Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Non-traditional use of Docker (Nette Camp #3)

Vladimír Kriška
August 25, 2017
Programming
0
58

Non-traditional use of Docker (Nette Camp #3)

Vladimír Kriška

August 25, 2017
Tweet

More Decks by Vladimír Kriška

See All by Vladimír Kriška
Twelve-Factor app with Docker
ujovlado
0
21
Design a REST API you will love to work with
ujovlado
0
560
Docker for PHP developers - Tips, Tricks & Lessons learned
ujovlado
3
300
Docker ‐ from development to production in minutes (PoSobota #91)
ujovlado
0
190
Contributions [lightning talk] (PyconCZ 2015)
ujovlado
0
35
CSS Flexbox (WebElement #35)
ujovlado
0
88
Simplify your dev life with Docker (WebElement Banská Bystrica)
ujovlado
0
75
Don't underestimate CSS (WebElement #30)
ujovlado
0
480
Database Migrations in PHP (Posobota #66)
ujovlado
0
49

Other Decks in Programming

See All in Programming
Dart3を試す
masumitsu
0
180
ふんわり使うPlantUML
suzuki
0
230
Laravelプロダクト開発・運用の失敗学
shgishzk
0
150
Run Your Firebase for Web App Locally Using Firebase Emulator Suite
dicoding
0
150
kotlin-resultを用いて鉄道志向なエラーハンドリングを試みる
blackbracken
1
170
PDF_TDX_2023_Apex__What_s_New_and_What_s_Coming.pdf
fishofprey
3
860
10Xにおけるdbtの事例紹介
10xinc
0
980
実録レガシー Rails アプリ改善ジャーニー / Legacy Rails app improvement journey
shutooike
3
140
Money Forward XでのGo利用事例について
keitaro1020
3
320
フレームワークが存在しない時代からのレガシープロダクトを、 Laravelに”載せる”実装戦略
hirobe1999
0
150
推測するな、計測せよ New Relic × Laravel 実践
mpyw
2
240
日常業務のカイゼンで図る開発チームへの貢献 - YAPC::Kyoto 2023
koluku
4
500

Featured

See All Featured
Facilitating Awesome Meetings
lara
34
4.7k
How GitHub (no longer) Works
holman
299
140k
Art Directing for the Web. Five minutes with CSS Template Areas
malarkey
197
11k
Pencils Down: Stop Designing & Start Developing
hursman
114
10k
Design by the Numbers
sachag
271
18k
Why You Should Never Use an ORM
jnunemaker
PRO
49
8k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
22
1.8k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
24
5.1k
Building Adaptive Systems
keathley
28
1.4k
Navigating Team Friction
lara
177
12k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
227
16k
A better future with KSS
kneath
230
16k

Transcript

  1. Non-traditional use of
    Docker
    Vladimír Kriška
    @ujovlado

    View Slide

  2. $ whoami
    Brogrammer
    Developer at Keboola
    building ETL platform Keboola Connection
    writing about it at 500.keboola.com
    WebElement organizer - web dev meetup (on hold)
    Rekurzia - custom dev trainings
    twitter.com/ujovlado
    2

    View Slide

  3. Why containers?
    3

    View Slide

  4. Why containers?
    Isolation
    Simplicity
    One container, one task, one process*
    Lock environment
    No more "works on my machine" problems
    They're lightweight
    Almost as native (probably 99.9%)
    4

    View Slide

  5. Why Docker?
    5

    View Slide

  6. Why Docker?
    Most popular
    No VM needed*
    Easy to learn
    Lightweight
    Fast startup
    Well supported
    Docker Compose
    Docker Swarm, etc.
    6

    View Slide

  7. Let's begin!
    7

    View Slide

  8. 1. Standard usage (for dev)
    Docker le:
    FROM node:7
    RUN apt-get update -q \
    && apt-get install apt-transport-https \
    && wget https://dl.yarnpkg.com/debian/pubkey.gpg -O pubkey.gpg
    && apt-key add pubkey.gpg \
    && echo "deb https://dl.yarnpkg.com/debian/ stable main" > /et
    && apt-get update -q \
    && apt-get install yarn -y
    8

    View Slide

  9. docker-compose.yml:
    services:
    node:
    build: .
    ports:
    - "3000:3000"
    volumes:
    - ./:/code
    working_dir: /code
    tty: true
    command: sh -c 'yarn && yarn start'
    and:
    docker-compose run --rm --service-ports node
    9

    View Slide

  10. 2. Helpers (e.g. in Travis)
    services:
    - docker
    script:
    - ...
    - docker-compose up -d udp-listener
    - php tests/run.php
    - docker-compose logs udp-listener | grep 'Some text'
    check if library made UDP request
    10

    View Slide

  11. 3. Concurency problems (almost
    DIND)
    $ docker run --rm \
    -v /var/run/docker.sock:/var/run/docker.sock \
    docker:1.11 \
    sh -c 'docker login \
    && docker pull some-image \
    && docker logout'
    mounting Docker socket to container
    Docker in container will run Docker on host
    logins will not con ict
    11

    View Slide

  12. 4. Tools you don't want on host
    e.g. Ruby
    or Node
    PHP
    ...
    12

    View Slide

  13. 4.1. Travis CLI
    to run Travis CLI in container using host FS
    FROM ruby:2
    RUN gem install travis -v 1.8.2 --no-rdoc --no-ri
    ARG USER_NAME
    ARG USER_UID
    ARG USER_GID
    RUN groupadd --gid $USER_GID $USER_NAME
    RUN useradd --uid $USER_UID --gid $USER_GID $USER_NAME
    ENTRYPOINT ["travis"]
    13

    View Slide

  14. 4.1. Travis CLI
    $ docker build -t travis \
    --build-arg USER_UID=`id -u` \
    --build-arg USER_GID=`id -g` \
    --build-arg USER_NAME=`id -un` \
    .
    $ docker run -i -t --rm \
    -v "/home/vlado/workspace/travis-cli/.travis
    :/home/`id -un`/.travis" \
    -u `id -u` \
    travis
    14

    View Slide

  15. 4.1. Travis CLI
    #!/bin/bash
    docker run -i -t --rm \
    -v "/home/vlado/workspace/travis-cli/.travis
    :/home/`id -un`/.travis" \
    -v "$PWD:$PWD" \
    -w $PWD \
    -u `id -u` \
    travis "[email protected]"
    15

    View Slide

  16. 5. OpenVPN
    FROM debian:jessie
    RUN apt-get update -q \
    && apt-get install openvpn ssh -y --no-install-recommends
    ARG USER_NAME
    ARG USER_UID
    ARG USER_GID
    RUN groupadd --gid $USER_GID $USER_NAME \
    && useradd --uid $USER_UID --gid $USER_GID \
    --shell /bin/bash $USER_NAME
    COPY entrypoint.sh /root/
    ENTRYPOINT ["/root/entrypoint.sh"]
    16

    View Slide

  17. Entrypoint:
    openvpn --daemon --config $1 && su - $SU_USERNAME
    Build:
    docker build -t openvpn \
    --build-arg USER_UID=`id -u` \
    --build-arg USER_GID=`id -g` \
    --build-arg USER_NAME=`id -un` \
    .
    similar Travis CLI
    17

    View Slide

  18. Run script:
    #!/bin/bash
    SCRIPT_DIR=$(cd `dirname $0`; pwd -P)
    if [ ! -f $SCRIPT_DIR/config/$1 ]; then
    echo "Specified config file not found"
    else
    docker run -i -t --rm \
    --device "/dev/net/tun:/dev/net/tun" \
    -v "$SCRIPT_DIR/config:/etc/openvpn/config" \
    -v "/home/`id -un`/.ssh:/home/`id -un`/.ssh" \
    -w "/etc/openvpn/config" \
    --cap-add NET_ADMIN \
    --env SU_USERNAME=`id -un` \
    openvpn $1
    fi
    18

    View Slide

  19. 6. Shared socket
    services:
    syslog:
    build: docker/syslog
    volumes:
    - ./docker/.syslog-datadir/socket:/syslog-socket
    - ./docker/.syslog-datadir/log:/var/log
    syslog-watcher:
    image: debian:8
    volumes_from:
    - syslog
    command: tail -f /var/log/syslog
    everything is a le
    19

    View Slide

  20. services:
    apache:
    build: docker/php-apache
    volumes:
    - ...
    - ./docker/.syslog-datadir/socket/log:/dev/log
    - ...
    links:
    - syslog
    now you can log to syslog and will see logs using
    "watcher" service
    20

    View Slide

  21. Conclusion
    you can run any service in Docker
    in Linux, everything is a le -> can be mounted
    super fast onboarding (just docker run/up)
    clean host system
    ...
    21

    View Slide

  22. Questions?
    22

    View Slide