Docker Demystified Learn How to Develop and Deploy Applications Using Docker (Saibal Ghosh) (Z-Library)

📄 File Format: PDF

💾 File Size: 10.0 MB

📖 Read Online ⬇️ Download

Registered users can read the full content for free

Register as a Gaohf Library member to read the complete e-book online for free and enjoy a better reading experience.

📄 Page 1

(This page has no text content)

📄 Page 2

(This page has no text content)

📄 Page 3

Docker Demystified Learn How to Develop and Deploy Applications Using Docker Saibal Ghosh www.bpbonline.com

📄 Page 4

FIRST EDITION 2021 Copyright © BPB Publications, India ISBN: 978-93-89845-87-7 All Rights Reserved. No part of this publication may be reproduced or distributed in any form or by any means or stored in a database or retrieval system, without the prior written permission of the publisher with the exception to the program listings which may be entered, stored and executed in a computer system, but they can not be reproduced by the means of publication. LIMITS OF LIABILITY AND DISCLAIMER OF WARRANTY The information contained in this book is true to correct and the best of author’s & publisher’s knowledge. The author has made every effort to ensure the accuracy of these publications, but cannot be held responsible for any loss or damage arising from any information in this book. All trademarks referred to in the book are acknowledged as properties of their respective owners but BPB Publications cannot guarantee the accuracy of this information. Distributors: BPB PUBLICATIONS 20, Ansari Road, Darya Ganj New Delhi-110002 Ph: 23254990/23254991 MICRO MEDIA Shop No. 5, Mahendra Chambers, 150 DN Rd. Next to Capital Cinema, V.T. (C.S.T.) Station, MUMBAI-400 001 Ph: 22078296/22078297 DECCAN AGENCIES 4-3-329, Bank Street, Hyderabad-500195

📄 Page 5

Ph: 24756967/24756400 BPB BOOK CENTRE 376 Old Lajpat Rai Market, Delhi-110006 Ph: 23861747 Published by Manish Jain for BPB Publications, 20 Ansari Road, Darya Ganj, New Delhi-110002 and Printed by him at Repro India Ltd, Mumbai www.bpbonline.com

📄 Page 6

Dedicated to All those who kept faith in me when they had no reason to

📄 Page 7

About the Author Saibal Ghosh works as a Principal Architect in Ericsson India Ltd. He has donned many hats in his career, including being a database administrator, a technical consultant, a technical writer, an application developer, and a trainer. He has a set of specific skills: understanding technology deeply and a keen sense of business pragmatism, and he thrives on matching these optimally. He has over the years, picked up different technologies, and uses them liberally to solve real-world problems in his profession. Of late, he is enamored by DevOps and spends a lot of his time working with Docker and Kubernetes and believes that DevOps is the future of Application Development. He obsesses about technical communication and tries very hard to ensure that such communication is correct, accurate, and to the point. He brings to the table more than twenty years of technical and business experience in and around infrastructure and security, presales, consulting, and solutioning. Outside of work, Saibal loves reading, meditating, doing yoga, and spending time with his family.

📄 Page 8

About the Reviewers Indrajit Nandi is an IT Architect with over 17 years of experience in the mobile telecommunication industry. He is a TOGAF certified platform architect with documented success in creating IT infrastructures in the private and public cloud environments. He is experienced in areas like System Integration, Solution Architecting, Consulting in Large Scale Transformation, Integration and Implementation Engagements with leading Global organizations. He has expertise in IT Infrastructure, BSS implementation, Business Continuity Setup, Vendor Management etc. He possess significant exposure in Telecom Billing and Mediation Product Implementation and System Integration. He is proficient in platform technologies like Chassis management, Blade Server, Storage, Linux, Virtualization, OpenStack, Public Cloud, Container and Container Orchestration. He is deft in providing technical consulting in multiple operating platforms and various telecommunication operators including Tier-I, Tier-II and Green-Field Operators. His current role is majorly involved in Infrastructure requirement analysis, effort estimation, proposal making, client handling, high and low level solution design preparation, solution implementation in the Telecom Domain. He has completed his Bachelors of Engineering (Electronics & Telecommunications), from Jadavpur University, India. Debasis Maity has 15 years of experience in various DB technologies like Oracle, PostgreSQL, Cassandra, MongoDB, and MySQL. He also has worked in the containerization of various DB components in Docker and deployed in Kubernetes. He has profound knowledge in Devops using tools like Git, Jenkins, GitLab, and Ansible. Currently, he is working in Ericsson, USA as a database architect.

📄 Page 9

Linkedin profile: https://www.linkedin.com/in/debasis-maity- 19007115/ Sabyasachi Banerjee has a penchant for new technologies with a focus on data driven architecture and automation. He has been in the industry for twenty plus years. Currently he is involved in Identity Management and Engineered System design and implementation projects. He is an early adopter of most things new. He is a B.Tech in Metallurgical Engineering from NIT, Warangal, who has dabbled in making steel to software development. He travels for work and enjoys hiking, traveling, and photography. Presently working as a Senior Consultant in New Zealand.

📄 Page 10

Acknowledgements This book would not have been possible without the blessings of my late parents, and the continued support of my wife Mouli and son Arpan, both of whom had to often put up with my brusque and curt manner, as I worked on the book late in the evenings and on weekends, cutting out on family time. I would like to thank the technical reviewers of the book: Indrajit Nandi, Debasis Maity and Sabyasachi Banerjee, all of whom took time out from their busy schedules to technically review the book and give me the reassurance that the book indeed fulfils the objectives for which it was written. My gratitude also goes out to a lot of other people who encouraged me during the writing of this book, none more so than my brother Prabal, who helped me with all the diagrams in the book, as well as my friends and colleagues who kept me on my toes by often asking me about the progress of the book, thereby implicitly nudging me along. This genesis of this book lies in my struggle in trying to decipher and understand Docker while I was learning it and trying to find the answers to questions and doubts that came to my mind while I tried to wrap my head around all the new concepts and terminologies, often facing a sea of doubts with no shoreline in sight. If this book helps in ‘demystifying’ Docker for someone who is new to the technology, I would consider my job well done and my efforts more than adequately compensated. Finally, I would like to thank BPB Publications for helping me throughout the book.

📄 Page 11

Preface Till a few years ago, all applications were monolithic in nature. That is, they were built as a single unit and were considered a composite whole. Any changes to be incorporated into the application meant bringing down the entire application stack, making changes to it, testing it out, and then bringing it up. The whole process was very cumbersome, unwieldy, and often error prone. Many times applications that ran perfectly on the test environment ran suboptimally on the production system or, worse, sometimes even didn’t run at all! And it frequently took days of painstaking analysis to find out that say, some of the libraries that were present in the development environment were missing in the production environment, resulting in the mismatch and all the subsequent problems. Enter containers. The way containers work is that they encapsulate an application into a single executable package along with all its related configuration files, libraries, and dependencies required for it to run. Containerized applications share the operating system of the host and use the run time engine of Docker to coordinate all the activities that let more than one container residing on the same host operating system share the host operating system’s resources. This, of course, eliminates the requirement of having numerous operating systems and makes the containers fast, nimble, and agile. These days most large-scale applications are microservice based. Instead of using a single monolithic codebase, applications are broken down into a collection of smaller components called microservices. The benefits of doing something like this is enormous. Each component can be individually developed, tested, deployed, and scaled. There is no dependency on other applications and enables the use of different programming languages, databases, and other tools for each microservice.

📄 Page 12

It is no idle coincidence that microservice based architecture has become very popular along with the growth of containers because it is containers that allow us the leeway for creating self-contained applications (microservice-based applications), which are loosely coupled and can be independently deployed and each separate application can work independently as well as be part of a composite whole, that is the microservices can be linked together to form a larger application. Docker is an excellent tool for microservices. Each application can be deployed in separate containers, or they may even be broken down into separate processes running in separate Docker containers. The main aim of this book is to provide you the necessary information and understanding to develop the skills to use Docker for your application development, deployment, and management. This book has a very hands-on approach, and there is a screenshot provided for almost every example done. Every concept is explained using a proof by example methodology so that the reader not only reads about the concept but also immediately sees a demonstration of the concept. In this book, you will learn about the following: Chapter 1 is an introductory chapter. This chapter introduces us to the world of containers, and talks about its benefits, and walks us through its difference with virtual machines, and then goes on to discuss the evolution of Docker and how it has become the tool of choice for application development. This chapter also discusses the Docker Registry, Microservices, and built-in security in Docker. Chapter 2 goes deeper into containers and its fundamental building block, images. In this chapter, we dissect containers and images and learn about them in detail. In this chapter, we will also learn to run containers, inspect them, check their logs, and then have a look at the container architecture. We also talk in detail about images, dockerfile, and how they all bind together. Chapter 3 Having understood containers and images, in this chapter, we look into storage drivers and volumes, which form a part of the building block of the docker ecosystem. This chapter goes

📄 Page 13

deep into storage drivers and volumes and the intricacies of their usage. Chapter 4 is a key chapter. In this chapter, we look into the theory behind Docker networking, which is thoroughly application driven. We also look at the structure of Docker networks and how it provides all the bells and whistles for the network to work smoothly, but at the same time keeping just the right level of abstraction for ease of use for application developers. Chapter 5 takes us into the world of Docker Swarm. This chapter explains the concept of orchestration and shows us how to harness the cumulative capabilities of numerous containers working together either on-premise or in the cloud. Chapter 6 goes deep into Docker networking, looking into the implementation of various networks in the Docker landscape. This chapter discusses the intricacies of the networks and how Linux networking features are leveraged to create a robust and secure networking infrastructure in Docker. Chapter 7 takes a look at the security features available in Linux and how they are utilized in Docker. This chapter focuses on the security capabilities of Linux and how they may be leveraged to create a safe and secure Docker environment. Chapter 8 details are securing our containerized applications combining the security features of Linux and the Docker Enterprise Edition. This chapter goes deep into the various components of the Docker Enterprise Edition and how we can best use these features along with the security features provided by Linux to secure our Docker containers.

📄 Page 14

Errata We take immense pride in our work at BPB Publications and follow best practices to ensure the accuracy of our content to provide with an indulging reading experience to our subscribers. Our readers are our mirrors, and we use their inputs to reflect and improve upon human errors if any, occurred during the publishing processes involved. To let us maintain the quality and help us reach out to any readers who might be having difficulties due to any unforeseen errors, please write to us at : errata@bpbonline.com Your support, suggestions and feedbacks are highly appreciated by the BPB Publications’ Family. Did you know that BPB offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.bpbonline.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at business@bpbonline.com for more details. At www.bpbonline.com, you can also read a collection of free technical articles, sign up for a range of free newsletters, and receive exclusive discounts and offers on BPB books and eBooks.

📄 Page 15

BPB is searching for authors like you If you're interested in becoming an author for BPB, please visit www.bpbonline.com and apply today. We have worked with thousands of developers and tech professionals, just like you, to help them share their insight with the global tech community. You can make a general application, apply for a specific hot topic that we are recruiting an author for, or submit your own idea. The code bundle for the book is also hosted on GitHub at https://github.com/bpbpublications/Docker-Demystified. In case there's an update to the code, it will be updated on the existing GitHub repository. We also have other code bundles from our rich catalog of books and videos available at https://github.com/bpbpublications. Check them out! PIRACY If you come across any illegal copies of our works in any form on the internet, we would be grateful if you would provide us with the location address or website name. Please contact us at business@bpbonline.com with a link to the material. If you are interested in becoming an author If there is a topic that you have expertise in, and you are interested in either writing or contributing to a book, please visit www.bpbonline.com. REVIEWS Please leave a review. Once you have read and used this book, why not leave a review on the site that you purchased it from? Potential readers can then see and use your unbiased

📄 Page 16

opinion to make purchase decisions, we at BPB can understand what you think about our products, and our authors can see your feedback on their book. Thank you! For more information about BPB, please visit www.bpbonline.com.

📄 Page 17

Table of Contents 1. Introduction to Containerization and Docker Introduction Structure Objective Life before Containerization Concept of Containerization Benefits of Containerization Docker The Docker Engine Docker Engine Components Flow Docker Hub and Docker Registry Linux and Windows Container What about Container on Windows? Microservices and Containerization Security in Docker Conclusion Points to Remember Multiple Choice Questions Answers Questions Key Terms 2. Containers and Images Structure Objective Conceptualizing Containers Running Containers States of a Docker Container Getting inside a Container Inspecting a Container The Container Logs Basic Container Architecture

📄 Page 18

What is a Docker Image Getting deeper into Images Copy on Write Where are the images stored? Inspecting an image Saving an image Using the COMMIT command to save an image The Dockerfile The Build Cache Use Multi-Stage Builds Conclusion Points to Remember Multiple Choice Questions Answers Questions Key Terms 3. Storage Drivers and Volumes Structure Objective Docker Storage Drivers Supported Storage Drivers Backing Filesystem Support Overlay and Overlay2 Storage Drivers Going deeper into the overlay2 storage driver Docker Volumes Conclusion Points to Remember Multiple Choice Questions Answers Questions Key Terms 4. The Container Network Model and the Docker Bridge Structure Objective The Container Network Model

📄 Page 19

The CNM Driver Interfaces The Libnetwork Docker Drivers The Docker Bridge Network The Concept of Linux Namespaces The Docker Bridge Conclusion Points to Remember Multiple Choice Questions Answers Questions Key Terms 5. Docker Swarm Introduction Structure Objective Docker Swarm defined Benefits of using Docker Swarm Setting up a Swarm Consensus in Docker Swarm The concept of service in swarm Creating replicas Scaling a Service Replicated and Global Services Draining a Swarm Locking and unlocking a Swarm cluster Networking in Docker Swarm Creating a service with a published port Bypassing the routing mesh for a Swarm Traffic encryption on an overlay network Troubleshooting Docker Swarm Conclusion Points to Remember Multiple Choice Questions Answers Questions

📄 Page 20

Key Terms 6. Docker Networking Introduction Structure Objective Docker Networks The Bridge Network The Host Network The None Network Using an existing container’s namespace Port Mapping MACVLAN Network The MACVLAN Bridge Network The 802.1q Trunk Bridge Network Overlay Network Points to Remember Multiple Choice Questions Answers Questions Key Terms 7. Docker Security-1 Introduction Structure Objective Kernel Namespaces Control Groups Memory CPU Capabilities Mandatory Access Control Docker and AppArmor Docker and SELinux Seccomp Conclusion Points to Remember