Docker!!!! It’s built on Cgroups 

I’m Bakare Emmanuel • Remote DevOps Engineer @Deimos • Volunteer Bootcamp Facilitator and LCA @Andela • DevOps and Linux Fan Boy • General Weird Guy with some humour • Incapable of understanding when to use upper case and Lower Case • People call me Bakman, so there’s also that! @ T i e m m a B a k a r e 2 

What is Docker? 

Docker Docker is a tool for building replicable environments for software in things called Images. It is a client server tool which uses a declarative model for specifying how you want to build the image. That declarative model is called a Dockerfile. 

Here’s an example of how a containers architecture is like! 

Containers CGROUP Lagos 

Cgroups ⊄ Lagos 

Cgroups can inherit other cgroups to form larger ones. This is what Docker uses to make containers talk to each other 

Cgroup Features These are the features that Cgroups in general enforce. 

Cgroups with Docker Notice docker can connect to both but the containers are individually separated. A general example of running multiple containers on Docker. 

Types of Cgroups Memory CPU CPUset HugeTLB BLKIO DEV FREEZER NET_CLS NET_PRIO 

Namespaces 

Namespaces This is what prevents a container from seeing the things on your computer. Cgroups limit what you can use Namespaces limit what you can see 

Namespaces There are various linux namespaces applicable for each process and each process is available in at least one namespace at a time. 

Types of Cgroups PID NET MNT UTS IPC USER 

Volumes 

Volumes This is what Linux uses to access your local storage. Since the mnt namespace prevents the container from sharing the same storage space as your pc, you need to access container and local storage resources some way, we use volumes to do that. 

Volume Drivers AUFS BTRFS DEVICE-MAPPER 

Container Runtimes 

Container Runtimes These are a set of tools that aim to simplify the low level process of setting up all the cgroup and namespace stuff on Linux and just get straight to running your containers. As much as you might think, Docker has it’s own container runtime which is just a subset of it’s tooling. 

Container Containers existed before Docker. https://joejulian.name/post/kubernetes-container-engine-comparison/ As much as most people get mixed up, there a lot of tools that can do what Docker does, cause remember, cgroups and namespaces which power Docker are Linux-native and not a Docker construct. Docker simply takes out all the streinous tasks and automates it so you don’t have to 

Container Runtimes RKT RUNC OPENVZ Docker LXC CRI Containerd 

Resources Cgroups, Namespaces and all that https://www.youtube.com/watch?v=s K5i-N34im8&list=WL&index=24&t=91 9s Bash implementation of Docker look alike with cgroups and docker repository support https://github.com/p8952/bocker 

Thanks!