Docker for Developers

Docker for Developers
Chris Tankersley
@dragonmantank
Lonestar PHP 2016
Lonestar PHP 2016 1

Who Am I
•  PHP Programmer for over 11 years
•  Sysadmin/DevOps for around 9 years
•  Using Linux for more than 15 years
•  hGps://github.com/dragonmantank
•  Author of “Docker for Developers”
•  Reigning, Defending, Undisputed PHP
MTG Champion of the World
Lonestar PHP 2016 2

What Is Docker?
“Docker is an open plaUorm for developers and sysadmins to build,
ship, and run distributed applicaVons. ConsisVng of Docker Engine, a
portable, lightweight runVme and packaging tool, and Docker Hub, a
cloud service for sharing applicaVons and automaVng workﬂows,
Docker enables apps to be quickly assembled from components and
eliminates the fricVon between development, QA, and producVon
environments.”
Lonestar PHP 2016 4
hGps://www.docker.com/whaVsdocker/

What is it from a technical standpoint?
•  Docker is a wrapper around Containers
•  Docker Engine is the packaging porVon that builds and runs the
containers
•  Docker Hub allows you to publish images for others to use
•  Docker Machine is a bare-metal provisioning tool
•  Docker Swarm is an load-balancing deployment tool
•  Docker Compose is a mulV-container build system
Lonestar PHP 2016 5

Containers
Lonestar PHP 2016 6

Normal Bare-Metal Server
Lonestar PHP 2016 7
CPU RAM HD Network
OperaVng System
nginx PHP DB

Virtual Machines
Lonestar PHP 2016 8
CPU RAM HD Network
OperaVng System
nginx PHP DB
OperaVng System
nginx PHP DB
OperaVng System
Hypervisor

Containers
Lonestar PHP 2016 9
CPU RAM HD Network
OperaVng System
nginx nginx PHP DB PHP DB

Docker can use many different containers
•  Since 0.9.0 it supports:
•  LXC (Linux Containers) – Started with LXC when it was released
•  OpenVZ
•  Systemd-nspawn
•  libvert-sandbox
•  Qemu/kvm
•  BSD Jails
•  Solaris Zones
•  chroot
Lonestar PHP 2016 10

Runs on *nix and Windows Hyper-V
•  No naVve container drivers for OSX*
•  Amazon has ElasVc Container Service, and Microsok Azure has Azure
Container Service

Sorry OSX Users
•  Docker support is oﬃcially maintained through Docker Toolbox

Docker Toolbox also is for Windows

Let’s use Docker

Running a container
•  `docker run` will run a container
•  This will not restart an exisVng container, just create a new one
•  docker run [opVons] IMAGE [command] [arguments]
•  [opVons ]modify the docker process for this container
•  IMAGE is the image to use
•  [command] is the command to run inside the container
•  [arguments] are arguments for the command

Running a simple shell

Running Two Webservers

Some Notes
•  All three containers are 100% self contained
•  Docker containers share common ancestors, but keep their own ﬁles
•  `docker run` parameters:
•  --rm – Destroy a container once it exits
•  -d – Run in the background (daemon mode)
•  -i – Run in interacVve mode
•  --name – Give the container a name
•  -p [local port]:[container port] – Forward the local port to the container port

Modifying a running container
•  `docker exec` can run a command inside of an exisVng container
•  Use Volumes to share data

Persistent Data with Volumes
•  You can designate a volume with -v
•  Volumes can be shared amongst containers
•  Volumes can mount data from the host system

Mounting from the host machine

Mounting from the host isn’t perfect
•  The container now has a window into your host machine
•  Permissions can get screwy if you are modifying in the container
•  Most things it creates will be root by default, and you probably aren’t root on
the host machine
•  Host-mounted volumes are not portable at all
•  Docker Toolbox’s VM only allows mounVng from within your home
directory

Container Data Volumes
•  Uses a small container that does nothing but stores data
•  Have our app containers use the data volume to store data
•  Use ‘editor containers’ to go in and modify data when needed

Mounting Data Volumes

Why not run SSH inside of the container?
•  Well, you can…
•  Docker is designed for one command per container
•  If you need to modify data, then you need to change your setup
•  If you have to run SSH, then you need a way to run SSH and your
command

Why go through the hassle?
•  Data volumes are portable
•  Data volumes are safer
•  Separates the app containers from data
•  ProducVon can use a data volume, dev can use a host volume
•  Our app containers stay small

Network Linking

Docker Links
•  Allows containers to ‘see’ each other over the network
•  Each container thinks the other one is just another machine
•  Containers all have an internal network address, so we don’t need to
expose everything through the host
•  Currently only works if all the containers are on one machine, Docker
1.10 should ﬁx that

More Traditional Setup
INTARWEBS Nginx PHP-FPM
Data Volume
Port 9000
Editor

Let’s Build It

More Notes!
•  We can now rebuild secVons of the app as needed
•  We can restart nginx without impacVng PHP
•  We can extend much easier
•  Linked containers will not update if they are stopped/started
•  If we upgrade PHP, we have to destroy/create the web_server container
again

Creating your own Images

Dockerfile
•  Dockerfile is the configuraVon steps for an image
•  Can be created from scratch, or based on another image
•  Allows you to add files, create default volumes, ports, etc
•  Can be used privately or pushed to Docker Hub

FROM phusion/baseimage:0.9.10
# …
CMD ["/sbin/my_init"]
# Nginx-PHP Installation
RUN apt-get update
RUN apt-get install -y vim git curl wget build-essential python-software-properties
php5-cli php5-fpm php5-mysql php5-pgsql php5-sqlite php5-curl
php5-gd php5-mcrypt php5-intl php5-imap php5-tidy mysql-client
# …
RUN mkdir /var/www
ADD build/default /etc/nginx/sites-available/default
# …
EXPOSE 80 22
VOLUME /var/www
VOLUME /etc/nginx
VOLUME /etc/php/
VOLUME /var/log

RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

Build it
docker build -t tag_name ./
•  This runs through the Dockerﬁle and generates the image
•  We can now use the tag name to run the image

Other Helpful Commands

Inspect a container
docker inspect [opVons] CONTAINER_NAME
•  Returns a JSON string with data about the container
•  Can also query
•  docker inspect -f “{{ .NetworkSe{ngs.IPAddres }}” web_server
•  Really handy for scripVng out things like reverse proxies

Work with images
•  docker pull IMAGE – Pulls down an image before using
•  docker images – Lists all the images that are downloaded
•  docker rmi IMAGE – Deletes an image if it’s not being used

Docker Machine

What is Docker Machine?
•  A provisioning tool that is used to set up a box with Docker
•  Used in Docker Toolbox to create the VM
•  Supports:
•  EC2
•  Azure
•  Digital Ocean
•  Hyper-V
•  OpenStack
•  Virtualbox
•  VMWare

Creating a new machine

Why use it?
•  Makes it very easy to spin up new boxes
•  Docker Machine handles all of the dirty stuﬀ for you
•  Docker Toolbox users are already using it
•  Integrates with Docker Swarm
•  It is not necessarily portable

Docker Swarm

What is Docker Swarm?
•  Cluster management tool developed by Docker
•  Looks like a machine running docker, but is actually many machines

Create a Swarm token
$ docker run --rm swarm create 2
//...
340122bb69c98825b4ac7094c87a07e21


Create a Swarm Master
$ docker-machine create -d virtualbox
--swarm
--swarm-master
--swarm-discovery token://40122bb69c98825b4ac7094c87a07e21
swarm-master


Add nodes to the swarm
docker-machine create -d virtualbox
--swarm
swarm-node-1

docker-machine create -d virtualbox
--swarm
swarm-node-2

Switch to the master
eval $(docker-machine env --swarm swarm-master)


Add some containers

Docker Compose

What is Docker Compose?
•  MulV-container orchestraVon
•  A single conﬁg ﬁle holds all of your container info
•  Works with Docker Swarm and a few other tools, like Rancher

Sample docker-compose.yml
phpserver:
build: ./docker/php
volumes:
- /home/ctankersley/Projects/dockerfordevs:/var/www/
links:
- mysqlserver

mysqlserver:
image: mysql
environment:
MYSQL_DATABASE: dockerfordevs
MYSQL_ROOT_PASSWORD: docker
volumes:
- /var/lib/mysql

nginx:
build: ./docker/nginx
ports:
- "80:80"
- "443:443"
links:
- phpserver

Docker Compose in Action

Let’s build an application

The Goal
•  A three container applicaVon with nginx, php, and mysql
•  ApplicaVon will read and write to the database
•  Can deploy to a producVon machine

Folder Structure

A basic docker-compose.yml
phpserver:
image: php:7-fpm
volumes:
- ./application:/var/www/

nginx:
image: nginx
ports:
- "80:80"
- "443:443"
volumes:
- ./nginx:/etc/nginx/conf.d/
links:
- phpserver

nginx/nginx.conf
server {
listen 80;

root /var/www/html;
index index.html index.htm index.php;

access_log /dev/stdout;
error_log /dev/stderr;

location / {
try_files $uri $uri/ /index.html /index.php?$query_string;
}

location ~ .php$ {
fastcgi_split_path_info ^(.+.php)(/.+)$;
fastcgi_pass phpserver:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}

Hello World
<?php

echo "Hello World";

Bringing it to life

Adding in MySQL
phpserver:
image: php:7-fpm
volumes:
links:
- mysqlserver

mysqlserver:
image: mysql
environment:
MYSQL_DATABASE: dockerfordevs
MYSQL_ROOT_PASSWORD: docker
volumes:
- /var/lib/mysql

Docker Compose changes aren’t
automatic
•  You will need to stop, then bring the system again
•  docker-compose stop
•  docker-compose up
•  Docker Compose will generally only restart boxes that have conﬁg
changes
•  Docker Compose will not automaVcally ﬁx links

Connecting to the database
<?php
$hostname = 'mysqlserver';
$database = 'dockerfordevs';
$user = 'root';
$password = 'docker';
$dbh = new PDO('mysql:host=' . $hostname . ';dbname=' . $database . '', $user, $password);

echo 'Hello World';

Testing it

Why didn’t it work?
•  Default PHP images ship with barely any extensions enabled by
default
•  We will need a custom PHP Image

Update our docker-compose.yml
phpserver:
build: ./docker/php
volumes:
links:
- mysqlserver

Custom Docker File
FROM php:7-fpm
# Install modules
RUN apt-get update && apt-get install -y
libmcrypt-dev
&& docker-php-ext-install pdo
&& docker-php-ext-install pdo_mysql
CMD ["php-fpm"]

Let’s try that again

Deploying

I can’t answer this for you
¯_(ツ)_/¯

Questions?

Each situation is different
•  You will probably build something custom, using exisVng tools
•  Do you use data volumes?
•  Do you just package the enVre compiled app?
•  Does it need to be distributed?
•  Is it going on Swarm, or Amazon ECS?

Things to consider
•  Docker Compose will only deploy an app to one server
•  Docker Swarm is preGy low-level and bare-bones
•  Volumes on Swarm cannot be shared across hosts
•  Host mounVng is 99.99999% of the Vme not what you want to do

Rancher is a good start
•  Provides a nice GUI to manage everything
•  Allows volume sharing and networking across hosts
•  Works with docker-compose.yml ﬁles
•  These ﬁles can be supplemented with environment variables

Rancher in action

Questions?

http://ctankersley.com
chris@ctankersley.com
@dragonmantank
https://joind.in/talk/2d8b6

Docker for Developers

Recommandé

Recommandé

Contenu connexe

Tendances

Tendances (20)

En vedette

En vedette (20)

Similaire à Docker for Developers

Similaire à Docker for Developers (20)

Plus de Chris Tankersley

Plus de Chris Tankersley (20)

Dernier

Dernier (20)

Docker for Developers