Upgrade to Pro — share decks privately, control downloads, hide ads and more …

What's new in the latest Docker release and Docker Hub @ braintree

What's new in the latest Docker release and Docker Hub @ braintree

Small presentation about what's new in the Docker Platform

1c23303ba42e0f9c0e017a94e900ea6c?s=128

Victor Vieux

August 19, 2014
Tweet

Transcript

  1. Docker Meetup - @braintree – 08/19/2014 What’s new in the

    latest Docker release and Docker Hub Victor Vieux, Docker Inc. @vieux
  2. Some numbers Date   06/09/2014   08/19/2014   Docker  version

      1.0   1.1.2   #  of  pulls   2,943,991   13,198,885   +350%   #  of  pushes   105,663   262,435   +150%   #  of  repositories   15,437   29,666   +100%  
  3. What’s new in the Docker Engine ?

  4. We finally moved dotcloud/docker => docker/docker

  5. docker pause & docker unpause •  We added the ability

    to pause a container (freeze the process inside it). •  So it’s now safe to commit a running container because it’ll be paused automatically.
  6. Networking strategies •  --net=bridge : default behavior, the container gets

    an IP on a bridge shared by all the containers
  7. Networking strategies •  --net=host : the container access the host

    interfaces directly
  8. docker run --net=container:c1 ubuntu sh \ -c “echo test |

    nc 127.0.0.1 80” Networking strategies •  --net=container:<container_id> : share the network stack of another container docker run --name c1 ubuntu nc –l 127.0.0.1 80
  9. Networking strategies •  --net=none : disable networking completely, the container

    only gets a loopback interface. https://docs.docker.com/reference/run/#network-settings
  10. .dockerignore •  Exclude some directories when sending the context the

    daemon during a build •  For example most of the time you could add the .git folder to the .dockerignore https://docs.docker.com/reference/builder/#dockerignore
  11. COPY instruction •  ADD without download and untar •  Please

    use COPY if it’s only what you need! https://docs.docker.com/reference/builder/#copy
  12. ..and tons of other improvements! •  Overall performance and stability

    •  Logs tailing with docker logs --tail •  IPv6 support in --dns •  Filter client output with docker ps –-filter •  docker rm -f now kills container before removal instead of stop. •  Testing framework and code coverage https://github.com/docker/docker/blob/master/CHANGELOG.md
  13. What’s new in the Docker Hub?

  14. Organizations and groups

  15. Organizations and groups

  16. Bitbucket support (hg and git)

  17. Private repositories and private automated builds One free private repository

    when you sign up at http://hub.docker.com
  18. Official repositories

  19. The console

  20. The console

  21. The console

  22. What’s next in the Docker Engine?

  23. Fine grain control over capabilities •  Docker defines a whitelist

    of capabilities, all the other are dropped. •  --privileged was introduced to grant access to all the capabilities. •  In the release we will introduce --cap-add and --cap-drop
  24. --cap-add/--cap-drop examples •  Change the status of the container’s interfaces:

    •  Prevent any chown in the container: •  Allow all capabilities but mknod: docker run --cap-add=NET_ADMIN ubuntu sh –c “ip link eth0 down” docker run --cap-drop=CAP_CHOWN ... docker run --cap-add=ALL --cap-drop=MKNOD ...
  25. Adding host devices to a container •  You could use

    add devices by using a bind mount and --privileged . •  In the next release we will introduce the --device flag. •  To use your sound card without requiring privileged mode: docker run --device=/dev/snd:/dev/snd ...
  26. Restart policies •  Restart the container as soon as it

    exits: docker run --restart=always redis •  Restart the container only when it fails, up to 5 times: docker run --restart=on-failure:5 redis •  Default if no restart (as today)
  27. What’s the future of the Docker Engine?

  28. Remote volumes •  docker run -v /host/path:/container/path on a remote

    machine, like OSX & boot2docker! •  At first using fuse, but could be another “driver” later. https://github.com/bradfitz/docker/tree/fuse
  29. Spawning multiple commands •  Spawn a redis server docker run

    --name redis-master redis •  Spawn a bash docker exec -it redis-master bash •  Trigger save of the dataset docker exec redis-master redis-cli “save” https://github.com/docker/docker/pull/7409
  30. Improved logging •  New logging drivers: –  none –  default

    –  syslog •  Configuration via --logging-opt https://github.com/docker/docker/issues/7195 docker -d --logging default \ --logging-opt truncation=20mb \ --logging-opt rotation=1gb
  31. Distributed Systems •  Dynamic links •  Multi-hosts links •  Orchestration

    of containers
  32. Thank you! Questions? http://docker.com http://hub.docker.com @docker - @vieux