SlideShare a Scribd company logo

Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and Tibor Vass, Docker

Docker, Inc.
Docker, Inc.

At Docker, we are striving to enable the extensibility of Docker via "Plugins" and make them available for developers and enterprises alike. Come attend this talk to understand what it takes to build, ship, store and run plugins. We will deep dive into plugin lifecycle management on a single engine and across a swarm cluster. We will also demonstrate how you can integrate plugins from other enterprises or developers into your ecosystem. There will be fun demos accompanying this talk! This will be session will be beneficial to you if you: 1) Are an ops team member trying to integrate Docker with your favorite storage or network vendor 2) Are Interested in extending or customizing Docker; or 3) Want to become a Docker partner, and want to make the technology integration seamless.

Technology
1 of 46
Download to read offline
Plugins: Build, Store, and Run Nandhini Santhanam Tibor Vass Engineering Manager, Docker Software Engineer, Docker
- Why plugins? Extend Docker functionalities - Batteries included but swappable Introduction
Volume Your Node Container
Your NodeVolume (Could be Block Store, Hardware, or something else) Container Volume Plugin
- Plugins are first class citizens (starting Docker 17.03) - Authorization, Volume, Network, IPAM, Logging Introduction
Running an sshfs volume plugin
SSHFS (SSH Filesystem) is a filesystem client to mount and interact with directories and files located on a remote server or workstation over a normal ssh connection What is sshfs? https://en.wikipedia.org/wiki/SSHFS
SSHFS Source code: https://github.com/libfuse/sshfs vieux/sshfs volume plugin: https://github.com/vieux/docker-volume-sshfs Running a volume plugin
DEMO: Running a volume plugin
$ ssh user@host # cd /some/path && echo austin > dockercon && exit Prepare directory on ssh host
Prepare directory on ssh host $ docker plugin help Usage: docker plugin COMMAND Manage plugins Options: --help Print usage Commands: create Create a plugin from a rootfs and configuration. Plugin data directory must contain config.json disable Disable a plugin enable Enable a plugin inspect Display detailed information on one or more plugins install Install a plugin ls List plugins push Push a plugin to a registry rm Remove one or more plugins set Change settings for a plugin upgrade Upgrade an existing plugin Run 'docker plugin COMMAND --help' for more information on a command.
$ docker plugin install vieux/sshfs Plugin "vieux/sshfs" is requesting the following privileges: - network: [host] - mount: [/var/lib/docker/plugins/] - device: [/dev/fuse] - capabilities: [CAP_SYS_ADMIN] Do you grant the above permissions? [y/N] Install vieux/sshfs
Install vieux/sshfs $ docker plugin install vieux/sshfs Plugin "vieux/sshfs" is requesting the following privileges: - network: [host] - mount: [/var/lib/docker/plugins/] - device: [/dev/fuse] - capabilities: [CAP_SYS_ADMIN] Do you grant the above permissions? [y/N] y latest: Pulling from vieux/sshfs b2bcc48d3424: Download complete Digest: sha256:151e6d386ab93a4d9f8ec0befd6c43485fe9e1151fd9784493b147ca621d3d5d Status: Downloaded newer image for vieux/sshfs:latest Installed plugin vieux/sshfs
Use vieux/sshfs plugin $ docker plugin ls ID NAME DESCRIPTION ENABLED dfe9270de30a vieux/sshfs:latest sshFS plugin for Docker true $ docker volume create -d vieux/sshfs -o sshcmd=user@host:/some/path -o password=”$password” -o port=”$port” mysshvolume $ docker run -it --rm -v mysshvolume:/remote busybox sh / # cat /remote/dockercon austin
- docker plugin install vieux/sshfs - review permissions - docker volume create --driver vieux/sshfs [-o …] myvolume - docker run -v myvolume:/remote busybox Recap: Running a volume plugin
Debugging a plugin
DEMO: Debugging a plugin
Misuse the plugin $ docker volume create -d vieux/sshfs -o sshcmd=user@host:/some/path -o password=”$badpassword” -o port=”$port” mysshvolume $ docker run -it --rm -v mysshvolume:/remote busybox sh docker: Error response from daemon: error while mounting volume '/var/lib/docker/plugins/cd540062f8b7e667d0e94cef262ff72ce10264fb0dea6c53393b1 8c840fc7a8e/rootfs': VolumeDriver.Mount: exit status 1.
Check the daemon logs $ tail -f /var/log/docker.log | grep plugin= Apr 6 23:29:10 moby root: time="2017-04-06T23:29:10Z" level=info msg="read: Connection reset by peer" plugin=3fd525f16cb675325cf99a49455ab05e60d1da53d8b9689c69ea6c7f8619ef17 Apr 6 23:29:10 moby root: time="2017-04-06T23:29:10Z" level=info plugin=3fd525f16cb675325cf99a49455ab05e60d1da53d8b9689c69ea6c7f8619ef17 Apr 6 23:29:10 moby root: time="2017-04-06T23:29:10Z" level=info msg="exit status 1" plugin=3fd525f16cb675325cf99a49455ab05e60d1da53d8b9689c69ea6c7f8619ef17
$ docker volume rm mysshvolume $ docker plugin disable vieux/sshfs $ docker plugin set vieux/sshfs DEBUG=1 $ docker plugin enable vieux/sshfs $ docker volume create -d vieux/sshfs -o sshcmd=user@host:/some/path -o password=”$badpassword” -o port=”$port” mysshvolume The DEBUG setting is NOT generic to all plugins, it is defined by this vieux/sshfs plugin (more on this later). Modify plugin settings
$ docker plugin ls --no-trunc ID NAME DESCRIPTION ENABLED 9fef4eb6fa883d44e9c1c2901fb598f39f67d50bcc0e1653b4f393807fb80558 vieux/sshfs:latest sshFS plugin for Docker true $ docker-runc exec -t 9fef4eb6fa883d44e9c1c2901fb598f39f67d50bcc0e1653b4f393807fb80558 sh / # echo hi from plugin container Pro Tip: Access plugin container
- grep plugin=$pluginID docker.log - if plugin allows it, set higher verbosity with docker plugin set - docker-runc exec -t $pluginID sh Recap: Debugging a plugin
Building a plugin
What constitutes a plugin? - Rootfs of plugin container - JSON description defining what interface it implements, what permissions it needs - Reference: https://docs.docker.com/engine/extend/config
- Docker bind-mounts the host’s /run/docker/plugins/$pluginID into the container’s /run/docker/plugins - Each plugin has to listen on a socket inside /run/docker/plugins $ ls /run/docker/plugins/*/ sshfs.sock How does it work?
Plugins serve via the socket, an HTTP+JSON API specified in the documentation for each plugin type. Authorization: https://docs.docker.com/engine/extend/plugins_authorization Volume: https://docs.docker.com/engine/extend/plugins_volume/ Network: https://docs.docker.com/engine/extend/plugins_network/ IPAM: https://github.com/docker/libnetwork/blob/master/docs/ipam.md How does it work?
Pro Tip: Use helper package Go helper package: https://github.com/docker/go-plugins-helpers For volume plugins: https://godoc.org/github.com/docker/go-plugins-help ers/volume
Demo: building vieux/sshfs
$ git clone https://github.com/vieux/docker-volume-sshfs $ cd docker-volume-sshfs $ ls Dockerfile LICENSE README.md main.go Dockerfile.dev Makefile config.json vendor $ vim main.go Demo: building vieux/sshfs
Demo: building vieux/sshfs Config.json defines: - Type of functionality the plugin provides docker.volumedriver/1.0 in addition to the name of the socket sshfs.sock. - entrypoint to the binary - a DEBUG environment variable that’s settable by the user - Access to device /dev/fuse - Linux capability CAP_SYS_ADMIN to be able to mount FUSE from the container - Host networking to access the remote host - Bind mount to store state outside the plugin - Last but not least, PropagatedMount: the path inside the container that needs to be propagated back into docker’s mount namespace
Demo: building vieux/sshfs Build the sshfs image and extract rootfs $ docker build -t sshfs . $ docker container create --name tmp sshfs $ mkdir -p ./plugin/rootfs $ docker container export tmp | tar -x -C ./plugin/rootfs Add plugin config $ cp config.json ./plugin/ $ ls ./plugin config.json rootfs/
Demo: building vieux/sshfs Create plugin $ docker plugin create tiborvass/sshfs ./plugin $ docker plugin ls ID NAME DESCRIPTION ENABLED f207db14aa5b vieux/sshfs:latest sshFS plugin for Docker true 3fd525f16cb6 tiborvass/sshfs:latest sshFS plugin for Docker false
- implement plugin HTTP+JSON API corresponding to the desired plugin type - containerize plugin + export rootfs - write config.json for plugin - docker plugin create tiborvass/sshfs ./plugin where ./plugin contains: - config.json - rootfs/ Recap: Building a plugin
- docker plugin push tiborvass/sshfs - Collaborate - View plugin scans Collaborate on your plugin
- private plugins - community plugins - store plugins Distribute Plugins
Publishers - Certification Program Plugins on Docker Store
Questions? publisher-support@docker.com Documentation: success.docker.com/store
docs.docker.com store.docker.com github.com/moby/moby @docker #dockercon Thank you!

Recommended

Under the Hood with Docker Swarm Mode - Drew Erny and Nishant Totla, Docker
Under the Hood with Docker Swarm Mode - Drew Erny and Nishant Totla, DockerUnder the Hood with Docker Swarm Mode - Drew Erny and Nishant Totla, Docker
Under the Hood with Docker Swarm Mode - Drew Erny and Nishant Totla, DockerDocker, Inc.
 
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...On-Demand Image Resizing from Part of the monolith to Containerized Microserv...
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...Docker, Inc.
 
Docker 1.11 Presentation
Docker 1.11 PresentationDocker 1.11 Presentation
Docker 1.11 PresentationSreenivas Makam
 
Deeper Dive in Docker Overlay Networks
Deeper Dive in Docker Overlay NetworksDeeper Dive in Docker Overlay Networks
Deeper Dive in Docker Overlay NetworksDocker, Inc.
 
Docker Networking Tip - Macvlan driver
Docker Networking Tip - Macvlan driverDocker Networking Tip - Macvlan driver
Docker Networking Tip - Macvlan driverSreenivas Makam
 
Docker Networking - Common Issues and Troubleshooting Techniques
Docker Networking - Common Issues and Troubleshooting TechniquesDocker Networking - Common Issues and Troubleshooting Techniques
Docker Networking - Common Issues and Troubleshooting TechniquesSreenivas Makam
 
What should be PID 1 in a container ? by Ranjith Rajaram for #rootConf 2017
What should be PID 1 in a container ? by Ranjith Rajaram for #rootConf 2017What should be PID 1 in a container ? by Ranjith Rajaram for #rootConf 2017
What should be PID 1 in a container ? by Ranjith Rajaram for #rootConf 2017Ranjith Rajaram
 
Deep Dive into Docker Swarm Mode
Deep Dive into Docker Swarm ModeDeep Dive into Docker Swarm Mode
Deep Dive into Docker Swarm ModeAjeet Singh Raina
 

Recommended

Under the Hood with Docker Swarm Mode - Drew Erny and Nishant Totla, Docker
Under the Hood with Docker Swarm Mode - Drew Erny and Nishant Totla, DockerUnder the Hood with Docker Swarm Mode - Drew Erny and Nishant Totla, Docker
Under the Hood with Docker Swarm Mode - Drew Erny and Nishant Totla, DockerDocker, Inc.
 
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...On-Demand Image Resizing from Part of the monolith to Containerized Microserv...
On-Demand Image Resizing from Part of the monolith to Containerized Microserv...Docker, Inc.
 
Docker 1.11 Presentation
Docker 1.11 PresentationDocker 1.11 Presentation
Docker 1.11 PresentationSreenivas Makam
 
Deeper Dive in Docker Overlay Networks
Deeper Dive in Docker Overlay NetworksDeeper Dive in Docker Overlay Networks
Deeper Dive in Docker Overlay NetworksDocker, Inc.
 
Docker Networking Tip - Macvlan driver
Docker Networking Tip - Macvlan driverDocker Networking Tip - Macvlan driver
Docker Networking Tip - Macvlan driverSreenivas Makam
 
Docker Networking - Common Issues and Troubleshooting Techniques
Docker Networking - Common Issues and Troubleshooting TechniquesDocker Networking - Common Issues and Troubleshooting Techniques
Docker Networking - Common Issues and Troubleshooting TechniquesSreenivas Makam
 
What should be PID 1 in a container ? by Ranjith Rajaram for #rootConf 2017
What should be PID 1 in a container ? by Ranjith Rajaram for #rootConf 2017What should be PID 1 in a container ? by Ranjith Rajaram for #rootConf 2017
What should be PID 1 in a container ? by Ranjith Rajaram for #rootConf 2017Ranjith Rajaram
 
Deep Dive into Docker Swarm Mode
Deep Dive into Docker Swarm ModeDeep Dive into Docker Swarm Mode
Deep Dive into Docker Swarm ModeAjeet Singh Raina
 
Docker Security Paradigm
Docker Security ParadigmDocker Security Paradigm
Docker Security ParadigmAnis LARGUEM
 
Docker Security in Production Overview
Docker Security in Production OverviewDocker Security in Production Overview
Docker Security in Production OverviewDelve Labs
 
Docker Security Overview
Docker Security OverviewDocker Security Overview
Docker Security OverviewSreenivas Makam
 
Libnetwork update at Moby summit June 2017
Libnetwork update at Moby summit June 2017Libnetwork update at Moby summit June 2017
Libnetwork update at Moby summit June 2017Docker, Inc.
 
Docker summit 2015: 以 Docker Swarm 打造多主機叢集環境
Docker summit 2015: 以 Docker Swarm 打造多主機叢集環境Docker summit 2015: 以 Docker Swarm 打造多主機叢集環境
Docker summit 2015: 以 Docker Swarm 打造多主機叢集環境謝 宗穎
 
Docker security introduction-task-2016
Docker security introduction-task-2016Docker security introduction-task-2016
Docker security introduction-task-2016Ricardo Gerardi
 
Docker Networking Tip - Load balancing options
Docker Networking Tip - Load balancing optionsDocker Networking Tip - Load balancing options
Docker Networking Tip - Load balancing optionsSreenivas Makam
 
CoreOS Overview and Current Status
CoreOS Overview and Current StatusCoreOS Overview and Current Status
CoreOS Overview and Current StatusSreenivas Makam
 
Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...
Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...
Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...Docker, Inc.
 
Docker Networking Overview
Docker Networking OverviewDocker Networking Overview
Docker Networking OverviewSreenivas Makam
 
Docker on openstack by OpenSource Consulting
Docker on openstack by OpenSource ConsultingDocker on openstack by OpenSource Consulting
Docker on openstack by OpenSource ConsultingOpen Source Consulting
 
DCUS17 : Docker networking deep dive
DCUS17 : Docker networking deep diveDCUS17 : Docker networking deep dive
DCUS17 : Docker networking deep diveMadhu Venugopal
 
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea LuzzardiWhat's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea LuzzardiMike Goelzer
 
What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16
What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16 What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16
What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16 Docker, Inc.
 
Exploring Docker Security
Exploring Docker SecurityExploring Docker Security
Exploring Docker SecurityPatrick Kleindienst
 
The state of the swarm
The state of the swarmThe state of the swarm
The state of the swarmMathieu Buffenoir
 
Docker network Present in VietNam DockerDay 2015
Docker network Present in VietNam DockerDay 2015Docker network Present in VietNam DockerDay 2015
Docker network Present in VietNam DockerDay 2015Van Phuc
 
Docker Swarm for Beginner
Docker Swarm for BeginnerDocker Swarm for Beginner
Docker Swarm for BeginnerShahzad Masud
 
Docker Swarm 45-min Workshop (Mountain View Docker Meetup 2/24/2016)
Docker Swarm 45-min Workshop (Mountain View Docker Meetup 2/24/2016)Docker Swarm 45-min Workshop (Mountain View Docker Meetup 2/24/2016)
Docker Swarm 45-min Workshop (Mountain View Docker Meetup 2/24/2016)Mike Goelzer
 
Docker Mentorweek beginner workshop notes
Docker Mentorweek beginner workshop notesDocker Mentorweek beginner workshop notes
Docker Mentorweek beginner workshop notesSreenivas Makam
 
Kubernetes in Docker
Kubernetes in DockerKubernetes in Docker
Kubernetes in DockerDocker, Inc.
 
Docker on Docker
Docker on DockerDocker on Docker
Docker on DockerDocker, Inc.
 

More Related Content

What's hot

Docker Security Paradigm
Docker Security ParadigmDocker Security Paradigm
Docker Security ParadigmAnis LARGUEM
 
Docker Security in Production Overview
Docker Security in Production OverviewDocker Security in Production Overview
Docker Security in Production OverviewDelve Labs
 
Docker Security Overview
Docker Security OverviewDocker Security Overview
Docker Security OverviewSreenivas Makam
 
Libnetwork update at Moby summit June 2017
Libnetwork update at Moby summit June 2017Libnetwork update at Moby summit June 2017
Libnetwork update at Moby summit June 2017Docker, Inc.
 
Docker summit 2015: 以 Docker Swarm 打造多主機叢集環境
Docker summit 2015: 以 Docker Swarm 打造多主機叢集環境Docker summit 2015: 以 Docker Swarm 打造多主機叢集環境
Docker summit 2015: 以 Docker Swarm 打造多主機叢集環境謝 宗穎
 
Docker security introduction-task-2016
Docker security introduction-task-2016Docker security introduction-task-2016
Docker security introduction-task-2016Ricardo Gerardi
 
Docker Networking Tip - Load balancing options
Docker Networking Tip - Load balancing optionsDocker Networking Tip - Load balancing options
Docker Networking Tip - Load balancing optionsSreenivas Makam
 
CoreOS Overview and Current Status
CoreOS Overview and Current StatusCoreOS Overview and Current Status
CoreOS Overview and Current StatusSreenivas Makam
 
Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...
Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...
Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...Docker, Inc.
 
Docker Networking Overview
Docker Networking OverviewDocker Networking Overview
Docker Networking OverviewSreenivas Makam
 
Docker on openstack by OpenSource Consulting
Docker on openstack by OpenSource ConsultingDocker on openstack by OpenSource Consulting
Docker on openstack by OpenSource ConsultingOpen Source Consulting
 
DCUS17 : Docker networking deep dive
DCUS17 : Docker networking deep diveDCUS17 : Docker networking deep dive
DCUS17 : Docker networking deep diveMadhu Venugopal
 
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea LuzzardiWhat's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea LuzzardiMike Goelzer
 
What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16
What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16 What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16
What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16 Docker, Inc.
 
Docker network Present in VietNam DockerDay 2015
Docker network Present in VietNam DockerDay 2015Docker network Present in VietNam DockerDay 2015
Docker network Present in VietNam DockerDay 2015Van Phuc
 
Docker Swarm for Beginner
Docker Swarm for BeginnerDocker Swarm for Beginner
Docker Swarm for BeginnerShahzad Masud
 
Docker Swarm 45-min Workshop (Mountain View Docker Meetup 2/24/2016)
Docker Swarm 45-min Workshop (Mountain View Docker Meetup 2/24/2016)Docker Swarm 45-min Workshop (Mountain View Docker Meetup 2/24/2016)
Docker Swarm 45-min Workshop (Mountain View Docker Meetup 2/24/2016)Mike Goelzer
 
Docker Mentorweek beginner workshop notes
Docker Mentorweek beginner workshop notesDocker Mentorweek beginner workshop notes
Docker Mentorweek beginner workshop notesSreenivas Makam
 

What's hot (20)

Docker Security Paradigm
Docker Security ParadigmDocker Security Paradigm
Docker Security Paradigm
 
Docker Security in Production Overview
Docker Security in Production OverviewDocker Security in Production Overview
Docker Security in Production Overview
 
Docker Security Overview
Docker Security OverviewDocker Security Overview
Docker Security Overview
 
Libnetwork update at Moby summit June 2017
Libnetwork update at Moby summit June 2017Libnetwork update at Moby summit June 2017
Libnetwork update at Moby summit June 2017
 
Docker summit 2015: 以 Docker Swarm 打造多主機叢集環境
Docker summit 2015: 以 Docker Swarm 打造多主機叢集環境Docker summit 2015: 以 Docker Swarm 打造多主機叢集環境
Docker summit 2015: 以 Docker Swarm 打造多主機叢集環境
 
Docker security introduction-task-2016
Docker security introduction-task-2016Docker security introduction-task-2016
Docker security introduction-task-2016
 
Docker Networking Tip - Load balancing options
Docker Networking Tip - Load balancing optionsDocker Networking Tip - Load balancing options
Docker Networking Tip - Load balancing options
 
CoreOS Overview and Current Status
CoreOS Overview and Current StatusCoreOS Overview and Current Status
CoreOS Overview and Current Status
 
Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...
Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...
Automation and Collaboration Across Multiple Swarms Using Docker Cloud - Marc...
 
Docker Networking Overview
Docker Networking OverviewDocker Networking Overview
Docker Networking Overview
 
Docker on openstack by OpenSource Consulting
Docker on openstack by OpenSource ConsultingDocker on openstack by OpenSource Consulting
Docker on openstack by OpenSource Consulting
 
DCUS17 : Docker networking deep dive
DCUS17 : Docker networking deep diveDCUS17 : Docker networking deep dive
DCUS17 : Docker networking deep dive
 
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea LuzzardiWhat's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
 
What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16
What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16 What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16
What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16
 
Exploring Docker Security
Exploring Docker SecurityExploring Docker Security
Exploring Docker Security
 
The state of the swarm
The state of the swarmThe state of the swarm
The state of the swarm
 
Docker network Present in VietNam DockerDay 2015
Docker network Present in VietNam DockerDay 2015Docker network Present in VietNam DockerDay 2015
Docker network Present in VietNam DockerDay 2015
 
Docker Swarm for Beginner
Docker Swarm for BeginnerDocker Swarm for Beginner
Docker Swarm for Beginner
 
Docker Swarm 45-min Workshop (Mountain View Docker Meetup 2/24/2016)
Docker Swarm 45-min Workshop (Mountain View Docker Meetup 2/24/2016)Docker Swarm 45-min Workshop (Mountain View Docker Meetup 2/24/2016)
Docker Swarm 45-min Workshop (Mountain View Docker Meetup 2/24/2016)
 
Docker Mentorweek beginner workshop notes
Docker Mentorweek beginner workshop notesDocker Mentorweek beginner workshop notes
Docker Mentorweek beginner workshop notes
 

Viewers also liked

Kubernetes in Docker
Kubernetes in DockerKubernetes in Docker
Kubernetes in DockerDocker, Inc.
 
Introduction to Docker - IndiaOpsUG
Introduction to Docker - IndiaOpsUGIntroduction to Docker - IndiaOpsUG
Introduction to Docker - IndiaOpsUGAjeet Singh Raina
 
Container-relevant Upstream Kernel Developments
Container-relevant Upstream Kernel DevelopmentsContainer-relevant Upstream Kernel Developments
Container-relevant Upstream Kernel DevelopmentsDocker, Inc.
 
Practical Design Patterns in Docker Networking
Practical Design Patterns in Docker NetworkingPractical Design Patterns in Docker Networking
Practical Design Patterns in Docker NetworkingDocker, Inc.
 
Modernizing .NET Apps
Modernizing .NET AppsModernizing .NET Apps
Modernizing .NET AppsDocker, Inc.
 
Container Orchestration from Theory to Practice
Container Orchestration from Theory to PracticeContainer Orchestration from Theory to Practice
Container Orchestration from Theory to PracticeDocker, Inc.
 
Monitoring Dell Infrastructure using Docker & Microservices
Monitoring Dell Infrastructure using Docker & MicroservicesMonitoring Dell Infrastructure using Docker & Microservices
Monitoring Dell Infrastructure using Docker & MicroservicesAjeet Singh Raina
 
Service Discovery & Load-Balancing under Docker 1.12.0 @ Docker Meetup #22
Service Discovery & Load-Balancing under Docker 1.12.0 @ Docker Meetup #22Service Discovery & Load-Balancing under Docker 1.12.0 @ Docker Meetup #22
Service Discovery & Load-Balancing under Docker 1.12.0 @ Docker Meetup #22Ajeet Singh Raina
 
Modernizing Java Apps with Docker
Modernizing Java Apps with DockerModernizing Java Apps with Docker
Modernizing Java Apps with DockerDocker, Inc.
 
Introduction to LinuxKit - Docker Bangalore Meetup
Introduction to LinuxKit - Docker Bangalore MeetupIntroduction to LinuxKit - Docker Bangalore Meetup
Introduction to LinuxKit - Docker Bangalore MeetupAjeet Singh Raina
 
LinuxKit Deep Dive
LinuxKit Deep DiveLinuxKit Deep Dive
LinuxKit Deep DiveDocker, Inc.
 
Moby and Kubernetes entitlements
Moby and Kubernetes entitlements Moby and Kubernetes entitlements
Moby and Kubernetes entitlements Docker, Inc.
 
Containerd internals: building a core container runtime
Containerd internals: building a core container runtimeContainerd internals: building a core container runtime
Containerd internals: building a core container runtimeDocker, Inc.
 
Kubernetes CRI containerd integration by Lantao Liu (Google)
Kubernetes CRI containerd integration by Lantao Liu (Google)Kubernetes CRI containerd integration by Lantao Liu (Google)
Kubernetes CRI containerd integration by Lantao Liu (Google)Docker, Inc.
 
Docker Swarm 0.2.0
Docker Swarm 0.2.0Docker Swarm 0.2.0
Docker Swarm 0.2.0Docker, Inc.
 
The state of containerd
The state of containerdThe state of containerd
The state of containerdDocker, Inc.
 
Integrating Docker EE into Société Générale's Existing Enterprise IT Systems
Integrating Docker EE into Société Générale's Existing Enterprise IT SystemsIntegrating Docker EE into Société Générale's Existing Enterprise IT Systems
Integrating Docker EE into Société Générale's Existing Enterprise IT SystemsDocker, Inc.
 

Viewers also liked (19)

Kubernetes in Docker
Kubernetes in DockerKubernetes in Docker
Kubernetes in Docker
 
Docker on Docker
Docker on DockerDocker on Docker
Docker on Docker
 
Introduction to Docker - IndiaOpsUG
Introduction to Docker - IndiaOpsUGIntroduction to Docker - IndiaOpsUG
Introduction to Docker - IndiaOpsUG
 
Container-relevant Upstream Kernel Developments
Container-relevant Upstream Kernel DevelopmentsContainer-relevant Upstream Kernel Developments
Container-relevant Upstream Kernel Developments
 
Practical Design Patterns in Docker Networking
Practical Design Patterns in Docker NetworkingPractical Design Patterns in Docker Networking
Practical Design Patterns in Docker Networking
 
Modernizing .NET Apps
Modernizing .NET AppsModernizing .NET Apps
Modernizing .NET Apps
 
Container Orchestration from Theory to Practice
Container Orchestration from Theory to PracticeContainer Orchestration from Theory to Practice
Container Orchestration from Theory to Practice
 
Monitoring Dell Infrastructure using Docker & Microservices
Monitoring Dell Infrastructure using Docker & MicroservicesMonitoring Dell Infrastructure using Docker & Microservices
Monitoring Dell Infrastructure using Docker & Microservices
 
Service Discovery & Load-Balancing under Docker 1.12.0 @ Docker Meetup #22
Service Discovery & Load-Balancing under Docker 1.12.0 @ Docker Meetup #22Service Discovery & Load-Balancing under Docker 1.12.0 @ Docker Meetup #22
Service Discovery & Load-Balancing under Docker 1.12.0 @ Docker Meetup #22
 
What's New in Docker 1.12?
What's New in Docker 1.12?What's New in Docker 1.12?
What's New in Docker 1.12?
 
Modernizing Java Apps with Docker
Modernizing Java Apps with DockerModernizing Java Apps with Docker
Modernizing Java Apps with Docker
 
Introduction to LinuxKit - Docker Bangalore Meetup
Introduction to LinuxKit - Docker Bangalore MeetupIntroduction to LinuxKit - Docker Bangalore Meetup
Introduction to LinuxKit - Docker Bangalore Meetup
 
LinuxKit Deep Dive
LinuxKit Deep DiveLinuxKit Deep Dive
LinuxKit Deep Dive
 
Moby and Kubernetes entitlements
Moby and Kubernetes entitlements Moby and Kubernetes entitlements
Moby and Kubernetes entitlements
 
Containerd internals: building a core container runtime
Containerd internals: building a core container runtimeContainerd internals: building a core container runtime
Containerd internals: building a core container runtime
 
Kubernetes CRI containerd integration by Lantao Liu (Google)
Kubernetes CRI containerd integration by Lantao Liu (Google)Kubernetes CRI containerd integration by Lantao Liu (Google)
Kubernetes CRI containerd integration by Lantao Liu (Google)
 
Docker Swarm 0.2.0
Docker Swarm 0.2.0Docker Swarm 0.2.0
Docker Swarm 0.2.0
 
The state of containerd
The state of containerdThe state of containerd
The state of containerd
 
Integrating Docker EE into Société Générale's Existing Enterprise IT Systems
Integrating Docker EE into Société Générale's Existing Enterprise IT SystemsIntegrating Docker EE into Société Générale's Existing Enterprise IT Systems
Integrating Docker EE into Société Générale's Existing Enterprise IT Systems
 

Similar to Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and Tibor Vass, Docker

Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to Docker皓鈞 張
 
Running Docker in Development & Production (#ndcoslo 2015)
Running Docker in Development & Production (#ndcoslo 2015)Running Docker in Development & Production (#ndcoslo 2015)
Running Docker in Development & Production (#ndcoslo 2015)Ben Hall
 
Be a happier developer with Docker: Tricks of the trade
Be a happier developer with Docker: Tricks of the tradeBe a happier developer with Docker: Tricks of the trade
Be a happier developer with Docker: Tricks of the tradeNicola Paolucci
 
Tame Your Build And Deployment Process With Hudson, PHPUnit, and SSH
Tame Your Build And Deployment Process With Hudson, PHPUnit, and SSHTame Your Build And Deployment Process With Hudson, PHPUnit, and SSH
Tame Your Build And Deployment Process With Hudson, PHPUnit, and SSHDavid Stockton
 
Docker Security workshop slides
Docker Security workshop slidesDocker Security workshop slides
Docker Security workshop slidesDocker, Inc.
 
Drone CI/CD 自動化測試及部署
Drone CI/CD 自動化測試及部署Drone CI/CD 自動化測試及部署
Drone CI/CD 自動化測試及部署Bo-Yi Wu
 
Lessons from running potentially malicious code inside Docker containers
Lessons from running potentially malicious code inside Docker containersLessons from running potentially malicious code inside Docker containers
Lessons from running potentially malicious code inside Docker containersBen Hall
 
Dockerizing a Symfony2 application
Dockerizing a Symfony2 applicationDockerizing a Symfony2 application
Dockerizing a Symfony2 applicationRoman Rodomansky
 
Be a Happier Developer with Docker: Tricks of the Trade
Be a Happier Developer with Docker: Tricks of the TradeBe a Happier Developer with Docker: Tricks of the Trade
Be a Happier Developer with Docker: Tricks of the TradeDocker, Inc.
 
JDO 2019: Tips and Tricks from Docker Captain - Łukasz Lach
JDO 2019: Tips and Tricks from Docker Captain - Łukasz LachJDO 2019: Tips and Tricks from Docker Captain - Łukasz Lach
JDO 2019: Tips and Tricks from Docker Captain - Łukasz LachPROIDEA
 
Docker workshop DevOpsDays Amsterdam 2014
Docker workshop DevOpsDays Amsterdam 2014Docker workshop DevOpsDays Amsterdam 2014
Docker workshop DevOpsDays Amsterdam 2014Pini Reznik
 
青云虚拟机部署私有Docker Registry
青云虚拟机部署私有Docker Registry青云虚拟机部署私有Docker Registry
青云虚拟机部署私有Docker RegistryZhichao Liang
 
Dockerizing Symfony Applications - Symfony Live Berlin 2014
Dockerizing Symfony Applications - Symfony Live Berlin 2014Dockerizing Symfony Applications - Symfony Live Berlin 2014
Dockerizing Symfony Applications - Symfony Live Berlin 2014D
 
Preparation study of_docker - (MOSG)
Preparation study of_docker - (MOSG)Preparation study of_docker - (MOSG)
Preparation study of_docker - (MOSG)Soshi Nemoto
 
Docker security
Docker securityDocker security
Docker securityJanos Suto
 
WP-CLI Workshop at WordPress Meetup Cluj-Napoca
WP-CLI Workshop at WordPress Meetup Cluj-NapocaWP-CLI Workshop at WordPress Meetup Cluj-Napoca
WP-CLI Workshop at WordPress Meetup Cluj-Napoca4nd4p0p
 

Similar to Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and Tibor Vass, Docker (20)

Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to Docker
 
Running Docker in Development & Production (#ndcoslo 2015)
Running Docker in Development & Production (#ndcoslo 2015)Running Docker in Development & Production (#ndcoslo 2015)
Running Docker in Development & Production (#ndcoslo 2015)
 
Be a happier developer with Docker: Tricks of the trade
Be a happier developer with Docker: Tricks of the tradeBe a happier developer with Docker: Tricks of the trade
Be a happier developer with Docker: Tricks of the trade
 
Tame Your Build And Deployment Process With Hudson, PHPUnit, and SSH
Tame Your Build And Deployment Process With Hudson, PHPUnit, and SSHTame Your Build And Deployment Process With Hudson, PHPUnit, and SSH
Tame Your Build And Deployment Process With Hudson, PHPUnit, and SSH
 
moscmy2016: Extending Docker
moscmy2016: Extending Dockermoscmy2016: Extending Docker
moscmy2016: Extending Docker
 
Docker Security workshop slides
Docker Security workshop slidesDocker Security workshop slides
Docker Security workshop slides
 
Drone CI/CD 自動化測試及部署
Drone CI/CD 自動化測試及部署Drone CI/CD 自動化測試及部署
Drone CI/CD 自動化測試及部署
 
Lessons from running potentially malicious code inside Docker containers
Lessons from running potentially malicious code inside Docker containersLessons from running potentially malicious code inside Docker containers
Lessons from running potentially malicious code inside Docker containers
 
Dockerizing a Symfony2 application
Dockerizing a Symfony2 applicationDockerizing a Symfony2 application
Dockerizing a Symfony2 application
 
Be a Happier Developer with Docker: Tricks of the Trade
Be a Happier Developer with Docker: Tricks of the TradeBe a Happier Developer with Docker: Tricks of the Trade
Be a Happier Developer with Docker: Tricks of the Trade
 
JDO 2019: Tips and Tricks from Docker Captain - Łukasz Lach
JDO 2019: Tips and Tricks from Docker Captain - Łukasz LachJDO 2019: Tips and Tricks from Docker Captain - Łukasz Lach
JDO 2019: Tips and Tricks from Docker Captain - Łukasz Lach
 
Docker workshop DevOpsDays Amsterdam 2014
Docker workshop DevOpsDays Amsterdam 2014Docker workshop DevOpsDays Amsterdam 2014
Docker workshop DevOpsDays Amsterdam 2014
 
Docker practice
Docker practiceDocker practice
Docker practice
 
青云虚拟机部署私有Docker Registry
青云虚拟机部署私有Docker Registry青云虚拟机部署私有Docker Registry
青云虚拟机部署私有Docker Registry
 
Dockerizing Symfony Applications - Symfony Live Berlin 2014
Dockerizing Symfony Applications - Symfony Live Berlin 2014Dockerizing Symfony Applications - Symfony Live Berlin 2014
Dockerizing Symfony Applications - Symfony Live Berlin 2014
 
Preparation study of_docker - (MOSG)
Preparation study of_docker - (MOSG)Preparation study of_docker - (MOSG)
Preparation study of_docker - (MOSG)
 
Docker
DockerDocker
Docker
 
Docker security
Docker securityDocker security
Docker security
 
WP-CLI Workshop at WordPress Meetup Cluj-Napoca
WP-CLI Workshop at WordPress Meetup Cluj-NapocaWP-CLI Workshop at WordPress Meetup Cluj-Napoca
WP-CLI Workshop at WordPress Meetup Cluj-Napoca
 
Docker by Example - Basics
Docker by Example - Basics Docker by Example - Basics
Docker by Example - Basics
 

More from Docker, Inc.

Containerize Your Game Server for the Best Multiplayer Experience
Containerize Your Game Server for the Best Multiplayer Experience Containerize Your Game Server for the Best Multiplayer Experience
Containerize Your Game Server for the Best Multiplayer Experience Docker, Inc.
 
How to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker BuildHow to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker BuildDocker, Inc.
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSDocker, Inc.
 
Securing Your Containerized Applications with NGINX
Securing Your Containerized Applications with NGINXSecuring Your Containerized Applications with NGINX
Securing Your Containerized Applications with NGINXDocker, Inc.
 
How To Build and Run Node Apps with Docker and Compose
How To Build and Run Node Apps with Docker and ComposeHow To Build and Run Node Apps with Docker and Compose
How To Build and Run Node Apps with Docker and ComposeDocker, Inc.
 
Distributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at SalesforceDistributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at SalesforceDocker, Inc.
 
The First 10M Pulls: Building The Official Curl Image for Docker Hub
The First 10M Pulls: Building The Official Curl Image for Docker HubThe First 10M Pulls: Building The Official Curl Image for Docker Hub
The First 10M Pulls: Building The Official Curl Image for Docker HubDocker, Inc.
 
Monitoring in a Microservices World
Monitoring in a Microservices WorldMonitoring in a Microservices World
Monitoring in a Microservices WorldDocker, Inc.
 
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...Docker, Inc.
 
Predicting Space Weather with Docker
Predicting Space Weather with DockerPredicting Space Weather with Docker
Predicting Space Weather with DockerDocker, Inc.
 
Become a Docker Power User With Microsoft Visual Studio Code
Become a Docker Power User With Microsoft Visual Studio CodeBecome a Docker Power User With Microsoft Visual Studio Code
Become a Docker Power User With Microsoft Visual Studio CodeDocker, Inc.
 
How to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container RegistryHow to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container RegistryDocker, Inc.
 
Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!Docker, Inc.
 
Kubernetes at Datadog Scale
Kubernetes at Datadog ScaleKubernetes at Datadog Scale
Kubernetes at Datadog ScaleDocker, Inc.
 
Labels, Labels, Labels
Labels, Labels, Labels Labels, Labels, Labels
Labels, Labels, Labels Docker, Inc.
 
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment ModelUsing Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment ModelDocker, Inc.
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSDocker, Inc.
 
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...Docker, Inc.
 
Developing with Docker for the Arm Architecture
Developing with Docker for the Arm ArchitectureDeveloping with Docker for the Arm Architecture
Developing with Docker for the Arm ArchitectureDocker, Inc.
 

More from Docker, Inc. (20)

Containerize Your Game Server for the Best Multiplayer Experience
Containerize Your Game Server for the Best Multiplayer Experience Containerize Your Game Server for the Best Multiplayer Experience
Containerize Your Game Server for the Best Multiplayer Experience
 
How to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker BuildHow to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker Build
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWS
 
Securing Your Containerized Applications with NGINX
Securing Your Containerized Applications with NGINXSecuring Your Containerized Applications with NGINX
Securing Your Containerized Applications with NGINX
 
How To Build and Run Node Apps with Docker and Compose
How To Build and Run Node Apps with Docker and ComposeHow To Build and Run Node Apps with Docker and Compose
How To Build and Run Node Apps with Docker and Compose
 
Hands-on Helm
Hands-on Helm Hands-on Helm
Hands-on Helm
 
Distributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at SalesforceDistributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at Salesforce
 
The First 10M Pulls: Building The Official Curl Image for Docker Hub
The First 10M Pulls: Building The Official Curl Image for Docker HubThe First 10M Pulls: Building The Official Curl Image for Docker Hub
The First 10M Pulls: Building The Official Curl Image for Docker Hub
 
Monitoring in a Microservices World
Monitoring in a Microservices WorldMonitoring in a Microservices World
Monitoring in a Microservices World
 
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
 
Predicting Space Weather with Docker
Predicting Space Weather with DockerPredicting Space Weather with Docker
Predicting Space Weather with Docker
 
Become a Docker Power User With Microsoft Visual Studio Code
Become a Docker Power User With Microsoft Visual Studio CodeBecome a Docker Power User With Microsoft Visual Studio Code
Become a Docker Power User With Microsoft Visual Studio Code
 
How to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container RegistryHow to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container Registry
 
Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!
 
Kubernetes at Datadog Scale
Kubernetes at Datadog ScaleKubernetes at Datadog Scale
Kubernetes at Datadog Scale
 
Labels, Labels, Labels
Labels, Labels, Labels Labels, Labels, Labels
Labels, Labels, Labels
 
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment ModelUsing Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWS
 
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
 
Developing with Docker for the Arm Architecture
Developing with Docker for the Arm ArchitectureDeveloping with Docker for the Arm Architecture
Developing with Docker for the Arm Architecture
 

Recently uploaded

Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 

Recently uploaded (20)

Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 

Plug-ins: Building, Shipping, Storing, and Running - Nandhini Santhanam and Tibor Vass, Docker

  • 1. Plugins: Build, Store, and Run Nandhini Santhanam Tibor Vass Engineering Manager, Docker Software Engineer, Docker
  • 2. - Why plugins? Extend Docker functionalities - Batteries included but swappable Introduction
  • 4. Your NodeVolume (Could be Block Store, Hardware, or something else) Container Volume Plugin
  • 5. - Plugins are first class citizens (starting Docker 17.03) - Authorization, Volume, Network, IPAM, Logging Introduction
  • 7. SSHFS (SSH Filesystem) is a filesystem client to mount and interact with directories and files located on a remote server or workstation over a normal ssh connection What is sshfs? https://en.wikipedia.org/wiki/SSHFS
  • 8. SSHFS Source code: https://github.com/libfuse/sshfs vieux/sshfs volume plugin: https://github.com/vieux/docker-volume-sshfs Running a volume plugin
  • 9. DEMO: Running a volume plugin
  • 10. $ ssh user@host # cd /some/path && echo austin > dockercon && exit Prepare directory on ssh host
  • 11. Prepare directory on ssh host $ docker plugin help Usage: docker plugin COMMAND Manage plugins Options: --help Print usage Commands: create Create a plugin from a rootfs and configuration. Plugin data directory must contain config.json disable Disable a plugin enable Enable a plugin inspect Display detailed information on one or more plugins install Install a plugin ls List plugins push Push a plugin to a registry rm Remove one or more plugins set Change settings for a plugin upgrade Upgrade an existing plugin Run 'docker plugin COMMAND --help' for more information on a command.
  • 12. $ docker plugin install vieux/sshfs Plugin "vieux/sshfs" is requesting the following privileges: - network: [host] - mount: [/var/lib/docker/plugins/] - device: [/dev/fuse] - capabilities: [CAP_SYS_ADMIN] Do you grant the above permissions? [y/N] Install vieux/sshfs
  • 13. Install vieux/sshfs $ docker plugin install vieux/sshfs Plugin "vieux/sshfs" is requesting the following privileges: - network: [host] - mount: [/var/lib/docker/plugins/] - device: [/dev/fuse] - capabilities: [CAP_SYS_ADMIN] Do you grant the above permissions? [y/N] y latest: Pulling from vieux/sshfs b2bcc48d3424: Download complete Digest: sha256:151e6d386ab93a4d9f8ec0befd6c43485fe9e1151fd9784493b147ca621d3d5d Status: Downloaded newer image for vieux/sshfs:latest Installed plugin vieux/sshfs
  • 14. Use vieux/sshfs plugin $ docker plugin ls ID NAME DESCRIPTION ENABLED dfe9270de30a vieux/sshfs:latest sshFS plugin for Docker true $ docker volume create -d vieux/sshfs -o sshcmd=user@host:/some/path -o password=”$password” -o port=”$port” mysshvolume $ docker run -it --rm -v mysshvolume:/remote busybox sh / # cat /remote/dockercon austin
  • 15. - docker plugin install vieux/sshfs - review permissions - docker volume create --driver vieux/sshfs [-o …] myvolume - docker run -v myvolume:/remote busybox Recap: Running a volume plugin
  • 18. Misuse the plugin $ docker volume create -d vieux/sshfs -o sshcmd=user@host:/some/path -o password=”$badpassword” -o port=”$port” mysshvolume $ docker run -it --rm -v mysshvolume:/remote busybox sh docker: Error response from daemon: error while mounting volume '/var/lib/docker/plugins/cd540062f8b7e667d0e94cef262ff72ce10264fb0dea6c53393b1 8c840fc7a8e/rootfs': VolumeDriver.Mount: exit status 1.
  • 19. Check the daemon logs $ tail -f /var/log/docker.log | grep plugin= Apr 6 23:29:10 moby root: time="2017-04-06T23:29:10Z" level=info msg="read: Connection reset by peer" plugin=3fd525f16cb675325cf99a49455ab05e60d1da53d8b9689c69ea6c7f8619ef17 Apr 6 23:29:10 moby root: time="2017-04-06T23:29:10Z" level=info plugin=3fd525f16cb675325cf99a49455ab05e60d1da53d8b9689c69ea6c7f8619ef17 Apr 6 23:29:10 moby root: time="2017-04-06T23:29:10Z" level=info msg="exit status 1" plugin=3fd525f16cb675325cf99a49455ab05e60d1da53d8b9689c69ea6c7f8619ef17
  • 20. $ docker volume rm mysshvolume $ docker plugin disable vieux/sshfs $ docker plugin set vieux/sshfs DEBUG=1 $ docker plugin enable vieux/sshfs $ docker volume create -d vieux/sshfs -o sshcmd=user@host:/some/path -o password=”$badpassword” -o port=”$port” mysshvolume The DEBUG setting is NOT generic to all plugins, it is defined by this vieux/sshfs plugin (more on this later). Modify plugin settings
  • 21. $ docker plugin ls --no-trunc ID NAME DESCRIPTION ENABLED 9fef4eb6fa883d44e9c1c2901fb598f39f67d50bcc0e1653b4f393807fb80558 vieux/sshfs:latest sshFS plugin for Docker true $ docker-runc exec -t 9fef4eb6fa883d44e9c1c2901fb598f39f67d50bcc0e1653b4f393807fb80558 sh / # echo hi from plugin container Pro Tip: Access plugin container
  • 22. - grep plugin=$pluginID docker.log - if plugin allows it, set higher verbosity with docker plugin set - docker-runc exec -t $pluginID sh Recap: Debugging a plugin
  • 24. What constitutes a plugin? - Rootfs of plugin container - JSON description defining what interface it implements, what permissions it needs - Reference: https://docs.docker.com/engine/extend/config
  • 25. - Docker bind-mounts the host’s /run/docker/plugins/$pluginID into the container’s /run/docker/plugins - Each plugin has to listen on a socket inside /run/docker/plugins $ ls /run/docker/plugins/*/ sshfs.sock How does it work?
  • 26. Plugins serve via the socket, an HTTP+JSON API specified in the documentation for each plugin type. Authorization: https://docs.docker.com/engine/extend/plugins_authorization Volume: https://docs.docker.com/engine/extend/plugins_volume/ Network: https://docs.docker.com/engine/extend/plugins_network/ IPAM: https://github.com/docker/libnetwork/blob/master/docs/ipam.md How does it work?
  • 27. Pro Tip: Use helper package Go helper package: https://github.com/docker/go-plugins-helpers For volume plugins: https://godoc.org/github.com/docker/go-plugins-help ers/volume
  • 29. $ git clone https://github.com/vieux/docker-volume-sshfs $ cd docker-volume-sshfs $ ls Dockerfile LICENSE README.md main.go Dockerfile.dev Makefile config.json vendor $ vim main.go Demo: building vieux/sshfs
  • 30. Demo: building vieux/sshfs Config.json defines: - Type of functionality the plugin provides docker.volumedriver/1.0 in addition to the name of the socket sshfs.sock. - entrypoint to the binary - a DEBUG environment variable that’s settable by the user - Access to device /dev/fuse - Linux capability CAP_SYS_ADMIN to be able to mount FUSE from the container - Host networking to access the remote host - Bind mount to store state outside the plugin - Last but not least, PropagatedMount: the path inside the container that needs to be propagated back into docker’s mount namespace
  • 31. Demo: building vieux/sshfs Build the sshfs image and extract rootfs $ docker build -t sshfs . $ docker container create --name tmp sshfs $ mkdir -p ./plugin/rootfs $ docker container export tmp | tar -x -C ./plugin/rootfs Add plugin config $ cp config.json ./plugin/ $ ls ./plugin config.json rootfs/
  • 32. Demo: building vieux/sshfs Create plugin $ docker plugin create tiborvass/sshfs ./plugin $ docker plugin ls ID NAME DESCRIPTION ENABLED f207db14aa5b vieux/sshfs:latest sshFS plugin for Docker true 3fd525f16cb6 tiborvass/sshfs:latest sshFS plugin for Docker false
  • 33. - implement plugin HTTP+JSON API corresponding to the desired plugin type - containerize plugin + export rootfs - write config.json for plugin - docker plugin create tiborvass/sshfs ./plugin where ./plugin contains: - config.json - rootfs/ Recap: Building a plugin
  • 34. - docker plugin push tiborvass/sshfs - Collaborate - View plugin scans Collaborate on your plugin
  • 35.
  • 36.
  • 37.
  • 38.
  • 39.
  • 40. - private plugins - community plugins - store plugins Distribute Plugins
  • 41.
  • 44.
  • 45.