Building Infrastructure with Containers (SJSU Talk)

•Download as PPTX, PDF•

0 likes•1,530 views

How can contain two jedis Darth and Luke from each other? There are three building blocks of containers. 1. Namespace 2. CGroups 3. Capabilities

Technology

Building Infrastructure with
Containers
Pradeep Padala, Co-Founder/CTO
Presented at SJSU Operating Systems Class in Dec 2015

Operating System Level Virtualization
©ContainerX, http://containerx.io, @ContainerXInc

Containers
©ContainerX, http://containerx.io, @ContainerXInc

How to contain?
darth
(user: root)
(pid: 1)
luke
(user: root)
(pid: 2)
©ContainerX, http://containerx.io, @ContainerXInc

©ContainerX, http://containerx.io, @ContainerXInc

How to contain?
darth
(user: root)
(pid: 1)
luke
(user: root)
(pid: 2)
# pkill -9 luke
©ContainerX, http://containerx.io, @ContainerXInc

What If Darth can’t see Luke?
darth
(user: root)
(pid: 1)
luke
(user: root)
(pid: 2)
# pkill -9 luke
process not found
©ContainerX, http://containerx.io, @ContainerXInc

How to contain?
1. PID isolation
©ContainerX, http://containerx.io, @ContainerXInc

But, Darth can still see Luke 
darth
(user: root)
(pid: 1)
luke
(user: root)
(pid: 2)
# pkill -9 luke
process not found
# cd /home/luke
# rm –rf *
©ContainerX, http://containerx.io, @ContainerXInc

How to contain?
Namespaces
1. PID
2. File system (or mount)
3. UTS – isolate hostname, nodename
4. IPC – mq and other IPC objects
5. Network – sockets, IP address, network stack
6. …
©ContainerX, http://containerx.io, @ContainerXInc

Darth can’t see Luke!
darth
(user: root)
(pid: 1)
luke
(user: root)
(pid: 2)
# pkill -9 luke
process not found
# cd /home/luke
no such directory
©ContainerX, http://containerx.io, @ContainerXInc

But, resources are shared
darth
(user: root)
(pid: 1)
luke
(user: root)
(pid: 2)
# cat /dev/zero > /dev/null
©ContainerX, http://containerx.io, @ContainerXInc

$Use cgroups to limit resources group limitcpu { cpu { cpu.shares = 400; } } group limitmem { memory { memory.limit_in_bytes = 512m; } } ©ContainerX, http://containerx.io, @ContainerXInc$

How to contain?
1. Namespaces
2. Cgroups
©ContainerX, http://containerx.io, @ContainerXInc

We are not done yet
darth
(user: nonroot)
(pid: 1)
luke
(user: root)
(pid: 2)
$ bindto 22
©ContainerX, http://containerx.io, @ContainerXInc

Capabilities
Two modes
1. Run as root, deny all, grant selected capabilities
2. Run as non-root, grant selected capabilities
a) grant net_bind_service
©ContainerX, http://containerx.io, @ContainerXInc

How to contain?
1. Namespaces
2. Cgroups
3. Capabilities
©ContainerX, http://containerx.io, @ContainerXInc

Container Stack
Linux kernel with lxc
lxc user-space tools cgroups
Docker
©ContainerX, http://containerx.io, @ContainerXInc

Docker is a wrapper around lxc
simplifies container creation
©ContainerX, http://containerx.io, @ContainerXInc

Docker Images
Source: https://docs.docker.com/terms/layer/
©ContainerX, http://containerx.io, @ContainerXInc

Build layers using Dockerfile
FROM ubuntu
RUN apt-get install -y apache2
CMD ["/usr/sbin/apache2ctl", "-D", "FOREGROUND"]
©ContainerX, http://containerx.io, @ContainerXInc

Build, Run and Inspect a container
• Setup a Docker host using docker-machine
• Write a Dockerfile
• Build
• Run
• Inspect
©ContainerX, http://containerx.io, @ContainerXInc

Demo
©ContainerX, http://containerx.io, @ContainerXInc

How to manage multiple hosts and
containers?
• It’s easy to setup a Docker hos and run a container
• It’s “super hard” to manage many of them, why?
1. Scale
2. Allocating resources (compute, storage and network)
3. Day-to-day management
4. Running infrastructure efficiently
©ContainerX, http://containerx.io, @ContainerXInc

The Container Platform for Enterprise IT
©ContainerX, http://containerx.io, @ContainerXInc

kernel
lxc cg
Docker
kernel
lxc cg
Docker
kernel
lxc cg
Docker
kernel
lxc cg
Docker
kernel
lxc cg
Docker
On-Premise Cloud
©ContainerX, http://containerx.io, @ContainerXInc

Host and Container Management
• Cluster concept – aggregation
• Elasticity
• Addition and deletion of hosts
• Automatically in cloud environments
• Horizontal scaling
• Storage
• Network
©ContainerX, http://containerx.io, @ContainerXInc

Resource Management
0%
Green Container Pool
CPU Limit: 30%
Mem Limit: 30%
Priority: Medium
20% 0%
Yellow Container Pool
CPU Limit: 60%
Mem Limit: 70%
Priority: High
60%0%
Blue Container Pool
CPU Limit: 30%
Mem Limit: 20%
Priority: Low
20%
30%30% 40%
©ContainerX, http://containerx.io, @ContainerXInc

Resource Management Trade-offs
Utilization
vs
Isolation
©ContainerX, http://containerx.io, @ContainerXInc

Many Scheduling Algorithms
What works?
• Feedback based algorithms
• Simple heuristics
• Extensive simulation to understand corner cases
Real-world robustness is most important!
©ContainerX, http://containerx.io, @ContainerXInc

Cluster scheduling – feedback loop
Monitor
Control
Action
Stats
Performance goals
Control parameters
Model
Model can model
applications, containers,
and underlying resources
Change allocation
©ContainerX, http://containerx.io, @ContainerXInc

Summary
• What are containers?
• OS virtualization
• Namespaces + CGroups + Capabilities
• Docker
• Wrapper around lxc
• User-friendly containers
• Container management – hard!
• Aggregation, Elastiticy, Multi-tenancy …
• Feedback loop for cluster scheduling
©ContainerX, http://containerx.io, @ContainerXInc

Dokku is a mini-Heroku application platform powered by Docker containers. It allows users to deploy and manage applications via Git pushes to the Dokku host. Dokku uses Docker to containerize applications and Heroku buildpacks to build and compile code into runnable images. The demo showed how to install Dokku on a Linode server and deploy a sample Rails application by pushing to the Dokku Git remote. Custom buildpacks, databases, and configuration variables were also demonstrated.

Perspectives on Docker

RightScale

This document discusses 10 things not to forget before deploying Docker in production. It covers logging, monitoring, secrets, container access, filesystem choices, disk space usage, build optimizations, download speeds, backups, and Docker clusters. Overall, Docker provides benefits for portability and workflows but has some challenges to address for system-wide deployments in production environments.

Docker on Google App Engine

Docker, Inc.

This document discusses using Docker on Google App Engine. It provides an overview of how Docker allows developers to build and run applications inside containers on App Engine, including local development, deployment to App Engine, and access to App Engine APIs and services from within Docker containers. Key benefits highlighted include turn-key deployment, automatic health checking, monitoring, logging and scaling from App Engine, and the ability to use any libraries or code within Docker containers.

How to easy deploy app into any cloud

Ladislav Prskavec

The document discusses how to easily deploy applications into any cloud using Docker containers. It provides an overview of Docker, including how it allows building applications once and running them anywhere without recompilation. Examples are given of using Docker for development, continuous integration, and deploying and managing applications across clouds with tools like Docker Compose, Docker Machine, and Docker Swarm.

ContainerDayVietnam2016: Django Development with Docker

Docker-Hanoi

Cuong Tran presented on Django development with Docker. The presentation covered: 1. Introduction to the Django Docker stack including Nginx, Django, Postgres, and Redis. 2. How to run the Django stack using Docker Compose including building, starting containers, and migrating data. 3. Common activities like running commands in containers, updating code in Git, and rebuilding Docker images. 4. Problems and solutions like handling Docker stop signals gracefully, ensuring proper startup order, and optimizing the Docker build process. 5. Useful Docker snippets for stats, removing containers/images, and saving/loading images.

How to swim with a whale

Łukasz Siudut

The document discusses potential issues that can occur with Docker containers and summarizes ways to address some of these issues in 3 sentences or less. It begins by explaining that Docker uses cgroups and namespaces to isolate resources and that exceeding limits of certain resources like open file handles or network interfaces can cause problems. It then summarizes that storage drivers like devicemapper and AUFS can impact disk performance, with AUFS utilizing page caching more efficiently. The document advocates for storage drivers like Btrfs that are more production ready.

Deploy django apps using docker

Thomas Kremmel

This document discusses deploying Django apps using Docker. Docker allows encapsulating apps from the host system in "containers" to make deployment repeatable without interfering with other host configurations. Key Docker terms include Dockerfile (commands to build images), images (snapshots of lightweight VMs), and containers (running instances of images). The document provides commands for building/running images and entering containers. It recommends getting a cheap VM from Digital Ocean with Docker preinstalled to easily test and use Docker.

This document discusses developer workflows using Docker from development to production. It covers using Docker Compose and Docker Swarm for local development and Docker Cloud for managing production deployments. It also discusses using Kubernetes and cloud native PaaS solutions like Deis, OpenShift, and Rancher that are based on Kubernetes. Specifically, it demos deploying a sample application to OpenShift using the Red Hat Container Development Kit.

Карманный PaaS с Dokku (Александр Белецкий)

GeeksLab Odessa

Dokku is a mini-Heroku platform that provides a PaaS-like experience without needing to build a full PaaS. It uses Git and SSH to receive code pushes, buildpacks to detect and prepare the app runtime, Docker to containerize apps, and Nginx to handle HTTP traffic. Dokku provides an interface between developers and production infrastructure by solving code deployment with Gitreceive, runtime preparation with buildpacks, containerization with Docker, and HTTP routing with Nginx.

Vagrant

Denys Kurets

Docker 1.11

Maciej Lasyk

This document discusses the history and development of Docker. It notes that Docker was originally created at dotCloud as the engine for their Platform as a Service (PaaS), but in 2013 as PaaS times were hard, Docker was open sourced. Docker was based on LXC and created for a single purpose. dotCloud then pivoted to create Docker Inc. and make Docker their main product. The document also discusses Docker 1.11's integration with runC and systemd, as well as the transition to using the Open Container Initiative specification.

Building Reusable Development Environments with Docker

Revelation Technologies

Docker is a relatively new technology, but it is based on solid underpinnings of the Linux Kernel. It can provision instances in a fraction of the time versus a traditional virtual machine. This makes it a great candidate for development teams to create consistent test benches for their developers. To set up your own disposable Docker environments bring a laptop and make your development a pleasurable experience.

Hide your development environment and application in a container

Johan Janssen

Docker 101 @KACST Saudi HPC 2016

Walid Shaari

CONTAINERS WORKSHOP DURING SAUDI HPC 2016 : DOCKER 101, DOCKER, AND ITS ECO SYSTEM FOR DISTRIBUTED SYSTEMS by Walid Shaari This workshop will cover the Theory and hands-on of Docker containers, and Its eco system. The foundations of the Docker platform, including an overview of the platform system components, images, containers and repositories, installation , using Docker containers from repositories e.g. dockerhub, how to create a container using Dockerfile, containers development life cycle. The strategy is to demonstrate through "live demo, and shared exercise" the reuse and customization of components to build a distributed system case service gradually http://www.hpcsaudi.com/

HP Advanced Technology Group: Docker and Ansible

Patrick Galbraith

Docker linuxday 2015

Massimiliano Dessì

Massimiliano Dessi discusses Docker, an open-source containerization platform. Docker allows applications to be easily deployed into containers by automating the deployment process. Containers offer greater density and efficiency than virtual machines by running at the kernel level without an extra layer of abstraction. Docker uses containers, images, and a client-server architecture to package and run applications securely isolated on the host operating system with their own filesystem, CPU, memory, and other resources.

Introduction to Docker Compose | Docker Intermediate Workshop

Ajeet Singh Raina

Docker Compose allows users to define and run multi-container Docker applications. With Docker Compose, a YAML file is used to configure an application's services, and with a single command, all the services can be started from the configuration. Docker Compose is a three step process - services are defined in a Dockerfile, then in a Docker Compose file, and then run with docker-compose up. It supports volumes, networks, and environmental variables. Docker Compose can be used for development, testing, and production environments across different platforms.

Puppeteerのお話

Shinji Kobayashi

This document discusses Puppeteer, an open-source Node library which provides a high-level API to control headless Chrome or Chromium over the DevTools Protocol. It covers using Puppeteer to take screenshots, generate PDFs, emulate user interactions like keyboard input, and run end-to-end tests with Jest. Examples are provided for common tasks like navigating pages, selecting elements, and interacting with pages in an automated fashion.

dkr_django_slides

Gladson Manuel

This document summarizes using Docker to containerize a Django web application. It describes using separate Docker containers for the Django/Uwsgi application code, Nginx web servers, and a Postgresql database. The architecture involves running multiple Uwsgi containers that connect to a single Postgresql database container for high availability. It also describes pulling code changes from a Git server into running Uwsgi containers and committing container changes to new Docker images.

Running Docker with OpenStack | Docker workshop #1

dotCloud

The document discusses new features in the upcoming Havana release of OpenStack Nova that will allow it to deploy and manage containers using Docker instead of just virtual machines. Specifically, it provides instructions for using DevStack to install and test Docker support in Nova, such as cloning the DevStack repository, setting the VIRT_DRIVER variable to Docker, running Docker install and test scripts, launching a Docker container as a Nova instance, and pushing public Docker images to Glance.

RHEL/Fedora + Docker (and SELinux)

Maciej Lasyk

Docker - 15 great Tutorials

Julien Barbier

This document lists 15 tutorials about Docker, an open-source containerization platform. The tutorials cover topics such as installing Docker on various platforms like Ubuntu, Linux, Rackspace, and Digital Ocean; deploying applications like Java, Django, Drupal, and Redis using Docker containers; and using Docker to build services and applications. The tutorials are from 2013 and provide links to blog posts and resources about getting started with Docker.

Containerizing Web Application with Docker

msyukor

This document provides an overview of Docker and instructions for installing and using Docker. It discusses what Docker is, the main Docker tools, how to install Docker on different operating systems, and common Docker commands for pulling images, running containers, linking containers, building images with Dockerfiles, and more. The goal is to teach the reader how to containerize a web application using Docker.

Installaling Puppet Master and Agent

Ranjit Avasarala

Intro to docker

Towfiqul Islam

This document provides an introduction and overview of Docker, including key concepts like Dockerfiles, images, containers, services, and Docker Compose. It discusses common Docker commands like docker build, docker run, and docker-compose up. It also mentions the importance of trial and error and lists several resources for learning more about Docker, such as documentation, tutorials, and meetup groups.

Docker dDessi november 2015

Massimiliano Dessì

This document provides an overview of Docker containers. It defines containers as lightweight sandboxed processes that share the same kernel as the host operating system. The key benefits of containers are that they have lower overhead than virtual machines and allow for the easy sharing and distribution of applications. The document discusses Docker images, containers, the client-server architecture, and basic Docker commands. It also covers use cases, the layered filesystem model, and security considerations when using containers.

Docker Kubernetes Istio

Araf Karsh Hamid

O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...

Ambassador Labs

What's hot

Docker for Developers - Part 2 by Borja Burgos and Fernando Mayo

Docker, Inc.

Developer workflow with docker

Lalatendu Mohanty

Карманный PaaS с Dokku (Александр Белецкий)

GeeksLab Odessa

Vagrant

Denys Kurets

Docker 1.11

Maciej Lasyk

Building Reusable Development Environments with Docker

Revelation Technologies

Hide your development environment and application in a container

Johan Janssen

Docker 101 @KACST Saudi HPC 2016

Walid Shaari

HP Advanced Technology Group: Docker and Ansible

Patrick Galbraith

Docker linuxday 2015

Massimiliano Dessì

Introduction to Docker Compose | Docker Intermediate Workshop

Ajeet Singh Raina

Puppeteerのお話

Shinji Kobayashi

dkr_django_slides

Gladson Manuel

Running Docker with OpenStack | Docker workshop #1

dotCloud

RHEL/Fedora + Docker (and SELinux)

Maciej Lasyk

Docker - 15 great Tutorials

Julien Barbier

Containerizing Web Application with Docker

msyukor

Installaling Puppet Master and Agent

Ranjit Avasarala

Intro to docker

Towfiqul Islam

Docker dDessi november 2015

Massimiliano Dessì

What's hot (20)

Docker for Developers - Part 2 by Borja Burgos and Fernando Mayo

Developer workflow with docker

Карманный PaaS с Dokku (Александр Белецкий)

Vagrant

Docker 1.11

Building Reusable Development Environments with Docker

Hide your development environment and application in a container

Docker 101 @KACST Saudi HPC 2016

HP Advanced Technology Group: Docker and Ansible

Docker linuxday 2015

Introduction to Docker Compose | Docker Intermediate Workshop

Puppeteerのお話

dkr_django_slides

Running Docker with OpenStack | Docker workshop #1

RHEL/Fedora + Docker (and SELinux)

Docker - 15 great Tutorials

Containerizing Web Application with Docker

Installaling Puppet Master and Agent

Intro to docker

Docker dDessi november 2015

Similar to Building Infrastructure with Containers (SJSU Talk)

Docker Kubernetes Istio

Araf Karsh Hamid

O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...

Ambassador Labs

DevAssistant, Docker and You

BalaBit

This document discusses Docker, DevAssistant, and how they can help with development workflows. It summarizes that Docker allows for containerization of applications and their dependencies to enable portable deployment. While Docker simplifies development in some ways, properly setting up related containers and services can be complex. DevAssistant aims to address this by providing plugins to automate common development tasks like initializing projects, installing dependencies, and configuring container-based environments. The document demonstrates how DevAssistant can help simplify using Docker for development. It concludes with information on a competition to earn a free beer by following instructions using DevAssistant.

Accelerate your development with Docker

Andrey Hristov

This document provides an overview of Docker and containers. It begins with a brief introduction to 12 Factor Applications methodology and then defines what Docker is, explaining that containers utilize Linux namespaces and cgroups to isolate processes. It describes the Docker software and ecosystem, including images, registries, Docker CLI, Docker Compose, building images with Dockerfile, and orchestrating with tools like Kubernetes. It concludes with a live demo and links to additional resources.

Accelerate your software development with Docker

Andrey Hristov

Learning Docker with Thomas

Thomas Tong, FRM, PMP

This document summarizes a presentation about using Docker for development. It discusses installing Docker, running a "Hello World" Docker image, building a custom Python Docker image, and composing a more complex Docker application with PHP, MySQL, and Apache. The benefits of Docker like lightweight containers, easy environment setup, and scalability are highlighted. Some challenges with scaling and orchestration are also mentioned, along with solutions like Docker Swarm and Kubernetes.

JDD2014: Docker.io - versioned linux containers for JVM devops - Dominik Dorn

PROIDEA

This presentation will introduce you to Docker - the new shiny star on the Devops horizon. It will teach you everything you need to know to get started with Docker, why you'd want to use it and which tools to use to get the most out of it. Additionally to showing the basics, it will introduce helpful libraries available for the JVM and how they can be used together with Docker to create secure, scalable and maintainable cloud setups for your applications.

Docker_Interview_Questions__Answers.pdf

RifqiMultazamOfficia

This document provides interview questions related to Docker. It begins with basic questions about Docker containers, images, Dockerfiles, and commands. It then covers intermediate topics like the differences between images and layers, volumes, Docker Compose, and networking. Advanced questions touch on using JSON with Compose files, container lifecycles, and orchestrating multiple environments. The document aims to evaluate a candidate's understanding of Docker from fundamental concepts to more sophisticated uses.

2015 05-06-elias weingaertner-docker-intro

Haufe-Lexware GmbH & Co KG

This document provides an introduction to Docker and the need for orchestration tools when deploying multi-container applications. It discusses how Docker solves the problem of portability for software artifacts and defines key Docker concepts like images, containers, and registries. It also introduces orchestration tools like Docker Compose and Docker Swarm that automate deployment of interdependent services across clusters. The document argues for guidelines on Docker use at organizations to address questions around containerization strategies and orchestration platforms.

Docker and the Container Revolution

Romain Dorgueil

Docker DANS workshop

vty

This document discusses Docker and Kubernetes concepts and how they can be used to deploy applications and services. It provides examples of deploying Dataverse, a data repository system, using Docker containers and Kubernetes. Key points covered include Docker concepts like images, containers and registries. It also discusses tools like Docker Compose for defining multi-container applications and Kubernetes for orchestrating containers across a cluster.

HPC Cloud Burst Using Docker

IRJET Journal

This document discusses using Docker containers to deploy high performance computing (HPC) applications across private and public clouds. It begins with an abstract describing cloud bursting using Docker containers when demand spikes. The introduction provides background on Docker, a container-based virtualization technology that is more lightweight than hypervisor-based virtual machines. The authors implement a model for deploying distributed applications using Docker containers, which have less overhead than VMs since they share the host operating system and libraries. The system overview shows the process of creating Docker images of web applications, deploying them to containers on private cloud, and bursting to public cloud when thresholds are exceeded. The implementation details installing Docker and deploying applications within containers on the private cloud, then pushing the images

Docker San Francisco Meetup April 2015 - The Docker Orchestration Ecosystem o...

Patrick Chanezon

The document discusses the Docker ecosystem including: - The history and components of Docker including the Docker Engine, Hub, Machine, Compose, and Swarm. - How Docker provides isolation using Linux kernel features like namespaces and cgroups. - Other projects in the Docker ecosystem like Weave, Flocker, and Powerstrip. - Orchestration tools like Docker Swarm and Kubernetes that manage Docker containers across multiple hosts. - Platforms that are built on Docker like CoreOS, Deis, Cloud Foundry, and IBM Bluemix.

Containers Roadshow: How to Develop Containers for the Enterprise

Honza Horák

Containers without docker | DevNation Tech Talk

Red Hat Developers

This document summarizes a talk about running containers without Docker. It discusses alternatives like Podman and Buildah that can replace Docker functionality. The talk demonstrates installing and using Podman to run containers, Buildah to build images from Dockerfiles, and Skopeo to copy images between registries. The presentation encourages understanding containers beyond just Docker and knowing other tools in the ecosystem.

[@NaukriEngineering] Docker 101

Naukri.com

Architecting .NET Applications for Docker and Container Based Deployments

Ben Hall

This document discusses using Docker containers to deploy .NET applications. It covers running a basic ASP.NET application in a Docker container, linking multiple containers together, and using tools like Docker Gen and Consul for service discovery. It also explores possibilities for the future like running SQL Server and Visual Studio in containers, and how Docker can help close the gap between development and production. The overall message is that Docker is a useful tool for deploying many types of applications, including those built on .NET.

Docker for Developers

JasonStraughan1

Introduction to Docker and Monitoring with InfluxData

InfluxData

In this webinar, Gary Forgheti, Technical Alliance Engineer at Docker, and Gunnar Aasen, Partner Engineering, provide an introduction to Docker and InfluxData. From there, they will show you how to use the two together to setup and monitor your containers and microservices to properly manage your infrastructure and track key metrics (CPU, RAM, storage, network utilization), as well as the availability of your application endpoints.

Docker-Hanoi @DKT , Presentation about Docker Ecosystem

Van Phuc

The document provides an overview of Docker Platform and Ecosystem. It begins with introductions and background on Docker, explaining how Docker solves the problem of dependency hell and portability issues by allowing applications to run in isolated containers that package code and dependencies. It then discusses key components of Docker including Engine, Registry, Machine, Swarm, Compose and tools like Toolbox and Cloud. The document concludes with examples of using Docker for continuous integration pipelines and microservices architectures.

Similar to Building Infrastructure with Containers (SJSU Talk) (20)

Docker Kubernetes Istio

O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...

DevAssistant, Docker and You

Accelerate your development with Docker

Accelerate your software development with Docker

Learning Docker with Thomas

JDD2014: Docker.io - versioned linux containers for JVM devops - Dominik Dorn

Docker_Interview_Questions__Answers.pdf

2015 05-06-elias weingaertner-docker-intro

Docker and the Container Revolution

Docker DANS workshop

HPC Cloud Burst Using Docker

Docker San Francisco Meetup April 2015 - The Docker Orchestration Ecosystem o...

Containers Roadshow: How to Develop Containers for the Enterprise

Containers without docker | DevNation Tech Talk

[@NaukriEngineering] Docker 101

Architecting .NET Applications for Docker and Container Based Deployments

Docker for Developers

Introduction to Docker and Monitoring with InfluxData

Docker-Hanoi @DKT , Presentation about Docker Ecosystem

Recently uploaded

Taking AI to the Next Level in Manufacturing.pdf

ssuserfac0301

Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as: 1. How quickly AI is being implemented in manufacturing. 2. Which barriers stand in the way of AI adoption. 3. How data quality and governance form the backbone of AI. 4. Organizational processes and structures that may inhibit effective AI adoption. 6. Ideas and approaches to help build your organization's AI strategy.

Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians

Neo4j

Principle of conventional tomography-Bibash Shahi ppt..pptx

BibashShahi

Essentials of Automations: Exploring Attributes & Automation Parameters

Safe Software

Building automations in FME Flow can save time, money, and help businesses scale by eliminating data silos and providing data to stakeholders in real-time. One essential component to orchestrating complex automations is the use of attributes & automation parameters (both formerly known as “keys”). In fact, it’s unlikely you’ll ever build an Automation without using these components, but what exactly are they? Attributes & automation parameters enable the automation author to pass data values from one automation component to the next. During this webinar, our FME Flow Specialists will cover leveraging the three types of these output attributes & parameters in FME Flow: Event, Custom, and Automation. As a bonus, they’ll also be making use of the Split-Merge Block functionality. You’ll leave this webinar with a better understanding of how to maximize the potential of automations by making use of attributes & automation parameters, with the ultimate goal of setting your enterprise integration workflows up on autopilot.

“How Axelera AI Uses Digital Compute-in-memory to Deliver Fast and Energy-eff...

Edge AI and Vision Alliance

For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/how-axelera-ai-uses-digital-compute-in-memory-to-deliver-fast-and-energy-efficient-computer-vision-a-presentation-from-axelera-ai/ Bram Verhoef, Head of Machine Learning at Axelera AI, presents the “How Axelera AI Uses Digital Compute-in-memory to Deliver Fast and Energy-efficient Computer Vision” tutorial at the May 2024 Embedded Vision Summit. As artificial intelligence inference transitions from cloud environments to edge locations, computer vision applications achieve heightened responsiveness, reliability and privacy. This migration, however, introduces the challenge of operating within the stringent confines of resource constraints typical at the edge, including small form factors, low energy budgets and diminished memory and computational capacities. Axelera AI addresses these challenges through an innovative approach of performing digital computations within memory itself. This technique facilitates the realization of high-performance, energy-efficient and cost-effective computer vision capabilities at the thin and thick edge, extending the frontier of what is achievable with current technologies. In this presentation, Verhoef unveils his company’s pioneering chip technology and demonstrates its capacity to deliver exceptional frames-per-second performance across a range of standard computer vision networks typical of applications in security, surveillance and the industrial sector. This shows that advanced computer vision can be accessible and efficient, even at the very edge of our technological ecosystem.

“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...

Edge AI and Vision Alliance

For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/temporal-event-neural-networks-a-more-efficient-alternative-to-the-transformer-a-presentation-from-brainchip/ Chris Jones, Director of Product Management at BrainChip , presents the “Temporal Event Neural Networks: A More Efficient Alternative to the Transformer” tutorial at the May 2024 Embedded Vision Summit. The expansion of AI services necessitates enhanced computational capabilities on edge devices. Temporal Event Neural Networks (TENNs), developed by BrainChip, represent a novel and highly efficient state-space network. TENNs demonstrate exceptional proficiency in handling multi-dimensional streaming data, facilitating advancements in object detection, action recognition, speech enhancement and language model/sequence generation. Through the utilization of polynomial-based continuous convolutions, TENNs streamline models, expedite training processes and significantly diminish memory requirements, achieving notable reductions of up to 50x in parameters and 5,000x in energy consumption compared to prevailing methodologies like transformers. Integration with BrainChip’s Akida neuromorphic hardware IP further enhances TENNs’ capabilities, enabling the realization of highly capable, portable and passively cooled edge devices. This presentation delves into the technical innovations underlying TENNs, presents real-world benchmarks, and elucidates how this cutting-edge approach is positioned to revolutionize edge AI across diverse applications.

HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU

panagenda

Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/ DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen! Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell. Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten. Diese Themen werden behandelt - Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten - Wie funktionieren CCB- und CCX-Lizenzen wirklich? - Verstehen des DLAU-Tools und wie man es am besten nutzt - Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw. - Praxisbeispiele und Best Practices zum sofortigen Umsetzen

Harnessing the Power of NLP and Knowledge Graphs for Opioid Research

Neo4j

Your One-Stop Shop for Python Success: Top 10 US Python Development Providers

akankshawande

Artificial Intelligence and Electronic Warfare

Papadakis K.-Cyber-Information Warfare Analyst & Cyber Defense/Security Consultant-Hellenic MoD

Columbus Data & Analytics Wednesdays - June 2024

Jason Packer

Dandelion Hashtable: beyond billion requests per second on a commodity server

Antonios Katsarakis

This slide deck presents DLHT, a concurrent in-memory hashtable. Despite efforts to optimize hashtables, that go as far as sacrificing core functionality, state-of-the-art designs still incur multiple memory accesses per request and block request processing in three cases. First, most hashtables block while waiting for data to be retrieved from memory. Second, open-addressing designs, which represent the current state-of-the-art, either cannot free index slots on deletes or must block all requests to do so. Third, index resizes block every request until all objects are copied to the new index. Defying folklore wisdom, DLHT forgoes open-addressing and adopts a fully-featured and memory-aware closed-addressing design based on bounded cache-line-chaining. This design offers lock-free index operations and deletes that free slots instantly, (2) completes most requests with a single memory access, (3) utilizes software prefetching to hide memory latencies, and (4) employs a novel non-blocking and parallel resizing. In a commodity server and a memory-resident workload, DLHT surpasses 1.6B requests per second and provides 3.5x (12x) the throughput of the state-of-the-art closed-addressing (open-addressing) resizable hashtable on Gets (Deletes).

JavaLand 2024: Application Development Green Masterplan

Miro Wengner

Fueling AI with Great Data with Airbyte Webinar

Zilliz

Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency

ScyllaDB

Northern Engraving | Nameplate Manufacturing Process - 2024

Northern Engraving

Manufacturing custom quality metal nameplates and badges involves several standard operations. Processes include sheet prep, lithography, screening, coating, punch press and inspection. All decoration is completed in the flat sheet with adhesive and tooling operations following. The possibilities for creating unique durable nameplates are endless. How will you create your brand identity? We can help!

zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...

Alex Pruden

Folding is a recent technique for building efficient recursive SNARKs. Several elegant folding protocols have been proposed, such as Nova, Supernova, Hypernova, Protostar, and others. However, all of them rely on an additively homomorphic commitment scheme based on discrete log, and are therefore not post-quantum secure. In this work we present LatticeFold, the first lattice-based folding protocol based on the Module SIS problem. This folding protocol naturally leads to an efficient recursive lattice-based SNARK and an efficient PCD scheme. LatticeFold supports folding low-degree relations, such as R1CS, as well as high-degree relations, such as CCS. The key challenge is to construct a secure folding protocol that works with the Ajtai commitment scheme. The difficulty, is ensuring that extracted witnesses are low norm through many rounds of folding. We present a novel technique using the sumcheck protocol to ensure that extracted witnesses are always low norm no matter how many rounds of folding are used. Our evaluation of the final proof system suggests that it is as performant as Hypernova, while providing post-quantum security. Paper Link: https://eprint.iacr.org/2024/257

Main news related to the CCS TSI 2023 (2023/1695)

Jakub Marek

An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers. The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 . The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .

GNSS spoofing via SDR (Criptored Talks 2024)

Javier Junquera

In the realm of cybersecurity, offensive security practices act as a critical shield. By simulating real-world attacks in a controlled environment, these techniques expose vulnerabilities before malicious actors can exploit them. This proactive approach allows manufacturers to identify and fix weaknesses, significantly enhancing system security. This presentation delves into the development of a system designed to mimic Galileo's Open Service signal using software-defined radio (SDR) technology. We'll begin with a foundational overview of both Global Navigation Satellite Systems (GNSS) and the intricacies of digital signal processing. The presentation culminates in a live demonstration. We'll showcase the manipulation of Galileo's Open Service pilot signal, simulating an attack on various software and hardware systems. This practical demonstration serves to highlight the potential consequences of unaddressed vulnerabilities, emphasizing the importance of offensive security practices in safeguarding critical infrastructure.

HCL Notes and Domino License Cost Reduction in the World of DLAU

panagenda

Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/ The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this! We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model. Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward. These topics will be covered - Reducing license cost by finding and fixing misconfigurations and superfluous accounts - How do CCB and CCX licenses really work? - Understanding the DLAU tool and how to best utilize it - Tips for common problem areas, like team mailboxes, functional/test users, etc - Practical examples and best practices to implement right away

Recently uploaded (20)

Taking AI to the Next Level in Manufacturing.pdf

Biomedical Knowledge Graphs for Data Scientists and Bioinformaticians

Principle of conventional tomography-Bibash Shahi ppt..pptx

Essentials of Automations: Exploring Attributes & Automation Parameters

“How Axelera AI Uses Digital Compute-in-memory to Deliver Fast and Energy-eff...

“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...

HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU

Harnessing the Power of NLP and Knowledge Graphs for Opioid Research

Your One-Stop Shop for Python Success: Top 10 US Python Development Providers

Artificial Intelligence and Electronic Warfare

Columbus Data & Analytics Wednesdays - June 2024

Dandelion Hashtable: beyond billion requests per second on a commodity server

JavaLand 2024: Application Development Green Masterplan

Fueling AI with Great Data with Airbyte Webinar

Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency

Northern Engraving | Nameplate Manufacturing Process - 2024

zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...

Main news related to the CCS TSI 2023 (2023/1695)

GNSS spoofing via SDR (Criptored Talks 2024)

HCL Notes and Domino License Cost Reduction in the World of DLAU

Building Infrastructure with Containers (SJSU Talk)

1. Building Infrastructure with Containers Pradeep Padala, Co-Founder/CTO Presented at SJSU Operating Systems Class in Dec 2015

4. How to contain? darth (user: root) (pid: 1) luke (user: root) (pid: 2) ©ContainerX, http://containerx.io, @ContainerXInc

6. How to contain? darth (user: root) (pid: 1) luke (user: root) (pid: 2) # pkill -9 luke ©ContainerX, http://containerx.io, @ContainerXInc

7. What If Darth can’t see Luke? darth (user: root) (pid: 1) luke (user: root) (pid: 2) # pkill -9 luke process not found ©ContainerX, http://containerx.io, @ContainerXInc

9. But, Darth can still see Luke  darth (user: root) (pid: 1) luke (user: root) (pid: 2) # pkill -9 luke process not found # cd /home/luke # rm –rf * ©ContainerX, http://containerx.io, @ContainerXInc

10. How to contain? Namespaces 1. PID 2. File system (or mount) 3. UTS – isolate hostname, nodename 4. IPC – mq and other IPC objects 5. Network – sockets, IP address, network stack 6. … ©ContainerX, http://containerx.io, @ContainerXInc

11. Darth can’t see Luke! darth (user: root) (pid: 1) luke (user: root) (pid: 2) # pkill -9 luke process not found # cd /home/luke no such directory ©ContainerX, http://containerx.io, @ContainerXInc

12. But, resources are shared darth (user: root) (pid: 1) luke (user: root) (pid: 2) # cat /dev/zero > /dev/null ©ContainerX, http://containerx.io, @ContainerXInc

13. Use cgroups to limit resources group limitcpu { cpu { cpu.shares = 400; } } group limitmem { memory { memory.limit_in_bytes = 512m; } } ©ContainerX, http://containerx.io, @ContainerXInc

15. We are not done yet darth (user: nonroot) (pid: 1) luke (user: root) (pid: 2) $ bindto 22 ©ContainerX, http://containerx.io, @ContainerXInc

16. Capabilities Two modes 1. Run as root, deny all, grant selected capabilities 2. Run as non-root, grant selected capabilities a) grant net_bind_service ©ContainerX, http://containerx.io, @ContainerXInc

18. Container Stack Linux kernel with lxc lxc user-space tools cgroups Docker ©ContainerX, http://containerx.io, @ContainerXInc

21. Build layers using Dockerfile FROM ubuntu RUN apt-get install -y apache2 CMD ["/usr/sbin/apache2ctl", "-D", "FOREGROUND"] ©ContainerX, http://containerx.io, @ContainerXInc

22. Build, Run and Inspect a container • Setup a Docker host using docker-machine • Write a Dockerfile • Build • Run • Inspect ©ContainerX, http://containerx.io, @ContainerXInc

24. How to manage multiple hosts and containers? • It’s easy to setup a Docker hos and run a container • It’s “super hard” to manage many of them, why? 1. Scale 2. Allocating resources (compute, storage and network) 3. Day-to-day management 4. Running infrastructure efficiently ©ContainerX, http://containerx.io, @ContainerXInc

26. kernel lxc cg Docker kernel lxc cg Docker kernel lxc cg Docker kernel lxc cg Docker kernel lxc cg Docker On-Premise Cloud ©ContainerX, http://containerx.io, @ContainerXInc

27. Host and Container Management • Cluster concept – aggregation • Elasticity • Addition and deletion of hosts • Automatically in cloud environments • Horizontal scaling • Storage • Network ©ContainerX, http://containerx.io, @ContainerXInc

28. Resource Management 0% Green Container Pool CPU Limit: 30% Mem Limit: 30% Priority: Medium 20% 0% Yellow Container Pool CPU Limit: 60% Mem Limit: 70% Priority: High 60%0% Blue Container Pool CPU Limit: 30% Mem Limit: 20% Priority: Low 20% 30%30% 40% ©ContainerX, http://containerx.io, @ContainerXInc

30. Many Scheduling Algorithms What works? • Feedback based algorithms • Simple heuristics • Extensive simulation to understand corner cases Real-world robustness is most important! ©ContainerX, http://containerx.io, @ContainerXInc

31. Cluster scheduling – feedback loop Monitor Control Action Stats Performance goals Control parameters Model Model can model applications, containers, and underlying resources Change allocation ©ContainerX, http://containerx.io, @ContainerXInc

32. Summary • What are containers? • OS virtualization • Namespaces + CGroups + Capabilities • Docker • Wrapper around lxc • User-friendly containers • Container management – hard! • Aggregation, Elastiticy, Multi-tenancy … • Feedback loop for cluster scheduling ©ContainerX, http://containerx.io, @ContainerXInc

Building Infrastructure with Containers (SJSU Talk)

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Building Infrastructure with Containers (SJSU Talk)

Similar to Building Infrastructure with Containers (SJSU Talk) (20)

Recently uploaded

Recently uploaded (20)

Building Infrastructure with Containers (SJSU Talk)