microservices and docker
TRANSCRIPT
State of the Art in Microservices
Microservices architecture and docker
Alexander IvanichevNovember 2015
AGENDA
• Evolution of Software Architecture• Docker concepts• Creating docker hosts with docker-machine• Running docker• Running an Application Server in Docker• Image vs. Container• Changing container behaviour• 3 ways to deploy an application• How to link multiple containers• Introduction to microservices
EVOLUTION OF SOFTWARE ARCHITECTURE
Methodology
Process
Patterns
Platform
Waterfall Agile Lean Engineering
Continuous Delivery
Microservice Architecture
Cloud
Scrum
3-Tier Layered
Windows / Linux
Gated
2-Tier Monolithic
Windows
Device Any DeviceBrowserDesktop
MARKET EVOLUTION
Thick, client – server appOn thick client
1995
Well-defined stack:• O/S• Runtime• Middleware
MonolithicPhysicalInfrastructure
2015Thick, app on
any device
Assembled bydevelopers using best available services
Running on any available set of
physical resources
Microservices
WHAT IS A SERVICE?
The service is peace of software which provides functionality to other peace's of software.Service provides functionality to application for example:Service that provides CRUD orders from database , communicated over network.
DBService
Website
Mobile app
Desktop app
APP
WHAT IS MICROSERVICE ?
An architecture of designing a software in a set of independent services loosely coupled via
lightweight communication.
Recommendation Service
(MongoDB)
Rating Service(Neo4j)
Analysis Service (Spark)
Movie Service (MySQL)
User Service(MySQL)
DiscoveryService
• Application that is spilt into small pieces(suite of small services)• Each service built around business capabilities (1 piece = 1 responsibility) and
independently deployable• Each service running in its own process• loosely coupled : Inter-process communication mechanism, e.g. HTTP, Message
Queue• Bare minimum centralized management service• Each service can be in different programming language and use different data
storage technologies
Microservice formal
definition: Loosely coupled
service orientedarchitecture with bounded
contexts
If every service has to be updated at the same time it’s not
loosely coupled
Microservice
formal definitio
n
Loosely coupled service oriented architecture with bounded
contexts
If every service has to be updated at the same time it’s not loosely
coupled
A Microser
vice formal
definition
Loosely coupled service oriented architecture with bounded
contextsIf you have to know too much about surrounding services you don’t have a bounded context. See the Domain Driven Design book by Eric Evans.
WE HAVE SOA , WHY DOING A MICROSERVICES
SOA problems:• How to size a service - traditional resulted in monolithic services• Service failure – takes all application offline• Scale specific part of a service
Why Microservices:• Efficiently scalable applications• Flexible applications• High performance applications
SOA VS MICROSERVICES Microservices are the kind of SOA we have been talking about for the
last decade. Microservices must be independently deployable, whereas SOA services are often implemented in deployment monoliths. Classic SOA is more platform driven, so microservices offer more choices
in all dimensions.
SOA is an architectural pattern in which application components provide services to other components. However, in SOA those
components can belong to the same application. On the other hand, in microservices these components are suites of independently deployable
services.
SOA THE MONOLITHIC
Accounts
Products
Inventory
Promotions
Internet
Shopping website
Orders
Internal Support website
Data AccessService DB
Customer
• No restriction on size• Longer development
times• Inaccessible features• High levels of coupling• Scaling requires
duplication of the whole• Minor change could result
in complete rebuild
MICROSERVICES SYSTEM EXAMPLE
Accounts Service
Products Service
Inventory Service
Promotions Service
Account Orders
BasketOffers
API G
atew
ayInternet
Client
Shoppingwebsite
Orders Service
Internal Support website
WHY MICROSERVICES• Need to respond to change quickly • Need for reliability• Business domain-driven design• Automated test tools• Release and deployment tools• On-demand hosting technology• On-line cloud services• Need to embrace new technology• Asynchronous communication technology• Simpler server side and client side technology
• Shorter development times• Reliable and faster deployment• Enables frequent updates• Decouple the changeable parts• Security• Increased uptime• Fast issue resolution• Highly scalable and better
performance• Better ownership and knowledge• Right technology• Enables distributed teams
MICROSERVICES DESIGN PRINCIPLES
High CohesionSingle thing done well
Single focus
Approach:Keeps splitting service until it only has
one reason to change
AutonomousIndependently changeableIndependently deployable
Approach:Loosely coupled system, versioning strategy,
microservice ownership by team
Business Domain CentricRepresent business function or represent a business domain
Approach:Business domain specific
Subgroup into functions and areas
ResilienceEmbrace Failure
Default or degrade functionality
Approach:Design for known failuresFail fast and recover fast
ObservableSee system health
Centralized logging and monitoring
Approach:Tools for real-time centralized
monitoring and centralized logging
AutomationTools for testing and feedback
Tools for deployment
Approach:Continuous integration tools Continuous deployment tools
MICROSERVICES COMMUNICATION
Synchronous vs Asynchronous
SYNCHRONOUS COMMUNICATION
Remote procedure call (RPC)• Sensitive to changeHTTP• Work across the internet• Firewall friendlyREST• CRUD using HTTP verbs• Natural decoupling• Open communication protocol• REST with HATEOS
Service One Service Two
http://Service/Account/23
HTTP Verbs:
POST PUTGET
DELETEJSON/XML
1. Make call2. Wait…3. Response
received
Synchronous issues• Both parties have to be available• Performance subject to network quality• Clients must know location of service (host\
port)
ASYNCHRONOUS COMMUNICATION
Event based• Mitigates the need of client and service
availability• Decouples client and serviceMessage queueing protocol• Message Brokers• Subscriber and publisher are decoupled• Microsoft message queuing (MSMQ)• RabbitMQ• ATOM (HTTP to propagate events)Asynchronous challenge• Complicated• Reliance on message broker• Visibility of the transaction• Managing the messaging queueReal world systems• Would use both synchronous and
asynchronous
Accounts Service
Products Service
Inventory Service
PromotionsService
APIGatewa
y
Internet
Client
Shopping website
Orders ServiceInternal
Support website
Message Broker
API GATEWAY
• Request routing • Bundling multiple calls (Composition)• Protocol translation• Authentication • Caching • Versioning• Monitoring• Load balancing
API Gateway is a server that is the single entry point into the system. The API Gateway encapsulates the internal system
architecture and provides an API that is tailored to each client.
.NET STACK TOOLS FOR MICROSERVICES
CI/ CDTeamCityDocker
TestingxUnit.net
NUnitMoq
FsCheck
Communication
RESTProtocol Buffers
RabbitMQParticular
MassTransit
PersistenceMongoDBRavenDBMySQL
CassandraRedis*
Memcached*
Logging and monitoringSerilog
SeqStatsD
GraphiteGrafana
Cabot - monitor and alert
Technology freedom, use the best tools available.
Demo
Docker
WHAT IS DOCKER?
“ DOCKER IS AN OPEN PLATFORM FOR BUILDING, SHIPPING AND RUNNING DISTRIBUTED APPLICATIONS.
docker.io
Docker engine Docker Hub
APPLICATION DEPLOYMENT HISTORY
MY APP
+A REAL SERVER
=But wait just a moment !Shouldn't it be all about applications?
Best practice is:Server application
1 : 1
WHAT IF WE WANT RUN MULTIPLE APPS?
[1] [2] [3] [4]
…………...…….…..
[10]
[+] [+] [+] [+]
100%
50%15%
10GB disk space4GB RAM5% CPU
100GB disk space40GB RAM50% CPU
x 10 =
DOCKER VS VMApp A
Bins/Libs
Guest OS
App ABins/Libs
Guest OS
HypervisorHost OS
Server Infrastructure
Virtual Machine• REUSABLE IMAGES
• SNAPSHOTS• SIMPLIFY CLUSTERS
CREATION
Problems?
YES!!"TOO HEAVY"
App ABins/Libs
App ABins/Libs
Docker EngineHost OS
Server Infrastructure
Docker
WHAT IS A CONTAINER?
Host OSServer Infrastructure
Physical Machine
APP
User Space
APP
User Space
APP
User Space
/
dev var proc
sda sda1 lib
/
dev etc lib
sda sda1 systemd
proc
udev
/
dev etc lib
sda sda1 systemd
proc
udev
Container 1(mnt namespace
1)
Container 2(mnt
namespace2)
Docker Engine
Containers
Container ~ VM but lightweight
HOW CONTAINERS WORK?
Physical or Virtual Server
Docker Engine
libcontainer LXC
Host OSNamespace
s cgroups Capabilities
Linux Kernel
LXC = "LINUX CONTAINERS"OS-LEVEL VIRTUALIZATION FOR RUNNING MULTIPLE ISOLATED LINUX SYSTEMSCGROUPS = "CONTROL GROUPS"LINUX KERNEL FEATURE THAT LIMITS AND ISOLATES THE RESOURCE USAGE (CPU, DISK I/O, NETWORK, ETC.)
AUFS= "ADV. MULTI LAYERED UNIFICATION FS"FILESYSTEM WHICH IS BASED ON IMAGES WHERE EVERY MODIFICATION IS A DIFF FROM THE PREVIOUS ONE (LIKE COMMITS IN GIT)
HOW TO INSTALL ?
Linux:$ wget -qO- https://get.docker.com/ | sh
Mac OSX: https://github.com/docker/toolbox/releases/download/v1.9.1c/DockerToolbox-1.9.1c.pkgWindows: https://github.com/docker/toolbox/releases/download/v1.9.1c/DockerToolbox-1.9.1c.exe
http://docs.docker.com/engine/installation/
To use docker it's necessary a linux machine.But.. for Windows and Mac OS X there are some tools to run docker in these OS with a Virtual Machine”.
DOCKER HUB“The Docker Hub is a cloud-based registry service
for building and shipping application or service containers”
5.6MPulls per Day
240KRepositories
onDocker Hub
65Pulls per Second
https://hub.docker.com/
DOCKER ARCHITECTURE
Docker clientdocker searchdocker run docker start docker pull
Local / Remote Docker daemon
Container 1
Container 2
Host OS
…
DOCKER CLIENT• binds to daemon via unix socket• can access if user is in docker
groupcan• bind to TCP or other UNIX socketDOCKER DAEMON• runs as root user• creates UNIX socket for client
Demo time! #1Docker hello world
Docker
Client
docker run hello-world
Docker Host
docker run <image x>
Image 1 Image 2 Image 3
Docker Hub
Container 1
Container 2
Image 1 Image 2 Image 3
DOCKER DEMO OVERVIEW
Daemon
DOCKER BASICS
To show all docker commands just run docker binarydocker
Get command helpdocker pull --help
Usage: docker pull [OPTIONS] NAME[:TAG|@DIGEST]
Pull an image or a repository from a registry -a, --all-tags=false Download all tagged images in the repository --disable-content-trust=true Skip image verification --help=false Print usage
DOCKER BASICSTo show installed docker version
docker -v
Download a docker Ubuntu imagedocker pull ubuntu
Interact with a containerdocker run -it ubuntu bash
Show containersdocker ps
Show container run historydocker ps -a
HOW DOES IT WORK?
Image RegistryContainer
Build DistributeDeploy
DOCKER IMAGESDocker images are the basis of containers.Previously we’ve used Docker images that already exist, for example the ubuntu image.
• Immutable templates • Used to create containers• Used to create other images• Images built in layers• Uses union filesystems to glue layers together• Layer are cached when build• Can be uploaded to registry
docker images # To view all images available docker run --rm -ti somecontainer bash
Basic images commands:
• Built from instructions in Dockerfile• Built FROM base image• Each instruction in Dockerfile creates new layer
DOCKER LAYERS
• AUFS - AnotherUnionFS/advanced multi layered unification filesystem
• Each layer has its own hash • Layer can be tagged• Layers are shared
docker images --tree
2 WAYS TO CREATE DOCKER IMAGES
1.COMMIT WAYdocker commit -m "<menssage>" <image name>docker history <image name>
2.DOCKERFILE WAYdocker build -t <tag> <dockerfile path>
DOCKERFILE REFERENCEFROMMAINTAINERWORKDIRENVRUNCOPYADDEXPOSEVOLUMEUSERCMD
Dockerfile example:
And then we can build itdocker build -t somecontainer somecontainer/
FROM ubuntu RUN apt-get update && apt-get install -y \ python \ telnet ENTRYPOINT ["/bin/bash"]
IMAGES COMMANDS// Build new image based on Dockerfile > docker build -t neueda/myimage:tag ./path/to/Dockerfile
// List containers (-a to print also intermediate layers)> docker images
// Create container based on ubuntu image, create pseudo-TTY, run command in interactive mode > docker run -t -i ubuntu:14.04 rm -rf /etc
// Create new image based on mutations made by container > docker commit -m "Removed /etc directory" -a "Nikolajs Arhipovs" $CONTAINER neueda/ubuntu
// Add tag to untagged image > docker tag 5db5f8471261 neueda/ubuntu:broken
// Push to repository (Docker Hub) > docker push neueda/ubuntu:broken
// Remove image with all intermediate layers on host > docker rmi neueda/ubuntu:broken
Example commands
Demo time! #2Building custom docker image
DOCKER CONTAINER
• Built on top of image• Adds RW layer using union fs
Launch
(build-time) (runtime)
Image Container
511136ea3c5a (rootfs)
6170bb7b0ad1
9cd978db300e
87026dcb0044
core
os/
apac
he
Metadata
Image layering3) 87026dcb00442) 9cd978db300e1) 6170bb7b0ad10) 511136ea3c5a
etc…..
Docker ImageOne per container
Can be shared by many containers
Thin writable layer
CONTAINERS COMMANDSExample commands
// List containers (-a to print also stopped containers)> docker ps
// Show stdout of a container (works as `cat`) > docker logs $CONTAINER_ID
// Attaches to currently running container (like `tail -f`), same as `docker logs -f` > docker attach $CONTAINER_ID
// Stop running containers > docker stop $CONTAINER_ID1 $CONTAINER_ID2
// Start stopped containers > docker start $CONTAINER_ID
// Show running processes > docker top $CONTAINER_ID
// Show all docker-related meta info like net interfaces, port forwarding, volumes > docker inspect $CONTAINER_ID
DOCKER REGISTRY
• Images can be pushed to registry
• Images can pulled from it• Images can be built on FROM
other images pulled from repository
~ $ docker push -h Usage: docker push NAME[:TAG] Push an image or a repository to the registry --disable-content-trust=true Skip image signing
~ $ docker push alexiv/hello The push refers to a repository [alexiv/hello] (len: 1) b88f9422f14d: Image push failed Please login prior to push: Username: alexiv Password: Email: [email protected] WARNING: login credentials saved in /Users/alex/.dockercfg. Login Succeeded The push refers to a repository [alexiv/hello] (len: 1) b88f9422f14d: Image already exists 91e54dfb1179: Image successfully pushed d74508fb6632: Image successfully pushed c22013c84729: Image successfully pushed d3a1f33e8a5a: Image successfully pushed Digest: sha256:d659f9011eab6d04b3d9fd9f6324e23505bd1299c52d295c4b04ebe3e58878ce ~ $
Publish image to registry:
Demo time! #3Publishing custom
image to HUB
DOCKER VOLUME A data volume is a specially-
designated directory within one or more containers that bypasses the
Union File System.~ $ ls /Users/baptou/myDirectory file1 file2 file3 ~ $ docker run -it -v /Users/baptou/myDirectory:/opt ubuntu:latest /bin/bash root@29088b02f260:/# ls /opt file1 file2 file3 root@29088b02f260:/# rm /opt/file2 root@29088b02f260:/# ls /opt file1 file3 root@29088b02f260:/# exit exit ~ $ ls /Users/baptou/myDirectory file1 file3 ~ $
DOCKER KITEMATICRun containers through a simple, yet powerful
graphical user interface.
DOCKER FOR WINDOWS / .NET STACK
• Visual Studio 2015 Tools for Docker• Docker Toolbox• Windows server 2016
DOCKER NEXT STEPS
Tutum Build, deploy, and
manage your apps across any
cloud
Docker Universal Control
On-premises management solution for Docker apps - regardless of where they
run
Docker SwarmDocker Swarm is native clustering
for Docker.
KubernetesManage a cluster
of Linux containers as a single system
THANK YOU!