Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Adopting Docker

Adopting Docker

Talk from Pragmatic Docker, all about use cases for adopting docker from an operations perspective.

Gareth Rushgrove

April 21, 2015
Tweet

More Decks by Gareth Rushgrove

Other Decks in Technology

Transcript

  1. $ docker-machine create -d virtualbox dev INFO[0000] Creating SSH key...

    INFO[0000] Creating VirtualBox VM... INFO[0007] Starting VirtualBox VM... INFO[0007] Waiting for VM to start... INFO[0041] "dev" has been created and is now the active machine. Gareth Rushgrove Create local container runtimes
  2. Gareth Rushgrove $ docker-machine ls NAME ACTIVE DRIVER STATE URL

    dev * virtualbox Running tcp://192.168.99.127:2376
  3. Gareth Rushgrove $ docker-machine create -d digitalocean remote INFO[0000] Creating

    SSH key... INFO[0001] Creating Digital Ocean droplet... INFO[0002] Waiting for SSH... INFO[0070] Configuring Machine... INFO[0109] "remote" has been created and is now the active machine. Create remote container runtimes
  4. Gareth Rushgrove $ docker-machine ls NAME ACTIVE DRIVER STATE URL

    dev virtualbox Running tcp://192.168.99.127:2376 remote * digitalocean Running tcp://104.236.253.181:2376
  5. Gareth Rushgrove $ cat docker-compose.yml web: build: . links: -

    db - redis ports: - "8000:8000" db: image: postgres image: redis Share workspace definitions
  6. Gareth Rushgrove $ cat docker-compose.yml web: build: . links: -

    db - redis - elasticsearch ports: - "8000:8000" db: image: postgres image: redis image: elasticsearch Easily add new services
  7. Lots of hardware capacity for peak load can lead to

    utilisation issues Gareth Rushgrove
  8. The aim of the docker plugin is to be able

    to use a docker host to dynamically provision a slave, run a single build, then tear-down that slave. Gareth Rushgrove https://wiki.jenkins-ci.org/display/JENKINS/Docker+Plugin
  9. The mesos-jenkins plugin allows Jenkins to dynamically launch Jenkins slaves

    on a Mesos cluster depending on the workload! Gareth Rushgrove https://wiki.jenkins-ci.org/display/JENKINS/Mesos+Plugin
  10. Gareth Rushgrove jenkins slave jenkins slave jenkins slave jenkins master

    Job Job Job but with multiple jobs per slave we can run into dependency issues
  11. Gareth Rushgrove mesos slave mesos slave mesos slave jenkins master

    Job Job Job each container is a short lived jenkins slave
  12. Gareth Rushgrove $ ps aux USER PID %CPU %MEM VSZ

    RSS TTY STAT START TIME COMMAND ... 999 1807 0.2 11.4 867624 464572 ? Ssl 09:38 0:21 mysqld Is this process in a container?
  13. Gareth Rushgrove $ ps -eo ucmd,cgroup COMMAND CGROUP ... mysqld

    9:perf_event:/docker/61e76d2c39121282474ff895b9b3ba2addd775cdea6d2ba89ce76c28 Which container is that?
  14. Provides a Kernel module, which hooks into cgroups and namespaces

    Gareth Rushgrove (Prediction: We’ll see more of this kind of thing)
  15. Gareth Rushgrove $ sudo sysdig -pc -c topprocs_cpu container.name=client CPU%

    Process container.name ---------------------------------------------- 02.69% bash client 31.04% curl client 0.74% sleep client CPU usage in a single container
  16. Gareth Rushgrove $ sudo sysdig -pc -c topprocs_net Bytes Process

    Host_pid Container_pid container.name --------------------------------------------------------------- 72.06KB haproxy 7385 13 haproxy 56.96KB docker.io 1775 7039 host 44.45KB mysqld 6995 91 mysql 44.45KB mysqld 6995 99 mysql 29.36KB apache2 7893 124 wordpress1 29.36KB apache2 26895 126 wordpress4 29.36KB apache2 26622 131 wordpress2 29.36KB apache2 27935 132 wordpress3 29.36KB apache2 27306 125 wordpress4 22.23KB mysqld 6995 90 mysqlclient Network bandwidth
  17. Gareth Rushgrove $ sudo sysdig -pc -A -c echo_fds "fd.ip=172.17.0.3

    and fd.ip=172.17.0.7" ------ Write 103B to [haproxy] [d468ee81543a] 172.17.0.7:37557->172.17.0.3:80 (hapr GET / HTTP/1.1 User-Agent: curl/7.35.0 Host: 172.17.0.7 Accept: */* X-Forwarded-For: 172.17.0.8 ------ Read 103B from [wordpress1] [12b8c6a04031] 172.17.0.7:37557->172.17.0.3:80 ( GET / HTTP/1.1 User-Agent: curl/7.35.0 Host: 172.17.0.7 Accept: */* X-Forwarded-For: 172.17.0.8 ------ Write 346B to [wordpress1] [12b8c6a04031] 172.17.0.7:37557->172.17.0.3:80 (a HTTP/1.1 302 Found Date: Sat, 21 Feb 2015 22:19:18 GMT Traffic between containers
  18. Metadata like name, version, build time, build host, dependencies, descriptions,

    licence, signature and urls Built in logic like pre/post install scripts An API to interact with this – the rpm or apt/deb commands Gareth Rushgrove - - - https://www.devco.net/archives/2015/03/30/some-thoughts-on-operating-containers.php
  19. Gareth Rushgrove $ docker exec -ti mycontainer container --metadata|json_reformat {

    "validate_method": "/srv/support/bin/validate.sh", "start_method": "/srv/support/bin/start.sh", "update_method": "/srv/support/bin/update.sh" "validate": true, "build_cause": "TIMERTRIGGER", "build_tag": "jenkins-docker rbldnsd-55", "ci": true, "image_tag_names": [ "hub.my.net/ripienaar/rbldnsd" ], "project": "rbldnsd", "build_time": "2015-03-30 06:02:10", "build_time_stamp": 1427691730, "image_name": "ripienaar/rbldnsd", "gitref": "e1b0a445744fec5e584919711cafd8f4cebdee0e", }
  20. $ docker exec -ti rbldnsd container --examine Container first started

    at 2015-03-30 05:02:37 +0000 (1427691757) Names: Project Name: centos_base Image Name: ripienaar/centos_base Image Tag Names: hub.my.net/ripienaar/centos_base Build Info: CI Run: true Git Hash: fcb5f3c664b293c7a196c9809a33714427804d40 Build Cause: TIMERTRIGGER Build Time: 2015-03-24 03:25:01 (1427167501) Build Tag: jenkins-docker centos_base-20 Actions: START: not set UPDATE: not set VALIDATE: not set Gareth Rushgrove
  21. Scratch images Minimal distros like busybox Full OS like Ubuntu

    or Debian Full OS with working init system Gareth Rushgrove - - - -