14. So what’s a container?
• Clear boundaries for your applications, allowing you to
know which assets belong to which application and who
owns it.
• No more leftover cruft from previous installations or
versions.
• Provides resource isolation, without the overhead of more
VMs.
• Better resource utilization.
• Repeatable builds
17. How do containers work?
• Containers are basically highly configured processes.
• They leverage kernel features to isolate processes.
• Cgroups control the resources it can consume. (cpu,
memory, blkio, devices, net_prio, etc)
• Namespaces control what the process can see. (net, mnt,
pid, user, ipc, etc)
• The image format is used to move the root directory the
process sees around with the container image.
18.
19. What’s Docker?
The most popular container runtime!
You can start building applications, testing them in local
Docker environments on your computer and deploy the
same exact image to the cloud.
20.
21. So what’s a Dockerfile?
A text file that contains instructions for how to
build a Docker image. It's like a batch script, the
first line states the base image to begin with and
then follow the instructions to install required
programs, copy files and so on, until you get the
working environment you need.
22. FROM python:2.7-slim
WORKDIR /app
COPY . /app
RUN pip install --trusted-host pypi.python.org -r
requirements.txt
EXPOSE 80
ENV NAME World
CMD ["python", "app.py"]
Dockerfile
https://github.com/moby/mob
y/blob/master/image/spec/v1.
md
23. So What’s a Build?
The action of building a container image based on the
information and context provided by its Dockerfile, plus
additional files in the folder where the image is built.
24.
25. So What’s a Repo?
A collection of related Docker images, labeled with a tag that
indicates the image version.
A single repo can contain platform variants, such as a Linux
image and a Windows image.
26.
27. So What’s a Docker
Manifest?
A manifest list is a list of image layers that is created by
specifying one or more (ideally more than one) image
names. It can then be used in the same way as an image
name in docker pull and docker run commands, for example.
28.
29. So What’s Azure Container
Registry?
A public resource for working with Docker images and its
components in Azure. This provides a registry that is close to
your deployments in Azure and that gives you control over
access, making it possible to use your Azure Active Directory
groups and permissions.
30.
31.
32. So What’s Azure Container
Instance?
• Containers on demand
• Per-second billing (!)
• Integrations with other Azure services
• No need to provision VM’s or clusters
• Hypervisor level isolation
• Public IP
• Persistent Storage
• Supports both Linux and Windows containers
33. az group create
az container create
Create an instance using the Azure CLI
Azure CLI
35. Tailwind Traders Acquires Northwind
REDMOND, WA - Tailwind
Traders, Inc announced that
it has agreed to acquire
Northwind Traders, the
venerable "old guard"
international foods company,
in an effort to bolster its
virtual hardware offerings
with some international
culinary flare. Tailwind
agreed to acquire Northwind
for an undisclosed sum and
is assuming control of all of
Northwind's virtual assets,
not excluding the
company's flagship
product: Aniseed Syrup/
"This is a profoundly
wonderful development for
for all involved, and will help
to bring our food products to
a whole new sector of the
market" stated Nancy
Daviolo, Executive Vice
President of Operations.
"We really couldn't be
happier with the
arrangement". The recently-
promoted Daviolo will join
the Tailwind executive team
along with two of her close
associates, Margaret
Peacock and Michael
Suyama. Daviolo took over
Northwind’s company
sales operations in 2012
after Andrew Fuller was
THE DAILY NEWS
theuselessweb.com THE WORLD’S MOST MEH NEWSPAPER - Since 5 seconds ago
Continued on page 8
43. Azure SQL Database
Fully Managed Database Platform
Scalable compute for your databases.
Auto-tuning recommendations for your biggest scale
100 TB availability!
99.995% SLA
Highly Available
Managed Databases
44. Migration path
• Hint - Azure Cloud Shell
contains the “az cli” tool that
allows you to create docker
images without installing
docker on your computer.
Welcome to Modernizing your Application with containers
My twitter and github are both @jaydestro
Today we’re going to discuss a pretty big topic – Docker, Containers and how to start deploying applications in the cloud
We’ll discuss modernization of our application, review available endpoints and demo the process.
But before we get started, I need to ask you…. (pause for effect)
(QUESTION TO CROWD): WHERE ARE YOUR APPS?
And don’t let me hear you say “the app store”
For some of you, your applications may be still hosted in big pretty datacenters, with tons of redundant power, air conditioning, security and all those really important features we think about when we build apps. But are you really in the business of maintaining hardware?
Or maybe you’ve progressed a bit, but you’re using Virtual Machines for your applications. You’ve lifted and shifted your applications… they are running, but how much time are you spending on managing the backups, patching systems and ensuring your deployment method works.
While everyone else is enjoying life, you’re spending your time patching, checking alerts and monitoring your applications. Why make it more difficult for you, your team and your customers?
Make peace with your infrastructure, make that feeling of deployment bring calm to you…
Let’s discuss why we want to change our environment for deploying our application
Let’s get you on that path toward application zen. We’ll begin by asking, what are the big problems we want to solve in our existing environment?
First, let’s discuss cost. No more large capital expenditure to begin working
If you peel away all the hype behind containers all that’s left is the simple truth:
Containers are a standardized way to package your application, its dependencies, and the runtime environment into a portable “container” that can be run anywhere with the same outcome.
Containers allow for repeatable deployments, regardless of the host environment.
Containers only need to be provided with runtime data (like connection strings), in order to run.
Containers give developers the ability to create predictable environments, isolated from other applications.
Every dependency needed by the application, versions of the runtime, libraries etc., are included in the container and guaranteed to be consistent regardless of where the image is deployed
This equals productivity. Developers and Ops teams spend less cycles debugging or diagnosing environment issues and more time pushing features and enhancements to the users.
Containers run anywhere, easing the development and deployment of applications. Windows, Mac, Linux, datacenters, cloud and even IoT.
The widespread popularity of the Docker image format for containers helps with the portability. Wherever you want to run your software, you can likely use containers.
Hint at Container orchestration and remind them it will be talked about in greater detail in a later talk
The container format is an open standard – called OCI – not constrained to a single vendor
Less overhead, higher performance, because they share many resources with the host rather than duplicate them like a VM
But fewer isolation guarantees
Containers use “namespaces” and “cgroups” to provide isolated resources to the contained application
Shared OS kernel is the key differentiator
Windows containers are Virtual Machines and some container runtimes isolate containers using VMs as well Kata Containers as an example
- This is a Type 2 Hypervisor in this example (also known as a VMM), a Type 1 Hypervisor would interact with the hardware directly, essentially serving as the host OS
Great API over their runtime – made it simpler for Developers
Dockerfile – made it beautiful
They came up with the portable image format – zip file.
Containers weren’t made for shipping rather made for isolation – eventually containerization became a cloud architecture strategy
Dotcloud becomes docker
They didn’t create it, they just made it more elegant for devs
Since there is no such thing as Linux containers in the kernelspace, containers are various kernel features tied together, when you are building a large platform or distributed system you want an abstraction layer between your management code and the syscalls and duct tape of features to run a container. That is where containerd lives. It provides a client layer of types that platforms can build on top of without ever having to drop down to the kernel level. It’s so much nicer towork with Container, Task, and Snapshot types than it is to manage calls to clone() or mount().
- Each line is either making changes to the root filesystem or the metadata associated with the image (in the case of commands like ENV or EXPOSE)
- Each line in the file also results in a new layer being created in the image
- If you're interested in more details about the container image format and metadata stored within the container you can find them here https://github.com/moby/moby/blob/master/image/spec/v1.md
Our Dockerfile is created to make it simple and elegant for developers to deploy applications anywhere.
Here's an example of running a build from the commandline.
Here's an example of listing all the docker images from the commandline.
Here's an example of viewing a docker manifest.
You can see that each layer has a hash, information on the arch and os and then the layers that make up the container.
Here's an example of the ACR when you're in the Azure portal1.
Here's an example of how easy it is to login and start your build in your custom registry.
¸ Containers as a service – a new take on serverless
… with VM quality isolation
The same as 'docker run' but in the cloud
-n is the shorthand for --name, as is –g for --resource-group
Creating an instance is easy in single command. Well in this case, 2 commands because we must create a resource group ( a logical grouping of assets or objects)
The ip-address option is set to public so the instance is available externally.
EVERYONE STOP
Hold on a minute - iIjust got an alert on my handy dandy smart phone
(shows phone)
Look I know it's a cool phone but let me tell you the news...
THE WORLD'S BIGGEST FAKE COMPANY IS UPON US EVERYONE.
I'd like to announce that Tailwind Traders has announced that it has come to an agreement to purchase Northwind Traders.
Any big fans of these fake companies? Well great, now you all can root for them to be successful together!
But there's a catch...
Sure there's a ton of money associated with the deal, but for the money to go the furthest, the board of this new giant fake company has a mandate.
SAVE MONEY.
This is Jill, the newly minted CTO of this newly minted mega-fake-corp
Jill has informed the IT organization of the mandate and has informed them that the following must be done in the next 12 months in order to see greater profitability by reducing overhead.
The work ahead of this new team is to migrate these services all off of VM’s and into a containerized application.
This will help the team reduce the day to day work and help provide a much more rapid and streamlined method of deployment.
The deployment endpoints have been decided upon based on Jill’s investigation into managed platforms that will work best.
The web app’s front end and API Will run in Azure app service. A fully managed application platform, also known as a PaaS (platform as a service)
This will remove the need to manage any full operating systems and package management associated with it. Less dependencies by abstracting away the management associated with running this container in the cloud with Azure.
Azure Cosmos DB is Microsoft's globally distributed, multi-model database service. – This will replace what we were previously using MongoDB on a VM for. Rather we’ll use the multi-model database service with MongoDB API support to store our document data.
Azure SQL Database service will provide us with a similar service for our MS SQL data hosted as part of the tailwind traders web app. We’ll move everything here to continue to simply our solution.
Lets review our migration path before we get started, ok?
And that’s a statement around how we feel about Azure.
We want to invent with purpose in how we think about it what we deliver to you but also enable you to invent with purpose.
And we do that in some key ways.
TRANSITION: I talk about these ways as our promises to you on what Azure will always deliver and why we’ll help you.