Docker: A Comprehensive Overview
Docker: Not Just For Big
Schools
RICHARD SCHNEIDER, HARDING UNIVERSITY
10/19/2022
10:00 AM
My Objections to Docker
We don’t create servers often. Our existing Tomcat servers suit our
needs.
We don’t want to overengineer things.
We care about security, and don’t want to run opaque images built
by unknown strangers.
We just don’t need it. We can do everything we need with our
standard tools.
COHESION SUMMIT
3
There is very little you
need
Docker to do.
Docker makes many things
easier
and
rigorous
.
COHESION SUMMIT
4
Some disclaimers
Much of this presentation applies to other technologies, but I’m
saying Docker for simplicity.
There are numerous Docker features I will not cover.
This will not be a technical talk. My primary focus here are the high-
level benefits.
I am not an expert. There are multiple schools who have gone much
further down this path.
I’d love to hear from you!
COHESION SUMMIT
5
Docker overview
Docker is a system that lets you run programs in lightweight
containers.
Technical details: “Containers From Scratch”
https://www.youtube.com/watch?v=8fi7uSYlOdc
Dockerfiles
are recipes for creating
images
COHESION SUMMIT
6
Docker overview
Docker is a system that lets you run programs in lightweight
containers.
Technical details: “Containers From Scratch”
https://www.youtube.com/watch?v=8fi7uSYlOdc
Dockerfiles
are recipes for creating
images
Images are used to run
containers
Containers are transient
Images may be shared through registries
COHESION SUMMIT
8
Docker overview
Docker is a system that lets you run programs in lightweight
containers.
Technical details: “Containers From Scratch”
https://www.youtube.com/watch?v=8fi7uSYlOdc
Dockerfiles
are recipes for creating
images
Images are used to run
containers
Containers are transient
Images may be shared through registries
A
Compose
file can be used to specify containers in an application’s
deployment
COHESION SUMMIT
10
Documented process
Without Docker, you must maintain separate docmentation for how
to deploy your application
With Docker, everything needed to deploy your application is in your
Dockerfile
Code is the final documentation
No danger of it getting stale—it’s constantly in use
Easy to share the deployment process with others
COHESION SUMMIT
12
Version control
Since your environment is now defined across plain text Dockerfiles
and Compose files, it is easy to put it in version control
This gives you all the well-known benefits of version control for your
deployment process:
Record of changes made, who made them, when, and why
Roll back to any point in history
Continuous integration
Improved collaboration
COHESION SUMMIT
13
Standardized deployment
Since the process is described by code and kept in version control,
it’s easy to have a standard deployment across environments
Difference between test and production can be as simple as which
commit in the history you are on
Still requires a bit of effort for configuration management
COHESION SUMMIT
14
Local development
You can run containers on your local machine
Docker is cross-platform
Developers don’t have to share a test machine
Pushing to the next stage is reliable
Everything is in version control
Entire deploy process is code, which will be perfomed identically on your local workstation
and the server
Caveats
Local workstation needs to be powerful enough for the deployment
Some applications with external dependencies don’t play nice
(e.g. Banner 9)
COHESION SUMMIT
15
Easier upgrades
Your inclusion of dependencies is part of your defined, repeatable
deployment process
You can track the latest image in your Dockerfile
Old Docker images are saved in a cache; if something breaks, you can
restart the old version
COHESION SUMMIT
16
Increased security
Containers run only with what they need
Living off the land attack surface is minimized
Caveats
Same kernel as host
Centralization has the potential to put more eggs in a single basket
With some forethought, these caveats are no worse than a Docker-
free deployment
COHESION SUMMIT
17
Easier restarts
Everything comes up from scratch each time, so the process is
reliable and repeatable
No process artifacts left over
When making changes, the image build steps can be performed
while the application is still running, speeding up restart time
COHESION SUMMIT
18
Improved monitoring
Each container has its own output and filesystem, so logs are clearly
isolated
Container-specific monitoring tools
docker stats
cAdvisor (and then Prometheus / Grafana)
COHESION SUMMIT
19
Disadvantages
Not everything plays cleanly with this setup
Complicated configurations (e.g. ESM)
External dependencies
A heavy sense of ownership
Most things can be made to work
COHESION SUMMIT
21
Questions?
COHESION SUMMIT
22
Thank You!
Richard Schneider
rschneider@harding.edu
COHESION SUMMIT
23
Docker is a versatile system that enables running programs in lightweight containers, simplifying processes and enhancing rigor. Despite objections, Docker offers benefits such as ease of use, improved efficiency, and image sharing through registries. This presentation by Richard Schneider at Harding University sheds light on Docker's capabilities and its applicability beyond big schools. Technical insights, including the use of Dockerfiles and Compose files, are highlighted.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
Docker: Not Just For Big Schools RICHARD SCHNEIDER, HARDING UNIVERSITY 10/19/2022 10:00 AM
My Objections to Docker We don t create servers often. Our existing Tomcat servers suit our needs. We don t want to overengineer things. We care about security, and don t want to run opaque images built by unknown strangers. We just don t need it. We can do everything we need with our standard tools. 3 COHESION SUMMIT
There is very little you need Docker to do. Docker makes many things easier and rigorous. 4 COHESION SUMMIT
Some disclaimers Much of this presentation applies to other technologies, but I m saying Docker for simplicity. There are numerous Docker features I will not cover. This will not be a technical talk. My primary focus here are the high- level benefits. I am not an expert. There are multiple schools who have gone much further down this path. I d love to hear from you! 5 COHESION SUMMIT
Docker overview Docker is a system that lets you run programs in lightweight containers. Technical details: Containers From Scratch https://www.youtube.com/watch?v=8fi7uSYlOdc Dockerfiles are recipes for creating images 6 COHESION SUMMIT
Docker overview Docker is a system that lets you run programs in lightweight containers. Technical details: Containers From Scratch https://www.youtube.com/watch?v=8fi7uSYlOdc Dockerfiles are recipes for creating images Images are used to run containers Containers are transient Images may be shared through registries 8 COHESION SUMMIT
Docker overview Docker is a system that lets you run programs in lightweight containers. Technical details: Containers From Scratch https://www.youtube.com/watch?v=8fi7uSYlOdc Dockerfiles are recipes for creating images Images are used to run containers Containers are transient Images may be shared through registries A Compose file can be used to specify containers in an application s deployment 10 COHESION SUMMIT
Documented process Without Docker, you must maintain separate docmentation for how to deploy your application With Docker, everything needed to deploy your application is in your Dockerfile Code is the final documentation No danger of it getting stale it s constantly in use Easy to share the deployment process with others 12 COHESION SUMMIT
Version control Since your environment is now defined across plain text Dockerfiles and Compose files, it is easy to put it in version control This gives you all the well-known benefits of version control for your deployment process: Record of changes made, who made them, when, and why Roll back to any point in history Continuous integration Improved collaboration 13 COHESION SUMMIT
Standardized deployment Since the process is described by code and kept in version control, it s easy to have a standard deployment across environments Difference between test and production can be as simple as which commit in the history you are on Still requires a bit of effort for configuration management 14 COHESION SUMMIT
Local development You can run containers on your local machine Docker is cross-platform Developers don t have to share a test machine Pushing to the next stage is reliable Everything is in version control Entire deploy process is code, which will be perfomed identically on your local workstation and the server Caveats Local workstation needs to be powerful enough for the deployment Some applications with external dependencies don t play nice (e.g. Banner 9) 15 COHESION SUMMIT
Easier upgrades Your inclusion of dependencies is part of your defined, repeatable deployment process You can track the latest image in your Dockerfile Old Docker images are saved in a cache; if something breaks, you can restart the old version 16 COHESION SUMMIT
Increased security Containers run only with what they need Living off the land attack surface is minimized Caveats Same kernel as host Centralization has the potential to put more eggs in a single basket With some forethought, these caveats are no worse than a Docker- free deployment 17 COHESION SUMMIT
Easier restarts Everything comes up from scratch each time, so the process is reliable and repeatable No process artifacts left over When making changes, the image build steps can be performed while the application is still running, speeding up restart time 18 COHESION SUMMIT
Improved monitoring Each container has its own output and filesystem, so logs are clearly isolated Container-specific monitoring tools docker stats cAdvisor (and then Prometheus / Grafana) 19 COHESION SUMMIT
Disadvantages Not everything plays cleanly with this setup Complicated configurations (e.g. ESM) External dependencies A heavy sense of ownership Most things can be made to work 21 COHESION SUMMIT
Questions? 22 COHESION SUMMIT
Thank You! Richard Schneider rschneider@harding.edu 23 COHESION SUMMIT
