8
Pure commitment. Deploying Docker Containers on UKCloud’s Compute Platform UKC-GEN-259

Deploying Docker Containers on UKCloud’s … · DTR is perfect for: ... Commercially supported Docker Engine 1.6.1 or later ... UKC-GEN-259 Deploying Docker Containers on UKCloud’s

Embed Size (px)

Citation preview

Pure commitment.

Deploying Docker Containers on

UKCloud’s Compute Platform

UKC-GEN-259

UKC-GEN-259 Deploying Docker Containers on UKCloud’s Compute platform 2

OVERVIEW

The topic of ‘Containerisation’ has gained recent

prominence with customers wanting to extend their

reach beyond virtualising a full machine via the

deployment of encapsulated application containers

within their own operating environment. This

approach provides many of the benefits of loading an

application onto a virtual machine; however, these

applications can be run on any suitable physical or

virtual machine without any worries about

dependencies, all at a fraction of the normal

computing resource cost. There currently is a wide

choice of containerisation technologies; however,

Docker has fast become the most widely adopted.

The UKCloud IaaS platform is the ideal target for

containerisation technologies such as Docker as we

are able to provide a level of data security and

assurance normally associated with Private Cloud or

physical servers, whilst also leveraging all the

efficiencies of Public Cloud.

This Blueprint describes how customers can deploy

the core components of Docker upon UKCloud IaaS

enabling customers to explore the value proposition

of containerisation, whilst also leverage the data

security assurance that UKCloud is able to provide to

the container services and associated image

repositories.

IN THIS BLUEPRINT

Overview 2

What is Docker? 3

How are Docker containers different to Virtual

Machines? 3

What are the features of Docker? 3

What are the components of Docker? 4

How do I run Docker within UKCloud? 5

UKC-GEN-259 Deploying Docker Containers on UKCloud’s Compute platform 3

What is Docker?

Docker is a containerisation technology which allows

you to package an application with all of its

dependencies into a standardised unit for software

development.

Docker containers wrap up a piece of software in a

complete file system that contains everything it needs

to run: code, runtime, system tools, and system

libraries – anything you can install on a server. This

guarantees that it will always run the same,

regardless of the environment it is running in.

How are Docker containers different to Virtual Machines?

Containers have similar resource isolation and

allocation benefits as virtual machines but a different

architectural approach allows them to be much more

portable and efficient.

What are the features of Docker?

Lightweight - Containers running on a single

machine all share the same operating system Kernel,

so they start instantly and make more efficient use of

RAM. Images are constructed from layered file

systems so they can share common files, making

disk usage and image downloads much more

efficient.

Open - Docker containers are based on open

standards allowing containers to run on all major

Linux distributions and Microsoft operating systems

with support for every infrastructure.

Secure - Containers isolate applications from each

other and the underlying infrastructure while

providing an added layer of protection for the

application.

Scalable - Docker containers spin up and down in

seconds making it easy to scale an application

service at any time to satisfy peak customer demand,

and then just as easily spin down those containers to

only use the resources you need, when you need it.

Manageable - Docker makes it easy to identify

issues and isolate the problem container, quickly roll

back to make the necessary changes then push the

updated container into production. The isolation

between containers makes these changes less

disruptive than traditional software models.

Portable - Ship one or many containers to others or

downstream service teams without worrying about

different environment dependencies creating issues

with your application. Other teams can easily link to

or test against your app without having to learn or

worry about how it works.

Fast - Docker easily takes copies of your live

environment and run on any new endpoint running

Docker. Docker users on average ship software 7

times more after deploying Docker in their

environment.

Further details to aid in the understanding of Docker

can be found at:

https://docs.docker.com/introduction/understanding-

docker/

Virtual Machines

Each virtual machines includes the application, the necessary binaries and libraries and an entire guest operating system - all of which may be tens of GBs in size.

Docker Containers

Containers include the application and all of its dependencies, but share the kernel with other containers. They run as an isolated process in user space on the host operating system. They’re also not tied to any specific infrastructure – Docker containers run on any computer, on any infrastructure and in any cloud.

UKC-GEN-259 Deploying Docker Containers on UKCloud’s Compute platform 4

What are the components of Docker?

Docker is a collective term for multiple Docker

products, a full list of which can be found at:

https://www.docker.com/products

For this document we will look at four of the main

Docker products; Docker Engine, Docker Hub,

Docker Registry and Docker Trusted Registry.

1. Docker Engine

At the core of the Docker platform is Docker Engine,

a lightweight runtime and robust tool that builds and

runs your Docker containers. Docker Engine runs on

Linux to create the operating environment for your

distributed applications. The in-host daemon

communicates with the Docker client to execute

commands to build ship and run containers.

UKCloud support the running of Docker Engine within

VMs provisioned upon our Compute platform. A full

list of supported guest operating systems and simple

installation instructions for Docker Engine can be

found at https://docs.docker.com/installation/.

2. Docker Hub

The Docker Hub provides a multi-tenant cloud-based

platform service hosted by Docker for distributed

applications, including container image distribution

and change management, user and team

collaboration, and lifecycle workflow automation.

3. Docker Registry

Docker Registry is a stateless, highly scalable server

side application that stores and lets you distribute

Docker images with no Enterprise management

features or commercial support. You should use the

Registry if you want to:

tightly control where your images are being stored

fully own your images distribution pipeline

integrate images storage and distribution into your in-house development workflow

4. Docker Trusted Registry

Docker Trusted Registry (DTR) is similar to Docker

Registry in that it lets you run and manage your own

Docker image storage service; however, it focuses

on Enterprise features and can be deployed securely

on your own virtual infrastructure behind your edge

firewall. This allows you to securely store, push, and

pull the images used by your enterprise to build, ship,

and run applications. DTR also provides monitoring

and usage information to help you understand the

workloads being placed on it.

Specifically, DTR provides:

A commercially supported image registry to store, manage, and collaborate on Docker images

Role-based access control (RBAC)

Integration with LDAP and Active Directory

Pluggable storage drivers

Configuration options to let you run DTR in your particular enterprise environment.

Easy, transparent upgrades

Logging, usage and system health metrics

DTR is perfect for:

Providing a secure development environment

Creating a streamlined build pipeline

Building a consistent, high-performance test/QA environment

Managing image deployment

To get started with DTR please see the install page.

Note: Docker Trusted Registry (DTR) is a

commercial supported product from Docker. To get

your copy of DTR, including a free trial, visit the

Docker Subscription page.

UKC-GEN-259 Deploying Docker Containers on UKCloud’s Compute platform 5

How do I run Docker within UKCloud?

Docker Engine

Docker Engine is supported natively by the following

distributions;

RPM: Fedora 20 +, Red Hat Enterprise Linux

6.6 +, CentOS 6.5 +

Debian: Ubuntu 12.04 +, Debian 7.7 +

Note: Docker requires a 64-bit installation regardless

of your Linux OS, in addition your kernel must be

3.10 or higher.

Installation Steps (Ubuntu Trusty 14.04 - LTS)

1. Create a new VM following the Quick-Start Guide (a ‘Small VM’ will suffice for initial testing)

Figure1. vCloud Director VM configuration panel

2. Log into your Ubuntu installation as a user

with sudo privileges.

3. Verify that you have wget installed.

$ which wget

4. If wget isn’t installed, install it after updating

your manager:

$ sudo apt-get update

$ sudo apt-get install wget

5. Get the latest Docker package.

$ wget -qO-

https://get.docker.com/ | sh

The system prompts you for

your sudo password. Then, it downloads

and installs Docker and its dependencies.

Note: If your company is behind a filtering

proxy, you may find that the apt-

key command fails for the Docker repo

during installation. To work around this, add

the key directly using the following:

$ wget –qO

https://get.docker.com/gpg |

sudo apt-key add -

6. Verify docker is installed correctly.

$ sudo docker run hello-world

This command downloads a test image and

runs it in a container.

Further installation details can be found at

https://docs.docker.com/installation/ubuntulinux

UKC-GEN-259 Deploying Docker Containers on UKCloud’s Compute platform 6

Docker Registry

Docker Registry has shipped as standard from

Docker 1.6.0, and to use the Registry is simply a

case of starting the service on a VM that has Docker

Engine installed and running as per the above.

Start your registry:

$ docker run -d -p 5000:5000 \ --

restart=always --name registry

registry:2

You can now tag an image and push it:

$ docker pull ubuntu && docker tag

ubuntu localhost:5000/batman/ubuntu

$ docker push

localhost:5000/batman/ubuntu

Then pull it back:

$ docker pull

localhost:5000/batman/ubuntu

By default, your registry stores its data on the local

file system, inside the container. In a production

environment, it’s highly recommended to use another

storage backend such as UKCloud Cloud Storage;

further details can be found here.

For enhance Enterprise features and a commercially

supported version of Docker Registry customers can

install Docker Trusted Registry using the steps

outlined below.

Docker Trusted Registry

Prerequisites

In order to run DTR, you will need to get a license,

either by purchasing DTR or acquiring a trial license.

To get your license, visit the Docker Subscription

page and select the edition you would like acquire.

Figure 3. Docker Trusted Registry licensing website

Commercially supported Docker Engine 1.6.1 or later

running on an Ubuntu 14.04 LTS, RHEL 7.1 or RHEL

7.0 host. (See below for instructions on how to install

the commercially supported Docker Engine.)

Your Docker daemon needs to be listening to the

Unix socket (the default) so that it can be bind-

mounted into the DTR management containers,

allowing DTR to manage itself and its updates. For

this reason, your DTR host will also need internet

connectivity so it can access the updates.

Your host also needs to have TCP

ports 80 and 443 available for the DTR container

port mapping.

Installation Steps (Ubuntu Trusty 14.04 - LTS)

1. Download the commercially supported Docker Engine Bash installation script:

a. Log in to the Docker Hub with the user-name used to obtain your license.

b. Once you’re logged in, go to the “Licenses” page in your Hub account’s “Settings” section (accessed via the gear icon at upper right).

c. Click the button at the top right of the page that corresponds to your intended host operating system.

d. Once the Bash setup script is downloaded, follow the steps below appropriate for your chosen OS.

2. Copy the downloaded Bash setup script to your Ubuntu host.

UKC-GEN-259 Deploying Docker Containers on UKCloud’s Compute platform 7

3. Run the following to install commercially supported Docker Engine and its dependencies:

$ sudo apt-get update && sudo apt-

get upgrade

$ sudo apt-get install -y linux-

image-extra-virtual

$ sudo reboot

$ chmod 755 docker-cs-engine-

deb.sh

$ sudo ./docker-cs-engine-deb.sh

$ sudo apt-get install docker-

engine-cs

4. Lastly, confirm Docker is running with

sudo service docker start.

In order to simplify using Docker, you can get non-

sudo access to the Docker socket by adding your

user to the docker group, then logging out and

back in again:

$ sudo usermod -a -G docker $USER

$ exit

Note: you may need to reboot your server to update

its LTS kernel.

MORE INFORMATION

For further information about UKCloud and how we

can help you, please send an email to

[email protected]

UKC-GEN-259 Deploying Docker Containers on UKCloud’s Compute platform 8

UKCloud Ltd

A8 Cody Technology Park

Ively Road

Farnborough

Hampshire

GU14 0LX

+44 (0)1252 303300

[email protected]

www.ukcloud.com

Reasonable efforts have been made to ensure the accuracy of the information contained in this document. No advice given or statements or recommendations made shall in any circumstances constitute or be deemed to constitute a warranty by UKCloud Ltd as to the accuracy of such advice, statements or recommendations. UKCloud Ltd shall not be liable for any loss, expense, damage or claim howsoever arising out of the advice given or not given or statements made or omitted to be made in connection with this document.

No part of this document may be copied, reproduced, adapted or redistributed in any form or by any means without the express prior written consent of UKCloud Ltd.

© UKCloud Ltd 2016 All Rights Reserved.

UKC-GEN-259 • 07/2016