Containers 101
Container?
resources limitation and prioritization
- cgroups (since Linux 2.6.24 - 2008)
- resource limiting - memory limit
- prioritization - share of CPU utilization or disk I/O throughput
- accounting - measures a group's resource usage
- control - freezing groups of processes, their checkpointing and restarting
isolation of an applications view of the operating environment
- Namespace isolation
- since Linux 2.4.19 kernel (2002) - mount namespace
- 'containers' support since Linux 3.8 (2013) - user namespace
- Since kernel version 4.10, there are 7 kinds of namespaces (2016):
7 kinds of namespaces
- Mount (mnt)
- Process ID (pid)
- Network (net)
- Interprocess Communication (ipc)
- UTS
- User ID (user)
- Control group (cgroup)
Docker?
Docker history
- dotCloud - 2010
- docker - 2013
- initially lxc based
- libcontainer
- runc, containerd (Docker 1.11, 2016)
kudos from @jluk #devops-sig
Container Runtime Interface (CRI) in Kubernetes
Not only Docker
- LXC - in Linux since 2008
- OpenVZ - since 2005 (mainline Linux kernel)
- FreeBSD jail - since BSD 4.0 (2000)
- rkt - since 2014 (initially part of CoreOS)
- Windows Containers - since Windows Server 2016
- AIX Workload Partitions - since AIX 6.1 (2007)
Kubernetes 101
observe, orient, decide, and act
Pod lifecycle
Kubernetes workshop day 1
By Maciej Sawicki
Kubernetes workshop day 1
- 74