Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Speaker Deck
PRO
Sign in
Sign up for free
Non-traditional use of Docker (Nette Camp #3)
Vladimír Kriška
August 25, 2017
Programming
0
48
Non-traditional use of Docker (Nette Camp #3)
Vladimír Kriška
August 25, 2017
Tweet
Share
More Decks by Vladimír Kriška
See All by Vladimír Kriška
Twelve-Factor app with Docker
ujovlado
0
12
Design a REST API you will love to work with
ujovlado
0
500
Docker for PHP developers - Tips, Tricks & Lessons learned
ujovlado
3
250
Docker ‐ from development to production in minutes (PoSobota #91)
ujovlado
0
150
Contributions [lightning talk] (PyconCZ 2015)
ujovlado
0
34
CSS Flexbox (WebElement #35)
ujovlado
0
81
Simplify your dev life with Docker (WebElement Banská Bystrica)
ujovlado
0
68
Don't underestimate CSS (WebElement #30)
ujovlado
0
460
Database Migrations in PHP (Posobota #66)
ujovlado
0
49
Other Decks in Programming
See All in Programming
MLOps勉強会_リアルタイムトラフィックのサーバレスMLOps基盤_20220810
strsaito
1
460
Pluggable Storage in PostgreSQL
sira
1
200
Isar勉強会
hoddy3190
0
610
SRE NEXT 2022に学ぶこれからのSREキャリア
fukubaka0825
2
400
Scaling Productivity- How we have improved our dev experience
sockeqwe
1
130
サーバーレスパターンから学ぶデータ分析基盤構築 / devio2022
kasacchiful
0
520
SwiftUIで「意図」を伝える / swiftui_intention
uhooi
2
150
NestJS_meetup_atamaplus
atamaplus
0
230
Amazon SageMakerでImagenを動かして猫画像生成してみた
hotoke_neko
0
130
Lookerとdbtの共存
ttccddtoki
0
670
Now in Android Overview
aosa4054
1
430
There's an API for that!
mariatta
PRO
0
110
Featured
See All Featured
What the flash - Photography Introduction
edds
63
10k
Bash Introduction
62gerente
598
210k
Art, The Web, and Tiny UX
lynnandtonic
280
18k
Gamification - CAS2011
davidbonilla
75
3.9k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
29
4.4k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
237
19k
Rebuilding a faster, lazier Slack
samanthasiow
62
7.3k
Intergalactic Javascript Robots from Outer Space
tanoku
260
25k
A Philosophy of Restraint
colly
192
15k
Reflections from 52 weeks, 52 projects
jeffersonlam
337
17k
Teambox: Starting and Learning
jrom
123
7.7k
How To Stay Up To Date on Web Technology
chriscoyier
780
250k
Transcript
Non-traditional use of Docker Vladimír Kriška @ujovlado
$ whoami Brogrammer Developer at Keboola building ETL platform Keboola
Connection writing about it at 500.keboola.com WebElement organizer - web dev meetup (on hold) Rekurzia - custom dev trainings twitter.com/ujovlado 2
Why containers? 3
Why containers? Isolation Simplicity One container, one task, one process*
Lock environment No more "works on my machine" problems They're lightweight Almost as native (probably 99.9%) 4
Why Docker? 5
Why Docker? Most popular No VM needed* Easy to learn
Lightweight Fast startup Well supported Docker Compose Docker Swarm, etc. 6
Let's begin! 7
1. Standard usage (for dev) Docker le: FROM node:7 RUN
apt-get update -q \ && apt-get install apt-transport-https \ && wget https://dl.yarnpkg.com/debian/pubkey.gpg -O pubkey.gpg && apt-key add pubkey.gpg \ && echo "deb https://dl.yarnpkg.com/debian/ stable main" > /et && apt-get update -q \ && apt-get install yarn -y 8
docker-compose.yml: services: node: build: . ports: - "3000:3000" volumes: -
./:/code working_dir: /code tty: true command: sh -c 'yarn && yarn start' and: docker-compose run --rm --service-ports node 9
2. Helpers (e.g. in Travis) services: - docker script: -
... - docker-compose up -d udp-listener - php tests/run.php - docker-compose logs udp-listener | grep 'Some text' check if library made UDP request 10
3. Concurency problems (almost DIND) $ docker run --rm \
-v /var/run/docker.sock:/var/run/docker.sock \ docker:1.11 \ sh -c 'docker login \ && docker pull some-image \ && docker logout' mounting Docker socket to container Docker in container will run Docker on host logins will not con ict 11
4. Tools you don't want on host e.g. Ruby or
Node PHP ... 12
4.1. Travis CLI to run Travis CLI in container using
host FS FROM ruby:2 RUN gem install travis -v 1.8.2 --no-rdoc --no-ri ARG USER_NAME ARG USER_UID ARG USER_GID RUN groupadd --gid $USER_GID $USER_NAME RUN useradd --uid $USER_UID --gid $USER_GID $USER_NAME ENTRYPOINT ["travis"] 13
4.1. Travis CLI $ docker build -t travis \ --build-arg
USER_UID=`id -u` \ --build-arg USER_GID=`id -g` \ --build-arg USER_NAME=`id -un` \ . $ docker run -i -t --rm \ -v "/home/vlado/workspace/travis-cli/.travis :/home/`id -un`/.travis" \ -u `id -u` \ travis 14
4.1. Travis CLI #!/bin/bash docker run -i -t --rm \
-v "/home/vlado/workspace/travis-cli/.travis :/home/`id -un`/.travis" \ -v "$PWD:$PWD" \ -w $PWD \ -u `id -u` \ travis "$@" 15
5. OpenVPN FROM debian:jessie RUN apt-get update -q \ &&
apt-get install openvpn ssh -y --no-install-recommends ARG USER_NAME ARG USER_UID ARG USER_GID RUN groupadd --gid $USER_GID $USER_NAME \ && useradd --uid $USER_UID --gid $USER_GID \ --shell /bin/bash $USER_NAME COPY entrypoint.sh /root/ ENTRYPOINT ["/root/entrypoint.sh"] 16
Entrypoint: openvpn --daemon --config $1 && su - $SU_USERNAME Build:
docker build -t openvpn \ --build-arg USER_UID=`id -u` \ --build-arg USER_GID=`id -g` \ --build-arg USER_NAME=`id -un` \ . similar Travis CLI 17
Run script: #!/bin/bash SCRIPT_DIR=$(cd `dirname $0`; pwd -P) if [
! -f $SCRIPT_DIR/config/$1 ]; then echo "Specified config file not found" else docker run -i -t --rm \ --device "/dev/net/tun:/dev/net/tun" \ -v "$SCRIPT_DIR/config:/etc/openvpn/config" \ -v "/home/`id -un`/.ssh:/home/`id -un`/.ssh" \ -w "/etc/openvpn/config" \ --cap-add NET_ADMIN \ --env SU_USERNAME=`id -un` \ openvpn $1 fi 18
6. Shared socket services: syslog: build: docker/syslog volumes: - ./docker/.syslog-datadir/socket:/syslog-socket
- ./docker/.syslog-datadir/log:/var/log syslog-watcher: image: debian:8 volumes_from: - syslog command: tail -f /var/log/syslog everything is a le 19
services: apache: build: docker/php-apache volumes: - ... - ./docker/.syslog-datadir/socket/log:/dev/log -
... links: - syslog now you can log to syslog and will see logs using "watcher" service 20
Conclusion you can run any service in Docker in Linux,
everything is a le -> can be mounted super fast onboarding (just docker run/up) clean host system ... 21
Questions? 22