Contenedores

¿Qué es un contenedor?

VM vs Container

Historia

FreeBSD jails - 2000
Solaris Zones - 2004
LXC containers - 2008
Docker - 2013
- built on LXC
- moved to libcontainer (March 2014)
- appC (CoreOS) announced (December 2014)
- Open Containers standard for convergence with Docker Announced (June 2015)
- moved to runC (OCF compliant) (July 2015)
Podman - 2019

Pero...

¿Cómo funciona un contenedor?

¿Cómo funciona Docker?

Namespaces
- pid: Process isolation
- net: Managing network interfaces
- ipc: Managing access to IPC resources
- mnt: Managing filesystem mount points
- uts: Isolating kernel and version identifiers. (UTS: Unix Timesharing System).
Control groups (cgroups)
- Memory
- CPU
- Devices
- Freezer
Union file systems

Nota: Docker 1.10 introdujo el comando docker update para cambiar los límites de cgroup

¿Cómo carajos funciona en Windows?

Docker Toolbox

Deprecated

Docker Toolbox has been deprecated and is no longer in active development. Please use Docker Desktop instead. See Docker Desktop for Mac and Docker Desktop for Windows.

Process Isolation

Hyper-V isolation

docker run -it --isolation=process mcr.microsoft.com/windows/servercore:ltsc2019 cmd
docker run -it --isolation=hyperv mcr.microsoft.com/windows/servercore:ltsc2019 cmd

Arquitectura

Docker Engine

Docker Machine

Architecture (otra vez)

Objetos/Archivos/

Conceptos/Cosas

Dockerfile

FROM ubuntu
RUN curl -sL https://deb.nodesource.com/setup_lts.x -o /usr/setup_lts.sh
RUN bash /usr/setup_lts.sh
RUN apt-get update
RUN apt-get install -y nodejs
COPY . /usr/app
RUN npm install
CMD [ "npm", "run", "start" ]

FROM node:14
WORKDIR /usr/app
COPY package*.json ./
RUN npm install
COPY . .
CMD [ "node", "server.js" ]

Mal

No esta mal (podrías usarlo en dev)

# Build stage
FROM node:14.4.0 AS build
USER node
WORKDIR /home/node/app
COPY --chown=node:node package*.json ./
RUN npm install
COPY --chown=node:node src ./src
RUN npm run build

# Run-time stage
FROM node:14.4.0-alpine
USER node
EXPOSE 8080
WORKDIR /home/node/app
COPY --chown=node:node --from=build /home/node/app/ ./
CMD [ "node", "app.js" ]

PERFECTO (deberías usar esto en producción)

Imagen

Contenedor

Podman

Recursos/Fuentes/Documentación

https://medium.com/@BeNitinAgarwal/understanding-the-docker-internals-7ccb052ce9fe
https://medium.com/@kasunmaduraeng/docker-namespace-and-cgroups-dece27c209c7
https://devopscube.com/what-is-docker/
https://stackoverflow.com/questions/40721985/docker-internals-architecture/40722148
https://docs.microsoft.com/en-us/virtualization/windowscontainers/manage-containers/hyperv-container
http://docker-saigon.github.io/post/Docker-Internals/
https://github.com/goldbergyoni/nodebestpractices#8-docker-best-practices

https://docs.docker.com/machine/
https://docs.docker.com/get-started/overview/
https://docs.docker.com/docker-for-windows/docker-toolbox/

https://docs.docker.com/storage/volumes/
https://docs.docker.com/compose/networking/
https://www.youtube.com/channel/UCrBzBOMcUVV8ryyAU_c6P5g
https://www.youtube.com/channel/UCdngmbVKX1Tgre699-XLlUA
https://podman.io/