Docker up and running
11 likes8,383 views
This document provides an overview and agenda for a Docker presentation. It discusses the Docker architecture including underlying technologies like cgroups and namespaces. It also covers the Docker engine/daemon, API, Compose, networking, Swarm, Machine, security and storage. The presentation includes a demo of these Docker concepts and capabilities.
![Networking
$ docker network inspect isolated_nw
[
{
"Name": "CONTAINER",
"Id": "$ID",
"Scope": "local",
"Driver": "bridge",
"IPAM": {
"Driver": "default",
"Config": [
{
"Subnet": "172.21.0.0/16",
"Gateway": "172.21.0.1/16"
}
]
},
"Containers": {},
"Options": {}
}
]
● docker network create
● docker network connect
● docker network ls
● docker network rm
● docker network disconnect
● docker network inspect](https://image.slidesharecdn.com/dockerupandrunning-160324153621/85/Docker-up-and-running-8-320.jpg)
![Manage data in containers
Mounts": [
{
"Name": "fac362...80535",
"Source":
"/var/lib/docker/volumes/$ID/_data",
"Destination": "/webapp",
"Driver": "local",
"Mode": "",
"RW": true,
"Propagation": ""
}
]](https://image.slidesharecdn.com/dockerupandrunning-160324153621/85/Docker-up-and-running-14-320.jpg)
Docker up and running
- 1. Docker Up and Running Victor S. Recio Docker Organizer Santo Domingo @vsrecio / [email protected]
- 2. Agenda ● The Docker Architecture ● Cgroups / Namespaces ● Docker engine/ daemon & API ● Docker Compose ● Networking ● Swarm ● Machine ● Seguridad ● Storage Demo
- 4. Underlying Technologies cgroups, which are responsible for managing resources used by a container (e. g., CPU and memory usage). They are also responsible for freezing and unfreezing containers, as used in the docker pause functionality. namespaces are responsible for isolating containers; making sure that a container’s filesystem, hostname, users, networking, and processes are separated from the rest of the system.
- 5. Docker Engine Docker Engine runs on Linux to create the operating environment for your distributed applications.
- 6. Docker Remote API v1.22 API ● List containers ● Create a container ● Inspect a container ● List processes running inside a container ● Get container logs ● Inspect changes on a container’s filesystem ● Export a container ● Get container stats based on resource usage ● Resize a container TTY ● Start a container ● Stop a container ● Restart a container ● Kill a container ● Update a container ● Rename a container ● Pause a container
- 7. Docker Compose version: '2' services: db: image: mysql web: build: . command: python manage.py runserver 0.0.0.0:8000 volumes: - .:/code ports: - "8000:8000" depends_on: - db
- 8. Networking $ docker network inspect isolated_nw [ { "Name": "CONTAINER", "Id": "$ID", "Scope": "local", "Driver": "bridge", "IPAM": { "Driver": "default", "Config": [ { "Subnet": "172.21.0.0/16", "Gateway": "172.21.0.1/16" } ] }, "Containers": {}, "Options": {} } ] ● docker network create ● docker network connect ● docker network ls ● docker network rm ● docker network disconnect ● docker network inspect
- 9. Docker Swarm overview Docker Swarm is native clustering for Docker. It turns a pool of Docker hosts into a single, virtual Docker host.
- 11. Docker Machine
- 12. Docker security Docker containers are, by default, quite secure; especially if you take care of running your processes inside the containers as non- privileged users (i.e., non-root). ● Kernel namespaces ● Control groups
- 13. Manage data in containers ● Volumes are initialized when a container is created. ● Data volumes can be shared and reused among containers. ● Changes to a data volume are made directly. ● Changes to a data volume will not be included when you update an image. ● Data volumes persist even if the container itself is deleted. Data volumes A data volume is a specially-designated directory within one or more containers that bypasses the Union File System.
- 14. Manage data in containers Mounts": [ { "Name": "fac362...80535", "Source": "/var/lib/docker/volumes/$ID/_data", "Destination": "/webapp", "Driver": "local", "Mode": "", "RW": true, "Propagation": "" } ]
- 15. Demo