Patterns and antipatterns in Docker image lifecycle as was presented at DC Docker Meetup August 2017

whoami
Baruch Sadogursky, JFrog Developer Advocate, @jbaruch

Show notes!
• http://jfrog.com/shownotes
– Video (soon!)
– Slides
– Links
– Feedback
– Raffle! (come early)

Poll Time!
üHeard about Docker
üCan do the tutorial
üPoCing, playing etc.
üProduction, baby!
@JBARUCH #DOCKERDC HTTP://JFROG.COM/SHOWNOTES

JFrog Artifactory + Docker

Who’s using Docker and nothing else?

The Promotion Pyramid
Development builds
Dev Integration tests
Integr. tests
Staging
Pre-Prod
Prod
Amount of builds
Build/Deploy time
Amount of
binaries

Pipeline: Quality Gates and Visibility
Source: Agile ALM, Michael Hüttermann, Manning Publications Co.

$docker build

Let’s docker build in every env!

That’s why.
FROM ubuntu
RUN apt-get install -y software-properties-common python
RUN apt-get install -y nodejs
RUN mkdir /var/www
ADD app.js /var/www/app.js
CMD ["/usr/bin/node", "/var/www/app.js"]
Latest version
Latest version
Latest version
Latest version

That’s why.
FROM ubuntu:14.04
RUN mkdir /var/www
Better now?

That’s why.
FROM ubuntu:4033353383af19ec179c01dda7f355a246c6adcafaf93c8f98
RUN mkdir /var/www
And now?

That’s why.
RUN mkdir /var/www
And now?What about those?

That’s why.
RUN mvn clean install
CMD ”java –jar Main.class"
What about this?

That’s why.
RUN download_random_sh*t_from_the_internet.sh
And how about this?

That’s why you don’t trust Docker

Traditional Server Pattern
http://martinfowler.com/bliki/ImmutableServer.html

Immutable Server Pattern
http://martinfowler.com/bliki/ImmutableServer.html

What’s up with the gates?!
- QA shouldn’t test dev images

- non-tested images shouldn't be
staged

- non-tested images shouldn't be
staged
- non-staged, non-tested or dev
images shouldn’t end up in
production!!!

Not so fast…

Trumped-up limitations

The Anatomy of Docker Tag

Wait a second, how can I
have more than one
repository per host now?!

How can we support this?
https://host:8081/artifactory/docker-dev/busybox
https://host:8081/artifactory/docker-staging/busybox
https://host:8081/artifactory/docker-qa/busybox
https://host:8081/artifactory/docker-prod/busybox

“ONE REGISTRY PER HOST OUGHT
TO BE ENOUGH FOR ANYBODY.”

Panic!

Virtual hosts/ports to the rescue
Registry host Tag name
docker tag host:port/busybox

https://host:port/v2/busybox

https://host:8081/artifactory/docker-dev/busybox
Virtual repository name Tag name
https://host:port/v2/busybox
Context name

server {
listen 5001;
server_name 192.168.99.100;
if ($http_x_forwarded_proto = '') {
set $http_x_forwarded_proto $scheme;
}
rewrite ^/(v1|v2)/(.*) /artifactory/api/docker/docker-dev/$1/$2;
…
}
}

But then you realize…
Wait a second, now I need
to pull, retag and push for
every step?!

Anatomy of a container

Our Layers
Application:
••.war file
Framework:
••JDK8 + Wildfly
Base:
••CentOS

Framework build
- Verified base image
- Add system dependencies
from artifactory
- JDK
- wildfly
- Own it!

Minimal Framework build Dockerfile
FROM centos:7
MAINTAINER you@yourorg.com

Application build
- Framework is your base
- Run a java build
- Add a file to base
- Done!

Application build Dockerfile
FROM yourorg-docker.jfrog.io/yourorg/framework:latest
MAINTAINER you@yourorg.com
ADD https://yourorg.jfrog.io/yourorg/java-release-local/…/app-[RELEASE].war
/opt/jboss/wildfly/standalone/deployments/app.war

Framework Pipeline
Application Pipeline

HIGH QUALITY
(software and information) SPEED LOW COST
(automation)
Fast releases > Modular > Automation
Conclusions: Release Fast or Die!

Q&A and Links
• @jbaruch
• #DockerDC
• http://jfrog.com/shownotes
– Video (soon!)
– Slides
– Links
– Feedback
– Raffle! (come early)

Patterns and antipatterns in Docker image lifecycle as was presented at DC Docker Meetup August 2017

More Related Content

What's hot

Similar to Patterns and antipatterns in Docker image lifecycle as was presented at DC Docker Meetup August 2017

More from Baruch Sadogursky

Recently uploaded

Patterns and antipatterns in Docker image lifecycle as was presented at DC Docker Meetup August 2017