SlideShare a Scribd company logo

Build, Ship, and Run Any App, Anywhere using Docker

Rahulkrishnan R A
Rahulkrishnan R A

COEP FOSSMeet’18 is the first edition of College of Engineering, Pune’s own Free and Open Source Software event. This meet has a vision to promote the culture of openness,innovation, and freedom. The meet intends to bring togetherFOSS developers, academicians, researchers, students and all those who love the FOSS movement. The meet intends to participate in the FOSS development and adoption process through hands-on sessions, discussions and lectures.

Technology
1 of 26
Download to read offline
Build, Ship, and Run Any App, Anywhere COEP FOSSMeet'18 Rahulkrishnan R A
About Me » Consultant @ Capgemini » Debian Contributor » Gopher » Organizer of kubernetes Meetup, Chennai Docker 101 LinkedIn linkedin.com/in/rahulkrishnanra/ Github https://github.com/rahulkrishnanfs Twitter https://twitter.com/rahulkrishnanra
3What is namespace? » Feature of the Linux kernel that partitions kernel resources » Limits what you can see » Namespaces are the fundamental aspect of containers on Linux
4 Types of namespace o pid (processes) o net (network stack) o mnt (mount points, filesystems) o uts (hostname) o ipc (System V IPC) o user (UIDs) o cgroups
5 What are they ? root@ip-172-31-43-99:/# ls -la /proc/4015/ns/ total 0 lrwxrwxrwx 1 cgroup -> cgroup:[4026531835] lrwxrwxrwx 1 ipc -> ipc:[4026531839] lrwxrwxrwx 1 mnt -> mnt:[4026531840] lrwxrwxrwx 1 net -> net:[4026531993] lrwxrwxrwx 1 pid -> pid:[4026531836] lrwxrwxrwx 1 user -> user:[4026531837] lrwxrwxrwx 1 uts -> uts:[4026531838]
6 PID namespace » Processes within a PID namespace only see processes in the same PID namespace » Each PID has its own numbering » Namespace will be killed if PID one goes away » Behavior like the “init” process » PID namespace can be nested, up to 32 nesting levels
7 1 2 3 4, 1 5, 2 6, 3 Child PID namespace parent PID namespace
Network Namespace » Logical copy of the network stack It has its own:  routes  firewall rules  network devices  IP address » It helps to separate application/process networking » You can move network interface across netns » Newly created network namespace includes only the loopback device
Child net namespace Child net namespace Global net namespace InterfaceInterface routing NetworkInterface
Mount namespace » Processes can have their own rootfs » Mounts can be totally private or shared » In the new mount namespace, all previous mounts will be visible » Mounts/unmounts in the global namespace are visible in that namespace
UTS namespace » Appears to have different host and domain names to different processes. » UTS namespace provides a way to get information about the system with commands like uname or hostname » Simple one to implement
UTS namespace Implementation func main() { cmd := exec.Command("/bin/sh") cmd.SysProcAttr = &syscall.SysProcAttr{ Cloneflags: syscall.CLONE_NEWUTS, } syscall.Sethostname([]byte("inner")) if err := cmd.Run(); err != nil { panic(err) } }
IPC namespace » Private set of IPC objects inside namespace eg: shm
User namespace » Allows to map UID/GID » Avoid extra configuration in containers » Security improvement
Container runtime - Docker
How containers looks like? ContainersVirtual Machines
Interest on Docker – Google trends https://trends.google.co.in/trends/explore?date=today%205-y&q=docker
Docker Engine Docker Engine is a client-server application with these major components: » A REST API which specifies interfaces that programs can use to talk to the daemon and instruct it what to do » A command line interface (CLI) client ( the docker command) » A server which is a type of long-running program called a daemon process (the dockerd command)
Docker architecture
How docker access the linux kernel?
Docker Images vs Containers Images » Lightweight, stand-alone, executable package » Includes everything needed to run a piece of software, including the code, a runtime, libraries, environment variables, and config files. Container » Runtime instance of an image—what the image becomes in memory when actually executed.
Docker Image
Sharing the docker image
“ Demo 24
“ Questions 25
“ Thanks !!! Follow me @rahulkrishnanra 26 😉

Recommended

Reflink
ReflinkReflink
ReflinkThe Linux Foundation
 
Declare your infrastructure: InfraKit, LinuxKit and Moby
Declare your infrastructure: InfraKit, LinuxKit and MobyDeclare your infrastructure: InfraKit, LinuxKit and Moby
Declare your infrastructure: InfraKit, LinuxKit and MobyMoby Project
 
OSS AWS 핸즈온 강의
OSS AWS 핸즈온 강의OSS AWS 핸즈온 강의
OSS AWS 핸즈온 강의Juhong Jung
 
What Have Syscalls Done for you Lately?
What Have Syscalls Done for you Lately?What Have Syscalls Done for you Lately?
What Have Syscalls Done for you Lately?Docker, Inc.
 
Linux kernel bug hunting
Linux kernel bug huntingLinux kernel bug hunting
Linux kernel bug huntingAndrea Righi
 
Flex pod driven by Openstack
Flex pod driven by OpenstackFlex pod driven by Openstack
Flex pod driven by OpenstackMarton Kiss
 
Installation of application server 10g in red hat 4
Installation of application server 10g in red hat 4Installation of application server 10g in red hat 4
Installation of application server 10g in red hat 4uzzzle
 
Docker n co
Docker n coDocker n co
Docker n coRohit Jnagal
 

Recommended

Reflink
ReflinkReflink
ReflinkThe Linux Foundation
 
Declare your infrastructure: InfraKit, LinuxKit and Moby
Declare your infrastructure: InfraKit, LinuxKit and MobyDeclare your infrastructure: InfraKit, LinuxKit and Moby
Declare your infrastructure: InfraKit, LinuxKit and MobyMoby Project
 
OSS AWS 핸즈온 강의
OSS AWS 핸즈온 강의OSS AWS 핸즈온 강의
OSS AWS 핸즈온 강의Juhong Jung
 
What Have Syscalls Done for you Lately?
What Have Syscalls Done for you Lately?What Have Syscalls Done for you Lately?
What Have Syscalls Done for you Lately?Docker, Inc.
 
Linux kernel bug hunting
Linux kernel bug huntingLinux kernel bug hunting
Linux kernel bug huntingAndrea Righi
 
Flex pod driven by Openstack
Flex pod driven by OpenstackFlex pod driven by Openstack
Flex pod driven by OpenstackMarton Kiss
 
Installation of application server 10g in red hat 4
Installation of application server 10g in red hat 4Installation of application server 10g in red hat 4
Installation of application server 10g in red hat 4uzzzle
 
Docker n co
Docker n coDocker n co
Docker n coRohit Jnagal
 
Redis clustering
Redis clusteringRedis clustering
Redis clusteringRavi Yasas
 
CoreOSによるDockerコンテナのクラスタリング
CoreOSによるDockerコンテナのクラスタリングCoreOSによるDockerコンテナのクラスタリング
CoreOSによるDockerコンテナのクラスタリングYuji ODA
 
Docker 基本概念與指令操作
Docker 基本概念與指令操作Docker 基本概念與指令操作
Docker 基本概念與指令操作NUTC, imac
 
Gebruik dezelfde Docker container voor Java applicaties tijdens ontwikkelen e...
Gebruik dezelfde Docker container voor Java applicaties tijdens ontwikkelen e...Gebruik dezelfde Docker container voor Java applicaties tijdens ontwikkelen e...
Gebruik dezelfde Docker container voor Java applicaties tijdens ontwikkelen e...NLJUG
 
使用 CLI 管理 OpenStack 平台
使用 CLI 管理 OpenStack 平台使用 CLI 管理 OpenStack 平台
使用 CLI 管理 OpenStack 平台NUTC, imac
 
Build your own private openstack cloud
Build your own private openstack cloudBuild your own private openstack cloud
Build your own private openstack cloudNUTC, imac
 
Introduction to Diskless Remote Boot in Linux
Introduction to Diskless Remote Boot in LinuxIntroduction to Diskless Remote Boot in Linux
Introduction to Diskless Remote Boot in LinuxJazz Yao-Tsung Wang
 
Everyone Loves a Sausage
Everyone Loves a SausageEveryone Loves a Sausage
Everyone Loves a SausageNick Jones
 
Slider2
Slider2Slider2
Slider2Ali Ebrahimpour
 
testing-nfs
testing-nfstesting-nfs
testing-nfsguest4e525f
 
Instructions
InstructionsInstructions
Instructionsds5ysm
 
Fixed in drizzle
Fixed in drizzleFixed in drizzle
Fixed in drizzleHenrik Ingo
 
Find the Hacker
Find the HackerFind the Hacker
Find the HackerSysdig
 
CoreOS
CoreOSCoreOS
CoreOSFrik khechoomian
 
Ns 3 installation procedure
Ns 3 installation procedureNs 3 installation procedure
Ns 3 installation procedureVinayak Antin
 
Microsoft Docker Meetup - Tutum Spring 2015
Microsoft Docker Meetup - Tutum Spring 2015Microsoft Docker Meetup - Tutum Spring 2015
Microsoft Docker Meetup - Tutum Spring 2015luisamariethm
 
About linux japanese
About linux japaneseAbout linux japanese
About linux japaneseShota Ito
 
2013 PyCon SG - Building your cloud infrastructure with Python
2013 PyCon SG - Building your cloud infrastructure with Python2013 PyCon SG - Building your cloud infrastructure with Python
2013 PyCon SG - Building your cloud infrastructure with PythonGeorge Goh
 
An Introduce of OPNFV (Open Platform for NFV)
An Introduce of OPNFV (Open Platform for NFV)An Introduce of OPNFV (Open Platform for NFV)
An Introduce of OPNFV (Open Platform for NFV)Mario Cho
 
Open stack 4day
Open stack 4dayOpen stack 4day
Open stack 4dayMario Cho
 
Namespaces and cgroups - the basis of Linux containers
Namespaces and cgroups - the basis of Linux containersNamespaces and cgroups - the basis of Linux containers
Namespaces and cgroups - the basis of Linux containersKernel TLV
 
Docker Container: isolation and security
Docker Container: isolation and securityDocker Container: isolation and security
Docker Container: isolation and security宇 傅
 

More Related Content

What's hot

Redis clustering
Redis clusteringRedis clustering
Redis clusteringRavi Yasas
 
CoreOSによるDockerコンテナのクラスタリング
CoreOSによるDockerコンテナのクラスタリングCoreOSによるDockerコンテナのクラスタリング
CoreOSによるDockerコンテナのクラスタリングYuji ODA
 
Docker 基本概念與指令操作
Docker 基本概念與指令操作Docker 基本概念與指令操作
Docker 基本概念與指令操作NUTC, imac
 
Gebruik dezelfde Docker container voor Java applicaties tijdens ontwikkelen e...
Gebruik dezelfde Docker container voor Java applicaties tijdens ontwikkelen e...Gebruik dezelfde Docker container voor Java applicaties tijdens ontwikkelen e...
Gebruik dezelfde Docker container voor Java applicaties tijdens ontwikkelen e...NLJUG
 
使用 CLI 管理 OpenStack 平台
使用 CLI 管理 OpenStack 平台使用 CLI 管理 OpenStack 平台
使用 CLI 管理 OpenStack 平台NUTC, imac
 
Build your own private openstack cloud
Build your own private openstack cloudBuild your own private openstack cloud
Build your own private openstack cloudNUTC, imac
 
Introduction to Diskless Remote Boot in Linux
Introduction to Diskless Remote Boot in LinuxIntroduction to Diskless Remote Boot in Linux
Introduction to Diskless Remote Boot in LinuxJazz Yao-Tsung Wang
 
Everyone Loves a Sausage
Everyone Loves a SausageEveryone Loves a Sausage
Everyone Loves a SausageNick Jones
 
Instructions
InstructionsInstructions
Instructionsds5ysm
 
Fixed in drizzle
Fixed in drizzleFixed in drizzle
Fixed in drizzleHenrik Ingo
 
Find the Hacker
Find the HackerFind the Hacker
Find the HackerSysdig
 
Ns 3 installation procedure
Ns 3 installation procedureNs 3 installation procedure
Ns 3 installation procedureVinayak Antin
 
Microsoft Docker Meetup - Tutum Spring 2015
Microsoft Docker Meetup - Tutum Spring 2015Microsoft Docker Meetup - Tutum Spring 2015
Microsoft Docker Meetup - Tutum Spring 2015luisamariethm
 
About linux japanese
About linux japaneseAbout linux japanese
About linux japaneseShota Ito
 
2013 PyCon SG - Building your cloud infrastructure with Python
2013 PyCon SG - Building your cloud infrastructure with Python2013 PyCon SG - Building your cloud infrastructure with Python
2013 PyCon SG - Building your cloud infrastructure with PythonGeorge Goh
 
An Introduce of OPNFV (Open Platform for NFV)
An Introduce of OPNFV (Open Platform for NFV)An Introduce of OPNFV (Open Platform for NFV)
An Introduce of OPNFV (Open Platform for NFV)Mario Cho
 
Open stack 4day
Open stack 4dayOpen stack 4day
Open stack 4dayMario Cho
 

What's hot (20)

Redis clustering
Redis clusteringRedis clustering
Redis clustering
 
CoreOSによるDockerコンテナのクラスタリング
CoreOSによるDockerコンテナのクラスタリングCoreOSによるDockerコンテナのクラスタリング
CoreOSによるDockerコンテナのクラスタリング
 
Docker 基本概念與指令操作
Docker 基本概念與指令操作Docker 基本概念與指令操作
Docker 基本概念與指令操作
 
Gebruik dezelfde Docker container voor Java applicaties tijdens ontwikkelen e...
Gebruik dezelfde Docker container voor Java applicaties tijdens ontwikkelen e...Gebruik dezelfde Docker container voor Java applicaties tijdens ontwikkelen e...
Gebruik dezelfde Docker container voor Java applicaties tijdens ontwikkelen e...
 
使用 CLI 管理 OpenStack 平台
使用 CLI 管理 OpenStack 平台使用 CLI 管理 OpenStack 平台
使用 CLI 管理 OpenStack 平台
 
Build your own private openstack cloud
Build your own private openstack cloudBuild your own private openstack cloud
Build your own private openstack cloud
 
Introduction to Diskless Remote Boot in Linux
Introduction to Diskless Remote Boot in LinuxIntroduction to Diskless Remote Boot in Linux
Introduction to Diskless Remote Boot in Linux
 
Everyone Loves a Sausage
Everyone Loves a SausageEveryone Loves a Sausage
Everyone Loves a Sausage
 
Slider2
Slider2Slider2
Slider2
 
testing-nfs
testing-nfstesting-nfs
testing-nfs
 
Instructions
InstructionsInstructions
Instructions
 
Fixed in drizzle
Fixed in drizzleFixed in drizzle
Fixed in drizzle
 
Find the Hacker
Find the HackerFind the Hacker
Find the Hacker
 
CoreOS
CoreOSCoreOS
CoreOS
 
Ns 3 installation procedure
Ns 3 installation procedureNs 3 installation procedure
Ns 3 installation procedure
 
Microsoft Docker Meetup - Tutum Spring 2015
Microsoft Docker Meetup - Tutum Spring 2015Microsoft Docker Meetup - Tutum Spring 2015
Microsoft Docker Meetup - Tutum Spring 2015
 
About linux japanese
About linux japaneseAbout linux japanese
About linux japanese
 
2013 PyCon SG - Building your cloud infrastructure with Python
2013 PyCon SG - Building your cloud infrastructure with Python2013 PyCon SG - Building your cloud infrastructure with Python
2013 PyCon SG - Building your cloud infrastructure with Python
 
An Introduce of OPNFV (Open Platform for NFV)
An Introduce of OPNFV (Open Platform for NFV)An Introduce of OPNFV (Open Platform for NFV)
An Introduce of OPNFV (Open Platform for NFV)
 
Open stack 4day
Open stack 4dayOpen stack 4day
Open stack 4day
 

Similar to Build, Ship, and Run Any App, Anywhere using Docker

Namespaces and cgroups - the basis of Linux containers
Namespaces and cgroups - the basis of Linux containersNamespaces and cgroups - the basis of Linux containers
Namespaces and cgroups - the basis of Linux containersKernel TLV
 
Docker Container: isolation and security
Docker Container: isolation and securityDocker Container: isolation and security
Docker Container: isolation and security宇 傅
 
Hacking Docker the Easy way
Hacking Docker the Easy wayHacking Docker the Easy way
Hacking Docker the Easy wayBorg Han
 
Security on a Container Platform
Security on a Container PlatformSecurity on a Container Platform
Security on a Container PlatformAll Things Open
 
Securing Applications and Pipelines on a Container Platform
Securing Applications and Pipelines on a Container PlatformSecuring Applications and Pipelines on a Container Platform
Securing Applications and Pipelines on a Container PlatformAll Things Open
 
The building blocks of docker.
The building blocks of docker.The building blocks of docker.
The building blocks of docker.Chafik Belhaoues
 
lxc-namespace.pdf
lxc-namespace.pdflxc-namespace.pdf
lxc-namespace.pdf-
 
Linux container, namespaces & CGroup.
Linux container, namespaces & CGroup. Linux container, namespaces & CGroup.
Linux container, namespaces & CGroup. Neeraj Shrimali
 
Container Performance Analysis
Container Performance AnalysisContainer Performance Analysis
Container Performance AnalysisBrendan Gregg
 
Container Performance Analysis Brendan Gregg, Netflix
Container Performance Analysis Brendan Gregg, NetflixContainer Performance Analysis Brendan Gregg, Netflix
Container Performance Analysis Brendan Gregg, NetflixDocker, Inc.
 
17 Linux Basics #burningkeyboards
17 Linux Basics #burningkeyboards17 Linux Basics #burningkeyboards
17 Linux Basics #burningkeyboardsDenis Ristic
 
Secure development on Kubernetes by Andreas Falk
Secure development on Kubernetes by Andreas FalkSecure development on Kubernetes by Andreas Falk
Secure development on Kubernetes by Andreas FalkSBA Research
 
Evolution of Linux Containerization
Evolution of Linux Containerization Evolution of Linux Containerization
Evolution of Linux Containerization WSO2
 
Evoluation of Linux Container Virtualization
Evoluation of Linux Container VirtualizationEvoluation of Linux Container Virtualization
Evoluation of Linux Container VirtualizationImesh Gunaratne
 
Containers: The What, Why, and How
Containers: The What, Why, and HowContainers: The What, Why, and How
Containers: The What, Why, and HowSneha Inguva
 
Docker London: Container Security
Docker London: Container SecurityDocker London: Container Security
Docker London: Container SecurityPhil Estes
 
Resource Management of Docker
Resource Management of DockerResource Management of Docker
Resource Management of DockerSpeedyCloud
 
Lions, Tigers and Deers: What building zoos can teach us about securing micro...
Lions, Tigers and Deers: What building zoos can teach us about securing micro...Lions, Tigers and Deers: What building zoos can teach us about securing micro...
Lions, Tigers and Deers: What building zoos can teach us about securing micro...Sysdig
 

Similar to Build, Ship, and Run Any App, Anywhere using Docker (20)

Namespaces and cgroups - the basis of Linux containers
Namespaces and cgroups - the basis of Linux containersNamespaces and cgroups - the basis of Linux containers
Namespaces and cgroups - the basis of Linux containers
 
Docker Container: isolation and security
Docker Container: isolation and securityDocker Container: isolation and security
Docker Container: isolation and security
 
Hacking Docker the Easy way
Hacking Docker the Easy wayHacking Docker the Easy way
Hacking Docker the Easy way
 
LSA2 - 02 Namespaces
LSA2 - 02 NamespacesLSA2 - 02 Namespaces
LSA2 - 02 Namespaces
 
Security on a Container Platform
Security on a Container PlatformSecurity on a Container Platform
Security on a Container Platform
 
Securing Applications and Pipelines on a Container Platform
Securing Applications and Pipelines on a Container PlatformSecuring Applications and Pipelines on a Container Platform
Securing Applications and Pipelines on a Container Platform
 
The building blocks of docker.
The building blocks of docker.The building blocks of docker.
The building blocks of docker.
 
lxc-namespace.pdf
lxc-namespace.pdflxc-namespace.pdf
lxc-namespace.pdf
 
Linux container, namespaces & CGroup.
Linux container, namespaces & CGroup. Linux container, namespaces & CGroup.
Linux container, namespaces & CGroup.
 
Container Performance Analysis
Container Performance AnalysisContainer Performance Analysis
Container Performance Analysis
 
Container Performance Analysis Brendan Gregg, Netflix
Container Performance Analysis Brendan Gregg, NetflixContainer Performance Analysis Brendan Gregg, Netflix
Container Performance Analysis Brendan Gregg, Netflix
 
17 Linux Basics #burningkeyboards
17 Linux Basics #burningkeyboards17 Linux Basics #burningkeyboards
17 Linux Basics #burningkeyboards
 
Secure development on Kubernetes by Andreas Falk
Secure development on Kubernetes by Andreas FalkSecure development on Kubernetes by Andreas Falk
Secure development on Kubernetes by Andreas Falk
 
Evolution of Linux Containerization
Evolution of Linux Containerization Evolution of Linux Containerization
Evolution of Linux Containerization
 
Evoluation of Linux Container Virtualization
Evoluation of Linux Container VirtualizationEvoluation of Linux Container Virtualization
Evoluation of Linux Container Virtualization
 
LXC
LXCLXC
LXC
 
Containers: The What, Why, and How
Containers: The What, Why, and HowContainers: The What, Why, and How
Containers: The What, Why, and How
 
Docker London: Container Security
Docker London: Container SecurityDocker London: Container Security
Docker London: Container Security
 
Resource Management of Docker
Resource Management of DockerResource Management of Docker
Resource Management of Docker
 
Lions, Tigers and Deers: What building zoos can teach us about securing micro...
Lions, Tigers and Deers: What building zoos can teach us about securing micro...Lions, Tigers and Deers: What building zoos can teach us about securing micro...
Lions, Tigers and Deers: What building zoos can teach us about securing micro...
 

Recently uploaded

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 

Recently uploaded (20)

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 

Build, Ship, and Run Any App, Anywhere using Docker

  • 1. Build, Ship, and Run Any App, Anywhere COEP FOSSMeet'18 Rahulkrishnan R A
  • 2. About Me » Consultant @ Capgemini » Debian Contributor » Gopher » Organizer of kubernetes Meetup, Chennai Docker 101 LinkedIn linkedin.com/in/rahulkrishnanra/ Github https://github.com/rahulkrishnanfs Twitter https://twitter.com/rahulkrishnanra
  • 3. 3What is namespace? » Feature of the Linux kernel that partitions kernel resources » Limits what you can see » Namespaces are the fundamental aspect of containers on Linux
  • 4. 4 Types of namespace o pid (processes) o net (network stack) o mnt (mount points, filesystems) o uts (hostname) o ipc (System V IPC) o user (UIDs) o cgroups
  • 5. 5 What are they ? root@ip-172-31-43-99:/# ls -la /proc/4015/ns/ total 0 lrwxrwxrwx 1 cgroup -> cgroup:[4026531835] lrwxrwxrwx 1 ipc -> ipc:[4026531839] lrwxrwxrwx 1 mnt -> mnt:[4026531840] lrwxrwxrwx 1 net -> net:[4026531993] lrwxrwxrwx 1 pid -> pid:[4026531836] lrwxrwxrwx 1 user -> user:[4026531837] lrwxrwxrwx 1 uts -> uts:[4026531838]
  • 6. 6 PID namespace » Processes within a PID namespace only see processes in the same PID namespace » Each PID has its own numbering » Namespace will be killed if PID one goes away » Behavior like the “init” process » PID namespace can be nested, up to 32 nesting levels
  • 7. 7 1 2 3 4, 1 5, 2 6, 3 Child PID namespace parent PID namespace
  • 8. Network Namespace » Logical copy of the network stack It has its own:  routes  firewall rules  network devices  IP address » It helps to separate application/process networking » You can move network interface across netns » Newly created network namespace includes only the loopback device
  • 9. Child net namespace Child net namespace Global net namespace InterfaceInterface routing NetworkInterface
  • 10. Mount namespace » Processes can have their own rootfs » Mounts can be totally private or shared » In the new mount namespace, all previous mounts will be visible » Mounts/unmounts in the global namespace are visible in that namespace
  • 11. UTS namespace » Appears to have different host and domain names to different processes. » UTS namespace provides a way to get information about the system with commands like uname or hostname » Simple one to implement
  • 12. UTS namespace Implementation func main() { cmd := exec.Command("/bin/sh") cmd.SysProcAttr = &syscall.SysProcAttr{ Cloneflags: syscall.CLONE_NEWUTS, } syscall.Sethostname([]byte("inner")) if err := cmd.Run(); err != nil { panic(err) } }
  • 13. IPC namespace » Private set of IPC objects inside namespace eg: shm
  • 14. User namespace » Allows to map UID/GID » Avoid extra configuration in containers » Security improvement
  • 16. How containers looks like? ContainersVirtual Machines
  • 17. Interest on Docker – Google trends https://trends.google.co.in/trends/explore?date=today%205-y&q=docker
  • 18. Docker Engine Docker Engine is a client-server application with these major components: » A REST API which specifies interfaces that programs can use to talk to the daemon and instruct it what to do » A command line interface (CLI) client ( the docker command) » A server which is a type of long-running program called a daemon process (the dockerd command)
  • 20. How docker access the linux kernel?
  • 21. Docker Images vs Containers Images » Lightweight, stand-alone, executable package » Includes everything needed to run a piece of software, including the code, a runtime, libraries, environment variables, and config files. Container » Runtime instance of an image—what the image becomes in memory when actually executed.
  • 26. “ Thanks !!! Follow me @rahulkrishnanra 26 😉