This document discusses using Chef to manage Docker containers. It begins with introducing the speaker and their background in DevOps. It then provides an overview of Docker and how it compares to virtual machines. The rest of the document discusses how Chef can be used to build Docker images, manage Docker containers running on nodes, and provide a simple continuous delivery pipeline for Docker applications using Chef and tools like Jenkins. It also discusses challenges like managing configuration and credentials in containers and provides an example of using the docker Chef cookbook to build, push, and run Docker containers in different environments.

1. @muktaa
Baking Docker using Chef
Mukta Aphale
Agile India Conf 2016, Bangalore
+

2. @muktaa
Who am I?
• C, Ruby, Java developer turned into DevOps Architect
• Contributed to Chef development
• Chef azure extension
• Knife plugins: knife-azure, knife-ec2, knife-openstack
• Knife WinRM, knife windows listener
• Worked extensively with Docker
• Docker authorized consultant
• Technology, innovation and the thirst to keep learning are what
define me
• Love to travel, read, write
• Above all, I am a mother to two boys!

3. @muktaa
Agenda
•The Chef Journey
•Container Era
•Chef + Docker
•Example
•Docker cookbook
•Example

4. @muktaa
The Chef Journey

5. @muktaa
Chef Journey
• Adam Jacob, Jessie Robbins, Barry Steinglass, Nathan Haneysmith,
Joshua Timberman
• Marionette
• Opscode
• First release: Jan 2009
• Ruby, Erlang
• Facebook, Nordstorm, Disney, GE
• Configuration Management
• Cloud Management
• Chef Delivery

6. @muktaa
Container Era

7. @muktaa
Evolution
• 2000: Jails, FreeBSD
• 2001: Linux-Vserver
• 2006: cgroups
• 2008: LXC Containers
• 2013: Docker
• June 2014: Docker 1.0
• Today: Docker 1.10.3

8. @muktaa
Docker
• Learning curve
• No need for huge investment at the early stage
• “I wont use Chef for that small deployment”
• “Now I have 100 servers. Makes sense to use Chef”
• “Now I have 100 containers. How do I manage them?”

9. @muktaa
Docker
A Quick Introduction

10. @muktaa
What is Docker?
Linux
Container
3
Components:
Docker Engine
Docker Hub
Docker Images
Benefits:
Speed
Portability
Density
Open
Source
“Can
create
lightweight,
self
sufficient
containers
from
any
application”

11. @muktaa
Docker is not a VM
Virtual Machine Docker

12. @muktaa
FROM
ubuntu:14.04
RUN
apt-­‐get
update
RUN
apt-­‐get
install
libfuse-­‐
dev
ADD
dev.conf/etc/myapp-­‐
config/
Dockerfiles
• Codify your configuration
• Set of bash commands
• Example:
• HelloScala
• Dockerfile
• dev.conf
• Docker build HelloScala

13. @muktaa
Use Cases of Docker
•Microservices
•Lightweight Testing
•Production
•CaaS
•PaaS

14. @muktaa
Chef and Docker

15. @muktaa
Config Management Vs Golden Images
•Control the environment Vs System Image /
Runtime image
•Tradeoff between flexibility and manageability
•CM is the vein of DevOps
•Shell scripts -> Chef
•Immutable Infrastructure

16. @muktaa
Chef and Docker
Replaces
Human
Tasks,
Idempotence,
Thick
client
-­‐ thin
servers,
Order
Matters,
Huge
Community
Support
An
improved
Robot,
Fast,
Easy,
Relatively
new
in
the
market!

17. @muktaa
Simple CD Pipeline
Because simple things can bring the most happiness!

18. @muktaa
Simple CI/CD Pipeline
•git
push
•Triggers
Build
Code
•Build
tools
have
docker
support
•Build
tools
generate
a
docker
image
Build
Process
Save
image
Docker
Image
Unique
tag
Docker
Registry
•docker
pull
•docker
stop
•docker
run
Deploy
using
knife-­‐
ssh or
Push
Jobs
CI
Server

19. @muktaa
The Simple Steps
• git push to https://github.com/muktaa/hello-nodejs
• Triggers a build on your CI server
• npm install, npm test
• docker push muktaa/hello-nodejs
• knifessh 'role:test''deploy.sh' -x ssh-user -i ssh-key-c knife.rb
• Some build tools offer docker integration
• Eg: Maven has docker-maven-plugin
• https://github.com/spotify/docker-maven-plugin
• mvn clean package docker:build -DpushImage

20. @muktaa
Example
• Git clone https://github.com/muktaa/hello-nodejs/
• <make changes>
• Git add, commit, push
• Jenkins Job runs
• Check image uploaded to docker hub
• Knife-ssh
• URL: http://54.218.32.234:49160/

21. @muktaa
When Reality Strikes…
If only applications were Hello World programs!

22. @muktaa
Docker Image
Application Configuration Docker Image

23. @muktaa
What is Configuration?
Packages Custom
SetupsCredentials
Softwares Database
Files
Environment
Specific
Configuration
Ports

24. @muktaa
ENVIRONMENTS
DEV
Docker
Container
Docker
Container
Docker
Container
PRE
PROD
Docker
Container
Docker
Container
Docker
Container
PROD
Docker
Container
Docker
Container
Docker
Container

25. @muktaa
Secure Credential Management
•Credentials inside docker containers
•Hard codes
•Set environment variables
•Docker-compose.yml
env_file:
- .env
SOME_USERNAME=myUser
SOME_PWD_VAR=myPwd

26. @muktaa
Provisioning Machines
• Docker engine
• Ports
• Security groups
• User access
• Eg:
• Knife ec2 server create

27. @muktaa
Docker Chef Cookbook
To manage docker images and deployment

28. @muktaa
Docker Cookbook
• Available in Supermarket:
https://supermarket.chef.io/cookbooks/docker
• Install docker
• Build docker image
• Pull image and run container
• Push docker image to registry
• LWRPs
• Docker_container
• Docker_image
• Docker_registry
• https://github.com/bflad/chef-docker/blob/master/README.md

29. @muktaa
Credential Management
secret = Chef::EncryptedDataBagItem.load_secret
@docker_cred = Chef::EncryptedDataBagItem.load(
node['docker']['creds']['databag'],
node['docker']['user'],
secret
)
docker_registry ‘https://registry.hub.docker.com/u/muktaa/hello-scala/’ do
email docker_cred['email']
username docker_cred['username']
password docker_cred['password']
end

30. @muktaa
Docker_image
# Build a dockerimage using docker_image resource
docker_image node['docker']['image'] do
tag node['docker']['image']['tag']
source'/var/docker'
action :build
end
# Push the image to docker registery
docker_image node['docker']['image'] do
action :push
end
# Delete the image from the machine
docker_image node['docker']['image'] do
action :remove
end

31. @muktaa
Docker_container
# Run Container
docker_container ‘muktaa/hello-scala’
detach true
port ‘8081:8081’, ‘8085:8085’
env ‘ENVIRONMENT=pre-prod’
volume ‘/mnt/docker/docker-storage’
action :run
end

32. @muktaa
GENERATE DOCKERFILE
# Generate a docker file using template.
template "#{node['docker']['directory']}/Dockerfile" do
source 'dockerfile.erb'
variables image: node['docker']['base']['image']['name'],
maintainer:@docker_cred['maintainer'],
email: docker_cred['email'],
build_cmd:node['docker']['build']['commands'],
entry_point: node['docker']['build']['entry_point']
action :create
end

33. @muktaa
WORKFLOW
Build
Application
• Save
the
Artifact
Build
Docker
Image
• Docker cookbook
would
build
and
save
the
docker image
to
Docker hub
or
DTR
Deploy
• Docker cookbook
runs
the
container
on
the
nodes

34. @muktaa
Docker Ecosystem
•Debugging apps in containers
•Docker networking
•Notifications
•Cluster management
•Orchestration
•Schedulers
•Service Discovery

35. @muktaa
Thank You!
aMukta@gmail.com