SlideShare a Scribd company logo

Docker Overview

R
Rohit Jnagal

This document provides an overview of Docker including: - Docker allows building applications once and deploying them anywhere reliably through containers that provide resource isolation. - Key Docker components include images, resource isolation using cgroups and namespaces, filesystem isolation using layers, and networking capabilities. - Under the hood, Docker utilizes cgroups for resource accounting, namespaces for isolation, security features like capabilities and AppArmor, and UnionFS for the layered filesystem. - The Docker codebase includes components for the daemon, API, image and container management, networking, and integration testing. Commonly used packages include libcontainer for namespaces and cgroups and packages for security, mounting, and networking.

Engineering
1 of 16
Downloaded 13 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
Docker Overview Rohit Jnagal, Docker Meetup, Bangalore
jnagal@ Containerizing everything @ Google Containers at scale. Resource Isolation. lmctfy libcontainer
Docker : What & Why Machine or Application containers Build Once, Configure Once. Deploy Everything* Everywhere* Reliably & Consistently Efficiently Cheaply
Docker Features Change Management Resource Isolation File system Isolation Network Isolation Image Management Sharing Process Management
Docker Components
Docker Grounds up: Resource Isolation Cgroups : Isolation and accounting ● cpu ● memory ● block i/o ● devices ● network ● numa ● freezer image credit: mairin
Docker Grounds up: Namespaces ● Process trees. ● Mounts. ● Network. ● User accounts. ● Hostnames. ● Inter-process communication. pid_t pid = clone(..., flags, ...) CLONE_NEWUTS hostname, domainname CLONE_NEWIPC IPC objects CLONE_NEWPID Process IDs CLONE_NEWNET Network configuration CLONE_NEWNS File system mounts CLONE_NEWUSER User and Group IDs setns(int fd, int nstype) CLONE_NEWIPC CLONE_NEWNET CLONE_NEWUTS Also: unshare(flags)
Docker Grounds up: Add Security ● Linux Capabilities ○ Drops most capabilities. ○ Enable what a task needs. ● GRSEC and PAX ● SELinux ● AppArmor image credit: Leo Reynolds
Docker Grounds up: Filesystem File-system Isolation: Building a rootfs dir and chroot into it. With mount namespace, use pivot-root. Features: Layering, CoW, Caching, Diffing Solutions: UnionFS, Snapshotting FS, CoW block devices
Docker Grounds up: Filesystem From: Jérôme Petazzoni
Docker Grounds up: Processes & Networking We have resources, isolation, and file system management. Docker daemon handles starting/stopping processes with: Attach logic Logs TTY management Docker run options Events and container state Network Management NAT, Bridge, Veth Expose Links
Docker Grounds up: Images Create and share images Push, pull, commit images. Registry (public, private) and index. Dockerfiles Orchestration: Linking Containers Multi-host linking Dynamic discovery image: jbarratt
Docker Codewalk github.com/dotcloud/docker/ api : docker client and server api daemon : Managing containers and images engine: commands/jobs processing graph: store for versioned filesystem images and their relationship. registry: handling registry and repository. links: Linking containers. integration-cli: Integration tests. docs: documentation. pkg: collection of standalone utility packages that are not docker specific. sdd -> Great place to start contributing. Time for actual walkthrough...
Docker Codewalk : docker/daemon Exec Driver Graph DriverNetwork Driver Docker Daemon LXC Native AUFS BTRFS DevMapper
Docker Codewalk : pkg github.com/dotcloud/docker/pkg libcontainer: cgroup and namespaces. Uses lot of other utility packages. nsinit binary. apparmor, selinux, label : applying security profiles. mount, signals : system utilities. iptables, networkfs, netlink : network utilities. term: terminal handling systemd Let’s look through some of these.
Thanks! Rohit Jnagal jnagal@google @jnagal

More Related Content

PDF
Docker n co
Rohit Jnagal
 
PDF
Running Django on Docker: a workflow and code
Danielle Madeley
 
PDF
AtlasCamp 2015: The age of orchestration: From Docker basics to cluster manag...
Atlassian
 
PDF
Ansible docker
QNIB Solutions
 
PDF
Docker and Kubernetes 101 workshop
Sathish VJ
 
PDF
Docker internals
Rohit Jnagal
 
PDF
Endocode Kubernetes Meetup: Architecture Patterns for Microservices in Kubern...
Thomas Fricke
 
PPTX
Docker-hanoi meetup #1: introduction about Docker
Nguyen Anh Tu
 
Docker n co
Rohit Jnagal
 
Running Django on Docker: a workflow and code
Danielle Madeley
 
AtlasCamp 2015: The age of orchestration: From Docker basics to cluster manag...
Atlassian
 
Ansible docker
QNIB Solutions
 
Docker and Kubernetes 101 workshop
Sathish VJ
 
Docker internals
Rohit Jnagal
 
Endocode Kubernetes Meetup: Architecture Patterns for Microservices in Kubern...
Thomas Fricke
 
Docker-hanoi meetup #1: introduction about Docker
Nguyen Anh Tu
 

What's hot (20)

PDF
Continuous integration with Docker and Ansible
Dmytro Slupytskyi
 
PDF
Docker Architecture (v1.3)
rajdeep
 
PDF
Docker at Djangocon 2013 | Talk by Ken Cochrane
dotCloud
 
PDF
Kubernetes Walk Through from Technical View
Lei (Harry) Zhang
 
PDF
Kubernetes Architecture and Introduction – Paris Kubernetes Meetup
Stefan Schimanski
 
PDF
Kubernetes Node Deep Dive
Lei (Harry) Zhang
 
PPTX
virtualization-vs-containerization-paas
rajdeep
 
PDF
DevOps in AWS with Kubernetes
Oleg Chunikhin
 
PPTX
Monitoring, Logging and Tracing on Kubernetes
Martin Etmajer
 
PDF
Docker Distributed application bundle & Stack - Overview
Thomas Chacko
 
PDF
Docker serverless v1.0
Thomas Chacko
 
PPTX
Scaling Docker Containers using Kubernetes and Azure Container Service
Ben Hall
 
PDF
runC: The little engine that could (run Docker containers) by Docker Captain ...
Docker, Inc.
 
PDF
Wso2 con 2014-us-tutorial-apache stratos-wso2 private paas with docker integr...
Lakmal Warusawithana
 
PPTX
Docker and kubernetes
Dongwon Kim
 
PPTX
Container & kubernetes
Ted Jung
 
PDF
Kubernetes intro public - kubernetes meetup 4-21-2015
Rohit Jnagal
 
PDF
Using Docker with OpenStack - Hands On!
Adrian Otto
 
PDF
Demystifying kubernetes
Works Applications
 
PDF
Scaling Microservices with Kubernetes
Deivid Hahn Fração
 
Continuous integration with Docker and Ansible
Dmytro Slupytskyi
 
Docker Architecture (v1.3)
rajdeep
 
Docker at Djangocon 2013 | Talk by Ken Cochrane
dotCloud
 
Kubernetes Walk Through from Technical View
Lei (Harry) Zhang
 
Kubernetes Architecture and Introduction – Paris Kubernetes Meetup
Stefan Schimanski
 
Kubernetes Node Deep Dive
Lei (Harry) Zhang
 
virtualization-vs-containerization-paas
rajdeep
 
DevOps in AWS with Kubernetes
Oleg Chunikhin
 
Monitoring, Logging and Tracing on Kubernetes
Martin Etmajer
 
Docker Distributed application bundle & Stack - Overview
Thomas Chacko
 
Docker serverless v1.0
Thomas Chacko
 
Scaling Docker Containers using Kubernetes and Azure Container Service
Ben Hall
 
runC: The little engine that could (run Docker containers) by Docker Captain ...
Docker, Inc.
 
Wso2 con 2014-us-tutorial-apache stratos-wso2 private paas with docker integr...
Lakmal Warusawithana
 
Docker and kubernetes
Dongwon Kim
 
Container & kubernetes
Ted Jung
 
Kubernetes intro public - kubernetes meetup 4-21-2015
Rohit Jnagal
 
Using Docker with OpenStack - Hands On!
Adrian Otto
 
Demystifying kubernetes
Works Applications
 
Scaling Microservices with Kubernetes
Deivid Hahn Fração
 
Ad

Similar to Docker Overview (20)

PPTX
Docker 101 Checonf 2016
Patrick Chanezon
 
PPTX
Docker training
Kiran Kumar
 
PPTX
Accelerate your development with Docker
Andrey Hristov
 
PDF
Accelerate your software development with Docker
Andrey Hristov
 
PDF
Docker, but what it is?
Julien Maitrehenry
 
PPTX
Docker Ecosystem on Azure
Patrick Chanezon
 
PDF
Rooting Out Root: User namespaces in Docker
Phil Estes
 
PPTX
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
Patrick Chanezon
 
PDF
Cloud Native Computing - Part III - Containers
Linjith Kunnon
 
PPTX
Powercoders · Docker · Fall 2021.pptx
IgnacioTamayo2
 
PPTX
Develop with docker 2014 aug
Vincent De Smet
 
PDF
Docker London: Container Security
Phil Estes
 
PPTX
Hands on introduction to docker security for docker newbies
Yigal Elefant
 
PDF
DockerCC.pdf
Cesar Capillas
 
PDF
Dockers & kubernetes detailed - Beginners to Geek
wiTTyMinds1
 
PDF
The internals and the latest trends of container runtimes
Akihiro Suda
 
PPTX
Docker Security
BladE0341
 
PDF
Practical Docker for OpenStack (Juno Summit - May 15th, 2014)
Erica Windisch
 
PDF
Docker Essentials Workshop— Innovation Labs July 2020
CloudHero
 
PDF
Docker for Developers
JasonStraughan1
 
Docker 101 Checonf 2016
Patrick Chanezon
 
Docker training
Kiran Kumar
 
Accelerate your development with Docker
Andrey Hristov
 
Accelerate your software development with Docker
Andrey Hristov
 
Docker, but what it is?
Julien Maitrehenry
 
Docker Ecosystem on Azure
Patrick Chanezon
 
Rooting Out Root: User namespaces in Docker
Phil Estes
 
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
Patrick Chanezon
 
Cloud Native Computing - Part III - Containers
Linjith Kunnon
 
Powercoders · Docker · Fall 2021.pptx
IgnacioTamayo2
 
Develop with docker 2014 aug
Vincent De Smet
 
Docker London: Container Security
Phil Estes
 
Hands on introduction to docker security for docker newbies
Yigal Elefant
 
DockerCC.pdf
Cesar Capillas
 
Dockers & kubernetes detailed - Beginners to Geek
wiTTyMinds1
 
The internals and the latest trends of container runtimes
Akihiro Suda
 
Docker Security
BladE0341
 
Practical Docker for OpenStack (Juno Summit - May 15th, 2014)
Erica Windisch
 
Docker Essentials Workshop— Innovation Labs July 2020
CloudHero
 
Docker for Developers
JasonStraughan1
 
Ad

Recently uploaded (20)

PDF
composite construction of structures.pdf
AinieButt1
 
PPTX
M Tech Sem 1 Civil Engineering Environmental Sciences.pptx
ShriNRPrasad
 
PDF
Operating System & Kernel Study Guide-1 - converted.pdf
mranoninvisib16
 
PPTX
CYBER-CRIMES AND SECURITY A guide to understanding
Davies Chacko
 
PPTX
Internet of Things (IOT) - A guide to understanding
Davies Chacko
 
PPTX
web development for engineering and engineering
keshriji700
 
PPTX
bas. eng. economics group 4 presentation 1.pptx
kiribakimoses1993
 
PDF
Mohammad Mahdi Farshadian CV - Prospective PhD Student 2026
Educational Group Mohammad Farshadian
 
PPTX
Lesson 3_Tessellation.pptx finite Mathematics
quakeplayz54
 
PPTX
MET 305 MODULE 1 KTU 2019 SCHEME 25.pptx
VinayB68
 
PPT
Mechanical Engineering MATERIALS Selection
arsalanahmad705384
 
PDF
ETO & MEO Certificate of Competency Questions and Answers
Mahmoud Moghtaderi
 
PPTX
Construction Project Organization Group 2.pptx
vj5agdales
 
PPTX
CARTOGRAPHY AND GEOINFORMATION VISUALIZATION chapter1 NPTE (2).pptx
abhi1361yadav
 
PDF
Evaluating the Democratization of the Turkish Armed Forces from a Normative P...
jpsjournal1
 
PPTX
UNIT-1 - COAL BASED THERMAL POWER PLANTS
Chandra Kumar S
 
DOCX
573137875-Attendance-Management-System-original
AYUSHMANAV
 
PPTX
OOP with Java - Java Introduction (Basics)
Rashmi T V
 
PPTX
FINAL REVIEW FOR COPD DIANOSIS FOR PULMONARY DISEASE.pptx
rubeshbme
 
PPTX
Lecture Notes Electrical Wiring System Components
eedgecbhojpur
 
composite construction of structures.pdf
AinieButt1
 
M Tech Sem 1 Civil Engineering Environmental Sciences.pptx
ShriNRPrasad
 
Operating System & Kernel Study Guide-1 - converted.pdf
mranoninvisib16
 
CYBER-CRIMES AND SECURITY A guide to understanding
Davies Chacko
 
Internet of Things (IOT) - A guide to understanding
Davies Chacko
 
web development for engineering and engineering
keshriji700
 
bas. eng. economics group 4 presentation 1.pptx
kiribakimoses1993
 
Mohammad Mahdi Farshadian CV - Prospective PhD Student 2026
Educational Group Mohammad Farshadian
 
Lesson 3_Tessellation.pptx finite Mathematics
quakeplayz54
 
MET 305 MODULE 1 KTU 2019 SCHEME 25.pptx
VinayB68
 
Mechanical Engineering MATERIALS Selection
arsalanahmad705384
 
ETO & MEO Certificate of Competency Questions and Answers
Mahmoud Moghtaderi
 
Construction Project Organization Group 2.pptx
vj5agdales
 
CARTOGRAPHY AND GEOINFORMATION VISUALIZATION chapter1 NPTE (2).pptx
abhi1361yadav
 
Evaluating the Democratization of the Turkish Armed Forces from a Normative P...
jpsjournal1
 
UNIT-1 - COAL BASED THERMAL POWER PLANTS
Chandra Kumar S
 
573137875-Attendance-Management-System-original
AYUSHMANAV
 
OOP with Java - Java Introduction (Basics)
Rashmi T V
 
FINAL REVIEW FOR COPD DIANOSIS FOR PULMONARY DISEASE.pptx
rubeshbme
 
Lecture Notes Electrical Wiring System Components
eedgecbhojpur
 

Docker Overview

  • 1. Docker Overview Rohit Jnagal, Docker Meetup, Bangalore
  • 2. jnagal@ Containerizing everything @ Google Containers at scale. Resource Isolation. lmctfy libcontainer
  • 3. Docker : What & Why Machine or Application containers Build Once, Configure Once. Deploy Everything* Everywhere* Reliably & Consistently Efficiently Cheaply
  • 6. Docker Grounds up: Resource Isolation Cgroups : Isolation and accounting ● cpu ● memory ● block i/o ● devices ● network ● numa ● freezer image credit: mairin
  • 7. Docker Grounds up: Namespaces ● Process trees. ● Mounts. ● Network. ● User accounts. ● Hostnames. ● Inter-process communication. pid_t pid = clone(..., flags, ...) CLONE_NEWUTS hostname, domainname CLONE_NEWIPC IPC objects CLONE_NEWPID Process IDs CLONE_NEWNET Network configuration CLONE_NEWNS File system mounts CLONE_NEWUSER User and Group IDs setns(int fd, int nstype) CLONE_NEWIPC CLONE_NEWNET CLONE_NEWUTS Also: unshare(flags)
  • 8. Docker Grounds up: Add Security ● Linux Capabilities ○ Drops most capabilities. ○ Enable what a task needs. ● GRSEC and PAX ● SELinux ● AppArmor image credit: Leo Reynolds
  • 9. Docker Grounds up: Filesystem File-system Isolation: Building a rootfs dir and chroot into it. With mount namespace, use pivot-root. Features: Layering, CoW, Caching, Diffing Solutions: UnionFS, Snapshotting FS, CoW block devices
  • 10. Docker Grounds up: Filesystem From: Jérôme Petazzoni
  • 11. Docker Grounds up: Processes & Networking We have resources, isolation, and file system management. Docker daemon handles starting/stopping processes with: Attach logic Logs TTY management Docker run options Events and container state Network Management NAT, Bridge, Veth Expose Links
  • 12. Docker Grounds up: Images Create and share images Push, pull, commit images. Registry (public, private) and index. Dockerfiles Orchestration: Linking Containers Multi-host linking Dynamic discovery image: jbarratt
  • 13. Docker Codewalk github.com/dotcloud/docker/ api : docker client and server api daemon : Managing containers and images engine: commands/jobs processing graph: store for versioned filesystem images and their relationship. registry: handling registry and repository. links: Linking containers. integration-cli: Integration tests. docs: documentation. pkg: collection of standalone utility packages that are not docker specific. sdd -> Great place to start contributing. Time for actual walkthrough...
  • 14. Docker Codewalk : docker/daemon Exec Driver Graph DriverNetwork Driver Docker Daemon LXC Native AUFS BTRFS DevMapper
  • 15. Docker Codewalk : pkg github.com/dotcloud/docker/pkg libcontainer: cgroup and namespaces. Uses lot of other utility packages. nsinit binary. apparmor, selinux, label : applying security profiles. mount, signals : system utilities. iptables, networkfs, netlink : network utilities. term: terminal handling systemd Let’s look through some of these.