![Page 1: VIRTUELIZACIJA ILI KONTEJNERI - coming.rs · Virtuelizacija • 1960’s IBM S/360 Mainframes are the 800# Gorilla (Single user system designed for batch jobs • 1963 MIT Project](https://reader030.vdocuments.net/reader030/viewer/2022040714/5e1a72f52079c464e074535f/html5/thumbnails/1.jpg)
VIRTUELIZACIJA ILI KONTEJNERI
Razumevanje konceptualnih razlika
Darko IvanovićNetApp BDM | Alef Distribucija
04/2019
![Page 2: VIRTUELIZACIJA ILI KONTEJNERI - coming.rs · Virtuelizacija • 1960’s IBM S/360 Mainframes are the 800# Gorilla (Single user system designed for batch jobs • 1963 MIT Project](https://reader030.vdocuments.net/reader030/viewer/2022040714/5e1a72f52079c464e074535f/html5/thumbnails/2.jpg)
2
Major IT VAD in Central and Southeastern Europe
61Cisco Distributor No. 1
74
6
1994
1996
2002
2015
Prague / CZ
Bratislava / SK
Budapest / HU
Ljubljana / SI
2015
2015
2017
Zagreb / HR
Belgrade / RS
Bucuresti / RO
Current number of employees ALEF Group
345 246MFY18 Annual sales in EUR of ALEF Group
31Cisco Distributor No. 1
171
Cisco Distributor No. 1
Sales coverage fromCroatia to Greece
62
Microsoft Distributor No. 2
![Page 3: VIRTUELIZACIJA ILI KONTEJNERI - coming.rs · Virtuelizacija • 1960’s IBM S/360 Mainframes are the 800# Gorilla (Single user system designed for batch jobs • 1963 MIT Project](https://reader030.vdocuments.net/reader030/viewer/2022040714/5e1a72f52079c464e074535f/html5/thumbnails/3.jpg)
Jedna jednostavna ideja
je PROMENILA SVE(T)!
![Page 4: VIRTUELIZACIJA ILI KONTEJNERI - coming.rs · Virtuelizacija • 1960’s IBM S/360 Mainframes are the 800# Gorilla (Single user system designed for batch jobs • 1963 MIT Project](https://reader030.vdocuments.net/reader030/viewer/2022040714/5e1a72f52079c464e074535f/html5/thumbnails/4.jpg)
Pakovanje paste za zube iz 1873!
![Page 5: VIRTUELIZACIJA ILI KONTEJNERI - coming.rs · Virtuelizacija • 1960’s IBM S/360 Mainframes are the 800# Gorilla (Single user system designed for batch jobs • 1963 MIT Project](https://reader030.vdocuments.net/reader030/viewer/2022040714/5e1a72f52079c464e074535f/html5/thumbnails/5.jpg)
1896
“ WE COULDN'T IMPROVE THEPRODUCT SO WE IMPROVEDTHE TUBE. “
Colgate, 1908
![Page 6: VIRTUELIZACIJA ILI KONTEJNERI - coming.rs · Virtuelizacija • 1960’s IBM S/360 Mainframes are the 800# Gorilla (Single user system designed for batch jobs • 1963 MIT Project](https://reader030.vdocuments.net/reader030/viewer/2022040714/5e1a72f52079c464e074535f/html5/thumbnails/6.jpg)
Razlike…
![Page 7: VIRTUELIZACIJA ILI KONTEJNERI - coming.rs · Virtuelizacija • 1960’s IBM S/360 Mainframes are the 800# Gorilla (Single user system designed for batch jobs • 1963 MIT Project](https://reader030.vdocuments.net/reader030/viewer/2022040714/5e1a72f52079c464e074535f/html5/thumbnails/7.jpg)
Malo istorije… Virtuelizacija• 1960’s IBM S/360 Mainframes are the 800# Gorilla (Single user system designed for batch jobs• 1963 MIT Project MAC ($2M grant from DARPA)• 1967 Virtual Machines on the CP-67 using “CP (Control Program)”• 1987 Insignia Solutions “SoftPC”• 1997 Apple (Connectrix) “VirtualPC”• 1999 VMWare “VMWare Workstation”
![Page 8: VIRTUELIZACIJA ILI KONTEJNERI - coming.rs · Virtuelizacija • 1960’s IBM S/360 Mainframes are the 800# Gorilla (Single user system designed for batch jobs • 1963 MIT Project](https://reader030.vdocuments.net/reader030/viewer/2022040714/5e1a72f52079c464e074535f/html5/thumbnails/8.jpg)
Malo istorije… Kontejneri
• 1979 UNIX chroot (added to BSD in 1982)• 2000 FreeBSD Jails (filesystems, users, networks)• 2001 Linux VServer (VPS Solution)• 2005 OpenVZ (filesystems, users/groups, process tree, networks, devices, IPC)• 2006 Process Containers (Linux Kernel 2.6.24, limit CPU, mem, disk, network IO)• 2008 Control Groups (cgroups added to Linux Kernel)• 2008 LXC (LinuX Containers, CLI and language bindings for 6 languages)• 2011 Warden, CloudFoundry• 2013 LMCTFY, Google
![Page 9: VIRTUELIZACIJA ILI KONTEJNERI - coming.rs · Virtuelizacija • 1960’s IBM S/360 Mainframes are the 800# Gorilla (Single user system designed for batch jobs • 1963 MIT Project](https://reader030.vdocuments.net/reader030/viewer/2022040714/5e1a72f52079c464e074535f/html5/thumbnails/9.jpg)
Konačno… DOCKER IMAGE
![Page 10: VIRTUELIZACIJA ILI KONTEJNERI - coming.rs · Virtuelizacija • 1960’s IBM S/360 Mainframes are the 800# Gorilla (Single user system designed for batch jobs • 1963 MIT Project](https://reader030.vdocuments.net/reader030/viewer/2022040714/5e1a72f52079c464e074535f/html5/thumbnails/10.jpg)
DOCKER REGISTY
• Git Repo Semantics
• Pull
• Push
• Commit
• Hierarchy
• May be nested
DOCKER CONTAINER IMAGE
• NOT A FILESYSTEM
• NOT A VHD
• Basically a tar file
• Has a hierarchy
• Arbitrary depth
• Layered file system
• Top layer can be writable
• Fits into the Docker Registry
• May be nested
LINUX NAMESPACE
• Kernel Feature
• Restrict your view of the system
• Mounts (CLONE_NEWNS)
• UTS (CLONE_NEWUTS)
• uname() output
• IPC (CLONE_NEWIPC)
• PID (CLONE_NEWPID)
• Networks (CLONE_NEWNET)
• User (CLONE_NEWUSER)
• See also: privileged/unprivileged modes
• May be nested
LINUX CGROUPS
• Kernel Feature
• Groups of processes
• Control resource allocations
• CPU
• Memory
• Disk
• I/O
• May be nested
![Page 11: VIRTUELIZACIJA ILI KONTEJNERI - coming.rs · Virtuelizacija • 1960’s IBM S/360 Mainframes are the 800# Gorilla (Single user system designed for batch jobs • 1963 MIT Project](https://reader030.vdocuments.net/reader030/viewer/2022040714/5e1a72f52079c464e074535f/html5/thumbnails/11.jpg)
Primer…DockerFile
FROM centos:centos6MAINTAINER Darko Ivanovic <[email protected]>RUN yum –y install httpdEXPOSE 80ADD start.sh /start.shCMD /start.sh
$ docker build –t webserver .
FROM webserverMAINTAINER Darko Ivanovic <[email protected]>RUN yum –y install mysql-server phpEXPOSE 80ADD start.sh /start.shCMD /start.sh
$ docker build –t lampstack .
![Page 12: VIRTUELIZACIJA ILI KONTEJNERI - coming.rs · Virtuelizacija • 1960’s IBM S/360 Mainframes are the 800# Gorilla (Single user system designed for batch jobs • 1963 MIT Project](https://reader030.vdocuments.net/reader030/viewer/2022040714/5e1a72f52079c464e074535f/html5/thumbnails/12.jpg)
Razlike - Efikasnost
![Page 13: VIRTUELIZACIJA ILI KONTEJNERI - coming.rs · Virtuelizacija • 1960’s IBM S/360 Mainframes are the 800# Gorilla (Single user system designed for batch jobs • 1963 MIT Project](https://reader030.vdocuments.net/reader030/viewer/2022040714/5e1a72f52079c464e074535f/html5/thumbnails/13.jpg)
Razlike - Performanse
![Page 14: VIRTUELIZACIJA ILI KONTEJNERI - coming.rs · Virtuelizacija • 1960’s IBM S/360 Mainframes are the 800# Gorilla (Single user system designed for batch jobs • 1963 MIT Project](https://reader030.vdocuments.net/reader030/viewer/2022040714/5e1a72f52079c464e074535f/html5/thumbnails/14.jpg)
Razlike - Bezbednost
![Page 15: VIRTUELIZACIJA ILI KONTEJNERI - coming.rs · Virtuelizacija • 1960’s IBM S/360 Mainframes are the 800# Gorilla (Single user system designed for batch jobs • 1963 MIT Project](https://reader030.vdocuments.net/reader030/viewer/2022040714/5e1a72f52079c464e074535f/html5/thumbnails/15.jpg)
![Page 16: VIRTUELIZACIJA ILI KONTEJNERI - coming.rs · Virtuelizacija • 1960’s IBM S/360 Mainframes are the 800# Gorilla (Single user system designed for batch jobs • 1963 MIT Project](https://reader030.vdocuments.net/reader030/viewer/2022040714/5e1a72f52079c464e074535f/html5/thumbnails/16.jpg)
TITLE
![Page 17: VIRTUELIZACIJA ILI KONTEJNERI - coming.rs · Virtuelizacija • 1960’s IBM S/360 Mainframes are the 800# Gorilla (Single user system designed for batch jobs • 1963 MIT Project](https://reader030.vdocuments.net/reader030/viewer/2022040714/5e1a72f52079c464e074535f/html5/thumbnails/17.jpg)
Razlike - Bezbednost397 CALLS IN KERNEL 3.19
![Page 18: VIRTUELIZACIJA ILI KONTEJNERI - coming.rs · Virtuelizacija • 1960’s IBM S/360 Mainframes are the 800# Gorilla (Single user system designed for batch jobs • 1963 MIT Project](https://reader030.vdocuments.net/reader030/viewer/2022040714/5e1a72f52079c464e074535f/html5/thumbnails/18.jpg)
Tehnike izolacije
• SELinux / AppArmor• Secure Computing Mode• Container Nesting• Docker Auth Plugins• User Namespaces• Encrypted Filesystems• Address Space Layout Randomization (ASLR)• Hardware Security Features (NX, VT-d, TPM, TXT, SMAP)
https://insights.stackoverflow.com/survey/2019?
![Page 19: VIRTUELIZACIJA ILI KONTEJNERI - coming.rs · Virtuelizacija • 1960’s IBM S/360 Mainframes are the 800# Gorilla (Single user system designed for batch jobs • 1963 MIT Project](https://reader030.vdocuments.net/reader030/viewer/2022040714/5e1a72f52079c464e074535f/html5/thumbnails/19.jpg)
© 2015 NetApp, Inc. All rights reserved. NetApp Confidential – Limited Use 19
NetApp At A Glance
Enabling Enterprises to Protect and Manage Data Anywhere
Private Cloud
CLOUDINSIGHTS
SaaSBackup
Disaster Recovery
DevOps & Analytics
NetApp Kubernetes
Service
Object basedStorage
NetApp Private storage
StorageGRIDWebscale
CLOUDSYNC
NPSCollocation
Private Cloud / Service Provider Cloud xxx
ConvergedNon-NetApp Storage SolidFire
FlexArray / FLI
Max Data
Cloud
Volumes
ONTAP
E/EF-Series
FAS/ALL FLASHONTAP
NetApp HCI
StorageGRIDWebscale
Object Storage
ONTAPSelect
Cloud
Volumes
Service
ONTAP AI NFLEX
Backup & Archive
cloud.netapp.com
![Page 20: VIRTUELIZACIJA ILI KONTEJNERI - coming.rs · Virtuelizacija • 1960’s IBM S/360 Mainframes are the 800# Gorilla (Single user system designed for batch jobs • 1963 MIT Project](https://reader030.vdocuments.net/reader030/viewer/2022040714/5e1a72f52079c464e074535f/html5/thumbnails/20.jpg)
Hvala!