5. Image
• Layers
• Read Only
• Running image is container
Base Image (Ubuntu / Alpine)
Apps PHP, extensions, vim,
runtime configuration
Your configuration +
ceritificates
Your codeRead only
Cache warm up
6. Container
• Running image
• The last layer of image
• Only layer that is writable
Base Image (Ubuntu / Alpine)
Apps PHP, extensions, vim,
runtime configuration
Your configuration +
ceritificates
Your code
Running container (tmp files)
Read only
Writable
Cache warm up
7. Production & test Image
Base Image (Ubuntu / Alpine)
Apps PHP, extensions, vim,
runtime configuration
Your prod configuration +
ceritificates
Your code
Bonami Base
Cache warm up
Your test configuration +
ceritificates
Test tools (PHPUnit)
Cache warm up
Production image
Test image
8. Source
Code
repo
Docker
Registry
How does it work?
Dockerfile
For
Core,
Test, Prod
Docker Engine
Push
Docker
Production server + Docker
Push
Search
Pull
Run
HostCI server
ContainerA
ContainerB
ContainerC
BaseImage
Local DEV machine CI server Production
Test Image
Prod Image
Search
Pull & Run
Docker
Test server + Docker
ContainerA
ContainerB
ContainerC
Build
9. Bonami Base – Dockerfile
FROM registry.bonami.cz/bonami/fedora
ENV TERM xterm
RUN dnf install -y
php-fpm php-cli php-curl php-intl php-mysql php-mcrypt php-gd php-redis php-igbinary
php-pecl-http php-pecl-imagick php-bcmath vim sudo php-mbstring php-xml php-soap php-pdo
php-mysqlnd php-opcache php-twig redis php-pecl-apcu msmtp nginx tar &&
curl -SLO "https://nodejs.org/dist/v0.12.7/node-v0.12.7-linux-x64.tar.gz" &&
tar -xzf "node-v0.12.7-linux-x64.tar.gz" -C /usr/local --strip-components=1 &&
rm -f /node-v0.12.7-linux-x64.tar.gz &&
mkdir -p /var/www/bonami-web &&
echo "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" >> /etc/environment &&
dnf clean all &&
rm -rf /var/cache/dnf &&
rm -rf /var/log/dnf &&
sed -i -e "s/([;]*)(upload_max_filesize[ t]*=)(.*)$/2 16M /g" /etc/php.ini &&
sed -i -e "s/([;]*)(date.timezone[ t]*=)(.*)$/2 "Europe/Prague" /g" /etc/php.ini
11. #!/bin/bash
case "$1" in
fpm)
echo "PHP-FPM starting on port 9000..."
exec ${fpmBinary} -F
;;
cron)
if [ ! -f $DIR/tools/docker/crontab/$2 ]; then
echo "error: specified crontab does not exist in crontab directory" >&2; exit 1
fi
echo "Crontab $2 starting..."
exec sudo -u $wwwUser ${cronBinary} $DIR/tools/docker/crontab/$2
;;
daemon|job|script|tool)
if [ -z $2 ] || [ ! -x $DIR/bin/$1s/$2 ]; then
echo "error: $1 does not exist" >&2; exit 1
fi
arr=(sudo -u $wwwUser BONAMI_ENVIRONMENT=prod $DIR/bin/$1s/$2)
exec "${arr[@]}"
;;
bash)
exec /bin/bash
;;
static)
echo "Static content is served on port 8080..."
exec /usr/sbin/nginx -g "daemon off;"
;;
echo $"Usage: {fpm|daemon|job|cron|bash|script|static|tool|git_hash}"
exit 2
esac
Entrypoint
12. Some guidelines
• Only one application in container (no Supervisord)
• There is no need for SSHd (we have Docker exec)
• Keep the container small (remove all that is not necessary)
• Keep layers count small
• If you use some tmp files, delete them in same layer
13. How to deploy our image?
boch@bart.bonami.cz~$ sudo docker run -d --log-opt "gelf-
address=udp://quimby.bonami.cz:12201" --name "bonamiweb-fpm" --
log-driver "gelf" --volume "/tmp:/tmp" --net "host" --restart
"always" registry.bonami.cz/bonami/bonamiweb:latest daemon
flexibee-queue-daemon
14. Fabric
• SSH Connection manager + some usefull tools
• Written in Python
• http://www.fabfile.org/