docker novosibirsk meetup #3 - docker in production
TRANSCRIPT
Docker in ProductionSomething new or just buzzwords?
Gianluca ArbezzanoSoftware Engineer @CurrencyFair
DevOps enthusiast and Open Source developer.
● http://scaledocker.com● http://gianarb.it● https://twitter.com/gianarb● https://github.com/gianarb● [email protected]
> Automate the boring stuffs.
Internet users in the World
http://www.internetlivestats.com/internet-users/
Cloud Computing
1960s The initial concepts of time-sharing became popularized via RJE (Remote Job Entry);[
1990s Telecommunications companies, who previously offered primarily dedicated point-to-point data circuits, began offering virtual
private network (VPN) services with comparable quality of service, but at a lower cost.
2000s Cloud computing has come into existence. In early 2008, NASA's OpenNebula
2006s Amazon introduced its Elastic Compute Cloud.
2008s Microsoft Azure was announced as "Azure". It was released on 1 February 2010 as Windows Azure
2010s Rackspace Hosting and NASA jointly launched an open-source cloud-software initiative known as OpenStack
https://en.wikipedia.org/wiki/Cloud_computing#Origin_of_the_term
Your application and your business
That’s what matters
Problems that I see● Onboarding new users● Testing● Deploy your application● Scalability● Timing● Number of applications
Why containers are good● Easier to deploy● Good to keep developers and system administrator frends● Less expensive to manage in time compared with VM. But you still need
VMs or at least servers.● Immutable
you still need VMs or at least servers.
You still need to manage● Network● Hostname● Firewall● Maybe some tools like vim, you always need vim● Docker itself needs to be installed and configurated
Everything as code:1. Cloud init2. Configuration management3. Docker
https://github.com/chef-cookbooks/docker
VPN - It’s not complicated! Stop to think that...
https://community.openvpn.net/openvpn/wiki/BridgingAndRouting
dockerd -H fd:// -H tcp://10.7.5.22 --label kind=private
6 October 2016© 2016 CurrencyFair Ltd
Docker 1.13 makes production environment
good.
6 October 2016© 2016 CurrencyFair Ltd
CLI redesign
Docker CLI is always a privileged client for the daemon. Thousand
of users learn how to run contains with this tools:
docker run -it alpine sleep 10
6 October 2016© 2016 CurrencyFair Ltd
CLI redesign
Advanced users or scripts to build complex solution:
find '/var/lib/docker/volumes/' -mindepth 1 -maxdepth 1 -type d | grep -vFf <(
docker ps -aq | xargs docker inspect | jq -r '.[]|.Mounts|.[]|.Name|select(.)'
)
6 October 2016© 2016 CurrencyFair Ltd
But was time for a little re-design
6 October 2016© 2016 CurrencyFair Ltd
top level command
● checkpoint Manage checkpoints
● container Manage containers
● image Manage images
● network Manage networks
● node Manage Swarm nodes
● plugin Manage plugins
● secret Manage Docker secrets
● service Manage services
● stack Manage Docker stacks
● swarm Manage Swarm
● system Manage Docker
● volume Manage volumes
100% compatible with the old commands: run, stop, start and so on
http://blog.arungupta.me/docker-1-13-management-commands/
6 October 2016© 2016 CurrencyFair Ltd
Keep your environment clean
docker system
docker system info == docker info
docker system event => to follow stream’s events from deamon
docker system prune => to clean your env from bad layers,
volumes and networks
6 October 2016© 2016 CurrencyFair Ltd
Welcome compose v3version: ‘3’
services:
micro:
image: gianarb/micro:1.2.0
deploy:
mode: replicated
replicas: 2
resources:
limits:
cpus: '0.25'
memory: 512M
reservations:
cpus: '0.25'
memory: 256M
restart_policy:
condition: on-failure
delay: 5s
max_attempts: 3
window: 120s
Compatible with Swarm modedocker stack create \ -c ./docker-compose.yml frontend
6 October 2016© 2016 CurrencyFair Ltd
Secrets are available in Swarm mode
docker secret create well ./secret.json
docker service create --secret well alpine sleep 1000
Secrets are running in directory /run
6 October 2016© 2016 CurrencyFair Ltd
Squash layers
docker build --squash -t jenkins-sq .
Demo
● https://github.com/gianarb/micro● https://github.com/gianarb/docker-stack● https://github.com/gianarb/papiro● https://docs.docker.com/engine/swarm/secrets/● https://docs.docker.com/engine/reference/commandline/system/● https://docs.docker.com/docker-cloud/apps/stack-yaml-reference/