What is a (Docker) Container, really?

1
Confidential ©2019 VMware, Inc.
Kubernetes in a Nutshell

View Slide

Confidential ©2019 VMware, Inc. 2
„Kubernetes is an open-source System for
automating Deployment, Scaling, and
Management of containerized Applications.”
The Origin of Kubernetes

View Slide

Google
Search
(late 1990s)
Borg
(~2003)
Cgroups
(2007)
Omega
(~2012)
Docker
(2013)
The Origin of Kubernetes
Kubernetes
(2014)
@embano1

View Slide

Kubernetes Cluster
Kubernetes
High-Level Architecture
Infrastructure
(Compute, Storage, Networking)
Control Plane Worker
Pod Pod Pod Pod Pod
API
Kubernetes
Cloud Provider @embano1

View Slide

So what is a Container, really?
Kernel Mode
Cgroups
Namespaces
Security Capabilities
Scheduler
Syscall
task_struct
…
Scheduling Entity (se)
“running”
syscall.Exec(ENTRYPOINT/CMD)*
A Structure in Kernel
Memory. The Kernel has
no Notion of a
“Container”. It’s yet
another Executable.
User Mode
Docker Engine
ContainerCreate()
* After Container Sandbox Initialization
(nsenter.go/nsexec.c)
sched_class
fair.c (CFS)
@embano1

View Slide

The Pod – The atomic Unit in Kubernetes
Kubernetes Primitives
/pause
Container #1 Container #2
Pod
Limits
Requests
https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.13/#podspec-v1-core
Volumes
Priority
Affinity
Probes
IP
@embano1

View Slide

Higher Level Objects
Pod
“redis--1”
ReplicaSet “redis-”
“desired: 3”
Deployment “redis”
“strategy: rollingUpdate”
Pod
“redis--2”
Pod
“redis--3”
myCustomController
“kind: redisCluster”
Horizontal Pod Autoscaler
(HPA)
Metrics Provider
myCustomController
kubectl create –f redis.yaml
REST API
SDKs
API

View Slide

Controllers and Reconciliation Loops
Observe
Analyze
Act

View Slide

What is a (Docker) Container, really?

What is a (Docker) Container, really?

Michael Gasch

More Decks by Michael Gasch

Other Decks in Technology

Featured

Transcript