SlideShare une entreprise Scribd logo

Containerization is more than the new Virtualization: enabling separation of operational concerns

Jérôme Petazzoni
Jérôme Petazzoni

Docker offers a new, lightweight approach to application portability. Applications are shipped using a common container format, and managed with a high-level API. Their processes run within isolated namespaces which abstract the operating environment, independently of the distribution, versions, network setup, and other details of this environment. This "containerization" has often been nicknamed "the new virtualization". But containers are more than lightweight virtual machines. Beyond their smaller footprint, shorter boot times, and higher consolidation factors, they also bring a lot of new features and use cases which were not possible with classical virtual machines. We will focus on one of those features: separation of operational concerns. Specifically, we will demonstrate how some fundamental tasks like logging, remote access, backups, and troubleshooting can be entirely decoupled from the deployment of applications and services. This decoupling results in independent, smaller, simpler moving parts; just like microservice architectures break down large monolithic apps in more manageable components.

Technologie
1  sur  61
Télécharger pour lire hors ligne
containerization: more than the new virtualization
Jérôme Petazzoni (@jpetazzo) Grumpy French DevOps - Go away or I will replace you with a very small shell script Runs everything in containers - Docker-in-Docker - VPN-in-Docker - KVM-in-Docker - Xorg-in-Docker - ...
outline
Outline Containers as lightweight VMs Containers vs VMs Separation of operational concerns Benefits Conclusions
containers as lightweight VMs
It looks like a VM Private process space Can run stuff as root Private network interface and IP address Custom routes, iptables rules, etc. Can mount filesystems and more
Process tree in a “machine container” PID TTY STAT TIME COMMAND 1 ? Ss+ 0:00 /usr/bin/python3 -u /sbin/my_init --enable-insecure-key 104 ? S+ 0:00 /usr/bin/runsvdir -P /etc/service 105 ? Ss 0:00 _ runsv syslog-ng 108 ? S 0:00 | _ syslog-ng -F -p /var/run/syslog-ng.pid --no-caps 106 ? Ss 0:00 _ runsv sshd 109 ? S 0:00 | _ /usr/sbin/sshd -D 117 ? Ss 0:00 | _ sshd: root@pts/0 119 pts/0 Ss 0:00 | _ -bash 135 pts/0 R+ 0:00 | _ ps fx 107 ? Ss 0:00 _ runsv cron 110 ? S 0:00 _ /usr/sbin/cron -f
Faster to boot, less overhead than a VM $ time docker run ubuntu echo hello world hello world real 0m0.258s Disk usage: less than 100 kB Memory usage: less than 1.5 MB
Benchmark: infiniband
Benchmark: boot OpenStack instances
Benchmark: memory speed
impossibru!
containers vs virtual machines
Virtual Machines Emulate CPU instructions (painfully slow) Emulate hardware (storage, network...) (painfully slow) Run as a userland process on top of a kernel (painfully slow)
Virtual Machines Use native CPU (fast!) Paravirtualized storage, network... (fast, but higher resource usage) Run on top of a hypervisor (faster, but still some overhead)
Containers Processes isolated from each other Very little extra code path (in many cases, it's comparable to UID checking)
Virtual Machines vs Containers Native CPU Paravirtualized devices Hypervisor Native CPU Native syscalls Native kernel
Inter-VM communication Strong isolation, enforced by hypervisor + hardware - no fast-path data transfer between virtual machines - yes, there are PCI pass-throughs and things like xenbus, but that's not easy to use, very specific, not portable Most convenient method: network protocols (L2/L3) But: huge advantage from a security POV
Inter-container communication Tunable isolation - each namespace can be isolated or shared Allows normal Unix communication mechanisms - network protocols on loopback interface - UNIX sockets - shared memory - IPC... Reuse techniques that we know and love (?)
inter-container communication
Shared localhost Multiple containers can share the same “localhost” (by reusing the same network namespace) Communication over localhost is very very fast Also: localhost is a well-known address
Shared filesystem A directory can be shared by multiple containers (by using a bind-mount) That directory can contain: - named pipes (FIFOs) - UNIX sockets - memory-mapped files Bind-mount = zero overhead
Shared IPC Multiple containers can share IPC resources (using the special IPC namespace) Semaphores, Shared Memory, Message Queues... Is anybody still using this?
Host networking Containers can share the host's network stack (by reusing its network namespace) They can use the host's interfaces without penalty (high speed, low latency, no overhead!) Native performance to talk with external containers
Host filesystems Containers can share a directory with the host Example: use fast storage (SAN, SSD...) in container - mount it on the host - share it with the container - done! Native performance to use I/O subsystem
separation of operational concerns
...What? “Ops” functions (backups, logging...) can be performed in separate containers Application containers can run unchanged in various environments: dev, test, QA, prod...
logs
Old style ssh into container cd /var/log tail, grep, ack-grep, awk, sed, apachetop, perl, etc.
New style Create a “data container” to hold the logs docker run --name logs -v /var/log busybox true Start app container sharing that volume docker run --volumes-from logs myapp Inspect logs docker run -ti --volumes-from logs -w /var/log ubuntu bash Use fancy tools without polluting app container docker run -ti --volumes-from logs turbogrep ...
Bonus points Ship logs to something else (logstash, syslog...) docker run --volumes-from logs pipestash Change logging system independently: - without rebuilding app container - without restarting app container - run multiple logging systems at the same time (e.g. for migration)
backups
Old style Prepare the tools - install things like rsync, s3cmd, boto, mysqldump... - get backup script Perform one-shot manual backup - SSH and run the backup script Set up routine backups - edit crontab
New style: setup Create a “data container” to hold the files to back up docker run --name mysqldata -v /var/lib/mysql busybox true Start app container sharing that volume docker run --volumes-from mysqldata mysql Create a separate image with backup tools - Dockerfile with “apt-get install rsync s3cmd...”
New style: one-shot manual backup Use the special backup image docker run --rm --volumes-from mysqldata mysqlbackup tar -cJf- /var/lib/mysql | stream-it-to-the-cloud.py Of course, you can use something fancier than tar (e.g. rsync, tarsnap...)
New style: routine backups Option 1 - run “crond” in backup image - start backup image and keep it running Option 2 - start backup script from a crontab entry on the Docker host Option 3 - have a special “cron” container - give it access to the Docker API - let it start the backup container at regular intervals
network debugging
Old style ssh into container Install tcpdump, ngrep, … Run them
New style Make a container image with tcpdump, ngrep... (let's call it “netdebug”) Run it in the namespace of the application container docker run -ti --net container:<app_cid> netdebug bash Now run tcpdump, ngrep, etc. Want to copy a dump to see it with wireshark? docker run -ti --net container:... -v /tmp:/tmp netdebug tcpdump -s0 -peni eth0 -w/tmp/myapp.pcap
configuration tweaking
Old style ssh into container vi /etc/tomcat/something.xml (maybe) /etc/init.d/tomcat restart
New style Option 1 - set up /etc/tomcat to be a “data container” - start another container sharing this volume; install vi/emacs here Option 2 - set up /etc/tomcat to be on the host: docker run -v /etc/containers/myapp:/etc/tomcat … If needed: restart the container - docker stop; docker start - docker kill -s HUP
epiphany
composition
Virtual Machine deployment Linux base system Libraries Application Logging Backups Metrics ...
With configuration management node www { include common include web include logstash include backup include graphite }
Problems Conflicts between two components - example: logging and metrics systems use different Java versions Software certified for different distro - example: one component requires RHEL 6.4 but you run Ubuntu Migration from one component to another - example: from syslog to splunk
Container deployment Linux base system Docker Application container Logging container Backups container Metrics container ...
benefits
Immutable infrastructure What's an immutable infrastructure? - re-create images each time you change a line of code - prevent (or track) modifications of running images Why is it useful? - no more rebellious servers after manual upgrades - no more “oops, how do we roll back?” after catastrophic upgrade - easier security audit (inspect images at rest) How can containers help? - container images are easier to create and manage than VM images
Micro-service architecture What's a micro-service architecture? - break your big application down into many small services Why is it useful? - it's easier to upgrade/refactor/replace a small service - encourages to have many small teams*, each owning a service (*small teams are supposedly better; see Jeff Bezos' “two-pizza rule”) How can containers help? - problem: 10 micro-services instead of 1 big application = 10x more work to deploy everything - solution: need extremely easy deployment; hello containers!
thank you! questions?

Recommandé

Docker Introduction
Docker IntroductionDocker Introduction
Docker IntroductionRobert Reiz
 
Docker, Linux Containers (LXC), and security
Docker, Linux Containers (LXC), and securityDocker, Linux Containers (LXC), and security
Docker, Linux Containers (LXC), and securityJérôme Petazzoni
 
Software Containerization
Software ContainerizationSoftware Containerization
Software ContainerizationRoshan Deniyage
 
Introduction to linux containers
Introduction to linux containersIntroduction to linux containers
Introduction to linux containersGoogle
 
Docker introduction
Docker introductionDocker introduction
Docker introductiondotCloud
 
Intro to containerization
Intro to containerizationIntro to containerization
Intro to containerizationBalint Pato
 
What Is Docker? | What Is Docker And How It Works? | Docker Tutorial For Begi...
What Is Docker? | What Is Docker And How It Works? | Docker Tutorial For Begi...What Is Docker? | What Is Docker And How It Works? | Docker Tutorial For Begi...
What Is Docker? | What Is Docker And How It Works? | Docker Tutorial For Begi...Simplilearn
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to dockerHiroki Endo
 

Recommandé

Docker Introduction
Docker IntroductionDocker Introduction
Docker IntroductionRobert Reiz
 
Docker, Linux Containers (LXC), and security
Docker, Linux Containers (LXC), and securityDocker, Linux Containers (LXC), and security
Docker, Linux Containers (LXC), and securityJérôme Petazzoni
 
Software Containerization
Software ContainerizationSoftware Containerization
Software ContainerizationRoshan Deniyage
 
Introduction to linux containers
Introduction to linux containersIntroduction to linux containers
Introduction to linux containersGoogle
 
Docker introduction
Docker introductionDocker introduction
Docker introductiondotCloud
 
Intro to containerization
Intro to containerizationIntro to containerization
Intro to containerizationBalint Pato
 
What Is Docker? | What Is Docker And How It Works? | Docker Tutorial For Begi...
What Is Docker? | What Is Docker And How It Works? | Docker Tutorial For Begi...What Is Docker? | What Is Docker And How It Works? | Docker Tutorial For Begi...
What Is Docker? | What Is Docker And How It Works? | Docker Tutorial For Begi...Simplilearn
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to dockerHiroki Endo
 
Virtualization with KVM (Kernel-based Virtual Machine)
Virtualization with KVM (Kernel-based Virtual Machine)Virtualization with KVM (Kernel-based Virtual Machine)
Virtualization with KVM (Kernel-based Virtual Machine)Novell
 
Docker Overview - Rise of the Containers
Docker Overview - Rise of the ContainersDocker Overview - Rise of the Containers
Docker Overview - Rise of the ContainersRyan Hodgin
 
K8s in 3h - Kubernetes Fundamentals Training
K8s in 3h - Kubernetes Fundamentals TrainingK8s in 3h - Kubernetes Fundamentals Training
K8s in 3h - Kubernetes Fundamentals TrainingPiotr Perzyna
 
Docker, LinuX Container
Docker, LinuX ContainerDocker, LinuX Container
Docker, LinuX ContainerAraf Karsh Hamid
 
What is Docker
What is DockerWhat is Docker
What is DockerPavel Klimiankou
 
Kubernetes PPT.pptx
Kubernetes PPT.pptxKubernetes PPT.pptx
Kubernetes PPT.pptxssuser0cc9131
 
Introduction to container based virtualization with docker
Introduction to container based virtualization with dockerIntroduction to container based virtualization with docker
Introduction to container based virtualization with dockerBangladesh Network Operators Group
 
Understanding Kubernetes
Understanding KubernetesUnderstanding Kubernetes
Understanding KubernetesTu Pham
 
CI/CD with Jenkins and Docker - DevOps Meetup Day Thailand
CI/CD with Jenkins and Docker - DevOps Meetup Day ThailandCI/CD with Jenkins and Docker - DevOps Meetup Day Thailand
CI/CD with Jenkins and Docker - DevOps Meetup Day ThailandTroublemaker Khunpech
 
Containers: The What, Why, and How
Containers: The What, Why, and HowContainers: The What, Why, and How
Containers: The What, Why, and HowSneha Inguva
 
What Is A Docker Container? | Docker Container Tutorial For Beginners| Docker...
What Is A Docker Container? | Docker Container Tutorial For Beginners| Docker...What Is A Docker Container? | Docker Container Tutorial For Beginners| Docker...
What Is A Docker Container? | Docker Container Tutorial For Beginners| Docker...Simplilearn
 
Virtualization Vs. Containers
Virtualization Vs. ContainersVirtualization Vs. Containers
Virtualization Vs. Containersactualtechmedia
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101Crevise Technologies
 
Helm - Package Manager for Kubernetes
Helm - Package Manager for KubernetesHelm - Package Manager for Kubernetes
Helm - Package Manager for KubernetesKnoldus Inc.
 
virtualization-vs-containerization-paas
virtualization-vs-containerization-paasvirtualization-vs-containerization-paas
virtualization-vs-containerization-paasrajdeep
 
VMware
VMware VMware
VMware Ghufran Hasan
 
Docker Tutorial For Beginners | What Is Docker And How It Works? | Docker Tut...
Docker Tutorial For Beginners | What Is Docker And How It Works? | Docker Tut...Docker Tutorial For Beginners | What Is Docker And How It Works? | Docker Tut...
Docker Tutorial For Beginners | What Is Docker And How It Works? | Docker Tut...Simplilearn
 
Containers 101
Containers 101Containers 101
Containers 101Black Duck by Synopsys
 
Docker and kubernetes_introduction
Docker and kubernetes_introductionDocker and kubernetes_introduction
Docker and kubernetes_introductionJason Hu
 
Introduction to Docker storage, volume and image
Introduction to Docker storage, volume and imageIntroduction to Docker storage, volume and image
Introduction to Docker storage, volume and imageejlp12
 
Containerization
ContainerizationContainerization
ContainerizationAmitesh Tyagi
 
Devops is all greek
Devops is all greekDevops is all greek
Devops is all greekLori MacVittie
 

Contenu connexe

Tendances

Virtualization with KVM (Kernel-based Virtual Machine)
Virtualization with KVM (Kernel-based Virtual Machine)Virtualization with KVM (Kernel-based Virtual Machine)
Virtualization with KVM (Kernel-based Virtual Machine)Novell
 
Docker Overview - Rise of the Containers
Docker Overview - Rise of the ContainersDocker Overview - Rise of the Containers
Docker Overview - Rise of the ContainersRyan Hodgin
 
K8s in 3h - Kubernetes Fundamentals Training
K8s in 3h - Kubernetes Fundamentals TrainingK8s in 3h - Kubernetes Fundamentals Training
K8s in 3h - Kubernetes Fundamentals TrainingPiotr Perzyna
 
Understanding Kubernetes
Understanding KubernetesUnderstanding Kubernetes
Understanding KubernetesTu Pham
 
CI/CD with Jenkins and Docker - DevOps Meetup Day Thailand
CI/CD with Jenkins and Docker - DevOps Meetup Day ThailandCI/CD with Jenkins and Docker - DevOps Meetup Day Thailand
CI/CD with Jenkins and Docker - DevOps Meetup Day ThailandTroublemaker Khunpech
 
Containers: The What, Why, and How
Containers: The What, Why, and HowContainers: The What, Why, and How
Containers: The What, Why, and HowSneha Inguva
 
What Is A Docker Container? | Docker Container Tutorial For Beginners| Docker...
What Is A Docker Container? | Docker Container Tutorial For Beginners| Docker...What Is A Docker Container? | Docker Container Tutorial For Beginners| Docker...
What Is A Docker Container? | Docker Container Tutorial For Beginners| Docker...Simplilearn
 
Virtualization Vs. Containers
Virtualization Vs. ContainersVirtualization Vs. Containers
Virtualization Vs. Containersactualtechmedia
 
Helm - Package Manager for Kubernetes
Helm - Package Manager for KubernetesHelm - Package Manager for Kubernetes
Helm - Package Manager for KubernetesKnoldus Inc.
 
virtualization-vs-containerization-paas
virtualization-vs-containerization-paasvirtualization-vs-containerization-paas
virtualization-vs-containerization-paasrajdeep
 
Docker Tutorial For Beginners | What Is Docker And How It Works? | Docker Tut...
Docker Tutorial For Beginners | What Is Docker And How It Works? | Docker Tut...Docker Tutorial For Beginners | What Is Docker And How It Works? | Docker Tut...
Docker Tutorial For Beginners | What Is Docker And How It Works? | Docker Tut...Simplilearn
 
Docker and kubernetes_introduction
Docker and kubernetes_introductionDocker and kubernetes_introduction
Docker and kubernetes_introductionJason Hu
 
Introduction to Docker storage, volume and image
Introduction to Docker storage, volume and imageIntroduction to Docker storage, volume and image
Introduction to Docker storage, volume and imageejlp12
 

Tendances (20)

Virtualization with KVM (Kernel-based Virtual Machine)
Virtualization with KVM (Kernel-based Virtual Machine)Virtualization with KVM (Kernel-based Virtual Machine)
Virtualization with KVM (Kernel-based Virtual Machine)
 
Docker Overview - Rise of the Containers
Docker Overview - Rise of the ContainersDocker Overview - Rise of the Containers
Docker Overview - Rise of the Containers
 
K8s in 3h - Kubernetes Fundamentals Training
K8s in 3h - Kubernetes Fundamentals TrainingK8s in 3h - Kubernetes Fundamentals Training
K8s in 3h - Kubernetes Fundamentals Training
 
Docker, LinuX Container
Docker, LinuX ContainerDocker, LinuX Container
Docker, LinuX Container
 
What is Docker
What is DockerWhat is Docker
What is Docker
 
Kubernetes PPT.pptx
Kubernetes PPT.pptxKubernetes PPT.pptx
Kubernetes PPT.pptx
 
Introduction to container based virtualization with docker
Introduction to container based virtualization with dockerIntroduction to container based virtualization with docker
Introduction to container based virtualization with docker
 
Understanding Kubernetes
Understanding KubernetesUnderstanding Kubernetes
Understanding Kubernetes
 
CI/CD with Jenkins and Docker - DevOps Meetup Day Thailand
CI/CD with Jenkins and Docker - DevOps Meetup Day ThailandCI/CD with Jenkins and Docker - DevOps Meetup Day Thailand
CI/CD with Jenkins and Docker - DevOps Meetup Day Thailand
 
Containers: The What, Why, and How
Containers: The What, Why, and HowContainers: The What, Why, and How
Containers: The What, Why, and How
 
What Is A Docker Container? | Docker Container Tutorial For Beginners| Docker...
What Is A Docker Container? | Docker Container Tutorial For Beginners| Docker...What Is A Docker Container? | Docker Container Tutorial For Beginners| Docker...
What Is A Docker Container? | Docker Container Tutorial For Beginners| Docker...
 
Virtualization Vs. Containers
Virtualization Vs. ContainersVirtualization Vs. Containers
Virtualization Vs. Containers
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101
 
Helm - Package Manager for Kubernetes
Helm - Package Manager for KubernetesHelm - Package Manager for Kubernetes
Helm - Package Manager for Kubernetes
 
virtualization-vs-containerization-paas
virtualization-vs-containerization-paasvirtualization-vs-containerization-paas
virtualization-vs-containerization-paas
 
VMware
VMware VMware
VMware
 
Docker Tutorial For Beginners | What Is Docker And How It Works? | Docker Tut...
Docker Tutorial For Beginners | What Is Docker And How It Works? | Docker Tut...Docker Tutorial For Beginners | What Is Docker And How It Works? | Docker Tut...
Docker Tutorial For Beginners | What Is Docker And How It Works? | Docker Tut...
 
Containers 101
Containers 101Containers 101
Containers 101
 
Docker and kubernetes_introduction
Docker and kubernetes_introductionDocker and kubernetes_introduction
Docker and kubernetes_introduction
 
Introduction to Docker storage, volume and image
Introduction to Docker storage, volume and imageIntroduction to Docker storage, volume and image
Introduction to Docker storage, volume and image
 

En vedette

Virtual machines and containers
Virtual machines and containersVirtual machines and containers
Virtual machines and containersPatrick Pierson
 
Rmll Virtualization As Is Tool 20090707 V1.0
Rmll Virtualization As Is Tool 20090707 V1.0Rmll Virtualization As Is Tool 20090707 V1.0
Rmll Virtualization As Is Tool 20090707 V1.0guest72e8c1
 
A Primer to Containerization & Microservices
A Primer to Containerization & MicroservicesA Primer to Containerization & Microservices
A Primer to Containerization & MicroservicesShiju Varghese
 
Hide your development environment and application in a container
Hide your development environment and application in a containerHide your development environment and application in a container
Hide your development environment and application in a containerJohan Janssen
 
Containerization using docker
Containerization using dockerContainerization using docker
Containerization using dockerVinod Doshi
 
Essence Of Containerizati on 230508
Essence Of Containerizati on 230508 Essence Of Containerizati on 230508
Essence Of Containerizati on 230508 jansowri
 
Discussing the difference between docker dontainers and virtual machines
Discussing the difference between docker dontainers and virtual machinesDiscussing the difference between docker dontainers and virtual machines
Discussing the difference between docker dontainers and virtual machinesSteven Grzbielok
 
NoOps != No Operations
NoOps != No OperationsNoOps != No Operations
NoOps != No OperationsDavid Tesar
 
Virtualization with Vagrant (ua.pycon 2011)
Virtualization with Vagrant (ua.pycon 2011)Virtualization with Vagrant (ua.pycon 2011)
Virtualization with Vagrant (ua.pycon 2011)Dmitry Guyvoronsky
 
bed-con 2015 - From Virtual Machines to Containers
bed-con 2015 - From Virtual Machines to Containersbed-con 2015 - From Virtual Machines to Containers
bed-con 2015 - From Virtual Machines to Containerscamunda services GmbH
 
Docker containerization cookbook
Docker containerization cookbookDocker containerization cookbook
Docker containerization cookbookPascal Louis
 
Continuous delivery with Gradle
Continuous delivery with GradleContinuous delivery with Gradle
Continuous delivery with GradleBob Paulin
 
Reactive Programming Models for IoT
Reactive Programming Models for IoTReactive Programming Models for IoT
Reactive Programming Models for IoTTodd Montgomery
 
Vagrant and docker
Vagrant and dockerVagrant and docker
Vagrant and dockerDuckDuckGo
 
The Cloud Native Journey
The Cloud Native JourneyThe Cloud Native Journey
The Cloud Native JourneyMatt Stine
 

En vedette (20)

Containerization
ContainerizationContainerization
Containerization
 
Devops is all greek
Devops is all greekDevops is all greek
Devops is all greek
 
Virtual machines and containers
Virtual machines and containersVirtual machines and containers
Virtual machines and containers
 
Virtualization
VirtualizationVirtualization
Virtualization
 
Rmll Virtualization As Is Tool 20090707 V1.0
Rmll Virtualization As Is Tool 20090707 V1.0Rmll Virtualization As Is Tool 20090707 V1.0
Rmll Virtualization As Is Tool 20090707 V1.0
 
Virutal Box
Virutal BoxVirutal Box
Virutal Box
 
A Primer to Containerization & Microservices
A Primer to Containerization & MicroservicesA Primer to Containerization & Microservices
A Primer to Containerization & Microservices
 
Hide your development environment and application in a container
Hide your development environment and application in a containerHide your development environment and application in a container
Hide your development environment and application in a container
 
Containerization using docker
Containerization using dockerContainerization using docker
Containerization using docker
 
Essence Of Containerizati on 230508
Essence Of Containerizati on 230508 Essence Of Containerizati on 230508
Essence Of Containerizati on 230508
 
Discussing the difference between docker dontainers and virtual machines
Discussing the difference between docker dontainers and virtual machinesDiscussing the difference between docker dontainers and virtual machines
Discussing the difference between docker dontainers and virtual machines
 
NoOps != No Operations
NoOps != No OperationsNoOps != No Operations
NoOps != No Operations
 
Virtualization with Vagrant (ua.pycon 2011)
Virtualization with Vagrant (ua.pycon 2011)Virtualization with Vagrant (ua.pycon 2011)
Virtualization with Vagrant (ua.pycon 2011)
 
bed-con 2015 - From Virtual Machines to Containers
bed-con 2015 - From Virtual Machines to Containersbed-con 2015 - From Virtual Machines to Containers
bed-con 2015 - From Virtual Machines to Containers
 
Docker containerization cookbook
Docker containerization cookbookDocker containerization cookbook
Docker containerization cookbook
 
Continuous delivery with Gradle
Continuous delivery with GradleContinuous delivery with Gradle
Continuous delivery with Gradle
 
Docker Basics
Docker BasicsDocker Basics
Docker Basics
 
Reactive Programming Models for IoT
Reactive Programming Models for IoTReactive Programming Models for IoT
Reactive Programming Models for IoT
 
Vagrant and docker
Vagrant and dockerVagrant and docker
Vagrant and docker
 
The Cloud Native Journey
The Cloud Native JourneyThe Cloud Native Journey
The Cloud Native Journey
 

Similaire à Containerization is more than the new Virtualization: enabling separation of operational concerns

Containerization Is More than the New Virtualization
Containerization Is More than the New VirtualizationContainerization Is More than the New Virtualization
Containerization Is More than the New VirtualizationC4Media
 
Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment Arun prasath
 
Docker Tips And Tricks at the Docker Beijing Meetup
Docker Tips And Tricks at the Docker Beijing MeetupDocker Tips And Tricks at the Docker Beijing Meetup
Docker Tips And Tricks at the Docker Beijing MeetupJérôme Petazzoni
 
Lightweight Virtualization in Linux
Lightweight Virtualization in LinuxLightweight Virtualization in Linux
Lightweight Virtualization in LinuxSadegh Dorri N.
 
Docker Online Meetup #3: Docker in Production
Docker Online Meetup #3: Docker in ProductionDocker Online Meetup #3: Docker in Production
Docker Online Meetup #3: Docker in ProductionDocker, Inc.
 
Docker 0.11 at MaxCDN meetup in Los Angeles
Docker 0.11 at MaxCDN meetup in Los AngelesDocker 0.11 at MaxCDN meetup in Los Angeles
Docker 0.11 at MaxCDN meetup in Los AngelesJérôme Petazzoni
 
Containers and workload security an overview
Containers and workload security an overview Containers and workload security an overview
Containers and workload security an overview Krishna-Kumar
 
Dockerizing a Symfony2 application
Dockerizing a Symfony2 applicationDockerizing a Symfony2 application
Dockerizing a Symfony2 applicationRoman Rodomansky
 
Build High-Performance, Scalable, Distributed Applications with Stacks of Co...
Build High-Performance, Scalable, Distributed Applications with Stacks of Co... Build High-Performance, Scalable, Distributed Applications with Stacks of Co...
Build High-Performance, Scalable, Distributed Applications with Stacks of Co...Yandex
 
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...Codemotion
 
codemotion-docker-2014
codemotion-docker-2014codemotion-docker-2014
codemotion-docker-2014Carlo Bonamico
 
Containers, Docker, and Microservices: the Terrific Trio
Containers, Docker, and Microservices: the Terrific TrioContainers, Docker, and Microservices: the Terrific Trio
Containers, Docker, and Microservices: the Terrific TrioJérôme Petazzoni
 
Docker, Linux Containers, and Security: Does It Add Up?
Docker, Linux Containers, and Security: Does It Add Up?Docker, Linux Containers, and Security: Does It Add Up?
Docker, Linux Containers, and Security: Does It Add Up?Jérôme Petazzoni
 
ExpoQA 2017 Using docker to build and test in your laptop and Jenkins
ExpoQA 2017 Using docker to build and test in your laptop and JenkinsExpoQA 2017 Using docker to build and test in your laptop and Jenkins
ExpoQA 2017 Using docker to build and test in your laptop and JenkinsElasTest Project
 
Linux containers and docker
Linux containers and dockerLinux containers and docker
Linux containers and dockerFabio Fumarola
 
Containers: from development to production at DevNation 2015
Containers: from development to production at DevNation 2015Containers: from development to production at DevNation 2015
Containers: from development to production at DevNation 2015Jérôme Petazzoni
 
Drupalcamp es 2013 drupal with lxc docker and vagrant
Drupalcamp es 2013 drupal with lxc docker and vagrant Drupalcamp es 2013 drupal with lxc docker and vagrant
Drupalcamp es 2013 drupal with lxc docker and vagrant Ricardo Amaro
 
Laravel, docker, kubernetes
Laravel, docker, kubernetesLaravel, docker, kubernetes
Laravel, docker, kubernetesPeter Mein
 

Similaire à Containerization is more than the new Virtualization: enabling separation of operational concerns (20)

Containerization Is More than the New Virtualization
Containerization Is More than the New VirtualizationContainerization Is More than the New Virtualization
Containerization Is More than the New Virtualization
 
Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment
 
Docker Tips And Tricks at the Docker Beijing Meetup
Docker Tips And Tricks at the Docker Beijing MeetupDocker Tips And Tricks at the Docker Beijing Meetup
Docker Tips And Tricks at the Docker Beijing Meetup
 
Lightweight Virtualization in Linux
Lightweight Virtualization in LinuxLightweight Virtualization in Linux
Lightweight Virtualization in Linux
 
Docker-v3.pdf
Docker-v3.pdfDocker-v3.pdf
Docker-v3.pdf
 
Docker Online Meetup #3: Docker in Production
Docker Online Meetup #3: Docker in ProductionDocker Online Meetup #3: Docker in Production
Docker Online Meetup #3: Docker in Production
 
Docker 0.11 at MaxCDN meetup in Los Angeles
Docker 0.11 at MaxCDN meetup in Los AngelesDocker 0.11 at MaxCDN meetup in Los Angeles
Docker 0.11 at MaxCDN meetup in Los Angeles
 
Containers and workload security an overview
Containers and workload security an overview Containers and workload security an overview
Containers and workload security an overview
 
Dockers zero to hero
Dockers zero to heroDockers zero to hero
Dockers zero to hero
 
Dockerizing a Symfony2 application
Dockerizing a Symfony2 applicationDockerizing a Symfony2 application
Dockerizing a Symfony2 application
 
Build High-Performance, Scalable, Distributed Applications with Stacks of Co...
Build High-Performance, Scalable, Distributed Applications with Stacks of Co... Build High-Performance, Scalable, Distributed Applications with Stacks of Co...
Build High-Performance, Scalable, Distributed Applications with Stacks of Co...
 
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
 
codemotion-docker-2014
codemotion-docker-2014codemotion-docker-2014
codemotion-docker-2014
 
Containers, Docker, and Microservices: the Terrific Trio
Containers, Docker, and Microservices: the Terrific TrioContainers, Docker, and Microservices: the Terrific Trio
Containers, Docker, and Microservices: the Terrific Trio
 
Docker, Linux Containers, and Security: Does It Add Up?
Docker, Linux Containers, and Security: Does It Add Up?Docker, Linux Containers, and Security: Does It Add Up?
Docker, Linux Containers, and Security: Does It Add Up?
 
ExpoQA 2017 Using docker to build and test in your laptop and Jenkins
ExpoQA 2017 Using docker to build and test in your laptop and JenkinsExpoQA 2017 Using docker to build and test in your laptop and Jenkins
ExpoQA 2017 Using docker to build and test in your laptop and Jenkins
 
Linux containers and docker
Linux containers and dockerLinux containers and docker
Linux containers and docker
 
Containers: from development to production at DevNation 2015
Containers: from development to production at DevNation 2015Containers: from development to production at DevNation 2015
Containers: from development to production at DevNation 2015
 
Drupalcamp es 2013 drupal with lxc docker and vagrant
Drupalcamp es 2013 drupal with lxc docker and vagrant Drupalcamp es 2013 drupal with lxc docker and vagrant
Drupalcamp es 2013 drupal with lxc docker and vagrant
 
Laravel, docker, kubernetes
Laravel, docker, kubernetesLaravel, docker, kubernetes
Laravel, docker, kubernetes
 

Plus de Jérôme Petazzoni

Use the Source or Join the Dark Side: differences between Docker Community an...
Use the Source or Join the Dark Side: differences between Docker Community an...Use the Source or Join the Dark Side: differences between Docker Community an...
Use the Source or Join the Dark Side: differences between Docker Community an...Jérôme Petazzoni
 
Orchestration for the rest of us
Orchestration for the rest of usOrchestration for the rest of us
Orchestration for the rest of usJérôme Petazzoni
 
Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...
Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...
Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...Jérôme Petazzoni
 
Docker : quels enjeux pour le stockage et réseau ? Paris Open Source Summit ...
Docker : quels enjeux pour le stockage et réseau ? Paris Open Source Summit ...Docker : quels enjeux pour le stockage et réseau ? Paris Open Source Summit ...
Docker : quels enjeux pour le stockage et réseau ? Paris Open Source Summit ...Jérôme Petazzoni
 
Making DevOps Secure with Docker on Solaris (Oracle Open World, with Jesse Bu...
Making DevOps Secure with Docker on Solaris (Oracle Open World, with Jesse Bu...Making DevOps Secure with Docker on Solaris (Oracle Open World, with Jesse Bu...
Making DevOps Secure with Docker on Solaris (Oracle Open World, with Jesse Bu...Jérôme Petazzoni
 
Containers, docker, and security: state of the union (Bay Area Infracoders Me...
Containers, docker, and security: state of the union (Bay Area Infracoders Me...Containers, docker, and security: state of the union (Bay Area Infracoders Me...
Containers, docker, and security: state of the union (Bay Area Infracoders Me...Jérôme Petazzoni
 
From development environments to production deployments with Docker, Compose,...
From development environments to production deployments with Docker, Compose,...From development environments to production deployments with Docker, Compose,...
From development environments to production deployments with Docker, Compose,...Jérôme Petazzoni
 
How to contribute to large open source projects like Docker (LinuxCon 2015)
How to contribute to large open source projects like Docker (LinuxCon 2015)How to contribute to large open source projects like Docker (LinuxCon 2015)
How to contribute to large open source projects like Docker (LinuxCon 2015)Jérôme Petazzoni
 
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...Jérôme Petazzoni
 
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxConAnatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxConJérôme Petazzoni
 
Microservices. Microservices everywhere! (At OSCON 2015)
Microservices. Microservices everywhere! (At OSCON 2015)Microservices. Microservices everywhere! (At OSCON 2015)
Microservices. Microservices everywhere! (At OSCON 2015)Jérôme Petazzoni
 
Deploy microservices in containers with Docker and friends - KCDC2015
Deploy microservices in containers with Docker and friends - KCDC2015Deploy microservices in containers with Docker and friends - KCDC2015
Deploy microservices in containers with Docker and friends - KCDC2015Jérôme Petazzoni
 
Immutable infrastructure with Docker and containers (GlueCon 2015)
Immutable infrastructure with Docker and containers (GlueCon 2015)Immutable infrastructure with Docker and containers (GlueCon 2015)
Immutable infrastructure with Docker and containers (GlueCon 2015)Jérôme Petazzoni
 
The Docker ecosystem and the future of application deployment
The Docker ecosystem and the future of application deploymentThe Docker ecosystem and the future of application deployment
The Docker ecosystem and the future of application deploymentJérôme Petazzoni
 
Docker: automation for the rest of us
Docker: automation for the rest of usDocker: automation for the rest of us
Docker: automation for the rest of usJérôme Petazzoni
 
Docker Non Technical Presentation
Docker Non Technical PresentationDocker Non Technical Presentation
Docker Non Technical PresentationJérôme Petazzoni
 
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special Edition
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special EditionIntroduction to Docker, December 2014 "Tour de France" Bordeaux Special Edition
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special EditionJérôme Petazzoni
 
Introduction to Docker, December 2014 "Tour de France" Edition
Introduction to Docker, December 2014 "Tour de France" EditionIntroduction to Docker, December 2014 "Tour de France" Edition
Introduction to Docker, December 2014 "Tour de France" EditionJérôme Petazzoni
 
Pipework: Software-Defined Network for Containers and Docker
Pipework: Software-Defined Network for Containers and DockerPipework: Software-Defined Network for Containers and Docker
Pipework: Software-Defined Network for Containers and DockerJérôme Petazzoni
 
Introduction to Docker at Glidewell Laboratories in Orange County
Introduction to Docker at Glidewell Laboratories in Orange CountyIntroduction to Docker at Glidewell Laboratories in Orange County
Introduction to Docker at Glidewell Laboratories in Orange CountyJérôme Petazzoni
 

Plus de Jérôme Petazzoni (20)

Use the Source or Join the Dark Side: differences between Docker Community an...
Use the Source or Join the Dark Side: differences between Docker Community an...Use the Source or Join the Dark Side: differences between Docker Community an...
Use the Source or Join the Dark Side: differences between Docker Community an...
 
Orchestration for the rest of us
Orchestration for the rest of usOrchestration for the rest of us
Orchestration for the rest of us
 
Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...
Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...
Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...
 
Docker : quels enjeux pour le stockage et réseau ? Paris Open Source Summit ...
Docker : quels enjeux pour le stockage et réseau ? Paris Open Source Summit ...Docker : quels enjeux pour le stockage et réseau ? Paris Open Source Summit ...
Docker : quels enjeux pour le stockage et réseau ? Paris Open Source Summit ...
 
Making DevOps Secure with Docker on Solaris (Oracle Open World, with Jesse Bu...
Making DevOps Secure with Docker on Solaris (Oracle Open World, with Jesse Bu...Making DevOps Secure with Docker on Solaris (Oracle Open World, with Jesse Bu...
Making DevOps Secure with Docker on Solaris (Oracle Open World, with Jesse Bu...
 
Containers, docker, and security: state of the union (Bay Area Infracoders Me...
Containers, docker, and security: state of the union (Bay Area Infracoders Me...Containers, docker, and security: state of the union (Bay Area Infracoders Me...
Containers, docker, and security: state of the union (Bay Area Infracoders Me...
 
From development environments to production deployments with Docker, Compose,...
From development environments to production deployments with Docker, Compose,...From development environments to production deployments with Docker, Compose,...
From development environments to production deployments with Docker, Compose,...
 
How to contribute to large open source projects like Docker (LinuxCon 2015)
How to contribute to large open source projects like Docker (LinuxCon 2015)How to contribute to large open source projects like Docker (LinuxCon 2015)
How to contribute to large open source projects like Docker (LinuxCon 2015)
 
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...
 
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxConAnatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
 
Microservices. Microservices everywhere! (At OSCON 2015)
Microservices. Microservices everywhere! (At OSCON 2015)Microservices. Microservices everywhere! (At OSCON 2015)
Microservices. Microservices everywhere! (At OSCON 2015)
 
Deploy microservices in containers with Docker and friends - KCDC2015
Deploy microservices in containers with Docker and friends - KCDC2015Deploy microservices in containers with Docker and friends - KCDC2015
Deploy microservices in containers with Docker and friends - KCDC2015
 
Immutable infrastructure with Docker and containers (GlueCon 2015)
Immutable infrastructure with Docker and containers (GlueCon 2015)Immutable infrastructure with Docker and containers (GlueCon 2015)
Immutable infrastructure with Docker and containers (GlueCon 2015)
 
The Docker ecosystem and the future of application deployment
The Docker ecosystem and the future of application deploymentThe Docker ecosystem and the future of application deployment
The Docker ecosystem and the future of application deployment
 
Docker: automation for the rest of us
Docker: automation for the rest of usDocker: automation for the rest of us
Docker: automation for the rest of us
 
Docker Non Technical Presentation
Docker Non Technical PresentationDocker Non Technical Presentation
Docker Non Technical Presentation
 
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special Edition
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special EditionIntroduction to Docker, December 2014 "Tour de France" Bordeaux Special Edition
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special Edition
 
Introduction to Docker, December 2014 "Tour de France" Edition
Introduction to Docker, December 2014 "Tour de France" EditionIntroduction to Docker, December 2014 "Tour de France" Edition
Introduction to Docker, December 2014 "Tour de France" Edition
 
Pipework: Software-Defined Network for Containers and Docker
Pipework: Software-Defined Network for Containers and DockerPipework: Software-Defined Network for Containers and Docker
Pipework: Software-Defined Network for Containers and Docker
 
Introduction to Docker at Glidewell Laboratories in Orange County
Introduction to Docker at Glidewell Laboratories in Orange CountyIntroduction to Docker at Glidewell Laboratories in Orange County
Introduction to Docker at Glidewell Laboratories in Orange County
 

Dernier

#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 

Dernier (20)

#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 

Containerization is more than the new Virtualization: enabling separation of operational concerns

  • 1. containerization: more than the new virtualization
  • 2. Jérôme Petazzoni (@jpetazzo) Grumpy French DevOps - Go away or I will replace you with a very small shell script Runs everything in containers - Docker-in-Docker - VPN-in-Docker - KVM-in-Docker - Xorg-in-Docker - ...
  • 3.
  • 5. Outline Containers as lightweight VMs Containers vs VMs Separation of operational concerns Benefits Conclusions
  • 6.
  • 8. It looks like a VM Private process space Can run stuff as root Private network interface and IP address Custom routes, iptables rules, etc. Can mount filesystems and more
  • 9. Process tree in a “machine container” PID TTY STAT TIME COMMAND 1 ? Ss+ 0:00 /usr/bin/python3 -u /sbin/my_init --enable-insecure-key 104 ? S+ 0:00 /usr/bin/runsvdir -P /etc/service 105 ? Ss 0:00 _ runsv syslog-ng 108 ? S 0:00 | _ syslog-ng -F -p /var/run/syslog-ng.pid --no-caps 106 ? Ss 0:00 _ runsv sshd 109 ? S 0:00 | _ /usr/sbin/sshd -D 117 ? Ss 0:00 | _ sshd: root@pts/0 119 pts/0 Ss 0:00 | _ -bash 135 pts/0 R+ 0:00 | _ ps fx 107 ? Ss 0:00 _ runsv cron 110 ? S 0:00 _ /usr/sbin/cron -f
  • 10. Faster to boot, less overhead than a VM $ time docker run ubuntu echo hello world hello world real 0m0.258s Disk usage: less than 100 kB Memory usage: less than 1.5 MB
  • 15.
  • 17. Virtual Machines Emulate CPU instructions (painfully slow) Emulate hardware (storage, network...) (painfully slow) Run as a userland process on top of a kernel (painfully slow)
  • 18. Virtual Machines Use native CPU (fast!) Paravirtualized storage, network... (fast, but higher resource usage) Run on top of a hypervisor (faster, but still some overhead)
  • 19. Containers Processes isolated from each other Very little extra code path (in many cases, it's comparable to UID checking)
  • 20. Virtual Machines vs Containers Native CPU Paravirtualized devices Hypervisor Native CPU Native syscalls Native kernel
  • 21. Inter-VM communication Strong isolation, enforced by hypervisor + hardware - no fast-path data transfer between virtual machines - yes, there are PCI pass-throughs and things like xenbus, but that's not easy to use, very specific, not portable Most convenient method: network protocols (L2/L3) But: huge advantage from a security POV
  • 22. Inter-container communication Tunable isolation - each namespace can be isolated or shared Allows normal Unix communication mechanisms - network protocols on loopback interface - UNIX sockets - shared memory - IPC... Reuse techniques that we know and love (?)
  • 23.
  • 25. Shared localhost Multiple containers can share the same “localhost” (by reusing the same network namespace) Communication over localhost is very very fast Also: localhost is a well-known address
  • 26. Shared filesystem A directory can be shared by multiple containers (by using a bind-mount) That directory can contain: - named pipes (FIFOs) - UNIX sockets - memory-mapped files Bind-mount = zero overhead
  • 27. Shared IPC Multiple containers can share IPC resources (using the special IPC namespace) Semaphores, Shared Memory, Message Queues... Is anybody still using this?
  • 28. Host networking Containers can share the host's network stack (by reusing its network namespace) They can use the host's interfaces without penalty (high speed, low latency, no overhead!) Native performance to talk with external containers
  • 29. Host filesystems Containers can share a directory with the host Example: use fast storage (SAN, SSD...) in container - mount it on the host - share it with the container - done! Native performance to use I/O subsystem
  • 30.
  • 32. ...What? “Ops” functions (backups, logging...) can be performed in separate containers Application containers can run unchanged in various environments: dev, test, QA, prod...
  • 33. logs
  • 34. Old style ssh into container cd /var/log tail, grep, ack-grep, awk, sed, apachetop, perl, etc.
  • 35. New style Create a “data container” to hold the logs docker run --name logs -v /var/log busybox true Start app container sharing that volume docker run --volumes-from logs myapp Inspect logs docker run -ti --volumes-from logs -w /var/log ubuntu bash Use fancy tools without polluting app container docker run -ti --volumes-from logs turbogrep ...
  • 36. Bonus points Ship logs to something else (logstash, syslog...) docker run --volumes-from logs pipestash Change logging system independently: - without rebuilding app container - without restarting app container - run multiple logging systems at the same time (e.g. for migration)
  • 38. Old style Prepare the tools - install things like rsync, s3cmd, boto, mysqldump... - get backup script Perform one-shot manual backup - SSH and run the backup script Set up routine backups - edit crontab
  • 39. New style: setup Create a “data container” to hold the files to back up docker run --name mysqldata -v /var/lib/mysql busybox true Start app container sharing that volume docker run --volumes-from mysqldata mysql Create a separate image with backup tools - Dockerfile with “apt-get install rsync s3cmd...”
  • 40. New style: one-shot manual backup Use the special backup image docker run --rm --volumes-from mysqldata mysqlbackup tar -cJf- /var/lib/mysql | stream-it-to-the-cloud.py Of course, you can use something fancier than tar (e.g. rsync, tarsnap...)
  • 41. New style: routine backups Option 1 - run “crond” in backup image - start backup image and keep it running Option 2 - start backup script from a crontab entry on the Docker host Option 3 - have a special “cron” container - give it access to the Docker API - let it start the backup container at regular intervals
  • 43. Old style ssh into container Install tcpdump, ngrep, … Run them
  • 44. New style Make a container image with tcpdump, ngrep... (let's call it “netdebug”) Run it in the namespace of the application container docker run -ti --net container:<app_cid> netdebug bash Now run tcpdump, ngrep, etc. Want to copy a dump to see it with wireshark? docker run -ti --net container:... -v /tmp:/tmp netdebug tcpdump -s0 -peni eth0 -w/tmp/myapp.pcap
  • 46. Old style ssh into container vi /etc/tomcat/something.xml (maybe) /etc/init.d/tomcat restart
  • 47. New style Option 1 - set up /etc/tomcat to be a “data container” - start another container sharing this volume; install vi/emacs here Option 2 - set up /etc/tomcat to be on the host: docker run -v /etc/containers/myapp:/etc/tomcat … If needed: restart the container - docker stop; docker start - docker kill -s HUP
  • 48.
  • 50.
  • 52. Virtual Machine deployment Linux base system Libraries Application Logging Backups Metrics ...
  • 53. With configuration management node www { include common include web include logstash include backup include graphite }
  • 54. Problems Conflicts between two components - example: logging and metrics systems use different Java versions Software certified for different distro - example: one component requires RHEL 6.4 but you run Ubuntu Migration from one component to another - example: from syslog to splunk
  • 55. Container deployment Linux base system Docker Application container Logging container Backups container Metrics container ...
  • 56.
  • 58. Immutable infrastructure What's an immutable infrastructure? - re-create images each time you change a line of code - prevent (or track) modifications of running images Why is it useful? - no more rebellious servers after manual upgrades - no more “oops, how do we roll back?” after catastrophic upgrade - easier security audit (inspect images at rest) How can containers help? - container images are easier to create and manage than VM images
  • 59. Micro-service architecture What's a micro-service architecture? - break your big application down into many small services Why is it useful? - it's easier to upgrade/refactor/replace a small service - encourages to have many small teams*, each owning a service (*small teams are supposedly better; see Jeff Bezos' “two-pizza rule”) How can containers help? - problem: 10 micro-services instead of 1 big application = 10x more work to deploy everything - solution: need extremely easy deployment; hello containers!
  • 60.