Skip to content

Latest commit

 

History

History
115 lines (97 loc) · 4.96 KB

10. Containers.md

File metadata and controls

115 lines (97 loc) · 4.96 KB
Raw

Containers

  • Has everything packaged in it to allow software to run (e.g. which OS, packages)
  • Lightweight
  • Code, runtime, system tools, and libraries
  • Architecture: Infrastructure -> Host Operating System -> Container Service (Docker) -> Container Apps
  • See also DevSecOps - Container Security

Docker

  • Tool to create container based applications.
  • Includes code + any other dependencies to run your code.
  • Makes easier to run your container on different computing environments
  • Architecture
    • Daemon => Rest API => CLI
    • Docker daemon
      • Only runs on Linux because it depends on a number of Linux kernel features
        • There's ways to run it in Windows / MacOS
    • The Docker daemon itself exposes a REST API
    • Command line tool that lets you talk to the Docker daemon
  • Dockerfile is a text file that defines the environment
    • Each line in file creates a layer
    • FROM ubuntu
      • The first statement in the Dockerfile. It refers to the parent image that this new image will be based upon
      • An image that doesn't have a parent is called a base image and FROM scratch can be used instead.
  • Commands:
    • Build: docker build -t container-name . in folder where Dockerfile exists
    • Run: docker run -d -p 8080:80 --name app-name container-name
    • List containers: docker ps
  • ❗ You cannot build Windows containers in Linux
    • But you can build Linux containers in Windows

Multi-stage builds

  • Problem
    • It was popular to maintain two Dockerfiles one for development one for production (slimmed)
      • E.g. production merged different bash commands with && to avoid creating additional layers.

        • Because each RUN instruction creates a new layer in the container image

        • E.g. with using \ to wrap lines:

            RUN powershell.exe -Command \
  $ErrorActionPreference = 'Stop'; \
  Invoke-WebRequest https://www.python.org/ftp/python/3.5.1/python-3.5.1.exe -OutFile c:\python-3.5.1.exe ; \
  Start-Process c:\python-3.5.1.exe -ArgumentList '/quiet InstallAllUsers=1 PrependPath=1' -Wait ; \
  Remove-Item c:\python-3.5.1.exe -Force

        • However this increases the build speed as each layer is cached separately when they are separate.

    • Another And then a build.sh was used to copy contents from one docker image to another.
  • Solution

    • Single Dockerfile resulting in tiny production image, no scripts using multi-stage builds

        FROM mcr.microsoft.com/dotnet/core/sdk:2.2 AS build-env # from docker hub, good to name with AS for flexible re-ordering
  WORKDIR /app # create directory

  # Copy csproj and restore as distinct layers
  COPY *.csproj ./
  RUN dotnet restore

  # Copy everything else and build
  COPY . ./
  RUN dotnet publish -c Release -o out

  # Build runtime image
  FROM mcr.mcrosoft.com/dotnet/core/aspnet:2.2 # for running application
  WORKDIR /app
  COPY --from=build-env /app/out .
  ENTRYPOINT [ "dotnet", "serverappname.dll" ]

    • A multi-stage data file consisting of two stages.

      1. Build application
      2. Run the application

    • Visual Studio Docker support

      • Right click on the project → Add → Docker support
      • This will add Dockerfile as multiple stage build

Docker compose

  • A tool to define and run multi-container docker applications.
  • Configure all containers in a single YAML file, then spin up all of them with a single command.
    • E.g. can run following with single command: • DB • Cache service • Web service

Kubernetes

  • Kubernetes helps to:
    • Orchestrate containers
    • Deploy containers
    • Maintain and monitor containers
    • Scale applications
  • Architecture:
    • Master: Deploy the Docker and Kubernetes tools
    • Nodes: Hosts the actual containers.

Azure Service Fabric

  • Solution making it simple to package, deploy, and manage scalable and reliable containers and microservices.
  • Assists with the developing and managing cloud native applications.
  • Intended for container-based applications running on enterprise-class, cloud-scale environments.
  • To be able to deploy using Azure Pipelines:
    • Add new Service Fabric Connection
      • Requires a cluster endpoint
      • Authentication options:
        • Azure Active Directory
          • Add Server certificate thumbprint of the server cert. used to create the cluster.
          • Also the cluster credentials in Username and Password fields.
        • Certificate Based
          • Requires:
            • Server certificate thumbprint of the server cert. used to create the cluster.
            • Client certificate
              • or cluster/server certificate
            • Password for the certificate