Docker in the Wild
-
Upload
christian-mague -
Category
Technology
-
view
155 -
download
0
Transcript of Docker in the Wild
![Page 1: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/1.jpg)
1
Docker in the Wild
Chris Mague / Shokunin
3/4/2016
![Page 2: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/2.jpg)
2
Today's Talk
Background The Good The Bad In development In CD pipelines In production Conclusion
![Page 3: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/3.jpg)
3
“Everyone needs a daily dose of Vitamin No”
-Reiko
![Page 4: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/4.jpg)
4
Why Virtualize at all?
- Big machine – small service- Migration possible- Legacy uses - Simpler provisioning- Isolation
![Page 5: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/5.jpg)
5
Background
- Virtualization- VM vs Container- Jails- Solaris Zones- Cgroups in Linux- LXC- Docker
![Page 6: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/6.jpg)
6
The Good
![Page 7: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/7.jpg)
7
Good Reasons to use Docker
0) Immutable1) fast startup times2) lightweight3) good tools4) great with microservices
![Page 8: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/8.jpg)
8
The Bad
![Page 9: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/9.jpg)
9
Docker Downsides
0) Immutable1) requires Linux2) only runs one process3) tooling is awful (especially on not Linux)4) troubleshooting is hard5) need to rethink how you develop/deploy
![Page 10: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/10.jpg)
10
Immutable
“these are snowflakes – chives are identical” - Dinner Rush
![Page 11: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/11.jpg)
11
In Development
![Page 12: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/12.jpg)
12
But where do these containers come from?
There are some high quality containers available for download!
![Page 13: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/13.jpg)
13
Downloading things off the Internets
![Page 14: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/14.jpg)
14
D-I-Y
![Page 15: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/15.jpg)
15
Better Solution from Hashicorp- use puppet/chef/salt/ansible- still can use shell scripts- output a variety of formats - AMI - GCE - Droplets - Virtual box - Openstack - Docker - QEMU - Parallels (see, you can change your mind later)
![Page 16: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/16.jpg)
16
Running Containers
Docker Composer - relatively simple - works great on a dev
machine - docker specific
![Page 17: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/17.jpg)
17
Better Solution from Hashicorp (2)- Runs Docker Containers- Modular / Variables can be set- Controls a variety of services - Consul - GCE - Droplets - Mailgun - Postgres/Mysql - Datadog - PowerDNS - Heroku (see, you can change your mind later)
![Page 18: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/18.jpg)
18
![Page 19: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/19.jpg)
19
In CI/CD – Example Jenkins Pipeline
![Page 20: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/20.jpg)
20
Now we come to scaling...
Treat a bunch of hardware as a big local docker instance
![Page 21: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/21.jpg)
21
Or Amazon
![Page 22: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/22.jpg)
22
Better Solution from Hashicorp (3) So do you work for them or something??
- Job scheduler - Docker - Java - Binary - QEMU- Cron scheduler- Orchestration- Service discovery integration
![Page 23: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/23.jpg)
23
Job Specification
![Page 24: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/24.jpg)
24
New problem – Discovery!
![Page 25: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/25.jpg)
25
Better Solution from Hashicorp (4)
- single binary- Raft consensus / HA- Gossip protocol- Rest API- DNS Interface- Key/Value store- Locking- vs Zookeeper/Etcd
![Page 26: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/26.jpg)
26
DNS Discovery
![Page 27: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/27.jpg)
27
frontend http bind 0.0.0.0:80 capture request header Host len 500
{{range services}}{{ if .Tags | contains "web-service" }} acl host_{{ .Name }} hdr_beg(host) -i {{ .Name }}. use_backend {{ .Name }} if host_{{ .Name }}{{end}}{{end}}
{{range services}}{{ if .Tags | contains "web-service" }}backend {{ .Name }} mode http balance roundrobin option httpchk HEAD / HTTP/1.0\r\nHost:\ {{ .Name }}.test\r\nUser-
agent:\ HAPROXY-CHECK {{range service .Name}} server {{.Node}} {{.Address}}:{{.Port}} check inter 5s rise 2 fall 2{{end}}{{end}}{{end}}
frontend http bind 0.0.0.0:80 capture request header Host len 500
acl host_tabinin hdr_beg(host) -i tabinin. use_backend tabinin if host_tabinin
backend tabinin mode http balance roundrobin option httpchk HEAD / HTTP/1.0\r\nHost:\ tabinin.test\r\nUser-agent:\ HAPROXY-
CHECK server qatcd-nomad-2.example.com 172.19.58.171:27722 check inter 5s rise 2 fall 2 server qatcd-nomad-3.example.com 172.19.58.172:42417 check inter 5s rise 2 fall 2
Config File / Templates
![Page 28: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/28.jpg)
28
Feature Flags – Consul generated file
![Page 29: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/29.jpg)
29
In Production
A few things have to change...
![Page 30: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/30.jpg)
30
Cattle vs. Pets
Pets: - have cute names - take them to the vet - care and feeding
Cattle: - replace it...
![Page 31: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/31.jpg)
31
SLAs/KPIs become critical
- If my service returns a response in < 200ms 95% of the time...
- If my error rate > 2% over a 5 minute window...
![Page 32: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/32.jpg)
32
Monitoring / Telemetry must follow
![Page 33: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/33.jpg)
33
Logging is now your primary method of troubleshooting
![Page 34: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/34.jpg)
34
New Problem
- You can deploy too fast……
Which one of the 10 deploys caused the issue and which one fixed it?
Two deployment windows a day 11:00 and 3:00 means everyone is on hand and able to jump in if there's an issue
![Page 35: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/35.jpg)
35
Conclusion (1)
You are going to end up with an infrastructure that consists of Docker-ized and other types of services
Accordingly, pick the tool set that is the most flexible! (my bias is clear here...)
![Page 36: Docker in the Wild](https://reader034.fdocuments.us/reader034/viewer/2022042907/5872f8131a28ab8c718b627b/html5/thumbnails/36.jpg)
36
Conclusion (2)Docker is worth it for some things:- application servers- stateless applications- development environment
Don't bother:- data stores- slow moving monolithic apps