"Your purpose should be always to know the whole that was intended to be known."

"A sensible man should not demand of me, or hope that when we mention a subject, we shall make a complete exposition of it."

What's a container?

Everything You Know About Containers Is Wrong

Containers
and Images

What's an Image?

Images

1. a tarball
   containing a user FS
2. some metadata

image == packaging

Layered Images

• union file system:
  overlayFS, AuFS, devicemapper
• layers can be added
• layers can be shared

Image Formats

Building Images

1. Copy a base image ("Fedora 26")
2. Add new layer(s)
3. Add metadata
4. Bundle up

Building Tools

• Docker Build (Dockerfile)
• rkt
• Buildah
• ad-hoc

Sharing Images: Registries

• hub.docker.io
• Google container registry
• CoreOS quay.io
• Specialty: CentOS, Fedora, etc.
• local registry

Installing images

1. find on registies
2. download to a local cache
3. copy to memory at runtime

docker pull, skopeo

How to Run an Image

start a single binary from the image running on the host OS in a namespaced process, file, and resource space

Image Runtimes

• Docker Daemon
  containerd
• Rkt + Systemd
• OCI + Systemd
• CRI-O

From One To Many

Container Host OS

1. smaller
   container support, nothing else
2. immutable
   updates like containers

Container Host OSes

"Orchestration"

run many containers
over many machines

Parts of Orchestration

1. Scheduler: dispatches containers to machines
2. Agents: manages containers on each machine
3. API Server: communicates between machines
4. DCS: shared data store for cluster
5. Plugins: storage, networking, etc.

Orchestration Systems

Networking

out of the box, containers have only the host network, so we need to fake a network using Linux kernel tools and networking components so that they can pretend to be servers

Container Networking Tools

Discovery

finding your containers

• name
• service type
• port

some DNS, some not

Discovery Tools

"Service Mesh"

What's a "service mesh"?

Storage

1. some containers need to store data
2. data can be ephemeral
   (local Volumes)
3. data can also be long-term
   (Persistent Volumes)
4. sometimes data needs to move with the container

Ways to do storage

• network storage (NAS)
• local storage w/copying
• cloud storage (Gluster, Ceph, Rook, EBS)

no "container storage" ... yet

Other Stuff

Hosting: CaaS, PaaS, FaaS

• CaaS: run containers on their infra (GKE, Amazon CS)
• PaaS: run applications as containers on their infra (OpenShift, DEIS)
• FaaS: run code functions as containers on their infra (Serverless)

More Containery Stuff

• monitoring
• tracing
• CI/CD tools
• API tools

Still Perplexed?