Understanding Docker Architecture in Advanced Operating Systems
Delve into the intricacies of Docker architecture as covered in CSE 522S Advanced Operating Systems course at Washington University in St. Louis. Explore the fundamental mechanisms, client-server interactions, container creation automation, and monitoring provided by Docker. Gain insights into namespaces, cgroups, and how containers are managed in a modular architecture, ensuring continuous operation even during daemon restarts.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
E N D
Presentation Transcript
Introduction to Docker Marion Sudvarg, Chris Gill CSE 522S Advanced Operating Systems Washington University in St. Louis St. Louis, MO 63130 1
Logistics Exams returned Thursday Revised project proposals due by 11:59 PM today Resubmit in Canvas One per team CSE 522S Advanced Operating Systems 2
So Far We have discussed the fundamental mechanisms provided by the Linux kernel for Observability inotify The /proc pseudo-filesystem, and corresponding utilities Interrupts Isolation Address space virtualization Namespaces Control Timers and interrupt handlers Resource limits cgroups CSE 522S Advanced Operating Systems 3
Containers Namespaces and cgroups provide the primary foundational mechanisms for containers You have already manually created a simple container environment Docker provides an environment for automation of container creation and an interface for container monitoring and management CSE 522S Advanced Operating Systems 4
Docker Architecture I Docker Client Client/Server architecture Docker Client IP Socket TCP port 2375 unencrypted TCP port 2376 encrypted Uses IP sockets for communication Clients can be on the same machine, or communicate over a network Allows connections from multiple concurrent clients! Docker Server CSE 522S Advanced Operating Systems 5
Docker Architecture II Docker Client Provides API to clients Docker Daemon Starts new containers with runc Supervises and controls state of running containers runc reads container image specification Initializes container environment: namespaces, cgroups, network (covered later), etc. Creates persistent shim component Loads container programs and state runc exits when initialization is complete runc shim code & state Container Docker Server CSE 522S Advanced Operating Systems 6
Docker Architecture III Docker Client Provides API to clients Docker Daemon Supervises and controls state of running containers containerd clones a new runc for every container it creates Resource intensive to maintain a copy of runc for each container shim process maintains minimal environment to allow container to maintain communication with containerd This modular architecture allows containers to stay online even if the Daemon is restarted/upgraded! shim shim shim code & state code & state code & state Container Container Container Docker Server CSE 522S Advanced Operating Systems 7
Docker Images containerd starts a container from a Docker image One image can launch multiple containers An image is built from a Dockerfile that specifies the image s attributes, files, commands, etc. Consider the following analogy: Program Dockerfile Executable Binary Image Process Container CSE 522S Advanced Operating Systems 8
Building a Docker Image Docker images are layered An image can inherit from a base image (e.g. a minimal Linux distribution, with necessary files and directories) Layers are additive: dnf install y httpd dnf clean all Files from the install are kept in the image, but marked deleted in the clean layer docker build uses a layer cache when building a new version of an existing image CSE 522S Advanced Operating Systems 9
Todays Studio: Installing Docker You will install the docker.io package: sudo apt-get install docker.io This is the Ubuntu/Debian release package, and installs dependencies as separate, dynamically- linked libraries Non-root user has access to Docker client Add pi user to docker group to access Docker server CSE 522S Advanced Operating Systems 10
Todays Studio: Alpine Linux Alpine Linux is a minimal Linux distribution Uses the lightweight musl c library instead of glibc Has a minimal set of shell utilities Mounts a minimal set of files and directories to enable interaction via the host Linux kernel Used as the base derived layer for your image CSE 522S Advanced Operating Systems 11
Todays Studio: Dockerize a Program You will construct your own Dockerfile Start with Alpine Linux Install gcc Write and compile your own program into the container Observe the container as you have in previous studios: Run ps Inspect cgroups and namespaces Look at the container s overlay filesystem CSE 522S Advanced Operating Systems 12
Todays Readings Several pages from the Docker docs website: Docker run reference: Overview of the docker run command with a wealth of information about running Docker containers. Skim, with attention to these sections: Detached vs foreground Container identification PID Settings Clean up Use the Docker command line: Overview of the Docker command-line interface docker build: Overview of the docker build command with a wealth of information about running Docker images. Skim, with attention to these sections: Options Build with PATH Tag an Image Docker development best practices: A brief overview of best practices for building applications on Docker Best practices for writing Dockerfiles: A longer overview of best practices for constructing Dockerfiles for efficient building of images (fast build times, small images) (Optional) DKR book: Chapters 1 & 2: A good introduction to Docker Pages 31-34, 35-36, & 45-48: Relevant sections of Chapter 3 for installing Docker Pages 49-61: A detailed description of Docker images CSE 522S Advanced Operating Systems 13
