Containerising Applications For Docker

Transcript

1. A presentation by @stuherbert
 for @GanbaroDigital Designing Docker Containers For

   PHP App Development

2. Industry veteran: architect, engineer, leader, manager, mentor F/OSS contributor since

   1994 Talking and writing about PHP since 2004 Chief Software Archaeologist @GanbaroDigital About Stuart

3. Follow me I do tweet a lot about non-tech stuff

   though :) @stuherbert

4. @GanbaroDigital This isn’t a “What Is Docker?” talk, nor a

   “Why Docker?” talk.

5. @GanbaroDigital This is more a “How to Dockerize?” talk.

6. @GanbaroDigital The underlying principles apply to any containerised application.

7. @GanbaroDigital Why am I giving this talk?

8. @GanbaroDigital This is a follow-up to my talk Docker for

   PHP Dev Environments presented @PHPMinds in 2017

9. @GanbaroDigital https://speakerdeck.com/stuartherbert/ docker-for-php-dev-environments

10. @GanbaroDigital I’ve been working with clients who want to Dockerize

    everything. The same points come up every time.

11. @GanbaroDigital Containers are different to virtual machines

12. @GanbaroDigital Your data if you lift and shift a VM

    into a container

13. @GanbaroDigital “ Some things change, and some things stay the

    same.

14. @GanbaroDigital This is my experience. This is how I do

    it, and why.

15. @GanbaroDigital Other approaches exist. I’m here to learn from you

    too!

16. @GanbaroDigital Please ask questions as we go.

17. @GanbaroDigital In This Talk ... 1. Common Understanding 2. Image

    and Container Properties 3. Putting It All Together 4. Common Questions

18. @GanbaroDigital Common Understanding

19. @GanbaroDigital “ Docker’s terminology can be very confusing when you’re

    starting out.

20. @GanbaroDigital ?? ?? What do we mean when we talk

    about containers and images?

21. @GanbaroDigital A Docker image is a blueprint that has been

    built.

22. @GanbaroDigital The blueprint is the Dockerfile.

23. @GanbaroDigital A Docker container is a running instance of a

    Docker image.

24. @GanbaroDigital You can spin up many containers from the same

    image.

25. @GanbaroDigital Image & Container Properties

26. @GanbaroDigital “ Things are easier when something is used in

    the way it was intended.

27. @GanbaroDigital Image Properties

28. @GanbaroDigital Image Properties Include ... • Distribution • Layering

29. @GanbaroDigital Image Properties Include ... • Distribution • Layering

30. @GanbaroDigital https://flic.kr/p/SgsXBV Distribution

31. @GanbaroDigital An image is a thing that you can distribute.

    Just like a VBOX file.

32. @GanbaroDigital Docker Hub

33. @GanbaroDigital You can use the same image in dev, test,

    & production to guarantee the same behaviour everywhere.

34. @GanbaroDigital “ You don’t want the same behaviour in dev,

    test & production.

35. @GanbaroDigital You can use the same image in dev, test,

    & production to guarantee the same behaviour everywhere.

36. @GanbaroDigital You can use the same image in dev, test,

    & production to guarantee the same software everywhere.

37. @GanbaroDigital ?? ?? What differences do we want?

38. @GanbaroDigital “Dev images are optimised for developer productivity. Test /

    prod images are optimised for production use.

39. @GanbaroDigital Differences Wanted ... • Logging levels • PHP profiler

    modules • PHP opcache config • Baking your app into the image

40. @GanbaroDigital Differences Wanted ... • Logging levels • PHP profiler

    modules • PHP opcache config • Baking your app into the image

41. @GanbaroDigital Differences Wanted ... • Logging levels • PHP profiler

    modules • PHP opcache config • Baking your app into the image

42. @GanbaroDigital Differences Wanted ... • Logging levels • PHP profiler

    modules • PHP opcache config • Baking your app into the image

43. @GanbaroDigital https://flic.kr/p/FQ4jk9 Layering

44. @GanbaroDigital Docker images are layered.

45. @GanbaroDigital

46. @GanbaroDigital “Docker images are layered. Generalise base layers, specialise later

    layers.

47. @GanbaroDigital Container Properties

48. @GanbaroDigital Container Properties Include ... • Co-location • Non-persistence •

    Customisation • Copy-on-write filesystem

49. @GanbaroDigital Container Properties Include ... • Co-location • Non-persistence •

    Customisation • Copy-on-write filesystem

50. @GanbaroDigital Container Properties Include ... • Co-location • Non-persistence •

    Customisation • Copy-on-write filesystem

51. @GanbaroDigital Container Properties Include ... • Co-location • Non-persistence •

    Customisation • Copy-on-write filesystem

52. @GanbaroDigital https://flic.kr/p/94KBK1 Co-location

53. @GanbaroDigital ?? ?? What can you run inside a Docker

    container?

54. @GanbaroDigital Anything you choose. (Almost)

55. @GanbaroDigital And as many things as you want.

56. @GanbaroDigital “ You can co-locate multiple processes inside a single

    container.

57. @GanbaroDigital https://flic.kr/p/ab5xJY Non-persistence

58. @GanbaroDigital Persistence is the ability to survive the destruction and

    re-creation of a Docker container.

59. @GanbaroDigital It’s normal to destroy Docker containers and then re-create

    them from the underlying Docker image.

60. @GanbaroDigital When you destroy a Docker container, you lose everything

    you’ve saved inside that container.

61. @GanbaroDigital “ The contents of a Docker container are not

    persistent.

62. @GanbaroDigital The contents of a Docker container are not persistent.

63. @GanbaroDigital Your data if you lift and shift a VM

    into a container

64. @GanbaroDigital ?? ?? What kinds of persistent data does your

    app create?

65. @GanbaroDigital Persistent Data Includes ... • Databases • File uploads

    • Session data • Auto-upgrades / plugin installs (Wordpress) • Logs

66. @GanbaroDigital Persistent Data Includes ... • Databases • File uploads

    • Session data • Auto-upgrades / plugin installs (Wordpress) • Logs

67. @GanbaroDigital Persistent Data Includes ... • Databases • File uploads

    • Session data • Auto-upgrades / plugin installs (Wordpress) • Logs

68. @GanbaroDigital Persistent Data Includes ... • Databases • File uploads

    • Session data • Auto-upgrades / plugin installs (Wordpress) • Logs

69. @GanbaroDigital Persistent Data Includes ... • Databases • File uploads

    • Session data • Auto-upgrades / plugin installs (Wordpress) • Logs

70. @GanbaroDigital We can mount persistent data volumes into containers.

71. @GanbaroDigital

72. @GanbaroDigital https://flic.kr/p/j6mk6C Customised

73. @GanbaroDigital Docker containers can write to their filesystems.

74. @GanbaroDigital We can use that to customise config files when

    a Docker container starts up.

75. @GanbaroDigital ?? ?? Why might we want to modify config

    files at startup?

76. @GanbaroDigital Nginx

77. @GanbaroDigital “ A one-time startup script can tailor your container.

78. @GanbaroDigital https://flic.kr/p/64YX6u COW Filesystem

79. @GanbaroDigital Docker containers use a copy-on-write filesystem.

80. @GanbaroDigital Writes are slow, and if you hit them hard

    enough, they break.

81. @GanbaroDigital “ After startup, write as little as possible to

    a Docker container’s filesystem.

82. @GanbaroDigital 5 Key Design Questions • How can I break

    my image up into layers? • What does my app need? • How do I configure everything? • Where will persistent data go? • How do I avoid all other writes to the FS?

83. @GanbaroDigital Putting It All Together

84. @GanbaroDigital https://github.com/ganbarodigital/docker-images/

85. @GanbaroDigital The Base Image

86. @GanbaroDigital Base Ubuntu Server

87. @GanbaroDigital • Your (minimal) operating system of choice • +

    anything all your child images regularly need • + convenience tools for when (not if) you shell into the containers • + standardise volume mount points

88. @GanbaroDigital “Get it right in the base layer. Don’t have

    to put it right further up in your image stack.

89. @GanbaroDigital Supervisord

90. @GanbaroDigital /etc/supervisor/supervisord.conf

91. @GanbaroDigital /etc/supervisor/conf.d/nginx.conf

92. @GanbaroDigital /usr/local/sbin/image-startup.sh

93. @GanbaroDigital Dockerfile: standardise side-load mount points

94. @GanbaroDigital Web Server

95. @GanbaroDigital Base Web Server Ubuntu Server Nginx or Apache

96. @GanbaroDigital • Your web server of choice • + default

    config files

97. @GanbaroDigital Nginx default site

98. @GanbaroDigital Nginx default site

99. @GanbaroDigital Why A Web Server Image? • Standalone use: static

    sites • Shared basis: PHP, Python, Ruby, etc etc

100. @GanbaroDigital Runtime

101. @GanbaroDigital Base Web Server PHP Ubuntu Server Nginx or Apache

     PHP-FPM or mod_php

102. @GanbaroDigital • This is where your language runtime goes •

     + supporting config files

103. @GanbaroDigital https://flic.kr/p/94KBK1 Co-location Example

104. @GanbaroDigital “ PHP goes in the same Docker container as

     your web server.

105. @GanbaroDigital ?? ?? What happens if you run Apache/Nginx and

     PHP in separate containers?

106. @GanbaroDigital Physical Server Apache mod_php

107. @GanbaroDigital Physical Server Apache mod_php

108. @GanbaroDigital Apache + mod_php • mod_php runs inside the Apache

     process • You can’t split a single process across two containers

109. @GanbaroDigital Container Apache mod_php

110. @GanbaroDigital ?? ?? What about Apache/Nginx + PHP-FPM?

111. @GanbaroDigital Apache/Nginx and PHP-FPM are separate processes.

112. @GanbaroDigital We can split separate processes into separate containers. All

     the early advice was: 1 process per container

113. @GanbaroDigital

114. @GanbaroDigital Physical Server

115. @GanbaroDigital Apache Physical Server

116. @GanbaroDigital Apache PHP-FPM Physical Server

117. @GanbaroDigital ?? ?? How do they talk to each other?

118. @GanbaroDigital Apache PHP-FPM unix domain socket (very fast) Physical Server

119. @GanbaroDigital Apache PHP-FPM unix domain socket (very fast) Container #1

120. @GanbaroDigital Not really any different to Apache/Nginx + PHP-FPM performance

     on a physical server.

121. @GanbaroDigital Apache PHP-FPM unix domain socket (very fast) Container #1

122. @GanbaroDigital Apache PHP-FPM Container #1 Container #2

123. @GanbaroDigital ?? ?? How do they talk to each other?

124. @GanbaroDigital Apache PHP-FPM Virtualised network
 (not as fast) Container #1

     Container #2

125. @GanbaroDigital Virtualised network
 (not as fast) Container #1 Container #2

     Apache PHP-FPM

126. @GanbaroDigital “ Co-locate all the things that you’d never put

     on separate physical servers.

127. @GanbaroDigital “ Separate all the things that would stop you

     scaling horizontally.

128. @GanbaroDigital This generic PHP image is my dev image.

129. @GanbaroDigital Base Application
 (if applicable)

130. @GanbaroDigital Base Web Server PHP Wordpress Ubuntu Server Nginx or

     Apache PHP-FPM or mod_php Base application

131. @GanbaroDigital • This layer is optional • Build a vanilla

     image for your base app (e.g. Wordpress, Magento) • Add in any common plugins/modules • Use as the base for multiple customisations down the road

132. @GanbaroDigital Your App

133. @GanbaroDigital Base Web Server PHP Wordpress Your App Ubuntu Server

     Nginx or Apache PHP-FPM or mod_php Base application Profit :)

134. @GanbaroDigital Final layer is your code.

135. @GanbaroDigital Base Web Server PHP Wordpress Your App Ubuntu Server

     Nginx or Apache PHP-FPM or mod_php Base application Profit :)

136. @GanbaroDigital ?? ?? Can we add more layers?

137. @GanbaroDigital You could add one more layer, for customer-specific customisation.

138. @GanbaroDigital

139. @GanbaroDigital Common Questions

140. @GanbaroDigital 3 Common Questions • Databases inside containers • SSH

     servers • Port forwarding

141. @GanbaroDigital ?? ?? Can you run a database server (e.g.

     MySQL, MongoDB) inside a container?

142. @GanbaroDigital Yes. As long as they store all data on

     a persistent volume.

143. @GanbaroDigital Databases do not need to be co-located with your

     app. So run them in their own container.

144. @GanbaroDigital ?? ?? Should you run an SSH server in

     each Docker container?

145. @GanbaroDigital I don’t any more.

146. @GanbaroDigital • Most of my containers are behind a proxy

     or load balancer of some kind. • Can’t reach them from an off-host network. • One less thing to worry about.

147. @GanbaroDigital A lot of the advice out there is built

     around port forwarding. I prefer to run my containers with their own IP addresses.

148. @GanbaroDigital Summing Up

149. @GanbaroDigital 5 Key Design Questions • How can I break

     my image up into layers? • What does my app need? • How do I configure everything? • Where will persistent data go? • How do I avoid all other writes to the FS?

150. @GanbaroDigital “ You don’t want the same behaviour in dev,

     test & production.

151. @GanbaroDigital “Dev images are optimised for developer productivity. Test /

     prod images are optimised for production use.

152. @GanbaroDigital “Docker images are layered. Generalise base layers, specialise later

     layers.

153. @GanbaroDigital Base Web Server PHP Wordpress Your App Ubuntu Server

     Nginx or Apache PHP-FPM or mod_php Base application Profit :)

154. @GanbaroDigital “Get it right in the base layer. Don’t have

     to put it right further up in your image stack.

155. @GanbaroDigital “Standardise where things go. /config /data /logs & /workspace

156. @GanbaroDigital “ A one-time startup script can tailor your container.

157. @GanbaroDigital “ After startup, write as little as possible to

     a Docker container’s filesystem.

158. @GanbaroDigital “ Co-locate all the things that you’d never put

     on separate physical servers.

159. @GanbaroDigital “ Separate all the things that would stop you

     scaling horizontally.

160. @GanbaroDigital “ The contents of a Docker container are not

     persistent.

161. @GanbaroDigital The contents of a Docker container are not persistent.

162. @GanbaroDigital Your data if you lift and shift a VM

     into a container

163. @GanbaroDigital https://github.com/ganbarodigital/docker-images/

164. Thank You Any Questions? A presentation by @stuherbert
 for @GanbaroDigital