SlideShare ist ein Scribd-Unternehmen logo

Docker italia fatti un container tutto tuo

Als PPTX, PDF herunterladen
Giulio De Donato
Giulio De Donato

docker-italia.slack.com

Ingenieurwesen
1 von 28
FATTI UN CONTAINER TUTTO TUO!! @liuggio Giulio De Donato
@liuggiowelcometothebundle.com
@liuggio Giulio De Donato
What is a Container? @liuggio Giulio De Donato
“I once heard that hypervisors are the living proof of operating system's incompetence” -- Glauber Costa's - LinuxCon Europe 2012 @liuggio Giulio De Donato
... containers ... “I would love to say months, but let's get realistic” -- Glauber Costa's - LinuxCon Europe 2012 @liuggio Giulio De Donato
Is all about ISOLATION @liuggio Giulio De Donato
? @liuggio Giulio De Donato
while true; do mkdir x; cd x; done bomb() { bomb | bomb & }; bomb Attacks @liuggio Giulio De Donato
GOAL OF TODAY: http://9gag.com/gag/aGxbmGz namespace cgroups ufs @liuggio Giulio De Donato
LXC vs DOCKER @liuggio Giulio De Donato
Let’s start with the first set of slides Once upon a time ... @liuggio Giulio De Donato
NAMESPACE Linux 2.6.23 (released in late 2007) 6 namespaces - mnt (mount points, filesystems) - pid (processes) - net (network stack) - ipc (System V IPC) - uts (hostname) - user (UIDs) Namespaces started in about 2002. @liuggio Giulio De Donato
Namespaces processes API consists of these 3 system calls: ● clone() - creates a new process and a new namespace; the newly created process is attached to the new namespace ● unshare()–gets only a single parameter, flags. Does not create a new process; creates a new namespace and attaches the calling processto it. ● setns()- a new system call, for attaching the calling process to an existing namespace; @liuggio Giulio De Donato
DEMO Namespace https://gist.github.com/liuggio/ 114f506fbe040ac93687dc797b923cbf 1 @liuggio Giulio De Donato
@liuggio Giulio De Donato
CGroups! The cgroup (control groups) subsystem is a Resource Management and Resource Accounting/Tracking solution, providing a generic process - grouping framework It handles resources such as memory, cpu, network, and more; mostly needed in both ends of the spectrum (servers and embedded). ∎ Development was started by engineers at Google in 2006 under the name "process containers” ∎ Merged into kernel 2.6.24 (2008). ∎ cgroup core has 3 maintainers, and each cgroup controller has its own maintainer (cpu memory io) @liuggio Giulio De Donato
DEMO CGROUPS https://asciinema.org/a/7w13btk2uethz2e57lgpfz5ym or https://goo.gl/NyPMFJ 3 @liuggio Giulio De Donato
THIS IS A TREE @liuggio Giulio De Donato
THIS IS A TREE @liuggio Giulio De Donato
WHAT IS IT? @liuggio Giulio De Donato
DEMO UFSapt-get install aufs-tools https://asciinema.org/~liuggio https://asciinema.org/a/41778 2 @liuggio Giulio De Donato
@liuggio Giulio De Donato
Union File System PRO ∎ File level ∎ No caches CONS ∎ Bad performance for big files ∎ Not in kernel ∎ Too much layers costs merge into a single directory 2 devices Combining a large, read-only file system with small write area (like livecd) @liuggio Giulio De Donato
ZFS is a combination of a volume manager (like LVM) and a filesystem (like ext4, xfs, or btrfs). ZFS one of the most beloved features of Solaris, universally coveted by every Linux sysadmin with a Solaris background. ● snapshots ● copy-on-write cloning ● continuous integrity checking against data corruption ● automatic repair ● efficient data compression 2016 @liuggio Giulio De Donato
UFS @liuggio Giulio De Donato
THANKS! @liuggio Giulio De Donato
∎ www.welcometothebundle.com/isolate-a-process-with-no-container-like-docker ∎ https://github.com/opencontainers/runtime-spec/blob/master/config-linux.md#namespaces ∎ https://www.opencontainers.org/news/faqs/who-will-be-initial-technical-leadership ∎ http://www.cyberciti.biz/faq/unix-linux-chroot-command-examples-usage-syntax/ ∎ http://s0.cyberciti.org/uploads/faq/2013/01/bash-chroot-ls-demo.gif ∎ https://www.flockport.com/lxc-vs-docker/ ∎ http://ramirose.wix.com/ramirosen ∎ https://lwn.net/Articles/532593/ ∎ https://lwn.net/Articles/531114/ ∎ https://lwn.net/Articles/531381/ ∎ https://lwn.net/Articles/528078/ ∎ https://docs.docker.com/engine/reference/run/ ∎ http://www.netdevconf.org/1.1/proceedings/slides/rosen-namespaces-cgroups-lxc.pdf ∎ https://www.stgraber.org/2013/12/20/lxc-1-0-blog-post-series/ ∎ https://skillsmatter.com/skillscasts/7101-building-containers-from-scratch-for-fun-and-profit ∎ https://docs.oracle.com/cd/E18752_01/html/817-5093/bkupsnapshot-9.html ∎ https://www.flickr.com/photos/15514374@N05/10164384915/in/photolist-guc8vM-eUsLmk-bUx1od-snDG6D-4EdN6w-dRNW5S-92a5Rc-bqLMQX-9W8h5y-b4nUUZ-qBTHgX-qP1gRX- bjCEPC-9tmmnk-eiz69R-dUwHXM-ff6xuP-J1cvu-7FC9CK-5QNat5-sniS97-dmWZqi-9FJL3F-e5QKNc-oaepa3-dHcamQ-4EJPTP-eB42Pm-aywhxM-eSZ6Gv-jhYq8x-cXnWtd-6HXxUg-8ZKp87- 5BL32d-7g3EHP-4gc756-cBECqo-oBFK5Y-9fUMLY-e7z58s-oViSZU-pKrEsE-6J2D5b-6HXwrz-6HXxt8-9k3DeV-9k6CLy-qFGW5B-hrxHnf ∎ https://docs.docker.com/engine/userguide/storagedriver/device-mapper-driver/ ∎ https://docs.docker.com/engine/userguide/storagedriver/zfs-driver/ ∎ Presentation template by SlidesCarnival CREDITS

Empfohlen

Lets isolate a process with no container like docker
Lets isolate a process with no container like dockerLets isolate a process with no container like docker
Lets isolate a process with no container like dockerGiulio De Donato
 
Creare Docker da zero con GoLang - Giulio De Donato
Creare Docker da zero con GoLang - Giulio De DonatoCreare Docker da zero con GoLang - Giulio De Donato
Creare Docker da zero con GoLang - Giulio De DonatoCodemotion
 
[DockerCon 2020] Hardening Docker daemon with Rootless Mode
[DockerCon 2020] Hardening Docker daemon with Rootless Mode[DockerCon 2020] Hardening Docker daemon with Rootless Mode
[DockerCon 2020] Hardening Docker daemon with Rootless ModeAkihiro Suda
 
Upstate DevOps - Containers 101 - March 28, 2019
Upstate DevOps - Containers 101 - March 28, 2019Upstate DevOps - Containers 101 - March 28, 2019
Upstate DevOps - Containers 101 - March 28, 2019Allen Vailliencourt
 
Introduction to Docker, Meetup at University of Bamberg by Hypriot
Introduction to Docker, Meetup at University of Bamberg by HypriotIntroduction to Docker, Meetup at University of Bamberg by Hypriot
Introduction to Docker, Meetup at University of Bamberg by HypriotTeam Hypriot
 
Containerizing Web Application with Docker
Containerizing Web Application with DockerContainerizing Web Application with Docker
Containerizing Web Application with Dockermsyukor
 
Docker for Web Developers: A Sneak Peek
Docker for Web Developers: A Sneak PeekDocker for Web Developers: A Sneak Peek
Docker for Web Developers: A Sneak Peekmsyukor
 
Perspectives on Docker
Perspectives on DockerPerspectives on Docker
Perspectives on DockerRightScale
 

Empfohlen

Lets isolate a process with no container like docker
Lets isolate a process with no container like dockerLets isolate a process with no container like docker
Lets isolate a process with no container like dockerGiulio De Donato
 
Creare Docker da zero con GoLang - Giulio De Donato
Creare Docker da zero con GoLang - Giulio De DonatoCreare Docker da zero con GoLang - Giulio De Donato
Creare Docker da zero con GoLang - Giulio De DonatoCodemotion
 
[DockerCon 2020] Hardening Docker daemon with Rootless Mode
[DockerCon 2020] Hardening Docker daemon with Rootless Mode[DockerCon 2020] Hardening Docker daemon with Rootless Mode
[DockerCon 2020] Hardening Docker daemon with Rootless ModeAkihiro Suda
 
Upstate DevOps - Containers 101 - March 28, 2019
Upstate DevOps - Containers 101 - March 28, 2019Upstate DevOps - Containers 101 - March 28, 2019
Upstate DevOps - Containers 101 - March 28, 2019Allen Vailliencourt
 
Introduction to Docker, Meetup at University of Bamberg by Hypriot
Introduction to Docker, Meetup at University of Bamberg by HypriotIntroduction to Docker, Meetup at University of Bamberg by Hypriot
Introduction to Docker, Meetup at University of Bamberg by HypriotTeam Hypriot
 
Containerizing Web Application with Docker
Containerizing Web Application with DockerContainerizing Web Application with Docker
Containerizing Web Application with Dockermsyukor
 
Docker for Web Developers: A Sneak Peek
Docker for Web Developers: A Sneak PeekDocker for Web Developers: A Sneak Peek
Docker for Web Developers: A Sneak Peekmsyukor
 
Perspectives on Docker
Perspectives on DockerPerspectives on Docker
Perspectives on DockerRightScale
 
Mastering Docker on a Raspberry Pi
Mastering Docker on a Raspberry PiMastering Docker on a Raspberry Pi
Mastering Docker on a Raspberry PiTeam Hypriot
 
How to easy deploy app into any cloud
How to easy deploy app into any cloudHow to easy deploy app into any cloud
How to easy deploy app into any cloudLadislav Prskavec
 
Dockerizing IoT Services
Dockerizing IoT ServicesDockerizing IoT Services
Dockerizing IoT Servicesmsyukor
 
Hide your development environment and application in a container
Hide your development environment and application in a containerHide your development environment and application in a container
Hide your development environment and application in a containerJohan Janssen
 
Rootless Containers & Unresolved issues
Rootless Containers & Unresolved issuesRootless Containers & Unresolved issues
Rootless Containers & Unresolved issuesAkihiro Suda
 
There is no container - Ori Pekelman
There is no container - Ori PekelmanThere is no container - Ori Pekelman
There is no container - Ori PekelmanParis Container Day
 
How Docker didn't invent containers (Docker Meetup Brno #1)
How Docker didn't invent containers (Docker Meetup Brno #1)How Docker didn't invent containers (Docker Meetup Brno #1)
How Docker didn't invent containers (Docker Meetup Brno #1)Pavel Snajdr
 
When Docker ends, Chef begins ~ #idi2015 Incontro DevOps Italia
When Docker ends, Chef begins ~ #idi2015 Incontro DevOps ItaliaWhen Docker ends, Chef begins ~ #idi2015 Incontro DevOps Italia
When Docker ends, Chef begins ~ #idi2015 Incontro DevOps ItaliaGiovanni Toraldo
 
Programming IoT with Docker: How to Start?
Programming IoT with Docker: How to Start?Programming IoT with Docker: How to Start?
Programming IoT with Docker: How to Start?msyukor
 
[KubeConUS2019 Docker, Inc. Booth] Distributed Builds on Kubernetes with Bui...
[KubeConUS2019 Docker, Inc. Booth] Distributed Builds on Kubernetes with Bui... [KubeConUS2019 Docker, Inc. Booth] Distributed Builds on Kubernetes with Bui...
[KubeConUS2019 Docker, Inc. Booth] Distributed Builds on Kubernetes with Bui...Akihiro Suda
 
DockerCon 2016 Seattle Recap
DockerCon 2016 Seattle RecapDockerCon 2016 Seattle Recap
DockerCon 2016 Seattle RecapPhilipp Garbe
 
Docker workshop 0507 Taichung
Docker workshop 0507 Taichung Docker workshop 0507 Taichung
Docker workshop 0507 Taichung Paul Chao
 
Docker 初探,實驗室中的運貨鯨
Docker 初探,實驗室中的運貨鯨Docker 初探,實驗室中的運貨鯨
Docker 初探,實驗室中的運貨鯨Ruoshi Ling
 
RootedCON 2017 - Docker might not be your friend. Trojanizing Docker images
RootedCON 2017 - Docker might not be your friend. Trojanizing Docker imagesRootedCON 2017 - Docker might not be your friend. Trojanizing Docker images
RootedCON 2017 - Docker might not be your friend. Trojanizing Docker imagesDaniel Garcia (a.k.a cr0hn)
 
Docker on the Raspberry Pi by Dieter Reuter (Hypriot)
Docker on the Raspberry Pi by Dieter Reuter (Hypriot)Docker on the Raspberry Pi by Dieter Reuter (Hypriot)
Docker on the Raspberry Pi by Dieter Reuter (Hypriot)Docker, Inc.
 
Docker 導入:障礙與對策
Docker 導入:障礙與對策Docker 導入:障礙與對策
Docker 導入:障礙與對策William Yeh
 
時代在變 Docker 要會:台北 Docker 一日入門篇
時代在變 Docker 要會:台北 Docker 一日入門篇時代在變 Docker 要會:台北 Docker 一日入門篇
時代在變 Docker 要會:台北 Docker 一日入門篇Philip Zheng
 
Running Docker on ARM
Running Docker on ARMRunning Docker on ARM
Running Docker on ARMDieter Reuter
 
Production FS: Adapt or die - Claudia Beresford & Tiago Scolar
Production FS: Adapt or die - Claudia Beresford & Tiago ScolarProduction FS: Adapt or die - Claudia Beresford & Tiago Scolar
Production FS: Adapt or die - Claudia Beresford & Tiago ScolarParis Container Day
 
Building images efficiently and securely on Kubernetes with BuildKit
Building images efficiently and securely on Kubernetes with BuildKitBuilding images efficiently and securely on Kubernetes with BuildKit
Building images efficiently and securely on Kubernetes with BuildKitNTT Software Innovation Center
 
Containers > VMs
Containers > VMsContainers > VMs
Containers > VMsDavid Timothy Strauss
 
Linux 开源操作系统发展新趋势
Linux 开源操作系统发展新趋势Linux 开源操作系统发展新趋势
Linux 开源操作系统发展新趋势Anthony Wong
 

Weitere ähnliche Inhalte

Was ist angesagt?

Mastering Docker on a Raspberry Pi
Mastering Docker on a Raspberry PiMastering Docker on a Raspberry Pi
Mastering Docker on a Raspberry PiTeam Hypriot
 
How to easy deploy app into any cloud
How to easy deploy app into any cloudHow to easy deploy app into any cloud
How to easy deploy app into any cloudLadislav Prskavec
 
Dockerizing IoT Services
Dockerizing IoT ServicesDockerizing IoT Services
Dockerizing IoT Servicesmsyukor
 
Hide your development environment and application in a container
Hide your development environment and application in a containerHide your development environment and application in a container
Hide your development environment and application in a containerJohan Janssen
 
Rootless Containers & Unresolved issues
Rootless Containers & Unresolved issuesRootless Containers & Unresolved issues
Rootless Containers & Unresolved issuesAkihiro Suda
 
There is no container - Ori Pekelman
There is no container - Ori PekelmanThere is no container - Ori Pekelman
There is no container - Ori PekelmanParis Container Day
 
How Docker didn't invent containers (Docker Meetup Brno #1)
How Docker didn't invent containers (Docker Meetup Brno #1)How Docker didn't invent containers (Docker Meetup Brno #1)
How Docker didn't invent containers (Docker Meetup Brno #1)Pavel Snajdr
 
When Docker ends, Chef begins ~ #idi2015 Incontro DevOps Italia
When Docker ends, Chef begins ~ #idi2015 Incontro DevOps ItaliaWhen Docker ends, Chef begins ~ #idi2015 Incontro DevOps Italia
When Docker ends, Chef begins ~ #idi2015 Incontro DevOps ItaliaGiovanni Toraldo
 
Programming IoT with Docker: How to Start?
Programming IoT with Docker: How to Start?Programming IoT with Docker: How to Start?
Programming IoT with Docker: How to Start?msyukor
 
[KubeConUS2019 Docker, Inc. Booth] Distributed Builds on Kubernetes with Bui...
[KubeConUS2019 Docker, Inc. Booth] Distributed Builds on Kubernetes with Bui... [KubeConUS2019 Docker, Inc. Booth] Distributed Builds on Kubernetes with Bui...
[KubeConUS2019 Docker, Inc. Booth] Distributed Builds on Kubernetes with Bui...Akihiro Suda
 
DockerCon 2016 Seattle Recap
DockerCon 2016 Seattle RecapDockerCon 2016 Seattle Recap
DockerCon 2016 Seattle RecapPhilipp Garbe
 
Docker workshop 0507 Taichung
Docker workshop 0507 Taichung Docker workshop 0507 Taichung
Docker workshop 0507 Taichung Paul Chao
 
Docker 初探,實驗室中的運貨鯨
Docker 初探,實驗室中的運貨鯨Docker 初探,實驗室中的運貨鯨
Docker 初探,實驗室中的運貨鯨Ruoshi Ling
 
RootedCON 2017 - Docker might not be your friend. Trojanizing Docker images
RootedCON 2017 - Docker might not be your friend. Trojanizing Docker imagesRootedCON 2017 - Docker might not be your friend. Trojanizing Docker images
RootedCON 2017 - Docker might not be your friend. Trojanizing Docker imagesDaniel Garcia (a.k.a cr0hn)
 
Docker on the Raspberry Pi by Dieter Reuter (Hypriot)
Docker on the Raspberry Pi by Dieter Reuter (Hypriot)Docker on the Raspberry Pi by Dieter Reuter (Hypriot)
Docker on the Raspberry Pi by Dieter Reuter (Hypriot)Docker, Inc.
 
Docker 導入:障礙與對策
Docker 導入:障礙與對策Docker 導入:障礙與對策
Docker 導入:障礙與對策William Yeh
 
時代在變 Docker 要會:台北 Docker 一日入門篇
時代在變 Docker 要會:台北 Docker 一日入門篇時代在變 Docker 要會:台北 Docker 一日入門篇
時代在變 Docker 要會:台北 Docker 一日入門篇Philip Zheng
 
Running Docker on ARM
Running Docker on ARMRunning Docker on ARM
Running Docker on ARMDieter Reuter
 
Production FS: Adapt or die - Claudia Beresford & Tiago Scolar
Production FS: Adapt or die - Claudia Beresford & Tiago ScolarProduction FS: Adapt or die - Claudia Beresford & Tiago Scolar
Production FS: Adapt or die - Claudia Beresford & Tiago ScolarParis Container Day
 
Building images efficiently and securely on Kubernetes with BuildKit
Building images efficiently and securely on Kubernetes with BuildKitBuilding images efficiently and securely on Kubernetes with BuildKit
Building images efficiently and securely on Kubernetes with BuildKitNTT Software Innovation Center
 

Was ist angesagt? (20)

Mastering Docker on a Raspberry Pi
Mastering Docker on a Raspberry PiMastering Docker on a Raspberry Pi
Mastering Docker on a Raspberry Pi
 
How to easy deploy app into any cloud
How to easy deploy app into any cloudHow to easy deploy app into any cloud
How to easy deploy app into any cloud
 
Dockerizing IoT Services
Dockerizing IoT ServicesDockerizing IoT Services
Dockerizing IoT Services
 
Hide your development environment and application in a container
Hide your development environment and application in a containerHide your development environment and application in a container
Hide your development environment and application in a container
 
Rootless Containers & Unresolved issues
Rootless Containers & Unresolved issuesRootless Containers & Unresolved issues
Rootless Containers & Unresolved issues
 
There is no container - Ori Pekelman
There is no container - Ori PekelmanThere is no container - Ori Pekelman
There is no container - Ori Pekelman
 
How Docker didn't invent containers (Docker Meetup Brno #1)
How Docker didn't invent containers (Docker Meetup Brno #1)How Docker didn't invent containers (Docker Meetup Brno #1)
How Docker didn't invent containers (Docker Meetup Brno #1)
 
When Docker ends, Chef begins ~ #idi2015 Incontro DevOps Italia
When Docker ends, Chef begins ~ #idi2015 Incontro DevOps ItaliaWhen Docker ends, Chef begins ~ #idi2015 Incontro DevOps Italia
When Docker ends, Chef begins ~ #idi2015 Incontro DevOps Italia
 
Programming IoT with Docker: How to Start?
Programming IoT with Docker: How to Start?Programming IoT with Docker: How to Start?
Programming IoT with Docker: How to Start?
 
[KubeConUS2019 Docker, Inc. Booth] Distributed Builds on Kubernetes with Bui...
[KubeConUS2019 Docker, Inc. Booth] Distributed Builds on Kubernetes with Bui... [KubeConUS2019 Docker, Inc. Booth] Distributed Builds on Kubernetes with Bui...
[KubeConUS2019 Docker, Inc. Booth] Distributed Builds on Kubernetes with Bui...
 
DockerCon 2016 Seattle Recap
DockerCon 2016 Seattle RecapDockerCon 2016 Seattle Recap
DockerCon 2016 Seattle Recap
 
Docker workshop 0507 Taichung
Docker workshop 0507 Taichung Docker workshop 0507 Taichung
Docker workshop 0507 Taichung
 
Docker 初探,實驗室中的運貨鯨
Docker 初探,實驗室中的運貨鯨Docker 初探,實驗室中的運貨鯨
Docker 初探,實驗室中的運貨鯨
 
RootedCON 2017 - Docker might not be your friend. Trojanizing Docker images
RootedCON 2017 - Docker might not be your friend. Trojanizing Docker imagesRootedCON 2017 - Docker might not be your friend. Trojanizing Docker images
RootedCON 2017 - Docker might not be your friend. Trojanizing Docker images
 
Docker on the Raspberry Pi by Dieter Reuter (Hypriot)
Docker on the Raspberry Pi by Dieter Reuter (Hypriot)Docker on the Raspberry Pi by Dieter Reuter (Hypriot)
Docker on the Raspberry Pi by Dieter Reuter (Hypriot)
 
Docker 導入:障礙與對策
Docker 導入:障礙與對策Docker 導入:障礙與對策
Docker 導入:障礙與對策
 
時代在變 Docker 要會:台北 Docker 一日入門篇
時代在變 Docker 要會:台北 Docker 一日入門篇時代在變 Docker 要會:台北 Docker 一日入門篇
時代在變 Docker 要會:台北 Docker 一日入門篇
 
Running Docker on ARM
Running Docker on ARMRunning Docker on ARM
Running Docker on ARM
 
Production FS: Adapt or die - Claudia Beresford & Tiago Scolar
Production FS: Adapt or die - Claudia Beresford & Tiago ScolarProduction FS: Adapt or die - Claudia Beresford & Tiago Scolar
Production FS: Adapt or die - Claudia Beresford & Tiago Scolar
 
Building images efficiently and securely on Kubernetes with BuildKit
Building images efficiently and securely on Kubernetes with BuildKitBuilding images efficiently and securely on Kubernetes with BuildKit
Building images efficiently and securely on Kubernetes with BuildKit
 

Ähnlich wie Docker italia fatti un container tutto tuo

Linux 开源操作系统发展新趋势
Linux 开源操作系统发展新趋势Linux 开源操作系统发展新趋势
Linux 开源操作系统发展新趋势Anthony Wong
 
Linux Security and How Web Browser Sandboxes Really Work (NDC Oslo 2017)
Linux Security and How Web Browser Sandboxes Really Work (NDC Oslo 2017)Linux Security and How Web Browser Sandboxes Really Work (NDC Oslo 2017)
Linux Security and How Web Browser Sandboxes Really Work (NDC Oslo 2017)Patricia Aas
 
Is Android the New Embedded Linux? at AnDevCon VI
Is Android the New Embedded Linux? at AnDevCon VIIs Android the New Embedded Linux? at AnDevCon VI
Is Android the New Embedded Linux? at AnDevCon VIOpersys inc.
 
Is Android the New Embedded Linux? at AnDevCon V
Is Android the New Embedded Linux? at AnDevCon VIs Android the New Embedded Linux? at AnDevCon V
Is Android the New Embedded Linux? at AnDevCon VOpersys inc.
 
G3 Summit 2016 - Dockerize your Grails!
G3 Summit 2016 - Dockerize your Grails!G3 Summit 2016 - Dockerize your Grails!
G3 Summit 2016 - Dockerize your Grails!Iván López Martín
 
A million ways to provision embedded linux devices
A million ways to provision embedded linux devicesA million ways to provision embedded linux devices
A million ways to provision embedded linux devicesMender.io
 
GR8Conf US 2017 - Dockerize your Grails!
GR8Conf US 2017 - Dockerize your Grails!GR8Conf US 2017 - Dockerize your Grails!
GR8Conf US 2017 - Dockerize your Grails!Iván López Martín
 
Tuning systemd for embedded
Tuning systemd for embeddedTuning systemd for embedded
Tuning systemd for embeddedAlison Chaiken
 
Docker containers : introduction
Docker containers : introductionDocker containers : introduction
Docker containers : introductionrinnocente
 
Headless Android at AnDevCon3
Headless Android at AnDevCon3Headless Android at AnDevCon3
Headless Android at AnDevCon3Opersys inc.
 
Snap - the universal packaging format for linux distros
Snap - the universal packaging format for linux distrosSnap - the universal packaging format for linux distros
Snap - the universal packaging format for linux distrosAnthony Wong
 
A "Box" Full of Tools and Distros
A "Box" Full of Tools and DistrosA "Box" Full of Tools and Distros
A "Box" Full of Tools and DistrosDario Faggioli
 
Real-World Docker: 10 Things We've Learned
Real-World Docker: 10 Things We've Learned Real-World Docker: 10 Things We've Learned
Real-World Docker: 10 Things We've Learned RightScale
 
Part 1 of 'Introduction to Linux for bioinformatics': Introduction
Part 1 of 'Introduction to Linux for bioinformatics': IntroductionPart 1 of 'Introduction to Linux for bioinformatics': Introduction
Part 1 of 'Introduction to Linux for bioinformatics': IntroductionJoachim Jacob
 
Systemd: the modern Linux init system you will learn to love
Systemd: the modern Linux init system you will learn to loveSystemd: the modern Linux init system you will learn to love
Systemd: the modern Linux init system you will learn to loveAlison Chaiken
 
Introduction to containers
Introduction to containersIntroduction to containers
Introduction to containersNitish Jadia
 
Jean s ca-le-videolan
Jean s ca-le-videolanJean s ca-le-videolan
Jean s ca-le-videolanAhmed NE
 

Ähnlich wie Docker italia fatti un container tutto tuo (20)

Containers > VMs
Containers > VMsContainers > VMs
Containers > VMs
 
Linux 开源操作系统发展新趋势
Linux 开源操作系统发展新趋势Linux 开源操作系统发展新趋势
Linux 开源操作系统发展新趋势
 
Linux Security and How Web Browser Sandboxes Really Work (NDC Oslo 2017)
Linux Security and How Web Browser Sandboxes Really Work (NDC Oslo 2017)Linux Security and How Web Browser Sandboxes Really Work (NDC Oslo 2017)
Linux Security and How Web Browser Sandboxes Really Work (NDC Oslo 2017)
 
Is Android the New Embedded Linux? at AnDevCon VI
Is Android the New Embedded Linux? at AnDevCon VIIs Android the New Embedded Linux? at AnDevCon VI
Is Android the New Embedded Linux? at AnDevCon VI
 
Is Android the New Embedded Linux? at AnDevCon V
Is Android the New Embedded Linux? at AnDevCon VIs Android the New Embedded Linux? at AnDevCon V
Is Android the New Embedded Linux? at AnDevCon V
 
G3 Summit 2016 - Dockerize your Grails!
G3 Summit 2016 - Dockerize your Grails!G3 Summit 2016 - Dockerize your Grails!
G3 Summit 2016 - Dockerize your Grails!
 
A million ways to provision embedded linux devices
A million ways to provision embedded linux devicesA million ways to provision embedded linux devices
A million ways to provision embedded linux devices
 
GR8Conf US 2017 - Dockerize your Grails!
GR8Conf US 2017 - Dockerize your Grails!GR8Conf US 2017 - Dockerize your Grails!
GR8Conf US 2017 - Dockerize your Grails!
 
Tuning systemd for embedded
Tuning systemd for embeddedTuning systemd for embedded
Tuning systemd for embedded
 
Docker containers : introduction
Docker containers : introductionDocker containers : introduction
Docker containers : introduction
 
Headless Android at AnDevCon3
Headless Android at AnDevCon3Headless Android at AnDevCon3
Headless Android at AnDevCon3
 
Snap - the universal packaging format for linux distros
Snap - the universal packaging format for linux distrosSnap - the universal packaging format for linux distros
Snap - the universal packaging format for linux distros
 
A "Box" Full of Tools and Distros
A "Box" Full of Tools and DistrosA "Box" Full of Tools and Distros
A "Box" Full of Tools and Distros
 
Real-World Docker: 10 Things We've Learned
Real-World Docker: 10 Things We've Learned Real-World Docker: 10 Things We've Learned
Real-World Docker: 10 Things We've Learned
 
Part 1 of 'Introduction to Linux for bioinformatics': Introduction
Part 1 of 'Introduction to Linux for bioinformatics': IntroductionPart 1 of 'Introduction to Linux for bioinformatics': Introduction
Part 1 of 'Introduction to Linux for bioinformatics': Introduction
 
Greach 2016 dockerize your grails
Greach 2016 dockerize your grailsGreach 2016 dockerize your grails
Greach 2016 dockerize your grails
 
Systemd: the modern Linux init system you will learn to love
Systemd: the modern Linux init system you will learn to loveSystemd: the modern Linux init system you will learn to love
Systemd: the modern Linux init system you will learn to love
 
Introduction to containers
Introduction to containersIntroduction to containers
Introduction to containers
 
Jean s ca-le-videolan
Jean s ca-le-videolanJean s ca-le-videolan
Jean s ca-le-videolan
 
Sonatype DevSecOps Leadership forum 2020
Sonatype DevSecOps Leadership forum 2020Sonatype DevSecOps Leadership forum 2020
Sonatype DevSecOps Leadership forum 2020
 

Mehr von Giulio De Donato

More developers on DevOps with Docker orchestration
More developers on DevOps with Docker orchestrationMore developers on DevOps with Docker orchestration
More developers on DevOps with Docker orchestrationGiulio De Donato
 
really really really awesome php application with bdd behat and iterfaces
really really really awesome php application with bdd behat and iterfacesreally really really awesome php application with bdd behat and iterfaces
really really really awesome php application with bdd behat and iterfacesGiulio De Donato
 
Import golang; struct microservice
Import golang; struct microserviceImport golang; struct microservice
Import golang; struct microserviceGiulio De Donato
 
Json web token api authorization
Json web token api authorizationJson web token api authorization
Json web token api authorizationGiulio De Donato
 
Think horizontally ood, ddd and bdd
Think horizontally ood, ddd and bddThink horizontally ood, ddd and bdd
Think horizontally ood, ddd and bddGiulio De Donato
 
I came i saw i go - golang it meetup codemotion rome 2014
I came i saw i go - golang it meetup codemotion rome 2014I came i saw i go - golang it meetup codemotion rome 2014
I came i saw i go - golang it meetup codemotion rome 2014Giulio De Donato
 
Benchmark Profile and Boost your Symfony application
Benchmark Profile and Boost your Symfony applicationBenchmark Profile and Boost your Symfony application
Benchmark Profile and Boost your Symfony applicationGiulio De Donato
 
Leaphly fight monolothic today
Leaphly fight monolothic todayLeaphly fight monolothic today
Leaphly fight monolothic todayGiulio De Donato
 
It's all about behaviour, also in php - phpspec
It's all about behaviour, also in php - phpspecIt's all about behaviour, also in php - phpspec
It's all about behaviour, also in php - phpspecGiulio De Donato
 
Design pattern in Symfony2 - Nanos gigantium humeris insidentes
Design pattern in Symfony2 - Nanos gigantium humeris insidentesDesign pattern in Symfony2 - Nanos gigantium humeris insidentes
Design pattern in Symfony2 - Nanos gigantium humeris insidentesGiulio De Donato
 
Caching and data analysis will move your Symfony2 application to the next level
Caching and data analysis will move your Symfony2 application to the next levelCaching and data analysis will move your Symfony2 application to the next level
Caching and data analysis will move your Symfony2 application to the next levelGiulio De Donato
 
Rationally boost your symfony2 application with caching tips and monitoring
Rationally boost your symfony2 application with caching tips and monitoringRationally boost your symfony2 application with caching tips and monitoring
Rationally boost your symfony2 application with caching tips and monitoringGiulio De Donato
 

Mehr von Giulio De Donato (12)

More developers on DevOps with Docker orchestration
More developers on DevOps with Docker orchestrationMore developers on DevOps with Docker orchestration
More developers on DevOps with Docker orchestration
 
really really really awesome php application with bdd behat and iterfaces
really really really awesome php application with bdd behat and iterfacesreally really really awesome php application with bdd behat and iterfaces
really really really awesome php application with bdd behat and iterfaces
 
Import golang; struct microservice
Import golang; struct microserviceImport golang; struct microservice
Import golang; struct microservice
 
Json web token api authorization
Json web token api authorizationJson web token api authorization
Json web token api authorization
 
Think horizontally ood, ddd and bdd
Think horizontally ood, ddd and bddThink horizontally ood, ddd and bdd
Think horizontally ood, ddd and bdd
 
I came i saw i go - golang it meetup codemotion rome 2014
I came i saw i go - golang it meetup codemotion rome 2014I came i saw i go - golang it meetup codemotion rome 2014
I came i saw i go - golang it meetup codemotion rome 2014
 
Benchmark Profile and Boost your Symfony application
Benchmark Profile and Boost your Symfony applicationBenchmark Profile and Boost your Symfony application
Benchmark Profile and Boost your Symfony application
 
Leaphly fight monolothic today
Leaphly fight monolothic todayLeaphly fight monolothic today
Leaphly fight monolothic today
 
It's all about behaviour, also in php - phpspec
It's all about behaviour, also in php - phpspecIt's all about behaviour, also in php - phpspec
It's all about behaviour, also in php - phpspec
 
Design pattern in Symfony2 - Nanos gigantium humeris insidentes
Design pattern in Symfony2 - Nanos gigantium humeris insidentesDesign pattern in Symfony2 - Nanos gigantium humeris insidentes
Design pattern in Symfony2 - Nanos gigantium humeris insidentes
 
Caching and data analysis will move your Symfony2 application to the next level
Caching and data analysis will move your Symfony2 application to the next levelCaching and data analysis will move your Symfony2 application to the next level
Caching and data analysis will move your Symfony2 application to the next level
 
Rationally boost your symfony2 application with caching tips and monitoring
Rationally boost your symfony2 application with caching tips and monitoringRationally boost your symfony2 application with caching tips and monitoring
Rationally boost your symfony2 application with caching tips and monitoring
 

Kürzlich hochgeladen

Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerAnamika Sarkar
 
Electronically Controlled suspensions system .pdf
Electronically Controlled suspensions system .pdfElectronically Controlled suspensions system .pdf
Electronically Controlled suspensions system .pdfme23b1001
 
Instrumentation, measurement and control of bio process parameters ( Temperat...
Instrumentation, measurement and control of bio process parameters ( Temperat...Instrumentation, measurement and control of bio process parameters ( Temperat...
Instrumentation, measurement and control of bio process parameters ( Temperat...121011101441
 
Class 1 | NFPA 72 | Overview Fire Alarm System
Class 1 | NFPA 72 | Overview Fire Alarm SystemClass 1 | NFPA 72 | Overview Fire Alarm System
Class 1 | NFPA 72 | Overview Fire Alarm Systemirfanmechengr
 
computer application and construction management
computer application and construction managementcomputer application and construction management
computer application and construction managementMariconPadriquez1
 
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfg
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfgUnit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfg
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfgsaravananr517913
 
Past, Present and Future of Generative AI
Past, Present and Future of Generative AIPast, Present and Future of Generative AI
Past, Present and Future of Generative AIabhishek36461
 
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfCCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfAsst.prof M.Gokilavani
 
TechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catchers
TechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor CatchersTechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catchers
TechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catcherssdickerson1
 
Risk Assessment For Installation of Drainage Pipes.pdf
Risk Assessment For Installation of Drainage Pipes.pdfRisk Assessment For Installation of Drainage Pipes.pdf
Risk Assessment For Installation of Drainage Pipes.pdfROCENODodongVILLACER
 
Earthing details of Electrical Substation
Earthing details of Electrical SubstationEarthing details of Electrical Substation
Earthing details of Electrical Substationstephanwindworld
 
Application of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptxApplication of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptx959SahilShah
 
Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...VICTOR MAESTRE RAMIREZ
 
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)dollysharma2066
 
Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024hassan khalil
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girlsssuser7cb4ff
 
Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.eptoze12
 

Kürzlich hochgeladen (20)

Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
 
Electronically Controlled suspensions system .pdf
Electronically Controlled suspensions system .pdfElectronically Controlled suspensions system .pdf
Electronically Controlled suspensions system .pdf
 
Instrumentation, measurement and control of bio process parameters ( Temperat...
Instrumentation, measurement and control of bio process parameters ( Temperat...Instrumentation, measurement and control of bio process parameters ( Temperat...
Instrumentation, measurement and control of bio process parameters ( Temperat...
 
Design and analysis of solar grass cutter.pdf
Design and analysis of solar grass cutter.pdfDesign and analysis of solar grass cutter.pdf
Design and analysis of solar grass cutter.pdf
 
Class 1 | NFPA 72 | Overview Fire Alarm System
Class 1 | NFPA 72 | Overview Fire Alarm SystemClass 1 | NFPA 72 | Overview Fire Alarm System
Class 1 | NFPA 72 | Overview Fire Alarm System
 
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptxExploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
 
POWER SYSTEMS-1 Complete notes examples
POWER SYSTEMS-1 Complete notes examplesPOWER SYSTEMS-1 Complete notes examples
POWER SYSTEMS-1 Complete notes examples
 
computer application and construction management
computer application and construction managementcomputer application and construction management
computer application and construction management
 
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfg
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfgUnit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfg
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfg
 
Past, Present and Future of Generative AI
Past, Present and Future of Generative AIPast, Present and Future of Generative AI
Past, Present and Future of Generative AI
 
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfCCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
 
TechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catchers
TechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor CatchersTechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catchers
TechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catchers
 
Risk Assessment For Installation of Drainage Pipes.pdf
Risk Assessment For Installation of Drainage Pipes.pdfRisk Assessment For Installation of Drainage Pipes.pdf
Risk Assessment For Installation of Drainage Pipes.pdf
 
Earthing details of Electrical Substation
Earthing details of Electrical SubstationEarthing details of Electrical Substation
Earthing details of Electrical Substation
 
Application of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptxApplication of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptx
 
Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...
 
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
 
Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girls
 
Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.
 

Docker italia fatti un container tutto tuo

Hinweis der Redaktion

  1. Sapete chi è lui? Facile Crozza vs RAZZI Esplogiamo la tecnologia e uccidiamo il magico
  2. CTO Golangit
  3. Siamo nel 2016, e Docker è ovunque, nei workshop, nelle conferenze, nei blog che parlano di startup, tra i servizi di Amazon e dentro google app engine e kebernetes. Gli ultimi anni sono stati grandiosi per i container ma sopratutto per Docker, si è addirittura definito uno standard di specifiche per la creazione dei container https://www.opencontainers.org/ (2015) sponsorizzato da Docker e mille altre aziende. Giorni fa quando ho parlato del workshop su docker che ho tenuto, un ragazzo ha detto ah si la virtualizzazione, questa associazione tra virtualizzazione e container è concettualmente simile ma tecnicamente distante, molto distante… sapremmo Dare una definizione di cosa è un container, e da cosa è composto? Mi piace l’idea che un container è una scatola in cui dentro viene eseguito uno o piu processi, L’idea di questo blog post è proprio quella di esplodere la scatola e vedere come funziona un container esplicitando tutta la magia.
  4. Sappiamo cosa fa… ma abbiamo mai pensato a cosa è E da cosa è composto? fight the magic non pensate che docker e che la tecnologia dei container sia troppo magica fa troppe cose...
  5. Costa dice ti pare che un processo non puo’ girare in pace con un altri processi? Ti pare che c’è un concetto a cui linux non ha mai pensato? ISOLATION I sistemisti per permettere l’isolation aggiungono server fisici, Poi è arrivato l’hypervisor, ma c’è qualcosa che ci siamo persi!
  6. Costa dice ti pare che un processo non puo’ girare in pace con un altri processi? Ti pare che c’è un concetto a cui linux non ha mai pensato? ISOLATION I sistemisti per permettere l’isolation aggiungono server fisici, Poi è arrivato l’hypervisor, ma c’è qualcosa che ci siamo persi!
  7. The other side of the resource-allocation problem is denial-of-service attacks. With traditional UNIX systems, local denial-of-service attacks are relatively easy to perpetrate. As a first example, Glauber gave the following small script: É possibile che due semplici script riescano a riempire il primo il filesystem e il secondo la ram?
  8. Parliamo di come è composti un container dei 3 principali Namespace isolamento astrazione Cgroups isolamento come limitazione Ufs. Isolamento nel FS ma anche altre funzionalità .. Cerchiamo di far girare la giostra fight the magic non pensate che docker e che la tecnologia dei container sia troppo magica fa troppe cose...
  9. Saro’ breve LXC owes its origin to the development of cgroups and namespaces in the Linux kernel to support lightweight virtualized OS environments (containers) and some early work by Daniel Lezcano and Serge Hallyn dating from 2009 at IBM The LXC Project provides tools to manage containers, advanced networking and storage support and a wide choice of minimal container OS templates. It is currently led by a 2 member team, Stephane Graber and Serge Hallyn from Ubuntu. The LXC project is supported by Ubuntu. LXC is actively developed but not well documented beyond Ubuntu. Cross distribution documentation is lacking, things usually work well in Ubuntu first, leaving to all round frustration and hair pulling for users of other distributions. There is a lot of confusion, outdated and often just misleading information online. Add Docker to the mix which has aggressively marketed itself to the wider community (Ubuntu, why so quiet?) and the volume of information and scope for confusion has widened. To clarify all the misconceptions both LXC an Docker are userland container managers that use kernel namespaces to provide end user containers. We also now have Systemd-Nspawn that does the same thing. The only difference is LXC containers have an an init and can thus run multiple processes and Docker containers do not have an init and can only run single processes. LXC maintainer Stephane Graber's excellent 10 part Blog series on LXC 1.0 and our LXC Getting started guide provide an overview of LXC and its capabilities.
  10. A process can be created in Linux by the fork(), clone()or vclone()system calls. In order to support namespaces, 6 flags (CLONE_NEW*) were added. These flags (or a combination of them) can be used in clone()or unshare()system calls to create a namespace.
  11. Namespaces API consists of these 3 system calls: ● clone() - creates a new process and a new namespace; the newly created process is attached to the new namespace.–The process creation and process termination methods, fork() and exit(), were patched to handle the new namespace CLONE_NEW* flags. ● unshare()–gets only a single parameter, flags.Does notcreate a new process; creates a new namespaceand attachesthe callingprocessto it.–unshare() was added in 2005.see “new system call, unshare” : http://lwn.net/Articles/135266/ ● setns()-a new system call, for attaching the calling process to an existing namespace; prototype: intsetns(intfd, intnstype)
  12. cd /home/liuggio/project/go/src/github.com/liuggio/c/namespace/noflag/ sudo /usr/local/go/bin/go run namespace.go /bin/sh -c "hostname ciao;hostname"
  13. $ df -h | grep "\/$" /dev/sdb2 102G 85G 12G 88% / $ df -h | grep "\/$" | awk '{print $1}' /dev/sdb2 #scopriamo a quanto andiamo :) $ dd if=/dev/zero of=`pwd`/file-xyz bs=1M count=500 $ dd if=/file-xyz of=/dev/null bs=1M count=300 $ lscgroup 300+0 records in 300+0 records out 314572800 bytes (315 MB) copied, 0,603292 s, 521 MB/s $ ls /dev/sdb -l brw-rw---- 1 root disk 8, 16feb 13 19:48 /dev/sdb In the Linux Allocated Devices notation, 8:18 represents /dev/sdb creiamo una cartella dentro cgroup da root :) $ mkdir /sys/fs/cgroup/blkio/sponge; cd /sys/fs/cgroup/blkio/sponge automaticamnete vengono creati dei file come per magia diciamo che vogliamo limitare la lettura a 5mb al secondo $ echo "8:16 5242880" > blkio.throttle.read_bps_device puliamo la cache $ echo 3 > /proc/sys/vm/drop_caches $ free -m $ cgexec -g blkio:sponge dd if=/file-xyz of=/dev/null & iotop
  14. Partiamo dalle basi sapete cosa è Eh no
  15. Partiamo dalle basi dell’informatica
  16. Se noi facessimo un giunto tra due rami dell’albero … Union file systems, or UnionFS, are file systems that operate by creating layers, making them very lightweight and fast. Docker uses union file systems to provide the building blocks for containers. Docker can make use of several union file system variants including: AUFS, btrfs, vfs, and DeviceMapper. Una funzionalità tanti benefici: Siamo abituati a vedere l’albero del filesystem come alberi dove i figli sono cartelle separate unite solo dal padre Connette l’albero filesystem in un unica cartella Immagine! Vantaggio della condivisione se aggiungo un layer dovro solo far scaricare il nuovo layer ai miei colleghi e non di nuovo tutta l’immagine. velocità non in lettura ma nell’esecuzione e condivisione. Quindi questa funzionalità permette anche ai container di avere una immagine su cui lavorare in readonly Con la famosa read on write paragone con virtualbox copia prima e utilizzo dopo, Write solo se serve. 2 features: unione copy on write Union fs: $ apt-get install aufs-tools
  17. $ mkdir /tmp/dir1; $ echo "ciao" >> /tmp/dir1/a $ mkdir /tmp/aufs $ mount -t aufs -o br=/tmp/dir1:`pwd` none /tmp/aufs $ echo "miao" > /tmp/aufs/miao $ ls -l /tmp/dir1; # c’è miao in dir2 $ ls -l /tmp/aufs; # c’è miao anche in dir1 $ ls -l `pwd`; # non c’è miao $ mount -t aufs -o br="/tmp/a:`pwd`=rr:/tmp/b=rr" none /tmp/aufs
  18. Per fare i layer ci vuole un albero union :)
  19. https://docs.oracle.com/cd/E18752_01/html/817-5093/bkupsnapshot-9.html problemi per terabyte al reboot fa cose strane
  20. Quindi siamo riusciti a far girare qualcosa Ma non come riescono i professionisti.
  21. Sapete chi è lui? Facile