Configuration Management Camp Ghent Belgium February 2016
Docker Docker DockerChef
View Slide
Config Management CampGhent, BelgiumFebruary 2016
Sean OMeara[email protected]@someara
whoami
Part 1
Remember the time
Remember that time wedidn’t need configurationmanagement because wehad packaging?
Remember that time thecloud came out and wedidn’t need sysadmins?
Remember that timewhen we didn’t needschemas because wehad MongoDB?
Repeat after me
CONFIGURATIONMANAGEMENT ANDIMMUTABLEINFRASTRUCTUREARE NOT MUTUALLYEXCLUSIVE
Say it again
We good?
The Docker cookbook
Configuration Managementis not restricted to files,directories, packages andservices
Configuration Managementtests and repairs anyprogrammable noun
Images are nouns
Containers are nouns
hello world
https://flic.kr/p/br26CbSetup v0.0.1
Install ChefDK
git clone https://github.com/someara/chef-docker-tutorial
kitchen test
git checkout v0.0.1git checkout v0.1.0git checkout v0.1.1git checkout v0.2.0git checkout v0.2.1git checkout v0.3.0git checkout v0.3.1
https://flic.kr/p/s684tkFeature v0.1.0
metadata.rb
.kitchen.yml
recipes/hello.rb
kitchen converge hellokitchen login hellodocker imagesdocker ps -adocker logs hello-world
git add .git commit -a -m “v0.1.0 - hello”git tag v0.1.0
https://flic.kr/p/53stX2Patch v0.1.1
Bug report: “hello is notidempotent”
kitchen converge hellokitchen converge hello
kitchen login hellodocker ps -adocker logs hello-world
hello-world exits afterevery run
This is expected!
http://gliderlabs.com/
rubocop \&& rspec \&& kitchen test hello
git add .git commit -a -m “v0.1.1 - hello”git tag v0.1.1
an echo serverhttps://flic.kr/p/6WtX6X
https://flic.kr/p/s684tkFeature v0.2.0
Recipe workKitchen workBehavior testingUnitFinal AcceptanceCommit
recipes/echo.rb
Docker Containers have 40+(and growing) runtime APIoptions
kitchen converge echokitchen converge echokitchen login echodocker imagesdocker ps -adocker logs an_echo_serverdocker inspect an_echo_serverecho "hi" | nc localhost 7
test/integration/echo/inspec/run_spec.rb
rubocop \&& rspec \&& kitchen test echo
git add .git commit -a -m “v0.2.0 - echo”git tag v0.2.0
https://flic.kr/p/dRGr3tPatch v0.2.1
Security team recommendsa change…Service should listen onexplicitly defined interfaces
kitchen converge echokitchen login echonetstat -anp
Listening on :::7Let’s fix that.
git add .git commit -a -m “v0.2.1 - echo patch”git tag v0.2.1
https://flic.kr/p/ayDujNnotificationsand subscriptions
https://flic.kr/p/cNdyoFeature v0.3.0
recipes/web.rb
kitchen converge webkitchen converge webkitchen login webdocker imagesdocker ps -acurl localhostdocker logs bob
test/integration/web/inspec/run_spec.rb
rubocop \&& rspec \&& kitchen test web
git add .git commit -a -m “v0.3.0 - web”git tag v0.3.0
https://flic.kr/p/o9c2G3Patch v0.3.1
Marketing teamrecommends a change…Bob wasn’t there.
kitchen converge webkitchen login webcurl localhost
Bob was here.Let’s fix that.
git add .git commit -a -m “v0.3.1 - echo patch”git tag v0.3.1
Part 2
kitchen-dokkenhttp://on.mtv.com/1ls5SRc
Experimental statusSoon to be renamedsomething less clever
Removes bootstrap overheadUses Docker volumesChef not baked into imagesWorks on Travis
https://github.com/someara/kitchen-dokken/
Install ChefDKchef gem install kitchen-dokken
git clone https://github.com/someara/hello_dokken
kitchen listdocker ps -a
kitchen createdocker ps -a
Chef containerData containerRunner container
docker run \—volumes-from chef \—volumes-from data \imagename \chef-client
docker diff suitename
https://travis-ci.org/someara/etcd-cookbook
fin
someara
tkmnzm
takuyay0ne
senkin13
nagix
yokawasa
brainpadpr
saboyutaka
tsujiba
nishiharatsubasa
masakamayama
yurihondo
mixi_engineers
morganepeng
maggiecrowley
lara
lemiorhan
shpigford
dougneiner
garrettdimon
hannesfritz
gr2m
geeforr
danielanewman