu
– docker run -t -i --volumes-from datacontainer ubuntu /bin/bash
– root@3b7f397efee7:/# echo "I'm not going anywhere" > /tmp/hi
– root@3b7f397efee7:/# exit
– docker run -t -i --volumes-from datacontainer ubuntu /bin/bash
– root@613701b1ad82:/# cat /tmp/hi
– I'm not going anywhere
■ Accessing Host system folder from Docker
– touch file1;docker run -d -v ~/:/tmp -p 5000:80 -i ubuntu
– docker ps
– docker exec -it 7007633cb546 /bin/bash
– ls /tmp
– file1
Docker Commands (contd..)
■ Data Volume Mapping
– docker create -v /tmp --name datacontainer ubuntu
– docker run -t -i --volumes-from datacontainer ubuntu /bin/bash
– root@3b7f397efee7:/# echo "I'm not going anywhere" > /tmp/hi
– root@3b7f397efee7:/# exit
– docker run -t -i --volumes-from datacontainer ubuntu /bin/bash
– root@613701b1ad82:/# cat /tmp/hi
– I'm not going anywhere
■ Accessing Host system folder from Docker
– touch file1;docker run -d -v ~/:/tmp -p 5000:80 -i ubuntu
– docker ps
– docker exec -it 7007633cb546 /bin/bash
– ls /tmp
– file1
Docker Commands (contd..)
■ Taking a SnapShot and Creating Docker Images from it
– # docker run -i -t fedora bash
– This has created a running Fedora instance in a Docker container and attached a
bash shell to the tty. Inside the container shell, run the following yum
– commands to get the latest updates for Fedora, and to install Apache httpd:

– # yum update -y
– # yum install -y httpd
– # exit

– # docker ps -a
– # docker commit c16378f943fe fedora-httpd
– Check that this worked by running:

– # docker images
– You should see both fedora-httpd and fedora listed.
Creating Docker Image: Docker Commit
■ Taking a SnapShot and Creating Docker Images from it
– # docker run -i -t fedora bash
– This has created a running Fedora instance in a Docker container and attached a
bash shell to the tty. Inside the container shell, run the following yum
– commands to get the latest updates for Fedora, and to install Apache httpd:

– # yum update -y
– # yum install -y httpd
– # exit

– # docker ps -a
– # docker commit c16378f943fe fedora-httpd
– Check that this worked by running:

– # docker images
– You should see both fedora-httpd and fedora listed.
Creating Docker Image: Dockerfile
■ nano Dockerfile
FROM ubuntu:14.04

MAINTAINER developer_name version: 0.1

RUN apt-get update && apt-get install -y apache2 && apt-get clean && rm -rf
/var/lib/apt/lists/*

ENV APACHE_RUN_USER www-data

ENV APACHE_RUN_GROUP www-data
ENV APACHE_LOG_DIR /var/log/apache2

EXPOSE 80

CMD service start apache2 && tail –f /dev/null

■ sudo docker build -t my_apache2 .

Next: Kubernetes
© Study9
Kubernetes
© Study9
Kubernetes
• Kubernetes is an orchestration tool primarily developed by Google to
manage large estate of container infrastructure.
• It is the basis of Google Container Engine cloud
• Kubernetes is the fundamental building block of the Openshift PaaS
from RedHat
• Kubernetes is the most popular and widely adopted docker
orchestration tool
• Competitors are Docker Swarm and Mesosphere
Kubernetes Architecture
Kubernetes Installation
• http://devops.org.in/2016/05/07/installing-kubernetes-on-centos-7/
Testing Kubernetes
• If all done properly, running the following command will show all 3 minions
in ready state
• kubectl get nodes
• kubectl cluster-info
• kubectl run my-nginx --image=nginx --replicas=2 --port=80
• kubectl scale deployment my-nginx --replicas 3
• kubectl autoscale deployment my-nginx --min=3 --max=5 --cpu-percent=80
• kubectl get pods
• kubectl get deployment
• kubectl delete deployment my-nginx
Kubernetes Codes
• https://github.com/roybhaskar9/files/blob/master/nginxpod.yaml
• https://github.com/roybhaskar9/files/blob/master/nginxrc.yaml
• https://github.com/roybhaskar9/files/blob/master/nginxdeployment.
yaml
• https://github.com/roybhaskar9/files/blob/master/twocontainerpod.
yaml
• kubectl create -f <filename>.yaml