Learn docker fundamentals of docker 18xEverything you need to know about containerizing your applications and running them in production

What You Will Learn Containerize your traditional or microservicebased application Share or ship your application as an immutable container image Build a Docker swarm and a Kubernetes cluster in the cloud Run a highly distributed application using Docker Swarm or Kubernetes Update or rollback a distributed application with zero downtime Secure your applications via encapsulation, networks, and secrets Know your options when deploying your containerized app into the cloud

BIRMINGHAM - MUMBAI

Mapt is an online digital library that gives you full access to over 5,000 booksand videos, as well as industry leading tools to help you plan your personaldevelopment and advance your career For more information, please visit ourwebsite.

Spend less time learning and more time coding with practical eBooks andVideos from over 4,000 industry professionals

Improve your learning with Skill Plans built especially for youGet a free eBook or video every month

Mapt is fully searchableCopy and paste, print, and bookmark content

Did you know that Packt offers eBook versions of every book published, withPDF and ePub files available? You can upgrade to the eBook version at www.PacktP ub.com and as a print book customer, you are entitled to a discount on the eBookcopy Get in touch with us at service@packtpub.com for more details

At www.PacktPub.com, you can also read a collection of free technical articles, sign

up for a range of free newsletters, and receive exclusive discounts and offers onPackt books and eBooks

Contributors

Gabriel N Schenker has more than 25 years of experience as an independent

consultant, architect, leader, trainer, mentor, and developer Currently, Gabrielworks as Senior Curriculum Developer at Confluent after coming from a similarposition at Docker Gabriel has a Ph.D in Physics, and he is a Docker Captain, aCertified Docker Associate, and an ASP Insider When not working, Gabrielenjoys time with his wonderful wife Veronicah and his children

you

If you're interested in becoming an author for Packt, please visit authors.packtpub.c

om and apply today We have worked with thousands of developers and techprofessionals, just like you, to help them share their insight with the global techcommunity You can make a general application, apply for a specific hot topicthat we are recruiting an author for, or submit your own idea

Table of Contents

Learn Docker – Fundamentals of Docker 18.x Packt Upsell

Docker products

Docker CE Docker EE The container ecosystem

Container architecture

Summary

Questions

Further reading

Technical requirements The Linux command shell PowerShell for Windows Using a package manager Installing Homebrew on a Mac Installing Chocolatey on Windows Choosing a code editor

Docker Toolbox Docker for Mac and Docker for Windows Installing Docker for Mac Installing Docker for Windows Using docker-machine on Windows with Hyper-V Minikube

Installing Minikube on  Mac and Windows Testing Minikube and kubectl

Summary Questions Further reading

Stopping and starting containers Removing containers

Architecture Namespaces Control groups (cgroups) Union filesystem (UnionFS) Container plumbing

Runc Containerd Summary

Questions

Further reading

The layered filesystem The writable container layer Copy-on-write

Graph drivers Creating images Interactive image creation Using Dockerfiles

The FROM keyword The RUN keyword The COPY and ADD keywords The WORKDIR keyword The CMD and ENTRYPOINT keywords

A complex Dockerfile Building an image Multistep builds Dockerfile best practices Saving and loading images Sharing or shipping images Tagging an image Image namespaces Official images Pushing images to a registry Summary

Questions Further reading

5 Data Volumes and System Management

Technical requirements

Creating and mounting data volumes Modifying the container layer Creating volumes

Mounting a volume Removing volumes Sharing data between containers Using host volumes

Defining volumes in images

Obtaining Docker system information Listing resource consumption

Pruning unused resources

Pruning containers Pruning images Pruning volumes Pruning networks Pruning everything Consuming Docker system events Summary

Questions

Further reading

Defining the terminology Patterns and best practices Loosely coupled components Stateful versus stateless Service discovery

Routing Load balancing Defensive programming Retries

Logging Error handling Redundancy

Health checks Circuit breaker pattern Running in production

Logging Tracing Monitoring Application updates Rolling updates Blue-green deployments Canary releases

Irreversible data changes Rollback

Summary Questions Further reading

Questions

Further reading

Technical requirements Demystifying declarative versus imperative Running a multi-service app

Scaling a service Building and pushing an application Summary

Questions Further reading

9 Orchestrators

What are orchestrators and why do we need them?

The tasks of an orchestrator

Reconciling the desired state Replicated and global services Service discovery

Routing Load balancing Scaling

Self-healing Zero downtime deployments Affinity and location awareness Security

Secure communication and cryptographic node identity Secure networks and network policies

Role-based access control (RBAC) Secrets

Content trust Reverse uptime Introspection

Overview of popular orchestrators

Kubernetes Docker Swarm Apache Mesos and Marathon Amazon ECS

Microsoft ACS 

Summary

Questions

Further reading

Architecture Swarm nodes Swarm managers Swarm workers  

Stacks, services, and tasks Services

Task Stack Multi-host networking Creating a Docker Swarm Creating a local single node swarm Creating a local swarm in VirtualBox or Hyper-V Using Play with Docker (PWD) to generate a Swarm Creating a Docker Swarm in the cloud

Deploying a first application Creating a service Inspecting the service and its tasks Logs of a service

Reconciling the desired state Deleting a service or a stack Deploying a multi-service stack The swarm routing mesh

Summary Questions Further reading

11 Zero Downtime Deployments and Secrets

Technical requirements

Zero downtime deployment

Popular deployment strategies Rolling updates

Health checks Rollback Blue–green deployments Canary releases

Secrets

Creating secrets Using a secret Simulating secrets in a development environment Secrets and legacy applications

Updating secrets Summary

Questions

Further reading

Technical requirements Architecture

Kubernetes master nodes Cluster nodes

Introduction to Minikube Kubernetes support in Docker for Desktop Pods

Comparing Docker container and Kubernetes pod networking Sharing the network namespace

Pod life cycle Pod specification Pods and volumes Kubernetes ReplicaSet ReplicaSet specification Self-healing

Kubernetes deployment Kubernetes service Context-based routing Comparing SwarmKit with Kubernetes Summary

Questions Further reading

13 Deploying, Updating, and Securing an Application with Kubernetes

Technical requirements

Deploying a first application

Deploying the web component Deploying the database Streamlining the deployment Zero downtime deployments

Rolling updates Blue–green deployment Kubernetes secrets

Manually defining secrets Creating secrets with kubectl Using secrets in a pod

Secret values in environment variables Summary

Questions

Further reading

Technical requirements Deploying our application into AWS ECS Introduction to ECS

Creating a Fargate ECS cluster of AWS Authoring a task definition

Running a task in ECS Modifying the task definition Adding the database component to the application Deploying and using Docker EE on AWS

Provisioning the infrastructure Installing Docker

Installing Docker UCP Remote admin the UCP cluster Deploying to Docker Swarm Deploying to Kubernetes

A short peek into Azure’s container offerings

A short peek into Google’s container offerings Summary

Questions Further reading Assessment

Chapter 1 Chapter 2 Chapter 3 Chapter 4 Chapter 5 Chapter 6 Chapter 7 Chapter 8 Chapter 9 Chapter 10 Chapter 11 Chapter 12 Chapter 13 Chapter 14 Other Books You May Enjoy Leave a review - let other readers know what you think

Docker containers have revolutionized the software supply chain in small andbig enterprises Never before has a new technology so rapidly penetrated the top

500 enterprises worldwide Companies that embrace containers and containerizetheir traditional mission-critical applications have reported savings of at least50% in total maintenance costs and a reduction of 90% (or more) in deployingnew versions of those applications Furthermore, they are benefiting from

increased security by using containers rather than running applications outsidecontainers

This book starts from scratch, introducing you to Docker fundamentals and

setting up an environment to work with it Then, we delve into concepts such asDocker containers, Docker images, and Docker Compose We will also cover theconcepts of deployment, orchestration, networking, and security Furthermore,

we explain Docker functionalities on public clouds, such as AWS

By the end of this book, you will have hands-on experience working with

Docker containers and orchestrators, such as SwarmKit and Kubernetes

Chapter 1, What Are Containers and Why Should I Use Them?, focuses on the

software supply chain and the friction within it It then presents containers as ameans to reduce this friction and add enterprise-grade security on top of it Inthis chapter, we also look into how containers and the ecosystem around themare assembled We specifically point out the distinction between the upstreamOSS components (Moby) that form the building blocks of the downstream

products of Docker and other vendors

Chapter 2, Setting up a Working Environment, discusses in detail how to set up an

ideal environment for developers, DevOps engineers, and operators that can beused when working with Docker containers

Chapter 3, Working with Containers, teaches how start, stop, and remove

containers The chapter also teaches how to inspect containers to retrieve

additional metadata Furthermore, it introduces how to run additional processesand how to attach to the main process in an already running container It alsoshows how to retrieve logging information from a container that is produced bythe processes running inside it

Chapter 4, Creating and Managing Container Images, introduces the different

ways to create container images, which serve as templates for containers Itintroduces the inner structure of an image and how it is built

Chapter 5, Data Volumes and System Management, introduces data volumes that

can be used by stateful components running in containers The chapter alsointroduces system-level commands that are used to gather information aboutDocker and the underlying OS, as well as commands to clean the system fromorphaned resources Finally, it introduces the system events generated by theDocker engine

Chapter 6, Distributed Application Architecture, introduces the concept of a

distributed application architecture and discusses the various patterns and bestpractices that are required to run a distributed application successfully Finally, itdiscusses the additional requirements that need to be fulfilled to run such an

Kubernetes, teaches how to deploy, update, and scale applications into a

Kubernetes cluster It also explains how zero-downtime deployments areachieved to enable disruption free updates and rollbacks of mission-criticalapplications This chapter also introduces Kubernetes secrets as a means toconfigure services and protect sensitive data

Chapter 14, Running a Containerized App in the Cloud, gives an overview over

some of the most popular ways of running containerized applications in thecloud We have a closer look to what the most popular cloud vendor, AWS,offers in this regard We include self-hosting and hosted solutions and discusstheir pros and cons Offerings of other vendors, such as Microsoft Azure andGoogle Cloud Engine, are also briefly discussed

You can download the example code files for this book from your account at www packtpub.com If you purchased this book elsewhere, you can visit www.packtpub.com/su pport and register to have the files emailed directly to you

existing GitHub repository

We also have other code bundles from our rich catalog of books and videos

available at https://github.com/PacktPublishing/ Check them out!

We also provide a PDF file that has color images of the screenshots/diagrams

used in this book You can download it from https://www.packtpub.com/sites/default/f

iles/downloads/LearnDockerFundamentalsofDocker18x_ColorImages.pdf

There are a number of text conventions used throughout this book

CodeInText: Indicates code words in text, database table names, folder names,filenames, file extensions, pathnames, dummy URLs, user input, and Twitterhandles Here is an example: "The content of each layer is mapped to a specialfolder on the host system, which is usually a subfolder of /var/lib/docker/."

Please leave a review Once you have read and used this book, why not leave areview on the site that you purchased it from? Potential readers can then see anduse your unbiased opinion to make purchase decisions, we at Packt can

understand what you think about our products, and our authors can see yourfeedback on their book Thank you!

For more information about Packt, please visit packtpub.com

Justify to an interested layman why containers are so important, using ananalogy such as physical containers versus traditional shipping, or

apartment homes versus single family homes, and so onName at least four upstream open source components that are used by theDocker products, such as Docker for Mac/Windows

Identify at least three Docker products

This chapter is a theoretical introduction into the topic Therefore, there are no

special technical requirements for this chapter

A software container is a pretty abstract thing and thus it might help if we startwith an analogy that should be pretty familiar to most of the readers The

analogy is a shipping container in the transportation industry Throughout

history, people have been transporting goods from one location to another byvarious means Before the invention of the wheel, goods would most probablyhave been transported in bags, baskets, or chests on the shoulders of the humansthemselves, or they might have used animals such as donkeys, camels, or

elephants to transport them

With the invention of the wheel, transportation became a bit more efficient ashumans would built roads on which they could move their carts along Manymore goods could be transported at a time When we then introduced the firststeam-driven machines, and later gasoline driven engines, transportation becameeven more powerful We now transport huge amounts of goods in trains, ships,and trucks At the same time, the type of goods became more and more diverse,and sometimes complex to handle

In all these thousands of years, one thing did not change though, and that was thenecessity to unload the goods at the target location and maybe load them ontoanother means of transportation Take, for example, a farmer bringing a cart full

of apples to a central train station where the apples are then loaded onto a train,together with all the apples from many other farmers Or think of a winemakerbringing his barrels of wine with a truck to the port where they are unloaded, andthen transferred to a ship that will transport the barrels overseas

This unloading from one means of transportation and loading onto another

means of transportation was a really complex and tedious process Every type ofgood was packaged in its own way and thus had to be handled in its own way Also, loose goods risked being stolen by unethical workers, or goods could bedamaged in the process

Then, there came the container, and it totally revolutionized the transportationindustry The container is just a metallic box with standardized dimensions The