Embed Size (px)
Citation preview
@ITProGuru
Dan Stolts (@ITProGuru)Chief Technology StrategistUS DX North East – AudienceBlog: ITProGuru.com [email protected] www.linkedin.com/in/danstolts
Containers: DevOps Enablers of Technical Solutions
aka.ms/70-534-book
Blaize StewartSenior [email protected]@Wintellectuals
@ITProGuru
What is a container?Containers
Hyper-V containersIsolation plus performance
Hyper-V
Container
Kernel
Container
Kernel
Container
Kernel
Traditional virtual machines = hardware virtualization
VM VM VMApplication
OS
Hardware
Hardware
OS
OS Applications
Kernel
= Operating system virtualizationContainer Container Container
Windows Server containersMaximum speed and density
Container Container Container
Kernel
@ITProGuru
Isolation Scale
Higher CostMore Management
Lower CostLess Management
Container Security
“Containers offer many overall advantages. From a security perspective, they create a method to reduce attack surfaces and isolate applications to only the required components, interfaces, libraries and network connections.”
– Aaron Grattafiori, NCC Group
@ITProGuru
Docker integrationJoint strategic investments to drive containers forward
Investments in the next waveof Windows ServerOpen source development of theDocker Engine for Windows Server
Azure support for theDocker Open Orchestration APIsFederation of Docker Hub images into the Azure Gallery and Portal
Strategic investments
Docker: An open source engine that automates the deployment of any application as a portable, self-sufficient container that can run almost anywhere.
Partnership: Enable the Docker toolset to manage multi-container applications using both Linux and Windows containers, regardless of the hosting environment or cloud provider. Docker
Dockerized app
Windows Server
ContainerLinux
Container
CustomerDatacenter
ServiceProvider
MicrosoftAzure
Run anywhere
What Problem(s) is Docker Trying to Solve?
Enable DevOps The synthesis of operations and development working
together through the entire service lifecycle, from design through the development process to production support.
Support for Microservice Architecture (MSA) MSA is an approach to developing a single application as a
suite of small services, each running in its own process and communicating with lightweight mechanisms, often an HTTP resource API.
These services are built around business capabilities and independently deployable by fully automated deployment machinery.
There is a bare minimum of centralized management of these services, which may be written in different programming languages and use different data storage technologies.
@ITProGuru
Dan Stolts (@ITProGuru)Chief Technology StrategistUS DX North East – AudienceBlog: ITProGuru.com [email protected] www.linkedin.com/in/danstolts
Containers: DevOps Enablers of Technical Solutions
aka.ms/70-534-book
Blaize StewartSenior [email protected]@Wintellectuals
@ITProGuru
Hands On Lab Containers and Windows Server 2016
(Homework Challenge )
https://aka.ms/trycontainers
In this lab, you will gain fundamental knowledge for managing Windows Server containers on Windows 10 by using Docker commands. You will learn how to:1.Install the pre-requisites for Docker on Windows 10.2.Install Docker.3.Install a Nano Server base image that is used to create containers.4.Create containers with and without Hyper-V isolation.5.Create layered container images from containers.6.Remove Windows Server containers and Windows Server container images by using Docker.
You will also learn about the parent-child relationship between containers and between container images. Finally, you will learn how to deploy a Nano Server package and install the Web server role in a container.
@ITProGuru
Containers
@ITProGuru
• Windows Containers run Windows processes in a container while sharing the kernel space with the underlying operating system.
• Hyper-V containers wrap a Hyper-V layer around the container, then run Windows processes within the Hyper-V container.
Microsoft Containers
@ITProGuru
VM/VDI Based ComputingSession Based ComputingAKA Terminal Services
Parent OS
ApplicationsWorkloads
Hardware / Hypervisor Level
All users see and access same OS, CPU, memory, apps, etc
No Overhead
Operating System
Hardware Virtualization
Application(s)
OS OS OS OS
OS OS OS OS
OS OS OS OS
Operating System
Hardware Virtualization
Apps Apps Apps Apps
Apps Apps Apps Apps
Apps Apps Apps Apps
OS, Apps, Config, MgmtEACH App/Workload; good isolation;
Huge Overhead Cost
Session Based Computing VS VM or VDI Based Computing
VM Massive
Overhead
(Disk, Disk IO,
Memory, CPU, OS,
Licenses, The works)
Session Based Computing VM or VDI Based Computing
@ITProGuru
Containers
Parent OS
Workloads
Hardware / Hypervisor Level
Operating System
Hardware Virtualization
Container Engine
Application(s)
Operating System
Hardware Virtualization
App App App App
App App App App
App App App App
App App App App
Linux VMContainer Engine
Container Engine
App App App App
Single OS All WorkloadsIsolation EACH App
Container
App App
App App
App App
App App
App App
App App
App App
App App
App App
Container / Base Image
Base Image Base ImageContainer / Base Image
OS EACH PlatformIsolation EACH App
Container
All Advantages
of VM &
Session
Isolation, Little overhead
Performance Advantages of Session Based Computing, Isolation Advantages of VMsLow overhead of session based computing and application virtualization
@ITProGuru
How Containers RunDeployment Options
Host Operating System
Virtual Machines
Hyper-V Hypervisor
Container Service
Hyper-VContainers
Windows Server
Containers
Docker Containers
Docker Engine
VM
Windows ServerContainers on VM
Hyper-VContainerson VM
Hyper-V Hypervisor
AzureAbstracts Host
AzureContainersACS … Containers As A Service Container Service Lin
ux O
R Wind
ows
Windows Containers can run on Windows
10 and Nano too!
@ITProGuru
Nano Server installation option - just enough OS
Containers and modern applications
Full GUISpecialized workloads
Third-party applications
RDS experience
Server CoreLower maintenance server environment
Existing VM workloads
Nano ServerJust enough OS
Provides higher density, reduced attack surface and servicing requirementsIdeal for cloud inspired infrastructureSmaller image size, smaller attack surface, and faster boot time
Ideal for next generation app developmentBuilt for containers and cloud-native apps
Set-up time: 300sBoot time: 85sDisk space: 5.4GB
Set-up time: 35sBoot time: 9sDisk space: 0.46GB
Docker Tools Docker Machine – Utility to provision Docker Hosts Docker Engine – The server side component
responsible for running and maintaining containers on a Docker Host. Docker Build – Create images using Dockerfiles Docker Run – Run instances of images as containers
Docker Client – the client side tool for interacting with the Docker Engine.
Docker Compose – Orchestrates complex application with multiple containers.
Docker Hub – The Docker maintained repository for public and private images. https://hub.docker.com/
Docker Swarm – Clusters Docker Engines across multiple hosts.
Docker Datacenter – on premises managed container solution
The DockerfileInstruction DescriptionFROM The source container to create fromENV Set environmental variables for the image that are carried to the
containerCOPY Copies files and directories into the image from clientADD Copies files and directories into the image from clientEXPOSE Tells Docker to expose a network port from the containerRUN Run a command in the imageCMD The command run when a container starts (One per Dockerfile)ARG Arguments set when an image is builtENTRYPOINT Allows a container to be run like an executableWORKDIR Sets the working directory for COPY, ADD, RUN, CMD, and
ENTRYPOINTVOLUME Sets up a mountable volume inside a container
Deploying Docker Containers on Windows
Blaize Stewart
Docker on Linux + Installing Container Service
Dan Stolts
@ITProGuru
Tip: Must Read BookAmazon…
The Phoenix Project: A Novel about IT, DevOps, and Helping Your Business Win Paperback – October 16, 2014
The book is available on Audio BookIf you do not have an Audible Account, you get two free books when signing up for your free account.
This is the BEST IT Book I have ever read.
@ITProGuru
What is DevOps… Gene Kim’s “3 ways” The First Way emphasizes the
performance of the entire system, as opposed to the performance of a specific silo of work or department — this as can be as large a division (e.g., Development or IT Operations) or as small as an individual contributor (e.g., a developer, system administrator).
The Second Way is about creating the right to left feedback loops. The goal of almost any process improvement initiative is to shorten and amplify feedback loops so necessary corrections can be continually made
The Third Way is about creating a culture that fosters two things: continual experimentation, taking risks and learning from failure; and understanding that repetition and practice is the prerequisite to mastery.
Infrastructure as Code (IaC) Continuous Integration (CI) Automated Testing Application Performance Monitoring/M
anagement (APM) Continuous Deployment (CD) Release Management Configuration Management DevOps Fundamentals
• Advanced Monitoring • Capacity Management• Feature Flags• Self-Service Environments
• Automated Recovery (Rollback & Roll-Forward)
• Hypothesis Driven Development • Testing in Production – partial user base• Fault Injection • Usage Monitoring/Telemetry• A/B Testing (aka canary testing)
http://itrevolution.com/the-three-ways-principles-underpinning-devops/
http://www.itproguy.com/devops-practices/
@ITProGuru
Traditional vs modern dev-opsCategory Traditional Modern DevOps
Quality of code check-ins Unknown Validated through unit testsEnvironment Creation/Configuration Manual Automated
Deployment Frequency 1-2 months (or less frequent) Deploy whenever needed, including several per day
App Deployment Process Requires meetings and planning Push-button deployment
Deployment validation Manual Automated
Monitoring Minimal to none Health and Performance monitoring
Dev and Ops relationship Blame culture Culture of trust
@ITProGuru
DevOps & Monolithic vs Micro ServicesMicro ServicesSplit Services into small pieces• Easily Scale, Deploy,
code, etc.• Faster Execution• Higher Reliability• Faster MTTR mean time to repair
• Agile capabilities• Automation
Continuous Delivery• Amplify Feedback
Loops
MonolithicAll Feature in Full App• Long Cycles (Dev,
Test, Q/A, Deploy, update, etc.)
• Error / Bug Prone• Expensive• Quick Fixes hard or
impossible• More bottlenecks• Harder to test (more
changes at once)
Application
Feature A
Feature C
Feature E
Feature B
Feature D
@ITProGuru
Dev/Ops Process with Containers
Developers build and test apps in containers,
using development environment
i.e. Visual Studio
Operations automates
deployment and monitors deployed apps from central
repository
1 2
2
3Operations collaborates with developers to provide app metrics and insights
Developers update, iterate, and deploy updated containers
Central Reposito
ry
Containers pushed to
central repository
@ITProGuru
The right tools
Virtual Machines / Container Technologies
Linux
Service Fabric
Development Frameworks and Languages
.NetPHP Node
C++JavaRuby Win32
Go PerlPhython
JavaScript
Microsoft CloudAzure On Premises Service Provider
Container ManagementPowerShell OthersDocker
Development
Environments
Others…
@ITProGuru
Applications
Clients
Infrastructure
Management
Databases &Middleware
App Frameworks& Tools
DevOps
PaaS
Azure is an open cloud
Orchestration
@ITProGuru
Great Resources…https://itproguru.com/expert/2016/10/docker-create-container-change-container-save-as-new-image-and-connect-to-container/http://www.blaize.net/2016/10/an-introduction-to-docker/http://www.blaize.net/2016/11/an-introduction-to-azure-container-services/https://www.nccgroup.trust/us/our-research/understanding-and-hardening-linux-containers/https://msftdevops.learnondemandsystems.com/ => Lab Windows Server Containers
ITProGuru.com => Dan’s BlogBlaize.net => Blaize’s Blog
@ITProGuru
Homework: Hands On LabContainers and Windows Server 2016
In this lab, you will gain fundamental knowledge for managing Windows Server containers on Windows 10 by using Docker commands. You will learn how to:1.Install the pre-requisites for Docker on Windows 10.2.Install Docker.3.Install a Nano Server base image that is used to create containers.4.Create containers with and without Hyper-V isolation.5.Create layered container images from containers.6.Remove Windows Server containers and Windows Server container images by using Docker.
You will also learn about the parent-child relationship between containers and between container images. Finally, you will learn how to deploy a Nano Server package and install the Web server role in a container.
https://aka.ms/trycontainers
@ITProGuru
1. Create Docker Account and link it with Azurehttps://beta.docker.com/docs/
2. Create Wordpress Site on Azure in a Docker Container; login to wordpress to do preliminary setup (admin credentials)
3. Install Docker for Windows on your local machinehttps://docs.docker.com/engine/installation/windows/
Additional Homework [Optional]
@ITProGuru
Free Resources for DevOps Practices
Optimize your DevOps practices & tools: Get started on your DevOps journey: aka.ms/devops
Accelerate your application delivery lifecycle
Download the Forrester Infrastructure-as-Code whitepaper: Complexity kills. Automate with Infra as code: aka.ms/iac_tlpTechnical resources for Practitioners: Get access to free online training, evals and HOLs: aka.ms/devopsmvaJoin the Community conversations: Use #TalkDevOps on Twitter
@ITProGuru
Hands On Lab - Containers and Windows Server 2016https://aka.ms/trycontainers
Windows Server Containers – Install and use today
Hyper-V Containers - Install and use today How can you stay up to date?
Follow Dan on Twitter @ITProGuru Follow Dan’s Blog http://ITProGuru.com Follow Blaize on Twitter @theonemule Follow Blaize's Blog http://www.blaize.net Windows Container’s site http://aka.ms/windowscontainers
https://msdn.microsoft.com/virtualization/windowscontainers
What’s Next?
