configuration management in a containerized world
Post on 16-Jul-2015
146 Views
Preview:
TRANSCRIPT
Configuration Management in a Containerized World
Julian Dunn
Product Manager
Chef Software, Inc.
February 2015
Top 3 Reasons for Docker's Success
1. Instant productivity
2. Developing is like shipping
3. Portable artifact
Build
FROM msdos:6.1
LOAD HIMEM.SYS
LOADHIGH EMM386.EXE
ENTRYPOINT AUTOEXEC.BAT
$ knife container docker build ...
• Open-source plugin to Chef's "knife"
• Use existing cookbooks to build containers
• https://github.com/chef/knife-container
Test
control_group "shellshock" do
control "ensure bash is a new enough version" do
expect(package('bash')).to be_installed.and at_version('> 4.1.2-25.el6.x86_64')
end
control "try to exploit shellshock" do
let(:cmd) { %q{env x='() { :;}; echo vulnerable' bash -c "echo test" }}
expect(shell_out(cmd).exitstatus)).to not_equal(1)
end
end
Run
• Per-container monitoring, metrics, inventory
• Resource allocation ("scheduling")
• Service discovery
• Controlled mutability
Fleet Management: Crossing the Machine Boundary
machine 'mysql_wordpress' do
recipe 'mysql'
recipe 'wordpress::database'
tag 'mysql_master'
end
num_webservers = 5
1.upto(num_webservers) do |i|
machine "wordpress#{i}" do
recipe 'apache'
recipe 'wordpress'
end
end
top related