Linux containers

Table of Contents Dockers: Overview LXC: Overview Practices Linux Features cgroups Linux namespaces Libcontainer Linux Networking Linux Network Interfaces Linux Network Namespaces

Dockers: Overview

Wikipedia: https://en.wikipedia.org/wiki/Docker_(software)
초보자를 위한 도커
Slides on linux containers: http://www.haifux.org/lectures/320/netLec8_final.pdf
Deploying Go servers with docker

  If you would like to use Docker as a non-root user, you should now consider
  adding your user to the "docker" group with something like:
    sudo usermod -aG docker cjeong
  Remember that you will have to log out and back in for this to take effect!

Nice article on docker: https://www.sitepoint.com/docker-containers-software-delivery

LXC: Overview

LXC webpage: https://linuxcontainers.org
Wikipedia: https://en.wikipedia.org/wiki/LXC
LXC.org getting started: https://linuxcontainers.org/lxc/getting-started/
Brief LXC intro
commands
- create container: lxc-create -t ubuntun -n cn-01
- start container: lxc-start -n cn-01

  To enable sshd, run: apt-get install openssh-server
  For security reason, container images ship without user accounts
  and without a root password.
  Use lxc-attach or chroot directly into the rootfs to set a root password
  or create user accounts.

Practices

Google Borg cluster-management system

Linux Features

cgroups

wiki: https://en.wikipedia.org/wiki/Cgroups

Linux namespaces

wiki: https://en.wikipedia.org/wiki/Linux_namespaces

Libcontainer

Libcontainers overview: Golang example

Linux Networking

Linux Network Interfaces

Linux Network Namespaces

Brief intro to network namespaces
add namespace: ip netns add BLUE
list namespace: ip netns list
assigning network interface to network namespaces:
- one cannot assign physical network interface to a namespace -- one can only assign virtual Ethernet (veth) interfaces to a network namespace
- veth always come in pairs, connected like a tube
- create veth pair: ip link add veth0 type veth peer name veth1
- list veth pair: ip link list: this "listing" only shows global namespace
connecting veth-pair network interfaces to namespace:
- ip link set veth1 netns BLUE
- now veth1 interface has disappeared from global namespace and put into BLUE namespace
- so, to see veth* list the BLUE namespace ip netns exec BLUE ip link list
  - ip netns exec <namespace></namespace>: prefix to use when executing command in a namespace
configuring network interface: ip netns exec BLUE ifconfig veth1 10.1.1./24 up
- assigns an IP address to veth1 interface and bring that interface up

Ⓜ️ mv

Linux containers

Table of Contents

Dockers: Overview

LXC: Overview

Practices

Linux Features

cgroups

Linux namespaces

Libcontainer

Linux Networking

Linux Network Interfaces

Linux Network Namespaces

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!