Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

An introduction to Docker and Project Atomic

2,298 views

Published on

Slides from my workshop at the Centos Dojo 2014, Bangalore.
This workshop focused on getting started with Docker with an introduction to Project Atomic. We discussed why Docker can be a better choice than Linux containers and virtual machines in many scenarios. We also discussed rpm-ostree and its advantages followed by running a CentOS Atomic host feeding it cloud-init data. A took a short ride to cockpit project for managing Atomic hosts and containers. We created custom docker images from CentOS image which can be shipped anywhere via docker repositories.

Published in: Technology

An introduction to Docker and Project Atomic

  1. 1. An Introduction to Docker and Project Atomic Aditya Patawari Contributor to Fedora Admin team Lead Engineer (Infrastructure) at BrowserStack.com aditya@adityapatawari.com adimania on freenode irc http://blog.adityapatawari.com November 15, 2014 Aditya Patawari An Introduction to Docker and Project Atomic
  2. 2. Topics What is Docker? Why not LXC or VM? Project Atomic is here! .. Along with rpm-ostree .. .. and Systemd Starting our Atomic Host Docker Commands Docker Repository Aditya Patawari An Introduction to Docker and Project Atomic
  3. 3. What is the problem? My production needs to be homogeneous I need to ship entire environment to my colleague My hypervisor ate all the CPU (or RAM) Classic problem ”.. but it works on my machine .. ” Aditya Patawari An Introduction to Docker and Project Atomic
  4. 4. What is Docker? LXC turbo charged Kernel Cgroups and Namespace implementation Using Device Mapper Thin Provionsing Portable. Registries are awesome! Aditya Patawari An Introduction to Docker and Project Atomic
  5. 5. Why Docker? Lightweight linux container Boots up in seconds Incrementally build, revert and reuse your container API to manage things remotely Aditya Patawari An Introduction to Docker and Project Atomic
  6. 6. Why not LXC containers or VM? Less resource consuming than virtual machines Faster than VM with reasonable amount of isolation. According to a benchmark by Boden Russell, IBM (approx figures): CPU usage 20 % vs 70 % Memory usage 50 MB vs 300 MB Better tools ecosystem around docker than LXC Case study of Spotify Aditya Patawari An Introduction to Docker and Project Atomic
  7. 7. Project Atomic is here! Minimal operating system Benefits of our favorite Enterprise Linux Robust atomic upgrades and systemd Ready to take on cloud, virtualized or bare metal Aditya Patawari An Introduction to Docker and Project Atomic
  8. 8. .. including rpm-ostree .. Bootable, immutable, versioned filesystem trees Composed from standard rpms Atomic upgrade and rollbacks Only /etc and /var are writable Aditya Patawari An Introduction to Docker and Project Atomic
  9. 9. .. and Systemd System and service manager for Linux Replacing the init in Centos 7 Highly modular and much more powerful than sysV Check out http://0pointer.de/blog/projects/why.html Aditya Patawari An Introduction to Docker and Project Atomic
  10. 10. Starting Atomic Host Atomic host needs cloud-init data Info about the host, i.e. meta-data Info about the user, i.e. user-data Aditya Patawari An Introduction to Docker and Project Atomic
  11. 11. cloud-init data $ cat meta-data instance-id: iid-local01; local-hostname: myhost; $ cat user-data #cloud-config password: mypassword ssh_pwauth: True chpasswd: { expire: False } ssh_authorized_keys: - ssh-rsa ... foo@foo.com $ genisoimage -output init.iso -volid cidata -joliet -rock user-data meta-data Aditya Patawari An Introduction to Docker and Project Atomic
  12. 12. Let’s try this out! yum install docker-io systemctl start docker docker pull adimania/fedora-busybox docker run -i -t adimania/fedora-busybox /sbin/sh docker ps docker images docker commit <container><tag> docker stop Aditya Patawari An Introduction to Docker and Project Atomic
  13. 13. Dockerfile FROM centos MAINTAINER Aditya Patawari <adimania@fedoraproject.org> RUN yum -y update RUN yum -y install httpd EXPOSE 80 CMD [ "httpd" ] Aditya Patawari An Introduction to Docker and Project Atomic
  14. 14. Docker build $ docker build . . . . ---> a8d3d615599a Removing intermediate container cc142bec3471 Step 4 : EXPOSE 6379 ---> Running in 3aaa20ddda02 ---> 3bef54fa4135 Removing intermediate container 3aaa20ddda02 Step 5 : CMD [ "redis-server" ] ---> Running in eef0cb48742a ---> 4f09b11a3dd2 Removing intermediate container eef0cb48742a Successfully built 4f09b11a3dd2 Aditya Patawari An Introduction to Docker and Project Atomic
  15. 15. Download only official or trusted images You’re still on your own on security updates An attack on non-namespaced subsystem or device is a potential risk Aditya Patawari An Introduction to Docker and Project Atomic
  16. 16. Questions? Now is your chance :) Aditya Patawari An Introduction to Docker and Project Atomic

×