1. 1. Dockerizing Symfony2 application Roman R.
2. 2. Who am I? Roman Rodomansky itspoma@gmail.com - Software Engineer at EPAM (more Dev than Ops) - @founder of 2enota, and of adbar - @co-organizer Lviv GDG github.com/itspoma skype: roman.rodomanskyy linkedin.com/in/rodomansky
3. 3. Questions - who has tried Vagrant? - who has tried Docker? (online tutorial) - who has tried the real Docker? (deployed remote VM) - Installed Docker locally? (under the boot2docker, or Vagrant) - Who has written a Dockerfile? (and built it) - An published image on Docker Hub? - Deployed Docker image for stage?
4. 4. why Docker is so cool (container madness) what is Docker (and why it matters) what are Containers (w/ background) the Docker ecosystem (w/ tools) dockerizing Symfony2 application workflow Agenda
5. 5. Docker is a trend
6. 6. The problems
7. 7. The problems - application deploy harder than could be - application cant run, by reason of differences in environments - deploying machines separately from applications - used entire operating systems to deploy (with all of the security footprint that they entail) - heavy-weight virtualized servers without specifying CPU/memory/etc - make a magic button to publish app anywhere - container management - different deployment mechanisms for custom nodes
8. 8. The isolation problem Project A: zend server, mysql, php 5.3 Project B: apache2, postresql, php 5.4, rabbitmq Project C: apache2, mysql, php 5.6, oracle, solr, ldap
9. 9. Hypervisor or Not?
10. 10. vs VM Speed: VBox -> 1 min docker -> 0.3 sec Memory: VBox -> 256 Mb docker -> 1 Mb Disk quota: VBox: 1 Gb docker: 100 kb
11. 11. LinuX Containers has been present in Linux kernels for 5+ years and now is considered fairly mature others: - lmctfy Let Me Contain That For You (Google) - libcontainer (Docker) Background: LXC
12. 12. Background: namespaces separate namespaces for containers own mount own net namespace (network interfaces) own uts namespace (hostname) own ipc namespace own user namespace (mapping uid-s between inside/outside of)
13. 13. Control Cgroups is a Linux kernel feature that limits and isolates the resource usage (CPU, memory, disk I/O, network, etc) of a collection of processes Google engineers started work on this feature in 2006 under the name process containers in 2007 changed name to control groups the goal - to provide a unified interface to many different use cases - memory - cpu - blkio - devices Background: cgroups
14. 14. Build, Ship, Run Any Application Anywhere
15. 15. - Build: package your application in a container - Ship: move that container from a machine to another - Run: execute that container - Any application: anything that runs on Linux - Anywhere: local VM, cloud instance, raspberry pi, baremetal... The Idea
16. 16. Hello, Docker. Who are you? tool for managing LXC containers client / hub
17. 17. What is a Docker Container? - high level = is a small virtual machine - with own process space, network interface - can run staff as root - low level = it is a chroot on a steroids - isolation with namespaces - limitation by cgroups (own mount, own - A container is a single service in a larger application - a web server (e.g., nginx) - an application server (e.g., PHP-FPM) - need a database server (e.g., MySQL) - Each of these services can be separated into its own Docker container
18. 18. What is a Docker Image? Imagine a Docker image as a PHP class
19. 19. bash$ docker search centos https://registry.hub.docker.com/ https://registry.hub.docker.com/_/centos/ bash$ docker push # image to the Hub bash$ docker pull # this image from any machine is a cloud for sharing container images and automating workflows free for public paid for private metadata + archives similar to Git commits structure What is a Docker Hub?
20. 20. $ docker run -ti ubuntu /bin/bash $ docker run -ti debian /bin/bash $ docker run -ti fedora bash $ docker run -ti centos bash Your First Container $ docker search centos $ docker run --rm -ti centos:7 bash $ docker run --rm -ti centos:6 bash $ docker run --rm -ti centos:5 bash root@container:/# cat /etc/issue
21. 21. Building a Server with Dockerfile - receipe to build a container - start FROM a base image - RUN commands on top of it - easy to learn, easy to use
22. 22. Dockerfile example FROM ubuntu:14.04 RUN apt-get update RUN apt-get install -y nginx EXPOSE 80 bash$ docker build -t example/nginx . bash$ docker run -d -P example/nginx Stop! Demo time show simple-container https://github.com/itspoma/docker-symfony2/tree/master/env/simple-container/
23. 23. demo time (single container)
24. 24. Finally, run the web server docker run -p 80:80 -d nginx-example docker ps docker run -v /home/core/share:/var/www:rw -p 80:80 -d nginx-example docker inspect
25. 25. Linking Containers if containers need to communicate with eachother if your application container needs to communiate with a database container $ docker run -p 3306:3306 -name mysql -d some-mysql-image $ docker run -p 80:80 -link mysql:db -d some-application-image $ env | grep MYSQL MYSQL_PORT_3306_TCP_ADDR=172.17.0.8 MYSQL_PORT_3306_TCP_PORT=3306
26. 26. demo time (multiple container)
27. 27. Docker ecosystem Docker Engine open-source tool, written in Go, runs as a daemon, comes with a CLI, has a REST API Docker Hub registry of services, public/private repos, automated builds Docker community > 600 contributors ~20 core mainainers > 50k repos on Docker Hub Docker Compose Docker Machine Docker Swarm
28. 28. Docker Machine Automatically setups up Docker on your computer, on cloud providers, and inside your data center. Can provisione any host. bash$ docker-machine create -d virtualbox dev bash$ docker-machine create -d digitalocean dev
29. 29. Docker Swarm Provides native clustering capabilities to turn a group of Docker engines into a single, virtual Docker Engine.
30. 30. run your stack with one command: docker-compose up describe your stack with one file: docker-compose.yml # docker-compose.yml web: image: php:5.6-apache links: - db:db volumes: - .:/var/www/html db: image: postgres Docker Compose
31. 31. demo time (using Compose)
32. 32. And, push it to the stage git clone http://github/repo.git docker-compose up -d
33. 33. Zero DownTime
34. 34. attach Attach to a running container build Build an image from a Dockerfile commit Create a new image from a container's changes diff Inspect changes on a container's filesystem events Get real time events from the server exec Run a command in a running container images List images history Show the history of an image images List images inspect Return low-level information on a container or image port Lookup the public-facing port that is NAT-ed to PRIVATE_PORT ps List containers ... Making Docker commands
35. 35. 1) The Shared Base Container(s) 2) The Shared Volume Dev Container 3) The Dev Tools Container 4) The Test In A Different Environment containers 5) The Build Container 6) The Installation Container 7) The Default-Service-In-A-Box Containers 8) The Infrastructure / Glue Containers Docker development patterns
36. 36. docker stats (built-in) CAdvisor (available as container, free) Scout (SASS, paid) Data Dog (SASS, free) Sensu (container, free) Containers Monitoring
37. 37. $ docker stats 18ef566e1cba 61403b48f054 e1d1e09f0dc1 CONTAINER CPU % MEM USAGE/LIMIT MEM % NET I/O 18ef566e1cba 0.44% 264.7 MiB/1.957 GiB 13.21% 1.988 KiB/648 B 61403b48f054 0.00% 684 KiB/1.957 GiB 0.03% 2.32 KiB/648 B e1d1e09f0dc1 0.01% 17.85 MiB/1.957 GiB 0.89% 5.158 KiB/40.1 KiB Containers Monitoring: docker stats
38. 38. docker run--volume=/:/rootfs:ro--volume=/var/run:/var/run:rw--volume=/sys:/sys:ro--volume=/var/lib/docker/:/var/lib/docker:ro--publish=8080:8080--detach=true--name=cadvisorgoogle/cadvisor:latest $ open http://$(boot2docker ip):8080/ Containers Monitoring: CAdvisor
39. 39. Resources - Docker Cheat Sheet https://github.com/wsargent/docker-cheat-sheet - Docker for Developers - Jrme Petazzoni https://www.youtube.com/watch?v=FdkNAjjO5yQ - https://github.com/veggiemonk/awesome-docker Sources: https://github.com/itspoma/docker-symfony2
40. 40. Summary With Docker, you can: - you fairly easily can build servers - put your software into container - run those containers anywhere - write receipes to automatically build containers - automate testing, building, hosting using the Docker Hub Everything in the environment is under your control ship the entire environment instead of just code!
41. 41. The end. Thanks!