Docker Strangelove

OR: HOW I LEARNED TO STOP WORRYING AND LOVE THE CONTAINER

Agenda

  • So what IS Docker?
  • Story Time
  • Lessons learned from my experience
  • Other obsessions with Docker
  • Q & A

So what IS Docker?

  • It's Containers
  • It's Code Isolation
  • It's your gateway to better deploys
    • Kubernetes
    • AWS ECS
    • AWS Fargate

Docker

Docker is a set of platform-as-a-service products that use OS-level virtualization to deliver software in packages called containers.

~ Docker, Inc.

What does that mean?

Docker is a set of tools that allow for you to "containerize" your code into isolated images for fun and for profit.

~ Josh Finnie

Also...

Moving to containers for your code gives you a lot of benefits:

  1. It isolates your side effects
  2. The code you write and test more closely mirrors your deployments
  3. It more easily sets you up for scale in a production setting

But...

  1. There is some overhead in running your code in containers (i.e. Ubuntu 14.04 was 1.5GB in size...)
  2. It's easy to disregard security of your docker container, the default settings are not great
  3. Networking can become troubling and difficult when communicating between containers

Also, there's this:

https://www.zdnet.com/article/docker-is-in-deep-trouble/

Story Time

Steps to success:

  1. Have large monolithic application straining at the bounds of performance.
  2. Learn how cool mirco-services are and how they are the "future" of web development.
  3. Move to micro-services, but now are at a loss on how to deploy your infrastructure.
  4. Turn to Docker for production deployment as well as development.

The Beginning

The Beginning

  • TrackMaven's code base started off as a massive monolithic application

 

  • The singular code base housed both the backend and frontend code

 

  • Surprisingly, it was actually running in Docker for development

 

  • But, micro-services were becoming cool, and TM saw an opportunity to separate out our backend code from our frontend code

Getting serious with Docker

Getting serious with Docker

  • TM seriously looked into Docker for frontend development.
    • The code was being transitioned to Angular

 

  • The frontend Docker container was very impressive, it kept the team aligned with versions of Node, packages required, and a way to deploy the SPA to AWS S3

 

  • TM started to take a good look at our monolith code and see where it could be broken into services.

What have we done?

What have we done?

  • TM created micro-services everywhere, created way too many services!

 

  • Docker made it easy to isolate the requirements for services, and with that ease came over correction

 

  • This of-course was not all bad, TM did figure out how to streamline Django applications for rapid development.

 

  • TM developed an in-house orchestration system that would deploy Docker to AWS EC2 "boxes"

Success?

Success?

  • TM could successfully deploy all of our micro-services and frontend code while developing in Docker.

 

  • After a while, TM started to pare down our services and ended up in a happy state

 

  • The success TM had with Docker allowed them to "easily" migrate to Kubernetes and use those containers within its nodes

Failure?

Failure?

  • A lot of those negative issues with Docker reared to life when TM moved to Kubernetes.
    • Specifically, networking between containers within Kubernetes is still magic to me.

 

  • TM never really found a happy medium for Docker images
    • Either they were huge because we were using the Ubuntu 14.04 base image (1.5GB or something)
    • Or the packages used grew stale since the development flow was so streamlined
    • Even weird SemVer issues arose where packages were updated. 

PBS

PBS

Take this with a bit of a grain of salt, as I have only been working at PBS for about 3 weeks at this point.

  • PBS is also completely containerized.
  • There are multiple applications all within the WebTech team that are developed and deployed with Docker
  • PBS uses AWS ECS to great success allowing for immense horizontal scale to support all users of PBS.org

Lessons Learned

  • Docker is GREAT
  • Docker is burdensome
  • In the end, do what is best for your situation...

Future Learning

  • Serverless Deployment through Fargate
  • Micro Docker Images
  • Tightening Security
  • Multi-stage builds

Other Obsessions

Almost everything I do is in Docker!

Python

I code everything python in a container, especially if I am in a REPL

Need Python 2.7?

$ docker run -it python-2.7 python
Python 2.7.16 (default, Sep 12 2019, 17:36:22)
[GCC 8.3.0] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> 5 / 2 == 2.5
False
>>> # (╯°□°)╯︵ ┻━┻

Need Python 3.8?

$ docker run -it python-3.8 python
Python 3.8.0b4 (default, Sep 12 2019, 15:28:48)
[GCC 8.3.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> # LET'S FIX WHAT WAS BROKEN IN 2.7
>>> 5/2 == 2.5
True
>>> # ┬─┬ノ( º _ ºノ)
...
>>> # LET'S USE THE WALRUS OPERATOR!!
...
>>> a = 11
>>> if (b := a) > 10:
...     print(f"The value of b is {b} and is greater than 10.")
...
The value of b is 11 and is greater than 10.

Need Python or Node?

$ docker images | grep python
python-2.7     latest     ab1097281d06     2 weeks ago     433MB
python-3.8     latest     58fdeab98f5c     2 weeks ago     521MB
python-3.6     latest     f72f51d6879f     2 weeks ago     503MB

$ docker images | grep nvm
nvm-10.16.3    latest     7a9afc16a57f    2 weeks ago     394MB
nvm-stable     latest     8fc2110c6978    7 months ago    397MB

Running Latex

# Running using MacTeX
$ /Library/TeX/Distributions/TeXLive-2019.texdist/Contents/Programs/texbin/pdflatex sample.tex

# Running using Docker
$ docker run -v `pwd`:/tmp latex pdflatex sample.tex

Not only do I not have to worry about trying to install Latex on my mac, I can just save the installation and all my little optimizations and save it as a Docker image!

Running Latex

FROM debian:buster-slim

RUN apt-get update && \
    apt-get install --no-install-recommends -y \
        biber=2.12-2 \
        latexmk=1:4.61-0.1 \
        texlive-full=2018.20190227-2 && \
        rm -rf /var/lib/apt/lists/*

WORKDIR /tmp

Links*

  1. https://github.com/joshfinnie/docker-nvm
  2. https://github.com/joshfinnie/latex-docker
  3. https://github.com/joshfinnie/docker-python

Questions?

Thanks!

Josh Finnie
Senior Software Engineer

 

 

 

@joshfinnie (almost everywhere?)

https://www.joshfinnie.com