Tweet
Tweet

Slide 1

Slide 1 text

No content

Slide 2

Slide 2 text

Chef for Containers Using config management in your container workflow Tom Duffield Software Development Engineer at Chef Twitter: @tomduffield Fossetcon 2014

Slide 3

Slide 3 text

Agenda Introduction to Docker Chef Container Knife Container Workflow More Information Questions

Slide 4

Slide 4 text

Introduction to Docker

Slide 5

Slide 5 text

What are Linux containers? • Lightweight virtualization provided by libraries inside the Linux Kernel. • cgroups • namespaces • capabilities • selinux • apparmor • netlink • netfilter

Slide 6

Slide 6 text

What is Docker? • Utility that improves the usability of Linux Containers by providing: • a layered file system (Docker Images) • a cross-platform execution engine (Docker Engine) • a social space to share common libraries (Docker Hub)

Slide 7

Slide 7 text

Hypervisor Virtualization Server Host OS Hypervisor Guest OS bins/ libs app a Guest OS bins/ libs app d Guest OS bins/ libs app b Guest OS bins/ libs app c Virtual Machine

Slide 8

Slide 8 text

Docker Containers Server Host OS bins/libs app b app d app c Container Docker Engine bins/libs app a

Slide 9

Slide 9 text

Benefits & Gaps of Containers Benefits Gaps Speed Portability Density Security Persistent State Credentials

Slide 10

Slide 10 text

Simple Docker Workflow Pull (Download) Run (Launch) Commit (Snapshot)

Slide 11

Slide 11 text

docker pull ubuntu:12.04 ubuntu 12.04

Slide 12

Slide 12 text

docker run ubuntu:12.04 apt-get update ubuntu 12.04 apt-get update 012345678

Slide 13

Slide 13 text

docker commit 012345678 ubuntu 12.04 apt-get update 012345678

Slide 14

Slide 14 text

docker run 012345678 apt-get upgrade ubuntu:12.04 apt-get update 012345678 apt-get upgrade ABCDEFG

Slide 15

Slide 15 text

docker commit ABCDEFG ubuntu:12.04 apt-get update ABCDEFG apt-get upgrade

Slide 16

Slide 16 text

The Dockerfile FROM ubuntu:12.04 RUN apt-get update RUN apt-get upgrade

Slide 17

Slide 17 text

Dockerfile Workflow Pull Build Run Run Commit

Slide 18

Slide 18 text

docker build mycontext FROM ubuntu:12.04 RUN apt-get update RUN apt-get install apache2 ADD myconf.conf \ /etc/apache2/sites-enabled/mysite ADD mysite /var/www/mysite Dockerfile myconf.conf mycontext mysite index.html Dockerfile

Slide 19

Slide 19 text

Chef Container

Slide 20

Slide 20 text

Chef Container is a package that provides configuration management for your containers.

Slide 21

Slide 21 text

Chef Container allows you to: • define your container configuration using Chef recipes. • idempotently manage the running state of your container. • safely manage multiple services inside your container.

Slide 22

Slide 22 text

Chef Container is a great for handling: • installation and configuration of complex applications. • transitioning traditional architecture to containers. • handling last-mile configuration when container boots.

Slide 23

Slide 23 text

Consistency Across Architectures Physical Virtual Cloud Container

Slide 24

Slide 24 text

Mixed Architecture Applications Development Test QA Prod

Slide 25

Slide 25 text

Understanding the PID1 Problem $ docker run busybox ps -ef PID USER COMMAND 1 root ps -ef • The command you specify via docker run replaces init and becomes the root process (PID1).

Slide 26

Slide 26 text

Addressing the PID1 Problem • The root process (PID1) is responsible for: • telling the container what processes it should run. • ensuring all child processes are properly managed.

Slide 27

Slide 27 text

Chef Container Components chef-client runit chef-init

Slide 28

Slide 28 text

runit is a lightweight, cross-platform init scheme you can use to ensure all child processes are properly managed. http://smarden.org/runit/

Slide 29

Slide 29 text

chef-init is a root process which can launch and manage multiple processes inside a container. https://github.com/opscode/chef-init

Slide 30

Slide 30 text

debian logo redhat logo centos logo init init init init

Slide 31

Slide 31 text

debian logo redhat logo centos logo docker

Slide 32

Slide 32 text

debian logo redhat logo centos logo chef-init chef-init chef-init chef-init docker runit runit runit runit

Slide 33

Slide 33 text

Knife Container Workflow

Slide 34

Slide 34 text

knife container TOOL SUBCOMMAND chef gem install knife-container

Slide 35

Slide 35 text

knife container docker init Generate Docker Context Download Base Docker Image Docker Components Chef Components

Slide 36

Slide 36 text

knife container docker init $ knife container docker init NAMESPACE/IMAGE_NAME [options] Frequently Used Options Flag Description -f The base Docker image to use. The default is chef/ubuntu-12.04. -r Your Chef run list. -z Use chef-client local mode. -b Use Berkshelf to manage cookbook dependencies.

Slide 37

Slide 37 text

v0 ubuntu-12.04 knife container docker init myorg/myapp

Slide 38

Slide 38 text

knife container docker build Resolve Chef Dependencies Build Docker Image Cleanup Chef Artifacts

Slide 39

Slide 39 text

knife container docker build $ knife container docker build NAMESPACE/IMAGE_NAME [options] Frequently Used Options Flag Description --force Force the resolution of Chef dependencies.

Slide 40

Slide 40 text

v0 ubuntu-12.04 knife container docker build myorg/myapp v1

Slide 41

Slide 41 text

v0 ubuntu-12.04 knife container docker build myorg/myapp v1 v2

Slide 42

Slide 42 text

Long Term Speed Benefits A B C D L1 L2 L3 L4 R1 R2 R3 R4

Slide 43

Slide 43 text

Long Term Speed Benefits A B C D L1 L2 L3 L4 R1 R2 R3 R4

Slide 44

Slide 44 text

ubuntu:12.04 L1 Image v1 ubuntu-12.04 CCR1 : R1-4 Image v1 L2 L3 L4

Slide 45

Slide 45 text

ubuntu:12.04 L1 Image v2 ubuntu-12.04 CCR1 : R1-4 Image v2 L2 L3 L4 CCR2 : R2

Slide 46

Slide 46 text

Why use Chef Container? 1) Fast and easy transition from existing architecture. 2) Consistent configuration model across containerization solutions and types of architectures. 3) Mixed infrastructure environments. 4) Idempotency in your image build process and in your running containers. 5) Decreased overhead for configuration changes.

Slide 47

Slide 47 text

More Information

Slide 48

Slide 48 text

Documentation Documentation: http://docs.getchef.com/containers.html Docker Images: https://hub.docker.com/u/chef Feedback: http://github.com/opscode/chef-init http://github.com/opscode/knife-container

Slide 49

Slide 49 text

Roadmap • Rebuild images from a fresh base image. • Add multiple, custom tags to your Docker images. • Improved management of secure credentials. What would you like to see? Submit input and feedback! http://github.com/opscode/knife-container/issues http://github.com/opscode/chef-init/issues

Slide 50

Slide 50 text

Questions? Tom Duffield | @tomduffield

Slide 51

Slide 51 text

No content