Dockerize Your IT! Centrale Nantes Information Technology Department Yoann Juet Dec, 2018
|
|
- Imogene Hunt
- 5 years ago
- Views:
Transcription
1 Dockerize Your IT! Centrale Nantes Information Technology Department Yoann Juet Dec,
2 A Brief History of Containers UNIX CHROOT BSD JAIL LINUX VSERVER LINUX NAMESPACES LINUX OPENVZ LINUX CGROUPS LINUX LXC DOCKER KUBERNETES
3 Docker Containers!= Virtual Machines 3 Containers share host ressources (kernel, cpu, memory, network) ; good isolation between Containers VMs have a full copy of an OS, leading to cpu, memory, network overhead ; very good isolation between VMs
4 Docker architecture docker : the Docker user CLI dockerd : engine daemon Create image, pass it to containerd containerd : runtime daemon Core container runtime for Docker Manage the complete container lifecycle (stop, start, transfer, supervision, storage, network) This model gives the ability to restart or upgrade Docker Engine without breaking the running containers 4
5 Docker images, An image is a read-only group of layers of other images. It includes everything an application needs to run: binaries, libraries, config files Each image is made of a base image (e.g. debian, ubuntu, alpine) plus a collection of diffs - intermediate images/layers - that adds the required features (e.g. emacs, apache). Images can be stored on public, private repos, on any host machine that has previously pulled the package from a repo 5
6 Docker Containers A container is a running instance - read-write - of an image You can run containers on Linux, Windows 10, Windows Server 2016, Cloud (AWS, Google ) Containers should be as ephemeral as possible. You should expect them to go down at any time and lose all data stored inside: Don t store data in containers Don t run more than one process in a single container Use custom created volumes or system mounts 6
7 Docker Image!= Docker Container push pull r/w Instance App 1 Container Public or Private Registry App Image r/w Instance App 2 Container Commit Remember A Docker Image is similar to a read-only template A Docker Container is an writable instance of a Docker Image Each Docker Container has its own read-write layer - thus its own data - that sits on one or more Docker image 7
8 Docker Containers - Pros and Cons Lightweight, low resources consumptions Isolation model, default set of capabilities Low attack surface Networking can be tricky Fast boot, removal, reproducibility : the same code runs everywhere Orchestration complexity Large ecosystem - lot of official and unofficial images - Ideal for development team (test, pre-prod, prod) 8
9 Installing Docker Community Edition (CE) On debian 9 (stretch) host - from the netinst image - Docker repository (version 18.09) user@host:~$ sudo apt-get update && apt-get install apt-transport-https ca-certificates curl gnupg2 software-properties-common user@host:~$ sudo curl -fssl apt-key add - user@host:~$ sudo apt-key fingerprint 0EBFCD88 pub rsa [SCEA] 9DC FC7 DD38 854A E2D8 8D81 803C 0EBF CD88 uid sub [ unknown] Docker Release (CE deb) <docker@docker.com> rsa [S] user@host:~$ sudo add-apt-repository "deb stretch stable" user@host:~$ sudo apt-get update && apt-get install docker.ce user@host:~$ sudo usermod -ag docker <user> && newgrp docker 9
10 Installing Docker Community Edition (CE) On debian 9 (stretch) host - from the netinst image - Check for correct installation user@host:~$ docker info Server Version: Storage Driver: overlay2 Backing Filesystem: extfs Supports d_type: true Native Overlay Diff: true Runtimes: runc Default Runtime: runc Kernel Version: amd64 Operating System: Debian GNU/Linux 9 (stretch) Docker Root Dir: /var/lib/docker Product License: Community Engine 10
11 Run Your First Docker Application Let s say an nginx http server! Search for an official nginx image user@host:~$ docker search nginx NAME DESCRIPTION STARS OFFICIAL AUTOMATED nginx Official build of Nginx [OK] jwilder/nginx-proxy Automated Nginx reverse proxy for docker con 1473 [OK] richarvey/nginx-php-fpm Container running Nginx + PHP-FPM capable of 652 [OK] Download the image from the official Docker Registry user@host:~$ docker pull nginx In the OFFICIAL column, OK indicates Using default tag: latest an image built by the latest: Pulling from library/nginx company/community behind the project a5a6f2f73cd8: Pull complete 1ba02017c4b2: Pull complete 33b176c904de: Pull complete Digest: sha256:5d32f60db294b5deb55d078cd4feb410ad88e6fe77500c87d3970eca97f54dba Status: Downloaded newer image for nginx:latest 11
12 Run Your First Docker Application Let s say an nginx http server! Verify user@host:~$ docker image ls REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest 568c4670fa80 46 hours ago 109MB Run a container based on this image user@host:~$ mkdir ~/mydir && echo "Hello, France!" > ~/mydir/index.html && docker run --name myweb -v ~/mydir:/usr/share/nginx/html -p 8080:80 -d nginx 8807f82f280b6dde c414b22b9ac7b77362b39d7c58c94e15d2eedc905 user@host:~$ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 8807f82f280b nginx "nginx -g " 40 seconds ago Up 39 seconds :8080->80/tcp myweb 12
13 Run Your First Docker Application Let s say an nginx http server! Connect to your App user@host:~$ wget -q localhost:8080 -O /dev/stdout Hello, France! Enter in your App user@host:~$ docker exec -it myweb /bin/bash root@8807f82f280b:/# ls /etc/nginx/ && exit conf.d fastcgi_params koi-utf koi-win mime.types modules nginx.conf Stop and Remove your App user@host:~$ docker rm -f myweb myweb root@host:/tmp# docker ps --all CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 13
14 Focus on Docker Images List all installed images docker images docker image ls [--all] Pull an image from a registry docker pull image docker image pull image Push an image to a registry Remove an image Backup and restore an image (tarball) docker push image[:tag] docker image push image[:tag] docker rmi image docker image rm image docker image prune [--all] docker save -o archive.tar image docker load < archive.tar Inspect the content of an image docker inspect image 14
15 Focus on Docker Containers List all containers docker ps [--all] docker container ls [--all] [re]start an inactive container docker [re]start container docker container [re]start container Stop an active container docker stop container docker container stop container [stop and] Remove a container Execute a command in an active container / Get a shell console docker rm [-f] container docker container rm [-f] container docker exec container command docker exec -it container /bin/bash Inspect the content of a container docker inspect container 15
16 Focus on Docker Containers Create an image from a container docker commit container [REPO[:TAG]] Show the logs of a container docker logs container Create a new container docker create image docker run image Backup and restore a container (tarball) docker export container > archive.tar docker import - container < archive.tar 16
17 What about my data? Remember that each container has is own read-write layer 1 - Get alpine image user@host:~$ docker pull alpine 2 - Run it user@host:~$ docker run -d -it --name myapp alpine 3 - Edit a file in the container user@host:~$ docker exec myapp \ sh -c 'echo "Hello, France!" > /root/msg.txt' 4 - Stop the container user@host:~$ docker stop myapp 5 - Start the container user@host:~$ docker start myapp 6 - Check user@host:~$ docker exec myapp less /root/msg.txt Hello, France 7 - Stop then remove the container user@host:~$ docker rm -f myapp 8 - Run again a container user@host:~$ docker run -d -it --name myapp alpine 9 - Check user@host:~$ docker exec myapp less /root/msg.txt more: can't open '/root/msg.txt': No such file or directory When you instantiate an image, the new container starts with a clean filesystem 17
18 What about my data? Sharing data in your docker host with containers Run it echo "Hello, Nantes!" > ~/msg.txt && docker run -d -it -v ~/msg.txt:/root/hop.txt --name mydata alpine Check docker exec mydata ls /root hop.txt docker exec mydata less /root/hop.txt Hello, Nantes! Run another docker based on alpine docker run -d -it -v ~/msg.txt:/root/hop.txt --name mydatb alpine Edit the message echo "Hello, Centrale!" > ~/msg.txt Check docker exec mydata less /root/hop.txt Hello, Centrale! docker exec mydatb less /root/hop.txt Hello, Centrale! Use the -v option : -v [HOST-DIR]:[CONTAINER-DIR] It creates a bind mount exposing the host directory/host file to the container directory/file 18
19 What about my data? Sharing data in your docker host with containers Get information about volumes docker inspect mydata "Mounts": [ { "Type": "bind", "Source": "/home/user/msg.txt", "Destination": "/root/hop.txt", "Mode": "", "RW": true, "Propagation": "rprivate" } ], Instruction to share data in read-only mode By default, Docker mounts the volume in read-write mode user@host:~$ docker run -d -it -v ~/msg.txt:/root/hop.txt:ro --name mydata alpine 19
20 What about my data? Sharing data between containers Run the yoyo container docker run -d -it -v /sharing --name yoyo alpine docker inspect yoyo "Mounts": [ { "Type": "volume", "Name": "fdc5bd0de90688d590b38f9f931eb011c4de9c4032d49", "Source": "/var/lib/docker/volumes/fdc5bd0de90a54b/_data", "Destination": "/sharing", "Driver": "local", "Mode": "", "RW": true, "Propagation": "" } ], If the host directory/file is omitted, a data container (read-write mode per default) is created The volume specified, here /sharing, is created inside the container user@host:~$ touch /var/lib/docker/volumes/fdc5bd0d/_data/msg.txt user@host:~$ docker exec yoyo ls /sharing msg.txt 20
21 What about my data? Sharing data between containers Run the dong container docker run -d -it --volumes-from yoyo --name dong alpine docker inspect dong "Mounts": [ { "Type": "volume", "Name": "fdc5bd0de90688d590b38f9f931eb011c4de9c404a54b", "Source": "/var/lib/docker/volumes/fdc5bd0de9054b/_data", "Destination": "/sharing", "Driver": "local", "Mode": "", "RW": true, "Propagation": "" } ], user@host:~$ docker exec yoyo ls /sharing Msg.txt user@host:~$ docker exec dong ls /sharing Msg.txt user@host:~$ docker exec dong touch /sharing/msg2.txt user@host:~$ docker exec yoyo ls /sharing msg.txt Msg2.txt user@host:~$ ls /var/lib/docker/volumes/fdc5bd0de90688d5/_data msg2.txt msg.txt 21
22 Committing Changes in a Container Turning a container into an image user@host:~$ docker image ls --all REPOSITORY TAG IMAGE ID CREATED SIZE alpine latest 196d12cf6ab1 2 months ago 4.41MB user@host:~$ docker run -d -it --name ding alpine user@host:~$ docker exec -it ding /bin/sh / # apk update && apk upgrade fetch fetch v g80b45d6920 [ v g80b45d6920 [ OK: 9546 distinct packages available OK: 4 MiB in 13 packages / # exit user@host:~$ docker commit ding alpine: sha256:4acef3925b22e668e0e1755a3fa5ab cacee28c8a487c5754ea105be70 user@host:~$ docker image ls --all REPOSITORY TAG IMAGE ID CREATED SIZE alpine acef3925b22 27 seconds ago 5.71MB alpine latest 196d12cf6ab1 2 months ago 4.41MB 22
23 Committing Changes in a Container Display container changes user@host:~$ docker diff ding C /lib C /lib/apk C /lib/apk/db C /var/cache C /var/cache/apk A /var/cache/apk/apkindex.adfa7ceb.tar.gz A /var/cache/apk/apkindex.efaa1f73.tar.gz C /root A /root/.ash_history You see all changes applied to the read-write layer, the container itself - useful before executing the commit instruction First column: A means that the directory/file was added, C means that a change was made, D means that it was removed. 23
24 Docker Networking Services Bridge Host Macvlan Bridge None Overlay Share host interfaces No more network isolation between the host and containers Should be used very carefully Unique MAC address Allows you to configure slave/sub-interfaces of a parent, physical ethernet interface, each with its own unique MAC address No network! Multiple hosts with only L3 connectivity Combines local bridges and VXLAN, GRE to overlay container-to-container Useful to offer network connectivity between containers on multiple hosts using their own IP addresses 24
25 Going deeper in docker bridge default mode docker run --name alice -p 8080:80 -d nginx docker run --name bob -p 8081:80 -d nginx docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES ffe72798ac2d nginx "nginx -g 'daemon of " :8081->80/tcp bob 1a2f2f83e044 nginx "nginx -g 'daemon of " :8080->80/tcp alice Expose unique ports on the host - here 8081 and
26 Going deeper in docker bridge default mode brctl show bridge name bridge id STP enabled interfaces docker d1a2630 no veth856faee vetha53c999 ip add 3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether 02:42:2d:1a:26:30 brd ff:ff:ff:ff:ff:ff inet /16 brd scope global docker0 valid_lft forever preferred_lft forever 7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default link/ether be:71:06:64:64:8f brd ff:ff:ff:ff:ff:ff link-netnsid 1 11: veth856faee@if10: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default link/ether b2:6c:95:08:43:c0 brd ff:ff:ff:ff:ff:ff link-netnsid 2 26
27 Going deeper in docker bridge default mode docker inspect bob "NetworkSettings": { "Bridge": "", "Gateway": " ", "IPAddress": " ", "IPPrefixLen": 16, "MacAddress": "02:42:ac:11:00:04", } user@host:~$ docker inspect alice "NetworkSettings": { "Bridge": "", "Gateway": " ", "IPAddress": " ", "IPPrefixLen": 16, "MacAddress": "02:42:ac:11:00:03", } Docker assigns a dynamic IP address for both containers 27
28 Going deeper in docker bridge default mode iptables -L -n -v Chain DOCKER (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT tcp --!docker0 docker / tcp dpt: ACCEPT tcp --!docker0 docker / tcp dpt:80 user@host:~$ iptables -t nat -L -n -v Chain DOCKER (2 references) pkts bytes target prot opt in out source destination 1 84 RETURN all -- docker0 * / /0 0 0 DNAT tcp --!docker0 * / /0 tcp dpt:8080 to: : DNAT tcp --!docker0 * / /0 tcp dpt:8081 to: :80 28
29 Build your own image docker image ls --all REPOSITORY TAG IMAGE ID CREATED SIZE alpine latest 196d12cf6ab1 2 months ago 4.41MB user@host:~$ vi /tmp/dockerfile FROM alpine:latest RUN apk update && apk upgrade ENTRYPOINT ["/bin/echo","hello, France!"] user@host:~$ cd /tmp && docker build. -t hello Sending build context to Docker daemon 18.94kB Step 1/3 : FROM alpine:latest ---> 196d12cf6ab1 Step 2/3 : RUN apk update && apk upgrade ---> Running in 116d94cb96fa fetch /APKINDEX.tar.gz fetch 86_64/APKINDEX.tar.gz v ge3ed6b4e31 [ v g45bdd0edfb [ OK: 9546 distinct packages available OK: 4 MiB in 13 packages Removing intermediate container 116d94cb96fa ---> fd105816bcb9 Step 3/3 : ENTRYPOINT ["/bin/echo","hello, France!"] ---> Running in 8756eb9e1d37 Removing intermediate container 8756eb9e1d37 ---> b4277a54d78b Successfully built b4277a54d78b Successfully tagged hello:latest 29
30 Sending build context to Docker daemon 18.94kB Step 1/3 : FROM alpine:latest ---> 196d12cf6ab1 Step 2/3 : RUN apk update && apk upgrade ---> Running in 116d94cb96fa fetch /APKINDEX.tar.gz fetch 86_64/APKINDEX.tar.gz v ge3ed6b4e31 [ v g45bdd0edfb [ OK: 9546 distinct packages available OK: 4 MiB in 13 packages Removing intermediate container 116d94cb96fa ---> fd105816bcb9 Step 3/3 : ENTRYPOINT ["/bin/echo","hello, France!"] ---> Running in 8756eb9e1d37 Removing intermediate container 8756eb9e1d37 ---> b4277a54d78b Successfully built b4277a54d78b Successfully tagged hello:latest user@host:~$ docker image ls --all REPOSITORY TAG IMAGE ID CREATED SIZE <none> <none> fd105816bcb9 5 minutes ago 5.71MB hello latest b4277a54d78b 5 minutes ago 5.71MB alpine latest 196d12cf6ab1 2 months ago 4.41MB 30
31 Build your own image vi /tmp/dockerfile FROM alpine:latest RUN apk update && apk upgrade RUN apk add openssh ENTRYPOINT ["/bin/echo","hello, France!"] cd /tmp && docker build. -t hello Sending build context to Docker daemon 5.632kB Step 1/4 : FROM alpine:latest ---> 196d12cf6ab1 Step 2/4 : RUN apk update && apk upgrade ---> Using cache ---> fd105816bcb9 Step 3/4 : RUN apk add openssh ---> Running in c0fbeb4c8ea8 fetch fetch (1/6) Installing openssh-keygen (7.7_p1-r3) (6/6) Installing openssh (7.7_p1-r3) Executing busybox r1.trigger OK: 8 MiB in 19 packages Removing intermediate container c0fbeb4c8ea8 ---> 3ba d0 Step 4/4 : ENTRYPOINT ["/bin/echo","hello, France!"] ---> Running in ead00e7c9ada Removing intermediate container ead00e7c9ada ---> 1d451e42e9e2 Successfully built 1d451e42e9e2 Successfully tagged hello:latest 31
32 Build your own image Sending build context to Docker daemon 5.632kB Step 1/4 : FROM alpine:latest ---> 196d12cf6ab1 Step 2/4 : RUN apk update && apk upgrade ---> Using cache ---> fd105816bcb9 Step 3/4 : RUN apk add openssh ---> Running in c0fbeb4c8ea8 fetch fetch (1/6) Installing openssh-keygen (7.7_p1-r3) (6/6) Installing openssh (7.7_p1-r3) Executing busybox r1.trigger OK: 8 MiB in 19 packages Removing intermediate container c0fbeb4c8ea8 ---> 3ba d0 Step 4/4 : ENTRYPOINT ["/bin/echo","hello, France!"] ---> Running in ead00e7c9ada Removing intermediate container ead00e7c9ada ---> 1d451e42e9e2 Successfully built 1d451e42e9e2 Successfully tagged hello:latest root@host:/tmp# docker image ls --all REPOSITORY TAG IMAGE ID CREATED SIZE <none> <none> 3ba d0 5 minutes ago 11MB hello latest 1d451e42e9e2 5 minutes ago 11MB <none> <none> b4277a54d78b 24 hours ago 5.71MB <none> <none> fd105816bcb9 24 hours ago 5.71MB alpine latest 196d12cf6ab1 2 months ago 4.41MB root@host:/tmp# docker image prune WARNING! This will remove all dangling images. Are you sure you want to continue? [y/n] y Deleted Images: deleted: sha256:b4277a54d78bc870ba2c1e971f076da6a324cc73f97dead 788eb c9e5e Total reclaimed space: 0B 32
33 Thanks for your attention
Introduction to Containers
Introduction to Containers Shawfeng Dong Principal Cyberinfrastructure Engineer University of California, Santa Cruz What are Containers? Containerization, aka operating-system-level virtualization, refers
More informationAn introduction to Docker
An introduction to Docker Ing. Vincenzo Maffione Operating Systems Security Container technologies on Linux Several light virtualization technologies are available for Linux They build on cgroups, namespaces
More informationDocker Networking: From One to Many. Don Mills
Docker Networking: From One to Many Don Mills What we are going to talk about Overview of traditional Docker networking Some demonstrations Questions New Docker features Some more demonstrations Questions
More informationContainer-based virtualization: Docker
Università degli Studi di Roma Tor Vergata Dipartimento di Ingegneria Civile e Ingegneria Informatica Container-based virtualization: Docker Corso di Sistemi Distribuiti e Cloud Computing A.A. 2018/19
More informationTravis Cardwell Technical Meeting
.. Introduction to Docker Travis Cardwell Tokyo Linux Users Group 2014-01-18 Technical Meeting Presentation Motivation OS-level virtualization is becoming accessible Docker makes it very easy to experiment
More informationSeccomp, network and namespaces. Francesco Tornieri <francesco.tornieri AT kiratech.it>
Seccomp, network and namespaces Francesco Tornieri VM vs Container 2 Namespaces ecc 3 Namespaces ecc man namespaces: A namespaces wraps a global system resource in a
More informationWho is Docker and how he can help us? Heino Talvik
Who is Docker and how he can help us? Heino Talvik heino.talvik@seb.ee heino.talvik@gmail.com What is Docker? Software guy view: Marriage of infrastucture and Source Code Management Hardware guy view:
More informationInfrastructure at your Service. Oracle over Docker. Oracle over Docker
Infrastructure at your Service. Infrastructure at your Service. About me David Hueber COO Principal Consultant Mobile +41 79 963 43 68 david-.hueber@dbi-services.com www.dbi-services.com Page 2 18.11.2015
More informationUsing Docker with Cisco NX-OS
This chapter contains the following topics: About Docker with Cisco NX-OS, on page 1 Guidelines and Limitations, on page 1 Prerequisites for Setting Up Docker Containers Within Cisco NX-OS, on page 2 Starting
More informationUsing Docker with Cisco NX-OS
This chapter contains the following topics: About Docker with Cisco NX-OS, on page 1 Guidelines and Limitations, on page 1 Prerequisites for Setting Up Docker Containers Within Cisco NX-OS, on page 2 Starting
More informationDocker A FRAMEWORK FOR DATA INTENSIVE COMPUTING
Docker A FRAMEWORK FOR DATA INTENSIVE COMPUTING Agenda Intro / Prep Environments Day 1: Docker Deep Dive Day 2: Kubernetes Deep Dive Day 3: Advanced Kubernetes: Concepts, Management, Middleware Day 4:
More informationDownloading and installing Db2 Developer Community Edition on Ubuntu Linux Roger E. Sanders Yujing Ke Published on October 24, 2018
Downloading and installing Db2 Developer Community Edition on Ubuntu Linux Roger E. Sanders Yujing Ke Published on October 24, 2018 This guide will help you download and install IBM Db2 software, Data
More informationIntroduction to Container Technology. Patrick Ladd Technical Account Manager April 13, 2016
Introduction to Container Technology Patrick Ladd Technical Account Manager April 13, 2016 Container Technology Containers 3 "Linux Containers" is a Linux kernel feature to contain a group of processes
More informationInvestigating Containers for Future Services and User Application Support
Investigating Containers for Future Services and User Application Support JLAB CNI NLIT 2018 () Overview JLAB scope What is a container? Why are we interested? Platform-as-a-Service (PaaS) for orchestration
More informationagenda PAE Docker Docker PAE
Docker 2016.03.26 agenda PAE Docker Docker PAE 2 3 PAE PlCloud APP Engine Docker Docker Caas APP 4 APP APP volume images 5 App 6 APP Show Time 7 8 Docker Public DockerHup Private registry push pull AUFS
More informationTensorflow/SyntaxNet. Installation Guide
Tensorflow/SyntaxNet Installation Guide Installation https://github.com/tensorflow/models/tree/master/research/syntaxnet 3 Possibilities - Manual Installation: takes 2 hours+, high chance of errors - Ubuntu
More informationUser Guide Infoblox IPAM Driver for Docker. Version 1.1
User Guide Infoblox IPAM Driver for Docker Version 1.1 Copyright Statements 2017, Infoblox Inc. All rights reserved. The contents of this document may not be copied or duplicated in any form, in whole
More informationInfoblox Kubernetes1.0.0 IPAM Plugin
2h DEPLOYMENT GUIDE Infoblox Kubernetes1.0.0 IPAM Plugin NIOS version 8.X August 2018 2018 Infoblox Inc. All rights reserved. Infoblox Kubernetes 1.0.0 IPAM Deployment Guide August 2018 Page 1 of 18 Overview...
More informationRed Hat Containers Cheat Sheet
Red Hat Containers Cheat Sheet Table of Contents Introduction Commands Key 1. Container Runtime Engine 1.A) Container Related Commands 1.B) Image Related Commands 1.C) Network Related Commands 1.D) Registry
More informationDocker Cheat Sheet. Introduction
Docker Cheat Sheet Introduction Containers allow the packaging of your application (and everything that you need to run it) in a "container image". Inside a container you can include a base operational
More informationNetwork softwarization Lab session 2: OS Virtualization Networking
Network softwarization Lab session 2: OS Virtualization Networking Nicolas Herbaut David Bourasseau Daniel Negru December 16, 2015 1 Introduction 1.1 Discovering docker 1.1.1 Installation Please launch
More informationIntroduction to containers
Introduction to containers Nabil Abdennadher nabil.abdennadher@hesge.ch 1 Plan Introduction Details : chroot, control groups, namespaces My first container Deploying a distributed application using containers
More informationdocker & HEP: containerization of applications for development, distribution and preservation
docker & HEP: containerization of applications for development, distribution and preservation Sébastien Binet LAL/IN2P3 2015-04-13 S. Binet (LAL) docker-hep 2015-04-13 1 / 16 Docker: what is it? http://www.docker.io/
More informationRun containerized applications from pre-existing images stored in a centralized registry
Introduction This examination is based upon the most critical job activities a Docker Certified Associate performs. The skills and knowledge certified by this examination represent a level of expertise
More informationGitLab-CI and Docker Registry
GitLab-CI and Docker Registry Oleg Fiksel Security Consultant @ CSPI GmbH oleg.fiksel@cspi.com oleg@fiksel.info Matrix: @oleg:fiksel.info FrOSCon 2017 AGENDA ABOUT INTRODUCTION GitLab 101 Deploying on-premise
More informationDocker und IBM Digital Experience in Docker Container
Docker und IBM Digital Experience in Docker Container 20. 21. Juni 2017 IBM Labor Böblingen 1 What is docker Introduction VMs vs. containers Terminology v Docker components 2 6/22/2017 What is docker?
More informationDockerfile & docker CLI Cheat Sheet
Dockerfile & docker CLI Cheat Sheet Table of Contents Introduction 1 1. docker CLI Engine 2 1.1 Container Related s 2 1.2 Image Related s 4 1.3 Network Related s 5 1.4 Registry Related s 6 1.5 Volume Related
More informationContainers. Pablo F. Ordóñez. October 18, 2018
Containers Pablo F. Ordóñez October 18, 2018 1 Welcome Song: Sola vaya Interpreter: La Sonora Ponceña 2 Goals Containers!= ( Moby-Dick ) Containers are part of the Linux Kernel Make your own container
More informationSet up, Configure, and Use Docker on Local Dev Machine
Set up, Configure, and Use Docker on Local Dev Machine Table of Contents Set up, Configure, and Use Docker on Local Dev Machine... 1 1. Introduction... 2 1.1 Major Docker Components... 2 1.2 Tools Installed
More informationA Hands on Introduction to Docker
A Hands on Introduction to Docker Len Bass A Hands on introduction Introduction to to Docker May 2017 1 4, Len 2017 Bass 2017 Len Bass 1 Setting expectations This is an introduction to Docker intended
More informationConfigure a Small Alpine Linux Docker Image on IOx
Configure a Small Alpine Linux Docker Image on IOx Contents Introduction Prerequisites Requirements Components Used Background Information Configure Verify Troubleshoot Introduction This document describes
More informationSingularity CRI User Documentation
Singularity CRI User Documentation Release 1.0 Sylabs Apr 02, 2019 CONTENTS 1 Installation 1 1.1 Overview................................................. 1 1.2 Before you begin.............................................
More informationDGX-1 DOCKER USER GUIDE Josh Park Senior Solutions Architect Contents created by Jack Han Solutions Architect
DGX-1 DOCKER USER GUIDE 17.08 Josh Park Senior Solutions Architect Contents created by Jack Han Solutions Architect AGENDA Introduction to Docker & DGX-1 SW Stack Docker basic & nvidia-docker Docker image
More informationGetting Started With Containers
DEVNET 2042 Getting Started With Containers Matt Johnson Developer Evangelist @mattdashj Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session
More information/ Cloud Computing. Recitation 5 February 14th, 2017
15-319 / 15-619 Cloud Computing Recitation 5 February 14th, 2017 1 Overview Administrative issues Office Hours, Piazza guidelines Last week s reflection Project 2.1, OLI Unit 2 modules 5 and 6 This week
More informationWell, That Escalated Quickly! How abusing the Docker API Led to Remote Code Execution, Same Origin Bypass and Persistence in the Hypervisor via
Well, That Escalated Quickly! How abusing the Docker API Led to Remote Code Execution, Same Origin Bypass and Persistence in the Hypervisor via Shadow Containers. Michael Cherny @chernymi Sagie Dulce @SagieSec
More informationShifter at CSCS Docker Containers for HPC
Shifter at CSCS Docker Containers for HPC HPC Advisory Council Swiss Conference Alberto Madonna, Lucas Benedicic, Felipe A. Cruz, Kean Mariotti - CSCS April 9 th, 2018 Table of Contents 1. Introduction
More informationDockerfile Best Practices
Dockerfile Best Practices OpenRheinRuhr 2015 November 07th, 2015 1 Dockerfile Best Practices Outline About Dockerfile Best Practices Building Images This work is licensed under the Creative Commons Attribution-ShareAlike
More informationDocker. Master the execution environment of your applications. Aurélien Dumez. Inria Bordeaux - Sud-Ouest. Tuesday, March 24th 2015
Docker Master the execution environment of your applications Aurélien Dumez Inria Bordeaux - Sud-Ouest Tuesday, March 24th 2015 Aurélien Dumez Docker 1 / 34 Content 1 The bad parts 2 Overview 3 Internals
More informationHOW TO SECURELY CONFIGURE A LINUX HOST TO RUN CONTAINERS
HOW TO SECURELY CONFIGURE A LINUX HOST TO RUN CONTAINERS How To Securely Configure a Linux Host to Run Containers To run containers securely, one must go through a multitude of steps to ensure that a)
More information/ Cloud Computing. Recitation 5 September 26 th, 2017
15-319 / 15-619 Cloud Computing Recitation 5 September 26 th, 2017 1 Overview Administrative issues Office Hours, Piazza guidelines Last week s reflection Project 2.1, OLI Unit 2 modules 5 and 6 This week
More informationInstalling and Using Docker Toolbox for Mac OSX and Windows
Installing and Using Docker Toolbox for Mac OSX and Windows One of the most compelling reasons to run Docker on your local machine is the speed at which you can deploy and build lab environments. As a
More information$ wget V SOLUTIONS.tar.bz2 \ --user=lftraining --password=penguin2014
3.5. LABS 1 Exercise 3.1: Install Kubernetes Overview There are several Kubernetes installation tools provided by various vendors. In this lab we will learn to use kubeadm As an independent tool, it is
More informationRDO container registry Documentation
RDO container registry Documentation Release 0.0.1.dev28 Red Hat Jun 08, 2018 Contents 1 Table of Contents 3 1.1 About the registry............................................ 3 1.2 Installing the registry...........................................
More informationUbuntu LTS Install Guide
Ubuntu 16.04.5 LTS Install Guide Sirenia September 17, 2018 Contents 1 Content 2 2 Login to server 2 3 Ensure access to repositories 3 4 Install Docker 3 5 Install Docker Compose 4 6 Pull software 4 7
More informationAsterisk & the Docker revolution Some lessons from the trenches
Asterisk & the Docker revolution Some lessons from the trenches Asterisk Africa Johannesburg - March 14, 2018 Presented by: Lenz Emilitri Founder, Loway @lenz Today s presentation Docker Benefits How it
More informationMicroservices. Chaos Kontrolle mit Kubernetes. Robert Kubis - Developer Advocate,
Microservices Chaos Kontrolle mit Kubernetes Robert Kubis - Developer Advocate, Google @hostirosti About me Robert Kubis Developer Advocate Google Cloud Platform London, UK hostirosti github.com/hostirosti
More informationDocker on VDS. Aurelijus Banelis
Docker on VDS Aurelijus Banelis Aurelijus Banelis Software developer aurelijus.banelis.lt aurelijus@banelis.lt Docker on VDS You will learn Why VDS? Why docker? What is docker? Is it possible? Why not?
More informationArup Nanda VP, Data Services Priceline.com
Jumpstarting Docker Arup Nanda VP, Data Services Priceline.com My application worked in Dev but not in QA Will it work in production? I need an environment right now No, I can t wait for 2 weeks I just
More informationContainer Detection and Forensics, Gotta catch them all!
Container Detection and Forensics, Gotta catch them all! Cem Gürkök Detection Infra Summary Docker? What is osquery and Docker capabilities What is Volatility and Docker capabilities Use cases How to detect
More informationDocker for HPC? Yes, Singularity! Josef Hrabal
Docker for HPC? Yes, Singularity! Josef Hrabal IT4Innovations josef.hrabal@vsb.cz support@it4i.cz Virtual Machine Hardware (CPU, Memory, NIC, HDD) Host OS (Windows, Linux, MacOS) Hypervisor (VirtualBox,
More informationModule 2 OpenFlow Configuration Lab
APNIC SDN Workshop Lab Module 2 OpenFlow Configuration Lab Objective: As part of this hands-on module, you will be installing the Mininet network emulator on your PC. You will then configure a standalone
More information[Docker] Containerization
[Docker] Containerization ABCD-LMA Working Group Will Kinard October 12, 2017 WILL Kinard Infrastructure Architect Software Developer Startup Venture IC Husband Father Clemson University That s me. 2 The
More informationLesson: Web Programming(3) Omid Jafarinezhad Sharif University of Technology
Lesson: Web Programming(3) Omid Jafarinezhad Sharif University of Technology Materials HTTP, JavaScript, CSS, HTML5, ReactJs, Flow, Progressive Web App Golang, NodeJs, MongoDB, PostgreSQL, Redis Docker,
More informationTechnical Manual. Software Quality Analysis as a Service (SQUAAD) Team No.1. Implementers: Aleksandr Chernousov Chris Harman Supicha Phadungslip
Technical Manual Software Quality Analysis as a Service (SQUAAD) Team No.1 Implementers: Aleksandr Chernousov Chris Harman Supicha Phadungslip Testers: Kavneet Kaur Reza Khazali George Llames Sahar Pure
More informationQuick Start Guide for Vmware. Version 2.5 Vmware vsphere Instance
Quick Start Guide for Vmware Version 2.5 Vmware vsphere Instance CONTENTS 1. Introduction 1.1 Running Gemini appliance on Vmware vsphere 1.1.1 Supported Versions 1.1.2 System Requirement 1.1.3 Note on
More informationVNS3 3.5 Container System Add-Ons
VNS3 3.5 Container System Add-Ons Instructions for VNS3 2015 copyright 2015 1 Table of Contents Introduction 3 Docker Container Network 7 Uploading a Image or Dockerfile 9 Allocating a Container 13 Saving
More informationHarbor Registry. VMware VMware Inc. All rights reserved.
Harbor Registry VMware 2017 VMware Inc. All rights reserved. VMware Harbor Registry Cloud Foundry Agenda 1 Container Image Basics 2 Project Harbor Introduction 3 Consistency of Images 4 Security 5 Image
More informationWhat s Up Docker. Presented by Robert Sordillo Avada Software
What s Up Docker Presented by Robert Sordillo (rsordillo@avadasoftware.com) Avada Software What is Docker? Is a open source software Container platform. It s benefits are eliminating works on my machine
More informationDocker 101 Workshop. Eric Smalling - Solution Architect, Docker
Docker 101 Workshop Eric Smalling - Solution Architect, Docker Inc. @ericsmalling Who Am I? Eric Smalling Solution Architect Docker Customer Success Team ~25 years in software development, architecture,
More informationCS-580K/480K Advanced Topics in Cloud Computing. Container III
CS-580/480 Advanced Topics in Cloud Computing Container III 1 Docker Container https://www.docker.com/ Docker is a platform for developers and sysadmins to develop, deploy, and run applications with containers.
More informationDockerized Tizen Platform
Dockerized 1 Tizen Platform Copyright 2017 Samsung. All Rights Reserved. Abstract Tizen Pla.orm ECO System Container ECO System Build CI Management (Update) Cloud Monitoring Store Data (DB) Cloud 2 Cloud
More informationIntroduction to VMs & Containers
Lesson iut.univ-paris8.fr 2018-05 Introduction to VMs & Containers This Document: http://arnaud-nauwynck.github.io/docs/intro-vm-container.pdf arnaud.nauwynck@gmail.com Hardware Software "All problems
More informationThink Small to Scale Big
Think Small to Scale Big Intro to Containers for the Datacenter Admin Pete Zerger Principal Program Manager, MVP pete.zerger@cireson.com Cireson Lee Berg Blog, e-mail address, title Company Pete Zerger
More informationNovember 11, Docker Networking with Linux. Guillaume Urvoy-Keller. Reference Scenario. Basic tools: bridges, VETH
with in with November 11, 2017 Swarm Network 1 / 58 with Sources documents in Laurent Bernaille blog: http://techblog.d2-si.eu/2017/04/25/ deep-dive-into-docker-overlay-networks-part-1. html Cookbook,
More informationHow to build and run OCI containers
How to build and run OCI containers A shallow dive on the OCI container configuration and an overview of the available tools whoami Spyros Trigazis Computing Engineer at CERN s cloud team Project Team
More informationMulti-Arch Layered Image Build System
Multi-Arch Layered Image Build System PRESENTED BY: Adam Miller Fedora Engineering, Red Hat CC BY-SA 2.0 Today's Topics Define containers in the context of Linux systems Brief History/Background Container
More informationSingularity: container formats
Singularity Easy to install and configure Easy to run/use: no daemons no root works with scheduling systems User outside container == user inside container Access to host resources Mount (parts of) filesystems
More informationIndex. Bessel function, 51 Big data, 1. Cloud-based version-control system, 226 Containerization, 30 application, 32 virtualize processes, 30 31
Index A Amazon Web Services (AWS), 2 account creation, 2 EC2 instance creation, 9 Docker, 13 IP address, 12 key pair, 12 launch button, 11 security group, 11 stable Ubuntu server, 9 t2.micro type, 9 10
More informationContainer mechanics in Linux and rkt FOSDEM 2016
Container mechanics in Linux and rkt FOSDEM 2016 Alban Crequy github.com/alban Jonathan Boulle github.com/jonboulle @baronboulle a modern, secure, composable container runtime an implementation of appc
More informationHigh Performance Containers. Convergence of Hyperscale, Big Data and Big Compute
High Performance Containers Convergence of Hyperscale, Big Data and Big Compute Christian Kniep Technical Account Manager, Docker Brief Recap of Container Technology Brief History of Container Technology
More informationLinux Systems Administration Getting Started with Linux
Linux Systems Administration Getting Started with Linux Network Startup Resource Center www.nsrc.org These materials are licensed under the Creative Commons Attribution-NonCommercial 4.0 International
More informationDocker Swarm installation Guide
Docker Swarm installation Guide How to Install and Configure Docker Swarm on Ubuntu 16.04 Step1: update the necessary packages for ubuntu Step2: Install the below packages to ensure the apt work with https
More informationFixing the "It works on my machine!" Problem with Docker
Fixing the "It works on my machine!" Problem with Docker Jared M. Smith @jaredthecoder About Me Cyber Security Research Scientist at Oak Ridge National Lab BS and MS in Computer Science from the University
More informationCross platform enablement for the yocto project with containers. ELC 2017 Randy Witt Intel Open Source Technology Center
Cross platform enablement for the yocto project with containers ELC 2017 Randy Witt Intel Open Source Technology Center My personal problems Why d I even do this? THE multiple distro Problem Yocto Project
More informationKubernetes The Path to Cloud Native
Kubernetes The Path to Cloud Native Eric Brewer VP, Infrastructure @eric_brewer August 28, 2015 ACM SOCC Cloud Na*ve Applica*ons Middle of a great transition unlimited ethereal resources in the Cloud an
More information/ Cloud Computing. Recitation 5 September 27 th, 2016
15-319 / 15-619 Cloud Computing Recitation 5 September 27 th, 2016 1 Overview Administrative issues Office Hours, Piazza guidelines Last week s reflection Project 2.1, OLI Unit 2 modules 5 and 6 This week
More informationCode: Slides:
Workshop Resources Code: https://github.com/beekpr/public-workshops Slides: https://tinyurl.com/yc2uo3wk Make sure minikube and kubectl is setup (labs/1-setup-cluster.md has some instructions) Kubernetes
More informationJanuary 27, Docker Networking with Linux. Guillaume Urvoy-Keller. Reference Scenario. Basic tools: bridges, VETH
with in with January 27, 2018 Swarm Network 1 / 62 with Sources documents in Laurent Bernaille blog: http://techblog.d2-si.eu/2017/04/25/ deep-dive-into--overlay-networks-part-1. html Cookbook, PacktPub,
More informationBlockchain on Kubernetes
Blockchain on Kubernetes By VMware Introduction Blockchain is an emerging technology which has been gaining traction globally during the past few years. Industries like finance, logistics, IoT, are actively
More informationHardening servers for the modern internet
Hardening servers for the modern internet Philip Paeps The FreeBSD Foundation SANOG32 7 August 2018 Dhaka, Bangladesh Session 1 (09:00 11:00) 1. Presentation: Introduction to the FreeBSD project (30 minutes)
More informationOptimizing Docker Images
Optimizing Docker Images Brian DeHamer - CenturyLink Labs bdehamer CenturyLinkLabs @bdehamer @centurylinklabs Overview Images & Layers Minimizing Image Size Leveraging the Image Cache Dockerfile Tips
More informationKubernetes Love at first sight?
Kubernetes Love at first sight? 15, February 2018 Joost Hofman (Lead Developer @ Albert Heijn IT Online) Milo van der zee (Senior Developer @Albert Heijn IT Online) Agenda Kubernetes Why at AH? How? Questions
More informationTricks of the Captains. Adrian Mouat. Chief Scientist Container Solutions
Tricks of the Captains Adrian Mouat Chief Scientist Container Solutions Tricks of the Captains A hodgepodge of tips for Docker nirvana compiled from the brains in the Docker Captains program. And me. Who
More informationRed Hat Atomic Details Dockah, Dockah, Dockah! Containerization as a shift of paradigm for the GNU/Linux OS
Red Hat Atomic Details Dockah, Dockah, Dockah! Containerization as a shift of paradigm for the GNU/Linux OS Daniel Riek Sr. Director Systems Design & Engineering In the beginning there was Stow... and
More informationOpenFlow Configuration Lab
APNIC SDN Workshop Lab OpenFlow Configuration Lab Objective: As part of this hands-on module, you will be installing the Mininet network emulator on your PC. You will then configure a standalone OpenFlow
More informationSalesforce DX Setup Guide
Salesforce DX Setup Guide Version 44.0, Winter 19 @salesforcedocs Last updated: September 6, 2018 Copyright 2000 2018 salesforce.com, inc. All rights reserved. Salesforce is a registered trademark of salesforce.com,
More informationContainers: Exploits, Surprises, And Security
Containers: Exploits, Surprises, And Security with Elissa Shevinsky COO at SoHo Token Labs Editor of Lean Out #RVASec @ElissaBeth on twitter @Elissa_is_offmessage on Instagram this was Silicon Valley in
More informationCisco Virtual Update Container networking. Hans Donnerborg, Lars Granberg, Maj 2018
Cisco Virtual Update Container networking Hans Donnerborg, hdonnerb@cisco.com Lars Granberg, lagranbe@cisco.com Maj 2018 Why ACI for Application Container Platforms Turnkey solution for node and container
More informationHow Container Runtimes matter in Kubernetes?
How Container Runtimes matter in Kubernetes? Kunal Kushwaha NTT OSS Center About me Works @ NTT Open Source Software Center Contributes to containerd and other related projects. Docker community leader,
More informationovirt and Docker Integration
ovirt and Docker Integration October 2014 Federico Simoncelli Principal Software Engineer Red Hat 1 Agenda Deploying an Application (Old-Fashion and Docker) Ecosystem: Kubernetes and Project Atomic Current
More informationDeployment Patterns using Docker and Chef
Deployment Patterns using Docker and Chef Sandeep Chellingi Sandeep.chellingi@prolifics.com Agenda + + Rapid Provisioning + Automated and Managed Deployment IT Challenges - Use-cases What is Docker? What
More informationBlockchain on Kubernetes User Guide
Blockchain on Kubernetes User Guide By VMware Introduction Blockchain is an emerging technology which has been gaining traction globally during the past few years. Industries like finance, logistics, IoT,
More informationUsing RANCID. Contents. 1 Introduction Goals Notes Install rancid Add alias Configure rancid...
Using RANCID Contents 1 Introduction 2 1.1 Goals................................. 2 1.2 Notes................................. 2 2 Install rancid 2 2.1 Add alias............................... 3 2.2 Configure
More informationBlockchain on Kubernetes
Blockchain on Kubernetes By VMware Introduction Blockchain is an emerging technology which has been gaining traction globally during the past few years. Industries like finance, logistics, IoT, are actively
More informationEE 660: Computer Architecture Cloud Architecture: Virtualization
EE 660: Computer Architecture Cloud Architecture: Virtualization Yao Zheng Department of Electrical Engineering University of Hawaiʻi at Mānoa Based on the slides of Prof. Roy Campbell & Prof Reza Farivar
More informationcontainerization: more than the new virtualization
containerization: more than the new virtualization Jérôme Petazzoni (@jpetazzo) Grumpy French DevOps - Go away or I will replace you with a very small shell script Runs everything in containers - Docker-in-Docker
More informationCreating pipelines that build, test and deploy containerized artifacts Slides: Tom Adams
Creating pipelines that build, test and deploy containerized artifacts Slides: https://goo.gl/2mzfe6 Tom Adams tadams@thoughtworks.com 1 Who I am Tom Adams Tech Lead tadams@thoughtworks.com http://tadams289.blogspot.com
More informationViryaOS RFC: Secure Containers for Embedded and IoT. A proposal for a new Xen Project sub-project
ViryaOS RFC: Secure Containers for Embedded and IoT A proposal for a new Xen Project sub-project Stefano Stabellini @stabellinist The problem Package applications for the target Contain all dependencies
More informationIntroduction to Linux
Introduction to Linux Prof. Jin-Soo Kim( jinsookim@skku.edu) TA - Kisik Jeong (kisik@csl.skku.edu) Computer Systems Laboratory Sungkyunkwan University http://csl.skku.edu What is Linux? A Unix-like operating
More information