Road to DevOps

Topic

 Comapre Physical vs VM vs Container

 Understading of Lab Envrioment and Real World Enviroment
 HOL01: Install Web Host Manager In Ubuntu Server
 HOL02: Install Nginx in Ubuntu Server
 In Real World scenario which Enviroment are best for Docker
 Understanding of Docker Enviroment
 Comapre Physical vs VM vs Container

Docker in On-premise Scenario

App web DB

Apps VM VM VM Docker Engine Docker Engine

OS Hypervisor OS OS

Physical Server Physical Server Physical Server Infrastructure

Traditional Scenario Virtual Scenario Docker In Cloud Scenario

 Lab Enviroment
 In Lab Enviroment we are using type-2
hypervisor virtualbox
 Lab Requirement : Docker Engine

1. Minimum 8GB or 12GB of RAM VM: Ubuntu

2. Ubuntu Server OS VirtualBox
3. Windows Server 2019 OS
Win-10 or OSX

Laptop
In Real World scenario which Enviroment are best for Docker

 Ubuntu Linux
 Alpine Linux
 Red Hat Linux
 CoreOS
 RancherOS
 CentOS
 Fedora
 SUSE
 WaterFall Model

It has distinct goals for each phase of development. Imagine a waterfall on the cliff of a steep mountain, Once the water has
flowed over the edge of the cliff, it cannot turn back.
 Traditional Waterfall Model

Requirement and Gathering

Analysis

Design

Implement

Test

Deploy

Maintenance
 What is Agile Methodology?

In the Agile Methodology All iteration should be of the At the end of each iteration, a
each project is broken up into same time duration (between working product should be
serveral ‘iteration’ 2 to 8 weeks) delivered
 Waterfall vs Agile
Waterfall

Analyze Plan Design Build Test Deploy

Agile
 There is some

Code work Limitation Of Agile problem with code, it

does not work in
fine in my production
laptop

Develop Team
Operation Team

Wants Change Wants Stability

Solution is DevOps
What is DevOps?
Microsystems & Containerization
Issues we faced before Containerization
 Standard Delivery Pipeline

For build + Dependencies

EX
E

Developer Tester

• Dynamic Testing
• Integration Testing
• UAT Testing etc.,
 Developer Enviroment

Operating System Pytest 5.4.3

Pycharm IDE

Backend Developer

Backend Code Dependencies

 Tester Enviromenet

Operating System Pytest 5.3.0

Spyder IDE

Tester

Backend Code Dependencies

 There is no consistency will face with comaptible issues...

Backend Developer
Tester

This code runs fine on my computer This code does not run on my system
Developer Tester

Similar Delivery Pipeline with containers

 What is a Container?

 Containers are software that wrap up all the parts of a code and all its dependencies into a
single deployable unit that can be used on different system and servers.

code Libraries Container

Systems & Servers
 What is a Container?
 Multiple isolated containers can be launched together to form Microservices which can be
easily managed using any orchestration tool e.g. Docker Swarm, Kubernentes, etc.

OR
 Container Vs VM
 Let’s set some criteria to compare them

• Operating System
• Architecture
• Isolation
• Efficiency
• Portability
• Scalability
• Deployment
 Container Vs VM
 Operating System

Container VM
Contains only the bare minimum parts of the Contains the complete Operating system that is
Operating System required to run the software normally used on systems for general purpose .
Updates are easy and simpe to do Updates are time consuming and though.
 Container Vs VM
 Architecture

Container Architecture VM Architecture

Host Container Host VM

Apps Services Apps Services

Apps Services Apps Services

Kernel Kernel
OS Kernel OS OS

Hardware Hardware
 Container Vs VM

 Isolation

Container
VM
The isolation provided by a container isn’t as
VM provides complete isolation from the
complete as of a VM but is adequate.
concerning host system and is also more
secure.
 Container Vs VM

 Efficiency

Container
Container are way more efficient as they only
utilise the most necessary parts of the Operating
system. They act like any other software on the
host system.
VM
Vm are less efficient as they have to manage
full blown guest operating system VM’s have
to access host resource through a hypervisor.
 Container Vs VM

 Portability

Container VM
Containers are self-contained enviroments VMs aren’t that easily ported with the same
that can easily be used on different Operating settings from one operating system to another.
system.
 Container Vs VM

 Scalability

Container VM
Containers are very easy to scale, they can be VMs aren’t very easily scable as they are
easily added and removed based on requirements heavy in nature
due to their light weight.
 Container Vs VM

 Deployment

Container VM
Containers can be deployed easily using the VMs can be deployed by using the powershell
Docker Cli or making use of Cloud services or by using the VMM or using cloud services
provided by aws or azure. such as aws or azure.
Why Do We Need Container?
Why Do We Need Container?

Consistent Development
Microservices
Enviroments
 What is Docker?

Docker is a tool that helps in developing, building, deploying and executing software in
isolation. It does so by creating containers that completely wrap a software.

The isolation Provided by container gives a layer of security to

the containers.
 Why Docker?

Simple Fast Easy Collaboration

Built for Developers, by

Docker Community
developers
Other Container
 Docker
 LXC
 LXD
 RKT
DOCKER ENVIROMENT
 Docker Enviroment

Docker Engine Docker Object Docker Registry

Docker Compose Docker Swarm

DOCKER
ENGINE
 Docker Engine
Docker engine is as the name suggests, its technology that allows for the creation and
management of all the Docker Processes. It has three major parts to it.

Docker CLI Docker API Docker Daemon

DOCKER OBJECTS
 Docker Objects

Docker Images Docker Containers Docker Volumes

Docker Swarm Nodes

Docker Networks
& Services
 Docker Objects - Images

Docker Images are sets of insstructions that are used to create containers and execute code
inside it.

USER PULL or UBUNTU CONTAINER

CREATE
Docker Objects - Volumes

Docker volumes are basically persistent storage locations for the containers. They can be
easily & safety attached and removed from different container, and they are also portable from
system to another.
Docker Objects – Volumes drivers

Docker Volumes drivers allow you to perform uniques abilities such as creating persistent
storage on other hosts, cloud, encrypt volumes. They basically enhance the abilities of a
volume.
 Docker Objects – Network

A Docker network is a connection between one or more containers. One of the more powerful
things about the docker containers is that they can be easily connected to one other and even
other software this makes a very easy to isolate and manage the containers.

192.168.70.x 192.168.80.x
route53

Server or instance Server or instance

DOCKER REGISTRY
 Docker Registry

You can think of registries as storage locations for docker images. These images can be
versioned in the registry as well.

16.04

18.04

Docker Registry
20.04
 Docker Registry - DockerHub

You have many options for a docker registry, you can go with DockerHub as your main docker
registry as there is already a docker command to pull and push images to it. If you don’t want
to used Dockerhub there are many alternatives to it.

JFrog
Docker hub
Elastic Container Regisrty MS Azure Container Registry
 Route53
EIP – Elastic IP – 103.76.88.47

FW
VPC – Virtual Private Cloud Network

192.168.70.159/24
APP WEB DB

C-1 C-2 C-3 TCP- 3000 allow

TCP – 443 ALLOW

instance
DOCKER Compose
Docker Compose

 For Now Let’s just understand that dokcer compose is just a Service within docker that’s us
launch multiple containers at the same time.

Creat .yml file

DOCKER Swarm
 Docker Swarm

 For Now just understand that Docker Swarm is a service within Dokcer that allows us to
manage multiple containers.

EC2

Worker Node-1

EC2 EC2

Worker Node-2
Manager Node
EC2

Worker Node-3
 Docker Architecture

Docker CLI Docker Host Docker Registry

Docker Daemon
Docker Build
Docker pull Containers Images
Docker run
DOCKER File
 Docker FIle

 Docker File are basically scripts that you can write and then build into an image. The
image can then be run to create the Container. Its like a shell script.

User Docker File Docker Image Container

 Docker File -Format

From
ADD FROM
Syntax: FROM <Base image>
COPY
RUN It is an instruction that informs docker about the base image that is to be used for
the container. SO basically if you have an image in mind whose properties you
WORKDIR wish to inherit you can mention it using this instruction. This is always used as the
CMD first instruction for any docker image, but you can use it multiple times.

VOLUME
EXPOSE
ENTRYPOIN
T
LABEL
 Docker File -Format

From
ADD
ADD Syntax: ADD <source> <destination>
COPY
It is used to add new sources from your local directory or a URL to the file
RUN system of the image that will become the container in the designated location.
WORKDIR You can include items as the source and can even make use of wildcards and if
the destination that you have mentioned does not exist then it will create one
CMD
VOLUME
EXPOSE
ENTRYPOIN
T
LABEL
 Docker File -Format

From COPY
ADD Syntax: COPY <source> <destination>

COPY It is used to copy new sources from only your local directory to the file system
RUN of the image that will become the container in the designated location.
You can include multiple items as the source and can even make use of
WORKDIR wildcards and if the destination that you have mentioned does not exist then it
CMD will create one.
It’s simillar to ADD, the difference being that ADD can also add new URL to
VOLUME the file system whereas COPY can’t.
EXPOSE
ENTRYPOIN
T
LABEL
 Docker File -Format

From
ADD RUN
Syntax: RUN <command>
COPY
RUN This instruction is used to run specific commands that you want run in the
container duringt its creation. Fro example, You want to update the ubuntu
WORKDIR instance then you can use the instruction as such :-
CMD RUN apt-get update

VOLUME
EXPOSE
ENTRYPOIN
T
LABEL
 Docker File -Format

From
ADD WORKDIR
Syntax: WORKDIR <directory>
COPY
RUN This instruction is responsible for setting the working directory so that you can run
shell commands in that specific directory during the build time of the image.
WORKDIR
CMD
VOLUME
EXPOSE
ENTRYPOIN
T
LABEL
 Docker File -Format

From
CMD
ADD
Syntax: CMD <command>
COPY
This instruction tells the container what command to run when it gets started.
RUN
WORKDIR
CMD
VOLUME
EXPOSE
ENTRYPOIN
T
LABEL
 Docker File -Format

From
VOLUME
ADD Syntax: VOLUME <path>
COPY
This instruction makes a mount point for the volume of a specified name.
RUN
WORKDIR
CMD
VOLUME
EXPOSE
ENTRYPOIN
T
LABEL
 Docker File -Format

From
ADD EXPOSE
Syntax; EXPOSE <ports>
COPY
RUN This instruction tells what port the container should be exposed at. But this can
only happen for an internal network. The host will not be able to access the
WORKDIR container from this port.
CMD
VOLUME
EXPOSE
ENTRYPOIN
T
LABEL
 Docker File -Format

From
ADD ENTRYPOINT
Syntax: ENTRYPOINT <command> <parameter 1> <parameter 2>
COPY
RUN This instruction allows you to run commands when your container starts with
parameters.
WORKDIR
The difference between CMD and ENTRYPOINT is that with ENTRYPOINT
CMD your command is not overwritting during runtime. When you use
ENTRYPOINT it will override any elements specified in another CMD
VOLUME
instruction.
EXPOSE
ENTRYPOIN
T
LABEL
 Docker File -Format

From
ADD LABEL

COPY Syntax: LABEL <Key>=<value>

RUN
This instruction is used to add Meta data to your image. You need to make use of
WORKDIR quotes & backslashes if you want to include spaces. If there are any older lables
CMD they will be replaced with the new label value. You can make use of docker inspect
command to see it’s container.
VOLUME Since a new layer is created each time a new instruction is written. It is important to
EXPOSE write in the most optimized way as possible and least number of instructions as
possible.
ENTRYPOIN
T
LABEL
 Dockerfile Best Practices

Create ephemeral Understand build Pipe Dockerfile Exclude

container context through stdin with .dockerignore

Don’t install
Use multi-stage Decouple Minimize the number
unnecessary
builds applications of layers
packages
Docker Images
 A Docker image is made up of a stack of multiple layers, these layers represent each
separate instruction written in a dockerfile. These layers get added as a stack, i.e the layer
that represents the first instruction gets added first and the layer that represents the last
instruction gets added last.

Container Layer – (Read & Write)

...
Nth Image Layer (Read Only)

3rd Image Layer (Read Only)

2nd Image Layer (Read Only)

1st Image Layer (Read Only)

 DockerFIle Instruction – Best Practices

FROM LABEL RUN CMD

EXPOSE WORKDIR ADD or COPY ENTRYPOINT

DOCKER STORAGE
 Advantages to Docker Storage
 Normally if you wanted to store data in docker container it would be stored in the writable
layer of the Docker Container, but this is not an efficient way to store data. So we make
use of different do9cker storage types. These storage types have a lot of advantages over
the default storage method.

Increase container
Persistent Data Transfer Data Easily
Performance
 Docker Storage Types

Volumes Bind Mount Tmpfs Mount

Docker Storage Types

Container

File System

Docker Area

Memory
Docker Volume
 Docker Volume
 Docker Volumes are basically persistent storage locations for the containers. They are
managed by Docker completely. They can be easily attached and removed from containers.
You can backup your Volumes also. This is the most used type of data storage.
BIND MOUNT
Bind Mount

 Bind Mount aren’t managed by Docker and are mapped to a host system directory.
Tmpfs MOUNT
Tmpfs Mount
 This type of storage maps to the host system’s (Linux) memory. Tmpfs is not persisten like
volumes and tmpfs and get removed when the container they are attached to are stoped.
They only ever get mapped to a single container in their lifetime. Allows you store more
temporary data without affecting a container’s efficiency.
 Storage Drivers
 In situation where you have to write in the docker’s writable layer you can make use of
specific storage drivers. Thest will allow you to maintain control over how docker images
& containers are managed and stored.
Here are a few of the storage drivers:
Overlay2, aufs, devicemapper,btrfs,vfs
Docker Networks
Docker Network

 A Docker network is basically a connection between one or more containers.One of the

more powerful things about the Docker containers is that they can be easily connected to
one other and even other software, this makes it very easy to isolate and manage the
containers.
 Docker Network Types

Bridge Host Overlay Macvian None

Docker Network – Bridge Network

Docker containers that are connected by the means of a bridge network can communicate with
each other. This also creates a layer of isolation between the docker container that are
connected to each other through a bridge network.
Docker Network – Host Network

Docker containers that are connected to host network basically share the namespace with their
hosts, i.e the containers share the IP address of the host and don’t have one of their own.
Docker Network – Overlay Network

Docker daemon Hosts that are connected by the means of an overlay network can
communicate with each other. This means that containers present in different docker hosts can
communicate with each other using the overlay network. This is useful when we need a set of
docker hosts to communicate with each other in a docker swarm.

Overlay Network
Docker Host A Docker Host B
Docker Network – None Network

A docker container which has none network configured for itself cannot communicate with
any service or system as networking for the container is virtually disabled. It’s usually used to
isolate certain containers.
DOCKER Compose
Docker Compose

 For Now Let’s just understand that dokcer compose is just a Service within docker that’s us
launch multiple containers at the same time.

Creat .yml file

DOCKER Swarm
Why Orchestration?

Orchestration allow us to manage and maintain multiple containers. This is especially helpful
in software development where we maybe making use of micro-services architecture as it
breaks down the software into small manageable chunks. Having different configurations and
environments becomes easier with orchestration.
Benefits of Orchestration?

 Easy Deployment
 Easy management
 Easy resource management
 Allows for health monitoring of the containers
 Load balancing among different containers
 Easy updating
 Easy scaling up and rolling back
 Creates a layer of security
Docker Swarm

Docker Swarm is an orchestration service within Docker that allows us to manage and handle
containers at the same time. It is also a cluster of multiple containers.

Manager Node

Container Node
DOCKER Swarm Architecture
Docker Swarm Architecture