Cont ainers

Ex plained
Solution for “an easy, lightweight virtualized
environment for portable applications“

Version 1.0
Olivier Delfosse, IBM Client Technical Advisor
delfosse@fr.ibm.com
odelfosse
1@odelfossePro
AGENDA

 Virtualization vs Container-ization

 The promise of Docker

 IBM | Docker partnership

 What opportunities for IBM | Orange ?

2
T he phy sical w orld of t he past
It was before…

In the beginning we had physical machines

with CPU, RAM, Disks,…

3
T he phy sical w orld of t he past
It was before…

Every time we wanted to deploy a new

application we had to buy a new physical
machine for it.
Each physical machine would have its own
Operating System installed, and the
application would get installed on top of
that Operating System. Like so…..

4
T he phy sical w orld of t he past
It was before…

Problem was, resource utilization on those

physical machines was nearly zero.
A shocking waste of power, cooling, raw
materials, data center floor space…

5
What about loads of apps per phy sical mac hine?
Why didn’t we ???

What we really want, is to be able to install

multiple apps per physical machine!
Well….. with operating systems like
Windows and Linux we couldn’t isolate
applications and stop them from interfering
and trampling all over each other.

6
T he rise of t he V irt ual Machine (V M)
VMWare (and others) to the rescue !
This VM model installed something called a Hypervisor
onto the physical machine. The hypervisor would own
the physical resources and it would create multiple
Virtual Machines on each physical machine.
These VMs looked, felt and worked just like physical
machines. So we installed an Operating System onto
each VM, and then installed an app on top of the OS.
Net result, multiple applications per physical machine,
and higher resource utilization…

7
Wait … . V irt ual Machines are ugly ?
After the euphoria
Each VM needs its own Operating System. And Operating
Systems consume resources!
Remember, our ultimate goal is to run multiple applications
on a physical machine, not to install multiple Operating
Systems on a physical machine.
Every Operating System consumes system resources
(overhead) – disk space, disk IOPS, RAM, CPU cycles… They
all need patching, and some of them need anti-virus.
It’s far from a thing of beauty.

8
Cont ainers are bet t er
They’re more efficient – they waste less!
Let’s look at the basic architecture of containers. We’ve got
a physical machine with an Operating System , then on top
we run *containers* - and within each container we run an
application. That’s the high level.
Kinda looks similar to the VM model….. But the crucial
difference is that inside each container is pretty much just
the application and the piece of software supporting it.
So containers are a lot more lightweight. They waste less
resources (less disk IOPS, less RAM, less CPU cycles), start
faster, provide interoperability & predictibility.
9
Dock er – a def act o st andard ?
Develop, Ship and Run Any Application, Anywhere
Docker is a tool helping developers to build, ship and run code anywhere just like
containers helps shipping anything anywhere. It is increasingly used in
production to cleanly isolate processes on a same physical machine without the
overhead of a Virtual Machine.
Docker utilizes light weight containers to isolate/sandbox processes running in
those containers. It’s based on the Linux kernel (and LXC – Linux containers).
Docker consists of:
The Docker Engine - lightweight and powerful open source container
virtualization technology combined with a work flow for building and
containerizing your applications.
Docker Hub - SaaS service for sharing and managing your application stacks

10
Dock er sounds good… but how it w ork s ?
Inside the container.
 Docker works on a client/server model. The client talks to the server or daemon,
which, in turn, does all the work. You can run the daemon and client on the same
host or connect your local client to a remote daemon that is running on another
host.
— On “server side” Docker is installed as a daemon natively on the Linux OS and use
kernel libraries to interact with the OS (LXC, AUFS).
— On “client side” you can interact with the docker daemon through docker
command lines in a shell (docker -start, -stop, -build,…) to manage & configure
your containers.
 Images (containing app & libs) are the building blocks of the container world. You
start your containers from images. Images are layered. Images are the build part
or source code for your containers.
 The images that you build are stored in registries (public or private). Docker
operates the public registry for images, called the Docker Hub. You can create an
account on the Docker Hub and use it to share and store your own images.

11
Why Dock er ?
The promise of Docker (compare to a traditional VM)

1. Faster delivery of your applications

2. Deploy and scale more easily
3. Get higher density and run more workloads

Traditional VM

12
Why Dock er ?
Faster delivery of your applications (devops accelerator)
 Docker containers, and the workflow that comes with them, help your
developers, sysadmins, QA folks, and release engineers work together to get your
code into production faster.
 Docker makes it easy to build new containers, enable rapid iteration of your
applications, and increase the visibility of changes. This helps everyone in your
organization understand how an application works and how it is built.
 Containers have sub-second launch times, reducing the cycle time of
development, testing, and deployment. They have a layered image structure that
provide flexibility to build.
 As Docker speeds up your workflow, it gets easier to make lots of small changes
Micro services architecture
instead of huge, big bang updates. Smaller changes mean reduced risk and more support
uptime.

13
Why Dock er ?
Deploy and scale more easily
 Docker containers run (almost) everywhere. You can deploy Application portability
containers on desktops, physical servers, virtual machines, into data
centers, and up to public and private clouds.
 Since Docker runs on so many platforms, it's easy to move your
applications around. You can easily move an application from a
testing environment into the cloud and back whenever you need.
 Docker's lightweight containers also make scaling up and down fast
and easy. You can quickly launch more containers when needed and
then shut them down easily when they're no longer needed.

14
Why Dock er ?
Get higher density and run more workloads
 Docker containers don't need a hypervisor, so you can pack more of Resource utilization
them onto your hosts. This means you get more value out of every
server and can potentially reduce what you spend on equipment and
licenses.
 You can use Docker to deploy to VMs or bare metal servers, meaning A very intensive benchmark of
that companies who provide both bare metal and cloud hosting will Docker vs KVM with OpenStack
enable their customers to have a very clean scaling path moving from was put together and Docker
resource constrained cloud servers to beastly high end rack mounted wins going away with
servers. approximately a 26 to 1
 It will also make things easier on IT departments who want to provide performance improvement.
a cloud-like hosting experience for their development teams but want
to do so in their own datacenters.
15
So are V irt ual I mages dead ???
Well Yes and No…
 « […] Les VM sont l’outil idéal pour virtualiser les applications déjà existantes. Mais les caractéristiques des
containers Docker correspondent mieux aux nouvelles applications (SoE). D’autant plus qu’ils en facilitent
et en accélèrent le développement en permettant une optimisation de la gestion des versions et de leurs
tests. Rien n’empêche d’installer des containers Dockers dans des VM »
 Whenever you need tight resource control and isolation for your application environment, you use virtual
machines. But, what if your application environment does not require the hardware resources of full
virtualization? Containers can provide user environments whose resource requirements can be strictly
controlled with or without using virtualization.
 With Docker, "DevOps" can separate back out to Dev/Docker and Ops/Puppet. Ops will configure a single
VM with Puppet/Chef/CFEngine and developers will drop their containers on it…

16
So Dock er is good… but w ho cares ?
Market adoption is growing fast
 Redhat RHEL 6.5+ will support Docker and bring it into its Openshift
PaaS platform
 Amazon delivers Docker on its AWS Cloud
 Google provide Docker on its IaaS and use it in its own DCs
 Microsoft has partnered with Docker to support the technology on
Windows and bring it on Azure
 Openstack support Docker on its IaaS framework (Nova, Heat)
 Pure IaaS player like Joyent , Digital Ocean, Treeptik are proposing
Docker as a service
 Clients like eBay and spotify are using the technology in their DCs

17
What about I BM and Dock er ?
A strategic partnership to deliver enterprise applications in the
cloud and on premise
 IBM partnership with Docker Hub Enterprise (DHE)

 Bluemix launches IBM Containers Beta based on Docker

 Docker and Softlayer

 Docker and Power8/Linux

18
What about I BM and Dock er ?
A partnership around Docker Hub Enterprise (DHE)
 DHE is designed to enable developers to create multi-container applications that can be connected together to
create new distributed applications. This is not just about supporting the cloud vendors who have flocked to
Docker but to extend Docker into the enterprise market.
 The challenges that DHE is intended to solve is the ability to scale-out applications and services. Developers will be
able to build new applications by connecting services together and then deploying them as a collection of
containers. Because the services are contained within their own containers, they will be easy to scale simply by
creating another instance of the container.
 IBM has announced a strategic partnership with Docker around Docker Hub Enterprise (DHE) to help deliver
enterprise applications both in the cloud and inside customers own data centers. This is not just about the
delivery of applications inside containers but the creation of a new generation of distributed applications built from
services and components each of which sits in their own container. Those containers can then be assembled into
applications and deployed wherever the customer wants them.
 With over 60,000+ Dockerized services currently inside the Docker Hub repository, developers and operations
teams will now be able to select which of these they want to make available to the enterprise through DHE. If the
services that they want are not inside Docker Hub then vendors such as IBM can build their own service
repositories and make those available. Alternatively, developers could take their existing services and build their
own repository in-house.
19
What about I BM and Dock er ?
Bluemix launches IBM Containers Beta based on Docker
As a developer you can now leverage the power of Docker to deploy a container on
Bluemix. The IBM Containers service is super easy to use. No need to deploy and
manage Virtual Machines, set up Docker engine, or manage your own registries.
It is loaded with powerful capabilities:
— Native container hosting, no need to manage the docker infrastructure yourself
— Powerful networking, including support for real IP addresses on containers and private
networking between your containers
— Support for private Docker image registries, allowing you to store and share your images
within your Organization
— Integration with other services in Bluemix, allowing you to bind others services to your
container application with ease
— Standard IBM images for WebSphere Liberty and Node.js runtime environments
— All based on standard Docker runtime and APIs

20
https://developer.ibm.com/bluemix/2014/12/04/ibm-containers-beta-docker/
What about I BM and Dock er ?
Docker & Softlayer
 Docker containers can be deployed natively on Softlayer
both on bare metal servers and/or virtual images.
 DockerHub images are compliant with Softlayer
environment
 DockerHub is hosted on SoftLayer globally
 Source :
http://www.slideshare.net/jerrycuomo/jerry-
cuomo-dockercon14-keynote-borderless-
clouds

21
What about I BM and Dock er ?
Docker will support Power8/Linux
 IBM is participating in the Docker Foundation Board, and it has
approval to submit code into the upstream Docker repositories. Right
now, Docker runs only on x86 platforms and can also work as a
component of IBM Bluemix.
 It is IBM intention to get Docker supported on Power and System z in
upstream Linux editions. We think that Docker will be better on
Power and System z from a security standpoint. In addition, support
for Docker on Power and System z will make it as easy for developers
to port their applications to these platforms as it is to the x86
platform.

22
What could Orange ex pect f rom Dock er ?
Let’s have some tries…
 Create a new path for virtualization with resource optimization and performance in mind…
=> Orange could expect higher density, run more workloads with less resources, optimize software licences through consolidation.
 Accelerate devops adoption by creating a control point (the container) in the devops process independantly of the technology used for developing.
=> Orange could improve interoperability and bring predictibility – accelerate continuous deliver and continuous testing – secure production
deployment & release (patch management,…).
 Build the next generation of distributed applications (SoE) by using DHE and containers assembly.
=> Orange’s developers will be able to build new applications by connecting services together and then deploying them as a collection of containers
both on-prem and off-prem.
 Deploy and scale more easiliy leveraging onpremise and offpremise infrastructure.
=> Orange could expect removing more easliy the boundaries betweens cloud (start on-prem, move to public cloud and come back on prem).
 Stop moving data and instead move the application to the data ? Without container support, this was never going to be simple. With containers,
this now becomes a reality…
=> Orange could expect lots of savings especially for data hosted on IaaS platform (AWS,…)

23
What could Orange ex pect f rom Dock er ?
What opportunities for IBM Team ?
 Leverage Power 8 + Linux Redhat + Docker to fight x86/VMWare on selected workloads.
— Red Hat Enterprise Linux 7 : Public beta contains POWER 7/7+ and POWER8 support. Orange is mostly using Redhat 5/6 in production today
— Need a clear roadmap for Docker support on Power8 to be able to support PoCs
— Example 1 : migrate Digital Factory (F. Couderc) eCare portal workloads (Zend/PHP) leveraging Power8 and Zend/Docker integration
— Example 2 : app servers (JBOSS, Jonas) consolidation on Power8/Docker

 Engage Bluemix initiatives with IBM Containers approach in mind

— It will make it much easier for Orange to use hybrid cloud as they will be able to select internal or external deployment for their containers and move
containers between private and public as the need to scale.
— This could mean develop on-prem and run on Bluemix, or develop on Bluemix and run on-prem (edit code, build code, dockerized code, deploy)
— Example 1 : leverage Bluemix containers for Datavenue / IoT Hackaton
— Example 2 : possible opportunity for Digital Labs (start on Bluemix, deploy on-prem)

24
Sources
 http://blog.nigelpoulton.com/containers-explained/
 http://www.lemondeinformatique.fr/actualites/lire-ibm-integre-docker-a-son-cloud-59509.html
 http://www.lemondeinformatique.fr/actualites/lire-docker-10-change-la-donne-du-marche-de-la-virtualisation-57783.html
 http://www.brightball.com/devops/docker-is-the-heroku-killer
 http://goodcode.io/blog/docker-in-development-environment/
 https://sysadmincasts.com/episodes/31-introduction-to-docker
 https://speakerdeck.com/slok/ship-it-with-docker
 http://www.silicon.fr/open-source-docker-demoder-vm-93411.html
 http://vimeo.com/72964003
 http://www-03.ibm.com/press/us/en/pressrelease/45597.wss
 http://blog.docker.com/2014/12/docker-announces-docker-hub-enterprise/
 https://w3-connections.ibm.com/blogs/erhanekici/entry/Microservices_Architecture_Containers_and_Docker?lang=en_us

25