Docker Internals
SF Docker Meetup at Twilio
11/14/2013
Docker version 0.6.6 / 0.7.0-rc5

##dockermeetup

By Guillaume J. C...
This is your last chance

1.
2.
3.
4.

Isolation
Images
Process Management
Roadmap
Isolation
• LXC
•
•
•
•

Cgroups/Namespaces
Processes
Mounts
Network

• Network
• NAT (DOCKER chain)
• Expose / Links

• F...
Isolation
• Isolation: Namespaces
• Only 1 syscall (setns()). No hypervisor
• Mounts, Uts (hostname), Net, Pid, IPC, User
...
Isolation
• Network
•
•
•
•

Bridge
Veth
NAT
Expose / Links

• File System
• Chroot++
• Image management
1.
2.
3.
4.

Isolation
Images
Process Management
Roadmap
Images
• AUFS
• Image format
•
•
•
•

Base image
Layer + parent id
Whiteouts (.wh.)
Difference Image vs Container

• Regis...
Images
• Why AUFS?
• Production usage for years
• Layers
• Multiple RO layers, 1 RW -> Diff

• Limitations
• 42 layers

• ...
Images
• Image format
• Payload (layer)
• Metadata (parent id)

• Image vs Container
• Differences
• Future: Unified forma...
Images
• Image sharing: Registry
• Push/Pull via diffs

• Future
• Backend interface / Devicemapper
• Unified image format...
1.
2.
3.
4.

Isolation
Images
Process Management
Roadmap
Process Management
• Docker daemon
• Transports unix/tcp

docker run internals
• Attach logic
• Logs

• Host Integration
•...
Process Management
• Docker daemon
• Transports: docker –d –H tcp://127.0.0.1:4243 –H unix:///var/run/docker.sock
• Holds ...
Process Management
docker run
• Create
• Start
• Attach

internals

• General Config vs Host Config
• Attach protocol
• TT...
1.
2.
3.
4.

Isolation
Images
Process Management
Roadmap
Roadmap
• Docker 0.7
• File system backend interface

• Docker 0.8
• Isolation backend interface
• Full introspection

• F...
Conclusion
• Wide global support with backend interfaces
• Service discovery improvement
• Road to multi host / orchestrat...
Thank you!

www.docker.io
Upcoming SlideShare
Loading in …5
×

Docker Internals - Twilio talk November 14th, 2013

4,989 views

Published on

Published in: Technology, Business
0 Comments
9 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
4,989
On SlideShare
0
From Embeds
0
Number of Embeds
1,660
Actions
Shares
0
Downloads
27
Comments
0
Likes
9
Embeds 0
No embeds

No notes for slide

Docker Internals - Twilio talk November 14th, 2013

  1. 1. Docker Internals SF Docker Meetup at Twilio 11/14/2013 Docker version 0.6.6 / 0.7.0-rc5 ##dockermeetup By Guillaume J. Charmes <guillaume@docker.com> @charme_g
  2. 2. This is your last chance 1. 2. 3. 4. Isolation Images Process Management Roadmap
  3. 3. Isolation • LXC • • • • Cgroups/Namespaces Processes Mounts Network • Network • NAT (DOCKER chain) • Expose / Links • File System • Chroot on steroids
  4. 4. Isolation • Isolation: Namespaces • Only 1 syscall (setns()). No hypervisor • Mounts, Uts (hostname), Net, Pid, IPC, User • Resource management: Cgroups • Memory Limitation • CPU Shares • Future: blkio
  5. 5. Isolation • Network • • • • Bridge Veth NAT Expose / Links • File System • Chroot++ • Image management
  6. 6. 1. 2. 3. 4. Isolation Images Process Management Roadmap
  7. 7. Images • AUFS • Image format • • • • Base image Layer + parent id Whiteouts (.wh.) Difference Image vs Container • Registry • Future • Devicemapper • Backend interface
  8. 8. Images • Why AUFS? • Production usage for years • Layers • Multiple RO layers, 1 RW -> Diff • Limitations • 42 layers • Whiteouts • Deletion management
  9. 9. Images • Image format • Payload (layer) • Metadata (parent id) • Image vs Container • Differences • Future: Unified format
  10. 10. Images • Image sharing: Registry • Push/Pull via diffs • Future • Backend interface / Devicemapper • Unified image format: whiteouts (.wh.)
  11. 11. 1. 2. 3. 4. Isolation Images Process Management Roadmap
  12. 12. Process Management • Docker daemon • Transports unix/tcp docker run internals • Attach logic • Logs • Host Integration • Dockerfile • RUN • EXPOSE • What is the Context? • Service Discovery
  13. 13. Process Management • Docker daemon • Transports: docker –d –H tcp://127.0.0.1:4243 –H unix:///var/run/docker.sock • Holds all containers • Handles the logging • Docker client • Everything uses the Remote API
  14. 14. Process Management docker run • Create • Start • Attach internals • General Config vs Host Config • Attach protocol • TTY • Non-TTY
  15. 15. 1. 2. 3. 4. Isolation Images Process Management Roadmap
  16. 16. Roadmap • Docker 0.7 • File system backend interface • Docker 0.8 • Isolation backend interface • Full introspection • Future • Ambassador Pattern
  17. 17. Conclusion • Wide global support with backend interfaces • Service discovery improvement • Road to multi host / orchestration
  18. 18. Thank you! www.docker.io

×