|
| 1 | +:title: Manifesto |
| 2 | +:description: An overview of Docker and standard containers |
| 3 | +:keywords: containers, lxc, concepts, explanation |
| 4 | + |
| 5 | +.. _dockermanifesto: |
| 6 | + |
| 7 | +*(This was our original Welcome page, but it is a bit forward-looking |
| 8 | +for docs, and maybe not enough vision for a true manifesto. We'll |
| 9 | +reveal more vision in the future to make it more Manifesto-y.)* |
| 10 | + |
| 11 | +Docker Manifesto |
| 12 | +---------------- |
| 13 | + |
| 14 | +Docker complements LXC with a high-level API which operates at the |
| 15 | +process level. It runs unix processes with strong guarantees of |
| 16 | +isolation and repeatability across servers. |
| 17 | + |
| 18 | +Docker is a great building block for automating distributed systems: |
| 19 | +large-scale web deployments, database clusters, continuous deployment |
| 20 | +systems, private PaaS, service-oriented architectures, etc. |
| 21 | + |
| 22 | +- **Heterogeneous payloads** Any combination of binaries, libraries, |
| 23 | + configuration files, scripts, virtualenvs, jars, gems, tarballs, you |
| 24 | + name it. No more juggling between domain-specific tools. Docker can |
| 25 | + deploy and run them all. |
| 26 | +- **Any server** Docker can run on any x64 machine with a modern linux |
| 27 | + kernel - whether it's a laptop, a bare metal server or a VM. This |
| 28 | + makes it perfect for multi-cloud deployments. |
| 29 | +- **Isolation** docker isolates processes from each other and from the |
| 30 | + underlying host, using lightweight containers. |
| 31 | +- **Repeatability** Because containers are isolated in their own |
| 32 | + filesystem, they behave the same regardless of where, when, and |
| 33 | + alongside what they run. |
| 34 | + |
| 35 | +.. image:: images/lego_docker.jpg |
| 36 | + :target: http://bricks.argz.com/ins/7823-1/12 |
| 37 | + |
| 38 | +What is a Standard Container? |
| 39 | +............................. |
| 40 | + |
| 41 | +Docker defines a unit of software delivery called a Standard |
| 42 | +Container. The goal of a Standard Container is to encapsulate a |
| 43 | +software component and all its dependencies in a format that is |
| 44 | +self-describing and portable, so that any compliant runtime can run it |
| 45 | +without extra dependency, regardless of the underlying machine and the |
| 46 | +contents of the container. |
| 47 | + |
| 48 | +The spec for Standard Containers is currently work in progress, but it |
| 49 | +is very straightforward. It mostly defines 1) an image format, 2) a |
| 50 | +set of standard operations, and 3) an execution environment. |
| 51 | + |
| 52 | +A great analogy for this is the shipping container. Just like Standard |
| 53 | +Containers are a fundamental unit of software delivery, shipping |
| 54 | +containers are a fundamental unit of physical delivery. |
| 55 | + |
| 56 | +Standard operations |
| 57 | +~~~~~~~~~~~~~~~~~~~ |
| 58 | + |
| 59 | +Just like shipping containers, Standard Containers define a set of |
| 60 | +STANDARD OPERATIONS. Shipping containers can be lifted, stacked, |
| 61 | +locked, loaded, unloaded and labelled. Similarly, standard containers |
| 62 | +can be started, stopped, copied, snapshotted, downloaded, uploaded and |
| 63 | +tagged. |
| 64 | + |
| 65 | + |
| 66 | +Content-agnostic |
| 67 | +~~~~~~~~~~~~~~~~~~~ |
| 68 | + |
| 69 | +Just like shipping containers, Standard Containers are |
| 70 | +CONTENT-AGNOSTIC: all standard operations have the same effect |
| 71 | +regardless of the contents. A shipping container will be stacked in |
| 72 | +exactly the same way whether it contains Vietnamese powder coffee or |
| 73 | +spare Maserati parts. Similarly, Standard Containers are started or |
| 74 | +uploaded in the same way whether they contain a postgres database, a |
| 75 | +php application with its dependencies and application server, or Java |
| 76 | +build artifacts. |
| 77 | + |
| 78 | +Infrastructure-agnostic |
| 79 | +~~~~~~~~~~~~~~~~~~~~~~~~~~ |
| 80 | + |
| 81 | +Both types of containers are INFRASTRUCTURE-AGNOSTIC: they can be |
| 82 | +transported to thousands of facilities around the world, and |
| 83 | +manipulated by a wide variety of equipment. A shipping container can |
| 84 | +be packed in a factory in Ukraine, transported by truck to the nearest |
| 85 | +routing center, stacked onto a train, loaded into a German boat by an |
| 86 | +Australian-built crane, stored in a warehouse at a US facility, |
| 87 | +etc. Similarly, a standard container can be bundled on my laptop, |
| 88 | +uploaded to S3, downloaded, run and snapshotted by a build server at |
| 89 | +Equinix in Virginia, uploaded to 10 staging servers in a home-made |
| 90 | +Openstack cluster, then sent to 30 production instances across 3 EC2 |
| 91 | +regions. |
| 92 | + |
| 93 | + |
| 94 | +Designed for automation |
| 95 | +~~~~~~~~~~~~~~~~~~~~~~~~~~ |
| 96 | + |
| 97 | +Because they offer the same standard operations regardless of content |
| 98 | +and infrastructure, Standard Containers, just like their physical |
| 99 | +counterpart, are extremely well-suited for automation. In fact, you |
| 100 | +could say automation is their secret weapon. |
| 101 | + |
| 102 | +Many things that once required time-consuming and error-prone human |
| 103 | +effort can now be programmed. Before shipping containers, a bag of |
| 104 | +powder coffee was hauled, dragged, dropped, rolled and stacked by 10 |
| 105 | +different people in 10 different locations by the time it reached its |
| 106 | +destination. 1 out of 50 disappeared. 1 out of 20 was damaged. The |
| 107 | +process was slow, inefficient and cost a fortune - and was entirely |
| 108 | +different depending on the facility and the type of goods. |
| 109 | + |
| 110 | +Similarly, before Standard Containers, by the time a software |
| 111 | +component ran in production, it had been individually built, |
| 112 | +configured, bundled, documented, patched, vendored, templated, tweaked |
| 113 | +and instrumented by 10 different people on 10 different |
| 114 | +computers. Builds failed, libraries conflicted, mirrors crashed, |
| 115 | +post-it notes were lost, logs were misplaced, cluster updates were |
| 116 | +half-broken. The process was slow, inefficient and cost a fortune - |
| 117 | +and was entirely different depending on the language and |
| 118 | +infrastructure provider. |
| 119 | + |
| 120 | + |
| 121 | +Industrial-grade delivery |
| 122 | +~~~~~~~~~~~~~~~~~~~~~~~~~~ |
| 123 | + |
| 124 | +There are 17 million shipping containers in existence, packed with |
| 125 | +every physical good imaginable. Every single one of them can be loaded |
| 126 | +on the same boats, by the same cranes, in the same facilities, and |
| 127 | +sent anywhere in the World with incredible efficiency. It is |
| 128 | +embarrassing to think that a 30 ton shipment of coffee can safely |
| 129 | +travel half-way across the World in *less time* than it takes a |
| 130 | +software team to deliver its code from one datacenter to another |
| 131 | +sitting 10 miles away. |
| 132 | + |
| 133 | +With Standard Containers we can put an end to that embarrassment, by |
| 134 | +making INDUSTRIAL-GRADE DELIVERY of software a reality. |
| 135 | + |
| 136 | +Standard Container Specification |
| 137 | +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
| 138 | + |
| 139 | +(TODO) |
| 140 | + |
| 141 | +Image format |
| 142 | +~~~~~~~~~~~~ |
| 143 | + |
| 144 | +Standard operations |
| 145 | +~~~~~~~~~~~~~~~~~~~ |
| 146 | + |
| 147 | +- Copy |
| 148 | +- Run |
| 149 | +- Stop |
| 150 | +- Wait |
| 151 | +- Commit |
| 152 | +- Attach standard streams |
| 153 | +- List filesystem changes |
| 154 | +- ... |
| 155 | + |
| 156 | +Execution environment |
| 157 | +~~~~~~~~~~~~~~~~~~~~~ |
| 158 | + |
| 159 | +Root filesystem |
| 160 | +^^^^^^^^^^^^^^^ |
| 161 | + |
| 162 | +Environment variables |
| 163 | +^^^^^^^^^^^^^^^^^^^^^ |
| 164 | + |
| 165 | +Process arguments |
| 166 | +^^^^^^^^^^^^^^^^^ |
| 167 | + |
| 168 | +Networking |
| 169 | +^^^^^^^^^^ |
| 170 | + |
| 171 | +Process namespacing |
| 172 | +^^^^^^^^^^^^^^^^^^^ |
| 173 | + |
| 174 | +Resource limits |
| 175 | +^^^^^^^^^^^^^^^ |
| 176 | + |
| 177 | +Process monitoring |
| 178 | +^^^^^^^^^^^^^^^^^^ |
| 179 | + |
| 180 | +Logging |
| 181 | +^^^^^^^ |
| 182 | + |
| 183 | +Signals |
| 184 | +^^^^^^^ |
| 185 | + |
| 186 | +Pseudo-terminal allocation |
| 187 | +^^^^^^^^^^^^^^^^^^^^^^^^^^ |
| 188 | + |
| 189 | +Security |
| 190 | +^^^^^^^^ |
| 191 | + |
0 commit comments