Docker Containers and Kubernetes Fundamentals
incomplete
Introduction to Microservices
Microservices Concepts
Microservice Architecture
services are fine-grained and the protocols are lightweight
Monolithic Architecture
built as a single unit
deployed as a single unit
duplicated on each server
Example:
Microservices
segregates functionality into smaller separate services each with a single responsibility
scales out by deploying each service independently
loosely coupled
enable autonomous development by different teams, languages and platforms
it can be written by smaller teams
each microservice can own its own data/database
From Monolith to Microservices
break your application/system into small units
use the Strangler pattern
Microservices Anti Patterns
Microservices != Magic Pixey Dust
The more, the merrier
risk of unnecessary complexity
risk that changes impact numerous services
risk of complex security
Microservices Advantages and Drawbacks
Benefits
improved fault isolation
eliminate vendor or technology lock-in
ease of understanding
smaller and faster deployments
scalability
Drawbacks
complexity is added to resolve complexity issues
is your team trained, ready and has made POCs?
don't start with a complex infrastructure
testing may appear simpler, but is it?
deployment may appear simpler, but is it?
hard to do with multiple teams
one microservice update can impact many microservices
multiple databases?
latency issues
transient errors
multiple point of failures
how about security?
Welcome to Cloud Native!
within a short time, cloud native has become a driving trend in the software industry
it's a new way to think about building complex systems
takes full advantage of modern software development practices, technologies, and cloud infrastructure
widely popular in the open-source communities
Definition:
uses containers, service meshes, microservices, immutable infrastructure and declarative APIs
enable loosely coupled systems
resilient, manageable and observable
robust automation
make high-impact changes frequently
ecosystem of open source, vendor neutral projects
Cloud Native Concepts
Speed and Agility
Users want...
instantaneous responsiveness
up-to-the-minute features
no downtime
Businesses want...
accelerate innovation
rapid releases of features to meet disruption from competitors
increase confidence-stability/performance
Application Architecture
Mentality: Pets vs Cattle
infrastructure becomes immutable and disposable
provisioned in minutes and destroyed on demand
never updated or repaired but re-provisioned
CNCF Trail Map
breaks the journey into measurable objectives
set key performance indicators
measurable values
Introduction to Containers
Container Concepts
What is a container?
A unit of software/deployment
Why use containers?
move faster by deploying smaller units
user fewer resources
fit more on a server
faster automation
portability
isolation
What is virtualized?
VM vs Containers
Virtual Machine | Container |
|---|---|
large footprint | light weight |
slow to boot | quick to start (it does not have to boot) |
ideal for long running tasks | portable |
ideal for short lived tasks |
Density
Containers are made of layers
Container Registry
centralized container repository
Orchestrator
manage
infrastructure
containers
deployment
scaling
failover
health monitoring
apps upgrade, zero-downtime deployments
install your own
Kubernetes, Swarm, Service Fabric
orchestrators as a service
Azure Kubernetes Service, Service Fabric
What is Docker?
an open source container runtime
Mac, Windows & Linux support
command line tool
"Dockerfile" file format for building container images
Windows lets you run Windows and Linux containers
Basic Commands
Command | |
|---|---|
| Display system information |
| Display the system's version |
| Log in to a Docker Registry |
Running Containers
Command | |
|---|---|
| Pull an image from registry |
| Run containers |
| Detached mode |
| Start stopped containers |
| List running containers |
| List all containers (running and stopped) |
| Stop containers |
| Kill containers |
| Get image info |
[imageName]is the name of the image that is in the container registry[containerName]is the name of the running container
Setting limits
Command | |
|---|---|
| max memory |
| max cpu |
Attach a shell
Command | |
|---|---|
| attach shell |
| attach powershell |
| attach to a running container |
| alternate run a bash shell on a running container |
Cleaning up
Command | |
|---|---|
| removes stopped container |
| removes all stopped containers |
| list images |
| deletes the image |
| removes all images not in use by any containers |
Building Containers
Command | |
|---|---|
| builds an image using a Dockerfile located in the same folder |
| builds an image using a Dockerfile in a different folder |
| tag an existing image |
Dockerfile—static HTML site
FROMline specifies the base imageCOPYcopies everything from the current folder (.) to a specified folder inside the container (/usr/share/nginx/html)
Dockerfile - node site
Docker CLI - Tagging
docker tag => Create a target image
name:tag
myimage:v1
repository/name:tag
myacr.azurecr.io/myimage:v1
Docker Containers and Kubernetes Fundamentals
Persisting Data
Containers are Ephemeris and Stateless
short-lived
you usually don't store data in containers
non-persistent data
locally on a writable layer
it's the default, just write to the filesystem
when containers are destroyed, so is the data inside them
Persist data
stored outside the container in a volume
a volume is mapped to a logical folder
Volumes
maps a folder on the host to a logical folder in the container
Docker Volumes Concepts
Command | |
|---|---|
| created a new volume |
| list the volumes |
| display volume infor |
| deletes a volume |
| deletes all volumes not mounted |
Mapping a Volume
-v mvol:/appmapping the volume to a logical folder
Mapping to a local folder
d:/testspecifies the local folder
Docker Compose
Understanding the YAML File Structure
"YAML" -> YAML Ain't Markup Language
a human-friendly data serialization language for all programming languages
used by Docker-Compose and Kubernetes
Docker Compose Concepts
Multi Containers App
define and run multi-containers applications
define using a single YAML file
run using the docker CLI with the Compose plugin
Docker Compose
Compose specs
Compose V2
GA at DockerCon Live 2022
Incorporates the docker compose command into the Docker CLI
You type docker compose instead of docker-compose
drop in replacement for Docker Compose V1
docker compose v2 commands maps directly to docker compose v1
install the Docker Desktop
Linux: apt-get install docker compose-plugin
written in Go
Docker Compose V1 written in Python
Use Cases
workloads that don't require a full orchestrator (such as Kubernetes)
development and tests
use of a service that can run docker compose files
Azure App Service
AWS ECS
virtual machines
Using Docker Compose
Docker Compose Commands
Command | |
|---|---|
| build the images |
| start the containers |
| stop the containers |
| build & start |
| list what's running |
| remove from memory |
| stop and remove |
| get the logs |
| run a command in the container |
Projects
Docker Compose V2 - New Commands
Command | |
|---|---|
| run an instance as a project |
| shortcut |
| list running projects |
| copy files from the container |
| copy files to the container |
Docker Compose Features
Resource Limits
In the above example, limits are what the container can use up to. Reservations are the initial allocation of resources.
Environment Variables
Inject an environment variable that will be in the running instance
These must be set for each service.
Can be overridden at the CLI
or in a .env file located in the same directory as the compose file.
POSTGRES_VERSION=14.3
Networking
By default, all containers specified in a Compose file will be able to see each other using their service name.
single container networking
multi-container networking
Dependence
Since the app depends on db, compose will start up db service first and then start app
Volumes-named
when mapping, you can also append
:roor:rwat the end of the virtual path where the volume is mapped
Volumes
declared at the service level
Restart Policy
no
this is the default restart policy
does not restart a container under any circumstances
always
always restarts the container until its removal
on-failure
restarts a container if the exit code indicates an error
unless-stopped
restarts a container irrespective of the exit code but will stop restarting when the service is stopped or removed
Container Registries
Container Registries Concepts
What are container registries?
central repository for container images
private or public
Docker Hub
hub.docker.com
Microsoft
Azure Container Registry
Microsoft Container Registry (public images)
mcr.microsoft.com
AWS Elastic Container Registry
Google Container Registry
Push/Pull Images from Docker Hub
Kubernetes Concepts
Kubernetes Concepts
aka K8s (pronounced kates)
originate from Google
v1.0 released in July 2015
3rd generation container scheduler from Google
previous Google internal projects: Borg and Omega
donated to the Cloud Native Computing Foundation (CNCF)
What is Kubernetes?
K8s is the leading container orchestration tool
designed as a loosely coupled collection of components centered around deploying, maintaining and scaling workloads
vendor neutral
runs on all cloud providers
backed by a huge community
What can K8s do?
service discovery and load balancing
storage orchestration
locally or cloud-based
automated rollouts and rollbacks
self-healing
secret and configuration management
use the same API across on-premise and every cloud provider
What K8s can't do?
does not deploy source code
does not build your application
does not provide application-level services
message buses, databases, caches, etc.
K8s Architecture
How to Run Kubernetes Locally
Local K8s
requires virtualization
Docker Desktop
MicroK8s
Minikube
runs over Docker Desktop
Kind
Limited to 1 node
Docker Desktop
multiple nodes
MicroK8s
Kind
Minikube
Local K8s—Windows
Docker Desktop is currently the only way to run both Linux and Windows containers
Docker Desktop can run on Hyper-V or WSL 2 (Windows 10 2004)
If Hyper-V is enabled, you can't run another hypervisor at the same time
You can install Minikube on Hyper-V of VirtualBox
Docker Desktop - macOS
run in a LinuxKit VM using the HyperKit lightweight hypervisor
Minikube
does not require Docker Desktop
installs on Linux, macOS, and Windows
a hypervisor like VirtualBox is required
Minikube on macOS
install Minikube using Homebrew
Minikube Hyper-V Installation
in a Window terminal or Powershell prompt as admin
install the Chocolately package manager
Run: choco install minikube
create a network switch
New-VM-Switch-Name " MinikubeNAT" -AllowManagement$True-NetAdapterName"<adapter_name>"
start Minikube
minikube start --vm-driver hyper --hyper-virtual-switch "MinikubeNAT"
switch context
kubectl config use-context minikube
Kind
Kubernetes in Docker
runs on macOS, Linux and Windows
only requires Docker installed
no need for another VM installation
install the nodes as containers
Windows installation via Chocolately
choco install kind
MacOS install via Homebrew
brew install kind
multi nodes
High-Availability Control Plane
define in YAML
Kubernetes API
CLI
kubectl
pronounced (pick your choice)
kube control
kube kuttle
kube c-t-l
communicates with the api server
configuration stored locally
$/.kube/config
C:\Users{USER}.kube\config