Docker Deep Dive

Course Introduction

The Basics

By scmGalaxy.com

About Me

DevOps@RajeshKumar.XYZ

docker deep dive
docker inspect

What We’ll Learn

  • Linux Containers
    • Containers vs Virtual Machines << FIGHT!!
    • Kernel namespaces, cgroups, Capabilities…
  • Docker Engine
    • Execution Driver: libcontainer vs LXC
    • AUFS, OverlayFS, Device Mapper…
  • Docker Images
    • docker build | docker images | docker inspect…
    • Union mounts, Layering, Dockerfile
  • Docker Containers
    • docker start | stop | restart
  • Registries, Volumes, Networking….

Prerequisites

linux machine for docker deep

Introducing Containers

It’s all about applications

server : application:

1 : 1

server applicatin for docker deep
nginx for docker
nginx of docker
kvm xen for docker deep

Physical Machine

physical machine for docker deep
app and physical machine for docker deep
app and physical machine of docker
physical machine app for docker
physical machine app os for docker
os and app physical machine for docker
os business value app physical machine for docker
app physical machine for docker
hypervisor physical machine for docker
hypervisor app os physical machine for docker
app container for docker

Containers are more lightweight than Virtual Machines

app conatiner of docker deep

Physical Machine

os userspace app physical of docker
os userspace app physical machine of docker
app os container physical machine for docker
physical machine app os for docker
docker physical machine os
docker physical machine os 10gb
os 4gb ram physical machine for docaker
os 5%cpu physical machine for docaker
docker operating system of physical machine
docker physical machine operating system
operating system docker of physical machine
physical machine for docker operating system
docker deep linux kernel of physical machine
container linux kernel for docker physical machie

Containers consume less CPU, RAM and disk resource than Virtual Machines

container linux kernel for docker physical machie

How Containers Work

How Containers Work

how container work for docker

How Containers Work

how containers work of physical machine docker

How Containers Work

how container work for docker

How Containers Work

how container work for docker deep dive

How Containers Work

docker how containers work of operating system

How Containers Work

physical machine for docker how containers work

How Containers Work

docker how container work physical machine

How Containers Work

how conatiner work of docker operating system

How Containers Work

how conatiners work for docker

How Containers Work

docker for how containers work

How Containers Work

docker for how container work

Kernel Namespaces

kernel namespaces for docker
kernel namespaces for docker deep dive

Control Groups (cgroups)

control groups for docker
control groups containers for docker

Capabilities

capabilities for docker deep dive
capabilities root for docker deep dive
docker
linux kernel for docker
docker engine

The Evolving Docker Platform

the evolving docker platform
docker deep
lxc and docker
lxc linux kernel for docker
lxc linux kernel for docker

The Future of Docker

the future of docker
future of docker
docker engine container
docker linux kernel and windows kernel for physical machine

Physical Machine

hypervisor for docker physical machine
operating system for docker

Chip-level assists for Containers

  • Performance offloads
  • Security features
  • ......

chip level assists for docker containers
security features for docker
security features of docker
docker for security features

Coming up Next….

  • Installing Ubuntu and CentOS Linux
  • Installing and updating the Docker Daemon

Installing Ubuntu Linux and CentOS Linux

installing ubuntu linux centos linux
installing ubuntu linux centos linux for docker
installing centos and rhel for docker

Installing and Updating Docker

cgroup for docker
installing and updating docker
updating docker
updating for docker
installing for docker
installing and updating for docker

Module Recap

module recap for docker

Major Docker Components

Module Outline

  • Docker Engine
  • Images
  • Containers
  • Registries and Repositories

Major Docker Components

The Big Picture

docker container docker engine
major docker components
containers docker

Containers can contain malicious code

Trust the code you run!

/engine of docker
/rtg berth of docker
/keel clearance of docker
/keel clearance for docker
/Equipment images for docker

Equipment images from www.konecranes.com

/Equipment images docker

Equipment images from www.konecranes.com

/docker equipment images

Equipment images from www.konecranes.com

/images of docker equipment

Equipment images from www.konecranes.com

/images for docker equipment

Equipment images from www.konecranes.com

/equipment of docker

Equipment images from www.konecranes.com and www.terex.com

/docker deep engine
/docker engine of container
/docker engine for container
/container for docker engine.jpg
/app container docker engine
/docker engine for container
/docker engine ec2 container
/docker engine and google computer engine
/docker engine and google computer engine
/docker engine for goole computer
/goole compute engine of docker engine
/container of docker
/pull of docker
/v1 to v5 of docker

Registries and Repositories

A Quick Look

/registry for docker
/registry of docker

Module Recap

/docker engine for module recap

A Closer Look at Images and Containers

A Closer Look at Images and Containers

The Good Stuff!
layer a closer look and container of docker
image layer for docker deep dive
ubuntu os for layer docker
ubuntu os of layer docker
docker layer ubuntu os
layer security of docker
docker of layer

Focusing in on Containers

More Good Stuff…

docker image
docker image
docker image thin writable layer
thin writable layer for docker image
docker for image thi writable
docker image for many containers

One Process per Container…

Usually…

Module Recap

docker module recap

Container Management

Module Outline

  • Container Management
  • Container Config
  • Look Inside Running Containers
  • Different Ways to Get Shell Access
start top restart for docker deep dive
container and linux server for docker

“One process per Container”


We can run multiple processes per Container

“One process per Container”

  • One concern per container
  • Lean
  • Simple!

We can run multiple processes per Container

docker attach

  • Attaches to PID 1 inside the container
  • In the real world, PID 1 inside a container will probably not be a shell

ssh

  • Most containers won’t be running an SSH server

nsenter

  • Allows us to enter Namespaces
  • Requires the containers PID (get from “docker inspect”)

Module Recap

module recap for docker

Building from a Dockerfile

Module Outline

  • The Big Picture
  • Dockerfile Basics
  • Creating a Dockerfile
  • Building from a Dockerfile
  • Dockerfile
  • Plain-text
  • Simple format
  • Instructions to build image

dockerfile

Module Recap

module recap for building from a dockerfile

Diving Deeper with Dockerfile

Module Outline

  • The Build Cache
  • Dockerfile and Layers
  • Dockerfile Instructions
    • CMD, ENTRYPOINT, ENV, VOLUME
  • Dockerfile
  • Plain-text
  • Simple format
  • Instructions to build image

dockerfile
diving deeper with dockerfile
diving deeper of dockerfile
diving deeper with instruction dockerfile
dockerfile instruction and buld cache
instruction for dockerfile 
 
	CMD                                              RUN
	Run-time                                         Build-time
	Run commands in
	containers at launch time                        Add layers to images
	                                                 Used to install apps
	Equivalent of -
	    docker run < args > 
	    docker run < args > /bin/bash
	One per Dockerfile
	
	
	                        
 
    Shell Form                                     Exec Form
    Commands are expressed the same                JSON array style -
    way as shell commands                            [“command”,“arg1”]
    Commands get prepended                         Containers don’t need a shell
    by “/bin/sh –c”                                Avoids string munging by the shell
    Variable expansion etc…                        No shell features –
	                                               No variable expansion
                                                        No special characters (&&,||,>….)

ENTRYPOINT

  • Can’t be overridden at run-time with normal commands – docker run …< command >
  • Any command at run-time is used as an argument to ENTRYPOINT
  • Variable expansion etc…
docker deep dive with containers

Module Recap

module recap for dockerfile

Docker Networking

Module Outline

  • The “docker0” Virtual Bridge
  • Virtual Ethernet Interfaces
  • Exposing Ports
  • Linking Containers
docker neworking
docker deep dive with networking

Module Recap

docker networking with .module recap

Troubleshooting

What We’ll Learn

  • Docker Daemon Logging
  • Container Logging
  • Troubleshooting Images
  • Network Troubleshooting

Docker Daemon Logging

troubleshooting images for docker

Container Logging

Replay

Use volumes to share and
persist data

Image Troubleshooting

Test Before Dockerfile

         FROM ubuntu:15.04
 
					FROM ubuntu:15.04
						
					
					
					CMD ping 8.8.8.8
 
					FROM ubuntu:15.04
					
					
					RUN apt-get install–y
					iputils-ping
							
					CMD ping 8.8.8.8
 
					FROM ubuntu:15.04
					
					RUN apt-get update
					
					RUN apt-get install–y
					iputils-ping
						
					CMD ping 8.8.8.8
 
					FROM ubuntu:15.04
					
					RUN apt-get update &&\
					  apt-get install –y \
					  iputils-ping
						
					CMD ping 8.8.8.8

Image Troubleshooting

Intermediate Images

Network Troubleshooting

docker0

Network Troubleshooting

IPTables

- - icc =

- - iptables =

*Both default to true

Module Recap

troubleshooting for docker module recap

Lightning Fast Recap

Next Steps

This isn’t the end.

It’s…. just the beginning!

lightning fast recap for docker

Questions?

docker questions

Thanks for You