Advanced Docker (June 2015)

Transcript

1. Advanced Docker Some tips and tricks

2. • Why Docker? • Development on OS X • Optimizing

   Dockerfiles • Building Complex Images • Debugging a Container • Docker-compose Pitfalls • Debugging Multiple Containers • News

3. What Docker
 really means
 …to me No state in your

   applications, which makes it easier to reason about the status of your systems
 Hardware as code. A layer above hardware. Resources are more important than the machine where it is running. You can run unit tests on your environment!

4. • Why Docker? • Development on OS X • Optimizing

   Dockerfiles • Building Complex Images • Debugging a Container • Docker-compose Pitfalls • Debugging Multiple Containers • News

5. Provisioning on OSX Don’t use boot2docker directly.
 Use docker-machine

6. File distribution in my home directory Provisioning on OSX

7. The default docker-machine image is 20GB.
 This is very little

   disk space. Use something bigger, e.g. 40GB: docker-machine create -d virtualbox \ —virtualbox-disk-size "40000" dev The image grows dynamically:
 You only use what you need Provisioning on OSX

8. Cleaning up old stuff Remove and delete all containers drmf='docker

   stop $(docker ps -a -q) && docker rm $(docker ps -a -q)' You will be running out of disk space sooner than you can say
 docker. Regularly clean up! alias drmif="docker rmi $(docker images -f dangling=true -q)"

9. https://github.com/bobrik/docker-image-cleaner Cleaning up old stuff

10. Other useful aliases

11. • Why Docker? • Development on OS X • Optimizing

    Dockerfiles • Building Complex Images • Debugging a Container • Docker-compose Pitfalls • Debugging Multiple Containers • News

12. Optimizing Dockerfiles http://ctlio.wpengine.com/optimizing-docker-images/ Chain Your Commands

13. Dockerfiles are just a temporary solution Shell scripts are great

    for quickly getting started to create images. However, as we add more complexity, it becomes hard to write scripts that are easy to maintain, quickly extensible and portable to different environments.

14. • Why Docker? • Development on OS X • Optimizing

    Dockerfiles • Building Complex Images • Debugging a Container • Docker-compose Pitfalls • Debugging Multiple Containers • News

15. Images Don’t put too much into your images.
 Only the

    _bare_ requirements to achieve a functionality. Anti example: docker’s php PHP
 CLI PHP
 Apache

16. docker/php:5.6 trivago/PHP:base trivago/PHP:web trivago/PHP:dev xdebug, profiler, mounted volume webserver composer,

    PHP extensions, static code checkout debian jessie + PHP 5.6 runtime

17. Tips on optimizing container images http://jonathan.bergknoff.com/journal/building-good- docker-images

18. Optimizing containers All layers below a change will be rebuilt

    => Always put frequently changing parts of your docker file at the bottom. E.g. config files that you ADD

19. • Why Docker? • Development on OS X • Optimizing

    Dockerfiles • Building Complex Images • Debugging a Container • Docker-compose Pitfalls • Debugging Multiple Containers • News

20. Problem: You have a bug in your CMD script. The

    container will start but die with an exception Solution: Run in interactive mode: docker run -it --entrypoint=/bin/bash <image-name> Here we overwrite the entrypoint and get a „debug shell“ into the container Debugging a container

21. Once you have the failing container, try to build it

    alone.
 For every build step you get a container id. You can run those intermediate containers to debug: Debugging a container Building influxdbdev... Step 0 : FROM ubuntu ---> 6d4946999d4f Step 1 : MAINTAINER Matthias Endler ([email protected]) ---> Using cache ---> a185c09d581b Step 2 : RUN apt-get update && apt-get -y --no-install-recommends install build-essential git wget ---> Using cache ---> 23faab2e0caf Step 3 : RUN rm /bin/sh && ln -s /bin/bash /bin/sh && export GOPATH=$HOME/go && export GOBIN=$GOPATH/ bin && export PATH=$PATH:$GOBIN ---> Using cache ---> 8d8dc1aa60f7 Step 4 : RUN cd /tmp/ && wget --no-check-certificate https://storage.googleapis.com/golang/go1.4.2.linux- amd64.tar.gz && sudo tar -C /usr/local -xzf go1.4.2.linux-amd64.tar.gz ---> Using cache ---> 943232f9d241 Step 5 : ENV PATH "$PATH:/usr/local/bin" ---> Using cache ---> 5b50fce2b9e8 Step 6 : RUN ls /usr/local/sbin ---> Running in 1abfce5ba7bc ---> f7318dc6418a Removing intermediate container 1abfce5ba7bc Step 7 : RUN go get github.com/influxdb/influxdb && cd $GOPATH/src/github.com/influxdb/ && go get ./... && go install ./... ---> Running in 6e87d766d813 /bin/sh: go: command not found <— Bug docker run -it --rm 943232f9d241 /bin/bash <— get a prompt to debug

22. • Why Docker? • Development on OS X • Optimizing

    Dockerfiles • Building Complex Images • Debugging a Container • Docker-compose Pitfalls • Debugging Multiple Containers • News

23. Docker compose docker-compose up doesn't rebuild image although Dockerfile has

    changed docker-compose build https://github.com/docker/compose/issues/1487

24. Accessing environment variables from linked containers docker run -it --entrypoint=/bin/bash

    -v `pwd`:/appdata/web/metrics --link db:db -i -e MYSQL_DATABASE=trv_aux trivago/metrics root@116c2d1ee85c:/appdata/web/metrics# export declare -x DB_ENV_MYSQL_MAJOR="5.6" declare -x DB_ENV_MYSQL_ROOT_PASSWORD="root" declare -x DB_ENV_MYSQL_VERSION="5.6.25" declare -x DB_NAME="/desperate_darwin/db" declare -x DB_PORT="tcp://172.17.0.12:3306"

25. Problem:
 If you run docker compose in the foreground and

    kill one container, then all others will go down as well.
 For testing purposes it might make sense to keep the others alive. 
 Solution: Start docker-compose in the background: docker-compose run -d

26. Fixing „race conditions“
 between containers (Show example of Kafka-InfluxDB docker-compose

    setup) http://blog.chmouel.com/2014/11/04/avoiding-race-conditions-between-containers-with-docker-and-fig/

27. docker-compose scale

28. Problem: You have a bug in your Docker compose file.

    Solution: 1) Try to run each container in your compose file separately. If it starts up, move on. Else fix the issue. 2) Start all containers but start one of them in interactive mode. Example: Debugging a multi-container application mycommand:
 build: .
 entrypoint: /bin/bash
 stdin_open: true
 tty: true
 volumes:
 - .:/opt/code links:
 - db:db
 environment:
 - MYSQL_DATABASE=sample - MYSQL_USER=user
 - MYSQL_PASSWORD=pw

29. Debugging a multi-container application See containers starting up:
 terminal1: docker-compose

    up terminal2: watch -n 1 docker ps You can see when a service crashes

30. docker-compose up 㾑 Recreating haproxyvarnishwebserver_www2_1... Recreating haproxyvarnishwebserver_varnish1_1... Recreating haproxyvarnishwebserver_www0_1... Recreating

    haproxyvarnishwebserver_www1_1...
 
 Inspect:
 docker inspect haproxyvarnishwebserver_haproxy_1 Debugging a multi-container application

31. [{ "AppArmorProfile": "", "Args": [], "Config": { "AttachStderr": true, "AttachStdin":

    true, "AttachStdout": true, "Cmd": null, "CpuShares": 0, "Cpuset": "", "Domainname": "", "Entrypoint": [ "/bin/bash" ], "Env": [ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", "HAPROXY_MAJOR=1.5", "HAPROXY_VERSION=1.5.14", "HAPROXY_MD5=ad9d7262b96ba85a0f8c6acc6cb9edde" ], "ExposedPorts": null, "Hostname": „9d94ebe … }] docker inspect <container-name> Docker Inspect

32. • Why Docker? • Development on OS X • Optimizing

    Dockerfiles • Building Complex Images • Debugging a Container • Docker-compose Pitfalls • Debugging Multiple Containers • News