Using Docker for your deployments

 

asdasdasdcasdc

Who I am

  • Alvaro Aguirre
  • ALMA Project
  • @alvaro_aguirre

ALMA Observatory

Atacama Large Millimeter/submillimeter Array

66 antennas

Introduction

Introduction

Introduction

Introduction

online (core)

offline (surface)

Applications

100 ~

In-house applications

30 ~

Current Situation (offline)

Evolution

Evolution

Database

Service

Proxy

Evolution

Clusters

Virtual Machines

Docker

an open platform for developers and sysadmins to build, ship, and run distributed applications

Docker Architecture

FROM rhel6.6:latest

MAINTAINER Alvaro Aguirre <aaguirre@alma.cl>

ENV EPEL_VERSION 6-8
ENV JAVA_VERSION 8u45
ENV BUILD_VERSION b14
ENV TOMCAT_VERSION 7.0.62-4
ENV RHN_USER almasoftware
ENV RHN_PASS XXXXXX


WORKDIR /root

RUN /usr/sbin/subscription-manager register --username=$RHN_USER --password=$RHN_PASS --serverurl=subscription.rhn.redhat.com --autosubscribe

RUN  yum -y update && \
     yum install -y \
     vim-enhanced \
     blas \ 
     blas-devel \
     tetex-latex \
     gcc-c++ \ 
     python-devel \
     python-lxml \
     wget \ 
     openssl \
     openssl-devel \
     zlib-dev 

RUN yum -y install openssh-server  && \
    rm -f /etc/ssh/ssh_host_dsa_key /etc/ssh/ssh_host_rsa_key && \
    ssh-keygen -q -N "" -t dsa -f /etc/ssh/ssh_host_dsa_key && \
    ssh-keygen -q -N "" -t rsa -f /etc/ssh/ssh_host_rsa_key && \
    sed -i "s/#UsePrivilegeSeparation.*/UsePrivilegeSeparation no/g" /etc/ssh/sshd_config && \
    sed -i "s/UsePAM.*/UsePAM no/g" /etc/ssh/sshd_config

ENV AUTHORIZED_KEYS **None**

RUN echo root:'$1$rrii2oPl$sIWEJP2utD9ks3Kn8r.Lu/' | chpasswd --encrypted

RUN wget http://download.fedoraproject.org/pub/epel/6/i386/epel-release-$EPEL_VERSION.noarch.rpm && \
    rpm -ivh epel-release-$EPEL_VERSION.noarch.rpm

RUN yum -y install pyephem \
    python-pip && \
    easy_install -U distribute && \
    pip install numpy==1.7.0

RUN yum -y install freetype-devel \
    libpng-devel && \
    pip install matplotlib

RUN pip install supervisor

RUN wget --no-cookies --no-check-certificate --header "Cookie: oraclelicense=accept-securebackup-cookie" "http://download.oracle.com/otn-pub/java/jdk/$JAVA_VERSION-$BUILD_VERSION/jdk-$JAVA_VERSION-linux-x64.rpm" -O /tmp/jdk-8-linux-x64.rpm

RUN yum -y install /tmp/jdk-8-linux-x64.rpm

COPY apache-tomcat-$TOMCAT_VERSION.el6.x86_64.rpm /root/

RUN yum -y --nogpgcheck localinstall apache-tomcat-$TOMCAT_VERSION.el6.x86_64.rpm

COPY supervisord.conf /etc/supervisord.conf

EXPOSE 8080 22

CMD ["/usr/bin/supervisord"]

Dockerfile

Current Setup

VCenter

Blade

VM

VM

VM

VM

VM

VM

DNS

10.200.117.XX -> hostname

Docker Setup

Host

Container

Multiple IP interfaces

10.200.117.XX -> hostname

Docker

Container

Docker

Container

Docker

Container

Docker

Container

Docker

Docker

Postgres Database

Elastic Search

Redis Server

App

Nginx

REDHAT 6.6

SSH Server

Java + Tomcat

Supervisor

Docker Layers

8080

22

Management

  • Docker CLI
  • Docker API
  • Ansible 
  • others

Docker CLI

docker build

 

docker pull

 

docker run

Docker CLI

docker ps (list active containers)

 

docker ps -a (list all containers)

 

docker images (list all images)

 

docker rm <container>

 

docker rmi <image>


docker run -d --name cas_2015.4 offline:latest

docker run -d --name cas_2015.4 
    -v /etc/offline/:/etc/offline/ 
    -v /etc/offline/webapps/cas/:/var/lib/tomcat/webapps/ 
    -p=10.200.67.22:22:22 
    -p=10.200.67.22:8080:8080 
    --dns=10.200.16.22 
    --hostname=hybris.sco.alma.cl 
    offline:latest

docker run -d --name submission_2015.4 
    -v /etc/offline/:/etc/offline/ 
    -v /etc/offline/webapps/submission/:/var/lib/tomcat/webapps/ 
    -v /etc/offline/data/submission/mail.jar:/usr/share/tomcat/lib/mail.jar 
    -v /etc/offline/data/submission/ojdbc6.jar:/usr/share/tomcat/lib/ojdbc6.jar 
    -v /etc/offline/data/submission/xdb.jar:/usr/share/tomcat/lib/xdb.jar 
    -v /etc/offline/data/submission/xmlparserv2.jar:/usr/share/tomcat/lib/xmlparserv2.jar 
    -v /etc/offline/data/submission/server.xml:/etc/tomcat/server.xml 
    -v /etc/offline/data/submission/InvestigatorDbWS.xml:/etc/tomcat/Catalina/localhost/InvestigatorDbWS.xml 
    -v /etc/offline/data/submission/ObsprepSubmissionService.xml:/etc/tomcat/Catalina/localhost/ObsprepSubmissionService.xml 
    -p=10.200.67.34:22:22 
    -p=10.200.67.34:8180:8180 
    --dns=10.200.16.22 
    --hostname=eichsfeldia.sco.alma.cl 
    offline:latest 

docker run -d --name scheduling_2015.4 
    -v /etc/offline/:/etc/offline/ 
    -v /etc/offline/webapps/scheduling/:/var/lib/tomcat/webapps/ 
    -p=10.200.67.33:22:22 -p=10.200.67.33:8080:8080 
    --dns=10.200.16.22 
    --hostname=bathilde.sco.alma.cl 
    -e "APRC_WORK_DIR=/eqtc/offline/config/scheduling/work_dir" 
    offline:latest

Docker API

(docker py)

  • Create/Build
  • Run
  • Read Logs
  • Monitor

Ansible

Ansible is the simplest way to automate apps and IT infrastructure. Application Deployment + Configuration Management + Continuous Delivery.

Ansible

Ansible Client

Host 1

Host 2

Host 3

Host 4

Host 5

Ansible

Ansible Client

Container

Docker

Container

Docker

Container

Docker

Container

Docker

Container

Docker

.
├── group_vars
│   └── all
├── hosts
├── play.yml
└── roles
    └── cas
        ├── files
        ├── handlers
        │   └── main.yml
        ├── meta
        │   └── main.yml
        ├── tasks
        │   └── main.yml
        ├── templates
        └── vars
            └── main.yml

Ansible Project

- name: create new virtual ip in the docker host
  command: ip addr add {{cas_ip}}/24 dev eth0
  ignore_errors: yes

- name: run cas application image
  docker:
     name: "cas_{{ release }}"
     state: started
     image: "offline:latest"
     volumes:
        - /etc/offline/:/etc/offline/
        - /etc/offline/webapps/cas/:/var/lib/tomcat/webapps/
     ports:
        - "{{ cas_ip }}:22:22"
        - "{{ cas_ip }}:8080:8080"
     dns:
        - "10.200.16.22"
     hostname: "{{ cas_hostname }}"

Ansible Project

ansible-playbook -i hosts play.yml

Gracias!

DevConChile

By aaguirre

DevConChile

  • 1,253