SlideShare a Scribd company logo

OSDC 2014: Tobias Schwab - Continuous Delivery with Docker

NETWAYS
NETWAYS

Docker took the ops world by storm in 2013. Based on the same technology that powers Heroku (container virtualization) docker makes it easy to create private and data center agnostic PAAS architectures. Container images created with docker contain the full application stack and enable rapid deployments and fast auto-scaling without any external dependencies at deploy time. They allow running the exact same configuration of OS, package dependencies, application code and configuration files in all environments and on all servers. In this talk I want to present how we implement continuous delivery of a Ruby on Rails Application (1414.de) using docker. I will give a short introduction to docker and talk about best practices for production usage. Other topics which will be covered in the docker context are: - image distribution with private registries - multi docker host orchestration - configuration management - logging and metrics - load balancing and failover

1 of 42
Downloaded 31 times
Continuous Delivery with Docker Tobias Schwab
Myself • Tobias Schwab • tobias.schwab@dynport.de • www.dynport.de • twitter.com/tobstarr • github.com/tobstarr
Philosophie • continuous delivery: deploy multiple times a day • canary releases • “never touch a running system” • “Immutable Infrastructure and Disposable Components" • don’t fix it, if it can be replaced
Theory • AWS • AMI based deployments • Elastic Load Balancer • AutoScaling Groups • S3, RDS, …
Reality • privacy concerns: AWS not an option • hoster we could not pick • first no, then proprietary and unreliable API • flash based infrastructure management • limited capacity • we were the biggest customer
Docker • build, distribute and deploy container based applications • creator: dotcloud • initial release: March 13, 2013 • license: Apache 2.0 • 11k stars on Github (top 50) • golang client/server
Container Virtualization • os level • shared kernel • cgroups: isolate CPU, Memory, Block IO, Network • lxc: cgroups + application namespaces • lightweight and fast
Images • blueprints for containers • tarball of os installation/packages • read only • stateless • layered
Containers • instances of images • copy on write / union file system • running or exited • goal: stateless and immutable • can be “saved” (docker commit) as images • created to be thrown away
Containers and images Source: http://docs.docker.io/en/latest/terms/container/
Demo
Build • manual • start and attach container • install required packages • checkout application code • run build management tool • bad: not reproducible • bad: does not utilise caching
Build • chef/puppet/… • start an attach container • run chef/puppet/… client • good: automated and documented • bad: does not utilise caching
Dockerfile • simple, plain text script to create images • commands: • FROM: base image to use • RUN: execute shell command • ENV: set environment variable • ADD: write local file to image • ENTRYPOINT: start command for containers • others: MAINTAINER, EXPOSE, CMD, USER, VOLUME, WORKDIR, ONBUILD
Dockerfile
Dockerfile
Caching • statement based: each step creates a new image • existing steps (command tree exists) are re-used • tricky: “non functional” commands (e.g. apt-get update/upgrade) • use ENV or comments to break caching of non functional commands
Caching
Configuration Management • “store config in the environment” (http://12factor.net/config) • dependency injected with start of container • same image for • development • testing • staging • production
Don’ts • full blown VMs • ssh daemon inside containers • syslog daemon inside containers (sometimes needed) • user management: everything can run as root • chef/puppet/… => makes caching useless
Build Management Tools • candidates: bundler, pip, mvn, carton, composer, … • problem with caching: bmt are slow when started with “clean slate” • option 1: add bmt manifest before code • bmt needs to run only when manifest changes • option 2: use pre-bundled base images • bmt only needs to work the delta • re-build base images from time to time • option 3: combine option 1 and option 2
• Problems • unicorn: Rack HTTP server for fast clients • static assets • logging: default ruby syslog library uses syscall (needs local syslog daemon) • Solution • run 3 daemons in 1 container: unicorn, nginx and rsyslogd • upstart • ENTRYPOINT [“/sbin/init”] • load ENV from /proc/1/environ • foreman Use Case: Ruby on Rails
Multi-Host • image distribution via docker registry • weighted load balancing via HAProxy • SSL termination via nginx in front of HAProxy
Registry • push and pull images • public • private • backends: local, S3, Elliptics, Google Cloud Storage, hosted
Load Balancing • HAProxy • license: GPL v2 • pool configuration stored in redis/etcd • config update • compile config files from stored configuration • upload via ssh • verify on remote hosts • replace current config with verified one • reload
HAProxy
HAProxy
Deployment Pipeline • commit triggers new image build • build suite executed with image • image is pushed to registry if tests passed • optional: start image with staging ENV settings for manual testing • start image with production ENV for last pre-flight tests • deploy image to more hosts • update load balancer (canary or green/blue) • monitor new containers/image
Deployment Pipeline Nginx HAProxy Nginx HAProxy Docker Container Container Container Docker Container Container Container Docker Container Container Container Docker Container Container Container Docker Registry Docker Build 2 push 3 pull + run 1 build 4 update4 update Route 53
Logging • host: docker host, container_id • code: image_id, revision • request: request_id, action, status_code, etag, times, calls • NOT inside containers • remote syslog (when possible) • alternative: local syslog relay inside container
Metrics • OpenTSDB • “distributed, scalable Time Series Database” • license: LGPLv2.1+ • HBase • Tags / Dimensions • from syslog via udp (StatsD “like”) • rickshaw.js for graphs • compare status codes, counts and times between actions of two revisions
OpenTSDB
Metrics
Metrics request counts by revision
Metrics
Metrics
Metrics
Docker reduces • external dependencies (“rubygems/github slow/unreliable/down”) after image is built • “did work on my machine/staging”: same OS package versions, configuration and code in all stages • unused CPU cycles • number of hosts • feedback times • time to get new host online • bottlenecks: hosts are more flexible
VS. AWS • HAProxy much more flexible • multiple containers per host • balancing weights • faster build process • faster deployments • instance flexibility
Resources • docker.io • opentsdb.net • haproxy.1wt.eu • continuousdelivery.com • chadfowler.com/blog/2013/06/23/immutable- deployments/ • 12factor.net
Questions?!?
Thank you!
Ad

Recommended

Docker Basics
Docker BasicsDocker Basics
Docker Basics
DuckDuckGo
 
Shipping Applications to Production in Containers with Docker
Shipping Applications to Production in Containers with DockerShipping Applications to Production in Containers with Docker
Shipping Applications to Production in Containers with Docker
Jérôme Petazzoni
 
Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to Docker
Kuan Yen Heng
 
Docker at Djangocon 2013 | Talk by Ken Cochrane
Docker at Djangocon 2013 | Talk by Ken CochraneDocker at Djangocon 2013 | Talk by Ken Cochrane
Docker at Djangocon 2013 | Talk by Ken Cochrane
dotCloud
 
Introduction To Docker
Introduction To DockerIntroduction To Docker
Introduction To Docker
Hamilton Turner
 
Introduction to Docker and all things containers, Docker Meetup at RelateIQ
Introduction to Docker and all things containers, Docker Meetup at RelateIQIntroduction to Docker and all things containers, Docker Meetup at RelateIQ
Introduction to Docker and all things containers, Docker Meetup at RelateIQ
dotCloud
 
Optimizing Docker Images
Optimizing Docker ImagesOptimizing Docker Images
Optimizing Docker Images
Brian DeHamer
 
Docker - The Linux Container
Docker - The Linux ContainerDocker - The Linux Container
Docker - The Linux Container
Balaji Rajan
 
Docker 101 Workshop slides (JavaOne 2017)
Docker 101 Workshop slides (JavaOne 2017)Docker 101 Workshop slides (JavaOne 2017)
Docker 101 Workshop slides (JavaOne 2017)
Eric Smalling
 
Docker by Example - Basics
Docker by Example - Basics Docker by Example - Basics
Docker by Example - Basics
Ganesh Samarthyam
 
Docker & ci
Docker & ciDocker & ci
Docker & ci
Patxi Gortázar
 
Docker Introduction
Docker IntroductionDocker Introduction
Docker Introduction
Peng Xiao
 
Docker worshop @Twitter - How to use your own private registry
Docker worshop @Twitter - How to use your own private registryDocker worshop @Twitter - How to use your own private registry
Docker worshop @Twitter - How to use your own private registry
dotCloud
 
ExpoQA 2017 Using docker to build and test in your laptop and Jenkins
ExpoQA 2017 Using docker to build and test in your laptop and JenkinsExpoQA 2017 Using docker to build and test in your laptop and Jenkins
ExpoQA 2017 Using docker to build and test in your laptop and Jenkins
ElasTest Project
 
Docker From Scratch
Docker From ScratchDocker From Scratch
Docker From Scratch
Giacomo Vacca
 
Docker Presentation at the OpenStack Austin Meetup | 2013-09-12
Docker Presentation at the OpenStack Austin Meetup | 2013-09-12Docker Presentation at the OpenStack Austin Meetup | 2013-09-12
Docker Presentation at the OpenStack Austin Meetup | 2013-09-12
dotCloud
 
Docker in real life
Docker in real lifeDocker in real life
Docker in real life
Nguyen Van Vuong
 
Continuous delivery with Jenkins, Docker and Mesos/Marathon - jbcnconf
Continuous delivery with Jenkins, Docker and Mesos/Marathon - jbcnconfContinuous delivery with Jenkins, Docker and Mesos/Marathon - jbcnconf
Continuous delivery with Jenkins, Docker and Mesos/Marathon - jbcnconf
Julia Mateo
 
Docker
DockerDocker
Docker
Patrick Oberdorf
 
Docker - From Walking To Running
Docker - From Walking To RunningDocker - From Walking To Running
Docker - From Walking To Running
Giacomo Vacca
 
DCA. certificate slide Session 1
DCA. certificate slide Session 1DCA. certificate slide Session 1
DCA. certificate slide Session 1
Hadi Tayanloo
 
The challenge of application distribution - Introduction to Docker (2014 dec ...
The challenge of application distribution - Introduction to Docker (2014 dec ...The challenge of application distribution - Introduction to Docker (2014 dec ...
The challenge of application distribution - Introduction to Docker (2014 dec ...
Sébastien Portebois
 
Intro To Docker
Intro To DockerIntro To Docker
Intro To Docker
Jessica Lucci
 
Introduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @GuidewireIntroduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @Guidewire
dotCloud
 
Architecting .NET Applications for Docker and Container Based Deployments
Architecting .NET Applications for Docker and Container Based DeploymentsArchitecting .NET Applications for Docker and Container Based Deployments
Architecting .NET Applications for Docker and Container Based Deployments
Ben Hall
 
Docker
DockerDocker
Docker
Chen Chun
 
Docker 101: An Introduction
Docker 101: An IntroductionDocker 101: An Introduction
Docker 101: An Introduction
POSSCON
 
Containers and docker
Containers and dockerContainers and docker
Containers and docker
SUDIP GHOSH
 
Django and Docker
Django and DockerDjango and Docker
Django and Docker
Docker, Inc.
 
Docker crash course
Docker crash courseDocker crash course
Docker crash course
nispas
 
Ad

More Related Content

What's hot (20)

Docker 101 Workshop slides (JavaOne 2017)
Docker 101 Workshop slides (JavaOne 2017)Docker 101 Workshop slides (JavaOne 2017)
Docker 101 Workshop slides (JavaOne 2017)
Eric Smalling
 
Docker by Example - Basics
Docker by Example - Basics Docker by Example - Basics
Docker by Example - Basics
Ganesh Samarthyam
 
Docker & ci
Docker & ciDocker & ci
Docker & ci
Patxi Gortázar
 
Docker Introduction
Docker IntroductionDocker Introduction
Docker Introduction
Peng Xiao
 
Docker worshop @Twitter - How to use your own private registry
Docker worshop @Twitter - How to use your own private registryDocker worshop @Twitter - How to use your own private registry
Docker worshop @Twitter - How to use your own private registry
dotCloud
 
ExpoQA 2017 Using docker to build and test in your laptop and Jenkins
ExpoQA 2017 Using docker to build and test in your laptop and JenkinsExpoQA 2017 Using docker to build and test in your laptop and Jenkins
ExpoQA 2017 Using docker to build and test in your laptop and Jenkins
ElasTest Project
 
Docker From Scratch
Docker From ScratchDocker From Scratch
Docker From Scratch
Giacomo Vacca
 
Docker Presentation at the OpenStack Austin Meetup | 2013-09-12
Docker Presentation at the OpenStack Austin Meetup | 2013-09-12Docker Presentation at the OpenStack Austin Meetup | 2013-09-12
Docker Presentation at the OpenStack Austin Meetup | 2013-09-12
dotCloud
 
Docker in real life
Docker in real lifeDocker in real life
Docker in real life
Nguyen Van Vuong
 
Continuous delivery with Jenkins, Docker and Mesos/Marathon - jbcnconf
Continuous delivery with Jenkins, Docker and Mesos/Marathon - jbcnconfContinuous delivery with Jenkins, Docker and Mesos/Marathon - jbcnconf
Continuous delivery with Jenkins, Docker and Mesos/Marathon - jbcnconf
Julia Mateo
 
Docker
DockerDocker
Docker
Patrick Oberdorf
 
Docker - From Walking To Running
Docker - From Walking To RunningDocker - From Walking To Running
Docker - From Walking To Running
Giacomo Vacca
 
DCA. certificate slide Session 1
DCA. certificate slide Session 1DCA. certificate slide Session 1
DCA. certificate slide Session 1
Hadi Tayanloo
 
The challenge of application distribution - Introduction to Docker (2014 dec ...
The challenge of application distribution - Introduction to Docker (2014 dec ...The challenge of application distribution - Introduction to Docker (2014 dec ...
The challenge of application distribution - Introduction to Docker (2014 dec ...
Sébastien Portebois
 
Intro To Docker
Intro To DockerIntro To Docker
Intro To Docker
Jessica Lucci
 
Introduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @GuidewireIntroduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @Guidewire
dotCloud
 
Architecting .NET Applications for Docker and Container Based Deployments
Architecting .NET Applications for Docker and Container Based DeploymentsArchitecting .NET Applications for Docker and Container Based Deployments
Architecting .NET Applications for Docker and Container Based Deployments
Ben Hall
 
Docker
DockerDocker
Docker
Chen Chun
 
Docker 101: An Introduction
Docker 101: An IntroductionDocker 101: An Introduction
Docker 101: An Introduction
POSSCON
 
Containers and docker
Containers and dockerContainers and docker
Containers and docker
SUDIP GHOSH
 
Docker 101 Workshop slides (JavaOne 2017)
Docker 101 Workshop slides (JavaOne 2017)Docker 101 Workshop slides (JavaOne 2017)
Docker 101 Workshop slides (JavaOne 2017)
Eric Smalling
 
Docker by Example - Basics
Docker by Example - Basics Docker by Example - Basics
Docker by Example - Basics
Ganesh Samarthyam
 
Docker & ci
Docker & ciDocker & ci
Docker & ci
Patxi Gortázar
 
Docker Introduction
Docker IntroductionDocker Introduction
Docker Introduction
Peng Xiao
 
Docker worshop @Twitter - How to use your own private registry
Docker worshop @Twitter - How to use your own private registryDocker worshop @Twitter - How to use your own private registry
Docker worshop @Twitter - How to use your own private registry
dotCloud
 
ExpoQA 2017 Using docker to build and test in your laptop and Jenkins
ExpoQA 2017 Using docker to build and test in your laptop and JenkinsExpoQA 2017 Using docker to build and test in your laptop and Jenkins
ExpoQA 2017 Using docker to build and test in your laptop and Jenkins
ElasTest Project
 
Docker From Scratch
Docker From ScratchDocker From Scratch
Docker From Scratch
Giacomo Vacca
 
Docker Presentation at the OpenStack Austin Meetup | 2013-09-12
Docker Presentation at the OpenStack Austin Meetup | 2013-09-12Docker Presentation at the OpenStack Austin Meetup | 2013-09-12
Docker Presentation at the OpenStack Austin Meetup | 2013-09-12
dotCloud
 
Docker in real life
Docker in real lifeDocker in real life
Docker in real life
Nguyen Van Vuong
 
Continuous delivery with Jenkins, Docker and Mesos/Marathon - jbcnconf
Continuous delivery with Jenkins, Docker and Mesos/Marathon - jbcnconfContinuous delivery with Jenkins, Docker and Mesos/Marathon - jbcnconf
Continuous delivery with Jenkins, Docker and Mesos/Marathon - jbcnconf
Julia Mateo
 
Docker
DockerDocker
Docker
Patrick Oberdorf
 
Docker - From Walking To Running
Docker - From Walking To RunningDocker - From Walking To Running
Docker - From Walking To Running
Giacomo Vacca
 
DCA. certificate slide Session 1
DCA. certificate slide Session 1DCA. certificate slide Session 1
DCA. certificate slide Session 1
Hadi Tayanloo
 
The challenge of application distribution - Introduction to Docker (2014 dec ...
The challenge of application distribution - Introduction to Docker (2014 dec ...The challenge of application distribution - Introduction to Docker (2014 dec ...
The challenge of application distribution - Introduction to Docker (2014 dec ...
Sébastien Portebois
 
Intro To Docker
Intro To DockerIntro To Docker
Intro To Docker
Jessica Lucci
 
Introduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @GuidewireIntroduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @Guidewire
dotCloud
 
Architecting .NET Applications for Docker and Container Based Deployments
Architecting .NET Applications for Docker and Container Based DeploymentsArchitecting .NET Applications for Docker and Container Based Deployments
Architecting .NET Applications for Docker and Container Based Deployments
Ben Hall
 
Docker
DockerDocker
Docker
Chen Chun
 
Docker 101: An Introduction
Docker 101: An IntroductionDocker 101: An Introduction
Docker 101: An Introduction
POSSCON
 
Containers and docker
Containers and dockerContainers and docker
Containers and docker
SUDIP GHOSH
 

Similar to OSDC 2014: Tobias Schwab - Continuous Delivery with Docker (20)

Django and Docker
Django and DockerDjango and Docker
Django and Docker
Docker, Inc.
 
Docker crash course
Docker crash courseDocker crash course
Docker crash course
nispas
 
Virtualization, Containers, Docker and scalable container management services
Virtualization, Containers, Docker and scalable container management servicesVirtualization, Containers, Docker and scalable container management services
Virtualization, Containers, Docker and scalable container management services
abhishek chawla
 
CT Software Developers Meetup: Using Docker and Vagrant Within A GitHub Pull ...
CT Software Developers Meetup: Using Docker and Vagrant Within A GitHub Pull ...CT Software Developers Meetup: Using Docker and Vagrant Within A GitHub Pull ...
CT Software Developers Meetup: Using Docker and Vagrant Within A GitHub Pull ...
E. Camden Fisher
 
Overcoming 5 Common Docker Challenges: How We Do It at RightScale
Overcoming 5 Common Docker Challenges: How We Do It at RightScaleOvercoming 5 Common Docker Challenges: How We Do It at RightScale
Overcoming 5 Common Docker Challenges: How We Do It at RightScale
RightScale
 
Preparing your dockerised application for production deployment
Preparing your dockerised application for production deploymentPreparing your dockerised application for production deployment
Preparing your dockerised application for production deployment
Dave Ward
 
Docker Introduction
Docker IntroductionDocker Introduction
Docker Introduction
Sparkbit
 
Docker introduction
Docker introductionDocker introduction
Docker introduction
Walter Liu
 
Using Docker in production: Get started today!
Using Docker in production: Get started today!Using Docker in production: Get started today!
Using Docker in production: Get started today!
Clarence Bakirtzidis
 
Docker for the new Era: Introducing Docker,its components and tools
Docker for the new Era: Introducing Docker,its components and toolsDocker for the new Era: Introducing Docker,its components and tools
Docker for the new Era: Introducing Docker,its components and tools
Ramit Surana
 
docker technology in INTERNET WORLD.pptx
docker technology in INTERNET WORLD.pptxdocker technology in INTERNET WORLD.pptx
docker technology in INTERNET WORLD.pptx
poojadhanrajani
 
Dockerize the World
Dockerize the WorldDockerize the World
Dockerize the World
damovsky
 
Lightweight Virtualization Docker in Practice
Lightweight Virtualization Docker in PracticeLightweight Virtualization Docker in Practice
Lightweight Virtualization Docker in Practice
Docker, Inc.
 
Play Framework + Docker + CircleCI + AWS + EC2 Container Service
Play Framework + Docker + CircleCI + AWS + EC2 Container ServicePlay Framework + Docker + CircleCI + AWS + EC2 Container Service
Play Framework + Docker + CircleCI + AWS + EC2 Container Service
Josh Padnick
 
Containers and security
Containers and securityContainers and security
Containers and security
sriram_rajan
 
Docker in pratice -chenyifei
Docker in pratice -chenyifeiDocker in pratice -chenyifei
Docker in pratice -chenyifei
dotCloud
 
Java developer intro to environment management with vagrant puppet and docker
Java developer intro to environment management with vagrant puppet and dockerJava developer intro to environment management with vagrant puppet and docker
Java developer intro to environment management with vagrant puppet and docker
Getting value from IoT, Integration and Data Analytics
 
ExpoQA 2017 Docker and CI
ExpoQA 2017 Docker and CIExpoQA 2017 Docker and CI
ExpoQA 2017 Docker and CI
ElasTest Project
 
Docker and Puppet for Continuous Integration
Docker and Puppet for Continuous IntegrationDocker and Puppet for Continuous Integration
Docker and Puppet for Continuous Integration
Giacomo Vacca
 
Java Developer Intro to Environment Management with Vagrant, Puppet, and Dock...
Java Developer Intro to Environment Management with Vagrant, Puppet, and Dock...Java Developer Intro to Environment Management with Vagrant, Puppet, and Dock...
Java Developer Intro to Environment Management with Vagrant, Puppet, and Dock...
Lucas Jellema
 
Django and Docker
Django and DockerDjango and Docker
Django and Docker
Docker, Inc.
 
Docker crash course
Docker crash courseDocker crash course
Docker crash course
nispas
 
Virtualization, Containers, Docker and scalable container management services
Virtualization, Containers, Docker and scalable container management servicesVirtualization, Containers, Docker and scalable container management services
Virtualization, Containers, Docker and scalable container management services
abhishek chawla
 
CT Software Developers Meetup: Using Docker and Vagrant Within A GitHub Pull ...
CT Software Developers Meetup: Using Docker and Vagrant Within A GitHub Pull ...CT Software Developers Meetup: Using Docker and Vagrant Within A GitHub Pull ...
CT Software Developers Meetup: Using Docker and Vagrant Within A GitHub Pull ...
E. Camden Fisher
 
Overcoming 5 Common Docker Challenges: How We Do It at RightScale
Overcoming 5 Common Docker Challenges: How We Do It at RightScaleOvercoming 5 Common Docker Challenges: How We Do It at RightScale
Overcoming 5 Common Docker Challenges: How We Do It at RightScale
RightScale
 
Preparing your dockerised application for production deployment
Preparing your dockerised application for production deploymentPreparing your dockerised application for production deployment
Preparing your dockerised application for production deployment
Dave Ward
 
Docker Introduction
Docker IntroductionDocker Introduction
Docker Introduction
Sparkbit
 
Docker introduction
Docker introductionDocker introduction
Docker introduction
Walter Liu
 
Using Docker in production: Get started today!
Using Docker in production: Get started today!Using Docker in production: Get started today!
Using Docker in production: Get started today!
Clarence Bakirtzidis
 
Docker for the new Era: Introducing Docker,its components and tools
Docker for the new Era: Introducing Docker,its components and toolsDocker for the new Era: Introducing Docker,its components and tools
Docker for the new Era: Introducing Docker,its components and tools
Ramit Surana
 
docker technology in INTERNET WORLD.pptx
docker technology in INTERNET WORLD.pptxdocker technology in INTERNET WORLD.pptx
docker technology in INTERNET WORLD.pptx
poojadhanrajani
 
Dockerize the World
Dockerize the WorldDockerize the World
Dockerize the World
damovsky
 
Lightweight Virtualization Docker in Practice
Lightweight Virtualization Docker in PracticeLightweight Virtualization Docker in Practice
Lightweight Virtualization Docker in Practice
Docker, Inc.
 
Play Framework + Docker + CircleCI + AWS + EC2 Container Service
Play Framework + Docker + CircleCI + AWS + EC2 Container ServicePlay Framework + Docker + CircleCI + AWS + EC2 Container Service
Play Framework + Docker + CircleCI + AWS + EC2 Container Service
Josh Padnick
 
Containers and security
Containers and securityContainers and security
Containers and security
sriram_rajan
 
Docker in pratice -chenyifei
Docker in pratice -chenyifeiDocker in pratice -chenyifei
Docker in pratice -chenyifei
dotCloud
 
Java developer intro to environment management with vagrant puppet and docker
Java developer intro to environment management with vagrant puppet and dockerJava developer intro to environment management with vagrant puppet and docker
Java developer intro to environment management with vagrant puppet and docker
Getting value from IoT, Integration and Data Analytics
 
ExpoQA 2017 Docker and CI
ExpoQA 2017 Docker and CIExpoQA 2017 Docker and CI
ExpoQA 2017 Docker and CI
ElasTest Project
 
Docker and Puppet for Continuous Integration
Docker and Puppet for Continuous IntegrationDocker and Puppet for Continuous Integration
Docker and Puppet for Continuous Integration
Giacomo Vacca
 
Java Developer Intro to Environment Management with Vagrant, Puppet, and Dock...
Java Developer Intro to Environment Management with Vagrant, Puppet, and Dock...Java Developer Intro to Environment Management with Vagrant, Puppet, and Dock...
Java Developer Intro to Environment Management with Vagrant, Puppet, and Dock...
Lucas Jellema
 
Ad

Recently uploaded (20)

Adobe Master Collection CC Crack Advance Version 2025
Adobe Master Collection CC Crack Advance Version 2025Adobe Master Collection CC Crack Advance Version 2025
Adobe Master Collection CC Crack Advance Version 2025
kashifyounis067
 
Why Orangescrum Is a Game Changer for Construction Companies in 2025
Why Orangescrum Is a Game Changer for Construction Companies in 2025Why Orangescrum Is a Game Changer for Construction Companies in 2025
Why Orangescrum Is a Game Changer for Construction Companies in 2025
Orangescrum
 
Proactive Vulnerability Detection in Source Code Using Graph Neural Networks:...
Proactive Vulnerability Detection in Source Code Using Graph Neural Networks:...Proactive Vulnerability Detection in Source Code Using Graph Neural Networks:...
Proactive Vulnerability Detection in Source Code Using Graph Neural Networks:...
Ranjan Baisak
 
Salesforce Data Cloud- Hyperscale data platform, built for Salesforce.
Salesforce Data Cloud- Hyperscale data platform, built for Salesforce.Salesforce Data Cloud- Hyperscale data platform, built for Salesforce.
Salesforce Data Cloud- Hyperscale data platform, built for Salesforce.
Dele Amefo
 
Societal challenges of AI: biases, multilinguism and sustainability
Societal challenges of AI: biases, multilinguism and sustainabilitySocietal challenges of AI: biases, multilinguism and sustainability
Societal challenges of AI: biases, multilinguism and sustainability
Jordi Cabot
 
Mastering Fluent Bit: Ultimate Guide to Integrating Telemetry Pipelines with ...
Mastering Fluent Bit: Ultimate Guide to Integrating Telemetry Pipelines with ...Mastering Fluent Bit: Ultimate Guide to Integrating Telemetry Pipelines with ...
Mastering Fluent Bit: Ultimate Guide to Integrating Telemetry Pipelines with ...
Eric D. Schabell
 
Download Wondershare Filmora Crack [2025] With Latest
Download Wondershare Filmora Crack [2025] With LatestDownload Wondershare Filmora Crack [2025] With Latest
Download Wondershare Filmora Crack [2025] With Latest
tahirabibi60507
 
Adobe Lightroom Classic Crack FREE Latest link 2025
Adobe Lightroom Classic Crack FREE Latest link 2025Adobe Lightroom Classic Crack FREE Latest link 2025
Adobe Lightroom Classic Crack FREE Latest link 2025
kashifyounis067
 
Download YouTube By Click 2025 Free Full Activated
Download YouTube By Click 2025 Free Full ActivatedDownload YouTube By Click 2025 Free Full Activated
Download YouTube By Click 2025 Free Full Activated
saniamalik72555
 
Adobe After Effects Crack FREE FRESH version 2025
Adobe After Effects Crack FREE FRESH version 2025Adobe After Effects Crack FREE FRESH version 2025
Adobe After Effects Crack FREE FRESH version 2025
kashifyounis067
 
How Valletta helped healthcare SaaS to transform QA and compliance to grow wi...
How Valletta helped healthcare SaaS to transform QA and compliance to grow wi...How Valletta helped healthcare SaaS to transform QA and compliance to grow wi...
How Valletta helped healthcare SaaS to transform QA and compliance to grow wi...
Egor Kaleynik
 
How can one start with crypto wallet development.pptx
How can one start with crypto wallet development.pptxHow can one start with crypto wallet development.pptx
How can one start with crypto wallet development.pptx
laravinson24
 
Designing AI-Powered APIs on Azure: Best Practices& Considerations
Designing AI-Powered APIs on Azure: Best Practices& ConsiderationsDesigning AI-Powered APIs on Azure: Best Practices& Considerations
Designing AI-Powered APIs on Azure: Best Practices& Considerations
Dinusha Kumarasiri
 
Adobe Marketo Engage Champion Deep Dive - SFDC CRM Synch V2 & Usage Dashboards
Adobe Marketo Engage Champion Deep Dive - SFDC CRM Synch V2 & Usage DashboardsAdobe Marketo Engage Champion Deep Dive - SFDC CRM Synch V2 & Usage Dashboards
Adobe Marketo Engage Champion Deep Dive - SFDC CRM Synch V2 & Usage Dashboards
BradBedford3
 
Solidworks Crack 2025 latest new + license code
Solidworks Crack 2025 latest new + license codeSolidworks Crack 2025 latest new + license code
Solidworks Crack 2025 latest new + license code
aneelaramzan63
 
Automation Techniques in RPA - UiPath Certificate
Automation Techniques in RPA - UiPath CertificateAutomation Techniques in RPA - UiPath Certificate
Automation Techniques in RPA - UiPath Certificate
VICTOR MAESTRE RAMIREZ
 
EASEUS Partition Master Crack + License Code
EASEUS Partition Master Crack + License CodeEASEUS Partition Master Crack + License Code
EASEUS Partition Master Crack + License Code
aneelaramzan63
 
Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...
Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...
Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...
Lionel Briand
 
Not So Common Memory Leaks in Java Webinar
Not So Common Memory Leaks in Java WebinarNot So Common Memory Leaks in Java Webinar
Not So Common Memory Leaks in Java Webinar
Tier1 app
 
Exceptional Behaviors: How Frequently Are They Tested? (AST 2025)
Exceptional Behaviors: How Frequently Are They Tested? (AST 2025)Exceptional Behaviors: How Frequently Are They Tested? (AST 2025)
Exceptional Behaviors: How Frequently Are They Tested? (AST 2025)
Andre Hora
 
Adobe Master Collection CC Crack Advance Version 2025
Adobe Master Collection CC Crack Advance Version 2025Adobe Master Collection CC Crack Advance Version 2025
Adobe Master Collection CC Crack Advance Version 2025
kashifyounis067
 
Why Orangescrum Is a Game Changer for Construction Companies in 2025
Why Orangescrum Is a Game Changer for Construction Companies in 2025Why Orangescrum Is a Game Changer for Construction Companies in 2025
Why Orangescrum Is a Game Changer for Construction Companies in 2025
Orangescrum
 
Proactive Vulnerability Detection in Source Code Using Graph Neural Networks:...
Proactive Vulnerability Detection in Source Code Using Graph Neural Networks:...Proactive Vulnerability Detection in Source Code Using Graph Neural Networks:...
Proactive Vulnerability Detection in Source Code Using Graph Neural Networks:...
Ranjan Baisak
 
Salesforce Data Cloud- Hyperscale data platform, built for Salesforce.
Salesforce Data Cloud- Hyperscale data platform, built for Salesforce.Salesforce Data Cloud- Hyperscale data platform, built for Salesforce.
Salesforce Data Cloud- Hyperscale data platform, built for Salesforce.
Dele Amefo
 
Societal challenges of AI: biases, multilinguism and sustainability
Societal challenges of AI: biases, multilinguism and sustainabilitySocietal challenges of AI: biases, multilinguism and sustainability
Societal challenges of AI: biases, multilinguism and sustainability
Jordi Cabot
 
Mastering Fluent Bit: Ultimate Guide to Integrating Telemetry Pipelines with ...
Mastering Fluent Bit: Ultimate Guide to Integrating Telemetry Pipelines with ...Mastering Fluent Bit: Ultimate Guide to Integrating Telemetry Pipelines with ...
Mastering Fluent Bit: Ultimate Guide to Integrating Telemetry Pipelines with ...
Eric D. Schabell
 
Download Wondershare Filmora Crack [2025] With Latest
Download Wondershare Filmora Crack [2025] With LatestDownload Wondershare Filmora Crack [2025] With Latest
Download Wondershare Filmora Crack [2025] With Latest
tahirabibi60507
 
Adobe Lightroom Classic Crack FREE Latest link 2025
Adobe Lightroom Classic Crack FREE Latest link 2025Adobe Lightroom Classic Crack FREE Latest link 2025
Adobe Lightroom Classic Crack FREE Latest link 2025
kashifyounis067
 
Download YouTube By Click 2025 Free Full Activated
Download YouTube By Click 2025 Free Full ActivatedDownload YouTube By Click 2025 Free Full Activated
Download YouTube By Click 2025 Free Full Activated
saniamalik72555
 
Adobe After Effects Crack FREE FRESH version 2025
Adobe After Effects Crack FREE FRESH version 2025Adobe After Effects Crack FREE FRESH version 2025
Adobe After Effects Crack FREE FRESH version 2025
kashifyounis067
 
How Valletta helped healthcare SaaS to transform QA and compliance to grow wi...
How Valletta helped healthcare SaaS to transform QA and compliance to grow wi...How Valletta helped healthcare SaaS to transform QA and compliance to grow wi...
How Valletta helped healthcare SaaS to transform QA and compliance to grow wi...
Egor Kaleynik
 
How can one start with crypto wallet development.pptx
How can one start with crypto wallet development.pptxHow can one start with crypto wallet development.pptx
How can one start with crypto wallet development.pptx
laravinson24
 
Designing AI-Powered APIs on Azure: Best Practices& Considerations
Designing AI-Powered APIs on Azure: Best Practices& ConsiderationsDesigning AI-Powered APIs on Azure: Best Practices& Considerations
Designing AI-Powered APIs on Azure: Best Practices& Considerations
Dinusha Kumarasiri
 
Adobe Marketo Engage Champion Deep Dive - SFDC CRM Synch V2 & Usage Dashboards
Adobe Marketo Engage Champion Deep Dive - SFDC CRM Synch V2 & Usage DashboardsAdobe Marketo Engage Champion Deep Dive - SFDC CRM Synch V2 & Usage Dashboards
Adobe Marketo Engage Champion Deep Dive - SFDC CRM Synch V2 & Usage Dashboards
BradBedford3
 
Solidworks Crack 2025 latest new + license code
Solidworks Crack 2025 latest new + license codeSolidworks Crack 2025 latest new + license code
Solidworks Crack 2025 latest new + license code
aneelaramzan63
 
Automation Techniques in RPA - UiPath Certificate
Automation Techniques in RPA - UiPath CertificateAutomation Techniques in RPA - UiPath Certificate
Automation Techniques in RPA - UiPath Certificate
VICTOR MAESTRE RAMIREZ
 
EASEUS Partition Master Crack + License Code
EASEUS Partition Master Crack + License CodeEASEUS Partition Master Crack + License Code
EASEUS Partition Master Crack + License Code
aneelaramzan63
 
Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...
Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...
Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...
Lionel Briand
 
Not So Common Memory Leaks in Java Webinar
Not So Common Memory Leaks in Java WebinarNot So Common Memory Leaks in Java Webinar
Not So Common Memory Leaks in Java Webinar
Tier1 app
 
Exceptional Behaviors: How Frequently Are They Tested? (AST 2025)
Exceptional Behaviors: How Frequently Are They Tested? (AST 2025)Exceptional Behaviors: How Frequently Are They Tested? (AST 2025)
Exceptional Behaviors: How Frequently Are They Tested? (AST 2025)
Andre Hora
 
Ad

OSDC 2014: Tobias Schwab - Continuous Delivery with Docker

  • 2. Myself • Tobias Schwab • [email protected] • www.dynport.de • twitter.com/tobstarr • github.com/tobstarr
  • 3. Philosophie • continuous delivery: deploy multiple times a day • canary releases • “never touch a running system” • “Immutable Infrastructure and Disposable Components" • don’t fix it, if it can be replaced
  • 4. Theory • AWS • AMI based deployments • Elastic Load Balancer • AutoScaling Groups • S3, RDS, …
  • 5. Reality • privacy concerns: AWS not an option • hoster we could not pick • first no, then proprietary and unreliable API • flash based infrastructure management • limited capacity • we were the biggest customer
  • 6. Docker • build, distribute and deploy container based applications • creator: dotcloud • initial release: March 13, 2013 • license: Apache 2.0 • 11k stars on Github (top 50) • golang client/server
  • 7. Container Virtualization • os level • shared kernel • cgroups: isolate CPU, Memory, Block IO, Network • lxc: cgroups + application namespaces • lightweight and fast
  • 8. Images • blueprints for containers • tarball of os installation/packages • read only • stateless • layered
  • 9. Containers • instances of images • copy on write / union file system • running or exited • goal: stateless and immutable • can be “saved” (docker commit) as images • created to be thrown away
  • 10. Containers and images Source: http://docs.docker.io/en/latest/terms/container/
  • 11. Demo
  • 12. Build • manual • start and attach container • install required packages • checkout application code • run build management tool • bad: not reproducible • bad: does not utilise caching
  • 13. Build • chef/puppet/… • start an attach container • run chef/puppet/… client • good: automated and documented • bad: does not utilise caching
  • 14. Dockerfile • simple, plain text script to create images • commands: • FROM: base image to use • RUN: execute shell command • ENV: set environment variable • ADD: write local file to image • ENTRYPOINT: start command for containers • others: MAINTAINER, EXPOSE, CMD, USER, VOLUME, WORKDIR, ONBUILD
  • 17. Caching • statement based: each step creates a new image • existing steps (command tree exists) are re-used • tricky: “non functional” commands (e.g. apt-get update/upgrade) • use ENV or comments to break caching of non functional commands
  • 19. Configuration Management • “store config in the environment” (http://12factor.net/config) • dependency injected with start of container • same image for • development • testing • staging • production
  • 20. Don’ts • full blown VMs • ssh daemon inside containers • syslog daemon inside containers (sometimes needed) • user management: everything can run as root • chef/puppet/… => makes caching useless
  • 21. Build Management Tools • candidates: bundler, pip, mvn, carton, composer, … • problem with caching: bmt are slow when started with “clean slate” • option 1: add bmt manifest before code • bmt needs to run only when manifest changes • option 2: use pre-bundled base images • bmt only needs to work the delta • re-build base images from time to time • option 3: combine option 1 and option 2
  • 22. • Problems • unicorn: Rack HTTP server for fast clients • static assets • logging: default ruby syslog library uses syscall (needs local syslog daemon) • Solution • run 3 daemons in 1 container: unicorn, nginx and rsyslogd • upstart • ENTRYPOINT [“/sbin/init”] • load ENV from /proc/1/environ • foreman Use Case: Ruby on Rails
  • 23. Multi-Host • image distribution via docker registry • weighted load balancing via HAProxy • SSL termination via nginx in front of HAProxy
  • 24. Registry • push and pull images • public • private • backends: local, S3, Elliptics, Google Cloud Storage, hosted
  • 25. Load Balancing • HAProxy • license: GPL v2 • pool configuration stored in redis/etcd • config update • compile config files from stored configuration • upload via ssh • verify on remote hosts • replace current config with verified one • reload
  • 28. Deployment Pipeline • commit triggers new image build • build suite executed with image • image is pushed to registry if tests passed • optional: start image with staging ENV settings for manual testing • start image with production ENV for last pre-flight tests • deploy image to more hosts • update load balancer (canary or green/blue) • monitor new containers/image
  • 30. Logging • host: docker host, container_id • code: image_id, revision • request: request_id, action, status_code, etag, times, calls • NOT inside containers • remote syslog (when possible) • alternative: local syslog relay inside container
  • 31. Metrics • OpenTSDB • “distributed, scalable Time Series Database” • license: LGPLv2.1+ • HBase • Tags / Dimensions • from syslog via udp (StatsD “like”) • rickshaw.js for graphs • compare status codes, counts and times between actions of two revisions
  • 38. Docker reduces • external dependencies (“rubygems/github slow/unreliable/down”) after image is built • “did work on my machine/staging”: same OS package versions, configuration and code in all stages • unused CPU cycles • number of hosts • feedback times • time to get new host online • bottlenecks: hosts are more flexible
  • 39. VS. AWS • HAProxy much more flexible • multiple containers per host • balancing weights • faster build process • faster deployments • instance flexibility
  • 40. Resources • docker.io • opentsdb.net • haproxy.1wt.eu • continuousdelivery.com • chadfowler.com/blog/2013/06/23/immutable- deployments/ • 12factor.net