Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Kickass Development Environments with Docker (MidwestPHP 2017)

David McKay
March 18, 2017
Technology
0
95

Kickass Development Environments with Docker (MidwestPHP 2017)

Docker, the hottest technology around at the moment. It swept the Ops world by storm in 2014, became mainstream in 2015, and now it’s set to dominate the developer world, in 2016.

Docker is a tool that allows you to package your application up into a single-runnable distributable binary - akin to the phar, but in Hulk mode. Docker allows you, a developer, to specify the exact environment your application needs to run, across development; test; staging; and production.

In this talk I will cover the creation of this utopian distributable and show you how to can compose your entire production infrastructure locally with only a small YAML file and without installing a single thing.

Lets say hello, to Docker.

David McKay

March 18, 2017
Tweet

More Decks by David McKay

See All by David McKay
The Telegraf Toolbelt (InfluxDays SF, 2019)
rawkode
0
130
The DShell Pattern (DevOpsDays London 2019)
rawkode
0
170
Cloud Native Telegraf - Cloud Native London (September 2019)
rawkode
0
39
Developing Your Own Flux Packages (InfluxDays London 2019)
rawkode
0
110
Introduction to Time Series (Software Circus, April 2019)
rawkode
0
130
Introduction to Time Series (Cloud Native Kraków, April 2019)
rawkode
0
82
Introduction to Time Series (Cloud Native Wales, April 2019)
rawkode
0
77
Introduction to InfluxDB 2.0 (Kubernetes London - February 2019)
rawkode
0
53
Kickass Development Environments with Docker (PHPBenelux 2019)
rawkode
0
81

Other Decks in Technology

See All in Technology
プラットフォームってつくることより計測することが重要なんじゃないかという話 / Platform Engineering Meetup #8
taishin
1
360
検証を通して見えてきたTiDBの性能特性
lycorptech_jp
PRO
6
3.8k
Kernel MemoryでAzure OpenAI Serviceとお手軽データソース連携
mitsuzono
1
250
Terraformあれやこれ/terraform-this-and-that
emiki
8
1.4k
Compose Compiler Metricsを使った実践的なコードレビュー
tomorrowkey
1
220
ServiceNow Knowledge Learning Rise up
manarobot
0
210
Google Cloud Next '24でブログを10本書いた方法と勉強会を沸かせた方法
yasumuusan
0
290
Databricks における 『MLOps』
databricksjapan
2
170
Vertex AI を中心に 生成AIのアップデートを共有します
kaz1437
0
310
APIファーストなプロダクトマネジメントの実践 〜SaaSus Platformでの例〜 / "Practicing API-First Product Management - An Example with SaaSus Platform
oztick139
0
100
推しは推せるときに推せ! プロダクトにフィードバックしていこう
nakasho
0
310
MapLibreとAmazon Location Service
dayjournal
1
150

Featured

See All Featured
For a Future-Friendly Web
brad_frost
172
9k
The World Runs on Bad Software
bkeepers
PRO
61
6.7k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
241
1.2M
Statistics for Hackers
jakevdp
789
220k
The Language of Interfaces
destraynor
151
23k
Music & Morning Musume
bryan
41
5.6k
jQuery: Nuts, Bolts and Bling
dougneiner
59
7.1k
Ruby is Unlike a Banana
tanoku
96
10k
Intergalactic Javascript Robots from Outer Space
tanoku
266
26k
Optimising Largest Contentful Paint
csswizardry
8
2.4k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
17
1.4k
Imperfection Machines: The Place of Print at Facebook
scottboms
260
12k

Transcript

  1. Kickass Development Environments with Docker

  2. [email protected] @rawkode github.com/rawkode ~ Organiser: ScotlandPHP Docker | DevOps MongoDB

    | Pair Programming Glasgow • PHP / Go / Elixir • DevOps / CI / CD / Docker • CQRS & Event Sourcing • Domain-Driven Design • TDD / BDD

  3. let’s travel through time ...

  4. Development Environments circa 2000 $ tree awesome-million-pound-project └── src ├──

    game.php ├── game.php.bk-david ├── game.php.bk-deano ├── main.php ├── main.php.maybe-fixed ├── main.php.bk-1999-12-02 ├── main.php.bk-1999-12-02.2 ├── player.php ├── player.php.orig └── .swp.player.php

  5. Production Environments circa 2000 $ tree awesome-million-pound-project └── src ├──

    game.php ├── game.php.bk-david ├── game.php.bk-deano ├── main.php ├── main.php.maybe-fixed ├── main.php.bk-1999-12-02 ├── main.php.bk-1999-12-02.2 ├── player.php ├── player.php.orig └── .swp.player.php

  6. things got better ...

  7. but not for another six years ...

  8. 2006

  9. Dev/Prod parity becomes a twinkle in our eye

  10. 2009

  11. DSL Hell

  12. 2011

  13. Vagrant Problems • You’re creating and managing VMs for each

    project / service • Those VM’s are mutable / prone to error by user changes • They’re built JIT (most cases) • How long goes your vagrant up take?

  14. Let’s check out another option

  15. What is Docker?

  16. What is Docker? Docker allows you to package an application

    with all of its dependencies into a standardized unit for software development. docker.com

  17. What’s the goal? A single, runnable, distributable executable

  18. The Docker Family • Docker • Docker Engine • Docker

    Registry • Docker Compose • Docker Machine • Docker Swarm

  19. Lets jump in!

  20. Dockerfile

  21. FROM php:7.0

  22. ADD ./ /var/www COPY ./ /var/www Warning: Be careful with

    ADD

  23. WORKDIR /var/www

  24. ENTRYPOINT [ “php” ]

  25. CMD [ “-v” ]

  26. Layering

  27. Every Dockerfile keyword commits a layer

  28. This is great for caching

  29. Docker Container

  30. Docker Container

  31. Docker Container

  32. Demo: Docker Basics

  33. Using Docker for Development Composing Complex Systems

  34. Project Dependencies

  35. Project Dependencies

  36. Official Repositories

  37. None

  38. Composing Services

  39. Composing Services services: php: image: php:7-cli elasticsearch: image: elasticsearch:5 mysql:

    image: mysql:8 redis: image: redis:3

  40. Composing Services services: php: image: php:7-cli elasticsearch: image: elasticsearch:5 mysql:

    image: mysql:8 redis: image: redis:3

  41. Composing Services services: php: image: php:7-cli elasticsearch: image: elasticsearch:5 mysql:

    image: mysql:8 redis: image: redis:3

  42. Configuring Services

  43. Configuring Services services: mysql: image: mysql:8

  44. Configuring Services: Hostname services: mysql: image: mysql:8

  45. Configuring Services: Publishing Ports services: php: image: php:7-cli ports: -

    80:80

  46. Configuring Services: Publishing Ports services: php: image: php:7-cli ports: -

    80 # Published on host as random natural number, from 32768

  47. Configuring Services: Environment / 12-Factor services: mysql: image: mysql:8 environment:

    - MYSQL_DATABASE - MYSQL_USER=application - MYSQL_PASSWORD=password - MYSQL_RANDOM_ROOT_PASSWORD=true

  48. Configuring Services: Environment / 12-Factor services: mysql: image: mysql:8 environment:

    MYSQL_DATABASE MYSQL_USER: application MYSQL_PASSWORD: password MYSQL_RANDOM_ROOT_PASSWORD: ’true’

  49. Configuring Services: Environment / 12-Factor services: mysql: image: mysql:8 env_file:

    .env

  50. Configuring Services: Dependencies services: php: image: php:7-cli depends_on: - mysql

    mysql: image: mysql:8

  51. Configuring Services: Health Checks services: php: image: php:7-cli depends_on: mysql:

    condition: service_healthy mysql: image: mysql:8 healthcheck: test: “nc -z 3306”

  52. Configuring Services: Volumes services: php: image: php:7-cli volumes: - ./:/code

  53. Configuring Services: Volumes services: logstash: image: logstash:latest volumes_from: - php:ro

  54. Configuring Services: Volumes volumes: cache: driver: local

  55. Configuring Services: Volumes volumes: cache: driver: local

  56. Configuring Services: Volumes volumes: cache: driver: local services: php: image:

    php:7-cli volumes: - cache:/var/www/cache

  57. Demo: Putting it all Together

  58. Docker Tips

  59. composer install --ignore-platform-reqs • IDE AutoComplete • Cached to ~/.composer

    Composer Keep it local

  60. https://goo.gl/B26y17 Composer Keep it local … but feel free to

    run it in a container!

  61. docker-compose down -v • Stops and removes all containers and

    networks in the project • -v means delete the volumes as well Down Means Destroy

  62. List all the Docker networks: docker network ls Feeling brave?

    docker network rm -f \ $(docker network ls -q) Mind Your Networks Avoid subnet collisions!

  63. FROM alpine:3.3 Alpine Linux ~ 5 MiB (with solid package

    management!)

  64. Base Image ONBUILD FTW # Dockerfile ONBUILD COPY . /var/www

    # docker-compose.yml application: image: my-base-image volumes: - .:/var/www # CI build FROM base-image

  65. Base Image NIGHTLY BUILDS cron / curl / wget /

    whatever! There’s no cascading builds in Docker. Automate it

  66. Arbitrary Commands docker-compose run --rm -u www-data service_name command

  67. Traefik Learn it. Love it.

  68. Single Process per Container Keep Attack Surface Small This will

    bode well from development to production!

  69. Reduced Attack Surface If you get hacked, you SHOULD /

    COULD / MIGHT be OK

  70. Docker Security Modelled as the Matrix ...

  71. You, the Architect ...

  72. Your system is looking pretty sweet!

  73. Processes are being kept in-line

  74. But then, hackers come along

  75. This Guy!

  76. Corrupting your innocent processes and turning them into weapons

  77. Making them bend the rules because you didn’t drop CAP_SYS_ADMIN

  78. In-order to escape your utopian system!

  79. The point?

  80. Taking security seriously: Minimising processes Security scanning Dropping Kernel capabilities

  81. Would have stopped

  82. This Guy!

  83. Finding out about

  84. This Guy

  85. Corrupting him

  86. To do his evil bidding

  87. This wouldn’t have happened

  88. This wouldn’t have happened

  89. Most importantly This wouldn’t have happened

  90. Thanks for having me! Questions? @rawkode Feedback joind.in/talk/0395e Slides speakerdeck.com/rawkode