Commit a63c494a authored by Jannik Hüls's avatar Jannik Hüls

chapters

parent 2ebf0463
......@@ -58,7 +58,7 @@
<section>
<section data-markdown="parts/7thebigpic.md" data-separator="---"></section>
</section>
<section data-background-image="img/slides/common/engine.svg">
<section>
<section data-markdown="parts/8engine.md" data-separator="---"></section>
</section>
<section>
......
......@@ -53,7 +53,7 @@ volumes:
- Clone `https://github.com/nigelpoulton/counter-app`
- Use `docker-compose up &` to start the app
- Expose the web front-end
- Discussion :-)
- **Discussion :-)**
---
### Show
- `docker image ls`
......
......@@ -88,7 +88,6 @@ $ docker service create --name web-fe \
- `docker service ls`
- `docker service ps web-fe`
- `docker service inspect --pretty web-fe`
- Discuss `Replicated`vs `Global``
- `docker service scale web-fe=10`
- `docker service scale web-fe=5`
- `docker service rm web-fe`
......
......@@ -49,7 +49,7 @@
- Provide each container its own hostname
---
### Control groups
- Setting limits
- Setting resource limits
- No single container can use all of the hosts resources
- CPU, RAM, disk I/O
---
......@@ -97,3 +97,6 @@
- Are encrypted at rest and in-flight
- Mounted in in-memory filesystem
- Operate under a least-privilege model
---
### Just found it yesterday:
https://blog.haschek.at/2018/the-curious-case-of-the-RasPi-in-our-network.html
\ No newline at end of file
......@@ -94,7 +94,7 @@ F S UID PID PPID C PRI NI ADDR SZ WCHAN STIME TTY TIME CMD
```
---
### Show
- `ps -elf` on host
- `ps -elf` inside container, on host
- `docker ps == docker container ls`
- `docker exec -it <container-id> /bin/bash`
- `docker container stop <container-id>`
......
......@@ -16,7 +16,7 @@ Problems:
- Core but external dependency
- Development of **libcontainer**
---
# Getting rid ot the Monolith
# Getting rid of the Monolith
- Modularize it
- Swapped out, easily re-used parts
- tried-and-test Unix philosophy
......@@ -25,7 +25,7 @@ Problems:
---
# runc
- OCI container-runtime-spec
- Standlone CLI wrapper for libcontainer
- Standalone CLI wrapper for libcontainer
- Single purpose: **Create containers**
---
# containerd
......@@ -34,13 +34,13 @@ Problems:
- Image management: Needed e.g. in Kubernetes
---
### Starting a container
1. `$ docker container run --name ctr1 -it alpine:latest sh`
2. Docker **client converts** them to API payload, POST to endpoint
3. **daemon** implements API, calls **containerd** via CRUD
4. **containerd** creates image into OCI bundle
5. **containerd** tells **runc** to create a new container
6. **runc** interfaces the OS kernel, pulls all together (cgroups, namespaces etc.)
7. container process is started as a child process, **runc** terminates
1. `docker container run --name ctr1 -it alpine:latest sh`
2. Docker **client converts** them to API payload --> HTTP POST to endpoint
3. Docker daemon implements API, calls **containerd** via CRUD
4. `containerd` creates image into OCI bundle
5. `containerd` tells `runc` to create a new container
6. `runc` intstruct the OS kernel to create an encapsulated environment (cgroups, namespaces etc.)
7. container process is started as a child process, `runc` terminates
---
<img src="./img/slides/engine/new_docker.png" class="img-square-no-shadow"/>
<aside class="notes">
......
......@@ -2,7 +2,7 @@
---
- Like a VM Template
- A stopped container
- Pulling from an image reigstry. **Docker Hub**
- Pulling from an image registry. **Docker Hub**
- Multiple layers, stacked on top of each other
- Contains all of the dependencies and files required for an **application**
---
......@@ -95,7 +95,15 @@
- Deleting image an all of its layers
- Layer only deleted when it has no shares
- `docker image rm <id>`
- `docker image rm $(docker image ls -q) -f``
- `docker image rm $(docker image ls -q) -f`
- `docker system prune`
---
### It is you
- Download the latest ubuntu Docker image.
- Check if it is saved locally.
- Inspect the image.
- Finally - delete it.
- **Discuss what you just did.**
---
# Recap
- `docker image pull`
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment