字幕表 動画を再生する 英語字幕をプリント COLTON OGDEN: Good morning, good afternoon, good evening, depending on where you are in the world. This is CS50 on Twitch. My name is Colton Ogden and I'm joined today by-- DAVID MALAN: David Malan, also of CS50. Good to see everyone again. It's been a while. COLTON OGDEN: Yeah, it's been a while. When was the last stream that you were on, do you remember? DAVID MALAN: Oh, it was good December. I think we've played Zelda last time. COLTON OGDEN: Oh, that's true. It was not as much of an educational stream as today. DAVID MALAN: It was very educational. COLTON OGDEN: We could say a little bit of game development stuff. DAVID MALAN: What game are we here to play today? I'm all set to accrue some points. COLTON OGDEN: It's a game called Docker. I believe it stars a whale of some kind and some boxes on top of them. DAVID MALAN: Indeed. COLTON OGDEN: We have a bunch of people that are in the chat already. DAVID MALAN: I see. A lot of people have tuned in already. Nice to see some familiar names. COLTON OGDEN: We're almost at the magic number of 50. We have 49 viewers currently. DAVID MALAN: Oh, and what happens after 50? COLTON OGDEN: Then we just get tons of-- just tons of money, just showered with money. Yeah, we have a lot of people in the chat. There's a lot of regulars. I shouted out a bunch of people in the chat, but thanks so much for everybody who's joining. Dan Nurell, Bavick Night, we have Belicures, Elias, Assly, Brenda, Mr. Frigg-- who I think is a new person. Kugie Snipers, We Be, ISO TV. I think ISO TV was one of the first people. DAVID MALAN: I'm impressed you can pronounce all these so easily. COLTON OGDEN: I've gotten a lot of practice at this point. M. Kloppenburg, thanks for joining-- another regular. For Sunlight, Suraton, GP Guy. We have an absolute ton of people. DAVID MALAN: Oh, we've got a first-timer here. 1Jacko0TS. I don't know. COLTON OGDEN: Oh, yeah, 1JackOTS. Thanks so much for the follow layout. They followed right before this stream as well. DAVID MALAN: Nice. Hello, Elasorsa. COLTON OGDEN: Elasorsa, yeah, that's a new person as well, and Adamantine Bipartite. What's up, David and Colton? What's up? That's the first I've seen that name. That's a long name. DAVID MALAN: Yeah, we've got a lot. Nice to see everyone here. COLTON OGDEN: Yeah, Amed Osman, and-- DAVID MALAN: Another first-timer from Adam. COLTON OGDEN: Yeah, M. Gonayni says hello. WhipStreak23, there we go, another regular. DAVID MALAN: 52. Oh, we missed the 50. We blinked and it was gone. COLTON OGDEN: We did, yeah. So what are we-- what exactly is Docker? That's what we-- we sort of spoiled what we're talking about today. It's not actually a game. DAVID MALAN: No, I'm sorry. So tune out now if you don't want to learn something really interesting, though technically. So Docker is containerization. COLTON OGDEN: Oh, wait. It looks like your laptop is not-- DAVID MALAN: Oh, we're not plugged in. Oh, user error, apologies. COLTON OGDEN: Sorry. Sorry, that's my fault. I should have-- DAVID MALAN: And if Colton is going to tell some jokes here for just a moment. COLTON OGDEN: Oh, man. I didn't have any. DAVID MALAN: Did you hear about the guy who-- I don't know. COLTON OGDEN: Who forgot to plug-in his dongle? DAVID MALAN: Yeah. Here we go. Let me go ahead and-- today's lesson will be about how to change your display preferences. Here we are going under Scaled so as to do 720p, which isn't actually a very high resolution, but for our purposes of streaming technical content, makes it all a lot more readable on the screen. COLTON OGDEN: Oh, look, Brian's actually on the chat. He says hello-- BrianU28. DAVID MALAN: Oh, nice. Please send all of your questions to Brian U, who is here from CS50's team. COLTON OGDEN: Yeah, Brian I'm sure knows a lot about Docker too. DAVID MALAN: So let's begin. Again, so Docker is containerization technology. But what does that actually mean? Well, let's rewind a little bit. Normally when you're running software it's on your Mac, or your PC, or your server, or somewhere else, and you have installed whatever operating system was installed when you bought it or when you first set it up-- Mac OS, Windows, Linux, or whatnot. The problem, though, arises in a server side environment where you want to run multiple applications. Like CS50 has a whole suite of web apps. We have the CS50 Sandbox, CS50 Lab, if you started tuning in to CS50X 2019. We have help50, and style50, and bunches more. So all of these apps have their own dependencies, like certain software, and libraries, and frameworks that they need. And frankly, not all apps need the same things. And so in yester year, only five plus years ago, we, CS50, used to have a centralized architecture for all of our web apps. We had what were called vhost servers, virtual hosting servers running popular web server software called Apache. And what we would do is we pretty much had to find the greatest common denominator among all of our apps and actually install on those servers every library and every piece of software that every app might possibly need. The problem, of course, is that eventually you run into incompatibilities. One needs this version, another needs that, and now you're just out of luck. And if something breaks in one app, it's not isolated from another, and so one app can take down the rest. So Docker ultimately is about isolating your applications from one another. COLTON OGDEN: And so it says on your web page there, what is a container? I'm guessing that the whale and the boxes on top of the whale are like a representation of this idea of containers? DAVID MALAN: Indeed. We can pull this up if I enhance this image up here. So Docker is a company that also makes and contributes to open source software, which is also called Docker. And indeed, you can see those little boxes represent those big-- we call them containers. That really big-- COLTON OGDEN: Shipping containers. DAVID MALAN: Shipping containers that tractor trailer trucks generally cart around. So it's actually pretty cute. The whale is instead the ship and it's holding up the containers, and it's really cute. If you want to go ahead today even, install Docker, at least on Mac OS, the first message that the software will print for you is, "We are whaley glad to see you." COLTON OGDEN: Wow, that's cringey. DAVID MALAN: A little bit, a little hard to say. But I should say, some folks out there might be familiar perhaps with virtualization software. For instance, has anyone used VMware, or Parallels, or other such tools? Those are-- COLTON OGDEN: That's certainly been around for a while, a long-- DAVID MALAN: A long time. COLTON OGDEN: Much longer than Docker has. And I know I've definitely used it quite a bit. DAVID MALAN: Yeah, and we use those too. But with virtualization software, or virtual machines, or virtual machine monitors-- bunch of different ways to describe essentially the same thing-- you would have to run, you could run, multiple operating systems on your same computer. Essentially, each OS in its own window. The problem with a VM or virtual machine is it virtualizes the entire hardware-- the CPU, and the memory, and the disk, and the files, and everything. So it actually is a lot heavier weight. You have a lot of redundancy. If you have Linux in your virtual machines, you have as many copies of Linux running and installed as you have virtual machines. COLTON OGDEN: So a Docker-- part of what Docker does is sort of mitigates that resource use on your machine? DAVID MALAN: Indeed. So I pulled this up in advance, one, to learn what Docker is, and two, to actually show some of the fun pictures that they have. That actually does paint a nice picture here. I think if we scroll down-- yeah, indeed. So here on the right-- this is just on Docker/resources/what-container. On the right, you see an artist's rendition of what a virtual machine is. At the lowest level you have your hardware, your infrastructure, like the physical servers. The blue bar above that is the hypervisor, a.k.a. virtual machine monitor, a.k.a. VMware, or Parallels, or other software too. And then on top of that conceptually you have maybe Windows installed, and Linux installed, and maybe Mac OS-- but Apple does not make that easy-- otherwise known as your "guest operating systems." And on those guest operating systems, you have your individual apps each running. So now if you look to the left, what seems to be missing, for instance? COLTON OGDEN: Well, there's no virtual machines separating the apps. They're all running in sort of the same bucket, which is the container as applications arrow. That's what that's referring to? DAVID MALAN: Yeah, exactly. Yeah, each of those apps is a containerized application, which means each app is using Docker. Docker is now the software beneath them that makes all this possible. And notice, you only have one operating system. So you run, for instance, Linux or something on your own based computer, and thanks to Docker, can you now share just one other operating system, if you'd like, across all of those applications. And moreover and most excitingly, if all of those apps-- A, B, C, D, E, F-- are all running Ubuntu Linux Version 18, well, then what you'll have is one base installation of Ubuntu. And if app A and B need slightly different software, they're just going to be layered on top. Docker supports what's called a "union file system." So if we both have apps that we've written using Linux but I need a library called Foo and you need Bar, we'll share the same base layer. But for you, Docker will layer Bar on it, but for me, Docker will layer Foo on it, but still have that commonality underneath. COLTON OGDEN: And if we both need two different versions of Ubuntu, does it do similar types of things? DAVID MALAN: It does. You go a little lower level, but then each of us has our own copy of Ubuntu-- 15, or 16, or 18, or whatnot-- and then, yes, those are isolated from each. COLTON OGDEN: Pretty cool. Yes, so it sounds like in factors out a lot of the bulk, the unnecessary bulk associated with running multiple VMs. DAVID MALAN: Indeed. COLTON OGDEN: I know we definitely have a bunch of messages here. DAVID MALAN: Well, let's catch up on these. COLTON OGDEN: Some people have definitely talked about Apache in hear. And people are asking, "What is Docker? I wear Dockers." They think it's a clothing brand. I'm trying to do this in code recover-- 55 people. DAVID MALAN: There we go. This is what we'll be talking about today. COLTON OGDEN: CS50 fashion. For Sunlight asks, "Is it a simulator or an emulator?" And they're talking about Docker. DAVID MALAN: It's technically neither. It is, in and of itself, its own technology. Yeah, I mean it's closer I think to a virtual machine than to either of those. Where those are implementations truly in software of just one specific runtime, but emulator is pretty close to virtual machine. There's just a little more sophistication I think under today's VMs, because you're virtualizing an entire architecture and the operating system on top of it. COLTON OGDEN: And they're saying, "David sure is fun." DAVID MALAN: Oh, nice. COLTON OGDEN: So we're going to get all the views today. "Left looks like hosted VM and the right is a type one VM," is what For Sunlight said on the screen there. "I'm trying to see CS50 offline, but it needs Docker. Could you at some point this video explain?" DAVID MALAN: That's a perfect segue way, actually. Let me-- just so folks can play along at home, if you would like, I'm not sure Colton and I alone can provide technical support for everyone who wants to try this. But if you Google "Docker download," odds are that will lead you to this page, Docker.com/get-started, and it's actually pretty straightforward to get Docker up and running on your machine. So what we did in advance of today is-- I'm using a Mac right now. You can click on "Download for Mac." That's going to take you to a longer, harder to pronounce URL. And if you scroll down here, you'll see a number of different versions of Docker, for instance, Docker Desktop, and you can scroll through. Follow these instructions here and actually go about getting this up and running on your own Mac. And it looks like-- let's see here. Looks like they're going to make you download-- you've got a log in these days, because they want to get your email address. Then you can go ahead and download Docker for Windows, or Mac OS, or Linux for free. So feel free to do that behind the scenes if you'd like to play. COLTON OGDEN: Cool, cool, awesome. You can use Windows Education if you can get that through school-- talking about Windows. "If you use Windows, you need the Pro version of Windows." DAVID MALAN: Oh, maybe. COLTON OGDEN: Does that have anything to do with CPU virtualization? I know that's something that-- DAVID MALAN: No, it probably has to do with licensing, honestly, and charging more for the fancier support. COLTON OGDEN: I know Windows Education is very, very generous. "Windows Education is greater than Windows Pro." "Is Docker used for web apps?" says Adamantine Bipartite. DAVID MALAN: It can be. Docker is agnostic to what you do with it, which means that you can run any type of software inside of a container, inside of Docker, which is the very specific product we're talking about. So yes, in fact, all of-- is this true still? I think every one of CS50's web apps is in fact "Dockerized" or "containerized" to say it more generically. So, yes. COLTON OGDEN: And then we have some other apps that are not web apps. Is check50 in Docker? DAVID MALAN: check50 is also Dockerized, yeah. COLTON OGDEN: That's the CLA. Oh, and do we want to point people to the CS50 docs? Do we have a CS50 docs report? DAVID MALAN: Sure, let me pull that up. So I'll zoom in on this URL. If anyone wants to see some of CS50's own documentation, you can go to CS50.readthedocs.com. COLTON OGDEN: I plugged it in the-- DAVID MALAN: Nice, Colton just pasted it into the chat. And you'll see documentation for all of our stuff related to Docker and more. And in fact, I'll pull these up very specifically soon, but someone mentioned the offline IDE earlier. If I go ahead and scroll down to-- let's see here-- CS50 IDE at the bottom, you'll see a mention of offline, and these instructions will walk you through the process of starting to get your own IDE up and running locally. To be fair, there's a little bit of complexity, and I definitely plan to get more comfortable with Docker as you do that, because you can do quite a few more things with it as well. COLTON OGDEN: [INAUDIBLE] a server on it. "Is it better installing Docker to a dedicated server or using a CLOD instance, which is a VM, also like more layer? What would be better in the context of performance?" DAVID MALAN: Oh, anything running on bare metal, so to speak, without a virtual machine, is going to give you somewhat better performance, because you've got to pay some price for having the virtualization. With that said, it's a little annoying to install thing on bare metal, so to speak, these days, because if something goes wrong or you want to reinstall, you have to wipe the whole thing. Whereas, installing things on a VM isolates it from everything else. So it really depends on your own. I would not be worrying about performance just yet. If you're just trying to learn Docker and you want to experiment, do what is easiest. And honestly, do it on your own Mac or PC, assuming the hardware in your version of the OS will support it. COLTON OGDEN: "Docker is a PaaS or IaaS? DAVID MALAN: Docker enables IaaS, which is a funny acronym these days for infrastructure-as-a-service. These are things like AWS, Amazon Web Services, or Microsoft Azure, and Google Compute Cloud, but it really is a piece of software you can use on your infrastructure so as to do anything higher level. Platform-as-a-service is something like Heroku. Docker is not a web application like Heroku is. It's lower level, so it's related more to IaaS. COLTON OGDEN: And then, "Would Docker containers be a similar concept to Ubuntu Snap?" DAVID MALAN: Sort of. I don't know too much about Ubuntu Snap. We're still just using app to get install and such on our setup. But my understanding of Snaps is that it's a cleaner way to distribute individual software packages. Correct me if I'm wrong. Docker and containerization more generally is about containerizing an entire operating system and everything therein. So it's probably fair to say that Docker is a bigger product. Whereas, Snaps, I think, are more isolated to individual client side app-- well, not even client side, individual pieces of software. Containers give you a whole environment. COLTON OGDEN: I think we're all caught up on all the questions here if you want to maybe start diving into some documents. DAVID MALAN: Yeah, absolutely. So let's go ahead here and let's get started. So here, again, on Docker.com/getstarted is where you can probably download this for yourself if you would like to play along. But I think it's perhaps most fun if we just dive in by way of example, see what's going on, and then actually understand hopefully how we built these various tools. COLTON OGDEN: Sure. DAVID MALAN: With CS50, we have a few different use cases for Docker. We run all of our web apps using Docker in the following way. We write our web app locally on our Mac or PC. We push our code to a GitHub repository or any repository. We then automatically build the code installing anything we want, but we do this by way of what's called a "Dockerfile." It's just a text file, which is a configuration file, that just specifies line by line what pieces of software do you want this application to need, and therefore install for you. So why don't we go ahead and take a look. Why don't we go ahead and open up a terminal window here, and I've gotten another one ready to go when we get to another topic too. And I'm going to go ahead and run Vim, which is a command line text editor here. And I'm going to go ahead and open up a file called Dockerfile. Actually, let's do this. Let me go ahead and make a directory called Twitch just so that we have somewhere to work. I'm going to go ahead and now run Vim on Dockerfile. So I've just got an empty file in which I can do really anything I want now. Now, you would only know the syntax for Docker if you actually read the documentation or followed along here at home, and I'm going to go ahead and say something like, "From Ubuntu 18.04." From, I've capitalized. That's a Docker command. Ubuntu is the name of a Docker image, a snapshot in time of some base installation of Ubuntu. And the colon 18.04 means that's the specific tag. So Canonical, the company that makes Ubuntu and the whole ecosystem out there that uses Linux, installed for us into a file Ubuntu with a whole bunch of packages and specifically tagged it, this is a release 18.04. What that means is that my own application, whatever it is I'm building here, is going to be based on Ubuntu 18.04. So let's go ahead and run Docker and see what happens. If I go ahead first and run Docker and type PS, I'll see all of the containers that are running on my Mac, which at the moment are none. I don't actually see anything. Docker itself is running. On Mac OS, I can see this here with the logo in the top. And this is where the menu is, and you can see Docker Desktop is running. If you're on Windows or Linux, your menu is going to look different. It's going to be somewhere different altogether, but the fact that it's running is a good thing and that's why I was able to run Docker PS. It queries the underlying server software. I'm going to go ahead now and say go ahead and Docker run a specific image, and I'm going to go ahead and-- actually, no, sorry. I'm going to go ahead and build my current image and say go ahead and build this thing here called dot, which is my current directory. COLTON OGDEN: This is in the Twitch folder. DAVID MALAN: This is in my Twitch folder. So there's really nothing interesting going on here yet, because all that file had, the Dockerfile, was that one line. But notice what happened. So as soon as I ran that step one of one was from Ubuntu 18.04, Docker went ahead and pulled, so to speak, from its library of free images and installation of Ubuntu. That image happens to be broken down, and you only know this by looking at the results, into four layers, so to speak. I mentioned a union file system before, so odds are one of these layers is like the very first pieces of software that are installed by Ubuntu. The next layer, it goes on top of that, then the third, then the fourth, and each of those has additional packages or files most likely. COLTON OGDEN: Would it be accurate to say one of the first two layers would be like the kernel of the operating system? DAVID MALAN: Yeah, most likely. COLTON OGDEN: And that's probably or less the same amongst-- well, I don't know if it'd be the same amongst versions of Ubuntu. DAVID MALAN: It depends. We'll see a bit more of this when I add to the Dockerfile in just a moment. We'll see exactly what each of these lines corresponds to. So this is just the SHA-256 hash, which is like a big seemingly random string that uniquely identifies this version of the image. You'll see that my status was successful. It downloaded a newer image, because I didn't have any for Ubuntu 18.04, and it successfully built this hash. So these are the last, what, 10 or 12 characters of a longer SHA-256 hash that uniquely represents now my application. I'm in a Twitch folder. If I type LS, the only file I have is Dockerfile. So I've got nothing interesting in this folder yet, but I now have a unique image that I can now run. So I am on Mac OS. Let's see if we can see this. If I do you name, you'll see that I'm running Darwin, which is the code name for Mac OS. If, though, I do Dockerrun-IT-- and I'll come back to some of the command line arguments later, that particular unique identifier. Well, let's cross our fingers, and oh my god, I now am inside of Linux running on my Mac. Now, I feign surprise. I kind of knew or hoped that would happen, but indeed, if I type LS now, you'll see a whole bunch of folders that are not on your Mac or your own PC. They are now local to this container. And so curiously, excuse me, I seem to have this base in the Linux file system, but you can actually mount files from your own Mac inside of this container. So let me take a step back. I'm going to go ahead and do I think Exit, which gets me out of that. Now, if I type you name I'm back in Mac OS. And if I type LS now, there's my Dockerfile and none of those blue folders are actually there. But if I do this, and I'm going to have to remember the syntax, if I do Dockerrun-IT-v.: let's say MNT for mount-- don't quote me on this just yet-- and then paste in that image. Nope, volume name is too short. Let's see. No, maybe it's capital V? Nope. Dockerrun, OK, we're going to run Dockerrunhelp to see how to mount. Volume, find and mount a volume, mount directory-- David's blanking on how to do this properly. Let's go ahead here and do this once more. Dockermount-- damn it. No. COLTON OGDEN: That's part of the fun of the live coding stuff. DAVID MALAN: Yeah, this is not what I wanted to do. Volume name is too short. OK, so here, folks, we're going to do Dockermountdirectory, since I have essentially aliases for all of these things. Yeah, -v. That's what I want to do. So here, folks, we're going to introduce you to a website called Stack Overflow. That's what I wanted to do. Oh, I might need to do a fully qualified path. No, let's try this again. Sorry, folks. COLTON OGDEN: Oh, so Adamantine Bipartite, Elasura, and Gigantorex911, thank you very much for following, appreciate it. DAVID MALAN: Oh, very welcome. So let me go ahead and try this-- Dockerrun-v/mount and now -IT, and then this image. COLTON OGDEN: Nice. DAVID MALAN: I'm sorry. It's just I think I needed the fully qualified path and not the dot, so that's just me being stupid. Apologies. So now, what does this actually mean? If I type LS, because I'm now back inside of that Linux environment, all seems to be fine. But if I go into this MNT directory, which is a Linux convention for a folder in which you can mount stuff-- a CD, a hard drive, a folder, or whatever-- and type LS now, you'll see that that file from my Mac is inside of the container. COLTON OGDEN: That's pretty cool. DAVID MALAN: Which is neat, because now I can use Linux on my Mac but still access my files, any of my Mac actual files. COLTON OGDEN: Yeah, that's a nice thing that some VMs have a little bit of issue with sometimes too. DAVID MALAN: Yeah, and now funny enough, let's try this. Now I'm inside of Linux. I'm going to go ahead and run Vim. And uh-oh, what happened to my Vim? COLTON OGDEN: Yeah, I guess it's not a default program in Ubuntu, at least 18.04. DAVID MALAN: Yeah, exactly. It doesn't seem to come with at least the base image that the folks out there have created for folks to use with Docker. So on Linux, if you're unfamiliar, you can do apt-get install and then something like Vim to install software. Unfortunately, it doesn't even have the cache of local packages, so in this world, you do apt-get update and that should now download from Ubuntu's web servers or CDN and all of the latest indexes of the software that's available. COLTON OGDEN: So like a DNS server almost? DAVID MALAN: Not so much DNS. It's a package manager, apt, and it's-- COLTON OGDEN: Because it almost puts a DNS on your machine that then allows you to get your package using a name sort of, maybe? DAVID MALAN: I wouldn't conflate it with DNS, honestly, because I think it goes a little too low level. This is like Windows Update or the app store, just checking what the latest software is, honestly, that's available. So now if I do apt-get install Vim, you're going to see a whole bunch of crazy messages, because Vim needs all these dependencies. Do I want to continue? Sure. I'll type y for yes, hit Enter, and now inside of this Linux container inside of Docker, I now have just installed software. I'm going to go ahead and clear my screen just to get rid of this distraction, and I'm going to go ahead and do Vim now, and viola, now I'm running Vim. COLTON OGDEN: Nice. DAVID MALAN: But notice this. If I hit Escape and quit out of Vim, which itself is kind of a feat sometimes, and now I go ahead and Exit out of the container, rerun the container, and run Vim, it's gone. COLTON OGDEN: So it's ephemeral. DAVID MALAN: It is, at least in the way we've configured Docker. Now I have a pristine, clean environment. COLTON OGDEN: Interesting. DAVID MALAN: Both a good thing and a bad thing. If you want it to be isolated from everything else, you now have a deterministic starting point. Bad in that, oh my god, that just took like two minutes. Now I have to do it all again. So how do we do it again? Well, let me actually exit out of Docker, and in Mac OS-- just to be clear, here's Darwin-- I'm going to run Vim, which is already installed by Apple for me on my Mac. I'm going to open that Dockerfile, and now we're going to create another layer. So this From command gives me a base layer with all the default Ubuntu software. Now I can go ahead and do this, run apt-get install Vim, but I need to be a little smart about this, but not yet. Save it. Now I'm going to do Dockerbuild. To build my current directory, and you'll see "unable to locate package Vim." COLTON OGDEN: Do you have to do the apt-get update first in here as well? DAVID MALAN: Yeah, exactly. So we'll see that this return to nonzero code. Like my build of my container didn't work, so I'm going to go ahead and open that Dockerfile again. And I'm going to do apt-getupdate, and then run apt-getinstallVim. COLTON OGDEN: Can you do like a semicolon space and then apt-getinstallVim or will that work or something? DAVID MALAN: You can. So let's come back to that, because I specifically want to see these two runs for just a moment. COLTON OGDEN: Sure, OK. DAVID MALAN: So now I'm going to go ahead and save that. Let's clear the screen and rerun Dockerbuild.-- cross our fingers. You'll see it's doing more work when you build the container now, and you only have to build your containers once. Unfortunately, it failed again. COLTON OGDEN: Because it looks like it's asking for a yes or no and I don't know how it would know how to get that input. DAVID MALAN: Yeah, exactly. This is meant to be an automated process, and yet here I am just expecting it to know yes from no. So it turns out-- you would only know this by reading the documentation or the man page-- if you actually say dash y you can proactively say just say yes to any questions that get asked. So let's go ahead and save this, clear the screen, Dockerbuild. And now notice what it didn't have to do a moment ago. Notice that it's immediately trying to install Vim, but notice that on this line, runapt-getupdate, it's using the cache this time. And that cache has a unique hash identifier, which means all of that work we did last time we do not have to do again because we baked it into a layer. COLTON OGDEN: So some stuff will be ephemeral and some stuff will sort of be saved? DAVID MALAN: Exactly. Anything you put in your Dockerfile will persist by way of the file system layers you are effectively creating. Let's go down to the bottom and you'll see successfully built. And all the stuff above refers to Vim having been installed. Now, this unique identifier is different from before. The other one, I don't think, started with F9. So now this is a new image on my Mac. So I'm going to do-- if I can get this right, forget the directory-- Dockerrun-v for volume, userjharvardtwitch:mount-- but you can mount it anywhere inside of Linux if you want-- -IT-- for reasons we'll come back to-- and then this new hash. Enter. I seem to be inside of the root account of Linux. Indeed, I am. Now, let's go ahead and run Vim and it's there. COLTON OGDEN: It's preinstalled, that's cool. DAVID MALAN: And now if I quit, exit out of the container, rerun the container, top random again, now it's persisting. COLTON OGDEN: Nice, solved that problem. DAVID MALAN: Indeed. COLTON OGDEN: I'm assuming we can do a lot more complicated stuff than install Vim. DAVID MALAN: Yes, you can build entire applications, but notice this. Suppose now that I didn't quite appreciate what I was doing and I did Dockerbuild. Oh, maybe I need to build my image every time. Uh-uh. Notice, but done. COLTON OGDEN: It's all cache, because it was in the Dockerfile. DAVID MALAN: Exactly, and you can see here that every time we had a run command-- step one, step two, step three-- we got a new identifier for that layer. And so every one of these run commands or in a few others in Dockerfiles, gives you a new layer that just keeps getting layered on top, and top, and top. COLTON OGDEN: Would you want to ever make those changes not persistent, for example, maybe it fetches remotely a library that could change day to day? DAVID MALAN: Yeah. Short answer, yes. And the best way to explain that-- how best to do that? COLTON OGDEN: If it's too complicated, we don't have to. DAVID MALAN: No, no, you can. Let me show-- let me give a teaser of something. We'll perhaps see a bit more later. Implicit in a Dockerfile is this last line here, and I might be getting the specifics a little off. Is essentially this-- command bash. So by default, if you don't specify a command, the Docker container is just going to spawn bash, which is a shell that is an interactive prompt for you. You can override that. So you could do something like, by the way, at the very last minute, do apt-getinstall-yFoo to make sure you have the very latest version of Foo, and then go ahead and run bash. That would be one work around to that that comes to mind. COLTON OGDEN: Interesting. DAVID MALAN: Indeed. COLTON OGDEN: Let's make sure we didn't miss any-- DAVID MALAN: Yeah, let's catch up on any questions. COLTON OGDEN: That was really good though. DAVID MALAN: Thank you. COLTON OGDEN: We have a bunch of stuff up here. We're just trying to figure out where we left off. I think this is roughly where we left off. "So are LXC containers something similar to Docker Container?" DAVID MALAN: Yeah, LXC is just another approach to containerization. It's not Docker, it's just a different technology, but that too is quite popular. COLTON OGDEN: Sigmund Penney is saying "LXC is paravirtualization, if I'm not wrong." And that's a word that I've never seen before. DAVID MALAN: Yeah, there's some differences, and I'm not good at appreciating the differences here. I think, frankly, Docker has a really nice and user-friendly ecosystem, which is just why I personally gravitated toward it early on. COLTON OGDEN: ZB is saying, "If you're an Inception fan, you can install Linux Subsystem for Windows, and then add Docker to that." DAVID MALAN: That's right. And then you can run Windows, and Linux on top of it, and Linux on top of, inside of that, and even Linux inside of the Linux in Linux, but you have to start hacking around to make that possible. COLTON OGDEN: And then your computer will just not function. DAVID MALAN: Yeah, just that's bad. No need to add too much overhead here. COLTON OGDEN: Blah, blah, blah. They were saying, "no problem." I think you were apologizing when you had-- DAVID MALAN: Well, no. Let me scroll up here. COLTON OGDEN: Oh, I'm sorry. DAVID MALAN: The blah, blah comment. Docker volume create-- I didn't want to create a volume. To be clear, I wanted to mount an existing directory on my existing Mac into the container. But that is another way-- maybe you're actually responding to the other goal. You can create persistent volume so that everything in /temp, or /userlocal, or whatnot actually does persist on your Mac and gets remounted every time. COLTON OGDEN: Several times I've seen that. "The first few lines for running Linux." DAVID MALAN: Yeah, indeed. COLTON OGDEN: "Use nano, fi is the default." DAVID MALAN: We could try it. Wait, here we're getting-- try Nando. Sure, we'll try this. So I want to go ahead and just run Dockerrun again with this command, nano. I'm sorry, it's not installed. VI now is, because it came with Vim. COLTON OGDEN: Does it have-- does Linux Ubuntu have any editors that come with it by default? DAVID MALAN: Well, it depends what you mean. Distributions of Ubuntu-- distributions of Linux come with different packages. COLTON OGDEN: I guess it's layer then is what I-- I guess more technically? DAVID MALAN: So short answer, no, and let me pull this up in just a second. The image that's made available by Canonical or whoever for Docker is by design super, super small. Honestly, if you have a server side environment, the goal of which is to isolate the app from every other, no human should really be SSHing into that container and doing anything with a text editor. To be fair, probably every one of us, if you-- [INAUDIBLE] have done this before. But you're just wasting bytes and megabytes, and just by installing Vim, my god, you're slowing down the build for your server side application. Probably doesn't need to be there by default. That's all that's going on here. COLTON OGDEN: It makes sense. DAVID MALAN: If you download and install Ubuntu on a CD, you're in ISO, then odds are it, yes, has a text editor. COLTON OGDEN: I think Adamantine Bipartite was saying, way up above, that they were doing all this CS50x stuff. They're working on the final project. So that's pretty exciting. DAVID MALAN: Nice. COLTON OGDEN: And then someone else was saying that they were-- DAVID MALAN: Almost there. [INTERPOSING VOICES] DAVID MALAN: Catching up, good. COLTON OGDEN: "Probably the hardest one," says Adamantine. He's referring to Pset5. They're saying, "Just a package manager was apt-get." "Can we see the GUI in Docker?" says For Sunlight. DAVID MALAN: There isn't really a GUI here. You could certainly run in Docker an operating system that then has a Window Manager, like Xfce or something else with Gnome or something on top of it. I don't have an X server installed. So even though we could install all that requisite software, I couldn't-- without wasting some time-- pull up an actual GUI, but you could do it. But for the most part, Docker is not about giving you a pretty user interface. It's about giving you an isolated installation of some OS and some app. COLTON OGDEN: "VI versus Vim, I don't know the difference." I'm guessing they're just version differences probably? DAVID MALAN: Vim is VI improved. So it's like the new and improved version of VI. And mostly, they're-- VI is typically alias effectively to VIM, so you wouldn't notice the difference anyway these days. COLTON OGDEN: Devin is saying Neovim is Vim. More-- DAVID MALAN: More [LAUGHS]. COLTON OGDEN: A person like VS coder, Adam, [INAUDIBLE] from the Netherlands. DAVID MALAN: OK, we're getting a little distracted by text editor debates here. COLTON OGDEN: Oh, I think Soupman was saying you don't want to separate the commands into two layers, referring to there are two run commands-- DAVID MALAN: Yeah, and that's actually true. And I mentioned this earlier when you proposed as much. If I go back into my Dockerfile, I probably don't want to decouple the updating of my sources list from the installation, because those really should be happening both together, so that when I've updated the list, I'm installing based on that list. So I'm actually going to pull this up onto the first line and do something like and, and. This is better than typically doing something like this, because and, and-- these are two separate commands. And, and it's going to ensure logically that this whole line will only succeed if both the left command and the right command succeed from me. COLTON OGDEN: Oh, it's like short circuit logic in programming, same thing. DAVID MALAN: Yeah, exactly. So this would be a better way. And it also creates one layer, couches the layer itself is going to be a little bigger. But for installation of software, that tends to be the best practice. COLTON OGDEN: "Streams more users than a super stream." Cool, that's good. The educational content is successful. DAVID MALAN: I don't know. I kind of miss playing Mario Brothers. I thought we were playing Excite Bite today. I was led to believe that. COLTON OGDEN: Yeah, that's like the old carrot on a stick. "I finished spellcheck today. I think it's just examining your programming way of thinking. Nice Pset-- DAVID MALAN: Nice, congrats. What was that one up here? "I personally--" COLTON OGDEN: I personally struggled a lot with recover. Took a break. DAVID MALAN: Oh, C Primer Plus book. Oh, nice. So you finished Speller. That's pretty quick actually, that's great. COLTON OGDEN: "You want to show off how layers work?" says Sigmund Penny I think. Maybe one of the next things to talk about? Or the entry point. DAVID MALAN: Entry point, yeah, that's actually a step before the command. COLTON OGDEN: And I think you read off this question. DAVID MALAN: Yeah, we did that. COLTON OGDEN: Can we access the container? DAVID MALAN: Hi, from Peru. HI, FROM THE US in all caps. Hello. COLTON OGDEN: Diggivolts, "I just installed an Ubuntu VM using VMware on my machine. Should I have used Docker instead? DAVID MALAN: Good question. So just to read it a little more slowly. "David, I just installed an Ubuntu VM using VMware on my machine. Should I have used Docker instead?" It depends. If you just want to have Ubuntu available to you and persist all of its state and just be like a locally installed operating system, no, the VM is perfectly fine. That's what we used to do back in the day. With that said, I personally have transitioned to using containers for everything. They start nearly instantly. , Whereas, a pain in the neck years ago to run VirtualBox or VMware on my own Mac or PC. So there's less overhead with Docker, which is super, super compelling. And in fact, in a little bit I think we can demo a tool that CS50 built called CS50CLI, Command Line Interface, which, Adam, is perhaps the solution to your problem or your interest there. Whereby, we can just run a command, CLI50 enter, and voila, you're running Linux within a split second on your Mac. And I go in and out of Linux all the time on my Mac thanks to that tool. COLTON OGDEN: And are you-- you're typically doing most of your actual development in Mac probably, right? DAVID MALAN: On a Mac using Linux, yeah. Honestly, and why? Let me-- why, someone asks on there. I like Macs in terms of the user interface. They're just pleasant to use. It talks to your iPhones and whatever other devices you have, so it's kind of a nice environment. The hardware is great, but all of our software runs on Linux. I prefer the Linux environment. I'm not such a fan of Darwin just because of conventions that they have. And so you kind of get the best of both worlds this way. I still use my own terminal window on the Mac, but inside that window is Linux. So David the human uses Macs, and David the programmer uses Linux. COLTON OGDEN: So you're not as inclined to use a VM to get the Ubuntu interface as much, because you have the Mac interface? But the actual development-- DAVID MALAN: Yeah, I don't care about-- COLTON OGDEN: --actual development without needing all the overhead of a full VM? DAVID MALAN: Yeah, I don't care for Gnome or any of the other window managers. They just don't solve any problems that Mac OS doesn't. COLTON OGDEN: "How do you edit your sources.lists without an editor to install an editor?" DAVID MALAN: Oh, without an editor? So theoretically, you should not have to update sources.lists, because by default from Ubuntu you should have a list of all of the URLs via which you can get the standard distribution of Ubuntu software. So apt-getupdate should update your cache of URLs essentially, and of package names, and versions. An apt-getinstall will then install those. You're only in a bind if you have no text editor and you want to install third party text editor that's in some other repository for which you have to edit your sources.lists file, in which case the easiest approach is just install Vim, or nano, or Emacs, or whatever from the standard repository and then go and edit the file. But honestly, if you're comfy with Linux, or learn a bit more about Linux command lines, or really this is bash command lines, you can do something like-- let me go back into the VM. KAT@capt-- what is it-- sources.D? No. Sources.lists? Yeah, here it is. So here's a line for-- let's not do the security line. Let's do the more generic one up top. So all of these lines here just refer to where can you get from Ubuntu's archives more software. You could do something like this, echo this string onto-- this is the append operator-- the end of @captapt-- what did I call it-- sources.list and hit Enter, and that would concatenate onto the end of the file exactly that string. And with very, very high probability will something like echo or KAT be installed, because they're either built into bash or they're part of the core utilities that are installed. COLTON OGDEN: Looks like Sigmund has a very similar suggestion here. "Small Linux version named Alpine, which docked like five megabytes, if I don't remember incorrectly." Alpine Linux, are you familiar? DAVID MALAN: Yeah, I know a little bit about it. Five megabyte-- yeah. No, there's super small distributions of Linux. We have not bothered with that, because, frankly, we want access to some of the more popular packages. And honestly, Debian and Ubuntu just have so much momentum these days that anytime software comes out for Linux it's almost always packaged for the deb format, so we just use that and the whole ecosystem that comes with it. So we actually pay the price of bigger images, but it just makes our lives easier. We don't have to compile software from source just to get it up and running. COLTON OGDEN: True. Totilla Worthing, "Main advantage of Docker, it compartmentalizes what runs on it separately as contrasted with the heavier overhead of a VM." DAVID MALAN: Yeah, absolutely. Yeah it's-- yes, much, much less overhead, which is pleasant. COLTON OGDEN: Lilia Viavaras, who I believe is on Facebook is joining us. DAVID MALAN: Hello. COLTON OGDEN: This is the first time she's joined us on Twitch, so hello, Lilia. DAVID MALAN: Welcome aboard. COLTON OGDEN: Good to have you. DAVID MALAN: Yeah, exactly. So this commenter here, Sigmund, "Alpine is very small, yes, but it does not contain glibc I think." I'm not sure about that, but I believe you. "And a lot of the regular Linux software is not supported." Absolutely on that last point, for sure. COLTON OGDEN: GX Evolves, "Does Harvard provide lecture videos for all of their CS courses?" DAVID MALAN: Not all, no. Relatively few are online. Harvard's Extension School does provide some others. If you want type maybe www.extension.harvard.edu, but there is tuition for those courses. There's relatively few free courses available at the moment via Open Courseware for free. COLTON OGDEN: Neils has to say, "You're famous. Thanks for your passion." DAVID MALAN: Oh, that could be about you. COLTON OGDEN: I think that's about you. "The whole school isn't free," which Adamantine was saying, which is that what you just said about the extension stuff. "You're the guy who lectured about scalability-- love that video." DAVID MALAN: Oh, nice. I like that one too. And let's check out CS75. Yeah, 75 and 76 are getting a little old, to be honest, but I would certainly check out-- if you go to ed-- actually, can I type a URL here too? COLTON OGDEN: Yeah, sure. DAVID MALAN: So if you go to edx.org/CS50, you can see all of CS50's currently available sites and see what's available for free there. So just getting us set up for the next bit. So should we actually transition maybe to CLI50, partly for Adam's sake, for instance. COLTON OGDEN: Yeah, sure, let's do that. DAVID MALAN: So if anyone wants to play around with something that's a little more accessible perhaps, let me suggest that you go back to CS50's documentation, CS50.readthedocs.io. And if you look at the menu for CLI50, command line interface 50, this is just a Python script really that we wrote that makes it easier to run Docker commands. And honestly, this is why I forgot how to run the command before, because I always use this, which to be fair, I wrote. So I knew it at one point, just not 20 minutes ago. So here, if you follow these instructions, you can install CLI50 yourself, but per the documentation here, step one and two, you're going to want to install Docker first and Python 3.6, because both of those are dependencies of CLI50. But what I love about this tool, if I may say so myself, is that we use it all the time to actually develop software and work in a Linux environment with, honestly, without having to type these crazy long commands that clearly I can't remember. So I just run CLI50 anytime I want to run a Linux environment, and viola. There's a little more output here, because what's going on? You'll see that, one, by default, it's using the latest tab called "latest," which is the Docker convention, pulling from CS50CLI. You don't have to name your images using weird hashes. You can give them more descriptive names. So our image is called CS50/CLI, and I'll pull that up in a web browser soon. Here's my crazy long hash for it. It doesn't have to pull anything, because it's up to date, because I got my laptop ready before the screen. There's some port mapping going on here. We very often do web development inside containers, and I want to make sure that inside my container, if I have a web server, it's accessible on my Mac or PC. So these are port mapping. So if I have a server running inside the container on 8080TCP, I mapped it pseudo-randomly to 32,773, and then I can actually have multiple web apps on my Mac all running on port 8080 inside the containers, but exposed, so to speak, to my Mac on different ports, which is great for development purposes. COLTON OGDEN: Which is pretty cool, yeah because then you can test within your Mac. You don't have to worry about testing within the Linux environment. DAVID MALAN: Yeah, exactly. You'll see one of the first features we made was a print out this string. This is CS50CLI. I also changed the default directory in CS50CLI, and changed the prompt a bit, and we preinstalled a lot of software in advance so that it's all just readily available to you among the Vim here. So why don't we see fast forward now. Let me show you the Dockerfile for CS50CLI. COLTON OGDEN: Sure, let's take a look at it. DAVID MALAN: So all of these images are freely available, as is Docker, and Python, and everything else we've been talking about. If I go to-- let me find my image-- Docker Hub, so if you've go to hub.docker.com/r, for repository, /CS50, you'll see all of CS50's free Docker images. And if you pick the one called CLI, you'll see this interface here. There's not too much you can do on Docker Hub other than see what images are available. But what's cool is that here you can actually see the Dockerfile we made for this image. Now, it's a little cryptic-looking and we don't have to go all into the details, because a lot of this is just Linux stuff, not Docker stuff, but you'll see the following, "This image does not inherit from the Ubuntu image." It actually inherits from a parent image CS50 makes called "base image," which is a generic layer we use across all of our images. More on that in a moment. User and arg, these are just lower level details. Let me wave my hand at them for now. Expose is relevant though. This is saying go ahead and expose those three ports to the outside Mac or PC, just like Cloud 9 on which CS50IDE is based, so that we can mimic CS50IDE on our Macs and PC. By default, so just like an Alpine, not all software comes by default, same on the Ubuntu Docker image. You don't even get the man pages by default, because they're blacklisted to save space. That's not good for us pedagogically, so we go in and put them back, essentially, by way of this line by unexcluding something that was excluded. So now we're doing some really funky stuff here using some Linux commands to make sure that we are reinstalling them. This is a little more obvious. Here we have now a run line that spans multiple lines in Linux. If you do a backslash and then hit enter, it's not going to move you to the next command. It's going to let you finish your thought on the next line. So all those backslashes just mean this is a really long apt-getinstall line. And you'll see-- there it is-- Vim and dozens of other programs that we, or a couple dozen other programs, that we use as well in the class. COLTON OGDEN: Much cleaner than having them on one massive line. DAVID MALAN: Yeah, it's just unmaintainable. Here now, we use a lot of JavaScript stuff in the class. No JS internally, not in the class pedagogically. But I wanted to install these tools here, one of which we do use in CS50. HTTP server we use in the middle of CS50 to run your own HTTP server literally. We have a few gems in Ruby that we tend to use in CS50's various platforms, so we preinstall those here. COLTON OGDEN: A lot for markdown it looks like. DAVID MALAN: Yeah, all markdown related to a lot of our text-based websites. Here are some Python packages, some related to Amazon Web Services. These are just comments I made to myself, frankly, so I remember what these lines do. COLTON OGDEN: Some of our own tools there too. DAVID MALAN: Yeah, you can install our tools for free-- help50, render50, submit50, and others via pip, which is Python's package manager. COLTON OGDEN: under50 is a pretty cool tool. DAVID MALAN: I do. We could do a whole session on that one, how to make PDFs. COLTON OGDEN: Actually, that'd be pretty cool actually. DAVID MALAN: You can see that I have my notes to self temporary. There are bugs or missing features in some of the software that's open source that we use, so we fix on specific branches or tags sometimes so that we can mitigate any of those issues. And then lastly, you just can see that I'm installing some files, config files. We don't have to go poking around too much. But here, this is my favorite feature. We have a message of the day, which every day is, "This is CS50CLI." And you can see I'm using that echo trick. I'm echoing a string, "This is CS50CLI." And this time I'm just blowing away the file, if it's even there, so that the only message of the day, MOTD, is that particular file. And then lastly, just like on Cloud 9, we're adding J. Harvard to the [INAUDIBLE] giving it admin privileges as well. COLTON OGDEN: Pretty cool. DAVID MALAN: So that escalated quickly, to be fair, but this was after weeks or months of sort of realizing, oh, we need this too, or oh, we should add this and build, and build, and build. And let me just real quick open up base image, the thing on which it's based. So we use CS50 base image for check50, for all of our web apps, for CLI50, and I think one or two other things as well. And that just has even more common software, like Clang, and cURL, and Git that we want across all of CS50's usage of Docker. We just factored it out like good design. COLTON OGDEN: Yeah, and altogether it's not that monolithic. DAVID MALAN: No. No, and it's a pretty nice hierarchy. That's what this is. We're making a family tree. CS50 base image is the root. We then have CS50CLI. We've got another called CS50 Server, which you can perhaps pull up later, and then we have a few others that are a little leaner for efficiency. COLTON OGDEN: And no more vhosts. DAVID MALAN: No more vhosts. That's what we've gotten rid of. We used to have a pair of servers, two servers, running Apache and an old version of Linux that, honestly, is still on like Ubuntu 12 or something. COLTON OGDEN: Something like that, yeah. DAVID MALAN: That's the problem too. If you want to update your operating system, you have to put your entire server at risk. Because God forbid something goes wrong, you've just screwed up your whole system. So with containers, they are disposable. If I screw up a container, no big deal, exit, rerun it, and I'm back in business. COLTON OGDEN: So for folks to play in web apps, this is probably the future of most companies trying to deploy their business on-- well, at least if they're on-- well, probably even on AWS too, right? DAVID MALAN: Yeah, I think for the foreseeable future. Not necessarily Docker specifically, but LXC was mentioned earlier. Containerization-- and I'm sure humans will come up with something better after that. But yeah, these are kind of replacing what were virtual machines for some time. And in fact, a lot of people are running virtual machines on bare metal and then running Docker on virtual machines. And if you're using AWS, Azure, or Google, you're running on VMs by definition of how they run their architecture. COLTON OGDEN: It seems like good damage control, like you were talking about. DAVID MALAN: Yeah, for sure. COLTON OGDEN: GX Evolved looks like they're also asking about CS550, CS161, 121, and 124. DAVID MALAN: That might be a typo. No such thing as CS550. CS161 is operating systems. Is available through Harvard's-- might be available through Harvard's Extension School. CS121 definitely is. That's introduction to theory in CS. And CS124 definitely is. That's introduction to algorithms and data structures. Those are at www.extension.harvard.edu, but they're not free. You would have to pay tuition, but you do get a transcript and course credit. COLTON OGDEN: And they're not-- CS50 hasn't produced those courses. Those are other instructors. DAVID MALAN: Other instructors, other groups, yeah. COLTON OGDEN: Surotons says, "I have to go." Actually, they're probably already long gone at this point. But if they're still in the stream, thank you very much for tuning in, appreciate it. "What sort of cost is this," says Adamantine Bipartite, "to make the CS50IDE available to everyone for edX and Harvard?" DAVID MALAN: It's a good question. It depends on how many people are using it. And we're actually in the process of transitioning to AWS, because Cloud 9 was recently acquired by Amazon itself. So ask that question again in a few months when we have a better sense of what the new architecture is like. COLTON OGDEN: Yeah, because they're saying, "Even if using Docker, it seems like you must maintain a massive infrastructure." DAVID MALAN: Yeah. It definitely depends on the number of students, but thanks to the cloud, it can grow and shrink as needed. COLTON OGDEN: And ME4L mentioned just what you just did, saying that it's not quote unquote "The CS50IDE per say. Underneath the hood, at least, it's actually provided by Amazon, called Cloud 9." DAVID MALAN: Yes, not Cloud 0, Cloud 9. Indeed, it's an open source tool that is hosted now by Google and also now by Amazon instead that we have layered pedagogical features on top of. COLTON OGDEN: Sigmund was asking, "Do you have any resources in creating the base images of Dockerfiles?" And we took a look, certainly, at our own base image. I don't know if there's more you'd want to add to that. DAVID MALAN: Yeah, honestly, they're a little complicated in that they have a week's worth of thought and effort in there for additional software. But honestly, you're welcome to just look at CS50's Docker images. All of them are here at hub.docker.com/u/CS50. And I said r earlier. I wonder what happens if we visit the repository version. Oh, yeah, that works fine too. It redirects, so they're fine. You can see all of our images here. And honestly, the easiest one to start with is probably CLI. Just ignore anything you don't understand, and exclude it from your own Dockerfile, and just take those baby steps. And each time do Dockerbuild. to actually run it in your current directory. Just a quick tour here, server we use for all of our web applications. Whereas, CLI is for command line only. CS50check, this is the base image-- not documented, it's done, it's just not documented, hence, the to-do-- that we use for check50 on the server. If you want to see that works, base image I just pulled up. Sandbox is used by Sandbox.CS50.io now, and I'll pull that up in a second. IDE is used by the new version of the IDE offline. MySQL, we actually have our own image of MySQL just so that we can fix it on a specific version, but it's not our software. It's just our image. Travis CI is something we've used with Travis CI, which is a continuous integration deployment technology. SMTP is our own SMTP server, and that's it. There's not too much here. And in fact, Sandbox, if you go to Sandbox.CS50.oi-- and actually, do you mind pasting that in? COLTON OGDEN: Sandbox.CS50.io? DAVID MALAN: That's, yeah, CS50's new platform for quick and dirty programming, and it is based on Docker 2 and a company called Cordova that runs the servers. You can see in our Dockerfile everything that is installed on here. This is still a work in progress, which is why that to-do is there, and at the moment, because of the way it's configured, we don't have lines of complexity in the Dockerfile. We instead do this. We copy a script called CS50.sh into temp. We then run that script and then remove it. So you would actually have to look at our GitHub repo for this, which is also open source. And if I go into CS50/sandbox on GitHub, you'll see this file, CS50.sh, and here you can see what is just a bash script with all of our apt-get lines. So the only difference here is there's no run lines, there's no command or entry point. So don't confuse the two, but this is all the lines that install for you, all the stuff you see for free on Sandbox.CS50.io. COLTON OGDEN: Cool, really cool. DAVID MALAN: It's amazing. Back in the day, and still now, and it's still very popular, you have things like Chef and Puppet. These are tools via which you can orchestrate your servers and preinstall software, but it's like this script here. CS50.sh just bootstraps your setup and installs manually all the software. But there's no caching, there's no layering, so Docker is just kind of a better version of these scripts that have emerged over time. COLTON OGDEN: They're trying to save as much time as possible and the tedium of getting all the stuff up and running. DAVID MALAN: Yeah. COLTON OGDEN: Essentially, it looks like that's what the goal is, a lot of it. DAVID MALAN: No, and you can freeze the image, which is amazing. You can make your images freely available or even privately available so people can just do Dockerpull, and pull down your image for free. COLTON OGDEN: Yeah, super cool technology. It makes it really easy it looks like. DAVID MALAN: How about this one? "Is GitHub Pages, similarly to Heroku, a container-like Docker?" No, it's not. I am pretty sure that GitHub Pages is just the fancy word for a CDN, Content Delivery Network, specifically hosted by a company called Fastly.com. I believe F-A-S-T-L-Y. And that is just a static service for hosting static web pages, which is exactly what GitHub Pages is. So there's no need for any computation. That is all a disk-bound service. COLTON OGDEN: "Do you have any reseources"-- OK, that was what we just read, sorry. "Was what Google's plan, containerize browsing or something everyone-- everything for on the client side?" They did something like that. It was sort of related to I guess WebAssembly. DAVID MALAN: Maybe. COLTON OGDEN: I think Rob was doing some research on it at one point. DAVID MALAN: I don't know the specifics, but I do think that's the future. Because, honestly, Mac OS, Windows, and Linux are all a huge mess right now in terms of the security model. When you install software right now, consider on your Mac or PC, you're prompted for admin privileges at which point all bets are off. That product you just downloaded, free or not from the internet, can do anything it wants on your computer. That is a horrible, horrible design that we've been stuck with for decades. So any attempts toward containerization on the client side is most likely a very good thing. COLTON OGDEN: Yeah, sounds like it'd be pretty cool. "World domination," says Andre, "that's Google's plan." [LAUGHS] DAVID MALAN: And in fact, it used to be, "don't be evil," but that's not even the plan anymore. COLTON OGDEN: Oh, yeah. DAVID MALAN: So be evil. COLTON OGDEN: Be evil. Maybe see a question. "How is this different Cloud 9, Google Cloud, AWS services?" says Bevick. DAVID MALAN: Docker is a-- well, Cloud 9 is a web-based IDE that happens to be hosted typically in the cloud on some service. Google Cloud and AWS services are more similar to each other. Microsoft Azure as well would be in that bucket. Those are infrastructure-as-a-service, but they also have platform-as-a-service stuff, and frankly, they have software-as-a-service stuff, but Docker is a piece of software that you can use on those architectures. In fact, if I can share a screen here, AWS Elastic Beanstalk is a service that Amazon makes available. Similar in spirit to Heroku, but it's Amazon specific, and Elastic Beanstalk lets you run Docker containers on Amazon's virtual machines on Amazon's bare metal, their physical servers. So when I develop an app on my Mac in a container-- I can test it, and run it, and play with it locally-- I can then just push that container essentially to AWS Elastic Beanstalk. Amazon then runs the exact same image, which is extraordinary, because it means what I am running on my Mac is going to behave, theoretically, exactly the same way it's going to behave it on the cloud. Years ago what used to happen, if you and I were collaborating and we had our vhosts, our central servers, I would have to tell you, oh, Colton, go ahead and install Vim, install Apache, install these libraries. Each of us has to agree to install the same things or we have to Chef, or Puppet, or Vagrant, or other tools that facilitate that. Docker just hides all of that and you don't have to worry about touching your Mac, nor me, mine. COLTON OGDEN: Cool, yeah, it definitely seems like it saves a lot of time and energy these days. DAVID MALAN: Kurbernetes is also an alternative to this, very popular in Google circles as well. COLTON OGDEN: "They're all based on Ubuntu. I meant more like scratch." I'm not sure if that's-- DAVID MALAN: I'm not sure what's that a response to. COLTON OGDEN: Yeah. "I think you need a base image," says BennyBlanco87. DAVID MALAN: Mm-hmm, you can make your own base image, but I think most people don't do that. You just start with some distro you like. COLTON OGDEN: Oh, yeah. And he said right here, "You can create one just like the Ubuntu, the image is maintained." Yeah, because the maintenance is probably a big thing. Doing something to maintain it actively probably more safe bet than doing something from scratch. DAVID MALAN: Yeah, let me pull up an answer to this question, the Ubuntu based image. So here we are on Hub.Docker.com again, /underscore. Underscore is the official images that come from Docker itself, /Ubuntu, and you'll see this here. And you'll see that they have a crazy number of-- well, no. Not as crazy as it used to be. They have-- COLTON OGDEN: It's not as crazy. DAVID MALAN: --only a few supported tags these days. I was using 18.04 and there's some synonyms for those there. And here you can see a lot of documentation, probably some instructions in here on how they made these images. And you can keep reading what is Ubuntu for folks who are a little new to it. Yeah, here we-- oh, here we go. "This image is built from official route FS, file system, tarballs provided by Canonical, specifically those images there." So it looks like you can dive deeper into how you make these images if you really want. So that's available too. COLTON OGDEN: Cool, yeah, if you wanted to go a little bit deeper dive. Do you think most people would have a reason to do something like that? DAVID MALAN: To bank your base image? COLTON OGDEN: Yeah. DAVID MALAN: I probably wouldn't bother. COLTON OGDEN: Yeah, probably too much. DAVID MALAN: I mean, the base images are already pretty trim. So unless you really want to customize things, it's probably not necessary. COLTON OGDEN: TwitchHelloWorld's asking, "I'm confused by the term 'base images.' Is it documentation just to remind you what is in it or is it functional as in setting up the files and/or folders in the containers?" DAVID MALAN: It's a little more like the latter, the second thing you proposed. It is one or more layers of software that you want to install into a container is perhaps the best way to say it. COLTON OGDEN: Sort of like the bootstrap, the foundation, upon which to build your-- DAVID MALAN: Yeah, it's harder to create a base image than it is to create child images. We have created child images. They're a one-liner, where we just said, "From Ubuntu 18.04." And then our two-liner where I installed Vim, or three-liner when I installed apt-getupdate and then installed Vim, and CLI50, which is much longer as well. COLTON OGDEN: Is it accurate to think of base images sort of as like the operating system and child images as being the actual applications built on top of that? I'm sure there are-- DAVID MALAN: The child images include additional software. The base image includes minimally the operating system itself. The child images contain more stuff, to be technical. COLTON OGDEN: "I recommend Docker Compose also when you've learned the basics of Docker and want to have a very nice wrapper interface." DAVID MALAN: Yeah, let's come back to that, because we too use Docker Compose for our web applications, especially when we have multiple servers, like the web server and also a database server like MySQL. So let's come back to that. COLTON OGDEN: Cool. Ademantine Bar, "I'm liking Docker. I might use it." Lance Maker, "Is it secure to install lots of files this way? In your computer, is the Docker image sealed from the environment?" DAVID MALAN: Secure? I don't know what you mean by secure. If someone has physical access to your computer or can SSH into your computer, they can get at anything that's in the image. They can just run the image just like I did with run-IT and then the tag name. So let me say no. There's nothing about Docker that we've discussed that's any more or any less secure than any other files on your computer. COLTON OGDEN: "You can make the containers privilege, and they can then have access to your host network, et cetera," says Sigmund Penny. DAVID MALAN: Oh, well, if we answer the question from the other direction, when you're running that container, theoretically it should not be able to access the host system, the Mac or PC, unless you mount inside of it, as we did eventually, one or more directories. But, yes, there's also privilege mode, which gives the container even more access to the host OS, like networking ports, and so forth, and more. So you should assume, honestly, any software you're running on your computer can potentially break out in the case of bugs or exploits. COLTON OGDEN: Sure. It makes sense. "Using persistent storage, shared volumes between the host and the container, those files can then be change from within the container." This is essentially what you just said. "Will Docker be faster than a VM on my local machine?" DAVID MALAN: I would say most likely, but there's probably some factors that could refute. But generally, a VM is a little heavier weight. It's doing more work to run your software. Whereas, Docker and tools like it are leaning more on the host OS. COLTON OGDEN: "Docker isn't designed to use a single container from heavy processing. It's designed to be a cluster like the diagram we looked at before." Is that accurate? DAVID MALAN: Well, that was the original intent, honestly, but increasingly it's being used for isolation. And so, yes, there's this notion of microservices where you have a bunch of different pieces of software that you've implemented-- one for your web server, one for your app server, one for your email server, one for your database server, and whatnot. And in CS50, we kind of do that. We separate out our web app from our database, but we don't use microservices. Honestly, I find, in many cases, certainly for small applications, it's just over engineering the problem, and it's nice to just bundle everything up in one container. Frankly, a lot of cloud services just make it easier to get one container up and running as opposed to multiple, however, you can with Elastic Beanstalk and other services. So that was the original intent. But frankly, we at least, and I daresay others, definitely have heavier weight images than might have been originally intended. COLTON OGDEN: Amed Osman says, "Is Docker separating the dev environment from production?" DAVID MALAN: You could. You could have multiple instances of the same image running in separate containers, so as to have a test environment, a production environment, a staging environment-- makes it even easier, because you know by definition all three of those are identical. By contrast, in our years ago with vhost, virtual host, we would have to configure two or three servers identically and then hope we don't screw up and let them get out of sync. Docker ensures they won't. COLTON OGDEN: "What would be the proper approach to not losing data? I understand you can quickly reinstall stuff, but what about data stored in databases, images, et cetera?" DAVID MALAN: So it depends on where things are running. Docker can certainly do this. You can create, as someone suggested earlier, your own local volume, which is essentially like a file in which you store virtually all of the files from the container or folder they are in, and that's where you can put images and stuff. Databases can be outside of the container, if that's how-- what we do on Elastic Beanstalk. We run our Docker containers on Elastic Beanstalk, but we run our databases on RSD, Relational Database Service, which is a separate Amazon product. So that takes care of the persistence of data, but you can certainly persist data. I was just demonstrating that by default, everything is ephemeral unless you mount, and remember to mount, and create your own volumes. COLTON OGDEN: BennyBongus says, "Malware can break out of VMs, so we can probably break out of containers." Is that true? DAVID MALAN: Yes, software is written by humans. Humans make mistakes. Things can get out, so you should mitigate those risks always anyway. COLTON OGDEN: Elasuras-- Elasorsa says, "You usually don't keep your database in your instance. You use it through a volume, so it's more on your server." DAVID MALAN: Yeah, I agree with that. COLTON OGDEN: "I guess you could put on a host directory, a mount to it, or run as scheduler to back up on a mounted." DAVID MALAN: Sure. COLTON OGDEN: "What is the best free platform to host Docker images?" says LightofHell1. DAVID MALAN: I don't know. Let me quickly Google. So it looks like Heroku supports Docker these days. I know Heroku tends to have free tiers of service up to like low levels of usage. I would defer to you to just read a little closer the documentation to see if the Docker stuff is free. You can definitely use AWS. You have to typically sign up with a credit card even if you don't get charged. You get some amount of usage for free. And certainly, through educational programs-- sometimes CS50 has done this-- we've gotten like coupon codes for $100 of usage. Then you could definitely use Elastic Beanstalk. And I'm guessing Azure has something similar maybe. Google does too. So I would honestly Google "Docker free hosting" and see what pops up initially if you want to play. But you can run Docker on your own Mac and PC, of course, if that's not on the internet. COLTON OGDEN: "I remember the good old appliance days of the hypervisors." DAVID MALAN: Then you must remember how slow that damn thing was to boot up, because it was in fact a hypervisor. COLTON OGDEN: "Talking from experience and production, the more processes you add to a Docker container the more problems you get, and you get to rely on init managers, like supervisord. I prefer running one to two processes per container, like Nginx, or some service, plus some service. DAVID MALAN: Yeah, that's fair. That world is getting better, managing processes and containers. But, yes, that's the intent of microservices. COLTON OGDEN: "'Containers do not contain,' in quotes I read today, which means that security is not isolated." DAVID MALAN: I'd have to see the article to be able to tease that apart. You should not assume that anything is secure, but this is certainly a step in-- secure 100%-- but this approach to containerizing, or more generally, isolating processes and services is a huge step forward. COLTON OGDEN: "Running a database inside a Docker container, I would seriously not recommend that. It's not easily deployable," says Sigmund. DAVID MALAN: I don't know if I'd agree with that, honestly. MySQL, and Postgres, and such, they're just pieces of software that are running. The most important thing with the database is the volume and you want to make sure that that is mounted consistently. You want to make sure that the process shuts down cleanly so you don't have any corruption. But there's no reason you couldn't run the database software in a container. But the data should be separate from it. COLTON OGDEN: Sure. Wouldn't want a sort of ephemeral database that-- DAVID MALAN: No, that would be the worst. But actually, can I interject for a moment? COLTON OGDEN: Sure. DAVID MALAN: Because we can tie that thread nicely into the other question about Docker Compose that came up. COLTON OGDEN: Yeah, let's do that. DAVID MALAN: Let me go ahead and open up, let's say, our help50 server. So help50 server is freely accessible on GitHub, though you probably wouldn't want to run this yourself. This is at GitHub.com/CS50/help50server. This is the code that drives most of help50 itself, the command line tool. There's a back end server to which student's error messages are posted by HTTP, and we then send back some helpful response-- theoretically, helpful responses based on regular expressions, excuse me. And you can see in here we have a Dockerfile for that and that has just a few pieces of software installed. But notice, we have an abstraction here. All of CS50's web-based apps extend what's called CS50 Server, which in turn extends CS50CLI, which in turn extends CS50 base image, which in turn extends Ubuntu 18.04, I believe. So we have this whole hierarchy so that each of our apps has a pretty tight Dockerfile, not much complexity, but we have the commonalities factored out. COLTON OGDEN: It's like a Java program. DAVID MALAN: Yes, but without the atrocious headaches. And but you can see here that help50 server, unlike some of our apps, additionally needed this flask migrate library, flask SQL alchemy, flask session, and a couple of others that we didn't bother baking into our base image because not everything needs it. So we just saved a little bit of space, but we could throw the kitchen sink in too. But to someone's comment earlier about Docker Compose, this is a helpful file too. This is a somewhat older version of the format. There's actually a fewer fancier features now. But here in Docker Compose, if you want to run multiple containers locally or in the cloud, you can compose them, so to speak. This text file specifies how you can run multiple containers and how they should be configured with respect to each other. So for instance, help50 server is a nice example of one of our web apps that has both a web server and a database server. When we're developing this app locally, we want to have a MySQL server running, but I don't really want to install it on my own Mac or PC, or tell you how to do it, and then synchronize our tables. That too should be containerized and abstracted away. So this file here has a top-- this is YAML, which is like a cleaner version of JSON data. A top level key called "services," and I've defined two services-- Web and MySQL, but I could have called those Foo and Bar. Web should be built by building dot. So this is a way of automating that builds command. I gave it a name just so I know how to refer to it when I type things on. This is cool. You can say it depends on another server, and the syntax for this feature has changed over the months. But this means it depends on this one down here so that my database server ultimately will definitely be running before my web server, because I want the latter to connect to the former. So the rest of this stuff is just a bunch of environment variables. But what's cool here is we can stub out, so to speak, a default username, and password, the hostname for the database, and a name. None of this is secure. This is just used locally for development. This is not our actual passwords. But you'll see here you have a link, which means this line. We'll make sure that your web server has a fake DNS entry called "MySQL," that when you do an NSLOOKUP of MySQL, it will resolve to the other container wherever it is, which is cool. You can expose ports, like port 8080 to port 8080, because I just want to commandeer that one here. And here's where I got confused before. I'm not sure why Docker Compose is more tolerant of this. I'm mapping the current directory dot to serve /www, which is convention. And then down here, MySQL is based on our MySQL image. A couple more environment variables, which per the documentation, configure a default username and password. And so here, if I were to run this after cloning the repo, I would do on my Mac DockerCompose-- whoops-- Billed, to build both images, and then DockerComposeUp to bring the whole architecture online. COLTON OGDEN: Where was the database being stored in that example, like the actual volume? In server www? DAVID MALAN: No. Inside an ephemeral container. So when that container, called MySQL, is deleted, I lose all my data. COLTON OGDEN: So this is just for testing, and then when you actually deploy it, it's-- DAVID MALAN: That's a different database, right. So what we don't use Docker Compose in the cloud. We instead use Elastic Beanstalk and have it talk to our DS, but that is product specific, that's cloud provider specific. Here is a generic approach that allows us to create the-- to mimic Amazon's setup, but locally in such a way that it's disposable. A huge boon-- so I'm glad-- thank you for mentioning Docker Compose earlier. COLTON OGDEN: Yeah, that's cool you can sort of mix containers into the same setup. Let me make sure we're back up to where we just left off. Oh, looks For Sunlight included the Docker-- DAVID MALAN: Oh, good. Thanks, I'll try to pull that up later. COLTON OGDEN: --article. And then-- oh, someone else had another article. We'll come back to that. "What is the advantage of using a commercial interface-as-a-service, like AWS, Google Cloud, and Azure as the containerization and resulting security," says TwitchHelloWorld. DAVID MALAN: Don't buy anything based on someone saying, "it's secure," because that's usually fluffy marketing speak I would say. COLTON OGDEN: Their padlock image on whatever website. DAVID MALAN: They're assigned, approved, or whatever? COLTON OGDEN: Yeah. DAVID MALAN: Always take any mention of security with a grain of salt. Using a modern cloud provider, like the ones you've enumerated here, helps you be more secure if the alternative we're using like a vhost-based-- virtual host-based approach of shared web hosting-- that used to be in vogue. With that said, shared web hosting was really popularized I think by the PHP world. That was the way the system was designed. You have one web server, like Apache, maybe Nginx, running a bunch of different websites all in the same system. But right, Ruby on Rails doesn't really work that way. Python and Flask and Django don't really work that way. Those are isolated to individual apps by design more so, and it's actually more of a pain to get them working in a shared environment. So these IaaS providers are just more conducive to running a more diverse ecosystem of apps I would say. COLTON OGDEN: ColonelHussain says, "What are you doing here? What kind of code is this?" DAVID MALAN: This is Docker. So if you rewind once we post the final video, you'll see all that and more. COLTON OGDEN: Yeah, and actually you can go-- the VOD, currently, you should be able to scroll back on the slider and see where the-- DAVID MALAN: Oh, good. COLTON OGDEN: --and look back on what we were talking about previously. Someone included an article that says, "Do not use Docker and Docker for CI." I'm not sure if you're familiar. DAVID MALAN: I'm going to say no. I'll pull that up later. COLTON OGDEN: "Where do you use," asking Sigmund, "where they use Docker." Amed Osman says, "Is it better if I have a PHP-based platform that needs a gear of Python-based platform making both on separate containers talking through APIs or is there a way making them communicate container to container?" DAVID MALAN: So if I'm hearing this correctly, if you've got a PHP app but you need to call some Python code, honestly, the simplest way to do this is probably have one container, one image, that has both PHP installed-- whatever version you want-- and Python installed-- whatever version you want. And in PHP just use the system call, or exec, or whatever it's called-- it's been a long time-- that lets you run a Python script locally and not over engineer that. I say that completely in the abstract. I don't know what your actual needs are or your architecture is like, but I would keep it simple until you need to complicate your implementation. COLTON OGDEN: That makes sense. Sigmund was responding to For Sunlight. Development environment, "Just currently been working with Kubernetes--" Am I pronouncing that-- DAVID MALAN: Kubernetes. COLTON OGDEN: "--Kubernetes and GCP for a couple of years." Totally don't know what that is. "Twitch, however, using one of the services, does have the advantage of having them implementing best practices for you." DAVID MALAN: Very true. COLTON OGDEN: "Bigger scale, more testing, and more audits." DAVID MALAN: That's a good one. COLTON OGDEN: "This article was cited by AWS Cloud 9, because they don't allow running Docker inside their IDE due to security issues." DAVID MALAN: Yeah, that's true. Same for us, as a result. COLTON OGDEN: "What is the difference with Docker and GCP?" DAVID MALAN: Docker is a Google compute platform. I think you can run Docker on Google's cloud platform. We've not used Google's platform here much other than indirectly through other cloud services, but Docker is a piece of software that allows you to contain all of your application's code and dependencies inside of the illusion of a self-contained operating system. GCP is, I believe, fair to say, lower-- well, no. It's more of an isolated app environment. I think it's probably close enough to say Docker is a more generalized solution, but I'd need to close my mouth, because I've not used Google enough to speak intelligently to that beyond that. COLTON OGDEN: "Is it me or is web programming really a confusing but powerful soup of dozens of technologies all carefully tied together?" DAVID MALAN: It is not just you. The world is a mess right now. And will probably always be a mess like this, because many people will come up with many solutions to problems, and our understanding of how best to solve problems will evolve over time. I think the important thing here in this world is to focus on fundamentals, like understand how technologies are similar, and different, and just roll your eyes when someone is preaching one technology over another. And decide for yourself, based on reading the documentation, reading articles like folks are proposing here, and then, honestly, just go with which one is easiest and most accessible to you. And if you bump up against problems ultimately, fine, solve those. Don't try to assume there is one best thing for everything. COLTON OGDEN: Sigmund was saying, "Stay away from devices and services where they say 'military-grade encryption.'" DAVID MALAN: Yeah, that's silly nonsense too. COLTON OGDEN: GSP's Google Cloud Platform-- "Better buy the ones that have 'easily hacked' on the package." DAVID MALAN: There you go, very open, forthright. COLTON OGDEN: Where are the puns? "Where can we find a full video of the feeds?" says Degoja. It'll be on here on Twitch. After the broadcast is over with, it may take them a minute to encode it, and it'll be on YouTube later this evening. So if you're unfamiliar, we have a YouTube channel as well where we post all these videos, and many more videos, including David's lectures from this last year. DAVID MALAN: Yeah, you want to paste that URL? YouTube.com/CS50 for all of CS50's video needs. COLTON OGDEN: AltProgrammer says, "hello." DAVID MALAN: Hello. COLTON OGDEN: ShellExecNastiest say-- DAVID MALAN: Yeah, there's that stuff. But again, quick and dirty solution if you want. COLTON OGDEN: "Comic, Colton, and professor don't stay quiet." I'm not sure. "Same here," Assly. [INAUDIBLE], "Right back at you." "Go to the Videos tab after this is done and you will find it." Sigmund says, "Yeah, you can. They have a section just for Kubernetes so you can set up your clusters there with Docker containers inside the pods in GCP, that is." So I guess they have some level of integration. "What is Colton's middle name?" Taylor is my middle name. DAVID MALAN: Oh, wow. We could have strung that out, take some guesses, and a poll or something. COLTON OGDEN: Kubernetes. DAVID MALAN: There you go. COLTON OGDEN: I like all the humor in 2019 CS50 Pset instructions. DAVID MALAN: Oh, thank you. COLTON OGDEN: Cool, I think we're all caught up on the comments. DAVID MALAN: Yeah, I think we're nearing the end here. Please feel free to chime in with any final questions if you'd like. COLTON OGDEN: Oh, sure. Yeah, time flew by. I didn't realize it was already almost 5 o'clock. DAVID MALAN: Indeed. But let me suggest, if you'd like to get started, literally Google "Docker download," install it on your Mac or PC, assuming your OS supports it. Then you can go about playing with just the base Ubuntu image. Honestly, let me pull up a little text editor. I believe the first thing we did was we created a Dockerfile that quite simply had "From Ubuntu 18.04" at the top. So this was my Dockerfile, and then down here I just ran the command, Dockerbuild., and then I ran Dockerrun-IT whatever your hash is here. And you can actually be fancier. You can tag your own images and give them names, I think. I don't want to goof here, but I think if you do tash Foo, you can instead say Foo here, I think, but double check. If you want instructions, just go ahead and do Dockerhelp, or Dockerrunhelp, or Dockerbuildhelp, or so forth, which is pretty conventional, and that will get you up and running. It will get you running Linux, in this case, or there's different flavors of Linux. Honestly, if you are a bit of a geek and you want to learn more about various Linux distributions, don't bother partitioning your hard drive, and dual booting, and all of that scary stuff. It's so easy to just run it in a container these days, get up and running, play, install stuff, and throw it away when you're done. COLTON OGDEN: Yeah, it was easy even with VMware doing that, and let alone this makes it even-- DAVID MALAN: Yeah, just a little more time consuming, but yeah. COLTON OGDEN: Yeah, and this makes it even easier and much more lightweight, much faster. DAVID MALAN: "Could we making a stream about building multitenant architectures?" Maybe. I would propose that you formulate a more precise question for us. Like what's the problem you're trying to solve, and why do you want a multitenant architecture, and what does that mean to you and to us rather than our trying to answer I think in the abstract. COLTON OGDEN: It looks like UnsignedEd says, "Hi, David and Colton. Thank you for your great job, and special to you, David, to introduce me to the wonderful world of programming." DAVID MALAN: Oh, very nice, very welcome, UnsignedEd. COLTON OGDEN: And I think they're having a conversation in the chat here asking-- I think Sigmund or someone-- who asked? Adamantine, sorry. It says, "Is anybody working as a programmer or developer?" And people are chiming in. It looks like DigiCrest says, "Not yet." And then Adamantine was saying-- DAVID MALAN: Oh, here we go-- big one. "Do you agree and think operating systems or algorithms is a good such course to take in-person?" If that question is to us, I'm not sure it matters to be honest. I think it depends on the quality of the program, the instructor, the assignments far more so than being in-person. I think it's certainly nice to get to know the teaching staff and classmates in-person, but I don't think-- nothing comes to mind about those two topics that lend themselves better or worse to in-person. Honestly, if you had asked more about a physics class or a club that has a hands-on lab, or especially from the physical sciences, absolutely, but when it comes to most CS classes, certainly theory and software, I'm not sure you really gain much. If it were a hardware class or circuitry class, came to a physics class, then sure, but I wouldn't worry too much about that distinction, I think. COLTON OGDEN: Certainly we spend a lot of time and resources making our content available to people around the world to watch online. So, yeah, it follows. DAVID MALAN: "Why do you-- CS50 stopped CS50 coding event, which we had to make a team for and solve 10 or so problems and see?" COLTON OGDEN: The hacker ranked stuff? DAVID MALAN: Oh, yeah, the coding contest. There wasn't huge uptake, to be honest. We ran it I think twice, and each time we had a good amount of participation, but not nearly as much as with like CS50X Puzzle Day, which we'll be running in a couple of months time. So it just didn't seem like there was sufficient interest. I daresay, when people are immersed in taking CS50 or some of CS50's other courses, there's already so much damn work to do that I'm not sure doing more problems in code was globally appealing. But if you start asking more and more and get your friends to mention it, maybe we can marshal some more support. COLTON OGDEN: Sure, yeah. DAVID MALAN: That's all. COLTON OGDEN: SolidGD, "Why all the questions in caps? Like everyone's shouting today." DAVID MALAN: I don't know why all the questions are in caps here. COLTON OGDEN: I can't hear out of my right ear. [LAUGHS] COLTON OGDEN: "Always great to hear from people who are passionate about technology. Thanks, guys," says Degoja. "I think one thing is coding with another student too, to train." And there's, I think, certainly value in that, right, pair programming? DAVID MALAN: Maybe. I've never been a fan. I can't stand working alongside of someone else on code. I can't focus and I'm too embarrassed by typing what I'm typing. COLTON OGDEN: Oh, like what we're doing right now? DAVID MALAN: Well, we're not coding. We're just talking. "When is the World Puzzle Day?" To be determined. It will be somewhere between February and April of 2019. We will start posting on social media pretty soon when we know. COLTON OGDEN: Cool. WhipStreak was asking, "Can we do a stream on HTML? I know it's not a programming language per se, but I love, love, love HTML CSS." DAVID MALAN: But then maybe you should be leading the stream on HTML and CSS. But that's a good one. Let me-- we'll talk to the team here and see who might be interested in doing that one. COLTON OGDEN: "Regulars, we can pair up," says For Sunlight. "Does beta testing for you guys satisfy that idea somewhat? Why teach C--" oh, sorry, that's not the same person. "Does beta testing for you guys satisfying that idea somewhat?" I'm not sure-- DAVID MALAN: I'm not sure what that's referring to. COLTON OGDEN: "Why teach C and not C++ for the first half of the course," says Adamantine. DAVID MALAN: 60%, 70% of our students have never programmed before. I think pedagogically procedural programming is best placed before object-oriented programming, because I think there are so many problems and so much logic you can explore that does not warrant objects until you actually have problems that warrant solving them with it down the road. So I think, if we were to introduce C++, it would be after C, or you would teach C++, but the subset of it that is effectively C. And it's really not until mid-semester, when we switch to Python and we start talking about libraries and frameworks, that it makes sense to begin encapsulating more complexity and to using other people's libraries. I just don't think it solves a problem early on in a class. And syntactically, there's a little more messiness there. I don't see a need for classes early on. And even in years ago, when a colleague and I used to teach in an introduction to computer science in Java, I never really liked it very much, because it felt unnatural to me to be forcing students to see and to think about classes, when, oh my god, they just want to write Hello World, let alone any number of other programs that don't require a class. That is an annoying feature of Java, I think, that everything is a class, an object. COLTON OGDEN: So let's switch to Java then, next semester. DAVID MALAN: There you go. Time for a couple more questions here. COLTON OGDEN: Yeah, AssemblyDragonBoard says, "Docker requires Windows 10 Pro, Enterprise, or Education. I have access to a Mac, but not Windows 10 Pro, et cetera. Is it better to try and learn Docker on a Mac rather than upgrade my Windows 10 to Pro?" DAVID MALAN: Yes, less work, and no upsides to trying it on Windows anyway. They're going to be functionally pretty much the same. COLTON OGDEN: "I want to give Bisquit a shout out to his C++ skills." So a shout out to Bisquit. I'm not sure who that is. "What was the reason you guys changed PHP to Python in CS50?" DAVID MALAN: PHP has just lost steam. Python is all the rage these days. Ruby was more of the rage for some time. Python is a bit more versatile. You can write command line programs in PHP. You can do analysis and sort of data science type applications in PHP, but that's not really what it was meant for, and it's just weird to do that or to teach that. So as such, I think Python is more multitalented, or it certainly is perceived as being more multitalented, and so it just felt like it was time. We were clinging to a language whose star was fading. With that said, PHP's documentation, I've long felt, is order of magnitude better than Python's and Ruby's. So I do think that was a loss. They have a wonderfully accessible documentation, great examples, even some community Q&A. Python's documentation I think is awful relative to that, but I do think it was the right call. Otherwise, we'd be teaching the wrong language for a course, one of whose goals is not just a foundation in computer science, and concepts, and programming, but also two offboard students, so that when they never take another CS course before, they nonetheless have some practical programming experience that they can then go use in the real world. COLTON OGDEN: Agreed. "Are you planning to teach any functional programming languages, like Elixir and Elm?" DAVID MALAN: No time soon, but Colton has been championing that for some time. So maybe, but no plans just yet. COLTON OGDEN: Get more critical mass. Let's ask him. Keep asking. "I prefer working solo. The herd is good to do it in one course, since that is how coders work," says TwitchHelloWorld. DAVID MALAN: Collaboratively, not necessarily next to each other as peer programming, but that's just my own personal bias against. COLTON OGDEN: You and I can do a little bit of that next stream. DAVID MALAN: OK, I'll just sit here and watch and see how you feel. COLTON OGDEN: "How can I be one of the CS50 staff? I'm really interested in that. It seems like CS50X in 2013 [INTERPOSING VOICES] DAVID MALAN: Oh, just start by emailing me. Malan @-- do you want to paste? Malan@Harvard.edu, and we have bunches of ways to get involved, either officially here on campus, or online, or certainly with our online communities as well. COLTON OGDEN: Tuxman, "Coming from C, I was so confused when I started my Java class, but then having seen Struts, it came back to me and it was smooth." DAVID MALAN: So I'd like that point, because we do get to Struts in C mid-semester, at which point, oh, this does make sense. It solves a problem. I can encapsulate data. And so there, if C had classes, could you then say, well, you can encapsulate not only data but functionality instead. And for me at least, mentally-- I feel pedagogically-- that's like the right way to escalate things and not hit students on day one with too much OO stuff. COLTON OGDEN: And I feel like-- don't we do that with Python now? Around the time we get to Stucts, don't we start to segue into Python in classes or have we touched on that briefly? DAVID MALAN: No, we just use dictionaries to encapsulate. COLTON OGDEN: Interesting. I thought in one of the lecturers, you talk about classes. DAVID MALAN: A couple of years ago we had a class for like Pset7 where we encapsulated something, but then I dropped it as just being a tangent. COLTON OGDEN: "Should use classes in object-oriented programming using jQuery, like in Pset8 mashup?" DAVID MALAN: Not for that Pset, no. What we expect of you in what was mashup, the old Pset8 was very procedural, in fact, just a few lines of code. And I'd be curious to see what you are proposing, but my gut tells me that's over engineering the solution. COLTON OGDEN: Brenda was mentioning Puzzle Day, "It's not about programming. It's problem-solving." DAVID MALAN: Indeed, very true. Thank you, Brenda. Yes, anyone can participate in Puzzle Day. Keep an eye on CS50's Facebook or subreddit for that. COLTON OGDEN: More all caps-- "It's Brenda Anderson from Discord." DAVID MALAN: Nice. COLTON OGDEN: "If you want to read about the last one," M. Kloppenburg found an article. DAVID MALAN: Yeah, thank you for pasting that URL. COLTON OGDEN: For Sunlight's saying, "Super fun. I never did it, but my students had so much fun. I thought we could try it." Maybe? DAVID MALAN: Yeah, do, for sure. There's our email. COLTON OGDEN: Thanks for the link. "Java was easier for me after seeing Python." So it gets to your point. DAVID MALAN: Yeah, I bet. COLTON OGDEN: Yeah, after a little bit of procedural knowledge. "It took a while to get around polymorphism and interfaces." DAVID MALAN: That's fair. COLTON OGDEN: And it sounds a little bit more Java specific too, with interfaces. Assly said, "Exciting that everyone can participate. Thanks for that." DAVID MALAN: Yeah, do you check out that URL that-- who just pasted that up there? Do you mind scrolling down? COLTON OGDEN: M. Kloppenburg, I believe. This one? DAVID MALAN: Yeah, that would be great. There's a lot of photos. You can really see some of your friends, and classmates, and others around the world, literally, who had printed out the puzzles and we're working on them. COLTON OGDEN: Yeah, that's pretty cool. I roughly remember that. DAVID MALAN: Yeah, a few thousand people I think. Well, thank you, everyone, for tuning in. Feel free to hit us up on social media or to just email me directly. My email address is in there, and it's on almost every one of our videos. Colton's as well in the games videos. And it's been really fun talking about this. Reach out if you've got some questions. COLTON OGDEN: Thanks so much for this tutorial on Docker. DAVID MALAN: Oh, no problem. Yeah, looking forward to the next one, when we'll be playing what game next? COLTON OGDEN: Well, actually we do need to beat Zelda at some point, but-- DAVID MALAN: I don't know. We struggled with the first time. COLTON OGDEN: There was input lag, because it wasn't on-- DAVID MALAN: Oh, that's right. It was the TV's fault. It was my excuse. COLTON OGDEN: It actually was the TV's fault. DAVID MALAN: There was millisecond that kept costing me lives every time. COLTON OGDEN: More than one millisecond. So join us next week. On Monday, I'll be doing a stream on hangman. We'll talk about hangman. So pretty-- DAVID MALAN: You're just going to be playing on the whiteboard? COLTON OGDEN: Yeah. DAVID MALAN: I hope everyone gets a letter, please. COLTON OGDEN: We'll implement hangman and Love2d, and then Wednesday we may do a typing game. I'm chatting with some other folks about other streams. They'll be in the Facebook. We'll make some events for those. This was Docker. This was awesome. DAVID MALAN: Yeah, thanks so much. Great to see everyone. Until next time. COLTON OGDEN: And we had a whiteboard. DAVID MALAN: Yeah, we didn't need to draw any pictures, but next time we'll play hangman I guess, huh? COLTON OGDEN: Yeah, or maybe even to some Legend of Zelda, finish Zelda up. So thanks, everybody, for tuning in. This was CS50 on Twitch, and this was Docker. We'll see you next week. DAVID MALAN: Take care. COLTON OGDEN: [INAUDIBLE].
B1 中級 DOCKER TUTORIAL - CS50 on Twitch, EP.23 (DOCKER TUTORIAL - CS50 on Twitch, EP. 23) 8 0 林宜悉 に公開 2021 年 01 月 14 日 シェア シェア 保存 報告 動画の中の単語