introduction Flashcards
What is containerization?
- is a software deployment process
- bundles application’s code with libs and binaries
- outputs images, based on layers
What is created when a container is created is it Kernel space or user space?
User space is created for isolation. It uses linux utilities called namespace to isolate one container from other.
What are the benefits of containerization?
- Portability
Software developers use containerization to deploy applications in multiple environments without rewriting the program code. - Scalability
Containers are lightweight software components that run efficiently. Much lighter than VMs - Fault tolerance
Containerized services operate in isolated user spaces, a single faulty container doesn’t affect the other containers.
What are containers?
- Containers are lightweight packages of your application code
- Containers are executable units of software
- Container contain application code along with its libraries and dependencies
What is docker?
Docker is a container engine that is used to create containers.
What things does each container have its own?
- Root file system
- Networking IPs and ports
- hostnames
- Processes
- Devices
- Memory
A container will not show process related to other containers or host machine.You can assign memory and CPU to container. This can be done using docker or by kubernetes. Both have different ways.
What is used to map networking from docker container to host machine networking?
There is a bridge called docker0, which takes care of mapping the network interface inside the container to network interface on the host machine.
Which linux kernel features does docker use to achieve containerization?
It uses cgroups, namespaces, chroot and others to provide resource isolation.
Is the statement “Docker enables containerization” true? And elaborate
No, docker uses kernel to achieve containerization.
What does chroot feature provide?
chroot command allows every container to have its own root filesystem, which is completely distinct from root filesystem from host machine.
What does cgroup feature provide?
cgroup allows you to give resources, provide CPU, memory to particular containers.
control groups for collection of processes
How many types of containers are there?
- Regular containers: NGINX
- Privileged containers: lesser isolation, container can make changes to actual root FS to host file system. Less secure
Docker ecosystem
- Docker Engine - primary daemon which helps you in creating containers: Dockerd and docker CLI
- Docker Hub : store images, image registry
- Docker Machine interacts with cloud providers. Creates hosts on cloud providers
- Docker Swarm Very similar to Kubernetes
- Docker Compose Compose can spin up many containers with dependencys
What is overlay network?
- Overlay network is a private subnet
- spans across multiple docker hosts.
Which are the namespaces available in Linux?
1) PID namespace - a way to isolate processes.The container is only aware of its processes.
2) Network namespace
3) Mount namepsace create mounts inside container
4) IPC namespace - Memory segment - Semaphores - Queues(The two containers are able to create shared memory segments and semaphores with same name)
5) UTS namespace hostname, nis name