container based virtualization docker
play

Container-based virtualization: Docker Corso di Sistemi Distribuiti - PDF document

Dec 16, 2022 •758 likes •979 views

Universit degli Studi di Roma Tor Vergata Dipartimento di Ingegneria Civile e Ingegneria Informatica Container-based virtualization: Docker Corso di Sistemi Distribuiti e Cloud Computing A.A. 2018/19 Valeria Cardellini Case study:

  1. Università degli Studi di Roma “ Tor Vergata ” Dipartimento di Ingegneria Civile e Ingegneria Informatica Container-based virtualization: Docker Corso di Sistemi Distribuiti e Cloud Computing A.A. 2018/19 Valeria Cardellini Case study: Docker • Lightweight, open and secure container-based virtualization – Containers include the application and all of its dependencies, but share the kernel with other containers – Containers run as an isolated process in userspace on the host operating system – Containers are also not tied to any specific infrastructure Valeria Cardellini - SDCC 2018/19 1

  2. Docker internals • Docker is written in Go language • With respect to other OS-level virtualization solutions, Docker is a higher-level platform that exploits Linux kernel mechanisms such as cgroups and namespaces – First versions based on LXC – Then based on its own libcontainer runtime that uses Linux kernel namespaces and cgroups directly – libcontainer (now included in opencontainers/runc ): cross- system abstraction layer aimed to support a wide range of isolation technologies • Dockers adds to LXC – Portable deployment across machines – Versioning, i.e., git-like capabilities – Component reuse – Shared libraries, see Docker Hub hub.docker.com Valeria Cardellini - SDCC 2018/19 2 Docker engine • Docker Engine: client- server application composed by: – A server, called daemon process – A REST API which specifies interfaces that programs can use to control and interact with the daemon – A command line interface (CLI) client See https://docs.docker.com/engine/docker-overview/ Valeria Cardellini - SDCC 2018/19 3

  3. Docker architecture • Docker uses a client-server architecture – The Docker client talks to the Docker daemon , which builds, runs, and distributes Docker containers – Client and daemon communicate via sockets or REST API Valeria Cardellini - SDCC 2018/19 4 Docker image • Read-only template containing instructions for creating a Docker container – Described in text file called Dockerfile , with simple, well-defined syntax – The Build component of Docker – Enables the distribution of applications with their runtime environment • Incorporates all the dependencies and configuration necessary for it to run, eliminating the need to install packages and troubleshoot – Target machine must be Docker-enabled • The Docker Image – Can be pulled and pushed towards a registry – Image names have the form [registry/][user/]name[:tag] – Default for tag is latest Valeria Cardellini - SDCC 2018/19 5

  4. Docker image: Dockerfile • Images can be created from a Dockerfile and a context : – Dockerfile: instructions to assemble the image – Context: set of files (e.g., application, libraries) – Often, an image is based on another image (e.g., ubuntu) • Example of a Dockerfile 6 Valeria Cardellini - SDCC 2018/19 Docker image: build • Build an image from a Dockerfile $ docker run [OPTIONS] PATH | URL | - $ docker build -t hello-world . Valeria Cardellini - SDCC 2018/19 7

  5. Docker image: layers • Layered image – Each image consists of a series of layers – Docker uses union file systems to combine these layers into a single unified view • Layers are stacked on top of each other to form a base for a container’s root file system • Based on the copy-on-write (COW) principle Valeria Cardellini - SDCC 2018/19 8 Docker image: layers • Layering pros - Enable layer sharing and reuse, installing common layers only once and saving bandwidth and storage space - Manage dependencies and separate concerns - Facilitate software specializations - See https://docs.docker.com/storage/storagedriver/ Valeria Cardellini - SDCC 2018/19 9

  6. Docker image: storage • Containers should be stateless. Ideally: – Very little data is written to the container’s writable layer – Data should be written on Docker volumes – Nevertheless: some workloads require to write data to the container’s writable layer • The storage driver controls how images and containers are stored and managed on the Docker host • Multiple choices for the storage driver - Including AuFS and OverlayFS (both operate at file level), Device Mapper, Btrfs and zfs (that operate at block level) - Storage driver’s choice can affect the performance of the containerized applications - See https://dockr.ly/2FstUe6 Valeria Cardellini - SDCC 2018/19 10 Docker container and registry • Docker container : runnable instance of a Docker image – Run, start, stop, move, or delete a container using Docker API or CLI commands – The Run component of Docker - Docker containers are stateless: when a container is deleted, any data written that is not stored in a data volume is deleted along with the container • Docker registry : stateless server-side application that stores and lets you distribute Docker images - Provides an open library of images - The Distribute component of Docker - Docker-hosted registries: Docker Hub, Docker Store (open source and enterprise verified images) 11 Valeria Cardellini - SDCC 2018/19

  7. Docker: run command • When you run a container whose image is not yet installed but is available on Docker Hub Courtesy of “Docker in Action” by J. Nickoloff Valeria Cardellini - SDCC 2018/19 12 State transitions of Docker containers Courtesy of “Docker in Action” by J. Nickoloff Valeria Cardellini - SDCC 2018/19 13

  8. Commands: Docker info • Obtain detailed info on your Docker installation $ docker info E.g., to know the used storage driver (e.g., AuFS) Valeria Cardellini - SDCC 2018/19 14 Commands: image handling • List images on host (i.e., local repository) $ docker images or $ docker image ls - To list every image, including intermediate image layers: or $ docker image ls –a $ docker images –a – Options to list images by name and tag, to list image digests (sha256), to filter images, to format the output, e.g., $ docker images --filter reference=ubuntu • Inspect an image – Display detailed information, including image layers $ docker [image] inspect imageid • Remove an image or $ docker image rm imageid $ docker rmi imageid Can also use imagename instead of imageid Valeria Cardellini - SDCC 2018/19 15

  9. Command: run $ docker run [OPTIONS] IMAGE [COMMAND] [ARGS] • Most common options --name assign a name to the container –d detached mode (in background) –i interactive (keep STDIN open even if not attached) -t allocate a pseudo-tty --expose expose a range of ports inside the container -p publish a container's port or a range of ports to the host –v bind and mount a volume –e set environment variables --link add link to other containers • The “Hello World” container $ docker run alpine /bin/echo 'Hello world' - Alpine: lightweight Linux distro with reduced image size Valeria Cardellini - SDCC 2018/19 16 Commands: containers management • List containers – Only running containers: $ docker ps • Alternatively, $ docker container ls – All containers (even stopped or killed containers): $ docker ps -a Can also use containername • Container lifecycle instead of containerid – Stop running container $ docker stop containerid – Start stopped container $ docker start containerid – Kill running container $ docker kill containerid – Remove container (need to stop the container before attempting removal) $ docker rm containerid 17 Valeria Cardellini - SDCC 2018/19

  10. Commands: containers management • Inspect a container – Most detailed view of the environment in which a container was launched $ docker inspect containerid • Copy files from and to docker container $ docker cp containerid:path localpath $ docker cp localpath containerid:path Valeria Cardellini - SDCC 2018/19 18 Examples of using Docker • Run a nginx Web server inside a container - Also bind the container to a specific port $ docker run –d –p 80:80 --name web nginx • Send HTTP request through Web browser - First retrieve the hostname of the host machine • Send HTTP request through an interactive container using the Docker internal network $ docker run -i -t --link web:web --name web_test busybox / # wget -O - http://web:80/ --link : legacy flag to manually create links between the containers / # exit wget: -O FILE Save to FILE ('-' for stdout) • To not use --link , let us define a bridge network $ docker network create my_net $ docker run -d –p 80:80 --name web --net=my_net nginx $ docker run –i -t --net=my-net --name web_test busybox /# ... Valeria Cardellini - SDCC 2018/19 19

  11. Examples of using Docker • Sending an HTTP request through an Alpine Linux container with curl installed and set as entrypoint $ docker run --rm byrnedo/alpine-curl http:// … • Checking the logs of the container $ docker logs containerid_or_name Valeria Cardellini - SDCC 2018/19 20 Examples of using Docker • Running Apache web server with minimal index page – Define container image with Dockerfile • Define image starting from Ubuntu, install and configure Apache • Incoming port set to 80 using EXPOSE instruction FROM ubuntu # Install dependencies RUN apt-get update RUN apt-get -y install apache2 # Install apache and write hello world message RUN echo 'Hello World!' > /var/www/html/index.html Valeria Cardellini - SDCC 2018/19 # Configure apache RUN echo '. /etc/apache2/envvars' > /root/run_apache.sh RUN echo 'mkdir -p /var/run/apache2' >> /root/run_apache.sh RUN echo 'mkdir -p /var/lock/apache2' >> /root/run_apache.sh RUN echo '/usr/sbin/apache2 -D FOREGROUND' >> /root/run_apache.sh RUN chmod 755 /root/run_apache.sh EXPOSE 80 CMD /root/run_apache.sh 21

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Container-based virtualization: Docker Corso di Sistemi Distribuiti e Cloud Computing A.A.

Container-based virtualization: Docker Corso di Sistemi Distribuiti e Cloud Computing A.A.

Macroarea di Ingegneria Dipartimento di Ingegneria Civile e Ingegneria Informatica Container-based virtualization: Docker Corso di Sistemi Distribuiti e Cloud Computing A.A. 2019/20 Valeria Cardellini Laurea Magistrale in Ingegneria

437 views • 21 slides
Container-based virtualization Process-level Extensively used in Lightweight virtualization

Container-based virtualization Process-level Extensively used in Lightweight virtualization

C NTR Lightweight OS Containers Jrg Thalheim, Pramod Bhatotia Pedro Fonseca Baris Kasikci USENIX ATC 2018 Container-based virtualization Process-level Extensively used in Lightweight virtualization production isolation Namespaces

250 views • 22 slides
Docker Review Basic Commands docker image ls # list images currently present locally docker

Docker Review Basic Commands docker image ls # list images currently present locally docker

Docker Review Basic Commands docker image ls # list images currently present locally docker container ls # list running containers docker run <image_name> # run an image as a container docker exec <container> <command> # run a

1.1k views • 6 slides
Setup docker rm $(docker ps -aq) docker network rm my_net Demo - Install and activate yum -y

Setup docker rm $(docker ps -aq) docker network rm my_net Demo - Install and activate yum -y

Setup docker rm $(docker ps -aq) docker network rm my_net Demo - Install and activate yum -y install docker s ystemctl start docker systemctl enable docker docker images - Launch pre-canned container: hello-world (busybox is another good

480 views • 4 slides
A Gentle Introduction to Container-based CI for Coq projects rik Martin-Dorel ACADIE team /

A Gentle Introduction to Container-based CI for Coq projects rik Martin-Dorel ACADIE team /

Introduction to Container-based CI/CD Presentation of docker-coq About docker-keeper and concluding remarks A Gentle Introduction to Container-based CI for Coq projects rik Martin-Dorel ACADIE team / IRIT lab. / Univ. Toulouse III - Paul

524 views • 25 slides
Summary To learn how to set up a container-based platform, called Docker, for use in all class

Summary To learn how to set up a container-based platform, called Docker, for use in all class

1 Due: Today, 11:59 pm CMPSC 300 Bioinformatics Fall 2019 Lab 1: Installing Software and a Written Reflection Summary To learn how to set up a container-based platform, called Docker, for use in all class activities, labs and practicals. To

580 views • 8 slides
Deliver Docker Containers Continuously on AWS Philipp Garbe @pgarbe Google Container So many

Deliver Docker Containers Continuously on AWS Philipp Garbe @pgarbe Google Container So many

Deliver Docker Containers Continuously on AWS Philipp Garbe @pgarbe Google Container So many choices... Engine Azure Container Services Cloud Foundrys Amazon ECS Diego Kubernetes Docker Swarm Mesosphere CoreOS Marathon Fleet

465 views • 45 slides
Container-based Virtualization University of Amsterdam MSc. System & Network Engineering

Container-based Virtualization University of Amsterdam MSc. System & Network Engineering

Power Efficiency of Hypervisor and Container-based Virtualization University of Amsterdam MSc. System & Network Engineering Research Project II Jeroen van Kessel 02-02-2016 Supervised by: dr. ir. Arie Taal dr. Paola Grosso Significance

761 views • 26 slides
Virtualization with Docker Matthias Schnepf Karlsruhe Institute of Technology (KIT), SCC/ETP 0

Virtualization with Docker Matthias Schnepf Karlsruhe Institute of Technology (KIT), SCC/ETP 0

Virtualization with Docker Matthias Schnepf Karlsruhe Institute of Technology (KIT), SCC/ETP 0 2019-11-05 Cake meeting Matthias Schnepf SCC/ETP Virtualization with Docker www.kit.edu KIT The Research University in the Helmholtz

1.26k views • 17 slides
INTRODUCTION TO DOCKER ADRIAN MOUAT SO WHAT IS DOCKER? SIMILAR TO A LIGHTWEIGHT VM Both

INTRODUCTION TO DOCKER ADRIAN MOUAT SO WHAT IS DOCKER? SIMILAR TO A LIGHTWEIGHT VM Both

INTRODUCTION TO DOCKER ADRIAN MOUAT SO WHAT IS DOCKER? SIMILAR TO A LIGHTWEIGHT VM Both provide isolated environments Docker is much more efficient 64-bit Linux only (currently) CONTAINERIZATION A Docker container is a portable store for a

674 views • 29 slides
CONTAINER AND MICROSERVICE SECURITY ADRIAN MOUAT Chief Scientist @ Container Solutions Wrote

CONTAINER AND MICROSERVICE SECURITY ADRIAN MOUAT Chief Scientist @ Container Solutions Wrote

CONTAINER AND MICROSERVICE SECURITY ADRIAN MOUAT Chief Scientist @ Container Solutions Wrote "Using Docker" for O'Reilly 40% Discount with AUTHD code Free Docker Security minibook http://www.oreilly.com/webops-perf/free/docker-

1.06k views • 68 slides
containerization: more than the new virtualization Jrme Petazzoni (@jpetazzo) Grumpy

containerization: more than the new virtualization Jrme Petazzoni (@jpetazzo) Grumpy

containerization: more than the new virtualization Jrme Petazzoni (@jpetazzo) Grumpy French DevOps - Go away or I will replace you with a very small shell script Runs everything in containers - Docker-in-Docker - VPN-in-Docker -

1.06k views • 61 slides
Integrating container-based virtualization technologies into ARC-powered grid infrastructure

Integrating container-based virtualization technologies into ARC-powered grid infrastructure

Integrating container-based virtualization technologies into ARC-powered grid infrastructure Oleksandr Boretskyi, Oleksandr Bohomaz, Andrii Salnikov Taras Schevchenko National University of Kyiv e-mail: grid@grid.org.ua Koice 2016 Software

518 views • 15 slides
Java/JVM com Docker em produo: lies das trincheiras Leonardo Zanivan panga@apache.org

Java/JVM com Docker em produo: lies das trincheiras Leonardo Zanivan panga@apache.org

Java/JVM com Docker em produo: lies das trincheiras Leonardo Zanivan panga@apache.org Why Docker Container? Review: Why Docker Container? Environments (dev, test, UAT, prod) Productivity (onboarding, develop, test) Single

530 views • 24 slides
Docker & Mesos/Marathon in production at OVH Balthazar Rouberol https://ovh.to/6bRrkAn 1

Docker & Mesos/Marathon in production at OVH Balthazar Rouberol https://ovh.to/6bRrkAn 1

Docker & Mesos/Marathon in production at OVH Balthazar Rouberol https://ovh.to/6bRrkAn 1 About Docker at OVH 2014-2015: Home-made container orchestrator, Sailabove, based on LXC 2016: Switch to Docker & Mesos/Marathon 6

487 views • 19 slides
Containers/Docker Mirna Alaisami Matthias Haeussler What is a container? in general 2

Containers/Docker Mirna Alaisami Matthias Haeussler What is a container? in general 2

Containers/Docker Mirna Alaisami Matthias Haeussler What is a container? in general 2 What is a Container? "in General" The term comes originally from the transportation world! A shipping container is any

620 views • 47 slides
technologies Containerization workshop Infrastructures for Cloud Computing and Big Data M

technologies Containerization workshop Infrastructures for Cloud Computing and Big Data M

An overview of some container-based technologies Containerization workshop Infrastructures for Cloud Computing and Big Data M Dmitrij David Padalino Montenero Academic Year 2018/2019 Topics Containerization and Orchestration Docker

668 views • 22 slides
Virtualization and Containerization What is Virtualization? What is Containerization? What does

Virtualization and Containerization What is Virtualization? What is Containerization? What does

Virtualization and Containerization What is Virtualization? What is Containerization? What does this do for us? Virtual Machines: Terminology Types of Hypervisors VirtualBox and VMWare

2.8k views • 30 slides
1 Agenda Docker world Containers VS Virtual machine Security concerns Conclusion Whoami

1 Agenda Docker world Containers VS Virtual machine Security concerns Conclusion Whoami

12.03.2019 Docker security 1 Agenda Docker world Containers VS Virtual machine Security concerns Conclusion Whoami M.Sc Computer Security M.Sc Software Development Worked previously as an embedded software developer Actually

586 views • 54 slides
INTRODUCTION TO DOCKER JONATHAN DOWLAND JDOWLAND@REDHAT.COM ABOUT ME Senior Software Engineer,

INTRODUCTION TO DOCKER JONATHAN DOWLAND JDOWLAND@REDHAT.COM ABOUT ME Senior Software Engineer,

INTRODUCTION TO DOCKER JONATHAN DOWLAND JDOWLAND@REDHAT.COM ABOUT ME Senior Software Engineer, Cloud Enablement, Red Hat Formerly CS Support Team Leader (2010-2015) Open source stuff (Debian etc.) also a guest member of staff with the School

777 views • 22 slides
Real-Time Analytics Meets Kubernetes Tal Doron Director, Technology Innovation ABOUT ME

Real-Time Analytics Meets Kubernetes Tal Doron Director, Technology Innovation ABOUT ME

Real-Time Analytics Meets Kubernetes Tal Doron Director, Technology Innovation ABOUT ME @taldor oron on taldor oron on84 tald ld@gigaspaces.com Ta Tal Doron Director, Technology Innovation About GigaSpaces 300+ Direct customers

1.01k views • 57 slides
C l a i m c o n t r o l o f y o u r D o c k e r i ma g e s D i i m

C l a i m c o n t r o l o f y o u r D o c k e r i ma g e s D i i m

C l a i m c o n t r o l o f y o u r D o c k e r i ma g e s D i i m m i i t t a a r r Z a a h h a a r r i i e e v o o p p e n S U S E A d v o c a t e d i m i t a r @ z

348 views • 21 slides
DevOps with Kubernetes and Helm Jessica Deen Cloud Developer Advocate HELLO! I am Jessica

DevOps with Kubernetes and Helm Jessica Deen Cloud Developer Advocate HELLO! I am Jessica

DevOps with Kubernetes and Helm Jessica Deen Cloud Developer Advocate HELLO! I am Jessica Deen I am here because I love technology and community. I focus heavily on Linux, OSS, DevOps and Containers. I love Disney and CrossFit/Fitness.

702 views • 40 slides
Advanced ML in Google Cloud Abhay Agarwal (MS Design 19) Agenda General Notes on

Advanced ML in Google Cloud Abhay Agarwal (MS Design 19) Agenda General Notes on

CS341: Project in Mining Massive Datasets Advanced ML in Google Cloud Abhay Agarwal (MS Design 19) Agenda General Notes on Pipelining Some History Distributed Processing in Tensorflow Cloud ML Engine in Google Cloud

381 views • 22 slides

More recommend