SlideShare a Scribd company logo

LXC to Docker Via Continuous Delivery

Docker, Inc.
Docker, Inc.
1 of 64
Download to read offline
L X C T O D O C K E R V I A C O N T I N U O U S D E L I V E RY ! @ M I C H A E L N E A L E @ C L O U D B E E S
A B O U T M E & C L O U D B E E S • co-founder • cloudbees: continuous delivery company • Best known for Jenkins!
S U M M A RY • Challenge: 3 disparate ways of containerisation • evolution from cgroups to LXC - finally to docker • a work in progress • How Docker fits in with CD • Lessons learned about containers in anger
O U R C H A L L E N G E - 3 E V O LV E D S TA N D A R D S A P P S J E N K I N S M A S T E R S B U I L D E X E C U T O R S
• PaaS - more freedom for users • Multi tenancy needs • Containment • use: cgroups, lxc, erlang control plane. A P P S
• Non trivial to host: plugins, user config. • multi tenancy (again) • persistent volumes !! • openvpn servers/clients and more • rapid iteration • existing solution was: chef + lxc J E N K I N S M A S T E R S
• flexible build environments (user customisation) • clean workspace (no processes) • lxc + zfs + rest api • covers os-x (virtualised kvm) • network isolation (builds do all sorts of things) • multi tenancy (large, we call it “mansion”) • shorter duration containers B U I L D E X E C U T O R S
• Why ZFS? • pooling of disks • pool of slaves (consistent hash==get a server with your stuff cached on it from last build) • future: docker + zfs tempting • C.O.W semantics (similar to aufs/devicemapper) • shared pools • Highly variable workload (season, time of day) B U I L D E X E C U T O R S http://developer-blog.cloudbees.com/2014/03/hi-speed-linux-builds-for- devcloud.html
http://developer- blog.cloudbees.com/ 2013/05/inside-linux- containers-lxc-with.html? q=lxc Evidence
• > 3 years LXC in production • 1000’s of servers • … but 3 different ways of doing similar-ish things evolved, so… C O N TA I N E R S
U N I F Y A L L T H R E E : D O C K E R A P P S J E N K I N S M A S T E R S B U I L D S L AV E S
source: if you don’t know xkcd leave now please N O W W E H AV E 4 S TA N D A R D S
Q U I C K A S I D E • continuous delivery refresher
C O N T I N U O U S D E P L O Y M E N T • ftp *.php to server
C O N T I N U O U S D E L I V E RY • Feature ready, feature deployed • risk proportional to time between deploys • more deploys == lower risk • You all know this right?
C D & D O C K E R • like wine & cheese (or a whale and containers?) • docker image == unit of deployment • triviality of concurrent docker images
L I M I T S O F C D - E G S U R V E Y M O N K E Y • Developer commits to Git • Jenkins builds app war file • Ephemeral app is launched • UAT is run against this (selenium) • Ephemeral app is destroyed • If DB schema changes, wait for approval • blue/green deploy to production
C D T I M E L I N E
B L U E G R E E N • source: martin fowler
• In docker terms: NEVER update an image • docker build -t app:$BUILD_NUMBER! • docker build -t app_$BUILD_NUMBER! • maybe: -t app:latest? (:production can be prod tag)
N E X T P H A S E O F O U R J O U R N E Y • Deploying lots of Jenkins • From cgroups -> lxc -> docker over time
D E P L O Y I N G L O T S O F J E N K I N S V 1 • Initial: cgroups (and ephemeral users): P R O V I D O R E M A S T E R H O S T assign user/port new acct/wake up setup U S E R D ATA S N A P S H O T create volume for master+slave
W H AT W E D I D N E X T • Chef • Needed some structure around setup • Smart people were doing it • recipes were a hit with the team
A L S O I N T R O D U C E D L X C F O R M A S T E R S • Tweakable image • Superior containment • OpenVPN and other network improvements
D E P L O Y I N G V 2 P R O V I D O R E M A S T E R H O S T assign user/port new acct/wake up chef on setup U S E R D ATA S N A P S H O T C H E F R E P O
C H A L L E N G E S W I T H C H E F B O O T • LXC image not often updated (cost/time) • ∴ more work done on startup (via chef) • ∴ slower, error prone, runtime dependency on chef repo
C H A L L E N G E S U P D AT I N G I M A G E • Sans docker: lots of large files to push and pull • Starting “cold” each time • No registry • No Dockerfile • No cache of images • No easy dev. desktop experience
L X C - > D O C K E R • AOT image preparation • Layered FS makes cost affordable • don’t leave it to (Jenkins/app) boot time • Developers can do it on desktop • “refresh driven development” • truly portable images • “socialise container bugs”
N O T E : O N C O N TA I N E R S A N D M E M O RY • our old model • thinking: swap bad, kill apps when out of memory • turns out people hate this • no swap accounting • docker memory (-m parameter) • swapaccount=1 kernel param (eg pvgrub/ec2: /boot/grub/ menu.lst) • docker way: the right way (account for swap, prevent accidents)
S U M M A RY: • Docker turns into perfect solution
T H E I D E A L D O C K E R F I L E • Prefer native packaging • Dockerfile essentially series of package installs • and small minor steps • anything > 1 line bash is a OS package
T H E I D E A L D O C K E R F I L E • No one agreed with me.
C H E F - S O L O • compromise: chef-solo ahead of time • Docker image built ahead of time • Dockerfile generated based on chef-solo • re-use of chef recipes, but done at the “correct” time
N E W H I G H L E V E L W O R K F L O W R E C I P E C H A N G E D O C K E R B U I L D S M O K E T E S T S 3 B E E S C L O U D VA L I D AT E ( S 3 ) P U L L O N E X I S T I N G N E W A M I P R E - S E E D E D U N - H I B E R N AT E / N E W G E T L AT E S T tag: $BUILD_NUM
R E S U LT • Cold build of AOT image - 6 minutes (old 15) - in .au • Warm build in seconds • build on desktop or CI • though: registry in .au can be PAINFUL
N E X T C H A L L E N G E : D I S T R I B U T I N G I M A G E S • We didn’t have per-node (lxc) image caching • Download on launch or refresh (s3 fast enough) • AMIs refreshed “reasonably” often, servers rotated • Docker gave us that for free, but…
R E G I S T RY ? • Continuous Delivery generates a LOT of artifacts • every build • Want to keep everything (sort of) • Need a perfect scalable store for large binary objects • Solomon guarantees index backed up on 12 
 continents** • Need to quickly get images on boxes
G E T T I N G I M A G E S O N B O X E S • Options • Twitter “murder” (clever use of bittorrent) • We host (mostly) on ec2: s3 reliably 50-200MB/s • Reduce permutations of images required on a box • Private registry
R E G I S T RY • Needs to be very HA • It’s a runtime production grade dependency • High throughput for large blobs (push and pull) • We run on EC2 (US-east-1 and EU-west-1)
R E G I S T RY D O C K E R R E G I S T RY S 3 Many instances Free scalabilitywork :(
R E G I S T RY D O C K E R S 3 Many instances Free scalability load/save Also: fully offline from public registry
S 3 • no servers are good servers • S3 is magic. • someone claimed it runs on servers, lies. Can’t be true. • ideally only deploy time dependency is on S3 (or similar) • Is safe to consider it HA
D O G E S T RY • https://github.com/blake-education/dogestry • think: docker save -> rsync layers to S3 bucket • future: s3 client app “plugin” for docker CLI • temporary measure
D O G E S T RY • dogestry push s3://ops-goodies/docker- repo/?region=us-west-2 hipache! • dogestry pull s3://ops-goodies/docker- repo/?region=us-west-2 hipache
S 3 S T O R A G E
R E G I S T RY - F U T U R E O P T I O N S • shift to private registry or s3 client • private registry “client” on each node with /etc/hosts hack (backed by s3) • just use index.docker.io for private • For Now: Using private registry where it makes sense • Now: dogestry/s3
F I N A L H I G H L E V E L W O R K F L O W R E C I P E C H A N G E D O C K E R B U I L D S M O K E T E S T S 3 / D O G E S T RY S T O R E L AT E S T I M A G E N A M E push s3 jenkins_ $build_number S 3 P U L L / P R E - S E E D approve image
S U P E R V I S I O N • Currently using runit with “docker run” • Fits in with existing systems, log shipping etc. • Behaves itself • Systemd also good • Future: docker “native” daemonisation
P E R B U I L D R E P O V S TA G • ie “docker pull jenkins:$BUILD_NUMBER” vs “docker pull jenkins_$BUILD_NUMBER” • Why not use tags for builds? • Massive repo growth, every build (Cont. Delivery) • ever need to export whole repo? purge tags? • historical impact on pull (resolved now?)
F I N A L L E S S O N S L E A R N E D …
• Multi tenancy needs (user-namespace !!!) • Solutions • whitelisted dockerfiles to base images on • produce docker image for user • desires • securely allow users full freedom (uid=0 mapping) B U I L D E X E C U T O R S M U LT I T E N A N C Y C H A L L E N G E
O N E D O C K E R I M A G E P E R A P P ? • A) One docker image per app, or • B) Generic docker image, with app bind-mount in at runtime ! • Advantage B: less of an explosion of images. Faster to get new box “seeded”. JVM apps, node apps, Go apps all work well this way.
D O C K E R A S PA C K A G I N G S Y S T E M • Demos of on-prem products • Continuously deliver (push) images for field engineers • change to demo content - new image • change to version - new image
J E N K I N S - C I . O R G • Now docker powered • Managed with puppet, for example • https://github.com/jenkins-infra/bind • https://github.com/jenkins-infra/jenkins-infra/blob/dns/dist/profile/manifests/bind.pp • puppet module: https://github.com/garethr/garethr-docker
S A M P L E D O C K E R P I P E L I N E https://github.com/michaelneale/docker- pipeline-demo
S A M P L E D O C K E R P I P E L I N E docker run -p 8080:8080 —privileged cloudbees/jenkins
S A M P L E D O C K E R P I P E L I N E docker run -p 8080:8080 -v /var/run/docker.sock:/var/run/docker.sock cloudbees/jenkins
D O C K E R F I L E A S B U I L D F I L E • Why not? Canonical build definition • Run unit tests • output “xunit" reports (allows test trend reporting) • clone an opensource project, “docker build .” - reflex.
H A S H D O C K E R F I L E C O N T E N T • hash contents of docker file • name image as hash • only build if hash not found in docker images
N O V E L C I U S E S O F D O C K E R • By Groupon: .ci.yml: specify env image or default to Dockerfile in project root, include services • https://github.com/jenkinsci/DotCi
C O N TA I N E R C H A L L E N G E S • containers and CPU • Slice up large box == 
 false appearance of more CPU power • LD_PRELOAD “fake” value? • cgroups cpuset cumbersome ! • Security of multitenancy
• and docker killed it! • linux is my IDE, my platform • apps delivered as compositions of linux tools and system • many languages • images actually are “portable” • future is bright PA A S I S D E A D
Q U E S T I O N S • @michaelneale & github/michaelneale • www.michaelneale.net ! • #docker-dev #jenkins IRC as michaelneale • cloudbees.com • developer-blog.cloudbees.com

Recommended

Develop QNAP NAS App by Docker
Develop QNAP NAS App by DockerDevelop QNAP NAS App by Docker
Develop QNAP NAS App by DockerTerry Chen
 
Docker and java, at Montréal JUG
Docker and java, at Montréal JUGDocker and java, at Montréal JUG
Docker and java, at Montréal JUGAnthony Dahanne
 
Using docker to develop NAS applications
Using docker to develop NAS applicationsUsing docker to develop NAS applications
Using docker to develop NAS applicationsTerry Chen
 
Democratizing Development - Scott Gress
Democratizing Development - Scott GressDemocratizing Development - Scott Gress
Democratizing Development - Scott GressDocker, Inc.
 
Intro to Docker and clustering with Rancher from scratch
Intro to Docker and clustering with Rancher from scratchIntro to Docker and clustering with Rancher from scratch
Intro to Docker and clustering with Rancher from scratchJohn Culviner
 
Docker and DevOps --- new IT culture
Docker and DevOps --- new IT cultureDocker and DevOps --- new IT culture
Docker and DevOps --- new IT cultureTerry Chen
 
EC2 Storage for Docker 150526b
EC2 Storage for Docker 150526bEC2 Storage for Docker 150526b
EC2 Storage for Docker 150526bClinton Kitson
 
Docker and Go: why did we decide to write Docker in Go?
Docker and Go: why did we decide to write Docker in Go?Docker and Go: why did we decide to write Docker in Go?
Docker and Go: why did we decide to write Docker in Go?Jérôme Petazzoni
 

Recommended

Develop QNAP NAS App by Docker
Develop QNAP NAS App by DockerDevelop QNAP NAS App by Docker
Develop QNAP NAS App by DockerTerry Chen
 
Docker and java, at Montréal JUG
Docker and java, at Montréal JUGDocker and java, at Montréal JUG
Docker and java, at Montréal JUGAnthony Dahanne
 
Using docker to develop NAS applications
Using docker to develop NAS applicationsUsing docker to develop NAS applications
Using docker to develop NAS applicationsTerry Chen
 
Democratizing Development - Scott Gress
Democratizing Development - Scott GressDemocratizing Development - Scott Gress
Democratizing Development - Scott GressDocker, Inc.
 
Intro to Docker and clustering with Rancher from scratch
Intro to Docker and clustering with Rancher from scratchIntro to Docker and clustering with Rancher from scratch
Intro to Docker and clustering with Rancher from scratchJohn Culviner
 
Docker and DevOps --- new IT culture
Docker and DevOps --- new IT cultureDocker and DevOps --- new IT culture
Docker and DevOps --- new IT cultureTerry Chen
 
EC2 Storage for Docker 150526b
EC2 Storage for Docker 150526bEC2 Storage for Docker 150526b
EC2 Storage for Docker 150526bClinton Kitson
 
Docker and Go: why did we decide to write Docker in Go?
Docker and Go: why did we decide to write Docker in Go?Docker and Go: why did we decide to write Docker in Go?
Docker and Go: why did we decide to write Docker in Go?Jérôme Petazzoni
 
From Arm to Z: Building, Shipping, and Running a Multi-platform Docker Swarm ...
From Arm to Z: Building, Shipping, and Running a Multi-platform Docker Swarm ...From Arm to Z: Building, Shipping, and Running a Multi-platform Docker Swarm ...
From Arm to Z: Building, Shipping, and Running a Multi-platform Docker Swarm ...Docker, Inc.
 
Использование Docker в CI / Александр Акбашев (HERE Technologies)
Использование Docker в CI / Александр Акбашев (HERE Technologies)Использование Docker в CI / Александр Акбашев (HERE Technologies)
Использование Docker в CI / Александр Акбашев (HERE Technologies)Ontico
 
Docker 初探,實驗室中的運貨鯨
Docker 初探,實驗室中的運貨鯨Docker 初探,實驗室中的運貨鯨
Docker 初探,實驗室中的運貨鯨Ruoshi Ling
 
Using Docker in the Real World
Using Docker in the Real WorldUsing Docker in the Real World
Using Docker in the Real WorldTim Haak
 
Docker Warsaw Meetup 12/2017 - DockerCon 2017 Recap
Docker Warsaw Meetup 12/2017 - DockerCon 2017 RecapDocker Warsaw Meetup 12/2017 - DockerCon 2017 Recap
Docker Warsaw Meetup 12/2017 - DockerCon 2017 RecapKrzysztof Sobczak
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to dockerMarcelo Cenerino
 
Containers: Under The Hood (Vincent Batts)
Containers: Under The Hood (Vincent Batts)Containers: Under The Hood (Vincent Batts)
Containers: Under The Hood (Vincent Batts)Red Hat Developers
 
Puppetconf 2015 - Puppet Reporting with Elasticsearch Logstash and Kibana
Puppetconf 2015 - Puppet Reporting with Elasticsearch Logstash and KibanaPuppetconf 2015 - Puppet Reporting with Elasticsearch Logstash and Kibana
Puppetconf 2015 - Puppet Reporting with Elasticsearch Logstash and Kibanapkill
 
Securing Containers, One Patch at a Time - Michael Crosby, Docker
Securing Containers, One Patch at a Time - Michael Crosby, DockerSecuring Containers, One Patch at a Time - Michael Crosby, Docker
Securing Containers, One Patch at a Time - Michael Crosby, DockerDocker, Inc.
 
Enabling Microservices @Orbitz - DockerCon 2015
Enabling Microservices @Orbitz - DockerCon 2015Enabling Microservices @Orbitz - DockerCon 2015
Enabling Microservices @Orbitz - DockerCon 2015Steve Hoffman
 
Travis CI: Fun and easy CI for your Plone packages
Travis CI: Fun and easy CI for your Plone packagesTravis CI: Fun and easy CI for your Plone packages
Travis CI: Fun and easy CI for your Plone packagesNejc Zupan
 
Docker summit 2015: 以 Docker Swarm 打造多主機叢集環境
Docker summit 2015: 以 Docker Swarm 打造多主機叢集環境Docker summit 2015: 以 Docker Swarm 打造多主機叢集環境
Docker summit 2015: 以 Docker Swarm 打造多主機叢集環境謝 宗穎
 
Becoming a Git Master
Becoming a Git MasterBecoming a Git Master
Becoming a Git MasterNicola Paolucci
 
[KubeCon NA 2018] Telepresence Deep Dive Session - Rafael Schloming & Luke Sh...
[KubeCon NA 2018] Telepresence Deep Dive Session - Rafael Schloming & Luke Sh...[KubeCon NA 2018] Telepresence Deep Dive Session - Rafael Schloming & Luke Sh...
[KubeCon NA 2018] Telepresence Deep Dive Session - Rafael Schloming & Luke Sh...Ambassador Labs
 
Docker in practice
Docker in practiceDocker in practice
Docker in practiceJonathan Giannuzzi
 
Automating Mendix application deployments with Nix
Automating Mendix application deployments with NixAutomating Mendix application deployments with Nix
Automating Mendix application deployments with NixSander van der Burg
 
Jenkins Shared Libraries Workshop
Jenkins Shared Libraries WorkshopJenkins Shared Libraries Workshop
Jenkins Shared Libraries WorkshopJulien Pivotto
 
Symfony Live NYC 2014 - Rock Solid Deployment of Symfony Apps
Symfony Live NYC 2014 - Rock Solid Deployment of Symfony AppsSymfony Live NYC 2014 - Rock Solid Deployment of Symfony Apps
Symfony Live NYC 2014 - Rock Solid Deployment of Symfony AppsPablo Godel
 
Drone CI/CD 自動化測試及部署
Drone CI/CD 自動化測試及部署Drone CI/CD 自動化測試及部署
Drone CI/CD 自動化測試及部署Bo-Yi Wu
 
DCSF 19 Deploying Rootless buildkit on Kubernetes
DCSF 19 Deploying Rootless buildkit on KubernetesDCSF 19 Deploying Rootless buildkit on Kubernetes
DCSF 19 Deploying Rootless buildkit on KubernetesDocker, Inc.
 
Cost Control Across Cloud, On-Premise and VM Computers by Mark Lavi, Calm.io
Cost Control Across Cloud, On-Premise and VM Computers by Mark Lavi, Calm.ioCost Control Across Cloud, On-Premise and VM Computers by Mark Lavi, Calm.io
Cost Control Across Cloud, On-Premise and VM Computers by Mark Lavi, Calm.ioDocker, Inc.
 
Developer Week
Developer WeekDeveloper Week
Developer WeekDocker, Inc.
 

More Related Content

What's hot

From Arm to Z: Building, Shipping, and Running a Multi-platform Docker Swarm ...
From Arm to Z: Building, Shipping, and Running a Multi-platform Docker Swarm ...From Arm to Z: Building, Shipping, and Running a Multi-platform Docker Swarm ...
From Arm to Z: Building, Shipping, and Running a Multi-platform Docker Swarm ...Docker, Inc.
 
Использование Docker в CI / Александр Акбашев (HERE Technologies)
Использование Docker в CI / Александр Акбашев (HERE Technologies)Использование Docker в CI / Александр Акбашев (HERE Technologies)
Использование Docker в CI / Александр Акбашев (HERE Technologies)Ontico
 
Docker 初探,實驗室中的運貨鯨
Docker 初探,實驗室中的運貨鯨Docker 初探,實驗室中的運貨鯨
Docker 初探,實驗室中的運貨鯨Ruoshi Ling
 
Using Docker in the Real World
Using Docker in the Real WorldUsing Docker in the Real World
Using Docker in the Real WorldTim Haak
 
Docker Warsaw Meetup 12/2017 - DockerCon 2017 Recap
Docker Warsaw Meetup 12/2017 - DockerCon 2017 RecapDocker Warsaw Meetup 12/2017 - DockerCon 2017 Recap
Docker Warsaw Meetup 12/2017 - DockerCon 2017 RecapKrzysztof Sobczak
 
Containers: Under The Hood (Vincent Batts)
Containers: Under The Hood (Vincent Batts)Containers: Under The Hood (Vincent Batts)
Containers: Under The Hood (Vincent Batts)Red Hat Developers
 
Puppetconf 2015 - Puppet Reporting with Elasticsearch Logstash and Kibana
Puppetconf 2015 - Puppet Reporting with Elasticsearch Logstash and KibanaPuppetconf 2015 - Puppet Reporting with Elasticsearch Logstash and Kibana
Puppetconf 2015 - Puppet Reporting with Elasticsearch Logstash and Kibanapkill
 
Securing Containers, One Patch at a Time - Michael Crosby, Docker
Securing Containers, One Patch at a Time - Michael Crosby, DockerSecuring Containers, One Patch at a Time - Michael Crosby, Docker
Securing Containers, One Patch at a Time - Michael Crosby, DockerDocker, Inc.
 
Enabling Microservices @Orbitz - DockerCon 2015
Enabling Microservices @Orbitz - DockerCon 2015Enabling Microservices @Orbitz - DockerCon 2015
Enabling Microservices @Orbitz - DockerCon 2015Steve Hoffman
 
Travis CI: Fun and easy CI for your Plone packages
Travis CI: Fun and easy CI for your Plone packagesTravis CI: Fun and easy CI for your Plone packages
Travis CI: Fun and easy CI for your Plone packagesNejc Zupan
 
Docker summit 2015: 以 Docker Swarm 打造多主機叢集環境
Docker summit 2015: 以 Docker Swarm 打造多主機叢集環境Docker summit 2015: 以 Docker Swarm 打造多主機叢集環境
Docker summit 2015: 以 Docker Swarm 打造多主機叢集環境謝 宗穎
 
[KubeCon NA 2018] Telepresence Deep Dive Session - Rafael Schloming & Luke Sh...
[KubeCon NA 2018] Telepresence Deep Dive Session - Rafael Schloming & Luke Sh...[KubeCon NA 2018] Telepresence Deep Dive Session - Rafael Schloming & Luke Sh...
[KubeCon NA 2018] Telepresence Deep Dive Session - Rafael Schloming & Luke Sh...Ambassador Labs
 
Automating Mendix application deployments with Nix
Automating Mendix application deployments with NixAutomating Mendix application deployments with Nix
Automating Mendix application deployments with NixSander van der Burg
 
Jenkins Shared Libraries Workshop
Jenkins Shared Libraries WorkshopJenkins Shared Libraries Workshop
Jenkins Shared Libraries WorkshopJulien Pivotto
 
Symfony Live NYC 2014 - Rock Solid Deployment of Symfony Apps
Symfony Live NYC 2014 - Rock Solid Deployment of Symfony AppsSymfony Live NYC 2014 - Rock Solid Deployment of Symfony Apps
Symfony Live NYC 2014 - Rock Solid Deployment of Symfony AppsPablo Godel
 
Drone CI/CD 自動化測試及部署
Drone CI/CD 自動化測試及部署Drone CI/CD 自動化測試及部署
Drone CI/CD 自動化測試及部署Bo-Yi Wu
 
DCSF 19 Deploying Rootless buildkit on Kubernetes
DCSF 19 Deploying Rootless buildkit on KubernetesDCSF 19 Deploying Rootless buildkit on Kubernetes
DCSF 19 Deploying Rootless buildkit on KubernetesDocker, Inc.
 

What's hot (20)

From Arm to Z: Building, Shipping, and Running a Multi-platform Docker Swarm ...
From Arm to Z: Building, Shipping, and Running a Multi-platform Docker Swarm ...From Arm to Z: Building, Shipping, and Running a Multi-platform Docker Swarm ...
From Arm to Z: Building, Shipping, and Running a Multi-platform Docker Swarm ...
 
Использование Docker в CI / Александр Акбашев (HERE Technologies)
Использование Docker в CI / Александр Акбашев (HERE Technologies)Использование Docker в CI / Александр Акбашев (HERE Technologies)
Использование Docker в CI / Александр Акбашев (HERE Technologies)
 
Docker 初探,實驗室中的運貨鯨
Docker 初探,實驗室中的運貨鯨Docker 初探,實驗室中的運貨鯨
Docker 初探,實驗室中的運貨鯨
 
Using Docker in the Real World
Using Docker in the Real WorldUsing Docker in the Real World
Using Docker in the Real World
 
Docker Warsaw Meetup 12/2017 - DockerCon 2017 Recap
Docker Warsaw Meetup 12/2017 - DockerCon 2017 RecapDocker Warsaw Meetup 12/2017 - DockerCon 2017 Recap
Docker Warsaw Meetup 12/2017 - DockerCon 2017 Recap
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to docker
 
Containers: Under The Hood (Vincent Batts)
Containers: Under The Hood (Vincent Batts)Containers: Under The Hood (Vincent Batts)
Containers: Under The Hood (Vincent Batts)
 
Puppetconf 2015 - Puppet Reporting with Elasticsearch Logstash and Kibana
Puppetconf 2015 - Puppet Reporting with Elasticsearch Logstash and KibanaPuppetconf 2015 - Puppet Reporting with Elasticsearch Logstash and Kibana
Puppetconf 2015 - Puppet Reporting with Elasticsearch Logstash and Kibana
 
Securing Containers, One Patch at a Time - Michael Crosby, Docker
Securing Containers, One Patch at a Time - Michael Crosby, DockerSecuring Containers, One Patch at a Time - Michael Crosby, Docker
Securing Containers, One Patch at a Time - Michael Crosby, Docker
 
Enabling Microservices @Orbitz - DockerCon 2015
Enabling Microservices @Orbitz - DockerCon 2015Enabling Microservices @Orbitz - DockerCon 2015
Enabling Microservices @Orbitz - DockerCon 2015
 
Travis CI: Fun and easy CI for your Plone packages
Travis CI: Fun and easy CI for your Plone packagesTravis CI: Fun and easy CI for your Plone packages
Travis CI: Fun and easy CI for your Plone packages
 
Docker summit 2015: 以 Docker Swarm 打造多主機叢集環境
Docker summit 2015: 以 Docker Swarm 打造多主機叢集環境Docker summit 2015: 以 Docker Swarm 打造多主機叢集環境
Docker summit 2015: 以 Docker Swarm 打造多主機叢集環境
 
Becoming a Git Master
Becoming a Git MasterBecoming a Git Master
Becoming a Git Master
 
[KubeCon NA 2018] Telepresence Deep Dive Session - Rafael Schloming & Luke Sh...
[KubeCon NA 2018] Telepresence Deep Dive Session - Rafael Schloming & Luke Sh...[KubeCon NA 2018] Telepresence Deep Dive Session - Rafael Schloming & Luke Sh...
[KubeCon NA 2018] Telepresence Deep Dive Session - Rafael Schloming & Luke Sh...
 
Docker in practice
Docker in practiceDocker in practice
Docker in practice
 
Automating Mendix application deployments with Nix
Automating Mendix application deployments with NixAutomating Mendix application deployments with Nix
Automating Mendix application deployments with Nix
 
Jenkins Shared Libraries Workshop
Jenkins Shared Libraries WorkshopJenkins Shared Libraries Workshop
Jenkins Shared Libraries Workshop
 
Symfony Live NYC 2014 - Rock Solid Deployment of Symfony Apps
Symfony Live NYC 2014 - Rock Solid Deployment of Symfony AppsSymfony Live NYC 2014 - Rock Solid Deployment of Symfony Apps
Symfony Live NYC 2014 - Rock Solid Deployment of Symfony Apps
 
Drone CI/CD 自動化測試及部署
Drone CI/CD 自動化測試及部署Drone CI/CD 自動化測試及部署
Drone CI/CD 自動化測試及部署
 
DCSF 19 Deploying Rootless buildkit on Kubernetes
DCSF 19 Deploying Rootless buildkit on KubernetesDCSF 19 Deploying Rootless buildkit on Kubernetes
DCSF 19 Deploying Rootless buildkit on Kubernetes
 

Viewers also liked

Cost Control Across Cloud, On-Premise and VM Computers by Mark Lavi, Calm.io
Cost Control Across Cloud, On-Premise and VM Computers by Mark Lavi, Calm.ioCost Control Across Cloud, On-Premise and VM Computers by Mark Lavi, Calm.io
Cost Control Across Cloud, On-Premise and VM Computers by Mark Lavi, Calm.ioDocker, Inc.
 
A Gentle Introduction to Docker and Containers
A Gentle Introduction to Docker and ContainersA Gentle Introduction to Docker and Containers
A Gentle Introduction to Docker and ContainersDocker, Inc.
 
DockerCon 2015: Docker Engine Breakout Session
DockerCon 2015: Docker Engine Breakout SessionDockerCon 2015: Docker Engine Breakout Session
DockerCon 2015: Docker Engine Breakout SessionDocker, Inc.
 
DockerCon SF 2015: Maintaining the official node.js docker image
DockerCon SF 2015: Maintaining the official node.js docker imageDockerCon SF 2015: Maintaining the official node.js docker image
DockerCon SF 2015: Maintaining the official node.js docker imageDocker, Inc.
 
Dockerizing Stashboard
Dockerizing StashboardDockerizing Stashboard
Dockerizing StashboardDocker, Inc.
 
DockerCon Recap - Online Meetup by Ben Firshman
DockerCon Recap - Online Meetup by Ben FirshmanDockerCon Recap - Online Meetup by Ben Firshman
DockerCon Recap - Online Meetup by Ben FirshmanDocker, Inc.
 
Distributed, Real-time Web Apps
Distributed, Real-time Web AppsDistributed, Real-time Web Apps
Distributed, Real-time Web AppsDocker, Inc.
 
DockerCon EU 2015: Monitoring and Managing Dynamic Docker Environments
DockerCon EU 2015: Monitoring and Managing Dynamic Docker EnvironmentsDockerCon EU 2015: Monitoring and Managing Dynamic Docker Environments
DockerCon EU 2015: Monitoring and Managing Dynamic Docker EnvironmentsDocker, Inc.
 
DockerCon14 Automated Chef Cookbook Testing
DockerCon14 Automated Chef Cookbook TestingDockerCon14 Automated Chef Cookbook Testing
DockerCon14 Automated Chef Cookbook TestingDocker, Inc.
 
Immutable Infrastructure with Docker and EC2
Immutable Infrastructure with Docker and EC2Immutable Infrastructure with Docker and EC2
Immutable Infrastructure with Docker and EC2Docker, Inc.
 
Docker Plugin for Heat II
Docker Plugin for Heat IIDocker Plugin for Heat II
Docker Plugin for Heat IIDocker, Inc.
 
DockerCon EU 2015: It's in the game: the path to micro-services at Electronic...
DockerCon EU 2015: It's in the game: the path to micro-services at Electronic...DockerCon EU 2015: It's in the game: the path to micro-services at Electronic...
DockerCon EU 2015: It's in the game: the path to micro-services at Electronic...Docker, Inc.
 
Docker, Innovation Accelerator
Docker, Innovation AcceleratorDocker, Innovation Accelerator
Docker, Innovation AcceleratorDocker, Inc.
 
Contribute and Collaborate 101
Contribute and Collaborate 101Contribute and Collaborate 101
Contribute and Collaborate 101Docker, Inc.
 
Understanding Containers through Gaming by Brendan Fosberry
Understanding Containers through Gaming by Brendan Fosberry Understanding Containers through Gaming by Brendan Fosberry
Understanding Containers through Gaming by Brendan Fosberry Docker, Inc.
 
Dockerizing WordPress
Dockerizing WordPressDockerizing WordPress
Dockerizing WordPressDocker, Inc.
 
Intro to Docker October 2013
Intro to Docker October 2013Intro to Docker October 2013
Intro to Docker October 2013Docker, Inc.
 
Monitoring Containers at New Relic by Sean Kane
Monitoring Containers at New Relic by Sean Kane Monitoring Containers at New Relic by Sean Kane
Monitoring Containers at New Relic by Sean Kane Docker, Inc.
 

Viewers also liked (20)

Cost Control Across Cloud, On-Premise and VM Computers by Mark Lavi, Calm.io
Cost Control Across Cloud, On-Premise and VM Computers by Mark Lavi, Calm.ioCost Control Across Cloud, On-Premise and VM Computers by Mark Lavi, Calm.io
Cost Control Across Cloud, On-Premise and VM Computers by Mark Lavi, Calm.io
 
Developer Week
Developer WeekDeveloper Week
Developer Week
 
A Gentle Introduction to Docker and Containers
A Gentle Introduction to Docker and ContainersA Gentle Introduction to Docker and Containers
A Gentle Introduction to Docker and Containers
 
DockerCon 2015: Docker Engine Breakout Session
DockerCon 2015: Docker Engine Breakout SessionDockerCon 2015: Docker Engine Breakout Session
DockerCon 2015: Docker Engine Breakout Session
 
OpenStack Boston
OpenStack BostonOpenStack Boston
OpenStack Boston
 
DockerCon SF 2015: Maintaining the official node.js docker image
DockerCon SF 2015: Maintaining the official node.js docker imageDockerCon SF 2015: Maintaining the official node.js docker image
DockerCon SF 2015: Maintaining the official node.js docker image
 
Dockerizing Stashboard
Dockerizing StashboardDockerizing Stashboard
Dockerizing Stashboard
 
DockerCon Recap - Online Meetup by Ben Firshman
DockerCon Recap - Online Meetup by Ben FirshmanDockerCon Recap - Online Meetup by Ben Firshman
DockerCon Recap - Online Meetup by Ben Firshman
 
Distributed, Real-time Web Apps
Distributed, Real-time Web AppsDistributed, Real-time Web Apps
Distributed, Real-time Web Apps
 
DockerCon EU 2015: Monitoring and Managing Dynamic Docker Environments
DockerCon EU 2015: Monitoring and Managing Dynamic Docker EnvironmentsDockerCon EU 2015: Monitoring and Managing Dynamic Docker Environments
DockerCon EU 2015: Monitoring and Managing Dynamic Docker Environments
 
DockerCon14 Automated Chef Cookbook Testing
DockerCon14 Automated Chef Cookbook TestingDockerCon14 Automated Chef Cookbook Testing
DockerCon14 Automated Chef Cookbook Testing
 
Immutable Infrastructure with Docker and EC2
Immutable Infrastructure with Docker and EC2Immutable Infrastructure with Docker and EC2
Immutable Infrastructure with Docker and EC2
 
Docker Plugin for Heat II
Docker Plugin for Heat IIDocker Plugin for Heat II
Docker Plugin for Heat II
 
DockerCon EU 2015: It's in the game: the path to micro-services at Electronic...
DockerCon EU 2015: It's in the game: the path to micro-services at Electronic...DockerCon EU 2015: It's in the game: the path to micro-services at Electronic...
DockerCon EU 2015: It's in the game: the path to micro-services at Electronic...
 
Docker, Innovation Accelerator
Docker, Innovation AcceleratorDocker, Innovation Accelerator
Docker, Innovation Accelerator
 
Contribute and Collaborate 101
Contribute and Collaborate 101Contribute and Collaborate 101
Contribute and Collaborate 101
 
Understanding Containers through Gaming by Brendan Fosberry
Understanding Containers through Gaming by Brendan Fosberry Understanding Containers through Gaming by Brendan Fosberry
Understanding Containers through Gaming by Brendan Fosberry
 
Dockerizing WordPress
Dockerizing WordPressDockerizing WordPress
Dockerizing WordPress
 
Intro to Docker October 2013
Intro to Docker October 2013Intro to Docker October 2013
Intro to Docker October 2013
 
Monitoring Containers at New Relic by Sean Kane
Monitoring Containers at New Relic by Sean Kane Monitoring Containers at New Relic by Sean Kane
Monitoring Containers at New Relic by Sean Kane
 

Similar to LXC to Docker Via Continuous Delivery

Docker in development
Docker in developmentDocker in development
Docker in developmentsethvoltz
 
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...Docker, Inc.
 
Dockercon EU 2014
Dockercon EU 2014Dockercon EU 2014
Dockercon EU 2014Rafe Colton
 
eZ Publish 5: from zero to automated deployment (and no regressions!) in one ...
eZ Publish 5: from zero to automated deployment (and no regressions!) in one ...eZ Publish 5: from zero to automated deployment (and no regressions!) in one ...
eZ Publish 5: from zero to automated deployment (and no regressions!) in one ...Gaetano Giunta
 
Docker for Development
Docker for DevelopmentDocker for Development
Docker for Developmentallingeek
 
Docker and-containers-for-development-and-deployment-scale12x
Docker and-containers-for-development-and-deployment-scale12xDocker and-containers-for-development-and-deployment-scale12x
Docker and-containers-for-development-and-deployment-scale12xrkr10
 
Docker 102 - Immutable Infrastructure
Docker 102 - Immutable InfrastructureDocker 102 - Immutable Infrastructure
Docker 102 - Immutable InfrastructureAdrian Otto
 
Introduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @GuidewireIntroduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @GuidewiredotCloud
 
Marriage with docker
Marriage with dockerMarriage with docker
Marriage with dockerDušan Katona
 
Настройка окружения для кросскомпиляции проектов на основе docker'a
Настройка окружения для кросскомпиляции проектов на основе docker'aНастройка окружения для кросскомпиляции проектов на основе docker'a
Настройка окружения для кросскомпиляции проектов на основе docker'acorehard_by
 
Cassandra and Docker Lessons Learned
Cassandra and Docker Lessons LearnedCassandra and Docker Lessons Learned
Cassandra and Docker Lessons LearnedDataStax Academy
 
Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...
Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...
Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...Jérôme Petazzoni
 
Dockerize the World - presentation from Hradec Kralove
Dockerize the World - presentation from Hradec KraloveDockerize the World - presentation from Hradec Kralove
Dockerize the World - presentation from Hradec Kralovedamovsky
 
Introduction to Docker at the Azure Meet-up in New York
Introduction to Docker at the Azure Meet-up in New YorkIntroduction to Docker at the Azure Meet-up in New York
Introduction to Docker at the Azure Meet-up in New YorkJérôme Petazzoni
 
PDXPortland - Dockerize Django
PDXPortland - Dockerize DjangoPDXPortland - Dockerize Django
PDXPortland - Dockerize DjangoHannes Hapke
 
Introduction to Docker and all things containers, Docker Meetup at RelateIQ
Introduction to Docker and all things containers, Docker Meetup at RelateIQIntroduction to Docker and all things containers, Docker Meetup at RelateIQ
Introduction to Docker and all things containers, Docker Meetup at RelateIQdotCloud
 
A Gentle Introduction To Docker And All Things Containers
A Gentle Introduction To Docker And All Things ContainersA Gentle Introduction To Docker And All Things Containers
A Gentle Introduction To Docker And All Things ContainersJérôme Petazzoni
 

Similar to LXC to Docker Via Continuous Delivery (20)

Docker in development
Docker in developmentDocker in development
Docker in development
 
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
 
Dockercon EU 2014
Dockercon EU 2014Dockercon EU 2014
Dockercon EU 2014
 
eZ Publish 5: from zero to automated deployment (and no regressions!) in one ...
eZ Publish 5: from zero to automated deployment (and no regressions!) in one ...eZ Publish 5: from zero to automated deployment (and no regressions!) in one ...
eZ Publish 5: from zero to automated deployment (and no regressions!) in one ...
 
Docker for Development
Docker for DevelopmentDocker for Development
Docker for Development
 
Docker and-containers-for-development-and-deployment-scale12x
Docker and-containers-for-development-and-deployment-scale12xDocker and-containers-for-development-and-deployment-scale12x
Docker and-containers-for-development-and-deployment-scale12x
 
Docker 102 - Immutable Infrastructure
Docker 102 - Immutable InfrastructureDocker 102 - Immutable Infrastructure
Docker 102 - Immutable Infrastructure
 
Introduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @GuidewireIntroduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @Guidewire
 
Marriage with docker
Marriage with dockerMarriage with docker
Marriage with docker
 
Настройка окружения для кросскомпиляции проектов на основе docker'a
Настройка окружения для кросскомпиляции проектов на основе docker'aНастройка окружения для кросскомпиляции проектов на основе docker'a
Настройка окружения для кросскомпиляции проектов на основе docker'a
 
Docker 2014
Docker 2014Docker 2014
Docker 2014
 
Cassandra and Docker Lessons Learned
Cassandra and Docker Lessons LearnedCassandra and Docker Lessons Learned
Cassandra and Docker Lessons Learned
 
Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...
Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...
Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...
 
Containerization using docker and its applications
Containerization using docker and its applicationsContainerization using docker and its applications
Containerization using docker and its applications
 
Containerization using docker and its applications
Containerization using docker and its applicationsContainerization using docker and its applications
Containerization using docker and its applications
 
Dockerize the World - presentation from Hradec Kralove
Dockerize the World - presentation from Hradec KraloveDockerize the World - presentation from Hradec Kralove
Dockerize the World - presentation from Hradec Kralove
 
Introduction to Docker at the Azure Meet-up in New York
Introduction to Docker at the Azure Meet-up in New YorkIntroduction to Docker at the Azure Meet-up in New York
Introduction to Docker at the Azure Meet-up in New York
 
PDXPortland - Dockerize Django
PDXPortland - Dockerize DjangoPDXPortland - Dockerize Django
PDXPortland - Dockerize Django
 
Introduction to Docker and all things containers, Docker Meetup at RelateIQ
Introduction to Docker and all things containers, Docker Meetup at RelateIQIntroduction to Docker and all things containers, Docker Meetup at RelateIQ
Introduction to Docker and all things containers, Docker Meetup at RelateIQ
 
A Gentle Introduction To Docker And All Things Containers
A Gentle Introduction To Docker And All Things ContainersA Gentle Introduction To Docker And All Things Containers
A Gentle Introduction To Docker And All Things Containers
 

More from Docker, Inc.

Containerize Your Game Server for the Best Multiplayer Experience
Containerize Your Game Server for the Best Multiplayer Experience Containerize Your Game Server for the Best Multiplayer Experience
Containerize Your Game Server for the Best Multiplayer Experience Docker, Inc.
 
How to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker BuildHow to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker BuildDocker, Inc.
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSDocker, Inc.
 
Securing Your Containerized Applications with NGINX
Securing Your Containerized Applications with NGINXSecuring Your Containerized Applications with NGINX
Securing Your Containerized Applications with NGINXDocker, Inc.
 
How To Build and Run Node Apps with Docker and Compose
How To Build and Run Node Apps with Docker and ComposeHow To Build and Run Node Apps with Docker and Compose
How To Build and Run Node Apps with Docker and ComposeDocker, Inc.
 
Distributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at SalesforceDistributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at SalesforceDocker, Inc.
 
The First 10M Pulls: Building The Official Curl Image for Docker Hub
The First 10M Pulls: Building The Official Curl Image for Docker HubThe First 10M Pulls: Building The Official Curl Image for Docker Hub
The First 10M Pulls: Building The Official Curl Image for Docker HubDocker, Inc.
 
Monitoring in a Microservices World
Monitoring in a Microservices WorldMonitoring in a Microservices World
Monitoring in a Microservices WorldDocker, Inc.
 
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...Docker, Inc.
 
Predicting Space Weather with Docker
Predicting Space Weather with DockerPredicting Space Weather with Docker
Predicting Space Weather with DockerDocker, Inc.
 
Become a Docker Power User With Microsoft Visual Studio Code
Become a Docker Power User With Microsoft Visual Studio CodeBecome a Docker Power User With Microsoft Visual Studio Code
Become a Docker Power User With Microsoft Visual Studio CodeDocker, Inc.
 
How to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container RegistryHow to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container RegistryDocker, Inc.
 
Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!Docker, Inc.
 
Kubernetes at Datadog Scale
Kubernetes at Datadog ScaleKubernetes at Datadog Scale
Kubernetes at Datadog ScaleDocker, Inc.
 
Labels, Labels, Labels
Labels, Labels, Labels Labels, Labels, Labels
Labels, Labels, Labels Docker, Inc.
 
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment ModelUsing Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment ModelDocker, Inc.
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSDocker, Inc.
 
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...Docker, Inc.
 
Developing with Docker for the Arm Architecture
Developing with Docker for the Arm ArchitectureDeveloping with Docker for the Arm Architecture
Developing with Docker for the Arm ArchitectureDocker, Inc.
 

More from Docker, Inc. (20)

Containerize Your Game Server for the Best Multiplayer Experience
Containerize Your Game Server for the Best Multiplayer Experience Containerize Your Game Server for the Best Multiplayer Experience
Containerize Your Game Server for the Best Multiplayer Experience
 
How to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker BuildHow to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker Build
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWS
 
Securing Your Containerized Applications with NGINX
Securing Your Containerized Applications with NGINXSecuring Your Containerized Applications with NGINX
Securing Your Containerized Applications with NGINX
 
How To Build and Run Node Apps with Docker and Compose
How To Build and Run Node Apps with Docker and ComposeHow To Build and Run Node Apps with Docker and Compose
How To Build and Run Node Apps with Docker and Compose
 
Hands-on Helm
Hands-on Helm Hands-on Helm
Hands-on Helm
 
Distributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at SalesforceDistributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at Salesforce
 
The First 10M Pulls: Building The Official Curl Image for Docker Hub
The First 10M Pulls: Building The Official Curl Image for Docker HubThe First 10M Pulls: Building The Official Curl Image for Docker Hub
The First 10M Pulls: Building The Official Curl Image for Docker Hub
 
Monitoring in a Microservices World
Monitoring in a Microservices WorldMonitoring in a Microservices World
Monitoring in a Microservices World
 
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
 
Predicting Space Weather with Docker
Predicting Space Weather with DockerPredicting Space Weather with Docker
Predicting Space Weather with Docker
 
Become a Docker Power User With Microsoft Visual Studio Code
Become a Docker Power User With Microsoft Visual Studio CodeBecome a Docker Power User With Microsoft Visual Studio Code
Become a Docker Power User With Microsoft Visual Studio Code
 
How to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container RegistryHow to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container Registry
 
Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!
 
Kubernetes at Datadog Scale
Kubernetes at Datadog ScaleKubernetes at Datadog Scale
Kubernetes at Datadog Scale
 
Labels, Labels, Labels
Labels, Labels, Labels Labels, Labels, Labels
Labels, Labels, Labels
 
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment ModelUsing Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWS
 
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
 
Developing with Docker for the Arm Architecture
Developing with Docker for the Arm ArchitectureDeveloping with Docker for the Arm Architecture
Developing with Docker for the Arm Architecture
 

LXC to Docker Via Continuous Delivery

  • 1. L X C T O D O C K E R V I A C O N T I N U O U S D E L I V E RY ! @ M I C H A E L N E A L E @ C L O U D B E E S
  • 2. A B O U T M E & C L O U D B E E S • co-founder • cloudbees: continuous delivery company • Best known for Jenkins!
  • 3. S U M M A RY • Challenge: 3 disparate ways of containerisation • evolution from cgroups to LXC - finally to docker • a work in progress • How Docker fits in with CD • Lessons learned about containers in anger
  • 4. O U R C H A L L E N G E - 3 E V O LV E D S TA N D A R D S A P P S J E N K I N S M A S T E R S B U I L D E X E C U T O R S
  • 5. • PaaS - more freedom for users • Multi tenancy needs • Containment • use: cgroups, lxc, erlang control plane. A P P S
  • 6. • Non trivial to host: plugins, user config. • multi tenancy (again) • persistent volumes !! • openvpn servers/clients and more • rapid iteration • existing solution was: chef + lxc J E N K I N S M A S T E R S
  • 7. • flexible build environments (user customisation) • clean workspace (no processes) • lxc + zfs + rest api • covers os-x (virtualised kvm) • network isolation (builds do all sorts of things) • multi tenancy (large, we call it “mansion”) • shorter duration containers B U I L D E X E C U T O R S
  • 8. • Why ZFS? • pooling of disks • pool of slaves (consistent hash==get a server with your stuff cached on it from last build) • future: docker + zfs tempting • C.O.W semantics (similar to aufs/devicemapper) • shared pools • Highly variable workload (season, time of day) B U I L D E X E C U T O R S http://developer-blog.cloudbees.com/2014/03/hi-speed-linux-builds-for- devcloud.html
  • 10. • > 3 years LXC in production • 1000’s of servers • … but 3 different ways of doing similar-ish things evolved, so… C O N TA I N E R S
  • 11. U N I F Y A L L T H R E E : D O C K E R A P P S J E N K I N S M A S T E R S B U I L D S L AV E S
  • 12. source: if you don’t know xkcd leave now please N O W W E H AV E 4 S TA N D A R D S
  • 13. Q U I C K A S I D E • continuous delivery refresher
  • 14. C O N T I N U O U S D E P L O Y M E N T • ftp *.php to server
  • 15. C O N T I N U O U S D E L I V E RY • Feature ready, feature deployed • risk proportional to time between deploys • more deploys == lower risk • You all know this right?
  • 16. C D & D O C K E R • like wine & cheese (or a whale and containers?) • docker image == unit of deployment • triviality of concurrent docker images
  • 17. L I M I T S O F C D - E G S U R V E Y M O N K E Y • Developer commits to Git • Jenkins builds app war file • Ephemeral app is launched • UAT is run against this (selenium) • Ephemeral app is destroyed • If DB schema changes, wait for approval • blue/green deploy to production
  • 18. C D T I M E L I N E
  • 19. B L U E G R E E N • source: martin fowler
  • 20. • In docker terms: NEVER update an image • docker build -t app:$BUILD_NUMBER! • docker build -t app_$BUILD_NUMBER! • maybe: -t app:latest? (:production can be prod tag)
  • 21. N E X T P H A S E O F O U R J O U R N E Y • Deploying lots of Jenkins • From cgroups -> lxc -> docker over time
  • 22. D E P L O Y I N G L O T S O F J E N K I N S V 1 • Initial: cgroups (and ephemeral users): P R O V I D O R E M A S T E R H O S T assign user/port new acct/wake up setup U S E R D ATA S N A P S H O T create volume for master+slave
  • 23. W H AT W E D I D N E X T • Chef • Needed some structure around setup • Smart people were doing it • recipes were a hit with the team
  • 24. A L S O I N T R O D U C E D L X C F O R M A S T E R S • Tweakable image • Superior containment • OpenVPN and other network improvements
  • 25. D E P L O Y I N G V 2 P R O V I D O R E M A S T E R H O S T assign user/port new acct/wake up chef on setup U S E R D ATA S N A P S H O T C H E F R E P O
  • 26. C H A L L E N G E S W I T H C H E F B O O T • LXC image not often updated (cost/time) • ∴ more work done on startup (via chef) • ∴ slower, error prone, runtime dependency on chef repo
  • 27. C H A L L E N G E S U P D AT I N G I M A G E • Sans docker: lots of large files to push and pull • Starting “cold” each time • No registry • No Dockerfile • No cache of images • No easy dev. desktop experience
  • 28. L X C - > D O C K E R • AOT image preparation • Layered FS makes cost affordable • don’t leave it to (Jenkins/app) boot time • Developers can do it on desktop • “refresh driven development” • truly portable images • “socialise container bugs”
  • 29. N O T E : O N C O N TA I N E R S A N D M E M O RY • our old model • thinking: swap bad, kill apps when out of memory • turns out people hate this • no swap accounting • docker memory (-m parameter) • swapaccount=1 kernel param (eg pvgrub/ec2: /boot/grub/ menu.lst) • docker way: the right way (account for swap, prevent accidents)
  • 30. S U M M A RY: • Docker turns into perfect solution
  • 31. T H E I D E A L D O C K E R F I L E • Prefer native packaging • Dockerfile essentially series of package installs • and small minor steps • anything > 1 line bash is a OS package
  • 32. T H E I D E A L D O C K E R F I L E • No one agreed with me.
  • 33. C H E F - S O L O • compromise: chef-solo ahead of time • Docker image built ahead of time • Dockerfile generated based on chef-solo • re-use of chef recipes, but done at the “correct” time
  • 34. N E W H I G H L E V E L W O R K F L O W R E C I P E C H A N G E D O C K E R B U I L D S M O K E T E S T S 3 B E E S C L O U D VA L I D AT E ( S 3 ) P U L L O N E X I S T I N G N E W A M I P R E - S E E D E D U N - H I B E R N AT E / N E W G E T L AT E S T tag: $BUILD_NUM
  • 35. R E S U LT • Cold build of AOT image - 6 minutes (old 15) - in .au • Warm build in seconds • build on desktop or CI • though: registry in .au can be PAINFUL
  • 36.
  • 37. N E X T C H A L L E N G E : D I S T R I B U T I N G I M A G E S • We didn’t have per-node (lxc) image caching • Download on launch or refresh (s3 fast enough) • AMIs refreshed “reasonably” often, servers rotated • Docker gave us that for free, but…
  • 38. R E G I S T RY ? • Continuous Delivery generates a LOT of artifacts • every build • Want to keep everything (sort of) • Need a perfect scalable store for large binary objects • Solomon guarantees index backed up on 12 
 continents** • Need to quickly get images on boxes
  • 39. G E T T I N G I M A G E S O N B O X E S • Options • Twitter “murder” (clever use of bittorrent) • We host (mostly) on ec2: s3 reliably 50-200MB/s • Reduce permutations of images required on a box • Private registry
  • 40. R E G I S T RY • Needs to be very HA • It’s a runtime production grade dependency • High throughput for large blobs (push and pull) • We run on EC2 (US-east-1 and EU-west-1)
  • 41. R E G I S T RY D O C K E R R E G I S T RY S 3 Many instances Free scalabilitywork :(
  • 42. R E G I S T RY D O C K E R S 3 Many instances Free scalability load/save Also: fully offline from public registry
  • 43. S 3 • no servers are good servers • S3 is magic. • someone claimed it runs on servers, lies. Can’t be true. • ideally only deploy time dependency is on S3 (or similar) • Is safe to consider it HA
  • 44. D O G E S T RY • https://github.com/blake-education/dogestry • think: docker save -> rsync layers to S3 bucket • future: s3 client app “plugin” for docker CLI • temporary measure
  • 45. D O G E S T RY • dogestry push s3://ops-goodies/docker- repo/?region=us-west-2 hipache! • dogestry pull s3://ops-goodies/docker- repo/?region=us-west-2 hipache
  • 46. S 3 S T O R A G E
  • 47. R E G I S T RY - F U T U R E O P T I O N S • shift to private registry or s3 client • private registry “client” on each node with /etc/hosts hack (backed by s3) • just use index.docker.io for private • For Now: Using private registry where it makes sense • Now: dogestry/s3
  • 48. F I N A L H I G H L E V E L W O R K F L O W R E C I P E C H A N G E D O C K E R B U I L D S M O K E T E S T S 3 / D O G E S T RY S T O R E L AT E S T I M A G E N A M E push s3 jenkins_ $build_number S 3 P U L L / P R E - S E E D approve image
  • 49. S U P E R V I S I O N • Currently using runit with “docker run” • Fits in with existing systems, log shipping etc. • Behaves itself • Systemd also good • Future: docker “native” daemonisation
  • 50. P E R B U I L D R E P O V S TA G • ie “docker pull jenkins:$BUILD_NUMBER” vs “docker pull jenkins_$BUILD_NUMBER” • Why not use tags for builds? • Massive repo growth, every build (Cont. Delivery) • ever need to export whole repo? purge tags? • historical impact on pull (resolved now?)
  • 51. F I N A L L E S S O N S L E A R N E D …
  • 52. • Multi tenancy needs (user-namespace !!!) • Solutions • whitelisted dockerfiles to base images on • produce docker image for user • desires • securely allow users full freedom (uid=0 mapping) B U I L D E X E C U T O R S M U LT I T E N A N C Y C H A L L E N G E
  • 53. O N E D O C K E R I M A G E P E R A P P ? • A) One docker image per app, or • B) Generic docker image, with app bind-mount in at runtime ! • Advantage B: less of an explosion of images. Faster to get new box “seeded”. JVM apps, node apps, Go apps all work well this way.
  • 54. D O C K E R A S PA C K A G I N G S Y S T E M • Demos of on-prem products • Continuously deliver (push) images for field engineers • change to demo content - new image • change to version - new image
  • 55. J E N K I N S - C I . O R G • Now docker powered • Managed with puppet, for example • https://github.com/jenkins-infra/bind • https://github.com/jenkins-infra/jenkins-infra/blob/dns/dist/profile/manifests/bind.pp • puppet module: https://github.com/garethr/garethr-docker
  • 56. S A M P L E D O C K E R P I P E L I N E https://github.com/michaelneale/docker- pipeline-demo
  • 57. S A M P L E D O C K E R P I P E L I N E docker run -p 8080:8080 —privileged cloudbees/jenkins
  • 58. S A M P L E D O C K E R P I P E L I N E docker run -p 8080:8080 -v /var/run/docker.sock:/var/run/docker.sock cloudbees/jenkins
  • 59. D O C K E R F I L E A S B U I L D F I L E • Why not? Canonical build definition • Run unit tests • output “xunit" reports (allows test trend reporting) • clone an opensource project, “docker build .” - reflex.
  • 60. H A S H D O C K E R F I L E C O N T E N T • hash contents of docker file • name image as hash • only build if hash not found in docker images
  • 61. N O V E L C I U S E S O F D O C K E R • By Groupon: .ci.yml: specify env image or default to Dockerfile in project root, include services • https://github.com/jenkinsci/DotCi
  • 62. C O N TA I N E R C H A L L E N G E S • containers and CPU • Slice up large box == 
 false appearance of more CPU power • LD_PRELOAD “fake” value? • cgroups cpuset cumbersome ! • Security of multitenancy
  • 63. • and docker killed it! • linux is my IDE, my platform • apps delivered as compositions of linux tools and system • many languages • images actually are “portable” • future is bright PA A S I S D E A D
  • 64. Q U E S T I O N S • @michaelneale & github/michaelneale • www.michaelneale.net ! • #docker-dev #jenkins IRC as michaelneale • cloudbees.com • developer-blog.cloudbees.com