As Docker technology matures, more and more companies are starting to consider using Docker. Docker has a number of advantages, such as continuous integration, versioning, portability, isolation, security, and high performance.
On the other hand, how do you implement Docker in the enterprise cloud by directly using Docker (cloud by Docker) or running Docker in a VM for management (Docker in Cloud)?
This article summarizes the benefits, analyzes deployment patterns, and finally uses 2 video demos to understand the mode of running Docker in the cloud.1. Six advantages 1.1 continuous deployment and testing
Docker is a great attraction in the world of development and operations, as it maintains cross-environment consistency. In the development and release lifecycle, different environments are slightly different, and these differences can be caused by the version and dependencies of different installation packages. However, Docker can solve this problem by ensuring that the entire process environment is consistent from development to product release *docker containers are configured to keep all configuration and dependencies within the container constant. In the end, you can use the same container to ensure that there are no differences or manual interventions throughout the entire process of development to product release.
With Docker, you can also make sure that developers don't need to configure the exact same product environment, and they can build VMS on their own systems to run Docker containers through VirtualBox. The beauty of Docker is that it also allows you to run the same container on Amazon EC2 instances. If you need to complete an upgrade in a product release cycle, you can easily put things that need to be changed into a Docker container, test them, and make the same changes to the containers that you already exist. This flexibility is one of the main benefits of using Docker. Like the standard deployment and integration process, Docker allows you to build, test, and publish the image, which can be deployed across multiple servers. Even if you install a new security patch, the whole process is the same. You can install the patch, test it, and post the patch to the product.1.2 Multi-Cloud Platform
One of the biggest benefits of Docker is portability. Over the past few years, all major cloud computing providers, including Amazon AWS and GCP, have incorporated Docker into their platforms and added their own support. Docker containers can run on Amazon EC2 instances, Google GCP instances, Rackspace servers, or VirtualBox these host OS platforms. For example, if a Docker container running on an Amazon EC2 instance can easily be ported to several other platforms, such as VirtualBox, and achieve similar consistency and functionality, this will allow you to abstract from the infrastructure layer. In addition to AWS and Gcp,docker, it works very well in other IaaS providers, such as Microsoft Azure, OpenStack, and the chef, Puppet, ansible, and so on, which can be used by managers with different configurations.1.3 Environment standardization and version control cloudy platform
One of the biggest benefits of Docker is portability. Over the past few years, all major cloud computing providers, including Amazon AWS and GCP, have incorporated Docker into their platforms and added their own support. Docker containers can run on Amazon EC2 instances, Google GCP instances, Rackspace servers, or VirtualBox these host OS platforms. For example, if a Docker container running on an Amazon EC2 instance can easily be ported to several other platforms, such as VirtualBox, and achieve similar consistency and functionality, this will allow you to abstract from the infrastructure layer. In addition to AWS and Gcp,docker, it works very well in other IaaS providers, such as Microsoft Azure, OpenStack, and the chef, Puppet, ansible, and so on, which can be used by managers with different configurations. With the discussion above, Docker containers can standardize your environment by ensuring consistency across different development and product release lifecycles. In addition, Docker containers can be like git repositories, allowing you to commit changes to Docker images and manage them through different versions. Imagine that if you get your entire environment damaged by completing a component upgrade, Docker can make it easy to roll back to the previous version of the image. This whole process can be done in minutes, and if compared to the backup or image creation process of the virtual machine, Docker is fairly fast, allowing you to replicate and implement redundancy quickly. In addition, starting Docker is as fast as running a process.1.4 Isolation
Docker ensures that your application is separate from the resources. A few months ago, Gartner published a report that shows that the effect of running a Docker container for resource isolation is as good as a virtual machine (VM) hypervisor, but that management and control needs to be perfected.
We consider a scenario in which you run many applications in your virtual machine, including team collaboration software (such as confluence), problem tracking software (such as Jira), centralized identity management systems (such as crowd), and so on. Since these software runs on different ports, you must use Apache or Nginx to do the reverse proxy. So far, everything is normal, but as your environment moves forward, you need to configure a content management system (such as alfresco) in your existing environment. At this point, a problem has occurred, the software needs a different version of Apache Tomcat, in order to meet this need, you can only migrate your existing software to another version of Tomcat, or find a suitable for your existing Tomcat Content management System (ALFRESCO) version.
With this scenario, you don't have to do these things with Docker. Docker ensures that each container has its own resources and is isolated from other containers. You can run applications that use different stacks with different containers. In addition, if you want to remove some applications directly on the server, it is difficult to do so, as this may cause dependency conflicts. Docker can help you ensure that your application is completely erased, because different applications run on different containers, and if you don't need an application, you can simply delete the application by deleting the container and leave no temporary files or configuration files on your host operating system.
In addition to these benefits, Docker ensures that each application uses only the resources allocated to it (including CPU, memory, and disk space). A special software will not use all of your available resources, otherwise this will result in degraded performance and even a complete stop for other applications.1.5 Security
As mentioned above, Gartner acknowledges that Docker is growing fast. From a security standpoint, Docker ensures that applications running in containers and other containers are completely segregated and isolated, giving you complete control over traffic and management. Docker containers cannot peek at processes running in other containers. From an architectural standpoint, each container uses only its own resources (from the process to the network stack).
As a means of fastening security, Docker places sensitive mount points on the host operating system (such as/proc and/sys) as read-only mount points, and uses a write-time replication system to ensure that the container cannot read data from other containers. Docker also restricts some system calls on the host operating system, and it works well with SELinux and AppArmor. In addition, the Docker images that can be used on the Docker hub are digitally signed to ensure their reliability. Because Docker containers are isolated and resources are restricted, even if one of your applications is hacked, it does not affect applications running on other Docker containers.1.6 High Performance
We know that Docker is based on LXC, and LXC is different from the traditional KVM, ESXi, Xen and other hypervisor to simulate the physical machine operating mechanism of the virtual means, its operating mechanism is directly at the OS level, through the process isolation mode to simulate the operating environment, This reduces the "translation" loss due to the hypervisor layer, the performance of the actual test lxc can be almost comparable to the physical machine, which is not the traditional VM, which is particularly suitable for HPC, big data, machine learning and so on the physical machine "squeeze dry run" scene, and has the ability to quickly deploy and automate.2. About Docker Deployment Mode 2.1 Docker-based Cloud (cloud by Docker)
Refers to the direct use of Docker as the cloud infrastructure (mainly computing power, as a computing subsystem), this mode of performance is the highest, but because Docker for storage, network capacity support is limited, it requires the cloud operating system to provide additional two subsystems support to better run.
Here's a video demo that uses LXC and Docker templates directly as a computing subsystem in a cloud2.2 Docker in the Cloud (Docker in cloud)
There are also 2 modes in this mode:
1, is to provide VM image such as CoreOS in the IaaS cloud, and through support EC2 interface (pass user data) can quickly deploy Docker, and cloud platform-based VPC (Cloud Network and Gree), ELB (load Balancing), EBS (elastic block storage) gives Docker better support.
The following is a demo video that runs Docker and uses the ELB (load Balancing) in the cloud in a cloud that supports the EC2 interface, using the CoreOS template:
2, the cloud platform needs to provide the PAAs ability-ecs (Elastic container Service) service, in this mode Docker will act as a class of managed object (host) cloud quickly provided (similar to elastic Beanstalk) as long as you input parameters, The cloud platform will automatically create Docker clusters and maintain the availability and resiliency of the cluster.
;-) provide this video soon ...
Six advantages of Docker, in-Cloud deployment mode, and video demo