2017 DevNexus - Docker Tips & Tricks for Java Developers

Slide 1

Slide 1 text

@saturnism @googlecloud #kubernetes #devnexus Container Tips & Tricks For Java Developers

Slide 2

Slide 2 text

@saturnism @googlecloud #kubernetes #devnexus Ray Tsang Developer Advocate Google Cloud Platform @saturnism | +RayTsang

Slide 3

Slide 3 text

@saturnism @googlecloud #kubernetes #devnexus Ray Tsang Developer Architect Traveler Photographer flickr.com/saturnism

Slide 4

Slide 4 text

@saturnism @googlecloud #kubernetes #devnexus

Slide 5

Slide 5 text

@saturnism @googlecloud #kubernetes #devnexus Containers!

Slide 6

Slide 6 text

@saturnism @googlecloud #kubernetes #devnexus

Slide 7

Slide 7 text

@saturnism @googlecloud #kubernetes #devnexus Hello World Service - Greet Guestbook Service - Create Guestbook Service - Retrieve

Slide 8

Slide 8 text

@saturnism @googlecloud #kubernetes #devnexus Guestbook UI Hello World Service Redis session replication greeting MySQL Guestbook Service CRUD

Slide 9

Slide 9 text

@saturnism @googlecloud #kubernetes #devnexus Package & Deployment application.ear app.war helloworld-service.jar application.war /... helloworld-service.jar

Slide 10

Slide 10 text

@saturnism @googlecloud #kubernetes #devnexus Machine app.war / app.ear Application Server Kernel Shell / CLI / Tools

Slide 11

Slide 11 text

@saturnism @googlecloud #kubernetes #devnexus Machine app.war / app.ear Application Server Kernel Shell / CLI / Tools Machine app.war / app.ear Application Server Kernel Shell / CLI / Tools Machine app.war / app.ear Application Server Kernel Shell / CLI / Tools

Slide 12

Slide 12 text

@saturnism @googlecloud #kubernetes #devnexus Old Way: Shared machines kernel libs app app app No isolation No namespacing Common libs Highly coupled apps and OS app

Slide 13

Slide 13 text

@saturnism @googlecloud #kubernetes #devnexus Old Way: Virtual machines Some isolation Expensive and inefficient Still highly coupled to the guest OS Hard to manage app libs kernel libs app app kernel app libs libs kernel kernel

Slide 14

Slide 14 text

@saturnism @googlecloud #kubernetes #devnexus New Way: Containers libs app libs app libs app libs app

Slide 15

Slide 15 text

@saturnism @googlecloud #kubernetes #devnexus Process isolation CPU, Memory, Network, Filesystem, ...

Slide 16

Slide 16 text

@saturnism @googlecloud #kubernetes #devnexus Static Binary! Runs anywhere

Slide 17

Slide 17 text

@saturnism @googlecloud #kubernetes #devnexus NOT a VM Just a process

Slide 18

Slide 18 text

@saturnism @googlecloud #kubernetes #devnexus NOT a Security Boundary! Repeat after me!

Slide 19

Slide 19 text

@saturnism @googlecloud #kubernetes #devnexus Containerize Option #1 Dockerfile

Slide 20

Slide 20 text

@saturnism @googlecloud #kubernetes #devnexus Containerize Option #2 spotify/docker-maven-plugin mvn docker:build

Slide 21

Slide 21 text

@saturnism @googlecloud #kubernetes #devnexus Containerize Option #3 Docker Hub / GitHub saturnism/spring-boot

Slide 22

Slide 22 text

@saturnism @googlecloud #kubernetes #devnexus Containerize Option #4 Slim JARs! spotify/dockerfile-maven-plugin

Slide 23

Slide 23 text

@saturnism @googlecloud #kubernetes #devnexus Containerize Option #5 Fabric8 fabric8 maven plugin

Slide 24

Slide 24 text

@saturnism @googlecloud #kubernetes #devnexus Which port? Internal port vs machine port

Slide 25

Slide 25 text

@saturnism @googlecloud #kubernetes #devnexus Versioning container image docker tag spring-boot-demo spring-boot-demo:1.0 docker tag spring-boot-demo spring-boot-demo:1.0-k39fa

Slide 26

Slide 26 text

@saturnism @googlecloud #kubernetes #devnexus Build Number Plugin http://www.mojohaus.org/buildnumber-maven-plugin/ https://github.com/ktoso/maven-git-commit-id-plugin Append build number, or SCM commit hash to image tag

Slide 27

Slide 27 text

@saturnism @googlecloud #kubernetes #devnexus Space Saving Tips

Slide 28

Slide 28 text

@saturnism @googlecloud #kubernetes #devnexus Combine RUN commands apt-get update && \ apt-get install -y --no-install-recommends ... && \ rm -rf /var/lib/apt/lists/* Saves you space.

Slide 29

Slide 29 text

@saturnism @googlecloud #kubernetes #devnexus Don’t Log to Container Filesystem! Log to a volume… docker -v /tmp/log:/log Or, better yet, Send it elsewhere! I prefer STDOUT

Slide 30

Slide 30 text

@saturnism @googlecloud #kubernetes #devnexus Clean up disk spaces Every image, layer, and, even containers litters docker rm $(docker ps -a -q) docker rmi $(docker images -q --filter dangling=true)

Slide 31

Slide 31 text

@saturnism @googlecloud #kubernetes #devnexus Clean up disk spaces Docker 1.13 makes it easier docker system prune

Slide 32

Slide 32 text

@saturnism @googlecloud #kubernetes #devnexus Spotify's Docker GC https://github.com/spotify/docker-gc

Slide 33

Slide 33 text

@saturnism @googlecloud #kubernetes #devnexus docker run --rm Removes container afterwards

Slide 34

Slide 34 text

@saturnism @googlecloud #kubernetes #devnexus Security, Immutability

Slide 35

Slide 35 text

@saturnism @googlecloud #kubernetes #devnexus Don't run as root! It's default… :( Specify via USER directive and switch users

Slide 36

Slide 36 text

@saturnism @googlecloud #kubernetes #devnexus Know what's in that container Vulernerabilities

Slide 37

Slide 37 text

@saturnism @googlecloud #kubernetes #devnexus Know what's in that public container! Vulernerabilities

Slide 38

Slide 38 text

@saturnism @googlecloud #kubernetes #devnexus Security Scanning X-Ray, Quay.io, Stacksmith

Slide 39

Slide 39 text

@saturnism @googlecloud #kubernetes #devnexus Pin your versions Consistent rebuild Repeatability

Slide 40

Slide 40 text

@saturnism @googlecloud #kubernetes #devnexus Java Specific

Slide 41

Slide 41 text

@saturnism @googlecloud #kubernetes #devnexus SecureRandom - slow =( For development and testing -Djava.security.egd=file:/dev/urandom

Slide 42

Slide 42 text

@saturnism @googlecloud #kubernetes #devnexus How many CPUs? Red Hat has it right - check their scripts! Don't trust Runtime.availableProcessors() https://github.com/fabric8io-images/run-java-sh

Slide 43

Slide 43 text

@saturnism @googlecloud #kubernetes #devnexus JDK 9 https://bugs.openjdk.java.net/browse/JDK-6515172

Slide 44

Slide 44 text

@saturnism @googlecloud #kubernetes #devnexus How much memory? Check Red Hat's script! https://github.com/fabric8io-images/run-java-sh java -XX:+PrintFlagsFinal -version | grep HeapSize

Slide 45

Slide 45 text

@saturnism @googlecloud #kubernetes #devnexus Using container for testing https://www.testcontainers.org/

Slide 46

Slide 46 text

@saturnism @googlecloud #kubernetes #devnexus Composition

Slide 47

Slide 47 text

@saturnism @googlecloud #kubernetes #devnexus Let’s run the container! docker run -ti -p 8080:8080 helloworld-service

Slide 48

Slide 48 text

@saturnism @googlecloud #kubernetes #devnexus MySQL docker run -d --name mysql -p 3306:3306 -e MYSQL_ROOT_PASSWORD=yourpassword -e MYSQL_DATABASE=app mysql

Slide 49

Slide 49 text

@saturnism @googlecloud #kubernetes #devnexus Guestbook Service docker run -ti --name guestbookservice --link mysql:mysql saturnism/guestbook-service

Slide 50

Slide 50 text

@saturnism @googlecloud #kubernetes #devnexus Redis docker run -d --name redis redis

Slide 51

Slide 51 text

@saturnism @googlecloud #kubernetes #devnexus Hello World Service docker run -ti --name helloworldservice \ saturnism/spring-boot-helloworld-service:1.0

Slide 52

Slide 52 text

@saturnism @googlecloud #kubernetes #devnexus Guestbook UI docker run -ti --rm --link redis:redis \ --link helloworldservice:helloworldservice \ --link guestbookservice:guestbookservice \ -p 8080:8080 saturnism/spring-boot-helloworld-ui

Slide 53

Slide 53 text

@saturnism @googlecloud #kubernetes #devnexus Test locally! Deployment during development could be painful Set environmental variables Use Docker Compose

Slide 54

Slide 54 text

@saturnism @googlecloud #kubernetes #devnexus Docker Compose docker-compose up

Slide 55

Slide 55 text

@saturnism @googlecloud #kubernetes #devnexus Configuration Environmental variable Command line arguments Properties files

Slide 56

Slide 56 text

@saturnism @googlecloud #kubernetes #devnexus Don't store credentials... For obvious reasons!

Slide 57

Slide 57 text

@saturnism @googlecloud #kubernetes #devnexus JAVA_OPTS Make sure you can set it via the environmental variable!

Slide 58

Slide 58 text

@saturnism @googlecloud #kubernetes #devnexus Dealing low Bandwidth

Slide 59

Slide 59 text

@saturnism @googlecloud #kubernetes #devnexus Bathroom 50" TV Ikea Sofa Bed Mini Fridge Closet Door

Slide 60

Slide 60 text

@saturnism @googlecloud #kubernetes #devnexus But the WIFI was FREE! But soooooo SLOW

Slide 61

Slide 61 text

@saturnism @googlecloud #kubernetes #devnexus Bad WIFI Good WIFI

Slide 62

Slide 62 text

@saturnism @googlecloud #kubernetes #devnexus 20' 40' 45' 48' 53'

Slide 63

Slide 63 text

@saturnism @googlecloud #kubernetes #devnexus 20' 40' 45' 48' 53' My Apartment!

Slide 64

Slide 64 text

@saturnism @googlecloud #kubernetes #devnexus Use Docker Machine In the cloud - faster network to download images

Slide 65

Slide 65 text

@saturnism @googlecloud #kubernetes #devnexus Share a Docker Daemon Docker Daemon is just a server!

Slide 66

Slide 66 text

@saturnism @googlecloud #kubernetes #devnexus Build inside of Docker container Consistent build environment

Slide 67

Slide 67 text

@saturnism @googlecloud #kubernetes #devnexus STDOUT/STDIN You can pipe input and outputs like a regular command line

Slide 68

Slide 68 text

@saturnism @googlecloud #kubernetes #devnexus Compression docker build --compress ...

Slide 69

Slide 69 text

@saturnism @googlecloud #kubernetes #devnexus Squashing? This is experimental! docker build --squash .

Slide 70

Slide 70 text

@saturnism @googlecloud #kubernetes #devnexus Orchestration!

Slide 71

Slide 71 text

@saturnism @googlecloud #kubernetes #devnexus Use an Orchestrator! Don't deploy containers to individual machines yourself… Let an orchestrator do it for you!

Slide 72

Slide 72 text

@saturnism @googlecloud #kubernetes #devnexus Try out Google Container Engine https://cloud.google.com/container-engine/

Slide 73

Slide 73 text

@saturnism @googlecloud #kubernetes #devnexus Thanks! Images by Connie Zhou http://kubernetes.io http://bit.ly/1QLg5E1