Elton Stoneman: How to Easily Modernize Older Applications With Docker Artwork

Semaphore Uncut

A podcast for developers about building great products. Join us in discussing engineering excellence with top experts and sharpening your coding skills with technical tips from the Semaphore team. Your host is Semaphore’s co-founder, Darko Fabijan.

All Episodes

Semaphore Uncut

Elton Stoneman: How to Easily Modernize Older Applications With Docker

December 10, 2019 • Semaphore CI

If you’re looking to level-up your Docker game or to get started using containers, you’re in for a treat. This week, I had the pleasure of chatting with Docker architect and author Elton Stoneman about:

His upcoming book for beginners, Learn Docker in a Month of Lunches
How enterprises can modernize their code without complete re-writes
What a typical Docker learning path looks like for beginners

Elton is a Docker enthusiast and expert who has been a Microsoft MVP since 2010 and a Pluralsight author since 2013. When he’s not writing books about Docker or speaking at industry conferences, you’ll probably find him sharing insights about Docker and .NET on Twitter.

spk_0:   0:02
Hello and welcome to San Foreign. Cut a podcast Where we talk about continues, integration continues delivery and generally developer experience and projects. Today with us, we have Elton Stillman. Hilton. Thank you for doing us.

spk_1:   0:15
Thank you very much. Thank you for having me. Yes. So I was just into your podcast recently with Brad Fisher. So we cover some container stuff. I know you guys are begging to containers.

spk_0:   0:23
Great. Nice. Secure lit. Yeah. Feel free to go. Keller, introduce yourself. Yeah, sure.

spk_1:   0:28
So my name's Elton. I work for Dr So I've been with DACA over three years. Now. I'm an architect in kind of partnerships team. So I work with companies like Microsoft and get her been aws and on a technical level, showing them what we've got coming through in the products and what they've got coming through. And we work out some lice developer stories. Before I joined Doctor, I was don't let consult for most of my career. So building big, ugly moral ethic applications that I know spend time teaching people how to break up commuter on. I joined doctor because windows containers were a new thing on. Guy was using doctor in looks on a project back in 2000 and 15. I was really interested in seeing what was happening the Windows world. And then when Windows containers came on board and I joined doctor, and part of my job is kind of spreading the word to the windows and dot net community about what all this cool new stuff is

spk_0:   1:16
great, Great on. Part of your job is also like teaching.

spk_1:   1:20
Absolutely, yes. So I'm often that commerce is speaking about what things going on in Dhaka and what patterns and practices looked like him. What people should be considering for that architecture. But I'm also a parasite author, so I've got a stack of floors like courses, which is an online video training company on I'm a book author. So I wrote the book Dr On Windows, which kind of tells you always about just in the title. I'm in the process of writing another book now, which is lone Daka in a month of lunges. So it's waitress because I'm sure you're in a similar position. You've been using containers for a very long time, and there's a point where you just take it for granted and This is how all this stuff works and unlocks all these great capabilities. There are a ton of people who is still really new on this. So the new book that I'm writing is very much a step by step. Takes you from the beginning, takes you through some really advanced stuff. But you spent people who had just don't

spk_0:   2:06
know. Great. Great. And you're listening to this. We have, ah, block post the company days where we will share some codes for ultimate new book. So be sure to check that out. Okay, Some moving forward. You said that you spend the number of years building monolithic applications on windows, and I'm sure that it's not as bad as it's crowded. But I get the idea and it's Doctor initially started building on years and years off development, and it looks Colonel and and all that Onda as being those was joining the party. So can you give us a bit for the history? How it came about was the current state off doctor on windows and just guide us through.

spk_1:   2:49
Yeah, sure, like you say the developers really interesting because Dr came along and took these primitives that have been in limits for a long time that let you take a set of processes. I'm put a kind of thin boundary around them and call them a container that have been in then it's for a very long time, and doctor just came along and made it super easy on. Then the opposite happened in windows. So when the doctor was becoming really popular, we were working with the Windows Server team and they were really king. Bring that experience to Windows. They started the other way around. So Doctor came to Lennox and brought the simple developer user experience. Two containers on the other way around happened in windows, so they wanted to start with that user experience and keep it the same for windows containers as it was Blinis containers. But then they had to go back and put those sort of primitives that Lennox hard into Windows. You would just never have that stuff. I thought that idea Unnamed spaces and see groups. It didn't have anything like that. It still doesn't have quite the same thing. So actually, the internals of how Windows server container works are slightly different. But as Faras, Dr Smith's own it'sthe. Same Mr Same set of artifacts. Do you have a doctor file to package up your reputation that produces a doctor image and you run it inside a container and you show those images on Dr Hubble. Whatever registry you're using, the A P I is the same, so Dr runs in the same way. It's a background process on Windows. It runs a window service in the next runs this demon. There's the rest. FBI, which have the command line, talks to the dock arranging the FBI's the same. The Doctor Mount Line is the same. A huge advantages. You can take these older applications that are built for Windows and you start bringing them into the modern world. And what you end up with is a really consistent set of tools and processes throughout your whole stock. Because everything has a doctor file, everything builds an image. Every image gets security stand and signed, or whatever your pipeline is on the ultimate, you deploy it with Dr composing your test environments and given that he's in your production of arms or whatever you're doing, But it's the same set of artifacts everywhere, whether it's your 10 year old Windows application or your brand new no Jess application. So it just simplifies a lot of teams.

spk_0:   4:45
That's very nice. I don't remember that there was ever the time that something work on Lennox and Windows in the same format. Never lost

spk_1:   4:54
one thing I'm trying to do with this book at the moment because you can package up your doctor images so that they run as windows, containers on windows or limits containers on the neck. So what I've tried to do is every example in this book is the same everywhere. So I could follow the code samples in the book and do a doctor container run. And if I'm running around free pie, it'll pull down and Dr Image on right on Lennox. If I'm running your Windows 10 it'll pull down and windows. That means you're running on my Windows machine, and that's super easy from the user point of view. But it is much harder for May. As the author of those images, I need to make sure that little things like you know, the commands of different between Windows Command on Bash L. But I need to make sure that they're portable so, yeah, it puts the onus on the image author, the person who's publishing the applications to make sure they work in the same way everywhere. But, you know, it makes it hard for one person and easy for 10,000 people who used the images.

spk_0:   5:43
Yeah, since you were in this doc arable since the very beginning, I'm just curious to know how long will it take for Microsoft to get to a production stage attorney Dr Support? Because I know we have been using Internet Alexi Containers for 10 years and just threw, you know, pain off using galaxy without Dr Containers without Okay. I just learned that all those features needed for Doctor, as you mentioned C Group's name specialist that was landing in the period of 10 years. I'm just curious to know Kal Microsoft solved it. And what amount of diamond?

spk_1:   6:19
Yeah, so I couldn't give an exact amount of time that went into our engineering team. Started working with the Windows Server team back in 2014 and then 2016 was the first release of Windows Server that supported containers. That was a production released with production support from Microsoft and from DOC Open, and we have an arrangement for supporting containers between the two companies towards the end of 2014. I think we're talking about a year or so. How much of that was actual development effort? How much of it was groping? I couldn't really tell you that. But I think the interesting thing is compared to the situation you were discussing, where you've had your Alexi Containers and the pieces were all there. But people were having to put them together themselves again. It was the opposite for the Windows team, so they already have the doctor. FBI. They knew what features they had to expose, and they had to bring that into the windows kernel. Actually, the process isolation part of it, as I understand, it wasn't so complicated because there is already isolation at different levels within the kernel of Windows. And they just had another way of expressing that the networking piece was a lot of hard right thing. So the lyrics networking stock is infinitely complex. Unblockable on the Windows networking stock was a lot more straightforward, but doctor took advantage of all those weird and wonderful parts of the limits networking piece so a lot of that has come into windows. So what happened was when Windows containers were first supported and that came out in 2016. You could join a windows no to a doctor swarm, but it wasn't a full part of the swarm. So you know, the clustering technology wasn't quite there because Windows notes couldn't take part in the distributed network, so I couldn't have. Then it's containers talking to windows containers on the same cluster on it took the first roll up Patra lease of Windows servicer out that functionality. And so it was in service pat one type release of Windows over 2016 the art of those networking features that then made windows nodes in the swarm. The same level of capabilities then explodes after the same thing has been happening Now with Cuba Netease Windows support for Cuban exiles came in in Alfa a couple of releases ago, and then it graduated to be talents finally gone into gear release now, and a lot of the things that have been fixed over the time is to do with networking and making sure that polls can communicate with each other, whether it's the Windows poured on the same machine windows, put on a different machine or a Lennox part on a different machine. So the networking strikers was the most kind of complex set of problems to solve.

spk_0:   8:32
Well, that's from the perspective of shipping such a complex software quiting achievements to get something in a year, which you can call a production ready.

spk_1:   8:40
Yeah, it forward into Windows 10 shortly afterwards and Dr Desktop Functionality. To do that developer experience on Windows 10 is excellent because I can run Windows containers or I can take a button and switch to the next containers on Doctor takes care of all that stuff for me. So it's a really nice way to get things up and running

spk_0:   8:57
district. And from your experience of working with people and with Doctor, which is touching both Lennox and Windows, what are some of the usual practices off using it? Are people running on the same crew gratis cluster go to being those in Lenox applications side by side, some nose being window, somebody looks,

spk_1:   9:16
Yeah, yeah, so that's pretty new. So tired providers and the kind of on promised Cuban let these providers are either in the process of hiring Windows support or it's just gone g et So as you'll have a chaos that manage community service, they all have Windows nodes in various levels of support for some of them are four G and some are currently in preview. Similarly, with the on premise one storming the major providers Doctor Enterprise on the likes of Rancher. They've got Windows support for the Cuban aunties notes. Now the kind of space that I working is talking to companies who have a similar history to me. They have, ah, history of Windows applications and Dr Applications. They want to move them over to the car door. They wantto break them up into smaller pieces, and they won't contain this to be caught about journey. A pattern that is kind of emerging is you can take your old model it, and you can run up into a doctor image fairly easily. You condone packets that up to running Cuban aunties fairly easy, and you can push on tight ass and you'll be up and running in a week. But you haven't got a card. Native amputation. You just got your old model with running in Cuba. Nazis in the card, but then you could start breaking it up. And as you're working your features, you may be going to spit those into different containers. If you're in the dark net world, your old application will be a full dot net framework out in Windows holds. But the new features may very well be gonna co wraps running in Lenox pods. And gradually, I think what we'll see is if I'm predominately a window shop, I'm going to start off with the Cuban at his trust. There is 90% Windows nodes and 10% when it snows. And gradually, as my maps of all, I'm going to shrink down my windows estate and stand up my Lennox estate for reasons of cost and inefficiency and all that sort of stuff. So ultimately, I may just have, you know, a couple of Windows notes that are running those old applications that don't justify being rewritten don't justify being broken up. Just leave them as they are on. The rest is kind of migrating toe cross platform stuff that can run on the net.

spk_0:   11:01
Yeah, I mean, obviously in 2014 15 there early adopters of doctor for me is a relatively young developer. It's surprising how big companies enterprises are very keen on adopting docker and COO apparatus from what you describe them. From what I hear previously, it makes lots of sense because those Melissa could potentially that you're mentioning. They're like tens of thousands of flowers and, you know, billions of dollars potentially invested in some of those. But you need to move forward. You cannot river that

spk_1:   11:32
yes, yeah, exactly. If I'm doing like a workshop here in that position of having these big, monolithic caps, they understand the advantages. They understand where they want to get to you, which is certain features need a much higher release cadence because we want to get new features out quickly. Certain features are brittle. I mean, when I make sure that we don't release them part of some other release, all the things that you get with a kind of micro service architecture. But they don't wanna take their old application, stop development for 18 months and completely rewrite it because there's very little business value in that. So the approach that we kind of work through when we're looking at this sort of stuff, some of the options is to take those known paying points. The big advantage of having a big, monolithic application complete like where to work with is that you understand why it's like there you understand the bits that it difficult so you can start to carve those out for us. Release might be 90% of the code is still in that monolith, but one feature that needs rapid development has come out into a separate container. So next time I do a release of that feature, I leave the monolith as it is. I'm not going to do an update of those holds all those containers, so I don't need to do my to reach regression test cycle. I just test the new things that I'm reporting, which might take a day or two, and I can get released. I really quickly, and gradually you take the important parts of your application or the parts that make it difficult to maintain. You bring those into separate fee just then, gradually you're realizing the benefits of the modern approach is without a big rewrite project because there's big rewrite projects, our lengthy and incredibly risky

spk_0:   12:58
Yeah, now that you described in such a way it sounds so obvious. But I was not thinking about that in such a straightforward way that just the release cycle can be very different. And, you know, if you take into account, maybe some regulated industries may be part of your application. You know, we really don't want to talk to them for many months or caviar quota recycle while on the other parts you can't just run freely.

spk_1:   13:21
I mean, there are some good indicators of the pieces that I pull out of my monolithic application mornings. The things that I need to change regularly. But like you say, the other part is the things that don't need to change very often. One of my consulting gigs was a Nen vestment bank on. We had, like 1/3 party service that we consumed. It was really complicated, nasty code because they're a P. I wasn't very friendly on the only ever changed their AP I once a year, but every time we did a release of the software which was only two or five or six times a year, we have to make sure we regression test. It'll that component. We have a huge suite of tests, Rick, because if it failed, then things were catastrophically bad. But if we could have pulled that out into his own feature, then we would only release that once a year. When they're a B. I changed. We were to save all that testing time. And all that risk is the mice approaches that this stuff just makes easy today.

spk_0:   14:05
Yeah, If I'm completing you to Dr Grant us from your experience, what are some advice is that you can give was the best way to get started.

spk_1:   14:16
Well, so they're learning path really is. Start by running a container. So get your head around the concept of a doctor file, which is just that script. The packages up an application building an image, which is really just like a big zip file that contains your entire application. You can share that around running a single containers and getting comfortable with the docket commands, and the doctor falls in tax. I was actually pretty simple. I mean, the doctor files in tax. You need to learn four or five commands really anything complicated that you need to do to set up your application. Inside the doctor file, you'll be using bash rips or power shell script anyway, so you're gonna take through some of the skills you've already got to package up your application on the doctor commands. You know it's a doctor run to start your application. You can publish the port so you can send traffic into your containers. There are a fairly streamline set of things that you learn in the next stage is multi contained reputation. So whether you've got an application that has on a P I and a website or an A P I on a website in a database on art in a message, you or whatever, then you don't doctor composed, which is how you describe a distributed application on again. It's a new thing that you have to learn, but it's fairly straight. Forwards of a doctor file is a script that describes packaging up one part of Europe, and the doctor composed file describes the structure of your application, all the different parts, so I have Maybe I contain gonna have my Web container, and then you get to feel what it's like to deal with distributive applications in containers, and that's all from where people start to really click how valuable this stuff is, because when you start to do this as a new start on a project, you're gonna browse to the get hub page, tome the code and you're gonna run doctor composed up, and that's it. The whole lab will be running on your machine the same way that it runs in the test environment and the CIA environment everywhere else, because it's a LL bean codified in these little script files on the dock recomposed farm. And then the next step is What do we do from there? Because Dr composes for running a multi container out on a single machine on your death machine or your C I serve or whatever, and then that's when you get into the idea. Choose an orchestrator. Cuban eighties is the default because there are managed service is everywhere, but doctors form is an alternative. It's worth looking into darkness form because this part of doctor so it's easy to get up and running. And it's much simpler to work with Cuba Netease because it uses that same doctor composed structure so I could take my doctor composed file that I'm comfortable with that I used in my environment where I can use the same thing or a modified version of that thing to deploy to production on. Then, if you got comfortable with Dr Swarm, then learning Cuban at ease is easier because some of the concepts come with you. So you know the concept of Ah cluster. And now I've got a whole bunch of machines that will run Docker. I don't start individual containers. I take my application description, which is this Yum o Phile? I give it to the cluster and it works out where to run containers. The fundamental legal the orchestrators do the same thing. But there are levels of complexity that you condition two on. You can spend months learning kubernetes. So I think the important thing there is, you know there are some key technologies, so you know they're in doctor, because no matter what your end goal is, that container's out. Where all this stuff starts, you're gonna learn composed because that's how you describe your application on. Then you're either gonna go the swarm route for no matter from Hashey Corbis, another container orchestrator or, you know, for Cuba Netease. But it's not a fixed journey that you have to go all the way to the end and become a Cuban. It's expert before you take this stuff into production. When you're happy with Dr Composed, you can do that. You know you can run single containers on single service if that's gonna get you some value. Because if you're currently running every app on of'em on this V EMS running old unsupportive versions of the operating system, then moving to containers on running doctor composed on your server is a big step forward. It's no micro service's, and it's no highly available. That's not super skater because you need a cluster for that. But it's still better than you've got today. So the journey is kind of doctor composed and then swarm or Cuban at ease. But you don't have to go all the way. You can stop where it makes sense and then move on to the Nets. That, when you're ready,

spk_0:   18:05
does confirm that was the journey that most of the people take and that he also took Andy. I can say it works. Yeah, Dr. Composed was kind of a surprise for me because for, ah, developer day today in life, it makes it so much better. Yeah, you don't have to worry how to install a very specific version of Friday's or post grace or how to do that networking stuff. But that's a couple of lines of their doctor composed file, and it just works. The last thing that we talked about preparing for the episode is Jenna was the next step, and you mentioned something which is very interesting, which I don't know much about. And that's generally the cross platform images, so you can get us up to speed. Where is going?

spk_1:   18:47
So one of our partners that doctor is arm. They don't make chips, but they make blueprints. So practically every mobile phone in the world has got arm process. Sir, they're probably best known on the desktop with the raspberry pi, so the prices are super efficient, and they run a very lightweight in terms of the energy use they require on the heat they produce so doesn't move towards looking at bringing these things into the data center. So suddenly there's all these different devices that are either I ot devices or edge devices or potentially day descended devices that are running arm CB use on that CPU instructions said, It's completely different from the Intel instructions that that everyone's been using for the last 20 years. So you need to rebuild your APS to run on. I'm and know every application platform works on arm, so most of the modern ones do. So anything like know Js go dot net core java. Obviously they all work just fine on arm. But the developer experience is pretty bad because typically you're gonna connect somehow. Do you arouse me pie and you're either gonna have a USB cable. Eunice, send the code down there and then you log onto the raspberry pi and do a bills, and that takes forever because the CPUs are fine for running laps. But compiling is quite an intensive process on. Then you need to find a way to ship that application, and it's just difficult experience. But then DACA started working with arm and realize that actually, they're artifacts that we have to build your application like the doctor file that lets you be cross platform because if you're new to all this than your doctor file is how you package up your image. But you can also compile your code inside your doctor file. So you don't need tohave an SD k with the go compiler of the darknet compiler or anything like that on your machine that can come in a container so that container can compile the code for you on produced the output and then package it up to run in another container. And that means it can work across any platform. So if I'm running on windows, then when I'm building my code, it's didn't build using the windows from Pilot. If I'm running on a raspberry pi, it can build using the arm compiler on the output I get will be a Windows version on my windows machine and unarmed version of my raspberry pi. But what doctor? Huh? Bless you doing what? The doctor registry, which is how you share these things and lets you share an image in such a way that it has a single name, so I'd have my application called six. I'd slash my AP six ideas my username on Hub, but that's like an umbrella name, and underneath that there are different images for different architectures. So when I do doctor run six eyes flash my app. If I'm running on Windows 10. I'm gonna get the Windows 10 version that more runners the windows container. If I'm running around the pie, I'll get the armed version. It'll run my up as the limit container, but Doctor takes care of all that stuff for you. So it's part of the image meta data that goes and lives in the registry. It contains the operating system on the CPU architecture on. When you're running your doctor engine, it knows your local operating system and CPU architecture. So when you pull an image A. When you try and run a container and it pulls an image for you, it'll pull the one that matches. So it just takes care of all the complexity for you again. As the image author, you need to be aware that there are differences between some of those, but for me, you need to allow. But ultimately you're publishing one thing in your letting people consume it in different ways, so it becomes super simple. We did a demo at Dr Khan, which is the Big Doctor conference. We had a doctor file to build this Java application and run it when we were running it on Intel machines in native us on. Then we took the exact same doctor file. We spun up arm virtual machine in AWS. They have these instances called a one which are running arms CP use their about half the price of the Intel equivalent. We took that exact same doctor file on We build it on that table machine and ran it on that server Onda. We didn't have to change a single line of code or single bit of the doctor file. We just had our running half the price that we were previously paying. So you need to have your application that will run on any architect just if it needs to be certain platforms that support it. But if you get there, it's a super good way of doing these things. And that's just the data center used taste Because, of course, if you building something for on io ti device, one of the biggest problems is how you ship software art, how you can reliably get the new update without having to re start the machine. If your applications running in a container and using Dr Hub to distribute all that stuff, taken care of for you. So there's some really nice use cases around what you can do with arms. Yeah, You mentioned I A t

spk_0:   22:58
and data centers, of course. But maybe for a ll the desktops or third, that's cross platform. That's also quite your soul problem.

spk_1:   23:05
It depends what you mean by desktop software because no, everything has a U IE It'sa Web interface, then? Yeah, absolutely. It just always in the same way. If it's trying to interact with graphic subsystem, then you might have a more difficult

spk_0:   23:17
experience. Okay, there may be have anything that they were looking forward to next year in terms of Doctor, what are some features that you're looking forward?

spk_1:   23:26
Yeah. So we've got some new features that are really cool in Dr Death Pop, which I've been working with lately. We have this thing called templates and a template is the notion that I can go into Dr Desktop and I could use a template to boot strapping new applications so I can pick a template that's got I don't like cool Web Onda go rest a p I on that uses post breads and readiness and I take a button and it spins up all the stuff for me. So it spins up some demo code, plus the Dakar Files, plus the doctor composed file on I Can Run That stuff up and Ciel working locally. We've had that for a little while, actually those templates. But to generate the template on your machine, you can do anything because there's tempers run inside containers. So in theory, you can put anything into his temples. And I've been working with stuff like Get hub actions. And he is your command lines so that when you spend out your template, not only can you run everything locally, you can push it to get home, and it will create a Cuban at his trust. There is your post press database. It gets the connection stream from post grows and created as a secret in a ks. Deploy your applications. Does everything for you on again. There's a certain amount of work that the Temple author has to do to get that experience. But the user is just you literally clicking, putting into details and you get all this stuff for you. A lot of people are very interested in that, ranging from people who do the kind of job that I do, which is going on showing people how your application, Because it's really easy to wrap up a demo and show it to people right the way through to architect's in big Enterprises who wantto take all their best practices and put them into a temporary was reusable, easy to discover that they own. So you know, when they're Dave's need to spin up a new service that they're gonna packaging the application they know it will contain. Ah, health check. They know it will contain a metric standpoint. Does all that come from the templates about super powerful? That's ongoing ubiquity of these things. So you know, everything runs in containers, so you'll get have actions that I mentioned as your devil puzzle, the kind of C i things. They were running containers. So you take your tools and wrap them up, and they run them anywhere. And then the ubiquity we're seeing around Cuba. Netease. You could run in humanity's through Dr Desktop on your Windows or Mac machine, and it's a real Cuban eighties single note cluster on was just saying about stuff everywhere. So if you look at that cloud native Computing Foundation to have this landscape where they part, I will be interesting technologies in the space. And there are hundreds, if not thousands, of things there. Actually, they're all powered by the fact that you have Dr Containers. You have a customer who run everything in high availability and scale with Cuba lessees, everything, beginning about journey. It is a learning path, and there is complexity. You have to get your head around with those things once your own doctrine. Cuban it is. Everything else uses that stuff anyways.

spk_0:   25:59
And whenever we are spinning a new micro service, you kind of have that boiler plate which always rots. There's something that could, you know, take that through maybe the next low.

spk_1:   26:08
Exactly. And we're also thinking about the life cycle in terms of afraid of my new micro service from a template. So I've used template version one point acts on several months down the line. Do we want to have the features in desktop that will allow you to rebased up template? You know, an upgrade, your boilerplate

spk_0:   26:25
code related, So, yeah, there's some interesting things. Yeah, sounds right. Looking forward it. Thank you very much. For a time. It was a pleasure talking to you and you. All right, I

People on this episode

Darko Fabijan

Host