Contenedores

¿Qué es un contenedor?

VM vs Container

Historia

  • FreeBSD jails - 2000

  • Solaris Zones -  2004

  • LXC containers - 2008

  • Docker - 2013

    • built on LXC

    • moved to libcontainer (March 2014)

    • appC (CoreOS) announced (December 2014)

    • Open Containers standard for convergence with Docker Announced (June 2015)

    • moved to runC (OCF compliant) (July 2015)

  • Podman - 2019

Pero...

¿Cómo funciona un contenedor?

 

¿Cómo funciona Docker?

  • Namespaces

    • pid: Process isolation

    • net: Managing network interfaces

    • ipc: Managing access to IPC resources

    • mnt: Managing filesystem mount points

    • uts: Isolating kernel and version identifiers. (UTS: Unix Timesharing System).

  • Control groups (cgroups)

    • Memory

    • CPU

    • Devices

    • Freezer

  • Union file systems

Nota: Docker 1.10 introdujo el comando docker update para cambiar los límites de cgroup

¿Cómo carajos funciona en Windows?

Docker Toolbox

Deprecated

Docker Toolbox has been deprecated and is no longer in active development. Please use Docker Desktop instead. See Docker Desktop for Mac and Docker Desktop for Windows.

Process Isolation

Hyper-V isolation

docker run -it --isolation=process mcr.microsoft.com/windows/servercore:ltsc2019 cmd
docker run -it --isolation=hyperv mcr.microsoft.com/windows/servercore:ltsc2019 cmd

Arquitectura

Docker Engine

Docker Machine

Architecture (otra vez)

Objetos/Archivos/

Conceptos/Cosas

Dockerfile

FROM ubuntu
RUN curl -sL https://deb.nodesource.com/setup_lts.x -o /usr/setup_lts.sh
RUN bash /usr/setup_lts.sh
RUN apt-get update
RUN apt-get install -y nodejs
COPY . /usr/app
RUN npm install
CMD [ "npm", "run", "start" ]
FROM node:14
WORKDIR /usr/app
COPY package*.json ./
RUN npm install
COPY . .
CMD [ "node", "server.js" ]

Mal

No esta mal (podrías usarlo en dev)

# Build stage
FROM node:14.4.0 AS build
USER node
WORKDIR /home/node/app
COPY --chown=node:node package*.json ./
RUN npm install
COPY --chown=node:node src ./src
RUN npm run build

# Run-time stage
FROM node:14.4.0-alpine
USER node
EXPOSE 8080
WORKDIR /home/node/app
COPY --chown=node:node --from=build /home/node/app/ ./
CMD [ "node", "app.js" ]

PERFECTO (deberías usar esto en producción)

Imagen

Contenedor

Podman

Recursos/Fuentes/Documentación

  • https://medium.com/@BeNitinAgarwal/understanding-the-docker-internals-7ccb052ce9fe
  • https://medium.com/@kasunmaduraeng/docker-namespace-and-cgroups-dece27c209c7
  • https://devopscube.com/what-is-docker/
  • https://stackoverflow.com/questions/40721985/docker-internals-architecture/40722148
  • https://docs.microsoft.com/en-us/virtualization/windowscontainers/manage-containers/hyperv-container
  • http://docker-saigon.github.io/post/Docker-Internals/
  • https://github.com/goldbergyoni/nodebestpractices#8-docker-best-practices
  • https://docs.docker.com/machine/
  • https://docs.docker.com/get-started/overview/
  • https://docs.docker.com/docker-for-windows/docker-toolbox/
  • https://docs.docker.com/storage/volumes/
  • https://docs.docker.com/compose/networking/
  • https://www.youtube.com/channel/UCrBzBOMcUVV8ryyAU_c6P5g
  • https://www.youtube.com/channel/UCdngmbVKX1Tgre699-XLlUA
  • https://podman.io/

Contenedores

By joshua saucedo

Made with Slides.com

Contenedores

  • 290

More from joshua saucedo