SlideShare a Scribd company logo
1 of 45
Download to read offline
Groovy, there is a docker in
my application pipeline
Kris Buytaert
@krisbuytaert
Kris BuytaertKris Buytaert
● I used to be a Dev,I used to be a Dev,
● Then Became an OpThen Became an Op
● Chief Trolling Officer and Open SourceChief Trolling Officer and Open Source
Consultant @Consultant @inuits.euinuits.eu
● Everything is an effing DNS ProblemEverything is an effing DNS Problem
● Building Clouds since before the bookstoreBuilding Clouds since before the bookstore
● Some books, some papers, some blogsSome books, some papers, some blogs
● Evangelizing devopsEvangelizing devops
● Organiser of #devopsdays, #cfgmgmtcamp,Organiser of #devopsdays, #cfgmgmtcamp,
#loadays, ….#loadays, ….
● Part of the travelling geek circusPart of the travelling geek circus
What's this devopsWhat's this devops
thing anyhow ?thing anyhow ?
C(L)AMSC(L)AMS
● CultureCulture
● (Lean)(Lean)
● AutomationAutomation
● MeasurementMeasurement
● SharingSharing
Damon Edwards and John WillisDamon Edwards and John Willis
Gene KimGene Kim
NirvanaNirvana
An “ecosystem” that supports continuous delivery, fromAn “ecosystem” that supports continuous delivery, from
infrastructure, data and configuration management toinfrastructure, data and configuration management to
business.business.
Through automation of the build, deployment, and testingThrough automation of the build, deployment, and testing
process, and improved collaboration between developers,process, and improved collaboration between developers,
testers, and operations, delivery teams can get changestesters, and operations, delivery teams can get changes
released in a matter of hours — sometimes even minutes–noreleased in a matter of hours — sometimes even minutes–no
matter what the size of a project or the complexity of its codematter what the size of a project or the complexity of its code
base.base.
Continuous Delivery , Jez HumbleContinuous Delivery , Jez Humble
This talk:This talk:
Journey / Early steps of a team that is used toJourney / Early steps of a team that is used to
infrastructure as codeinfrastructure as code
Adopting containers step by step.Adopting containers step by step.
Build PipelinesBuild Pipelines
Jenkins PipelineJenkins Pipeline
" Our job as engineers (and ops, dev-ops, QA," Our job as engineers (and ops, dev-ops, QA,
support, everyone in the company actually) is tosupport, everyone in the company actually) is to
enable the business goals. We strongly feel thatenable the business goals. We strongly feel that
in order to do that you must havein order to do that you must have the ability tothe ability to
deploy code quickly and safelydeploy code quickly and safely. Even if the. Even if the
business goals are to deploy strongly QA’d codebusiness goals are to deploy strongly QA’d code
once a month at 3am (it’s not for us, we push allonce a month at 3am (it’s not for us, we push all
the time), having a reliable and easythe time), having a reliable and easy
deployment should bedeployment should be non-negotiablenon-negotiable."."
Etsy Blog upon releasing DeployinatorEtsy Blog upon releasing Deployinator
http://codeascraft.etsy.com/2010/05/20/quantum-of-deployment/http://codeascraft.etsy.com/2010/05/20/quantum-of-deployment/
We need :We need :
AnAn unmodifiedunmodified artifact from build to deploy.artifact from build to deploy.
SameSame artifact on dev, staging, acceptance,artifact on dev, staging, acceptance,
production, shadow, dr …production, shadow, dr …
Why ops like to packageWhy ops like to package
● Packages give you featuresPackages give you features
•Consistency, security, dependenciesConsistency, security, dependencies
● Uniquely identify where files come fromUniquely identify where files come from
•Package or cfg-mgmtPackage or cfg-mgmt
● Source repo not always availableSource repo not always available
•Firewall / Cloud etc ..Firewall / Cloud etc ..
● Weird deployment locations , no easy accessWeird deployment locations , no easy access
● Little overhead when you automateLittle overhead when you automate
● CONFIG does not belong in a packageCONFIG does not belong in a package
Example app for today :Example app for today :
DashingDashing
Dashing is DeadDashing is Dead
● No it has been forkedNo it has been forked
● https://github.com/dashing-io/dashinghttps://github.com/dashing-io/dashing
● s/dashing/smashing/g;s/dashing/smashing/g;
Dashing {su/ro}cksDashing {su/ro}cks
The GoodThe Good
● Lots of existingLots of existing
widgetswidgets
● Easy to startEasy to start
● Simple rubySimple ruby
● Eventstream forEventstream for
debuggingdebugging
The UglyThe Ugly
● Ruby Gem hellRuby Gem hell
● Widget DeploymentWidget Deployment
from a Gist ?from a Gist ?
● No config separationNo config separation
Deploying DashingDeploying Dashing
● gem install dashinggem install dashing
● gem install is the new maven downloading thegem install is the new maven downloading the
internetinternet
● Reproducable ?Reproducable ?
A typical deploymentA typical deployment
● P all software is packagedP all software is packaged
•
CentOS mostlyCentOS mostly
•
RPM generated with fpmRPM generated with fpm
•
Build in Jenkins, uploaded to pulpBuild in Jenkins, uploaded to pulp
● C config is managed by PuppetC config is managed by Puppet
● S service is managed by PuppetS service is managed by Puppet
Building Ruby/python/nodeBuilding Ruby/python/node
● We need a chrootWe need a chroot
● With the right ruby/python versionWith the right ruby/python version
● With the right dependenciesWith the right dependencies
● IsolatedIsolated
● Ruby => rvmRuby => rvm
● Ruby 2.1 (dashing is pretty picky aboutRuby 2.1 (dashing is pretty picky about
versions)versions)
● What about we try this in a container ?What about we try this in a container ?
Pipelines ?Pipelines ?
● One to build basic dashingOne to build basic dashing
● One to build and deploy the dashboards, scriptsOne to build and deploy the dashboards, scripts
and all other dashing related stufand all other dashing related stuf
•
No hacking In production,No hacking In production,
•
Dashboards are production viewsDashboards are production views
•
Dev → prod promotionsDev → prod promotions
JenkinsJenkins
● Starting point :Starting point :
•
Dev jenkinsDev jenkins
•
1 master (no running jobs)1 master (no running jobs)
•
Multiple slavesMultiple slaves
● Production : diferent jenkins stack with similarProduction : diferent jenkins stack with similar
pipelinespipelines
● We need to be able to reproduce a pipelineWe need to be able to reproduce a pipeline
Building a dashingBuilding a dashing
container step 0container step 0
● Empty / standard distro containerEmpty / standard distro container
updatesupdates
add fpmadd fpm
epel and build dependenciesepel and build dependencies
● Triggering docker from the cli, no plugin inTriggering docker from the cli, no plugin in
Jenkins used (coz Bugz)Jenkins used (coz Bugz)
● $customer environment requires http_proxy$customer environment requires http_proxy
Puppet & DockerPuppet & Docker
● https://github.com/garethr/garethr-dockerhttps://github.com/garethr/garethr-docker
Building a dashingBuilding a dashing
container step 1container step 1
● Read rvm installation docsRead rvm installation docs
● frownfrown
● Frown againFrown again
● Containers => YoloContainers => Yolo
● fpm the whole treefpm the whole tree
Building a dashingBuilding a dashing
container step 2container step 2
● Take rvm containerTake rvm container
● rvm install ruby-2.1rvm install ruby-2.1
● fpm -s dir -t rpm -n rvm-ruby -v 2.1.8fpm -s dir -t rpm -n rvm-ruby -v 2.1.8
/usr/local/rvm/rubies/ruby-2.1.8/usr/local/rvm/rubies/ruby-2.1.8
Building a dashingBuilding a dashing
container step 3container step 3
● Take ruby-2.1 containerTake ruby-2.1 container
● rvm use 2.1rvm use 2.1
● gem install bundlegem install bundle
● gem install dashing (fills /usr/local/rvm/gems/ruby-gem install dashing (fills /usr/local/rvm/gems/ruby-
2.1.8 with gems2.1.8 with gems
● mkdir -p /opt/dashing/ && dashing new dashboardmkdir -p /opt/dashing/ && dashing new dashboard
● cd /opt/dashing/dashboardcd /opt/dashing/dashboard
● bundle installbundle install
● Now we have a “reproducable” container whichNow we have a “reproducable” container which
will show an empty default dashboard uponwill show an empty default dashboard upon
launchinglaunching
● We also have an artifact which we can redeployWe also have an artifact which we can redeploy
● We killed most of those layers afterwardsWe killed most of those layers afterwards
Deploying DashboardDeploying Dashboard
widgetswidgets
dashing installdashing install
GIST_IDGIST_ID
A dashboardA dashboard
● git repo withgit repo with
•
Dashboards (html/erb)Dashboards (html/erb)
•
JobsJobs
•
Mostly with datasources hardcoded inMostly with datasources hardcoded in
scriptsscripts
•
Not multitenantNot multitenant
•
WidgetsWidgets
● Pipeline to deploy and test thatPipeline to deploy and test that
Deploying theDeploying the
dashboardsdashboards
● From dashing containerFrom dashing container
● Cleanup default dashboards (twitter example)Cleanup default dashboards (twitter example)
● Bundle installBundle install
•
ruby scripts have dependenciesruby scripts have dependencies
● Package dependenciesPackage dependencies
•
actually whole /usr/local/rvmactually whole /usr/local/rvm
● Package dashboardPackage dashboard
Testing the dashboardsTesting the dashboards
● Not all deploys were workingNot all deploys were working
● New job, required gems are missingNew job, required gems are missing
● TestingTesting
•
Build container with most recent dashboardBuild container with most recent dashboard
•
Based on the rpm'sBased on the rpm's
•
docker run -p 0.0.0.0:3030:3030 -ddocker run -p 0.0.0.0:3030:3030 -d
dashing/dashboardsdashing/dashboards
•
wget http://localhost:3030/wget http://localhost:3030/
Deploying theDeploying the
dashboardsdashboards
● Deploy 2 rpms on vm's via mcollectiveDeploy 2 rpms on vm's via mcollective
•
dashing-gemsdashing-gems
•
dashing-dashboarddashing-dashboard
on nodes with profile_dashingon nodes with profile_dashing
● mco package update dashing-gems -Fmco package update dashing-gems -F
environment=svc1prd -C profile_dashingenvironment=svc1prd -C profile_dashing
We need a local dockerWe need a local docker
images repositoryimages repository
● Distributed Jenkins (master + multiple slaves)Distributed Jenkins (master + multiple slaves)
● An image build on node X is not available onAn image build on node X is not available on
node Ynode Y
● Tests run on other nodeTests run on other node
docker push dashing/dashingdocker push dashing/dashing
docker push dashing/dashboardsdocker push dashing/dashboards
We need a local dockerWe need a local docker
images repositoryimages repository
● Pulp ?Pulp ?
•
Read only (August 2016)Read only (August 2016)
•
Good for mirrorsGood for mirrors
● Nexus / ArtifactoryNexus / Artifactory
● Docker registry (obsolete, used to be only in aDocker registry (obsolete, used to be only in a
container)container)
● Docker-distribution : packages availableDocker-distribution : packages available
Docker IncompatibilitiesDocker Incompatibilities
● Search path for imagesSearch path for images
•
Local firstLocal first
•
Upstream afterwardsUpstream afterwards
Docker Inc says NODocker Inc says NO
Redhat says YesRedhat says Yes
● --build-args -e--build-args -e
•
Redhat vs Docker implementation diferRedhat vs Docker implementation difer
Problems solvedProblems solved
● Chrooted package build, no complex mockChrooted package build, no complex mock
setups or specfilessetups or specfiles
● Internal docker repo allows reuse of buildInternal docker repo allows reuse of build
images on other nodesimages on other nodes
● Jenkins and docker “integration”Jenkins and docker “integration”
Rinse & RepeatRinse & Repeat
● Similar patterns forSimilar patterns for
•
Python , php, etc.Python , php, etc.
● Test can now run in containers with the correctTest can now run in containers with the correct
versionversion
● Tests can be run with multiple versions of php/Tests can be run with multiple versions of php/
phython/ruby etc..phython/ruby etc..
Can you Automate yourCan you Automate your
Pipeline Creation ?Pipeline Creation ?
● Pipeline as CodePipeline as Code
● Jenkins Job DSLJenkins Job DSL
● Pipeline PluginPipeline Plugin
Building the PipelineBuilding the Pipeline
● Dev environment for JenkinsDev environment for Jenkins
•
Fully puppetizedFully puppetized
● JobsJobs
•
Jenkins Job DSL PluginJenkins Job DSL Plugin
•
https://wiki.jenkins-ci.org/display/JENKINS/Johttps://wiki.jenkins-ci.org/display/JENKINS/Jo
b+DSL+Pluginb+DSL+Plugin
•
SeedjobSeedjob
● GroovyGroovy
● GitGit
● Rebuild jobs onRebuild jobs on
commitcommit
● Keep numbersKeep numbers
● Projects in foldersProjects in folders
A dsl projectA dsl project
def foldername = 'project-x'def foldername = 'project-x'
folder(“${foldername}”)folder(“${foldername}”)
job(“${foldername}/XYZ”) {}job(“${foldername}/XYZ”) {}
job(“${foldername}/ABC”) {}job(“${foldername}/ABC”) {}
buildPipelineView(“${foldername}/pipeline”)buildPipelineView(“${foldername}/pipeline”)
{ selectedJob(“${foldername}/XYZ”) }{ selectedJob(“${foldername}/XYZ”) }
dashing dsl projectdashing dsl project
job("${foldername}/dashing-dashboard-build")job("${foldername}/dashing-dashboard-build")
job("${foldername}/dashing-dashboard-test")job("${foldername}/dashing-dashboard-test")
job("${foldername}/dashing-upload2repo")job("${foldername}/dashing-upload2repo")
job("${foldername}/dashing-dashboard-deploy")job("${foldername}/dashing-dashboard-deploy")
job("${foldername}/dashing-dashboard-deploy-prd")job("${foldername}/dashing-dashboard-deploy-prd")
job("${foldername}/dashing-build")job("${foldername}/dashing-build")
Job partsJob parts
● Logrotator : how long to keep buildsLogrotator : how long to keep builds
● Scm : git configScm : git config
● Trigger : when to buildTrigger : when to build
● Label : where to runLabel : where to run
● Steps : shell(readFileFromWorkspace('file.sh'))Steps : shell(readFileFromWorkspace('file.sh'))
● publisherspublishers
Publisher PartsPublisher Parts
● PublishBuildPublishBuild
● CloneWorkspacePublisherCloneWorkspacePublisher
● ArchiveArtifactsArchiveArtifacts
● Downstreamparametrized …Downstreamparametrized …
Pipeline Problems solvedPipeline Problems solved
● No more promoted build pluginNo more promoted build plugin
•
Manual promote in pipelineManual promote in pipeline
•
Easy visabilityEasy visability
● No more clicking around to create / editNo more clicking around to create / edit
pipelinepipeline
● One job per task, no reuse of jobs with diferentOne job per task, no reuse of jobs with diferent
parametersparameters
● Centrally managed jobs (git)Centrally managed jobs (git)
Solved problems bySolved problems by
ContainersContainers
● Multiversion test of application stacksMultiversion test of application stacks
•
Eg diferent puppet/ php versionsEg diferent puppet/ php versions
● Both functional and unit testing in the pipelineBoth functional and unit testing in the pipeline
● Non blocking pipeline branches for futureNon blocking pipeline branches for future
versionsversions
● Provide developers with producton alikeProvide developers with producton alike
containerscontainers
● Growing container experience with ops folksGrowing container experience with ops folks
ContactContact
Kris BuytaertKris Buytaert Kris.Buytaert@inuits.beKris.Buytaert@inuits.be
Further ReadingFurther Reading
@krisbuytaert@krisbuytaert
http://www.krisbuytaert.be/blog/http://www.krisbuytaert.be/blog/
http://www.inuits.be/http://www.inuits.be/
InuitsInuits
Essensteenweg 31Essensteenweg 31
BrasschaatBrasschaat
BelgiumBelgium
891.514.231891.514.231
+32 475 961221+32 475 961221

More Related Content

What's hot

Setting up Notifications, Alerts & Webhooks with Flux v2 by Alison Dowdney
Setting up Notifications, Alerts & Webhooks with Flux v2 by Alison DowdneySetting up Notifications, Alerts & Webhooks with Flux v2 by Alison Dowdney
Setting up Notifications, Alerts & Webhooks with Flux v2 by Alison Dowdney
Weaveworks
 
It’s 2021. Why are we -still- rebooting for patches? A look at Live Patching.
It’s 2021. Why are we -still- rebooting for patches? A look at Live Patching.It’s 2021. Why are we -still- rebooting for patches? A look at Live Patching.
It’s 2021. Why are we -still- rebooting for patches? A look at Live Patching.
All Things Open
 
UGent Django Infrastructure
UGent Django InfrastructureUGent Django Infrastructure
UGent Django Infrastructure
kevinvw
 
DevSecCon London 2019: A Kernel of Truth: Intrusion Detection and Attestation...
DevSecCon London 2019: A Kernel of Truth: Intrusion Detection and Attestation...DevSecCon London 2019: A Kernel of Truth: Intrusion Detection and Attestation...
DevSecCon London 2019: A Kernel of Truth: Intrusion Detection and Attestation...
DevSecCon
 

What's hot (20)

IIT-RTC 2017 Qt WebRTC Tutorial (Qt Janus Client)
IIT-RTC 2017 Qt WebRTC Tutorial (Qt Janus Client)IIT-RTC 2017 Qt WebRTC Tutorial (Qt Janus Client)
IIT-RTC 2017 Qt WebRTC Tutorial (Qt Janus Client)
 
Devops, Secops, Opsec, DevSec *ops *.* ?
Devops, Secops, Opsec, DevSec *ops *.* ?Devops, Secops, Opsec, DevSec *ops *.* ?
Devops, Secops, Opsec, DevSec *ops *.* ?
 
Virtual Puppet User Group: Puppet Development Kit (PDK) and Puppet Platform 6...
Virtual Puppet User Group: Puppet Development Kit (PDK) and Puppet Platform 6...Virtual Puppet User Group: Puppet Development Kit (PDK) and Puppet Platform 6...
Virtual Puppet User Group: Puppet Development Kit (PDK) and Puppet Platform 6...
 
Setting up Notifications, Alerts & Webhooks with Flux v2 by Alison Dowdney
Setting up Notifications, Alerts & Webhooks with Flux v2 by Alison DowdneySetting up Notifications, Alerts & Webhooks with Flux v2 by Alison Dowdney
Setting up Notifications, Alerts & Webhooks with Flux v2 by Alison Dowdney
 
Monitoring and alerting as code with Terraform and New Relic
Monitoring and alerting as code with Terraform and New RelicMonitoring and alerting as code with Terraform and New Relic
Monitoring and alerting as code with Terraform and New Relic
 
Dev ops
Dev opsDev ops
Dev ops
 
Cf summit-2016-monitoring-cf-sensu-graphite
Cf summit-2016-monitoring-cf-sensu-graphiteCf summit-2016-monitoring-cf-sensu-graphite
Cf summit-2016-monitoring-cf-sensu-graphite
 
OpenStack Contribution Workflow
OpenStack Contribution WorkflowOpenStack Contribution Workflow
OpenStack Contribution Workflow
 
Introduction to Prometheus
Introduction to PrometheusIntroduction to Prometheus
Introduction to Prometheus
 
Win Spinnaker with Winnaker - Open Source North Conf 2017
Win Spinnaker with Winnaker - Open Source North Conf 2017Win Spinnaker with Winnaker - Open Source North Conf 2017
Win Spinnaker with Winnaker - Open Source North Conf 2017
 
It’s 2021. Why are we -still- rebooting for patches? A look at Live Patching.
It’s 2021. Why are we -still- rebooting for patches? A look at Live Patching.It’s 2021. Why are we -still- rebooting for patches? A look at Live Patching.
It’s 2021. Why are we -still- rebooting for patches? A look at Live Patching.
 
Cloud native development without the toil
Cloud native development without the toilCloud native development without the toil
Cloud native development without the toil
 
Puppet Camp Sydney 2015: Puppet and AWS is easy right.....?
Puppet Camp Sydney 2015: Puppet and AWS is easy right.....? Puppet Camp Sydney 2015: Puppet and AWS is easy right.....?
Puppet Camp Sydney 2015: Puppet and AWS is easy right.....?
 
DevOps & Security: Here & Now
DevOps & Security: Here & NowDevOps & Security: Here & Now
DevOps & Security: Here & Now
 
Stop using Nagios (so it can die peacefully)
Stop using Nagios (so it can die peacefully)Stop using Nagios (so it can die peacefully)
Stop using Nagios (so it can die peacefully)
 
A Whale and an Elephant, when PHP meets docker
A Whale and an Elephant, when PHP meets dockerA Whale and an Elephant, when PHP meets docker
A Whale and an Elephant, when PHP meets docker
 
UGent Django Infrastructure
UGent Django InfrastructureUGent Django Infrastructure
UGent Django Infrastructure
 
The devops approach to monitoring, Open Source and Infrastructure as Code Style
The devops approach to monitoring, Open Source and Infrastructure as Code StyleThe devops approach to monitoring, Open Source and Infrastructure as Code Style
The devops approach to monitoring, Open Source and Infrastructure as Code Style
 
DevSecCon London 2019: A Kernel of Truth: Intrusion Detection and Attestation...
DevSecCon London 2019: A Kernel of Truth: Intrusion Detection and Attestation...DevSecCon London 2019: A Kernel of Truth: Intrusion Detection and Attestation...
DevSecCon London 2019: A Kernel of Truth: Intrusion Detection and Attestation...
 
Mike Guthrie - Revamping Your 10 Year Old Nagios Installation
Mike Guthrie - Revamping Your 10 Year Old Nagios InstallationMike Guthrie - Revamping Your 10 Year Old Nagios Installation
Mike Guthrie - Revamping Your 10 Year Old Nagios Installation
 

Similar to OSMC 2017 | Groovy There is a Docker in my Dashing Pipeline by Kris Buytaert

Similar to OSMC 2017 | Groovy There is a Docker in my Dashing Pipeline by Kris Buytaert (20)

Continuous Delivery of (y)our infrastructure.
Continuous Delivery of (y)our infrastructure.Continuous Delivery of (y)our infrastructure.
Continuous Delivery of (y)our infrastructure.
 
Continous Delivery of your Infrastructure
Continous Delivery of your InfrastructureContinous Delivery of your Infrastructure
Continous Delivery of your Infrastructure
 
Pipeline as code for your infrastructure as Code
Pipeline as code for your infrastructure as CodePipeline as code for your infrastructure as Code
Pipeline as code for your infrastructure as Code
 
Dev secops opsec, devsec, devops ?
Dev secops opsec, devsec, devops ?Dev secops opsec, devsec, devops ?
Dev secops opsec, devsec, devops ?
 
The Return of the Dull Stack Engineer
The Return of the Dull Stack EngineerThe Return of the Dull Stack Engineer
The Return of the Dull Stack Engineer
 
Nightmare on Docker street
Nightmare on Docker streetNightmare on Docker street
Nightmare on Docker street
 
Docker is killing your #devops Efforts
Docker is killing your #devops EffortsDocker is killing your #devops Efforts
Docker is killing your #devops Efforts
 
Automating MySQL operations with Puppet
Automating MySQL operations with PuppetAutomating MySQL operations with Puppet
Automating MySQL operations with Puppet
 
From Config Management Sucks to #cfgmgmtlove
From Config Management Sucks to #cfgmgmtlove From Config Management Sucks to #cfgmgmtlove
From Config Management Sucks to #cfgmgmtlove
 
Run stuff, Deploy Stuff, Jax London 2017 Edition
Run stuff, Deploy Stuff, Jax London 2017 EditionRun stuff, Deploy Stuff, Jax London 2017 Edition
Run stuff, Deploy Stuff, Jax London 2017 Edition
 
Repositories as Code
Repositories as CodeRepositories as Code
Repositories as Code
 
On the Importance of Infrastructure as Code
On the Importance of Infrastructure as CodeOn the Importance of Infrastructure as Code
On the Importance of Infrastructure as Code
 
Icinga Camp Amsterdam - Infrastructure as Code
Icinga Camp Amsterdam - Infrastructure as CodeIcinga Camp Amsterdam - Infrastructure as Code
Icinga Camp Amsterdam - Infrastructure as Code
 
Deploying your SaaS stack OnPrem
Deploying your SaaS stack OnPremDeploying your SaaS stack OnPrem
Deploying your SaaS stack OnPrem
 
Moby is killing your devops efforts
Moby is killing your devops effortsMoby is killing your devops efforts
Moby is killing your devops efforts
 
Continuous Infrastructure First
Continuous Infrastructure FirstContinuous Infrastructure First
Continuous Infrastructure First
 
Pipeline as Code
Pipeline as CodePipeline as Code
Pipeline as Code
 
Closing the gap between Distros(devs) and their Users(ops)
Closing the gap between Distros(devs) and their Users(ops)Closing the gap between Distros(devs) and their Users(ops)
Closing the gap between Distros(devs) and their Users(ops)
 
Run stuff, Deploy Stuff
Run stuff, Deploy StuffRun stuff, Deploy Stuff
Run stuff, Deploy Stuff
 
OSDC 2015: Kris Buytaert | From ConfigManagementSucks to ConfigManagementLove
OSDC 2015: Kris Buytaert | From ConfigManagementSucks to ConfigManagementLoveOSDC 2015: Kris Buytaert | From ConfigManagementSucks to ConfigManagementLove
OSDC 2015: Kris Buytaert | From ConfigManagementSucks to ConfigManagementLove
 

Recently uploaded

Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...
Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...
Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...
Lisi Hocke
 
Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...
Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...
Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...
drm1699
 

Recently uploaded (20)

[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypse
[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypse[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypse
[GeeCON2024] How I learned to stop worrying and love the dark silicon apocalypse
 
Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...
Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...
Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...
 
The mythical technical debt. (Brooke, please, forgive me)
The mythical technical debt. (Brooke, please, forgive me)The mythical technical debt. (Brooke, please, forgive me)
The mythical technical debt. (Brooke, please, forgive me)
 
Abortion Pill Prices Jane Furse ](+27832195400*)[ 🏥 Women's Abortion Clinic i...
Abortion Pill Prices Jane Furse ](+27832195400*)[ 🏥 Women's Abortion Clinic i...Abortion Pill Prices Jane Furse ](+27832195400*)[ 🏥 Women's Abortion Clinic i...
Abortion Pill Prices Jane Furse ](+27832195400*)[ 🏥 Women's Abortion Clinic i...
 
Abortion Pill Prices Mthatha (@](+27832195400*)[ 🏥 Women's Abortion Clinic In...
Abortion Pill Prices Mthatha (@](+27832195400*)[ 🏥 Women's Abortion Clinic In...Abortion Pill Prices Mthatha (@](+27832195400*)[ 🏥 Women's Abortion Clinic In...
Abortion Pill Prices Mthatha (@](+27832195400*)[ 🏥 Women's Abortion Clinic In...
 
Lessons Learned from Building a Serverless Notifications System.pdf
Lessons Learned from Building a Serverless Notifications System.pdfLessons Learned from Building a Serverless Notifications System.pdf
Lessons Learned from Building a Serverless Notifications System.pdf
 
[GRCPP] Introduction to concepts (C++20)
[GRCPP] Introduction to concepts (C++20)[GRCPP] Introduction to concepts (C++20)
[GRCPP] Introduction to concepts (C++20)
 
Food Delivery Business App Development Guide 2024
Food Delivery Business App Development Guide 2024Food Delivery Business App Development Guide 2024
Food Delivery Business App Development Guide 2024
 
Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...
Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...
Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...
 
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-CloudAlluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
 
Modern binary build systems - PyCon 2024
Modern binary build systems - PyCon 2024Modern binary build systems - PyCon 2024
Modern binary build systems - PyCon 2024
 
Workshop - Architecting Innovative Graph Applications- GraphSummit Milan
Workshop -  Architecting Innovative Graph Applications- GraphSummit MilanWorkshop -  Architecting Innovative Graph Applications- GraphSummit Milan
Workshop - Architecting Innovative Graph Applications- GraphSummit Milan
 
Automate your OpenSIPS config tests - OpenSIPS Summit 2024
Automate your OpenSIPS config tests - OpenSIPS Summit 2024Automate your OpenSIPS config tests - OpenSIPS Summit 2024
Automate your OpenSIPS config tests - OpenSIPS Summit 2024
 
Rapidoform for Modern Form Building and Insights
Rapidoform for Modern Form Building and InsightsRapidoform for Modern Form Building and Insights
Rapidoform for Modern Form Building and Insights
 
Abortion Pill Prices Germiston ](+27832195400*)[ 🏥 Women's Abortion Clinic in...
Abortion Pill Prices Germiston ](+27832195400*)[ 🏥 Women's Abortion Clinic in...Abortion Pill Prices Germiston ](+27832195400*)[ 🏥 Women's Abortion Clinic in...
Abortion Pill Prices Germiston ](+27832195400*)[ 🏥 Women's Abortion Clinic in...
 
CERVED e Neo4j su una nuvola, migrazione ed evoluzione di un grafo mission cr...
CERVED e Neo4j su una nuvola, migrazione ed evoluzione di un grafo mission cr...CERVED e Neo4j su una nuvola, migrazione ed evoluzione di un grafo mission cr...
CERVED e Neo4j su una nuvola, migrazione ed evoluzione di un grafo mission cr...
 
Microsoft365_Dev_Security_2024_05_16.pdf
Microsoft365_Dev_Security_2024_05_16.pdfMicrosoft365_Dev_Security_2024_05_16.pdf
Microsoft365_Dev_Security_2024_05_16.pdf
 
OpenChain Webinar: AboutCode and Beyond - End-to-End SCA
OpenChain Webinar: AboutCode and Beyond - End-to-End SCAOpenChain Webinar: AboutCode and Beyond - End-to-End SCA
OpenChain Webinar: AboutCode and Beyond - End-to-End SCA
 
Community is Just as Important as Code by Andrea Goulet
Community is Just as Important as Code by Andrea GouletCommunity is Just as Important as Code by Andrea Goulet
Community is Just as Important as Code by Andrea Goulet
 
BusinessGPT - Security and Governance for Generative AI
BusinessGPT  - Security and Governance for Generative AIBusinessGPT  - Security and Governance for Generative AI
BusinessGPT - Security and Governance for Generative AI
 

OSMC 2017 | Groovy There is a Docker in my Dashing Pipeline by Kris Buytaert

  • 1. Groovy, there is a docker in my application pipeline Kris Buytaert @krisbuytaert
  • 2. Kris BuytaertKris Buytaert ● I used to be a Dev,I used to be a Dev, ● Then Became an OpThen Became an Op ● Chief Trolling Officer and Open SourceChief Trolling Officer and Open Source Consultant @Consultant @inuits.euinuits.eu ● Everything is an effing DNS ProblemEverything is an effing DNS Problem ● Building Clouds since before the bookstoreBuilding Clouds since before the bookstore ● Some books, some papers, some blogsSome books, some papers, some blogs ● Evangelizing devopsEvangelizing devops ● Organiser of #devopsdays, #cfgmgmtcamp,Organiser of #devopsdays, #cfgmgmtcamp, #loadays, ….#loadays, …. ● Part of the travelling geek circusPart of the travelling geek circus
  • 3. What's this devopsWhat's this devops thing anyhow ?thing anyhow ?
  • 4. C(L)AMSC(L)AMS ● CultureCulture ● (Lean)(Lean) ● AutomationAutomation ● MeasurementMeasurement ● SharingSharing Damon Edwards and John WillisDamon Edwards and John Willis Gene KimGene Kim
  • 5. NirvanaNirvana An “ecosystem” that supports continuous delivery, fromAn “ecosystem” that supports continuous delivery, from infrastructure, data and configuration management toinfrastructure, data and configuration management to business.business. Through automation of the build, deployment, and testingThrough automation of the build, deployment, and testing process, and improved collaboration between developers,process, and improved collaboration between developers, testers, and operations, delivery teams can get changestesters, and operations, delivery teams can get changes released in a matter of hours — sometimes even minutes–noreleased in a matter of hours — sometimes even minutes–no matter what the size of a project or the complexity of its codematter what the size of a project or the complexity of its code base.base. Continuous Delivery , Jez HumbleContinuous Delivery , Jez Humble
  • 6. This talk:This talk: Journey / Early steps of a team that is used toJourney / Early steps of a team that is used to infrastructure as codeinfrastructure as code Adopting containers step by step.Adopting containers step by step.
  • 9. " Our job as engineers (and ops, dev-ops, QA," Our job as engineers (and ops, dev-ops, QA, support, everyone in the company actually) is tosupport, everyone in the company actually) is to enable the business goals. We strongly feel thatenable the business goals. We strongly feel that in order to do that you must havein order to do that you must have the ability tothe ability to deploy code quickly and safelydeploy code quickly and safely. Even if the. Even if the business goals are to deploy strongly QA’d codebusiness goals are to deploy strongly QA’d code once a month at 3am (it’s not for us, we push allonce a month at 3am (it’s not for us, we push all the time), having a reliable and easythe time), having a reliable and easy deployment should bedeployment should be non-negotiablenon-negotiable."." Etsy Blog upon releasing DeployinatorEtsy Blog upon releasing Deployinator http://codeascraft.etsy.com/2010/05/20/quantum-of-deployment/http://codeascraft.etsy.com/2010/05/20/quantum-of-deployment/
  • 10. We need :We need : AnAn unmodifiedunmodified artifact from build to deploy.artifact from build to deploy. SameSame artifact on dev, staging, acceptance,artifact on dev, staging, acceptance, production, shadow, dr …production, shadow, dr …
  • 11. Why ops like to packageWhy ops like to package ● Packages give you featuresPackages give you features •Consistency, security, dependenciesConsistency, security, dependencies ● Uniquely identify where files come fromUniquely identify where files come from •Package or cfg-mgmtPackage or cfg-mgmt ● Source repo not always availableSource repo not always available •Firewall / Cloud etc ..Firewall / Cloud etc .. ● Weird deployment locations , no easy accessWeird deployment locations , no easy access ● Little overhead when you automateLittle overhead when you automate ● CONFIG does not belong in a packageCONFIG does not belong in a package
  • 12. Example app for today :Example app for today : DashingDashing
  • 13. Dashing is DeadDashing is Dead ● No it has been forkedNo it has been forked ● https://github.com/dashing-io/dashinghttps://github.com/dashing-io/dashing ● s/dashing/smashing/g;s/dashing/smashing/g;
  • 14. Dashing {su/ro}cksDashing {su/ro}cks The GoodThe Good ● Lots of existingLots of existing widgetswidgets ● Easy to startEasy to start ● Simple rubySimple ruby ● Eventstream forEventstream for debuggingdebugging The UglyThe Ugly ● Ruby Gem hellRuby Gem hell ● Widget DeploymentWidget Deployment from a Gist ?from a Gist ? ● No config separationNo config separation
  • 15. Deploying DashingDeploying Dashing ● gem install dashinggem install dashing ● gem install is the new maven downloading thegem install is the new maven downloading the internetinternet ● Reproducable ?Reproducable ?
  • 16. A typical deploymentA typical deployment ● P all software is packagedP all software is packaged • CentOS mostlyCentOS mostly • RPM generated with fpmRPM generated with fpm • Build in Jenkins, uploaded to pulpBuild in Jenkins, uploaded to pulp ● C config is managed by PuppetC config is managed by Puppet ● S service is managed by PuppetS service is managed by Puppet
  • 17. Building Ruby/python/nodeBuilding Ruby/python/node ● We need a chrootWe need a chroot ● With the right ruby/python versionWith the right ruby/python version ● With the right dependenciesWith the right dependencies ● IsolatedIsolated ● Ruby => rvmRuby => rvm ● Ruby 2.1 (dashing is pretty picky aboutRuby 2.1 (dashing is pretty picky about versions)versions) ● What about we try this in a container ?What about we try this in a container ?
  • 18. Pipelines ?Pipelines ? ● One to build basic dashingOne to build basic dashing ● One to build and deploy the dashboards, scriptsOne to build and deploy the dashboards, scripts and all other dashing related stufand all other dashing related stuf • No hacking In production,No hacking In production, • Dashboards are production viewsDashboards are production views • Dev → prod promotionsDev → prod promotions
  • 19. JenkinsJenkins ● Starting point :Starting point : • Dev jenkinsDev jenkins • 1 master (no running jobs)1 master (no running jobs) • Multiple slavesMultiple slaves ● Production : diferent jenkins stack with similarProduction : diferent jenkins stack with similar pipelinespipelines ● We need to be able to reproduce a pipelineWe need to be able to reproduce a pipeline
  • 20. Building a dashingBuilding a dashing container step 0container step 0 ● Empty / standard distro containerEmpty / standard distro container updatesupdates add fpmadd fpm epel and build dependenciesepel and build dependencies ● Triggering docker from the cli, no plugin inTriggering docker from the cli, no plugin in Jenkins used (coz Bugz)Jenkins used (coz Bugz) ● $customer environment requires http_proxy$customer environment requires http_proxy
  • 21. Puppet & DockerPuppet & Docker ● https://github.com/garethr/garethr-dockerhttps://github.com/garethr/garethr-docker
  • 22. Building a dashingBuilding a dashing container step 1container step 1 ● Read rvm installation docsRead rvm installation docs ● frownfrown ● Frown againFrown again ● Containers => YoloContainers => Yolo ● fpm the whole treefpm the whole tree
  • 23. Building a dashingBuilding a dashing container step 2container step 2 ● Take rvm containerTake rvm container ● rvm install ruby-2.1rvm install ruby-2.1 ● fpm -s dir -t rpm -n rvm-ruby -v 2.1.8fpm -s dir -t rpm -n rvm-ruby -v 2.1.8 /usr/local/rvm/rubies/ruby-2.1.8/usr/local/rvm/rubies/ruby-2.1.8
  • 24. Building a dashingBuilding a dashing container step 3container step 3 ● Take ruby-2.1 containerTake ruby-2.1 container ● rvm use 2.1rvm use 2.1 ● gem install bundlegem install bundle ● gem install dashing (fills /usr/local/rvm/gems/ruby-gem install dashing (fills /usr/local/rvm/gems/ruby- 2.1.8 with gems2.1.8 with gems ● mkdir -p /opt/dashing/ && dashing new dashboardmkdir -p /opt/dashing/ && dashing new dashboard ● cd /opt/dashing/dashboardcd /opt/dashing/dashboard ● bundle installbundle install
  • 25. ● Now we have a “reproducable” container whichNow we have a “reproducable” container which will show an empty default dashboard uponwill show an empty default dashboard upon launchinglaunching ● We also have an artifact which we can redeployWe also have an artifact which we can redeploy ● We killed most of those layers afterwardsWe killed most of those layers afterwards
  • 26. Deploying DashboardDeploying Dashboard widgetswidgets dashing installdashing install GIST_IDGIST_ID
  • 27. A dashboardA dashboard ● git repo withgit repo with • Dashboards (html/erb)Dashboards (html/erb) • JobsJobs • Mostly with datasources hardcoded inMostly with datasources hardcoded in scriptsscripts • Not multitenantNot multitenant • WidgetsWidgets ● Pipeline to deploy and test thatPipeline to deploy and test that
  • 28. Deploying theDeploying the dashboardsdashboards ● From dashing containerFrom dashing container ● Cleanup default dashboards (twitter example)Cleanup default dashboards (twitter example) ● Bundle installBundle install • ruby scripts have dependenciesruby scripts have dependencies ● Package dependenciesPackage dependencies • actually whole /usr/local/rvmactually whole /usr/local/rvm ● Package dashboardPackage dashboard
  • 29. Testing the dashboardsTesting the dashboards ● Not all deploys were workingNot all deploys were working ● New job, required gems are missingNew job, required gems are missing ● TestingTesting • Build container with most recent dashboardBuild container with most recent dashboard • Based on the rpm'sBased on the rpm's • docker run -p 0.0.0.0:3030:3030 -ddocker run -p 0.0.0.0:3030:3030 -d dashing/dashboardsdashing/dashboards • wget http://localhost:3030/wget http://localhost:3030/
  • 30. Deploying theDeploying the dashboardsdashboards ● Deploy 2 rpms on vm's via mcollectiveDeploy 2 rpms on vm's via mcollective • dashing-gemsdashing-gems • dashing-dashboarddashing-dashboard on nodes with profile_dashingon nodes with profile_dashing ● mco package update dashing-gems -Fmco package update dashing-gems -F environment=svc1prd -C profile_dashingenvironment=svc1prd -C profile_dashing
  • 31. We need a local dockerWe need a local docker images repositoryimages repository ● Distributed Jenkins (master + multiple slaves)Distributed Jenkins (master + multiple slaves) ● An image build on node X is not available onAn image build on node X is not available on node Ynode Y ● Tests run on other nodeTests run on other node docker push dashing/dashingdocker push dashing/dashing docker push dashing/dashboardsdocker push dashing/dashboards
  • 32. We need a local dockerWe need a local docker images repositoryimages repository ● Pulp ?Pulp ? • Read only (August 2016)Read only (August 2016) • Good for mirrorsGood for mirrors ● Nexus / ArtifactoryNexus / Artifactory ● Docker registry (obsolete, used to be only in aDocker registry (obsolete, used to be only in a container)container) ● Docker-distribution : packages availableDocker-distribution : packages available
  • 33. Docker IncompatibilitiesDocker Incompatibilities ● Search path for imagesSearch path for images • Local firstLocal first • Upstream afterwardsUpstream afterwards Docker Inc says NODocker Inc says NO Redhat says YesRedhat says Yes ● --build-args -e--build-args -e • Redhat vs Docker implementation diferRedhat vs Docker implementation difer
  • 34. Problems solvedProblems solved ● Chrooted package build, no complex mockChrooted package build, no complex mock setups or specfilessetups or specfiles ● Internal docker repo allows reuse of buildInternal docker repo allows reuse of build images on other nodesimages on other nodes ● Jenkins and docker “integration”Jenkins and docker “integration”
  • 35. Rinse & RepeatRinse & Repeat ● Similar patterns forSimilar patterns for • Python , php, etc.Python , php, etc. ● Test can now run in containers with the correctTest can now run in containers with the correct versionversion ● Tests can be run with multiple versions of php/Tests can be run with multiple versions of php/ phython/ruby etc..phython/ruby etc..
  • 36. Can you Automate yourCan you Automate your Pipeline Creation ?Pipeline Creation ? ● Pipeline as CodePipeline as Code ● Jenkins Job DSLJenkins Job DSL ● Pipeline PluginPipeline Plugin
  • 37. Building the PipelineBuilding the Pipeline ● Dev environment for JenkinsDev environment for Jenkins • Fully puppetizedFully puppetized ● JobsJobs • Jenkins Job DSL PluginJenkins Job DSL Plugin • https://wiki.jenkins-ci.org/display/JENKINS/Johttps://wiki.jenkins-ci.org/display/JENKINS/Jo b+DSL+Pluginb+DSL+Plugin •
  • 38. SeedjobSeedjob ● GroovyGroovy ● GitGit ● Rebuild jobs onRebuild jobs on commitcommit ● Keep numbersKeep numbers ● Projects in foldersProjects in folders
  • 39. A dsl projectA dsl project def foldername = 'project-x'def foldername = 'project-x' folder(“${foldername}”)folder(“${foldername}”) job(“${foldername}/XYZ”) {}job(“${foldername}/XYZ”) {} job(“${foldername}/ABC”) {}job(“${foldername}/ABC”) {} buildPipelineView(“${foldername}/pipeline”)buildPipelineView(“${foldername}/pipeline”) { selectedJob(“${foldername}/XYZ”) }{ selectedJob(“${foldername}/XYZ”) }
  • 40. dashing dsl projectdashing dsl project job("${foldername}/dashing-dashboard-build")job("${foldername}/dashing-dashboard-build") job("${foldername}/dashing-dashboard-test")job("${foldername}/dashing-dashboard-test") job("${foldername}/dashing-upload2repo")job("${foldername}/dashing-upload2repo") job("${foldername}/dashing-dashboard-deploy")job("${foldername}/dashing-dashboard-deploy") job("${foldername}/dashing-dashboard-deploy-prd")job("${foldername}/dashing-dashboard-deploy-prd") job("${foldername}/dashing-build")job("${foldername}/dashing-build")
  • 41. Job partsJob parts ● Logrotator : how long to keep buildsLogrotator : how long to keep builds ● Scm : git configScm : git config ● Trigger : when to buildTrigger : when to build ● Label : where to runLabel : where to run ● Steps : shell(readFileFromWorkspace('file.sh'))Steps : shell(readFileFromWorkspace('file.sh')) ● publisherspublishers
  • 42. Publisher PartsPublisher Parts ● PublishBuildPublishBuild ● CloneWorkspacePublisherCloneWorkspacePublisher ● ArchiveArtifactsArchiveArtifacts ● Downstreamparametrized …Downstreamparametrized …
  • 43. Pipeline Problems solvedPipeline Problems solved ● No more promoted build pluginNo more promoted build plugin • Manual promote in pipelineManual promote in pipeline • Easy visabilityEasy visability ● No more clicking around to create / editNo more clicking around to create / edit pipelinepipeline ● One job per task, no reuse of jobs with diferentOne job per task, no reuse of jobs with diferent parametersparameters ● Centrally managed jobs (git)Centrally managed jobs (git)
  • 44. Solved problems bySolved problems by ContainersContainers ● Multiversion test of application stacksMultiversion test of application stacks • Eg diferent puppet/ php versionsEg diferent puppet/ php versions ● Both functional and unit testing in the pipelineBoth functional and unit testing in the pipeline ● Non blocking pipeline branches for futureNon blocking pipeline branches for future versionsversions ● Provide developers with producton alikeProvide developers with producton alike containerscontainers ● Growing container experience with ops folksGrowing container experience with ops folks
  • 45. ContactContact Kris BuytaertKris Buytaert Kris.Buytaert@inuits.beKris.Buytaert@inuits.be Further ReadingFurther Reading @krisbuytaert@krisbuytaert http://www.krisbuytaert.be/blog/http://www.krisbuytaert.be/blog/ http://www.inuits.be/http://www.inuits.be/ InuitsInuits Essensteenweg 31Essensteenweg 31 BrasschaatBrasschaat BelgiumBelgium 891.514.231891.514.231 +32 475 961221+32 475 961221