docker : how to deploy Digital Experience in a container drinking a cup of coffee

Senior DevSecOps Engineer at SIGHUP
Sep. 16, 2016

More Related Content


docker : how to deploy Digital Experience in a container drinking a cup of coffee

  1. .docker : how to deploy Digital Experience in a container drinking a cup of coffee Matteo Bisi – Andrea Fontana
  2. About us 2 • Matteo Bisi – System Engineer • IBM Champion Social Business 2014,15, 16 • Blogger –, • Social: @mbisi78
  3. About us 3 • Andrea Fontana – CTO • IBM Champion Social Business 2015,16 • IBM Champion for WebSphere 2012,13,14 • IBM Advocate since 2012 • Blogger – • Social: @net2action SAP DEVELOPER BUSINESS PARTNER
  4. Docker + IBM Social Software What and why 4
  5. Docker • Docker is an open platform for developing, shipping, and running applications. • Docker is designed to deliver your applications faster. • With Docker you can separate your applications from your infrastructure and treat your infrastructure like a managed application. 5
  6. Docker and containers in a few slides Docker is a way to “package” your software in an image:  File system  System security (user/groups) & settings  TCP Network (ports that needs to be reachable)  Image inheritance is possible (incremental specialization) Docker is a way to “ship & run” your software to other systems: • Start an “image” to get a container where your software runs • Manage containers (start/stop/control etc) • The container runs regardless of the actual (underlying) system (VM, bare metal, etc) 6
  7. Docker History • Docker was released as open source in March 2013 • Solomon Hykes started Docker in France as an internal project within dotCloud, a platform-as-a-service company, with initial contributions by other dotCloud engineers including Andrea Luzzardi and Francois-Xavier Bourlet. • with the release of version 0.9, Docker dropped LXC as the default execution environment and replaced it with its own libcontainer library written in the Go programming language. (Google’s OpenSource Programming Language ) • In 2015, the project had over 25,600 GitHub, over 6,800 forks, and nearly 1,100 contributors. • In May 2016 analysis showed the following organizations as main contributors to Docker: The Docker team, Cisco, Google, Huawei, IBM, Microsoft, and Red Hat. 7
  8. The underlying technology Namespaces • Pod: pid isolation • Net: network interface • Ipc: interProcess Communication • Mnt: managing mount point • Uts: isolating kernel and version identifier Control groups limits and isolates the resource usage of a collection of processes Union File Systems operate by creating layers very lightweight and fast CONTAINER (libcontainer) 8
  9. Docker keys components 9 • Docker engine • Docker machine • Docker registry
  10. Docker Engine Docker Engine is a client-server application with these major components: • A server which is a type of long-running program called a daemon process. • A REST API which specifies interfaces that programs can use to talk to the daemon and instruct it what to do. • A command line interface (CLI) client. 10
  11. Docker Machine • Docker Machine is a tool that lets you install Docker Engine on virtual hosts, and manage the hosts with docker-machine commands. • You can use Machine to create Docker hosts on your local Mac or Windows box, on your company network, in your data center, or on cloud providers like AWS or Digital Ocean. 11
  12. Docker registry The registry is a server application that lets you distribute Docker images. 12
  13. Docker registry… On-premises Docker hub free-to-use, hosted Registry, plus additional features (organization accounts, automated builds, and more). 13
  14. Docker registry… On-premises Running your own Registry is a great solution to integrate with your CI/CD system. (Continuous Integration/Delivery) A notification from the Registry would then trigger to notify other systems that a new image is available. It’s also an essential component if you want to quickly deploy a new image over a large cluster of machines. Finally, it’s the best way to distribute images inside an isolated network. 14
  15. Availability • Linux • Windows • Mac • Aws • Azure • Bluemix • … Docker’s architecture Docker uses a client-server architecture ! The same image can run on your laptop, on your server, on your cloud 15
  16. HA is also available Starting from version 1.12 Docker swarm was integrated into Docker Engine in swarm mode: Highlights: • Cluster management integrated with Docker Engine • Multi-host networking • Load balancing • Secure by default (TLS stricly enforced for communications) • Scaling 16
  17. Why Docker Create images to support developers (standard deployment) Keep an archive of images for every software release to perform back-version debugging/testing (start a clean server in minutes) Consolidate multiple servers on a single powerful machine but maintain complete isolation 17
  18. Container vs Virtual Machine Virtual machine runs a dedicated operating system. Each VM has its own binaries/libraries and application(s) that it services, and the VM may be many gigabytes in size Each container shares the host OS kernel and, usually, the binaries and libraries, too. Shared components are read-only This makes containers exceptionally “light” – containers are only megabytes in size and take just seconds to start, versus minutes for a VM 18
  19. Yours Containers can be shipped!19
  20. And IBM ? 20
  21. IBM announces zSystem for Docker Download here: IBM and Docker offer integrated container solutions that can meet the diverse needs of enterprises. Supporting the creation and deployment of multi-platform, multi-container workloads across hybrid infrastructures, IBM and Docker accelerate application delivery and enable application lifecycle management for Dockerized containers. 21
  22. IBM announces Docker on IBM PureApplication System The good news is that Docker is now supported on IBM PureApplication v2.1! You can now use Docker containers in the virtual system patterns that you create and you can reference Docker images that are stored on Docker Hub or in a private Docker registry that runs inside PureApplication. Taking advantage of the Docker containers on PureApplication is as easy as building patterns. 22
  23. IBM Bluemix • IBM Bluemix provides built in DevOps services to manage source code and to build, test and deploy applications to Bluemix. • For more complex scenarios IBM provides the Continuous Delivery toolset UrbanCode to deploy hybrid applications to the cloud and on-premises and to deploy composite applications with multiple components or microservices. • The store application uses one container on Bluemix . Containers running in a Docker Swarm cluster on-premises. Does anyone know this guy? He is Niklas Heidloff, Developer Advocate for IBM Bluemix, working on Docker on Bluemix Environment. 23
  24. IBM Bluemix Containers Roadmap 24
  25. IBM sw supported 25 • Db2 from 10.1 10.5 , 11.1 • DB2 express * • Websphere Application Server 8.5.5 and 9.0 • Websphere Liberty profiles * • Domino is not supported (yet..) • Digital experience is not supported (yet..) Offical images available on docker hub
  26. How To: Create Docker images with IBM Social Software 26
  27. Prepare your Container • Prepare the Installation script • Using Silent installation method • Preparing the response file and whatever you need to complete setup • Create your Docker File and deploy it. 27
  28. Docker Image A docker image is a read-only template for creating containers. • Manual: Start from a base image, build your customization and commit the new image. • DockerFile: Use a script. DockerFile anatomy A “DockerFile” is a text file with docker commands, it • Declares the “base image” to inherit from • Copies files to the image filesystem • Executes commands in the image to setup things • Declares “VOLUME” mappings • Declares ports to “EXPOSE”d. 28
  29. Docker File Anatomy Identifies which folder you need to share between container and host Identifies which image you want to use Identifies which command you need to execute inside the containers FROM ubuntu:latest VOLUME [/opt/data] VOLUME [/etc] VOLUME [/home] RUN apt-get install -y aptitude net-tools libxtst6 libxi6 libcanberra-gtk3 gtk+ COPY DB2_Svr_10.5.0.3_Linux_x86-64.tar.gz /tmp/db210.5/ Copy your Packages into the containers 29
  30. Prepare IBM Silent Installation You can use the IBM installation manager from command line, and create your response file sample! IBMIM –record /tmp/was9.xml -skipInstall /tmp/IBM/ <?xml version='1.0' encoding='UTF-8'?> <agent-input> <variables> <variable name='sharedLocation' value='/opt/ibm/IMShared'/> </variables> <server> <repository location='/tmp/sw-repo/WAS_ND_9'/> <repository location='/tmp/sw-repo/SDK_JAVA_V8'/> </server> <profile id='IBM WebSphere Application Server V9.0' installLocation='/opt/ibm/WebSphere/AppServer'> <data key='cic.selector.arch' value='x86_64'/> <data key='' value='en,en'/> </profile> <install> <!-- IBM WebSphere Application Server Network Deployment --> <offering profile='IBM WebSphere Application Server V9.0' id='' version='' features='core.feature,ejbdeploy,thinclient,embeddablecontainer'/> <!-- IBM SDK, Java Technology Edition, Versione 8 --> <offering profile='IBM WebSphere Application Server V9.0' id='' version='8.0.3000.20160526_1317' features=''/> </install> 30
  31. /opt/ibm/im/eclipse/tools/imcl input /tmp/was9.xml -acceptLicense Ready to go? imcl install packageID[_version][,featureID] -repositories source_repository -installationDirectory installation_directory -accessRights mode We can use our response file Install from command line 31
  32. Was9 Docker File # Select the base image to inherit from FROM ubuntu:latest # Image description LABEL Description="WebSphere 9, HTTP 9, Plugin 9" Vendor="MSBIRO.NET" Version="1.0" # Execute unix command COPY sw-repo/* /tmp/sw-repo/ RUN apt-get update && apt-get install -y vim psmisc 32
  33. RUN /tmp/sw-repo/IM185_LNX64/installc -log log_file -acceptLicense -installationDirectory /opt/ibm/im/ RUN /opt/ibm/im/eclipse/tools/imcl input /tmp/sw-repo/RESPONSE/was9.xml -acceptLicense RUN /opt/ibm/im/eclipse/tools/imcl input /tmp/sw-repo/RESPONSE/was9supp.xml –acceptLicense RUN echo $(head -1 /etc/hosts | cut -f1) >> /etc/hosts && /opt/ibm/WebSphere/AppServer/bin/ -response /tmp/sw-repo/RESPONSE/dmgr RUN echo $(head -1 /etc/hosts | cut -f1) >> /etc/hosts && /opt/ibm/WebSphere/AppServer/bin/ -response /tmp/sw-repo/RESPONSE/appsrv01 Was9 Docker File 33
  34. Was9 Image RUN /opt/ibm/WebSphere/AppServer/bin/ -add docker-DMGR -servername dmgr -profilePath /opt/ibm/WebSphere/AppServer/profiles/Dmgr01/ -stopArgs ‘-username waslocal -password docker' RUN /opt/ibm/WebSphere/AppServer/bin/ -add docker-NA -servername nodeagent -profilePath /opt/ibm/WebSphere/AppServer/profiles/AppSrv01/ -stopArgs '-username waslocal -password docker -stopservers‘ RUN mkdir /var/lock/subsys # Volume definition VOLUME ["/opt/ibm/WebSphere/AppServer"] # port exposed to external world EXPOSE 80 443 9060 9043 RUN rm /tmp/sw-repo -R A data volume is a specially-designated directory within one or more containers that bypasses the Union File System. Data volumes provide several useful features for persistent or shared data: Volumes are initialized when a container is created. Data volumes can be shared and reused among containers. Changes to a data volume are made directly. Changes to a data volume will not be included when you update an image. Data volumes persist even if the container itself is deleted. Data volumes are designed to persist data, independent of the life cycle of the container. The EXPOSE instruction informs Docker that the container listens on the specified network ports at runtime 34
  35. LIVE DEMO 35
  36. Questions? 36
  37. LinksDocker training – online video course IBM Installation Manager resources DB2 and docker some suggestion from IBM Docker and Domino 37
  38. 38