SlideShare a Scribd company logo

Introduction to docker

Walid Ashraf
Walid Ashraf

Docker is an open platform for developing, shipping, and running applications. It allows separating applications from infrastructure and treating infrastructure like code. Docker provides lightweight containers that package code and dependencies together. The Docker architecture includes images that act as templates for containers, a client-server model with a daemon, and registries for storing images. Key components that enable containers are namespaces, cgroups, and capabilities. The Docker ecosystem includes services like Docker Hub, Docker Swarm for clustering, and Docker Compose for orchestration.

Related slideshows

Introduction to Ansible
Introduction to AnsibleIntroduction to Ansible
Introduction to Ansible
 
Docker and Devops
Docker and DevopsDocker and Devops
Docker and Devops
 
Evolution of containers to kubernetes
Evolution of containers to kubernetesEvolution of containers to kubernetes
Evolution of containers to kubernetes
 
1 of 23
Download to read offline
Walid Ashraf Researcher , Software Developer, Instructor about.me/WalidAshraf INTRODUCTION TO DOCKER
Docker - Walid Ashraf Table of Contents What are Containers? What is Docker? Docker Architecture A small journey under the hood Docker Eco System
Docker - Walid Ashraf What is Virtualization ? Virtualization refers to the act of creating a virtual (rather than actual) version of something, including virtual computer hardware platforms, operating systems, storage devices, and computer network resources - Wikipedia. It’s all about abstraction.
Docker - Walid Ashraf What are Containers? Container virtualization or Operating System-level virtualization where the kernel of an operating system allows for multiple isolated user space instances, instead of just one – Wikipedia. Its all about sandboxing. Containers are also know as lightweight Virtualization.
Docker - Walid Ashraf
Docker - Walid Ashraf What is Docker?
Docker - Walid Ashraf What is Docker? Docker is an open platform for developing, shipping, and running applications. Docker combines a lightweight container virtualization platform with workflows and tooling that help you manage and deploy your applications. With Docker you can separate your applications from your infrastructure AND treat your infrastructure like a managed application. Docker helps you ship code faster, test faster, deploy faster, and shorten the cycle between writing code and running code.
Docker - Walid Ashraf Docker’s architecture?
Docker - Walid Ashraf Docker Client and Server Docker contains a server or daemon, which, in turn, does all the work. Docker ships with a command line client, Docker, as well as a full RESTful API. You can run the Docker daemon and client on the same host or connect your local Docker client to a remote daemon running on another host.
Docker - Walid Ashraf Docker Images You can consider images to be the "source code" for your containers. They are a layered format, using Union file systems (AUFS, BTRFS), that are built step-by-step using a series of instructions. • Add a file. • Run a command. • Open a port. They are highly portable and can be shared, stored, and updated.
Docker - Walid Ashraf Registries Docker stores the images you build in registries. There are two types of registries: public and private. • The Docker Hub also contains, at last count, over 400K image that other people have built and shared. • Want a Docker image for an Nginx web server, the Asterisk open source PABX system, or a MySQL database? All of these are available, along with a whole lot more. • You can also store images that you want to keep private on the Docker Hub. • These images might include source code or other proprietary information you want to keep secure or only share with other members of your team or organization. Docker, Inc., operates the public registry for images, called the Docker Hub. Also you can create you own Registry behind the fire wall.
Docker - Walid Ashraf A SMALL JOURNEY UNDER THE HOOD
Docker - Walid Ashraf What happens when you start a container Pulls the image (if its not there) Allocates a filesystem and mounts a read-write layer Start the container !!! Allocates a network / bridge interface Executes a process that you specify: Runs your application.
Docker - Walid Ashraf Docker Engine and OS
Docker - Walid Ashraf kernel namespaces A namespace are the actual virtualization component of containers where it wraps a resource and create a fixed and abstracted system view of the underlying OS. There are 6 Name Spaces: • PID namespace provides isolation for the allocation of process identifiers (PIDs) • Network namespace isolates the network interface controllers (physical or virtual), iptables firewall rules, routing tables etc. • "UTS" namespace allows changing the hostname. • Mount namespace allows creating a different file system layout, or making certain mount points read- only. • IPC namespace isolates the SystemV inter-process communication between namespaces. • User namespace isolates the user IDs between namespaces.
Docker - Walid Ashraf Control Groups (Cgroups) Resource limitation Groups can be set to not exceed a configured memory limit, which also includes the file system cache. Prioritization Some groups may get a larger share of CPU utilization or disk I/O throughput. Accounting Measures how much resources certain systems use, which may be used, for example, for billing purposes. Control Freezing the groups of processes, their checkpointing and restarting
Docker - Walid Ashraf Capabilities It configures the set of operations to be executed CAP_CHOWN Make arbitrary changes to file UIDs and GIDs Also it configures the allowed mounted devices
Docker - Walid Ashraf THE DOCKER ECO SYSTEM
Docker - Walid Ashraf Docker Now
Docker - Walid Ashraf The Docker Eco System Registry(Docker Hub) Private Version (Docker Trusted Registry) Clustering (Docker Swarm…) Orchestration (Docker Compose…) Docker Cloud Universal Control Plane https://www.mindmeister.com/fr/389671722/open-container-ecosystem-formerly- docker-ecosystem
Docker - Walid Ashraf The Docker Quote Develop, Ship and Run Any Application, Anywhere 
Docker - Walid Ashraf Container, The real Write Once run Every Where
Docker - Walid Ashraf23

More Related Content

Introduction to docker

  • 1. Walid Ashraf Researcher , Software Developer, Instructor about.me/WalidAshraf INTRODUCTION TO DOCKER
  • 2. Docker - Walid Ashraf Table of Contents What are Containers? What is Docker? Docker Architecture A small journey under the hood Docker Eco System
  • 3. Docker - Walid Ashraf What is Virtualization ? Virtualization refers to the act of creating a virtual (rather than actual) version of something, including virtual computer hardware platforms, operating systems, storage devices, and computer network resources - Wikipedia. It’s all about abstraction.
  • 4. Docker - Walid Ashraf What are Containers? Container virtualization or Operating System-level virtualization where the kernel of an operating system allows for multiple isolated user space instances, instead of just one – Wikipedia. Its all about sandboxing. Containers are also know as lightweight Virtualization.
  • 5. Docker - Walid Ashraf
  • 6. Docker - Walid Ashraf What is Docker?
  • 7. Docker - Walid Ashraf What is Docker? Docker is an open platform for developing, shipping, and running applications. Docker combines a lightweight container virtualization platform with workflows and tooling that help you manage and deploy your applications. With Docker you can separate your applications from your infrastructure AND treat your infrastructure like a managed application. Docker helps you ship code faster, test faster, deploy faster, and shorten the cycle between writing code and running code.
  • 8. Docker - Walid Ashraf Docker’s architecture?
  • 9. Docker - Walid Ashraf Docker Client and Server Docker contains a server or daemon, which, in turn, does all the work. Docker ships with a command line client, Docker, as well as a full RESTful API. You can run the Docker daemon and client on the same host or connect your local Docker client to a remote daemon running on another host.
  • 10. Docker - Walid Ashraf Docker Images You can consider images to be the "source code" for your containers. They are a layered format, using Union file systems (AUFS, BTRFS), that are built step-by-step using a series of instructions. • Add a file. • Run a command. • Open a port. They are highly portable and can be shared, stored, and updated.
  • 11. Docker - Walid Ashraf Registries Docker stores the images you build in registries. There are two types of registries: public and private. • The Docker Hub also contains, at last count, over 400K image that other people have built and shared. • Want a Docker image for an Nginx web server, the Asterisk open source PABX system, or a MySQL database? All of these are available, along with a whole lot more. • You can also store images that you want to keep private on the Docker Hub. • These images might include source code or other proprietary information you want to keep secure or only share with other members of your team or organization. Docker, Inc., operates the public registry for images, called the Docker Hub. Also you can create you own Registry behind the fire wall.
  • 12. Docker - Walid Ashraf A SMALL JOURNEY UNDER THE HOOD
  • 13. Docker - Walid Ashraf What happens when you start a container Pulls the image (if its not there) Allocates a filesystem and mounts a read-write layer Start the container !!! Allocates a network / bridge interface Executes a process that you specify: Runs your application.
  • 14. Docker - Walid Ashraf Docker Engine and OS
  • 15. Docker - Walid Ashraf kernel namespaces A namespace are the actual virtualization component of containers where it wraps a resource and create a fixed and abstracted system view of the underlying OS. There are 6 Name Spaces: • PID namespace provides isolation for the allocation of process identifiers (PIDs) • Network namespace isolates the network interface controllers (physical or virtual), iptables firewall rules, routing tables etc. • "UTS" namespace allows changing the hostname. • Mount namespace allows creating a different file system layout, or making certain mount points read- only. • IPC namespace isolates the SystemV inter-process communication between namespaces. • User namespace isolates the user IDs between namespaces.
  • 16. Docker - Walid Ashraf Control Groups (Cgroups) Resource limitation Groups can be set to not exceed a configured memory limit, which also includes the file system cache. Prioritization Some groups may get a larger share of CPU utilization or disk I/O throughput. Accounting Measures how much resources certain systems use, which may be used, for example, for billing purposes. Control Freezing the groups of processes, their checkpointing and restarting
  • 17. Docker - Walid Ashraf Capabilities It configures the set of operations to be executed CAP_CHOWN Make arbitrary changes to file UIDs and GIDs Also it configures the allowed mounted devices
  • 18. Docker - Walid Ashraf THE DOCKER ECO SYSTEM
  • 19. Docker - Walid Ashraf Docker Now
  • 20. Docker - Walid Ashraf The Docker Eco System Registry(Docker Hub) Private Version (Docker Trusted Registry) Clustering (Docker Swarm…) Orchestration (Docker Compose…) Docker Cloud Universal Control Plane https://www.mindmeister.com/fr/389671722/open-container-ecosystem-formerly- docker-ecosystem
  • 21. Docker - Walid Ashraf The Docker Quote Develop, Ship and Run Any Application, Anywhere 
  • 22. Docker - Walid Ashraf Container, The real Write Once run Every Where
  • 23. Docker - Walid Ashraf23

Editor's Notes

  1. https://medium.com/microscaling-systems/how-many-public-images-are-there-on-docker-hub-bcdd2f7d6100
  2. https://docs.docker.com/engine/reference/run/#/runtime-privilege-and-linux-capabilities