Upload
jason-shepherd
View
227
Download
1
Embed Size (px)
DESCRIPTION
Citation preview
Jason Shepherd, Docker Meetup Brisbane
What is Docker?
Jason Shepherd, Docker Meetup Brisbane
Lightweight container
Storage for containers
Images for building containers
Repository for images
Jason Shepherd, Docker Meetup Brisbane
Why Docker?
Jason Shepherd, Docker Meetup Brisbane
Jason Shepherd, Docker Meetup Brisbane
Make the entire lifecycle more efficient, consistent, and repeatable
Eliminate inconsistencies between
environments
Address significant performance, costs, deployment, and portability issues normally
associated with VMs
Jason Shepherd, Docker Meetup Brisbane
Demo: Creating a container
Jason Shepherd, Docker Meetup Brisbane
sudo docker run -i -t fedora /bin/bashbash-4.2#
Run /bin/bash using the fedora image and use my current shell to access it.
Jason Shepherd, Docker Meetup Brisbane
Show the running containers
sudo docker ps
CONTAINER ID IMAGE COMMAND eed6e1011af4 fedora:20 /bin/bash
Jason Shepherd, Docker Meetup Brisbane
Demo: Saving your changes
Jason Shepherd, Docker Meetup Brisbane
sudo docker run -i -t fedora /bin/bashbash-4.2# yum install -y httpdbash-4.2# exit
sudo docker run -i -t fedora /bin/bashbash-4.2# rpm -ql httpdPackage httpd is not installed
Jason Shepherd, Docker Meetup Brisbane
sudo docker ps CONTAINER ID IMAGE COMMAND
123e61a0108d fedora:20 /bin/bash
sudo docker commit 123e61a0108d fedora-local8a4a4c6445b...
sudo docker imagesREPOSITORY TAG IMAGE
fedora-local latest 8a4a4c64495b
Jason Shepherd, Docker Meetup Brisbane
Demo:Access a container via the Network
Jason Shepherd, Docker Meetup Brisbane
Run Apache in the forground:/usr/sbin/httpd
-DFOREGROUND
Jason Shepherd, Docker Meetup Brisbane
Bind a port on the host(8080) to a container port(80)
sudo docker run -p 0.0.0.0:8080:80 -t a0cd983109bc /usr/sbin/httpd -DFOREGROUND
Jason Shepherd, Docker Meetup Brisbane
Hit it with your browser:
http://localhost:8080/
Jason Shepherd, Docker Meetup Brisbane
Docker is not production ready:
- All system calls available- Can mount file system of host
- Can access process of container from host
Jason Shepherd, Docker Meetup Brisbane
How to deal with Security issues:
- Treat docker as you would sudo- Trust the images you run, they have root access
- Don't allow remote access to docker!