docker architecture(version modified)
TRANSCRIPT
Presentation By:Mohammadreza Amini
Amir Arsalan
Autumn 2015IRAN OpenStack Users Group
Docker ArchitectureVersion Modified
Agenda
Docker ArchitectureVersion Modified
| Iran Community OpenStack.ir
● Docker Concept
● How Does Docker Work?
● Should know about Docker
● Docker vs VMs
● Docker vs lxc
● The underlying technology
Docker ArchitectureVersion Modified
| Iran Community OpenStack.ir
Docker Concept
Docker is composed of following four components
Docker ArchitectureVersion Modified
| Iran Community OpenStack.ir
● Docker Client and Daemon
● Images
● registries
● Containers
Docker Client and Daemon
Docker ArchitectureVersion Modified
| Iran Community OpenStack.ir
Docker Daemon
the Docker daemon runs on a host machine. The user does not directly interact
with the daemon, but instead through the Docker client.
Docker Client
The Docker client, in the form of the docker binary, is the primary user interface to
Docker. It accepts commands from the user and communicates back and forth with
a Docker daemon.
Images
Docker ArchitectureVersion Modified
| Iran Community OpenStack.ir
A Docker image is a read-only template.
Image type:
● Images that exist on register (docker hub)
● Images that can created with build
Registeries
Docker ArchitectureVersion Modified
| Iran Community OpenStack.ir
Docker registries hold images. These are public or private stores from which you upload or
download images. The public Docker registry is provided with the Docker Hub.
Containers
Docker ArchitectureVersion Modified
| Iran Community OpenStack.ir
Docker containers are similar to a directory. A Docker container holds everything that is
needed for an application to run. Each container is created from a Docker image.
Docker ArchitectureVersion Modified
| Iran Community OpenStack.ir
How Does Docker Work?
Docker ArchitectureVersion Modified
| Iran Community OpenStack.ir
Reference: https://docs.docker.com/article-img/architecture.svg
What happens when you run a container?
Docker ArchitectureVersion Modified
| Iran Community OpenStack.ir
● Pulls the image
● Creates a new container
● Allocates a filesystem and mounts a read-write layer
● Allocates a network / bridge interface
● Sets up an IP address
● Executes a process that you specify
● Captures and provides application output
Docker ArchitectureVersion Modified
| Iran Community OpenStack.ir
Should know about Docker
Docker ArchitectureVersion Modified
| Iran Community OpenStack.ir
● Docker is not LXC
● Docker is not a Virtual machine Solution.
● Docker is not a configuration management system and is not a replacement for chef,
puppet, Ansible etc.
● Docker is not a platform as a service technology.
Things you should know about Docker:
Docker ArchitectureVersion Modified
| Iran Community OpenStack.ir
Docker vs VMs
Docker ArchitectureVersion Modified
| Iran Community OpenStack.ir
Reference: https://risingstack-blog.s3-eu-west-1.amazonaws.com/2015/05/hypervisor-based-virtualization.jpg
Docker ArchitectureVersion Modified
| Iran Community OpenStack.ir
Reference: https://risingstack-blog.s3-eu-west-1.amazonaws.com/2015/05/os-virtualization.jpg
Docker ArchitectureVersion Modified
| Iran Community OpenStack.ir
Docker vs lxc
Docker ArchitectureVersion Modified
| Iran Community OpenStack.ir
Reference: https://www.flockport.com/lxc-vs-docker/
Docker ArchitectureVersion Modified
| Iran Community OpenStack.ir
The underlying technology
Namespaces
Docker ArchitectureVersion Modified
| Iran Community OpenStack.ir
Namespaces provides a layer of isolation: each aspect of a container runs in its own
namespace and does not have access outside it.
More Details: http://www.toptal.com/linux/separation-anxiety-isolating-your-system-with-linux-namespaces
Control Groups
Docker ArchitectureVersion Modified
| Iran Community OpenStack.ir
Cgroups running applications in isolation is to have them only use the resources you want. This ensures
containers are good multi-tenant citizens on a host. Control groups allow Docker to share available
hardware resources to containers and, if required, set up limits and constraints. For example, limiting the
memory available to a specific container.
More Details: https://www.kernel.org/doc/Documentation/cgroups/cgroups.txt
Union File System
Docker ArchitectureVersion Modified
| Iran Community OpenStack.ir
Union file systems, or UnionFS, are file systems that operate by creating layers, making them very
lightweight and fast. Docker uses union file systems to provide the building blocks for containers.
More Details: http://www.fsl.cs.sunysb.edu/docs/unionfs-tr/unionfs.pdf
Docker ArchitectureVersion Modified
| Iran Community OpenStack.ir
Any Question?
Docker ArchitectureVersion Modified
| Iran Community OpenStack.ir
Stay in Touch and Join Us:
● Home Page: OpenStack.ir
● Meetup age: Meetup.com/IranOpenStack
● Mailing List: [email protected]
● Twitter: @OpenStackIR , #OpenStackIRAN
● IRC Channel on FreeNode: #OpenStack-ir
Docker ArchitectureVersion Modified
| Iran Community OpenStack.ir
Mohammadreza Amini
Linux Administrator
Amir Arsalan
Python Developer
Thank You