SLIDE 1
Stuff I do Follow me! https://pasztor.at @janoszen About this - - PowerPoint PPT Presentation
Stuff I do Follow me! https://pasztor.at @janoszen About this - - PowerPoint PPT Presentation
Stuff I do Follow me! https://pasztor.at @janoszen About this talk 1. Maintaining your Build Stack 2. Orchestrating your Cluster 3. Pitfalls and Recommendations About this talk 1. Maintaining your Build Stack 2. Orchestrating your Cluster
SLIDE 2
SLIDE 3
Follow me!
https://pasztor.at @janoszen
SLIDE 4
About this talk
- 1. Maintaining your Build Stack
- 2. Orchestrating your Cluster
- 3. Pitfalls and Recommendations
SLIDE 5
About this talk
- 1. Maintaining your Build Stack
- 2. Orchestrating your Cluster
- 3. Pitfalls and Recommendations
SLIDE 6
About this talk
- 1. Maintaining your Build Stack
- 2. Orchestrating your Cluster
- 3. Pitfalls and Recommendations
SLIDE 7
Maintaining your Build Stack
How Docker Images are Built
SLIDE 8
Maintaining your Build Stack
FROM ubuntu:16.04
How Docker Images are Built
SLIDE 9
Maintaining your Build Stack
FROM ubuntu:16.04 RUN apt-get install...
How Docker Images are Built
SLIDE 10
Maintaining your Build Stack
FROM ubuntu:16.04 RUN apt-get install...
How Docker Images are Built
COPY files/etc /etc
SLIDE 11
Maintaining your Build Stack
FROM ubuntu:16.04 COPY files/etc /etc RUN apt-get install... COPY init.sh /init.sh
How Docker Images are Built
SLIDE 12
Maintaining your Build Stack
FROM ubuntu:16.04 COPY files/etc /etc RUN apt-get install... COPY init.sh /init.sh CMD /init.sh
How Docker Images are Built
SLIDE 13
Maintaining your Build Stack
FROM ubuntu:16.04 COPY files/etc /etc RUN apt-get install... COPY init.sh /init.sh CMD /init.sh
How Docker Images are Built
e87eea024487 c90c59c78830 31c6577f6847 54511612f1c4 9e54da99b80c
SLIDE 14
Maintaining your Build Stack
FROM ubuntu:16.04 COPY files/etc /etc RUN apt-get install... COPY init.sh /init.sh CMD /init.sh
How Docker Images are Built
e87eea024487 c90c59c78830 31c6577f6847 54511612f1c4 9e54da99b80c latest
SLIDE 15
Maintaining your Build Stack
Your Laptop Server
SLIDE 16
Maintaining your Build Stack
Your Laptop Server Docker Image
SLIDE 17
Maintaining your Build Stack
Your Laptop Server Docker Image Docker Image
SLIDE 18
Maintaining your Build Stack
Your Laptop Server Docker Image Docker Image
SLIDE 19
Maintaining your Build Stack
Your Laptop Server Docker Image Registry
SLIDE 20
Maintaining your Build Stack
Your Laptop Server Docker Image Registry docker push Docker Image
SLIDE 21
Maintaining your Build Stack
Your Laptop Server Docker Image Registry Docker Image Docker Image
SLIDE 22
Maintaining your Build Stack
Your Laptop Server Docker Image Registry Docker Image Docker Image Docker Container
SLIDE 23
Follow me!
Problems:
SLIDE 24
Follow me!
Problems:
High Bandwidth Usage
SLIDE 25
Follow me!
Problems:
High Bandwidth Usage Different Hashes on Different Machines
SLIDE 26
Maintaining your Build Stack
Your Laptop Server Dockerfile Registry Git Server CI Server
SLIDE 27
Maintaining your Build Stack
Your Laptop Server Dockerfile Registry Git Server CI Server Dockerfile
SLIDE 28
Maintaining your Build Stack
Your Laptop Server Dockerfile Registry Git Server CI Server Dockerfile Dockerfile
SLIDE 29
Maintaining your Build Stack
Your Laptop Server Dockerfile Registry Git Server CI Server Dockerfile Dockerfile Docker Image
SLIDE 30
Maintaining your Build Stack
Your Laptop Server Dockerfile Registry Git Server CI Server Dockerfile Dockerfile Docker Image Docker Image
SLIDE 31
Maintaining your Build Stack
Your Laptop Server Dockerfile Registry Git Server CI Server Dockerfile Dockerfile Docker Image Docker Image Docker Image
SLIDE 32
Maintaining your Build Stack
Your Laptop Server Dockerfile Registry Git Server CI Server Dockerfile Dockerfile Docker Image Docker Image Docker Image Docker Container
SLIDE 33
Maintaining your Build Stack
CI server Docker Repository YES YES YES YES YES YES YES YES YES
SLIDE 34
Orchestrating your Cluster
How do you run a Docker image?
SLIDE 35
Orchestrating your Cluster
ssh youruser@example.com "docker run yourcontainer"
How do you run a Docker image?
SLIDE 36
Orchestrating your Cluster
ssh youruser@example.com "docker run yourcontainer"
How do you run a Docker image?
SLIDE 37
Orchestrating your Cluster
Orchestration tools
SLIDE 38
Orchestrating your Cluster
Orchestration tools
Where is my service?
SLIDE 39
Orchestrating your Cluster
Orchestration tools
Where is my service? Rolling updates
SLIDE 40
Orchestrating your Cluster
Orchestration tools
Where is my service? Rolling updates Scaling
SLIDE 41
Orchestrating your Cluster
Orchestration tools
Where is my service? Rolling updates Scaling Virtual networks
SLIDE 42
Orchestrating your Cluster
Orchestration tools
Where is my service? Rolling updates Scaling Virtual networks ...
SLIDE 43
Orchestrating your Cluster
Orchestration tools
AWS EC2 Container Service Docker Swarm Kubernetes ...
SLIDE 44
Orchestrating your Cluster
EC2 Container Service
SLIDE 45
Orchestrating your Cluster
EC2 Container Service
+ Integrated with AWS
SLIDE 46
Orchestrating your Cluster
EC2 Container Service
+ Integrated with AWS + Autoscaling (limited)
SLIDE 47
Orchestrating your Cluster
EC2 Container Service
+ Integrated with AWS + Autoscaling (limited) + Integrated registry
SLIDE 48
Orchestrating your Cluster
EC2 Container Service
+ Integrated with AWS + Autoscaling (limited) + Integrated registry
- Using the ELB is a must
SLIDE 49
Orchestrating your Cluster
EC2 Container Service
+ Integrated with AWS + Autoscaling (limited) + Integrated registry
- Using the ELB is a must
- No built-in DNS server
SLIDE 50
Orchestrating your Cluster
EC2 Container Service
+ Integrated with AWS + Autoscaling (limited) + Integrated registry
- Using the ELB is a must
- No built-in DNS server
- Slow rollout
SLIDE 51
Orchestrating your Cluster
EC2 Container Service
+ Integrated with AWS + Autoscaling (limited) + Integrated registry
- Using the ELB is a must
- No built-in DNS server
- Slow rollout
- No overlay network
SLIDE 52
Orchestrating your Cluster
EC2 Container Service
+ Integrated with AWS + Autoscaling (limited) + Integrated registry
- Using the ELB is a must
- No built-in DNS server
- Slow rollout
- No overlay network
- Outdated
SLIDE 53
Orchestrating your Cluster
Docker Swarm
SLIDE 54
Orchestrating your Cluster
Docker Swarm
+ (Very) Simple
SLIDE 55
Orchestrating your Cluster
Docker Swarm
+ (Very) Simple + Overlay Networks
SLIDE 56
Orchestrating your Cluster
Docker Swarm
+ (Very) Simple + Overlay Networks + Built-in DNS server and LB
SLIDE 57
Orchestrating your Cluster
Docker Swarm
+ (Very) Simple + Overlay Networks + Built-in DNS server and LB + Fast rollout
SLIDE 58
Orchestrating your Cluster
Docker Swarm
+ (Very) Simple + Overlay Networks + Built-in DNS server and LB + Fast rollout
- Very young (YMMV)
SLIDE 59
Orchestrating your Cluster
Docker Swarm
+ (Very) Simple + Overlay Networks + Built-in DNS server and LB + Fast rollout
- Very young (YMMV)
- No Autoscaling
SLIDE 60
Orchestrating your Cluster
Docker Swarm
+ (Very) Simple + Overlay Networks + Built-in DNS server and LB + Fast rollout
- Very young (YMMV)
- No Autoscaling
- Monolithic (no plugins)
SLIDE 61
Orchestrating your Cluster
Kubernetes
+ Overlay networks
SLIDE 62
Orchestrating your Cluster
Kubernetes
+ Overlay networks + Autoscaling
SLIDE 63
Orchestrating your Cluster
Kubernetes
+ Overlay networks + Autoscaling + Rack awareness
SLIDE 64
Orchestrating your Cluster
Kubernetes
+ Overlay networks + Autoscaling + Rack awareness + Plugins, everywhere
SLIDE 65
Orchestrating your Cluster
Kubernetes
+ Overlay networks + Autoscaling + Rack awareness + Plugins, everywhere + Makes you coffee
SLIDE 66
Orchestrating your Cluster
Kubernetes
+ Overlay networks + Autoscaling + Rack awareness + Plugins, everywhere + Makes you coffee
- Complex to set up
SLIDE 67
Orchestrating your Cluster
Kubernetes
+ Overlay networks + Autoscaling + Rack awareness + Plugins, everywhere + Makes you coffee
- Complex to set up
- Setup scripts and docs are
beta / unstable / outdated
SLIDE 68
Pitfalls and Recommendations
Oops...
SLIDE 69
Pitfalls and Recommendations
Multiple services in one container?
SLIDE 70
Pitfalls and Recommendations
Multiple services in one container? DON’T!
SLIDE 71
Pitfalls and Recommendations
supervisord nginx PHP-FPM
SLIDE 72
Pitfalls and Recommendations
supervisord nginx PHP-FPM
SLIDE 73
Pitfalls and Recommendations
supervisord nginx
SLIDE 74
Pitfalls and Recommendations
Sidecar services
SLIDE 75
Pitfalls and Recommendations
supervisord PHP-FPM nullmailer
SLIDE 76
Pitfalls and Recommendations
supervisord PHP-FPM nullmailer manage-supervisord
SLIDE 77
Pitfalls and Recommendations
supervisord PHP-FPM nullmailer manage-supervisord
SLIDE 78
Pitfalls and Recommendations
supervisord PHP-FPM manage-supervisord
SLIDE 79
Pitfalls and Recommendations
supervisord PHP-FPM manage-supervisord https://github.com/opsbears/docker-supervisord
SLIDE 80
Pitfalls and Recommendations
Shell script in CMD?
SLIDE 81
Pitfalls and Recommendations
Shell script in CMD? BE CAREFUL!
SLIDE 82
Pitfalls and Recommendations
#!/bin/bash # Other stuff here /usr/sbin/nginx -g "daemon off;" exit $?
SLIDE 83
Pitfalls and Recommendations
bash -c /init.sh nginx
SLIDE 84
Pitfalls and Recommendations
bash -c /init.sh nginx SIGTERM
SLIDE 85
Pitfalls and Recommendations
bash -c /init.sh nginx SIGTERM YOLO!
SLIDE 86
Pitfalls and Recommendations
bash -c /init.sh nginx SIGKILL!
SLIDE 87
Pitfalls and Recommendations
#!/bin/bash # Other stuff here exec /usr/sbin/nginx -g "daemon off;"
SLIDE 88
Pitfalls and Recommendations
bash -c /init.sh
SLIDE 89
Pitfalls and Recommendations
nginx
SLIDE 90
Pitfalls and Recommendations
Don’t update your containers!
SLIDE 91
Pitfalls and Recommendations
Shared data?
SLIDE 92
Pitfalls and Recommendations
Server Container
SLIDE 93
Pitfalls and Recommendations
Server /srv/mysql Container bind mount
SLIDE 94
Pitfalls and Recommendations
Server /srv/mysql Server Container
SLIDE 95
Pitfalls and Recommendations
Healthchecks?
SLIDE 96
Pitfalls and Recommendations
Dockerfile:
HEALTHCHECK \
- -interval=10s \
- -timeout=3s \
CMD /usr/local/bin/healthcheck
healthcheck:
#!/bin/bash test $(SCRIPT_NAME=/status SCRIPT_FILENAME=/status REQUEST_METHOD=GET cgi-fcgi -bind
- connect 127.0.0.1:9000 | grep
pool | cut -d: -f2 | sed 's/ //g') == www || exit 1
SLIDE 97
Pitfalls and Recommendations
healthcheck:
#!/bin/bash test $(SCRIPT_NAME=/status SCRIPT_FILENAME=/status REQUEST_METHOD=GET cgi-fcgi -bind -connect 127.0.0.1:9000 | grep pool | cut -d: -f2 | sed 's/ //g') == www || exit 1
SLIDE 98
Pitfalls and Recommendations
Docker Swarm:
HEALTHCHECK \
- -interval=10s \
- -timeout=3s \
CMD /usr/local/bin/healthcheck
SLIDE 99
Pitfalls and Recommendations
Kubernetes:
spec: containers:
- name: yourpod
livenessProbe: exec: command:
- /usr/local/bin/healthcheck
initialDelaySeconds: 5 periodSeconds: 5 readinessProbe: ....
SLIDE 100
Pitfalls and Recommendations
TEST YO’ CONTAINERS!
SLIDE 101
Pitfalls and Recommendations
docker-compose.test.yml
version: '3.2' services: mysql: container_name: mysql build: . ... sut: build: ./test ...
SLIDE 102
Pitfalls and Recommendations
DO NOT HARD-CODE CREDENTIALS!
SLIDE 103
Pitfalls and Recommendations
VERSION YOUR IMAGES!
SLIDE 104
Pitfalls and Recommendations
CAREFUL WITH 3RD PARTY IMAGES!
SLIDE 105
Pitfalls and Recommendations
- psbears/base
- psbears/supervisord
- psbears/nullmailer
- psbears/mysql
- psbears/nginx
- psbears/php-fpm
SLIDE 106
Pitfalls and Recommendations
REMOVE DEV STUFF!
SLIDE 107