This document discusses Dockerizing enterprise applications at Dianrong.com. It begins with an introduction of the speaker and agenda. It then provides a quick introduction to Docker and discusses why Docker was chosen, including requirements for resource sharing, simplified configuration, on-demand deployment, and security. Details are given on how Dianrong.com apps like NodeJS, Oracle, MongoDB, Redis, and MySQL have been Dockerized. Lessons learned include best practices around volumes, environment variables, image size, and known limitations of Docker.

1. Dockerizing Enterprise Apps
Docker @ Dianrong.com
Tony Wan
Principal DevOps Lead
Dianrong.com
Docker Shanghai Meetup @2015

2. About me
• EMC Labs China (2007.07 ~ 2014.01)
▫ Virtualization, cloud computing, distributed
storage
▫ Co-author:《大数据--战略•技术•实践》
• Dianrong.com (2014.01 ~ Now)
▫ DevOps lead
▫ Infrastructure setup
▫ Dockerize apps that can be dockerized

3. Agenda
• Why Docker
• Dockerize Dianrong.com
• Lesson learnt
• Q&A

4. Quick Introduction to Docker
• Lightweight container
▫ cgroups, namespaces, etc.
• But more
▫ Build: Dockerfile
▫ Ship: image & registry
▫ Run: runtime & utility tools
▫ Others: API & libs, etc.

5. Why docker?

6. The problem (or requirements)
• Resource sharing
• Simplify configuration
▫ DRY: build once, run anywhere
• On-demand deployment
▫ No interruption allowed for financial services
• Security
▫ All is about MONEY at dianrong.com

7. OS
cgroups, namespace, etc.
Libraries Libraries Libraries
Apps Apps Apps
VM vs. Docker
Host OS/Hypervisor
Guest OS Guest OS Guest OS
Libraries Libraries Libraries
Apps Apps Apps

8. Key factors in the decision
• Cost
• Technology & Knowledge
• Performance
• Easy to adopt/manage/integrate
• Production strategy

9. has been Dockerized.

10. Dockerizing Dianrong.com
Firewall
Frontend
Apps Other
Components
(redis, mongodb,
etc.)
LB1 LB2
--------------------------------------------------------------------
--------------------------------------------------------------------
…
Oracle Data Guard
Backend
Apps

11. Env & Apps
• CentOS 6.5/7
• Docker 1.3.2
• Apps
▫ NodeJS
▫ Oracle OC4J
▫ MongoDB
▫ Redis
▫ RabbitMQ
▫ MySQL
▫ …

12. CI
develop
release
master
Git Server
dianrong.com/app:rt67
dianrong.com/app:latest
dianrong.com/app:prod
Develop Build Ship Run
Jenkins Docker Registry
Build Job #1
Build Job #2
Build Job #3
QA Env
Develop Env
Stage Env
Runtimes

13. Test Cloud powered by Docker
• TestEnv as a Service
▫ Free developers from complex and error-prone
configurations
▫ Identical configuration as production env
▫ Resource sharing among many test environments,
such as DB and 3rd-party services.

14. Ops’ Dashboard

15. Open a ticket
Ticket list

16. Container
info

18. Docker: Production-ready
• Simple Architecture & Stable enough
• Monitor – restart policy
▫ Since 1.2.0 (Aug 2014)
• Security: sandbox
• API & Libs
▫ Easy to integrate or develop your own apps

19. Docker @ Dianrong production
Firewall
Docker
RegistryLB1 LB2
…
Oracle Data Guard
DockerMan
Service
Node
Service
Node
Service
Node
NodeJSNodeJSNodeJS
MainApp
MainAppMainApp
MainApp
MainAppWorkflow
Monitoring
System

20. Lesson Learnt

21. Best practices
• Volume on disk directly, instead of the default
loop device
▫ Performance
▫ Size limitation
▫ DOCKER_STORAGE_OPTIONS="--storage-opt
dm.metadatadev=/dev/vg-app/dr-metadata --
storage-opt dm.datadev=/dev/vg-app/dr-data"
• Identify varieties and use environment variables
for changes
• Tips to minimize Docker images

22. Nothing will ever be 100% perfect
• Interruption across updates
▫ https://github.com/docker/docker/issues/2658
• Granularity of access control
• User mapping
• Poor network to the official registry from China
▫ DaoCloud.io, docker.cn, dockerpool.com
• Network virtualization
▫ http://www.slideshare.net/adrienblind/docker-
networking-basics-using-software-defined-networks
▫ But not good enough

23. Q & A

24. THANKS!