  • Josh Braegger

    Docker and CoreOS What it is, and how we brought it to production

  • Who am I?


  • Last Year

  • Docker

  • Quick Docker Demo

  • Docker (of course)

  • FastPatch

    alpha, beta, and stable channels Cluster-aware updates Atomic (active/passive) Automatic upgrades /usr is read-only


  • CoreUpdate

  • Etcd

  • COMMANDS: mk make a new key with a given value mkdir make a new directory rm remove a key rmdir removes the key if it is an empty directory or a key-value pair get retrieve the value of a key ls retrieve a directory set set the value of a key setdir create a new or existing directory update update an existing key with a given value updatedir update an existing directory watch watch a key for changes exec-watch watch a key for changes and exec an executable help, h Shows a list of commands or help for one command

    $ etcdctl ls //$ etcdctl mk /test/key valuevalue$ etcdctl ls //app/$ etcdctl get /test/keyvalue

  • Systemd

  • [Unit]Description=GaiaCloud ServiceAfter=docker.serviceRequires=docker.service

    [Service]EnvironmentFile=/etc/environmentTimeoutStartSec=0ExecStartPre=/bin/sh -c "/usr/bin/docker pull gaiagps/gaiacloud:master"ExecStart=/bin/sh -c "/usr/bin/docker run --rm \ --name gaiacloud-web-%i \ -h gaiacloud-web-%i \ -p 8000:8000 \ -p 8443:8443 \ --env-file /home/core/environments/gaia-dev \ gaiagps/gaiacloud:master"ExecStartPost=/usr/bin/etcdctl set /app/gaiacloud/%i-http ${COREOS_PUBLIC_IPV4}:8000ExecStartPost=/usr/bin/etcdctl set /app/gaiacloud/%i-https ${COREOS_PUBLIC_IPV4}:8443ExecStop=/usr/bin/docker stop gaiacloud-web-%iExecStopPost=/usr/bin/etcdctl rm /app/gaiacloud/%i-httpExecStopPost=/usr/bin/etcdctl rm /app/gaiacloud/%i-httpsUser=core


  • Fleet


  • cloud-config#cloud-config

    coreos: etcd: # generate a new token from discovery:{discovery_key} # multi-region and multi-cloud deployments need to use $public_ipv4 addr: $private_ipv4:4001 peer-addr: $private_ipv4:7001 units: - name: format-ephemeral.service command: start content: | [Unit] Description=Formats the ephemeral drive [Service] Type=oneshot RemainAfterExit=yes ExecStart=/usr/sbin/wipefs -f /dev/xvdb ExecStart=/usr/sbin/mkfs.btrfs -f /dev/xvdb - name: etcd.service command: start - name: fleet.service command: start

  • ConfigDATABASES = { 'default': { 'ENGINE': 'django.contrib.gis.db.backends.postgis', 'NAME': env_var(DB_DBNAME, db_name), 'USER': env_var(DB_USERNAME, db_username), 'PASSWORD': env_var(DB_PASSWORD, db_password), 'HOST': env_var(DB_PORT_5432_TCP_ADDR, localhost), 'PORT': env_var(DB_PORT_5432_TCP_PORT, 5432), 'CONN_MAX_AGE': 120, }}

    DATABASES = { 'default': { 'ENGINE': 'django.contrib.gis.db.backends.postgis', 'NAME': db_name', 'USER': db_username', 'PASSWORD': db_password', 'HOST':,

    PORT: 5432, 'CONN_MAX_AGE': 120, }}


  • Logging Use CoreOS / journalctl? Volume mount? Log inside container?

  • App Demo

  • 12factor.netI.Codebase - One codebase tracked in revision control, many deploysII.Dependencies - Explicitly declare and isolate dependenciesIII.Config - Store config in the environmentIV.Backing Services - Treat backing services as attached resourcesV.Build, release, run - Strictly separate build and run stages

  • VI.Processes - Execute the app as one or more stateless processesVII.Port binding - Export services via port bindingVIII.Concurrency - Scale out via the process modelIX.Disposability - Maximize robustness with fast startup and graceful shutdownX.Dev/prod parity - Keep development, staging, and production as similar as possibleXI.Logs - Treat logs as event streamsXII.Admin processes - Run admin/management tasks as one-off processes

  • Presence



    load balancer

  • Presence (cont)[Unit]Description=GaiaCloud Presence ServiceBindsTo=gaiacloud-web@%i.service

    [Service]ExecStart=/usr/bin/docker run --rm --name gaiacloud-presence-%i \ --env-file /home/core/environments/presence \ -e AWS_REGION=us-east-1 \ -e ELB_NAME=test-elb \ /bin/elb-presenceExecStop=/usr/bin/docker stop gaiacloud-presence-%iUser=coreTimeoutSec=0


  • Ambassadors


    redis-ambassador redis-ambassador



  • Issues

    Cannot kill docker containers through systemd btrfs space issues (fixed in 3.18?) Big images

    Big base images (ubuntu) Compiling

  • Other

    Kubernetes (koo-ber-nay-tace) Deis (day-iss) EC2 Container Service docker-compose (fig)

  • Questions?

