Learn Docker - Fundamentals of Docker 18.x

Book Image

Learn Docker - Fundamentals of Docker 18.x

By : Dr. Gabriel N. Schenker

Book Image

Learn Docker - Fundamentals of Docker 18.x

By: Dr. Gabriel N. Schenker

Overview of this book

Docker containers have revolutionized the software supply chain in small and big enterprises. Never before has a new technology so rapidly penetrated the top 500 enterprises worldwide. Companies that embrace containers and containerize their traditional mission-critical applications have reported savings of at least 50% in total maintenance cost and a reduction of 90% (or more) of the time required to deploy new versions of those applications. Furthermore they are benefitting from increased security just by using containers as opposed to running applications outside containers. This book starts from scratch, introducing you to Docker fundamentals and setting up an environment to work with it. Then we delve into concepts such as Docker containers, Docker images, Docker Compose, and so on. We will also cover the concepts of deployment, orchestration, networking, and security. Furthermore, we explain Docker functionalities on public clouds such as AWS. By the end of this book, you will have hands-on experience working with Docker containers and orchestrators such as SwarmKit and Kubernetes.

Title Page

Packt Upsell

Contributors

Preface

Free Chapter

What Are Containers and Why Should I Use Them?

What Are Containers and Why Should I Use Them?

Technical requirements

What are containers?

Why are containers important?

What's the benefit for me or for my company?

The Moby project

Docker products

The container ecosystem

Container architecture

Further reading

Setting up a Working Environment

Setting up a Working Environment

Technical requirements

The Linux command shell

PowerShell for Windows

Using a package manager

Choosing a code editor

Docker for Mac and Docker for Windows

Further reading

Working with Containers

Working with Containers

Technical requirements

Running the first container

Starting, stopping, and removing containers

Inspecting containers

Exec into a running container

Attaching to a running container

Retrieving container logs

Anatomy of containers

Further reading

Creating and Managing Container Images

Creating and Managing Container Images

What are images?

Creating images

Sharing or shipping images

Further reading

Data Volumes and System Management

Data Volumes and System Management

Technical requirements

Creating and mounting data volumes

Sharing data between containers

Using host volumes

Defining volumes in images

Obtaining Docker system information

Listing resource consumption

Pruning unused resources

Consuming Docker system events

Further reading

Distributed Application Architecture

Distributed Application Architecture

What is a distributed application architecture?

Patterns and best practices

Running in production

Further reading

Single-Host Networking

Single-Host Networking

Technical requirements

The container network model

Network firewalling

The bridge network

The host network

The null network

Running in an existing network namespace

Port management

Further reading

Docker Compose

Technical requirements

Demystifying declarative versus imperative

Running a multi-service app

Scaling a service

Building and pushing an application

Further reading

Orchestrators

What are orchestrators and why do we need them?

The tasks of an orchestrator

Overview of popular orchestrators

Further reading

Introduction to Docker Swarm

Introduction to Docker Swarm

Stacks, services, and tasks

Multi-host networking

Creating a Docker Swarm

Deploying a first application

The swarm routing mesh

Further reading

Zero Downtime Deployments and Secrets

Zero Downtime Deployments and Secrets

Technical requirements

Zero downtime deployment

Further reading

Introduction to Kubernetes

Introduction to Kubernetes

Technical requirements

Kubernetes master nodes

Introduction to Minikube

Kubernetes support in Docker for Desktop

Kubernetes ReplicaSet

Kubernetes deployment

Kubernetes service

Context-based routing

Comparing SwarmKit with Kubernetes

Further reading

Deploying, Updating, and Securing an Application with Kubernetes

Deploying, Updating, and Securing an Application with Kubernetes

Technical requirements

Deploying a first application

Zero downtime deployments

Kubernetes secrets

Further reading

Running a Containerized App in the Cloud

Running a Containerized App in the Cloud

Technical requirements

Deploying our application into AWS ECS

Deploying and using Docker EE on AWS

A short peek into Azure’s container offerings

A short peek into Google’s container offerings

Further reading

Assessment

Other Books You May Enjoy

Other Books You May Enjoy

Leave a review - let other readers know what you think

Index

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

Chapter 13

Assuming we have a Docker image in a registry for the two application services, the web API and Mongo DB, we then need to do the following:
- Define a deployment for Mongo DB using a StatefulSet; let's call this deployment db-deployment. The StatefulSet should have one replica (replicating Mongo DB is a bit more involved and is outside of the scope of this book).
- Define a Kubernetes service called db of type ClusterIP for the db-deployment.
- Define a deployment for the web API; let's call it web-deployment. Let's scale this service to three instances.
- Define a Kubernetes service called api of type NodePort for web-deployment.
- If we use secrets, then define those secrets directly in the cluster using kubectl.
- Deploy the application using kubectl.

To implement layer 7 routing for an application, we ideally use an IngressController. The IngressController is a reverse proxy such as Nginx that has a sidecar listening on the Kubernetes Server API for relevant changes and updating the reverse proxy's configuration and restarting it, if such a change has been detected. We then need to define Ingress resources in the cluster which define the routing, for example from a context-based route such as https://example.com/pets to <a service name>/<port> pair such as api/32001. The moment Kubernetes creates or changes this Ingress object, the IngressController's sidecar picks it up and updates the proxy's routing configuration.
Assuming this is a cluster internal inventory service:
- When deploying version 1.0 we define a deployment called inventory-deployment-blue and label the pods with a label color: blue.
- We deploy the Kubernetes service of type ClusterIP called inventory for the preceding deployment with the selector containing color: blue.
- When ready to deploy the new version of the payments service, we first define a deployment for version 2.0 of the service and call it inventory-deployment-green. We add a label color: green to the pods.
- We can now smoke test the "green" service and when everything is OK, we can update the inventory service such as the selector contains color: green.
Some type of information that is confidential and thus should be provided to services through Kubernetes secrets include: passwords, certificates, API key IDs, API key secrets or tokens.
Sources for secret values can be files or base64 encoded values.