Painless Docker - Leanpub

6 downloads 173 Views 2MB Size Report
Oct 14, 2016 - Nginx or an Apache container, you can run the server's binary, but you will .... filesystem types, loggin
Painless Docker Unlock The Power Of Docker & Its Ecosystem Aymen El Amri @eon01 This book is for sale at http://leanpub.com/painless-docker This version was published on 2017-08-18

This is a Leanpub book. Leanpub empowers authors and publishers with the Lean Publishing process. Lean Publishing is the act of publishing an in-progress ebook using lightweight tools and many iterations to get reader feedback, pivot until you have the right book and build traction once you do. © 2016 - 2017 Aymen El Amri @eon01

Tweet This Book! Please help Aymen El Amri @eon01 by spreading the word about this book on Twitter! The suggested tweet for this book is: Looking forward to read ”Painless Docker: Unlock The Power Of Docker & Its Ecosystem” The suggested hashtag for this book is #PainlessDocker. Find out what other people are saying about the book by clicking on this link to search for this hashtag on Twitter: https://twitter.com/search?q=#PainlessDocker

Also By Aymen El Amri @eon01 Saltstack For DevOps

Contents Preface . . . . . . . . . . . . . . . . . . . . . . . To Whom Is This Book Addressed ? . . . . . How To Properly Enjoy This Book . . . . . . Conventions Used In This Book . . . . . . . . How To Contribute And Support This Book ?

. . . . .

. . . . .

. . . . .

. . . . .

. . . . .

. . . . .

. . . . .

. . . . .

. . . . .

. . . . .

. . . . .

. . . . .

. . . . .

. . . . .

. . . . .

. . . . .

. . . . .

. . . . .

. . . . .

. . . . .

. . . . .

. . . . .

. . . . .

. . . . .

2 4 5 5 6

Chapter I - Introduction To Docker & Containers . . . . . What Are Containers . . . . . . . . . . . . . . . . . . . Containers Types . . . . . . . . . . . . . . . . . . . . . Chroot Jail . . . . . . . . . . . . . . . . . . . . . . . FreeBSD Jails . . . . . . . . . . . . . . . . . . . . . . Linux-VServer . . . . . . . . . . . . . . . . . . . . . Solaris Containers . . . . . . . . . . . . . . . . . . . OpenVZ . . . . . . . . . . . . . . . . . . . . . . . . . Process Containers . . . . . . . . . . . . . . . . . . . LXC . . . . . . . . . . . . . . . . . . . . . . . . . . . Warden . . . . . . . . . . . . . . . . . . . . . . . . . LMCTFY . . . . . . . . . . . . . . . . . . . . . . . . Docker . . . . . . . . . . . . . . . . . . . . . . . . . RKT . . . . . . . . . . . . . . . . . . . . . . . . . . . Introduction To Docker . . . . . . . . . . . . . . . . . . What Is The Relation Between The Host OS And Docker What Does Docker Add To LXC Tools . . . . . . . . . . Docker Use Cases . . . . . . . . . . . . . . . . . . . . . Versionning & Fast Deployment . . . . . . . . . . . . Distribution & Collaboration . . . . . . . . . . . . . Multi Tenancy & High Availability . . . . . . . . . . CI/CD . . . . . . . . . . . . . . . . . . . . . . . . . . Isolation & The Dependency Hell . . . . . . . . . . . Using The Ecosystem . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . .

8 8 8 9 9 9 9 9 10 10 10 10 10 10 11 12 13 14 15 17 17 17 17 18

Chapter II - Installation & Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . Requirements & Compatibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

19 20

CONTENTS

Installing Docker On Linux . . . . . . . . . . . . . . . . . Ubuntu . . . . . . . . . . . . . . . . . . . . . . . . . . CentOS . . . . . . . . . . . . . . . . . . . . . . . . . . Debian . . . . . . . . . . . . . . . . . . . . . . . . . . Docker Toolbox . . . . . . . . . . . . . . . . . . . . . . . Docker For Mac . . . . . . . . . . . . . . . . . . . . . . . Docker For Windows . . . . . . . . . . . . . . . . . . . . Docker Experimental Features . . . . . . . . . . . . . . . Docker Experimental Features For Mac And Windows . Docker Experimental Features For Linux . . . . . . . . Removing Docker . . . . . . . . . . . . . . . . . . . . . . Docker Hub . . . . . . . . . . . . . . . . . . . . . . . . . Docker Registry . . . . . . . . . . . . . . . . . . . . . . . Deploying Docker Registry On Amazon Web Services . Deploying Docker Registry On Azure . . . . . . . . . . Docker Store . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . .

21 21 22 24 26 33 36 38 39 39 40 40 47 47 51 52

CONTENTS

1

Docker and the Docker logo are trademarks or registered trademarks of Docker, Inc. in the United States and/or other countries.

Preface Docker is an amazing tool, may be you have tried using or testing it or may be you started using it in some or all of your production servers but managing and optimizing it can be complex very quickly, if you don’t understand some basic and advanced concepts that I am trying to explain in this book. The fact that the ecosystem of containers is rapidly changing is also a constraint to stability and a source of confusion for many operation engineers and developers. Most of the examples that can be found in some blog posts and tutorials are -in many casespromoting Docker or giving tiny examples, managing and orchestrating Docker is more complicated, especially with high-availability constraints. This containerization technology is changing the way system engineering, development and release management are working since years, so it requires all of your attention because it will be one of the pillars of future IT technologies if it is not actually the case. At Google, everything runs in a container. According to The Register, two billion containers are launched every week. Google has been running containers since years, when containerization technologies were not yet democratized and this is one of the secrets of the performance and ops smoothness of Google search engine and all of its other services. Some years ago, I was in doubt about Docker usage, I played with Docker in testing machines and I decided later to use it in production. I have never regretted my choice, some months ago I created a self-service in my startup for developers : an internal scalable PaaS - that was awesome ! I gained more than 14x on some production metrics and I realized my goal of having a service with SLA and Appdex score of 99%.

Appdex (Application Performance Index) is an open standard that defines a standardized method to report, benchmark, and track application performance.

SLA (Service Level Agreement) is a contract between a service provider (either internal or external) and the end user that defines the level of service expected from the service provider.

3

Preface

Goal Reached

It was not just the usage of Docker, this would be too easy, it was a list of todo things, like moving to micro-services and service-oriented architectures, changing the application and the infrastructure architecture, continuous integration ..etc But Docker was one of the most important things on my checklist, because it smoothed the whole stack’s operations and transormation, helped me out in the continuous integration and the automation of routine task and it was a good platform to create our own internal PaaS. Some years ago, computers had a central processing unit and a main memory hosted in a main machine, then come mainframes whose were inspired from the latter technology. Just after that, IT had a new born called virtual machines. The revolution was in the fact that a computer hardware using a hypervisor, allows a single machine to act as if it where many machines. Virtual machines were almost run in on-premise servers, but since the emergence of cloud technologies, VMs have been moved to the cloud, so instead of having to invest heavily in -e AWS_KEY=*********** \ -e AWS_SECRET=*********** \ -e SEARCH_BACKEND=sqlalchemy \ -p 80:5000 \ registry

In this case, you should not forget to add a policy for S3 that allows the Docker Registry to read and write your images to S3.

Deploying Docker Registry On Azure In Azure we are going to deploy the same Docker Registry using Azure Storage service. We need to create a storage account using the Azure CLI : 1

azure storage account create -l "North Europe"

Change by your proper value. Now we need to list the storage account keys to use one of them later: 1

azure storage account keys list

Then run:

Chapter II - Installation & Configuration

1 2 3 4 5 6 7

52

docker run -d -p 80:5000 \ -e REGISTRY_STORAGE=azure \ -e REGISTRY_STORAGE_AZURE_ACCOUNTNAME="" \ -e REGISTRY_STORAGE_AZURE_ACCOUNTKEY="" \ -e REGISTRY_STORAGE_AZURE_CONTAINER="registry" \ --name=registry \ registry:2

If the port 80 is closed on your Azure virtual machine, you should open it: 1

azure vm endpoint create 80 80

Configuring security for the Docker Registry is not covered in this part.

Docker Store Docker Store is a Docker inc product and it is designed to provide a scalable self-service system for ISV s to publish and distribute trusted and enterprise-ready content It provides a publishing process that includes: - security scanning - component inventory - the opensource license usage - image construction guidelines

53

Chapter II - Installation & Configuration

Docker Store

In other words, it is an official marketplace with workflows to create and distribute content were you can find free and commercial images.