SlideShare ist ein Scribd-Unternehmen logo

Cloud Native Computing - Part III - Containers

L
Linjith Kunnon

Containers - Docker

Technologie
1 von 26
Downloaden Sie, um offline zu lesen
Cloud Native Computing -Webinar Series-
Part III – Containers (Docker) Presented by Linjith K Kunnon 17th Feb 2019
Part III – Containers Introduction Infrastructure Evolution Container Overview Docker Overview Setting Up Docker Docker Platform Image Dockerfile Build & Push Tagging Volumes Commands Container Container Life Cycle Metadata Logs & Resource Monitoring Networking Registries Docker Hub Docker Registry Orchestration Multi-container - Compose Clustering - Swarm Volume Named Volumes Bind Mounting Commands
Introduction to Containers ❖ Environment Standardization ❖ Isolation ❖ Light weight ❖ Portable ❖ Application Centric Bare-metal Virtualization Containers OS + Apps VM Container Hypervisor Container Host VM VM Container Container Container Container Container Infrastructure Host Operating System Container Runtime Container Container Container Bins/Libs App B Bins/Libs App C Bins/Libs App A Infrastructure Hypervisor VM VM VM Bins/Libs App B Bins/Libs App C Bins/Libs App A Guest OS Guest OS Guest OS Host Operating System
Container Internals Infrastructure Host Operating System Container Runtime Container Container Container Bins/Libs App B Bins/Libs App C Bins/Libs App A Infrastructure Hypervisor VM VM VM Bins/Libs App B Bins/Libs App C Bins/Libs App A Guest OS Guest OS Guest OS Host Operating System User Space Hardware Kernel Space Process Management File System Types Block Devices Scheduler, Architecture specific code Memory Management Network Protocols & drivers File Systems Device Drivers System Softwares Middlewares Applications System Call (Linux Kernel Gateway) Tools CPU RAM Hard disk, CD Terminal equipment Network adapter Network Memory Manager Character devices Containers are not like VM. They are just a normal process on the host machine.
Container Internals Cgroups - Does resource metering and usage limiting of resources like - ▪ CPU ▪ Memory ▪ Block I/O ▪ Network Namespaces - Provides processes with their own view of the system Union file system - A file system that operate by creating layers, making them very lightweight and fast. Container format - Combines namespaces, control groups, and UnionFS into a wrapper . The default container format is libcontainer. Namespaces pid net mnt uts ipc Networking veth bridge iptables Cgroups cpu cpuset memory blkio Security Capability SElinux seccomp FileSystem Device mapper btrfs aufs device user
Container Internals – Cgroups Control groups(cgroups) is a Linux kernel feature which limits, isolates and measures resource usage of a group of processes. Resources quotas for memory, CPU, network and IO can be set. Introduced in Linux kernel in Linux 2.6.24. ❖ blkio - Sets limits on I/O access to and from block devices such as physical drives ❖ cpu - Sets limits on the available CPU time. ❖ cpuset - Assigns individual CPUs (on a multicore system) and memory nodes to tasks in a CGroup. ❖ Devices - Allows or denies access to devices ❖ freezer - Suspends or resumes tasks ❖ memory — Sets limit on memory use by tasks
Container Internals – Namespaces Enables to have many hierarchies of processes with their own “subtrees” such that processes in one subtree cant access or even know of those in another. ❖ pid – Isolates process ids ❖ net – Isolates network devices, stacks, ports etc ❖ mnt – Isolates mount points ❖ user – Isolates users and groups ❖ uts — host name and NIS domain name
Container Internals – File System copy-on-write storage ❖ Create a new container instantly instead of copying its whole file system ❖ Considerable reduce footprint and startup time Union file system ❖ Operate by creating layers, making them very lightweight and fast. ❖ Allows files and directories of separate file systems, known as branches, to be transparently overlaid, forming a single coherent file system
Different Editions and Installation Types ❖ Docker CE (Community Edition) ❖ Docker EE (Enterprise Edition) ❖ Installation Types ❖ Direct ❖ Mac or Windows ❖ Cloud ❖ Releases ❖ Stable - A reliable platform to work with. Stable releases track the Docker platform stable releases. ❖ Edge – Includes latest experimental features and may contain bugs. May be unstable.
Docker Platform Basics Docker Client: A command line interface which talks to the docker daemon REST APIs (Docker CLI) Docker Host: Runs the docker daemon. Can interact with docker daemon over its REST APIs Docker Registry: Stores docker images
Docker Objects Images: A read-only template for creating a docker container Containers: Runnable instance of an image Services: Scale containers across multiple docker daemons describes creates creates persist connects (networking)Image Container Container Volume
Images ❖ Made of file system changes stacked in layers. Build on union file system. ❖ Images are immutable. ❖ Layers are uniquely identified and only stored once in a host. ❖ Container has read/write layer on top of image An image contains application binaries, dependencies, metadata and information about how to run it. It does not contains complete operating system – No Kernel, kernel modules like drivers etc. It can be as small as a single file or as large as complete Ubuntu distribution with package manager, web server, application runtime etc.
Images continued… Nginx Image Layer 1 Layer 2 ... Layer n R/W Layer R/W Layer R/W Layer
Docker File ❖ FROM – Base image name ❖ WORKDIR – Working directory ❖ COPY – Copy file/folder ❖ ADD – Adds new file, directory or remote files. ❖ RUN – Run commands or scripts ❖ ENV – Set environment variables. Key value pairs. ❖ CMD – Default command to run ❖ EXPOSE - Listens on the specified network ports at runtime A text document contains all commands to assemble an image. Start with a `FROM` instruction. The FROM instruction specifies the Base Image from which you are building.
Docker Commands for Managing Images docker image build Build an image from a Dockerfile docker image history Show the history of an image docker image inspect Display detailed information on one or more images docker image ls List images docker image prune Remove unused images docker image pull Pull an image or a repository from a registry docker image push Push an image or a repository to a registry docker image rm Remove one or more images docker image tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
Containers Containers are processes and not mini virtual machines. Limited to what resource it can access. They exits when process stops. What happens when you execute – docker container run –p 8080:80 <imageName> Infrastructure Host Operating System Docker Engine Container Container Container Bins/Libs App B Bins/Libs App C Bins/Libs App A ❖ Looks for image locally in image cache ❖ Looks in remote repository if not cached locally ❖ Downloads and cache the image ❖ Creates a container based on that image ❖ Allocate virtual IP inside docker network ❖ Opens up port in local host and forwards to port in container (if mapped) ❖ Starts container with the default command
Container Lifecycle
Docker Commands for Managing Containers docker container exec Run a command in a running container docker container inspect Display detailed information on one or more containers docker container kill Kill one or more running containers docker container logs Fetch the logs of a container docker container ls List containers docker container prune Remove all stopped containers docker container rm Remove one or more containers docker container run Run a command in a new container docker container start Start one or more stopped containers docker container stats Display a live stream of container(s) resource usage statistics docker container stop Stop one or more running containers docker container top Display the running processes of a container
Docker Networking None - Does not have access to outside world. Disables all networking. Bridge – The default network driver. If you don’t specify a driver, this is the type of network you are creating. Usually used when applications run in standalone containers that need to communicate. Host – Adds container on the host network stack. Host Machine bridge Network Interface net-demo A B B X Z Y 172.17.0.2 8081:80 172.17.0.3 8082:80 172.17.0.4 8083:80 172.17.0.10 8085:80 172.17.0.11 8085:80 172.17.0.12 8085:80 DNS
Volumes & Persistent Data Containers are usually immutable and ephemeral. Docker has two options for containers to store files in the host machine - volumes and bind mounts. ❖ Volumes: Stored in host filesystem which is managed by Docker (/var/lib/docker/volumes/ on Linux). Non- Docker processes should not modify this part of the filesystem. ❖ Bind mounts: Can be stored anywhere on the host system. Non-Docker processes on the Docker host or a Docker container can modify them.
Docker Compose Tool for defining and running multi-container Docker applications. Uses YAML file to configure application’s services. Runs in an isolated environment. Steps to use docker compose ❖ Define app’s environment with a Dockerfile. ❖ Define the services that make up app in docker-compose.yml. ❖ Run docker-compose up command to run the entire app.
Container Registries Docker Hub ❖ Most popular public docker image registry ❖ Powered by docker registry along with some image building capabilities ❖ You can hook GitHub/Bitbucket with docker hub. Build image on commit and push to docker hub. Docker Registry ❖ A private image registry. Contains set of web APIs and a storage system. Written in Go. ❖ Support multiple storage drivers- S3/Azure/GCP/OpenStack Swift etc. ❖ Not feature rich like docker hub. A storage and content delivery system, holding named Docker images, available in different tagged versions. Users interact with a registry by using docker push and pull commands
Docker Swarm ❖ Native support for docker engine cluster management. No additional software required. ❖ Docker Engine handles any specialization at runtime. Deploy both kinds of nodes - managers and workers. ❖ Declarative approach for defining the desired state of the various services. ❖ Swarm manager automatically adapts by adding or removing tasks to maintain the desired state when you scale out of scale in. Distributed State Store Worker Node Manager Node Manager Node Manager Node Worker Node Worker Node Worker Node Worker Node
Thank You

Empfohlen

Kubernetes
KubernetesKubernetes
KubernetesLinjith Kunnon
 
Cloud Native Computing - Part II - Public Cloud (AWS)
Cloud Native Computing - Part II - Public Cloud (AWS)Cloud Native Computing - Part II - Public Cloud (AWS)
Cloud Native Computing - Part II - Public Cloud (AWS)Linjith Kunnon
 
Micro Service Architecture
Micro Service ArchitectureMicro Service Architecture
Micro Service ArchitectureLinjith Kunnon
 
Demystifying Containerization Principles for Data Scientists
Demystifying Containerization Principles for Data ScientistsDemystifying Containerization Principles for Data Scientists
Demystifying Containerization Principles for Data ScientistsDr Ganesh Iyer
 
Containers vs. VMs: It's All About the Apps!
Containers vs. VMs: It's All About the Apps!Containers vs. VMs: It's All About the Apps!
Containers vs. VMs: It's All About the Apps!Steve Wilson
 
Docker Overview
Docker OverviewDocker Overview
Docker OverviewAlexander Moon
 
Building microservices with docker
Building microservices with dockerBuilding microservices with docker
Building microservices with dockerRoman Melnyk
 
DockerCon EU 2015: The Missing Piece: when Docker networking unleashing soft ...
DockerCon EU 2015: The Missing Piece: when Docker networking unleashing soft ...DockerCon EU 2015: The Missing Piece: when Docker networking unleashing soft ...
DockerCon EU 2015: The Missing Piece: when Docker networking unleashing soft ...Docker, Inc.
 

Empfohlen

Kubernetes
KubernetesKubernetes
KubernetesLinjith Kunnon
 
Cloud Native Computing - Part II - Public Cloud (AWS)
Cloud Native Computing - Part II - Public Cloud (AWS)Cloud Native Computing - Part II - Public Cloud (AWS)
Cloud Native Computing - Part II - Public Cloud (AWS)Linjith Kunnon
 
Micro Service Architecture
Micro Service ArchitectureMicro Service Architecture
Micro Service ArchitectureLinjith Kunnon
 
Demystifying Containerization Principles for Data Scientists
Demystifying Containerization Principles for Data ScientistsDemystifying Containerization Principles for Data Scientists
Demystifying Containerization Principles for Data ScientistsDr Ganesh Iyer
 
Containers vs. VMs: It's All About the Apps!
Containers vs. VMs: It's All About the Apps!Containers vs. VMs: It's All About the Apps!
Containers vs. VMs: It's All About the Apps!Steve Wilson
 
Docker Overview
Docker OverviewDocker Overview
Docker OverviewAlexander Moon
 
Building microservices with docker
Building microservices with dockerBuilding microservices with docker
Building microservices with dockerRoman Melnyk
 
DockerCon EU 2015: The Missing Piece: when Docker networking unleashing soft ...
DockerCon EU 2015: The Missing Piece: when Docker networking unleashing soft ...DockerCon EU 2015: The Missing Piece: when Docker networking unleashing soft ...
DockerCon EU 2015: The Missing Piece: when Docker networking unleashing soft ...Docker, Inc.
 
Containers #101 Meetup: Containers & OpenStack
Containers #101 Meetup: Containers & OpenStack Containers #101 Meetup: Containers & OpenStack
Containers #101 Meetup: Containers & OpenStack Brittany Ingram
 
Containers #101 Meetup: Containers and OpenStack
Containers #101 Meetup: Containers and OpenStackContainers #101 Meetup: Containers and OpenStack
Containers #101 Meetup: Containers and OpenStackCodefresh
 
The ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of DockerThe ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of DockerAniekan Akpaffiong
 
Docker Containers Deep Dive
Docker Containers Deep DiveDocker Containers Deep Dive
Docker Containers Deep DiveWill Kinard
 
Docker introduction
Docker introductionDocker introduction
Docker introductionJo Ee Liew
 
Why kubernetes for Serverless (FaaS)
Why kubernetes for Serverless (FaaS)Why kubernetes for Serverless (FaaS)
Why kubernetes for Serverless (FaaS)Krishna-Kumar
 
Docker basics
Docker basicsDocker basics
Docker basicsClaudio Montoya
 
Bare-metal, Docker Containers, and Virtualization: The Growing Choices for Cl...
Bare-metal, Docker Containers, and Virtualization: The Growing Choices for Cl...Bare-metal, Docker Containers, and Virtualization: The Growing Choices for Cl...
Bare-metal, Docker Containers, and Virtualization: The Growing Choices for Cl...Odinot Stanislas
 
Docker and containers : Disrupting the virtual machine(VM)
Docker and containers : Disrupting the virtual machine(VM)Docker and containers : Disrupting the virtual machine(VM)
Docker and containers : Disrupting the virtual machine(VM)Rama Krishna B
 
An Introduction To Docker
An Introduction To DockerAn Introduction To Docker
An Introduction To DockerGabriella Davis
 
Introduction to containers a practical session using core os and docker
Introduction to containers a practical session using core os and dockerIntroduction to containers a practical session using core os and docker
Introduction to containers a practical session using core os and dockerAlessandro Martellone
 
Optimising nfv service chains on open stack using docker
Optimising nfv service chains on open stack using dockerOptimising nfv service chains on open stack using docker
Optimising nfv service chains on open stack using dockerAnanth Padmanabhan
 
Docker's Killer Feature: The Remote API
Docker's Killer Feature: The Remote APIDocker's Killer Feature: The Remote API
Docker's Killer Feature: The Remote APIbcantrill
 
Multi tenancy for docker
Multi tenancy for dockerMulti tenancy for docker
Multi tenancy for dockerAnanth Padmanabhan
 
Docker 101 - Nov 2016
Docker 101 - Nov 2016Docker 101 - Nov 2016
Docker 101 - Nov 2016Docker, Inc.
 
Docker, Kubernetes, and Google Cloud
Docker, Kubernetes, and Google CloudDocker, Kubernetes, and Google Cloud
Docker, Kubernetes, and Google CloudSamuel Chow
 
Containers 101 Meetup - VMs vs Containers
Containers 101 Meetup - VMs vs ContainersContainers 101 Meetup - VMs vs Containers
Containers 101 Meetup - VMs vs ContainersTommy Berry
 
Docker - Portable Deployment
Docker - Portable DeploymentDocker - Portable Deployment
Docker - Portable Deploymentjavaonfly
 
Containers, Docker, and Microservices: the Terrific Trio
Containers, Docker, and Microservices: the Terrific TrioContainers, Docker, and Microservices: the Terrific Trio
Containers, Docker, and Microservices: the Terrific TrioJérôme Petazzoni
 
Docker Kubernetes Istio
Docker Kubernetes IstioDocker Kubernetes Istio
Docker Kubernetes IstioAraf Karsh Hamid
 
Introduction to Docker storage, volume and image
Introduction to Docker storage, volume and imageIntroduction to Docker storage, volume and image
Introduction to Docker storage, volume and imageejlp12
 
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...Codemotion
 

Weitere ähnliche Inhalte

Was ist angesagt?

Containers #101 Meetup: Containers & OpenStack
Containers #101 Meetup: Containers & OpenStack Containers #101 Meetup: Containers & OpenStack
Containers #101 Meetup: Containers & OpenStack Brittany Ingram
 
Containers #101 Meetup: Containers and OpenStack
Containers #101 Meetup: Containers and OpenStackContainers #101 Meetup: Containers and OpenStack
Containers #101 Meetup: Containers and OpenStackCodefresh
 
The ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of DockerThe ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of DockerAniekan Akpaffiong
 
Docker Containers Deep Dive
Docker Containers Deep DiveDocker Containers Deep Dive
Docker Containers Deep DiveWill Kinard
 
Docker introduction
Docker introductionDocker introduction
Docker introductionJo Ee Liew
 
Why kubernetes for Serverless (FaaS)
Why kubernetes for Serverless (FaaS)Why kubernetes for Serverless (FaaS)
Why kubernetes for Serverless (FaaS)Krishna-Kumar
 
Bare-metal, Docker Containers, and Virtualization: The Growing Choices for Cl...
Bare-metal, Docker Containers, and Virtualization: The Growing Choices for Cl...Bare-metal, Docker Containers, and Virtualization: The Growing Choices for Cl...
Bare-metal, Docker Containers, and Virtualization: The Growing Choices for Cl...Odinot Stanislas
 
Docker and containers : Disrupting the virtual machine(VM)
Docker and containers : Disrupting the virtual machine(VM)Docker and containers : Disrupting the virtual machine(VM)
Docker and containers : Disrupting the virtual machine(VM)Rama Krishna B
 
An Introduction To Docker
An Introduction To DockerAn Introduction To Docker
An Introduction To DockerGabriella Davis
 
Introduction to containers a practical session using core os and docker
Introduction to containers a practical session using core os and dockerIntroduction to containers a practical session using core os and docker
Introduction to containers a practical session using core os and dockerAlessandro Martellone
 
Optimising nfv service chains on open stack using docker
Optimising nfv service chains on open stack using dockerOptimising nfv service chains on open stack using docker
Optimising nfv service chains on open stack using dockerAnanth Padmanabhan
 
Docker's Killer Feature: The Remote API
Docker's Killer Feature: The Remote APIDocker's Killer Feature: The Remote API
Docker's Killer Feature: The Remote APIbcantrill
 
Docker 101 - Nov 2016
Docker 101 - Nov 2016Docker 101 - Nov 2016
Docker 101 - Nov 2016Docker, Inc.
 
Docker, Kubernetes, and Google Cloud
Docker, Kubernetes, and Google CloudDocker, Kubernetes, and Google Cloud
Docker, Kubernetes, and Google CloudSamuel Chow
 
Containers 101 Meetup - VMs vs Containers
Containers 101 Meetup - VMs vs ContainersContainers 101 Meetup - VMs vs Containers
Containers 101 Meetup - VMs vs ContainersTommy Berry
 
Docker - Portable Deployment
Docker - Portable DeploymentDocker - Portable Deployment
Docker - Portable Deploymentjavaonfly
 
Containers, Docker, and Microservices: the Terrific Trio
Containers, Docker, and Microservices: the Terrific TrioContainers, Docker, and Microservices: the Terrific Trio
Containers, Docker, and Microservices: the Terrific TrioJérôme Petazzoni
 

Was ist angesagt? (20)

Containers #101 Meetup: Containers & OpenStack
Containers #101 Meetup: Containers & OpenStack Containers #101 Meetup: Containers & OpenStack
Containers #101 Meetup: Containers & OpenStack
 
Containers #101 Meetup: Containers and OpenStack
Containers #101 Meetup: Containers and OpenStackContainers #101 Meetup: Containers and OpenStack
Containers #101 Meetup: Containers and OpenStack
 
The ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of DockerThe ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of Docker
 
Docker Containers Deep Dive
Docker Containers Deep DiveDocker Containers Deep Dive
Docker Containers Deep Dive
 
Docker introduction
Docker introductionDocker introduction
Docker introduction
 
Why kubernetes for Serverless (FaaS)
Why kubernetes for Serverless (FaaS)Why kubernetes for Serverless (FaaS)
Why kubernetes for Serverless (FaaS)
 
Docker basics
Docker basicsDocker basics
Docker basics
 
Bare-metal, Docker Containers, and Virtualization: The Growing Choices for Cl...
Bare-metal, Docker Containers, and Virtualization: The Growing Choices for Cl...Bare-metal, Docker Containers, and Virtualization: The Growing Choices for Cl...
Bare-metal, Docker Containers, and Virtualization: The Growing Choices for Cl...
 
Docker and containers : Disrupting the virtual machine(VM)
Docker and containers : Disrupting the virtual machine(VM)Docker and containers : Disrupting the virtual machine(VM)
Docker and containers : Disrupting the virtual machine(VM)
 
An Introduction To Docker
An Introduction To DockerAn Introduction To Docker
An Introduction To Docker
 
Introduction to containers a practical session using core os and docker
Introduction to containers a practical session using core os and dockerIntroduction to containers a practical session using core os and docker
Introduction to containers a practical session using core os and docker
 
Optimising nfv service chains on open stack using docker
Optimising nfv service chains on open stack using dockerOptimising nfv service chains on open stack using docker
Optimising nfv service chains on open stack using docker
 
Docker's Killer Feature: The Remote API
Docker's Killer Feature: The Remote APIDocker's Killer Feature: The Remote API
Docker's Killer Feature: The Remote API
 
Multi tenancy for docker
Multi tenancy for dockerMulti tenancy for docker
Multi tenancy for docker
 
Docker 101 - Nov 2016
Docker 101 - Nov 2016Docker 101 - Nov 2016
Docker 101 - Nov 2016
 
Docker, Kubernetes, and Google Cloud
Docker, Kubernetes, and Google CloudDocker, Kubernetes, and Google Cloud
Docker, Kubernetes, and Google Cloud
 
Containers 101 Meetup - VMs vs Containers
Containers 101 Meetup - VMs vs ContainersContainers 101 Meetup - VMs vs Containers
Containers 101 Meetup - VMs vs Containers
 
Docker - Portable Deployment
Docker - Portable DeploymentDocker - Portable Deployment
Docker - Portable Deployment
 
Containers, Docker, and Microservices: the Terrific Trio
Containers, Docker, and Microservices: the Terrific TrioContainers, Docker, and Microservices: the Terrific Trio
Containers, Docker, and Microservices: the Terrific Trio
 
Docker Kubernetes Istio
Docker Kubernetes IstioDocker Kubernetes Istio
Docker Kubernetes Istio
 

Ähnlich wie Cloud Native Computing - Part III - Containers

Introduction to Docker storage, volume and image
Introduction to Docker storage, volume and imageIntroduction to Docker storage, volume and image
Introduction to Docker storage, volume and imageejlp12
 
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...Codemotion
 
codemotion-docker-2014
codemotion-docker-2014codemotion-docker-2014
codemotion-docker-2014Carlo Bonamico
 
Docker and containers - Presentation Slides by Priyadarshini Anand
Docker and containers - Presentation Slides by Priyadarshini AnandDocker and containers - Presentation Slides by Priyadarshini Anand
Docker and containers - Presentation Slides by Priyadarshini AnandPRIYADARSHINI ANAND
 
Continuous Integration with Docker on AWS
Continuous Integration with Docker on AWSContinuous Integration with Docker on AWS
Continuous Integration with Docker on AWSAndrew Heifetz
 
Docker dev ops for cd meetup 12-14
Docker dev ops for cd meetup 12-14Docker dev ops for cd meetup 12-14
Docker dev ops for cd meetup 12-14Simon Storm
 
ContainerDayVietnam2016: Dockerize a small business
ContainerDayVietnam2016: Dockerize a small businessContainerDayVietnam2016: Dockerize a small business
ContainerDayVietnam2016: Dockerize a small businessDocker-Hanoi
 
Getting started with Docker
Getting started with DockerGetting started with Docker
Getting started with DockerRavindu Fernando
 
Accelerate your development with Docker
Accelerate your development with DockerAccelerate your development with Docker
Accelerate your development with DockerAndrey Hristov
 
Accelerate your software development with Docker
Accelerate your software development with DockerAccelerate your software development with Docker
Accelerate your software development with DockerAndrey Hristov
 
Introduction to Docker Containers - Docker Captain
Introduction to Docker Containers - Docker CaptainIntroduction to Docker Containers - Docker Captain
Introduction to Docker Containers - Docker CaptainAjeet Singh Raina
 
Getting Started with Docker
Getting Started with DockerGetting Started with Docker
Getting Started with DockerGeeta Vinnakota
 
Introduction to Docker - IndiaOpsUG
Introduction to Docker - IndiaOpsUGIntroduction to Docker - IndiaOpsUG
Introduction to Docker - IndiaOpsUGAjeet Singh Raina
 
Docker in 30 minutes
Docker in 30 minutesDocker in 30 minutes
Docker in 30 minutesSteve Poole
 

Ähnlich wie Cloud Native Computing - Part III - Containers (20)

Introduction to Docker storage, volume and image
Introduction to Docker storage, volume and imageIntroduction to Docker storage, volume and image
Introduction to Docker storage, volume and image
 
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
 
codemotion-docker-2014
codemotion-docker-2014codemotion-docker-2014
codemotion-docker-2014
 
Docker Ecosystem on Azure
Docker Ecosystem on AzureDocker Ecosystem on Azure
Docker Ecosystem on Azure
 
Docker and containers - Presentation Slides by Priyadarshini Anand
Docker and containers - Presentation Slides by Priyadarshini AnandDocker and containers - Presentation Slides by Priyadarshini Anand
Docker and containers - Presentation Slides by Priyadarshini Anand
 
Continuous Integration with Docker on AWS
Continuous Integration with Docker on AWSContinuous Integration with Docker on AWS
Continuous Integration with Docker on AWS
 
Docker dev ops for cd meetup 12-14
Docker dev ops for cd meetup 12-14Docker dev ops for cd meetup 12-14
Docker dev ops for cd meetup 12-14
 
ContainerDayVietnam2016: Dockerize a small business
ContainerDayVietnam2016: Dockerize a small businessContainerDayVietnam2016: Dockerize a small business
ContainerDayVietnam2016: Dockerize a small business
 
Getting started with Docker
Getting started with DockerGetting started with Docker
Getting started with Docker
 
Docker, but what it is?
Docker, but what it is?Docker, but what it is?
Docker, but what it is?
 
Accelerate your development with Docker
Accelerate your development with DockerAccelerate your development with Docker
Accelerate your development with Docker
 
Accelerate your software development with Docker
Accelerate your software development with DockerAccelerate your software development with Docker
Accelerate your software development with Docker
 
Docker training
Docker trainingDocker training
Docker training
 
Docker Overview
Docker OverviewDocker Overview
Docker Overview
 
Introduction to Docker Containers - Docker Captain
Introduction to Docker Containers - Docker CaptainIntroduction to Docker Containers - Docker Captain
Introduction to Docker Containers - Docker Captain
 
Getting Started with Docker
Getting Started with DockerGetting Started with Docker
Getting Started with Docker
 
Introduction to Docker - IndiaOpsUG
Introduction to Docker - IndiaOpsUGIntroduction to Docker - IndiaOpsUG
Introduction to Docker - IndiaOpsUG
 
Docker for Developers
Docker for DevelopersDocker for Developers
Docker for Developers
 
Docker in 30 minutes
Docker in 30 minutesDocker in 30 minutes
Docker in 30 minutes
 
Docker dDessi november 2015
Docker dDessi november 2015Docker dDessi november 2015
Docker dDessi november 2015
 

Kürzlich hochgeladen

Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 

Kürzlich hochgeladen (20)

Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 

Cloud Native Computing - Part III - Containers

  • 2.
  • 3. Part III – Containers (Docker) Presented by Linjith K Kunnon 17th Feb 2019
  • 4. Part III – Containers Introduction Infrastructure Evolution Container Overview Docker Overview Setting Up Docker Docker Platform Image Dockerfile Build & Push Tagging Volumes Commands Container Container Life Cycle Metadata Logs & Resource Monitoring Networking Registries Docker Hub Docker Registry Orchestration Multi-container - Compose Clustering - Swarm Volume Named Volumes Bind Mounting Commands
  • 5. Introduction to Containers ❖ Environment Standardization ❖ Isolation ❖ Light weight ❖ Portable ❖ Application Centric Bare-metal Virtualization Containers OS + Apps VM Container Hypervisor Container Host VM VM Container Container Container Container Container Infrastructure Host Operating System Container Runtime Container Container Container Bins/Libs App B Bins/Libs App C Bins/Libs App A Infrastructure Hypervisor VM VM VM Bins/Libs App B Bins/Libs App C Bins/Libs App A Guest OS Guest OS Guest OS Host Operating System
  • 6. Container Internals Infrastructure Host Operating System Container Runtime Container Container Container Bins/Libs App B Bins/Libs App C Bins/Libs App A Infrastructure Hypervisor VM VM VM Bins/Libs App B Bins/Libs App C Bins/Libs App A Guest OS Guest OS Guest OS Host Operating System User Space Hardware Kernel Space Process Management File System Types Block Devices Scheduler, Architecture specific code Memory Management Network Protocols & drivers File Systems Device Drivers System Softwares Middlewares Applications System Call (Linux Kernel Gateway) Tools CPU RAM Hard disk, CD Terminal equipment Network adapter Network Memory Manager Character devices Containers are not like VM. They are just a normal process on the host machine.
  • 7. Container Internals Cgroups - Does resource metering and usage limiting of resources like - ▪ CPU ▪ Memory ▪ Block I/O ▪ Network Namespaces - Provides processes with their own view of the system Union file system - A file system that operate by creating layers, making them very lightweight and fast. Container format - Combines namespaces, control groups, and UnionFS into a wrapper . The default container format is libcontainer. Namespaces pid net mnt uts ipc Networking veth bridge iptables Cgroups cpu cpuset memory blkio Security Capability SElinux seccomp FileSystem Device mapper btrfs aufs device user
  • 8. Container Internals – Cgroups Control groups(cgroups) is a Linux kernel feature which limits, isolates and measures resource usage of a group of processes. Resources quotas for memory, CPU, network and IO can be set. Introduced in Linux kernel in Linux 2.6.24. ❖ blkio - Sets limits on I/O access to and from block devices such as physical drives ❖ cpu - Sets limits on the available CPU time. ❖ cpuset - Assigns individual CPUs (on a multicore system) and memory nodes to tasks in a CGroup. ❖ Devices - Allows or denies access to devices ❖ freezer - Suspends or resumes tasks ❖ memory — Sets limit on memory use by tasks
  • 9. Container Internals – Namespaces Enables to have many hierarchies of processes with their own “subtrees” such that processes in one subtree cant access or even know of those in another. ❖ pid – Isolates process ids ❖ net – Isolates network devices, stacks, ports etc ❖ mnt – Isolates mount points ❖ user – Isolates users and groups ❖ uts — host name and NIS domain name
  • 10. Container Internals – File System copy-on-write storage ❖ Create a new container instantly instead of copying its whole file system ❖ Considerable reduce footprint and startup time Union file system ❖ Operate by creating layers, making them very lightweight and fast. ❖ Allows files and directories of separate file systems, known as branches, to be transparently overlaid, forming a single coherent file system
  • 11. Different Editions and Installation Types ❖ Docker CE (Community Edition) ❖ Docker EE (Enterprise Edition) ❖ Installation Types ❖ Direct ❖ Mac or Windows ❖ Cloud ❖ Releases ❖ Stable - A reliable platform to work with. Stable releases track the Docker platform stable releases. ❖ Edge – Includes latest experimental features and may contain bugs. May be unstable.
  • 12. Docker Platform Basics Docker Client: A command line interface which talks to the docker daemon REST APIs (Docker CLI) Docker Host: Runs the docker daemon. Can interact with docker daemon over its REST APIs Docker Registry: Stores docker images
  • 13. Docker Objects Images: A read-only template for creating a docker container Containers: Runnable instance of an image Services: Scale containers across multiple docker daemons describes creates creates persist connects (networking)Image Container Container Volume
  • 14. Images ❖ Made of file system changes stacked in layers. Build on union file system. ❖ Images are immutable. ❖ Layers are uniquely identified and only stored once in a host. ❖ Container has read/write layer on top of image An image contains application binaries, dependencies, metadata and information about how to run it. It does not contains complete operating system – No Kernel, kernel modules like drivers etc. It can be as small as a single file or as large as complete Ubuntu distribution with package manager, web server, application runtime etc.
  • 15. Images continued… Nginx Image Layer 1 Layer 2 ... Layer n R/W Layer R/W Layer R/W Layer
  • 16. Docker File ❖ FROM – Base image name ❖ WORKDIR – Working directory ❖ COPY – Copy file/folder ❖ ADD – Adds new file, directory or remote files. ❖ RUN – Run commands or scripts ❖ ENV – Set environment variables. Key value pairs. ❖ CMD – Default command to run ❖ EXPOSE - Listens on the specified network ports at runtime A text document contains all commands to assemble an image. Start with a `FROM` instruction. The FROM instruction specifies the Base Image from which you are building.
  • 17. Docker Commands for Managing Images docker image build Build an image from a Dockerfile docker image history Show the history of an image docker image inspect Display detailed information on one or more images docker image ls List images docker image prune Remove unused images docker image pull Pull an image or a repository from a registry docker image push Push an image or a repository to a registry docker image rm Remove one or more images docker image tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
  • 18. Containers Containers are processes and not mini virtual machines. Limited to what resource it can access. They exits when process stops. What happens when you execute – docker container run –p 8080:80 <imageName> Infrastructure Host Operating System Docker Engine Container Container Container Bins/Libs App B Bins/Libs App C Bins/Libs App A ❖ Looks for image locally in image cache ❖ Looks in remote repository if not cached locally ❖ Downloads and cache the image ❖ Creates a container based on that image ❖ Allocate virtual IP inside docker network ❖ Opens up port in local host and forwards to port in container (if mapped) ❖ Starts container with the default command
  • 20. Docker Commands for Managing Containers docker container exec Run a command in a running container docker container inspect Display detailed information on one or more containers docker container kill Kill one or more running containers docker container logs Fetch the logs of a container docker container ls List containers docker container prune Remove all stopped containers docker container rm Remove one or more containers docker container run Run a command in a new container docker container start Start one or more stopped containers docker container stats Display a live stream of container(s) resource usage statistics docker container stop Stop one or more running containers docker container top Display the running processes of a container
  • 21. Docker Networking None - Does not have access to outside world. Disables all networking. Bridge – The default network driver. If you don’t specify a driver, this is the type of network you are creating. Usually used when applications run in standalone containers that need to communicate. Host – Adds container on the host network stack. Host Machine bridge Network Interface net-demo A B B X Z Y 172.17.0.2 8081:80 172.17.0.3 8082:80 172.17.0.4 8083:80 172.17.0.10 8085:80 172.17.0.11 8085:80 172.17.0.12 8085:80 DNS
  • 22. Volumes & Persistent Data Containers are usually immutable and ephemeral. Docker has two options for containers to store files in the host machine - volumes and bind mounts. ❖ Volumes: Stored in host filesystem which is managed by Docker (/var/lib/docker/volumes/ on Linux). Non- Docker processes should not modify this part of the filesystem. ❖ Bind mounts: Can be stored anywhere on the host system. Non-Docker processes on the Docker host or a Docker container can modify them.
  • 23. Docker Compose Tool for defining and running multi-container Docker applications. Uses YAML file to configure application’s services. Runs in an isolated environment. Steps to use docker compose ❖ Define app’s environment with a Dockerfile. ❖ Define the services that make up app in docker-compose.yml. ❖ Run docker-compose up command to run the entire app.
  • 24. Container Registries Docker Hub ❖ Most popular public docker image registry ❖ Powered by docker registry along with some image building capabilities ❖ You can hook GitHub/Bitbucket with docker hub. Build image on commit and push to docker hub. Docker Registry ❖ A private image registry. Contains set of web APIs and a storage system. Written in Go. ❖ Support multiple storage drivers- S3/Azure/GCP/OpenStack Swift etc. ❖ Not feature rich like docker hub. A storage and content delivery system, holding named Docker images, available in different tagged versions. Users interact with a registry by using docker push and pull commands
  • 25. Docker Swarm ❖ Native support for docker engine cluster management. No additional software required. ❖ Docker Engine handles any specialization at runtime. Deploy both kinds of nodes - managers and workers. ❖ Declarative approach for defining the desired state of the various services. ❖ Swarm manager automatically adapts by adding or removing tasks to maintain the desired state when you scale out of scale in. Distributed State Store Worker Node Manager Node Manager Node Manager Node Worker Node Worker Node Worker Node Worker Node