docker testing the waters
play

Docker: Testing the Waters LA-UR 15-25901 1 LA-UR 15-25901 - PowerPoint PPT Presentation

Jun 01, 2023 •694 likes •997 views

Eric Holm Skyler Manzanares Yuxin (Kelly) Wang http://gerardable.com/wp-content/uploads/2014/12/docker-whale-home-logo.png Docker: Testing the Waters LA-UR 15-25901 1 LA-UR 15-25901 Docker: Theres No Containing this Whale! Free,

  1. Eric Holm Skyler Manzanares Yuxin (Kelly) Wang http://gerardable.com/wp-content/uploads/2014/12/docker-whale-home-logo.png Docker: Testing the Waters LA-UR 15-25901 1 LA-UR 15-25901

  2. Docker: There’s No Containing this Whale! • Free, open-source • Wraps applications into packages • Docker Images • Resource isolation • Independent of LXC • Very popular (buzzword compliant) • Open Container Project (OCP) • RHEL Atomic Project 2 LA-UR 15-25901

  3. Docker: There’s No Containing this Whale! • Free, open-source • Wraps applications into packages • Docker Images • Resource isolation • Independent of LXC • Very popular (buzzword compliant) • Open Container Project (OCP) • RHEL Atomic Project 3 LA-UR 15-25901

  4. Research Objectives • Explore basic features/functionality • Build process • Images • Local registry • Mixed OS/mixed versions • Security + Maintenance • Updating inside containers • Inventory • Workload testing • Comparison to VMs 4 LA-UR 15-25901

  5. Test Environment • 11 HP ProLiant DL380p Gen8 servers • 2 Intel Xeon E5-2620 processors • 24 GB DDR3 ram • CentOS 6.6 • Docker 1.6.0 • Extreme networks 10G ethernet switch • Mellanox QDR InfiniBand switch 5 LA-UR 15-25901

  6. Docker Setup • Docker 1.6.0 • CentOS 6.6 uses kernel 2.6 • Docker 1.7.0 requires kernel 3.10 • Docker 1.7.1 6 LA-UR 15-25901

  7. Docker Images + Registries • Image build process • Docker Hub • Local registry • Source code modification 7 LA-UR 15-25901

  8. Mixed OS Mixed Versions 8 LA-UR 15-25901

  9. Auto Updates • No init.d • No cron • Bash profile NO 9 http://thomason.io/wp-content/uploads/2015/01/docker_monstro.png LA-UR 15-25901

  10. Spacewalk • System management suite • Push updates to clients • Hardware and software inventory • Configuration management http://spacewalk.redhat.com/img/spacewalk-logo.png 10 LA-UR 15-25901

  11. Spacewalk • Solution to updating? • Software inventory • Configuration management 11 LA-UR 15-25901

  12. Docker Security • File permissions / Missing devices • Dev • Proc • Sys • Directory mounting • Kernel module loading/removing • No access to sockets 12 LA-UR 15-25901

  13. Security Testing • Nessus scan • Effect host system • Stonix 13 LA-UR 15-25901

  14. HPL Test • 10 series test • 12 containers, 2 VMs • 4 nodes • 316 data points 14 LA-UR 15-25901

  15. HPL Test Results 15 LA-UR 15-25901

  16. HPL Test Results 16 LA-UR 15-25901

  17. HPL Test Results 17 LA-UR 15-25901

  18. HPL Test Results 18 LA-UR 15-25901

  19. HPL Test Results 19 LA-UR 15-25901

  20. IOR (File IO) Tests • 10 set series • 2 cores per test • 2 containers/VMs • 70 data points • ext4 20 LA-UR 15-25901

  21. IOR Results 21 LA-UR 15-25901

  22. Stream (Memory Access) Test • 50 set series • 2 cores per test • 12 containers • 2 nodes • 158 data points 22 LA-UR 15-25901

  23. Stream (Memory Access) Results 23 LA-UR 15-25901

  24. Containers vs VMs Docker VMs Pros ▪ Free ▪ Established ▪ Open Source Technology ▪ Lightweight ▪ Increased Isolation ▪ Easily Portable ▪ Lots of Potential Cons ▪ Kernel exposure ▪ Software Cost ▪ Overhead 24 LA-UR 15-25901

  25. Conclusion • Performance • Huge potential • Keep an eye on it! 25 LA-UR 15-25901

  26. Future Work • More VM testing (up to 12) • More reliable benchmarks • Security testing 26 LA-UR 15-25901

  27. Acknowledgments • Mentors • David Kennel • Sherry Bachicha • Steven Montano • Instructors • Matthew Broomfield • Jarrett Crews • CSCNSI Administration • Andree Jacobson • Carolyn Connor • Gary Grider • Josephine Olivas 27 LA-UR 15-25901

  28. Questions • Docker overview • Exploring Docker features • Security & maintenance • Benchmarking • CPU • File IO • Memory Access • Docker containers & VMs https://docs.docker.com/images/docker-friends.png 28 LA-UR 15-25901

Recommend

Laura Frank Engineer, Codeship Agenda 1. Parallel Testing Goals 2. DIY with LXC 3. Using

Laura Frank Engineer, Codeship Agenda 1. Parallel Testing Goals 2. DIY with LXC 3. Using

Efficient Parallel Testing with Docker Laura Frank Engineer, Codeship Agenda 1. Parallel Testing Goals 2. DIY with LXC 3. Using Docker and the Docker Ecosystem Parallel Testing GOAL Create a customizable, flexible test environment that

1.13k views • 64 slides
Developing and Testing Java Microservices on Docker Todd Fasullo Dir. Engineering 4/20/2016

Developing and Testing Java Microservices on Docker Todd Fasullo Dir. Engineering 4/20/2016

Developing and Testing Java Microservices on Docker Todd Fasullo Dir. Engineering 4/20/2016 Agenda Who is Smartsheet + why we started using Docker Docker fundamentals Demo - creating a service Demo - building service + Docker container Demo

510 views • 29 slides
Setup docker rm $(docker ps -aq) docker network rm my_net Demo - Install and activate yum -y

Setup docker rm $(docker ps -aq) docker network rm my_net Demo - Install and activate yum -y

Setup docker rm $(docker ps -aq) docker network rm my_net Demo - Install and activate yum -y install docker s ystemctl start docker systemctl enable docker docker images - Launch pre-canned container: hello-world (busybox is another good

480 views • 4 slides
docker service is the new docker run Getting Started with Docker Clustering Mike Goelzer /

docker service is the new docker run Getting Started with Docker Clustering Mike Goelzer /

docker service is the new docker run Getting Started with Docker Clustering Mike Goelzer / mgoelzer@docker.com / @mgoelzer Docker Inc. docker service is the new docker run docker run nginx 2013-14 docker run -p 3375:2375 swarm ; 2014-15

688 views • 34 slides
Introduction Introduction CBM WATERS CBM WATERS CBM WATERS: CBM WATERS Characterization and

Introduction Introduction CBM WATERS CBM WATERS CBM WATERS: CBM WATERS Characterization and

10/27/2008 Introduction Introduction CBM WATERS CBM WATERS CBM WATERS: CBM WATERS Characterization and Affects on Water Quality Ecosystem Properties pH, EC, SAR, Alkalinity, Trace Elements pH determines acid-base nature of the

255 views • 8 slides
INTRODUCTION TO DOCKER ADRIAN MOUAT SO WHAT IS DOCKER? SIMILAR TO A LIGHTWEIGHT VM Both

INTRODUCTION TO DOCKER ADRIAN MOUAT SO WHAT IS DOCKER? SIMILAR TO A LIGHTWEIGHT VM Both

INTRODUCTION TO DOCKER ADRIAN MOUAT SO WHAT IS DOCKER? SIMILAR TO A LIGHTWEIGHT VM Both provide isolated environments Docker is much more efficient 64-bit Linux only (currently) CONTAINERIZATION A Docker container is a portable store for a

674 views • 29 slides
Docker Provider The Docker provider is used to interact with Docker containers and images. It uses

Docker Provider The Docker provider is used to interact with Docker containers and images. It uses

Docker Provider The Docker provider is used to interact with Docker containers and images. It uses the Docker API to manage the lifecycle of Docker containers. Because the Docker provider uses the Docker API, it is immediately compatible not only

553 views • 34 slides
BSDA BOTTLED WATERS TECHNICAL WORKSHOP Sampling and Testing Regimes For Bottled Waters Josep

BSDA BOTTLED WATERS TECHNICAL WORKSHOP Sampling and Testing Regimes For Bottled Waters Josep

BSDA BOTTLED WATERS TECHNICAL WORKSHOP Sampling and Testing Regimes For Bottled Waters Josep Molas The Coca-Cola Company Spring and Mineral Water Quality Manager WATER FOR HUMAN CONSUMPTION Organizations that regulate water for human

177 views • 17 slides
Docker Orchestration: Beyond the Basics Aaron Lehmann Software Engineer, Docker About me

Docker Orchestration: Beyond the Basics Aaron Lehmann Software Engineer, Docker About me

Docker Orchestration: Beyond the Basics Aaron Lehmann Software Engineer, Docker About me Software engineer at Docker Maintainer on SwarmKit and Docker Engine open source projects Focusing on distributed state, task scheduling,

1.29k views • 62 slides
How to Automated testing for: terraform test docker packer infrastructure

How to Automated testing for: terraform test docker packer infrastructure

How to Automated testing for: terraform test docker packer infrastructure kubernetes and more code Passed: 5. Failed: 0. Skipped: 0. Test run successful. The DevOps world is full of Fear Fear of outages Fear of security

2.33k views • 200 slides
Docker meets Python A look on the Docker SDK for Python pip install docker Jan Wagner

Docker meets Python A look on the Docker SDK for Python pip install docker Jan Wagner

Docker meets Python A look on the Docker SDK for Python pip install docker Jan Wagner Data Science Consultant accantec group | Alstertor 17 | 20095 Hamburg | Tel.: +49 (40) 67 59 59 0 | Fax.: +49 (40) 67 59 59 29 | www.accantec.de |

664 views • 29 slides
Docker Review Basic Commands docker image ls # list images currently present locally docker

Docker Review Basic Commands docker image ls # list images currently present locally docker

Docker Review Basic Commands docker image ls # list images currently present locally docker container ls # list running containers docker run <image_name> # run an image as a container docker exec <container> <command> # run a

1.1k views • 6 slides
Docker in the EGI Docker in the EGI Federated Cloud Federated Cloud Carlos Gimeno

Docker in the EGI Docker in the EGI Federated Cloud Federated Cloud Carlos Gimeno

Docker in the EGI Docker in the EGI Federated Cloud Federated Cloud Carlos Gimeno cgimeno@bifi.es Instituto de Biocomputacin y Fsica de Sistemas Complejos info@bifi.es http://bifi.es 0. Index Introduction What is Docker? A

401 views • 14 slides
Docker for fun and profit Solomon Hykes* about Docker: "It uses Linux containers and the

Docker for fun and profit Solomon Hykes* about Docker: "It uses Linux containers and the

Docker for fun and profit Solomon Hykes* about Docker: "It uses Linux containers and the Internet won't shut up about it." (LinuxCon 2014 keynote) *Founder of dotcloud and creator of the Docker project What are Linux containers or

206 views • 19 slides
Testing of Zooplankton indicators in the Baltic Sea waters of Mecklenburg- Vorpommern, Germany

Testing of Zooplankton indicators in the Baltic Sea waters of Mecklenburg- Vorpommern, Germany

Testing of Zooplankton indicators in the Baltic Sea waters of Mecklenburg- Vorpommern, Germany Martina Stiasny, Geomar Marina Carstens & Mario v. Weber, LU/LUNG M-V HELCOM core indicator Mean size = Total zooplankton abundance/total

492 views • 11 slides
Docker for Developers Michael Hrivnak Principal Software Engineer - Red Hat Inc.

Docker for Developers Michael Hrivnak Principal Software Engineer - Red Hat Inc.

Docker for Developers Michael Hrivnak Principal Software Engineer - Red Hat Inc. @michael_hrivnak Docker is Popular Deployment gets most of the attention. 1 Developer 1 Laptop 3 Skills Exit Codes $ sudo docker run -it --rm centos:centos7

347 views • 17 slides
Containers, Docker, and Security: State of the Union 1 / 38 Who am I? Jrme Petazzoni

Containers, Docker, and Security: State of the Union 1 / 38 Who am I? Jrme Petazzoni

Containers, Docker, and Security: State of the Union 1 / 38 Who am I? Jrme Petazzoni (@jpetazzo) French software engineer living in California Joined Docker (dotCloud) more than 4 years ago (I was at Docker before it was cool! ) I built

420 views • 38 slides
Waters of the U.S. Old WOTUS Rule Waters of the United States means: (1) All waters used in

Waters of the U.S. Old WOTUS Rule Waters of the United States means: (1) All waters used in

Waters of the U.S. Old WOTUS Rule Waters of the United States means: (1) All waters used in interstate or foreign commerce, including all waters subject to the ebb and flow of the tide; (2) All interstate

368 views • 12 slides
USING DOCKER SAFELY ADRIAN MOUAT NLUUG 28 MAY 2015 LOT OF NEGATIVE COMMENTS ON DOCKER SECURITY

USING DOCKER SAFELY ADRIAN MOUAT NLUUG 28 MAY 2015 LOT OF NEGATIVE COMMENTS ON DOCKER SECURITY

USING DOCKER SAFELY ADRIAN MOUAT NLUUG 28 MAY 2015 LOT OF NEGATIVE COMMENTS ON DOCKER SECURITY "Containers Don't Contain" Daniel Walsh, RedHat https://opensource.com/business/14/7/docker- security-selinux "... total systemic

502 views • 48 slides
Docker@OVH with Mesos/Marathon June 28th 2016 @devatoria @brouberol Devops / Python charmer

Docker@OVH with Mesos/Marathon June 28th 2016 @devatoria @brouberol Devops / Python charmer

Docker@OVH with Mesos/Marathon June 28th 2016 @devatoria @brouberol Devops / Python charmer Devops / Golang artist The Docker ecosystem Docker Engine : run containerized processes (aka: containers) Docker Compose : run multi-container

381 views • 13 slides
The Modern Platform in 2020 Justin Cormack Who am I? Engineer at Docker in Cambridge, UK. Docker

The Modern Platform in 2020 Justin Cormack Who am I? Engineer at Docker in Cambridge, UK. Docker

The Modern Platform in 2020 Justin Cormack Who am I? Engineer at Docker in Cambridge, UK. Docker developers Work on security, systems software, applications, LinuxKit, containers @justincormack 2 From OS to languages? From OS to

843 views • 39 slides
Orchestration in Docker Swarm mode, Docker services and declarative application deployment Mike

Orchestration in Docker Swarm mode, Docker services and declarative application deployment Mike

Orchestration in Docker Swarm mode, Docker services and declarative application deployment Mike Goelzer & Victor Vieux Docker Orchestration Overview Mike Goelzer / mgoelzer@docker.com / gh: mgoelzer Orchestration in Docker Orchestration

599 views • 39 slides
Day Night Sky Waters Waters below Land Land 3 3 Heavens Heavens Waters above Waters

Day Night Sky Waters Waters below Land Land 3 3 Heavens Heavens Waters above Waters

13/02/2013 Put simply, its not right that a couple who love each other and want to formalise a commitment to each Heavens other should be denied the right to marry. Earth Earth 1 2 Heavens Heavens Waters above Day Night Sky Waters

199 views • 6 slides
Docker & Mesos/Marathon in production at OVH Balthazar Rouberol https://ovh.to/6bRrkAn 1

Docker & Mesos/Marathon in production at OVH Balthazar Rouberol https://ovh.to/6bRrkAn 1

Docker & Mesos/Marathon in production at OVH Balthazar Rouberol https://ovh.to/6bRrkAn 1 About Docker at OVH 2014-2015: Home-made container orchestrator, Sailabove, based on LXC 2016: Switch to Docker & Mesos/Marathon 6

487 views • 19 slides

More recommend