What is a (Docker) Container, really?

What is a (Docker) Container, really?

See slide #5 from a (shortened) K8s 101 which I always use to baseline and level-set the audience before diving into advanced container topics.

F0a7c85adbda4a176d917f90c49b35b2?s=128

Michael Gasch

January 01, 2018
Tweet

Transcript

  1. 1 Confidential  ©2019 VMware, Inc. Kubernetes in a Nutshell

  2. Confidential  ©2019 VMware, Inc. 2 „Kubernetes is an open-source

    System for automating Deployment, Scaling, and Management of containerized Applications.” The Origin of Kubernetes
  3. Confidential  ©2019 VMware, Inc. 3 Google Search (late 1990s)

    Borg (~2003) Cgroups (2007) Omega (~2012) Docker (2013) The Origin of Kubernetes Kubernetes (2014) @embano1
  4. Confidential  ©2019 VMware, Inc. 4 Kubernetes Cluster Kubernetes High-Level

    Architecture Infrastructure (Compute, Storage, Networking) Control Plane Worker Pod Pod Pod Pod Pod API Kubernetes Cloud Provider @embano1
  5. Confidential  ©2019 VMware, Inc. 5 So what is a

    Container, really? Kernel Mode Cgroups Namespaces Security Capabilities Scheduler Syscall task_struct … Scheduling Entity (se) “running” syscall.Exec(ENTRYPOINT/CMD)* A Structure in Kernel Memory. The Kernel has no Notion of a “Container”. It’s yet another Executable. User Mode Docker Engine ContainerCreate() * After Container Sandbox Initialization (nsenter.go/nsexec.c) sched_class fair.c (CFS) @embano1
  6. Confidential  ©2019 VMware, Inc. 6 The Pod – The

    atomic Unit in Kubernetes Kubernetes Primitives /pause Container #1 Container #2 Pod Limits Requests https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.13/#podspec-v1-core Volumes Priority Affinity Probes IP @embano1
  7. Confidential  ©2019 VMware, Inc. 7 Higher Level Objects Kubernetes

    Primitives Pod “redis-<id>-1” ReplicaSet “redis-<ID>” “desired: 3” Deployment “redis” “strategy: rollingUpdate” Pod “redis-<id>-2” Pod “redis-<id>-3” myCustomController “kind: redisCluster” Horizontal Pod Autoscaler (HPA) Metrics Provider myCustomController kubectl create –f redis.yaml REST API SDKs API
  8. Confidential  ©2019 VMware, Inc. 8 Controllers and Reconciliation Loops

    Kubernetes Primitives Observe Analyze Act