patterns and antipatterns in docker image lifecycle as was presented at scale 15x

Report

Post on 12-Apr-2017

199 Views

Category:

Travel

2 Downloads

Preview:

Click to see full reader

TRANSCRIPT

This slide was intentionally left blank

whoami

Baruch Sadogursky, JFrog Developer Advocate, @jbaruch

Show notes!• http://jfrog.com/shownotes– Video– Slides– Links– Feedback– Raffle! (come early)

JFrog Xray

Poll Time!

Poll Time!üHeard about DockerüCan do the tutorialüPoCing, playing etc.üProduction, baby!

@JBARUCH #SCALE15X HTTP://JFROG.COM/SHOWNOTES

@JBARUCH #SCALE15X HTTP://JFROG.COM/SHOWNOTES

JFrog Artifactory + Docker

@JBARUCH #SCALE15X HTTP://JFROG.COM/SHOWNOTES

Who’s using Docker and nothing else?

The Promotion Pyramid

Developmentbuilds

Dev Integrationtests

Integr.tests

StagingPre-ProdProd

Amountofbuilds

Build/Dep

loytim

e

Amountofbinaries

Pipeline: Quality Gates and Visibility

Source:AgileALM,MichaelHüttermann,ManningPublicationsCo.

@JBARUCH #SCALE15X HTTP://JFROG.COM/SHOWNOTES

$docker build

@JBARUCH #SCALE15X HTTP://JFROG.COM/SHOWNOTES

Too easy!

@JBARUCH #SCALE15X HTTP://JFROG.COM/SHOWNOTES

That’s why.

@JBARUCH #SCALE15X HTTP://JFROG.COM/SHOWNOTES

FROM ubuntu

RUN apt-get install -y software-properties-common pythonRUN apt-get install -y nodejsRUN mkdir /var/www

ADD app.js /var/www/app.js

CMD ["/usr/bin/node", "/var/www/app.js"]

Latestversion

Latestversion

Latestversion

Latestversion

That’s why.

@JBARUCH #SCALE15X HTTP://JFROG.COM/SHOWNOTES

FROM ubuntu:14.04

RUN apt-get install -y software-properties-common pythonRUN apt-get install -y nodejsRUN mkdir /var/www

ADD app.js /var/www/app.js

CMD ["/usr/bin/node", "/var/www/app.js"]

Betternow?

That’s why.

@JBARUCH #SCALE15X HTTP://JFROG.COM/SHOWNOTES

FROM ubuntu:4033353383af19ec179c01dda7f355a246c6adcafaf93c8f98

RUN apt-get install -y software-properties-common pythonRUN apt-get install -y nodejsRUN mkdir /var/www

ADD app.js /var/www/app.js

CMD ["/usr/bin/node", "/var/www/app.js"]

Andnow?

That’s why.

@JBARUCH #SCALE15X HTTP://JFROG.COM/SHOWNOTES

FROM ubuntu:4033353383af19ec179c01dda7f355a246c6adcafaf93c8f98

RUN apt-get install -y software-properties-common pythonRUN apt-get install -y nodejsRUN mkdir /var/www

ADD app.js /var/www/app.js

CMD ["/usr/bin/node", "/var/www/app.js"]

Andnow?Whataboutthose?

That’s why.

@JBARUCH #SCALE15X HTTP://JFROG.COM/SHOWNOTES

FROM ubuntu:4033353383af19ec179c01dda7f355a246c6adcafaf93c8f98

RUN mvn clean install

CMD ”java –jar Main.class"

Whataboutthis?

That’s why.

@JBARUCH #SCALE15X HTTP://JFROG.COM/SHOWNOTES

FROM ubuntu:4033353383af19ec179c01dda7f355a246c6adcafaf93c8f98

RUN download_random_sh*t_from_the_internet.sh

CMD ["/usr/bin/node", "/var/www/app.js"]

Andhowaboutthis?

That’s why you don’t trust Docker

@JBARUCH #SCALE15X HTTP://JFROG.COM/SHOWNOTES

Traditional Server Pattern

http://martinfowler.com/bliki/ImmutableServer.html

@JBARUCH #SCALE15X HTTP://JFROG.COM/SHOWNOTES

Immutable Server Pattern

http://martinfowler.com/bliki/ImmutableServer.html

@JBARUCH #SCALE15X HTTP://JFROG.COM/SHOWNOTES

What’s up with the gates?!

@JBARUCH #SCALE15X HTTP://JFROG.COM/SHOWNOTES

What’s up with the gates?!

What’s up with the gates?!

- QA shouldn’t test dev images

What’s up with the gates?!

- QA shouldn’t test dev images- non-tested images shouldn't be

staged

What’s up with the gates?!

- QA shouldn’t test dev images- non-tested images shouldn't be

staged- non-staged, non-tested or dev

images shouldn’t end up in production!!!

Not so fast…

@JBARUCH #SCALE15X HTTP://JFROG.COM/SHOWNOTES

Trumped-up limitations

@JBARUCH #SCALE15X HTTP://JFROG.COM/SHOWNOTES

The Anatomy of Docker Tag

@JBARUCH #SCALE15X HTTP://JFROG.COM/SHOWNOTES

Waitasecond,howcanIhavemorethanone

repositoryperhostnow?!

How can we support this?

https://host:8081/artifactory/docker-dev/busybox

https://host:8081/artifactory/docker-staging/busybox

https://host:8081/artifactory/docker-qa/busybox

https://host:8081/artifactory/docker-prod/busybox

@JBARUCH #SCALE15X HTTP://JFROG.COM/SHOWNOTES

“ONE REGISTRY PER HOST OUGHT TO BE ENOUGH FOR ANYBODY.”

Panic!

@JBARUCH #SCALE15X HTTP://JFROG.COM/SHOWNOTES

Virtual hosts/ports to the rescue

Registryhost Tagname

docker tag host:port/busybox

Virtual hosts/ports to the rescue

https://host:port/v2/busybox

Registryhost Tagname

docker tag host:port/busybox

Virtual hosts/ports to the rescue

https://host:8081/artifactory/docker-dev/busybox

Virtualrepositoryname Tagname

https://host:port/v2/busybox

Contextname

Registryhost Tagname

docker tag host:port/busybox

server {listen 5001;

server_name 192.168.99.100;if ($http_x_forwarded_proto = '') {

set $http_x_forwarded_proto $scheme;}rewrite ^/(v1|v2)/(.*) /artifactory/api/docker/docker-dev/$1/$2;…}

}

@JBARUCH #SCALE15X HTTP://JFROG.COM/SHOWNOTES

But then you realize…Waitasecond,nowIneedtopull,retagandpushfor

everystep?!

Anatomy of a container

@JBARUCH #SCALE15X HTTP://JFROG.COM/SHOWNOTES

Our LayersApplication:••.warfile

Framework:••JDK8+Wildfly

Base:••CentOS

Framework build

- Verified base image- Add system dependencies

from artifactory- JDK- Tomcat- Own it!

Minimal Framework build DockerfileFROM centos:7MAINTAINER you@yourorg.com

@jbaruch #devnexus http://jfrog.com/shownotes

Application build

- Framework is your base- Run a java build- Add a file to base- Done!

Application build DockerfileFROM yourorg-docker.jfrog.io/yourorg/framework:latestMAINTAINER you@yourorg.com

ADD https://yourorg.jfrog.io/yourorg/java-release-local/…/app-[RELEASE].war /opt/jboss/wildfly/standalone/deployments/app.war

Application build DockerfileFROM yourorg-docker.jfrog.io/yourorg/framework:latestMAINTAINER you@yourorg.com

ADD https://yourorg.jfrog.io/yourorg/java-release-local/…/app-[RELEASE].war /opt/jboss/wildfly/standalone/deployments/app.war

Application build DockerfileFROM yourorg-docker.jfrog.io/yourorg/framework:latestMAINTAINER you@yourorg.com

ADD https://yourorg.jfrog.io/yourorg/java-release-local/…/app-[RELEASE].war /opt/jboss/wildfly/standalone/deployments/app.war

Application build DockerfileFROM yourorg-docker.jfrog.io/yourorg/framework:latestMAINTAINER you@yourorg.com

ADD https://yourorg.jfrog.io/yourorg/java-release-local/…/app-[RELEASE].war /opt/jboss/wildfly/standalone/deployments/app.war

@JBARUCH #SCALE15X HTTP://JFROG.COM/SHOWNOTES

FrameworkPipeline

ApplicationPipeline

FrameworkPipeline

ApplicationPipeline

FrameworkPipeline

ApplicationPipeline

@JBARUCH #SCALE15X HTTP://JFROG.COM/SHOWNOTES

HIGH QUALITY(software and information) SPEED LOW COST

(automation)

Fast releases > Modular > Automation

Conclusions: Release Fast or Die!

Q&A and Links• @jbaruch• #scale15x• http://jfrog.com/shownotes– Video– Slides– Links– Feedback– Raffle! (come early)

top related

data antipatterns
Technology
ux environmental antipatterns
Design
antipatterns Ágeis
Documents
continuous delivery antipatterns
Technology
userguide 15x
Documents
patterns and antipatterns in docker image lifecycle as was...
Technology
predicting bugs using antipatterns
Documents
introduction to sql antipatterns
Data & Analytics
ios antipatterns & refactoring
Engineering
microservice antipatterns qcon.key
Documents
patterns & antipatterns in docker image lifecycle
Software
patterns and antipatterns
Documents
antipatterns in software (ru)
Health & Medicine
community antipatterns
Technology
test antipatterns
Technology
introduction to antipatterns & codesmells
Technology
gizli tehlike : antipatterns
Technology
avoiding api library antipatterns
Technology
scrummaster antipatterns
Documents
sql antipatterns, volume 1
Documents