InterConnect2017
BMC-3341: Understanding Docker and IBM BluemixContainer Service
Andrew Ferrier,Bluemix Solution Architect,Bluemix Garage
(How containerization can help you get cloud-ready)
Agenda• What is Docker?
• How is a different from a Virtual Machine?
• Why is it useful?
• Sidenote: What is Bluemix?
• What is IBM Bluemix Container Service and Why would I want to use it?
• Quick ”Demo”
• What’s happening next? (Kubernetes)
What is Docker?
What is Docker?• Open Software, Launched March 2013
• Open Design - contributors include IBM, Red Hat, Google, Microsoft, VMware, AWS, Rackspace, …
• Automates deployment of applications in software containers
• Applications are wrapped in a complete filesystem that includes Code, runtime, system tools, and system libraries
• Applications will always run in the same way, independent of the environment
• Merely the most popular implementation of a general concept of containers
• Docker communicates directly with the Linux kernel using the libcontainer library
• Docker is Linux-only
ProcessPID
IPC
= Namespaces for isolation
CPUMemory
= Control groups for resource constraint
Docker CLI (Command Line) (aka client)
$ docker run <image-name>
Docker host (aka server)
ImageLayer 1, whichreferences…
Layer 2, whichreferences…
Dockerfile(build script)
• Defines an image• Instructions• Meta-data• Executable
command…
ContainerRuntime instance of image+ Read/write layer
Buildsthis
Registry
imageimage
imageStoredhere
R/W
Layer 1
Layer 2
Docker Architecture
Docker daemon
• Docker uses a copy-on-write (union) filesystem• New files(& edits) are only visible to current/above layer
• Layers allow for reuse• More containers per host• Faster start-up/download time – base layers are "cached"
FilesystemBase OS / KernelFedora Ubuntutomcat tomcatliberty
CNTR1 CNTR2 CNTR3 CNTR4
app1 app2 app4app3Layer
Layer
Layer
How does layering work?
How is it different from a Virtual Machine?
• “One level further up” the virtualization stack
• It shares disk resources more effectively, particularly between related images.
• Much faster to start a container (<1s)• Distinction between image and container: easier to control state
(defined image state, snapshots conceptually “built in”, etc.)
• Layering provides additional efficiencies
What is Docker Hub?• DockerHub provides 100,000+ pre-built
Docker base images
• Good for getting started
• (Enterprises are likely to need their own Docker image repository, though)
Why is it useful?
9
Why is it useful?
• Demand for increased application development efficiency• Enable continuous integration/continuous delivery: Laptops -> Dev -> Test -> Prod
• DevOps requires improved resource efficiencyHigher density of compute resources (CPU, memory, storage)
• Portability Cross cloud deployment - move the same application across multiple clouds and avoid “lock-in”
Sidenote: What is Bluemix?
11
Third Party
IBM
Your Own
Open Source
What is Bluemix?
A managed platform to design, deploy and run enterprise applications
?
Virtual Servers
“Abstraction”
“Control”
Bare Metal
Dedicated Compute
High Memory
Intensive Disk I/O
Isolation
Familiar
Full OperatingSystem Control
Containers
Portable
Flexible
Light-weight
CF Apps
Speed
Manage code,not infrastructure
OpenWhiskStateless
Event-Driven
Short-lived
…m
eets
you
r dev
elop
er n
eeds
…
PaaSCaaSIaaS
Bluemix Compute Models
Bare Metal ContainersVirtual Servers Cloud Foundry OpenWhisk
Actions: Code (single function)
Triggers: Events/Messages
Code
Data
Runtime
Middleware
OS
Virtualization
Servers
Storage
Networking
Code
Data
Runtime
Middleware
OS
Virtualization
Servers
Storage
Networking
Code
Data
Runtime
Middleware
OS
Virtualization
Servers
Storage
Networking
Code
Data
OS
Virtualization
Servers
Storage
Networking
Runtime
Middleware
Customer ManagedService Provider Managed
Actions & Triggers
Levels of Responsibility
What is IBM Bluemix Container Service and why would you want to use it?
16
Key Things to Know
• Formerly known as IBM Containers
• Hosted on IBM Bluemix Public, Dedicated, and Local
• Provides some pre-built images together with your own enterprise repository
• Based on Docker technology, works with existing Docker CLI• Can add images from Docker Hub
• Access to Bluemix Service Catalog
• Can build and deploy with IBM DevOps Services
• Provides container vulnerability checking
• IBM Support• Bare metal deployment
• Integrated logging, load-balancing, and scaling (Note: This is true today, some details with change with Kubernetes beta, but the principles are the same)
Where are Containers hosted?• Containers run in the cloud, not on the
laptop• Clients are billed according to their
usage• Multiple regions where the public
cloud is hosted§ US South, United Kingdom, Sydney,
Frankfurt• Multiple environments§ Public, Dedicated, Local
Works with IBM BluemixDevOps Toolchains
Image registry
• Private registry with access controls• Copy images from Docker Hub into it• You can also create your own
Dockerfile, build, test it locally, and then push it to your private repository
• Prebuilt IBM images
© Copyright IBM Corporation 2016
Persistent storage - volumes
• Volume is a persistent storage location for files than an app requires to run.• Use a volume to persist data between container restarts, to share data between
containers in a space or group• Lifecycle of a storage volume is independent from the lifecycle of a container• Mechanism will change slightly under Kubernetes (becomes a Volume abstraction)
Integrated monitoring and logging• Track and maintain the health of your
containers• Will continue in Kubernetes in the
form of the Dashboard
Demo
23
… What’s happening next? ...
24
25
Evolving Container Service
• Container service now is powerful, but there’s a need for a new runtime engine, because customers want:
• Declarative topology of containers• Automatic deployment of containers
to resources• Self-healing abilities• Integrated service discovery• Ability to do rich secret and
configuration management
• There are two games in town:
• Kubernetes• Docker Swarm
What is Kubernetes… so ... Kubernetes
• Container orchestrator• Runs and manages containers• Supports multiple cloud and bare-metal environments• Inspired and informed by Google's experiences and internal systems• 100% Open source, written in Go• Manage applications, not machines• Rich ecosystem of plug-ins for scheduling, storage, networking
KubernetesWorker Nodes
Master Nodes
... Adding Kubernetes Support - Beta available Now! March 20th.
Combining Docker and Kubernetes to deliver powerful tools, an intuitive user experience, and built-in security and isolation to enable rapid delivery of applications - all while leveraging IBM Cloud Services including cognitive capabilities from Watson.
www.ibm.com/cloud-computing/bluemix/containers
IBM Bluemix Container Service
Intelligent Scheduling Automated rollouts and rollbacks Container Security & PrivacyDesign Your Own Cluster
Self-healing Horizontal scaling Leverages IBM Cloud & Watson Integrated Operational Tools
Service discovery & load balancing Secret & configuration management Simplified Cluster Management Native Kubernetes Experience
IBM Bluemix Container Service
Other Sessions
Architecture Deep-Dive into Docker Containers, Microservices and KubernetesTuesday, 11:00 AM - 12:45 PM | DevZone Ask Me Anything # 5 | Session ID: 7062AHands-On Lab Demonstrating the Enterprise-Grade Capabilities of IBM ContainersTuesday, 1:30 PM - 3:15 PM | South Seas C1 | Session ID: 2176ALearn IBM Bluemix Container Service in 20 Minutes!Tuesday, 2:15 PM - 5:00 PM | DevZone Hello World Lab # 2 | Session ID: 7063A
Introduction to Docker Containers and MicroservicesTuesday, 4:45 PM - 5:30 PM | South Pacific A | Session ID: 2173ADemystify DockerWednesday, 1:15 PM - 5:00 PM | DevZoneHello World Lab # 5 | Session ID: 7124A
Microservices: Powered by Containers-as-a-ServiceWednesday, 9:00 AM - 9:45 AM | South Pacific A | Session ID: 2204B
InterConnect2017
Thank you. Any questions?
31 3/23/17