Introduction to Linux Containers & DockerJozi Linux User Group – Jan 2014

Introduction to Linux Containers

● Makes use of:– Namespaces:

● User● Network● Hostname● Filesystem● Process table

– Cgroups for resource limits

– Seccomp – filtering of system calls

– AppArmour/SELinux

– Like chroot environment, only more secure and more full featured

Introduction to Linux Containers

● Benefits– Application isolation,

– Near native performance,

– Dynamic control of resource allocation, change during run time and resources only allocated as used

● Limitations– All use hosts kernel,

Introduction to Linux Containers

● apt-get install lxc● lxc-create -t ubuntu -n <name>

– Default user/password: ubuntu/ubuntu

– Templates available - /usr/share/lxc/templates/

– Backing store - /var/lib/lxc

● Start a container– lxc-start -n <name>

● To shutdown issue “shutdown -h now”

– Lxc-start -n <name> -d ● Attach lxc-console● Detach via “ctrl-a q”

●

Introduction to Linux Containers

● lxc-ps – List processes running in container● lxc-ls – List container running on host● lxc-netstat – List routing table of container ● lxc-freeze – Pause a container● lxc-unfreeze - Unpause a container● lxc-shutdown – Shutdown a container● lxc-destory – Hard stop a container● lxc-monitor – monitor the state of a container● lxc-cgroup – change resources allocated to a container● lxc-clone/lxc-backup/lxc-restore ….

Introduction to Linux Containers

● Light-weight virtualisation– No need for additional kernel nor

hypervisor/translation layer

● Network setup similar to virtualisaiton– Bridged or

– Routed (Natted)

Introduction to Linux Containers

● Libvirt integration● Can connect via

– Console (ssh,lxc-console)

– VNC,

– VT: tty

– VT: x

● Autostart on startup /etc/lxc/auto

What is Docker

● Docker is an application deployment tool that uses containers,

● Runtime manager for containers,● Allows for image repository,● Pushing of incremental changes from

dev,test,production

What is docker?

● Docker runs as a – A daemon to manage lxc containers,

– A cli for creating, managing lxc containers

– A client to access repositories for images

What is docker?

● docker search● docker pull● docker run● docker ps● docker inspect● docker images● docker push

What is docker?

● docker run ping www.jumpingbean.co.za● sudo docker run -i -t base/arch /bin/bash

– i interactive

– t terminal

● Sudo docker run -i -t mmckeen/opensuse-13.1 -p 80● docker port name 8080

– List local host port that has been forwared to 8080

● docker run -d

What is docker

● Create an account on the repo server– sudo docker login

● Create a image on the repo server– sudo docker commit $CONTAINER_ID

username/container-name

● Update your image on the repo server– sudo docker push username/container-name