Docker Internals - Twilio talk November 14th, 2013
-
Upload
guillaume-charmes -
Category
Technology
-
view
109 -
download
2
description
Transcript of Docker Internals - Twilio talk November 14th, 2013
![Page 1: Docker Internals - Twilio talk November 14th, 2013](https://reader033.fdocuments.net/reader033/viewer/2022051400/54c854f84a79591c178b45be/html5/thumbnails/1.jpg)
By Guillaume J. Charmes <[email protected]> @charme_gDocker version 0.6.6 / 0.7.0-rc5
Docker InternalsSF Docker Meetup at Twilio
##dockermeetup11/14/2013
![Page 2: Docker Internals - Twilio talk November 14th, 2013](https://reader033.fdocuments.net/reader033/viewer/2022051400/54c854f84a79591c178b45be/html5/thumbnails/2.jpg)
This is your last chance
1. Isolation2. Images3. Process Management4. Roadmap
![Page 3: Docker Internals - Twilio talk November 14th, 2013](https://reader033.fdocuments.net/reader033/viewer/2022051400/54c854f84a79591c178b45be/html5/thumbnails/3.jpg)
Isolation
• LXC• Cgroups/Namespaces• Processes• Mounts• Network
• Network• NAT (DOCKER chain)• Expose / Links
• File System• Chroot on steroids
![Page 4: Docker Internals - Twilio talk November 14th, 2013](https://reader033.fdocuments.net/reader033/viewer/2022051400/54c854f84a79591c178b45be/html5/thumbnails/4.jpg)
Isolation
• Isolation: Namespaces• Only 1 syscall (setns()). No hypervisor• Mounts, Uts (hostname), Net, Pid, IPC, User
• Resource management: Cgroups• Memory Limitation• CPU Shares• Future: blkio
![Page 5: Docker Internals - Twilio talk November 14th, 2013](https://reader033.fdocuments.net/reader033/viewer/2022051400/54c854f84a79591c178b45be/html5/thumbnails/5.jpg)
Isolation
• Network• Bridge• Veth• NAT• Expose / Links
• File System• Chroot++• Image management
![Page 6: Docker Internals - Twilio talk November 14th, 2013](https://reader033.fdocuments.net/reader033/viewer/2022051400/54c854f84a79591c178b45be/html5/thumbnails/6.jpg)
1. Isolation2. Images3. Process Management4. Roadmap
![Page 7: Docker Internals - Twilio talk November 14th, 2013](https://reader033.fdocuments.net/reader033/viewer/2022051400/54c854f84a79591c178b45be/html5/thumbnails/7.jpg)
Images
• AUFS• Image format• Base image• Layer + parent id• Whiteouts (.wh.)• Difference Image vs Container
• Registry• Future• Devicemapper• Backend interface
![Page 8: Docker Internals - Twilio talk November 14th, 2013](https://reader033.fdocuments.net/reader033/viewer/2022051400/54c854f84a79591c178b45be/html5/thumbnails/8.jpg)
Images
• Why AUFS?• Production usage for years• Layers• Multiple RO layers, 1 RW -> Diff
• Limitations• 42 layers
• Whiteouts• Deletion management
![Page 9: Docker Internals - Twilio talk November 14th, 2013](https://reader033.fdocuments.net/reader033/viewer/2022051400/54c854f84a79591c178b45be/html5/thumbnails/9.jpg)
Images
• Image format• Payload (layer)• Metadata (parent id)
• Image vs Container• Differences• Future: Unified format
![Page 10: Docker Internals - Twilio talk November 14th, 2013](https://reader033.fdocuments.net/reader033/viewer/2022051400/54c854f84a79591c178b45be/html5/thumbnails/10.jpg)
Images
• Image sharing: Registry• Push/Pull via diffs
• Future• Backend interface / Devicemapper• Unified image format: whiteouts (.wh.)
![Page 11: Docker Internals - Twilio talk November 14th, 2013](https://reader033.fdocuments.net/reader033/viewer/2022051400/54c854f84a79591c178b45be/html5/thumbnails/11.jpg)
1. Isolation2. Images3. Process Management4. Roadmap
![Page 12: Docker Internals - Twilio talk November 14th, 2013](https://reader033.fdocuments.net/reader033/viewer/2022051400/54c854f84a79591c178b45be/html5/thumbnails/12.jpg)
• Docker daemon• Transports unix/tcp
internals• Attach logic• Logs
• Host Integration• Dockerfile• RUN• EXPOSE• What is the Context?
• Service Discovery
docker run
Process Management
![Page 13: Docker Internals - Twilio talk November 14th, 2013](https://reader033.fdocuments.net/reader033/viewer/2022051400/54c854f84a79591c178b45be/html5/thumbnails/13.jpg)
• Docker daemon• Transports:• Holds all containers• Handles the logging
• Docker client• Everything uses the Remote API
docker –d –H tcp://127.0.0.1:4243 –H unix:///var/run/docker.sock
Process Management
![Page 14: Docker Internals - Twilio talk November 14th, 2013](https://reader033.fdocuments.net/reader033/viewer/2022051400/54c854f84a79591c178b45be/html5/thumbnails/14.jpg)
Process Management
internals• Create• Start• Attach
• General Config vs Host Config• Attach protocol• TTY• Non-TTY
docker run
![Page 15: Docker Internals - Twilio talk November 14th, 2013](https://reader033.fdocuments.net/reader033/viewer/2022051400/54c854f84a79591c178b45be/html5/thumbnails/15.jpg)
1. Isolation2. Images3. Process Management4. Roadmap
![Page 16: Docker Internals - Twilio talk November 14th, 2013](https://reader033.fdocuments.net/reader033/viewer/2022051400/54c854f84a79591c178b45be/html5/thumbnails/16.jpg)
Roadmap
• Docker 0.7• File system backend interface
• Docker 0.8• Isolation backend interface• Full introspection
• Future• Ambassador Pattern
![Page 17: Docker Internals - Twilio talk November 14th, 2013](https://reader033.fdocuments.net/reader033/viewer/2022051400/54c854f84a79591c178b45be/html5/thumbnails/17.jpg)
Conclusion
• Wide global support with backend interfaces• Service discovery improvement• Road to multi host / orchestration
![Page 18: Docker Internals - Twilio talk November 14th, 2013](https://reader033.fdocuments.net/reader033/viewer/2022051400/54c854f84a79591c178b45be/html5/thumbnails/18.jpg)
www.docker.io
Thank you!