Post on 14-Feb-2017
Continuous delivery with Docker
Run everything in Docker containersJohan Janssen, Info Support, @johanjanssen42
Content
Docker Application and CD pipeline in Docker Development in Docker Questions
Docker
Docker
Transportation issue
Transportation solution
Software issue
Software solution
Docker compatibility
Why Docker To enable continuous delivery Quickly provision environments Run the same software local and in
the cloud
Docker vs Virtual Machines
Docker vs Virtual Machines Disk space efficiency Memory efficiency Speed Compatibility (run anywhere) Isolation Versioning Internet of Things (Raspberry Pi
etc.)
My first Docker container
docker run -i -t ubuntu:yakkety /bin/bash
Docker usecases
DTAP environment
Build environment
Mainly running non-GUI applications
Continuous delivery, testing etc.
Development !
Application and CD pipeline in Docker
Deployment pipeline
Version control
CompileQuality checks
TestingDeployments
DevOps End users
EtceteraSetup environment
Automatic versus manual deployment
Continuous delivery
Continuous deployment
Deployment pipeline
Example build pipeline
TAP
D
1
2
3 4
678
9
5
What to deliver?
Dockerfiles directory structure Main directory
BuildAndRunScript.sh GeneralBase
Dockerfile SonarQube
Dockerfile
Dockerfile GeneralBaseFROM ubuntu:saucy
RUN apt-get -y install software-properties- commonRUN add-apt-repository ppa:webupd8team/javaRUN apt-get update && apt-get -y upgradeRUN echo "oracle-java7-installer shared/accepted-oracle-license-v1-1 boolean true" | debconf-set-selectionsRUN apt-get -y install oracle-java7-installerENV JAVA_HOME /usr/lib/jvm/java-7-oracle
Build Create the Dockerfile Build the containers:
<optional>cd GeneralBasedocker.io build -t GeneralBase . cd .. </optional>
Dockerfile SonarFROM GeneralBase
RUN apt-get install -y wget unzipRUN wget http://dist.sonar.codehaus.org/sonarqube-4.2.zipRUN unzip sonarqube-4.2.zip -d /optRUN rm sonarqube-4.2.zip
EXPOSE 9000 EXPOSE 9092CMD ["/opt/sonarqube-4.2/bin/linux-x86-64/sonar.sh", "console", "/bin/bash"]
Build Create the Dockerfile Build the containers:
cd SonarQubedocker.io build -t SonarQube .
Run
Start the containerdocker.io run -p 9000:9000
–p 9092:9092 -d SonarQube
List all in(active) containers# docker.io ps –aCONTAINER ID: ecbecf77461b CREATED: 32 minutes ago STATUS: Up 32 minutes PORTS: 0.0.0.0:9000->9000/tcp, 0.0.0.0:9092->9092/tcp
Controlling containers
Start / stop / restartdocker [start/stop/restart] containerid
Follow SystemOut and SystemErrdocker logs -f containerid
We need lots of Docker containersGeneralBa
se
AppServerBase
Environment D
Environment T
Environment A
Environment P
Jenkins
JenkinsDataContainer
Sonar Gitblit Nexus
Data storage In the same container as the application In a data container / data volume On the host
Data volumes Dockerfile
ENV JENKINS_HOME /var/JenkinsData
Docker commandsdocker.io run -v /var/JenkinsData –name JenkinsDataContainer ubuntu:saucy true
docker.io run -p 8080:8080 --volumes-from JenkinsDataContainer -d Jenkins
Diskspace# docker.io images --tree└─ 179.9 MB Tags: ubuntu:saucy └─253.6 MB └─741.8 MB Tags: GeneralBase:latest └─763.6 MB Tags: AppServerBase:latest
… ├─763.6 MB Tags: EnvironmentP:latest └─865.6 MB Tags: Nexus:latest
└─808.3 MB Tags: Gitblit:latest └─901.5 MB Tags: Sonar:latest └─805.4 MB Tags: Jenkins:latest
Execution time
real 4m11.729suser 0m3.329s sys 0m10.054s
Docker overview
One ring to rule them all
Docker registry
Creating the Docker registrydocker run -p 5000:5000 registry
Updating containers
Docker client 1 (push) Modify container Commit
docker.io commit 064f192.168.56.31:5000/test-version-0.2
New containerid -> ff7e
Pushdocker.io push
192.168.56.31:5000/test-version-0.2
Docker client 2 (pull) Pull
docker.io pull 192.168.56.31:5000/
test-version-0.2
Rundocker.io run -i -t ff7e /bin/bash
Pull update onlydocker images -tree└─153b 194.2 MB test-version-0.1:latest
docker pull 192.168.56.31:5000/test-version-0.2 ff7e: Download complete153b: Download complete
docker images -tree└─153b 194.2 MB test-version-0.1:latest └─ff7e 194.2 MB test-version-0.2:latest
Orchestration tools Kubernetes Docker Swarm Mesos …
Orchestration tools Scalability Failover Rollouts and rollbacks Self healing Service discovery Load balancing …
Jenkins
Why Jenkins Simple to use Really popular
Used in many organizations Regular updates Big community creating plugins
etc.
Most developers already use it
Example build pipeline
TAP
D
1
2
3 4
678
9
5
Jenkins
Jenkinsfile pipeline { agent any tools { maven 'Maven 3.3.9' jdk 'jdk8' } stages {
stage ('Build') { steps { sh 'mvn clean install' }
Blue Ocean
Source: https://jenkins.io/blog/2016/12/19/declarative-pipeline-beta/
Keep it simple“Life is really simple, but we insist on making it complicated.”
- Confucius
Development environment
Dockerfile
FROM java:8-jdk
RUN wget …/netbeans-8.0.2-linux.shRUN chmod +x netbeans*.shRUN sh netbeans*.sh --silent
CMD /usr/local/netbeans-8.0.2/bin/netbeans
Persisting data on host
Docker run command: -v $PWD/workspace:/workspace
What to persist?
Workspace Plugins Application in application server Maven repo Configuration Entire home folder??
Different options
X11
No protocol specified error
No protocol specified error ->xhost local:root
General part DockerfileRUN wget …/netbeans-8.0.2-linux.shRUN chmod +x netbeans*.shRUN sh netbeans*.sh –silent// Set netbeans_default_userdir=/workspace/userdir RUN sed -i …// Set netbeans_default_cachedir=/workspace/cachedirRUN sed -i …
X11 Dockerfile
FROM java:8-jdk
// General part
CMD /usr/local/netbeans-8.0.2/bin/netbeans
X11 build and rundocker build -t netbeansx11 .
docker run -ti --rm \ -e DISPLAY=$DISPLAY \ -v /tmp/.X11-unix:/tmp/.X11-unix \ -v $PWD/workspace:/workspace \ -v $PWD/m2:/root/.m2 \ -p 8081:8080 \ netbeansx11
VNC
VNC DockerfileFROM java:8-jdkENV DEBIAN_FRONTEND noninteractive RUN apt-get update RUN apt-get install -y xfce4 xvfb x11vnc supervisorRUN adduser --disabled-password --gecos '' johanADD vnc.conf /etc/supervisor/conf.d/// General partEXPOSE 5900CMD ["supervisord", "-n"]
VNC vnc.conf[program:xvfb]
[program:x11vnc]command=/usr/bin/x11vnc -forever -display :1process_name = x11vncautorestart=trueuser=johan
[program:xfce4]command=/usr/bin/xfce4-sessionprocess_name = xfce4autorestart=trueuser=johanenvironment=DISPLAY=":1",HOME="/home/johan"
VNC build and rundocker build -t netbeansvnc .
docker run -d \-v $PWD/workspace:/workspace \-v $PWD/m2:/root/.m2 \-p 5900:5900 \-p 8082:8080 \
netbeansvnc
XRDP
XRDP Dockerfile (1/2)FROM fedora:22RUN dnf -y groupinstall 'Xfce Desktop' && yum clean allCOPY Xclients /etc/skel/.XclientsRUN dnf -y install supervisor xrdp && dnf clean allRUN useradd johan && echo johan:secret | chpasswdCOPY xrdp.ini /etc/supervisord.d/
XRDP Dockerfile (2/2)# Allow all users to connectRUN sed -i '/TerminalServerUsers/d' /etc/xrdp/sesman.ini && sed -i '/TerminalServerAdmins/d' /etc/xrdp/sesman.iniRUN dnf -y install java java-develENV JAVA_HOME /usr/lib/jvm/java-openjdk// General partEXPOSE 3389CMD ["supervisord", "-n"]
XRDP xrdp.ini
[program:xrdp-sesman]command=/usr/sbin/xrdp-sesman --nodaemonprocess_name = xrdp-sesman
[program:xrdp]command=/usr/sbin/xrdp -nodaemonprocess_name = xrdp
XRDP build and rundocker build -t netbeansxrdp .
docker run -d \-v $PWD/workspace:/workspace \-v $PWD/m2:/root/.m2 \-p 3389:3389 \-p 8083:8080 \netbeansxrdp
Used by multiple teams
Team Frodo image
Base image
Team Bilbo image
Used by multiple teams
• App Gimli• App Elrond
Team Frodo
• App ElrondTeam Bilbo
• App RadagastTeam
Galadriel
App means
application server
etc.
Used by multiple teams
Where do we place
the Elrond App?
• App Gimli• App Elrond
Team Frodo
• App ElrondTeam Bilbo
• App RadagastTeam
Galadriel
Splitting the container
TomcatImage
Gimli Elrond Radagast
Splitting the container
FedoraImage
Development
environment
Docker Compose
Docker Compose
Define and run multi container Docker applications Using a Compose file Link containers ‘docker-compose up’ to start the
containers
Directory structure TomcatGimli
DockerFile TomcatElrond
DockerFile TomcatRadagast
Dockerfile DevEnv
Dockerfile docker-compose.yml
tomcatgimli: build: TomcatGimli
tomcatelrond: build: TomcatElrond
tomcatradagast: build: TomcatRadagast
developmentenvironment: build: DevEnv ports: - "3389:3389" links: - tomcatgimli:gimli # Makes gimli available on # http://gimli:8080 - tomcatelrond:elrond - tomcatradagast:radagast
Environment specific configuration
Use docker-compose.override.yml Put all the configuration in one container Create small containers with configuration
per environment that inherit the application container Commandline arguments
Eclipse Che“Eclipse Che is an IDE and developer workspace server that allows anyone to contribute to a project without having to install software.”
Conclusion Use a (private) Docker registry Keep environmental settings separate Use Jenkins to manage everything Do not add extra functionality like
OpenSSH Think about topics such as security,
monitoring and logging Inherit and/or compose containers Separate concerns in separate
containers
Isolation
Isolation
Isolation
Isolation
Questions
johan.janssen@infosupport.com@johanjanssen42
https://bitbucket.org/johanjanssen/dockeride