Thanks to tools like vagrant, puppet/chef, and Platform as a Service services like Heroku, developers are extremely used to being able to spin up a development environment that is the same every time. What if we could go a step further and make sure our development environment is not only using the same software, but 100% configured and set up like production. Docker will let us do that, and so much more. We'll look at what Docker is, why you should look into using it, and all of the features that developers can take advantage of.
2. Who Am I
• PHP Programmer for over 11 years
• Sysadmin/DevOps for around 9 years
• Using Linux for more than 15 years
• hGps://github.com/dragonmantank
• Author of “Docker for Developers”
• Reigning, Defending, Undisputed PHP
MTG Champion of the World
Lonestar PHP 2016 2
5. What is it from a technical standpoint?
• Docker is a wrapper around Containers
• Docker Engine is the packaging porVon that builds and runs the
containers
• Docker Hub allows you to publish images for others to use
• Docker Machine is a bare-metal provisioning tool
• Docker Swarm is an load-balancing deployment tool
• Docker Compose is a mulV-container build system
Lonestar PHP 2016 5
10. Docker can use many different containers
• Since 0.9.0 it supports:
• LXC (Linux Containers) – Started with LXC when it was released
• OpenVZ
• Systemd-nspawn
• libvert-sandbox
• Qemu/kvm
• BSD Jails
• Solaris Zones
• chroot
Lonestar PHP 2016 10
11. Runs on *nix and Windows Hyper-V
• No naVve container drivers for OSX*
• Amazon has ElasVc Container Service, and Microsok Azure has Azure
Container Service
Lonestar PHP 2016 11
12. Sorry OSX Users
• Docker support is officially maintained through Docker Toolbox
Lonestar PHP 2016 12
15. Running a container
• `docker run` will run a container
• This will not restart an exisVng container, just create a new one
• docker run [opVons] IMAGE [command] [arguments]
• [opVons ]modify the docker process for this container
• IMAGE is the image to use
• [command] is the command to run inside the container
• [arguments] are arguments for the command
Lonestar PHP 2016 15
18. Some Notes
• All three containers are 100% self contained
• Docker containers share common ancestors, but keep their own files
• `docker run` parameters:
• --rm – Destroy a container once it exits
• -d – Run in the background (daemon mode)
• -i – Run in interacVve mode
• --name – Give the container a name
• -p [local port]:[container port] – Forward the local port to the container port
Lonestar PHP 2016 18
20. Modifying a running container
• `docker exec` can run a command inside of an exisVng container
• Use Volumes to share data
Lonestar PHP 2016 20
21. Persistent Data with Volumes
• You can designate a volume with -v
• Volumes can be shared amongst containers
• Volumes can mount data from the host system
Lonestar PHP 2016 21
23. Mounting from the host isn’t perfect
• The container now has a window into your host machine
• Permissions can get screwy if you are modifying in the container
• Most things it creates will be root by default, and you probably aren’t root on
the host machine
• Host-mounted volumes are not portable at all
• Docker Toolbox’s VM only allows mounVng from within your home
directory
Lonestar PHP 2016 23
24. Container Data Volumes
• Uses a small container that does nothing but stores data
• Have our app containers use the data volume to store data
• Use ‘editor containers’ to go in and modify data when needed
Lonestar PHP 2016 24
26. Why not run SSH inside of the container?
• Well, you can…
• Docker is designed for one command per container
• If you need to modify data, then you need to change your setup
• If you have to run SSH, then you need a way to run SSH and your
command
Lonestar PHP 2016 26
27. Why go through the hassle?
• Data volumes are portable
• Data volumes are safer
• Separates the app containers from data
• ProducVon can use a data volume, dev can use a host volume
• Our app containers stay small
Lonestar PHP 2016 27
29. Docker Links
• Allows containers to ‘see’ each other over the network
• Each container thinks the other one is just another machine
• Containers all have an internal network address, so we don’t need to
expose everything through the host
• Currently only works if all the containers are on one machine, Docker
1.10 should fix that
Lonestar PHP 2016 29
32. More Notes!
• We can now rebuild secVons of the app as needed
• We can restart nginx without impacVng PHP
• We can extend much easier
• Linked containers will not update if they are stopped/started
• If we upgrade PHP, we have to destroy/create the web_server container
again
Lonestar PHP 2016 32
38. Inspect a container
docker inspect [opVons] CONTAINER_NAME
• Returns a JSON string with data about the container
• Can also query
• docker inspect -f “{{ .NetworkSe{ngs.IPAddres }}” web_server
• Really handy for scripVng out things like reverse proxies
Lonestar PHP 2016 38
39. Work with images
• docker pull IMAGE – Pulls down an image before using
• docker images – Lists all the images that are downloaded
• docker rmi IMAGE – Deletes an image if it’s not being used
Lonestar PHP 2016 39
41. What is Docker Machine?
• A provisioning tool that is used to set up a box with Docker
• Used in Docker Toolbox to create the VM
• Supports:
• EC2
• Azure
• Digital Ocean
• Hyper-V
• OpenStack
• Virtualbox
• VMWare
Lonestar PHP 2016 41
43. Why use it?
• Makes it very easy to spin up new boxes
• Docker Machine handles all of the dirty stuff for you
• Docker Toolbox users are already using it
• Integrates with Docker Swarm
• It is not necessarily portable
Lonestar PHP 2016 43
45. What is Docker Swarm?
• Cluster management tool developed by Docker
• Looks like a machine running docker, but is actually many machines
Lonestar PHP 2016 45
46. Create a Swarm token
$ docker run --rm swarm create 2
//...
340122bb69c98825b4ac7094c87a07e21
Lonestar PHP 2016 46
52. What is Docker Compose?
• MulV-container orchestraVon
• A single config file holds all of your container info
• Works with Docker Swarm and a few other tools, like Rancher
Lonestar PHP 2016 52
63. Docker Compose changes aren’t
automatic
• You will need to stop, then bring the system again
• docker-compose stop
• docker-compose up
• Docker Compose will generally only restart boxes that have config
changes
• Docker Compose will not automaVcally fix links
Lonestar PHP 2016 63
73. Each situation is different
• You will probably build something custom, using exisVng tools
• Do you use data volumes?
• Do you just package the enVre compiled app?
• Does it need to be distributed?
• Is it going on Swarm, or Amazon ECS?
Lonestar PHP 2016 73
74. Things to consider
• Docker Compose will only deploy an app to one server
• Docker Swarm is preGy low-level and bare-bones
• Volumes on Swarm cannot be shared across hosts
• Host mounVng is 99.99999% of the Vme not what you want to do
Lonestar PHP 2016 74
75. Rancher is a good start
• Provides a nice GUI to manage everything
• Allows volume sharing and networking across hosts
• Works with docker-compose.yml files
• These files can be supplemented with environment variables
Lonestar PHP 2016 75