Post on 02-Aug-2020
Torizon: Docker Container
ABOUTYOU
Software
developers?
Security
specialists?
Embedded
developers?
Linux
users?
Docker
users?
Agenda
• Containers
• Containers and Devices
• Q&A
CONTAINERS
ABOUT
• 20/40 feet long metal box
• Invented in late 40s early 50s
• Fixed size, well-defined specs
• Easy to load/unload from ships, trains, trucks
• Standardization
CONTAINERS
HOW CONTAINERSCHANGED THEWORLD
• Before containers, ports were a huge mess of
different ships, cranes, warehouses etc. one
for each kind of transported good
• 6K container ships, 20 million containers
moving in this moment
DOES ONE SIZEFITS ALL?
• NO!
• Some containers are not filled completely
• Some products had to be changed to better fit
inside containers
• Containers dictate the size and shape of
many products
• Some kinds of materials or goods are still not
shipped inside containers
(oil, grains, cars)
CONTAINERS INSOFTWARE
Lightweight Virtual
Machine
• User-mode virtualization
• Isolation
• Portability
• Native drivers
Easy way to package
software applications
• All user-mode dependencies in the
same package
• Fully dedicated environment
• Easy to clone and distribute
CONTAINERSEXPLAINED INLESS THAN 5’(but don’t pretend it’s an
exhaustive explanation)
LINUX (and most of modern OSs)
Hardware
Kernel
Filesystem
Process 0 Process 1 Process 2
HARDWARE VIRTUALIZATION
Virtual Machine 0
Virtualized Hardware
Kernel
Filesystem
Process 0 Process 1 Process 2
Hypervisor
Hardware
Virtual Machine 1
Virtualized Hardware
Kernel
Filesystem
Process 0 Process 1 Process 2
CONTAINERS
Container 1Container 0
Hardware
Kernel
Filesystem
Process 0 Process 1 Process 2
Filesystem
CONTAINERADVANTAGES
• Application and dependencies packed
in a single unit
• Easy to deploy
• Content does not matter
• Resource management
• Reduced overhead
• Ready to use containers from popular
distros
• Sharing layers to reduce footprint
CONTAINERDRAWBACKS
Extra storage
is needed
- Different
filesystems
- Layers
Extra memory
is needed
- No shared libraries
between containers
Sandboxing
- Limited access to
hardware
- File access
overhead due to
layers
Less
isolation
- Less secure than
VMs
CONTAINERS
AND
DEVICES
CONTAINERS ONEMBEDDED DEVICES
• You will waste a lot of resources!
• You don’t need high level languages and
frameworks on a device (see point 1)!
• Containers are designed for servers!
• Process isolation is enough!
• This will add complexity to my development
cycle!
• If you can’t access hardware directly you
will lose performances!
• Things invented for web development are
for hipsters!
WHAT ABOUT…LINUX?
• Born as a multi-user server OS, now widely
used on billions of devices
• Process isolation by default
• HW is accessible only in kernel mode
• Multi-user by design
• Tools and frameworks originally developed
for PCs and servers
LINUX ONEMBEDDED DEVICES
Today Linux can be used to build devices that
• Get to market quickly
• Are secure
• Are future-proof
SO WHY DO WE NEEDCONTAINERS?
Applications requiring
different runtimes,
libs…
Isolation between
components
Easy to port
applications
Independent
release cycles
WILL CONTAINERS REPLACELINUX APPLICATIONS?
Linux has been widely
adopted in embedded
Linux did not replace
firmware/RTOSs on
small devices.
Devices and solutions
are getting more
complex
“Containerization” is
here to stay
SOLUTIONS USINGCONTAINERS
• Azure IoT Edge (Microsoft)
• Fedora IoT (RedHat)
• MBED Linux (Arm)
• Linux Microplatform (Foundries.io)
• Balena
• Torizon (Toradex)
Q&A
www.toradex.com | developer.toradex.com | community.toradex.com | labs.toradex.com
THANK YOU FOR YOUR INTEREST.