docker dev ops for cd meetup 12-14
TRANSCRIPT
![Page 1: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/1.jpg)
Micro Services and Con/nuous Deployment with Docker
Andrew Aslinger Dec 4th 2014
![Page 2: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/2.jpg)
2
Agenda
DevOps Philosophy
What is Docker ?
Con/nuous Delivery with AWS and Docker
Demo & Discussion
Advanced Topics
![Page 3: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/3.jpg)
Who am I?
Senior Cloud Architect for OpenWhere Passion for UX, Big Data, and Cloud/DevOps
Previously Designed and Implemented automated DevOps processes for several organiza>ons Mul/ple environments, many user / developer groups, big data clusters, hundreds of machines
A Recovering “Chef” Cer>fied AWS Architect
![Page 4: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/4.jpg)
DevOps Principles
![Page 5: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/5.jpg)
5
1. Immutable Infrastructure 2. Purpose Built Environments 3. Self service for the en>re Landscape 4. Create Programma>c Bill of Material 5. Simplify the tool chain & process 6. DevOps code should co-‐exist with applica>on code 7. Architect, don’t Broker, for Cross Cloud deployments 8. Auto-‐scale from start 9. Build in cost op>miza>on
OpenWhere DevOps Philosophy: Apply SoNware principles to infrastructure
![Page 6: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/6.jpg)
6
• Virtual Infrastructure components are replaced for every deployment, rather than being updated
• Focus on one process (build) vs. two (build & maintain)
1. Immutable Infrastructure
http://martinfowler.com/bliki/ImmutableServer.html
![Page 7: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/7.jpg)
7
2. Use Purpose Built Environments
Fixed, Sta>c Environments – Average 50% variance between produc/on & lower environments
– Suppor/ng environments have variable demand, low overall u/liza/on, & minimal support
Dynamic, on-‐demand environments – Built and scaled for specific purposes – Exist only for the task dura/on
Fixed Environments
Development Staging
Integra/on Demonstra/on
Test /QA Training
Produc/on Etc.
Dynamic Environments
Development for Sprint 11 (3 weeks)
User Test for User Story US 217 (14 hours)
Regression Test for Defect 42 (1 hour)
Performance Test for release 2.3.1 (4 hours)
Training for release 2.3.2 (8 hours/day)
Produc/on for release 2.3.0 (1 month)
![Page 8: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/8.jpg)
8
3. Self Service for the en/re Landscape (systems not servers)
• Single server is not a viable unit of work “In today’s distributed compute environment, developers can’t develop on local worksta/ons.”
• Teams want self-‐service to full systems “I want a LIDAR processing system not 12 servers, 2 subnets, database, NAT, load balancer, etc”
• ShiN self-‐service focus from servers and components to applica/ons & systems (landscapes)
![Page 9: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/9.jpg)
9
• Build infrastructure from JSON Templates – JSON descrip/on file (programma/c Bill of Materials) – Perform programafc dependency and impact analysis -‐ just like on code – Used to ini/alize Docker Containers
• Resource specific templates – AWS Cloud Forma/on – OpenStack HEAT – Docker File / Fig – OpenWhere has developed a Javascript DSL to generate these cloud specific templates
4. Create Programma>c Bill of Material
The en/re system is captured as a soNware code. This allows the infrastructure to be version controlled and replicated like any other soNware asset.
![Page 10: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/10.jpg)
10
A very, very small sample of the tool space . . .
Infrastructure Configura/on Infrastructure Provisioning
Applica/on Deployment Pipeline Management
![Page 11: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/11.jpg)
11
1. Immutable Infrastructure 2. Purpose Built Environments 3. Self service for the en/re Landscape 4. Create Programma/c Bill of Material 5. Simplify the tool chain & process 6. DevOps code should co-‐exist with applica>on code 7. Architect, don’t Broker, for Cross Cloud deployments 8. Auto-‐scale from start 9. Build in cost op>miza>on
OpenWhere DevOps Philosophy: Apply SoNware principles to infrastructure
Docker helps ena
ble many of
these principles
![Page 12: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/12.jpg)
What is Docker?
![Page 13: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/13.jpg)
What is Docker?
“Docker is an open pla0orm for developers and sysadmins to build, ship, and run distributed applica:ons”
light weight container
Yet another DevOps tool Latest hype?
![Page 14: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/14.jpg)
What is Docker?
Docker really does for any unit of work and all it’s dependencies (OS, configura:on, binaries, any soCware language etc.) what the
JVM did for your code
• Have something in Python or Fortran? – Sure • Gnarly C Libraries – All right! How about I run it on your Mac and EC2
• Conflic:ng dependencies across two services – not a problem!
![Page 15: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/15.jpg)
Docker Benefits
• Portability Across Machines – Local Vagrant like deployment, Remote Deployment including
Amazon EC2 – Independent of host OS – Lightweight vs VMs
• Supports DevOps Best Prac>ces & Re-‐use – Infrastructure as Code – Container Extensibility
• Fits into a Con>nuous Deployment Pipeline
• Isola>on and Single Responsibility – Reduce dependency conflicts, security
• S>ck any unit of work in a black box with its dependencies – Code with complex dependencies and configura/on, short lived
tasks, long running services, etc.
Virtual Machines
Docker
![Page 16: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/16.jpg)
16
Docker Image
Dockerfile conf
docker build –t imagename .
Docker Registry registryname:
docker tag imagename registryname/imagename
Docker Image
Docker Container
docker run –p 9000:9000 –d --name containername imagename
Development Environment
Host Environment
docker stop/restart/start containername
https://registry.hub.docker.com/ or
Private registry
A Typical Docker Flow with six simple commands
![Page 17: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/17.jpg)
Docker with AWS
![Page 18: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/18.jpg)
Why Docker with EC2?
• Build once, run many places – Dev Machines, different clouds, different VPCs,
share and build – Not /ed to box size or guest OS
• AMI’s are difficult to rebuild and more difficult to maintain – Snapshots retain baggage – There is no “git” version control for AMI – AMI’s are not cross region compa/ble – Other AMI tools like Amiator aren’t easy to use
• Easier to achieve immutable infrastructure and one click deploys
• Treat your infrastructure as code with a Con>nuous Deployment Pipeline
![Page 19: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/19.jpg)
Why Docker with EC2?
• Separate your data and state from your image • Machine layers evolve at different velocity and have different reuse (Example Later) – Core OS – Organiza/on Level Requirements – Applica/on Level Requirements – Applica/on Code
• Test and version control your deploy ar/facts and configura/on together – Same container for developers and EC2 – Java Example
• Stop maintaining AMIs • HPC algorithm distribu/on unit (Apache Mesos)
+
![Page 20: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/20.jpg)
Docker Con>nuous Deployment Flow: Set up AWS infrastructure
Create AWS Ec2 Instances and install Docker
1
yum install -y docker-io service docker start ….
![Page 21: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/21.jpg)
Commit New Code w/ Docker file
SCM Poll Trigger build
Push Artifacts (optional)
Push new Image to public or private repo
2
3
4
6
Build new Docker Image from Docker File 5
Docker Con>nuous Deployment Flow: Build and push docker image with latest code
![Page 22: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/22.jpg)
Docker Con>nuous Deployment Flow: Trigger EC2 to pull latest Docker image
Trigger Docker Pull on target machines
7
Docker Pull & start container
8
![Page 23: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/23.jpg)
Advanced #1: Docker Image Layers using FROM and OnBuild commands in the Docker File
Core OS
Organiza/on Base OS
Organiza/on Applica/on Image (Example NodeJs Web App Image)
Project Code Specific Image Project SCM
Common Dependencies & Config: Security, LDAP, Logging, etc.
Base OS: CentOs, Ubuntu, etc.
Application Dependencies & Config: NodeJS, express, supervisord etc.
ONBUILD
Doc
ker I
mag
e La
yers
Jenkins Built
Reusable
Machine layers can evolve at different velocity and have different levels of reuse
![Page 24: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/24.jpg)
Advanced #2: Linked Containers
Host OS
Container 1 DB
Container 2 Web
$DB_PORT = 6379, etc.
--link name:alias docker run -d -P --name web --link db:db training/webapp python app.py
/etc/hosts db 172.0.0.2
Run multiple containers on a machine. Each with a responsibility linked by ports / address https://docs.docker.com/userguide/dockerlinks/
Tools like Fleet or Elas/c Container
Service will make this easier
![Page 25: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/25.jpg)
Advanced #3: Data Containers
Host OS
Data Container (non running)
Container 2 Web
sudo docker run -d --volumes-from dbdata --name db2 training/postgres
/volume
A container which allows sharing of data across containers https://docs.docker.com/userguide/dockervolumes/
Benefits: Change image independent of data (maintainability) Enables Data sharing patterns (single responsibility) Limitations: Data is Tied to Host OS
/volume -file1.txt -file2.txt
Physical files docker managed
Container 3 Web
/volume
![Page 26: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/26.jpg)
Advanced #4: Customize on Init
You need to parameterize and modify items in a container based on the environment, and ENV variables won’t work
Examples: Set a IP address or DNS name, Set a DB password Pattern: 1. Load a script onto the box as part of an building the image 2. Run script at container launch 3. Script uses environment variables to customize settings files etc 4. Environment variables are passed to the docker run Command
Data Container (non running)
start.sh config.conf sed docker run -e
DB=10.0.0.1
Service Discov
ery &
Registra/on
is an
emerging area
![Page 27: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/27.jpg)
Service Discovery
![Page 28: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/28.jpg)
Service Discovery Needs / Drivers
• Managing large amounts of Micro-‐Services quickly becomes unmanageable • Tradi/onal Approaches of orchestra/on oNen require sta/c endpoints which do not scale and are more difficult to manage
• Docker introduces paperns of linking containers but one quickly runs into the need to link services across hosts
• Solu/on must deal with Cloud Focused Architectures, Rolling Deploys, Mul/ple Environments, and Elas/city, etc.
http://www.cargolaw.com/2007nightmare_ital.florida.html
![Page 29: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/29.jpg)
Ideal Solu/on Goals • “Services just find each other and work”
– Auto-‐wiring / Full Automa/on • Services automa/cally discover one another • Works with machines coming/going and autoscale groups • Minimal or no host hardcoding • Easy to manage • Supports con/nuous deployment
– Scalability to hundreds/thousands of services – Easy to use – Minimal impact / code changes to exis/ng services – Docker / Container Process Integra>on – Versa/lity & Host and Environment Agnos/c – Health Checking – Supports Orchestra/on of Deployments – Upward trajectory for tech and room for growth
![Page 30: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/30.jpg)
Comparison Matrix Stack Smart Stack Consul Etcd CoreOS AWS Manual
Techs Nerve, Synapse, HAProxy, Zookeeper
consul etcd CoreOS, fleet, etcd
Route53 + ELB + CloudForma/on
Link hpp://nerds.airbnb.com/smartstack-‐service-‐discovery-‐cloud/
hpp://www.consul.io hpps://github.com/coreos/etcd
hpps://coreos.com/
Custom AWS Solu/on
Pros • Some people use with docker
• Well defined
• Opinionated • Mul/-‐data center • Key / value • Strong health
checking • DNS + Rest • Gossip built on serf
protocol • UI
• Simple / Fast (RaN based)
• Key/value • Op/on for DNS via
SkyDNS2
• Docker centric
• Security focus
• Orchestra/on of Containers
• Simple and easy
• Known approach
Cons • More complex stack
• Zookeeper underpinnings, no dynamic fleets
• Docker is added on not centric like CoreOS
• Manual solu/on when used alone
• Less Opinionated
• Requires their OS (less proven off cloud)
• Requires hardcoding
• Doesn’t scale or translate outside AWS
![Page 31: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/31.jpg)
Selec/on
• Selec/on: Consul + Docker Integra/ons – Consul + some external open source Docker integra/ons met all the goal criteria except orchestra/on • Orchestra/on easy to accomplish with current Cloud Forma/on Process • Elas/c Container service also will provide orchestra/on
• Runners Up – CoreOS close but concerns over on-‐premise deploys. Also lacked easy DNS and was a more dras/c change as requires different host OS
– Etcd by itself and even with docker integra/ons was s/ll too manual and didn’t require enough flexibility
– AWS while known was more short term as offered less flexibility and lacked other features including non-‐hpp health checks, etc.
![Page 32: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/32.jpg)
Our Consul Architecture
Micro Service Container Consul Agent
Registrator
DNS / HTTP
External Services
Service Registry, Key Value Store
Micro Service Hosts
Gossip Protocol
Consul
Elas/cache
MongoDB SAS /
External APIs
Master Cluster
Automatic registration
Automatic discovery
![Page 33: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/33.jpg)
Orchestra/on
• How do I manage deployment, resource alloca>on, linking, etc. of all these containers? – Container as a first class ci/zen instead of the VM – If I split things smaller, I want more automa/on in the management – Docker provides common paperns and interface of work (start / stop etc.) – Manage the container linking and items not in my Dockerfile
• Op>ons: – Mesos:
• Launch tasks that contain docker containers • hpp://mesos.apache.org/documenta/on/latest/docker-‐containerizer/
– AWS Elas/c Container Service (Preview): • Dynamically allocate containers across a cluster • Ground up built for minimal thought Docker in the cloud • hcp://aws.amazon.com/ecs/
– Google Container Engine • Manage Docker containers on Google Compute Engine • hcps://cloud.google.com/container-‐engine/
![Page 34: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/34.jpg)
OpenWhere Docker Wins
1. Full con>nuous deployment and write once, deploy many >mes realized
2. Developer Replacement for vagrant – Less complexity – Test with what you deploy!
3. Deployment build process co-‐exists with the sodware! – Reduced Maintenance, developer buy-‐in, testability
4. Awesome Re-‐use with minimal code – 1 line Dockerfile(s) for new MEAN Stack apps
5. Simplicity (Streamlined DevOps)
![Page 35: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/35.jpg)
OpenWhere Docker Burns
• Learning Curve / Maturity – Learning and growing to a Docker way for each DevOps task (s/ll in progress) – Example: Need “tricks” to do things like have more than one process running in a container – Example: Learning layers are independent and don’t retain state between RUN commands
• A Docker Container is not the same as a typical virtual machine – Basic stuff like syslog off and tar, wget not installed – Base Image: hpp://phusion.github.io/baseimage-‐docker/ – Ideal State: Single process vs. Single Responsibility
• Containers not restar>ng on EC2 Restart – We hacked a cloud-‐init work around
• Upda>ng to new images is dirty – Manually clean up images / containers or run out of disk!
• Debugging can be more complex: – Largely fixed In Docker 1.3: `docker exec –I –t [container-‐name] bash`
![Page 36: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/36.jpg)
Recommenda/ons & Next Steps
• Docker works great for a Con/nuous Deployment flow on EC2 – Especially for stateless applica/ons or a micro-‐service architecture
• Complex cluster deployments, stateful applica/ons or databases, are harder to achieve – You may need to roll your own solu/on or integrate with another technology
• Docker Next Steps: Programs and IR&D – Security Tes/ng & Recommenda/ons – Service Discovery (Consul, Fleet, Kubernetes, Mesos, Helios, Centurion, libswarm, etc.)
– Data Persistent Pacerns (Data Lake, Shared Volumes, etc.)
![Page 37: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/37.jpg)
Ques/ons
![Page 38: Docker dev ops for cd meetup 12-14](https://reader034.vdocument.in/reader034/viewer/2022042817/55a6868b1a28abe2088b46b3/html5/thumbnails/38.jpg)
38
Contact Informa/on
Andrew Heifetz Chief Cloud Officer OpenWhere [email protected] @andyheifetz hpp://www.linkedin.com/pub/andrew-‐heifetz Cell: 240-‐481-‐7442
Andrew Aslinger Senior Systems Architect OpenWhere [email protected] @aaa572 hpp://owaaa.github.io/