Understanding LXC & Docker

Understanding LXC & Docker

www.comprinno.net 1

By Prasad Puranik (@pspuranik)

www.comprinno.net 2

DISCUSSION FLOW

www.comprinno.net 3

UNDERSTANDING LXC

LXC (LinuX Containers) is

an operating system–level

virtualization method for

running multiple isolated

Linux systems (containers)

on a single control host.

Server

Host OS

Bins/Libs

APP

Bins/Libs

App

LX

C

ISOLATED

www.comprinno.net 4

UNDERSTANDING LXC

Kernel

uts

mount

pid

network

user

ipc

LXC (LinuX Containers) is

an operating system–level

virtualization method for

running multiple isolated

Linux systems (containers)

on a single control host. This

is accomplished through

kernel level isolation.

www.comprinno.net 5

UNDERSTANDING LXC

LXC uses many kernel

features to contain

processes.

Kernel Namespaces

AppArmor & SELinux Profiles

Seccomp policies

chroot

cgroups

www.comprinno.net 6

UNDERSTANDING LXC

The goal of LXC is to create an environment

as close as possible as a standard Linux

installation but without the need for a separate

kernel.

www.comprinno.net 7

DOCKER as a LXC MANAGER

Server

Host OS

Bins/Libs

APP

Bins/Libs

App

Where does Docker fits

here?

www.comprinno.net 8


Server

Host OS

Docker

Bins/Libs

APP

Bins/Libs

App On top of this low-level

foundation of kernel features,

Docker offers a high-level

tool with several powerful

functionalities

www.comprinno.net 9


Server

Host OS

Docker

Bins/Libs

APP

Bins/Libs

App

www.comprinno.net 10


Portable deployment across machines

Application-centric

Automatic build

Versioning

Component re-use

Tool ecosystem


LXC vs VM

Server

Host OS

Docker

Bins/Libs

AP`P

Bins/Libs

App

Server

Host OS

Hypervisor

Guest OS

Bins/Libs

APP

Bins/Libs

App

Guest OS

Bins/Libs

APP

Bins/Libs

App

LX

C

VM


LXC vs VM

Server

Host OS

Docker

Bins/Libs

AP`P

Bins/Libs

App

LX

C Lightweight & Resource

Friendly

Comprehensive process and resource isolation

Rapid & Easy Deployment


LXC vs VM

Lightweight & Resource Friendly

Comprehensive process and resource isolation

Rapid & Easy Deployment

Who all are choosing LXC over VM?


WHY DOCKER(LXC)?

QUICK AND EASY MULTI-TENANCY

LOW COSTS ENV ISOLATION

FASTER MIGRATION TO SaaS MODEL


DOCKER FOR QUICK AND EASY MULTI-TENANCY :

Host OS

Docker

Bins/Libs

APP

Bins/Libs

App

Bins/Libs

App

Bins/Libs

App

Bins/Libs

App


DOCKER FOR QUICK AND EASY MULTI-TENANCY :

Host OS

Docker

Bins/Libs

APP

Tenant1

Bins/Libs

App

Tenant2

Bins/Libs

App

Tenant3

Bins/Libs

App

Tenant4

Bins/Libs

App

Tenant5


DOCKER FOR LOW COST ENV ISOLATION

:

Host OS

Docker

Bins/Libs

APP

Tenant1

Bins/Libs

App

Tenant2

Bins/Libs

App

Tenant3

Bins/Libs

App

Tenant4

Bins/Libs

App

Tenant5

Isolation using chroot,

cgroup, namespaces,

SELinux, AppArmor,

netfilter (iptables)


DOCKER FOR FASTER MIGRATION TO SaaS MODEL

:

Host OS

Docker

Bins/Libs

APP

Tenant1

Bins/Libs

App

Tenant2

Bins/Libs

App

Tenant3

Bins/Libs

App

Tenant4

Bins/Libs

App

Tenant5


CONCLUDING REMARKS :

“If you can run your application on

Linux host, you can run it in LXC too.

You don’t need separate VM for that. ”


About COMPRINNO

We are Cloud Solution Provisioning &

Management Experts.

We help enterprises devising, implementing

and managing cloud based IT infrastructure

and services.

We work in the domains of Cloud Computing,

Big Data, DevOps, Storage and Security.

Founded in 2013, we are a Bangalore based

company.

Our ability to deal with

complex technologies

with the ease

Our approach towards

our customers, partners,

employees &

shareholders

Our commitment for

continues improvement in

our services, products

and processes

COMPRINNO stands for


Connect With Us

blogs.comprinno.net @ComprinnoTech /ComprinnoTechnologies

[email protected] +91-80-2257-9047 +91-98863-01605

Understanding LXC & Docker

Technology

Transcript of Understanding LXC & Docker