goo.gl/PaQsVK Web... · “Docker is an open platform for developing, shipping, and running...
55
goo.gl/PaQsVK
Transcript of goo.gl/PaQsVK Web... · “Docker is an open platform for developing, shipping, and running...
goo.gl/PaQsVK
Pre-workshop● Install VirtualBox
https://www.virtualbox.org/wiki/Downloads
● Download Ubuntu VMhttp://103.1.160.76:8080/ubuntu-docker.ova
● Import the VM into VirtualBox● Username/password: ubuntu/ubuntu
(cont.)● (Optional) install PuTTY or other ssh client
http://www.putty.org/
Modern Web Infrastructurewith DockerKitt Tientanopajai, D.Eng.Suchart JoolratBureau of Information TechnologyKhon Kaen University
Part 0Intro & Lab
VM0
OS
Web DB
Template
Not so long ago ...
PHY (Processor, Memory, Storage, Network)
Hypervisor
OS
Web DB
App
VM1
OS
Web DB
App
It’s very good solution, but ...● Processors● Memory● Storages● Networks● Dev vs. Ops
Docker Containers
“Docker is an open platform for developing, shipping, and running applications. Docker enables you to separate your applications from your infrastructure so you can deliver software quickly. With Docker, you can manage your infrastructure in the same ways you manage your applications. By taking advantage of Docker’s methodologies for shipping, testing, and deploying code quickly, you can significantly reduce the delay between writing code and running it in production.”
https://docs.docker.com/engine/understanding-docker/
https://docs.docker.com/engine/understanding-docker/
Docker on Windows/macOS/Linux● Microsoft Windows
○ Requirement: 64-bit, Windows 10 Pro, Enterprise, Education, Hyper-V○ Docker for Windows○ Docker Toolbox
● Apple macOS○ Requirement: SLAT (Nehalem+), macOS 10.10.3, xhyve○ Docker for Mac○ Docker Toolbox
● Linux○ Requirement: 64-bits, Linux kernel ≥ 3.10○ docker package (depends on the distro.)
VirtualBox
Docker VM● 2 vCPU / 2 GB RAM / 4 GB Storage● Ubuntu 16.04 LTS
enp0s3
enp0s8
Physical Machine (Windows / macOS / Linux)
NAT PHY
vboxnet0
192.168.99.100 192.168.99.1
10.x.x.x
Internet
Kernel Tuning● Many kernel parameters can be set via /proc or sysctl.
# sysctl -a | less
# ls -R /proc/sys | less
● We can set parameter individually by sysctl, e.g.
# sysctl -w fs.file-max=1048576
# sysctl -a | grep fs.file-max
(cont.)● Or, we can set in /etc/sysctl.d/xx-name.conf. This will be
load automatically when booting the system. ● We can reload all sysctl.conf by
# service procps restart
Install Docker CE on Ubuntu 16.04 LTS● Prerequisite
# apt update
# apt install apt-transport-https ca-certificates curl \
software-properties-common
● Add repository key
# curl -fsSL https://download.docker.com/linux/ubuntu/gpg
| apt-key add -
(cont.)● Check fingerprint
# apt-key fingerprint 0EBFCD88
9DC8 5822 9FC7 DD38 854A E2D8 8D81 803C 0EBF CD88
● Add repository
# add-apt-repository \
"deb [arch=amd64] https://.../linux/ubuntu \
$(lsb_release -cs) \
stable"
(cont.)● Install docker
# apt update
# apt install docker-ce
● Install docker-compose
# curl -L https://github.com/docker/compose/releases/
download/1.14.0/docker-compose-`uname -s`-`uname -m` >
/usr/local/bin/docker-compose
# chmod 755 /usr/local/bin/docker-compose
(cont.)● Optional: add user ubuntu to docker group
# usermod -aG docker ubuntu
○ relogin
Part IDocker Basic
Project: Hello World$ docker help
$ docker run hello-world
$ docker ps
$ docker ps -a
$ docker rm <CONTAINER>
$ docker images
$ docker rmi <IMAGE>
Part IISmall-Scale Web Infrastructure
Project: LEMP stack● Linux● nginx● MariaDB● PHP 7
Docker Host
Images
Volumes
Web #1
web_1
mariadb php-7.1 percona
db_1
Web #2 Web #3 DB #1
master_db
Registry
Imagesweb_2 web_3
nginx
Linux● Linux is a base OS image to run applications or provide
services.● The Docker Hub (https://hub.docker.com/explore) offers
many official linux images○ Ubuntu - ubuntu○ Debian - debian○ CentOS - centos○ Fedora - fedora○ openSUSE - opensuse○ Oracle - oraclelinux○ Alpine - alpine
(cont.)● Let’s try “Alpine Linux”
$ docker run -it alpine /bin/sh
● See if you are running Alpine
# cat /etc/*-release
● You can try basic linux commands (ls, ps, ifconfig, vi,...) ● Alpine is very small.
○ Scalable
Build our own images● We can just run a container from the trusted docker
registry, or we can build our own nginx image from a Dockerfile.
● Build
$ docker build -t [tag] [directory containing Dockerfile]
$ docker build -t wunca/nginx build/nginx
$ docker build -t wunca/nginx-php-7 build/nginx-php-7
$ docker build -t wunca/mariadb build/mariadb
$ docker build -t wunca/wordpress build/wordpress
$ docker build -t wunca/wordpress build/wordpress-aio
Project: nginx● Run
$ docker run --name nginx -d \
-v $PWD/html:/var/www/html:ro \
-p 80:80 wunca/nginx
● Let’s see more details about the wunca/nginx image
File: DockerfileFROM alpine:latestMAINTAINER [email protected]
COPY ./repositories /etc/apk/repositoriesCOPY ./default.conf /etc/nginx/conf.d/default.conf
RUN apk update \ && apk add --no-cache nginx \ && adduser -u 82 -D -S -G www-data www-data \ ...
(cont.)EXPOSE 80 443
VOLUME ["/var/www/html"]
ENTRYPOINT ["nginx", "-g", "daemon off;"]
File: repositorieshttp://mirror.kku.ac.th/alpine/latest-stable/main
http://mirror.kku.ac.th/alpine/latest-stable/community
File: default.confserver {
listen 80 default_server;
root /var/www/html;
location / {
index index.html;
}
location ~ /\.ht {
deny all;
}
}
Project: nginx + php ● Run
$ docker run --name nginx-php -d \
-v $PWD/html:/var/www/html:ro \
-p 80:80 wunca/nginx-php-7
MariaDB● Run
$ docker run --name mariadb -d \
-v $PWD/db:/var/lib/mysql \
-p 3306:3306 wunca/mariadb
● Use
$ docker exec -it mariadb /bin/sh
# mysqladmin create <...>
# mysql -uroot [...]
(cont.)● Or, you can create a database when you create a MariaDB
container
$ docker run --name mariadb -d \
-v $PWD/db:/var/lib/mysql \
-p 3306:3306 \
-e MARIA_DB_NAME=db \
-e MARIA_DB_USER=user \
-e MARIA_DB_PASSWORD=password \
wunca/mariadb
Project: WordPress● From nginx-php-7 image, we can simply create a WordPress
image ● Then, we can run a WordPress container, and use MariaDB
container as a database server.
$ docker run --name wordpress -d \
-v $PWD/html:/var/www/html \
-p 80:80 wunca/wordpress
Project: Composing WordPress● Instead of running each container manually, we can use
docker-compose, to combine web (wunca/wordpress) and database (wunca/mariadb) together, with networks, and volumes
frontend
backend
wordpress(nginx + php)
MariaDB
web
db
(cont.)● Run
$ docker-compose up -d
● Stop
$ docker-compose down
● Remove
$ docker-compose rm
File: docker-compose.ymlversion: '2'services: web: image: wunca/wordpress networks: - frontend - backend ports: - "80:80" volumes: - web:/var/www/html
(cont.) db: image: wunca/mariadb networks: - backend ports: - "3306:3306" volumes: - db:/var/lib/mysql env_file: - .env
(cont.)networks: frontend: backend:
volumes: web: db:
Project: WordPress All-in-One● Docker recommends to run only one service per container.
○ Scalable● But, if we don’t care much about scalable, we can put nginx,
PHP, and MariaDB in one image.
$ docker volume create wp-html
$ docker volume create wp-db
$ docker run --name wordpress-aio -d \
-v wp-html:/var/www/html \
-v wp-db:/var/lib/mysql \
-p 80:80 wunca/wordpress-aio
Part IIILarge-Scale Web Infrastructure
Reverse Proxy Server● A reverse proxy is very useful
○ Hiding origin servers○ SSL termination○ Load distribution○ Caching
Server
Server
Server
ReverseProxy
www.example.com
Server
(cont.)● One of the best reverse proxy is nginx itself.
$ docker run --name proxy -d \
-v $PWD/rev-proxy.conf:/etc/nginx/conf.d/proxy.conf \
-p 80:80 wunca/nginx
(cont’d)● rev-proxy.conf
upstream web-app {
server alpha;
server beta;
server gamma;
server delta;
}
(cont’d)server {
server_name rev-proxy.example.com;
location / {
proxy_pass http://web-app;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
}
Caching● nginx is also very capable to do caching.
proxy_cache_path /var/www/cache levels=1:2 keys_zone=cache_zone:8m
use_temp_path=off;
server {
location / {
...
proxy_cache cache_zone;
proxy_cache_key $scheme$host$uri$is_args$args;
proxy_cache_valid 30m;
add_header X-Cache-Status $upstream_cache_status;
}
}
(cont’d)● Run
$ docker-compose up -d
● Copy wordpress code to nginx:/var/www/html$ cd wordpress
$ docker cp ./ nginx:/var/www/html/
● Create WordPress database
Part IVDatabases
Master-Slave Replication● At Master
> create user 'replicate'@'%' identified by 'Uti6aima';
> grant replication slave on *.* to 'replicate'@'%';
> flush table with read lock;
> show master status;
● We need to put “File” and “Position” at Slave.
(cont.)● At Slave
> change master to MASTER_HOST='db-master',
MASTER_USER='replicate', MASTER_PASSWORD='Uti6aima',
MASTER_LOG_FILE='mysql-bin.000005', MASTER_LOG_POS=638;
> start slave;
● Go back to Master to unlock tables
> unlock tables;
● Changes must be done at Master ONLY.
Master-Master (Multimaster) Replication● Do the Master-Slave first, then at Slave
> create user 'replicate'@'%' identified by 'iNgie5ga';
> grant replication slave on *.* to 'replicate'@'%';
> show master status;
● Again, we need to put “File” and “Position”, but at Master.
(cont.)● At Master
> stop slave;
> change master to MASTER_HOST='db-slave',
MASTER_USER='replicate', MASTER_PASSWORD='iNgie5ga',
MASTER_LOG_FILE='mysql-bin.000007', MASTER_LOG_POS=751;
> start slave;
