preparing your dockerised application for production deployment
TRANSCRIPT
![Page 1: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/1.jpg)
Preparing your dockerised application for production deployment
Dave WardGlobe Online Ltd
PHP UK Conference17th Feb 2017
![Page 2: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/2.jpg)
![Page 3: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/3.jpg)
![Page 4: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/4.jpg)
Docker Benefits For Us• Quick to setup dev environments• Identical environments• Flexible resource allocation• Test site creation• Confidence in deployment• Stable releases• Amazing rollbacks• Easy scaling• Trivial Service Upgrades• Easy Continuous Deployment• Simple Configurations• Increased Productivity• “It worked on my machine”• Lightweight• Fewer Production Incidents• Zero Failed Releases• Environment Version Control• Resource Isolation• More Frequent Releases
![Page 5: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/5.jpg)
Who Uses Docker In Development?
![Page 6: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/6.jpg)
Who Uses Docker In Production?
![Page 7: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/7.jpg)
![Page 8: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/8.jpg)
What is Docker?What is Docker?
http://geekyplatypus.com/dockerise-your-php-application-with-nginx-and-php7-fpm/
![Page 9: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/9.jpg)
‘Development’ Images• Based from trusted image• Mounted code that’s been committed to a custom image• Pushed to an image repository• No environment/secrets management• Dependencies installed post container start• Possibly setup with series docker run commands• Mounted volumes allow IDE usage
![Page 10: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/10.jpg)
run
push
Dependencies
commit
IMAGE
Docker in Development
CONTAINER
build
pull
mount
![Page 11: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/11.jpg)
These are great for• Speed• Getting developers up and running• Development environment Consistency• Only need docker to develop• IDE development
![Page 12: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/12.jpg)
Issues• No accountability of image creation• Not transparent• Not fit for scaling• Environment Specific• No logging• Disorganised repository• Not Immutable
![Page 13: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/13.jpg)
Production Image Goals
Immutable Ephemeral
![Page 14: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/14.jpg)
Production ready artefacts• Automated Builds
• Application Code
• Pre-installed dependencies
• Composer
• Bower
• Environment Capable
![Page 15: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/15.jpg)
docker runDependencies
IMAGE
Docker in Production
CONTAINER
docker build
![Page 16: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/16.jpg)
A proposed repository structure• Your repository is now one level up.• Project environment is now under version
control• /appcode : application code only• /appdata : data only container of appcode• docker-compose.override.yml• Dockerfile.build• docker-compose.prodsite.yml• /[services]
![Page 18: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/18.jpg)
Automated Builds• Builds a deployment artefact• Automatic or manual trigger• Error Handling• Build context taken from Dockerfile location• Repository Links• Remote Build triggers•Webhooks• Dockerhub does not use cached layers
![Page 19: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/19.jpg)
git clone davidsimonward/phpukconference.git
cd phpukconference
git checkout -b develop
docker build -f Dockerfile.build -t davidsimonward/phpukconference:latest .
docker push davidsimonward/phpukconference:latest
![Page 20: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/20.jpg)
Advantages• Images built in this way are built exactly as specified.• The Dockerfile is available to anyone with access to your
Docker Hub repository.• Your image repository is kept up-to-date with code changes
automatically.
![Page 21: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/21.jpg)
Application Code
![Page 22: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/22.jpg)
run
push
Dependencies
commit
IMAGE
Docker in Development
CONTAINER
build
pull
mount
![Page 23: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/23.jpg)
docker runDependencies
IMAGE
Docker in Production
CONTAINER
docker build
![Page 24: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/24.jpg)
Development ProductionDockerfile instructs application code to be copied into the phpfpm image on build.
Application Code is exposed for Nginx container.
Application code is mounted into data only container.
Nginx and PHP-FPM use volumes from this container
![Page 25: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/25.jpg)
DEMO
![Page 26: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/26.jpg)
Dependencies
![Page 27: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/27.jpg)
run
push
Dependencies
commit
IMAGE
Docker in Development
CONTAINER
build
pull
mount
![Page 28: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/28.jpg)
docker runDependencies
IMAGE
Docker in Production
CONTAINER
docker build
![Page 29: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/29.jpg)
Development ProductionDependencies installed as part of the docker image build.
Instructions in Dockerfile.build
Dependencies installed post container run.
docker run --rm -v $(pwd):/app composer/composer install -vvv —ignore-platform-reqs
docker exec -it PHPUKConference composer install -vvv
Entrypoint script
![Page 30: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/30.jpg)
DEMO
![Page 31: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/31.jpg)
Private Dependencies?
![Page 32: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/32.jpg)
Base Image
![Page 33: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/33.jpg)
Config/Secrets
![Page 34: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/34.jpg)
Some Solutions• ‘Baking’ it into the image• Environment Variables • Volume Mounts• Secrets Store• Orchestration Specific Solutions
![Page 35: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/35.jpg)
![Page 36: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/36.jpg)
![Page 37: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/37.jpg)
![Page 38: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/38.jpg)
Docker Secrets
![Page 39: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/39.jpg)
• Docker 1.13• Only currently available to swarm services• Manages• Usernames and passwords• TLS certificates and keys• SSH keys• Other important data such as the name of a database or internal
server• Generic strings or binary content (up to 500 kb in size)
![Page 40: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/40.jpg)
• echo "noway-caiman-mumble" | docker secret create db_password -
• docker service create --secret="db_password"…….. -e DB_PASSWORD_FILE=“/run/secrets/db_password" my:image
https://docs.docker.com/engine/swarm/secrets/
Simple Example
Start preparing your images now!
![Page 41: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/41.jpg)
Logging Strategies
![Page 42: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/42.jpg)
Data Volumes• Store logs in data volume on host• Reduce chances of data loss due to failed container• Easy to backup host volume• Not good for elastic architecture
When to use?• On non-production systems when longer lasting logs are required.
![Page 43: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/43.jpg)
Docker Logging Driver• Reads stdout and stderr output generated by containers • `docker run --log-driver syslog ……`• Native to Docker• Easy to configure• Centralises logs in a single location
When to use?• Quick and easy solution when customised application logs are not
required.
![Page 44: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/44.jpg)
Application Logging• Each container uses internal methods for logging• Logging Framework• Monolog
• Easy to implement• Applications independent of containers and host• Highly Customisable• Performance Overhead?
When to use?• Use when you require a high degree of control over each application’s
logging implementation
![Page 45: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/45.jpg)
Dedicated Logging Container• Manage logging from within Docker environment• Part of architecture• Removes dependencies on the host machine• Simplifies scaling• Application containers need to be aware of the logging container, and
vice versa
When to use?• Use when you’d like a more flexible logging architecture with a central
place to aggregate logs.
![Page 46: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/46.jpg)
Logging via Sidecar• Similar to dedicated container for logging• Each container has it’s own dedicated logging container• Fully customise each application’s logging solution• Both the application and logging container must be treated as a single
unit• Difficult to set up• May consume more resources than a dedicated logging solution
When to use?• Use in a large, distributed architecture where you still need fine-tuned
control over your logging solution
![Page 47: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/47.jpg)
Other Processes
![Page 48: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/48.jpg)
Supervisord• Run more than one process in container
• Benefits
• Greater Control of processes
• Better management of processes
• Base Image
• PHP-FPM• Crontab•Workers
![Page 49: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/49.jpg)
![Page 50: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/50.jpg)
Container Monitoring
![Page 51: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/51.jpg)
Container Metrics of interest• Container CPU – Throttled CPU Time• Container Memory – Fail Counters• Container Memory Usage• Container Swap• Container Disk I/O• Container Network Metrics
![Page 52: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/52.jpg)
Monitoring Solutions
![Page 53: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/53.jpg)
Common Mistakes• Creating images from running containers• Deploying with ‘latest’ tag• Storing credentials in the image.• Creating images from running containers• Doing too much in your run.sh script (e.g. composer install)• Leads to really a long start up time
• Relying on IP Addresses
![Page 54: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/54.jpg)
Deployment Process• Update Task Definition• Image for phpfpm container is updated
• Update Service to use new Task Definition• Easily roll back to previous Task Definition• Immutable!• Confidence• Zero downtime deployments• Draining Connections
![Page 55: Preparing your dockerised application for production deployment](https://reader031.vdocuments.us/reader031/viewer/2022030313/58ed1e601a28aba10d8b4667/html5/thumbnails/55.jpg)
Questions?