Quick ramp-up in Containers & Orchestration
I have a call tomorrow with a customer and it might partially be about containers. That's a bit vague I know. I haven't fully learned about containers yet in my skills refresh (they're part of the exam I'm studying for AZ-203). This blog is my learnings ready for the call which might be useful for someone else who needs to learn quickly!
This is basically finding out about Docker, Kubernetes, Azure and using them with Azure DevOps.
What are containers?
Containers are a solution to the problem of how to get software to run reliably when moved from one computing environment to another. This could be from a developer's laptop to a test environment, from a staging environment into production, and perhaps from a physical machine in a data center to a virtual machine in a private or public cloud.
Source: https://www.cio.com/article/2924995/what-are-containers-and-why-do-you-need-them.html
For those coming from virtualized environments, containers are often compared with virtual machines (VMs). You might already be familiar with VMs: a guest operating system such as Linux or Windows runs on top of a host operating system with virtualized access to the underlying hardware. Like virtual machines, containers allow you to package your application together with libraries and other dependencies, providing isolated environments for running your software services. As you’ll see below however, the similarities end here as containers offer a far more lightweight unit for developers and IT Ops teams to work with, carrying a myriad of benefits.
Source: https://cloud.google.com/containers/
What is Docker?
In a way, Docker is a bit like a virtual machine. But unlike a virtual machine, rather than creating a whole virtual operating system, Docker allows applications to use the same Linux kernel as the system that they're running on and only requires applications be shipped with things not already running on the host computer. This gives a significant performance boost and reduces the size of the application. And importantly, Docker is open source. This means that anyone can contribute to Docker and extend it to meet their own needs if they need additional features that aren't available out of the box.
Source: https://opensource.com/resources/what-docker
What is Docker Enterprise?
Docker Enterprise is the industry-leading, standards-based container platform for rapid development and progressive delivery of modern applications. Only Docker delivers a consistent and secure desktop-to-cloud application pipeline to Kubernetes environments in any cloud, choice of tools and languages, and central point of collaboration that simplifies and streamlines processes across dev and ops.
Source: https://www.docker.com/products/docker-enterprise
Didn't Docker Enterprise get sold?
Yes, here is some of the press release from Mirantis the new owner:
Campbell, Calif – November 13, 2019 – Mirantis, the open cloud company, announced today its acquisition of Docker’s Enterprise Platform business. Its industry leading container platform, employees and hundreds of enterprise customers will accelerate Mirantis’ goal to deliver Kubernetes-as-a-Service with a consistent experience for developers on any cloud and on-prem infrastructure. Terms of the deal are confidential. Docker Enterprise is the only platform that enables developers to seamlessly build, share and safely run any applications anywhere – from public cloud to hybrid cloud to the edge. One third of Fortune 100 companies use Docker Enterprise as their high-velocity innovation platform.
Source: https://www.mirantis.com/company/press-center/company-news/mirantis-acquires-docker-enterprise/
What is a Docker Swarm?
A Docker Swarm is a group of either physical or virtual machines that are running the Docker application and that have been configured to join together in a cluster. Once a group of machines have been clustered together, you can still run the Docker commands that you're used to, but they will now be carried out by the machines in your cluster. The activities of the cluster are controlled by a swarm manager, and machines that have joined the cluster are referred to as nodes. Docker swarm is a container orchestration tool, meaning that it allows the user to manage multiple containers deployed across multiple host machines.
Source: https://www.sumologic.com/glossary/docker-swarm/
What is Docker Registry?
The Registry is a stateless, highly scalable server side application that stores and lets you distribute Docker images. The Registry is open-source, under the permissive Apache license. You should use the Registry if you want to: tightly control where your images are being stored, fully own your images distribution pipeline, integrate image storage and distribution tightly into your in-house development workflow
Source: https://docs.docker.com/registry/
Docker Trusted Registry (DTR) is a enteprise/paid version of Docker Registry with more features. See Docker Trusted Regsitry docs
What is Orchestration?
Think of a conductor of an ochestra, waving their wand around to get muscians to play their notes. The orchestrator is like the conductor, getting containers to do things. Here is the definition from https://en.wikipedia.org/wiki/Orchestration_(computing)
What is Kubernetes?
Kubernetes is a portable, extensible, open-source platform for managing containerized workloads and services, that facilitates both declarative configuration and automation. It has a large, rapidly growing ecosystem. Kubernetes services, support, and tools are widely available. The name Kubernetes originates from Greek, meaning helmsman or pilot. Google open-sourced the Kubernetes project in 2014. Kubernetes builds upon a decade and a half of experience that Google has with running production workloads at scale, combined with best-of-breed ideas and practices from the community.
Source: https://kubernetes.io/docs/concepts/overview/what-is-kubernetes
This is an interesting article about the differences between Docker Swarm and Kubernetes.
What is Azure Kubernetes Service (AKS)
The fully managed Azure Kubernetes Service (AKS) makes deploying and managing containerized applications easy. It offers serverless Kubernetes, an integrated continuous integration and continuous delivery (CI/CD) experience, and enterprise-grade security and governance. Unite your development and operations teams on a single platform to rapidly build, deliver, and scale applications with confidence.
Source: https://azure.microsoft.com/en-us/services/kubernetes-service/
What are Azure Dev Spaces?
Azure Dev Spaces provides a rapid, iterative Kubernetes development experience for teams in Azure Kubernetes Service (AKS) clusters. Azure Dev Spaces also allows you to debug and test all the components of your application in AKS with minimal development machine setup, without replicating or mocking up dependencies. Azure Dev Spaces helps teams to focus on the development and rapid iteration of their microservice application by allowing teams to work directly with their entire microservices architecture or application running in AKS. Azure Dev Spaces also provides a way to independently update portions of your microservices architecture in isolation without affecting the rest of the AKS cluster or other developers. Azure Dev Spaces is for development and testing in lower-level development and testing environments and is not intended to run on production AKS clusters.
Source: https://docs.microsoft.com/en-us/azure/dev-spaces/about
Dev Spaces can help team collaboration by everyone using the same Kubernetes cluster. Having a production like local environment with many microservices and containers would be really difficult to create and maintain, so this tutorial can show you how to do it.
Managing Secrets when working with Azure Dev Spaces
Your services might require certain passwords, connection strings, and other secrets, such as for databases or other secure Azure services. By setting the values of these secrets in configuration files, you can make them available in your code as environment variables. These must be handled with care to avoid compromising the security of the secrets. Azure Dev Spaces provides two recommended, streamlined options for storing secrets in Helm charts generated by the Azure Dev Spaces client tooling: in thevalues.dev.yaml
file, and inline directly inazds.yaml
. It's not recommended to store secrets invalues.yaml
. Outside of the two approaches for Helm charts generated by the client tooling defined in this article, if you create your own Helm chart, you can use the Helm chart directly to manage and store secrets.
Source: https://docs.microsoft.com/en-us/azure/dev-spaces/how-to/manage-secrets
What is Helm?
Helm helps you manage Kubernetes applications — Helm Charts help you define, install, and upgrade even the most complex Kubernetes application. Charts are easy to create, version, share, and publish — so start using Helm and stop the copy-and-paste.
Source: https://helm.sh/
Uisng a Helm repository in Azure Dev Spaces https://docs.microsoft.com/en-us/azure/dev-spaces/how-to/use-private-helm-repo
Azure Turorials
Microsoft Azure have provided several 5-minute tutorials to quickly learn how to get up to speed on application development for AKS
- Deploy a custom Linux container to Azure App Service
- Quickstart: Deploy Windows containers to Service Fabric
- Quickstart: Deploy an Azure Kubernetes Service cluster using the Azure CLI
- Quickstart: Deploy a container instance in Azure using the Azure CLI
- Quickstart: Create a private container registry using the Azure CLI
Is there any free training?
Microsoft Lean has this free course that lasts just under an hour to get up to speed in these topics:
- Run containers in Azure Container Instances
- Control what happens when your container exits
- Use environment variables to configure your container when it starts
- Attach a data volume to persist data when your container exits
- Learn some basic ways to troubleshoot issues on your Azure containers
I have heard of Azure Service Fabric, what is it?
Too be honest, I'm not 100% sure! This Microsoft documentation says:
Azure Service Fabric is a distributed systems platform that makes it easy to package, deploy, and manage scalable and reliable microservices and containers. Developers and administrators can avoid complex infrastructure problems and focus on implementing mission-critical, demanding workloads that are scalable, reliable, and manageable. Learn how to use Azure Service Fabric with our quickstarts, tutorials, and samples.
It sounds like another orchestrator! This stackoverflow question has an excellent answer.