apt get no more let vagrant, puppet and docker take the stage
TRANSCRIPT
ROME 27-28 march 2015
Alessandro Cinelli (cirpo)
Apt-get no more let Vagrant, Puppet and Docker take the stage
REMOTE MACHINES
https://www.flickr.com/photos/mysterybee/1659329016
IF THE STACK DOESN’T CHANGE TOO MUCH JUST PROVIDE A READY MADE VM MACHINE… THE PROVISIONER WILL ONLY CHANGE CONFIG FILES
“Operating-system-level virtualisation is a virtualisation method where the kernel of an
operating system allows for multiple isolated user space instances, instead of just one.
Such instances, often called CONTAINERS, or jails, may look and feel like a real server from
the point of view of its owners and users.”
http://en.wikipedia.org/wiki/Docker_%28software%29
DIFFERENCE BETWEEN A VM AND DOCKER
HOST OS
GUEST OS
HYPERVISOR
BIN/ LIBS
APP A
APP CAPP B
GUEST OS
BIN/ LIBS
APP Z
APP HAPP B
GUEST OS
BIN/ LIBS
APP A
APP DAPP L
HOST OSDOCKER ENGINE
BIN/ LIBS
APP ABIN/ LIBS
APP ZBIN/ LIBS
APP DBIN/ LIBS
APP B{ {
VM
environment dev all (dev, staging, live)
boot speed minutes seconds
host dependency almost everywhere linux
Linux CONTAINERS (LCX)
came from FreeBsd jails and chroot, at least 5 years ago
used by Heroku(PaaS)
DIFFERENCE BETWEEN DOCKER AND A VM
WITH DOCKER YOU DON’T HAVE THE
OVERHEAD GIVEN BY THE VIRTUALISATION
DockerFilecontainer image
commands while building the container
copy some content while building the container
}
DockerFilecontainer image
commands while building the container
copy some content while building the container
declare a volume: data accessible by other containers and useful to mount a filesystem
}
DockerFilecontainer image
commands while building the container
copy some content while building the container
declare a volume: data accessible by other containers and useful to mount a filesystem
environment variable
}
DockerFilecontainer image
commands while building the container
copy some content while building the container
declare a volume: data accessible by other containers and useful to mount a filesystem
environment variablecontainer port exposed to other containers
}
DockerFilecontainer image
commands while building the container
copy some content while building the container
declare a volume: data accessible by other containers and useful to mount a filesystem
environment variablecontainer port exposed to other containers
the container command executed when you run it
}
Build another container:
$: docker build -t my-redis .
Run the container:
$: docker run -it my-redis
Docker still requires Linux kernel 3.8 or higher.
This bounds considerably the environments Docker can
natively run on.
fake service? no problemDO YOU NEED TO FAKE A
SERVICE?
NO PROBLEM, JUST SPIN UP A CONTAINER IN NO TIME
DOCKER PROSMatter of seconds to start an image
Can start multiple copies immediately
Central repo for images
You can go on staging and live from dev with the same container
Versioning
DOCKER CONS
It really works really well just on Linux atm
It’s a young project, things change very fast
Lack of proper management tool
DOCKER CONS
It really works really well just on Linux atm
It’s a young project, things change very fast
Lack of proper management tool
Docker disk space cleanup
$: docker rm $(docker ps -a -q)
$: docker images | grep "<none>" | awk '{ print "docker rmi " $3 }' | bash
https://github.com/dummymael/dotfiles/blob/1859a36afba2252f86a0a1ff8d5fb442e74b7a0e/tools/
docker_clean_vfs.py
$: pip install docker-py
credits
http://blog.docker.com/media/Docker_Infographic_FINAL.jpg
https://www.flickr.com/photos/chuddlesworth/7059061549
Tim Haak https://speakerdeck.com/timhaak/vagrant-is-so-last-year-why-arent-you-using-docker-yet
Rohit Dantas https://speakerdeck.com/rohitdantas