Docker

Motivation

  • As DevOps I want to quickly spin up a new server
  • As DevOps I want to change the setup for all existing servers / part of them / new servers
  • As DevOps I want to test the env changes before actually applying them
  • As DevOps I want to run different stack components versions on the same server (e.g. panda)
  • As a developer I want to reproduce "only at the server" bug.
  • As a developer I want to setup a new dev env

Meet Docker...

  • Virtualization alternative
  • Linux containers based
  • Fast growing technology

Introduction to Docker

Basics

Try It

  • Images - transportation mean
  • Containers - execution mean
  • Dockerfile (remember Vagrantfile?)
  • Docker Hub - Registry

Examples

  • docker run ubuntu:14.04 /bin/echo 'Hello world'
  • docker ps (-a)
  • docker kill
  • docker rm
  • docker pull

  • docker build

  • docker images

  • docker rmi

  • docker push

  • Dockerfile syntax

Our Need

  • Setup Server 12 from top to bottom

  • Based on the prescription we have

    • Some components required as is

    • Some components will go through config change

    • Some components are not required anymore

  • Proudly invented elsewhere...

    • Is there a ready made image? Not really

    • Can we re-use some image as a baseline

Our Image Evolution - 1

  • First take: build a full stack image:

    • Centos

    • Hardening, users, sshd

    • Firewall, Antivirus, rkhunter, etc

    • LAMP

    • Backup, monitor, logging

    • ...

  • Second take: Different Envs - Different Needs

    • Separate Prod from Dev

    • Re-use as much as possible => base-image

    • TODO: change config files instead of copying

Our Image Evolution - 2

  • Third take: separation of concerns

    • Desirably container per service

    • Linking containers

    • MySQL container + HTTPD Container

    • Restriction: image derivation is not possible

    • Both containers use the same Prod-Image

  • Fourth take: data persistency

    • Setting up data volumes

    • var/www/html volume

    • mysql volume

    • config volume

Our Image Evolution - 3

  • Fifth take: Orchestration

    • Need a tool to manage the containers

    • Meet fig AKA docker-compose

    • docker-compose.yml 

  • Future Evolution:

    • Near term

      • Containers for additional services

      • Hardening the host

    • Longer term

      • Containers per site-service (i.e. pandora httpd)

      • No SSHD?

      • Own Registry

Additional Tools

  • Docker hub - registry (for running)
  • Bitbucket - images code (for building)
  • Windows - special as always
    • VirtualBox+Boot2Docker
    • VirtualBox+Vagrant... + <some distro>
    • See this
Made with Slides.com