How Reconnix Is Using Docker

Docker is an open-source
engine that automates the
deployment of any
application as a lightweight,
portable, self-sufficient
container that will run
virtually anywhere.

Great, another
virtualisation technology?

Guest OS
Hypervisor
Host OS
Server
Guest OS
App A
Bins / Libs
App B
Bins / Libs
Virtual Machines
App A
Bins / Libs
Docker Engine
Host OS
Server
App B
Bins / Libs
Docker

Docker is ....
• Written in GO, originally written in Python
• A simple CLI and REST-like API to ….
• LXC (Linux Containers)
• Namespace - Isolate processes
• cGroups - Provision resources for processes
• UnionFS & AUFS Support - For images
• Linux Containers have been around for years !!

Example Dockerfile.
FROM russmckendrick/base:latest
MAINTAINER Russ McKendrick <russ.mckendrick@reconnix.com>
ADD nginx.repo /etc/yum.repos.d/
RUN yum -y install nginx mariadb php php-fpm php-mysql php-pdo
php-devel php-gd php-pecl-memcache php-pspell php-snmp
php-xmlrpc php-xml python-setuptools && yum clean all
RUN easy_install pip && pip install "pip>=1.4,<1.5" --upgrade
&& pip install supervisor
RUN useradd webserver -u 666 && gpasswd -a webserver apache
ADD conf-supervisord.conf /etc/supervisord.conf
ADD default.conf /etc/nginx/conf.d/default.conf
RUN curl -sS https://getcomposer.org/installer | php && mv
composer.phar /usr/local/bin/composer
ADD run /usr/local/bin/
RUN chmod +x /usr/local/bin/run
CMD ["/usr/local/bin/run"]
bootfs
Kernel
Base Image
russmckendrick/base
RUN yum -y install
Image
RUN easy_install pip
Image
Writable
Container
Containers, images & AUFS

Docker images can be pulled
from the following sources.
• Docker Hub (http://hub.docker.com/)
• Third party hosts such as quay.io
• A Private Docker Registry (self hosted)
• Or build as needed on your host machine
using Dockerfiles

Launching Containers.
To launch two containers &
link them together run:
docker run -d --name="database" -v /home/containers/database:/var/
lib/mysql -e MYSQL_ROOT_PASSWORD=y0Urp455w0rd -e
MYSQL_DATABASE=wibble -e MYSQL_USER=rah -e
MYSQL_PASSWORD=y0UrDbP455w0rD russmckendrick/mariadb
docker run -d -p 80 --name=“webserver” -v /home/containers/web:/
var/www/html -e VIRTUAL_HOST=demo.docker.reconnix.com -e
PHP_POOL=demoapp --link database:db russmckendrick/nginx-php

Docker has a large
Eco System & Community.
Ansible (http://www.ansible.com/home) | AWS Beanstalk (https://aws.amazon.com/elasticbeanstalk/)
Blockade (http://blockade.readthedocs.org/en/latest/) | Chef (http://www.getchef.com/)
Clocker (https://github.com/brooklyncentral/clocker) | Consul (http://www.consul.io/)
Crane (https://github.com/michaelsauter/crane) | Decking.io (http://decking.io/) | Deis (http://deis.io/)
Dockerize (https://dockerize.it/) | Dockermix (https://github.com/kstaken/dockermix)
DockerUI (https://github.com/crosbymichael/dockerui) | Dokku (https://github.com/progrium/dokku/)
Drydock (https://github.com/xpensia/drydock) | Fig (http://orchardup.github.io/fig/)
Flynn (http://flynn.io) | Gaudi (https://github.com/marmelab/gaudi)
GearD (http://openshift.github.io/geard/) | Guardrail (https://www.scriptrock.com/)
Kubernetes (https://github.com/GoogleCloudPlatform/kubernetes)
Maestro (https://github.com/toscanini/maestro) | MaestroNG (https://github.com/signalfuse/maestro-ng)
Octohost (http://www.octohost.io/) | Packer.io (http://www.packer.io)
Puppet (https://www.puppetlabs.com) | Shipper (https://github.com/mailgun/shipper)
Shipyard (https://github.com/shipyard/shipyard) | Stackmachine (https://stackmachine.com/)
Stampede.io (https://github.com/cattleio/stampede)
Vagrant (https://github.com/welvet/docker_vagrant)

Reconnix needed …
• Something that was light weight
• Something which is developer friendly
• Something which could run anywhere Docker
is installed

Fig …
• Is a developer friendly wrapper for Docker
• Provides isolated development environments
• Can scale up & down with a single command
• Allows you to ship your configuration
• Uses an easy to follow syntax which is similar
to the flags used by Docker, but in a single
YAML file
• Has a “run once” feature meaning you can a
single commands on a Container, useful for
PHPUnit etc
• Is now owned by Docker, Inc.

Example fig.yml.
webserver:
image: russmckendrick/nginx-php
volumes:
- ./web:/var/www/html/
ports:
- 80
environment:
PHP_POOL: demoapp
VIRTUAL_HOST: demo.docker.reconnix.com
links:
- databaseserver:db
databaseserver:
image: russmckendrick/mariadb
volumes:
- ./database:/var/lib/mysql/

How do we route web traffic
in a way which doesn’t
complicate things?
• Wildcard DNS e.g. *.docker.reconnix.com
• A Proxy which automatically configures itself …

To launch a container which acts a http proxy run;
docker run -d -p 80:80 --name=“router” -v /var/run/
docker.sock:/tmp/docker.sock -t russmckendrick/nginx-proxy
it binds to port 80 & watches for containers
launching which have the “VIRTUAL_HOST=”
variable set. When one launches it reconfigures
NGINX to route to the containers port 80.

If you need access to the containers there is no need
to configure SSH.
“nsenter” & “docker-enter”
these easily allow you to access the containers via a
console.

There are lots of options
for Production.
• Replicate development environment on a
single server or VM
• Use a Clustered Operating System such as
CoreOS
• Run multiple servers with shared storage
• Run a Galera cluster or DBaaS for database

Example: Legacy Code.
• Docker image with PHP4 installed
• CPU & Memory limits put in place
• Code mounted read-only
• “Media” directories can be mounted no-exec
• This means:
• If hacked, only container exposed
• Can easily rebuild if needed
• Very easy to migrate

How Reconnix Is Using Docker

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to How Reconnix Is Using Docker

Similar to How Reconnix Is Using Docker (20)

Recently uploaded

Recently uploaded (20)

How Reconnix Is Using Docker