Docker allocating resources
Click here to load reader
-
Upload
mohammadreza-amini -
Category
Technology
-
view
499 -
download
0
Transcript of Docker allocating resources
![Page 1: Docker allocating resources](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6c21a28ab997c8b45af/html5/thumbnails/1.jpg)
Presentation By:Mohammadreza Amini
Amir Arsalan
Autumn 2015IRAN OpenStack Users Group
Allocating Resources & Limitation Container
![Page 2: Docker allocating resources](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6c21a28ab997c8b45af/html5/thumbnails/2.jpg)
Agenda
Allocating Resources
| Iran Community OpenStack.ir
● Docker Allocating Resources
● CPU
● RAM
● Disk
● Limitation Container
● Linux Capability
● Devices
![Page 3: Docker allocating resources](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6c21a28ab997c8b45af/html5/thumbnails/3.jpg)
Allocating Resources
| Iran Community OpenStack.ir
Allocating Resources
![Page 4: Docker allocating resources](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6c21a28ab997c8b45af/html5/thumbnails/4.jpg)
Allocation of resources to containers is especially important as containers are less
isolated than virtual machines.
A single runaway container can lead to performance issues and degradation
across the entire host.
In Hypervisors, VMs are normally allocated a fixed amount of CPU resources, RAM,
and disk space, meaning that the applications will work within those set limits no
matter the load to which the VM or application is subjected.
Allocating Resources
| Iran Community OpenStack.ir
![Page 5: Docker allocating resources](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6c21a28ab997c8b45af/html5/thumbnails/5.jpg)
Allocating Resources
| Iran Community OpenStack.ir
CPU
![Page 6: Docker allocating resources](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6c21a28ab997c8b45af/html5/thumbnails/6.jpg)
Each container is assigned a “share” of the CPU, set to 1024 by default. By itself,
1024 CPU share does not mean anything.
If there is only a single container running, then it can use all the available CPU
resources.
However, if you launch another container and both containers have 1024 CPU
share, then each container can claim at least 50% of the CPU resources.
Allocating Resources
| Iran Community OpenStack.ir
![Page 7: Docker allocating resources](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6c21a28ab997c8b45af/html5/thumbnails/7.jpg)
CPU Allocating Resource
Allocating Resources
| Iran Community OpenStack.ir
● Share cpu
$ docker run -ti -c 1024 ubuntu:14.04 /bin/bash
● Cpu period & quota
$ docker run -ti --cpu-period=50000 --cpu-quota=10000 ubuntu:14.04 /bin/bash
![Page 8: Docker allocating resources](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6c21a28ab997c8b45af/html5/thumbnails/8.jpg)
Allocating Resources
| Iran Community OpenStack.ir
Memory
![Page 9: Docker allocating resources](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6c21a28ab997c8b45af/html5/thumbnails/9.jpg)
Memory Allocating Resource
Allocating Resources
| Iran Community OpenStack.ir
● Memory & Memory swap
$ docker run -ti -m 300M --memory-swap 900M ubuntu:14.04 /bin/bash
![Page 10: Docker allocating resources](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6c21a28ab997c8b45af/html5/thumbnails/10.jpg)
Allocating Resources
| Iran Community OpenStack.ir
Disk
![Page 11: Docker allocating resources](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6c21a28ab997c8b45af/html5/thumbnails/11.jpg)
Disk space and read/write speed can be limited in Docker. By default, read/write
speed is unlimited. However, if required, it can be limited as needed using cgroups.
Each container is allocated 10GB of space by default.
Allocating Resources
| Iran Community OpenStack.ir
![Page 12: Docker allocating resources](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6c21a28ab997c8b45af/html5/thumbnails/12.jpg)
Disk Allocating Resource
Allocating Resources
| Iran Community OpenStack.ir
● Base Size
$ docker -d --storage-opt dm.basesize=20G ubuntu:14.04 /bin/bash
More Details: https://github.com/docker/docker/blob/v1.2.0/daemon/graphdriver/devmapper/README.md#options
![Page 13: Docker allocating resources](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6c21a28ab997c8b45af/html5/thumbnails/13.jpg)
Allocating Resources
| Iran Community OpenStack.ir
Limitation Container
![Page 14: Docker allocating resources](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6c21a28ab997c8b45af/html5/thumbnails/14.jpg)
Allocating Resources
| Iran Community OpenStack.ir
By default, Docker containers are “unprivileged” and cannot, for example, run a Docker
daemon inside a Docker container. This is because by default a container is not allowed to
access any devices, but a “privileged” container is given access to all devices
More Details: https://docs.docker.com/engine/reference/run/#runtime-constraints-on-resources
![Page 15: Docker allocating resources](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6c21a28ab997c8b45af/html5/thumbnails/15.jpg)
Linux capability
Allocating Resources
| Iran Community OpenStack.ir
More Details: http://linux.die.net/man/7/capabilities
● Add capability
$ docker run -ti --cap-add=NET_ADMIN ubuntu:14.04 /bin/bash
● drop capability
$ docker run -ti --cap-add=ALL --cap-drop=NET_ADMIN ubuntu:14.04 /bin/bash
![Page 16: Docker allocating resources](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6c21a28ab997c8b45af/html5/thumbnails/16.jpg)
Devices
Allocating Resources
| Iran Community OpenStack.ir
If you want to limit access to a specific device or devices you can use the --device
flag. It allows you to specify one or more devices that will be accessible within the
container.
● Devices
$ docker run -ti --device=/dev/snd:/dev/snd ubuntu:14.04 /bin/bash
![Page 17: Docker allocating resources](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6c21a28ab997c8b45af/html5/thumbnails/17.jpg)
Allocating Resources
| Iran Community OpenStack.ir
Any Question?
![Page 18: Docker allocating resources](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6c21a28ab997c8b45af/html5/thumbnails/18.jpg)
Allocating Resources
| Iran Community OpenStack.ir
Stay in Touch and Join Us:
● Home Page: OpenStack.ir
● Meetup age: Meetup.com/IranOpenStack
● Mailing List: [email protected]
● Twitter: @OpenStackIR , #OpenStackIRAN
● IRC Channel on FreeNode: #OpenStack-ir
![Page 19: Docker allocating resources](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6c21a28ab997c8b45af/html5/thumbnails/19.jpg)
Allocating Resources
| Iran Community OpenStack.ir
Mohammadreza Amini
Linux Administrator
Amir Arsalan
Python Developer
Thank You