Upgrade to Pro — share decks privately, control downloads, hide ads and more …

What's new in the latest Docker release and Docker Hub @ braintree

What's new in the latest Docker release and Docker Hub @ braintree

Small presentation about what's new in the Docker Platform

Victor Vieux

August 19, 2014
Tweet

More Decks by Victor Vieux

Other Decks in Technology

Transcript

  1. Docker Meetup - @braintree – 08/19/2014
    What’s new in the latest Docker
    release and Docker Hub
    Victor Vieux, Docker Inc.
    @vieux

    View full-size slide

  2. Some numbers
    Date   06/09/2014   08/19/2014  
    Docker  version   1.0   1.1.2  
    #  of  pulls   2,943,991   13,198,885   +350%  
    #  of  pushes   105,663   262,435   +150%  
    #  of  repositories   15,437   29,666   +100%  

    View full-size slide

  3. What’s new in the
    Docker Engine ?

    View full-size slide

  4. We finally moved
    dotcloud/docker => docker/docker

    View full-size slide

  5. docker pause & docker unpause
    •  We added the ability to pause a container
    (freeze the process inside it).
    •  So it’s now safe to commit a running
    container because it’ll be paused
    automatically.

    View full-size slide

  6. Networking strategies
    •  --net=bridge : default behavior, the container gets
    an IP on a bridge shared by all the containers

    View full-size slide

  7. Networking strategies
    •  --net=host : the container access the host interfaces
    directly

    View full-size slide

  8. docker run --net=container:c1 ubuntu sh \
    -c “echo test | nc 127.0.0.1 80”
    Networking strategies
    •  --net=container: : share the
    network stack of another container
    docker run --name c1 ubuntu nc –l 127.0.0.1 80

    View full-size slide

  9. Networking strategies
    •  --net=none : disable networking completely, the
    container only gets a loopback interface.
    https://docs.docker.com/reference/run/#network-settings

    View full-size slide

  10. .dockerignore
    •  Exclude some directories when sending
    the context the daemon during a build
    •  For example most of the time you could
    add the .git folder to the .dockerignore
    https://docs.docker.com/reference/builder/#dockerignore

    View full-size slide

  11. COPY instruction
    •  ADD without download and untar
    •  Please use COPY if it’s only what you
    need!
    https://docs.docker.com/reference/builder/#copy

    View full-size slide

  12. ..and tons of other improvements!
    •  Overall performance and stability
    •  Logs tailing with docker logs --tail
    •  IPv6 support in --dns
    •  Filter client output with docker ps –-filter
    •  docker rm -f now kills container before removal instead of stop.
    •  Testing framework and code coverage
    https://github.com/docker/docker/blob/master/CHANGELOG.md

    View full-size slide

  13. What’s new in the
    Docker Hub?

    View full-size slide

  14. Organizations and groups

    View full-size slide

  15. Organizations and groups

    View full-size slide

  16. Bitbucket support (hg and git)

    View full-size slide

  17. Private repositories and private
    automated builds
    One free private repository
    when you sign up at http://hub.docker.com

    View full-size slide

  18. Official repositories

    View full-size slide

  19. What’s next in the
    Docker Engine?

    View full-size slide

  20. Fine grain control over capabilities
    •  Docker defines a whitelist of capabilities,
    all the other are dropped.
    •  --privileged was introduced to grant
    access to all the capabilities.
    •  In the release we will introduce --cap-add
    and --cap-drop

    View full-size slide

  21. --cap-add/--cap-drop examples
    •  Change the status of the container’s
    interfaces:
    •  Prevent any chown in the container:
    •  Allow all capabilities but mknod:
    docker run --cap-add=NET_ADMIN ubuntu sh –c “ip link eth0 down”
    docker run --cap-drop=CAP_CHOWN ...
    docker run --cap-add=ALL --cap-drop=MKNOD ...

    View full-size slide

  22. Adding host devices to a container
    •  You could use add devices by using a bind
    mount and --privileged .
    •  In the next release we will introduce
    the --device flag.
    •  To use your sound card without requiring
    privileged mode:
    docker run --device=/dev/snd:/dev/snd ...

    View full-size slide

  23. Restart policies
    •  Restart the container as soon as it exits:
    docker run --restart=always redis
    •  Restart the container only when it fails,
    up to 5 times:
    docker run --restart=on-failure:5 redis
    •  Default if no restart (as today)

    View full-size slide

  24. What’s the future of the
    Docker Engine?

    View full-size slide

  25. Remote volumes
    •  docker run -v /host/path:/container/path on
    a remote machine, like OSX &
    boot2docker!
    •  At first using fuse, but could be another
    “driver” later.
    https://github.com/bradfitz/docker/tree/fuse

    View full-size slide

  26. Spawning multiple commands
    •  Spawn a redis server
    docker run --name redis-master redis
    •  Spawn a bash
    docker exec -it redis-master bash
    •  Trigger save of the dataset
    docker exec redis-master redis-cli “save”
    https://github.com/docker/docker/pull/7409

    View full-size slide

  27. Improved logging
    •  New logging drivers:
    –  none
    –  default
    –  syslog
    •  Configuration via --logging-opt
    https://github.com/docker/docker/issues/7195
    docker -d --logging default \
    --logging-opt truncation=20mb \
    --logging-opt rotation=1gb

    View full-size slide

  28. Distributed Systems
    •  Dynamic links
    •  Multi-hosts links
    •  Orchestration of containers

    View full-size slide

  29. Thank you! Questions?
    http://docker.com
    http://hub.docker.com
    @docker - @vieux

    View full-size slide