Baking Docker Using Chef
35
@muktaa Baking Docker using Chef Mukta Aphale Agile India Conf 2016, Bangalore +
-
Upload
mukta-aphale -
Category
Technology
-
view
312 -
download
0
Transcript of Baking Docker Using Chef
@muktaa
Baking Docker using Chef
Mukta AphaleAgile India Conf 2016, Bangalore
+
@muktaa
Who am I?• C, Ruby, Java developer turned into DevOps Architect• Contributed to Chef development• Chef azure extension• Knife plugins: knife-azure, knife-ec2, knife-openstack• Knife WinRM, knife windows listener
• Worked extensively with Docker• Docker authorized consultant
• Technology, innovation and the thirst to keep learning are what define me• Love to travel, read, write• Above all, I am a mother to two boys!
@muktaa
Agenda
•The Chef Journey•Container Era•Chef + Docker•Example•Docker cookbook•Example
@muktaa
The Chef Journey
@muktaa
Chef Journey• Adam Jacob, Jessie Robbins, Barry Steinglass, Nathan Haneysmith,
Joshua Timberman• Marionette• Opscode• First release: Jan 2009• Ruby, Erlang• Facebook, Nordstorm, Disney, GE• Configuration Management• Cloud Management• Chef Delivery
@muktaa
Container Era
@muktaa
Evolution
• 2000: Jails, FreeBSD• 2001: Linux-Vserver• 2006: cgroups• 2008: LXC Containers• 2013: Docker• June 2014: Docker 1.0• Today: Docker 1.10.3
@muktaa
Docker
• Learning curve• No need for huge investment at the early stage• “I wont use Chef for that small deployment”• “Now I have 100 servers. Makes sense to use Chef”
• “Now I have 100 containers. How do I manage them?”
@muktaa
DockerA Quick Introduction
@muktaa
What is Docker?
Linux Container3 Components:Docker EngineDocker Hub
Docker Images
Benefits:Speed
PortabilityDensity
Open Source
“Can create lightweight, self sufficient containers from
any application”
@muktaa
Docker is not a VMVirtual Machine Docker
@muktaa
FROM ubuntu:14.04
RUN apt-‐get updateRUN apt-‐get install libfuse-‐dev
ADD dev.conf/etc/myapp-‐config/
Dockerfiles
• Codify your configuration• Set of bash commands• Example:• HelloScala• Dockerfile• dev.conf
• Docker build HelloScala
@muktaa
Use Cases of Docker
•Microservices•Lightweight Testing•Production•CaaS•PaaS
@muktaa
Chef and Docker
@muktaa
Config Management Vs Golden Images
•Control the environment Vs System Image / Runtime image•Tradeoff between flexibility and manageability•CM is the vein of DevOps•Shell scripts -> Chef
• Immutable Infrastructure
@muktaa
Chef and DockerReplaces Human Tasks,
Idempotence,Thick client -‐ thin servers,
Order Matters,Huge Community Support
An improved Robot,Fast,Easy,
Relatively new in the market!
@muktaa
Simple CD PipelineBecause simple things can bring the most happiness!
@muktaa
Simple CI/CD Pipeline
•git push•Triggers Build
Code
•Build tools have docker support•Build tools generate a docker image
Build Process Save imageDocker
Image Unique tagDocker Registry
•docker pull •docker stop•docker run
Deploy using knife-‐ssh or Push
Jobs
CI Server
@muktaa
The Simple Steps• git push to https://github.com/muktaa/hello-nodejs• Triggers a build on your CI server
• npm install, npm test• docker push muktaa/hello-nodejs• knife ssh 'role:test' 'deploy.sh' -x ssh-user -i ssh-key -c knife.rb
• Some build tools offer docker integration• Eg: Maven has docker-maven-plugin
• https://github.com/spotify/docker-maven-plugin• mvn clean package docker:build -DpushImage
@muktaa
Example
• Git clone https://github.com/muktaa/hello-nodejs/• <make changes>• Git add, commit, push• Jenkins Job runs• Check image uploaded to docker hub• Knife-ssh• URL: http://54.218.32.234:49160/
@muktaa
When Reality Strikes…If only applications were Hello World programs!
@muktaa
Docker Image
Application Configuration Docker Image
@muktaa
What is Configuration?
Packages Custom SetupsCredentials
Softwares Database
FilesEnvironment Specific Configuration
Ports
@muktaa
ENVIRONMENTS
DEV
DockerContainer
DockerContainer
DockerContainer
PRE PROD
DockerContainer
DockerContainer
DockerContainer
PROD
DockerContainer
DockerContainer
DockerContainer
@muktaa
Secure Credential Management
•Credentials inside docker containers•Hard codes•Set environment variables
•Docker-compose.ymlenv_file:- .env
SOME_USERNAME=myUserSOME_PWD_VAR=myPwd
@muktaa
Provisioning Machines
• Docker engine• Ports• Security groups• User access
• Eg:• Knife ec2 server create
@muktaa
Docker Chef CookbookTo manage docker images and deployment
@muktaa
Docker Cookbook• Available in Supermarket:
https://supermarket.chef.io/cookbooks/docker• Install docker• Build docker image• Pull image and run container• Push docker image to registry• LWRPs
• Docker_container• Docker_image• Docker_registry
• https://github.com/bflad/chef-docker/blob/master/README.md
@muktaa
Credential Managementsecret = Chef::EncryptedDataBagItem.load_secret@docker_cred = Chef::EncryptedDataBagItem.load(node['docker']['creds']['databag'],node['docker']['user'],secret
)
docker_registry ‘https://registry.hub.docker.com/u/muktaa/hello-scala/’ doemail docker_cred['email']username docker_cred['username']password docker_cred['password']
end
@muktaa
Docker_image
# Build a docker image using docker_image resource
docker_image node['docker']['image'] do
tag node['docker']['image']['tag']
source '/var/docker'
action :build
end
# Push the image to docker registerydocker_image node['docker']['image'] do
action :pushend
# Delete the image from the machinedocker_image node['docker']['image'] do
action :removeend
@muktaa
Docker_container# Run Containerdocker_container ‘muktaa/hello-scala’
detach trueport ‘8081:8081’, ‘8085:8085’env ‘ENVIRONMENT=pre-prod’volume ‘/mnt/docker/docker-storage’action :run
end
@muktaa
GENERATE DOCKERFILE# Generate a docker file using template.template "#{node['docker']['directory']}/Dockerfile" do
source 'dockerfile.erb'variables image: node['docker']['base']['image']['name'],
maintainer: @docker_cred['maintainer'],email: docker_cred['email'],build_cmd: node['docker']['build']['commands'],entry_point: node['docker']['build']['entry_point']
action :createend
@muktaa
WORKFLOW
Build Application • Save the Artifact
Build DockerImage
• Docker cookbook would build and save the docker image to Docker hub or DTR
Deploy • Docker cookbook runs the container on the nodes
@muktaa
Docker Ecosystem
•Debugging apps in containers•Docker networking•Notifications•Cluster management•Orchestration•Schedulers•Service Discovery
![Docker 101 - techccu.csie.iotechccu.csie.io/2015/slides/frank.pdf · Docker Basics - CLI Docker client docker version docker info docker search [keyword] docker push/pull/commit docker](https://static.fdocuments.in/doc/165x107/5f05ce717e708231d414cd40/docker-101-docker-basics-cli-docker-client-docker-version-docker-info-docker.jpg)
