Friday, July 31, 2015

OSCON 2015 Day 1 - Docker Training

I had the opportunity to attend a couple of days of OSCON this year. Basically this was full of Open Source Developers learning about the latest and greatest of Open Source projects. As my wife said. I got to "get my geek on" during the two days I spent at OSCON.
The first day I spent the day in a Kubernetes (K8s) and Docker hands on training from the guys at Mesos and Google. The room was packed and they actually increased the size of the room about an hour and a half into the training to allow more people to come in.

There where four sessions in the training: Container overview, Docker overview and setup, K8s overview, K8s hands on.

Training Environment - Google Cloud

To decease the amount of set up the tutorial started with a running cloud that would be easy to install and deploy Docker and Kubernetes. The obvious choice was Google Cloud. So that is what we did. Everyone downloaded the Google cloud command line tools to their laptop. I was at a disadvantage because I had a windows laptop and most of these guys had Linux or MacOS boxes. But with a couple of tweaks I got everything working fine.  The setup of the tutorial was easy to get going because they had a git hub repo that we just had to clone to our boxes. Everything was in there including the slides for the lecture. Very simple and made the start of the training fast.

Container Session

This was a great overview on how containers work, why docker came about, and why using docker makes life so much easier. Containers use old technology that have been in Unix OSs for about 20 years. They are based primarily on chroot, namespaces and cgroups. There were a couple of BKMs and warnings from the trainers:
  • Containers are not as secure as VMs or bare-metal.
  • Having multiple tenants on the same VM with multiple containers is not advised. It can be done, but not advised.
  • Use Docker images to spin up Containers faster.
  • There are public repositories with images that groups can share.
  • Create your own private repositories for secure images.
  • Do not use Docker images from the public domain unless you know they are secure. Because Docker images can access the root on your os. You have to be careful what you are down loading.

Docker Session

Because they had a git repo with all of the scripts and command line setup for us. The tutorial was easy and it worked right out of the box. I created a docker container that had a little nodejs web app and made sure that I could access it remotely. I used the command line to accomplish all of the google cloud commands. There were a couple of problems with copying files from my laptop to the instance because of the windows laptop and ssh keys, but I worked around that by downloading the files from the github repository. Here are the steps we took in the tutorial:
  1. Create a VM Instance to running my docker container on.
  2. Create a Docker image
  3. Inspect a running Docker container
  4. Find Docker images
  5. Launch pre-defined Docker image
I used the command line for most of the work and it was very easy to set up a VM and get my own docker container working on it.
There where a couple of gotcha's I took note:
  • Much of the docker work needed to be done on the VM and could not be done remote on my Laptop.
  • Windows is not a "first class" citizen with Docker Containers You really need to be running command line tools on Linux.
  • You need to install the google cloud command line tools on the VM as well as your laptop.
  • Store your Docker images in your own repository or make sure you have a global unique name in the google repo. We stepped on each other several times.
  • Make sure you expose the ports on the VM that you want to access any web app from the Docker Container Instance.

Running through the tutorial gave me a better understanding of terminology that is thrown around and confusing at times. The following is the list of terms that we covered and finally made some sense:
  • Image - This is a description of the container to run. Similar to a VM image. Images are built and stored in a registry.
  • Container - This is an instance of a image running on a VM in its own namespace and cgroup.
  • VM Instance - This is a virtual machine running in a cloud, in this example it is a Compute Engine.
  • Docker Daemon - This manages the containers on a specific VM or Bare metal machine. The docker command communicates with the Docker Daemon.

Overall the tutorial took about 30 minutes. I would say about 90% of the people made it through the tutorial without any problems. I got some terminology cleared up and found how easy it was to get containers up and running in Google Compute Engine. The one thing that was very clear was that docker managed containers on one machine and not multiple machines.

Darren


Posted by at
Labels: , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)