Container Hacks and Fun Images

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
ladies and gentlemen good afternoon hi my name is Scott Bolton I'm a writer for the new stack at the new stack IO we are coming close to the homestretch of this puppy how does everybody love dr. Cohn tell me I think this has shaped up to be magnificent so far the big theme that one of the things that I've heard a lot of people talking about is moving docker out of the development stage and into production I'd like to ask everybody here how many folks work for an organization right now that is using docker for production purposes you're not just filled out dev testing but the production purposes I'm seeing what looks to me by about a third maybe a little less than third about 30% of the audience that's pretty good how many of you folks have been using docker on your desktops for for container izing the apps you use every day a pretty good number I'm impressed with that how many of you have containerized powerpoints you give you give your presses on PowerPoint you run it in a container for the heck of it let's see it show of hands PowerPoint containers everybody one one and a half I'm hearing crickets okay and you're beginning to wonder what in the world is he talking about we're talking today with a lady who you probably have met who has an applause here who produces a lot of great docker container images for the heck of it for the education of it it helps her understand engineering better it helps her to improve the product it helps produce a better product for you and it produces the type of desktop environment I've always loved for 30 years the 2e how many how many people you use a 2e right now two three four the text user interface you're about to see one in action folks ladies and gentlemen I give you my good friend Jesse Frisell [Applause] okay so yes he said I'm Jessie Frizzle like a brief introduction of me would be I work for docker on the engine team we were also called core and before that also meta we have name problems I was a math major and a fun fact I've been banned from the Golden Nugget in Vegas so my backup profession would be like a professional poker player if this whole tech thing doesn't work out so we can start off kind of like an ordinary talk so if I was to give an ordinary talk I would use slides in Libre Office and you all may think that I am actually running Libre Office on my host right now but actually that is an alias for Libre Office in a container so we can look at the logs if you don't believe me and there's some weird errors but they don't matter that will be a common theme so let's open this thing okay so this is my talk except it's not really so it's gonna be basically how I run everyday things on my desktop in containers and like my typical setup what I use how things help me how I built these images in the first place because it wasn't exactly easy there's a lot of stress there's a lot of apt file searching for dot Essos because they're trying to load and they aren't there so yeah but first things first talking about how I can take my closet as Mariana showed in the keynote this morning I actually had the slide with the container story on it and I was like okay but yeah I like to containerize other things too this actually took a long time and it's already a mess again so yeah if anybody wants to just clean it up for me and so that's the end of that and that was really cool with the libre office one of the main things I did to make running these like containers on my hosts a lot easier was to create a ton of bash aliases so stupid Linux and the QR door Pete I have this file in my bash RC and so there's like just a few helper functions like relies on which what will see later with pulseaudio in a container and then every single file I mean every single container has its own function in this file they're in alphabetical order so if you just want to take fast look chrome cloud up document server firefox all these Clyde tools Hollywood H talk HTTP image Minh risky kernel builder Libre Office MPD mutts and yes which I'll show you later notified Oh SD which is your desktop notification daemon I actually put that in the container to pulseaudio which is usually your audio server that can be in the container remote desktop F Skype slack Spotify steam it keeps going forever so yeah basically to make my life easier today I'm not gonna type out all the docker run commands to show you these apps but you're gonna believe me because these are open source on github and you can go do it later and run it on your own has some also helper functions um things that you wouldn't expect when you're doing stuff like this is when you click a link and say oh I see you want it to open Chrome but chrome is also running in a container as is erisa so there are a few helper things you need to put in your X resources well did you guys know you were going to learn so much about Linux on the desktop this like URL launch or launch is a custom script I made that is just opening either Chrome or Firefox I had to change it because at one point chrome broke for me and it was like the worst thing ever if anybody has ever had to use Firefox and those guys chrome so this talk is gonna be a little bit different I don't know if that you guys are familiar but I kind of gave the exact same talk at container camp and since I figured most of the same people would be here I didn't really want to do a container repeat which I'm going to dub the phrase it's kind of like an outfit repeat but it's with containers you don't want repeat the same one so I already did that with leave her office and I'm like kind of upset about it so I'm gonna show you ones that I did not show in the other talk but if you are curious about the other talking you didn't happen to see it it's on YouTube so to mix things up a bit quite literally I'm going to launch Spotify which is also running a container believe it or not I have this like funky Spotify user ID that i always forget and have to copy paste because I don't want to login through Facebook and actually the reason why I containerized Spotify in the first place was healthy high power and I share 90s rap playlists so just prove that audio works so that was cool that's with mounting deb sound into the container yes it works basically out of the box let's see so I mentioned my notifications daemon runs in a container before and it's still running it actually starts on boot with a system D init file so I can show you all how that works by just sending a notification to it and there we go it's up in the corner and actually I even have it hooked up if we open that file again - oh I see it's shareist d-bus so it can send notifications to the notification Davids which also mounts d-bus and runs as me and you also have to like pass the whole like x authority so that do you bus knows that you're authorized it gets a little messy none of these are very clean that's why I kind of like not showing the commands and just doing the cool little alias that makes it look really easy yeah so some of the ways to actually build these because it's super fricking hard is like running strafe which will usually like fire off you know trying to read blah blah soo and then you're like well where's blah blah des oh so I actually ended up putting Apps file in a container so here I am in the container you can do like an opt file update which the internet sucks at the same time we can also just like see what's all running with each top in a container it spit host so it gets all the processes on my host but I don't have to install each top on my desktop and instead can use the container let's see the actual one of the hardest ones to containerize I think personally was Microsoft just recently announced that vigils studio can be run in a container aremy can be run on Linux which is huge because like my first internship I used visual studio I used all the tools I used to like ISS I put everything yeah so I'll show that after I show that you can search or like GLS oh I don't know if you guys are familiar with that file but it's like one of my favorite programs it's so cool so yeah so it shows you like what packages install that and then you can install it in the container so that it won't air but so Visual Studio there we go and that's also running in a container [Applause] a fun one that I really like is this program called Hollywood which basically just makes it so you can like take a picture of your desktop and it looks like you're doing a ton of so here's that that in a container yeah it would help if I could say I'm going to repeat one from the last time kind of sucks but Pro minute container is really awesome actually even Hangouts works but even cooler is OpenGL works with sound this is like a chrome experiment I guess so I mean it looks pretty good actually it looks really good on there compared to the last time I did this at a talk it looks really nice on mine because I have the nude sale so yeah I mean these all just seem like so normal to me that it's like weird to show recently I ended up putting pulsed audio in a container actually let me make sure I want to do that one next sorry nope I don't want to do that one next forget that if you ever wanted to play like a really old-school NES Nintendo game there is this github project which is super cool and it like loads old roms and you can play with it so I put that in a container and we can play which one just do I have it's all that there's doubt little did you know my entire talk was just gonna be good like going through containers like this um but really that's what we're doing yeah I mean I could play the game if you want but yeah that's pretty much it you can like load a ton of different wrongs in there - it just mounts of volume another fun one I'm like a huge fan of tour I think it's awesome in every single way and the easiest way to run tour without like setting up the routing yourself is through the tor browser it needs to like set up everything and there you it's pretty easy so then you could go to like you know Pirate Bay or something just kidding nobody does that also sometimes you know we got to test things on Windows so for that there's VirtualBox and you're thinking would like that makes no sense why would you it's running in a container and there's a VM in a container but yeah you can do it okay so this one takes a little love this is actually like pretty good that it's doing this now I can show you what happens let's make this smaller move it okay so the thing with the VirtualBox one is it needs this kernel module oops [Music] let's see if it starts again otherwise I can show you these really cool docker copy commands you have to do from the container to your house yeah okay cool ooh my nerve look I also don't have the video because I'd have to run the video in a container which we'll do later but yeah that would have been scary I run like nothing on my house but actually is a problem like at other conferences like when things don't work I'm like well I'm not gonna freakin install that so like Here I am and uh you know you know like VirtualBox with I mean this is Linux I probably should have said something else of it yeah pretty cool VM running in a container so now okay now we'll go back to pulseaudio so the pulseaudio server you can run on your own and then you can connect through it through like HTTP tcp connections which is cool because then it can be its own container one process and not like bundled into something like Skype sorry I have to like wait on the Skype for an exact time because you'll see what we're gonna do so and let's make sure that's running cool now I'm gonna bring up Skype which is also running a container and I'm linking it to the pulseaudio container so we have audio gonna login and so I mean I had this prearranged date with my best friend we would call her at 3:00 so we should probably do that need it to get a little bigger here and she's not on yet so we're just gonna have to wait no yeah we will wait for a second for her and we can do something else so the way you actually get video in a container is through mounting dev video 0 or whatever your liked video devices you can also like mount your printer through a device which is pretty cool you know if you don't want to install like cups on your house and cups is like the worst I don't know if you guys are very done Linux on the desktop like cups is like one literally the worst things ever I mean you'd think that they would have like figured it out by now but I guess no way prints anything anymore probably just like backs it to someone like there's the web I have no idea okay well we'll come back to it I don't know like where all my contacts went either okay no okay well in the meantime editing images in on Linux like the most popular one is so I put that in a container and like with most of these like I have a pictures folder that I just usually mount so I mean it makes it pretty easy but you can like basically do whatever you want and you don't have to install it on your host makes the world a much better place I don't know why but it does okay um let's see what else did I have Oh watching movies I personally use Plex and usually watch things through Chrome if I'm gonna do it on my computer but for fun we'll show VLC and okay let me open up a file here just kidding that folder does not name that and I mean the best movie ever hackers so yeah and obviously sound works okay so my friend had to take a break from work so I feel like that's probably what happened let's see yes I don't know what happened that's green sorry just need to like fill the void here so VLC also actually used pulseaudio links to sorry that was like really oh nice oh no my coworker we can call him the coolest thing would have been if somebody was not here also my sister bailed on me like five minutes before this oh there's also my friend so let's see if we can get she wanted to go to yoga instead cuz you know that's like more important than like her sister calling her in the middle of her presentation she's like my yoga class is literally from 2:30 to 3:30 there's no way this is gonna work out and most likely sorry let me just make this bigger or not I'll just it's like you're in here video on this is like way down here which is really awkward for Adele but yeah so video works sorry yeah there's that okay and so that was so lastly I recently wrote a blog post on how to route all your traffic through tour because tour is awesome so to go into that a little bit so the Tour browser when you spin that up in a container it creates a tour connection and then it actually like sets up everything for you as far as the browser connecting through that interface which is nice it like takes away almost everything but you know sometimes you don't want to use tor browser because it's kind of just like a forked firefox which I already said I don't really like so you want to use Chrome or you just like want everything like even the curl is on your host to go through a tour I don't know why but you know reasons so you can actually run tor on your host and set up routing through it or you could run tour in a container and then set up routing through the container so yes to go into that a bit more I have a fork of Tor and I created this docker file I mean I didn't show like most of the other docker files just because I don't think they're like all that interesting but we'll go into one of them in-depth just for the fun of it so the cool thing about the soccer file is I submitted it upstream so that they can also run their tests in it so it builds tor from source and it also builds tor from master so you might run into issues technically if you're running tour master it's the same as like running docker master it's fun yeah so it creates this tour user and everything tour is run by the tour user itself make make install puts all the files in the right places this tour RC is actually how we're gonna set up the redirects the DNS port is usually 53 but it's a little funky to try and do that and then redirect it in the container I was having some issues but if somebody wants to like fork this and fix it they totally can but it's easy just to route through that and you'll see the port for the transport is 90 40 which is like the standard tour court and yeah so then you're just starting the container on tour and using that tour are seat so we'll start that actually I'd want to do it differently we're gonna run it as net host because one the whole point is to redirect all our traffic if you wanted to run it in a like isolated networking environment you can do it but it would require since I run almost everything in docker containers I would have to link all of them rewrite the IP tables rules that docker itself writes which if you talk to any of the maintainer we're like we're not gonna support you when it breaks because that's just like playing with fire and I mean IV tables come on that's playing with fire in itself so yeah that's no fun it's a lot easier just to like a hijack your hosts honestly so it's going to bootstrap the connection cool so now it's all running and I have this neat little actually I'll go in a new tab okay clear out of this okay so to set up the IP tables our roles to redirect all your traffic I'll show you the script you have to do I keep tables is root so we're gonna redirect like first give owner tour ID some access to IP tables set up the redirect to the DNS port and to our host port 53 UDP then you can actually like give a set of things that you don't want to be routed through tor but like honestly I just feel like you might as well just do them all or else you're gonna forget and then set up all everything to go through the transport so if we run nats oops that's why I did that Wow okay so ignore that little bash fubar and then if we go to check so it's now running through tor and everything that I have will not be read by the NSA which is nice [Applause] so yeah any questions as far as like Linux on the desktop or container rising everything third row in front Hey so a couple of questions so I saw a lot of the apps around lost date whenever you restarted the apps so for example sky plotted sign-in and some of their apps Spotify you have to sign in so do you have to do that every time no like you can actually link with your hosts like you can mount a volume with like dot files or wherever they save their crap with your cache which is usually what I do with Skype I don't do that because I actually like never use Skype so it's just something else to manage and yeah honestly like it's pretty easy you just have to figure out where the files are and most apps it's like dot Skype or whatever yeah or dot cache slash or something follow-up question for the volumes thing so how do you deal with permissions for example permissions are different inside containers and containers done as different users it's a different user on your host and like when you're mounting volumes things can get a little messy yeah so like my skype container my Spotify container runs is like a spa file user it just takes like churning the files in an executive which sounds really nasty but there's really not much else you can do the thing is like if you mount the volume in the first place and it's empty it's gonna be owned by the user of that container because they're creating it so that's like I would say your best bet otherwise like if you're actually ones like that I create with my Jesse user putting them in a container you're gonna have to turn it it's gross but until we have like user name spacing or something there's not really a way to did it first off awesome awesome talk this was really cool I second can we please get you to check in your bash RC file because I went online I see the bash RC looks different no like that those are in my dot files repo not in the dockerfile repo itself perfect yeah give them what Jesse did you get any of your inspiration from using maybe the classic computers of the 1970s and 80s or is your experience did it begin beginning in with Linux so actually my grandpa was like one of the first computer scientists for Motorola so he has like all these old computers and he still uses them for like he's a little like two e's he uses for like ping bills and stuff and I'm like you know there's like very advanced apps now but he likes them and so I don't know I mean I like that kind of stuff I mean I'm a huge fan of two E's like half those GUI apps I don't use every day just because like I'd rather be in like a text user interface but yeah so I guess kind of I don't know I mean I just that that's that's the first time I'd heard about that I've met your grandfather and it was it was maybe at a conference maybe 20 years ago if I'm not mistaken but on my time but he was an inspiration let's see if we can get questions from the back here and any questions from the from the back section I don't I see a hand way back here one moment what's been the most difficult thing you've containerized and why so I kind of think it was the visual studio one mostly because like it didn't really come with any instructions it was just like you're running this file and I was like okay trace file and every single like a library or like dev headers that I have in that container like I had to figure out myself how to get there so I was actually gonna give like the Visual Studio One to Microsoft to be like here's an easy way to run it because I mean like technically if someone was just running it on their house they probably had all the headers that you need because it's very basic things but it's hard to start from nothing and just get better without it but yeah he's your window manager running and dr. know so that's something I actually want to do there have been attempts at this and it's quite complicated so Jerome who also works on our team he put you know like the X Server in a container and he was telling me to try it out but he was like before you do that you can't escape it so you might want to close everything else and then you're gonna have to like hard reboot your laptop because you can't get out of it so there are like some works in progress but nothing that I would consider telling anyone to run yes sir have you had experience in container izing two different apps that any different kernel configuration like CCT l1 with huge pages on and the other one wants huge pages off so how do you deal with that I haven't done anything we're like they conflict but so the VirtualBox one you saw I had to modprobe that thing there's that and the thing that sucks about that actually is like I had to copy all these files to my host to even install the kernel module itself which like it hurts me a little bit on the inside but then you can delete them afterwards except for the ko but yeah I mean I haven't really had one where it conflicts but I would probably just bash script it in the alias to like fix the things and then but would suck was I guess you couldn't run them at the same time so I had a question about the like for the graphical applications your vine mounting in like say dev sound and dev video but do you have to install like the drivers themselves for Nvidia or anything like that for running those inside the containers or do you just do you just need to bind about the actual devices and it just works as is yeah so with like basic movies you don't need to install anything like with all the ones where I mount dev sound you don't need like also utils or anything like that if anything that bit more because like it's gonna try to like load something and then like race condition with your actual host is bad so there's that but then like with chrome and the opengl thing I showed you need to have the same graphics libraries as on your house like the Mesa libs in the same version in the container for it to work that's specific to OpenGL though but it is like kind of a pain in the ass and it kind of sucks and NVIDIA is even worse because you could you will have like the exact same version in the container and on your house and it won't work and it's just because like Nvidia I mean I don't know there are ways to get it to work but it's like some sort of weird magical thing where you're just like I have no idea why this is working all of a sudden but okay yeah it's yeah doctor IQ we have a contestant in the back of the audience Souza and this is our last question well so we can turn and we can get our next group in thing well-dressed gentleman in the back could you please stand hey just know I'm Solomon hi big fan I I think we should make the tour routing container of a network plugin so that every app could just go through tour magically yeah yeah can you help us yeah [Applause] I don't I think we should go see the doctor Network maintain errs and try to hack it with us with what then I think it'd be cool yeah I was thinking that for sure to actually huh well folks this was fantastic I hope you had as much fun as here as I had I know sometimes you hear from conferences time and time again it's about the user experience I think how many of you are going to improve the experience back on your desktops right now by container izing everything you run let's see it container izing everything on your laptop this has been inspirational everybody I want to thank you and now a word from our sponsor I write for a publication called the new stack how many of you here I've been around long enough to remember having subscribed to byte magazine anybody been a bright magazine subscriber from the heyday of the 80s I love getting byte every month it reminded me of my place in the world and how brilliant the world was becoming and we're trying to reenact and resurrect some of that old spirit at the new stack with Alex Williams Sam Sherrington myself and a lot of other great writers were at the new stack IO we're putting together an electronic book series on containerization we're also looking for great new writers to help us out on that project people have had experience with containers anybody who wants to help out with that project please tweet my editor over here on the side Alex Williams at Alex Williams thank you very much everybody stick around we've got a great presentation coming up here on debugging we'll see you in just a few minutes thank you [Music]
Info
Channel: Jessie Frazelle
Views: 34,088
Rating: undefined out of 5
Keywords:
Id: cYsVvV1aVss
Channel Id: undefined
Length: 38min 49sec (2329 seconds)
Published: Mon Jan 15 2018
Related Videos
Linux bootcamp: From casual Linux user to kernel hacker - Part 1
Jessie Frazelle
6.6K
Learn Docker in 12 Minutes 🐳
Jake Wright
2M
The Trouble with FreeBSD
linux conf au 2017 - Hobart, Australia
128K
Tutorial: Building the Simplest Possible Linux System - Rob Landley, se-instruments.com
The Linux Foundation
318K
Container Performance Analysis
Docker
25K
Dockerfile Best Practices
Docker
45K
Hack everything: re-purposing everyday devices - Matt Evans
Linux.conf.au 2012 -- Ballarat, Australia
473K
The Tragedy of systemd
linux.conf.au
963K
Why I Use Docker for my Smart Home
Home Automation Guy
44K
VS Code Can Do That?! VS Code Tips and Tricks
Coding Tech
237K
How Do I Crack Satellite and Cable Pay TV? (33c3)
media.ccc.de
1.3M
Jessie Frazelle: "Breaking Containers: Chaos Engineering and Kubernetes" - Chaos Conf 2018
Gremlin
4.3K
DockerCon 2017 - Moby's Cool Hack Session
Docker
28K
Create your own Hacking Lab and Hack your first Machine! (Disposable Kali Linux)
Tech Raj
61K
DevSecOps : What, Why and How
Black Hat
45K
eBPF Superpowers
Docker
17K
The kernel report
linux.conf.au
68K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.