provisioning & deploying with docker

@ewindisch

Deploying with Docker

Atlanta Docker Meetup 2014.05.13

Do I still need Chef<or insert tool here>?

There is no easy answer

Why do we still need <or insert tool here>?

But… we have Dockerfiles!

It’s a shell-script?$ cat SomeApp/Dockerfile FROM ubuntu:13.10 RUN apt-get update; apt-get install apache RUN sed ’s/something/else/‘ /etc/apache/httpd.confADD shell-script.shRUN shell-script.shRUN [‘/usr/bin/apachectl’, ‘start’]

How do we do it?

$ cat Dockerfile FROM fedora RUN yum update \ yum -y install chef

Traditional Chef

Hardware

OS

Linux

Chef

Installs Chef

Runs

Configures

Images on HWis usually mutable

Hardware

Image

Linux

Chef

Installs Chef

Image'

Linux

Chef

Creates

Replaces

Runs

Ephemeral environmentsare (somewhat) immutable.

Hypervisor

Image

Linux

Chef

Runs

Image'

Linux

Chef

Chef

Runs

Configures

VM

Accesses

COW

Containers are like ephemeral VMs*

* Docker containers don’t HAVE to be ephemeral, but it’s TheRightThing

Docker

Image

Linux

Chef

Runs

Image'

Linux

Chef

Chef

Runs

Configures

Container

Accesses

COW

TM

Runtime Configuration

• One image, several configurations

• Configuration based on container environment

• Specify metadata or roles via environment variables (passed to ‘docker run -e’)

Chef-for-runtime

$ cat Dockerfile FROM fedora RUN yum update \ yum -y install chef

ADD http://x/receipes.tar.gz /opt/chef"ADD solo.rb /etc/chef/solo.rb"CMD chef-solo -c /etc/chef/solo.rb ; \! apachectl start

Does it converge?

$ docker build —rm . $ echo $? # pass or fail

(This is great use of Docker as an alternative to VMs for testing Chef recipes targeting non-Docker production systems)

Bootstrapping Configuration Management on every boot is expensive

Let us use images!

Build-time configuration

• Speed up Chef-based deployments (do it once!)

• Eliminate run-time network requirements

• Config-management CI

Chef-for-build

$ cat Dockerfile FROM fedora RUN yum update \ yum -y install chef"ADD http://x/receipes.tar.gz /opt/chef"ADD solo.rb /etc/chef/solo.rb"RUN chef-solo -c /etc/chef/solo.rb

Burning configurationinto images.

Docker ContainerInitiates Creates

Image

Linux

Chef

Chef

Runs

Configures

Build Creates

Expanded view: Burning configuration into images.

Docker Image tagInitiates

Image'

Linux

Chef

Chef

Build

Image

Linux

Chef

Creates

Creates

Runs Creates

References1

2

Anatomy of a Docker+Chef build & run

Docker ContainerInitiates Creates

Image

Linux

Chef

Chef

Runs

Configures

Chef

Runs

Configures

Build Creates

Stage 1 Stage 2

Chef-for-all-the-things$ cat Dockerfile FROM fedora RUN yum update \ yum -y install chef ADD http://x/receipes.tar.gz /opt/chef"ADD solo-stage1.rb /etc/chef/solo-stage1.rb"ADD solo-stage2.rb /etc/chef/solo-stage2.rb"RUN chef-solo -c /etc/chef/solo-stage1.rb"CMD chef-solo -c /etc/chef/solo-stage2.rb \;" apachectl start