SlideShare a Scribd company logo
Docker tips and tricks 
Docker Beijing Meetup Group
Jérôme Petazzoni (@jpetazzo) 
Grumpy French DevOps 
- Go away or I will replace you with a very small shell script 
Wrote dotCloud PAAS deployment tools 
- EC2, LXC, Puppet, Python, Shell, ØMQ... 
Docker contributor 
- Security, networking... 
Runs all kinds of crazy things in Docker 
- Docker-in-Docker, VPN-in-Docker, 
KVM-in-Docker, Xorg-in-Docker...
Outline 
Some new features that you should know about 
The Docker orchestration flowchart 
Measuring and optimizing container performance 
You should use volumes
latest features
Docker 0.11 
SELinux integration 
(works better with CentOS) 
DNS integration for links 
(access linked containers by hostname) 
docker run --net 
- use host networking for high speed 
- share network of another container
Docker 0.12 
docker pause/unpause 
more importantly: 1.0 release candidate :-)
Docker 1.0 
It's “production-ready!” 
you can buy support contracts, training... 
(in addition to the traditional t-shirts and stickers☺)
Docker 1.1 
.dockerignore 
(don't upload your .git anymore!) 
docker logs --tail 
- further logging improvements on the way 
(truncate)
Docker 1.2 
New cool options for docker run 
--restart=always/no/on-failure 
--cap-add=NETADMIN 
--cap-drop=CHOWN 
--device=/dev/kvm:/dev/kvm
Docker 1.3 (almost there) 
docker exec 
(replaces nsenter) 
docker create 
(lifecycle management) 
Signature 
(for official images) 
--security-opts 
(customize SELinux/AppArmor)
Docker X.X: Windows Server Containers 
Windows Server Containers
orchestration
Orchestration 
There's more than one way to do it 
- describe your stack in files 
(Fig, Maestro-NG, Ansible and other CMs) 
- submit requests through an API 
(Mesos, Kubernetes, Helios...) 
- implement something that looks like a PAAS 
(Flynn, Deis, OpenShift...) 
- OpenStack (because OpenStack can do everything!)
Introducing the 
Docker orchestration 
flowchart
Do you (want to) use OpenStack? 
Yes 
- if you are building a PAAS, keep an eye on Solum 
(and consider contributing) 
- if you are moving VM workloads to containers, use Nova 
(that's probably what you already have; just enable the Docker driver) 
- otherwise, use Heat 
(and use Docker resources in your Heat templates) 
No 
- go to next slide
Are you looking for a PAAS?
Good question: to PAAS or not to PAAS? 
PAAS does not solve problems 
- PAAS puts all* your problems in one place 
- now you have N identical problems instead of N different problems 
All your applications must be standardized 
- so that they all have the same problem (instead of different ones) 
It's much harder to operate a PAAS than a single app 
- in other words: PAAS is great if you have many apps 
*Well, not all your problems, but things like database failover, high 
availability, scaling...
Are you looking for a PAAS?
Are you looking for a PAAS? 
Yes 
- CloudFoundry (Ruby, but increasing % Go) 
- Deis (Python, Docker-ish, runs on top of CoreOS) 
- Dokku (A few 100s of line of Bash!) 
- Flynn (Go, bleeding edge) 
- Tsuru (Go, more mature) 
- OpenShift geard (Go again!) 
Choose wisely (or go to the next slide) 
- http://blog.lusis.org/blog/2014/06/14/paas-for-realists/ 
“I don’t think ANY of the current private PaaS solutions are a fit right now.”
If you have only one host 
Fig (www.fig.sh) 
fig.yml: 
web: 
build: . 
command: python app.py 
links: 
- db 
ports: 
- "8000:8000" 
db: 
image: postgres
If you have a few hosts (10s) 
Maestro-NG 
(https://github.com/signalfuse/maestro-ng) 
- fig-like YAML file 
- can talk to multiple hosts 
- manual placement 
Your favorite Configuration Management system 
- Ansible, Chef, Puppet, Salt: have Docker modules 
- use CM to deploy hosts and start containers 
- use Dockerfiles to deploy code & dependencies, libraries, packages
If you have many hosts (100s) 
Helios 
- Java 
- needs ZK, a master server, and one agent per host 
<empty spot> 
<empty spot> 
<empty spot> 
Hmmm... There might be a start-up opportunity there
If you have many many hosts (1000s) 
Mesos 
- C++ 
- needs ZK, a master server, and one agent per host 
- and probably a few other standby servers for HA 
- and frameworks; e.g.: 
https://github.com/VoltFramework/volt 
https://github.com/mesosphere/marathon 
Kubernetes 
- work in progress
performance
Gathering metrics 
cgroups give us per-container... 
- CPU usage 
- memory usage (fine-grained: cache and resident set size) 
- I/O usage (per device, reads vs writes, in bytes and in ops) 
cgroups don't give us... 
- network metrics (have to do tricks with network namespaces) 
https://github.com/google/cadvisor 
http://jpetazzo.github.io/2013/10/08/docker-containers-metrics/
CPU performance 
Nothing to do 
CPU performance is native in all benchmarks
I/O performance 
Working set should be on a volume 
Volume performance is native in all benchmarks
Memory performance 
Memory control group has an overhead 
Overhead happens when memory is given by the 
kernel to the container, or reclaimed back 
Overhead is not related to memory allocations 
Disabling the memory control group = native speed 
But it is a global operation (affects all containers) 
… And requires a reboot
Network performance 
Linux bridge = overhead 
IPTables = overhead 
docker run --net host = native speed 
- but loss of isolation 
SR/IOV and macvlan = almost native speed 
- better performance than VMs 
- maintain isolation
volumes
What is a volume? 
Special directory in a container 
Mapped to normal directory on the host 
Can be shared by multiple containers
When should we use volumes? 
Bypass copy-on-write system 
- fast I/O path with zero overhead 
- keep data across container upgrades 
Use specific storage device in container 
- e.g. SAN, or fast SSD RAID for database...) 
Share data between containers 
- this is cool, and let's see why!
Logging with volumes 
Write log files to a volume 
docker run --name logs -v /var/log busybox true 
docker run --volumes-from logs myapp 
Inspect logs 
docker run --rm --volumes-from logs ubuntu bash 
Ship logs to something else (logstash, syslog...) 
docker run --volumes-from logs pipestash
Backups with volumes 
Data files should be in a volume 
docker run --name mysqldata -v /var/lib/mysql busybox true 
docker run --volumes-from mysqldata mysql 
Run backup job in a separate container 
docker run --rm --volumes-from mysqldata mysqlbackup  
tar -cJf- /var/lib/mysql | stream-it-to-the-cloud.py 
Of course, you can use anything fancier than tar 
(e.g. rsync, tarsnap...)
Moving containers and volumes around 
If the container is stateless (web app...): 
- get the image to the new machine 
- start the new container 
- reconfigure load balancers 
If the container is stateful (DB...): 
- Flocker 
- Flocker 
- Flocker 
- or move volumes around and do the network plumbing yourself
More information about volumes 
Docker Docs: 
https://docs.docker.com/userguide/dockervolumes/ 
Additional insights: 
http://blog.docker.com/2014/06/why-you-dont-need-to-run-sshd-in-docker/
Not an actual book (yet) Thank you! 
Docker 
advanced concepts 
Containers, containers everywhere! 
Questions? 
www.docker.com 
@docker 
@jpetazzo

More Related Content

What's hot

KVM and docker LXC Benchmarking with OpenStack
KVM and docker LXC Benchmarking with OpenStackKVM and docker LXC Benchmarking with OpenStack
KVM and docker LXC Benchmarking with OpenStack
Boden Russell
 
Docker by Example - Basics
Docker by Example - Basics Docker by Example - Basics
Docker by Example - Basics
Ganesh Samarthyam
 
Docker and Puppet — Puppet Camp L.A. — SCALE12X
Docker and Puppet — Puppet Camp L.A. — SCALE12XDocker and Puppet — Puppet Camp L.A. — SCALE12X
Docker and Puppet — Puppet Camp L.A. — SCALE12X
Jérôme Petazzoni
 
Orchestration for the rest of us
Orchestration for the rest of usOrchestration for the rest of us
Orchestration for the rest of us
Jérôme Petazzoni
 
Docker-hanoi meetup #1: introduction about Docker
Docker-hanoi meetup #1: introduction about DockerDocker-hanoi meetup #1: introduction about Docker
Docker-hanoi meetup #1: introduction about Docker
Nguyen Anh Tu
 
Docker from A to Z, including Swarm and OCCS
Docker from A to Z, including Swarm and OCCSDocker from A to Z, including Swarm and OCCS
Docker from A to Z, including Swarm and OCCS
Frank Munz
 
Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to Docker
Alan Forbes
 
Docker - The Linux Container
Docker - The Linux ContainerDocker - The Linux Container
Docker - The Linux Container
Balaji Rajan
 
LXC, Docker, and the future of software delivery | LinuxCon 2013
LXC, Docker, and the future of software delivery | LinuxCon 2013LXC, Docker, and the future of software delivery | LinuxCon 2013
LXC, Docker, and the future of software delivery | LinuxCon 2013
dotCloud
 
A Hands-on Introduction to Docker
A Hands-on Introduction to DockerA Hands-on Introduction to Docker
A Hands-on Introduction to Docker
CodeOps Technologies LLP
 
Learn docker in 90 minutes
Learn docker in 90 minutesLearn docker in 90 minutes
Learn docker in 90 minutes
Larry Cai
 
Tech Talk - Vagrant
Tech Talk - VagrantTech Talk - Vagrant
Tech Talk - Vagrant
Thomas Krille
 
Containers: The What, Why, and How
Containers: The What, Why, and HowContainers: The What, Why, and How
Containers: The What, Why, and How
Sneha Inguva
 
The Lies We Tell Our Code (#seascale 2015 04-22)
The Lies We Tell Our Code (#seascale 2015 04-22)The Lies We Tell Our Code (#seascale 2015 04-22)
The Lies We Tell Our Code (#seascale 2015 04-22)
Casey Bisson
 
Docker Introductory workshop
Docker Introductory workshopDocker Introductory workshop
Docker Introductory workshop
Runcy Oommen
 
Container Torture: Run any binary, in any container
Container Torture: Run any binary, in any containerContainer Torture: Run any binary, in any container
Container Torture: Run any binary, in any container
Docker, Inc.
 
Orchestrating Docker containers at scale
Orchestrating Docker containers at scaleOrchestrating Docker containers at scale
Orchestrating Docker containers at scale
Maciej Lasyk
 
Perspectives on Docker
Perspectives on DockerPerspectives on Docker
Perspectives on Docker
RightScale
 
Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...
Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...
Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...
Jérôme Petazzoni
 
Docker Introduction + what is new in 0.9
Docker Introduction + what is new in 0.9 Docker Introduction + what is new in 0.9
Docker Introduction + what is new in 0.9
Jérôme Petazzoni
 

What's hot (20)

KVM and docker LXC Benchmarking with OpenStack
KVM and docker LXC Benchmarking with OpenStackKVM and docker LXC Benchmarking with OpenStack
KVM and docker LXC Benchmarking with OpenStack
 
Docker by Example - Basics
Docker by Example - Basics Docker by Example - Basics
Docker by Example - Basics
 
Docker and Puppet — Puppet Camp L.A. — SCALE12X
Docker and Puppet — Puppet Camp L.A. — SCALE12XDocker and Puppet — Puppet Camp L.A. — SCALE12X
Docker and Puppet — Puppet Camp L.A. — SCALE12X
 
Orchestration for the rest of us
Orchestration for the rest of usOrchestration for the rest of us
Orchestration for the rest of us
 
Docker-hanoi meetup #1: introduction about Docker
Docker-hanoi meetup #1: introduction about DockerDocker-hanoi meetup #1: introduction about Docker
Docker-hanoi meetup #1: introduction about Docker
 
Docker from A to Z, including Swarm and OCCS
Docker from A to Z, including Swarm and OCCSDocker from A to Z, including Swarm and OCCS
Docker from A to Z, including Swarm and OCCS
 
Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to Docker
 
Docker - The Linux Container
Docker - The Linux ContainerDocker - The Linux Container
Docker - The Linux Container
 
LXC, Docker, and the future of software delivery | LinuxCon 2013
LXC, Docker, and the future of software delivery | LinuxCon 2013LXC, Docker, and the future of software delivery | LinuxCon 2013
LXC, Docker, and the future of software delivery | LinuxCon 2013
 
A Hands-on Introduction to Docker
A Hands-on Introduction to DockerA Hands-on Introduction to Docker
A Hands-on Introduction to Docker
 
Learn docker in 90 minutes
Learn docker in 90 minutesLearn docker in 90 minutes
Learn docker in 90 minutes
 
Tech Talk - Vagrant
Tech Talk - VagrantTech Talk - Vagrant
Tech Talk - Vagrant
 
Containers: The What, Why, and How
Containers: The What, Why, and HowContainers: The What, Why, and How
Containers: The What, Why, and How
 
The Lies We Tell Our Code (#seascale 2015 04-22)
The Lies We Tell Our Code (#seascale 2015 04-22)The Lies We Tell Our Code (#seascale 2015 04-22)
The Lies We Tell Our Code (#seascale 2015 04-22)
 
Docker Introductory workshop
Docker Introductory workshopDocker Introductory workshop
Docker Introductory workshop
 
Container Torture: Run any binary, in any container
Container Torture: Run any binary, in any containerContainer Torture: Run any binary, in any container
Container Torture: Run any binary, in any container
 
Orchestrating Docker containers at scale
Orchestrating Docker containers at scaleOrchestrating Docker containers at scale
Orchestrating Docker containers at scale
 
Perspectives on Docker
Perspectives on DockerPerspectives on Docker
Perspectives on Docker
 
Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...
Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...
Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...
 
Docker Introduction + what is new in 0.9
Docker Introduction + what is new in 0.9 Docker Introduction + what is new in 0.9
Docker Introduction + what is new in 0.9
 

Similar to Docker Tips And Tricks at the Docker Beijing Meetup

Docker Online Meetup #3: Docker in Production
Docker Online Meetup #3: Docker in ProductionDocker Online Meetup #3: Docker in Production
Docker Online Meetup #3: Docker in Production
Docker, Inc.
 
Shipping Applications to Production in Containers with Docker
Shipping Applications to Production in Containers with DockerShipping Applications to Production in Containers with Docker
Shipping Applications to Production in Containers with Docker
Jérôme Petazzoni
 
Docker 0.11 at MaxCDN meetup in Los Angeles
Docker 0.11 at MaxCDN meetup in Los AngelesDocker 0.11 at MaxCDN meetup in Los Angeles
Docker 0.11 at MaxCDN meetup in Los Angeles
Jérôme Petazzoni
 
Dockerizing a Symfony2 application
Dockerizing a Symfony2 applicationDockerizing a Symfony2 application
Dockerizing a Symfony2 application
Roman Rodomansky
 
Containerization Is More than the New Virtualization
Containerization Is More than the New VirtualizationContainerization Is More than the New Virtualization
Containerization Is More than the New Virtualization
C4Media
 
Introduction to Docker at the Azure Meet-up in New York
Introduction to Docker at the Azure Meet-up in New YorkIntroduction to Docker at the Azure Meet-up in New York
Introduction to Docker at the Azure Meet-up in New York
Jérôme Petazzoni
 
codemotion-docker-2014
codemotion-docker-2014codemotion-docker-2014
codemotion-docker-2014
Carlo Bonamico
 
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
Why everyone is excited about Docker (and you should too...) -  Carlo Bonamic...Why everyone is excited about Docker (and you should too...) -  Carlo Bonamic...
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
Codemotion
 
Containers, Docker, and Microservices: the Terrific Trio
Containers, Docker, and Microservices: the Terrific TrioContainers, Docker, and Microservices: the Terrific Trio
Containers, Docker, and Microservices: the Terrific Trio
Jérôme Petazzoni
 
Docker-v3.pdf
Docker-v3.pdfDocker-v3.pdf
Docker-v3.pdf
Bruno Cornec
 
Workshop : 45 minutes pour comprendre Docker avec Jérôme Petazzoni
Workshop : 45 minutes pour comprendre Docker avec Jérôme PetazzoniWorkshop : 45 minutes pour comprendre Docker avec Jérôme Petazzoni
Workshop : 45 minutes pour comprendre Docker avec Jérôme Petazzoni
TheFamily
 
Docker and-containers-for-development-and-deployment-scale12x
Docker and-containers-for-development-and-deployment-scale12xDocker and-containers-for-development-and-deployment-scale12x
Docker and-containers-for-development-and-deployment-scale12x
rkr10
 
Puppet Camp Seattle 2014: Docker and Puppet: 1+1=3
Puppet Camp Seattle 2014: Docker and Puppet: 1+1=3 Puppet Camp Seattle 2014: Docker and Puppet: 1+1=3
Puppet Camp Seattle 2014: Docker and Puppet: 1+1=3
Puppet
 
Docker 101
Docker 101 Docker 101
Docker 101
Kevin Nord
 
Sheep it
Sheep itSheep it
Sheep it
lxfontes
 
Docker Intro at the Google Developer Group and Google Cloud Platform Meet Up
Docker Intro at the Google Developer Group and Google Cloud Platform Meet UpDocker Intro at the Google Developer Group and Google Cloud Platform Meet Up
Docker Intro at the Google Developer Group and Google Cloud Platform Meet Up
Jérôme Petazzoni
 
Laravel, docker, kubernetes
Laravel, docker, kubernetesLaravel, docker, kubernetes
Laravel, docker, kubernetes
Peter Mein
 
Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...
Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...
Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...
Jérôme Petazzoni
 
Linux containers & Devops
Linux containers & DevopsLinux containers & Devops
Linux containers & Devops
Maciej Lasyk
 
Build High-Performance, Scalable, Distributed Applications with Stacks of Co...
 Build High-Performance, Scalable, Distributed Applications with Stacks of Co... Build High-Performance, Scalable, Distributed Applications with Stacks of Co...
Build High-Performance, Scalable, Distributed Applications with Stacks of Co...
Yandex
 

Similar to Docker Tips And Tricks at the Docker Beijing Meetup (20)

Docker Online Meetup #3: Docker in Production
Docker Online Meetup #3: Docker in ProductionDocker Online Meetup #3: Docker in Production
Docker Online Meetup #3: Docker in Production
 
Shipping Applications to Production in Containers with Docker
Shipping Applications to Production in Containers with DockerShipping Applications to Production in Containers with Docker
Shipping Applications to Production in Containers with Docker
 
Docker 0.11 at MaxCDN meetup in Los Angeles
Docker 0.11 at MaxCDN meetup in Los AngelesDocker 0.11 at MaxCDN meetup in Los Angeles
Docker 0.11 at MaxCDN meetup in Los Angeles
 
Dockerizing a Symfony2 application
Dockerizing a Symfony2 applicationDockerizing a Symfony2 application
Dockerizing a Symfony2 application
 
Containerization Is More than the New Virtualization
Containerization Is More than the New VirtualizationContainerization Is More than the New Virtualization
Containerization Is More than the New Virtualization
 
Introduction to Docker at the Azure Meet-up in New York
Introduction to Docker at the Azure Meet-up in New YorkIntroduction to Docker at the Azure Meet-up in New York
Introduction to Docker at the Azure Meet-up in New York
 
codemotion-docker-2014
codemotion-docker-2014codemotion-docker-2014
codemotion-docker-2014
 
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
Why everyone is excited about Docker (and you should too...) -  Carlo Bonamic...Why everyone is excited about Docker (and you should too...) -  Carlo Bonamic...
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
 
Containers, Docker, and Microservices: the Terrific Trio
Containers, Docker, and Microservices: the Terrific TrioContainers, Docker, and Microservices: the Terrific Trio
Containers, Docker, and Microservices: the Terrific Trio
 
Docker-v3.pdf
Docker-v3.pdfDocker-v3.pdf
Docker-v3.pdf
 
Workshop : 45 minutes pour comprendre Docker avec Jérôme Petazzoni
Workshop : 45 minutes pour comprendre Docker avec Jérôme PetazzoniWorkshop : 45 minutes pour comprendre Docker avec Jérôme Petazzoni
Workshop : 45 minutes pour comprendre Docker avec Jérôme Petazzoni
 
Docker and-containers-for-development-and-deployment-scale12x
Docker and-containers-for-development-and-deployment-scale12xDocker and-containers-for-development-and-deployment-scale12x
Docker and-containers-for-development-and-deployment-scale12x
 
Puppet Camp Seattle 2014: Docker and Puppet: 1+1=3
Puppet Camp Seattle 2014: Docker and Puppet: 1+1=3 Puppet Camp Seattle 2014: Docker and Puppet: 1+1=3
Puppet Camp Seattle 2014: Docker and Puppet: 1+1=3
 
Docker 101
Docker 101 Docker 101
Docker 101
 
Sheep it
Sheep itSheep it
Sheep it
 
Docker Intro at the Google Developer Group and Google Cloud Platform Meet Up
Docker Intro at the Google Developer Group and Google Cloud Platform Meet UpDocker Intro at the Google Developer Group and Google Cloud Platform Meet Up
Docker Intro at the Google Developer Group and Google Cloud Platform Meet Up
 
Laravel, docker, kubernetes
Laravel, docker, kubernetesLaravel, docker, kubernetes
Laravel, docker, kubernetes
 
Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...
Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...
Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...
 
Linux containers & Devops
Linux containers & DevopsLinux containers & Devops
Linux containers & Devops
 
Build High-Performance, Scalable, Distributed Applications with Stacks of Co...
 Build High-Performance, Scalable, Distributed Applications with Stacks of Co... Build High-Performance, Scalable, Distributed Applications with Stacks of Co...
Build High-Performance, Scalable, Distributed Applications with Stacks of Co...
 

More from Jérôme Petazzoni

Use the Source or Join the Dark Side: differences between Docker Community an...
Use the Source or Join the Dark Side: differences between Docker Community an...Use the Source or Join the Dark Side: differences between Docker Community an...
Use the Source or Join the Dark Side: differences between Docker Community an...
Jérôme Petazzoni
 
Docker : quels enjeux pour le stockage et réseau ? Paris Open Source Summit ...
Docker : quels enjeux pour le stockage et réseau ? Paris Open Source Summit ...Docker : quels enjeux pour le stockage et réseau ? Paris Open Source Summit ...
Docker : quels enjeux pour le stockage et réseau ? Paris Open Source Summit ...
Jérôme Petazzoni
 
Making DevOps Secure with Docker on Solaris (Oracle Open World, with Jesse Bu...
Making DevOps Secure with Docker on Solaris (Oracle Open World, with Jesse Bu...Making DevOps Secure with Docker on Solaris (Oracle Open World, with Jesse Bu...
Making DevOps Secure with Docker on Solaris (Oracle Open World, with Jesse Bu...
Jérôme Petazzoni
 
Containers, docker, and security: state of the union (Bay Area Infracoders Me...
Containers, docker, and security: state of the union (Bay Area Infracoders Me...Containers, docker, and security: state of the union (Bay Area Infracoders Me...
Containers, docker, and security: state of the union (Bay Area Infracoders Me...
Jérôme Petazzoni
 
From development environments to production deployments with Docker, Compose,...
From development environments to production deployments with Docker, Compose,...From development environments to production deployments with Docker, Compose,...
From development environments to production deployments with Docker, Compose,...
Jérôme Petazzoni
 
How to contribute to large open source projects like Docker (LinuxCon 2015)
How to contribute to large open source projects like Docker (LinuxCon 2015)How to contribute to large open source projects like Docker (LinuxCon 2015)
How to contribute to large open source projects like Docker (LinuxCon 2015)
Jérôme Petazzoni
 
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...
Jérôme Petazzoni
 
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxConAnatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Jérôme Petazzoni
 
Deploy microservices in containers with Docker and friends - KCDC2015
Deploy microservices in containers with Docker and friends - KCDC2015Deploy microservices in containers with Docker and friends - KCDC2015
Deploy microservices in containers with Docker and friends - KCDC2015
Jérôme Petazzoni
 
Immutable infrastructure with Docker and containers (GlueCon 2015)
Immutable infrastructure with Docker and containers (GlueCon 2015)Immutable infrastructure with Docker and containers (GlueCon 2015)
Immutable infrastructure with Docker and containers (GlueCon 2015)
Jérôme Petazzoni
 
The Docker ecosystem and the future of application deployment
The Docker ecosystem and the future of application deploymentThe Docker ecosystem and the future of application deployment
The Docker ecosystem and the future of application deployment
Jérôme Petazzoni
 
Docker Non Technical Presentation
Docker Non Technical PresentationDocker Non Technical Presentation
Docker Non Technical Presentation
Jérôme Petazzoni
 
Pipework: Software-Defined Network for Containers and Docker
Pipework: Software-Defined Network for Containers and DockerPipework: Software-Defined Network for Containers and Docker
Pipework: Software-Defined Network for Containers and Docker
Jérôme Petazzoni
 
Introduction to Docker at Glidewell Laboratories in Orange County
Introduction to Docker at Glidewell Laboratories in Orange CountyIntroduction to Docker at Glidewell Laboratories in Orange County
Introduction to Docker at Glidewell Laboratories in Orange County
Jérôme Petazzoni
 
Docker en Production (Docker Paris)
Docker en Production (Docker Paris)Docker en Production (Docker Paris)
Docker en Production (Docker Paris)
Jérôme Petazzoni
 
Killer Bugs From Outer Space
Killer Bugs From Outer SpaceKiller Bugs From Outer Space
Killer Bugs From Outer Space
Jérôme Petazzoni
 
Docker, Linux Containers (LXC), and security
Docker, Linux Containers (LXC), and securityDocker, Linux Containers (LXC), and security
Docker, Linux Containers (LXC), and security
Jérôme Petazzoni
 
Docker, Linux Containers, and Security: Does It Add Up?
Docker, Linux Containers, and Security: Does It Add Up?Docker, Linux Containers, and Security: Does It Add Up?
Docker, Linux Containers, and Security: Does It Add Up?
Jérôme Petazzoni
 

More from Jérôme Petazzoni (18)

Use the Source or Join the Dark Side: differences between Docker Community an...
Use the Source or Join the Dark Side: differences between Docker Community an...Use the Source or Join the Dark Side: differences between Docker Community an...
Use the Source or Join the Dark Side: differences between Docker Community an...
 
Docker : quels enjeux pour le stockage et réseau ? Paris Open Source Summit ...
Docker : quels enjeux pour le stockage et réseau ? Paris Open Source Summit ...Docker : quels enjeux pour le stockage et réseau ? Paris Open Source Summit ...
Docker : quels enjeux pour le stockage et réseau ? Paris Open Source Summit ...
 
Making DevOps Secure with Docker on Solaris (Oracle Open World, with Jesse Bu...
Making DevOps Secure with Docker on Solaris (Oracle Open World, with Jesse Bu...Making DevOps Secure with Docker on Solaris (Oracle Open World, with Jesse Bu...
Making DevOps Secure with Docker on Solaris (Oracle Open World, with Jesse Bu...
 
Containers, docker, and security: state of the union (Bay Area Infracoders Me...
Containers, docker, and security: state of the union (Bay Area Infracoders Me...Containers, docker, and security: state of the union (Bay Area Infracoders Me...
Containers, docker, and security: state of the union (Bay Area Infracoders Me...
 
From development environments to production deployments with Docker, Compose,...
From development environments to production deployments with Docker, Compose,...From development environments to production deployments with Docker, Compose,...
From development environments to production deployments with Docker, Compose,...
 
How to contribute to large open source projects like Docker (LinuxCon 2015)
How to contribute to large open source projects like Docker (LinuxCon 2015)How to contribute to large open source projects like Docker (LinuxCon 2015)
How to contribute to large open source projects like Docker (LinuxCon 2015)
 
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...
 
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxConAnatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
 
Deploy microservices in containers with Docker and friends - KCDC2015
Deploy microservices in containers with Docker and friends - KCDC2015Deploy microservices in containers with Docker and friends - KCDC2015
Deploy microservices in containers with Docker and friends - KCDC2015
 
Immutable infrastructure with Docker and containers (GlueCon 2015)
Immutable infrastructure with Docker and containers (GlueCon 2015)Immutable infrastructure with Docker and containers (GlueCon 2015)
Immutable infrastructure with Docker and containers (GlueCon 2015)
 
The Docker ecosystem and the future of application deployment
The Docker ecosystem and the future of application deploymentThe Docker ecosystem and the future of application deployment
The Docker ecosystem and the future of application deployment
 
Docker Non Technical Presentation
Docker Non Technical PresentationDocker Non Technical Presentation
Docker Non Technical Presentation
 
Pipework: Software-Defined Network for Containers and Docker
Pipework: Software-Defined Network for Containers and DockerPipework: Software-Defined Network for Containers and Docker
Pipework: Software-Defined Network for Containers and Docker
 
Introduction to Docker at Glidewell Laboratories in Orange County
Introduction to Docker at Glidewell Laboratories in Orange CountyIntroduction to Docker at Glidewell Laboratories in Orange County
Introduction to Docker at Glidewell Laboratories in Orange County
 
Docker en Production (Docker Paris)
Docker en Production (Docker Paris)Docker en Production (Docker Paris)
Docker en Production (Docker Paris)
 
Killer Bugs From Outer Space
Killer Bugs From Outer SpaceKiller Bugs From Outer Space
Killer Bugs From Outer Space
 
Docker, Linux Containers (LXC), and security
Docker, Linux Containers (LXC), and securityDocker, Linux Containers (LXC), and security
Docker, Linux Containers (LXC), and security
 
Docker, Linux Containers, and Security: Does It Add Up?
Docker, Linux Containers, and Security: Does It Add Up?Docker, Linux Containers, and Security: Does It Add Up?
Docker, Linux Containers, and Security: Does It Add Up?
 

Recently uploaded

Vulnerability Management: A Comprehensive Overview
Vulnerability Management: A Comprehensive OverviewVulnerability Management: A Comprehensive Overview
Vulnerability Management: A Comprehensive Overview
Steven Carlson
 
The Role of IoT in Australian Mobile App Development - PDF Guide
The Role of IoT in Australian Mobile App Development - PDF GuideThe Role of IoT in Australian Mobile App Development - PDF Guide
The Role of IoT in Australian Mobile App Development - PDF Guide
Shiv Technolabs
 
Figma AI Design Generator_ In-Depth Review.pdf
Figma AI Design Generator_ In-Depth Review.pdfFigma AI Design Generator_ In-Depth Review.pdf
Figma AI Design Generator_ In-Depth Review.pdf
Management Institute of Skills Development
 
Integrating Kafka with MuleSoft 4 and usecase
Integrating Kafka with MuleSoft 4 and usecaseIntegrating Kafka with MuleSoft 4 and usecase
Integrating Kafka with MuleSoft 4 and usecase
shyamraj55
 
leewayhertz.com-AI agents for healthcare Applications benefits and implementa...
leewayhertz.com-AI agents for healthcare Applications benefits and implementa...leewayhertz.com-AI agents for healthcare Applications benefits and implementa...
leewayhertz.com-AI agents for healthcare Applications benefits and implementa...
alexjohnson7307
 
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
Muhammad Ali
 
Salesforce AI & Einstein Copilot Workshop
Salesforce AI & Einstein Copilot WorkshopSalesforce AI & Einstein Copilot Workshop
Salesforce AI & Einstein Copilot Workshop
CEPTES Software Inc
 
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
bhumivarma35300
 
CiscoIconsLibrary cours de réseau VLAN.ppt
CiscoIconsLibrary cours de réseau VLAN.pptCiscoIconsLibrary cours de réseau VLAN.ppt
CiscoIconsLibrary cours de réseau VLAN.ppt
moinahousna
 
Feature sql server terbaru performance.pptx
Feature sql server terbaru performance.pptxFeature sql server terbaru performance.pptx
Feature sql server terbaru performance.pptx
ssuser1915fe1
 
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdfBT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
Neo4j
 
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptxDublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Kunal Gupta
 
Tirana Tech Meetup - Agentic RAG with Milvus, Llama3 and Ollama
Tirana Tech Meetup - Agentic RAG with Milvus, Llama3 and OllamaTirana Tech Meetup - Agentic RAG with Milvus, Llama3 and Ollama
Tirana Tech Meetup - Agentic RAG with Milvus, Llama3 and Ollama
Zilliz
 
[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf
[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf
[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf
Kief Morris
 
Pigging Unit Lubricant Oil Blending Plant
Pigging Unit Lubricant Oil Blending PlantPigging Unit Lubricant Oil Blending Plant
Pigging Unit Lubricant Oil Blending Plant
LINUS PROJECTS (INDIA)
 
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptxUse Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
SynapseIndia
 
Introduction-to-the-IAM-Platform-Implementation-Plan.pptx
Introduction-to-the-IAM-Platform-Implementation-Plan.pptxIntroduction-to-the-IAM-Platform-Implementation-Plan.pptx
Introduction-to-the-IAM-Platform-Implementation-Plan.pptx
313mohammedarshad
 
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
aslasdfmkhan4750
 
Three New Criminal Laws in India 1 July 2024
Three New Criminal Laws in India 1 July 2024Three New Criminal Laws in India 1 July 2024
Three New Criminal Laws in India 1 July 2024
aakash malhotra
 
Types of Weaving loom machine & it's technology
Types of Weaving loom machine & it's technologyTypes of Weaving loom machine & it's technology
Types of Weaving loom machine & it's technology
ldtexsolbl
 

Recently uploaded (20)

Vulnerability Management: A Comprehensive Overview
Vulnerability Management: A Comprehensive OverviewVulnerability Management: A Comprehensive Overview
Vulnerability Management: A Comprehensive Overview
 
The Role of IoT in Australian Mobile App Development - PDF Guide
The Role of IoT in Australian Mobile App Development - PDF GuideThe Role of IoT in Australian Mobile App Development - PDF Guide
The Role of IoT in Australian Mobile App Development - PDF Guide
 
Figma AI Design Generator_ In-Depth Review.pdf
Figma AI Design Generator_ In-Depth Review.pdfFigma AI Design Generator_ In-Depth Review.pdf
Figma AI Design Generator_ In-Depth Review.pdf
 
Integrating Kafka with MuleSoft 4 and usecase
Integrating Kafka with MuleSoft 4 and usecaseIntegrating Kafka with MuleSoft 4 and usecase
Integrating Kafka with MuleSoft 4 and usecase
 
leewayhertz.com-AI agents for healthcare Applications benefits and implementa...
leewayhertz.com-AI agents for healthcare Applications benefits and implementa...leewayhertz.com-AI agents for healthcare Applications benefits and implementa...
leewayhertz.com-AI agents for healthcare Applications benefits and implementa...
 
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
 
Salesforce AI & Einstein Copilot Workshop
Salesforce AI & Einstein Copilot WorkshopSalesforce AI & Einstein Copilot Workshop
Salesforce AI & Einstein Copilot Workshop
 
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
 
CiscoIconsLibrary cours de réseau VLAN.ppt
CiscoIconsLibrary cours de réseau VLAN.pptCiscoIconsLibrary cours de réseau VLAN.ppt
CiscoIconsLibrary cours de réseau VLAN.ppt
 
Feature sql server terbaru performance.pptx
Feature sql server terbaru performance.pptxFeature sql server terbaru performance.pptx
Feature sql server terbaru performance.pptx
 
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdfBT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
 
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptxDublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
 
Tirana Tech Meetup - Agentic RAG with Milvus, Llama3 and Ollama
Tirana Tech Meetup - Agentic RAG with Milvus, Llama3 and OllamaTirana Tech Meetup - Agentic RAG with Milvus, Llama3 and Ollama
Tirana Tech Meetup - Agentic RAG with Milvus, Llama3 and Ollama
 
[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf
[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf
[Talk] Moving Beyond Spaghetti Infrastructure [AOTB] 2024-07-04.pdf
 
Pigging Unit Lubricant Oil Blending Plant
Pigging Unit Lubricant Oil Blending PlantPigging Unit Lubricant Oil Blending Plant
Pigging Unit Lubricant Oil Blending Plant
 
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptxUse Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
 
Introduction-to-the-IAM-Platform-Implementation-Plan.pptx
Introduction-to-the-IAM-Platform-Implementation-Plan.pptxIntroduction-to-the-IAM-Platform-Implementation-Plan.pptx
Introduction-to-the-IAM-Platform-Implementation-Plan.pptx
 
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
 
Three New Criminal Laws in India 1 July 2024
Three New Criminal Laws in India 1 July 2024Three New Criminal Laws in India 1 July 2024
Three New Criminal Laws in India 1 July 2024
 
Types of Weaving loom machine & it's technology
Types of Weaving loom machine & it's technologyTypes of Weaving loom machine & it's technology
Types of Weaving loom machine & it's technology
 

Docker Tips And Tricks at the Docker Beijing Meetup

  • 1. Docker tips and tricks Docker Beijing Meetup Group
  • 2. Jérôme Petazzoni (@jpetazzo) Grumpy French DevOps - Go away or I will replace you with a very small shell script Wrote dotCloud PAAS deployment tools - EC2, LXC, Puppet, Python, Shell, ØMQ... Docker contributor - Security, networking... Runs all kinds of crazy things in Docker - Docker-in-Docker, VPN-in-Docker, KVM-in-Docker, Xorg-in-Docker...
  • 3. Outline Some new features that you should know about The Docker orchestration flowchart Measuring and optimizing container performance You should use volumes
  • 5. Docker 0.11 SELinux integration (works better with CentOS) DNS integration for links (access linked containers by hostname) docker run --net - use host networking for high speed - share network of another container
  • 6. Docker 0.12 docker pause/unpause more importantly: 1.0 release candidate :-)
  • 7. Docker 1.0 It's “production-ready!” you can buy support contracts, training... (in addition to the traditional t-shirts and stickers☺)
  • 8. Docker 1.1 .dockerignore (don't upload your .git anymore!) docker logs --tail - further logging improvements on the way (truncate)
  • 9. Docker 1.2 New cool options for docker run --restart=always/no/on-failure --cap-add=NETADMIN --cap-drop=CHOWN --device=/dev/kvm:/dev/kvm
  • 10. Docker 1.3 (almost there) docker exec (replaces nsenter) docker create (lifecycle management) Signature (for official images) --security-opts (customize SELinux/AppArmor)
  • 11. Docker X.X: Windows Server Containers Windows Server Containers
  • 13. Orchestration There's more than one way to do it - describe your stack in files (Fig, Maestro-NG, Ansible and other CMs) - submit requests through an API (Mesos, Kubernetes, Helios...) - implement something that looks like a PAAS (Flynn, Deis, OpenShift...) - OpenStack (because OpenStack can do everything!)
  • 14. Introducing the Docker orchestration flowchart
  • 15. Do you (want to) use OpenStack? Yes - if you are building a PAAS, keep an eye on Solum (and consider contributing) - if you are moving VM workloads to containers, use Nova (that's probably what you already have; just enable the Docker driver) - otherwise, use Heat (and use Docker resources in your Heat templates) No - go to next slide
  • 16. Are you looking for a PAAS?
  • 17. Good question: to PAAS or not to PAAS? PAAS does not solve problems - PAAS puts all* your problems in one place - now you have N identical problems instead of N different problems All your applications must be standardized - so that they all have the same problem (instead of different ones) It's much harder to operate a PAAS than a single app - in other words: PAAS is great if you have many apps *Well, not all your problems, but things like database failover, high availability, scaling...
  • 18. Are you looking for a PAAS?
  • 19. Are you looking for a PAAS? Yes - CloudFoundry (Ruby, but increasing % Go) - Deis (Python, Docker-ish, runs on top of CoreOS) - Dokku (A few 100s of line of Bash!) - Flynn (Go, bleeding edge) - Tsuru (Go, more mature) - OpenShift geard (Go again!) Choose wisely (or go to the next slide) - http://blog.lusis.org/blog/2014/06/14/paas-for-realists/ “I don’t think ANY of the current private PaaS solutions are a fit right now.”
  • 20. If you have only one host Fig (www.fig.sh) fig.yml: web: build: . command: python app.py links: - db ports: - "8000:8000" db: image: postgres
  • 21. If you have a few hosts (10s) Maestro-NG (https://github.com/signalfuse/maestro-ng) - fig-like YAML file - can talk to multiple hosts - manual placement Your favorite Configuration Management system - Ansible, Chef, Puppet, Salt: have Docker modules - use CM to deploy hosts and start containers - use Dockerfiles to deploy code & dependencies, libraries, packages
  • 22. If you have many hosts (100s) Helios - Java - needs ZK, a master server, and one agent per host <empty spot> <empty spot> <empty spot> Hmmm... There might be a start-up opportunity there
  • 23. If you have many many hosts (1000s) Mesos - C++ - needs ZK, a master server, and one agent per host - and probably a few other standby servers for HA - and frameworks; e.g.: https://github.com/VoltFramework/volt https://github.com/mesosphere/marathon Kubernetes - work in progress
  • 25. Gathering metrics cgroups give us per-container... - CPU usage - memory usage (fine-grained: cache and resident set size) - I/O usage (per device, reads vs writes, in bytes and in ops) cgroups don't give us... - network metrics (have to do tricks with network namespaces) https://github.com/google/cadvisor http://jpetazzo.github.io/2013/10/08/docker-containers-metrics/
  • 26. CPU performance Nothing to do CPU performance is native in all benchmarks
  • 27. I/O performance Working set should be on a volume Volume performance is native in all benchmarks
  • 28. Memory performance Memory control group has an overhead Overhead happens when memory is given by the kernel to the container, or reclaimed back Overhead is not related to memory allocations Disabling the memory control group = native speed But it is a global operation (affects all containers) … And requires a reboot
  • 29. Network performance Linux bridge = overhead IPTables = overhead docker run --net host = native speed - but loss of isolation SR/IOV and macvlan = almost native speed - better performance than VMs - maintain isolation
  • 31. What is a volume? Special directory in a container Mapped to normal directory on the host Can be shared by multiple containers
  • 32. When should we use volumes? Bypass copy-on-write system - fast I/O path with zero overhead - keep data across container upgrades Use specific storage device in container - e.g. SAN, or fast SSD RAID for database...) Share data between containers - this is cool, and let's see why!
  • 33. Logging with volumes Write log files to a volume docker run --name logs -v /var/log busybox true docker run --volumes-from logs myapp Inspect logs docker run --rm --volumes-from logs ubuntu bash Ship logs to something else (logstash, syslog...) docker run --volumes-from logs pipestash
  • 34. Backups with volumes Data files should be in a volume docker run --name mysqldata -v /var/lib/mysql busybox true docker run --volumes-from mysqldata mysql Run backup job in a separate container docker run --rm --volumes-from mysqldata mysqlbackup tar -cJf- /var/lib/mysql | stream-it-to-the-cloud.py Of course, you can use anything fancier than tar (e.g. rsync, tarsnap...)
  • 35. Moving containers and volumes around If the container is stateless (web app...): - get the image to the new machine - start the new container - reconfigure load balancers If the container is stateful (DB...): - Flocker - Flocker - Flocker - or move volumes around and do the network plumbing yourself
  • 36. More information about volumes Docker Docs: https://docs.docker.com/userguide/dockervolumes/ Additional insights: http://blog.docker.com/2014/06/why-you-dont-need-to-run-sshd-in-docker/
  • 37. Not an actual book (yet) Thank you! Docker advanced concepts Containers, containers everywhere! Questions? www.docker.com @docker @jpetazzo