Docker Architecture
Click here to load reader
-
Upload
mohammadreza-amini -
Category
Technology
-
view
227 -
download
0
Transcript of Docker Architecture
![Page 1: Docker Architecture](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6ca1a28abcc6c8b46f9/html5/thumbnails/1.jpg)
Docker Architecture
Presentation By:
Amir Arsalan Ghorbanzadeh
Mohammadreza Amini
Docker Architecture
Autumn 2015IRAN OpenStack Users Group OpenStack.ir
![Page 2: Docker Architecture](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6ca1a28abcc6c8b46f9/html5/thumbnails/2.jpg)
Agenda:● What is docker ?● Cgroups● Namespace● Filesystem● Networking
OpenStack.ir | IRAN Community
Docker Architecture
![Page 3: Docker Architecture](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6ca1a28abcc6c8b46f9/html5/thumbnails/3.jpg)
OpenStack.ir | IRAN Community
Docker Architecture
• What is a Container?
– Group of processes contained in a Isolated Environment
– Isolation provided by Concepts like cgroups and namespaces
Before we get started
![Page 4: Docker Architecture](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6ca1a28abcc6c8b46f9/html5/thumbnails/4.jpg)
OpenStack.ir | IRAN Community
Docker Architecture
What is docker ?
![Page 5: Docker Architecture](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6ca1a28abcc6c8b46f9/html5/thumbnails/5.jpg)
OpenStack.ir | IRAN Community
Docker Architecture
What is docker ?
Docker is an open platform for developing, shipping, and running
applications. Docker is designed to deliver your applications faster.
With Docker you can separate your applications from your infrastructure
AND treat your infrastructure like a managed application. Docker helps
you ship code faster, test faster, deploy faster, and shorten the cycle
between writing code and running code.
![Page 6: Docker Architecture](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6ca1a28abcc6c8b46f9/html5/thumbnails/6.jpg)
OpenStack.ir | IRAN Community
Docker Architecture
Docker Features
Image Management Resource Isolation File system Isolation Network Isolation
Change Management Sharing Process Management
![Page 7: Docker Architecture](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6ca1a28abcc6c8b46f9/html5/thumbnails/7.jpg)
OpenStack.ir | IRAN Community
Docker Architecture
Linux kernel feature to limit, account and isolate resource usage, such as:
Control Groups & Namespaces
● CPU● Memory ● Disk I/O
![Page 8: Docker Architecture](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6ca1a28abcc6c8b46f9/html5/thumbnails/8.jpg)
OpenStack.ir | IRAN Community
Docker Architecture
CGroup
This allows you to manage the resources of a group of processes.
● Cpu : Managing the CPU shares of a container● Memory : Managing the memory shares of a container● Block devices(disk) : Limiting read/write speed and limiting disk space
![Page 9: Docker Architecture](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6ca1a28abcc6c8b46f9/html5/thumbnails/9.jpg)
OpenStack.ir | IRAN Community
Docker Architecture
Namespace
Namespaces isolate processes such as users lists, network devices, process lists and filesystems.
● mnt (mount points, filesystems)
● pid (processes)
● net (network stack)
● ipc (System V IPC)
● uts (hostname)
● user (UIDs)
![Page 10: Docker Architecture](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6ca1a28abcc6c8b46f9/html5/thumbnails/10.jpg)
OpenStack.ir | IRAN Community
Docker Architecture
File System
![Page 11: Docker Architecture](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6ca1a28abcc6c8b46f9/html5/thumbnails/11.jpg)
OpenStack.ir | IRAN Community
Docker Architecture
This Linux service allows you to mount files and directories from other filesystems (ie. a namespace isolated file system) and combine them to
form a single file system
Union file system
![Page 12: Docker Architecture](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6ca1a28abcc6c8b46f9/html5/thumbnails/12.jpg)
OpenStack.ir | IRAN Community
Docker Architecture
The VOLUME instruction creates a mount point with the specified
name and marks it as holding externally mounted volumes from native
host or other containers.
Volume
![Page 13: Docker Architecture](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6ca1a28abcc6c8b46f9/html5/thumbnails/13.jpg)
OpenStack.ir | IRAN Community
Docker Architecture
Networking
![Page 14: Docker Architecture](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6ca1a28abcc6c8b46f9/html5/thumbnails/14.jpg)
OpenStack.ir | IRAN Community
Docker Architecture
Docker uses a bridge to connect all
containers on the same host to the
local network.
![Page 15: Docker Architecture](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6ca1a28abcc6c8b46f9/html5/thumbnails/15.jpg)
OpenStack.ir | IRAN Community
Docker Architecture
Communication between containers
![Page 16: Docker Architecture](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6ca1a28abcc6c8b46f9/html5/thumbnails/16.jpg)
OpenStack.ir | IRAN Community
Docker Architecture
● Docker0 bridge
● iptables
Whether two containers can communicate is governed, at the operating system level, by two factors:
![Page 17: Docker Architecture](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6ca1a28abcc6c8b46f9/html5/thumbnails/17.jpg)
OpenStack.ir | IRAN Community
Docker Architecture
Any Question?
![Page 18: Docker Architecture](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6ca1a28abcc6c8b46f9/html5/thumbnails/18.jpg)
OpenStack.ir | IRAN Community
Docker Architecture
Stay in Touch and Join Us:
● Home Page: OpenStack.ir
● Meetup age:Meetup.com/IranOpenStack
● Mailing List: [email protected]
● Twitter: @OpenStackIR , #OpenStackIRAN
● IRC Channel on FreeNode: #OpenStack-ir
Iran OpenStack Community
![Page 19: Docker Architecture](https://reader038.fdocuments.us/reader038/viewer/2022100800/58eeb6ca1a28abcc6c8b46f9/html5/thumbnails/19.jpg)
OpenStack.ir | IRAN Community
Docker Architecture
Mohammadreza AminiSenior Linux [email protected]
Amir arsalan GhorbanzadehSenior Python [email protected]
Thank You