Docker and-daily-devops

Docker &
Daily DevOps
Tangerang, June 26th 2016

Hello!
I am Satria Ady Pradana
A man who is obsessed to low level technology.
Member of Dago Cybernesha team.
2

“
Virtualization is like a Swiss army
knife. You can use it in a number
of different situations
3

Introduction to
Docker & Container
Let’s start with basic question.
1

container
IS
A lightweight virtual machine

Why is Docker Awesome?
◉It’s like a Virtual Machine, but much
lightweight.
◉Can up and run in few seconds.
◉Easy deploy, easy remove.
◉Clear separation of concerns.
◉Scale more easily
◉Get higher density and run more workloads

Virtual Machine
Spot the Difference
Container

Container
Isolated environment, but share OS and
appropriate bins / libraries.

Virtual Machine
Impractical to store and
transfer.
If you want to replicate a VM
which used as a service,
you need full VM for each of
instance.
1 GB space for 1 instance =
1 TB for 1000 instance.
Some notes
Container
Share a bulk of space to
hundred or thousands of
containers, thanks to union
file system.
VMs are very large, which makes.

Virtual Machine
Full virtualized system
means allocate resource to
specific VM.
Heavier!
Some notes
Container
No need to create virtual
device. All container share
host, running on top op
same kernel but isolated.
Resource utilization

Virtual Machine
Takes minutes to start.
Some notes
Container
Take a few seconds, mostly.
Performance

The usage?
Let’s talk in an analogy

MultiplicityofGoods
Multipilicityof
methodsfor
transporting/storing
DoIworryabout
howgoodsinteract
(e.g.coffeebeans
nexttospices)
CanItransportquickly
andsmoothly
(e.g.fromboattotrain
totruck)
Cargo Transport Pre-1960

? ? ? ? ? ? ?
? ? ? ? ? ? ?
? ? ? ? ? ? ?
? ? ? ? ? ? ?
? ? ? ? ? ? ?
? ? ? ? ? ? ?
Then we have NxN Matrix

MultiplicityofGoods
Multiplicityof
methodsfor
transporting/storing
DoIworryabout
howgoodsinteract
(e.g.coffeebeans
nexttospices)
CanItransport
quicklyandsmoothly
(e.g.fromboatto
traintotruck)
Solution: Intermodal Shipping
Container
…in between, can be
loaded and unloaded,
stacked, transported
efficiently over long
distances, and
transferred from one
mode of transport to
another
A standard container
that is loaded with
virtually any goods,
and stays sealed until
it reaches final
delivery.

This eliminated the NXN
problem…

and spawned an Intermodal Shipping Container
Ecosystem
• 90% of all cargo now shipped in a standard container
• Order of magnitude reduction in cost and time to load and unload ships
• Massive reduction in losses due to theft or damage
• Huge reduction in freight cost as percent of final goods (from >25% to
<3%)
 massive globalizations
• 5000 ships deliver 200M containers per year

Did you figure it out?
◉It’s like our code and environment to run the
code.
◉A problem in development and deployment.

Static website
Web frontend
User DB
Queue Analytics DB
Background workers
API endpoint
nginx 1.5 + modsecurity + openssl +
bootstrap 2
postgresql + pgv8 + v8
hadoop + hive + thrift + OpenJDK
Ruby + Rails + sass + Unicorn
Redis + redis-sentinel
Python 3.0 + celery + pyredis + libcurl + ffmpeg +
libopencv + nodejs + phantomjs
Python 2.7 + Flask + pyredis + celery + psycopg +
postgresql-client
Development VM
QA server
Public Cloud
Disaster recovery
Contributor’s laptop
Production Servers
Meet Code and EnvironmentMultiplicityofStacks
Multiplicityof
hardware
environments
Production Cluster
Customer Data Center
Doservicesandapps
interact
appropriately?
CanImigrate
smoothlyand
quickly?

Static website Web frontendUser DB Queue Analytics DB
Developm
ent VM
QA server Public Cloud Contributor’
s laptop
We need a shipping container
system for code
MultiplicityofStacks
Multiplicityof
hardware
environments
Production
Cluster
Customer
Data Center
Doservicesandapps
interact
appropriately?
CanImigrate
smoothlyandquickly
…that can be
manipulated using
standard operations and
run consistently on
virtually any hardware
platform
An engine that
enables any payload
to be encapsulated
as a lightweight,
portable, self-
sufficient
container…

Why containers matter?
Physical Containers Docker
Content Agnostic The same container can hold
almost any type of cargo
Can encapsulate any payload
and its dependencies
Hardware Agnostic Standard shape and interface
allow same container to
move from ship to train to
semi-truck to warehouse to
crane without being
modified or opened
Using operating system
primitives (e.g. LXC) can run
consistently on virtually any
hardware—VMs, bare metal,
openstack, public IAAS, etc.—
without modification
Content Isolation
and Interaction
No worry about anvils
crushing bananas.
Containers can be stacked
and shipped together
Resource, network, and
content isolation. Avoids
dependency hell
Automation Standard interfaces make it
easy to automate loading,
unloading, moving, etc.
Standard operations to run,
start, stop, commit, search,
etc. Perfect for devops: CI, CD,
autoscaling, hybrid clouds

Highly efficient No opening or modification,
quick to move between
waypoints
Lightweight, virtually no perf
or start-up penalty, quick to
move and manipulate
Separation of duties Shipper worries about inside
of box, carrier worries about
outside of box
Developer worries about code.
Ops worries about
infrastructure.
Highly efficient No opening or modification,
quick to move between
waypoints
Lightweight, virtually no perf
or start-up penalty, quick to
move and manipulate
Separation of duties Shipper worries about inside
of box, carrier worries about
outside of box
Developer worries about
code. Ops worries about
infrastructure.

Now everyone happy!
Build once, run
anywhere
Configure once, run
anything
Devs
Ops

For Developers
• Build once…run anywhere
• A clean, safe, hygienic and portable runtime environment for
your app.
• No worries about missing dependencies, packages and other
pain points during subsequent deployments.
• Run each app in its own isolated container, so you can run
various versions of libraries and other dependencies for each
app without worrying
• Automate testing, integration, packaging…anything you can
script
• Reduce/eliminate concerns about compatibility on different
platforms, either your own or your customers.
• Cheap, zero-penalty containers to deploy services? A VM
without the overhead of a VM? Instant replay and reset of image
snapshots? That’s the power of Docker

For Ops / Devops
• Configure once…run anything
• Make the entire lifecycle more efficient, consistent, and
repeatable
• Increase the quality of code produced by developers.
• Eliminate inconsistencies between development, test,
production, and customer environments
• Support segregation of duties
• Significantly improves the speed and reliability of continuous
deployment and continuous integration systems
• Because the containers are so lightweight, address significant
performance, costs, deployment, and portability issues normally
associated with VMs

Trying Docker
Start experiment
2

Installing
https://docs.docker.com/engine/installation/
• $ sudo apt-get install apt-transport-https ca-
certificate
• $ sudo apt-get purge lxc-docker* docker.io*
• $ sudo echo “deb https://apt.dockerproject.org/repo
debian-stretch main” >
/etc/apt/source.list.d/docker.list
• $ sudo apt-key adv --keyserver hkp://p80.pool.sks-
keyservers.net:80 --recv-keys
58118E89F3A912897C070ADBF76221572C526
09D

• $ sudo apt-get update
• $ sudo apt-get install docker-engine
• $ sudo service docker start
• $ sudo docker info
• $ sudo groupadd docker
• $ sudo gpasswd –a ${USER} docker
• $ sudo service docker restart

Terminology
Image
Read only layer used to
build a container. They do
not change.
Container
Self contained runtime
environment using one or
more images. You can
commit your changes to a
container and create an
image.
Hub / Registry
Public or private servers
which act as repository
where pople can upload
images and share what
they made.
29

First Interaction
• xathrya@bluewyvern$ docker run -ti
ubuntu:12.04 /bin/bash
• $ cat /etc/issue
Ubuntu 12.04
We are running a container, open it in
interactive mode, and running a command

What docker really do?
• Downloaded the image from Hub / Registry
• Generated a new container
• Created a new file system
• Mounted a read/write layer
• Allocated network interface
• Setup IP
• Setup NAT
• Executed bash shell in container

Docker Registry
• https://hub.docker.com/
Officials and user generated container, such as:
• Nginx
• Ubuntu
• Redis
• Mongo
• etc

Let’s Try An App
• $ docker run -d -P training/webapp python
app.py
• $ docker ps
You must see something like: 0.0.0.0:32768-
>5000/tcp
Go to web browser and enter url:
localhost:32768
Docker exposed port 5000 (default Python Flask
port) to our host in port 32768
• $ docker run –d –p 8080:5000 training/webapp

Some Commands
• $ docker run ubuntu /bin/echo hello world
• $ docker run -d ubuntu
• $ docker images
• $ docker ps -a
• $ docker stop / start <id>
• $ docker inspect <id>
• $ docker attach <id>
• $ docker commit <id>
• $ docker rmi $(docker images -aq)
• $ docker rm $(docker ps -aq)

Actually two ways
◉Update container created from an image and
commit the results to a new image
◉Create Dockerfile
If you having experience with Vagrant, it’s
similar concept.
Dockerfile is a file to create and configure a
new image so it can be instanced as container.

[1] Layering Image
• $ docker run -ti training/sinatra /bin/bash
Get the ID from running container
• root@ID:/# gem install json
• root@ID:/# exit
• $ docker commit -m “Added json gem” -a
“Xathrya” ID xathrya/sinatra:v2:

[2] Using Dockerfile
• https://docs.docker.com/articles/dockerfile_
best-practices/
• Useful command: FROM, RUN, WORKDIR,
EXPOSE, CMD

• $ mkdir task1 && cd task1
• $ nano Dockerfile
FROM ubuntu:14.04
RUN apt-get update && apt-get install -y ruby
ruby-dev
RUN gem install sinatra
ENV HOSTNAME sinatra
• $ docker build -t xathrya/newsinatra:v1 .
• $ docker images

• $ docker network ls
• $ docker network create -d bridge net-bridge
• $ docker run -d --net=net-bridge --name ruby
training/sinatra

Specially-designated directory within one or
more containers that bypasses the Union File
System. Useful for persistent or shared data.
• Initialized when container is created.
• Can be shared and reused among containers
• Changes to data volume will not be included
when you update image.
• Data volume persist even if container is
deleted.

• $ docker run -d -P --name web -v /webapp
training/webapp python app.py
mapped automagically chosen by docker engine
• $ docker run -d -P --name web -v
/src/webapp:/opt/webapp training/webapp
python.py
map /src/webapp (host) to /opt/webapp
(container)

• See
https://docs.docker/com/engine/tutorials/

Stack Example:
DAMP
Docker + Apache + MySQL + PHP.
3

Like Playing Lego
• Add container you need, like a component, by
their function.
• Every container has similar and uniform concept.
• Stack the container, to create complex
system.
• No need to worry about detail, focus and what you
need.
• Need to change a component? Just change it
• Upgrade version?
• Rollback?

Stack: MySQL
• $ docker run -p 3900:3306 --name mysql –e
MYSQL_ROOT_PASSWORD=toorsql -d
mysql:latest
• $ mysql -u root -p -h 127.0.0.1 –p 3900
• mysql> CREATE USER ‘php’@’%’ IDENTIFIED BY
‘pass’;
• mysql> GRANT ALL PRIVILEGES ON *.* TO
‘php’@’%’ WITH GRANT OPTION;
• mysql> FLUSH PRIVILEGES;

Stack: Apache (Dockerfile)
FROM ubuntu:12.04
RUN apt-get update
RUN apt-get install -y apache2
RUN apt-get install -y php5 php5-common php5-
cli php5-mysqli php5-curl
EXPOSE 80
CMD [“/usr/sbin/apache2ctl”, “-D”,
“FOREGROUND”]

• $ docker build –t xathrya/apache:v1 .
• $ docker images
• $ docker run -d -p 8080:80 --name apache --
link mysql:mysql -v
/var/www/html:/var/www/html
xathrya/apache:v1
• $ docker ps

Create index.php
<?php
phpinfo();
?>
Try http://localhost:8080/

<?php
$dsn = ‘mysql:host=‘.gethostbyname(‘mysql’);
$usr = ‘php’;
$pwd = ‘pass’;
Try {
$dbh = new PDO($dsn, $usr, $pwd);
} catch (PDOException $e) {
die (‘Connection failed: ’ . $e-
>getMessage());
}
echo ‘Connection made!!!’;
?>

DevOps and Modern
Day in Software
Engineering
Neet Dave the developer and Oscar the Operations
4

DevOps is
• Development + Operations
• Culture, movement, or practice that
emphasizes the collaboration and
communication of both software developers
and other IT professionals while automating
the process of software delivery and
infrastructure changes.
• Environment where building, testing, and
releasing software can happen rapidly,
frequently, and more reliably

Set of Toolchains
• Code – code development and review, continuous
integration tools
• Build – version control tools, code merging, build
status
• Test – test and results determine performance
• Package – artifact repository, application pre-
deployment staging
• Release – change management, release approvals,
release automation
• Configure – infrastructure configuration and
management
• Monitor – application performance monitoring

To name a few
• Docker (containerization)
• Jenkins (continuous integration)
• Puppet (infrastructure as code)
• Vagrant (virtualization platform)

Effectiveness
To practice DevOps effectively, software
application have to meet set of Architecture
Significant Requirements (ASRs)
• Deployability
• Modifiability
• Testability
• Monitorability
Most of time, microservice architectural style is
becoming standard for building continuous
deployed systems.

Three Ways Principle
• Systems Thinking
• Amplify Feedback Loops
• Culture of Continual Experimentation and
Learning

Scope of Activity
• Continuous Integration
• Continuous Delivery
• Continuous Testing
• Continuous Monitoring

Continuous Integration
• Practice of Agile Development
• Developer or Team of Developer is given sub
task
• For large project it might have multiple teams
developing different tasks.
• At the end, all tasks must be integrated to
build whole application.
• CI force devs to integrate individual work with
each other as early as possible.

Continuous Delivery
• Step after integrating, deliver to next stage of
application delivery lifecycle.
• The goal is to get the new features that devs
created as soon as possible to QA and to
production.
• Not all integration should come to QA, only
good one at a time.
• In terms of functionality, stability, and other
NFSs
• In essence: practice of regularly delivering
application to QA and operations for
validation and potential release to customers.

Continuous Testing
• Process of executing automated tests
• Scope of testing:
• Validating bottom-up requirements
• Validating user stories to assessing system
requirement associated with overarching business
goals
• Object is provided by previous phase
• Give (fast) feedback to development
regarding the level of business risk in latest
build.

Continuous Monitoring
• Detect compliance and risk issues associated
with organization financial and operational
environment.
• Correct or replace weak or poorly designed
controls

The Conflict
• Earlier: Devs vs Ops

Continuous Integration setup consists of
• Running unit test
• Compiling service
• Build Docker image that we run and deploy
• Pushing final image to Docker registry
Docker registry might be local repository.
https://docs.docker.com/registry/deploying/

Deployment might depends on infrastructure or
cloud provider. Few cloud providers support
Docker image:
• Amazon EC2 Container Service
• Digital Ocean
• Giant Swarm

What’s Next?
Futures of docker
5

Docker and-daily-devops

Recommended

More Related Content

What's hot (20)

Similar to Docker and-daily-devops (20)

More from Satria Ady Pradana (14)

Recently uploaded (20)

Docker and-daily-devops