This document provides an overview of a talk about Docker. It introduces Docker features like images, containers, and the workflow. It describes how Docker uses namespaces and control groups for isolation. It compares Docker to virtual machines and explains why Docker is popular. The document then demonstrates Docker through a tutorial of pulling an image, running a container, and viewing container logs. It also discusses the Dockerfile for automating builds.

1. IInnttrroodduuccttiioonn ttoo
ddoocckkeerr

3. What will be in this talk
- Overview of docker features
- Overview of docker building blocks
- Comparison to other solutions
- Quick docker tutorial
- Dockerfile tips

4. What will not be in this talk
- Exploiting docker
- Details of deploying docker infrastructure
- Deep technical descriptions

5. Easy to learn

6. -- EEaassyy ttoo lleeaarrnn
-- CCooooll wwhhaallee
-- WWrriitttteenn iinn ggoo

7. BBuutt sseerriioouussllyy??

8. Architecture
changes
http://martinfowler.com/articles/microservices/images/decentralised-data.png

9. Features - images
● Package every app in the same box
(dependencies, working everywhere)
● Isolate things from each other
● Standarized build procedure (Dockerfile)

10. Containers

11. Features - containers
● Managing containers
– Running & stopping
– Inspect, logs, top, ps
– Save & load (from files)
– Diff & commit
● Mounting volumens
– Share data
– Persistency
● Easy networking and linking containers

12. WWoorrkkss oonn
eevveerryyoonnee''ss
mmaacchhiinnee

13. IIssoollaatt iioonn

14. PPoorrttaabbiilliittyy

15. Features - workflow
● Docker deamon and cli
● Docker hub and registry
● Image versioning (pull, commit, pull, layers)

16. DDoocckkeerr bbuuiillddiinngg
bblloocckkss

17. HHooww iitt''ss
ccooookkeedd??

18. NNaammeessppaacceess
hhttttpp::////bblloogg..ddoottcclloouudd..ccoomm//uunnddeerr--tthhee--hhoooodd--lliinnuuxx--kkeerrnneellss--oonn--
ddoottcclloouudd--ppaarrtt

19. Namespaces - GOAL
One of the overall goals of
namespaces is to support the
implementation of containers, a tool for
lightweight virtualization.

20. Namespaces - HOW
Wrap a particular global system
resource in an abstraction that makes
it appear to the processes within the
namespace that they have their own
isolated instance of the global resource

21. Namespaces - Result
Processes 'think' that they are
the only processes on the
system

22. Namespaces - Examples
- pid
- numbering
- hierarchy
- cannot kill / ptrace in other namespaces
- net
- 20 apaches at 80
- mount

23. CCoonnttrrooll
ggrroouuppss
hhttttpp::////bblloogg..ddoottcclloouudd..ccoomm//kkeerrnneell--sseeccrreettss--ffrroomm--tthhee--ppaaaass--ggaarraaggee--
ppaarrtt--2244--cc

24. Control groups
Measure and limit resource
usage for groups of
processes

25. DDoocckkeerr vvss VVMM

26. Overhead
http://www.zdnet.com/what-is-docker-and-why-is-it-so-darn-popular-7000032269/

27. LLiigghhttwweeiigghhtt
AAnndd
ffaasstt

28. SShhaarriinngg OOSS

29. HHiigghheerr ddeennssiittyy

30. NNoott rreeaallllyy aa VVMM

31. WWhhyy ddoocckkeerr??
WWhhyy nnoott llxxcc??

32. WWhhyy ddoocckkeerr??
WWhhyy nnoott llxxcc??

33. WWhhyy ddoocckkeerr??
WWhhyy nnoott llxxcc??

34. WWhhyy ddoocckkeerr??
WWhhyy nnoott llxxcc??
http://stackoverflow.com/questions/17989306/what-does-docker-add-to-just-plain-lxc

35. DDoocckkeerr ttuuttoorriiaall

36. PPuullll iitt!!
$ docker pull
busybox
● Search docker
registry for
repository of given
name
● Downloads the
repository
● Pulls only changes
next time

37. PPuullll iitt!!
$ docker pull
busybox
● Search docker
registry for repository
of given name
● Downloads the
repository
● Pulls only changes
next time

38. PPuullll iitt!!
$ docker pull
busybox
● Search docker
registry for repository
of given name
● Downloads the
repository
● Pulls only changes
next time

40. RRuunn iitt!!
$ docker run
busybox:ubuntu-
14.04 echo
"hello"
● Make sure that image
is available
(downloads if not
found)
● Create a container
● Run a command

41. RRuunn iitt!!
$ docker run -it
busybox:ubuntu-
14.04 sh
● -it → makes container
interactive
● Create a container
● Give you a shell
access

42. More complicated example
● Run redis in a
container
● Run it as a deamon
● Bind it to network
● Make storage
persistent

43. RRuunn iitt!!
$ docker run -d -v
/var/docker/redis:/da
ta -p 6379:6379
--name=redis
dockerfile/redis
● -d → launch as
deamon
● -v
/var/docker/redi
s:/data → mount
directories
● -p 6379:6379 →
forward ports

44. RRuunn iitt!!
$ docker run -d -v
/var/docker/redis:/d
ata -p 6379:6379
--name=redis
dockerfile/redis
● -d → launch as
deamon
● -v
/var/docker/red
is:/data →
mount directories
● -p 6379:6379 →
forward ports

45. RRuunn iitt!!
$ docker run -d -v
/var/docker/redis:/da
ta -p 6379:6379
--name=redis
dockerfile/redis
● -d → launch as
deamon
● -v
/var/docker/redi
s:/data → mount
directories
● -p 6379:6379 →
forward ports

46. WWaattcchh iitt!!
$ docker ps
Prints out information
about docker
containers

47. WWaattcchh iitt!!
$ docker ps -a
Prints out information
about all docker
containers:
● Running
● Exited

48. WWaattcchh iitt!!
$ docker logs -t
--follow
romantic_enstein
Get logs from
stdin/stdout of
container
● -t → show timestamp
● --follow → similar to
tail -f

49. WWaattcchh iitt!!
$ docker inspect
romantic_enstein
Get info about
container
● Environment
variables
● Ports
● Links

50. EEnntteerr
iinnssiiddee!!
- nsenter
- ssh
● nsenter uses
namespaces
● Ssh needs ssh server
inside

51. TTiiddyy uupp
- docker rm
<container_id>
- docker rmi
<image_id>
● Docker images use
lots of space
● Docker images can
clog all your available
space on server (no
more pulling from
registry)

52. TTiiddyy uupp
$ docker ps -a | grep 'Exited' | awk '{print $1}' |
xargs docker rm
● Get ids of exited containers
● Remove containers with given ids

53. RReeppoossiittoorryy
wwoorrkkffllooww
● docker diff <container_id>
● docker commit
<contaner_id>
attero/stuff:my-tag
● Versioning!
● Tags
● Multiple versions
● Push & pull

54. WWhhaatt wwee lleeaarrnneedd ssoo ffaarr
Repository workflow
– Pull
– Commit
– Push
Tidying up after
containers
– Rm
– Rmi
Monitoring
– Ps
– Logs
– Inspect
– Top
Running containers
– Interactive
– Deamon
– Mounting
– Forwarding

55. Containers are
nice

56. How about automation?

57. DOCKERFILE

58. DOCKERFILE
- Version control
- Automation
- Portability

59. DOCKERFILE
FROM ubuntu
MAINTAINER me@me.me
# Install tmux
RUN
apt-get update && apt-get install tmux
RUN mkdir /home/hello
# Define working directory.
WORKDIR /home/hello
# Define default command.
CMD ["/bin/bash"]

60. DOCKERFILE
FROM ubuntu ← defines base imag
MAINTAINER me@me.me ← who is reponsible
# Install tmux
RUN
apt-get update && apt-get install tmux
RUN mkdir /home/hello ← let's run some
commands
# Define working directory.
WORKDIR /home/hello ← let's start here
# Define default command.
CMD ["/bin/bash"] ← default command to run
without arguments in run

61. DOCKERFILE
Every command in
Dockerfile is run on
a different container

62. DOCKERFILE
Don't start services
in dockerfile.

63. DOCKERFILE
Cache!
- use it
- save lots of time
- not changed
layers are reused

64. DOCKERFILE
- short
- good base image
- most changing
things at the bottom

65. DOCKERFILE
Every command in
Dockerfile is run on
a different container

66. Learning resources
● http://docs.docker.com/#installation-guides
● http://docs.docker.com/reference/builder/
● http://docs.docker.com/reference/commandline/cli
/
● https://crosbymichael.com/dockerfile-best-practic
es.html
● http://docs.docker.com/articles/basics/
● https://www.youtube.com/watch?v=XCVOxht34H
s
● https://www.youtube.com/watch?v=9bvdc55xYdo

67. More Learning resources
● https://www.digitalocean.com/community/tutoria
ls/docker-explained-how-to-containerize-python
-web-applications
● http://phusion.github.io/baseimage-docker/
● https://circleci.com/docs/docker
● http://docs.docker.com/userguide/usingdocker/

68. Q&A