SlideShare a Scribd company logo
1 of 19
Download to read offline
Presentation By:
Mohammadreza Amini
Amir Arsalan
Autumn 2015
IRAN OpenStack Users Group
Allocating Resources & Limitation Container
Agenda
Allocating Resources
| Iran Community OpenStack.ir
●
Docker Allocating Resources
●
CPU
●
RAM
●
Disk
●
Limitation Container
●
Linux Capability
●
Devices
Allocating Resources
| Iran Community OpenStack.ir
Allocating Resources
Allocation of resources to containers is especially important as containers are less
isolated than virtual machines.
A single runaway container can lead to performance issues and degradation
across the entire host.
In Hypervisors, VMs are normally allocated a fixed amount of CPU resources, RAM,
and disk space, meaning that the applications will work within those set limits no
matter the load to which the VM or application is subjected.
Allocating Resources
| Iran Community OpenStack.ir
Allocating Resources
| Iran Community OpenStack.ir
CPU
Each container is assigned a “share” of the CPU, set to 1024 by default. By itself,
1024 CPU share does not mean anything.
If there is only a single container running, then it can use all the available CPU
resources.
However, if you launch another container and both containers have 1024 CPU
share, then each container can claim at least 50% of the CPU resources.
Allocating Resources
| Iran Community OpenStack.ir
CPU Allocating Resource
Allocating Resources
| Iran Community OpenStack.ir
●
Share cpu
$ docker run -ti -c 1024 ubuntu:14.04 /bin/bash
●
Cpu period & quota
$ docker run -ti --cpu-period=50000 --cpu-quota=10000 ubuntu:14.04 /bin/bash
Allocating Resources
| Iran Community OpenStack.ir
Memory
Memory Allocating Resource
Allocating Resources
| Iran Community OpenStack.ir
●
Memory & Memory swap
$ docker run -ti -m 300M --memory-swap 900M ubuntu:14.04 /bin/bash
Allocating Resources
| Iran Community OpenStack.ir
Disk
Disk space and read/write speed can be limited in Docker. By default, read/write
speed is unlimited. However, if required, it can be limited as needed using cgroups.
Each container is allocated 10GB of space by default.
Allocating Resources
| Iran Community OpenStack.ir
Disk Allocating Resource
Allocating Resources
| Iran Community OpenStack.ir
●
Base Size
$ docker -d --storage-opt dm.basesize=20G ubuntu:14.04 /bin/bash
More Details: https://github.com/docker/docker/blob/v1.2.0/daemon/graphdriver/devmapper/README.md#options
Allocating Resources
| Iran Community OpenStack.ir
Limitation Container
Allocating Resources
| Iran Community OpenStack.ir
By default, Docker containers are “unprivileged” and cannot, for example, run a Docker
daemon inside a Docker container. This is because by default a container is not allowed to
access any devices, but a “privileged” container is given access to all devices
More Details: https://docs.docker.com/engine/reference/run/#runtime-constraints-on-resources
Linux capability
Allocating Resources
| Iran Community OpenStack.ir
More Details: http://linux.die.net/man/7/capabilities
●
Add capability
$ docker run -ti --cap-add=NET_ADMIN ubuntu:14.04 /bin/bash
●
drop capability
$ docker run -ti --cap-add=ALL --cap-drop=NET_ADMIN ubuntu:14.04 /bin/bash
Devices
Allocating Resources
| Iran Community OpenStack.ir
If you want to limit access to a specific device or devices you can use the --device
flag. It allows you to specify one or more devices that will be accessible within the
container.
●
Devices
$ docker run -ti --device=/dev/snd:/dev/snd ubuntu:14.04 /bin/bash
Allocating Resources
| Iran Community OpenStack.ir
Any Question?
Allocating Resources
| Iran Community OpenStack.ir
Stay in Touch and Join Us:
● Home Page: OpenStack.ir
● Meetup age: Meetup.com/IranOpenStack
● Mailing List: OpenStackir@Lists.OpenStack.org
● Twitter: @OpenStackIR , #OpenStackIRAN
● IRC Channel on FreeNode: #OpenStack-ir
Allocating Resources
| Iran Community OpenStack.ir
Mohammadreza Amini
Linux Administrator
Mohammadreza@openstack.ir
Amir Arsalan
Python Developer
Arsalan@openstack.ir
Thank You

More Related Content

What's hot

Linux container, namespaces & CGroup.
Linux container, namespaces & CGroup. Linux container, namespaces & CGroup.
Linux container, namespaces & CGroup. Neeraj Shrimali
 
Linux Container Brief for IEEE WG P2302
Linux Container Brief for IEEE WG P2302Linux Container Brief for IEEE WG P2302
Linux Container Brief for IEEE WG P2302Boden Russell
 
Inside Docker for Fedora20/RHEL7
Inside Docker for Fedora20/RHEL7Inside Docker for Fedora20/RHEL7
Inside Docker for Fedora20/RHEL7Etsuji Nakai
 
Containers are the future of the Cloud
Containers are the future of the CloudContainers are the future of the Cloud
Containers are the future of the CloudPavel Odintsov
 
Evoluation of Linux Container Virtualization
Evoluation of Linux Container VirtualizationEvoluation of Linux Container Virtualization
Evoluation of Linux Container VirtualizationImesh Gunaratne
 
Lxc – next gen virtualization for cloud intro (cloudexpo)
Lxc – next gen virtualization for cloud   intro (cloudexpo)Lxc – next gen virtualization for cloud   intro (cloudexpo)
Lxc – next gen virtualization for cloud intro (cloudexpo)Boden Russell
 
Linux containers – next gen virtualization for cloud (atl summit) ar4 3 - copy
Linux containers – next gen virtualization for cloud (atl summit) ar4 3 - copyLinux containers – next gen virtualization for cloud (atl summit) ar4 3 - copy
Linux containers – next gen virtualization for cloud (atl summit) ar4 3 - copyBoden Russell
 
Linux containers-namespaces(Dec 2014)
Linux containers-namespaces(Dec 2014)Linux containers-namespaces(Dec 2014)
Linux containers-namespaces(Dec 2014)Ralf Dannert
 
Tokyo OpenStack Summit 2015: Unraveling Docker Security
Tokyo OpenStack Summit 2015: Unraveling Docker SecurityTokyo OpenStack Summit 2015: Unraveling Docker Security
Tokyo OpenStack Summit 2015: Unraveling Docker SecurityPhil Estes
 
Lxc- Linux Containers
Lxc- Linux ContainersLxc- Linux Containers
Lxc- Linux Containerssamof76
 
Hands on introduction to docker security for docker newbies
Hands on introduction to docker security for docker newbiesHands on introduction to docker security for docker newbies
Hands on introduction to docker security for docker newbiesYigal Elefant
 
Linux cgroups and namespaces
Linux cgroups and namespacesLinux cgroups and namespaces
Linux cgroups and namespacesLocaweb
 
Linux Containers From Scratch
Linux Containers From ScratchLinux Containers From Scratch
Linux Containers From Scratchjoshuasoundcloud
 
GlusterFS Update and OpenStack Integration
GlusterFS Update and OpenStack IntegrationGlusterFS Update and OpenStack Integration
GlusterFS Update and OpenStack IntegrationEtsuji Nakai
 
CoreOS, or How I Learned to Stop Worrying and Love Systemd
CoreOS, or How I Learned to Stop Worrying and Love SystemdCoreOS, or How I Learned to Stop Worrying and Love Systemd
CoreOS, or How I Learned to Stop Worrying and Love SystemdRichard Lister
 
Container Torture: Run any binary, in any container
Container Torture: Run any binary, in any containerContainer Torture: Run any binary, in any container
Container Torture: Run any binary, in any containerDocker, Inc.
 
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxConAnatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxConJérôme Petazzoni
 
Virtualization which isn't: LXC (Linux Containers)
Virtualization which isn't: LXC (Linux Containers)Virtualization which isn't: LXC (Linux Containers)
Virtualization which isn't: LXC (Linux Containers)Dobrica Pavlinušić
 
Containers and Namespaces in the Linux Kernel
Containers and Namespaces in the Linux KernelContainers and Namespaces in the Linux Kernel
Containers and Namespaces in the Linux KernelOpenVZ
 

What's hot (20)

Linux container, namespaces & CGroup.
Linux container, namespaces & CGroup. Linux container, namespaces & CGroup.
Linux container, namespaces & CGroup.
 
Linux Container Brief for IEEE WG P2302
Linux Container Brief for IEEE WG P2302Linux Container Brief for IEEE WG P2302
Linux Container Brief for IEEE WG P2302
 
Inside Docker for Fedora20/RHEL7
Inside Docker for Fedora20/RHEL7Inside Docker for Fedora20/RHEL7
Inside Docker for Fedora20/RHEL7
 
Containers are the future of the Cloud
Containers are the future of the CloudContainers are the future of the Cloud
Containers are the future of the Cloud
 
Evoluation of Linux Container Virtualization
Evoluation of Linux Container VirtualizationEvoluation of Linux Container Virtualization
Evoluation of Linux Container Virtualization
 
Lxc – next gen virtualization for cloud intro (cloudexpo)
Lxc – next gen virtualization for cloud   intro (cloudexpo)Lxc – next gen virtualization for cloud   intro (cloudexpo)
Lxc – next gen virtualization for cloud intro (cloudexpo)
 
Linux containers – next gen virtualization for cloud (atl summit) ar4 3 - copy
Linux containers – next gen virtualization for cloud (atl summit) ar4 3 - copyLinux containers – next gen virtualization for cloud (atl summit) ar4 3 - copy
Linux containers – next gen virtualization for cloud (atl summit) ar4 3 - copy
 
Linux containers-namespaces(Dec 2014)
Linux containers-namespaces(Dec 2014)Linux containers-namespaces(Dec 2014)
Linux containers-namespaces(Dec 2014)
 
Tokyo OpenStack Summit 2015: Unraveling Docker Security
Tokyo OpenStack Summit 2015: Unraveling Docker SecurityTokyo OpenStack Summit 2015: Unraveling Docker Security
Tokyo OpenStack Summit 2015: Unraveling Docker Security
 
Lxc- Linux Containers
Lxc- Linux ContainersLxc- Linux Containers
Lxc- Linux Containers
 
Hands on introduction to docker security for docker newbies
Hands on introduction to docker security for docker newbiesHands on introduction to docker security for docker newbies
Hands on introduction to docker security for docker newbies
 
Linux cgroups and namespaces
Linux cgroups and namespacesLinux cgroups and namespaces
Linux cgroups and namespaces
 
LXC
LXCLXC
LXC
 
Linux Containers From Scratch
Linux Containers From ScratchLinux Containers From Scratch
Linux Containers From Scratch
 
GlusterFS Update and OpenStack Integration
GlusterFS Update and OpenStack IntegrationGlusterFS Update and OpenStack Integration
GlusterFS Update and OpenStack Integration
 
CoreOS, or How I Learned to Stop Worrying and Love Systemd
CoreOS, or How I Learned to Stop Worrying and Love SystemdCoreOS, or How I Learned to Stop Worrying and Love Systemd
CoreOS, or How I Learned to Stop Worrying and Love Systemd
 
Container Torture: Run any binary, in any container
Container Torture: Run any binary, in any containerContainer Torture: Run any binary, in any container
Container Torture: Run any binary, in any container
 
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxConAnatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
Anatomy of a Container: Namespaces, cgroups & Some Filesystem Magic - LinuxCon
 
Virtualization which isn't: LXC (Linux Containers)
Virtualization which isn't: LXC (Linux Containers)Virtualization which isn't: LXC (Linux Containers)
Virtualization which isn't: LXC (Linux Containers)
 
Containers and Namespaces in the Linux Kernel
Containers and Namespaces in the Linux KernelContainers and Namespaces in the Linux Kernel
Containers and Namespaces in the Linux Kernel
 

Viewers also liked (13)

Operating systems
Operating systemsOperating systems
Operating systems
 
Registers
RegistersRegisters
Registers
 
Booting & shut down,
Booting & shut down,Booting & shut down,
Booting & shut down,
 
Memory management
Memory managementMemory management
Memory management
 
Spring Boot with Quartz
Spring Boot with QuartzSpring Boot with Quartz
Spring Boot with Quartz
 
Understanding The Boot Process
Understanding The Boot ProcessUnderstanding The Boot Process
Understanding The Boot Process
 
Kernel I/O subsystem
Kernel I/O subsystemKernel I/O subsystem
Kernel I/O subsystem
 
Disk allocation methods
Disk allocation methodsDisk allocation methods
Disk allocation methods
 
Cpu registers
Cpu registersCpu registers
Cpu registers
 
5. boot process
5. boot process5. boot process
5. boot process
 
File access methods.54
File access methods.54File access methods.54
File access methods.54
 
File organization
File organizationFile organization
File organization
 
Boot process: BIOS vs UEFI
Boot process: BIOS vs UEFIBoot process: BIOS vs UEFI
Boot process: BIOS vs UEFI
 

Similar to Docker allocating resources

How Secure Is Your Container? ContainerCon Berlin 2016
How Secure Is Your Container? ContainerCon Berlin 2016How Secure Is Your Container? ContainerCon Berlin 2016
How Secure Is Your Container? ContainerCon Berlin 2016Phil Estes
 
Introduction to Docker storage, volume and image
Introduction to Docker storage, volume and imageIntroduction to Docker storage, volume and image
Introduction to Docker storage, volume and imageejlp12
 
An introduction to contianers and Docker for PHP developers
An introduction to contianers and Docker for PHP developersAn introduction to contianers and Docker for PHP developers
An introduction to contianers and Docker for PHP developersRobert McFrazier
 
Cloud read java with kubernetes
Cloud read java with kubernetesCloud read java with kubernetes
Cloud read java with kubernetesCesar Tron-Lozai
 
State of Containers and the Convergence of HPC and BigData
State of Containers and the Convergence of HPC and BigDataState of Containers and the Convergence of HPC and BigData
State of Containers and the Convergence of HPC and BigDatainside-BigData.com
 
Containers - Portable, repeatable user-oriented application delivery. Build, ...
Containers - Portable, repeatable user-oriented application delivery. Build, ...Containers - Portable, repeatable user-oriented application delivery. Build, ...
Containers - Portable, repeatable user-oriented application delivery. Build, ...Walid Shaari
 
From Monolith to Docker Distributed Applications
From Monolith to Docker Distributed ApplicationsFrom Monolith to Docker Distributed Applications
From Monolith to Docker Distributed ApplicationsCarlos Sanchez
 
codemotion-docker-2014
codemotion-docker-2014codemotion-docker-2014
codemotion-docker-2014Carlo Bonamico
 
Introduction to Containers and Docker for PHP developers
Introduction to Containers and Docker for PHP developersIntroduction to Containers and Docker for PHP developers
Introduction to Containers and Docker for PHP developersRobert McFrazier
 
Introduction to Containers and Docker for PHP developers
Introduction to Containers and Docker for PHP developersIntroduction to Containers and Docker for PHP developers
Introduction to Containers and Docker for PHP developersRobert McFrazier
 
Accelerate your development with Docker
Accelerate your development with DockerAccelerate your development with Docker
Accelerate your development with DockerAndrey Hristov
 
Accelerate your software development with Docker
Accelerate your software development with DockerAccelerate your software development with Docker
Accelerate your software development with DockerAndrey Hristov
 
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
Why everyone is excited about Docker (and you should too...) -  Carlo Bonamic...Why everyone is excited about Docker (and you should too...) -  Carlo Bonamic...
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...Codemotion
 
Build optimization mechanisms in GitLab and Docker
Build optimization mechanisms in GitLab and DockerBuild optimization mechanisms in GitLab and Docker
Build optimization mechanisms in GitLab and DockerDmytro Patkovskyi
 
Docker San Francisco Meetup April 2015 - The Docker Orchestration Ecosystem o...
Docker San Francisco Meetup April 2015 - The Docker Orchestration Ecosystem o...Docker San Francisco Meetup April 2015 - The Docker Orchestration Ecosystem o...
Docker San Francisco Meetup April 2015 - The Docker Orchestration Ecosystem o...Patrick Chanezon
 
Java in containers
Java in containersJava in containers
Java in containersMartin Baez
 
Introduction to containers a practical session using core os and docker
Introduction to containers  a practical session using core os and dockerIntroduction to containers  a practical session using core os and docker
Introduction to containers a practical session using core os and dockerAlessandro Martellone
 

Similar to Docker allocating resources (20)

Reviwe(docker)
Reviwe(docker)Reviwe(docker)
Reviwe(docker)
 
How Secure Is Your Container? ContainerCon Berlin 2016
How Secure Is Your Container? ContainerCon Berlin 2016How Secure Is Your Container? ContainerCon Berlin 2016
How Secure Is Your Container? ContainerCon Berlin 2016
 
Docker handons-workshop-for-charity
Docker handons-workshop-for-charityDocker handons-workshop-for-charity
Docker handons-workshop-for-charity
 
Introduction to Docker storage, volume and image
Introduction to Docker storage, volume and imageIntroduction to Docker storage, volume and image
Introduction to Docker storage, volume and image
 
An introduction to contianers and Docker for PHP developers
An introduction to contianers and Docker for PHP developersAn introduction to contianers and Docker for PHP developers
An introduction to contianers and Docker for PHP developers
 
Cloud read java with kubernetes
Cloud read java with kubernetesCloud read java with kubernetes
Cloud read java with kubernetes
 
Docker+java
Docker+javaDocker+java
Docker+java
 
State of Containers and the Convergence of HPC and BigData
State of Containers and the Convergence of HPC and BigDataState of Containers and the Convergence of HPC and BigData
State of Containers and the Convergence of HPC and BigData
 
Containers - Portable, repeatable user-oriented application delivery. Build, ...
Containers - Portable, repeatable user-oriented application delivery. Build, ...Containers - Portable, repeatable user-oriented application delivery. Build, ...
Containers - Portable, repeatable user-oriented application delivery. Build, ...
 
From Monolith to Docker Distributed Applications
From Monolith to Docker Distributed ApplicationsFrom Monolith to Docker Distributed Applications
From Monolith to Docker Distributed Applications
 
codemotion-docker-2014
codemotion-docker-2014codemotion-docker-2014
codemotion-docker-2014
 
Introduction to Containers and Docker for PHP developers
Introduction to Containers and Docker for PHP developersIntroduction to Containers and Docker for PHP developers
Introduction to Containers and Docker for PHP developers
 
Introduction to Containers and Docker for PHP developers
Introduction to Containers and Docker for PHP developersIntroduction to Containers and Docker for PHP developers
Introduction to Containers and Docker for PHP developers
 
Accelerate your development with Docker
Accelerate your development with DockerAccelerate your development with Docker
Accelerate your development with Docker
 
Accelerate your software development with Docker
Accelerate your software development with DockerAccelerate your software development with Docker
Accelerate your software development with Docker
 
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
Why everyone is excited about Docker (and you should too...) -  Carlo Bonamic...Why everyone is excited about Docker (and you should too...) -  Carlo Bonamic...
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
 
Build optimization mechanisms in GitLab and Docker
Build optimization mechanisms in GitLab and DockerBuild optimization mechanisms in GitLab and Docker
Build optimization mechanisms in GitLab and Docker
 
Docker San Francisco Meetup April 2015 - The Docker Orchestration Ecosystem o...
Docker San Francisco Meetup April 2015 - The Docker Orchestration Ecosystem o...Docker San Francisco Meetup April 2015 - The Docker Orchestration Ecosystem o...
Docker San Francisco Meetup April 2015 - The Docker Orchestration Ecosystem o...
 
Java in containers
Java in containersJava in containers
Java in containers
 
Introduction to containers a practical session using core os and docker
Introduction to containers  a practical session using core os and dockerIntroduction to containers  a practical session using core os and docker
Introduction to containers a practical session using core os and docker
 

More from Mohammadreza Amini

More from Mohammadreza Amini (7)

Docker discovery service
Docker   discovery serviceDocker   discovery service
Docker discovery service
 
Docker network
Docker networkDocker network
Docker network
 
Docker architecture-05
Docker architecture-05Docker architecture-05
Docker architecture-05
 
Docker architecture-04-1
Docker architecture-04-1Docker architecture-04-1
Docker architecture-04-1
 
Docker architecture(version modified)
Docker architecture(version modified)Docker architecture(version modified)
Docker architecture(version modified)
 
Docker installation
Docker installationDocker installation
Docker installation
 
Docker Architecture
Docker ArchitectureDocker Architecture
Docker Architecture
 

Recently uploaded

Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.YounusS2
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URLRuncy Oommen
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfDaniel Santiago Silva Capera
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024SkyPlanner
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...Aggregage
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 
Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxYounusS2
 
Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?SANGHEE SHIN
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesMd Hossain Ali
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdfJamie (Taka) Wang
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
Things you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceThings you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceMartin Humpolec
 

Recently uploaded (20)

Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URL
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 
Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptx
 
Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
Things you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceThings you didn't know you can use in your Salesforce
Things you didn't know you can use in your Salesforce
 

Docker allocating resources

  • 1. Presentation By: Mohammadreza Amini Amir Arsalan Autumn 2015 IRAN OpenStack Users Group Allocating Resources & Limitation Container
  • 2. Agenda Allocating Resources | Iran Community OpenStack.ir ● Docker Allocating Resources ● CPU ● RAM ● Disk ● Limitation Container ● Linux Capability ● Devices
  • 3. Allocating Resources | Iran Community OpenStack.ir Allocating Resources
  • 4. Allocation of resources to containers is especially important as containers are less isolated than virtual machines. A single runaway container can lead to performance issues and degradation across the entire host. In Hypervisors, VMs are normally allocated a fixed amount of CPU resources, RAM, and disk space, meaning that the applications will work within those set limits no matter the load to which the VM or application is subjected. Allocating Resources | Iran Community OpenStack.ir
  • 5. Allocating Resources | Iran Community OpenStack.ir CPU
  • 6. Each container is assigned a “share” of the CPU, set to 1024 by default. By itself, 1024 CPU share does not mean anything. If there is only a single container running, then it can use all the available CPU resources. However, if you launch another container and both containers have 1024 CPU share, then each container can claim at least 50% of the CPU resources. Allocating Resources | Iran Community OpenStack.ir
  • 7. CPU Allocating Resource Allocating Resources | Iran Community OpenStack.ir ● Share cpu $ docker run -ti -c 1024 ubuntu:14.04 /bin/bash ● Cpu period & quota $ docker run -ti --cpu-period=50000 --cpu-quota=10000 ubuntu:14.04 /bin/bash
  • 8. Allocating Resources | Iran Community OpenStack.ir Memory
  • 9. Memory Allocating Resource Allocating Resources | Iran Community OpenStack.ir ● Memory & Memory swap $ docker run -ti -m 300M --memory-swap 900M ubuntu:14.04 /bin/bash
  • 10. Allocating Resources | Iran Community OpenStack.ir Disk
  • 11. Disk space and read/write speed can be limited in Docker. By default, read/write speed is unlimited. However, if required, it can be limited as needed using cgroups. Each container is allocated 10GB of space by default. Allocating Resources | Iran Community OpenStack.ir
  • 12. Disk Allocating Resource Allocating Resources | Iran Community OpenStack.ir ● Base Size $ docker -d --storage-opt dm.basesize=20G ubuntu:14.04 /bin/bash More Details: https://github.com/docker/docker/blob/v1.2.0/daemon/graphdriver/devmapper/README.md#options
  • 13. Allocating Resources | Iran Community OpenStack.ir Limitation Container
  • 14. Allocating Resources | Iran Community OpenStack.ir By default, Docker containers are “unprivileged” and cannot, for example, run a Docker daemon inside a Docker container. This is because by default a container is not allowed to access any devices, but a “privileged” container is given access to all devices More Details: https://docs.docker.com/engine/reference/run/#runtime-constraints-on-resources
  • 15. Linux capability Allocating Resources | Iran Community OpenStack.ir More Details: http://linux.die.net/man/7/capabilities ● Add capability $ docker run -ti --cap-add=NET_ADMIN ubuntu:14.04 /bin/bash ● drop capability $ docker run -ti --cap-add=ALL --cap-drop=NET_ADMIN ubuntu:14.04 /bin/bash
  • 16. Devices Allocating Resources | Iran Community OpenStack.ir If you want to limit access to a specific device or devices you can use the --device flag. It allows you to specify one or more devices that will be accessible within the container. ● Devices $ docker run -ti --device=/dev/snd:/dev/snd ubuntu:14.04 /bin/bash
  • 17. Allocating Resources | Iran Community OpenStack.ir Any Question?
  • 18. Allocating Resources | Iran Community OpenStack.ir Stay in Touch and Join Us: ● Home Page: OpenStack.ir ● Meetup age: Meetup.com/IranOpenStack ● Mailing List: OpenStackir@Lists.OpenStack.org ● Twitter: @OpenStackIR , #OpenStackIRAN ● IRC Channel on FreeNode: #OpenStack-ir
  • 19. Allocating Resources | Iran Community OpenStack.ir Mohammadreza Amini Linux Administrator Mohammadreza@openstack.ir Amir Arsalan Python Developer Arsalan@openstack.ir Thank You