猿でもわかるコンテナ V3 / a-monkeys-guide-to-container-v3

Transcript

1. None

2. 2 § § Sr. DevOps Acceleration Engineer @JFrog § DevOps

   Liquid Software § @tsuyoshi_miyake miyaket@jfrog.com

3. 3 § Webinar Ø § § Q&A Ø Ø Chat

4. Q&A 4

5. 5

6. 6 - https://www.docker.com/resources/what-container Photo by Victoire Joncheray on Unsplash

7. § § § § VM § § § § 7

8. 8

9. 9

10. § § A B § § CPU 10

11. § § VM OS 11

12. vs vs VM 12

13. vs vs VM 13

14. 14

15. 15

16. 16

17. § OS § Linux Namespaces § Linux Control Groups (cgroups)

    § § : runc rkt lmctfy 17

18. Linux Namespaces § § Namespace § cgroups 18 source: https://man7.org/linux/man-pages/man7/namespaces.7.html

19. -u: UTS (hostname) -p: PID -f: fork Namespace 19

20. Linux Control Groups (cgroups) § § CPU I/O 20 source:

    https://www.kernel.org/doc/html/latest/admin-guide/cgroup-v1/cgroups.html

21. 21 namespaces cgroups ...

22. 22

23. 23

24. § § § API § : Docker containerd rkt 24

25. Docker § § dockerd § docker § dockerd/containerd/runc § dockerd

    (Docker Engine) Dockerfile 25 source: https://www.docker.com/blog/docker-engine-1-11-runc/

26. § § Docker § § Docker § Docker overlay2 §

    Dockerfile § COPY 26

27. 27

28. Union File System § FS FS § overlay2 Union FS

    OverlayFS 28

29. § Docker § 29

30. 1979 2000 chroot FreeBSD Jails IP 30 2001 Linux VServer

    2017 Kubernetes to CNCF 2004 Solaris Containers Solaris Resource Manager + Zones 2008 Process Containers Google cgroups 2011 LXC (LinuX Containers) Linux 2013 Warden CloudFoundry 2013 LMCTFY Let Me Contain That For You: Google OSS libcontainer 2015 2016 OCI 2016 Container Security DevSecOps Containerd to CNCF 2006 Docker
31. None

32. Q&A

33. THANK YOU!