I this article i will talk about Virtualization and Docker basics concepts and docker terminology. We will learn about basic differences between virtualization and containerization, images and containers, how docker files are used to build docker images. Bit about Docker swarm clusters.
Let’s start first with Virtualization.
There many virtualization techniques are available, but the main objective is to share the resources with different entities,users and so on. You are virtually diving the resource into multiple parts.
Actually everybody already doing virtualization weather they realise it or not.
A very common example of virtualization is Hard disk partition, i.e you got single Hard drive and you are separating that into multiple logical partitions.
But why do we use virtualization, here you go with list:
Shared use of Hardware
Security Isolation
Hardware Isolation
Power Saving
Development and testing legacy OS
Better Utilization of hardware resources
Types of Virtualization
Server Virtualization
Network Virtualization
Storage Virtualization
Desktop Virtualization
Application Virtualization
Server Virtualization
In enterprise world, server virtualization used to be most commonly used, where physical resources divide and available as multiple and can be commonly shared.
Even in server virtualization, there 3 type of virtualization available. Let’s take brief look at them.
Full virtualization
Para-virtualization
OS level virtualization
Full Virtualization
In Full virtualization, guest OS see hardwares as actual dedicated for its use and not being known that it is running in virtualized environment.
Para-Virtualization
In Para-virtualization, the code of guest operating system is modified in order to allow to run on hypervisor. The Virtual machine manager (VMM) is aware of the requirements on the guest and can manage resources accordingly.
Rather than making calls to hardware by the guest is then intercepted by the VMM and converted.
For high I/O where the guest knows that it is virtualized (most situations these days) para-virtualization (VirtIO drivers on KVM, VMware Tools on VMware ) should be used.
OS Level Virtualization
In OS-level virtualization, hypervisor is not used at all. The host kernel operating system allows multiple isolated user-space programs. These programs are isolated of each other using linux namespaces and are also called Instances. Examples of these instances are Containers, Dockers, Solaris Zones, OpenVZ etc..
A bit on Network Virtualization
Now a days, Network virtualization is getting very popular among Cloud providers and ISP (Telecom most), though this is not a new concept at all.
Network virtualization is already present in carrier grade routers where Control plane and Data plane were separated, but inside a dedicated and “designed to be” hardwares. Now network virtualization has gone steps further and are not dependent of particular or proprietary hardwares.
Control plane are now on separate working Virtual machines and Data plane could be anything, it can be a Virtual Machine, a Black Box, or any x86 based hardware.
But why network need virtualization?
When using server virtualization, virtual machines from different domains can run on same server simultaneously and these workloads also requires security and connectivity, virtual devices/machines can use overlapping subnets.
Connectivity and Security eventually can also be managed by traditional networking solution, but definitely this gonna requires a lot of manual efforts and cost and any human error may lead to loophole.
Best way to handle these dynamic network requirements is to have a dynamic programmable network which should have ability to create, change, delete, manage network behaviour dynamically.
Here Software Defined Network (SDN) comes into picture. SDN offers physical separation of network control plane and data plane.
For this network virtualization topic, i will stop here and will cover more in my next post.
OS-Level Virtualization Again !!
Now let’s come back to OS-Level virtualization. here i will cover Docker part
We have already covered basics of server virtualization and let’s see what happens in Containers.
The OS is virtualized not the Hardware
No server virtualization takes part in, host OS with the help of linux namespaces provides isolation between containers. A container is an isolated application runtime environment the operating system, binaries required by application are shared by containers.
As in above picture, we have got Host OS at the bottom and on top of that Docker Engine has been installed.
Docker Engine is composed Docker Daemon and CLI interface by which we create and manage containers.
Now a container is based on image and it is important to understand the difference between these two.
Containers are based on images
Images contains software and settings for running a container
Images contains metadata describing the image
A container is a runtime instance of an image
Contents of a Container
Software
Settings
Application-specific libraries
Runtime environment
Tools
Docker is an open source project to pack, ship and run any application as a lightweight container.
A docker container is running instance of a docker image.
Docker instance initialization steps
$ docker run -ti busybox /bin/bash
Docker pulls image from repository
New instances creates
Read/Write layer of filesystem gets allocated
Network interface allocation
IP Address assignment
Runs the process inside container
A docker image is a read-only template with instruction for creating a docker container. Image contains metadata describing the image
A DockerCompose is to configure and run multi-container applications which may contain:
Web Server
Application server
Database Server
Mail notification
Message queues
Docker files are used to create a docker image, it is a text file (YAML format). Mostly it is placed in root of the context
Contents of Dockerfile
FROM –> This directive specify the base image from which new image will be created
COPY –> This directive copy directory/folder, files to container filesystem
ADD –> It is similar to COPY with additional capability like pull items from any URL
WORKDIR –> Sets the working directory
CMD –> Runs a command when container is launched
RUN –> Executes commands within new container, like installing/modifying any packages
EXPOSE –> Expose the network ports at runtime. Ports can be TCP/UDP. If protocol is not specified, then TCP would be default one.
DockerSwarm allow for docker host clustering for High Availability, container orchestration and container workload scheduling.
DockerSwarm are of 2 types
Worker Nodes
Manager Nodes
Worker Node
These become swarm members using a join token (Token which is generated by Manager Node)
Manager Node
It do Swarm configuration. Docker CLI commands are run here and it also monitor and maintain swarm state.
Swarm initialized: current node (bvz81updecsj6wjz393c09vti) is now a manager.
To add a worker to this swarm, run the following command:
docker swarm join \
--token SWMTKN-1-3pu6hszjas19xyp7ghgosyx9k8atbfcr8p2is99znpy26u2lkl-1awxwuwd3z9j1z3puu7rcgdbx \
172.17.0.2:2377
To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.
$ docker swarm join --token SWMTKN-1-3pu6hszjas19xyp7ghgosyx9k8atbfcr8p2is99znpy26u2lkl-7p73s1dx5in4tatdymyhg9hu2 192.168.99.121:2377
This node joined a swarm as a manager.
$ docker node ls
ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS
dkp8vy1dq1kxleu9g4u78tlag * manager2 Ready Active Reachable
dvfxp4zseq4s0rih1selh0d20 manager1 Ready Active Leader
This is all for basic level. In my next post, i will cover specific topics in depth.