Revolution in software distribution called Docker

@marekgoldmann

Y Soft: Technology Hour Prague, 25th Sep 2014

Before we start...

Did you upgrade bash yet?

$ env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
vulnerable
this is a test

@marekgoldmann

  • JBoss Software Engineer
    • Cloud-related stuff
    • Docker
  • Fedora packager
    • yum install wildfly

Agenda

  • Small intro to Docker
    • Why?
    • Comparison to virtual machines
  • JBoss and Docker
    • Current state
  • Demos
    • Basic demos
    • WildFly demos
Docker

Applications are complex

Mess

http://www.reddit.com/r/pics/comments/nf8la/im_always_tempted_to_switch_two_random_cables_to/

Different deployment environments

Mess

http://www.shedworking.co.uk/2012/03/nuts-and-bolts-cable-ties.html

Docker

A project to manage containers

...and images

Containers?

Yes, a lightweight operating system virtualization.

Virtual machines?

No, it's more lightweight.
VM (KVM, VMware)Container (LXC, Docker)
We need to run the whole OS to start the process.We launch processes directly, without botting the OS.

So, how this compares to a virtual machine?

It's completely different.

VM vs. container

Virtual Machine (KVM, VMware)Container (LXC, Docker)
HardwareSimulatedUses it (almost) directly
Supported OS'esAlmost anyOnly Linux
Startup timeSeconds to minutesMiliseconds
ScalabilityA fewSky is the limit (thousands)
SizeHUGESmall

Linux FTW!

https://github.com/boot2docker/boot2docker

Docker community...

  • GitHub
    • >1100 watchers
    • >14000 stars
    • >2700 forks
    • >660 open issues
    • >100 pull requests
  • Over 585 contributors
    • avg 17 commits / day
    • 90% are external
  • Many meetups all over the world

JBoss and Docker

Dockerized projects

  • WildFly
  • Keycloack
  • TorqueBox
  • Aerogear
  • Immutant
  • Nodyn
  • LiveOak
  • SwitchYard
  • ...
JBoss Docker site http://www.jboss.org/docker/
Docker HUB with JBoss images https://registry.hub.docker.com/repos/jboss/
Docker HUB with JBoss images https://github.com/jboss/dockerfiles
Much JBoss

Demos!

A few tips

I need metrics!

  • Use iptables for network
  • Parse /sys/fs/cgroup/ for everything else

/sys/fs/cgroup/ + gnuplot

Metrics

I need to limit resources!

https://goldmann.pl/blog/2014/09/11/resource-management-in-docker/

I need to do backup!

  • Files?
    • Use volumes
  • Data?
    • Use links

I need to access my containers!

  • Do you own the host?
    • Use nsenter (soon docker exec)
  • In other cases:
    • Run sshd inside of the container (boooo...)

I need performance!

RLY?

  • CPU: native
  • Memory: (almost) no overhead
  • Network: no overhead with --net host
  • I/O: native on volumes

Thanks!

Attributions:

  • https://www.docker.io/