docker novosibirsk meetup #3 - docker in production

Docker in ProductionSomething new or just buzzwords?

Gianluca ArbezzanoSoftware Engineer @CurrencyFair

DevOps enthusiast and Open Source developer.

● http://scaledocker.com● http://gianarb.it● https://twitter.com/gianarb● https://github.com/gianarb● hello@thumpflow.com

> Automate the boring stuffs.

Internet users in the World

http://www.internetlivestats.com/internet-users/

Cloud Computing

1960s The initial concepts of time-sharing became popularized via RJE (Remote Job Entry);[

1990s Telecommunications companies, who previously offered primarily dedicated point-to-point data circuits, began offering virtual

private network (VPN) services with comparable quality of service, but at a lower cost.

2000s Cloud computing has come into existence. In early 2008, NASA's OpenNebula

2006s Amazon introduced its Elastic Compute Cloud.

2008s Microsoft Azure was announced as "Azure". It was released on 1 February 2010 as Windows Azure

2010s Rackspace Hosting and NASA jointly launched an open-source cloud-software initiative known as OpenStack

https://en.wikipedia.org/wiki/Cloud_computing#Origin_of_the_term

Your application and your business

That’s what matters

Problems that I see● Onboarding new users● Testing● Deploy your application● Scalability● Timing● Number of applications

Why containers are good● Easier to deploy● Good to keep developers and system administrator frends● Less expensive to manage in time compared with VM. But you still need

VMs or at least servers.● Immutable

you still need VMs or at least servers.

You still need to manage● Network● Hostname● Firewall● Maybe some tools like vim, you always need vim● Docker itself needs to be installed and configurated

Everything as code:1. Cloud init2. Configuration management3. Docker

https://github.com/chef-cookbooks/docker

VPN - It’s not complicated! Stop to think that...

https://community.openvpn.net/openvpn/wiki/BridgingAndRouting

dockerd -H fd:// -H tcp://10.7.5.22 --label kind=private

6 October 2016© 2016 CurrencyFair Ltd

Docker 1.13 makes production environment

good.

6 October 2016© 2016 CurrencyFair Ltd

CLI redesign

Docker CLI is always a privileged client for the daemon. Thousand

of users learn how to run contains with this tools:

docker run -it alpine sleep 10

6 October 2016© 2016 CurrencyFair Ltd

CLI redesign

Advanced users or scripts to build complex solution:

find '/var/lib/docker/volumes/' -mindepth 1 -maxdepth 1 -type d | grep -vFf <(

docker ps -aq | xargs docker inspect | jq -r '.[]|.Mounts|.[]|.Name|select(.)'

)

6 October 2016© 2016 CurrencyFair Ltd

But was time for a little re-design

6 October 2016© 2016 CurrencyFair Ltd

top level command

● checkpoint Manage checkpoints

● container Manage containers

● image Manage images

● network Manage networks

● node Manage Swarm nodes

● plugin Manage plugins

● secret Manage Docker secrets

● service Manage services

● stack Manage Docker stacks

● swarm Manage Swarm

● system Manage Docker

● volume Manage volumes

100% compatible with the old commands: run, stop, start and so on

http://blog.arungupta.me/docker-1-13-management-commands/

6 October 2016© 2016 CurrencyFair Ltd

Keep your environment clean

docker system

docker system info == docker info

docker system event => to follow stream’s events from deamon

docker system prune => to clean your env from bad layers,

volumes and networks

6 October 2016© 2016 CurrencyFair Ltd

Welcome compose v3version: ‘3’

services:

micro:

image: gianarb/micro:1.2.0

deploy:

mode: replicated

replicas: 2

resources:

limits:

cpus: '0.25'

memory: 512M

reservations:

cpus: '0.25'

memory: 256M

restart_policy:

condition: on-failure

delay: 5s

max_attempts: 3

window: 120s

Compatible with Swarm modedocker stack create \ -c ./docker-compose.yml frontend

6 October 2016© 2016 CurrencyFair Ltd

Secrets are available in Swarm mode

docker secret create well ./secret.json

docker service create --secret well alpine sleep 1000

Secrets are running in directory /run

6 October 2016© 2016 CurrencyFair Ltd

Squash layers

docker build --squash -t jenkins-sq .

Demo

● https://github.com/gianarb/micro● https://github.com/gianarb/docker-stack● https://github.com/gianarb/papiro● https://docs.docker.com/engine/swarm/secrets/● https://docs.docker.com/engine/reference/commandline/system/● https://docs.docker.com/docker-cloud/apps/stack-yaml-reference/

Thankshttp://gianarb.it