Containers and Cloud: From LXC to Docker to Kubernetes
Shreyas MMwww.shreyasmm.com
Cloud Systems with Hypervisor
Apps – Django, Rails, Structs, Hybernate
Guest OS – RedHat ,Ubuntu, CentOS
Many payloads
● Backend services (API)● Databases● Distributed stores● Webapps
● Go● Java● Node.js● PHP● Python● Ruby● CherryPy● Django● Flask● Plone
+ Your Code
Many Targets
Your local development environment Your coworkers' development environment Your Q&A team's test environment Some random demo/test server The staging server(s) The production server(s) Bare metal Virtual machines Shared hosting
What the Problem ? The Matrix from Hell
What the Problem ? The Matrix from Hell
Real World Cargo Transport Pre-1960
Another Matrix from Hell
Solution - Containers
Solution: Intermodal Shipping Container
Solution - Containers
Linux Containers (LXC)
• Units of software delivery (ship it!)• Run everywhere
– Regardless of kernel version– Regardless of host distro– (but container and host architecture must match*)
• Run anything– If it can run on the host, it can run in the container– i.e., if it can run on a Linux kernel, it can run
What are Linux Containers exactly?
High level approach: it's a lightweight VM• Own process space• Own network interface• Can run stuff as root• Can have its own /sbin/init
(different from the host)
What are Linux Containers exactly?
Low level approach: it's chroot on steroids• Can also not have its own /sbin/init• Container = isolated process(es)• Share kernel with host
Containers Implementation History
Different OS Implement Differently• Unix – chroot (1979)• FreeBSD – jails• Solaris 11 – zones• HP-UX containers• IBM AIX workload partitions.• Linux - LXC
Docker
• Docker is an open source project• Systematic way to automate the faster deployment of Linux
applications inside portable containers• Docker extends LXC with a kernel-and application-level API that
together run processes in isolation: CPU, memory, I/O, network• Docker containers are created using base images
Docker is a Container System for Code
Docker Eliminates the Matrix from Hell
Docker Eliminates the Matrix from Hell
Containers are Isolated , butShare OS & Where appropriate Bins/Libs
Containers before Docker
Containers After Docker
How Docker Works
• You can build Docker images that hold your applications
• You can create Docker containers from those Docker images to run your applications.
• You can share those Docker images via Docker Hub or your own registry
Docker File
• Like a Makefile (shell script with keywords) • Extends from a Base Image • Results in a new Docker Image • A Docker file lists the steps needed to build an images• docker build is used to run a Docker file• Can define default command for docker run, ports to expose, etc
Docker File
Some Docker Cmds
docker run => Create a new containerdocker stop => Stop a running containerdocker start => Start an existing containerdocker restart => Restart an existing containerdocker ps => List existing containersdocker inspect => Get low-level container/image informationdocker rm => Delete an existing containerdocker exec => Run a command in a running container
Docker Benefits
Packaging and distribution Sandboxing Networking
Docker Benefits
Orchestration Identity Authorization
Kubernetes
Kubernetes is an open sourceorchestration system for containers
Kubernetes
POD = Group of tightly coupled containers ▸ Various services composing an application ▸ All containers always scheduled on same node ▸ Unique IP address per POD ▸ Do not reschedule themselves
CONTROLLER = Implements the control loop ▸ Ensures desired # of pods are running
Kubernetes
Kubernetes is an open sourceorchestration system for containers
POD & CONTROLLER DEFINITION SAMPLE
Kubernetes Services
▸ Logical abstraction for a set of pods ▸ Label selector express which pods implement a given service ▸ Defines a public endpoint similar to a Virtual IP ▸ exposes 1 or more TCP/UDP ports ▸ Forwards requests to pods through DNAT (Destination NAT)
SERVICE DEFINITION SAMPLE
Kubernetes LABELS AND SELECTORS
▸ Labels: metadata (key/value pairs) applied to resources ▸ Examples:
environment = { dev | qa | staging | prod}network_qos = { standard | premium | guaranteed }
Containers, docker, and Kubernetes seem to haveSparked the hope of a universal Cloud application and
Deployment technology.
Conclusion
• Containers and Cloud: From LXC to Docker to Kubernetes –DAVID BERNSTEIN• www.docker.com• www.kubernetes.com• P. Mell and T. Grance, The NIST Definition of Cloud Computing: Recommendations
of the National Institute of Standards and Technology, NIST Special Publication 800-145, 2011.
References
Thank You
Shreyas MM@MMShreyas
www.shreyasmm.com