Use Cases for Docker in Enterprise Linux Environment · CloudOpen North America 2014 | Linda Wang 4 Use Cases for Docker in the Enterprise Linux Environment What’s Docker? Based

CloudOpen North America 2014 | Linda Wang

1

Use Cases for Docker in Enterprise Linux Environment

CloudOpen North America, 2014Linda WangSr. Software Engineering ManagerRed Hat, Inc.


2


3

Containerize!


4

Use Cases for Docker in the Enterprise Linux Environment

● What’s Docker?

● Based on Lightweight Virtualized Technologies● Linux Containers: cgroups, namespaces, SELinux

● Provides a new Format to deliver bits ● Provide Minimal Footprint● Fast Deployment● Can be Used on Various Market Segment


5


● What’s Lightweight virtualization?

● Lightweight Virtualized vs. Fully Virtualized

vs.

Apartment Townhouses


6


● What’s Lightweight Virtualization?

● Lightweight Virtualized vs. Fully Virtualized

vs.

Containers KVM or Xen

Kernel Shared Own Kernel on Hypervisor


7


● What’s a Linux Container?

● A Lightweight Virtualized Technologies● Control Groups – Resource Management● Namespace – Process Isolation● SELinux, grsecurity – Security● SystemD/Kubernete – Management tool


8

Cgroups

Memory

Network

Block IOCPU

Linux KernelHardware

Cgroups


● Control Groups – Resource Management



9

Control Groups – Resource Management

Namespace - Process Isolation


11



● Namespaces

Host Kernel

User Space

Application A..Application B..Application C.....

VirtualizedProcess mgt

Virtualizeddevices

VirtualizedUser ID

Virtualized

FS

interface

Virtualized

FS

interface


12



● Namespaces – application point of view


Pid 1../dev/tty/dev/eth0.. Uid 500..

/etc /var

/tmp

Host Kernel

User Space



13



● Namespaces – host point of view


Pid 3852../dev/pty12/dev/eth1.. Uid 5600..

/etc/contA/etc

/var/contA/var

/tmp/contA

/tm

p..

Host Kernel

User Space



14


● What’s a Linux Container

● Namespaces and SELinux



/etc/contA/etc

/var/contA/var

/tmp/contA

/tm

p..

Host Kernel

User Space


SELinux

/tmp

/var..

Pid 1 Uid500


15



● Namespaces, SELinux



/etc/contA/etc

/var/contA/var

/tmp/contA

/tm

p..

Host Kernel

User Space


SELinux

/tmp

/var..

Pid 1 Uid 500

Mount Namespace

User Namespace

Process ID Namespace

Device Namespace

Legend


16



● Linux Containers: Cgroups, Namespaces, SELinux

Pid 3852..

Host Kernel 8 CPUS, 32G system

User Space

/dev/pty12/dev/eth1..

Uid 5600..

/etc/contA/etc

/var/contA

/var

/tmp

/contA

/tm

p..


SELinux

/tmp

/var..

Pid 1

Uid 500

Pid 3852.. Pid 3852..

/dev/pty12/dev/eth1..

/etc/contA/etc

/var/contA/var

/tmp/co

ntA/

tmp..

Application D.....

SELinux

/tmp

/var..

Pid 1

Uid 500

Pid 3852../dev/pty12/dev/eth1..

/etc/contA/etc

/var/contA/var

/tmp/contA

/tm

p..


SELinux

/tmp

/var..

Pid 1 Uid 500

UID 5600PID 5362

/tmp/co

ntA/

tmp..

/etc/contA/etc

/var/contA/var

PID 5362/dev/pty12/dev/eth1..

UID 5600

App. F.....

CGroups#1

CGroups#2

CGroups#3CPU#34G

CPU#1, 8G

CPU#0,2, 16G

Legend


17




● Provides a new Format to deliver bits ● Provide Minimal Footprint● Fast Deployment● Can be Used on Various Market Segment


18



● Provides a new Format to deliver bits

Traditional Way..


19




Container Format


20




Docker Image Format

base


21




1

21

1

2


22



● Provides image base format to deliver bits

1

21

1

2

1 33


23




● Provides a new Format to deliver bits ● Provide Minimal Footprint● Fast Deployment● Can be Used on Variety of Market Segment


24





25



● Based on Lightweight Virtualized Technologies● Provide Minimal Footprint● Fast Deployment

● Simplified application delivery● Light weight Application Isolation● Integrated application delivery using Image-based

solution● Provides application mobility● Provides minimal footprint as needed


26




● Provides a new Format to deliver bits ● Provide Small Footprint● Fast Deployment● Can be Used on Various Market Segment


27

Use Cases – Applications


28

Use Cases in Enterprise Linux Environment

● Docker acts as the interfaces to Linux containers

● Becomes a new application delivery platform

● Deploy new ‘applications’ based on flexibility that Docker container provides

● Also can be used by traditional enterprise users


29


● Traditional Use Cases

● Use it to management system resources● Provide application isolation (prevent runaway apps, etc..)

● For long running applications that have static setup and user environment

● Benefit from less impact on upgrade management and less overhead

● Running multiple Linux applications on single Linux host● Instead, run inside docker container

● Applications that run inside of full OS virtualized environment; but in simplified form, can be migrated to Docker environment


30


● New Application Delivery Use Cases

● Focus on fast deployment● Focus on use cases that mitigate impacts by server

updates● Mixed environment use cases● Stack-able environment use cases


Operating System

Image-based Containers Image-based Containers

Identical Containers Non-identical ContainersRHEL 6 RHEL 7RHSCLFedora

Host System


32


● Mixed Environment Use Cases

● Mitigate impacts by server updates● Running newer applications on older hosts

Host Kernel

User Space

Ruby 1.8.7

Java 1.6.0_3

Python 2.6.6

Perl 5.10.1

Gcc PHP

Bash 4.1.2

Ruby 2.0

Java_1.8

Bash 4.3Perl

6.2

Docker

/optRuby 2.0

Java_1.8

Perl 6.2

Bash 4.3

/usr/bin

Gcc

PHP


33


● Mixed Environment Use Cases

● Mitigate impacts by server updates● Running newer applications on older hosts

Host Kernel

User Space

/usr/bin/ruby_1.8.7

/usr/bin/java_1.6.0

/usr/bin/python_2.6.6 /opt/usr/bin/perl_6.2

/usr/bin/gcc_4.6.6

/bin/bash_4.1.2

/usr/bin/perl_6.2

/usr/bin/java_1.8

/usr/bin/ruby 2.0

/bin/bash_4.3 Docker

Docker

Docker

/opt/usr/bin/ruby_2.0

/opt/usr/bin/java_1.8

/usr/bin/perl_5.10.1 /opt/bin/bash_4.3

...

...


34


● Stack-able Environment Use Cases

● Uses existing fully virtualized environment and setup● Running newer applications on old virt hosts

Container Host OS & Central Shared Services

Hardware

DockerContainers

DockerContainers

App B

RuntimeB

App C

Runtime C

Kernel & HW Drivers

App A

RuntimeA

Container Host OS & Central Shared Services

DockerContainers

DockerContainers

App B

RuntimeB

App C

Runtime C

Kernel & Virt Drivers

App A

RuntimeA

Hypervisor

Host OS

Kernel & HW Drivers

Hardware


35

Use Cases – Enterprise Usage


36


● Enterprise Environment - Full Stack Integration

● Docker Registry - Image manager and database● RHEL Atomic Host – Deploy and management container● Kubernetes - Container orchestration and management

(Google, Red Hat, IBM...)● Openstack - Cloud infrastructure


37


● Market Segment

● Early Adopter●Existing in-house application migration●PaaS Platform

● Ease of deployment and Integration● Main Stream

●Cloud infrastructure integration●For in-house software development ●For system integraters whom hosts different development environment


38


● Early Adopters and Main Stream Use Cases

● For in-house software development ● For systems integrator whom hosts different

development environment

ITInternalAppDevel

Ruby

java

HR

Finance

Factory

Company A:

Scenario A

Company B:

IT O

utsource

HR

Finance

Manufacturing

Legal

Company C:

A

B

A

B

Perl

Bash

Scenario B


39


● Early Adopter

● For in-house software development and/or deployment● To satisfy SLA requirements quickly

ITInternalAppDevel

Ruby

java

HR

Finance

Factory

Company A:

Scenario A

ITInternalAppDevel

PaasOn premise

Ruby Ruby

Ruby

javajava

java

Company A:


40


● Early Adopters

● For in-house software development and/or deployment● To satisfy SLA requirements quickly

ITInternalAppDevel

Ruby

java

HR

Finance

Factory

Company A:

Scenario A

ITInternalAppDevel

PaasOn premise

Ruby

Ruby

Ruby

javajava

java

Company A:

Factory

Procurement


41


● Main Stream

● For in-house software development and/or deployment ● To satisfy SLA requirements quickly

ITInternalAppDevel

Ruby

java

HR

Finance

Factory

Company A:

Scenario A

ITInternalAppDevel

Ruby

Ruby

Ruby

javajava

java

PaaS Cloud

Company A:


42


● Early Adopters

● For external software development, and integration plus deployment

● For systems integrator whom hosts different application environment

Company B:

IT O

utsource

HR

Finance

Manufacturing

Legal

Company C:

A

B

A

B

Perl

Bash

Scenario B

A

B

Perl

Bash

PaasOn premise

Company C:


43


● Main Stream

● For external software development, and integration plus deployment

● For systems integrator whom hosts different application environment

Company B:

IT O

utsource

HR

Finance

Manufacturing

Legal

Company C:

A

B

A

B

Perl

Bash

Scenario B

A

B

Perl

Bash

Paas Cloud

Company C:


44

Key Takeaways

● Application resource management and isolation mechanism in a light-weight multi-tenancy environment

● Agile application packaging w/ Docker image-based containers

● Provide flexibility on environment footprint

● Mixed and/or Stack-able Environment● Fast deployment for traditional application's environment

● Compatible with existing full virt environment - run docker inside virtualized environment



45

References

● Docker – docker.io or https://www.docker.com/tryit/

● Performance Blog on Docker – Jeremy Eder https://developerblog.redhat.com/2014/08/19/performance-analysis-docker-red-hat-enterprise-linux-7/

● RHEL Blog - http://rhelblog.redhat.com/

● Project Atomic - http://www.projectatomic.io/

● https://github.com/GoogleCloudPlatform/kubernetes


http://rhelblog.redhat.com/

http://www.projectatomic.io/


46

Questions?

Documents

Use Cases for Docker in Enterprise Linux Environment · CloudOpen North America 2014 | Linda Wang 4 Use Cases for Docker in the Enterprise Linux Environment What’s Docker? Based