Docker architecture rework case study

Docker

Architecture Rework Case Study

Daniel CHAFFIOLSofteam Cadextan (1999)

BNP-Paribas

Société Générale

Amundi Asset ManagementHSBC

VonCStack Overflow(2008)

Git - Hg – SVN - ClearCase

Golang - Docker

Eclipse - Jenkins

http://stackoverflow.com/users/6309/vonc

http://stackoverflow.com/users/6309/vonc

slideshare & Intranet

Project

From: Blessed Staging External

Company Outside

master master_ext

mastermaster_ext

What are the issues?

Example: Monolithic service => Isolation (processes) issue

Blessed /Staging /External /Internal

NGiNX Apache LDAP

Gpg2

Gitolite

HooksGitrepos

MCronData

SSHD


Example: Monolithic service => Isolation (processes) issue

Blessed /Staging /External /Internal

Apache

SSHD

NGiNX LDAP

Gpg2

Gitolite

Data MCron


Example: Replicated Git repos hosting servers

Blessed Staging ExternalInternal

● Isolation (server)

● Configuration

● Reproducibility

Docker:

○ Why?○ How?○ Benefits?

Why?

Why “container”?

Project

To: NGiNX Apache LDAP

Gpg2

Gitolite

HooksGitrepos

MCronData

SSHD

What is Docker

Lightweight virtualization

What is Docker

Lightweight virtualization OS distro (Host)

Linux distro (VM)

OS Kernel Hardware

Hypervisor (type 2)

Linux Kernel Hardware

Application

Virtual Machine

Lightweight virtualization

What is Docker

Lightweight virtualization OS distro (Host)

Linux distro (VM)

OS Kernel Hardware

Hypervisor (type 2)


Application

Virtual Machine

Linux distro (Host)

Files (Docker)


Docker Engine

[Application]

Docker

What is Docker?

Containers

What is Docker?

Containers Linux distro (Host)

Container(user space)

KernelSpace

Process

System calls

What is Docker?

Containers Linux distro (Host)

Container(user space)

KernelSpace

Process

System calls

Linux distro (Host)

Data Container

(for instance)

/home/git/repositories

KernelSpace

What is Docker?

Images: docker build Linux distro (Host)

Dockerfile:

FROM ubuntu

Ubuntu

What is Docker?


Dockerfile:

FROM ubuntu

Ubuntu

NGiNXRUN \ add-apt-repository -y ppa:nginx/stable && \ apt-get update && \ apt-get install -y nginx

What is Docker?


Dockerfile:

FROM ubuntu

Ubuntu

NGiNXRUN \ add-apt-repository -y ppa:nginx/stable && \ apt-get update && \ apt-get install -y nginx

Config file

COPY env.conf /home/git/RUN ln -fs /home/git/env.conf /etc/nginx/nginx.conf

EXPOSE 80EXPOSE 443

ENTRYPOINT ["/bin/sh", "-c"]CMD ["nginx"]

StatusCommands

What is Docker?

Layered file system: Linux distro (Host)

Config file

NGiNX

Ubuntu

Ubuntu

NGiNX

Config files

StatusCommands

What is Docker?


Config file

NGiNX

Ubuntu

Ubuntu

NGiNX

Config files

docker create Created

StatusCommands

What is Docker?


Config file

NGiNX

Ubuntu

Ubuntu

NGiNX

Config files

files updates

docker start/run Up


StatusCommands

What is Docker?


Config file

NGiNX

Ubuntu

Ubuntu

NGiNX

Config files

files updates

docker start/run Up


docker stop/kill Exited

StatusCommands

What is Docker?


Config file

NGiNX

Ubuntu

Ubuntu

NGiNX

Config files

docker rm

docker start/run Up


docker stop/kill Exited

How?

Container ordonnancement

Docker rework

Data Container first

Gpg2

Gitolite

HooksGitrepos

Data

Docker rework

Data Container first

Gpg2

Gitolite

HooksGitrepos

Data

docker create --name=gitolite.repos.blessed.contgitolite.repos/home/git/repositories

Docker rework

Leaf containers second

LDAP

Gpg2

Gitolite

HooksGitrepos

MCronData

SSHD

Docker rework


LDAP

Gpg2

Gitolite

HooksGitrepos

MCronData

SSHD

docker run --name=mcron.blessed.cont --volumes-from gitolite.blessed.cont--volumes-from data.blessed.cont

/home/git/repositories/home/git/gitolite/home/git/data

Docker rework


LDAP

Gpg2

Gitolite

HooksGitrepos

MCronData

SSHD

docker run --name=mcron.blessed.cont --volumes-from gitolite.blessed.cont--volumes-from data.blessed.cont

Docker rework

Linked containers last

NGiNX Apache LDAP

Gpg2

Gitolite

HooksGitrepos

MCron

SSHD

Data

Docker rework


NGiNX Apache LDAP

Gpg2

Gitolite

HooksGitrepos

MCron

SSHD

docker run --name=apache.blessed.cont --volumes-from gitolite--volumes-from repos--volumes-from gpg2--volumes-from data

Data

Docker rework


NGiNX Apache LDAP

Gpg2

Gitolite

HooksGitrepos

MCron

SSHD


--link ldap.cont:apache.ldap.cont

Data

Docker rework


NGiNX Apache LDAP

Gpg2

Gitolite

HooksGitrepos

MCron

SSHD



--link apache.staging.cont: apache.upstream.cont

Data

Apachestaging

Docker rework


NGiNX Apache LDAP

Gpg2

Gitolite

HooksGitrepos

MCron

SSHD

Apachestaging



--link apache.staging.cont: apache.upstream.cont

-p 6043:8543-p 6053:8553 Data

Docker rework


NGiNX Apache LDAP

Gpg2

Gitolite

HooksGitrepos

MCron

SSHD

Apachestaging

Data

Docker rework


NGiNX Apache LDAP

Gpg2

Gitolite

HooksGitrepos

MCron

SSHD

Apachestaging

Data

docker run --name=nginx.blessed.cont

Docker rework


NGiNX Apache LDAP

Gpg2

Gitolite

HooksGitrepos

MCron

SSHD

Apachestaging

Data

docker run --name=nginx.blessed.cont

--link apache.blessed.cont: nginx.apache.cont

Docker rework


NGiNX Apache LDAP

Gpg2

Gitolite

HooksGitrepos

MCron

SSHD

Apachestaging

Data

docker run --name=nginx.repos.blessed.cont


-p 6080:80-p 6443:443

Benefits?

Configuration & Isolation

Docker Advantages

Configuration

NGiNX Apache

Docker Advantages

Configuration

NGiNX

location /git/ { proxy_pass https://nginx.apache.cont:8543/git/;}

location /hgit/ { proxy_pass https://nginx.apache.cont:8553/hgit/;}

Apache

Docker Advantages

Configuration

NGiNX



nginx.apache.cont:8543


Apache

Docker Advantages

Configuration

NGiNX





Apache EXPOSE 8543EXPOSE 8553

Docker Advantages

Configuration

NGiNX





Apache EXPOSE 8543EXPOSE 8553

docker run --name=nginx.repos.blessed.cont


Docker Advantages

Isolation (services)

NGiNX Apache LDAP

MCron

SSHD

Data

HooksGitrepos

Docker Advantages


From outside: NGiNX Apache

Docker Advantages


From inside:

MCronData

HooksGitrepos

Docker Advantages


MCron

SSHD

Data

HooksGitrepos

Docker Advantages


SSHD

Data

Docker Advantages

Isolation (ports/names)

NGiNX Apache LDAP

Data MCron

SSHD

Docker Advantages


NGiNX Apache LDAPEXPOSE 8543EXPOSE 8553

EXPOSE 80EXPOSE 443

EXPOSE 369

Data MCron

SSHD

EXPOSE 2200

Docker Advantages


NGiNX Apache LDAP

port 6080port 6443

EXPOSE 8543EXPOSE 8553

EXPOSE 80EXPOSE 443

EXPOSE 369

port 6043port 6053

Data MCron

SSHD

EXPOSE 2200port 2200

Conclusion

CaaS: Container as a Service

End result

● 21 containers, in 3 sets, one for each environment.

● service vs. data

● Extensible without downtime.

NGiNX Apache LDAP

Gpg2

Gitolite

HooksGitrepos

MCronData

SSHD

Blessed Staging ExternalFrom:To:

End result: CaaS

Docker architecture rework case study

Software

Transcript of Docker architecture rework case study