Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Docker in Production

spiddy
July 22, 2015
Technology
6
4.6k

Docker in Production

A fast-forward of the process to modernize an infrastructure to a Micro-service oriented and Container-based cluster.

spiddy

July 22, 2015
Tweet

More Decks by spiddy

See All by spiddy
Tame your Microservices with Helm and Software Release Trains
spiddy
0
200
Enfoque Holistico de DevOps
spiddy
0
410
Kubernetes in Startups vs Enterprise: Using Custom Resources to extend workflow
spiddy
2
250
Zero Downtimes with Faulty Solutions
spiddy
0
120
Netflix OSS and Kubernetes - Building a Microservice based Cloud platform
spiddy
2
1.7k
The Quest for the Holy Grail of Continuous Delivery
spiddy
8
1.1k
Docker Workshop Barcelona
spiddy
2
1.6k

Other Decks in Technology

See All in Technology
ChatGPTをどう使うか?(JJUGナイトセミナー5/23)
shin_higuchi
0
360
Google I:O 2023 Androidの自動テストアップデートまとめ / Google I:O 2023 Android Testing Update Recap
tkmnzm
0
180
10x More Effective Sprint Review for the Agile Team
eiki
0
130
DevSecOpsへの展開〜全てのチームの能力を最大限に引き出す/Expanding to DevSecOps
newrelic2023
0
210
バリエーションで差をつける。myshoesの新たな挑戦 #cicd_test_night
whywaita
PRO
0
350
1人目QA奮闘記-2023年ver-/QA Engineer's Struggle 2023
mii3king
1
250
C# の async/await は実際にどうやって動いているか
nenonaninu
3
10k
Impressions of the Ruby Kaigi
suzukahr
1
4.7k
SWEBOK V3からV4への改訂に見るソフトウェアエンジニアリングの発展とソフトウェア保守・進化
washizaki
0
340
cgroup の歩き方 / TechFeed Experts Night #19
tenforward
0
230
組織の立ち上げと体制変更の1年
tarappo
2
380
個人データの利用に対する許容度に関する社会調査
hiroshinakagawa
0
140

Featured

See All Featured
Building a Scalable Design System with Sketch
lauravandoore
451
31k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
0
1.4k
The World Runs on Bad Software
bkeepers
PRO
59
5.9k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
318
19k
A Modern Web Designer's Workflow
chriscoyier
689
190k
A Philosophy of Restraint
colly
195
15k
Debugging Ruby Performance
tmm1
68
11k
In The Pink: A Labor of Love
frogandcode
133
21k
5 minutes of I Can Smell Your CMS
philhawksworth
198
18k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
39
3.7k
Designing the Hi-DPI Web
ddemaree
273
33k
The Illustrated Children's Guide to Kubernetes
chrisshort
26
44k

Transcript

  1. Docker in Production
    Speaker: Dimitris Kapanidis

    View Slide

  2. Innovating Container Delivery

    View Slide

  3. Index
    - Requirements
    - Phase 1
    - Continuous Delivery
    - Phase 2
    - Operating System
    - Benchmarking Day
    - Disaster Recovery Day

    View Slide

  4. Requirements
    - Production
    - 23 Million daily hits
    - Off-load DB usage
    - Fast response time
    - Process
    - Quick deploy cycles
    - Easy rollbacks
    - Easy scaling
    - Automatic failover
    - Dev,QA,Prod parity
    - No SPOF
    - Canary Releases

    View Slide

  5. Phase 1
    Containerize an existing Tomcat WAR

    View Slide

  6. Delivery Life Cycle - Classic

    View Slide

  7. Infrastructure

    View Slide

  8. Issues with This Delivery Lifecycle
    - Too many open questions
    - How is Production environment provisioned?
    - What JDK, Tomcat version?
    - How are JDK/Tomcat installed? (apt-get, tarball)
    - Values of variables?
    - JAVA_OPTS, JAVA_HOME
    - CATALINA_OPTS, CATALINA_HOME
    - Logging mechanism
    - Application Configuration

    View Slide

  9. WAR
    is not executable

    View Slide

  10. How?
    - Application is a WAR file
    - The migration is initially an Ops project
    - Gave the confidence to bootstrap the rest
    - Keep it incremental!

    View Slide

  11. Infrastructure

    View Slide

  12. Infrastructure

    View Slide

  13. Infrastructure

    View Slide

  14. Delivery Life Cycle - Containers

    View Slide

  15. Creating Container
    FROM tomcat:7.0.59
    ADD app.war webapps/
    Dockerfile
    > ls
    app.war
    Dockerfile
    Directory Structure

    View Slide

  16. Delivery Life Cycle - Containers

    View Slide

  17. Containers
    are executable

    View Slide

  18. Container Image Tuning
    - Tomcat APR Installation
    - JAVA_OPTS Memory tuning
    - Remove default Tomcat webapps
    - Expand WAR during docker build
    - Set Locale, Timezone

    View Slide

  19. - Use official parent Images
    - Add variable Configuration (with defaults)
    - Use ENV variables when possible
    - Use Template config files to inject values
    - Add variable Validation (with exit status)
    - Follow open-source examples
    Container Image Build Checklist

    View Slide

  20. Adding entrypoint
    FROM tomcat:7.0.59
    ADD app.war webapps/
    COPY docker-entrypoint.sh /entrypoint.sh
    ENTRYPOINT [“/entrypoint.sh”]
    Dockerfile
    > ls
    app.war
    Dockerfile
    docker-entrypoint.sh
    Directory Structure

    View Slide

  21. Bringing down walls
    but still a two steps build process…

    View Slide

  22. Introducing
    captain
    https://github.com/harbur/captain

    View Slide

  23. Captain Configuration
    app:
    build: Dockerfile
    image: registry.local/user/app
    pre:
    - mvn clean install
    captain.yml

    View Slide

  24. Atomic Builds
    but we still depend on installed mvn at build machine...

    View Slide

  25. app:
    build: Dockerfile
    image: registry.local/user/app
    pre:
    - docker run -it --rm -v ~/.m2:/root/.m2 \
    -v "$PWD":/app -w /app maven:3.3.3 mvn clean install
    Captain Configuration
    captain.yml

    View Slide

  26. Continuous Delivery
    in other words: from Commit to Container

    View Slide

  27. Continuous Integration: Build
    master
    branch B
    branch A
    captain build
    latest
    branch A

    View Slide

  28. Continuous Integration: Test
    captain test
    latest

    View Slide

  29. Continuous Integration: Push
    captain push
    latest latest

    View Slide

  30. Continuous Integration: Release
    v0.1 v0.2 v1.0
    captain push

    View Slide

  31. Phase 2
    Distributed Container-Based Architecture
    (a.k.a Microservices)

    View Slide

  32. Phase 2 - Legacy Production

    View Slide

  33. Phase 2 - Add Cache

    View Slide

  34. Phase 2 - Add Messaging System

    View Slide

  35. Phase 2 - Add Tasks

    View Slide

  36. Phase 2 - Topology

    View Slide

  37. How to Achieve
    - Infrastructure as Code
    - Cluster-centric Operating System
    - Designed with fail-safes
    - Avoid Single Point-of-Failure (SPOF)
    - Designed with redundancy
    - Partition tolerant
    - Lightweight

    View Slide

  38. Operating System
    Designed for Cluster

    View Slide

  39. The Operating System - CoreOS

    View Slide

  40. The Operating System - CoreOS

    View Slide

  41. The Operating System - CoreOS

    View Slide

  42. The Operating System - CoreOS

    View Slide

  43. - Initialization of cluster instances
    - Infrastructure as Code
    - Treat servers as Cattle (not pets)
    - Scale-out with one command
    - CoreOS Update reboot-strategy: off
    - Discovery URL to auto-configure cluster
    - Configured Fleet Metadata
    Cloud Config YML

    View Slide

  44. Fleet Units
    - One per Service
    - Configuration Management with Etcd
    - Side-kick to activate Load Balancer

    View Slide

  45. Production Cluster
    cloud-config.yml (injecting private keys for read-only access of git repo & docker registry)
    docker pull
    git checkout
    Fleet Unit Files

    View Slide

  46. Benchmarking Day

    View Slide

  47. Production Server Topology 1

    View Slide

  48. Production Server Topology 2

    View Slide

  49. Production Server Topology 3

    View Slide

  50. Production Server Topology 4

    View Slide

  51. Production Server Topology 5

    View Slide

  52. On 4 cluster servers

    View Slide

  53. Disaster Recovery Day

    View Slide

  54. - Entire Cluster failure
    - Running Containers +350
    - Rebuilt cluster etcd from scratch
    - Downtime: 2 hours
    Worse Case Scenario

    View Slide

  55. - Buggy App (100% cpu) deployed on cluster
    - Measures: Deployment on Test environment
    - Measures: Canary deploys (10% of cluster)
    - High CPU usage disrupted etcd cluster
    - Measures: Tune etcd time-outs
    - Measures: Setup isolated etcd-cluster servers
    - Reboot of machines provoked OS upgrade
    - Measures: Lock-down CoreOS version by disabling
    service-upgrade; Upgrades on-demand
    Worse Case Scenario - Timeline

    View Slide

  56. Thank you

    View Slide