Josh Braegger

Docker and CoreOS What it is, and how we brought it to production

Who am I?

https://www.apple.com/your-verse/elevating-expedition/

Last Year…

Docker

Quick Docker Demo

Docker (of course)

FastPatch

❖ alpha, beta, and stable channels

❖ Cluster-aware updates

❖ Atomic (active/passive)

❖ Automatic upgrades

❖ /usr is read-only

https://coreos.com/using-coreos/updates/

CoreUpdate

Etcd

COMMANDS: mk make a new key with a given value mkdir make a new directory rm remove a key rmdir removes the key if it is an empty directory or a key-value pair get retrieve the value of a key ls retrieve a directory set set the value of a key setdir create a new or existing directory update update an existing key with a given value updatedir update an existing directory watch watch a key for changes exec-watch watch a key for changes and exec an executable help, h Shows a list of commands or help for one command

$ etcdctl ls //coreos.com$ etcdctl mk /test/key valuevalue$ etcdctl ls //app/coreos.com/test$ etcdctl get /test/keyvalue

Systemd

Systemd

[Unit]Description=GaiaCloud ServiceAfter=docker.serviceRequires=docker.service

[Service]EnvironmentFile=/etc/environmentTimeoutStartSec=0ExecStartPre=/bin/sh -c "/usr/bin/docker pull gaiagps/gaiacloud:master"ExecStart=/bin/sh -c "/usr/bin/docker run --rm \ --name gaiacloud-web-%i \ -h gaiacloud-web-%i \ -p 8000:8000 \ -p 8443:8443 \ --env-file /home/core/environments/gaia-dev \ gaiagps/gaiacloud:master"ExecStartPost=/usr/bin/etcdctl set /app/gaiacloud/%i-http ${COREOS_PUBLIC_IPV4}:8000ExecStartPost=/usr/bin/etcdctl set /app/gaiacloud/%i-https ${COREOS_PUBLIC_IPV4}:8443ExecStop=/usr/bin/docker stop gaiacloud-web-%iExecStopPost=/usr/bin/etcdctl rm /app/gaiacloud/%i-httpExecStopPost=/usr/bin/etcdctl rm /app/gaiacloud/%i-httpsUser=core

[Install]WantedBy=multi-user.target

Fleet

http://www.slideshare.net/IsaacJohnston1/coreos-intro-43524878

https://coreos.com/docs/launching-containers/launching/fleet-unit-files/

cloud-config#cloud-config

coreos: etcd: # generate a new token from https://discovery.etcd.io/new discovery: https://discovery.etcd.io/{discovery_key} # multi-region and multi-cloud deployments need to use $public_ipv4 addr: $private_ipv4:4001 peer-addr: $private_ipv4:7001 units: - name: format-ephemeral.service command: start content: | [Unit] Description=Formats the ephemeral drive [Service] Type=oneshot RemainAfterExit=yes ExecStart=/usr/sbin/wipefs -f /dev/xvdb ExecStart=/usr/sbin/mkfs.btrfs -f /dev/xvdb - name: etcd.service command: start - name: fleet.service command: start

ConfigDATABASES = { 'default': { 'ENGINE': 'django.contrib.gis.db.backends.postgis', 'NAME': env_var(“DB_DBNAME”, ‘db_name’), 'USER': env_var(“DB_USERNAME”, ’db_username’), 'PASSWORD': env_var(“DB_PASSWORD”, ’db_password’), 'HOST': env_var(“DB_PORT_5432_TCP_ADDR”, ’localhost’), 'PORT': env_var(“DB_PORT_5432_TCP_PORT”, 5432), 'CONN_MAX_AGE': 120, }}

DATABASES = { 'default': { 'ENGINE': 'django.contrib.gis.db.backends.postgis', 'NAME': ‘db_name', 'USER': ‘db_username', 'PASSWORD': ‘db_password', 'HOST': ‘db_host.amazonaws.com’,

‘PORT’: 5432, 'CONN_MAX_AGE': 120, }}

vs

Logging❖ Use CoreOS / journalctl?

❖ Volume mount?

❖ Log inside container?

App Demo

12factor.netI.Codebase - One codebase tracked in revision control, many deploys

II.Dependencies - Explicitly declare and isolate dependencies

III.Config - Store config in the environment

IV.Backing Services - Treat backing services as attached resources

V.Build, release, run - Strictly separate build and run stages

VI.Processes - Execute the app as one or more stateless processes

VII.Port binding - Export services via port binding

VIII.Concurrency - Scale out via the process model

IX.Disposability - Maximize robustness with fast startup and graceful shutdown

X.Dev/prod parity - Keep development, staging, and production as similar as possible

XI.Logs - Treat logs as event streams

XII.Admin processes - Run admin/management tasks as one-off processes

Presence

application

application-presence

load balancer

Presence (cont)

[Unit]Description=GaiaCloud Presence ServiceBindsTo=gaiacloud-web@%i.service

[Service]ExecStart=/usr/bin/docker run --rm --name gaiacloud-presence-%i \ --env-file /home/core/environments/presence \ -e AWS_REGION=us-east-1 \ -e ELB_NAME=test-elb \ quay.io/rckclmbr/elb-presence /bin/elb-presenceExecStop=/usr/bin/docker stop gaiacloud-presence-%iUser=coreTimeoutSec=0

[X-Fleet]MachineOf=gaiacloud-web@%i.service

Ambassadors

application

redis-ambassador redis-ambassador

redis

LinkLink

Issues

❖ Cannot kill docker containers through systemd

❖ btrfs space issues (fixed in 3.18?)

❖ Big images

❖ Big base images (ubuntu)

❖ Compiling

Other

❖ Kubernetes (koo-ber-nay’-tace)

❖ Deis (day-iss)

❖ EC2 Container Service

❖ docker-compose (fig)

Questions?

Twitter: @rckclmbrEmail: rckclmbr@gmail.comGithub: github.com/rckclmbrBlargh: http://blog.braegger.pw