Easy Containerization

Agenda

  • Docker vs. other alternatives
  • Docker vs. Git

  • Image vs. Container

  • From devops perspective

  • From developer perspective

  • How to link multiple containers

  • Data-only containers

  • Orchestration tools
  • How to prepare environment
  • Useful docker images

Docker Host on Demand

ssh root@dhod -p 20022  # albo: ssh root@10.93.1.226 -p 20022
#password: docker

Docker vs. Vagrant

uname -a
docker run -ti ubuntu uname -a
docker run -ti ubuntu:14.04 uname -a
docker run -ti ubuntu:12.04 uname -a

docker run -ti fedora uname -a
docker run -ti coreos uname -a

Demo time! #1

type in your console

Linux Containers & Docker

Docker vs. Git   

Layers

  • AUFS - AnotherUnionFS/advanced multi layered unification filesystem
     
  • Each layer has its own hash
     
  • Layer can be tagged
     
  • Layers are shared
docker images --tree

Community

  • Open Source
    • docker service itself (written in go)
    • most of images on docker hub
      • 120+ officially supported images by docker
      • few thousand created by community
      • linked with github/bitbucket repositories

Image vs. Container

There is official tutorial on docker.com

... and I don't recommend it

Image

Container

docker images
docker build
docker pull
docker push
docker rmi
docker tag
docker run
docker ps
docker rm
docker exec
docker logs
docker stats

Docker from sysadmin perspective

Ports: 22, 80

p: 3306

v: /var/lib/mysql

p: 11211

How to run containers

docker run -p 8080:80 -p 20022:22 --name blog --mem_limit 512mb kszumny/my_blog
blog:
  image: kszumny/my_blog
  ports:
    - "8080:80"
    - "20022:22"
  mem_limit: 512000000

Using fig.yml/docker-compose.yml file

# fig up -d
docker-compose up -d 
docker run -ti noisy/httpd-hello-stx
docker run -ti -p 80:80 noisy/httpd-hello-stx
docker run -ti -P noisy/httpd-hello-stx

#in dhod:
docker run -ti -p 20101:80 --name hello-stx noisy/httpd-hello-stx
docker run -d -p 20101:80 --name hello-stx noisy/httpd-hello-stx

#check dhod:20101/

Demo time! #2

type in your console

docker

docker ps [-a]
docker exec <container_id/name> bash

docker logs <container_id/name>

docker stats <container_id/name>

fig

fig ps

fig exec

fig logs

fig stop

fig restart

fig scale

Interaction with running containers

Docker from developer perspective

Building an image

FROM
RUN
CMD
EXPOSE
ENV
ADD or COPY
ENTRYPOINT
VOLUME
USER
WORKDIR
ONBUILD

Dockerfile commands

Non interactive mode

  • apt-get install -y --force
  • cd /some/dir/ && make
  • echo "yes" | git clone
  • grep, xargs
  • sed -e 's/foo/bar/g' /dir/filename
  • git clone --depth 1
  • expect
    •  

useful commands

$ sudo passwd bob
Enter new UNIX password: 
Retype new UNIX password: 
passwd: password updated successfully
#!/bin/sh
newpass=42
expect -c "
        spawn sudo passwd
        expect "?assword:"
        send \"$newpass\r\"
        expect "?assword:"
        send \"$newpass\r\"
        expect eof"

docker build

docker build --tag <tag> --no-cache <dir>
docker build -t docker-demo .

How to speed up building images

  • add on the end/test/refactor
  • no-cacheable commands on the end
  • a .dockerignore file
  • use base images

How to debug code in running container?

container

ssh service

Remote Debugger

  • dockerization of ssh service is considered as bad practice
  • ssh service is undesired in production images
  • pycharm helpers are uploaded only once to remote server (data only container is needed)
pycharm helpers

data only container

Automated Builds

Linking containers

docker run -d --name db training/postgres
  • Run the first container and name it
docker run -d -P --name web --link db:postgresdb training/webapp python app.py
  • Run the 2nd container and link it with existing one
  • /etc/hosts
  • Environment Variables
    • <name>_PORT_<port>_<protocol
      WEB_PORT_80_TCP_ADDR=172.17.0.82
      WEB_PORT_80_TCP_PORT=8080


Volumes

  • upload/download files
  • useful for backups
web:
  image: yesnault/docker-phabricator
  links:
    - db:database
  ports:
    - "8082:80"

db:
  image: yesnault/docker-phabricator-mysql

How to store data?

web:
  image: yesnault/docker-phabricator
  links:
    - db:database
  ports:
    - "8082:80"

db:
  image: yesnault/docker-phabricator-mysql

  volumes_from:
    - data

data:
  image: busybox
  volumes:
    - /var/lib/mysql
web:
  image: yesnault/docker-phabricator
  links:
    - db:database
  ports:
    - "8082:80"

db:
  image: yesnault/docker-phabricator-mysql

  volumes_from:
    - data

data:
  image: yesnault/docker-phabricator-mysql
  volumes:
    - /var/lib/mysql
  entrypoint: /bin/ls

Demo time! #3

Data Only Containers

Persistent volumes

docker inspect

# Dockerfile
FROM busybox
VOLUME /var/lib/mysql
CMD /bin/sh
docker build -t mysql_datastore .
docker run -i -t -name mysql_data mysql_datastore
docker run -d --name mysql_data -v /var/lib/mysql busybox

or

fig/docker compose...

or

Orchestration tools

#fig.yml/docker-compose.yml
web:
  build: .
  ports:
    - "80"
    - "443:443"
  volumes_from:
    - data
  volumes:
    - /backup:/backup
  environment:
    - VIRTUAL_HOST=phab.localhost
    - VIRTUAL_PORT=80
data:
  image: busybox
  volumes:
    - /var/lib/mysql
    - /var/repo
    - /opt/phabricator/conf
    - /etc/ssl/spistresci

fig / docker-compose

fig up -d  # Voilà!
zookeeper:
  image: raycoding/piggybank-zookeeper
  ports:
    - "8383:8383"
    - "2181:2181"
    - "2888:2888"
    - "3888:3888"
  environment:
    - HOSTNAME=127.0.0.1

database:
  image: mysql
  environment:
    - MYSQL_ROOT_PASSWORD=topsecret
  volumes_from:
    - data
  volumes:
    - .:/local/
  ports:
    - "3306"
  command: mysqld

solr:
  build: .
  volumes_from:
    - data
  ports:
    - "8983:8983"
  links:
    - zookeeper:ZK
    - database:DB
  environment:
    - SOLR_OPTS="-DzkHost=$ZK_PORT_2181_TCP_ADDR:$ZK_PORT_2181_TCP_PORT"
  command: /bin/bash -c '/upconfigs.sh ; /usr/lib/apache-tomcat-7.0.32/bin/catalina.sh run'

data:
  image: busybox
  volumes:
    - /usr/lib/solr-home
    - solr.xml:/usr/lib/solr-home/solr.xml
    - /var/lib/mysql

Preparing Environment for Docker

  • kernel
    • 3.10+
  • boot2docker (Mac OS X, Windows)
  • users & groups

    •  
  • partitions
    • /var/lib/docker
  • docker machine
  • custom docker hub
    • Docker Registry:
      • docker run -p 5000:5000 registry
    • Docker Distribution
      • still alpha version :(
sudo groupadd docker
sudo gpasswd -a ${USER} docker
sudo service docker restart

Instalation

Ubuntu: ​

$ curl -sSL https://get.docker.com/ubuntu/ | sudo sh

Other:

do not use apt-get to install docker

use:    

Maintenance

docker ps -a | grep 'weeks ago' | awk '{print $1}' | xargs --no-run-if-empty docker rm

Remove old containers

docker rm $(docker ps -aq)
# or more explicite
docker rm $(docker ps -a | grep Exited | awk '{print $1}')

Remove all stopped containers

docker-cleanup script:

docker images | grep "<none>" | awk '{print $3}' | xargs docker rmi

Remove all untagged images

Useful docker images

Made with Slides.com