1. 2016 Newt Global |www.NewtGlobal.com | Confidential
Newt Global Services and Offerings

2. Docker 101 Tri Series Webinar
By:
Venkatnadhan Thirunalai
Jai Karthik

3.  Founded in 2004 ,HQ at Dallas TX,
present in multiple locations in USA and
India
 Leader in DevOps Transformation, Cloud
Enablement and Test Automation
 One of top 100 fastest growing
companies of Dallas twice in a row
 Clientele includes Fortune 50 companies
About Newt Global

4. Speakers
1/27/2017 Copyright 4
• Venkat is DevOps Practice Leader, His area of expertise includes DevOps
Practice, Consult Fortune 100 customers on DevOps IT Strategy. Responsible
for building the global pre-sales, consulting and delivery team for
NewtGlobal
• He has 16+ years of IT industry experience and delivered multiple enterprise
scale projects for Fortune 500 customer base
Venkatnadhan Thirunalai
DevOps, Practice Leader
NewtGlobal
• AWS solution specialist, DevOps strategist. Area of expertise includes AWS
infrastructure management and architectural design, Docker container
management solution, DevOps strategy for automation, Ansible scripter for
automation, Jenkins work practice for design architecture. Responsible for
AWS management, Docker management and DevOps automation works with
jenkins and ansible
• Industry experience of 6+ years in IT and worked on 24 projects with smooth
deliverables for International/Natinonal enterprise clients
Jayakarthi Dhanabalan
AWS Solution Specialist
Newt Global

5. Housekeeping Instructions
• All phones are set to mute. If you have any questions, please type them in the Chat window located beside the
presentation panel
• We have already received several questions from the registrants, which will be answered by the speakers during
the Q & A session
• We will continue to collect more questions during the session as we receive and will try to answer them during
today’s session
• In case if you do not receive answers to your question today, you will certainly receive answers via email shortly
• Thanks for your participation and enjoy the session!
1/27/2017 Copyright 5

6. Contents
Introduction to Docker, Containers, and the Matrix from Hell
Why people care: Separation of Concerns
Technical Discussion
Ecosystem
Docker Basics
Dockerfile
Docker Compose
Docker Swarm

7. Static website
Web frontend
User DB
Queue Analytics DB
Background workers
API endpoint
nginx 1.5 + modsecurity + openssl + bootstrap 2
postgresql + pgv8 + v8
hadoop + hive + thrift + OpenJDK
Ruby + Rails + sass + Unicorn
Redis + redis-sentinel
Python 3.0 + celery + pyredis + libcurl + ffmpeg + libopencv + nodejs +
phantomjs
Python 2.7 + Flask + pyredis + celery + psycopg + postgresql-client
Development VM
QA server
Public Cloud
Disaster recovery
Contributor’s laptop
Production Servers
The ChallengeMultiplicityofStacks
Multiplicityof
hardware
environments
Production Cluster
Customer Data Center
Doservicesandapps
interact
appropriately?
CanImigrate
smoothlyand
quickly?

8. The Matrix From Hell
Static website
Web frontend
Background workers
User DB
Analytics DB
Queue
Development
VM
QA Server
Single Prod
Server
Onsite
Cluster
Public Cloud
Contributor’s
laptop
Customer
Servers
? ? ? ? ? ? ?
? ? ? ? ? ? ?
? ? ? ? ? ? ?
? ? ? ? ? ? ?
? ? ? ? ? ? ?
? ? ? ? ? ? ?

9. MultiplicityofGoods
Multipilicityof
methodsfor
transporting/storing
DoIworryabout
howgoodsinteract
(e.g.coffeebeans
nexttospices)
CanItransportquickly
andsmoothly
(e.g.fromboattotrain
totruck)
Cargo Transport Pre-1960

10. ? ? ? ? ? ? ?
? ? ? ? ? ? ?
? ? ? ? ? ? ?
? ? ? ? ? ? ?
? ? ? ? ? ? ?
? ? ? ? ? ? ?
Also a matrix from hell

11. MultiplicityofGoods
Multiplicityof
methodsfor
transporting/storing
DoIworryabout
howgoodsinteract
(e.g.coffeebeans
nexttospices)
CanItransport
quicklyandsmoothly
(e.g.fromboatto
traintotruck)
Solution: Intermodal Shipping Container
…in between, can be loaded and
unloaded, stacked, transported
efficiently over long distances,
and transferred from one mode
of transport to another
A standard container that is
loaded with virtually any
goods, and stays sealed until
it reaches final delivery.

12. Static website Web frontendUser DB Queue Analytics DB
Development
VM
QA server Public Cloud Contributor’s
laptop
Docker is a shipping container system for codeMultiplicityofStacks
Multiplicityof
hardware
environments
Production
Cluster
Customer Data
Center
Doservicesandapps
interact
appropriately?
CanImigrate
smoothlyandquickly
…that can be manipulated using
standard operations and run
consistently on virtually any
hardware platform
An engine that enables any
payload to be encapsulated
as a lightweight, portable,
self-sufficient container…

13. Static website
Web frontend
Background workers
User DB
Analytics DB
Queue
Development
VM
QA Server
Single Prod
Server
Onsite
Cluster
Public Cloud
Contributor’s
laptop
Customer
Servers
Docker eliminates the matrix from Hell

14. Why Developers Care
Build
once…(finally)
run anywhere
A clean, safe, hygienic and portable runtime environment for your app.
No worries about missing dependencies, packages and other pain points during
subsequent deployments.
Run each app in its own isolated container, so you can run various versions of
libraries and other dependencies for each app without worrying
Automate testing, integration, packaging…anything you can script
Reduce/eliminate concerns about compatibility on different platforms, either your
own or your customers.
Cheap, zero-penalty containers to deploy services? A VM without the overhead of
a VM? Instant replay and reset of image snapshots? That’s the power of Docker

15. Why Devops Cares?
Configure
once…run
anything
Make the entire lifecycle more efficient, consistent, and repeatable
Increase the quality of code produced by developers.
Eliminate inconsistencies between development, test, production, and
customer environments
Support segregation of duties
Significantly improves the speed and reliability of continuous deployment and
continuous integration systems
Because the containers are so lightweight, address significant performance,
costs, deployment, and portability issues normally associated with VMs

16. Why it works—separation of concerns
• Dan the Developer
• Worries about what’s “inside” the container
• His code
• His Libraries
• His Package Manager
• His Apps
• His Data
• All Linux servers look the same
• Oscar the Ops Guy
• Worries about what’s “outside”
the container
• Logging
• Remote access
• Monitoring
• Network config
• All containers start, stop, copy,
attach, migrate, etc. the same
way

17. More technical explanation
High
Level—It’s
a
lightweight
VM
Own process space
Own network interface
Can run stuff as root
Can have its own /sbin/init (different from host)
<<machine container>>
Low Level—
It’s chroot
on steroids
Can also not have its own /sbin/init
Container=isolated processes
Share kernel with host
No device emulation (neither HVM nor PV) from host)
<<application container>>
Run
everywhere
Regardless of kernel version
Regardless of host distro
Physical or virtual, cloud or not
Container and host architecture must match*
Run
anything
If it can run on the host, it can run in the
container
i.e. if it can run on a Linux kernel, it can run
WHY WHAT

18. App
A
Containers vs. VMs
Hypervisor (Type 2)
Host OS
Server
Guest
OS
Bins/
Libs
App
A’
Guest
OS
Bins/
Libs
App
B
Guest
OS
Bins/
Libs
AppA’
Docker
Host OS
Server
Bins/Libs
AppA
Bins/Libs
AppB
AppB’
AppB’
AppB’
VM
Container
Containers are isolated,
but share OS and, where
appropriate, bins/libraries
Guest
OS
Guest
OS
…result is significantly faster deployment,
much less overhead, easier migration,
faster restart

19. Why are Docker containers lightweight?
Bins/
Libs
App
A
Original App
(No OS to take
up space, resources,
or require restart)
AppΔ
Bins/
App
A
Bins/
Libs
App
A’
Guest
OS
Bins/
Libs
Modified App
Copy on write
capabilities allow
us to only save the diffs
Between container A
and container
A’
VMs
Every app, every copy of an
app, and every slight modification
of the app requires a new virtual server
App
A
Guest
OS
Bins/
Libs
Copy of
App
No OS. Can
Share bins/libs
App
A
Guest
OS
Guest
OS
VMs Containers

20. What are the basics of the Docker system?
Source
Code
Repository
Dockerfile
For
A
Docker Engine
Docker
Container
Image
Registry
Build
Docker
Host 2 OS (Linux)
ContainerA
ContainerB
ContainerC
ContainerA
Push
Search
Pull
Run
Host 1 OS (Linux)

21. Changes and Updates
Docker Engine
Docker
Container
Image
Registry
Docker Engine
Push
Update
Bins/
Libs
App
A
AppΔ
Bins/
Base
Container
Image
Host is now running A’’
Container
Mod A’’
AppΔ
Bins/
Bins/
Libs
App
A
Bins/
Bins/
Libs
App
A’’
Host running A wants to upgrade to A’’.
Requests update. Gets only diffs
Container
Mod A’

22. Some Docker vocabulary
Docker Image
The basis of a Docker container. Represents a full application
Docker Container
The standard unit in which the application service resides and executes
Docker Engine
Creates, ships and runs Docker containers deployable on a physical or virtual, host
locally, in a datacenter or cloud service provider
Registry Service (Docker Hub or Docker Trusted Registry)
Cloud or server based storage and distribution service for your images
22

23. Image Layers
23
Kernel
Alpine Linux
Install Python and Pip
Upgrade Pip
Copy Requirements
Install Requirements
…

24. Docker File System
• Logical file system by grouping different file system primitives into
branches (directories, file systems, subvolumes, snapshots)
• Each branch represents a layer in a Docker image
• Allows images to be constructed / deconstructed as needed vs. a huge
monolithic image (ala traditional virtual machines)
• When a container is started a writeable layer is added to the “top” of the
file system
24

25. Copy on Write
• Super efficient:
• Sub second instantiation times for containers
• New container can take <1 Mb of space
• Containers appears to be a copy of the original image
• But, it is really just a link to the original shared image
• If someone writes a change to the file system, a copy of the affected file/directory is “copied up”
25

26. What about data persistence?
• Volumes allow you to specify a directory in the container that exists outside of the
docker file system structure
• Can be used to share (and persist) data between containers
• Directory persists after the container is deleted
• Unless you explicitly delete it
• Can be created in a Dockerfile or via CLI
26

27. Basic Docker Commands
$ docker pull mikegcoleman/catweb:1.0
$ docker images
$ docker run –d –p 5000:5000 –-name catweb mikegcoleman/catweb:latest
$ docker ps
$ docker stop catweb (or <container id>)
$ docker rm catweb (or <container id>)
$ docker rmi mikegcoleman/catweb:latest (or <image id>)
$ docker build –t mikegcoleman/catweb:2.0 .
$ docker push mikegcoleman/catweb:2.0

28. Dockerfile – Linux Example
28
• Instructions on how
to build a Docker
image
• Looks very similar to
“native” commands
• Important to
optimize your
Dockerfile

29. Dockerfiles
• Dockerfiles = image representations
• Simple syntax for building images
• Automate and script the images creation

30. FROM
• Sets the base image for subsequent instructions
• Usage: FROM <image>
• Example: FROM ubuntu
• Needs to be the first instruction of every Dockerfile
• TIP: find images with the command: docker search

31. RUN
• Executes any commands on the current image and commit the results
• Usage: RUN <command>
• Example: RUN apt-get install –y memcached
FROM ubuntu
RUN apt-get install -y memcached
• Is equivalent to:
docker run ubuntu apt-get install -y memcached
docker commit XXX

32. docker build
• Creates an image from a Dockerfile
• From the current directory = docker build
• From stdin = docker build - < Dockerfile
• From GitHub = docker build github.com/creack/docker-firefox
• TIP: Use –t to tag your image

33. Compose
• One binary to start/manage multiple containers and volumes on a single Docker host
• Originated from Fig
• Move your lengthy docker run commands to a YAML file

34. Installation
• Via pip
• Or just get the binary
$ sudo curl -L
https://github.com/docker/compose/releases/download/1.1.0/
docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-
compose

35. Use
$ docker-compose up -d
Creating vagrant_mysql_1...
Creating vagrant_wordpress_1...
$ docker-compose ps
Name Command State
Ports
-----------------------------------------------------------------
----------------
vagrant_mysql_1 /entrypoint.sh mysqld Up
3306/tcp
vagrant_wordpress_1 /entrypoint.sh apache2-for ... Up
0.0.0.0:80->80/tcp

36. YAML description
wordpress:
image: wordpress
links:
- mysql
ports:
- "80:80"
environment:
- WORDPRESS_DB_NAME=wordpress
- WORDPRESS_DB_USER=wordpress
- WORDPRESS_DB_PASSWORD=wordpresspwd
mysql:
image: mysql
volumes:
- /home/docker/mysql:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD=wordpressdocker
- MYSQL_DATABASE=wordpress
- MYSQL_USER=wordpress
- MYSQL_PASSWORD=wordpresspwd

37. Machine
• One binary to create a remote Docker host and setup the TLS communication with your local docker client.
• Automates the TLS setup and the configuration of the local environment
• Can manage multiple machines in different clouds at the same time

38. Installation (e.g OSX)
$ wget
https://github.com/docker/machine/releases/download/v0.1.0/docker
-machine_darwin-amd64
$ mv docker-machine_darwin-amd64 docker-machine
$ chmod +x docker-machine
$ ./docker-machine --version
docker-machine version 0.1.0

39. Local Use
$ docker-machine ls
NAME ACTIVE DRIVER STATE URL SWARM
dev * virtualbox Running tcp://192.168.99.100:2376
$ docker-machine env dev
export DOCKER_TLS_VERIFY=1
export
DOCKER_CERT_PATH=/Users/sebastiengoasguen/.docker/machine/machine
s/dev
export DOCKER_HOST=tcp://192.168.99.100:2376
$ docker images
REPOSITORY TAG … CREATED VIRTUAL SIZE
wordpress latest … 2 weeks ago 451.4 MB
mysql latest … 2 weeks ago 282.8 MB
mysql 5.5 … 2 weeks ago 214.5 MB

40. Cloud Use
• Many drivers
• Many more waiting for merge (i.e cloudstack )
$ ./docker-machine create -d digitalocean foobar
INFO[0000] Creating SSH key...
INFO[0001] Creating Digital Ocean droplet...
INFO[0005] Waiting for SSH...
INFO[0072] Configuring Machine...

41. Swarm
• Docker client endpoint that proxies requests to docker daemons running in a cluster.
• Cluster manager that keeps state of the cluster nodes
• Easily run as a container itself
• Multiple service discoveries for cluster nodes (docker hosted, etcd, consul, zookeeper, file based)

42. Swarm

43. Use
• No install, run the container
• docker pull swarm
$ docker run -v /vagrant:/tmp/vagrant -p 1234:1234 -d swarm manage
file://tmp/vagrant/swarm-cluster.cfg -H=0.0.0.0:1234
72acd5bc00de0b411f025ef6f297353a1869a3cc8c36d687e1f28a2d8f422a06
$ docker -H 0.0.0.0:1234 info
Containers: 0
Nodes: 3
swarm-2: 192.168.33.12:2375
└ Containers: 0
└ Reserved CPUs: 0 / 1
└ Reserved Memory: 0 B / 490 MiB
…
$ docker -H 0.0.0.0:1234 run -d -p 80:80 nginx

44. Use Machine to create Swarm
• Get a token for discovery
• Start nodes with machine using the --swarm option
$ docker run swarm create
31e61710169a7d3568502b0e9fb09d66
$ docker-machine create -d virtualbox --swarm --swarm-master --
swarm-discovery token://31e61710169a7d3568502b0e9fb09d66 head
...
$ docker-machine create -d digitalocean --swarm --swarm-discovery
token://31e61710169a7d3568502b0e9fb09d66 worker-00
...
$ docker-machine create -d azure --swarm --swarm-discovery
token://31e61710169a7d3568502b0e9fb09d66 swarm-worker-01

45. Put it all together: Build, Ship, Run Workflow
Developers IT Operations
BUILD
Development Environments
SHIP
Create & Store Images
RUN
Deploy, Manage, Scale

46. Contact Us
For any questions/clarifications please contact:
Satheesh Reddy, Sales Manager
Newt Global Consulting LLC.
satheeshr@newtglobalcorp.com
http://newtglobal.com/
1/27/2017 Copyright 46

47. 1/27/2017 Copyright 47