docker in suse linux enterprise server 12 · 4 ®sersev. .2dsvockse...

Click here to load reader

Post on 30-Mar-2019

213 views

Category:

Documents

0 download

Embed Size (px)

TRANSCRIPT

Docker in SUSE LinuxEnterprise Server 12

White PaperServer

Table of Contents page

Executive Summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2

Challenges in Development and Operations Today. . . . . . . . .2

Docker and Containers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2

Enterprise Use Cases for Docker. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

Docker in SUSE Linux Enterprise Server 12. . . . . . . . . . . . . . . . . . . . . . 4

Whats Coming. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

Next Steps. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

2

Server White PaperDocker in SUSE Linux Enterprise Server 12

Docker.from.SUSE.provides.customers.with.enterprise-focused.features.and.easy-to-use.tools.that.improve.operational.effi-ciency.and.allow.you.to.more.easily.and.fully.use.innovations.in.the.Docker.space .

Challenges in Development and Operations TodayGiven.constant.requests.for.newer.features.and.faster.delivery.from.end.users,.both.enterprise.application.development.and.data.center.operation.teams.are.facing.more.and.more.chal-lenges.in.improving.their.collaboration .

Their.first.challenge.is.how.to.reconcile.the.conflict.between.frequent.releases.versus.staged.production.schedules ..On.the.one.hand,.developers.want.to.release.new.revisions.of.codes.frequently,.in.days,.to.the.operations.team ..On.the.other.hand,.to.maintain.data.center.stability.and.uptime,.the.operations.team.normally.uses.staged.deployment,.e .g .,.to.include.new.codes.once.a.month .

Second,.the.development.environment.and.production.environ-ment,.although.managed.to.be.identical,.in.reality.have.some.differences ..There.may.be.some.minor.differences.in.the.libraries.or.the.runtime.that.could.create.incompatibility.issues.and.cause.downtime ..Whats.worse,.these.issues.are.hard.to.find.before.the.application.is.actually.running ..And.this.causes.conflict.be-tween.the.teams:.for.example,.It.works.on.my.dev.machine,.so.its.operations.problem .

Finally,.operations.teams.are.facing.time-to-market.pressure.and.need.more.options.for.efficiency.and.utilization ..Virtualization.is.helping.in.some.aspects ..But.if.customers.need.a.more.dense.solution,.traditional.virtualization.cannot.do.more,.due.to.the.resource.isolation.nature.among.virtual.machines.(VMs) ..For.example,.you.cannot.optimize.the.disk.utilization.among.VMs.because.each.VMs.images.are.fully.independent .

Docker,.as.an.innovative.framework.based.on.Linux.Containers,.provides.an.efficient.way.to.address.all.these.challenges .

Docker and ContainersContainers.have.a.long.history.in.computing ..They.were.ini-tially.introduced.in.the.UNIX.age.and.can.still.be.seen.in.some.UNIX.platforms.today ..Unlike.hypervisor.virtualization,.where.one.or.more.independent.machines.run.virtually.on.physical.hardware.via.an.intermediation.layer,.containers.instead.run.in.user.space.on.top.of.an.operating.systems.kernel ..As.a.result,.container.virtualization.is.often.called.operating.system.(OS)-level.virtualization .

SUSE.has.been.supporting.Linux.Containers.since.SUSE.Linux.Enterprise.Server.11.SP2.was.introduced.in.2012 ..This.technol-ogy.provides.customers.with.highly.efficient.and.low.overhead.OS-level.virtualization ..Also,.its.designed.to.work.well.with.other.virtualization.technologies.supported.by.the.distribution .

Executive SummaryBefore virtualization, to bring up a new server took days; virtualization reduced the time to minutes; and, now, with containers and Docker, it takes just seconds. SUSE Linux Enterprise Server 12 includes support for Docker, an open source technology that automates the deployment of applications inside Linux Containers.

3www.suse.com

Docker,.an.open-source.engine.that.automates.the.deployment.of.applications.into.containers,.adds.an.application.deployment.engine.on.top.of.a.virtualized.container.execution.environment ..Its.designed.to.provide.a.lightweight.and.fast.environment.in.which.to.run.your.code.as.well.as.an.efficient.workflow.to.get.that.code.from.your.laptop.to.your.test.environment.and.then.into.production,.minimizing.incompatibility.issues ..On.a.very.high.level,.Docker.is:

Lightweight and easy.Dockerisfast.Youcanquicklycreatecontainersrunningyourapplications.MostDockercontainerstakelessthanasecondtolaunch.Andasrecentresearch*shows,containershavenearnativeperformance.Thisisthankstotheremovaloftheoverheadofthehypervisor.Moreover,Dockeroffersanadvancedmultilayeredunificationfilesystem(AUFS)thatallowsefficientdiskutilizationandeasyOSresourcesharing.

Application-centric.Dockerfocusesonapplicationoutputwithoutworryingaboutvirtualsystemdetails,soitsahighlydeveloperfriendlymethodology.Dockerisdesignedtoenhanceconsistencybyensuringtheenvironmentinwhichyourdeveloperswritecodematchestheenvironmentsintowhichyourapplicationsaredeployed.

Fast, efficient deployment life cycle.Dockeraimstoreducethecycletimebetweencodebeingwrittenandcodebeingtested,deployedandused.Itaimstomakeyourapplicationsportable,easytobuildandeasytocollaborateon.

Enterprise Use Cases for DockerAs.a.new.technology,.Docker.is.evolving ..And.its.use.cases.in.en.terprises.are.evolving,.too ..Here.are.some.typical.cases:

Devops.Dockerisidealforquicklysettingupdevelopmentandtestenvironmentsaswellassandboxes.ComparedtoaVM,itsmoreefficientwithlessoverhead.Inaddition,Dockeroffersbettersegregationofdutiesfordevopstoimproveefficiency;developersneedtofocusonlyontheirapplicationsrunninginsidecontainerswhileoperationsfocusesonmanagingthecontainers.Finally,DockercanbeeasilyintegratedintoadevopstoolstacksuchasJenkinstoachievebetterworkflowautomationandcontinuousintegration.

Server consolidation.ThelowoverheadandlayeredimagesystemofDockercontainersimprovetheserverconsolidationratio.ByremovingaguestOS,Dockercontainerscanhavetwotothreetimesthedensity(numberofvirtualenvironments)ofaregularVM.Thisprovidesmanybenefitstocustomers,e.g.,hostingcompaniesthatwanttoreducetheircostsbyrunningmorevirtualenvironmentsonexistinghardwareplatforms.

Table 1Comparison of a Virtual Machine (VM) and a Container

VM Container

OS environment Full.OS.is.needed.for.each.VM Containers.share.the.same.kernel

Virtualization mechanism Emulation.of.a.physical.computing.environment. .No.hypervisors,.no.hardware.emulation ..Rely.on.kernel.namespace.and.cgroups

Virtualization type Full.virtualization.or.para-virtualization OS-level.virtualization

OS-supported Any.OS.is.supported Must.be.an.instance.of.Linux

Resource sharing High-level.resource.management.policies Access.to.resource.over.normal.user.space/IPC.facilities

Start/boot speed Slow.(OS.boot) Fast

Overhead High Low

Virtualization level Hardware Software

Sharing with the host Complex.due.to.isolation.between.host.and.VM Easy:.host.sees.everything;.containers.see.their.own

Security Secure.isolation.yet.larger.attack.surface.(VM.OS.and.hypervisor)

Less.secure.than.VMs.

__________

* http://domino.research.ibm.com/library/cyberdig.nsf/papers/ 0929052195DD819C85257D2300681E7B/$File/rc25482.pdf

http://domino.research.ibm.com/library/cyberdig.nsf/papers/0929052195DD819C85257D2300681E7B/$File/rc25482.pdfhttp://www.suse.com

4

Server White PaperDocker in SUSE Linux Enterprise Server 12

Platform-as-a-Service (PaaS) and managed services.DockercanbeusedtobuildamultitenantPaaSinfrastructurebecauseitiseasyandinexpensivetocreateisolatedenvironmentsforrunningmultipleinstancesofapptiersforeachtenant.ThisispossiblegiventhespinupspeedofDockerenvironmentsandeffectivetools.Also,Dockerhelpstorunstandaloneservicesandapplicationsconsistentlyacrossmultipleenvironments,acapabilityespeciallyusefulinserviceorientedarchitectures(SOA)anddeploymentsthatrelyheavilyonmicroservices.

Docker in SUSE Linux Enterprise Server 12SUSE.Linux.Enterprise.Server.is.designed.to.provide.better.op-erational.efficiencies.to.enterprise.customers.by.including.best-of-breed.open.source.technologies ..Just.like.its.support.of.Linux.Containers.and.dual.hypervisors,.namely.Xen.and.KVM,.SUSE.Linux.Enterprise.Server.12,.the.latest.major.version,.includes.support.for.Docker.as.a.complementary.virtualization.option.for.customers.with.the.following.advantages:

Enterprise-ready.FullysupportedwithaSUSELinuxEnterpriseServer12subscription,DockerfromSUSEisenterpriseready.Itprovidesprebuiltimagesfromastandardrepository,atrustedsourcethatisverifiedanddistributedbySUSE.Whatsmore,youcansetupanonpremiseregistrybehindtheenterprisefirewall,minimizingexposuretomaliciousattacks,andhavebettercontrolofyourIP.Portus,anopensourcefrontendforanonpremiseDockerregistry,isincludedasatechnologypreview.WithPortus,youcanhaveauthorization,aswellasauserinterfaceandsearchfunctions,foryouronpremiseDockerregistry,improvingsecurityandproductivity.TheauthorizationfunctionofPortusallowsenterpriseuserstocontroltheaccesstoDockerimagesandenhancesdatasecurity.

Figure 1Portus Graphical User Interface

Improves operational efficiency. DockerandcontainersfromSUSEallowyoutocomplementexistingvirtualizationtechnologiestoimproveoperationalefficiency.SUSELinuxEnterpriseServerhasalreadyincludedXenandKVMsupportashypervisoroptions.Itisaperfectguesttoruninvirtualandcloudenvironment,too.WithDockerinSUSELinuxEnterpriseServer,youmaybuild,shipandruncontainerizedapplicationsinphysical,virtualorcloudenvironments,whereveritmakessenseforyouintermsofcostandefficiency.

Easy-to-use tools.SUSEofferseasytousetoolstobuild,deployandmanageDocker.YaSThasbeenthemostefficientmanagementframeworkforSUSELinuxEnterprise.NowyoucanusetheYaSTinterfacetogetasimpleoverviewoftheavailableDockerimages,runDockercontainersandeasilycontrolrunningcontainers.BesidesthebuildtoolsincludedinDocker,youcangetKIWI,aflexiblegoldenimagebuildingtoolthatallowsyoutoconfigureonceandcreateoutputformatsincludingDocker.SUSEalsooffersaconveniencetoolcalledsle2dockerthatcanbeusedtoactivateprebuiltimagesdeliveredbySUSE.

5www.suse.com

Figure 2YaST Interface for Containers

Figure 3Diagram of Docker in SUSE Linux Enterprise Server 12

Whats ComingSUSE.has.a.dedicated.team.working.on.the.latest.Docker.proj-ects.to.make.them.a.better.fit.for.enterprise.uses.in.the.follow-ing.areas:

Better security, compliance and life cycle management..The.integration.with.SUSE.Manager,.a.comprehensive.tool.for.Linux.management,.will.make.it.possible.to.patch.and.update.Docker.images.in.the.registry ..With.this..feature,...customers.will.have.better.control.of.the.security,..compliance.and.life.cycle.of.Docker.images .

Docker is planned to be available on more hardware architectures.such.as.IBM.POWER.and.IBM.zSystem ...The.current.Docker.offering.is.based.on.x86_64.only .

Docker containers integration with SUSE OpenStack Cloud..With.this.integration,.you.can.leverage.the.SUSE.OpenStack.Cloud.functions.of.automation.and.self-service.to.manipulate.containers.just.like.you.manipulate.regular.VMs .

Increased integration with the Open Build Service,.an.open.system.for.building.and.distributing.Linux.images,.including.Docker,.in.an.automatic,.consistent.and.productive.way ...The.integration.aims.to.provide.an.easy.image.building..environment.that.can.be.used.to.provide.always.up-to-.date.images .

Next StepsTo.learn.more.about.Docker:

Watch.the.Docker.mini-course.from.SUSE.at:.www.suse.com/promo/docker.html

Try.a.60-day.free.trial.of.SUSE.Linux.Enterprise.Server.12.at:.www.suse.com/products/server/download/

ViewtheSUSEDockerQuickStartDocumentationat:www.suse.com/documentation/sles-12/singlehtml/ dockerquick/dockerquick.html

http://www.suse.comhttp://www.suse.com/promo/docker.htmlhttp://www.suse.com/products/server/download/http://www.suse.com/documentation/sles-12/singlehtml/dockerquick/dockerquick.html

www.suse.com

Contact your local SUSE Solutions Provider, or call SUSE at:

1.800.796.3700.U .S ./Canada1.801.861.4500.Worldwide

SUSEMaxfeldstrasse.590409.NurembergGermany

262-002517-002 | 06/15 | 2015 SUSE LLC. All rights reserved. SUSE, the SUSE logo and YaST are registered trademarks of SUSE LLC in the

United States and other countries. All third-party trademarks are the property of their respective owners.

http://www.suse.com