Revolution in software distribution called Docker


Y Soft: Technology Hour Prague, 25th Sep 2014

Before we start...

Did you upgrade bash yet?

$ env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
this is a test


  • JBoss Software Engineer
    • Cloud-related stuff
    • Docker
  • Fedora packager
    • yum install wildfly


  • Small intro to Docker
    • Why?
    • Comparison to virtual machines
  • JBoss and Docker
    • Current state
  • Demos
    • Basic demos
    • WildFly demos

Applications are complex


Different deployment environments



A project to manage containers

...and images


Yes, a lightweight operating system virtualization.

Virtual machines?

No, it's more lightweight.
VM (KVM, VMware)Container (LXC, Docker)
We need to run the whole OS to start the process.We launch processes directly, without botting the OS.

So, how this compares to a virtual machine?

It's completely different.

VM vs. container

Virtual Machine (KVM, VMware)Container (LXC, Docker)
HardwareSimulatedUses it (almost) directly
Supported OS'esAlmost anyOnly Linux
Startup timeSeconds to minutesMiliseconds
ScalabilityA fewSky is the limit (thousands)

Linux FTW!

Docker community...

  • GitHub
    • >1100 watchers
    • >14000 stars
    • >2700 forks
    • >660 open issues
    • >100 pull requests
  • Over 585 contributors
    • avg 17 commits / day
    • 90% are external
  • Many meetups all over the world

JBoss and Docker

Dockerized projects

  • WildFly
  • Keycloack
  • TorqueBox
  • Aerogear
  • Immutant
  • Nodyn
  • LiveOak
  • SwitchYard
  • ...
JBoss Docker site
Docker HUB with JBoss images
Docker HUB with JBoss images
Much JBoss


A few tips

I need metrics!

  • Use iptables for network
  • Parse /sys/fs/cgroup/ for everything else

/sys/fs/cgroup/ + gnuplot


I need to limit resources!

I need to do backup!

  • Files?
    • Use volumes
  • Data?
    • Use links

I need to access my containers!

  • Do you own the host?
    • Use nsenter (soon docker exec)
  • In other cases:
    • Run sshd inside of the container (boooo...)

I need performance!


  • CPU: native
  • Memory: (almost) no overhead
  • Network: no overhead with --net host
  • I/O: native on volumes