Advanced Docker Some tips and tricks

• Why Docker? • Development on OS X • Optimizing Dockerfiles • Building Complex Images • Debugging a Container • Docker-compose Pitfalls • Debugging Multiple Containers • News

What Docker
 really means
 …to me No state in your applications, which makes it easier to reason about the status of your systems
 Hardware as code. A layer above hardware. Resources are more important than the machine where it is running. You can run unit tests on your environment!

• Why Docker? • Development on OS X • Optimizing Dockerfiles • Building Complex Images • Debugging a Container • Docker-compose Pitfalls • Debugging Multiple Containers • News

Provisioning on OSX Don’t use boot2docker directly.
 Use docker-machine

File distribution in my home directory Provisioning on OSX

The default docker-machine image is 20GB.
 This is very little disk space. Use something bigger, e.g. 40GB: docker-machine create -d virtualbox \ —virtualbox-disk-size "40000" dev The image grows dynamically:
 You only use what you need Provisioning on OSX

Cleaning up old stuff Remove and delete all containers drmf='docker stop $(docker ps -a -q) && docker rm $(docker ps -a -q)' You will be running out of disk space sooner than you can say
 docker. Regularly clean up! alias drmif="docker rmi $(docker images -f dangling=true -q)"

https://github.com/bobrik/docker-image-cleaner Cleaning up old stuff

Other useful aliases

• Why Docker? • Development on OS X • Optimizing Dockerfiles • Building Complex Images • Debugging a Container • Docker-compose Pitfalls • Debugging Multiple Containers • News

Optimizing Dockerfiles http://ctlio.wpengine.com/optimizing-docker-images/ Chain Your Commands

Dockerfiles are just a temporary solution Shell scripts are great for quickly getting started to create images. However, as we add more complexity, it becomes hard to write scripts that are easy to maintain, quickly extensible and portable to different environments.

• Why Docker? • Development on OS X • Optimizing Dockerfiles • Building Complex Images • Debugging a Container • Docker-compose Pitfalls • Debugging Multiple Containers • News

Images Don’t put too much into your images.
 Only the _bare_ requirements to achieve a functionality. Anti example: docker’s php PHP
 CLI PHP
 Apache

docker/php:5.6 trivago/PHP:base trivago/PHP:web trivago/PHP:dev xdebug, profiler, mounted volume webserver composer, PHP extensions, static code checkout debian jessie + PHP 5.6 runtime

Tips on optimizing container images http://jonathan.bergknoff.com/journal/building-good- docker-images

Optimizing containers All layers below a change will be rebuilt => Always put frequently changing parts of your docker file at the bottom. E.g. config files that you ADD

• Why Docker? • Development on OS X • Optimizing Dockerfiles • Building Complex Images • Debugging a Container • Docker-compose Pitfalls • Debugging Multiple Containers • News

Problem: You have a bug in your CMD script. The container will start but die with an exception Solution: Run in interactive mode: docker run -it --entrypoint=/bin/bash Here we overwrite the entrypoint and get a „debug shell“ into the container Debugging a container

Once you have the failing container, try to build it alone.
 For every build step you get a container id. You can run those intermediate containers to debug: Debugging a container Building influxdbdev... Step 0 : FROM ubuntu ---> 6d4946999d4f Step 1 : MAINTAINER Matthias Endler (matthias.endler@trivago.com) ---> Using cache ---> a185c09d581b Step 2 : RUN apt-get update && apt-get -y --no-install-recommends install build-essential git wget ---> Using cache ---> 23faab2e0caf Step 3 : RUN rm /bin/sh && ln -s /bin/bash /bin/sh && export GOPATH=$HOME/go && export GOBIN=$GOPATH/ bin && export PATH=$PATH:$GOBIN ---> Using cache ---> 8d8dc1aa60f7 Step 4 : RUN cd /tmp/ && wget --no-check-certificate https://storage.googleapis.com/golang/go1.4.2.linux- amd64.tar.gz && sudo tar -C /usr/local -xzf go1.4.2.linux-amd64.tar.gz ---> Using cache ---> 943232f9d241 Step 5 : ENV PATH "$PATH:/usr/local/bin" ---> Using cache ---> 5b50fce2b9e8 Step 6 : RUN ls /usr/local/sbin ---> Running in 1abfce5ba7bc ---> f7318dc6418a Removing intermediate container 1abfce5ba7bc Step 7 : RUN go get github.com/influxdb/influxdb && cd $GOPATH/src/github.com/influxdb/ && go get ./... && go install ./... ---> Running in 6e87d766d813 /bin/sh: go: command not found <— Bug docker run -it --rm 943232f9d241 /bin/bash <— get a prompt to debug

• Why Docker? • Development on OS X • Optimizing Dockerfiles • Building Complex Images • Debugging a Container • Docker-compose Pitfalls • Debugging Multiple Containers • News

Docker compose docker-compose up doesn't rebuild image although Dockerfile has changed docker-compose build https://github.com/docker/compose/issues/1487

Accessing environment variables from linked containers docker run -it --entrypoint=/bin/bash -v `pwd`:/appdata/web/metrics --link db:db -i -e MYSQL_DATABASE=trv_aux trivago/metrics root@116c2d1ee85c:/appdata/web/metrics# export declare -x DB_ENV_MYSQL_MAJOR="5.6" declare -x DB_ENV_MYSQL_ROOT_PASSWORD="root" declare -x DB_ENV_MYSQL_VERSION="5.6.25" declare -x DB_NAME="/desperate_darwin/db" declare -x DB_PORT="tcp://172.17.0.12:3306"

Problem:
 If you run docker compose in the foreground and kill one container, then all others will go down as well.
 For testing purposes it might make sense to keep the others alive. 
 Solution: Start docker-compose in the background: docker-compose run -d

Fixing „race conditions“
 between containers (Show example of Kafka-InfluxDB docker-compose setup) http://blog.chmouel.com/2014/11/04/avoiding-race-conditions-between-containers-with-docker-and-fig/

docker-compose scale

Problem: You have a bug in your Docker compose file. Solution: 1) Try to run each container in your compose file separately. If it starts up, move on. Else fix the issue. 2) Start all containers but start one of them in interactive mode. Example: Debugging a multi-container application mycommand:
 build: .
 entrypoint: /bin/bash
 stdin_open: true
 tty: true
 volumes:
 - .:/opt/code links:
 - db:db
 environment:
 - MYSQL_DATABASE=sample - MYSQL_USER=user
 - MYSQL_PASSWORD=pw

Debugging a multi-container application See containers starting up:
 terminal1: docker-compose up terminal2: watch -n 1 docker ps You can see when a service crashes

docker-compose up 㾑 Recreating haproxyvarnishwebserver_www2_1... Recreating haproxyvarnishwebserver_varnish1_1... Recreating haproxyvarnishwebserver_www0_1... Recreating haproxyvarnishwebserver_www1_1...
 
 Inspect:
 docker inspect haproxyvarnishwebserver_haproxy_1 Debugging a multi-container application

[{ "AppArmorProfile": "", "Args": [], "Config": { "AttachStderr": true, "AttachStdin": true, "AttachStdout": true, "Cmd": null, "CpuShares": 0, "Cpuset": "", "Domainname": "", "Entrypoint": [ "/bin/bash" ], "Env": [ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", "HAPROXY_MAJOR=1.5", "HAPROXY_VERSION=1.5.14", "HAPROXY_MD5=ad9d7262b96ba85a0f8c6acc6cb9edde" ], "ExposedPorts": null, "Hostname": „9d94ebe … }] docker inspect Docker Inspect

• Why Docker? • Development on OS X • Optimizing Dockerfiles • Building Complex Images • Debugging a Container • Docker-compose Pitfalls • Debugging Multiple Containers • News