Using Chef to manage your container workflow

84109ee4c6a65dba7fd787476746fa64?s=47 Tom Duffield
September 13, 2014
Technology
3
1.3k

Using Chef to manage your container workflow

Slides from a talk I gave at Fossetcon2014 on how you can leverage Chef Container to manage your Docker container workflow.

84109ee4c6a65dba7fd787476746fa64?s=128

Tom Duffield

September 13, 2014
Tweet

More Decks by Tom Duffield

See All by Tom Duffield
84109ee4c6a65dba7fd787476746fa64?s=48 tduffield
0
140
84109ee4c6a65dba7fd787476746fa64?s=48 tduffield
0
130
84109ee4c6a65dba7fd787476746fa64?s=48 tduffield
1
200
84109ee4c6a65dba7fd787476746fa64?s=48 tduffield
0
160

Other Decks in Technology

See All in Technology
0d29d155ce5c5a93ed46363626da3ea7?s=48 ocise
1
1.9k
5af8e5bd2f24e4ea0cee732c6cc259b3?s=48 haruharuharuby
0
210
Da467feb3ca0106d571915faedb714f2?s=48 enakai00
3
150
9e7a653ed313b3da4b263a772bfc5026?s=48 clustervr
0
160
Cf18e42df2acc7a1fc1700bcd8e76487?s=48 syrusakbary
0
210
1bfc6e2ed04a895bb36f36b86828b689?s=48 110y
1
170
5c772b62f1974e9da3a88fbb4ef02696?s=48 hariby
1
110
A97eee01397705443a72a48ce29d3e19?s=48 cybozuinsideout
0
250
457ada693e168bd1102fec3914040b5d?s=48 uipath_friends
0
140
332f89cc697355902a817506b6995f2b?s=48 ytaka23
1
800
25b30e875da37bab1edc8fbc2fe23df7?s=48 _mossann_t
0
600
Dc3f88b2c2c4210e3068d94ce7c25bf2?s=48 terkel
15
3.7k

Featured

See All Featured
B6a8f005f39d23ffc930508ac9da68b9?s=48 vanstee
115
4.7k
F29327647a9cff5c69618bae420792ea?s=48 tenderlove
49
3.3k
Eb8975af8e49e19e3dd6b6b84a542e26?s=48 qrush
283
18k
78b475797a14c84799063c7cd073962f?s=48 holman
287
130k
C0390e8b11079f8761c0cd3274ed61cb?s=48 productmarketing
5
540
9128d500301ae51524e887bb680f471d?s=48 caitiem20
305
17k
96270e4c3e5e9806cf7245475c00b275?s=48 addyosmani
493
110k
Ef32e0b1ac5082450dc8c1fca3a26b5c?s=48 cherdarchuk
66
260k
7c8469ee8c9e594c65c59b919626c08d?s=48 scottboms
250
11k
E43f8dfd01057f8304f5f8fb9a294d7d?s=48 jeffersonlam
325
15k
A415db3ac9e9668acbc1fb36eead84ac?s=48 mthomps
37
2.2k
E4f5d494ebdc9e7cce1aecf3ce3e8bc1?s=48 shpigford
366
42k

Transcript

  1. None

  2. Chef for Containers Using config management in your container workflow

    Tom Duffield Software Development Engineer at Chef Twitter: @tomduffield Fossetcon 2014

  3. Agenda Introduction to Docker Chef Container Knife Container Workflow More

    Information Questions

  4. Introduction to Docker

  5. What are Linux containers? • Lightweight virtualization provided by libraries

    inside the Linux Kernel. • cgroups • namespaces • capabilities • selinux • apparmor • netlink • netfilter

  6. What is Docker? • Utility that improves the usability of

    Linux Containers by providing: • a layered file system (Docker Images) • a cross-platform execution engine (Docker Engine) • a social space to share common libraries (Docker Hub)

  7. Hypervisor Virtualization Server Host OS Hypervisor Guest OS bins/ libs

    app a Guest OS bins/ libs app d Guest OS bins/ libs app b Guest OS bins/ libs app c Virtual Machine

  8. Docker Containers Server Host OS bins/libs app b app d

    app c Container Docker Engine bins/libs app a

  9. Benefits & Gaps of Containers Benefits Gaps Speed Portability Density

    Security Persistent State Credentials

  10. Simple Docker Workflow Pull (Download) Run (Launch) Commit (Snapshot)

  11. docker pull ubuntu:12.04 ubuntu 12.04

  12. docker run ubuntu:12.04 apt-get update ubuntu 12.04 apt-get update 012345678

  13. docker commit 012345678 ubuntu 12.04 apt-get update 012345678

  14. docker run 012345678 apt-get upgrade ubuntu:12.04 apt-get update 012345678 apt-get

    upgrade ABCDEFG

  15. docker commit ABCDEFG ubuntu:12.04 apt-get update ABCDEFG apt-get upgrade

  16. The Dockerfile FROM ubuntu:12.04 RUN apt-get update RUN apt-get upgrade

  17. Dockerfile Workflow Pull Build Run Run Commit

  18. docker build mycontext FROM ubuntu:12.04 RUN apt-get update RUN apt-get

    install apache2 ADD myconf.conf \ /etc/apache2/sites-enabled/mysite ADD mysite /var/www/mysite Dockerfile myconf.conf mycontext mysite index.html Dockerfile

  19. Chef Container

  20. Chef Container is a package that provides configuration management for

    your containers.

  21. Chef Container allows you to: • define your container configuration

    using Chef recipes. • idempotently manage the running state of your container. • safely manage multiple services inside your container.

  22. Chef Container is a great for handling: • installation and

    configuration of complex applications. • transitioning traditional architecture to containers. • handling last-mile configuration when container boots.

  23. Consistency Across Architectures Physical Virtual Cloud Container

  24. Mixed Architecture Applications Development Test QA Prod

  25. Understanding the PID1 Problem $ docker run busybox ps -ef

    PID USER COMMAND 1 root ps -ef • The command you specify via docker run replaces init and becomes the root process (PID1).

  26. Addressing the PID1 Problem • The root process (PID1) is

    responsible for: • telling the container what processes it should run. • ensuring all child processes are properly managed.

  27. Chef Container Components chef-client runit chef-init

  28. runit is a lightweight, cross-platform init scheme you can use

    to ensure all child processes are properly managed. http://smarden.org/runit/

  29. chef-init is a root process which can launch and manage

    multiple processes inside a container. https://github.com/opscode/chef-init

  30. debian logo redhat logo centos logo init init init init

  31. debian logo redhat logo centos logo docker

  32. debian logo redhat logo centos logo chef-init chef-init chef-init chef-init

    docker runit runit runit runit

  33. Knife Container Workflow

  34. knife container TOOL SUBCOMMAND chef gem install knife-container

  35. knife container docker init Generate Docker Context Download Base Docker

    Image Docker Components Chef Components

  36. knife container docker init $ knife container docker init NAMESPACE/IMAGE_NAME

    [options] Frequently Used Options Flag Description -f The base Docker image to use. The default is chef/ubuntu-12.04. -r Your Chef run list. -z Use chef-client local mode. -b Use Berkshelf to manage cookbook dependencies.

  37. v0 ubuntu-12.04 knife container docker init myorg/myapp

  38. knife container docker build Resolve Chef Dependencies Build Docker Image

    Cleanup Chef Artifacts

  39. knife container docker build $ knife container docker build NAMESPACE/IMAGE_NAME

    [options] Frequently Used Options Flag Description --force Force the resolution of Chef dependencies.

  40. v0 ubuntu-12.04 knife container docker build myorg/myapp v1

  41. v0 ubuntu-12.04 knife container docker build myorg/myapp v1 v2

  42. Long Term Speed Benefits A B C D L1 L2

    L3 L4 R1 R2 R3 R4

  43. Long Term Speed Benefits A B C D L1 L2

    L3 L4 R1 R2 R3 R4

  44. ubuntu:12.04 L1 Image v1 ubuntu-12.04 CCR1 : R1-4 Image v1

    L2 L3 L4

  45. ubuntu:12.04 L1 Image v2 ubuntu-12.04 CCR1 : R1-4 Image v2

    L2 L3 L4 CCR2 : R2

  46. Why use Chef Container? 1) Fast and easy transition from

    existing architecture. 2) Consistent configuration model across containerization solutions and types of architectures. 3) Mixed infrastructure environments. 4) Idempotency in your image build process and in your running containers. 5) Decreased overhead for configuration changes.

  47. More Information

  48. Documentation Documentation: http://docs.getchef.com/containers.html Docker Images: https://hub.docker.com/u/chef Feedback: http://github.com/opscode/chef-init http://github.com/opscode/knife-container

  49. Roadmap • Rebuild images from a fresh base image. •

    Add multiple, custom tags to your Docker images. • Improved management of secure credentials. What would you like to see? Submit input and feedback! http://github.com/opscode/knife-container/issues http://github.com/opscode/chef-init/issues

  50. Questions? Tom Duffield | @tomduffield

  51. None