Docker is quickly becoming an invaluable development and deployment tool for many organizations. Come and spend the day learning about what Docker is, how to use it, how to integrate it into your workflow, and build an environment that works for you and the rest of your team. This hands-on tutorial will give you the kick-start needed to start using Docker effectively.
3. PHP Detroit 2018
What Is Docker?
“Docker is an open platform for developers and sysadmins to build,
ship, and run distributed applications. Consisting of Docker Engine, a
portable, lightweight runtime and packaging tool, and Docker Hub, a
cloud service for sharing applications and automating workflows,
Docker enables apps to be quickly assembled from components and
eliminates the friction between development, QA, and production
environments.”
3
https://www.docker.com/whatisdocker/
18. PHP Detroit 2018
Running a container
• `docker run` will run a container
• This will not restart an existing container, just create a new one
• docker run [options] IMAGE [command] [arguments]
• [options ]modify the docker process for this container
• IMAGE is the image to use
• [command] is the command to run inside the container
• [arguments] are arguments for the command
18
31. PHP Detroit 2018
Some Notes
• All three containers are 100% self contained
• Docker containers share common ancestors, but keep their own files
• `docker run` parameters:
• --rm – Destroy a container once it exits
• -d – Run in the background (daemon mode)
• -i – Run in interactive mode
• --name – Give the container a name
• -p [local port]:[container port] – Forward the local port to the container port
31
33. PHP Detroit 2018
Modifying a running container
• `docker exec` can run a command inside of an existing container
• Use Volumes to share data
33
34. PHP Detroit 2018
Persistent Data with Volumes
• You can designate a volume with –v
• Create a named volume with `volume create`
• Volumes can be shared amongst containers
• Volumes can mount data from the host system
34
40. PHP Detroit 2018
Mounting from the host isn’t perfect
• The container now has a window into your host machine
• Permissions can get screwy if you are modifying in the container
• Most things it creates will be root by default, and you probably aren’t root on
the host machine
• Host-mounted volumes are not portable at all
• OSX and Hyper-V VMs have limited pathings to mount
• OSX has poor I/O performance
40
41. PHP Detroit 2018
Named Data Volumes
• Creates a space that becomes persistent
• Can be mounted anywhere inside your images
• Have our app containers use the data volume to store data
• Use ‘editor containers’ to go in and modify data when needed
41
42. PHP Detroit 2018
vim Tutorial
• vim is a Modal text editor
• ESC will drop you back to default mode
• :new /opt/webconfig/default to create a new file
• In default mode, i will get us into interactive (edit) mode
• :w to save a file
• :q will quit
42
49. PHP Detroit 2018
Why go through the hassle?
• Data volumes are portable, depending on the driver
• Data volumes are safer
• Separates the app containers from data
• Production can use a data volume, dev can use a host volume
• Our app containers stay small
• Works directly with other tools
49
51. PHP Detroit 2018
Networking
• Docker can create multiple network “pools”
• Each container gets an IP address
• Containers can be attached to multiple networks
• Docker network allow service discovery inside networks
51
52. PHP Detroit 2018
Legacy - Docker Links
• Legacy Links work with `--link`
• Only works on the legacy “bridge” network
• Doesn’t support service discovery
• Not worth it to use anymore
52
53. PHP Detroit 2018
Docker Networks
• Discreet IP pool for containers
• Containers can be added and removed to the network at whim
• Service discovery though ‘--network-alias’
• Can be set up to work across hosts
53
59. PHP Detroit 2018
Inspect a container
docker inspect [options] CONTAINER_NAME
• Returns a JSON string with data about the container
• Can also query
• docker inspect -f “{{ .NetworkSettings.IPAddress }}” web_server
• Really handy for scripting out things like reverse proxies
59
60. PHP Detroit 2018
Work with images
• docker pull IMAGE – Pulls down an image before using
• docker images – Lists all the images that are downloaded
• docker rmi IMAGE – Deletes an image if it’s not being used
60
69. PHP Detroit 2018
Custom Images
• PHP images are pretty bare
• Lots of times need to install extensions
69
70. PHP Detroit 2018
Dockerfile
• Dockerfile is the configuration steps for an image
• Can be created from scratch, or based on another image
• Allows you to add files, create default volumes, ports, etc
• Can be used privately or pushed to Docker Hub
70
72. PHP Detroit 2018
Build it
docker build -t tag_name ./
• This runs through the Dockerfile and generates the image
• We can now use the tag name to run the image
72
95. PHP Detroit 2018
What is Docker Compose?
• Multi-container orchestration
• A single config file holds all of your container info
• Works with Docker Swarm and a few other tools, like Rancher
95
99. PHP Detroit 2018
Config for DB now points to the service
name
99
<?php
return [
'db' => [
'driver' => 'Pdo_Mysql',
'username' => 'root',
'password' => 'rootpass',
'database' => 'd4dapp',
'hostname' => 'mysqlserver'
]
];
108. PHP Detroit 2018
1. Codebase
One codebase tracked in revision control, many deploys
Madison PHP 2017 108
109. PHP Detroit 2018
Repo Tips
• Keep everything in your repository
• Tag releases
• Never move tags
Madison PHP 2017 109
110. PHP Detroit 2018
2. Dependencies
Explicitly declare and isolate dependencies
Madison PHP 2017 110
111. PHP Detroit 2018
Dependencies
• Commit both composer.json and composer.lock files
• Commit Dockerfiles to the same repo as the codebase
Madison PHP 2017 111
112. PHP Detroit 2018
3. Config
Store config in the environment
112Madison PHP 2017
113. PHP Detroit 2018
Configuration
• Anything that is environment specific should move to environment
vars
• Makes it much easier to build and deploy code
• Code cares less what external services it is talking to
113Madison PHP 2017
114. PHP Detroit 2018
Use Environment Vars
• Can specify them one-by-one
– docker run e VAR_NAME=value
• Can specify a file
– docker run envfile=filename
• Can specify in docker-compose.yml
114Madison PHP 2017
115. PHP Detroit 2018
4. Backing Services
Treat backing services as attached resources
115Madison PHP 2017
116. PHP Detroit 2018
Everything is “external”
• Never talk to local sockets
• Don’t make a determination between “locally” hosted and third party
• Easier to switch environments
• Easier to scale up
116Madison PHP 2017
117. PHP Detroit 2018
5. Build, release, run
Strictly separate build and run stages
117Madison PHP 2017
118. PHP Detroit 2018
The Workflow
• Build step installs dependencies, compiles files, and generates a Build
Artifact that can be deployed
– Does not contain any deployment configuration
• Release step pushes a Build Artifact into an environment
– Runs DB migrations, anything needed to happen before running
• Run step runs the app fully in the environment
118Madison PHP 2017
119. PHP Detroit 2018
Tips
• Build Artifact can be an image
• Builds should be completely reproducible
• Release always take a build artifact, never directly from the repo
• Tag all your builds
• Track all your releases
119Madison PHP 2017
120. PHP Detroit 2018
Build Step - Start Small
• Build your application
• Run composer
• Run npm/bower
• Build JS/CSS
• Use the compiled output to build an image with docker build
• Push full image to private registry
120Madison PHP 2017
121. PHP Detroit 2018
docker build
• Additional options to look at
• -f, --file – Specify a different filename for the Dockerfile
• --no-cache – Don’t use a cached layer
• --pull – Always pull a new version of the image
121Madison PHP 2017
124. PHP Detroit 2018
6. Processes
Execute the app as one or more stateless processes
124Madison PHP 2017
125. PHP Detroit 2018
Built Into Docker
• One Process per container
• Allows tools to scale just what needs to be scaled
• Allows images to be swapped out as needed
125Madison PHP 2017
126. PHP Detroit 2018
7. Port Binding
Export services via port binding
126Madison PHP 2017
127. PHP Detroit 2018
Built Into Docker (Again)
• Each container gets its own IP and exposes its own ports
• Processes should already be talking over a network
• Can work with service locators that are port-based
127Madison PHP 2017
128. PHP Detroit 2018
8. Concurrency
Scale out via the process model
128Madison PHP 2017
130. PHP Detroit 2018
Built Into Docker (Again) (Again)
• One Process per container
• Scale up just the container that is needed
• App should not care how many instances of each service are running
130Madison PHP 2017
131. PHP Detroit 2018
9. Disposability
Maximize robustness with fast startup and graceful shutdown
131Madison PHP 2017
132. PHP Detroit 2018
Signals
• Docker starts containers fairly quickly
• Applications should gracefully shut down, not just die
• Docker sends a SIGTERM when shutting down a container
• Your CLI apps may need to handle SIGTERM properly
– Cal Evans, “Signalling PHP”
132Madison PHP 2017
133. PHP Detroit 2018
10. Dev/prod Parity
Keep development, staging, and production as similar as possible
133Madison PHP 2017
135. PHP Detroit 2018
Logging in Docker
• Various logging options built in
– JSON file (default)
– Fluentd
– Syslog
– Journald
– Gelf
– Splunk
– Aws
– Etwlogs
– Gcplogs 135Madison PHP 2017
136. PHP Detroit 2018
Push logs remotely
• When possible, push Docker logs to a remote service
– Container logs only exist while the container exists
• Allows logs to be viewed in a single place
• No need to get into actual servers
• Can host yourself, or pay for a SaaS
• ELK stack is very popular
– Docker uses fluentd instead
136Madison PHP 2017
137. PHP Detroit 2018
12. Admin Processes
Run admin/management tasks as one-off processes
137Madison PHP 2017Madison PHP 2017
138. PHP Detroit 2018
Thank You!
• Software Engineer for InQuest
• Author of “Docker for Developers”
• https://leanpub.com/dockerfordevs
• Co-Host of “Jerks Talk Games”
• http://jerkstalkgames.com
• http://ctankersley.com
• chris@ctankersley.com
• @dragonmantank
138