SlideShare uma empresa Scribd logo

Introduction to Docker (and a bit more) at LSPE meetup Sunnyvale

Jérôme Petazzoni
Jérôme Petazzoni

What's Docker, why does it matter, how does it use Linux Containers, why should you use it, and how? You'll find answers to those questions (and a bit more) in this presentation, given February 20th 2014 at the Large Scale Production Engineering Meet-Up at Yahoo, in Sunnyvale.

Tecnologia
1 de 69
Baixar para ler offline
Introduction to Docker (and a bit more...) #lspe February 2014—updated for Docker 0.8.1
Who? ● Jérôme Petazzoni — @jpetazzo –Not Maxime Petazzoni (author of Maestro NG) –Not Thomas Petazzoni (embedded systems & kernel guru) ● Wrote dotCloud PAAS deployment tools –EC2, ● LXC, Puppet, Python, Shell, ØMQ... Docker contributor (CONTAINERIZE ALL THE THINGS!) –Docker-in-Docker, ● VPN-in-Docker, router-in-Docker... Runs Docker in production –Psssst... #lspe You shouldn't do it, but here's how anyway!
Outline ● LXC and the container metaphor ● Docker basics ● Docker images ● Docker deployment #lspe
Outline ● LXC and the container metaphor ● Docker basics ● Docker images ● Docker deployment #lspe
… Container ? #lspe
High level approach: it's a lightweight VM ● own process space ● own network interface ● can run stuff as root ● can have its own /sbin/init (different from the host) « Machine Container » #lspe
Low level approach: it's chroot on steroids ● can also not have its own /sbin/init ● container = isolated process(es) ● share kernel with host ● no device emulation (neither HVM nor PV) « Application Container » #lspe
How does it work? Isolation with namespaces ● pid ● mnt ● net ● uts ● ipc ● user #lspe
pid namespace jpetazzo@tarrasque:~$ ps aux | wc -l 212 jpetazzo@tarrasque:~$ sudo docker run -t -i ubuntu bash root@ea319b8ac416:/# ps aux USER root root PID %CPU %MEM 1 0.0 0.0 16 0.0 0.0 (That's 2 processes) #lspe VSZ 18044 15276 RSS TTY 1956 ? 1136 ? STAT START S 02:54 R+ 02:55 TIME COMMAND 0:00 bash 0:00 ps aux
mnt namespace jpetazzo@tarrasque:~$ wc -l /proc/mounts 32 /proc/mounts root@ea319b8ac416:/# wc -l /proc/mounts 10 /proc/mounts #lspe
net namespace root@ea319b8ac416:/# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 22: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> pfifo_fast state UP qlen 1000 mtu 1500 qdisc link/ether 2a:d1:4b:7e:bf:b5 brd ff:ff:ff:ff:ff:ff inet 10.1.1.3/24 brd 10.1.1.255 scope global eth0 valid_lft forever preferred_lft forever inet6 fe80::28d1:4bff:fe7e:bfb5/64 scope link valid_lft forever preferred_lft forever #lspe
uts namespace jpetazzo@tarrasque:~$ hostname tarrasque root@ea319b8ac416:/# hostname ea319b8ac416 #lspe
ipc namespace jpetazzo@tarrasque:~$ ipcs ------ Shared Memory Segments -------key shmid owner perms 0x00000000 3178496 jpetazzo 600 0x00000000 557057 jpetazzo 777 0x00000000 3211266 jpetazzo 600 root@ea319b8ac416:/# ipcs ------ Shared Memory Segments -------key shmid owner perms ------ Semaphore Arrays -------key semid owner perms ------ Message Queues -------key msqid owner perms #lspe bytes 393216 2778672 393216 nattch 2 0 2 status dest bytes nattch status nsems used-bytes messages dest
user namespace ● ● no « demo » for this one... Yet! UID 0→1999 in container C1 is mapped to UID 10000→11999 in host; UID 0→1999 in container C2 is mapped to UID 12000→13999 in host; etc. ● required lots of VFS and FS patches (esp. XFS) ● what will happen with copy-on-write? – double translation at VFS? – single root UID on read-only FS? #lspe
How does it work? Isolation with cgroups ● memory ● cpu ● blkio ● devices #lspe
memory cgroup ● keeps track pages used by each group: – file (read/write/mmap from block devices; swap) – anonymous (stack, heap, anonymous mmap) – active (recently accessed) – inactive (candidate for eviction) ● each page is « charged » to a group ● pages can be shared (e.g. if you use any COW FS) ● Individual (per-cgroup) limits and out-of-memory killer #lspe
cpu and cpuset cgroups ● keep track of user/system CPU time ● set relative weight per group ● pin groups to specific CPU(s) – Can be used to « reserve » CPUs for some apps – This is also relevant for big NUMA systems #lspe
blkio cgroups ● keep track IOs for each block device – read vs write; sync vs async ● set relative weights ● set throttle (limits) for each block device – read vs write; bytes/sec vs operations/sec Note: earlier versions (<3.8) didn't account async correctly. #lspe3.8 is better, but use 3.10 for best results.
devices cgroups ● controls read/write/mknod permissions ● typically: – – deny: everything else – ● allow: /dev/{tty,zero,random,null}... maybe: /dev/net/tun, /dev/fuse, /dev/kvm, /dev/dri... fine-grained control for GPU, virtualization, etc. #lspe
How does it work? Copy-on-write storage ● Create a new machine instantly (Instead of copying its whole filesystem) ● Storage keeps track of what has changed ● Since 0.7, Docker has a storage plugin system #lspe
Storage: many options! Union Filesystems Snapshotting Filesystems Copy-on-write block devices Provisioning Superfast Supercheap Fast Cheap Fast Cheap Changing small files Changing large files Diffing Superfast Supercheap Fast Cheap Fast Costly Slow (first time) Inefficient (copy-up!) Fast Cheap Fast Cheap Superfast Superfast Slow Memory usage Efficient Efficient Inefficient (at high densities) Drawbacks Random quirks AUFS not mainline !AUFS more quirks ZFS not mainline BTRFS not as nice Higher disk usage Great performance (except diffing) Bottom line Ideal for PAAS and high density things This is the Future (probably) Dodge Ram 3500 #lspe
Compute efficiency: almost no overhead ● ● ● ● processes are isolated, but run straight on the host CPU performance = native performance memory performance = a few % shaved off for (optional) accounting network performance = small overhead; can be reduced to zero #lspe
Alright, I get this. Containers = nimble VMs. #lspe
#lspe
The container metaphor #lspe
Problem: shipping goods ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? #lspe ? ? ? ? ? ?
Solution: the intermodal shipping container #lspe
Solved! #lspe
Problem: shipping code ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? #lspe ? ? ? ? ? ?
Solution: the Linux container #lspe
Solved! #lspe
Separation of concerns: Dave the Developer ● inside my container: – my code – my libraries – my package manager – my app – my data #lspe
Separation of concerns: Oscar the Ops guy ● outside the container: – logging – remote access – network configuration – monitoring #lspe
Outline ● LXC and the container metaphor ● Docker basics ● Docker images ● Docker deployment #lspe
#lspe
Docker-what? ● Open Source engine to commoditize LXC STOP! HAMMER DEMO TIME. #lspe
#lspe
Yes, but... ● ● ● « I don't need Docker; I can do all that stuff with LXC tools, rsync, and some scripts! » correct on all accounts; but it's also true for apt, dpkg, rpm, yum, etc. the whole point is to commoditize, i.e. make it ridiculously easy to use #lspe
What this really means… ● instead of writing « very small shell scripts » to manage containers, write them to do the rest: – continuous deployment/integration/testing – orchestration ● = use Docker as a building block ● re-use other people images (yay ecosystem!) #lspe
Docker-what? The big picture ● Open Source engine to run containers ● using copy-on-write for quick provisioning ● allowing to create and share images ● standard format for containers (stack of layers; 1 layer = tarball+metadata) standard, reproducible way to easily build trusted images (Dockerfile, Stackbrew...) #lspe ●
Docker-what? Under the hood ● rewrite of dotCloud internal container engine – – ● original version: Python, tied to dotCloud's internal stuff released version: Go, legacy-free the Docker daemon runs in the background – – HTTP API (over UNIX or TCP socket) – ● manages containers, images, and builds embedded CLI talking to the API Open Source (GitHub public repository + issue tracking) #lspe
Docker-what? The ecosystem ● Docker Inc. (formerly dotCloud Inc.) – – ● ~30 employees, VC-backed SAAS and support offering around Docker Docker, the community – more than 300 contributors, 1500 forks on GitHub – dozens of projects around/on top of Docker – x100k trained developers #lspe
Outline ● LXC and the container metaphor ● Docker basics ● Docker images ● Docker deployment #lspe
Authoring images with run/commit #lspe
1) docker run ubuntu bash 2) apt-get install this and that 3) docker commit <containerid> <imagename> 4) docker run <imagename> bash 5) git clone git://.../mycode 6) pip install -r requirements.txt 7) docker commit <containerid> <imagename> 8) repeat steps 4-7 as necessary 9) docker tag <imagename> <user/image> 10) docker push <user/image> #lspe
Authoring images with run/commit ● Pros – – ● Convenient, nothing to learn Can roll back/forward if needed Cons – Manual process – Iterative changes stack up – Full rebuilds are boring, error-prone #lspe
Authoring images with a Dockerfile #lspe
FROM ubuntu RUN RUN RUN RUN RUN apt-get apt-get apt-get apt-get apt-get -y update install -y install -y install -y install -y g++ erlang-dev erlang-manpages erlang-base-hipe ... libmozjs185-dev libicu-dev libtool ... make wget RUN wget http://.../apache-couchdb-1.3.1.tar.gz | tar -C /tmp -zxfRUN cd /tmp/apache-couchdb-* && ./configure && make install RUN printf "[httpd]nport = 8101nbind_address = 0.0.0.0" > /usr/local/etc/couchdb/local.d/docker.ini EXPOSE 8101 CMD ["/usr/local/bin/couchdb"] docker build -t jpetazzo/couchdb . #lspe
Authoring images with a Dockerfile ● Minimal learning curve ● Rebuilds are easy ● Caching system makes rebuilds faster ● Single file to define the whole environment! #lspe
Do you even Chef? Puppet? Ansible? Salt? #lspe
Authoring Images with Chef/Puppet/Ansible/Salt/... Plan A: « my other VM is a container » ● write a Dockerfile to install $YOUR_CM ● start tons of containers ● run $YOUR_CM in them Good if you want a mix of containers/VM/metal But slower to deploy, and uses more resources #lspe
Authoring Images with Chef/Puppet/Ansible/Salt/... Plan B: « the revolution will be containerized » ● write a Dockerfile to install $YOUR_CM ● … and run $YOUR_CM as part of build process ● deploy fully baked images Faster to deploy Easier to rollback #lspe
Outline ● LXC and the container metaphor ● Docker basics ● Docker images ● Docker deployment #lspe
Install Docker ● On your servers (Linux) – – Single binary install (Golang FTW!) – ● Packages (Ubuntu, Debian, Fedora, Gentoo, Arch...) Easy provisioning on Rackspace, Digital Ocean, EC2, GCE... On your dev env (Linux, OS X, Windows) – Vagrantfile – boot2docker (25 MB VM image) – Natively (if you run Linux) #lspe
Run containers SSH+CLI ● REST API ● Maestro NG ● Mesos ● OpenStack ● … and more ● #lspe
Service discovery ● you can name your containers ● you can link your containers docker run -d -name frontdb mysqlimage docker run -d -link frontdb:sql nginximage → environment vars are injected in web container → twelve-factors FTW! #lspe
Resource allocation #lspe
Allocating CPU and RAM ● docker run -c $CPU_SHARES -m $RAM_MB Docker API will soon expose: ● total CPU/RAM ● allocated CPU/RAM ● used CPU/RAM WARNING: memory metrics are tricky! #lspe
Memory metrics ● free jpetazzo@tarrasque:~$ free total used Mem: 8076564 7019656 -/+ buffers/cache: 4385120 Swap: 0 0 ● this is useless #lspe free 1056908 3691444 0 shared 0 buffers 8 cached 2634528
Memory metrics ● cat /proc/meminfo ● GRRRREAT #lspe MemTotal: 8076564 kB MemFree: 1055260 kB Buffers: 8 kB Cached: 2634528 kB SwapCached: 0 kB Active: 3198088 kB Inactive: 1407516 kB Active(anon): 1986692 kB Inactive(anon): 185252 kB Active(file): 1211396 kB Inactive(file): 1222264 kB Unevictable: 0 kB Mlocked: 0 kB SwapTotal: 0 kB SwapFree: 0 kB Dirty: 144 kB Writeback: 0 kB AnonPages: 1971208 kB Mapped: 2402276 kB Shmem: 200876 kB Slab: 148020 kB SReclaimable: 90680 kB SUnreclaim: 57340 kB KernelStack: 4936 kB PageTables: 43928 kB NFS_Unstable: 0 kB Bounce: 0 kB WritebackTmp: 0 kB CommitLimit: 4038280 kB Committed_AS: 8365088 kB VmallocTotal: 34359738367 kB VmallocUsed: 357696 kB VmallocChunk: 34359349628 kB HardwareCorrupted: 0 kB AnonHugePages: 0 kB HugePages_Total: 0 HugePages_Free: 0 HugePages_Rsvd: 0 HugePages_Surp: 0 Hugepagesize: 2048 kB DirectMap4k: 210384 kB DirectMap2M: 8056832 kB
Memory metrics ● ● cat /sys/fs/cgroup /memory /memory.stat slightly better... #lspe cache 2700967936 rss 1977851904 rss_huge 0 mapped_file 275435520 swap 0 pgpgin 104106567 pgpgout 102964277 pgfault 140459553 pgmajfault 3858 inactive_anon 168316928 active_anon 1993658368 inactive_file 1258921984 active_file 1257791488 unevictable 0 hierarchical_memory_limit 9223372036854775807 hierarchical_memsw_limit 9223372036854775807 total_cache 2700967936 total_rss 1977851904 total_rss_huge 0 total_mapped_file 275435520 total_swap 0 total_pgpgin 104106567 total_pgpgout 102964277 total_pgfault 140459553 total_pgmajfault 3858 total_inactive_anon 168316928 total_active_anon 1993658368 total_inactive_file 1258921984 total_active_file 1257791488 total_unevictable 0
Memory metrics ● ● cat /sys/fs/cgroup /memory /memory.stat this looks better #lspe cache 2700967936 rss 1977851904 rss_huge 0 mapped_file 275435520 swap 0 pgpgin 104106567 pgpgout 102964277 pgfault 140459553 pgmajfault 3858 inactive_anon 168316928 active_anon 1993658368 inactive_file 1258921984 active_file 1257791488 unevictable 0 hierarchical_memory_limit 9223372036854775807 hierarchical_memsw_limit 9223372036854775807 total_cache 2700967936 total_rss 1977851904 total_rss_huge 0 total_mapped_file 275435520 total_swap 0 total_pgpgin 104106567 total_pgpgout 102964277 total_pgfault 140459553 total_pgmajfault 3858 total_inactive_anon 168316928 total_active_anon 1993658368 total_inactive_file 1258921984 total_active_file 1257791488 total_unevictable 0
Memory metrics ● ● cat /sys/fs/cgroup /memory /memory.stat but you want this #lspe cache 2700967936 rss 1977851904 rss_huge 0 mapped_file 275435520 swap 0 pgpgin 104106567 pgpgout 102964277 pgfault 140459553 pgmajfault 3858 inactive_anon 168316928 active_anon 1993658368 inactive_file 1258921984 active_file 1257791488 unevictable 0 hierarchical_memory_limit 9223372036854775807 hierarchical_memsw_limit 9223372036854775807 total_cache 2700967936 total_rss 1977851904 total_rss_huge 0 total_mapped_file 275435520 total_swap 0 total_pgpgin 104106567 total_pgpgout 102964277 total_pgfault 140459553 total_pgmajfault 3858 total_inactive_anon 168316928 total_active_anon 1993658368 total_inactive_file 1258921984 total_active_file 1257791488 total_unevictable 0
Large Doses of Network Traffic #lspe
Networking ● sometimes, you need to expose range of ports ● or completely arbitary ports ● or non-IP protocols ● or you have special needs: – more than 1 Gb/s in containers – more than 1,000 connections/s – more than 100,000 concurrent connections #lspe
Get rid of the overhead ● ● ● ● ● use openvswitch bridge a container directly with a NIC (remove iptables out of the equation) move a (macvlan) NIC to a container (a bit of overhead; multi-tenant) move a (physical) NIC to a container (zero overhead; single-tenant) move a (virtual function) NIC to a container (if your hardware supports it) #lspe
#lspe
Pipework ● ● sidekick script for Docker I replaced the plumber with a very small small shell script pipework br1 $APACHE 192.168.1.1/24 pipework br1 $MYSQL 192.168.1.2/24 pipework br1 $CONTAINERID 192.168.4.25/20@192.168.4.1 pipework eth2 $(docker run -d hipache) 50.19.169.157 pipework eth3 $(docker run -d hipache) 107.22.140.5 pipework br0 $(docker run -d zmqworker) dhcp fa:de:b0:99:52:1c #lspe
Thank you! Questions? http://docker.io/ http://docker.com/ @docker @jpetazzo #lspe

Recomendados

Introduction to Docker (as presented at December 2013 Global Hackathon)
Introduction to Docker (as presented at December 2013 Global Hackathon)Introduction to Docker (as presented at December 2013 Global Hackathon)
Introduction to Docker (as presented at December 2013 Global Hackathon)
Jérôme Petazzoni
 
Docker and Containers for Development and Deployment — SCALE12X
Docker and Containers for Development and Deployment — SCALE12XDocker and Containers for Development and Deployment — SCALE12X
Docker and Containers for Development and Deployment — SCALE12X
Jérôme Petazzoni
 
Docker Introduction + what is new in 0.9
Docker Introduction + what is new in 0.9 Docker Introduction + what is new in 0.9
Docker Introduction + what is new in 0.9
Jérôme Petazzoni
 
Introduction to Docker, December 2014 "Tour de France" Edition
Introduction to Docker, December 2014 "Tour de France" EditionIntroduction to Docker, December 2014 "Tour de France" Edition
Introduction to Docker, December 2014 "Tour de France" Edition
Jérôme Petazzoni
 
Lightweight Virtualization with Linux Containers and Docker | YaC 2013
Lightweight Virtualization with Linux Containers and Docker | YaC 2013Lightweight Virtualization with Linux Containers and Docker | YaC 2013
Lightweight Virtualization with Linux Containers and Docker | YaC 2013
dotCloud
 
Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...
Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...
Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...
Jérôme Petazzoni
 
Docker 0.11 at MaxCDN meetup in Los Angeles
Docker 0.11 at MaxCDN meetup in Los AngelesDocker 0.11 at MaxCDN meetup in Los Angeles
Docker 0.11 at MaxCDN meetup in Los Angeles
Jérôme Petazzoni
 
Lightweight Virtualization: LXC containers & AUFS
Lightweight Virtualization: LXC containers & AUFSLightweight Virtualization: LXC containers & AUFS
Lightweight Virtualization: LXC containers & AUFS
Jérôme Petazzoni
 

Recomendados

Introduction to Docker (as presented at December 2013 Global Hackathon)
Introduction to Docker (as presented at December 2013 Global Hackathon)Introduction to Docker (as presented at December 2013 Global Hackathon)
Introduction to Docker (as presented at December 2013 Global Hackathon)
Jérôme Petazzoni
 
Docker and Containers for Development and Deployment — SCALE12X
Docker and Containers for Development and Deployment — SCALE12XDocker and Containers for Development and Deployment — SCALE12X
Docker and Containers for Development and Deployment — SCALE12X
Jérôme Petazzoni
 
Docker Introduction + what is new in 0.9
Docker Introduction + what is new in 0.9 Docker Introduction + what is new in 0.9
Docker Introduction + what is new in 0.9
Jérôme Petazzoni
 
Introduction to Docker, December 2014 "Tour de France" Edition
Introduction to Docker, December 2014 "Tour de France" EditionIntroduction to Docker, December 2014 "Tour de France" Edition
Introduction to Docker, December 2014 "Tour de France" Edition
Jérôme Petazzoni
 
Lightweight Virtualization with Linux Containers and Docker | YaC 2013
Lightweight Virtualization with Linux Containers and Docker | YaC 2013Lightweight Virtualization with Linux Containers and Docker | YaC 2013
Lightweight Virtualization with Linux Containers and Docker | YaC 2013
dotCloud
 
Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...
Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...
Cgroups, namespaces, and beyond: what are containers made from? (DockerCon Eu...
Jérôme Petazzoni
 
Docker 0.11 at MaxCDN meetup in Los Angeles
Docker 0.11 at MaxCDN meetup in Los AngelesDocker 0.11 at MaxCDN meetup in Los Angeles
Docker 0.11 at MaxCDN meetup in Los Angeles
Jérôme Petazzoni
 
Lightweight Virtualization: LXC containers & AUFS
Lightweight Virtualization: LXC containers & AUFSLightweight Virtualization: LXC containers & AUFS
Lightweight Virtualization: LXC containers & AUFS
Jérôme Petazzoni
 
Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...
Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...
Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...
Jérôme Petazzoni
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to docker
Justyna Ilczuk
 
Introduction to Docker and deployment and Azure
Introduction to Docker and deployment and AzureIntroduction to Docker and deployment and Azure
Introduction to Docker and deployment and Azure
Jérôme Petazzoni
 
Introduction to Docker at Glidewell Laboratories in Orange County
Introduction to Docker at Glidewell Laboratories in Orange CountyIntroduction to Docker at Glidewell Laboratories in Orange County
Introduction to Docker at Glidewell Laboratories in Orange County
Jérôme Petazzoni
 
Hands on Virtualization with Ganeti (part 1) - LinuxCon 2012
Hands on Virtualization with Ganeti (part 1) - LinuxCon 2012Hands on Virtualization with Ganeti (part 1) - LinuxCon 2012
Hands on Virtualization with Ganeti (part 1) - LinuxCon 2012
Lance Albertson
 
"Lightweight Virtualization with Linux Containers and Docker". Jerome Petazzo...
"Lightweight Virtualization with Linux Containers and Docker". Jerome Petazzo..."Lightweight Virtualization with Linux Containers and Docker". Jerome Petazzo...
"Lightweight Virtualization with Linux Containers and Docker". Jerome Petazzo...
Yandex
 
Docker - container and lightweight virtualization
Docker - container and lightweight virtualization Docker - container and lightweight virtualization
Docker - container and lightweight virtualization
Sim Janghoon
 
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special Edition
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special EditionIntroduction to Docker, December 2014 "Tour de France" Bordeaux Special Edition
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special Edition
Jérôme Petazzoni
 
Containerization is more than the new Virtualization: enabling separation of ...
Containerization is more than the new Virtualization: enabling separation of ...Containerization is more than the new Virtualization: enabling separation of ...
Containerization is more than the new Virtualization: enabling separation of ...
Jérôme Petazzoni
 
Docker_AGH_v0.1.3
Docker_AGH_v0.1.3Docker_AGH_v0.1.3
Docker_AGH_v0.1.3
Witold 'Ficio' Kopel
 
Linux containers – next gen virtualization for cloud (atl summit) ar4 3 - copy
Linux containers – next gen virtualization for cloud (atl summit) ar4 3 - copyLinux containers – next gen virtualization for cloud (atl summit) ar4 3 - copy
Linux containers – next gen virtualization for cloud (atl summit) ar4 3 - copy
Boden Russell
 
Seven problems of Linux Containers
Seven problems of Linux ContainersSeven problems of Linux Containers
Seven problems of Linux Containers
Kirill Kolyshkin
 
Ganeti - build your own cloud
Ganeti - build your own cloudGaneti - build your own cloud
Ganeti - build your own cloud
Dobrica Pavlinušić
 
Docker in everyday development
Docker in everyday developmentDocker in everyday development
Docker in everyday development
Justyna Ilczuk
 
LXC
LXCLXC
LXC
Wu Fan-Cheng
 
Red Teaming macOS Environments with Hermes the Swift Messenger
Red Teaming macOS Environments with Hermes the Swift MessengerRed Teaming macOS Environments with Hermes the Swift Messenger
Red Teaming macOS Environments with Hermes the Swift Messenger
Justin Bui
 
Docker 原理與實作
Docker 原理與實作Docker 原理與實作
Docker 原理與實作
kao kuo-tung
 
About docker in GDG Seoul
About docker in GDG SeoulAbout docker in GDG Seoul
About docker in GDG Seoul
Jude Kim
 
moscmy2016: Extending Docker
moscmy2016: Extending Dockermoscmy2016: Extending Docker
moscmy2016: Extending Docker
Mohammad Fairus Khalid
 
Effective service and resource management with systemd
Effective service and resource management with systemdEffective service and resource management with systemd
Effective service and resource management with systemd
David Timothy Strauss
 
TMRC ZMET Brief Intro
TMRC ZMET Brief IntroTMRC ZMET Brief Intro
TMRC ZMET Brief Intro
tmrcresearch
 
実践リーダブルコードの概要
実践リーダブルコードの概要実践リーダブルコードの概要
実践リーダブルコードの概要
Kouhei Sutou
 

Mais conteúdo relacionado

Mais procurados

"Lightweight Virtualization with Linux Containers and Docker". Jerome Petazzo...
"Lightweight Virtualization with Linux Containers and Docker". Jerome Petazzo..."Lightweight Virtualization with Linux Containers and Docker". Jerome Petazzo...
"Lightweight Virtualization with Linux Containers and Docker". Jerome Petazzo...
Yandex
 
Docker - container and lightweight virtualization
Docker - container and lightweight virtualization Docker - container and lightweight virtualization
Docker - container and lightweight virtualization
Sim Janghoon
 
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special Edition
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special EditionIntroduction to Docker, December 2014 "Tour de France" Bordeaux Special Edition
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special Edition
Jérôme Petazzoni
 
Containerization is more than the new Virtualization: enabling separation of ...
Containerization is more than the new Virtualization: enabling separation of ...Containerization is more than the new Virtualization: enabling separation of ...
Containerization is more than the new Virtualization: enabling separation of ...
Jérôme Petazzoni
 

Mais procurados (20)

Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...
Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...
Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to docker
 
Introduction to Docker and deployment and Azure
Introduction to Docker and deployment and AzureIntroduction to Docker and deployment and Azure
Introduction to Docker and deployment and Azure
 
Introduction to Docker at Glidewell Laboratories in Orange County
Introduction to Docker at Glidewell Laboratories in Orange CountyIntroduction to Docker at Glidewell Laboratories in Orange County
Introduction to Docker at Glidewell Laboratories in Orange County
 
Hands on Virtualization with Ganeti (part 1) - LinuxCon 2012
Hands on Virtualization with Ganeti (part 1) - LinuxCon 2012Hands on Virtualization with Ganeti (part 1) - LinuxCon 2012
Hands on Virtualization with Ganeti (part 1) - LinuxCon 2012
 
"Lightweight Virtualization with Linux Containers and Docker". Jerome Petazzo...
"Lightweight Virtualization with Linux Containers and Docker". Jerome Petazzo..."Lightweight Virtualization with Linux Containers and Docker". Jerome Petazzo...
"Lightweight Virtualization with Linux Containers and Docker". Jerome Petazzo...
 
Docker - container and lightweight virtualization
Docker - container and lightweight virtualization Docker - container and lightweight virtualization
Docker - container and lightweight virtualization
 
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special Edition
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special EditionIntroduction to Docker, December 2014 "Tour de France" Bordeaux Special Edition
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special Edition
 
Containerization is more than the new Virtualization: enabling separation of ...
Containerization is more than the new Virtualization: enabling separation of ...Containerization is more than the new Virtualization: enabling separation of ...
Containerization is more than the new Virtualization: enabling separation of ...
 
Docker_AGH_v0.1.3
Docker_AGH_v0.1.3Docker_AGH_v0.1.3
Docker_AGH_v0.1.3
 
Linux containers – next gen virtualization for cloud (atl summit) ar4 3 - copy
Linux containers – next gen virtualization for cloud (atl summit) ar4 3 - copyLinux containers – next gen virtualization for cloud (atl summit) ar4 3 - copy
Linux containers – next gen virtualization for cloud (atl summit) ar4 3 - copy
 
Seven problems of Linux Containers
Seven problems of Linux ContainersSeven problems of Linux Containers
Seven problems of Linux Containers
 
Ganeti - build your own cloud
Ganeti - build your own cloudGaneti - build your own cloud
Ganeti - build your own cloud
 
Docker in everyday development
Docker in everyday developmentDocker in everyday development
Docker in everyday development
 
LXC
LXCLXC
LXC
 
Red Teaming macOS Environments with Hermes the Swift Messenger
Red Teaming macOS Environments with Hermes the Swift MessengerRed Teaming macOS Environments with Hermes the Swift Messenger
Red Teaming macOS Environments with Hermes the Swift Messenger
 
Docker 原理與實作
Docker 原理與實作Docker 原理與實作
Docker 原理與實作
 
About docker in GDG Seoul
About docker in GDG SeoulAbout docker in GDG Seoul
About docker in GDG Seoul
 
moscmy2016: Extending Docker
moscmy2016: Extending Dockermoscmy2016: Extending Docker
moscmy2016: Extending Docker
 
Effective service and resource management with systemd
Effective service and resource management with systemdEffective service and resource management with systemd
Effective service and resource management with systemd
 

Destaque

TMRC ZMET Brief Intro
TMRC ZMET Brief IntroTMRC ZMET Brief Intro
TMRC ZMET Brief Intro
tmrcresearch
 
Writing Readable Code
Writing Readable CodeWriting Readable Code
Writing Readable Code
eddiehaber
 
The Art Of Readable Code
The Art Of Readable CodeThe Art Of Readable Code
The Art Of Readable Code
Baidu, Inc.
 
ZMET Technique In Marketing Research
ZMET Technique In Marketing ResearchZMET Technique In Marketing Research
ZMET Technique In Marketing Research
Taylan Demirkaya
 

Destaque (20)

TMRC ZMET Brief Intro
TMRC ZMET Brief IntroTMRC ZMET Brief Intro
TMRC ZMET Brief Intro
 
実践リーダブルコードの概要
実践リーダブルコードの概要実践リーダブルコードの概要
実践リーダブルコードの概要
 
リーダブルコード勉強会 in 筑波大のまとめ
リーダブルコード勉強会 in 筑波大のまとめリーダブルコード勉強会 in 筑波大のまとめ
リーダブルコード勉強会 in 筑波大のまとめ
 
The art of readable code (ch1~ch4)
The art of readable code (ch1~ch4)The art of readable code (ch1~ch4)
The art of readable code (ch1~ch4)
 
名著『リーダブルコード - より良いコードを書くためのシンプルで実践的なテクニック』を解説者と一緒に読み解こう
名著『リーダブルコード - より良いコードを書くためのシンプルで実践的なテクニック』を解説者と一緒に読み解こう名著『リーダブルコード - より良いコードを書くためのシンプルで実践的なテクニック』を解説者と一緒に読み解こう
名著『リーダブルコード - より良いコードを書くためのシンプルで実践的なテクニック』を解説者と一緒に読み解こう
 
Writing Readable Code
Writing Readable CodeWriting Readable Code
Writing Readable Code
 
実践リーダブルコードのコードチェンジ
実践リーダブルコードのコードチェンジ実践リーダブルコードのコードチェンジ
実践リーダブルコードのコードチェンジ
 
The Art Of Readable Code.
The Art Of Readable Code.The Art Of Readable Code.
The Art Of Readable Code.
 
リーダブルコードが良書だったのでまとめました
リーダブルコードが良書だったのでまとめましたリーダブルコードが良書だったのでまとめました
リーダブルコードが良書だったのでまとめました
 
The Art Of Readable Code
The Art Of Readable CodeThe Art Of Readable Code
The Art Of Readable Code
 
コーディングがラクになる!? “自分仕様”のさくさくコーディング法
コーディングがラクになる!? “自分仕様”のさくさくコーディング法コーディングがラクになる!? “自分仕様”のさくさくコーディング法
コーディングがラクになる!? “自分仕様”のさくさくコーディング法
 
リーダブルコード
リーダブルコードリーダブルコード
リーダブルコード
 
Programming camp code reading
Programming camp code readingProgramming camp code reading
Programming camp code reading
 
Docker @ RelateIQ Presentation
Docker @ RelateIQ PresentationDocker @ RelateIQ Presentation
Docker @ RelateIQ Presentation
 
Xp祭り2013
Xp祭り2013Xp祭り2013
Xp祭り2013
 
Apache ArrowのRubyバインディングをGObject Introspectionで
Apache ArrowのRubyバインディングをGObject IntrospectionでApache ArrowのRubyバインディングをGObject Introspectionで
Apache ArrowのRubyバインディングをGObject Introspectionで
 
コーディング入門以前
コーディング入門以前コーディング入門以前
コーディング入門以前
 
The Power of Metaphor in (Brand) Communication
The Power of Metaphor in (Brand) CommunicationThe Power of Metaphor in (Brand) Communication
The Power of Metaphor in (Brand) Communication
 
Javaコーディング勉強会
Javaコーディング勉強会Javaコーディング勉強会
Javaコーディング勉強会
 
ZMET Technique In Marketing Research
ZMET Technique In Marketing ResearchZMET Technique In Marketing Research
ZMET Technique In Marketing Research
 

Semelhante a Introduction to Docker (and a bit more) at LSPE meetup Sunnyvale

Introduction to Docker and Containers
Introduction to Docker and ContainersIntroduction to Docker and Containers
Introduction to Docker and Containers
Docker, Inc.
 
A Gentle Introduction to Docker and Containers
A Gentle Introduction to Docker and ContainersA Gentle Introduction to Docker and Containers
A Gentle Introduction to Docker and Containers
Docker, Inc.
 
Lightweight Virtualization with Linux Containers and Docker I YaC 2013
Lightweight Virtualization with Linux Containers and Docker I YaC 2013Lightweight Virtualization with Linux Containers and Docker I YaC 2013
Lightweight Virtualization with Linux Containers and Docker I YaC 2013
Docker, Inc.
 
Scale11x lxc talk
Scale11x lxc talkScale11x lxc talk
Scale11x lxc talk
dotCloud
 
LXC Docker and the Future of Software Delivery
LXC Docker and the Future of Software DeliveryLXC Docker and the Future of Software Delivery
LXC Docker and the Future of Software Delivery
Docker, Inc.
 

Semelhante a Introduction to Docker (and a bit more) at LSPE meetup Sunnyvale (20)

Docker and-containers-for-development-and-deployment-scale12x
Docker and-containers-for-development-and-deployment-scale12xDocker and-containers-for-development-and-deployment-scale12x
Docker and-containers-for-development-and-deployment-scale12x
 
Docker Introduction, and what's new in 0.9 — Docker Palo Alto at RelateIQ
Docker Introduction, and what's new in 0.9 — Docker Palo Alto at RelateIQDocker Introduction, and what's new in 0.9 — Docker Palo Alto at RelateIQ
Docker Introduction, and what's new in 0.9 — Docker Palo Alto at RelateIQ
 
Let's Containerize New York with Docker!
Let's Containerize New York with Docker!Let's Containerize New York with Docker!
Let's Containerize New York with Docker!
 
Introduction to Docker and Containers
Introduction to Docker and ContainersIntroduction to Docker and Containers
Introduction to Docker and Containers
 
A Gentle Introduction to Docker and Containers
A Gentle Introduction to Docker and ContainersA Gentle Introduction to Docker and Containers
A Gentle Introduction to Docker and Containers
 
Lightweight Virtualization with Linux Containers and Docker I YaC 2013
Lightweight Virtualization with Linux Containers and Docker I YaC 2013Lightweight Virtualization with Linux Containers and Docker I YaC 2013
Lightweight Virtualization with Linux Containers and Docker I YaC 2013
 
Introduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @GuidewireIntroduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @Guidewire
 
Docker Intro at the Google Developer Group and Google Cloud Platform Meet Up
Docker Intro at the Google Developer Group and Google Cloud Platform Meet UpDocker Intro at the Google Developer Group and Google Cloud Platform Meet Up
Docker Intro at the Google Developer Group and Google Cloud Platform Meet Up
 
Workshop : 45 minutes pour comprendre Docker avec Jérôme Petazzoni
Workshop : 45 minutes pour comprendre Docker avec Jérôme PetazzoniWorkshop : 45 minutes pour comprendre Docker avec Jérôme Petazzoni
Workshop : 45 minutes pour comprendre Docker avec Jérôme Petazzoni
 
Introduction to Docker at the Azure Meet-up in New York
Introduction to Docker at the Azure Meet-up in New YorkIntroduction to Docker at the Azure Meet-up in New York
Introduction to Docker at the Azure Meet-up in New York
 
Scale11x lxc talk
Scale11x lxc talkScale11x lxc talk
Scale11x lxc talk
 
Introduction to Docker and all things containers, Docker Meetup at RelateIQ
Introduction to Docker and all things containers, Docker Meetup at RelateIQIntroduction to Docker and all things containers, Docker Meetup at RelateIQ
Introduction to Docker and all things containers, Docker Meetup at RelateIQ
 
A Gentle Introduction To Docker And All Things Containers
A Gentle Introduction To Docker And All Things ContainersA Gentle Introduction To Docker And All Things Containers
A Gentle Introduction To Docker And All Things Containers
 
LXC, Docker, and the future of software delivery | LinuxCon 2013
LXC, Docker, and the future of software delivery | LinuxCon 2013LXC, Docker, and the future of software delivery | LinuxCon 2013
LXC, Docker, and the future of software delivery | LinuxCon 2013
 
LXC Docker and the Future of Software Delivery
LXC Docker and the Future of Software DeliveryLXC Docker and the Future of Software Delivery
LXC Docker and the Future of Software Delivery
 
Docker 101
Docker 101 Docker 101
Docker 101
 
Docker and friends at Linux Days 2014 in Prague
Docker and friends at Linux Days 2014 in PragueDocker and friends at Linux Days 2014 in Prague
Docker and friends at Linux Days 2014 in Prague
 
Настройка окружения для кросскомпиляции проектов на основе docker'a
Настройка окружения для кросскомпиляции проектов на основе docker'aНастройка окружения для кросскомпиляции проектов на основе docker'a
Настройка окружения для кросскомпиляции проектов на основе docker'a
 
Network Stack in Userspace (NUSE)
Network Stack in Userspace (NUSE)Network Stack in Userspace (NUSE)
Network Stack in Userspace (NUSE)
 
Core OS
Core OSCore OS
Core OS
 

Mais de Jérôme Petazzoni

Use the Source or Join the Dark Side: differences between Docker Community an...
Use the Source or Join the Dark Side: differences between Docker Community an...Use the Source or Join the Dark Side: differences between Docker Community an...
Use the Source or Join the Dark Side: differences between Docker Community an...
Jérôme Petazzoni
 
Containers, docker, and security: state of the union (Bay Area Infracoders Me...
Containers, docker, and security: state of the union (Bay Area Infracoders Me...Containers, docker, and security: state of the union (Bay Area Infracoders Me...
Containers, docker, and security: state of the union (Bay Area Infracoders Me...
Jérôme Petazzoni
 
How to contribute to large open source projects like Docker (LinuxCon 2015)
How to contribute to large open source projects like Docker (LinuxCon 2015)How to contribute to large open source projects like Docker (LinuxCon 2015)
How to contribute to large open source projects like Docker (LinuxCon 2015)
Jérôme Petazzoni
 
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...
Jérôme Petazzoni
 
Microservices. Microservices everywhere! (At OSCON 2015)
Microservices. Microservices everywhere! (At OSCON 2015)Microservices. Microservices everywhere! (At OSCON 2015)
Microservices. Microservices everywhere! (At OSCON 2015)
Jérôme Petazzoni
 
Deploy microservices in containers with Docker and friends - KCDC2015
Deploy microservices in containers with Docker and friends - KCDC2015Deploy microservices in containers with Docker and friends - KCDC2015
Deploy microservices in containers with Docker and friends - KCDC2015
Jérôme Petazzoni
 
Containers: from development to production at DevNation 2015
Containers: from development to production at DevNation 2015Containers: from development to production at DevNation 2015
Containers: from development to production at DevNation 2015
Jérôme Petazzoni
 
Immutable infrastructure with Docker and containers (GlueCon 2015)
Immutable infrastructure with Docker and containers (GlueCon 2015)Immutable infrastructure with Docker and containers (GlueCon 2015)
Immutable infrastructure with Docker and containers (GlueCon 2015)
Jérôme Petazzoni
 
The Docker ecosystem and the future of application deployment
The Docker ecosystem and the future of application deploymentThe Docker ecosystem and the future of application deployment
The Docker ecosystem and the future of application deployment
Jérôme Petazzoni
 
Docker: automation for the rest of us
Docker: automation for the rest of usDocker: automation for the rest of us
Docker: automation for the rest of us
Jérôme Petazzoni
 
Containers, Docker, and Microservices: the Terrific Trio
Containers, Docker, and Microservices: the Terrific TrioContainers, Docker, and Microservices: the Terrific Trio
Containers, Docker, and Microservices: the Terrific Trio
Jérôme Petazzoni
 
Docker en Production (Docker Paris)
Docker en Production (Docker Paris)Docker en Production (Docker Paris)
Docker en Production (Docker Paris)
Jérôme Petazzoni
 

Mais de Jérôme Petazzoni (20)

Use the Source or Join the Dark Side: differences between Docker Community an...
Use the Source or Join the Dark Side: differences between Docker Community an...Use the Source or Join the Dark Side: differences between Docker Community an...
Use the Source or Join the Dark Side: differences between Docker Community an...
 
Orchestration for the rest of us
Orchestration for the rest of usOrchestration for the rest of us
Orchestration for the rest of us
 
Docker : quels enjeux pour le stockage et réseau ? Paris Open Source Summit ...
Docker : quels enjeux pour le stockage et réseau ? Paris Open Source Summit ...Docker : quels enjeux pour le stockage et réseau ? Paris Open Source Summit ...
Docker : quels enjeux pour le stockage et réseau ? Paris Open Source Summit ...
 
Making DevOps Secure with Docker on Solaris (Oracle Open World, with Jesse Bu...
Making DevOps Secure with Docker on Solaris (Oracle Open World, with Jesse Bu...Making DevOps Secure with Docker on Solaris (Oracle Open World, with Jesse Bu...
Making DevOps Secure with Docker on Solaris (Oracle Open World, with Jesse Bu...
 
Containers, docker, and security: state of the union (Bay Area Infracoders Me...
Containers, docker, and security: state of the union (Bay Area Infracoders Me...Containers, docker, and security: state of the union (Bay Area Infracoders Me...
Containers, docker, and security: state of the union (Bay Area Infracoders Me...
 
From development environments to production deployments with Docker, Compose,...
From development environments to production deployments with Docker, Compose,...From development environments to production deployments with Docker, Compose,...
From development environments to production deployments with Docker, Compose,...
 
How to contribute to large open source projects like Docker (LinuxCon 2015)
How to contribute to large open source projects like Docker (LinuxCon 2015)How to contribute to large open source projects like Docker (LinuxCon 2015)
How to contribute to large open source projects like Docker (LinuxCon 2015)
 
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...
Containers, Docker, and Security: State Of The Union (LinuxCon and ContainerC...
 
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxConAnatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
 
Microservices. Microservices everywhere! (At OSCON 2015)
Microservices. Microservices everywhere! (At OSCON 2015)Microservices. Microservices everywhere! (At OSCON 2015)
Microservices. Microservices everywhere! (At OSCON 2015)
 
Deploy microservices in containers with Docker and friends - KCDC2015
Deploy microservices in containers with Docker and friends - KCDC2015Deploy microservices in containers with Docker and friends - KCDC2015
Deploy microservices in containers with Docker and friends - KCDC2015
 
Containers: from development to production at DevNation 2015
Containers: from development to production at DevNation 2015Containers: from development to production at DevNation 2015
Containers: from development to production at DevNation 2015
 
Immutable infrastructure with Docker and containers (GlueCon 2015)
Immutable infrastructure with Docker and containers (GlueCon 2015)Immutable infrastructure with Docker and containers (GlueCon 2015)
Immutable infrastructure with Docker and containers (GlueCon 2015)
 
The Docker ecosystem and the future of application deployment
The Docker ecosystem and the future of application deploymentThe Docker ecosystem and the future of application deployment
The Docker ecosystem and the future of application deployment
 
Docker: automation for the rest of us
Docker: automation for the rest of usDocker: automation for the rest of us
Docker: automation for the rest of us
 
Docker Non Technical Presentation
Docker Non Technical PresentationDocker Non Technical Presentation
Docker Non Technical Presentation
 
Containers, Docker, and Microservices: the Terrific Trio
Containers, Docker, and Microservices: the Terrific TrioContainers, Docker, and Microservices: the Terrific Trio
Containers, Docker, and Microservices: the Terrific Trio
 
Pipework: Software-Defined Network for Containers and Docker
Pipework: Software-Defined Network for Containers and DockerPipework: Software-Defined Network for Containers and Docker
Pipework: Software-Defined Network for Containers and Docker
 
Docker Tips And Tricks at the Docker Beijing Meetup
Docker Tips And Tricks at the Docker Beijing MeetupDocker Tips And Tricks at the Docker Beijing Meetup
Docker Tips And Tricks at the Docker Beijing Meetup
 
Docker en Production (Docker Paris)
Docker en Production (Docker Paris)Docker en Production (Docker Paris)
Docker en Production (Docker Paris)
 

Último

Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Último (20)

Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 

Introduction to Docker (and a bit more) at LSPE meetup Sunnyvale

  • 1. Introduction to Docker (and a bit more...) #lspe February 2014—updated for Docker 0.8.1
  • 2. Who? ● Jérôme Petazzoni — @jpetazzo –Not Maxime Petazzoni (author of Maestro NG) –Not Thomas Petazzoni (embedded systems & kernel guru) ● Wrote dotCloud PAAS deployment tools –EC2, ● LXC, Puppet, Python, Shell, ØMQ... Docker contributor (CONTAINERIZE ALL THE THINGS!) –Docker-in-Docker, ● VPN-in-Docker, router-in-Docker... Runs Docker in production –Psssst... #lspe You shouldn't do it, but here's how anyway!
  • 3. Outline ● LXC and the container metaphor ● Docker basics ● Docker images ● Docker deployment #lspe
  • 4. Outline ● LXC and the container metaphor ● Docker basics ● Docker images ● Docker deployment #lspe
  • 6. High level approach: it's a lightweight VM ● own process space ● own network interface ● can run stuff as root ● can have its own /sbin/init (different from the host) « Machine Container » #lspe
  • 7. Low level approach: it's chroot on steroids ● can also not have its own /sbin/init ● container = isolated process(es) ● share kernel with host ● no device emulation (neither HVM nor PV) « Application Container » #lspe
  • 8. How does it work? Isolation with namespaces ● pid ● mnt ● net ● uts ● ipc ● user #lspe
  • 9. pid namespace jpetazzo@tarrasque:~$ ps aux | wc -l 212 jpetazzo@tarrasque:~$ sudo docker run -t -i ubuntu bash root@ea319b8ac416:/# ps aux USER root root PID %CPU %MEM 1 0.0 0.0 16 0.0 0.0 (That's 2 processes) #lspe VSZ 18044 15276 RSS TTY 1956 ? 1136 ? STAT START S 02:54 R+ 02:55 TIME COMMAND 0:00 bash 0:00 ps aux
  • 10. mnt namespace jpetazzo@tarrasque:~$ wc -l /proc/mounts 32 /proc/mounts root@ea319b8ac416:/# wc -l /proc/mounts 10 /proc/mounts #lspe
  • 11. net namespace root@ea319b8ac416:/# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 22: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> pfifo_fast state UP qlen 1000 mtu 1500 qdisc link/ether 2a:d1:4b:7e:bf:b5 brd ff:ff:ff:ff:ff:ff inet 10.1.1.3/24 brd 10.1.1.255 scope global eth0 valid_lft forever preferred_lft forever inet6 fe80::28d1:4bff:fe7e:bfb5/64 scope link valid_lft forever preferred_lft forever #lspe
  • 13. ipc namespace jpetazzo@tarrasque:~$ ipcs ------ Shared Memory Segments -------key shmid owner perms 0x00000000 3178496 jpetazzo 600 0x00000000 557057 jpetazzo 777 0x00000000 3211266 jpetazzo 600 root@ea319b8ac416:/# ipcs ------ Shared Memory Segments -------key shmid owner perms ------ Semaphore Arrays -------key semid owner perms ------ Message Queues -------key msqid owner perms #lspe bytes 393216 2778672 393216 nattch 2 0 2 status dest bytes nattch status nsems used-bytes messages dest
  • 14. user namespace ● ● no « demo » for this one... Yet! UID 0→1999 in container C1 is mapped to UID 10000→11999 in host; UID 0→1999 in container C2 is mapped to UID 12000→13999 in host; etc. ● required lots of VFS and FS patches (esp. XFS) ● what will happen with copy-on-write? – double translation at VFS? – single root UID on read-only FS? #lspe
  • 15. How does it work? Isolation with cgroups ● memory ● cpu ● blkio ● devices #lspe
  • 16. memory cgroup ● keeps track pages used by each group: – file (read/write/mmap from block devices; swap) – anonymous (stack, heap, anonymous mmap) – active (recently accessed) – inactive (candidate for eviction) ● each page is « charged » to a group ● pages can be shared (e.g. if you use any COW FS) ● Individual (per-cgroup) limits and out-of-memory killer #lspe
  • 17. cpu and cpuset cgroups ● keep track of user/system CPU time ● set relative weight per group ● pin groups to specific CPU(s) – Can be used to « reserve » CPUs for some apps – This is also relevant for big NUMA systems #lspe
  • 18. blkio cgroups ● keep track IOs for each block device – read vs write; sync vs async ● set relative weights ● set throttle (limits) for each block device – read vs write; bytes/sec vs operations/sec Note: earlier versions (<3.8) didn't account async correctly. #lspe3.8 is better, but use 3.10 for best results.
  • 19. devices cgroups ● controls read/write/mknod permissions ● typically: – – deny: everything else – ● allow: /dev/{tty,zero,random,null}... maybe: /dev/net/tun, /dev/fuse, /dev/kvm, /dev/dri... fine-grained control for GPU, virtualization, etc. #lspe
  • 20. How does it work? Copy-on-write storage ● Create a new machine instantly (Instead of copying its whole filesystem) ● Storage keeps track of what has changed ● Since 0.7, Docker has a storage plugin system #lspe
  • 21. Storage: many options! Union Filesystems Snapshotting Filesystems Copy-on-write block devices Provisioning Superfast Supercheap Fast Cheap Fast Cheap Changing small files Changing large files Diffing Superfast Supercheap Fast Cheap Fast Costly Slow (first time) Inefficient (copy-up!) Fast Cheap Fast Cheap Superfast Superfast Slow Memory usage Efficient Efficient Inefficient (at high densities) Drawbacks Random quirks AUFS not mainline !AUFS more quirks ZFS not mainline BTRFS not as nice Higher disk usage Great performance (except diffing) Bottom line Ideal for PAAS and high density things This is the Future (probably) Dodge Ram 3500 #lspe
  • 22. Compute efficiency: almost no overhead ● ● ● ● processes are isolated, but run straight on the host CPU performance = native performance memory performance = a few % shaved off for (optional) accounting network performance = small overhead; can be reduced to zero #lspe
  • 23. Alright, I get this. Containers = nimble VMs. #lspe
  • 24. #lspe
  • 32. Separation of concerns: Dave the Developer ● inside my container: – my code – my libraries – my package manager – my app – my data #lspe
  • 33. Separation of concerns: Oscar the Ops guy ● outside the container: – logging – remote access – network configuration – monitoring #lspe
  • 34. Outline ● LXC and the container metaphor ● Docker basics ● Docker images ● Docker deployment #lspe
  • 35. #lspe
  • 36. Docker-what? ● Open Source engine to commoditize LXC STOP! HAMMER DEMO TIME. #lspe
  • 37. #lspe
  • 38. Yes, but... ● ● ● « I don't need Docker; I can do all that stuff with LXC tools, rsync, and some scripts! » correct on all accounts; but it's also true for apt, dpkg, rpm, yum, etc. the whole point is to commoditize, i.e. make it ridiculously easy to use #lspe
  • 39. What this really means… ● instead of writing « very small shell scripts » to manage containers, write them to do the rest: – continuous deployment/integration/testing – orchestration ● = use Docker as a building block ● re-use other people images (yay ecosystem!) #lspe
  • 40. Docker-what? The big picture ● Open Source engine to run containers ● using copy-on-write for quick provisioning ● allowing to create and share images ● standard format for containers (stack of layers; 1 layer = tarball+metadata) standard, reproducible way to easily build trusted images (Dockerfile, Stackbrew...) #lspe ●
  • 41. Docker-what? Under the hood ● rewrite of dotCloud internal container engine – – ● original version: Python, tied to dotCloud's internal stuff released version: Go, legacy-free the Docker daemon runs in the background – – HTTP API (over UNIX or TCP socket) – ● manages containers, images, and builds embedded CLI talking to the API Open Source (GitHub public repository + issue tracking) #lspe
  • 42. Docker-what? The ecosystem ● Docker Inc. (formerly dotCloud Inc.) – – ● ~30 employees, VC-backed SAAS and support offering around Docker Docker, the community – more than 300 contributors, 1500 forks on GitHub – dozens of projects around/on top of Docker – x100k trained developers #lspe
  • 43. Outline ● LXC and the container metaphor ● Docker basics ● Docker images ● Docker deployment #lspe
  • 45. 1) docker run ubuntu bash 2) apt-get install this and that 3) docker commit <containerid> <imagename> 4) docker run <imagename> bash 5) git clone git://.../mycode 6) pip install -r requirements.txt 7) docker commit <containerid> <imagename> 8) repeat steps 4-7 as necessary 9) docker tag <imagename> <user/image> 10) docker push <user/image> #lspe
  • 46. Authoring images with run/commit ● Pros – – ● Convenient, nothing to learn Can roll back/forward if needed Cons – Manual process – Iterative changes stack up – Full rebuilds are boring, error-prone #lspe
  • 47. Authoring images with a Dockerfile #lspe
  • 48. FROM ubuntu RUN RUN RUN RUN RUN apt-get apt-get apt-get apt-get apt-get -y update install -y install -y install -y install -y g++ erlang-dev erlang-manpages erlang-base-hipe ... libmozjs185-dev libicu-dev libtool ... make wget RUN wget http://.../apache-couchdb-1.3.1.tar.gz | tar -C /tmp -zxfRUN cd /tmp/apache-couchdb-* && ./configure && make install RUN printf "[httpd]nport = 8101nbind_address = 0.0.0.0" > /usr/local/etc/couchdb/local.d/docker.ini EXPOSE 8101 CMD ["/usr/local/bin/couchdb"] docker build -t jpetazzo/couchdb . #lspe
  • 49. Authoring images with a Dockerfile ● Minimal learning curve ● Rebuilds are easy ● Caching system makes rebuilds faster ● Single file to define the whole environment! #lspe
  • 51. Authoring Images with Chef/Puppet/Ansible/Salt/... Plan A: « my other VM is a container » ● write a Dockerfile to install $YOUR_CM ● start tons of containers ● run $YOUR_CM in them Good if you want a mix of containers/VM/metal But slower to deploy, and uses more resources #lspe
  • 52. Authoring Images with Chef/Puppet/Ansible/Salt/... Plan B: « the revolution will be containerized » ● write a Dockerfile to install $YOUR_CM ● … and run $YOUR_CM as part of build process ● deploy fully baked images Faster to deploy Easier to rollback #lspe
  • 53. Outline ● LXC and the container metaphor ● Docker basics ● Docker images ● Docker deployment #lspe
  • 54. Install Docker ● On your servers (Linux) – – Single binary install (Golang FTW!) – ● Packages (Ubuntu, Debian, Fedora, Gentoo, Arch...) Easy provisioning on Rackspace, Digital Ocean, EC2, GCE... On your dev env (Linux, OS X, Windows) – Vagrantfile – boot2docker (25 MB VM image) – Natively (if you run Linux) #lspe
  • 55. Run containers SSH+CLI ● REST API ● Maestro NG ● Mesos ● OpenStack ● … and more ● #lspe
  • 56. Service discovery ● you can name your containers ● you can link your containers docker run -d -name frontdb mysqlimage docker run -d -link frontdb:sql nginximage → environment vars are injected in web container → twelve-factors FTW! #lspe
  • 58. Allocating CPU and RAM ● docker run -c $CPU_SHARES -m $RAM_MB Docker API will soon expose: ● total CPU/RAM ● allocated CPU/RAM ● used CPU/RAM WARNING: memory metrics are tricky! #lspe
  • 59. Memory metrics ● free jpetazzo@tarrasque:~$ free total used Mem: 8076564 7019656 -/+ buffers/cache: 4385120 Swap: 0 0 ● this is useless #lspe free 1056908 3691444 0 shared 0 buffers 8 cached 2634528
  • 60. Memory metrics ● cat /proc/meminfo ● GRRRREAT #lspe MemTotal: 8076564 kB MemFree: 1055260 kB Buffers: 8 kB Cached: 2634528 kB SwapCached: 0 kB Active: 3198088 kB Inactive: 1407516 kB Active(anon): 1986692 kB Inactive(anon): 185252 kB Active(file): 1211396 kB Inactive(file): 1222264 kB Unevictable: 0 kB Mlocked: 0 kB SwapTotal: 0 kB SwapFree: 0 kB Dirty: 144 kB Writeback: 0 kB AnonPages: 1971208 kB Mapped: 2402276 kB Shmem: 200876 kB Slab: 148020 kB SReclaimable: 90680 kB SUnreclaim: 57340 kB KernelStack: 4936 kB PageTables: 43928 kB NFS_Unstable: 0 kB Bounce: 0 kB WritebackTmp: 0 kB CommitLimit: 4038280 kB Committed_AS: 8365088 kB VmallocTotal: 34359738367 kB VmallocUsed: 357696 kB VmallocChunk: 34359349628 kB HardwareCorrupted: 0 kB AnonHugePages: 0 kB HugePages_Total: 0 HugePages_Free: 0 HugePages_Rsvd: 0 HugePages_Surp: 0 Hugepagesize: 2048 kB DirectMap4k: 210384 kB DirectMap2M: 8056832 kB
  • 61. Memory metrics ● ● cat /sys/fs/cgroup /memory /memory.stat slightly better... #lspe cache 2700967936 rss 1977851904 rss_huge 0 mapped_file 275435520 swap 0 pgpgin 104106567 pgpgout 102964277 pgfault 140459553 pgmajfault 3858 inactive_anon 168316928 active_anon 1993658368 inactive_file 1258921984 active_file 1257791488 unevictable 0 hierarchical_memory_limit 9223372036854775807 hierarchical_memsw_limit 9223372036854775807 total_cache 2700967936 total_rss 1977851904 total_rss_huge 0 total_mapped_file 275435520 total_swap 0 total_pgpgin 104106567 total_pgpgout 102964277 total_pgfault 140459553 total_pgmajfault 3858 total_inactive_anon 168316928 total_active_anon 1993658368 total_inactive_file 1258921984 total_active_file 1257791488 total_unevictable 0
  • 62. Memory metrics ● ● cat /sys/fs/cgroup /memory /memory.stat this looks better #lspe cache 2700967936 rss 1977851904 rss_huge 0 mapped_file 275435520 swap 0 pgpgin 104106567 pgpgout 102964277 pgfault 140459553 pgmajfault 3858 inactive_anon 168316928 active_anon 1993658368 inactive_file 1258921984 active_file 1257791488 unevictable 0 hierarchical_memory_limit 9223372036854775807 hierarchical_memsw_limit 9223372036854775807 total_cache 2700967936 total_rss 1977851904 total_rss_huge 0 total_mapped_file 275435520 total_swap 0 total_pgpgin 104106567 total_pgpgout 102964277 total_pgfault 140459553 total_pgmajfault 3858 total_inactive_anon 168316928 total_active_anon 1993658368 total_inactive_file 1258921984 total_active_file 1257791488 total_unevictable 0
  • 63. Memory metrics ● ● cat /sys/fs/cgroup /memory /memory.stat but you want this #lspe cache 2700967936 rss 1977851904 rss_huge 0 mapped_file 275435520 swap 0 pgpgin 104106567 pgpgout 102964277 pgfault 140459553 pgmajfault 3858 inactive_anon 168316928 active_anon 1993658368 inactive_file 1258921984 active_file 1257791488 unevictable 0 hierarchical_memory_limit 9223372036854775807 hierarchical_memsw_limit 9223372036854775807 total_cache 2700967936 total_rss 1977851904 total_rss_huge 0 total_mapped_file 275435520 total_swap 0 total_pgpgin 104106567 total_pgpgout 102964277 total_pgfault 140459553 total_pgmajfault 3858 total_inactive_anon 168316928 total_active_anon 1993658368 total_inactive_file 1258921984 total_active_file 1257791488 total_unevictable 0
  • 65. Networking ● sometimes, you need to expose range of ports ● or completely arbitary ports ● or non-IP protocols ● or you have special needs: – more than 1 Gb/s in containers – more than 1,000 connections/s – more than 100,000 concurrent connections #lspe
  • 66. Get rid of the overhead ● ● ● ● ● use openvswitch bridge a container directly with a NIC (remove iptables out of the equation) move a (macvlan) NIC to a container (a bit of overhead; multi-tenant) move a (physical) NIC to a container (zero overhead; single-tenant) move a (virtual function) NIC to a container (if your hardware supports it) #lspe
  • 67. #lspe
  • 68. Pipework ● ● sidekick script for Docker I replaced the plumber with a very small small shell script pipework br1 $APACHE 192.168.1.1/24 pipework br1 $MYSQL 192.168.1.2/24 pipework br1 $CONTAINERID 192.168.4.25/20@192.168.4.1 pipework eth2 $(docker run -d hipache) 50.19.169.157 pipework eth3 $(docker run -d hipache) 107.22.140.5 pipework br0 $(docker run -d zmqworker) dhcp fa:de:b0:99:52:1c #lspe