Saturday, June 23, 2018

Docker Namespaces - The Containerization Platform




DOCKER the containerization Platform

Docker is open-source software that makes it easier to build, deploy and run the application using LXC (Linux Containers).

LXC 

LXC was developed based on cgroups Linux kernel feature(released in kernel version 2.6.24) which is an operating system-level virtualization. On a single Linux host, multiple isolated Linux containers can run by sharing the OS resources independently.

Cgroups

Cgroups (control groups) is a Linux kernel feature that limits, accounts and isolates the resource usage (CPU, memory, disk I/O, Network, and so on) of a collection of processes.

Docker Namespaces

Namespaces is a kernel feature that partitions the kernel so that one set of processes can see one set of resources including processes trees, networking, userid, and mount file system. Each process is associated with namespaces can only see or use the resources associated with that namespace only.

Docker Engine uses namespaces such as the following on Linux:

  • The pid namespace: Process isolation (PID: Process ID).
  • The net namespace: Managing network interfaces (NET: Networking).
  • The ipc namespace: Managing access to IPC resources (IPC: InterProcess Communication).
  • The mnt namespace: Managing filesystem mount points (MNT: Mount).
  • The uts namespace: Isolating kernel and version identifiers. (UTS: Unix Timesharing System).

Docker uses the Linux namespaces in combination with cgroups to isolate their processes.

Union file systems

Union file systems, or UnionFS, are file systems that operate by creating layers, making them very lightweight and fast. Docker Engine uses UnionFS to provide the building blocks for containers. Docker Engine can use multiple UnionFS variants, including AUFS, btrfs, vfs, and DeviceMapper.

Container format

Docker Engine combines the namespaces, control groups, and UnionFS into a wrapper called a container format. The default container format is libcontainer.

Container

Containers are a method of operating system virtualization that allows running the application and its dependencies in resource isolated processes. Linux containers contain applications in a way that keep them isolated from the host system that they run on. Application packaged in one Linux container on a particular flavor of OS can run on a different flavor of OS along with its dependency software.
For example, the container image created on UBUNTU OS can run on CentOS.

Docker Image

Image is an instance of the container. Image is a set of layers of your application as you described If we start this image, we have a running container of this image. We can have many running containers of the same image.

OS = kernel + filesystem/libraries
Image = filesystem/libraries

Virtual machines vs Containers

Virtual machines are created on a bare metal machine with the help of a hypervisor - which is a software/firmware that sits between the hardware and VM is necessary to virtualize the servers.

Virtual machines runs on guest os, the different os can run on the same physical machine. Every VM has its own binaries, libraries, and applications that it services and may be in different disk sizes.

Server virtualization benefits in utilizing the machine effectively, it will provide the ability to consolidate application on to the single machine. where as it has a disadvantage that each VM includes a separate OS. The application developed or deployed in one VM may not work in other VMs without any modifications.

So portability of application is difficult with VMs which helps in popularize container.



The container provides a way to run applications on a single server or host OS. Containers resides on a physical server and its host OS for example, Linux or Windows.
Each container shares the host OS kernel and, usually, the binaries and libraries, too. Shared components are read-only. Containers are thus exceptionally “light”—they are only megabytes in size and take just seconds to start, versus gigabytes and minutes for a VM.


Virtual machines and containers differ in several ways, but the primary difference is that containers provide a way to virtualize an OS so that multiple workloads can run on a single OS instance. With VMs, the hardware is being virtualized to run multiple OS instances. Containers’ speed, agility, and portability make them yet another tool to help streamline software development.

Finally, What is Docker?

Docker is a software program that performs operating system virtualization also known as Containerization. Docker is developed by Docker, Inc.

Docker uses the resource isolation features of the Linux kernel such as cgroups and kernel namespaces, and a union-capable file system such as OverlayFS to allow independent "containers" to run within a single Linux instance, avoiding the overhead of starting and maintaining virtual machines.

Docker includes the libcontainer library as its own way to directly use virtualization facilities provided by the Linux kernel, in addition to using abstracted virtualization interfaces via libvirt, LXC, and systemd-nspawn.

Who developed Docker?

Solomon Hykes started Docker in France as an internal project within dotCloud, a platform-as-a-service company.
The software debuted to the public in Santa Clara at PyCon in 2013.

Docker was released as open-source in March 2013. On March 13, 2014, with the release of version 0.9, Docker dropped LXC as the default execution environment and replaced it with its own libcontainer library written in the Go programming language

Now its time to know how to install docker? Different installation types? What are the flavours of docker available? Where we get support? ..... to continue in the next article.


Don't forget to add your comments below....


1 comment:

Pavan Devarakonda [PD] said...

it looks pretty informative on Docker basic concepts and its evolution described interesting things posted.

Great job Veera keep it up!

Categories

Kubernetes (24) Docker (20) git (13) Jenkins (12) AWS (7) Jenkins CI (5) Vagrant (5) K8s (4) VirtualBox (4) CentOS7 (3) docker registry (3) docker-ee (3) ucp (3) Jenkins Automation (2) Jenkins Master Slave (2) Jenkins Project (2) containers (2) create deployment (2) docker EE (2) docker private registry (2) dockers (2) dtr (2) kubeadm (2) kubectl (2) kubelet (2) openssl (2) Alert Manager CLI (1) AlertManager (1) Apache Maven (1) Best DevOps interview questions (1) CentOS (1) Container as a Service (1) DevOps Interview Questions (1) Docker 19 CE on Ubuntu 19.04 (1) Docker Tutorial (1) Docker UCP (1) Docker installation on Ubunutu (1) Docker interview questions (1) Docker on PowerShell (1) Docker on Windows (1) Docker version (1) Docker-ee installation on CentOS (1) DockerHub (1) Features of DTR (1) Fedora (1) Freestyle Project (1) Git Install on CentOS (1) Git Install on Oracle Linux (1) Git Install on RHEL (1) Git Source based installation (1) Git line ending setup (1) Git migration (1) Grafana on Windows (1) Install DTR (1) Install Docker on Windows Server (1) Install Maven on CentOS (1) Issues (1) Jenkins CI server on AWS instance (1) Jenkins First Job (1) Jenkins Installation on CentOS7 (1) Jenkins Master (1) Jenkins automatic build (1) Jenkins installation on Ubuntu 18.04 (1) Jenkins integration with GitHub server (1) Jenkins on AWS Ubuntu (1) Kubernetes Cluster provisioning (1) Kubernetes interview questions (1) Kuberntes Installation (1) Maven (1) Maven installation on Unix (1) Operations interview Questions (1) Oracle Linux (1) Personal access tokens on GitHub (1) Problem in Docker (1) Prometheus (1) Prometheus CLI (1) RHEL (1) SCM (1) SCM Poll (1) SRE interview questions (1) Troubleshooting (1) Uninstall Git (1) Uninstall Git on CentOS7 (1) Universal Control Plane (1) Vagrantfile (1) amtool (1) aws IAM Role (1) aws policy (1) caas (1) chef installation (1) create organization on UCP (1) create team on UCP (1) docker CE (1) docker UCP console (1) docker command line (1) docker commands (1) docker community edition (1) docker container (1) docker editions (1) docker enterprise edition (1) docker enterprise edition deep dive (1) docker for windows (1) docker hub (1) docker installation (1) docker node (1) docker releases (1) docker secure registry (1) docker service (1) docker swarm init (1) docker swarm join (1) docker trusted registry (1) elasticBeanStalk (1) global configurations (1) helm installation issue (1) mvn (1) namespaces (1) promtool (1) service creation (1) slack (1)