Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Building Docker images with Puppet


Published on

Background on DataCentred, its use of OpenStack and Ceph, a proposed workflow for building Docker images with Puppet, and why we'd want to do such a thing.

Presented at the first Docker Manchester meetup on 21/07/16.

GitHub repo with the configuration used during the demo is here:

Published in: Technology
  • Be the first to comment

Building Docker images with Puppet

  1. 1. Building Docker Images With PuppetNick Jones, DataCentred @yankcrime
  2. 2. Schedule DataCentred overview Why Docker Why Puppet Demo Problems / solutions Wrap-up
  3. 3. OpenStack Keystone, Nova, Neutron, Glance, Cinder, Horizon, etc. KVM Open vSwitch Control, compute, network, data nodes
  4. 4. OpenStack Services Galera RabbitMQ MongoDB Memcache Apache httpd Haproxy & keepalived
  5. 5. Ceph Loadbalancers Gateways Monitors OSDs
  6. 6. Monitoring Icinga2 Telegraf, InfluxDB, Grafana ElasticSearch, Logstash, Kibana
  7. 7. Services CI - Jenkins DNS, TFTP, DHCP IPAM Mirrors
  8. 8. Puppet Puppet Master PuppetDB Puppet CA Foreman
  9. 9. ಠ_ಠ
  10. 10. Puppet With Puppet you use a common language to describe what you want your infrastructure to look like, and Puppet makes it happen - and helps you keep it that way.
  11. 11. OpenStack Infrastructure Overview
  12. 12. OpenStack Control Nodes
  13. 13. OpenStack Control Node
  14. 14. Why Docker Consolidate OpenStack components into discrete building blocks Mix-and-match versions of components Ease the pain of upgrades
  15. 15. Why Configuration Management Need to build custom images Harness the power of something that's the right tool for the job Puppet incumbent for configuration management, would like to reuse data Make the two work together
  16. 16. Assumptions Containers should be ephemeral Running SSH in a container is out Running Puppet as an agent in a container is out
  17. 17. Typical Dockerfile FROM phusion/baseimage:0.9.15 ENV HOME /root ENV LANG en_US.UTF-8 RUN locale-gen en_US.UTF-8 RUN ln -s -f /bin/true /usr/bin/chfn RUN apt-get update && apt-get -y upgrade [..] RUN apt-get remove -y --auto-remove openstack-dashboard-ubuntu-theme ADD /etc/openstack-dashboard/ VOLUME ["/etc/openstack-dashboard"] ADD openstack-dashboard.conf /etc/apache2/conf-available/openstack-dashboard.conf ADD /etc/service/memcached/run ADD /etc/service/apache2/run
  18. 18. With Puppet FROM puppet:latest MAINTAINER Nick Jones "" ENV FACTER_role='horizon' RUN puppet apply --verbose --modulepath /puppet/modules --hiera_config /puppet/hiera.yaml --manifestdir /puppet/ /puppet/default.pp RUN apt-get -y clean && rm -rf /puppet EXPOSE 80 CMD ["/usr/bin/supervisord", "-n"]
  19. 19. Another Example FROM puppet:latest MAINTAINER Nick Jones "" ENV FACTER_role='database' ENV FACTER_container='dischord_database' RUN puppet apply --debug --verbose --modulepath /puppet/modules --hiera_config /puppet/hiera.yaml --manifestdir /puppet/ /puppet/default.pp RUN apt-get -y clean && rm -rf /puppet EXPOSE 3306 VOLUME /var/lib/mysql CMD ["/usr/bin/supervisord", "-n"]
  20. 20. Database Container database.yaml: classes: - '::profile::mariadb' dischord_database.yaml: databases: 'fever': 'user': 'fever' 'password': 'xxx' 'host': '%' service: 'mariadb-server': 'command': '/usr/sbin/mysqld'
  21. 21. Puppet class profile::mariadb { include ::mysql::server create_resources(::mysql::db, hiera('databases')) }
  22. 22. Demo Building a Horizon image
  23. 23. What doesn't work so well Repo data in images Breaks image layers philosophy Puppet modules not handling container behaviour Lack of support in Puppet's RAL for minimal distros
  24. 24. Solutions Mount configuration data repo at build - Rocker! Build API OCI Image Format Specification Alternative configuration management tools: —mgmt —Habitat
  25. 25. Questions?
  26. 26. References applications-inside-docker