provisioning & deploying with docker
DESCRIPTION
Using docker with configuration management. For all things Chef, presume I say "Puppet".TRANSCRIPT
@ewindisch
Deploying with Docker
Atlanta Docker Meetup 2014.05.13
Do I still need Chef<or insert tool here>?
There is no easy answer
Why do we still need <or insert tool here>?
But… we have Dockerfiles!
It’s a shell-script?$ cat SomeApp/Dockerfile FROM ubuntu:13.10 RUN apt-get update; apt-get install apache RUN sed ’s/something/else/‘ /etc/apache/httpd.confADD shell-script.shRUN shell-script.shRUN [‘/usr/bin/apachectl’, ‘start’]
How do we do it?
$ cat Dockerfile FROM fedora RUN yum update \ yum -y install chef
Traditional Chef
Hardware
OS
Linux
Chef
Installs Chef
Runs
Configures
Images on HWis usually mutable
Hardware
Image
Linux
Chef
Installs Chef
Image'
Linux
Chef
Creates
Replaces
Runs
Ephemeral environmentsare (somewhat) immutable.
Hypervisor
Image
Linux
Chef
Runs
Image'
Linux
Chef
Chef
Runs
Configures
VM
Accesses
COW
Containers are like ephemeral VMs*
* Docker containers don’t HAVE to be ephemeral, but it’s TheRightThing
Docker
Image
Linux
Chef
Runs
Image'
Linux
Chef
Chef
Runs
Configures
Container
Accesses
COW
TM
Runtime Configuration
• One image, several configurations
• Configuration based on container environment
• Specify metadata or roles via environment variables (passed to ‘docker run -e’)
Chef-for-runtime
$ cat Dockerfile FROM fedora RUN yum update \ yum -y install chef
ADD http://x/receipes.tar.gz /opt/chef"ADD solo.rb /etc/chef/solo.rb"CMD chef-solo -c /etc/chef/solo.rb ; \! apachectl start
Does it converge?
$ docker build —rm . $ echo $? # pass or fail
(This is great use of Docker as an alternative to VMs for testing Chef recipes targeting non-Docker production systems)
Bootstrapping Configuration Management on every boot is expensive
Let us use images!
Build-time configuration
• Speed up Chef-based deployments (do it once!)
• Eliminate run-time network requirements
• Config-management CI
Chef-for-build
$ cat Dockerfile FROM fedora RUN yum update \ yum -y install chef"ADD http://x/receipes.tar.gz /opt/chef"ADD solo.rb /etc/chef/solo.rb"RUN chef-solo -c /etc/chef/solo.rb
Burning configurationinto images.
Docker ContainerInitiates Creates
Image
Linux
Chef
Chef
Runs
Configures
Build Creates
Expanded view: Burning configuration into images.
Docker Image tagInitiates
Image'
Linux
Chef
Chef
Build
Image
Linux
Chef
Creates
Creates
Runs Creates
References1
2
Anatomy of a Docker+Chef build & run
Docker ContainerInitiates Creates
Image
Linux
Chef
Chef
Runs
Configures
Chef
Runs
Configures
Build Creates
Stage 1 Stage 2
Chef-for-all-the-things$ cat Dockerfile FROM fedora RUN yum update \ yum -y install chef ADD http://x/receipes.tar.gz /opt/chef"ADD solo-stage1.rb /etc/chef/solo-stage1.rb"ADD solo-stage2.rb /etc/chef/solo-stage2.rb"RUN chef-solo -c /etc/chef/solo-stage1.rb"CMD chef-solo -c /etc/chef/solo-stage2.rb \;" apachectl start