introduction to docker & coreos - symfony user group cologne

Download Introduction to Docker & CoreOS - Symfony User Group Cologne

Post on 21-Apr-2017




1 download

Embed Size (px)


  • Introduction to Docker & CoreOS

    Dennis Benkert@denderello

  • Simple service orchestration, built for developers.

    Based in Cologne, Germany.Ten terrific folks, and hiring!

  • What is Docker?

  • Docker

    Isolation of processes in linux containers Lightweight and fast Portable

  • Docker Technology

    Utilized LXC until version 0.9 Now uses libcontainer which e.g. supports

    systemd-nspawn, libvirt-lxc, BSD-Jails, etc. Copy-On-Write filesystem (e.g. AUFS or

    BTRFS) Written in Go

  • Copy-On-Write filesystem

  • Dockerfile

    FROM ubuntu:14.04

    RUN apt-get update && \

    apt-get -y install redis-server

    EXPOSE 6379

    ENTRYPOINT ["/usr/bin/redis-server"]

  • $ docker build -t denderello/redis .

    $ docker run -d --name redis -p 6379:6379 \


    $ nc localhost 6379

    Running containers

  • What is CoreOS?

  • CoreOS enables warehouse-scale computing on top of a minimal, modern operating system.A new Linux Distribution to provide features needed to run modern infrastructure stacks.

    Minimal Linux

  • Features

    Automatic Updates Docker Containers Cluster management Service Discovery

  • Linux Basis

    Based on Gentoo systemd btrfs Images for PXE,

    OpenStack, AWS, GCE, Vagrant

  • Immutable System

    Read-only rootfs Writeable overlay on /etc

  • No classic package manager

    ChromeOS inspired update engine Atomic Updates Rollbacks Using Docker to distribute software

  • CoreOS own tools

    Etcd Locksmith Cloud-config Flannel Fleet

  • EtcdA highly-available key value store for shared configuration and service discovery.

  • Etcd

    Basis for> Configuration management> Service Discovery

    REST Interface Raft consensus algorithm

  • Etcd Cluster

  • Discovery API

    $> curl

    $> curl -s | jq ".node.nodes[].value"




  • LocksmithReboot manager for the CoreOS update engine.

  • Locksmith

    Reboot strategies for CoreOS updates Uses etcd for distributed locks Alpha, Beta, Stable channels

  • Cloud ConfigCustomize a CoreOS machine through user-data.

  • Cloud Config

    Initialization of your instances Configure etcd, fleet, locksmith YAML file eg. EC2 user-data, Autoscaler launch-


  • Configure your cluster




    reboot-strategy: etcd-lock

  • Configure your cluster




    reboot-strategy: etcd-lock



  • Configure your cluster




    reboot-strategy: etcd-lock




    - name: denderello

    ssh-authorized-keys: ...

  • FlannelOverlay networks backed by etcd.

  • Cloud overlay network

    One subnet per machine Get rid of docker port mapping Let containers talk to each other via IP


  • Backends

    Encapsulate packets in UDP VXLAN implementation coming

  • FleetSystemd for the cluster

  • Fleet

    CLI and API to start your containers Uses etcd and systemd

  • Fleet deployment

  • Fleet Scheduler

    Relatively simple> By meta data> Same machine/exclusion

    Resolve service dependencies! More to come

    > Resource management (CPU, memory etc.)

  • Unit file


    Description=A Redis Server



    ExecStartPre=/usr/bin/docker pull denderello/redis

    ExecStart=/usr/bin/docker run --rm -p 6379 --name %n denderello/redis

    ExecStop=/usr/bin/docker stop %n

  • Manage a service

    $> fleetctl start redis.service

    $> fleetctl list-units

    $> fleetctl status redis.service

    $> fleetctl journal redis.service

    $> fleetctl stop redis.service

    $> fleetctl destroy redis.service

  • Service Discovery

  • Three-Tier Application

    Load Balancer App Database

  • Sidekick

    Keep configuration out of your app

  • Ambassador

    Reverse proxy for your serviceKeep service discovery out of your app

  • Using CoreOS

  • Thanks for listening!Reach out:Dennis Benkert@denderello@giantswarm