Docker, Inc., profile picture
Uploaded byDocker, Inc.
PPTX, PDF29,394 views

Orchestrating Docker with Terraform and Consul by Mitchell Hashimoto

The document discusses the orchestration of Docker environments using HashiCorp's Consul and Terraform, emphasizing their roles in managing infrastructure lifecycle, service discovery, and orchestration at scale. It highlights the evolution and challenges of transitioning to a Docker-centric infrastructure while maintaining legacy systems. The document also details Terraform's capabilities for infrastructure as code and Consul's features for service discovery and configuration management in multi-datacenter setups.

Embed presentation

Downloaded 372 times
Orchestrating Docker with Consul and Terraform
Mitchell Hashimoto @mitchellh
HashiCorp Powering the software-managed datacenter. hashicorp.com
What’s the problem? “Orchestration” and why it is needed in a Docker world
Docker Solves a lot of Problems Packaging Docker Image Docker Registry Docker Host Distribution Execution
Other Pieces to the Puzzle • Infrastructure lifecycle and provisioning • Monitoring • Discovery • Orchestration • Transitioning to Docker
Infrastructure Lifecycle and Provisioning Datacenter Server Server Server Server Server Server Server Server Server DNS Database CDN
Infrastructure Lifecycle and Provisioning Datacenter Server Server Server Server Server Server Server Server Server DNS Database CDN • Docker hosts • Networking • Storage • Service providers (ex. DNS, CDN, etc)
Infrastructure Lifecycle and Provisioning Datacenter Server Server Server Server Server Server Server Server Server DNS Database CDN • Changing/Iterating • Rolling deploys • Canaries
Monitoring Container Container Container Container Container Container Virtual Virtual Virtual Physical (Machine) • Node • Container • Service • Propagation of this information Service Service Service
Discovery • “Where is service foo?” (database, web app, api, etc.) • Multi-datacenter • Service providers (Database as a Service, etc.) • Physical nodes + containers + non-Docker • Service configuration: “What is my configuration?”
Transitioning to Docker • Transition isn’t a single step, takes time • How to handle legacy + Docker and interaction?
Problems Not Inherent to Docker • Not new, not caused by Docker, will exist after Docker • Higher density exacerbates problems at earlier stage • New aspect: core datacenter functionality is shrinking! • Number of servers and containers will only grow, but the number of servers/containers we run/manage will shrink over time. • Infrastructure lifecycle, discovery, monitoring, orchestration problems still exist yesterday, now, and in the future.
Consul and Terraform Infrastructure lifecycle, service discovery, monitoring, and orchestration at scale for all infrastructures.
terraform.io
Build, combine, and launch infrastructure safely and efficiently. terraform.io
Terraform Goals • Unified view of modern datacenter with infrastructure as code • Compose multiple tiers (IaaS to PaaS to SaaS) • Safely change/iterate infrastructure • One workflow, technology agnostic • “No more dashboards.”
Infrastructure as Code DigitalOcean Droplet with DNS in DNSimple resource "digitalocean_droplet" "web" { name = "tf-web" size = "512mb" image = "centos-5-8-x32" region = "sfo1" } resource "dnsimple_record" "hello" { domain = "example.com" name = "test" value = "${digitalocean_droplet.web.ipv4_address}" type = "A" }
Infrastructure as Code DigitalOcean Droplet with DNS in DNSimple resource "digitalocean_droplet" "web" { name = "tf-web" size = "512mb" image = "centos-5-8-x32" region = "sfo1" } resource "dnsimple_record" "hello" { domain = "example.com" name = "test" value = "${digitalocean_droplet.web.ipv4_address}" type = "A" }
Infrastructure as Code DigitalOcean Droplet with DNS in DNSimple resource "digitalocean_droplet" "web" { name = "tf-web" size = "512mb" image = "centos-5-8-x32" region = "sfo1" } resource "dnsimple_record" "hello" { domain = "example.com" name = "test" value = "${digitalocean_droplet.web.ipv4_address}" type = "A" }
Infrastructure as Code DigitalOcean Droplet with DNS in DNSimple resource "digitalocean_droplet" "web" { name = "tf-web" size = "512mb" image = "centos-5-8-x32" region = "sfo1" } resource "dnsimple_record" "hello" { domain = "example.com" name = "test" value = "${digitalocean_droplet.web.ipv4_address}" type = "A" }
Infrastructure as Code • Human friendly config, JSON compatible • Text format makes it version-able, VCS-friendly • Infrastructure as code on a level not before possible
Compose Multiple Tiers / Providers
Providers • Integration point • Expose resources (“aws_instance”, “dnsimple_record”, etc.) • CRUD API • Core vs. Providers simplifies logic for integrators
Provider Composition • “Layer cake” • Provider for each layer • Unified configuration Container Container Container Container Container Container Virtual Virtual Virtual IaaS (OpenStack, etc.) • One step: “terraform apply” Physical (Machine)
Safely Change/Iterate Terraform Plan + digitalocean_droplet.web backups: "" => "<computed>" image: "" => "centos-5-8-x32" ipv4_address: "" => "<computed>" ipv4_address_private: "" => "<computed>" name: "" => "tf-web" private_networking: "" => "<computed>" region: "" => "sfo1" size: "" => "512mb" status: "" => "<computed>" + dnsimple_record.hello domain: "" => "example.com" domain_id: "" => "<computed>" hostname: "" => "<computed>" name: "" => "test" priority: "" => "<computed>" ttl: "" => "<computed>" type: "" => "A" value: "" => "${digitalocean_droplet.web.ipv4_address}"
Safely Change/Iterate Terraform Plan + digitalocean_droplet.web backups: "" => "<computed>" image: "" => "centos-5-8-x32" ipv4_address: "" => "<computed>" ipv4_address_private: "" => "<computed>" name: "" => "tf-web" private_networking: "" => "<computed>" region: "" => "sfo1" size: "" => "512mb" status: "" => "<computed>" + dnsimple_record.hello domain: "" => "example.com" domain_id: "" => "<computed>" hostname: "" => "<computed>" name: "" => "test" priority: "" => "<computed>" ttl: "" => "<computed>" type: "" => "A" value: "" => "${digitalocean_droplet.web.ipv4_address}"
Safely Change/Iterate Terraform Plan + digitalocean_droplet.web backups: "" => "<computed>" image: "" => "centos-5-8-x32" ipv4_address: "" => "<computed>" ipv4_address_private: "" => "<computed>" name: "" => "tf-web" private_networking: "" => "<computed>" region: "" => "sfo1" size: "" => "512mb" status: "" => "<computed>" + dnsimple_record.hello domain: "" => "example.com" domain_id: "" => "<computed>" hostname: "" => "<computed>" name: "" => "test" priority: "" => "<computed>" ttl: "" => "<computed>" type: "" => "A" value: "" => "${digitalocean_droplet.web.ipv4_address}"
Safely Change/Iterate • Plan shows you what will happen • Save plans to guarantee what will happen • Plans show reasons for certain actions (such as re-create) • Prior to Terraform: Operators had to “divine” change ordering, parallelization, rollout effect.
Other Features • Modules • Provisioners (remote-exec, local-exec, etc.) • Parameterization • Outputs • One command run: terraform run github.com/foo/bar
consul.io
Service discovery, configuration, and orchestration made easy. Distributed, highly available, and datacenter-aware.
Service Discovery Where is service foo?
Service Discovery Service Discovery via DNS or HTTP $ dig web-frontend.service.consul. +short 10.0.3.89 10.0.1.46 $ curl http://localhost:8500/v1/catalog/service/web-frontend [{ “Node”: “node-e818f1”, “Address”: “10.0.3.89”, “ServiceID”: “web-frontend”, … }]
Service Discovery • DNS is legacy-friendly. No application changes required. • HTTP returns rich metadata. • Discover both internal and external services (such as service providers)
Failure Detection Is service foo healthy/available?
Failure Detection
Failure Detection • DNS won’t return non-healthy services or nodes. • HTTP has endpoints to list health state of catalog.
Key/Value Storage What is the config of service foo?
Key/Value Storage Setting and Getting a Key $ curl –X PUT –d ‘bar’ http://localhost:8500/v1/kv/foo true $ curl http://localhost:8500/v1/kv/foo?raw bar
Key/Value Storage • Highly available storage of configuration. • Turn knobs without big configuration management process. • Watch keys (long poll) for changes • ACLs on key/value to protect sensitive information
Multi-Datacenter
Multi-Datacenter Service Discovery $ dig web-frontend.singapore.service.consul. +short 10.3.3.33 10.3.1.18 $ dig web-frontend.germany.service.consul. +short 10.7.3.41 10.7.1.76
Multi-Datacenter Setting and Getting a Key $ curl http://localhost:8500/v1/kv/foo?raw&dc=asia true $ curl http://localhost:8500/v1/kv/foo?raw&dc=eu false
Multi-Datacenter • Local by default • Can query other datacenters however you may need to • Can view all datacenters within one UI
Orchestration Events, Exec, Watches
Events, Exec, Watches Dispatching Custom Events $ consul event deploy 6DF7FE … $ consul watch -type event -name deploy /usr/bin/deploy.sh … $ consul exec -service web /usr/bin/deploy.sh …
Events, Exec, Watches • Powerful orchestration tools • Pros/cons to each approach, use the right tool for the job • All approaches proven to scale to thousands of agents
Operational Bullet Points • Leader election via Raft • Gossip protocol for aliveness • Three consistency models: default, consistent, and stale • Encryption, ACLs available • Real world usage to thousands of agents per datacenter
Consul and Terraform + Docker
Consul + Docker • progrium/consul (docker-consul) • registrator • Two options: Consul agent in or out of another Docker container. Both are easy, well supported.
Consul: To Docker or Not to Docker • Consul in Docker: Health checks must be network based due to isolation. • Consul on host: Can run health checks that enter container, invoke Docker for rich checks (file tests, pid tests, etc.) • Up to you, both ways work with the above caveats.
Terraform + Docker • Create all infrastructure components, not just Docker hosts: Load balancers, DNS, networking, storage, external service providers, etc. • Deploy Docker with static assignment (Docker provider, remote-exec), or schedulers (ECS, Mesos, Kubernetes, etc.)
Thanks! hashicorp.com

More Related Content

PPTX
Terraform Modules Restructured
byDoiT International
 
PDF
Bootstrapping Microservices with Kafka, Akka and Spark
byAlex Silva
 
PDF
Cloud Foundry Summit 2015: Building a Robust Cloud Foundry (HA, Security and DR)
byVMware Tanzu
 
PPTX
Real-Time Distributed and Reactive Systems with Apache Kafka and Apache Accumulo
byJoe Stein
 
PDF
Datacenter Computing with Apache Mesos - シリコンバレー日本人駐在員Meetup
byPaco Nathan
 
PDF
Getting Started Running Apache Spark on Apache Mesos
byPaco Nathan
 
PDF
TDC2016POA | Trilha Infraestrutura - Apache Mesos & Marathon: gerenciando rem...
bytdc-globalcode
 
PPTX
Javantura v3 - Conquer the Internet of Things with Java and Docker – Johan Ja...
byHUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association
 
Terraform Modules Restructured
byDoiT International
 
Bootstrapping Microservices with Kafka, Akka and Spark
byAlex Silva
 
Cloud Foundry Summit 2015: Building a Robust Cloud Foundry (HA, Security and DR)
byVMware Tanzu
 
Real-Time Distributed and Reactive Systems with Apache Kafka and Apache Accumulo
byJoe Stein
 
Datacenter Computing with Apache Mesos - シリコンバレー日本人駐在員Meetup
byPaco Nathan
 
Getting Started Running Apache Spark on Apache Mesos
byPaco Nathan
 
TDC2016POA | Trilha Infraestrutura - Apache Mesos & Marathon: gerenciando rem...
bytdc-globalcode
 
Javantura v3 - Conquer the Internet of Things with Java and Docker – Johan Ja...
byHUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association
 

What's hot

PPTX
Matt Franklin - Apache Software (Geekfest)
byW2O Group
 
PPTX
Have your cake and eat it too
byGwen (Chen) Shapira
 
PDF
Lightbend Fast Data Platform
byLightbend
 
PDF
Deploying Docker Containers at Scale with Mesos and Marathon
byDiscover Pinterest
 
PDF
Developing Real-Time Data Pipelines with Apache Kafka
byJoe Stein
 
PDF
Scaling Big Data with Hadoop and Mesos
byDiscover Pinterest
 
PPTX
Deploying Apache Flume to enable low-latency analytics
byDataWorks Summit
 
PPTX
HadoopCon- Trend Micro SPN Hadoop Overview
byYafang Chang
 
PPTX
Episode 3: Kubernetes and Big Data Services
byMesosphere Inc.
 
PDF
Containerizing Distributed Pipes
byinside-BigData.com
 
PPTX
Data Architectures for Robust Decision Making
byGwen (Chen) Shapira
 
PDF
Service discovery in mesos miguel, Angel Guillen
byJ On The Beach
 
PDF
Stac summit june 14th - goodbye datalakes
byiguazio
 
PDF
Streaming Processing with a Distributed Commit Log
byJoe Stein
 
PPTX
Developing with the Go client for Apache Kafka
byJoe Stein
 
ODP
Devoxx 2016 talk: Going Global with Nomad and Google Cloud Platform
byBastiaan Bakker
 
PDF
Getting Pulsar Spinning_Addison Higham
byStreamNative
 
PPTX
Eron Wright - Flink Security Enhancements
byFlink Forward
 
PPTX
Large scale near real-time log indexing with Flume and SolrCloud
byDataWorks Summit
 
Matt Franklin - Apache Software (Geekfest)
byW2O Group
 
Have your cake and eat it too
byGwen (Chen) Shapira
 
Lightbend Fast Data Platform
byLightbend
 
Deploying Docker Containers at Scale with Mesos and Marathon
byDiscover Pinterest
 
Developing Real-Time Data Pipelines with Apache Kafka
byJoe Stein
 
Scaling Big Data with Hadoop and Mesos
byDiscover Pinterest
 
Deploying Apache Flume to enable low-latency analytics
byDataWorks Summit
 
HadoopCon- Trend Micro SPN Hadoop Overview
byYafang Chang
 
Episode 3: Kubernetes and Big Data Services
byMesosphere Inc.
 
Containerizing Distributed Pipes
byinside-BigData.com
 
Data Architectures for Robust Decision Making
byGwen (Chen) Shapira
 
Service discovery in mesos miguel, Angel Guillen
byJ On The Beach
 
Stac summit june 14th - goodbye datalakes
byiguazio
 
Streaming Processing with a Distributed Commit Log
byJoe Stein
 
Developing with the Go client for Apache Kafka
byJoe Stein
 
Devoxx 2016 talk: Going Global with Nomad and Google Cloud Platform
byBastiaan Bakker
 
Getting Pulsar Spinning_Addison Higham
byStreamNative
 
Eron Wright - Flink Security Enhancements
byFlink Forward
 
Large scale near real-time log indexing with Flume and SolrCloud
byDataWorks Summit
 

Viewers also liked

PPTX
An intro to Docker, Terraform, and Amazon ECS
byYevgeniy Brikman
 
PPTX
Infrastructure as code: running microservices on AWS using Docker, Terraform,...
byYevgeniy Brikman
 
PDF
Terraform: An Overview & Introduction
byLee Trout
 
PPTX
Scaling Your App With Docker Swarm using Terraform, Packer on Openstack
byBobby DeVeaux, DevOps Consultant
 
PPTX
Comprehensive Terraform Training
byYevgeniy Brikman
 
PPTX
Container Orchestration
bydfilppi
 
PPTX
Orchestration tool roundup kubernetes vs. docker vs. heat vs. terra form vs...
byNati Shalom
 
PDF
Building infrastructure with Terraform (Google)
byRadek Simko
 
PDF
Building Web Scale Apps with Docker and Mesos by Alex Rukletsov (Mesosphere)
byDocker, Inc.
 
PPTX
TOSCA and Cloudify
bydfilppi
 
PDF
Docker at Shopify: From This-Looks-Fun to Production by Simon Eskildsen (Shop...
byDocker, Inc.
 
PDF
CloudFormation vs Terraform vs Ansible
byMattias Gees
 
PDF
Clocker: Managing Container Networking and Placement
byDocker, Inc.
 
PDF
Choosing the Right Framework for Running Docker Containers in Prod
byJosh Padnick
 
PDF
Using Terraform.io (Human Talks Montpellier, Epitech, 2014/09/09)
byStephane Jourdan
 
PPTX
Opinionated containers and the future of game servers by Brendan Fosberry
byDocker, Inc.
 
PPTX
Scaling Development Environments with Docker
byDocker, Inc.
 
PDF
Container Orchestration Wars (Micro Edition)
byKarl Isenberg
 
PDF
Docker and Radio Astronomy - Containing Fragile Scientific Software by Gijs M...
byDocker, Inc.
 
PPTX
Migrating a large code-base to containers by Doug Johnson and Jonathan Lozins...
byDocker, Inc.
 
An intro to Docker, Terraform, and Amazon ECS
byYevgeniy Brikman
 
Infrastructure as code: running microservices on AWS using Docker, Terraform,...
byYevgeniy Brikman
 
Terraform: An Overview & Introduction
byLee Trout
 
Scaling Your App With Docker Swarm using Terraform, Packer on Openstack
byBobby DeVeaux, DevOps Consultant
 
Comprehensive Terraform Training
byYevgeniy Brikman
 
Container Orchestration
bydfilppi
 
Orchestration tool roundup kubernetes vs. docker vs. heat vs. terra form vs...
byNati Shalom
 
Building infrastructure with Terraform (Google)
byRadek Simko
 
Building Web Scale Apps with Docker and Mesos by Alex Rukletsov (Mesosphere)
byDocker, Inc.
 
TOSCA and Cloudify
bydfilppi
 
Docker at Shopify: From This-Looks-Fun to Production by Simon Eskildsen (Shop...
byDocker, Inc.
 
CloudFormation vs Terraform vs Ansible
byMattias Gees
 
Clocker: Managing Container Networking and Placement
byDocker, Inc.
 
Choosing the Right Framework for Running Docker Containers in Prod
byJosh Padnick
 
Using Terraform.io (Human Talks Montpellier, Epitech, 2014/09/09)
byStephane Jourdan
 
Opinionated containers and the future of game servers by Brendan Fosberry
byDocker, Inc.
 
Scaling Development Environments with Docker
byDocker, Inc.
 
Container Orchestration Wars (Micro Edition)
byKarl Isenberg
 
Docker and Radio Astronomy - Containing Fragile Scientific Software by Gijs M...
byDocker, Inc.
 
Migrating a large code-base to containers by Doug Johnson and Jonathan Lozins...
byDocker, Inc.
 

Similar to Orchestrating Docker with Terraform and Consul by Mitchell Hashimoto

PDF
56k.cloud training
byBrian Christner
 
PDF
Terraforming your Infrastructure on GCP
bySamuel Chow
 
PPTX
A year in Production with the Hashistack
byJason Harley
 
PDF
Oracle Cloud - Infrastruktura jako kód
byMarketingArrowECS_CZ
 
PDF
State of Union - Containerz
byShiva Narayanaswamy
 
PDF
TIAD : Automating the modern datacenter
byThe Incredible Automation Day
 
PDF
OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...
byNETWAYS
 
PDF
HashiStack. To the cloud and beyond...
byOleg Lobanov
 
PDF
Higher order infrastructure: from Docker basics to cluster management - Nicol...
byCodemotion
 
PDF
Atmosphere Conference 2015: Taming the Modern Datacenter
byPROIDEA
 
PDF
Microservices with Terraform, Docker and the Cloud. IJug Chicago 2017-06-06
byDerek Ashmore
 
PDF
Microservices with Terraform, Docker and the Cloud. JavaOne 2017 2017-10-02
byDerek Ashmore
 
PDF
Microservices with Terraform, Docker and the Cloud. Chicago Coders Conference...
byDerek Ashmore
 
PDF
Container orchestration
byTimo Derstappen
 
PPTX
Terraform Immutablish Infrastructure with Consul-Template
byZane Williamson
 
PDF
OSDC 2017 - Seth Vargo - Taming the modern data center
byNETWAYS
 
PDF
OSDC 2017 | Taming the Modern Data Center by Seth Vargo
byNETWAYS
 
PDF
OSDC 2017 | Modern Secrets Management with Vault by Seth Vargo
byNETWAYS
 
PDF
Microservices with Terraform, Docker and the Cloud. DevOps Wet 2018
byDerek Ashmore
 
PDF
A case study why Zoominfo uses Terraform Cloud in high-scale environment.
byTal Hibner
 
56k.cloud training
byBrian Christner
 
Terraforming your Infrastructure on GCP
bySamuel Chow
 
A year in Production with the Hashistack
byJason Harley
 
Oracle Cloud - Infrastruktura jako kód
byMarketingArrowECS_CZ
 
State of Union - Containerz
byShiva Narayanaswamy
 
TIAD : Automating the modern datacenter
byThe Incredible Automation Day
 
OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...
byNETWAYS
 
HashiStack. To the cloud and beyond...
byOleg Lobanov
 
Higher order infrastructure: from Docker basics to cluster management - Nicol...
byCodemotion
 
Atmosphere Conference 2015: Taming the Modern Datacenter
byPROIDEA
 
Microservices with Terraform, Docker and the Cloud. IJug Chicago 2017-06-06
byDerek Ashmore
 
Microservices with Terraform, Docker and the Cloud. JavaOne 2017 2017-10-02
byDerek Ashmore
 
Microservices with Terraform, Docker and the Cloud. Chicago Coders Conference...
byDerek Ashmore
 
Container orchestration
byTimo Derstappen
 
Terraform Immutablish Infrastructure with Consul-Template
byZane Williamson
 
OSDC 2017 - Seth Vargo - Taming the modern data center
byNETWAYS
 
OSDC 2017 | Taming the Modern Data Center by Seth Vargo
byNETWAYS
 
OSDC 2017 | Modern Secrets Management with Vault by Seth Vargo
byNETWAYS
 
Microservices with Terraform, Docker and the Cloud. DevOps Wet 2018
byDerek Ashmore
 
A case study why Zoominfo uses Terraform Cloud in high-scale environment.
byTal Hibner
 

More from Docker, Inc.

PDF
Monolithic to Microservices + Docker = SDLC on Steroids!
byDocker, Inc.
 
PDF
How To Build and Run Node Apps with Docker and Compose
byDocker, Inc.
 
PDF
Predicting Space Weather with Docker
byDocker, Inc.
 
PDF
How to Improve Your Image Builds Using Advance Docker Build
byDocker, Inc.
 
PDF
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
byDocker, Inc.
 
PDF
Securing Your Containerized Applications with NGINX
byDocker, Inc.
 
PDF
Kubernetes at Datadog Scale
byDocker, Inc.
 
PDF
Build & Deploy Multi-Container Applications to AWS
byDocker, Inc.
 
PDF
Build & Deploy Multi-Container Applications to AWS
byDocker, Inc.
 
PDF
Become a Docker Power User With Microsoft Visual Studio Code
byDocker, Inc.
 
PDF
Containerize Your Game Server for the Best Multiplayer Experience
byDocker, Inc.
 
PDF
The First 10M Pulls: Building The Official Curl Image for Docker Hub
byDocker, Inc.
 
PDF
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
byDocker, Inc.
 
PDF
Hands-on Helm
byDocker, Inc.
 
PDF
Monitoring in a Microservices World
byDocker, Inc.
 
PDF
How to Use Mirroring and Caching to Optimize your Container Registry
byDocker, Inc.
 
PDF
Developing with Docker for the Arm Architecture
byDocker, Inc.
 
PDF
Distributed Deep Learning with Docker at Salesforce
byDocker, Inc.
 
PDF
Labels, Labels, Labels
byDocker, Inc.
 
PDF
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
byDocker, Inc.
 
Monolithic to Microservices + Docker = SDLC on Steroids!
byDocker, Inc.
 
How To Build and Run Node Apps with Docker and Compose
byDocker, Inc.
 
Predicting Space Weather with Docker
byDocker, Inc.
 
How to Improve Your Image Builds Using Advance Docker Build
byDocker, Inc.
 
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
byDocker, Inc.
 
Securing Your Containerized Applications with NGINX
byDocker, Inc.
 
Kubernetes at Datadog Scale
byDocker, Inc.
 
Build & Deploy Multi-Container Applications to AWS
byDocker, Inc.
 
Build & Deploy Multi-Container Applications to AWS
byDocker, Inc.
 
Become a Docker Power User With Microsoft Visual Studio Code
byDocker, Inc.
 
Containerize Your Game Server for the Best Multiplayer Experience
byDocker, Inc.
 
The First 10M Pulls: Building The Official Curl Image for Docker Hub
byDocker, Inc.
 
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
byDocker, Inc.
 
Hands-on Helm
byDocker, Inc.
 
Monitoring in a Microservices World
byDocker, Inc.
 
How to Use Mirroring and Caching to Optimize your Container Registry
byDocker, Inc.
 
Developing with Docker for the Arm Architecture
byDocker, Inc.
 
Distributed Deep Learning with Docker at Salesforce
byDocker, Inc.
 
Labels, Labels, Labels
byDocker, Inc.
 
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
byDocker, Inc.
 

Recently uploaded

PPTX
Code Like Bro -A guide for better Coding
byMadan Panthi
 
PDF
Azure DevOps Managed Services: Driving Speed, Security, and Business Growth
byjohncarterjn
 
PPTX
Dell poweredge-customer-presentation.pptx
byhungungphu123
 
PPTX
Achieve enterprise automation with SAP BTP solutions and SAP Signavio
bydarrellkiwi
 
PPT
Database Management Systems: Basics, History, Data Models, etc.
byParithi Thamizh
 
PDF
Why Are Cloud Migration Services Essential for Modern Business Growth?
byGeoPITS Global Pvt Ltd
 
PPTX
6G and Non-Terrestrial Networks (NTN) Testing.pptx
byXRComm
 
PDF
Enterprise Data Services_ A Development Guide with Use Cases, Trends and Impl...
by2601harsh23
 
PDF
5G Explained! A High Level Overview [Introduction]
byLuciano Motta
 
PPTX
Advance Computer Architecture Lecture 4.pptx
byBottshikanBottshikan
 
PDF
Computer Science Conferences 2026 | Research by SAI Conference
byHealth Conference 2026
 
PPTX
SOFTWARE DEVELOPMENT PROCESS - INTRODUCTION
byParithi Thamizh
 
PDF
How the EU Ecolabel's Record Growth Creates ESG Opportunities for CRE
byWastify AI
 
PPTX
AI in Marine Insurance Future of Smarter Risk, Faster Claims & Safer Shipping...
byAutomationEdge Technologies
 
PDF
LUXHUB: a detailed look at 2025...and fast forward to 2026
byalexandrekeilmann1
 
PDF
CISO_2027_Playbook: Sovereign AI Resilience & Quantum-Proof Identity
bySaraDavis91
 
PPTX
Spacecraft Guidance Quick Research Guide by Arthur Morgan
byArthur Morgan
 
PPTX
CRM for the Insurance Industry Lessons for Insurance CIOs and Digital Leaders...
byKerry Millar
 
PDF
Ethical AI applied to publishing: Presenting wâsikan kisewâtisiwin, an AI too...
byBookNet Canada
 
PPTX
Strategic Shelf Planning for the New Year Turning Resolutions into Revenue .pptx
byAnoop Ashok
 
Code Like Bro -A guide for better Coding
byMadan Panthi
 
Azure DevOps Managed Services: Driving Speed, Security, and Business Growth
byjohncarterjn
 
Dell poweredge-customer-presentation.pptx
byhungungphu123
 
Achieve enterprise automation with SAP BTP solutions and SAP Signavio
bydarrellkiwi
 
Database Management Systems: Basics, History, Data Models, etc.
byParithi Thamizh
 
Why Are Cloud Migration Services Essential for Modern Business Growth?
byGeoPITS Global Pvt Ltd
 
6G and Non-Terrestrial Networks (NTN) Testing.pptx
byXRComm
 
Enterprise Data Services_ A Development Guide with Use Cases, Trends and Impl...
by2601harsh23
 
5G Explained! A High Level Overview [Introduction]
byLuciano Motta
 
Advance Computer Architecture Lecture 4.pptx
byBottshikanBottshikan
 
Computer Science Conferences 2026 | Research by SAI Conference
byHealth Conference 2026
 
SOFTWARE DEVELOPMENT PROCESS - INTRODUCTION
byParithi Thamizh
 
How the EU Ecolabel's Record Growth Creates ESG Opportunities for CRE
byWastify AI
 
AI in Marine Insurance Future of Smarter Risk, Faster Claims & Safer Shipping...
byAutomationEdge Technologies
 
LUXHUB: a detailed look at 2025...and fast forward to 2026
byalexandrekeilmann1
 
CISO_2027_Playbook: Sovereign AI Resilience & Quantum-Proof Identity
bySaraDavis91
 
Spacecraft Guidance Quick Research Guide by Arthur Morgan
byArthur Morgan
 
CRM for the Insurance Industry Lessons for Insurance CIOs and Digital Leaders...
byKerry Millar
 
Ethical AI applied to publishing: Presenting wâsikan kisewâtisiwin, an AI too...
byBookNet Canada
 
Strategic Shelf Planning for the New Year Turning Resolutions into Revenue .pptx
byAnoop Ashok
 

Orchestrating Docker with Terraform and Consul by Mitchell Hashimoto

  • 1.
    Orchestrating Docker with Consul and Terraform
  • 2.
  • 3.
    HashiCorp Powering thesoftware-managed datacenter. hashicorp.com
  • 5.
    What’s the problem? “Orchestration” and why it is needed in a Docker world
  • 6.
    Docker Solves alot of Problems Packaging Docker Image Docker Registry Docker Host Distribution Execution
  • 7.
    Other Pieces tothe Puzzle • Infrastructure lifecycle and provisioning • Monitoring • Discovery • Orchestration • Transitioning to Docker
  • 8.
    Infrastructure Lifecycle andProvisioning Datacenter Server Server Server Server Server Server Server Server Server DNS Database CDN
  • 9.
    Infrastructure Lifecycle andProvisioning Datacenter Server Server Server Server Server Server Server Server Server DNS Database CDN • Docker hosts • Networking • Storage • Service providers (ex. DNS, CDN, etc)
  • 10.
    Infrastructure Lifecycle andProvisioning Datacenter Server Server Server Server Server Server Server Server Server DNS Database CDN • Changing/Iterating • Rolling deploys • Canaries
  • 11.
    Monitoring Container ContainerContainer Container Container Container Virtual Virtual Virtual Physical (Machine) • Node • Container • Service • Propagation of this information Service Service Service
  • 12.
    Discovery • “Whereis service foo?” (database, web app, api, etc.) • Multi-datacenter • Service providers (Database as a Service, etc.) • Physical nodes + containers + non-Docker • Service configuration: “What is my configuration?”
  • 13.
    Transitioning to Docker • Transition isn’t a single step, takes time • How to handle legacy + Docker and interaction?
  • 14.
    Problems Not Inherentto Docker • Not new, not caused by Docker, will exist after Docker • Higher density exacerbates problems at earlier stage • New aspect: core datacenter functionality is shrinking! • Number of servers and containers will only grow, but the number of servers/containers we run/manage will shrink over time. • Infrastructure lifecycle, discovery, monitoring, orchestration problems still exist yesterday, now, and in the future.
  • 15.
    Consul and Terraform Infrastructure lifecycle, service discovery, monitoring, and orchestration at scale for all infrastructures.
  • 16.
  • 17.
    Build, combine, andlaunch infrastructure safely and efficiently. terraform.io
  • 18.
    Terraform Goals •Unified view of modern datacenter with infrastructure as code • Compose multiple tiers (IaaS to PaaS to SaaS) • Safely change/iterate infrastructure • One workflow, technology agnostic • “No more dashboards.”
  • 19.
    Infrastructure as Code DigitalOcean Droplet with DNS in DNSimple resource "digitalocean_droplet" "web" { name = "tf-web" size = "512mb" image = "centos-5-8-x32" region = "sfo1" } resource "dnsimple_record" "hello" { domain = "example.com" name = "test" value = "${digitalocean_droplet.web.ipv4_address}" type = "A" }
  • 20.
    Infrastructure as Code DigitalOcean Droplet with DNS in DNSimple resource "digitalocean_droplet" "web" { name = "tf-web" size = "512mb" image = "centos-5-8-x32" region = "sfo1" } resource "dnsimple_record" "hello" { domain = "example.com" name = "test" value = "${digitalocean_droplet.web.ipv4_address}" type = "A" }
  • 21.
    Infrastructure as Code DigitalOcean Droplet with DNS in DNSimple resource "digitalocean_droplet" "web" { name = "tf-web" size = "512mb" image = "centos-5-8-x32" region = "sfo1" } resource "dnsimple_record" "hello" { domain = "example.com" name = "test" value = "${digitalocean_droplet.web.ipv4_address}" type = "A" }
  • 22.
    Infrastructure as Code DigitalOcean Droplet with DNS in DNSimple resource "digitalocean_droplet" "web" { name = "tf-web" size = "512mb" image = "centos-5-8-x32" region = "sfo1" } resource "dnsimple_record" "hello" { domain = "example.com" name = "test" value = "${digitalocean_droplet.web.ipv4_address}" type = "A" }
  • 23.
    Infrastructure as Code • Human friendly config, JSON compatible • Text format makes it version-able, VCS-friendly • Infrastructure as code on a level not before possible
  • 24.
  • 25.
    Providers • Integrationpoint • Expose resources (“aws_instance”, “dnsimple_record”, etc.) • CRUD API • Core vs. Providers simplifies logic for integrators
  • 26.
    Provider Composition •“Layer cake” • Provider for each layer • Unified configuration Container Container Container Container Container Container Virtual Virtual Virtual IaaS (OpenStack, etc.) • One step: “terraform apply” Physical (Machine)
  • 27.
    Safely Change/Iterate TerraformPlan + digitalocean_droplet.web backups: "" => "<computed>" image: "" => "centos-5-8-x32" ipv4_address: "" => "<computed>" ipv4_address_private: "" => "<computed>" name: "" => "tf-web" private_networking: "" => "<computed>" region: "" => "sfo1" size: "" => "512mb" status: "" => "<computed>" + dnsimple_record.hello domain: "" => "example.com" domain_id: "" => "<computed>" hostname: "" => "<computed>" name: "" => "test" priority: "" => "<computed>" ttl: "" => "<computed>" type: "" => "A" value: "" => "${digitalocean_droplet.web.ipv4_address}"
  • 28.
    Safely Change/Iterate TerraformPlan + digitalocean_droplet.web backups: "" => "<computed>" image: "" => "centos-5-8-x32" ipv4_address: "" => "<computed>" ipv4_address_private: "" => "<computed>" name: "" => "tf-web" private_networking: "" => "<computed>" region: "" => "sfo1" size: "" => "512mb" status: "" => "<computed>" + dnsimple_record.hello domain: "" => "example.com" domain_id: "" => "<computed>" hostname: "" => "<computed>" name: "" => "test" priority: "" => "<computed>" ttl: "" => "<computed>" type: "" => "A" value: "" => "${digitalocean_droplet.web.ipv4_address}"
  • 29.
    Safely Change/Iterate TerraformPlan + digitalocean_droplet.web backups: "" => "<computed>" image: "" => "centos-5-8-x32" ipv4_address: "" => "<computed>" ipv4_address_private: "" => "<computed>" name: "" => "tf-web" private_networking: "" => "<computed>" region: "" => "sfo1" size: "" => "512mb" status: "" => "<computed>" + dnsimple_record.hello domain: "" => "example.com" domain_id: "" => "<computed>" hostname: "" => "<computed>" name: "" => "test" priority: "" => "<computed>" ttl: "" => "<computed>" type: "" => "A" value: "" => "${digitalocean_droplet.web.ipv4_address}"
  • 30.
    Safely Change/Iterate •Plan shows you what will happen • Save plans to guarantee what will happen • Plans show reasons for certain actions (such as re-create) • Prior to Terraform: Operators had to “divine” change ordering, parallelization, rollout effect.
  • 31.
    Other Features •Modules • Provisioners (remote-exec, local-exec, etc.) • Parameterization • Outputs • One command run: terraform run github.com/foo/bar
  • 32.
  • 33.
    Service discovery, configuration,and orchestration made easy. Distributed, highly available, and datacenter-aware.
  • 34.
    Service Discovery Whereis service foo?
  • 35.
    Service Discovery ServiceDiscovery via DNS or HTTP $ dig web-frontend.service.consul. +short 10.0.3.89 10.0.1.46 $ curl http://localhost:8500/v1/catalog/service/web-frontend [{ “Node”: “node-e818f1”, “Address”: “10.0.3.89”, “ServiceID”: “web-frontend”, … }]
  • 36.
    Service Discovery •DNS is legacy-friendly. No application changes required. • HTTP returns rich metadata. • Discover both internal and external services (such as service providers)
  • 37.
    Failure Detection Isservice foo healthy/available?
  • 38.
  • 39.
    Failure Detection •DNS won’t return non-healthy services or nodes. • HTTP has endpoints to list health state of catalog.
  • 40.
    Key/Value Storage Whatis the config of service foo?
  • 41.
    Key/Value Storage Settingand Getting a Key $ curl –X PUT –d ‘bar’ http://localhost:8500/v1/kv/foo true $ curl http://localhost:8500/v1/kv/foo?raw bar
  • 42.
    Key/Value Storage •Highly available storage of configuration. • Turn knobs without big configuration management process. • Watch keys (long poll) for changes • ACLs on key/value to protect sensitive information
  • 43.
  • 44.
    Multi-Datacenter Service Discovery $ dig web-frontend.singapore.service.consul. +short 10.3.3.33 10.3.1.18 $ dig web-frontend.germany.service.consul. +short 10.7.3.41 10.7.1.76
  • 45.
    Multi-Datacenter Setting andGetting a Key $ curl http://localhost:8500/v1/kv/foo?raw&dc=asia true $ curl http://localhost:8500/v1/kv/foo?raw&dc=eu false
  • 46.
    Multi-Datacenter • Localby default • Can query other datacenters however you may need to • Can view all datacenters within one UI
  • 47.
  • 48.
    Events, Exec, Watches Dispatching Custom Events $ consul event deploy 6DF7FE … $ consul watch -type event -name deploy /usr/bin/deploy.sh … $ consul exec -service web /usr/bin/deploy.sh …
  • 49.
    Events, Exec, Watches • Powerful orchestration tools • Pros/cons to each approach, use the right tool for the job • All approaches proven to scale to thousands of agents
  • 50.
    Operational Bullet Points • Leader election via Raft • Gossip protocol for aliveness • Three consistency models: default, consistent, and stale • Encryption, ACLs available • Real world usage to thousands of agents per datacenter
  • 51.
  • 52.
    Consul + Docker • progrium/consul (docker-consul) • registrator • Two options: Consul agent in or out of another Docker container. Both are easy, well supported.
  • 53.
    Consul: To Dockeror Not to Docker • Consul in Docker: Health checks must be network based due to isolation. • Consul on host: Can run health checks that enter container, invoke Docker for rich checks (file tests, pid tests, etc.) • Up to you, both ways work with the above caveats.
  • 54.
    Terraform + Docker • Create all infrastructure components, not just Docker hosts: Load balancers, DNS, networking, storage, external service providers, etc. • Deploy Docker with static assignment (Docker provider, remote-exec), or schedulers (ECS, Mesos, Kubernetes, etc.)
  • 55.

Editor's Notes

  • #5 You may recognize some of our tools, we make Vagrant, Packer, Serf, Consul and Terraform.
  • #20 This is an example of Terraform configuration. In this example, we’re describing setting up a DO droplet with DNS in DNSimple. This is a good example of combining both IaaS and SaaS, or composing providers.
  • #25 This shows the output of `terraform graph`, which gives you a visual graph of how your datacenter dependencies are laid out.