ALMA Offline Environment with Docker
Offline applications
70 ~
In-house applications
15 ~
Current Situation
Past
-
ACS
-
Fat wars
-
ACS libs dependencies
-
Common environment
-
Kickstart approach
-
Redhat 6.6
-
Docker containers
...near future
-
Docker in production
-
Docker Registry
-
Continuous integration
-
Development environment
Current Setup
VCenter
Blade
VM
VM
VM
VM
VM
VM
DNS
10.200.117.XX -> hostname
Docker
an open platform for developers and sysadmins to build, ship, and run distributed applications
Docker Architecture
Docker Setup
Host
Container
Multiple IP interfaces
10.200.117.XX -> hostname
Docker
Container
Docker
Container
Docker
Container
Docker
Container
Docker
Docker
REDHAT 6.6
SSH Server
Java + Tomcat
Supervisor
Docker Layers
8080
22
Supervisor(d)
is a client/server system that allows its users to monitor and control a number of processes on UNIX-like operating systems.
Dockerfiles
FROM rhel6.6:latest
MAINTAINER Alvaro Aguirre <aaguirre@alma.cl>
ENV EPEL_VERSION 6-8
ENV JAVA_VERSION 8u45
ENV BUILD_VERSION b14
ENV TOMCAT_VERSION 7.0.62-4
ENV RHN_USER almasoftware
ENV RHN_PASS XXXXXX
WORKDIR /root
RUN /usr/sbin/subscription-manager register --username=$RHN_USER --password=$RHN_PASS --serverurl=subscription.rhn.redhat.com --autosubscribe
RUN yum -y update && \
yum install -y \
vim-enhanced \
blas \
blas-devel \
tetex-latex \
gcc-c++ \
python-devel \
python-lxml \
wget \
openssl \
openssl-devel \
zlib-dev
RUN yum -y install openssh-server && \
rm -f /etc/ssh/ssh_host_dsa_key /etc/ssh/ssh_host_rsa_key && \
ssh-keygen -q -N "" -t dsa -f /etc/ssh/ssh_host_dsa_key && \
ssh-keygen -q -N "" -t rsa -f /etc/ssh/ssh_host_rsa_key && \
sed -i "s/#UsePrivilegeSeparation.*/UsePrivilegeSeparation no/g" /etc/ssh/sshd_config && \
sed -i "s/UsePAM.*/UsePAM no/g" /etc/ssh/sshd_config
ENV AUTHORIZED_KEYS **None**
RUN echo root:'$1$rrii2oPl$sIWEJP2utD9ks3Kn8r.Lu/' | chpasswd --encrypted
RUN wget http://download.fedoraproject.org/pub/epel/6/i386/epel-release-$EPEL_VERSION.noarch.rpm && \
rpm -ivh epel-release-$EPEL_VERSION.noarch.rpm
RUN yum -y install pyephem \
python-pip && \
easy_install -U distribute && \
pip install numpy==1.7.0
RUN yum -y install freetype-devel \
libpng-devel && \
pip install matplotlib
RUN pip install supervisor
RUN wget --no-cookies --no-check-certificate --header "Cookie: oraclelicense=accept-securebackup-cookie" "http://download.oracle.com/otn-pub/java/jdk/$JAVA_VERSION-$BUILD_VERSION/jdk-$JAVA_VERSION-linux-x64.rpm" -O /tmp/jdk-8-linux-x64.rpm
RUN yum -y install /tmp/jdk-8-linux-x64.rpm
COPY apache-tomcat-$TOMCAT_VERSION.el6.x86_64.rpm /root/
RUN yum -y --nogpgcheck localinstall apache-tomcat-$TOMCAT_VERSION.el6.x86_64.rpm
COPY supervisord.conf /etc/supervisord.conf
EXPOSE 8080 22
CMD ["/usr/bin/supervisord"]
Management
- Docker CLI
- Ansible
- Docker API
Docker CLI
docker build
docker pull
docker run
Docker CLI
docker ps (list active containers)
docker ps -a (list all containers)
docker images (list all images)
docker rm <container>
docker rmi <container>
docker run -d --name cas_2015.4 offline:latest
docker run -d --name cas_2015.4
-v /etc/offline/:/etc/offline/
-v /etc/offline/webapps/cas/:/var/lib/tomcat/webapps/
-p=10.200.67.22:22:22
-p=10.200.67.22:8080:8080
--dns=10.200.16.22
--hostname=hybris.sco.alma.cl
offline:latest
docker run -d --name submission_2015.4
-v /etc/offline/:/etc/offline/
-v /etc/offline/webapps/submission/:/var/lib/tomcat/webapps/
-v /etc/offline/data/submission/mail.jar:/usr/share/tomcat/lib/mail.jar
-v /etc/offline/data/submission/ojdbc6.jar:/usr/share/tomcat/lib/ojdbc6.jar
-v /etc/offline/data/submission/xdb.jar:/usr/share/tomcat/lib/xdb.jar
-v /etc/offline/data/submission/xmlparserv2.jar:/usr/share/tomcat/lib/xmlparserv2.jar
-v /etc/offline/data/submission/server.xml:/etc/tomcat/server.xml
-v /etc/offline/data/submission/InvestigatorDbWS.xml:/etc/tomcat/Catalina/localhost/InvestigatorDbWS.xml
-v /etc/offline/data/submission/ObsprepSubmissionService.xml:/etc/tomcat/Catalina/localhost/ObsprepSubmissionService.xml
-p=10.200.67.34:22:22
-p=10.200.67.34:8180:8180
--dns=10.200.16.22
--hostname=eichsfeldia.sco.alma.cl
offline:latest
docker run -d --name scheduling_2015.4
-v /etc/offline/:/etc/offline/
-v /etc/offline/webapps/scheduling/:/var/lib/tomcat/webapps/
-p=10.200.67.33:22:22 -p=10.200.67.33:8080:8080
--dns=10.200.16.22
--hostname=bathilde.sco.alma.cl
-e "APRC_WORK_DIR=/eqtc/offline/config/scheduling/work_dir"
offline:latestAnsible
Ansible is the simplest way to automate apps and IT infrastructure. Application Deployment + Configuration Management + Continuous Delivery.
Ansible
Ansible Client
Host 1
Host 2
Host 3
Host 4
Host 5
Ansible
Ansible Client
Container
Docker
Container
Docker
Container
Docker
Container
Docker
Container
Docker
.
├── group_vars
│ └── all
├── hosts
├── play.yml
└── roles
└── cas
├── files
├── handlers
│ └── main.yml
├── meta
│ └── main.yml
├── tasks
│ └── main.yml
├── templates
└── vars
└── main.ymlAnsible Project
- name: create new virtual ip in the docker host
command: ip addr add {{cas_ip}}/24 dev eth0
ignore_errors: yes
- name: run cas application image
docker:
name: "cas_{{ release }}"
state: started
image: "offline:latest"
volumes:
- /etc/offline/:/etc/offline/
- /etc/offline/webapps/cas/:/var/lib/tomcat/webapps/
ports:
- "{{ cas_ip }}:22:22"
- "{{ cas_ip }}:8080:8080"
dns:
- "10.200.16.22"
hostname: "{{ cas_hostname }}"Ansible Project
ansible-playbook -i hosts play.ymlDocker API
(docker py)
- Create/Build
- Run
- Read Logs
- Monitor
Current Setup
Docker
VM
CPU: 4
Memory: 8GB
CPU: 2
Memory: 4GB
http://lotis.sco.alma.cl:9000/containers/
Links
http://blogs.vmware.com/performance/2014/10/docker-containers-performance-vmware-vsphere.html
VMWare
http://domino.research.ibm.com/library/cyberdig.nsf/papers/0929052195DD819C85257D2300681E7B/$File/rc25482.pdf
IBM