SlideShare a Scribd company logo

OSDC 2014: Tobias Schwab - Continuous Delivery with Docker

NETWAYS, profile picture
NETWAYS

The document outlines the philosophy and practical implementation of continuous delivery using Docker, highlighting concepts such as canary releases and immutable infrastructure. It discusses challenges faced with AWS and other hosting options, while detailing the benefits of Docker containerization for building and deploying applications consistently across environments. Key topics include Dockerfile usage, caching strategies, deployment pipelines, and logging/monitoring solutions within a containerized setup.

SoftwareTechnology
Related topics:
Ruby on Rails OverviewLoad Balancing Insights
1 of 42
Downloaded 31 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
Continuous Delivery with Docker Tobias Schwab
Myself • Tobias Schwab • tobias.schwab@dynport.de • www.dynport.de • twitter.com/tobstarr • github.com/tobstarr
Philosophie • continuous delivery: deploy multiple times a day • canary releases • “never touch a running system” • “Immutable Infrastructure and Disposable Components" • don’t fix it, if it can be replaced
Theory • AWS • AMI based deployments • Elastic Load Balancer • AutoScaling Groups • S3, RDS, …
Reality • privacy concerns: AWS not an option • hoster we could not pick • first no, then proprietary and unreliable API • flash based infrastructure management • limited capacity • we were the biggest customer
Docker • build, distribute and deploy container based applications • creator: dotcloud • initial release: March 13, 2013 • license: Apache 2.0 • 11k stars on Github (top 50) • golang client/server
Container Virtualization • os level • shared kernel • cgroups: isolate CPU, Memory, Block IO, Network • lxc: cgroups + application namespaces • lightweight and fast
Images • blueprints for containers • tarball of os installation/packages • read only • stateless • layered
Containers • instances of images • copy on write / union file system • running or exited • goal: stateless and immutable • can be “saved” (docker commit) as images • created to be thrown away
Containers and images Source: http://docs.docker.io/en/latest/terms/container/
Demo
Build • manual • start and attach container • install required packages • checkout application code • run build management tool • bad: not reproducible • bad: does not utilise caching
Build • chef/puppet/… • start an attach container • run chef/puppet/… client • good: automated and documented • bad: does not utilise caching
Dockerfile • simple, plain text script to create images • commands: • FROM: base image to use • RUN: execute shell command • ENV: set environment variable • ADD: write local file to image • ENTRYPOINT: start command for containers • others: MAINTAINER, EXPOSE, CMD, USER, VOLUME, WORKDIR, ONBUILD
Dockerfile
Dockerfile
Caching • statement based: each step creates a new image • existing steps (command tree exists) are re-used • tricky: “non functional” commands (e.g. apt-get update/upgrade) • use ENV or comments to break caching of non functional commands
Caching
Configuration Management • “store config in the environment” (http://12factor.net/config) • dependency injected with start of container • same image for • development • testing • staging • production
Don’ts • full blown VMs • ssh daemon inside containers • syslog daemon inside containers (sometimes needed) • user management: everything can run as root • chef/puppet/… => makes caching useless
Build Management Tools • candidates: bundler, pip, mvn, carton, composer, … • problem with caching: bmt are slow when started with “clean slate” • option 1: add bmt manifest before code • bmt needs to run only when manifest changes • option 2: use pre-bundled base images • bmt only needs to work the delta • re-build base images from time to time • option 3: combine option 1 and option 2
• Problems • unicorn: Rack HTTP server for fast clients • static assets • logging: default ruby syslog library uses syscall (needs local syslog daemon) • Solution • run 3 daemons in 1 container: unicorn, nginx and rsyslogd • upstart • ENTRYPOINT [“/sbin/init”] • load ENV from /proc/1/environ • foreman Use Case: Ruby on Rails
Multi-Host • image distribution via docker registry • weighted load balancing via HAProxy • SSL termination via nginx in front of HAProxy
Registry • push and pull images • public • private • backends: local, S3, Elliptics, Google Cloud Storage, hosted
Load Balancing • HAProxy • license: GPL v2 • pool configuration stored in redis/etcd • config update • compile config files from stored configuration • upload via ssh • verify on remote hosts • replace current config with verified one • reload
HAProxy
HAProxy
Deployment Pipeline • commit triggers new image build • build suite executed with image • image is pushed to registry if tests passed • optional: start image with staging ENV settings for manual testing • start image with production ENV for last pre-flight tests • deploy image to more hosts • update load balancer (canary or green/blue) • monitor new containers/image
Deployment Pipeline Nginx HAProxy Nginx HAProxy Docker Container Container Container Docker Container Container Container Docker Container Container Container Docker Container Container Container Docker Registry Docker Build 2 push 3 pull + run 1 build 4 update4 update Route 53
Logging • host: docker host, container_id • code: image_id, revision • request: request_id, action, status_code, etag, times, calls • NOT inside containers • remote syslog (when possible) • alternative: local syslog relay inside container
Metrics • OpenTSDB • “distributed, scalable Time Series Database” • license: LGPLv2.1+ • HBase • Tags / Dimensions • from syslog via udp (StatsD “like”) • rickshaw.js for graphs • compare status codes, counts and times between actions of two revisions
OpenTSDB
Metrics
Metrics request counts by revision
Metrics
Metrics
Metrics
Docker reduces • external dependencies (“rubygems/github slow/unreliable/down”) after image is built • “did work on my machine/staging”: same OS package versions, configuration and code in all stages • unused CPU cycles • number of hosts • feedback times • time to get new host online • bottlenecks: hosts are more flexible
VS. AWS • HAProxy much more flexible • multiple containers per host • balancing weights • faster build process • faster deployments • instance flexibility
Resources • docker.io • opentsdb.net • haproxy.1wt.eu • continuousdelivery.com • chadfowler.com/blog/2013/06/23/immutable- deployments/ • 12factor.net
Questions?!?
Thank you!

More Related Content

PPTX
Docker Basics
DuckDuckGo
 
PDF
Shipping Applications to Production in Containers with Docker
Jérôme Petazzoni
 
PDF
Introduction to Docker
Kuan Yen Heng
 
PDF
Docker at Djangocon 2013 | Talk by Ken Cochrane
dotCloud
 
PDF
Introduction To Docker
Hamilton Turner
 
PDF
Introduction to Docker and all things containers, Docker Meetup at RelateIQ
dotCloud
 
PDF
Optimizing Docker Images
Brian DeHamer
 
ODP
Docker - The Linux Container
Balaji Rajan
 
Docker Basics
DuckDuckGo
 
Shipping Applications to Production in Containers with Docker
Jérôme Petazzoni
 
Introduction to Docker
Kuan Yen Heng
 
Docker at Djangocon 2013 | Talk by Ken Cochrane
dotCloud
 
Introduction To Docker
Hamilton Turner
 
Introduction to Docker and all things containers, Docker Meetup at RelateIQ
dotCloud
 
Optimizing Docker Images
Brian DeHamer
 
Docker - The Linux Container
Balaji Rajan
 

What's hot (20)

PDF
Docker 101 Workshop slides (JavaOne 2017)
Eric Smalling
 
PDF
Docker by Example - Basics
Ganesh Samarthyam
 
PDF
Docker & ci
Patxi Gortázar
 
PDF
Docker Introduction
Peng Xiao
 
PDF
Docker worshop @Twitter - How to use your own private registry
dotCloud
 
PDF
ExpoQA 2017 Using docker to build and test in your laptop and Jenkins
ElasTest Project
 
PDF
Docker From Scratch
Giacomo Vacca
 
PDF
Docker Presentation at the OpenStack Austin Meetup | 2013-09-12
dotCloud
 
PDF
Docker in real life
Nguyen Van Vuong
 
PDF
Continuous delivery with Jenkins, Docker and Mesos/Marathon - jbcnconf
Julia Mateo
 
PDF
Docker
Patrick Oberdorf
 
PDF
Docker - From Walking To Running
Giacomo Vacca
 
PDF
DCA. certificate slide Session 1
Hadi Tayanloo
 
PPTX
The challenge of application distribution - Introduction to Docker (2014 dec ...
Sébastien Portebois
 
PDF
Intro To Docker
Jessica Lucci
 
PDF
Introduction to Docker at SF Peninsula Software Development Meetup @Guidewire
dotCloud
 
PPTX
Architecting .NET Applications for Docker and Container Based Deployments
Ben Hall
 
PDF
Docker
Chen Chun
 
PDF
Docker 101: An Introduction
POSSCON
 
PPTX
Containers and docker
SUDIP GHOSH
 
Docker 101 Workshop slides (JavaOne 2017)
Eric Smalling
 
Docker by Example - Basics
Ganesh Samarthyam
 
Docker & ci
Patxi Gortázar
 
Docker Introduction
Peng Xiao
 
Docker worshop @Twitter - How to use your own private registry
dotCloud
 
ExpoQA 2017 Using docker to build and test in your laptop and Jenkins
ElasTest Project
 
Docker From Scratch
Giacomo Vacca
 
Docker Presentation at the OpenStack Austin Meetup | 2013-09-12
dotCloud
 
Docker in real life
Nguyen Van Vuong
 
Continuous delivery with Jenkins, Docker and Mesos/Marathon - jbcnconf
Julia Mateo
 
Docker
Patrick Oberdorf
 
Docker - From Walking To Running
Giacomo Vacca
 
DCA. certificate slide Session 1
Hadi Tayanloo
 
The challenge of application distribution - Introduction to Docker (2014 dec ...
Sébastien Portebois
 
Intro To Docker
Jessica Lucci
 
Introduction to Docker at SF Peninsula Software Development Meetup @Guidewire
dotCloud
 
Architecting .NET Applications for Docker and Container Based Deployments
Ben Hall
 
Docker
Chen Chun
 
Docker 101: An Introduction
POSSCON
 
Containers and docker
SUDIP GHOSH
 
Ad

Similar to OSDC 2014: Tobias Schwab - Continuous Delivery with Docker (20)

PPTX
Java Developer Intro to Environment Management with Vagrant, Puppet, and Dock...
Lucas Jellema
 
PPTX
Java developer intro to environment management with vagrant puppet and docker
Getting value from IoT, Integration and Data Analytics
 
PPTX
Virtualization, Containers, Docker and scalable container management services
abhishek chawla
 
PDF
LXC to Docker Via Continuous Delivery
Docker, Inc.
 
PDF
Docker and OpenStack Boston Meetup
Kamesh Pemmaraju
 
PDF
ContainerDayVietnam2016: Dockerize a small business
Docker-Hanoi
 
PDF
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
Codemotion
 
PDF
Best Practices for Developing & Deploying Java Applications with Docker
Eric Smalling
 
PPTX
Docker open stack boston
dotCloud
 
PPTX
OpenStack Boston
Docker, Inc.
 
PDF
codemotion-docker-2014
Carlo Bonamico
 
PDF
Django and Docker
Docker, Inc.
 
PDF
Docker-v3.pdf
Bruno Cornec
 
PDF
On-Demand Image Resizing Extended - External Meet-up
Jonathan Lee
 
PPTX
Intro to Docker and clustering with Rancher from scratch
John Culviner
 
PDF
[@NaukriEngineering] Docker 101
Naukri.com
 
PDF
Docker 0.11 at MaxCDN meetup in Los Angeles
Jérôme Petazzoni
 
PPTX
Getting Started with Docker
Geeta Vinnakota
 
PPTX
State of the Container Ecosystem
Vinay Rao
 
PPTX
Docker Ecosystem on Azure
Patrick Chanezon
 
Java Developer Intro to Environment Management with Vagrant, Puppet, and Dock...
Lucas Jellema
 
Java developer intro to environment management with vagrant puppet and docker
Getting value from IoT, Integration and Data Analytics
 
Virtualization, Containers, Docker and scalable container management services
abhishek chawla
 
LXC to Docker Via Continuous Delivery
Docker, Inc.
 
Docker and OpenStack Boston Meetup
Kamesh Pemmaraju
 
ContainerDayVietnam2016: Dockerize a small business
Docker-Hanoi
 
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
Codemotion
 
Best Practices for Developing & Deploying Java Applications with Docker
Eric Smalling
 
Docker open stack boston
dotCloud
 
OpenStack Boston
Docker, Inc.
 
codemotion-docker-2014
Carlo Bonamico
 
Django and Docker
Docker, Inc.
 
Docker-v3.pdf
Bruno Cornec
 
On-Demand Image Resizing Extended - External Meet-up
Jonathan Lee
 
Intro to Docker and clustering with Rancher from scratch
John Culviner
 
[@NaukriEngineering] Docker 101
Naukri.com
 
Docker 0.11 at MaxCDN meetup in Los Angeles
Jérôme Petazzoni
 
Getting Started with Docker
Geeta Vinnakota
 
State of the Container Ecosystem
Vinay Rao
 
Docker Ecosystem on Azure
Patrick Chanezon
 
Ad

Recently uploaded (20)

DOCX
Greta — No-Code AI for Building Full-Stack Web & Mobile Apps
niloyislam1187
 
PDF
Wondershare Filmora 15 Crack With Activation Key [2025
ghrom2211g
 
PDF
Adobe Illustrator 28.6 Crack My Vision of Vector Design
ghrom2211g
 
PPTX
CHAPTER 2 - PM Management and IT Context
KevinPutra14
 
PDF
Website Design Services for Small Businesses.pdf
ecomme9
 
PPTX
AMADEUS TRAVEL AGENT SOFTWARE | AMADEUS TICKETING SYSTEM
philipnathen82
 
PPTX
assetexplorer- product-overview - presentation
nonameist3434
 
PDF
Tally Prime Crack Download New Version 5.1 [2025] (License Key Free
itskinga12
 
PDF
wealthsignaloriginal-com-DS-text-... (1).pdf
skmiani786
 
PPTX
Weekly report ppt - harsh dattuprasad patel.pptx
bikerslovers123
 
PPTX
Embracing Complexity in Serverless! GOTO Serverless Bengaluru
SheenBrisals
 
PDF
AutoCAD Professional Crack 2025 With License Key
youngle786g
 
PPTX
WiFi Honeypot Detecscfddssdffsedfseztor.pptx
singlesrihari
 
PDF
Nekopoi APK 2025 free lastest update
umarali35kp
 
PDF
Download FL Studio Crack Latest version 2025 ?
ghrom2211g
 
PPTX
history of c programming in notes for students .pptx
Vijayakumari829030
 
PDF
iTop VPN Crack Latest Version Full Key 2025
hashmianya37
 
PDF
Designing Intelligence for the Shop Floor.pdf
nikglvk
 
PDF
Odoo Companies in India – Driving Business Transformation.pdf
azhuhardeen1968
 
PDF
Design an Analysis of Algorithms II-SECS-1021-03
DilanEscobar1
 
Greta — No-Code AI for Building Full-Stack Web & Mobile Apps
niloyislam1187
 
Wondershare Filmora 15 Crack With Activation Key [2025
ghrom2211g
 
Adobe Illustrator 28.6 Crack My Vision of Vector Design
ghrom2211g
 
CHAPTER 2 - PM Management and IT Context
KevinPutra14
 
Website Design Services for Small Businesses.pdf
ecomme9
 
AMADEUS TRAVEL AGENT SOFTWARE | AMADEUS TICKETING SYSTEM
philipnathen82
 
assetexplorer- product-overview - presentation
nonameist3434
 
Tally Prime Crack Download New Version 5.1 [2025] (License Key Free
itskinga12
 
wealthsignaloriginal-com-DS-text-... (1).pdf
skmiani786
 
Weekly report ppt - harsh dattuprasad patel.pptx
bikerslovers123
 
Embracing Complexity in Serverless! GOTO Serverless Bengaluru
SheenBrisals
 
AutoCAD Professional Crack 2025 With License Key
youngle786g
 
WiFi Honeypot Detecscfddssdffsedfseztor.pptx
singlesrihari
 
Nekopoi APK 2025 free lastest update
umarali35kp
 
Download FL Studio Crack Latest version 2025 ?
ghrom2211g
 
history of c programming in notes for students .pptx
Vijayakumari829030
 
iTop VPN Crack Latest Version Full Key 2025
hashmianya37
 
Designing Intelligence for the Shop Floor.pdf
nikglvk
 
Odoo Companies in India – Driving Business Transformation.pdf
azhuhardeen1968
 
Design an Analysis of Algorithms II-SECS-1021-03
DilanEscobar1
 

OSDC 2014: Tobias Schwab - Continuous Delivery with Docker

  • 2. Myself • Tobias Schwab • tobias.schwab@dynport.de • www.dynport.de • twitter.com/tobstarr • github.com/tobstarr
  • 3. Philosophie • continuous delivery: deploy multiple times a day • canary releases • “never touch a running system” • “Immutable Infrastructure and Disposable Components" • don’t fix it, if it can be replaced
  • 4. Theory • AWS • AMI based deployments • Elastic Load Balancer • AutoScaling Groups • S3, RDS, …
  • 5. Reality • privacy concerns: AWS not an option • hoster we could not pick • first no, then proprietary and unreliable API • flash based infrastructure management • limited capacity • we were the biggest customer
  • 6. Docker • build, distribute and deploy container based applications • creator: dotcloud • initial release: March 13, 2013 • license: Apache 2.0 • 11k stars on Github (top 50) • golang client/server
  • 7. Container Virtualization • os level • shared kernel • cgroups: isolate CPU, Memory, Block IO, Network • lxc: cgroups + application namespaces • lightweight and fast
  • 8. Images • blueprints for containers • tarball of os installation/packages • read only • stateless • layered
  • 9. Containers • instances of images • copy on write / union file system • running or exited • goal: stateless and immutable • can be “saved” (docker commit) as images • created to be thrown away
  • 10. Containers and images Source: http://docs.docker.io/en/latest/terms/container/
  • 11. Demo
  • 12. Build • manual • start and attach container • install required packages • checkout application code • run build management tool • bad: not reproducible • bad: does not utilise caching
  • 13. Build • chef/puppet/… • start an attach container • run chef/puppet/… client • good: automated and documented • bad: does not utilise caching
  • 14. Dockerfile • simple, plain text script to create images • commands: • FROM: base image to use • RUN: execute shell command • ENV: set environment variable • ADD: write local file to image • ENTRYPOINT: start command for containers • others: MAINTAINER, EXPOSE, CMD, USER, VOLUME, WORKDIR, ONBUILD
  • 17. Caching • statement based: each step creates a new image • existing steps (command tree exists) are re-used • tricky: “non functional” commands (e.g. apt-get update/upgrade) • use ENV or comments to break caching of non functional commands
  • 19. Configuration Management • “store config in the environment” (http://12factor.net/config) • dependency injected with start of container • same image for • development • testing • staging • production
  • 20. Don’ts • full blown VMs • ssh daemon inside containers • syslog daemon inside containers (sometimes needed) • user management: everything can run as root • chef/puppet/… => makes caching useless
  • 21. Build Management Tools • candidates: bundler, pip, mvn, carton, composer, … • problem with caching: bmt are slow when started with “clean slate” • option 1: add bmt manifest before code • bmt needs to run only when manifest changes • option 2: use pre-bundled base images • bmt only needs to work the delta • re-build base images from time to time • option 3: combine option 1 and option 2
  • 22. • Problems • unicorn: Rack HTTP server for fast clients • static assets • logging: default ruby syslog library uses syscall (needs local syslog daemon) • Solution • run 3 daemons in 1 container: unicorn, nginx and rsyslogd • upstart • ENTRYPOINT [“/sbin/init”] • load ENV from /proc/1/environ • foreman Use Case: Ruby on Rails
  • 23. Multi-Host • image distribution via docker registry • weighted load balancing via HAProxy • SSL termination via nginx in front of HAProxy
  • 24. Registry • push and pull images • public • private • backends: local, S3, Elliptics, Google Cloud Storage, hosted
  • 25. Load Balancing • HAProxy • license: GPL v2 • pool configuration stored in redis/etcd • config update • compile config files from stored configuration • upload via ssh • verify on remote hosts • replace current config with verified one • reload
  • 28. Deployment Pipeline • commit triggers new image build • build suite executed with image • image is pushed to registry if tests passed • optional: start image with staging ENV settings for manual testing • start image with production ENV for last pre-flight tests • deploy image to more hosts • update load balancer (canary or green/blue) • monitor new containers/image
  • 30. Logging • host: docker host, container_id • code: image_id, revision • request: request_id, action, status_code, etag, times, calls • NOT inside containers • remote syslog (when possible) • alternative: local syslog relay inside container
  • 31. Metrics • OpenTSDB • “distributed, scalable Time Series Database” • license: LGPLv2.1+ • HBase • Tags / Dimensions • from syslog via udp (StatsD “like”) • rickshaw.js for graphs • compare status codes, counts and times between actions of two revisions
  • 38. Docker reduces • external dependencies (“rubygems/github slow/unreliable/down”) after image is built • “did work on my machine/staging”: same OS package versions, configuration and code in all stages • unused CPU cycles • number of hosts • feedback times • time to get new host online • bottlenecks: hosts are more flexible
  • 39. VS. AWS • HAProxy much more flexible • multiple containers per host • balancing weights • faster build process • faster deployments • instance flexibility
  • 40. Resources • docker.io • opentsdb.net • haproxy.1wt.eu • continuousdelivery.com • chadfowler.com/blog/2013/06/23/immutable- deployments/ • 12factor.net