Table of content: https://docs.google.com/document/d/1IIOkivkS0lV9QIL16b_OjT480BxZHQfKswvvS-CVZlw/view
Docker
Setting up
https://docs.docker.com/install/linux/docker-ce/debian/
- Trust Docker's key
- Add repository
- Update
- Install package
- Test: "docker --version", "sudo docker run --rm -it hello-world"
- Add rights to user
Typical Docker command
# docker run --rm -it alpine /bin/sh
Unable to find image 'alpine:latest' locally
latest: Pulling from library/alpine
b56ae66c2937: Pull complete (Downloading, Extracting)
Digest: sha256:d6bfc3baf615dc9618209a8d607ba2a8103d9c8a405b3bd8741d88b4bef36478 Status: Downloaded newer image for alpine:latest
/ # echo hello
hello
Dockerfiles
Simple sample Docker file:
FROM alpine:latest
RUN \
echo hello > /world.txt
COPY myshell /theshell
ENTRYPOINT /theshell
Command line:
docker build . -t mycontainer
docker run --rm -it mycontainer
"Pillars" of Docker
- Isolation: namespaces and cgroups
- Layered filesystem
Isolation levels
- No isolation
- User accounts
- User-space containers (LXC, Docker on Linux)
- Isolated network (can be opted out)
- Isolated filesystem (but can share mounts)
- Processes grouped together
- Resources usage
- Still same Linux kernel
- Virtual machine (also Docker on non-Linux)
- Isolated network (unavoidable)
- Isolated block device (tricky to share files)
- Separate Linux kernel
- Most secure
- Most performant (but can be close to virtual machine)
Cloud approach vs classical approach
Classical approach
- Gateway
- Database server
- Web server
- Logging server
- Physical machine -> OS -> App
- Can't easily rearrange and manage resources
Cloud approach
- Most servers are the same: Physical machine -> OS -> Virtualization solution
- Virtual machine (or Docker) -> App
- Can move applications between servers
- Can add more servers easily