docker in suse linux enterprise server 12 · pdf file®®®serevs. .2 5 figure...

Click here to load reader

Post on 15-Mar-2019

213 views

Category:

Documents

0 download

Embed Size (px)

TRANSCRIPT

Docker in SUSE LinuxEnterprise Server 12

White PaperServer

Table of Contents page

Executive Summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2

Challenges in Development and Operations Today. . . . . . . . .2

Docker and Containers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2

Enterprise Use Cases for Docker. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

Docker in SUSE Linux Enterprise Server 12. . . . . . . . . . . . . . . . . . . . . . 4

Whats Coming. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

Next Steps. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

2

Server White PaperDocker in SUSE Linux Enterprise Server 12

Docker.from.SUSE.provides.customers.with.enterprise-focused.features.and.easy-to-use.tools.that.improve.operational.effi-ciency.and.allow.you.to.more.easily.and.fully.use.innovations.in.the.Docker.space .

Challenges in Development and Operations TodayGiven.constant.requests.for.newer.features.and.faster.delivery.from.end.users,.both.enterprise.application.development.and.data.center.operation.teams.are.facing.more.and.more.chal-lenges.in.improving.their.collaboration .

Their.first.challenge.is.how.to.reconcile.the.conflict.between.frequent.releases.versus.staged.production.schedules ..On.the.one.hand,.developers.want.to.release.new.revisions.of.codes.frequently,.in.days,.to.the.operations.team ..On.the.other.hand,.to.maintain.data.center.stability.and.uptime,.the.operations.team.normally.uses.staged.deployment,.e .g .,.to.include.new.codes.once.a.month .

Second,.the.development.environment.and.production.environ-ment,.although.managed.to.be.identical,.in.reality.have.some.differences ..There.may.be.some.minor.differences.in.the.libraries.or.the.runtime.that.could.create.incompatibility.issues.and.cause.downtime ..Whats.worse,.these.issues.are.hard.to.find.before.the.application.is.actually.running ..And.this.causes.conflict.be-tween.the.teams:.for.example,.It.works.on.my.dev.machine,.so.its.operations.problem .

Finally,.operations.teams.are.facing.time-to-market.pressure.and.need.more.options.for.efficiency.and.utilization ..Virtualization.is.helping.in.some.aspects ..But.if.customers.need.a.more.dense.solution,.traditional.virtualization.cannot.do.more,.due.to.the.resource.isolation.nature.among.virtual.machines.(VMs) ..For.example,.you.cannot.optimize.the.disk.utilization.among.VMs.because.each.VMs.images.are.fully.independent .

Docker,.as.an.innovative.framework.based.on.Linux.Containers,.provides.an.efficient.way.to.address.all.these.challenges .

Docker and ContainersContainers.have.a.long.history.in.computing ..They.were.ini-tially.introduced.in.the.UNIX.age.and.can.still.be.seen.in.some.UNIX.platforms.today ..Unlike.hypervisor.virtualization,.where.one.or.more.independent.machines.run.virtually.on.physical.hardware.via.an.intermediation.layer,.containers.instead.run.in.user.space.on.top.of.an.operating.systems.kernel ..As.a.result,.container.virtualization.is.often.called.operating.system.(OS)-level.virtualization .

SUSE.has.been.supporting.Linux.Containers.since.SUSE.Linux.Enterprise.Server.11.SP2.was.introduced.in.2012 ..This.technol-ogy.provides.customers.with.highly.efficient.and.low.overhead.OS-level.virtualization ..Also,.its.designed.to.work.well.with.other.virtualization.technologies.supported.by.the.distribution .

Executive SummaryBefore virtualization, to bring up a new server took days; virtualization reduced the time to minutes; and, now, with containers and Docker, it takes just seconds. SUSE Linux Enterprise Server 12 includes support for Docker, an open source technology that automates the deployment of applications inside Linux Containers.

3www.suse.com

Docker,.an.open-source.engine.that.automates.the.deployment.of.applications.into.containers,.adds.an.application.deployment.engine.on.top.of.a.virtualized.container.execution.environment ..Its.designed.to.provide.a.lightweight.and.fast.environment.in.which.to.run.your.code.as.well.as.an.efficient.workflow.to.get.that.code.from.your.laptop.to.your.test.environment.and.then.into.production,.minimizing.incompatibility.issues ..On.a.very.high.level,.Docker.is:

Lightweight and easy.Dockerisfast.Youcanquicklycreatecontainersrunningyourapplications.MostDockercontainerstakelessthanasecondtolaunch.Andasrecentresearch*shows,containershavenearnativeperformance.Thisisthankstotheremovaloftheoverheadofthehypervisor.Moreover,Dockeroffersanadvancedmultilayeredunificationfilesystem(AUFS)thatallowsefficientdiskutilizationandeasyOSresourcesharing.

Application-centric.Dockerfocusesonapplicationoutputwithoutworryingaboutvirtualsystemdetails,soitsahighlydeveloperfriendlymethodology.Dockerisdesignedtoenhanceconsistencybyensuringtheenvironmentinwhichyourdeveloperswritecodematchestheenvironmentsintowhichyourapplicationsaredeployed.

Fast, efficient deployment life cycle.Dockeraimstoreducethecycletimebetweencodebeingwrittenandcodebeingtested,deployedandused.Itaimstomakeyourapplicationsportable,easytobuildandeasytocollaborateon.

Enterprise Use Cases for DockerAs.a.new.technology,.Docker.is.evolving ..And.its.use.cases.in.en.terprises.are.evolving,.too ..Here.are.some.typical.cases:

Devops.Dockerisidealforquicklysettingupdevelopmentandtestenvironmentsaswellassandboxes.ComparedtoaVM,itsmoreefficientwithlessoverhead.Inaddition,Dockeroffersbettersegregationofdutiesfordevopstoimproveefficiency;developersneedtofocusonlyontheirapplicationsrunninginsidecontainerswhileoperationsfocusesonmanagingthecontainers.Finally,DockercanbeeasilyintegratedintoadevopstoolstacksuchasJenkinstoachievebetterworkflowautomationandcontinuousintegration.

Server consolidation.ThelowoverheadandlayeredimagesystemofDockercontainersimprovetheserverconsolidationratio.ByremovingaguestOS,Dockercontainerscanhavetwotothreetimesthedensity(numberofvirtualenvironments)ofaregularVM.Thisprovidesmanybenefitstocustomers,e.g.,hostingcompaniesthatwanttoreducetheircostsbyrunningmorevirtualenvironmentsonexistinghardwareplatforms.

Table 1Comparison of a Virtual Machine (VM) and a Container

VM Container

OS environment Full.OS.is.needed.for.each.VM Containers.share.the.same.kernel

Virtualization mechanism Emulation.of.a.physical.computing.environment. .No.hypervisors,.no.hardware.emulation ..Rely.on.kernel.namespace.and.cgroups

Virtualization type Full.virtualization.or.para-virtualization OS-level.virtualization

OS-supported Any.OS.is.supported Must.be.an.instance.of.Linux

Resource sharing High-level.resource.management.policies Access.to.resource.over.normal.user.space/IPC.facilities

Start/boot speed Slow.(OS.boot) Fast

Overhead High Low

Virtualization level Hardware Software

Sharing with the host Complex.due.to.isolation.between.host.and.VM Easy:.host.sees.everything;.containers.see.their.own

Security Secure.isolation.yet.larger.attack.surface.(VM.OS.and.hypervisor)

Less.secure.than.VMs.

__________

* http://domino.research.ibm.com/library/cyberdig.nsf/papers/ 0929052195DD819C85257D2300681E7B/$File/rc25482.pdf

http://domino.research.ibm.com/library/cyberdig.nsf/papers/0929052195DD819C85257D2300681E7B/$File/rc25482.pdfhttp://www.suse.com

4

Server White PaperDocker in SUSE Linux Enterprise Server 12

Platform-as-a-Service (PaaS) and managed services.DockercanbeusedtobuildamultitenantPaaSinfrastructurebecauseitiseasyandinexpensivetocreateisolatedenvironmentsforrunningmultipleinstancesofapptiersforeachtenant.ThisispossiblegiventhespinupspeedofDockerenvironmentsandeffectivetools.Also,Dockerhelpstorunstandaloneservicesandapplicationsconsistentlyacrossmultipleenvironments,acapabilityespeciallyusefulinserviceorientedarchitectures(SOA)anddeploymentsthatrelyheavilyonmicroservices.

Docker in SUSE Linux Enterprise Server 12SUSE.Linux.Enterprise.Server.is.designed.to.provide.better.op-erational.efficiencies.to.enterprise.customers.by.including.best-of-breed.open.source.technologies ..Just.like.its.support.of.Linux.Containers.and.dual.hypervisors,.namely.Xen.and.KVM,.SUSE.Linux.Enterprise.Server.12,.the.latest.major.version,.includes.support.for.Docker.as.a.complementary.virtualization.option.for.customers.with.the.following.advantages:

Enterprise-ready.FullysupportedwithaSUSELinuxEnterpriseServer12subscription,DockerfromSUSEisenterpriseready.Itprovidesprebuiltimagesfromastandardrepository,atrustedsourcethatisverifiedanddistributedbySUSE.Whatsmore,youcansetupanonpremiseregistrybehindtheenterprisefirewall,minimizingexposuretomaliciousattacks,andhavebettercontrolofyourIP.Portus,anopensourcefrontendforanonpremiseDockerregistry,isincludedasatechnologypreview.WithPortus,youcanhaveauthorization,aswellasauserinterfaceandsearchfunctions,foryouronpremiseDockerregistry,improvingsecurityandproductivity.TheauthorizationfunctionofPortusallowsenterpriseuserstocontroltheaccesstoDockerimagesandenhancesdatasecurity.

Figure 1Portus Graphical User Interface

Improves operational efficiency. DockerandcontainersfromSUSE