$30 off During Our Annual Pro Sale. View Details »

Kickass Development Environments with Docker (LeedsPHP, January, 2017)

David McKay
January 19, 2017
Technology
2
99

Kickass Development Environments with Docker (LeedsPHP, January, 2017)

Docker, the hottest technology around at the moment. It swept the Ops world by storm in 2014, became mainstream in 2015, and now it’s set to dominate the developer world, in 2016.

Docker is a tool that allows you to package your application up into a single-runnable distributable binary - akin to the phar, but in Hulk mode. Docker allows you, a developer, to specify the exact environment your application needs to run, across development; test; staging; and production.

In this talk I will cover the creation of this utopian distributable and show you how to can compose your entire production infrastructure locally with only a small YAML file and without installing a single thing.

Lets say hello, to Docker.

David McKay

January 19, 2017
Tweet

More Decks by David McKay

See All by David McKay
The Telegraf Toolbelt (InfluxDays SF, 2019)
rawkode
0
130
The DShell Pattern (DevOpsDays London 2019)
rawkode
0
170
Cloud Native Telegraf - Cloud Native London (September 2019)
rawkode
0
38
Developing Your Own Flux Packages (InfluxDays London 2019)
rawkode
0
100
Introduction to Time Series (Software Circus, April 2019)
rawkode
0
130
Introduction to Time Series (Cloud Native Kraków, April 2019)
rawkode
0
79
Introduction to Time Series (Cloud Native Wales, April 2019)
rawkode
0
76
Introduction to InfluxDB 2.0 (Kubernetes London - February 2019)
rawkode
0
52
Kickass Development Environments with Docker (PHPBenelux 2019)
rawkode
0
78

Other Decks in Technology

See All in Technology
太田博三
otanet
0
160
Kotlin製のGraphQLサーバーをNode.jsでモジュラモノリス化している話
hokaccha
1
2k
Kuma UIのこれまでとこれから
poteboy
5
2.9k
イベント企画設計における「フロントエンド」な考え方とその魅力
kgsi
1
1.8k
Podman with WebAssembly
utam0k
2
230
Flink SQL: the Challenges of Implementing a Streaming SQL Engine
jark
0
400
Data-Centric AI - 関連する学術分野と実践例 -
kzykmyzw
4
1.4k
Oracle Cloud Infrastructure データベース・クラウド:各バージョンのサポート期間
oracle4engineer
PRO
6
5.1k
Managing "side effect" in Frontend Development
shinyaigeek
3
1.7k
異なる思想で書かれたコードの統一に動く -Terraformの場合-
coconala_engineer
0
170
幸運を科学する ~アジャイルチームの成功を再現する方法~
okamototakuyasr2
0
190
ROSCon 2023参加報告:Real-Time Workshop & Zenoh's Current Status and Forecast
takasehideki
1
180

Featured

See All Featured
A Modern Web Designer's Workflow
chriscoyier
688
190k
Git: the NoSQL Database
bkeepers
PRO
420
62k
How To Stay Up To Date on Web Technology
chriscoyier
780
250k
From Idea to $5000 a Month in 5 Months
shpigford
376
45k
The Language of Interfaces
destraynor
149
22k
The Straight Up "How To Draw Better" Workshop
denniskardys
226
130k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
39
4k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
318
20k
Being A Developer After 40
akosma
52
580k
Adopting Sorbet at Scale
ufuk
66
8.2k
Teambox: Starting and Learning
jrom
125
8.2k
Code Reviewing Like a Champion
maltzj
511
38k

Transcript

  1. Kickass Development Environments with Docker
    Leeds PHP
    January, 2017

    View Slide

  2. [email protected]
    @rawkode
    github.com/rawkode
    ~
    Organiser:
    ScotlandPHP
    Docker | DevOps
    MongoDb | Pair Programming
    Glasgow
    ● PHP / Go / Elixir
    ● DevOps / CI / CD / Docker
    ● CQRS & Event Sourcing
    ● Domain-Driven Design
    ● TDD / BDD

    View Slide

  3. Kickass Development Environments with Docker

    View Slide

  4. let’s travel through time ...

    View Slide

  5. Development Environments circa 2000
    $ tree
    awesome-million-pound-project
    └── src
    ├── game.php
    ├── game.php.bk-david
    ├── game.php.bk-deano
    ├── main.php
    ├── main.php.maybe-fixed
    ├── main.php.bk-1999-12-02
    ├── main.php.bk-1999-12-02.2
    ├── player.php
    ├── player.php.orig
    └── .swp.player.php

    View Slide

  6. Production Environments circa 2000
    $ tree
    awesome-million-pound-project
    └── src
    ├── game.php
    ├── game.php.bk-david
    ├── game.php.bk-deano
    ├── main.php
    ├── main.php.maybe-fixed
    ├── main.php.bk-1999-12-02
    ├── main.php.bk-1999-12-02.2
    ├── player.php
    ├── player.php.orig
    └── .swp.player.php

    View Slide

  7. things got better ...

    View Slide

  8. but not for another six years ...

    View Slide

  9. 2006

    View Slide

  10. Dev/Prod parity becomes a twinkle in our eye

    View Slide

  11. 2009

    View Slide

  12. DSL Hell

    View Slide

  13. 2011

    View Slide

  14. Vagrant Problems
    ● You’re creating and managing VMs
    for each project / service
    ● Those VM’s are mutable / prone to
    error by user changes
    ● They’re built JIT (most cases)
    ● How long goes your vagrant up
    take?

    View Slide

  15. Let’s check out another option

    View Slide

  16. What is Docker?

    View Slide

  17. What is Docker?
    Docker allows you to package an application with all of its dependencies into
    a standardized unit for software development.
    docker.com

    View Slide

  18. What’s the goal?
    A single, runnable, distributable executable

    View Slide

  19. The Docker Family
    ● Docker
    ● Docker Engine
    ● Docker Registry
    ● Docker Compose
    ● Docker Machine
    ● Docker Swarm

    View Slide

  20. Lets jump in!

    View Slide

  21. Dockerfile

    View Slide

  22. FROM php:7.0

    View Slide

  23. ADD ./ /var/www
    COPY ./ /var/www
    Warning: Be careful with ADD

    View Slide

  24. WORKDIR /var/www

    View Slide

  25. ENTRYPOINT [ “php” ]

    View Slide

  26. CMD [ “-v” ]

    View Slide

  27. Layering

    View Slide

  28. Every Dockerfile keyword commits
    a layer

    View Slide

  29. This is great for caching

    View Slide

  30. Docker Container

    View Slide

  31. Docker Container

    View Slide

  32. Docker Container

    View Slide

  33. Demo: Docker Basics

    View Slide

  34. Using Docker for Development
    Composing Complex Systems

    View Slide

  35. Project Dependencies

    View Slide

  36. Project Dependencies

    View Slide

  37. Official Repositories

    View Slide

  38. View Slide

  39. Composing Services

    View Slide

  40. Composing Services
    services:
    php:
    image: php:7-cli
    elasticsearch:
    image: elasticsearch:5
    mysql:
    image: mysql:8
    redis:
    image: redis:3

    View Slide

  41. Composing Services
    services:
    php:
    image: php:7-cli
    elasticsearch:
    image: elasticsearch:5
    mysql:
    image: mysql:8
    redis:
    image: redis:3

    View Slide

  42. Composing Services
    services:
    php:
    image: rawkode/php:7-cli
    elasticsearch:
    image: quay.io/rawkode/elasticsearch:5

    View Slide

  43. Composing Services
    services:
    php:
    image: php:7-cli
    elasticsearch:
    image: elasticsearch:5
    mysql:
    image: mysql:8
    redis:
    image: redis:3

    View Slide

  44. Configuring Services

    View Slide

  45. Configuring Services
    services:
    mysql:
    image: mysql:8

    View Slide

  46. Configuring Services: Hostname
    services:
    mysql:
    image: mysql:8

    View Slide

  47. Configuring Services: Publishing Ports
    services:
    php:
    image: php:7-cli
    ports:
    - 80:80

    View Slide

  48. Configuring Services: Publishing Ports
    services:
    php:
    image: php:7-cli
    ports:
    - 80 # Published on host as random natural number, from 32768

    View Slide

  49. Configuring Services: Environment / 12-Factor
    services:
    mysql:
    image: mysql:8
    environment:
    - MYSQL_DATABASE
    - MYSQL_USER=application
    - MYSQL_PASSWORD=password
    - MYSQL_RANDOM_ROOT_PASSWORD=true

    View Slide

  50. Configuring Services: Environment / 12-Factor
    services:
    mysql:
    image: mysql:8
    environment:
    MYSQL_DATABASE
    MYSQL_USER: application
    MYSQL_PASSWORD: password
    MYSQL_RANDOM_ROOT_PASSWORD: ’true’

    View Slide

  51. Configuring Services: Environment / 12-Factor
    services:
    mysql:
    image: mysql:8
    env_file: .env

    View Slide

  52. Configuring Services: Dependencies
    services:
    php:
    image: php:7-cli
    depends_on: mysql
    mysql:
    image: mysql:8

    View Slide

  53. Configuring Services: Volumes
    services:
    php:
    image: php:7-cli
    volumes:
    - ./:/code

    View Slide

  54. Configuring Services: Volumes
    services:
    logstash:
    image: logstash:latest
    volumes_from:
    - php:ro

    View Slide

  55. Configuring Services: Volumes
    volumes:
    cache:
    driver: local

    View Slide

  56. Configuring Services: Volumes
    volumes:
    cache:
    driver: local

    View Slide

  57. Configuring Services: Volumes
    volumes:
    cache:
    driver: local
    services:
    php:
    image: php:7-cli
    volumes:
    - cache:/var/www/cache

    View Slide

  58. Demo: Putting it all Together

    View Slide

  59. Docker Tips

    View Slide

  60. composer install --ignore-platform-reqs
    ● IDE AutoComplete
    ● Cached to ~/.composer
    Composer
    Keep it local

    View Slide

  61. https://goo.gl/B26y17
    Composer
    Keep it local

    but feel free to run it in a container!

    View Slide

  62. docker-compose down -v
    ● Stops and removes all containers
    and networks in the project
    ● -v means delete the volumes as well
    Down Means Destroy

    View Slide

  63. List all the Docker networks:
    docker network ls
    Feeling brave?
    docker network rm -f \
    $(docker network ls -q)
    Mind Your Networks
    Avoid subnet collisions!

    View Slide

  64. FROM alpine:3.3
    Alpine Linux
    ~ 5 MiB
    (with solid package management!)

    View Slide

  65. Base Image
    ONBUILD FTW
    # Dockerfile
    ONBUILD COPY . /var/www
    # docker-compose.yml
    application:
    image: my-base-image
    volumes:
    - .:/var/www
    # CI build
    FROM base-image

    View Slide

  66. Base Image
    NIGHTLY BUILDS
    cron / curl / wget / whatever!
    There’s no cascading builds in Docker.
    Automate it

    View Slide

  67. Arbitrary Commands
    docker-compose
    run --rm
    -u www-data
    service_name
    command

    View Slide

  68. Single Process per
    Container
    Keep Attack Surface Small
    This will bode well from development to
    production!

    View Slide

  69. Reduced Attack Surface
    If you get hacked, you
    SHOULD / COULD / MIGHT
    be OK

    View Slide

  70. Docker Security Modelled as the Matrix
    ...

    View Slide

  71. You, the Architect ...

    View Slide

  72. Your system is looking pretty sweet!

    View Slide

  73. Processes are being kept in-line

    View Slide

  74. But then, hackers come along

    View Slide

  75. This Guy!

    View Slide

  76. Corrupting your innocent
    processes and turning
    them into weapons

    View Slide

  77. Making them bend the
    rules because you didn’t
    drop
    CAP_SYS_ADMIN

    View Slide

  78. In-order to escape
    your utopian system!

    View Slide

  79. The point?

    View Slide

  80. Taking security seriously:
    Minimising processes
    Security scanning
    Dropping Kernel capabilities

    View Slide

  81. Would have stopped

    View Slide

  82. This Guy!

    View Slide

  83. Finding out about

    View Slide

  84. This Guy

    View Slide

  85. Corrupting him

    View Slide

  86. To do his evil bidding

    View Slide

  87. This wouldn’t have happened

    View Slide

  88. This wouldn’t have happened

    View Slide

  89. Most importantly
    This wouldn’t have happened

    View Slide

  90. Thanks for having me!
    Questions?
    @rawkode
    Slides
    speakerdeck.com/rawkode

    View Slide