Docker and Puppet — Puppet Camp L.A. — SCALE12X

5,398 views
5,189 views

Published on

Docker is an Open Source engine to buid, run, and manage LXC containers. This presentation will give a quick intro about Docker from an Ops/DevOps perspective, and show how Docker can be integrated with Puppet; either by orchestrating Docker resources (Docker daemons, containers, and images) with a state-of-the-art Puppet deployment, or by using Puppet to create golden images in Docker itself.

Published in: Technology
0 Comments
16 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
5,398
On SlideShare
0
From Embeds
0
Number of Embeds
11
Actions
Shares
0
Downloads
122
Comments
0
Likes
16
Embeds 0
No embeds

No notes for slide

Docker and Puppet — Puppet Camp L.A. — SCALE12X

  1. 1. Docker and Puppet
  2. 2. Outline ● Intros ● What's the point? ● Docker for DevOps ● Puppetizing Docker ● Dockerizing Puppet ● What's next?
  3. 3. Outline ● Intros ● What's the point? ● Docker for DevOps ● Puppetizing Docker ● Dockerizing Puppet ● What's next?
  4. 4. @jpetazzo ● Wrote dotCloud PAAS deployment tools –EC2, ● LXC, Puppet, Python, Shell, ØMQ... Docker contributor –Docker-in-Docker, VPN-in-Docker, router-in-Docker... CONTAINERIZE ALL THE THINGS! ● Runs Docker in production –You shouldn't do it, but here's how anyway!
  5. 5. You ● Puppet? ● Production? ● Cloud? ● Docker?
  6. 6. Outline ● Intros ● What's the point? ● Docker for DevOps ● Puppetizing Docker ● Dockerizing Puppet ● What's next?
  7. 7. The promise ● ● ● ● CONTAINERS boot faster (than VMs) CONTAINERS have less overhead (more consolidation) CONTAINERS bring native performance (on bare metal) CONTAINERS are cloud-compatible (can run in VMs)
  8. 8. Outline ● Intros ● What's the point? ● Docker for DevOps ● Puppetizing Docker ● Dockerizing Puppet ● What's next?
  9. 9. Hypervisor for containers ● Xen, KVM, VMWare... deal with VMs ● Docker deals with containers (currently LXC)
  10. 10. Wait, what's a container?
  11. 11. High level approach: it's a lightweight VM ● own process space ● own network interface ● can run stuff as root ● can have its own /sbin/init (different from the host) « Machine Container »
  12. 12. Low level approach: it's chroot on steroids ● can also not have its own /sbin/init ● container = isolated process(es) ● share kernel with host ● no device emulation (neither HVM nor PV) « Application Container »
  13. 13. How does it work? Isolation with namespaces ● pid ● mnt ● net ● uts ● ipc ● user
  14. 14. How does it work? Isolation with cgroups ● memory ● cpu ● blkio ● devices
  15. 15. How does it work? Copy-on-write storage ● ● ● Create a new machine instantly (Instead of copying its whole filesystem) Storage keeps track of what has changed Since 0.7, Docker has a storage plugin system (supports AUFS, thin snapshots, BTRFS, VFS)
  16. 16. Container format ● VM images have drawbacks – – non-standard; conversions possible but slow – ● big, bulky, require special tools (and/or root) snapshots possible but even less standard Container images are better – small, can be handled with tar – simple delta snapshots
  17. 17. Build system (1/2) ● Shell scripts – – ● OK-ish for simple stacks Tricky to handle all possible situations (that's why we have proper CM) Puppet (and others) – Great for convergence and repeatability – Steep learning curve
  18. 18. Build system (2/2) ● Dockerfile! – Doesn't have to deal with « low-level stuff » – Doesn't need all the goodness of CM – If you know Shell, you already know Dockerfile – Layered caching (only rebuild what's needed) – Allows inheritance and composition
  19. 19. FROM ubuntu RUN RUN RUN RUN RUN apt-get apt-get apt-get apt-get apt-get -y update install -y install -y install -y install -y g++ erlang-dev erlang-manpages erlang-base-hipe ... libmozjs185-dev libicu-dev libtool ... make wget RUN wget http://.../apache-couchdb-1.3.1.tar.gz | tar -C /tmp -zxfRUN cd /tmp/apache-couchdb-* && ./configure && make install RUN printf "[httpd]nport = 8101nbind_address = 0.0.0.0" > /usr/local/etc/couchdb/local.d/docker.ini EXPOSE 8101 CMD ["/usr/local/bin/couchdb"] docker build -t jpetazzo/couchdb .
  20. 20. REST API ● Docker = daemon with REST API ● CLI = client for that REST API ● Many tools already available – dashboards, GUIs... – orchestration (Maestro NG and more) – OpenStack, PAAS, Mesos...
  21. 21. Open Source ● Docker repo on GitHub – – ● More than 340 contributors and 1500 forks Hint: Docker Inc. headcount is less than 34... Communication channels – Mailing lists: docker-user and docker-dev – IRC (Freenode): #docker and #docker-dev
  22. 22. Outline ● Intros ● What's the point? ● Docker for DevOps ● Puppetizing Docker ● Dockerizing Puppet ● What's next?
  23. 23. First things first https://github.com/garethr/garethr-docker https://forge.puppetlabs.com/garethr/docker
  24. 24. Installing Docker with Puppet include 'docker' class { 'docker': version => '0.8.1' }
  25. 25. Warm up our image collection # download the registry image docker::image { 'stackbrew/registry': } # don't download all ubuntu, # just 'precise' docker::image { 'ubuntu': image_tag => 'precise' }
  26. 26. Run containers docker::run { 'slavedb': image => 'jpetazzo/postgresql' } command ports links use_name volumes volumes_from memory_limit username hostname env dns restart_service => => => => => => => => => => => => '…' ['5432', '22'], ['masterdb:master'], true, ['/var/lib/postgresql'], '420fc7e8aa20', 100000000, # bytes 'postgres', 'sdb.prod.dckr.io', ['FUZZINESS=42', FOO=BAR', 'FOO2=BAR2'], ['8.8.8.8', '8.8.4.4'], true
  27. 27. Outline ● Intros ● What's the point? ● Docker for DevOps ● Puppetizing Docker ● Dockerizing Puppet ● What's next?
  28. 28. My other VM is a container ● write a Dockerfile to install $YOUR_CM ● start tons of containers ● run $YOUR_CM in them Good if you want a mix of containers/VM/metal But slower to deploy, and uses more resources
  29. 29. Sample Dockerfile FROM ubuntu:12.04 RUN apt-get install -qy wget RUN mkdir /puppet WORKDIR /puppet RUN wget -q http://apt.puppetlabs.com/puppetlabs-release-precise.deb RUN dpkg -i puppetlabs-release-precise.deb RUN apt-get update -q RUN apt-get install -qy puppet-common CMD puppet agent --no-daemonize --verbose
  30. 30. Lightweight, portable VMs ● Start containers instead of VMs – – You can start those 10 containers too! (Even though you have a totally different laptop!) – ● I can start 10 containers on this puny laptop! We can start those containers in the Cloud! Deploy sshd, syslogd, crond, etc. – You can... But do you have to?
  31. 31. The revolution will be containerized ● write a Dockerfile to install $YOUR_CM ● … and run $YOUR_CM as part of build process ● deploy fully baked images Faster to deploy Easier to rollback
  32. 32. Sample Dockerfile FROM ubuntu:12.04 RUN apt-get install -qy wget RUN mkdir /puppet WORKDIR /puppet RUN wget -q http://apt.puppetlabs.com/puppetlabs-release-precise.deb RUN dpkg -i puppetlabs-release-precise.deb RUN apt-get update -q RUN apt-get install -qy puppet-common ENV FACTER_HOSTNAME database42 ADD ./site.pp /puppet/site.pp RUN puppet apply site.pp
  33. 33. Outline ● Intros ● What's the point? ● Docker for DevOps ● Puppetizing Docker ● Dockerizing Puppet ● What's next?
  34. 34. Docker provisioner What if... ● ● ● Puppet doesn't act on the system, outputs a Dockerfile instead? Puppet builds this Dockerfile, and pushes the resulting image to a registry? One node can build images, while other nodes run those images?
  35. 35. A better Puppet agent ● Puppet agent is OK on « big » machines ● Not so much on small containers ● ● Can we run a single agent, and have it « rotate » between containers? Can we run that agent... … in a container?
  36. 36. Thank you! Questions? http://docker.io/ http://docker.com/ @docker @jpetazzo

×