1. Docker
AKA “the last Vagrantfile you’ll ever need”*
* Disclaimer: probably not the last Vagrantfile you’ll ever need
2. What is Docker?
http://docker.io/
“Docker is an open-source project to easily create
lightweight, portable, self-sufficient containers from any
application.”
Based on LXC (linux containers)
From dotCloud
Written in Go
3. …but what is it really?
Dockerfile to define a starting point (eg. “Centos”) and a
set of instructions to prepare your environment and run
your application
Image(s) containing all the defined environment and
your app
Containers with running processes
All self contained and isolated from the host
Public registry of other people’s images
4. Why would I use it?
Dev/prod/staging consistency
Ability to streamline CI/CD
5. Performance
Each container is simply a process, no other overheads
(simply isolated in the kernel).
Run 10-100 containers on your laptop, each one self-
contained
CPU == native, Memory == slightly higher, Network ==
_slightly_ slower
Copy on write filesystem (AUFS or BTRFS)
6. Structure
Encourages micro-services approach
Every separate daemon should be it’s own container
Discourages talking to localhost or making naive
assumptions about all services being locally accessible
Has a “linking” system for exposing other container IP
and port details via environment variables
Also encourages viewing services (containers) as
immutable
8. Installation
Trivial on modern linux (apt-get or yum install lxc-
docker)
Near-trivial on OS X (install boot2docker, or dvm)
Latest AWS images now support docker by default (as
does EBS)
Various vagrant images available for vbox, vmware, etc
9. Example Dockerfile
FROM centos
MAINTAINER Kevin Littlejohn <kevin@littlejohn.id.au>
RUN echo 'NETWORKING=yes' > /etc/sysconfig/network
# Install Postgresql
RUN rpm -i http://yum.postgresql.org/9.3/redhat/rhel-6-x86_64/pgdg-redhat93-9.3-1.noarch.rpm
RUN yum install -y postgresql93-devel postgresql93 postgresql93-server postgresql93-contrib
ENV PATH /usr/pgsql-9.3/bin:$PATH
RUN service postgresql-9.3 initdb en_AU.UTF-8
ADD pg_hba.conf /var/lib/pgsql/9.3/data/pg_hba.conf
RUN service postgresql-9.3 start && chkconfig postgresql-9.3 on && su postgres -c "createuser –s postgres"
USER postgres
EXPOSE 5432
CMD ["/usr/pgsql-9.3/bin/postgres", "-D", "/var/lib/pgsql/9.3/data", "-i", "-h", "0.0.0.0"]
10. 12 Months of Docker
Contributions from more than 400 developers;
More than 1.4 million downloads;
More than 10,000 Dockerized applications available in
Docker’s public index; and
Accelerating community engagement, including more
than 77 Docker Meetup groups in 30 countries.
14. Other nice features
Trusted images on index.docker.io
Logs of exited containers
Caching of images for repeat builds
Docker daemon and REST API
15. Tips for Use
Heavy use of Environment variables
Look into fig, maestro, or coreos/fleet
Never refer to localhost
AUFS vs BTRFS
Notes de l'éditeur
Stress _containers_ - pre-1960 shipping many specialized methods.
Image == AMI == class; Container == Instance == object
No more library versioning issues
No more worrying if CI is up to date with Prod, or Dev is the same as both
No more caring what distro people like/use
Oh, and no more rbenv/rvm/chruby, if you’re so inclined
Can run supervisord in a container, but best not
Passenger’s docker images
Once you’re generating images, you want to use them for production
- this is easiest done with a complete end to end system
- jenkins has some support for using docker commands in build instructions, and building things in docker by default
Rebuild on prod approach has issues:
- time
- size
- availability of third-party packages (npm failures)
- dependency management
Talk about stupid hand-holding re: not being able to list host volumes in Dockerfile and not being able to specify certain things in Dockerfile so they’re more portable, but less useful…
Mention OS X is virtualbox under the hood
This would sit at the top of your project, or perhaps the top of your rails app
Defines everything the app / service needs to run
Builds the same everywhere, more or less.
Note, also possible to build and commit manually, but not great
Drone – jenkins replacement aimed at auto-building within docker containers
Shipyard – tool for managing your docker registry
Registry – cacheing and serving images, nice for central private images
CoreOS – alternative to ubuntu for FROM on Dockerfile, has etcd installed by default, very lightweight.
Fig – wrapper for Docker to specify dependencies in YAML format
Maestro – similar to fig but slightly more complex
Packer uses it’s own json based format for defining server, loses some features of Dockerfile (checkpointing, onbuild, cmd, entrypoint, user)
Vagrant allows for “config.vm.provision "docker”” to install base docker requirements
Jenkins has two plugins, to build everything inside a container, and to support docker commands inside build steps. Still investigating.
DinD allows for, eg. Running Jenkins in a container and building containers in that. Loses AUFS advantages.
Quay.io – private registries, index.docker.io also does this now
Orchard – pure awesome sauce (“orchard docker run”)
OpenShift – docker under the hood