Post on 21-Jan-2017
Docker
Architecture Rework Case Study
Daniel CHAFFIOLSofteam Cadextan (1999)
BNP-Paribas
Société Générale
Amundi Asset ManagementHSBC
VonCStack Overflow(2008)
Git - Hg – SVN - ClearCase
Golang - Docker
Eclipse - Jenkins
slideshare & Intranet
slideshare & Intranet
slideshare & Intranet
slideshare & Intranet
Project
From: Blessed Staging External
Company Outside
master master_ext
mastermaster_ext
What are the issues?
Example: Monolithic service => Isolation (processes) issue
Blessed /Staging /External /Internal
NGiNX Apache LDAP
Gpg2
Gitolite
HooksGitrepos
MCronData
SSHD
What are the issues?
Example: Monolithic service => Isolation (processes) issue
Blessed /Staging /External /Internal
Apache
SSHD
NGiNX LDAP
Gpg2
Gitolite
Data MCron
What are the issues?
Example: Replicated Git repos hosting servers
Blessed Staging ExternalInternal
● Isolation (server)
● Configuration
● Reproducibility
Docker:
○ Why?○ How?○ Benefits?
Why?
Why “container”?
Project
To: NGiNX Apache LDAP
Gpg2
Gitolite
HooksGitrepos
MCronData
SSHD
What is Docker
Lightweight virtualization
What is Docker
Lightweight virtualization OS distro (Host)
Linux distro (VM)
OS Kernel Hardware
Hypervisor (type 2)
Linux Kernel Hardware
Application
Virtual Machine
Lightweight virtualization
What is Docker
Lightweight virtualization OS distro (Host)
Linux distro (VM)
OS Kernel Hardware
Hypervisor (type 2)
Linux Kernel Hardware
Application
Virtual Machine
Linux distro (Host)
Files (Docker)
Linux Kernel Hardware
Docker Engine
[Application]
Docker
What is Docker?
Containers
What is Docker?
Containers Linux distro (Host)
Container(user space)
KernelSpace
Process
System calls
What is Docker?
Containers Linux distro (Host)
Container(user space)
KernelSpace
Process
System calls
Linux distro (Host)
Data Container
(for instance)
/home/git/repositories
KernelSpace
What is Docker?
Images: docker build Linux distro (Host)
Dockerfile:
FROM ubuntu
Ubuntu
What is Docker?
Images: docker build Linux distro (Host)
Dockerfile:
FROM ubuntu
Ubuntu
NGiNXRUN \ add-apt-repository -y ppa:nginx/stable && \ apt-get update && \ apt-get install -y nginx
What is Docker?
Images: docker build Linux distro (Host)
Dockerfile:
FROM ubuntu
Ubuntu
NGiNXRUN \ add-apt-repository -y ppa:nginx/stable && \ apt-get update && \ apt-get install -y nginx
Config file
COPY env.conf /home/git/RUN ln -fs /home/git/env.conf /etc/nginx/nginx.conf
EXPOSE 80EXPOSE 443
ENTRYPOINT ["/bin/sh", "-c"]CMD ["nginx"]
StatusCommands
What is Docker?
Layered file system: Linux distro (Host)
Config file
NGiNX
Ubuntu
Ubuntu
NGiNX
Config files
StatusCommands
What is Docker?
Layered file system: Linux distro (Host)
Config file
NGiNX
Ubuntu
Ubuntu
NGiNX
Config files
docker create Created
StatusCommands
What is Docker?
Layered file system: Linux distro (Host)
Config file
NGiNX
Ubuntu
Ubuntu
NGiNX
Config files
files updates
docker start/run Up
docker create Created
StatusCommands
What is Docker?
Layered file system: Linux distro (Host)
Config file
NGiNX
Ubuntu
Ubuntu
NGiNX
Config files
files updates
docker start/run Up
docker create Created
docker stop/kill Exited
StatusCommands
What is Docker?
Layered file system: Linux distro (Host)
Config file
NGiNX
Ubuntu
Ubuntu
NGiNX
Config files
docker rm
docker start/run Up
docker create Created
docker stop/kill Exited
How?
Container ordonnancement
Docker rework
Data Container first
Gpg2
Gitolite
HooksGitrepos
Data
Docker rework
Data Container first
Gpg2
Gitolite
HooksGitrepos
Data
Docker rework
Data Container first
Gpg2
Gitolite
HooksGitrepos
Data
docker create --name=gitolite.repos.blessed.contgitolite.repos/home/git/repositories
Docker rework
Leaf containers second
LDAP
Gpg2
Gitolite
HooksGitrepos
MCronData
SSHD
Docker rework
Leaf containers second
LDAP
Gpg2
Gitolite
HooksGitrepos
MCronData
SSHD
Docker rework
Leaf containers second
LDAP
Gpg2
Gitolite
HooksGitrepos
MCronData
SSHD
docker run --name=mcron.blessed.cont --volumes-from gitolite.blessed.cont--volumes-from data.blessed.cont
/home/git/repositories/home/git/gitolite/home/git/data
Docker rework
Leaf containers second
LDAP
Gpg2
Gitolite
HooksGitrepos
MCronData
SSHD
docker run --name=mcron.blessed.cont --volumes-from gitolite.blessed.cont--volumes-from data.blessed.cont
Docker rework
Linked containers last
NGiNX Apache LDAP
Gpg2
Gitolite
HooksGitrepos
MCron
SSHD
Data
Docker rework
Linked containers last
NGiNX Apache LDAP
Gpg2
Gitolite
HooksGitrepos
MCron
SSHD
Data
Docker rework
Linked containers last
NGiNX Apache LDAP
Gpg2
Gitolite
HooksGitrepos
MCron
SSHD
docker run --name=apache.blessed.cont --volumes-from gitolite--volumes-from repos--volumes-from gpg2--volumes-from data
Data
Docker rework
Linked containers last
NGiNX Apache LDAP
Gpg2
Gitolite
HooksGitrepos
MCron
SSHD
docker run --name=apache.blessed.cont --volumes-from gitolite--volumes-from repos--volumes-from gpg2--volumes-from data
--link ldap.cont:apache.ldap.cont
Data
Docker rework
Linked containers last
NGiNX Apache LDAP
Gpg2
Gitolite
HooksGitrepos
MCron
SSHD
docker run --name=apache.blessed.cont --volumes-from gitolite--volumes-from repos--volumes-from gpg2--volumes-from data
--link ldap.cont:apache.ldap.cont
--link apache.staging.cont: apache.upstream.cont
Data
Apachestaging
Docker rework
Linked containers last
NGiNX Apache LDAP
Gpg2
Gitolite
HooksGitrepos
MCron
SSHD
Apachestaging
docker run --name=apache.blessed.cont --volumes-from gitolite--volumes-from repos--volumes-from gpg2--volumes-from data
--link ldap.cont:apache.ldap.cont
--link apache.staging.cont: apache.upstream.cont
-p 6043:8543-p 6053:8553 Data
Docker rework
Linked containers last
NGiNX Apache LDAP
Gpg2
Gitolite
HooksGitrepos
MCron
SSHD
Apachestaging
Data
Docker rework
Linked containers last
NGiNX Apache LDAP
Gpg2
Gitolite
HooksGitrepos
MCron
SSHD
Apachestaging
Data
docker run --name=nginx.blessed.cont
Docker rework
Linked containers last
NGiNX Apache LDAP
Gpg2
Gitolite
HooksGitrepos
MCron
SSHD
Apachestaging
Data
docker run --name=nginx.blessed.cont
--link apache.blessed.cont: nginx.apache.cont
Docker rework
Linked containers last
NGiNX Apache LDAP
Gpg2
Gitolite
HooksGitrepos
MCron
SSHD
Apachestaging
Data
docker run --name=nginx.repos.blessed.cont
--link apache.blessed.cont: nginx.apache.cont
-p 6080:80-p 6443:443
Benefits?
Configuration & Isolation
Docker Advantages
Configuration
NGiNX Apache
Docker Advantages
Configuration
NGiNX
location /git/ { proxy_pass https://nginx.apache.cont:8543/git/;}
location /hgit/ { proxy_pass https://nginx.apache.cont:8553/hgit/;}
Apache
Docker Advantages
Configuration
NGiNX
location /git/ { proxy_pass https://nginx.apache.cont:8543/git/;}
location /hgit/ { proxy_pass https://nginx.apache.cont:8553/hgit/;}
nginx.apache.cont:8543
nginx.apache.cont:8553
Apache
Docker Advantages
Configuration
NGiNX
location /git/ { proxy_pass https://nginx.apache.cont:8543/git/;}
location /hgit/ { proxy_pass https://nginx.apache.cont:8553/hgit/;}
nginx.apache.cont:8543
nginx.apache.cont:8543
Apache EXPOSE 8543EXPOSE 8553
Docker Advantages
Configuration
NGiNX
location /git/ { proxy_pass https://nginx.apache.cont:8543/git/;}
location /hgit/ { proxy_pass https://nginx.apache.cont:8553/hgit/;}
nginx.apache.cont:8543
nginx.apache.cont:8543
Apache EXPOSE 8543EXPOSE 8553
docker run --name=nginx.repos.blessed.cont
--link apache.blessed.cont: nginx.apache.cont
Docker Advantages
Isolation (services)
NGiNX Apache LDAP
MCron
SSHD
Data
HooksGitrepos
Docker Advantages
Isolation (services)
From outside: NGiNX Apache
Docker Advantages
Isolation (services)
From inside:
MCronData
HooksGitrepos
Docker Advantages
Isolation (services)
MCron
SSHD
Data
HooksGitrepos
Docker Advantages
Isolation (services)
SSHD
Data
Docker Advantages
Isolation (ports/names)
NGiNX Apache LDAP
Data MCron
SSHD
Docker Advantages
Isolation (ports/names)
NGiNX Apache LDAPEXPOSE 8543EXPOSE 8553
EXPOSE 80EXPOSE 443
EXPOSE 369
Data MCron
SSHD
EXPOSE 2200
Docker Advantages
Isolation (ports/names)
NGiNX Apache LDAP
port 6080port 6443
EXPOSE 8543EXPOSE 8553
EXPOSE 80EXPOSE 443
EXPOSE 369
port 6043port 6053
Data MCron
SSHD
EXPOSE 2200port 2200
Conclusion
CaaS: Container as a Service
End result
● 21 containers, in 3 sets, one for each environment.
● service vs. data
● Extensible without downtime.
NGiNX Apache LDAP
Gpg2
Gitolite
HooksGitrepos
MCronData
SSHD
Blessed Staging ExternalFrom:To:
End result: CaaS
End result: CaaS