1. Š 2015 IBM Corporation
IBM Bluemix
Kyle Brown
Distinguished Engineer
IBM Cloud Lab Services
Docker and IBM Bluemix
May 2015
2. Š 2015 IBM Corporation
Agenda
⢠What is Docker
⢠Docker and Bluemix
⢠Whatâs next?
3. Š 2015 IBM Corporation
IBM Bluemix
What is Docker?
4. Š 2015 IBM Corporation
Static website Web frontendUser DB Queue Analytics DB
Development
VM
QA server Public Cloud Contributorâs
laptop
4
Docker is a shipping container system for codeMultiplicityofStacksMultiplicityofhardware
environments
Production
Cluster
Customer Data
Center
Doservicesandapps
interactappropriately?
CanImigratesmoothlyand
quickly
âŚthat can be manipulated using
standard operations and run
consistently on virtually any
hardware platform
An engine that enables any
payload to be encapsulated as
a lightweight, portable, self-
sufficient containerâŚ
5. Š 2015 IBM Corporation
Docker Engine
⢠Open source project
⢠Supported on every major Linux distro (MS Windows in 2015)
⢠Client-server architecture with daemon deployed on physical or virtual host
⢠Uses Linux kernel cgroups and namespaces for process resource management and
isolation
⢠Uses copy-on-write filesystem for git-like image change management
A portable, lightweight application runtime and packaging tool
built on top of kernel container primitives
Build Ship Run
Docker Engine
6. Š 2015 IBM Corporation
Containers
AppAâ
Host OS
Server
Bins/Libs
AppA
Bins/Libs
AppB
AppBâ
AppBâ
AppBâ
Container
What is a Container
⢠An isolated user space within a running Linux OS
⢠Shared kernel across containers
⢠Direct device access
⢠All packages and data in an isolated run-time, saved as a filesystem.
⢠Resource management implemented with cgroups
⢠Resource isolation through namespaces
Run
7. Š 2015 IBM Corporation
Docker Terminology
Image â layered file system where each layer references the layer below
Dockerfile â build script that defines:
⢠an existing image as the starting point
⢠a set of instructions to augment that image (each of which results in a new
layer in the file system)
⢠meta-data such as the ports exposed
⢠the command to execute when the image is run
Container â runtime instance of an image plus a read/write layer
bootfs (Kernel)
ubuntu:14.04 debian:wheezy
ibm-jre:8.0
websphere-liberty:8.5.5 websphere-liberty:beta
app-a app-b app-c app-eapp-d
c1 c2 c3 c4 c5 c6
mongo:latest
c7 c8
= container
= image
8. Š 2015 IBM Corporation
Docker Containers: Shared / Layered FS
Docker uses a copy-on-write (union) filesystem
New files(& edits) are only visible to current/above layers
Layers allow for reuse
⢠More containers per host
⢠Faster start-up/download time â base layers are "cached"
Images
⢠Tarball of layers (each layer is a tarball)
8
Filesystem
Base OS / Kernel
Fedora Ubuntu
tomcat tomcatliberty
CNTR1 CNTR2 CNTR3 CNTR4
app1 app2 app4app3
Layer
Layer
Layer
9. Š 2015 IBM Corporation
Other important concepts
⢠Container Group
⢠A group of containers, which all share the same image.
⢠Docker Registry
⢠A registry server for Docker that helps hosting and delivery of repositories and images.
⢠Repository
⢠Set of images on local Docker or registry server.
10. Š 2015 IBM Corporation
Docker Orchestration projects
Docker Machine
Provision Docker daemon onto hosts
Common CLI for all Docker hosts
10 integrations, including AWS, VMwareâŚ
Docker Swarm
Cluster Docker hosts into a single pool
Schedule Docker container workloads based on resource
availability
Docker Compose
Define multi-container distributed apps
Control all containers via single command
$ machine create
11. Š 2015 IBM Corporation
Docker Hub
Ship
Enable sharing and collab of Docker Images
Private and public repositories of images
Certified base images by ISVs
Docker Hub
$ docker push $ docker pull
12. Š 2015 IBM Corporation
Why should you care about Containers?
⢠Demand for Increased Application Development Efficiency
⢠Enable Continuous Integration/Continuous Delivery
⢠Developer Laptops, through automated test, to production, and through scaling without
modification
⢠DevOps Requires Improved Deployment Efficiency
⢠Higher Density of Compute Resources (CPU, Memory, Storage)
⢠Hybrid Cloud and Choice Require Portability
⢠Cross Cloud Deployment - move the same application across multiple clouds.
⢠Eliminate âlock-inâ, become a âCloud Brokerâ
12
Pain points User scenarios How this offering helps
Need resources faster Get a working environment up and running
in minutes, not hours or weeks
Users can instantiate new container instances in
seconds with the consistent experience working
directly with Docker
Innovation requires agility and
DevOps
Continuous delivery pipeline IBM Containers integrates with Bluemix apps
including a continuous delivery pipeline, partnered
with the fast deployments of containers
Ability to migrate workload from on-
prem to off-prem infrastructure
Changes made on developerâs local image
is ready to deploy to production cloud
Portability as images can be developed on a local
workstation, tested in a staging cloud on-prem, and
finally to the production off-prem cloud
Environment to facilitate incremental
production deployment
Business wants to deploy in a phased
approach to validate the expected
experience of the new version
Users can deploy new releases in a controlled
manner enabling them to monitor the performance
and behavior with the ability to roll back if needed
13. Š 2015 IBM Corporation
IBM Bluemix
IBM Bluemix and the
Container Service
14. Š 2015 IBM Corporation
Docker Containers simplifies cloud portability
Developers & SysAdmins love the flexibility and standardization of Docker
Standardization ď Application portability
Package, ship, and run applications anywhere
The Docker Hub Registry has 5,000+ "Dockerized" applications
Lightweight
Containers are âlightâ users of system resources, smaller than VMs,
start up much faster, and have better performance
Ecosystem-friendly
A new industry standard, with a vibrant ecosystem of partners.
730+ community contributors; 50,000 third-party Docker projects on GitHub
User-friendly
Developers build with ease and ship higher-quality applications
SysAdmins deploy workloads based on business priorities and policies.
"Flexibility and portability are becoming paramount in developing, deploying and managing
applications in the cloud, particularly at scale and among large enterprise organizations,"
Jay Lyman, a senior analyst for enterprise software at 451 Research, told Linux.com.1 1Linux.com
15. Š 2015 IBM Corporation
IBM Container Runtime on Bluemix
ďź Automate the build
of Docker images
ďź Manage and
distribute Docker
images in private
image registries
ďź Easily host
containers in the
cloud
ďź Scale and auto-
recovery built-in
ďź Logging and
Monitoring built-in
16. Š 2015 IBM Corporation
Local Development with Containers
IBM Container
Service
IBM Container Image
Registry Service
Containers support portability making them
ideal for local development and hybrid cloud
deployment
17. Š 2015 IBM Corporation
Develop/Test locally while using Bluemix Services
boot2docker
(Vagrant with Docker host)
Leverage portability of containers and convenience of Bluemix
services.
18. Š 2015 IBM Corporation
ICE (IBM Containers Extension) Tool
ICE both wraps the docker command line tool for managing local docker images and
containers and also adds additional functionality specific to the Bluemix docker hosting
Including:
Management of Floating IP addresses (request/bind/undbind/list) and routes
Pushing local docker images to the registry in Bluemix
Building and managing container groups
managing/monitoring state of containers running in Bluemix
ICE is downloaded from https://www.ng.bluemix.net/docs/cli/cli.html#container_cli
Run ice commands as you would docker commands:
sudo ice login -a https://api.ng.bluemix.net -H https://api-
ice.ng.bluemix.net/v2/containers -R registry-ice.ng.bluemix.net
sudo ice ps â shows the running docker containers on Bluemix
sudo ice âhelp will list out all commands
19. Š 2015 IBM Corporation
Simple ICE demonstration
Weâll start with creating a simple Dockerfile:
FROM registry-ice.ng.bluemix.net/ibmnode:latest
ADD app.js /app.js
EXPOSE 9085
CMD ["node", "app.js"]
Steps
1. Pull image from the bluemix registry (optional)
2. Build image locally
3. Tag the image
4. Push the image to bluemix
5. Validate that the image is uploaded correctly
6. Run the container in bluemix
7. Bind a floating IP address to the running container
20. Š 2015 IBM Corporation
Docker and WebSphere Application Server
Support for WebSphere Application Server Liberty Profile
and Full Profile running under Docker
WebSphere Application Server Liberty Profile image on IBM Bluemix Registry
Dockerfiles on WASDev to:
⢠Upgrade the Docker Hub image with a Liberty Core, Base or ND license
⢠Build your own Docker image for Liberty or Full Profile
2
21. Š 2015 IBM Corporation
Deploying a WebSphere Application
Build a layer on top of the image containing the application
Dockerfile
FROM registry-ice.ng.bluemix.net/ibmliberty:latest
ADD app.war /opt/ibm/wlp/usr/servers/defaultServer/dropins/
ENV LICENSE accept
sudo ice âlocal build ât=âkbrown/hellolibertyâ .
sudo ice âlocal run âi -t âp=80:9080 âp=443:9443 âkbrown/hellolibertyâ
Modifying the application requires rebuilding and redeploying just the application layer
2
22. Š 2015 IBM Corporation
IBM Bluemix
Whatâs next?
23. Š 2015 IBM Corporation
Moving from monolithic applications to microservices
23
Monolithic app Micro services
Scaling Scaling
24. Š 2015 IBM Corporation
IBM and Docker Partnership
⢠Strategic partnership announced December, 2014
https://www-03.ibm.com/press/us/en/pressrelease/45597.wss
⢠Objective: Deliver next generation enterprise-grade, portable, distributed
applications that are composed of interoperable Docker containers
⢠Enables hybrid cloud use cases for the enterprise
Initiatives Underway
⢠IBM Enterprise Containers on Bluemix enables enterprises to launch Docker containers
to automate application deployment on or off premise
⢠IBM UrbanCode automates the deployment of multiple Docker containers to various
dev/test and staging environments, as part of the DevOps pipeline
⢠PureApplication Systems & Services builds, deploys and runs Pure patterns with Docker
containers
⢠Docker Hub Enterprise (DHE) integration
⢠Extend IBM DevOps and IBM cloud solutions by integrating with and reselling
Docker Hub Enterprise software & support
24
25. Š 2015 IBM Corporation
IBM MobileFirst Platform Foundation
⢠IBMŽ MobileFirst Platform Foundation, formerly known as
IBM Worklight, helps organizations extend their business
to mobile devices. It provides an open and comprehensive
platform to not only build, but test, run and manage native,
hybrid and mobile web apps.
⢠It is available as an on-premise or private cloud solutions
⢠Why run MFP Foundation solution on Docker?
ď§ Easy installation
ď§ Quick, cloud friendly development
ď§ An agile hosting solution
ď§ Sharing between team members
25
26. Š 2015 IBM Corporation
MFP Foundation in a Bluemix Container
26
Server Container
MFP Server v6.3
Admin Console
Runtime
App1 App2 Add
1
Add
2
SQL Database
Service
admin
wl
Bluemix Helper
Application
bind
copy
VCAP_SERVICES
reports
IBMÂŽ Bluemixâ˘
27. Š 2015 IBM Corporation
How is this different from Virtualization?
Containers & VMs
Understanding both technologies
27
Virtualization Approach
Build
â˘Package the (guest) operating system
â˘Add required files and programs
Deploy:
â˘This entire âpackageâ can be moved and
reconfigured across different physical machine
Change:
â˘Change details of the software within the virtual
machine and then create a new virtual machine.
Value:
â˘Traditional cloud-enabled workloads
Container Approach
Build:
⢠Software stack can be individually packaged
Deploy:
⢠Software stack in a Docker container can be easily
moved between deployment environments
Change:
⢠Recomposed software into new stacks
Value:
⢠Built-on-the-cloud applications
⢠Loosely coupled, elastic architectures
Standardization and choice for delivering the best business value
28. Š 2015 IBM Corporation
Support for Docker in other Clouds
Amazon
⢠Amazon EC2 Container Service supports the Docker platform and enables you to run and
manage Docker containers across a cluster of Amazon EC2 instances.
⢠Each EC2 instance in a cluster managed by EC2 Container Service runs a Docker daemon, so
whatever application you package as a container locally will deploy and run on EC2 Container
Service without the need for any configuration changes.
Google
⢠Google container Engine allows you to run and manage Docker containers on Google's Cloud
Platform's VMs (it is in alpha release)
⢠Container Engine uses Google Compute Engine instances for the nodes in the cluster and,
similar to Amazon, you are billed for those instances/resources
Microsoft
⢠Docker Engine open source runtime will work with the next version of Windows Server and
Docker Engine images for Windows Server will be available in the Docker Hub.
⢠The Docker Hub will also be integrated directly into Azure so that it is accessible through the
Azure Management Portal and Azure Gallery
28
Hinweis der Redaktion
A container consists of an operating system, user-added files, and meta-data. As we've seen, each container is built from an image. That image tells Docker what the container holds, what process to run when the container is launched, and a variety of other configuration data. The Docker image is read-only. When Docker runs a container from an image, it adds a read-write layer on top of the image (using a union file system as we saw earlier) in which your application can then run.
Containers:
A lightweight isolated user space within a running Linux OS
Containers share Host OS kernel services
Implemented with Linux cgroups, saved as a file system
With Docker: The underlying operating system is abstracted away by the Docker runtime, a âvery thin layerâ that sandboxes the app and makes it portable. Without the Docker layer, an app would have to be written to deal with different operating systems, different hypervisors (software that enables virtualization), different cloud platforms. You might assume that such a layer of abstraction would slow down an appâs performance, but Hykes claims it does not, in part because it uses capabilities that have existed in the Linux kernel for years. âLinux does the heavy lifting,â Hykes said.
ZDNet: Docker is riding the hype cycle as fast as I can recall ever seeing an enterprise technology goâŚIt is hotter than hot because it makes it possible to get far more apps running on the same old servers and it also makes it very easy to package and ship programs.
Background: Docker 1.0 was released in June 2014, and includes the free Docker Engine (its container standard) and Docker Hub (a repository for 3rd-party services for distributed apps). Docker is open-source.