Docker Cape Town - Extendibility is the secret

Gianluca Arbezzano
Site Reliability Engineer @InfluxData
● https://gianarb.it
● @gianarb
What I like:
● I make dirty hacks that look awesome
● I grow my vegetables
● Travel for fun and work

View Slide

@gianarb - [email protected]

View Slide

View Slide

© 2018 InfluxData. All rights reserved.
6 @gianarb - [email protected]

View Slide

Why Kubernetes
is so powerful, complex
and widely adopted?
widely

View Slide

Why AWS
is so expensive?
widely

View Slide

What do you do
to justify these costs?

View Slide


View Slide

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: {{ template "drone.fullname" . }}-agent
labels:
app: {{ template "drone.name" . }}
chart: "{{ .Chart.Name }}-{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
component: agent
spec:
replicas: {{ .Values.agent.replicas }}
template:
metadata:
annotations:
checksum/secrets: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }}
{{- if .Values.agent.annotations }
{{ toYaml .Values.agent.annotations | indent 8 }
{{- end }}
labels:
app: {{ template "drone.name" . }}
release: "{{ .Release.Name }}"
component: agent

View Slide

API are
the keys for
your success!
Image credit: Pixabay

View Slide


View Slide

containerd.io

View Slide


View Slide

Docker for Kubernetes
Docker for Kubernetes is one of the possible CRI (Container Runtime Interface)
implementation, there are a lot of them:
¨ rktlet (Rocket implementation by CoreOS)
¨ containerd-cri (containerd implementation by containerd community)
¨ cri-o (by RedHat)
¨ Probably cloud providers like Amazon, Google they have their own one.

View Slide

Docker Jenkins Plugin
https://wiki.jenkins.io/display/JENKINS/Docker+Plugin

View Slide


View Slide

We use docker as
replacement for systemd
for process management

View Slide

DIND - Docker in Docker
$ docker run -it --rm -v /var/run/docker.sock:/var/run/docker.sock docker sh
$ docker info
Containers: 48
Running: 1
Paused: 0
Stopped: 47
containerd version: 9f2e07b1fc1342d1c48fe4d7bbb94cb6d1bf278b.m
runc version: 871ba2e58e24314d1fab4517a80410191ba5ad01
init version: fec3683
Kernel Version: 4.20.13-arch1-1-ARCH
Operating System: Arch Linux
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 15.42GiB
Name: gianarb

View Slide

docker run \
-v /var/run/docker.sock:/var/run/docker.sock

View Slide

dockerd -H tcp://10.120.0.12

View Slide

The SDKs
ctx := context.Background()
cli, err := client.NewClientWithOpts(client.FromEnv)
if err != nil {
panic(err)
}
cli.NegotiateAPIVersion(ctx)
reader, err := cli.ImagePull(ctx, "docker.io/library/alpine", types.ImagePullOptions{})
if err != nil {
panic(err)
}
io.Copy(os.Stdout, reader)

View Slide

Docker swarm and SwarmKit
https://github.com/docker/swarmkit
SwarmKit is a toolkit for orchestrating distributed systems at any scale. It
includes primitives for node discovery, raft-based consensus, task
scheduling and more.
$ docker swarm init

View Slide

New standards around containers
¨ CRI (Container Runtime Interface)
¨ CNI (container networking interface)
¨ CSI (container storage interface)
¨ OCI
¨ Runtime Specification
¨ Image Specification

View Slide

OCI/Image Specification
¨ docker/buildkit
¨ containers/skopeo

View Slide

CSI/Kubernetes Persistent Volume
¨ kubernetes-sigs/aws-ebs-csi-driver
¨ kubernetes-sigs/gcp-filestore-csi-driver
¨ aws/csi-driver-amazon-efs
¨ Azure/kubernetes-volume-drivers
¨ … a lot more, almost every cloud provider or services they provide

View Slide

TestContainers
github.com/testcontainers is on
organization that groups different
libraries, cross languages, to
programmatically manage
containers inside your tests.
The most famous one is the java
library
testcontainers/testcontainers-jav
a
public class RedisBackedCacheIntTest {
private RedisBackedCache underTest;
@Rule
public GenericContainer redis = new
GenericContainer<>( "redis:5.0.3-alpine" ).withExposedPorts (6379);
@Before
public void setUp() {
String address = redis. getContainerIpAddress ();
Integer port = redis. getFirstMappedPort ();
underTest = new RedisBackedCache(address, port);
}
@Test
public void testSimplePutAndGet () {
underTest. put("test", "example");
String retrieved = underTest. get("test");
assertEquals( "example", retrieved);
}
}

View Slide

TestContainers
I maintain the Golang
version of the library
testcontainers/testcontainer
s-go
package main
import (
"context"
"fmt"
"net/http"
"testing"
testcontainers "github.com/testcontainers/testcontainers-go"
)
func TestNginxLatestReturn(t *testing.T) {
ctx := context.Background()
req := testcontainers.ContainerRequest{
Image: "nginx",
ExposedPorts: []string{"80/tcp"},
}
nginxC, err := testcontainers.GenericContainer(ctx, testcontainers.GenericContainerRequest{
ContainerRequest: req,
Started: true,
})
defer nginxC.Terminate(ctx)
ip, err := nginxC.Host(ctx)
port, err := nginxC.MappedPort(ctx, "80")
resp, err := http.Get(fmt.Sprintf("http://%s:%s", ip, port.Port()))
if resp.StatusCode != http.StatusOK {
t.Errorf("Expected status code %d. Got %d.", http.StatusOK, resp.StatusCode)
}
}

View Slide

gianarb/orbiter
curl -v -X POST \
http://localhost:8000/v1/orbiter/handle/infra_scale/docker/up
Orbiter is an easy to run autoscaler for
Docker Swarm. It is designed to work
out of the box.

View Slide

Reach out:
@gianarb
[email protected]
https://gianarb.it
Any question?

View Slide

Docker Cape Town - Extendibility is the secret

Docker Cape Town - Extendibility is the secret

Gianluca Arbezzano

More Decks by Gianluca Arbezzano

Other Decks in Technology

Featured

Transcript