Docker in a Bitcoin broker infrastructure

Who Am I

Mathieu Buffenoir Co-founder of SBEX & Digithink

VP Bitcoin Association Switzerland

@Mbuffenoir mathieu@sbex.ch

SBEX

SBEX -> Swiss cryptocurrencies broker (Competitors: coinbase, circle, coinjar, safello ...)

We exchange crypto for fiat (€, CHF) We create services for our users to store and send money all around the world cheaply and

instantly

Our services

Online bitcoin buying

Our new wallet, multisig

Our remittance project

BTM Network (4 in Switzerland)

Tech stack

Python Django / Celery AngularJS PhP Postgres RabbitMQ Docker Ansible

Follow the “Twelve factor” app recommendations.

In particular:

Scalable, Continuous integration -> Docker

Cloud (Paas) + Hosted in Switzerland -> Exoscale

Choices

For developers

Each repo contains: ● 1 Vagrantfile ● 1 Dockerfile

Benefits: Same env for all devs, plateform independant Easy onboarding

Using webhooks certains branches are automatically build by docker hub

Environnments

● Prod – Exoscale multiple instances running several containers, firewall

● Staging – Exoscale Production mirror

● Dev – Digital Ocean One big server that hosts all containers Docker-compose (ex fig)

Prod / Staging

Ansible - docker module: Pulling containers from private hub

Creating configuration from templates Starting container

http://docs.ansible.com/docker_module.html

1.Setup DockerHub automated build

2.Push code changes to github / bitbucket

3.DockerHub sees changes and pulls/builds the image

4.DockerHub calls jenkins webhooks for image

5.DockerHUB module on Jenkins runs tests

Continuous integration

Continuous integration

Using docker compose to quickly create a new test server

PB: no “docker exec” support in compose

https://github.com/docker/compose/issues/593

Interesting docker functionalities we are using

Persisting data using data volumes containers:

Basically it sends to a syslog server all the logs you would normally see in “docker logs”

Your software need to be configured to send logs to stderr/out (This can be tricky!)

LogspoutLogspout is a log router for Docker containers that runs inside Docker. It attaches to all containers on a host, then routes their logs wherever you

want.

Install an ELK cluster in minutes

Start elasticsearch docker run -d -p 9200:9200 -p 9300:9300 --name es ehazlett/elasticsearch

Start Logstash docker run -d --name logstash -p 5000:5000 -p 5000:5000/udp --link es:elasticsearch ehazlett/logstash -f /etc/logstash.conf.sample

Start Kibana docker run --name kibana -d -p 80:80 ehazlett/kibana

How is it useful for our business model

We need a network of bitcoin broker around the world to create a robust and cheap remittance

network

With docker and Paas solutions we can deploy in a couple hours.

We will open source most of our code in the coming months

(Making money by selling extra services, as KYC and compliance tools)

Knows problems / new things to try

Ansible docker restart_policy new functionnality logging driver in docker 1.6

devmapper issue in 1.5 Official docker images can be buggy

Signing / hash of docker images

Thanks to: @sebgoa Docker Exoscale Ansible container42.com/

Questions ?