How to create a docker cluster with MQ without Kubernetes ? or with kubernetes is also fine , but has any one configured this before ? if so can you please help me out ?
If you are referring to fabric8 MQ I understand from their website that they only run kubernetes based. And from what I understand it's a packaged platform that used Docker, Jenkins, Kubernetes for easier Microservices development.
I haven't done the setup myself yet, but I assume their quickstart may be a good starting point.
Related
I have a project to containerize several applications (Gitlab, Jenkins, Wordpress, Python Flask app...). Currently each application runs on a Compute Engine VM each at GCP. My goal would be to move everything to a cluster (Swarm or Kubernetes).
However I have different questions about Docker Swarm on Google Cloud Platform:
How can I expose my Python application on the outside (HTTP load balancer) as well as the other applications only available in my private VPC ?
From what I've seen on the internet, I have the impression that docker swarm is very little used. Should I go for a kubernetes cluster instead ? (I have good knowledge of Docker/Kubernetes)
It is difficult to find information about Docker Swarm in cloud providers. What would be an architecture with Docker Swarm on GCP?
Thanks for your help.
I'd create a template and from that an instance group for all VM, which shall host the Docker swarm. And a separate instance or instance group for said internal purposes - so that there is a strict separation, which can then be used to route the internal & external traffic accordingly (this would apply in any case). Google Kubernetes Engine is about the same as such an instance group, but Google managed infrastructure. See the tutorial, there's not much difference - except that it better integrates with gcloud & kubectl. While there is no requirement to want or need to maintain the underlying infrastructure, GKE is probably less effort.
What you are basically asking is:
Kubernetes vs. Docker Swarm: What’s the Difference?
Docker Swarm vs Kubernetes: A Helpful Guide for Picking One
Kubernetes vs. Docker: What Does it Really Mean?
Docker Swarm vs. Kubernetes: A Comparison
Kubernetes vs Docker Swarm
I am currently working with a Hyperledger Fabric v1.4 deployment over k8s. The chaincode containers that are generated are basically create by the container running within the peer pods and k8s as such has no knowledge and control of the chaincode containers. In such a scenario where there is a Docker container running along with k8s and k8s has no knowledge of a particular docker container, is it possible for the Docker container to in some way gain access to the k8s master API and gain access to the whole k8s cluster consequently?
My intention with asking this question is to figure out if there is a way to use an container external to any pods in k8s, to cause any undesirable impact to the k8s cluster by gaining unauthorized access to k8s. The chaincode container that I talked about, is created using a trusted template image and the only possible malicious component in the container is a single golang, java or nodejs script that is provided by the user. So my real question here is, "Is it possible using these user scripts gain unauthorized access to the k8s cluster?" And I am primarily focusing on a manager k8s service like Azure Kubernetes Service.
Your question totally changed the meaning so I'll try to rewrite the answer.
You have to remember that the pod you are running the code on by default is limited to just the namespace it's running on. If you didn't gave it any higher privileges. Also the code is not running as root.
You can read about Pod Security Policies and Configure a Security Context for a Pod or Container.
TLDR.
As long as you don't give it any special privileges or rights it should be fairly save for your cluster.
I know that Docker and Kubernetes aren’t direct competitors. Docker is the container platform and containers are coordinated and scheduled by Kubernetes, which is a tool.
What does it really mean and how can I deploy my app on Docker for Azure ?
Short answer:
Docker (and containers in general) solve the problem of packaging an application and its dependencies. This makes it easy to ship and run everywhere.
Kubernetes is one layer of abstraction above containers. It is a distributed system that controls/manages containers.
My advice: because the landscape is huge... start learning and putting the pieces of the puzzle together by following a course. Below I have added some information from the:
Introduction to Kubernetes, free online course from The Linux Foundation.
Why do we need Kubernetes (and other orchestrators) above containers?
In the quality assurance (QA) environments, we can get away with running containers on a single host to develop and test applications. However, when we go to production, we do not have the same liberty, as we need to ensure that our applications:
Are fault-tolerant
Can scale, and do this on-demand
Use resources optimally
Can discover other applications automatically, and communicate with each other
Are accessible from the external world
Can update/rollback without any downtime.
Container orchestrators are the tools which group hosts together to form a cluster, and help us fulfill the requirements mentioned above.
Nowadays, there are many container orchestrators available, such as:
Docker Swarm: Docker Swarm is a container orchestrator provided by Docker, Inc. It is part of Docker Engine.
Kubernetes: Kubernetes was started by Google, but now, it is a part of the Cloud Native Computing Foundation project.
Mesos Marathon: Marathon is one of the frameworks to run containers at scale on Apache Mesos.
Amazon ECS: Amazon EC2 Container Service (ECS) is a hosted service provided by AWS to run Docker containers at scale on its infrastructrue.
Hashicorp Nomad: Nomad is the container orchestrator provided by HashiCorp.
Kubernetes is built on Docker technology. It is an orchestration tool for Docker container whereas Docker is a technology to create and deploy containers.
Docker, starting with a platform-as-a-service (PaaS) provider named dotCloud.
All in all, Kubernetes is related to the Docker container, allowing you to implement application portability and extensibility in container orchestration.
DOCKER
Easy and fast to install and configure
Functionality is provided and limited by the Docker API
Quick container deployment and scaling even in very large clusters
Automated internal load balancing through any node in the cluster
Simple shared local volumes
Kubernetes
Require some work to get up and running
Client, API and YAML definitions are unique to Kubernetes
Provides strong guarantees to cluster states at the expense of speed
To Enable load balancing requires manual service configuration
Volumes shared within pods
This is just a basic idea which at least explains the difference.If you want to go in depth see my posts
http://www.thecreativedev.com/an-introduction-to-kubernetes/
http://www.thecreativedev.com/learn-docker-works/
Docker and Kubernetes are complementary. Docker provides an open standard for packaging and distributing containerized applications, while Kubernetes provides for the orchestration and management of distributed, containerized applications created with Docker. In other words, Kubernetes provides the infrastructure needed to deploy and run applications built with Docker.
I'm a bit lost with some of the basic concepts. It seems like the documentation / getting started requirements are basic knowledge about docker world that I don't have yet.
A swarm is a cluster of Docker engines, or nodes, where you deploy
services. The Docker Engine CLI and API include commands to manage
swarm nodes (e.g., add or remove nodes), and deploy and orchestrate
services across the swarm.
I understand that a cluster is a group of physical/virtual computers behaving as one. What is a cluster in the context of docker?
Docker engine is what creating the docker daemon + rest api + provide CLI in the machine docker is installed. What are docker engines?
What is a node?
What is a docker node?
what is a swarm node?
what is a orchestrate service?
Finally, what is a swarm?
I'm not looking for an article for each concept, only the minimal explanation that will help understand each concept in a overall. From there, I can easily continue on my own.
Please explain any additional concept which is more advance then the mentioned ones.
Thanks.
This is a great website which I believe will answer all your questions.
A cluster in Docker context is a group of hosts on which the Docker engine is installed
The Docker engine it is the main client - server application. More on this here
A node is a physical or a virtual machine
A node is a physical or a virtual machine running the Docker engine
A swarm node it is the same as 3 and 4, however, the difference is that SWARM will be running on it alongside the Docker engine.
An orchestration service is something that will take care of container creation and their dependencies. More here
Swarm is a clustering and scheduling tool for Docker.
Also, to learn more just do a Google search for the topic that you are interested in and you will find lots of useful explanations as well as examples :)
I'm researching:
Docker Container
Google Containers
The goal is to use something of these 2 on our own physical boxes with Linux in the enterprise for Dev/Prod. However, I've read that Google reimplemented LXC (Linux Containers) and use their own lmctfy instead.
Is it possible to use Google Containers on my Linux boxes without their cloud space?
Your experience is highly appreciated.
Not sure I fully understand the question, but neither kubernetes (the framework on which Google Container Engine runs) nor docker require a particular cloud provider. AFAIK, you can use docker containers on any linux distro, and kubernetes supports a number of configurations for running on your own machines. See kubernetes getting started guides for details.