This document introduces Docker and containers. It discusses that Docker provides a way to easily deploy applications by using lightweight virtualization to isolate applications into containers. These containers can then be easily shared between systems. The document outlines what problem containers solve, provides an overview of how Docker works, and discusses how to author Docker images using Dockerfiles or by committing changes to containers. It also discusses the Docker community and ecosystem and Docker's long term roadmap to further simplify deployment of applications.
Docker Continuous Delivery Workshop slide in Docker Training & Workshop for DevOps and Continuous Delivery at OSS Festival 2014 Thailand on October 11, 2014
Adrian Otto from Rackspace will present his perspective of "Docker 101", for Docker novices. Learn the difference between Dockerfiles, containers, running containers, terminated containers, container images, Docker Registry, and a demo of the Docker CLI that goes beyond what you learn from the online simulator.
Dockerizing your applications - Docker workshop @TwitterdotCloud
Docker is an open-source project to easily create lightweight, portable, self-sufficient containers from any application. The same container that a developer builds and tests on a laptop can run at scale, in production, on VMs, bare metal, OpenStack clusters, public clouds and more.
Docker Continuous Delivery Workshop slide in Docker Training & Workshop for DevOps and Continuous Delivery at OSS Festival 2014 Thailand on October 11, 2014
Adrian Otto from Rackspace will present his perspective of "Docker 101", for Docker novices. Learn the difference between Dockerfiles, containers, running containers, terminated containers, container images, Docker Registry, and a demo of the Docker CLI that goes beyond what you learn from the online simulator.
Dockerizing your applications - Docker workshop @TwitterdotCloud
Docker is an open-source project to easily create lightweight, portable, self-sufficient containers from any application. The same container that a developer builds and tests on a laptop can run at scale, in production, on VMs, bare metal, OpenStack clusters, public clouds and more.
Overview of how containers are implemented with cgroups, namespaces and UnionFS, how images are created, how images and containers are related to one another, and how to build effective images
Introduction to Docker presented by MANAOUIL Karim at the Shellmates's Hack.INI event. The teams deployed were assisted to deploy a Python Flask application behind an Nginx load balancer.
Quick overview of Docker and its usage.
Illustrated with a cluster of Rails applications and a Ruby load balancing proxy on top of them.
This presentation was made during the rivierarb meetup in Sophia-Antipolis on 2014 Feb 04th by Muriel Salvan.
Introduction to dockerfile, SF Peninsula Software Development Meetup @Guidewire dotCloud
Docker is an open-source project to easily create lightweight, portable, self-sufficient containers from any application. The same container that a developer builds and tests on a laptop can run at scale, in production, on VMs, bare metal, OpenStack clusters, public clouds and more.
Introducing containers and docker, answering questions like: What are software containers? What is Docker? Who and why should I use Docker?
Slides also discuss the role of dev-ops and Docker and walk you through some examples.
By Aram Yegenian — System Administrator
Overview of how containers are implemented with cgroups, namespaces and UnionFS, how images are created, how images and containers are related to one another, and how to build effective images
Introduction to Docker presented by MANAOUIL Karim at the Shellmates's Hack.INI event. The teams deployed were assisted to deploy a Python Flask application behind an Nginx load balancer.
Quick overview of Docker and its usage.
Illustrated with a cluster of Rails applications and a Ruby load balancing proxy on top of them.
This presentation was made during the rivierarb meetup in Sophia-Antipolis on 2014 Feb 04th by Muriel Salvan.
Introduction to dockerfile, SF Peninsula Software Development Meetup @Guidewire dotCloud
Docker is an open-source project to easily create lightweight, portable, self-sufficient containers from any application. The same container that a developer builds and tests on a laptop can run at scale, in production, on VMs, bare metal, OpenStack clusters, public clouds and more.
Introducing containers and docker, answering questions like: What are software containers? What is Docker? Who and why should I use Docker?
Slides also discuss the role of dev-ops and Docker and walk you through some examples.
By Aram Yegenian — System Administrator
Making it Easier to Contribute to Open Source Projects Using Docker Container...Docker, Inc.
Making it easy to contribute to open source project using Docker containers, by lowering the system admin required to get started. Also making it easy "try" out new technology.
Mobycraft - Docker in 8-bit by Aditya Gupta Docker, Inc.
Mobycraft is a Minecraft client-side mod to manage and visualize Docker containers in Minecraft. This mod can be installed in any standard Minecraft client and allow young kids to learn Docker fundamentals in a fun way. It allowed a 13-year old boy to apply his Minecraft modding skills to pick up Docker concepts such as Engine, Machine, Swarm, and Remote API.
This project became a great bonding experience between a father and a son. It allowed them to engage in fun and geeky conversations, such as code reviews and tooling discussion, and thereby building memories for a lifetime.
Docker Online Meetup #30: Docker Trusted Registry 1.4.1Docker, Inc.
In this Docker Online Meetup, Docker Software Engineer Tony Holdstock-Brown discusses the latest features in Docker Trusted Registry 1.4.1 including:
- Image deletion and garbage collection
- Set up, and manage user accounts, teams, organizations, and repositories from either APIs or through the Trusted Registry user interface
- Search, browse, and discover images created by other users through either APIs or through the Trusted Registry UI
- New APIs for accessing repositories, account management, indexing, searching, and reindexing
- New experimental feature: Docker Trusted Registry now integrates with Docker Content Trust using Notary
On-the-Fly Containerization of Enterprise Java & .NET Apps by Amjad AfanahDocker, Inc.
Dockerizing brownfield enterprise applications can often be a daunting task - involving changes to the application code/configuration and existing build processes. The DCHQ platform provides “on-the-fly” containerization of both Linux & Windows enterprise applications – including Java, Oracle, .NET and others. By doing so, DCHQ transforms non-cloud-native applications into completely portable applications that can take advantage of cloud scaling, storage redundancy and most importantly, deployment agility without introducing a single change to the application source control repository.
In this session, we will cover the deployment automation of an Enterprise Java application with PostgreSQL multi-host cluster set up for Master-Slave replication and automated storage management with redundant EBS volumes on AWS using DCHQ + EMC REX-Ray. We will also cover the deployment automation of an Enterprise .NET application demonstrating the application life-cycle management capabilities post-provision -- including monitoring, alerts, continuous delivery, application backups, scale in/out, in-browser terminal to access the containers, log streaming, and application updates.
Autoscaling Docker Containers by Konstantinos Faliagkas, Docker Birthday #3 A...Docker, Inc.
Docker Birthday App key feature improvements:
- A haproxy load balancer, based on the dockercloud/haproxy image, for dynamic configuration.
- Dockerized the locust load testing framework, in order to create fake http requests to the voting page.
- Autoscaling of the voting-app and worker containers. Using the docker remote API, I monitor the CPU usage of the two containers and scale up or down, depending on the threshold. The bottom threshold is 5% and the upper at 30%.
Introduction to Docker at SF Peninsula Software Development Meetup @GuidewiredotCloud
Docker is an open-source project to easily create lightweight, portable, self-sufficient containers from any application. The same container that a developer builds and tests on a laptop can run at scale, in production, on VMs, bare metal, OpenStack clusters, public clouds and more.
A Gentle Introduction To Docker And All Things ContainersJérôme Petazzoni
Docker is a runtime for Linux Containers. It enables "separation of concern" between devs and ops, and solves the "matrix from hell" of software deployment. This presentation explains it all! It also explains the role of the storage backend and compares the various backends available. It gives multiple recipes to build Docker images, including integration with configuration management software like Chef, Puppet, Salt, Ansible. If you already watched other Docker presentations, this is an actualized version (as of mid-November 2013) of the thing!
Introduction to Docker and all things containers, Docker Meetup at RelateIQdotCloud
Docker is an open-source project to easily create lightweight, portable, self-sufficient containers from any application. The same container that a developer builds and tests on a laptop can run at scale, in production, on VMs, bare metal, OpenStack clusters, public clouds and more.
Docker is the Open Source container engine. It lets you author, run, and manage software containers. Escape from dependency hell, and make deployment a breeze! This presentation includes the standard Docker intro (actualized for Docker 0.11) as well as some insights about how to perform orchestration and multi-host container linking.
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special EditionJérôme Petazzoni
Docker, the Open Source container Engine, lets you build, ship and run, any app, anywhere.
This is the presentation which was shown in December 2014 for the last stop of the "Tour de France" in Bordeaux. It is slightly different from the presentation which was shown in the other cities (http://www.slideshare.net/jpetazzo/introduction-to-docker-december-2014-tour-de-france-edition), and includes a detailed history of dotCloud and Docker and a few other differences.
Special thanks to https://twitter.com/LilliJane and https://twitter.com/zirkome, who gave me the necessary motivation to put together this slightly different presentation, since they had already seen the other presentation in Paris :-)
Introduction to Docker (as presented at December 2013 Global Hackathon)Jérôme Petazzoni
Not on board of the Docker ship yet? This presentation will get you up to speed, and explain everything you want to know about Linux Containers and Docker, including the new features of the latest 0.7 version (which brings support for all Linux distros and kernels).
Introduction to Docker, December 2014 "Tour de France" EditionJérôme Petazzoni
Docker, the Open Source container Engine, lets you build, ship and run, any app, anywhere.
This is the presentation which was shown in December 2014 for the "Tour de France" in Paris, Lille, Lyon, Nice...
"Lightweight Virtualization with Linux Containers and Docker". Jerome Petazzo...Yandex
Lightweight virtualization", also called "OS-level virtualization", is not new. On Linux it evolved from VServer to OpenVZ, and, more recently, to Linux Containers (LXC). It is not Linux-specific; on FreeBSD it's called "Jails", while on Solaris it’s "Zones". Some of those have been available for a decade and are widely used to provide VPS (Virtual Private Servers), cheaper alternatives to virtual machines or physical servers. But containers have other purposes and are increasingly popular as the core components of public and private Platform-as-a-Service (PAAS), among others.
Just like a virtual machine, a Linux Container can run (almost) anywhere. But containers have many advantages over VMs: they are lightweight and easier to manage. After operating a large-scale PAAS for a few years, dotCloud realized that with those advantages, containers could become the perfect format for software delivery, since that is how dotCloud delivers from their build system to their hosts. To make it happen everywhere, dotCloud open-sourced Docker, the next generation of the containers engine powering its PAAS. Docker has been extremely successful so far, being adopted by many projects in various fields: PAAS, of course, but also continuous integration, testing, and more.
Docker Introduction, and what's new in 0.9 — Docker Palo Alto at RelateIQJérôme Petazzoni
Docker is the Open Source container engine. This is an introduction to Docker, what it is, how it works, and some material presenting the new features in versions 0.8 and 0.9.
Настройка окружения для кросскомпиляции проектов на основе docker'acorehard_by
Как быстро и легко настраивать/обновлять окружения для кросскомпиляции проектов под различные платформы(на основе docker), как быстро переключаться между ними, как используя эти кирпичики организовать CI и тестирование(на основе GitLab и Docker).
Real-World Docker: 10 Things We've Learned RightScale
Docker has taken the world of software by storm, offering the promise of a portable way to build and ship software - including software running in the cloud. The RightScale development team has been diving into Docker for several projects, and we'll share our lessons learned on using Docker for our cloud-based applications.
Docker is an Open Source engine to buid, run, and manage LXC containers. This presentation will give a quick intro about Docker from an Ops/DevOps perspective, and show how Docker can be integrated with Puppet; either by orchestrating Docker resources (Docker daemons, containers, and images) with a state-of-the-art Puppet deployment, or by using Puppet to create golden images in Docker itself.
Internal presentation of Docker, Lightweight Virtualization, and linux Containers; at Spotify NYC offices, featuring engineers from Yandex, LinkedIn, Criteo, and NASA!
Similar to Introduction to Docker and Containers (20)
Containerize Your Game Server for the Best Multiplayer Experience Docker, Inc.
Raymond Arifianto, AccelByte and
Mark Mandel, Google -
We have been deploying containerized micro-services for our Game Backend Services for a while. Now we are tackling the challenge to scale up fleets of game dedicated servers in multiple regions, multiple data centers and multiple providers - some in bare metal, some in Cloud. So we leverage docker containerization to deploy Game Servers to achieve Portability, Fast Deployment and Predictability, enabling us to scale up to thousands of servers, on demand, without a sweat.
How to Improve Your Image Builds Using Advance Docker BuildDocker, Inc.
Nicholas Dille, Haufe-Lexware + Docker Captain -
Docker continues to be the standard tool for building container images. For more than a year Docker ships with BuildKit as an alternative image builder, providing advanced features for secret and cache management. These features help to make image builds faster and more secure. In this session, Docker Captain Nicholas Dille will teach you how to use Buildkit features to your advantage.
Build & Deploy Multi-Container Applications to AWSDocker, Inc.
Lukonde Mwila, Entelect -
As the cloud-native approach to development and deployment becomes more prevalent, it's an exciting time for software engineers to be equipped on how to dockerize multi-container applications and deploy them to the cloud.
In this talk, Lukonde Mwila, Software Engineer at Entelect, will cover the following topics:
- Docker Compose
- Containerizing an Nginx Server
- Containerizing an React App
- Containerizing an Node.JS App
- Containerizing anMongoDB App
- Runing Multi-Container App Locally
- Creating a CI/CD Pipeline
- Adding a build stage to test containers and push images to Docker Hub
- Deploying Multi-Container App to AWS Elastic Beanstalk
Lukonde will start by giving an overview of how Docker Compose works and how it makes it very easy and straightforward to startup multiple Docker containers at the same time and automatically connect them together with some form of networking.
After that, Lukonde will take a hands on approach to containerize an Nginx server, a React app, a NodeJS app and a MongoDB instance to demonstrate the power of Docker Compose. He'll demonstrate usage of two Docker files for an application, one production grade and the other for local development and running of tests. Lastly, he'll demonstrate creating a CI/CD pipeline in AWS to build and test our Docker images before pushing them to Docker Hub or AWS ECR, and finally deploying our multi-container application AWS Elastic Beanstalk.
Securing Your Containerized Applications with NGINXDocker, Inc.
Kevin Jones, NGNIX -
NGINX is one of the most popular images on Docker Hub and has been at the forefront of the web since the early 2000's. In this talk we will discuss how and why NGINX's lightweight and powerful architecture makes it a very popular choice for securing containerized applications as a sidecar reverse proxy within containers. We will highlight important aspects of application security that NGINX can help with, such as TLS, HTTP, AuthN, AuthZ and traffic control.
How To Build and Run Node Apps with Docker and ComposeDocker, Inc.
Kathleen Juell, Digital Ocean -
Containers are an essential part of today's microservice ecosystem, as they allow developers and operators to maintain standards of reliability and reproducibility in fast-paced deployment scenarios. And while there are best practices that extend across stacks in containerized environments, there are also things that make each stack distinct, starting with the application image itself.
This talk will dive into some of these particularities, both at the image and service level, while also covering general best practices for building and running Node applications with database backends using Docker and Compose.
Jessica Deen, Microsoft -
Helm 3 is here; let's go hands-on! In this demo-fueled session, I'll walk you through the differences between Helm 2 and Helm 3. I'll offer tips for a successful rollout or upgrade, go over how to easily use charts created for Helm 2 with Helm 3 (without changing your syntax), and review opportunities where you can participate in the project's future.
Distributed Deep Learning with Docker at SalesforceDocker, Inc.
Jeff Hajewski, Salesforce -
There is a wealth of information on building deep learning models with PyTorch or TensorFlow. Anyone interested in building a deep learning model is only a quick search away from a number of clear and well written tutorials that will take them from zero knowledge to having a working image classifier. But what happens when you need to deploy these models in a production setting? At Salesforce, we use TensorFlow models to help us provide customers with insights into their data, and we do this as close to real-time as possible. Designing these systems in a scalable manner requires overcoming a number of design challenges, but the core component is Docker. Docker enables us to design highly scalable systems by allowing us to focus on service interactions, rather than how our services will interact with the hardware. Docker is also at the core of our test infrastructure, allowing developers and data scientists to build and test the system in an end to end manner on their local machines. While some of this may sound complex, the core message is simplicity - Docker allows us to focus on the aspects of the system that matter, greatly simplifying our lives.
The First 10M Pulls: Building The Official Curl Image for Docker HubDocker, Inc.
James Fuller, webcomposite s.r.o. -
Curl is the venerable (yet very modern) 'swiss army knife' command line tool and library for transferring data with URLs. Recently we (the Curl team) decided to build a release for Docker Hub. This talk will outline our current development workflow with respect to the docker image and provide insights on what it takes to build a docker image for mass public consumption. We are also keen to learn from users and other developers how we might improve and enhance the official curl docker image.
Fabian Stäber, Instana -
In recent years, we saw a great paradigm shift in software engineering away from static monolithic applications towards dynamic distributed horizontally scalable architectures. Docker is one of the key technologies enabling this development. This shift poses a lot of new challenges for application monitoring, ranging from practical issues (need for automation) to technical challenges (Docker networking) to organizational topics (blurring line between software engineers and operations) to fundamental questions (define what is an application). In this talk we show how Docker changed the way we do monitoring, how modern application monitoring systems work, and what future developments we expect.
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...Docker, Inc.
Clemente Biondo, Engineering Ingegneria Informatica -
When the COVID 19 pandemic started, Engineering Ingegneria Informatica Group (1.25 billion euros of revenues, 65 offices around the world, 12.000 employees) was forced to put their digital transformation to the test in order to maintain operational continuity. In this session, Clemente Biondo, the Tech Lead of the Information Systems Department, will share how his company is reacting to this unforeseeable scenario and how Docker-driven digital transformation had paved the path for work to continue remotely. Clemente will discuss learnings moving from colocated teams, manual approaches, email based-business processes, and a monolithic application to a mature DevOps culture characterized by a distributed autonomous workforce and a continuous deployment process that deploys backward-compatible Docker containerized microservices into hybrid multi cloud datacenters an average of twice a day with zero-downtime. He will detail how they use Docker to unify dev, test and production environments, and as an efficient and automated mechanism for deploying applications. Lastly, Clemente shares how, in our darkest hour, he and others are working to shine their brightest light.
Chris Lauer, NOAA Space Weather Prediction Center -
This is the story of how adopting a containerized workflow changed the way our small software team works at NOAA’s Space Weather Prediction Center. Our old architecture, a big ball of mud shared-database integration, just wasn’t cutting it - it was killing our agility. Over the past two years, our small team has adopted a microservice style architecture, using Docker with docker-compose and environment files as our deployment strategy for all new development. We’ve discovered the joys of using containers for identical dev, staging, and production environments. We work closely with scientists: much of the code we’re running has complicated and conflicting library dependencies. Docker captures these beautifully - we’ve even had some success teaching our scientists to use it! I’ll share what we’ve learned, some of the persistent challenges we face, and one place we really got it wrong. This talk builds off of a popular hallway track from DockerCon 2019.
Become a Docker Power User With Microsoft Visual Studio CodeDocker, Inc.
Brian Christner, 56k + Docker Captain -
In this session, we will unlock the full potential of using Microsoft Visual Studio Code (VS Code) and Docker Desktop to turn you into a Docker Power User. When we expand and utilize the VS Code Docker plugin, we can take our projects and Docker skills to the next level. In addition to using VS Code, we streamline our Docker Desktop development workflow with less context switching and built-in shortcuts. You will learn how to bootstrap new projects, quickly write Dockerfiles utilizing templates, build, run, and interact with containers all from VS Code.
How to Use Mirroring and Caching to Optimize your Container RegistryDocker, Inc.
Brandon Mitchell, Boxboat + Docker Captain -
How do you make your builds more performant? This talk looks at options to configure caching and mirroring of images that you need to save on bandwidth costs and to keep running even if something goes down upstream.
Monolithic to Microservices + Docker = SDLC on Steroids!Docker, Inc.
Ashish Sharma, SS&C Eze -
SS&C Eze provides various products in the stock market domain. We spent the last couple of years building Eclipse which is an investment suite born in cloud. The journey so far has been very interesting. The very first version of the product were a bunch of monolithic windows services and deployed using Octopus tool. We successfully managed to bring all the monolithic problem to the cloud and created a nightmare for ourselves. We then started applying microservices architecture principles and started breaking the monolithic into small services. Very soon we realized that we need a better packaging/deployment tool. Docker looked like a magical solution to our problem. Since its adoption, It has not only solved the deployment problem for us but has made a deep impact on different aspects of SDLC. It allowed us to use heterogeneous technology stacks, simplified development environment setup, simplified our testing strategy, improved our speed of delivery, and made our developers more productive. In this talk I would like to share our experience of using Docker and its positive impact on our SDLC.
Ara Pulido, Datadog -
Container technologies, although not new, have increased their popularity in the past few years, with container orchestrators allowing companies around the world to adopt these technologies to help them ship and scale microservices with precision and velocity. Kubernetes is currently the most popular container orchestration platform, and while many organizations are migrating their workloads to it, Kubernetes is still relatively immature. New corner cases, errors, and quirks are regularly discovered as users push the boundaries of size and scale. When Datadog adopted Kubernetes we discovered some of these boundaries the hard way, and we continuously challenge and modify our infrastructure decisions in order to fit our use case. Join me in this talk for our story on what we learned while we scaled our Kubernetes clusters, the contributions to Kubernetes we made along the way, and how you can apply those learnings when growing your Kubernetes clusters from a handful to hundreds or thousands of nodes.
Andy Clemenko, StackRox -
One underutilized, and amazing, thing about the docker image scheme is labels. Labels are a built in way to document all aspects about the image itself. Think about all the information that the tags inside your clothing carry. If you care to look you can find out everything about the garment. All that information can be very valuable. Now think about how we can leverage labels to carry similar information. We can even use the labels to contain Docker Compose or even Kubernetes Yaml. We can even include labels into the CI/CD process making things more secure and smoother. Come find out some fun techniques on how to leverage labels to do some fun and amazing things.
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment ModelDocker, Inc.
Patrick Deloulay, Micro Focus -
Micro Focus started their digital transformation 3 years ago, moving the entire portfolio into hundreds of container images. Leveraging Docker Hub as our primary registry service, we will cover how we ended up building a simple but secure push/pull model to publish and deliver our premium assets to our customers and partners to both meet the high agility of our DevOps teams while greatly simplifying the deployment of our applications.
Build & Deploy Multi-Container Applications to AWSDocker, Inc.
Lukonde Mwila, Entelect
As the cloud-native approach to development and deployment becomes more prevalent, it's an exciting time for software engineers to be equipped on how to dockerize multi-container applications and deploy them to the cloud.
In this talk, Lukonde Mwila, Software Engineer at Entelect, will cover the following topics:
- Docker Compose
- Containerizing an Nginx Server
- Containerizing an React App
- Containerizing an Node.JS App
- Containerizing anMongoDB App
- Runing Multi-Container App Locally
- Creating a CI/CD Pipeline
- Adding a build stage to test containers and push images to Docker Hub
- Deploying Multi-Container App to AWS Elastic Beanstalk
Lukonde will start by giving an overview of how Docker Compose works and how it makes it very easy and straightforward to startup multiple Docker containers at the same time and automatically connect them together with some form of networking.
After that, Lukonde will take a hands on approach to containerize an Nginx server, a React app, a NodeJS app and a MongoDB instance to demonstrate the power of Docker Compose. He'll demonstrate usage of two Docker files for an application, one production grade and the other for local development and running of tests. Lastly, he'll demonstrate creating a CI/CD pipeline in AWS to build and test our Docker images before pushing them to Docker Hub or AWS ECR, and finally deploying our multi-container application AWS Elastic Beanstalk.
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...Docker, Inc.
Elton Stoneman, Docker Captain + Container Consultant and Trainer
How do you provide a SaaS offering when your product is a 10-year old Fortran app, currently built to run on Windows 10? With Docker and Kubernetes of course - and you can do it in a week (... to prototype level at least).
In this session I'll walk through the processes and practicalities of taking an older Windows app, making it run in containers with Kubernetes, and then building a simple API wrapper to host the whole stack as a cloud-based SaaS product.
There's a lot of technology here from a real world case study, and I'll focus on:
- running Windows apps in Docker containers
- building a .NET Core API which can run in Linux or Windows containers
- running the stack in Kubernetes with Docker Desktop locally and AKS in the cloud
- configuring AKS workloads in Azure to burst out to Azure Container Instances
And there's a core theme to this session: Docker and Kubernetes are complex technologies, but they're the key to modern development. If you invest time learning them, they make projects like this simple, portable, fast and fun.
Developing with Docker for the Arm ArchitectureDocker, Inc.
This virtual meetup introduces the concepts and best practices of using Docker containers for software development for the Arm architecture across a variety of hardware systems. Using Docker Desktop on Windows or Mac, Amazon Web Services (AWS) A1 instances, and embedded Linux, we will demonstrate the latest Docker features to build, share, and run multi-architecture images with transparent support for Arm.
2. Outline
● Whom is this for?
● What's the problem?
● What's a Container?
● Docker 101
● Docker images
● Docker future
3. Ops
● any distro¹
● any cloud²
● any machine (physical, virtual...)
● recent kernels³
¹ as long as it's Ubuntu or Debian ☺ others coming soon
² as long as they don't ship with their custom crappy kernel
³ at least 3.8; support for RHEL 2.6.32 on the way
4. Devs
● all languages
● all databases
● all O/S
● targetting Linux systems
Docker will eventually be able to target FreeBSD, Solaris, and maybe OS X.
5. CFO, CIO, CTO, ...
● LESS overhead!
● MORE consolidation!
● MORE agility!
● LESS costs!
6. Outline
● Whom is this for?
● What's the problem?
● What's a Container?
● Docker 101
● Docker images
● Docker future
7. The Matrix From Hell
django
web frontend ? ? ? ? ? ?
node.js
async API ? ? ? ? ? ?
background
workers ? ? ? ? ? ?
SQL database
? ? ? ? ? ?
distributed
DB, big data ? ? ? ? ? ?
message
queue ? ? ? ? ? ?
my laptop your laptop QA staging prod on
cloud VM
prod on bare
metal
12. Linux containers...
Units of software delivery (ship it!)
● run everywhere
– regardless of kernel version
– regardless of host distro
– (but container and host architecture must match*)
● run anything
– if it can run on the host, it can run in the container
– i.e., if it can run on a Linux kernel, it can run
*Unless you emulate CPU with qemu and binfmt
13. Outline
● Whom is this for?
● What's the problem?
● What's a Container?
● Docker 101
● Docker images
● Docker future
14. High level approach:
it's a lightweight VM
● own process space
● own network interface
● can run stuff as root
● can have its own /sbin/init
(different from the host)
« Machine Container »
15. Low level approach:
it's chroot on steroids
● can also not have its own /sbin/init
● container = isolated process(es)
● share kernel with host
● no device emulation (neither HVM nor PV)
« Application Container »
16. Separation of concerns:
Dave the Developer
● inside my container:
– my code
– my libraries
– my package manager
– my app
– my data
17. Separation of concerns:
Oscar the Ops guy
● outside the container:
– logging
– remote access
– network configuration
– monitoring
18. How does it work?
Isolation with namespaces
● pid
● mnt
● net
● uts
● ipc
● user
19. How does it work?
Isolation with cgroups
● memory
● cpu
● blkio
● devices
20. If you're serious about security,
you also need…
● capabilities
– okay: cap_ipc_lock, cap_lease, cap_mknod,
cap_net_admin, cap_net_bind_service,
cap_net_raw
– troublesome: cap_sys_admin (mount!)
● think twice before granting root
● grsec is nice
● seccomp (very specific use cases); seccomp-
bpf
● beware of full-scale kernel exploits!
21. How does it work?
Copy-on-write storage
● unioning filesystems
(AUFS, overlayfs)
● snapshotting filesystems
(BTRFS, ZFS)
● copy-on-write block devices
(thin snapshots with LVM or device-mapper)
This is now being integrated with low-level LXC tools as well!
23. Compute efficiency:
almost no overhead
● processes are isolated,
but run straight on the host
● CPU performance
= native performance
● memory performance
= a few % shaved off for (optional) accounting
● network performance
= small overhead; can be reduced to zero
24. Storage efficiency:
many options!
Union
Filesystems
Snapshotting
Filesystems
Copy-on-write
block devices
Provisioning Superfast
Supercheap
Fast
Cheap
Fast
Cheap
Changing
small files
Superfast
Supercheap
Fast
Cheap
Fast
Costly
Changing
large files
Slow (first time)
Inefficient (copy-up!)
Fast
Cheap
Fast
Cheap
Diffing Superfast Superfast (ZFS)
Kinda meh (BTRFS)
Slow
Memory usage Efficient Efficient Inefficient
(at high densities)
Drawbacks Random quirks
AUFS not mainline
!AUFS more quirks
ZFS not mainline
BTRFS not as nice
Higher disk usage
Great performance
(except diffing)
Bottom line Ideal for PAAS and
high density things
This might be the
Future
Dodge Ram 3500
25. Outline
● Whom is this for?
● What's the problem?
● What's a Container?
● Docker 101
● Docker images
● Docker future
26.
27. Docker-what?
● Open Source engine to commoditize LXC
● using copy-on-write for quick provisioning
STOP!
HAMMER DEMO TIME.
28.
29. Yes, but...
● « I don't need Docker;
I can do all that stuff with LXC tools, rsync,
some scripts! »
● correct on all accounts;
but it's also true for apt, dpkg, rpm, yum, etc.
● the whole point is to commoditize,
i.e. make it ridiculously easy to use
32. What this really means…
● instead of writing « very small shell scripts » to
manage containers, write them to do the rest:
– continuous deployment/integration/testing
– orchestration
● = use Docker as a building block
● re-use other people images (yay ecosystem!)
33. Docker-what?
The Big Picture
● Open Source engine to commoditize LXC
● using copy-on-write for quick provisioning
● allowing to create and share images
● standard format for containers
(stack of layers; 1 layer = tarball+metadata)
● standard, reproducible way to easily build
trusted images (Dockerfile, Stackbrew...)
34. Docker-what?
Under The Hood
● rewrite of dotCloud internal container engine
– original version: Python, tied to dotCloud's internal
stuff
– released version: Go, legacy-free
● the Docker daemon runs in the background
– manages containers, images, and builds
– HTTP API (over UNIX or TCP socket)
– embedded CLI talking to the API
● Open Source (GitHub public repository + issue
tracking)
35. Outline
● Whom is this for?
● What's the problem?
● What's a Container?
● Docker 101
● Docker images
● Docker future
36. Authoring images
with run/commit
1) docker run ubuntu bash
2) apt-get install this and that
3) docker commit <containerid> <imagename>
4) docker run <imagename> bash
5) git clone git://.../mycode
6) pip install -r requirements.txt
7) docker commit <containerid> <imagename>
8) repeat steps 4-7 as necessary
9) docker tag <imagename> <user/image>
37. Authoring images
with a Dockerfile
FROM ubuntu
RUN apt-get -y update
RUN apt-get install -y g++
RUN apt-get install -y erlang-dev erlang-manpages
erlang-base-hipe ...
RUN apt-get install -y libmozjs185-dev libicu-dev
libtool ...
RUN apt-get install -y make wget
RUN wget http://.../apache-couchdb-1.3.1.tar.gz | tar
-C /tmp -zxf-
RUN cd /tmp/apache-couchdb-* && ./configure && make
install
RUN printf "[httpd]nport = 8101nbind_address =
0.0.0.0" >
38. Authoring Images
with Chef/Puppet/Ansible/Salt/...
Plan A: « my other VM is a container »
● write a Dockerfile to install $YOUR_CM
● start tons of containers
● run $YOUR_CM in them
Good if you want a mix of containers/VM/metal
But slower to deploy, and uses more resources
39. Authoring Images
with Chef/Puppet/Ansible/Salt/...
Plan B: « the revolution will be
containerized »
● write a Dockerfile to install $YOUR_CM
● … and run $YOUR_CM as part of build
process
● deploy fully baked images
Faster to deploy
Easier to rollback
40. Outline
● Whom is this for?
● What's the problem?
● What's a Container?
● Docker 101
● Docker images
● Docker future
41. Docker: the community
● Docker: >200 contributors
● <7% of them work for dotCloud Docker inc.
● latest milestone (0.6): 40 contributors
● ~50% of all commits by external contributors
● GitHub repository: >800 forks
42. Docker: the ecosystem
● Cocaine (PAAS; has Docker plugin)
● CoreOS (full distro based on Docker)
● Deis (PAAS; available)
● Dokku (mini-Heroku in 100 lines of bash)
● Flynn (PAAS; in development)
● Maestro (orchestration from a simple YAML
file)
● OpenStack integration (in Havana, Nova has a
Docker driver)
43. Docker long-term roadmap
Docker 1.0:
● dynamic discovery
● remove AUFS, THINP, LXC, etc.
– execution? chroot!
– storage? cp!
– we can run everywhere o/
● re-add everything as plugins