Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Docker / Ansible

1,940 views

Published on

Docker / Ansible

Published in: Technology

Docker / Ansible

  1. 1. Docker / Ansible
 
 Stéphane Manciot 19/02/2015
  2. 2. Problem - the matrix from Hell
  3. 3. LXC - the intermodal shipping container
  4. 4. LXC - main features ○ Portability ○ run everywhere ○ regardless of kernel version ○ regardless of host distro ○ run anything ○ if it can run on the host, it can run in the container ○ i.e., if it can run on a Linux kernel, it can run ○ Isolation (namespaces) ○ Control resources (cgroups) ○ Lightweight VM (own process space, own network interface …) without performance penalty (no device emulation)
  5. 5. DevOps - separation of concerns ○ Developer - Inside the container ○ my code ○ my libraries ○ my package manager ○ my app ○ my data ○ Operational - Outside the container ○ logging ○ remote access ○ network configuration ○ monitoring
  6. 6. Docker - main features ○ a single application virtualization engine based on containers ○ a standard, reproductible way to easily build and share trusted images (Dockerfile, Stackbrew, docker-registry …) ○ each image is a stack of layers (1 layer = tarball + metadata) ○ a daemon running in the background ○ manages containers, images and builds ○ HTTP api (over UNIX or TCP socket) ○ embedded CLI talking to the api
  7. 7. LXC versus Docker
  8. 8. Docker - PaaS ○ Portability ○ Fast provisioning (Another Union File System) ○ Performance ○ processes are isolated, but run straight on the host ○ CPU performance = native performance ○ almost native memory performance ○ network performance = small overhead
  9. 9. Docker - quick start ○ search an image : sudo docker search debian ○ list images : sudo docker images ○ download an image : sudo docker pull debian ○ run a container : sudo docker run [OPTIONS] IMAGE[:TAG] [COMMAND] [ARGS…] ○ list all containers : sudo docker ps -a ○ find the id of the last launched container : sudo docker ps -l ○ commit container updates : sudo docker commit ID [IMAGE[:TAG]] ○ inspect a container : sudo docker inspect ID ○ upload an image : sudo docker push IMAGE
  10. 10. Exercise ○ create a docker image from the latest debian image including oracle java7 as debian:oracle- java7 ○ http://www.webupd8.org/2012/06/how-to-install- oracle-java-7-in-debian.html
  11. 11. Dockerfile ○ Usage : sudo docker build -t=“IMAGE[:TAG]” . ○ Format : ○ # Comment ○ INSTRUCTION arguments ○ FROM image[:TAG] ○ MAINTAINER <name> ○ RUN <command> ○ CMD [“executable","param1","param2"] | CMD [“param1","param2"] | CMD command param1 param2
  12. 12. Dockerfile ○ EXPOSE <port> [<port>…] ○ ENV foo bar | ENV foo=bar ○ ADD <src>... <dest> ○ ADD hom* /mydir/ ○ ADD hom?.txt /mydir/ ○ ADD test aDir/ ○ COPY <src>... <dest> ○ ENTRYPOINT ["executable", "param1", “param2"] ○ VOLUME [“/data"] ○ WORKDIR /path/to/workdir ○ ONBUILD [INSTRUCTION]
  13. 13. Dockerfile - best practices ○ add a .dockerignore file ○ avoid installing unnecessary packages ○ run only one process per container ○ minimize the number of layers ○ put long or complex RUN statements on multiple lines separated with backslashes ○ sort multi-line arguments ○ prefer COPY to ADD ○ use VOLUME for any mutable parts of your image
  14. 14. Dockerfile - Examples ○ apache2
  15. 15. Dockerfile - Examples
  16. 16. Exercise ○ create a docker image from the latest debian image including oracle java7 as dockerfile/ debian:oracle-java7 using Dockerfile ○ http://www.webupd8.org/2012/06/how-to-install- oracle-java-7-in-debian.html
  17. 17. Docker - overriding image defaults ○ CMD ○ sudo docker run [OPTIONS] IMAGE[:TAG] [COMMAND] [ARGS...] ○ ENTRYPOINT ○ sudo docker run -i -t --entrypoint /bin/bash example/redis ○ EXPOSE (incoming ports) ○ --expose=[]: Expose a port or a range of ports from the container without binding ○ -P : bind the exposed ports to a random port on the host between 49153 and 65535 ○ -p [ip:][hostPort:]containerPort ○ --link <name or id container>:alias
  18. 18. Docker - overriding image defaults ○ ENV ○ sudo docker run -e "deep=purple" --rm ubuntu /bin/bash -c export ○ VOLUME ○ -v=[]: Create a bind mount with: [host-dir]: [container-dir]:[rw|ro] ○ --volumes-from CONTAINER : share volumes with another container ○ USER ○ -u="": Username or UID ○ WORKDIR ○ -w="": Working directory inside the container
  19. 19. Docker - ambassador pattern (consumer) --> (es_http_client) ---network---> (es_ambassador) --> (es) ○ vagrant ssh mogobiz-db ○ sudo docker run -d --name es -P --volumes-from elasticsearch mogobiz/ elasticsearch-1.3.6 ○ sudo docker run -d --link es:es --name es_ambassador -p 192.168.56.110:19200:9200 -p 192.168.56.110:19300:9300 svendowideit/ ambassador ○ vagrant ssh mogobiz-web ○ sudo docker run -d --name es_http_client --expose 9200 -e ELASTICSEARCH_PORT_9200_TCP=tcp://192.168.56.110:19200 svendowideit/ambassador ○ sudo docker run -t -i --rm --link es_http_client:elasticsearch --link mogobiz_db_client:mogobiz_db --name consumer -p 8080 busybox sh ○ / # env
  20. 20. Ansible and docker ○ Build new image ○ Run a container
  21. 21. Vagrant and Ansible
  22. 22. Vagrant and Ansible

×