The document provides an overview of containers and compares implementations between Linux containers, Solaris Zones, and FreeBSD Jails. It focuses on Docker containers and SmartOS Zones, explaining how Docker uses libcontainer instead of LXC, how to build Docker images with Dockerfiles, and how to run Docker containers by pulling images from a registry and mapping ports. It also demonstrates how to create and start a SmartOS Zone virtual machine image.

1. Containers in 5... 9
minutes
Edwin Cruz
Tuesday, March 10, 15

2. Who am I?
• Principal Software Engineer at Crowd
Interactive
• Public Speaker
• Home made ceviche specialist
• OpenSource lover
Tuesday, March 10, 15

3. Contain... what ?
• A container is a self contained execution
environment that shares the kernel of the
host system
• Containers isolate and encapsulate your
application workloads from the host
system
Tuesday, March 10, 15

4. Why?
• Stop wasting precious resources running
VM’s
• Flexibility
• Self management
Tuesday, March 10, 15

5. Implementations
• FreeBSD Jails
• Solaris Zones
• Linux has multiple implementations
• LXC
• LXD
• CGManager
Linux has multiple implementations: LXC, LXD, CGManager, etc
Tuesday, March 10, 15

6. Why?
• Easy scaling
• Same image running in multiple instances
• Limit resources
• CPU, Memory, Disk Quotas, Network
• Easy to create
• Safety
Tuesday, March 10, 15

7. Differences
• Zones are expected to run a full system
(like a virtual machine)
• Linux Containers(like Docker) is expected
to run a single process (or small process
tree) isolated from the host OS
Tuesday, March 10, 15

8. Differences
• Solaris Zones and FreeBSD Jails can be
resized on the fly
• Linux containers need to be restarted
Tuesday, March 10, 15

9. Differences
• Jails and Zones takes advantage of ZFS
• Snapshots
• Cloning
Tuesday, March 10, 15

10. Let’s focus
• Docker
• SmartOS Zones
Tuesday, March 10, 15

11. Docker
• Started as a wrap of LXC
• Replaced LXC-tools
• Now using libcontainer
• Native Go Implementation for linux
namespacing
Tuesday, March 10, 15

12. Dockerfile
• FROM
• MAINTAINER
• ADD
• EXPOSE
• ENTRYPOINT
Tuesday, March 10, 15

13. FROM scratch
MAINTAINER Super Team <team@example.com>
ADD binary_file binary_file
ADD bin/boot.sh bin/boot.sh
EXPOSE 2000
ENTRYPOINT ["/binary_file"]
Tuesday, March 10, 15

14. Building
$ docker build
$ docker tag SHA tag-name
$ docker push tag-name
Tuesday, March 10, 15

15. Docker Registry
$ docker push registry.docker.com/project
$ docker images
Tuesday, March 10, 15

16. Running
$ docker pull docker.registry.com/project:tag-name
$ /usr/bin/docker run
--name=router -p 0.0.0.0:8000:8000
--env PRIVATE_IPV4=$COREOS_PRIVATE_IPV4
--env EtcdHost=$COREOS_PRIVATE_IPV4
--env EtcdPort=4001
--env LOG_LEVEL=1
tag-name
Tuesday, March 10, 15

17. Running
$ docker pull docker.registry.com/project:tag-name
$ /usr/bin/docker run
--name=router -p 0.0.0.0:8000:8000
--env PRIVATE_IPV4=$COREOS_PRIVATE_IPV4
--env EtcdHost=$COREOS_PRIVATE_IPV4
--env EtcdPort=4001
--env LOG_LEVEL=1
tag-name
Tuesday, March 10, 15

18. Solaris Zone Image
vmadm create <<EOL
{
"brand": "superduper",
"image_uuid": "fdea06b0-3f24-11e2-ac50-0b645575ce9d",
"alias": "web01",
"hostname": "web01",
"max_physical_memory": 512,
"quota": 20,
"resolvers": ["8.8.8.8", "208.67.220.220"],
"nics": [
{
"nic_tag": "admin",
"ip": "10.88.88.52",
"netmask": "255.255.255.0",
"gateway": "10.88.88.2"
}
]
}
EOL
54f1cc77-68f1-42ab-acac-5c4f64f5d6e0
Tuesday, March 10, 15

19. Solaris Zone Image
vmadm start 54f1cc77-68f1-42ab-acac-5c4f64f5d6e0
Tuesday, March 10, 15

20. Thanks!
Tuesday, March 10, 15