Vers des applications twelve-factor

Transcript

1. Vers des applications twelve-factor Avec Symfony et Docker Geoffrey Bachelet

   geoffrey.io / @ubermuda

2. 12factor.net

3. None

4. Use declarative formats for setup automation Clean contract with the

   underlying operating system Suitable for deployment on modern cloud platforms Minimize divergence between development and production Can scale up without significant changes ”

5. Codebase Dependencies Config Backing services Build, release, run Processes Port

   binding Concurrency Disposability Dev/prod parity Logs Admin processes

6. Codebase

7. Codebase Question de vocabulaire

8. Codebase une app = une base de code ("codebase")

9. Codebase = un repo git/hg/svn

10. Codebase 2 codebases =! un app

11. Codebase = un système distribué ("distributed system")

12. Distributed System Web WS Worker

13. Codebase 1 codebase -> plusieurs déploiements ("deploy")

14. Codebase Prod Pré-prod Dev C.I.

15. Codebase one app = one codebase multiple codebases = a

    distributed system one codebase -> many deploys

16. Dependencies

17. System-wide vs Project-wide

18. None

19. Dependencies Declaration composer.json bower.json packages.json ...

20. Dependencies Isolation bin/ autoload ...

21. Outils système ? curl, imagemagick, ...

22. Pas de "shell out" ! si obligatoire, inclure le binaire

    dans les dépendances

23. Config

24. Resource handles to the database, Memcached Credentials to external services

    such as Amazon S3 or Twitter Per-deploy values such as the canonical hostname for the deploy ”

25. Séparation stricte de la config et du code.

26. app/config/parameters.yml

27. Il est possible de créer d'autres fichiers ! app/config/apis.yml

28. 12 factor recommande les variables d'environnement

29. Incenteev/ParameterHandler env-map

30. docker run -e FOO=bar -e TOTO Docker

31. web: image: debian:wheezy environnement: - FOO=bar - TOTO Fig

32. Backing services

33. A backing service is any service the app consumes over

    the network as part of its normal operation. ”

34. Datastore (MySQL, PgSQL, Redis, ...) SMTP (Postfix, Mandril, ...) Message

    Queue (RabbitMQ, ZeroMQ, ...) API tierce (Twitter, Facebook, etc)

35. App Ambassador MySQL Redis MySQL Ambassador Ambassador Ambassador

36. App Ambassador Ambassador Facebook Twitter Health check, Cache, etc.

37. Build, release, run

38. The twelve-factor app uses strict separation between the build, release,

    and run stages. ”

39. Téléchargement des dépendances Construction des assets Build

40. Build docker build

41. composer install ...et la méchante "GitHub API Rate"

42. FROM debian:wheezy Dockerfile

43. - FROM debian:wheezy + FROM acme/base Dockerfile

44. FROM debian:wheezy RUN composer config -g \ github-oauth.github.com \ a1b2c3d4e5...

    acme/base Attention à la sécurité !

45. Release docker push Possiblement sur un registry privé

46. RUN docker run / fig up

47. Processes

48. Twelve-factor processes are stateless and share-nothing. ”

49. App App Volumes Cache, Sessions, etc.

50. App App Volumes Cache, Sessions, etc. NOPE

51. App Volumes App Volumes Redis Ambassador

52. App Volumes App Volumes Redis Ambassador Sessions Cache

53. Assets ?! uploads, avatars, etc.

54. Amazon S3 ou autre

55. Port binding

56. The twelve-factor app is completely self-contained

57. Self-contained?!

58. That's my fetish.

59. Docker docker run -P

60. Chaque application peut devenir un "backing service".

61. Concurrency

62. stateless + share-nothing = scalable

63. Web Reverse Proxy App App Ambassador MySQL

64. Reverse Proxy App App App Ambassador MySQL Let's rock.

65. Background jobs AMQP App Worker Worker Worker

66. Disposability

67. Web Reverse Proxy App App App Ambassador MySQL

68. Reverse Proxy App App App Ambassador MySQL J'ai piscine

69. ChaosMonkey https://github.com/Netflix/SimianArmy/wiki/Chaos-Monkey

70. App Ambassador MySQL Redis MySQL Ambassador Ambassador Ambassador

71. App Ambassador MySQL Redis MySQL Ambassador Ambassador Ambassador PG M'A

    TUER

72. App Ambassador MySQL Redis MySQL Ambassador Ambassador Ambassador LOL

73. App Ambassador MySQL Redis MySQL Ambassador Ambassador Ambassador MySQuoi ?

74. Dev/prod parity

75. Objectifs Réduire la friction entre le dev et la prod

    Réduire le "time-to-first-deploy" Faciliter l'intégration continue

76. Docker Permet d'avoir des environnements de dev très proches de

    la production.

77. Fig Facilite l'orchestration.

78. web: image: mytepee/web ports: [80] links: [db:db] volumes_from: [cache, config,

    data] environment: [...] db: image: orchardup/mysql environment: [...] cache: image: busybox command: /bin/true volumes: [/root/.composer/cache, /root/.cache/bower] config: image: busybox command: /bin/true volumes: [/app/config] data: image: busybox command: /bin/true volumes: [/app/web/uploads, /app/web/media, ..., /app/app/cache, /app/app/logs] fig.yml Attention à la sécurité !

79. Fig Pas (encore) d'orchestration "remote". Outils tierce (Flocker, Panamax, etc.)

80. Logs

81. A twelve-factor app never concerns itself with routing or storage

    of its output stream. ”

82. ...each running process writes its event stream, unbuffered, to stdout

    ”

83. Difficile d'être twelve-factor avec Symfony.

84. ELK Elasticsearch + Logstash + Kibana

85. David Pilato @dadoonet Atelier : Hands on Elasticsearch & Kibana

86. David Pilato @dadoonet Atelier : Hands on Elasticsearch & Kibana

    HIER

87. Olivier Dolbeau @odolbeau Talk : Laisse pas trainer ton log

    !

88. Olivier Dolbeau @odolbeau Talk : Laisse pas trainer ton log

    ! HIER

89. Olivier Dolbeau @odolbeau http://odolbeau.fr/blog/when-monolog-meet-elk.html When Monolog meet ELK

90. Admin processes

91. One-off admin processes should be run in an identical environment

    as the regular long-running processes of the app. ”

92. Container spécialisé ? docker run acme/cli ...

93. docker exec docker exec acme_web ... 1.3

94. Fig fig run

95. Run a one-off command on a service. For example: $

    fig run web python manage.py shell By default, linked services will be started, unless they are already running. If you do not want to start linked services, use `fig run --no-deps SERVICE COMMAND [ARGS...]`. fig.yml

96. Ce qu'il faut retenir.

97. Twelve-factor = Recommandations

98. stateless / share-nothing

99. ELK http://odolbeau.fr/blog/when-monolog-meet-elk.html

100. Fig http://www.fig.sh/

101. Ambassador pattern https://docs.docker.com/articles/ambassador_pattern_linking/

102. Questions ? geoffrey.io / @ubermuda geoffrey.io/books/discovering-docker.html Merci !