This document provides an overview of Docker, including what it is, how it compares to virtual machines and containers, its architecture and features. It discusses that Docker virtualizes using lightweight Linux containers rather than full virtual machines, and how this provides benefits like smaller size and faster performance compared to VMs. It also covers Docker's components like the Docker Engine, Hub and images, and how Docker can be used to develop, ship and run applications on any infrastructure.
2. Virtualizes - VM
Virtual Environment - VE
VM vs VE
Docker Architecture/Flow/Features
Docker Performance
Agenda
3. What is Virtualization? Why we need?
What VM does?
…
Lets check ……
4. VM Ware , Hyper-V
Real pain
Snapshot of the entire machine
, OS, virtual processors ,
network interfaces
Eat up a lot of space, time
Virtualizes
5. A VE is VM-lite
No Guest OS
Rides on the already existing
kernel’s
Uses LinuX Containers (LXC)
running in the host OS
Wrappers around Linux
namespaces and cgroups
Only Container, Apps on
Container
Virtual Environment/Container
11. Open-source implementation
Provides a generic workflow for building any
app into an image
Portable deployment across machines
Versioning
Component reuse
Shared libraries
Docker Unique Features
22. Namespaces
Control groups
Union file systems
Container format
Underlying technology
23. Type-1: native or bare-metal hypervisors
These hypervisors run directly on the
host's hardware to control the
hardware and to manage guest
operating systems. Modern
equivalents include Oracle VM Server
for SPARC, Oracle VM Server for x86,
the Citrix XenServer, VMware ESX/ESXi
and Microsoft Hyper-V 2008/2012.
Type-2: hosted hypervisors
These hypervisors run on a conventional
operating system just as other
computer programs do. Type-2
hypervisors abstract guest operating
systems from the host operating
system. VMware Workstation and
VirtualBox are examples of type-2
hypervisors.
Hypervisors Types
Editor's Notes
http://www.scriptrock.com/articles/docker-vs-vagrant
Virtualizers, like VMWare and Hyper-V
Real pain because they have to take a snapshot of the entire machine config, and then replicate this to another machine.
VM images eat up a lot of space and time.
Virtualizer works by creating a package or image containing an entire OS and machine setup, including hard drive, virtual processors and network interfaces
Docker creates a sandboxed runtime on the computer on which it lands.
It occupies a defined memory space and has access only to specified resources.
Process running in a container cannot see or affect other
processes running outside the container
http://www.slideshare.net/dotCloud/performance-characteristics-of-traditional-v-ms-vs-docker-containers
Most modern operating system kernels now support the primitives necessary for containerization, including Linux with openvz, vserver and more recently lxc, Solaris with zones and FreeBSD with Jails.
Docker is an open-source implementation of the deployment engine which powers dotCloud, a popular Platform-as-a-Service.
Integration
Docker can be integrated into various infrastructure tools, including Ansible,[9] CFEngine,[10] Chef,[11] Jenkins,[12] OpenStack Nova,[13] OpenSVC,[14] Puppet,[15] Salt,[16] and Vagrant.[17]
The GearD project aims to integrate Docker into Red Hat's OpenShift Origin PaaS.[18]
Docker Engine - our lightweight and powerful open source container virtualization technology combined with a work flow for building and containerizing your applications
Docker Hub: our Software-as-a-Service platform for sharing and managing Docker containers
Docker images are read-only templates from which Docker containers are launched. Each image consists of a series of layers. Docker makes use of union file systems to combine these layers into a single image.
Docker Registry :Run on our own network. https://github.com/docker/docker-registry
Portable deployment across machines: you can use Docker to create a single object containing all your bundled applications. This object can then be transferred and quickly installed onto any other Docker-enabled Linux host.
Versioning: Docker includes git-like capabilities for tracking successive versions of a container, inspecting the diff between versions, committing new versions, rolling back etc.
Component reuse: Docker allows building or stacking of already created packages. For instance, if you need to create several machines that all require Apache and MySQL database, you can create a ‘base image’ containing these two items, then build and create new machines using these already installed.
Shared libraries: There is already a public registry (http://index.docker.io/ ) where thousands have already uploaded the useful containers they have created. Again, think of the AWS common pool of different configs and distros – this is very similar.
Docker dropped LXC as the default execution environment and replaced it with its own libcontainer library written in Go language.[
Namespaces
Docker takes advantage of a technology called namespaces to provide the isolated workspace we call the container. When you run a container, Docker creates a set of namespaces for that container.
Control groups
Docker also makes use of another technology called cgroups or control groups.
Union file systems
Union file systems, or UnionFS, are file systems that operate by creating layers, making them very lightweight and fast. Docker uses union file systems to provide the building blocks for containers. Docker can make use of several union file system variants including: AUFS, btrfs, vfs, and DeviceMapper.
Container format
Docker combines these components into a wrapper we call a container format. The default container format is called libcontainer. Docker also supports traditional Linux containers using LXC. In the future, Docker may support other container formats, for example, by integrating with BSD Jails or Solaris Zones.
The Linux kernel provides cgroups for resource isolation (CPU, memory, block I/O, network, etc.) that do not require starting any virtual machines. The kernel also provides namespaces to completely isolate an application's view of the operating environment, including process trees, network, user ids and mounted file systems. Docker includes libcontainer library as a reference implementation for containers, and builds on top of libvirt, LXC (Linux containers) and systemd-nspawn, which provide interfaces to the facilities provided by the Linux kernel.[3][4]