Make Dockerfile Great Again

Transcript

1. (without introducing more risk) Make Dockerfile Great Again Puppet Gareth

   Rushgrove Introducing Dockerfile Preprocessors

2. (without introducing more risk) @garethr

3. (without introducing more risk) Gareth Rushgrove

4. (without introducing more risk) Introduction What and why should I

   care

5. (without introducing more risk) Gareth Rushgrove DockerCon 2016 talk

6. (without introducing more risk) Gareth Rushgrove Docker can build images

   automatically by reading the instructions from a Dockerfile From the official docs at https://docs.docker.com/engine/reference/builder/

7. (without introducing more risk) Gareth Rushgrove A Dockerfile is a

   text document that contains all the commands a user could call on the command line to assemble an image. From the official docs at https://docs.docker.com/engine/reference/builder/

8. (without introducing more risk) Gareth Rushgrove Commands you know MAINTAINER

   <name> RUN <command> CMD ["executable","param1","param2"] EXPOSE <port> [<port>...] ADD <src>... <dest> ENV <key> <value> WORKDIR /path/to/workdir USER daemon VOLUME ["/data"] ENTRYPOINT ["executable", "param1", “param2"] COPY <src>... <dest>

9. (without introducing more risk) Gareth Rushgrove Commands you don’t ONBUILD

   [INSTRUCTION] STOPSIGNAL signal ARG <name>[=<default value>] LABEL <key>=<value> <key>=<value> <key>=<value> … HEALTHCHECK [OPTIONS] CMD command SHELL ["executable", "parameters"]

10. (without introducing more risk) Gareth Rushgrove Dockerfile is simple! FROM

    scratch COPY hello / CMD ["/hello"]

11. (without introducing more risk) Gareth Rushgrove Dockerfile is complex! RUN

    apt-get update && \ apt-get install -y wget=1.17.1-1ubuntu1 && \ wget https://apt.example.com/release-"$UBUNTU_CODENAME". dpkg -i release-"$UBUNTU_CODENAME".deb && \ rm release-"$UBUNTU_CODENAME".deb && \ apt-get update && \ apt-get install --no-install-recommends -y package=0.1.2 apt-get clean && \ rm -rf /var/lib/apt/lists/*

12. (without introducing more risk) Gareth Rushgrove Dockerfile is a great

    80% solution, but how can we better manage and maintain lots of them?

13. (without introducing more risk) Preprocessing Adding domain specific extensions

14. (without introducing more risk) Gareth Rushgrove Dynamic label injection

15. (without introducing more risk) Gareth Rushgrove Custom operations FROM alpine:3.4

    MAINTAINER Gareth Rushgrove "[email protected]" DATETIME_LABEL VCS_LABEL

16. (without introducing more risk) Gareth Rushgrove Stdin is my friend

    $ cat Dockerfile | dockerfilepp-labels

17. (without introducing more risk) Gareth Rushgrove Now a valid Dockerfile

    FROM alpine:3.4 MAINTAINER Gareth Rushgrove "[email protected]" LABEL com.example.datetime="2016-09-06T10:53:35+01:00" LABEL com.example.vcs-ref="da3a8068c237137b3b468445b482cc307

18. (without introducing more risk) Gareth Rushgrove Application example

19. (without introducing more risk) Gareth Rushgrove Encapsulate complexity, making sharing

    more than just copy-and-paste

20. (without introducing more risk) Gareth Rushgrove Custom operations FROM ubuntu:16.04

    MAINTAINER Gareth Rushgrove "[email protected]" ENV PUPPET_AGENT_VERSION="1.6.2" \ R10K_VERSION="2.2.2" \ UBUNTU_CODENAME="xenial" PUPPET_INSTALL PUPPET_COPY_PUPPETFILE PUPPET_COPY_MANIFESTS manifests PUPPET_RUN manifests/nginx.pp

21. (without introducing more risk) Gareth Rushgrove Composition $ cat Dockerfile

    \ | dockerfilepp-labels \ | dockerfilepp-puppet

22. (without introducing more risk) Gareth Rushgrove FROM ubuntu:16.04 MAINTAINER Gareth

    Rushgrove "[email protected]" ENV PUPPET_AGENT_VERSION="1.6.2" \ R10K_VERSION="2.2.2" \ UBUNTU_CODENAME="xenial" RUN apt-get update && \ apt-get install -y wget=1.17.1-1ubuntu1 && \ wget https://apt.puppetlabs.com/puppetlabs-release-pc1-" dpkg -i puppetlabs-release-pc1-"$UBUNTU_CODENAME".deb && rm puppetlabs-release-pc1-"$UBUNTU_CODENAME".deb && \ apt-get update && \ apt-get install --no-install-recommends -y puppet-agent= apt-get clean && \ rm -rf /var/lib/apt/lists/* RUN /opt/puppetlabs/puppet/bin/gem install r10k:"$R10K_VERSI Complexity in one place

23. (without introducing more risk) DEMO

24. (without introducing more risk) Conclusions I’m sold, what next?

25. - Feedback on the idea - Build your own preprocessors

    - Hack on the dockerfilepp library Gareth Rushgrove

26. (without introducing more risk) Gareth Rushgrove dockerfilepp Go library

27. (without introducing more risk) Gareth Rushgrove MAKE DOCKERFILE GREAT AGAIN!

    PREPROCESSORS

28. (without introducing more risk) Thanks Any questions?