SlideShare uma empresa Scribd logo

Baking docker using chef

Transferir como PPTX, PDF
Mukta Aphale
Mukta Aphale

Presentation delivered at ChefConf 2015, in Santa Clara. Details how Docker can be used with Chef.

Tecnologia
1 de 53
Mukta Aphale ChefConf 2015
 Ruby, Java, C Developer turned into DevOps Architect  Contributed to Chef development  Chef azure extension  Knife plugins: knife-azure, knife-ec2, knife-openstack  Knife WinRM, knife windows listener  Working with iHealth Technologies  Technology, innovation and the thirst to keep learning are what define me  Love to travel, read, write  Above all, I am a mother to two boys!  @muktaa
Docker Chef + Docker CD pipeline that uses knife-ssh Push Jobs Chef Cookbook Chef Containers Our Story
A Quick Introduction
Linux Container 3 Components: Docker Engine Docker Hub Docker Images Benefits: Speed Portability Density Open Source “Can create lightweight, self sufficient containers from any application”
Virtual Machine Docker
FROM ubuntu:14.04 RUN apt-get update RUN apt-get install libfuse-dev ADD dev.conf/etc/myapp- config/ Codify your configuration Set of bash commands Example: HelloScala Dockerfile dev.conf Docker build HelloScala
Shared Hosting – PaaS Microservices Lightweight Testing
Getting the best of both worlds!
Automate Make Whole Enchilada Deliver!
Control the environment Vs System Image / Runtime image Tradeoff between flexibility and manageability CM is the vein of DevOps Shell scripts -> Chef Immutable Infrastructure
Docker Chef Awesomeness
Replaces Human Tasks, Idempotence, Thick client - thin servers, Order Matters, Huge Community Support An improved Robot, Fast, Easy, Fresh fish in the market, ready to be baked!
Because simple things can bring the most happiness!
•git push •Triggers Build Code •Build tools have docker support •Build tools generate a docker image Build Process Save imageDocker Image Unique tagDocker Registry •docker pull •docker stop •docker run Deploy using knife- ssh or Push Jobs CI Server
 git push to https://github.com/muktaa/HelloScala  Triggers a build on your CI server  sbt docker  docker push muktaa/hello-scala  knife ssh 'role:test' 'deploy.sh' -x ssh-user -i ssh-key -c knife.rb  Build tools offer docker integration  Eg: Maven has docker-maven-plugin  https://github.com/spotify/docker-maven-plugin  mvn clean package docker:build -DpushImage
~/github/HelloScala > sbt docker [info] Loading project definition from /Users/muktaaphale/github/HelloScala/project [info] Set current project to hello-scala (in build file:/Users/muktaaphale/github/HelloScala/) [info] Creating docker image with name: 'muktaa/hello-scala' : [info] Sending build context to Docker daemon [info] Step 0 : FROM dockerfile/java [info] ---> 1126c85d8a06 [info] Step 1 : ADD /app/hello-scala_2.11-1.4-one-jar.jar /app/hello-scala_2.11-1.4-one-jar.jar [info] ---> Using cache [info] ---> 61871958f108 [info] Step 2 : ENTRYPOINT java -jar /app/hello-scala_2.11-1.4- one-jar.jar [info] ---> Using cache [info] ---> a8005b32ddc4 [info] Successfully built a8005b32ddc4 [info] Successfully built Docker image: muktaa/hello-scala [success] Total time: 1 s, completed Mar 3, 2015 2:10:04 PM ~/github/HelloScala > docker images | grep hello-scala muktaa/hello-scala latest a8005b32ddc4 12 hours ago 715 MB ~/github/HelloScala > docker run muktaa/hello-scala Hello, world! #1 Hello, world! #2 Hello, world! #3
Docker Hub Link: https://registry.hub.docker.com/u/m uktaa/hello-scala Automated Build in Docker: https://registry.hub.docker.com/u/m uktaa/helloscala-automated-build/
Do you need to push harder?
Knife-ssh works like “push”. Almost. Journey from pull to push “Chef push jobs is an extension of the Chef server that allows jobs to be run against nodes independently of a chef-client run” Job: set of commands to be run on node  Docker pull  Docker stop  Docker run
Push Jobs  Use message bus (zeromq)  Claims to attack the scalability issue  Deployment status is relayed back  New born baby  Complex at the moment, ready with just the basic foundation Knife SSH  Parallel ssh  SSH Protocol is slow and CPU hungry at scale  Feedback on deployment status is not as easy  Been in the market for long  Easy to use
Enterprise Chef 11 or Chef server 12 Standalone or HA Run the commands on Chef Server: chef-server-ctl install opscode-push-jobs-server opscode-push-jobs-server-ctl reconfigure chef-server-ctl reconfigure
 Install knife push plugin  Gem install knife-jobs  Knife cookbook site download push-jobs  Extract and save to your cookbook path  Edit the attributes file (push-jobs/attributes/default.rb)  default['push_jobs']['package_url'] = 'https://opscode-private- chef.s3.amazonaws.com/ubuntu/12.04/x86_64/opscode-push-jobs- client_1.1.5-1_amd64.deb'  default['push_jobs']['package_checksum'] = 'd659c06c72397ed2bc6cd88488349857f1958538‘  Upload the push-jobs cookbook to your ChefServer
Create 2 groups  Pushy_job_writers  Pushy_job_readers Add user to the groups Sudo chef-client –r “recipe[push-jobs]” From Workstation:  Knife node status  Knife node status <node-name>
 knife job start ‘chef-client –r recipe[run-docker]’ <node-name> knife job start ‘docker.sh’ my_node Where docker.sh:  Docker pull muktaa/hello-scala  docker ps | grep muktaa/hello-scala| awk -F" " '{print $1}‘  Docker run muktaa/hello-scala
If only applications were Hello World programs!
Application Configuration Docker Image
Packages Custom SetupsCredentials Softwares Database Files Environment Specific Configuration Ports
DEV Docker Container Docker Container Docker Container PRE PROD Docker Container Docker Container Docker Container PROD Docker Container Docker Container Docker Container
Unsolved problem with Docker today Credentials inside docker containers Hard codes Set environment variables
Create Base Image Manually, with configuration embedded Build Tool uses the custom Base Image Deploy using knife-ssh
To manage docker images and deployment
 Available in Supermarket: https://supermarket.chef.io/cookbooks/docker  Install docker  Build docker image  Pull image and run container  Push docker image to registry  LWRPs  Docker_container  Docker_image  Docker_registry  https://github.com/bflad/chef-docker/blob/master/README.md
secret = Chef::EncryptedDataBagItem.load_secret @docker_cred = Chef::EncryptedDataBagItem.load( node['docker']['creds']['databag'], node['docker']['user'], secret ) docker_registry ‘https://registry.hub.docker.com/u/muktaa/hello-scala/’ do email docker_cred['email'] username docker_cred['username'] password docker_cred['password'] end
# Build a docker image using docker_image resource docker_image node['docker']['image'] do tag node['docker']['image']['tag'] source '/var/docker' action :build end # Push the image to docker registery docker_image node['docker']['image'] do action :push end # Delete the image from the machine docker_image node['docker']['image'] do action :remove end
# Run Container docker_container ‘muktaa/hello-scala’ detach true port ‘8081:8081’, ‘8085:8085’ env ‘ENVIRONMENT=pre-prod’ volume ‘/mnt/docker/docker-storage’ action :run end
# Generate a docker file using template. template "#{node['docker']['directory']}/Dockerfile" do source 'dockerfile.erb' variables image: node['docker']['base']['image']['name'], maintainer: @docker_cred['maintainer'], email: docker_cred['email'], build_cmd: node['docker']['build']['commands'], entry_point: node['docker']['build']['entry_point'] action :create end
Build Application • Save the Artifact to a Repository Manager Build Docker Image • Docker cookbook would build and save the docker image Deploy • Docker cookbook runs the container on the nodes
Contains Awesome.
Package Provides Configuration Management for containers
chef-client runit chef-init
Bootstrap chef-client without SSH connection Manage multiple services inside your container Manage running state of your container Consistency across Architectures Mixed Architecture Applications
Transitioning traditional architecture to containers Handling last mile configuration when container boots Getting the best of two worlds without complexity
Gem install knife-container knife container docker init NAMESPACE/IMAGE_NAME [options] -f base docker image (default is ubuntu 12.04) - chef container should be already installed on it -r runlist -z chef client local mode -b use berkshelf
$ sudo knife container docker init muktaa/hello-scala-cc Compiling Cookbooks... Recipe: knife_container::docker_init * directory[/home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala-cc] action create * template[/home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala-cc/Dockerfile] action create - update content in file /home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala- cc/Dockerfile from none to 943017 - * template[/home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala-cc/.dockerignore] action create - create new file /home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala- cc/.dockerignore - update content in file /home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala- cc/.dockerignore from none to e3b0c4 * directory[/home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala-cc/chef] action create - create new directory /home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala-cc/chef * template[/home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala-cc/chef/client.rb] action create - create new file /home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala- cc/chef/client.rb - update content in file /home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala- cc/chef/client.rb from none to 7de61f * file[/home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala-cc/chef/first-boot.json] action create - create new file /home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala-cc/chef/first- boot.json - update content in file /home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala- cc/chef/first-boot.json from none to 5269ef * template[/home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala-cc/chef/.node_name] action create - create new file /home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala- cc/chef/.node_name - update content in file /home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala- cc/chef/.node_name from none to 4764d2 * template[/home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala-cc/Berksfile] action create (skipped due to only_if) * directory[/home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala-cc/chef/secure] action create - create new directory /home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala- cc/chef/secure * file[/home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala- cc/chef/secure/validation.pem] action create - create new file /home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala- cc/chef/secure/validation.pem - update content in file /home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala- cc/chef/secure/validation.pem from none to ec1f3e - change mode from '' to '0600' Downloading base image: chef/ubuntu-12.04:latest. This process may take awhile... Tagging base image chef/ubuntu-12.04 as muktaa/hello-scala-cc Context Created: /home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala-cc
run command docker images knife container docker build resolve docker dependencies build docker image cleanup chef artifacts
$ sudo knife container docker build muktaa/hello-scala-cc Sending build context to Docker daemon 9.728 kB Sending build context to Docker daemon Step 0 : FROM muktaa/hello-scala-cc ---> 50d3c5c9e133 Step 1 : ADD chef/ /etc/chef/ ---> 4933cc9e13e0 Removing intermediate container da0a08413a91 Step 2 : RUN chef-init --bootstrap ---> Running in add27db609cc [2015-03-31T21:44:44+00:00] INFO: Starting Supervisor... [2015-03-31T21:44:44+00:00] INFO: Supervisor pid: 9 [2015-03-31T21:44:49+00:00] INFO: Starting chef-client run... [2015-03-31T21:44:50+00:00] INFO: Forking chef instance to converge... [2015-03-31T21:44:50+00:00] INFO: *** Chef 11.16.2 *** [2015-03-31T21:44:50+00:00] INFO: Chef-client pid: 16 [2015-03-31T21:44:53+00:00] INFO: Client key /etc/chef/secure/client.pem is not present - registering [2015-03-31T21:44:53+00:00] INFO: HTTP Request Returned 404 Object Not Found: error [2015-03-31T21:44:54+00:00] INFO: Setting the run_list to [] from CLI options [2015-03-31T21:44:54+00:00] INFO: Run List is [] [2015-03-31T21:44:54+00:00] INFO: Run List expands to [] [2015-03-31T21:44:54+00:00] INFO: Starting Chef Run for muktaa-hello-scala-cc-build [2015-03-31T21:44:54+00:00] INFO: Running start handlers [2015-03-31T21:44:54+00:00] INFO: Start handlers complete. [2015-03-31T21:44:55+00:00] INFO: Loading cookbooks [] [2015-03-31T21:44:55+00:00] WARN: Node muktaa-hello-scala-cc-build has an empty run list. [2015-03-31T21:44:55+00:00] INFO: Chef Run complete in 1.121705004 seconds [2015-03-31T21:44:55+00:00] INFO: Running report handlers [2015-03-31T21:44:55+00:00] INFO: Report handlers complete [2015-03-31T21:44:55+00:00] INFO: Sending resource update report (run-id: 6f637baf-18cc- 4620-b3e2-9afc90e8cd6b) ---> 2c2ec6fab1ef Removing intermediate container add27db609cc Step 3 : RUN rm -rf /etc/chef/secure/* ---> Running in 30a3611b083f ---> cab28d6eed90 Removing intermediate container 30a3611b083f Step 4 : ENTRYPOINT ["chef-init"] ---> Running in 0a9f4e96bbf7 ---> a8577b66b103 Removing intermediate container 0a9f4e96bbf7 Step 5 : CMD ["--onboot"] ---> Running in f9a444817229 ---> 21b3800bc9b3 Removing intermediate container f9a444817229 Successfully built 21b3800bc9b3
$ sudo docker images REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE muktaa/hello-scala-cc latest 21b3800bc9b3 2 hours ago 311.9 MB <none> <none> b343c8301cc8 2 hours ago 311.9 MB chef/ubuntu-12.04 latest 50d3c5c9e133 6 months ago 311.9 MB $ sudo docker push muktaa/hello-scala-cc $ sudo docker –d run muktaa/hello-scala-cc
Product under Development. Super Cool DevOps Culture.
Running apps in containers is easy Debugging apps in containers is difficult You can very well run multiple services inside a docker container Ah the woes of Docker networking! Sequential Progression Bake carefully… Happy Baking!
Questions?

Recomendados

Deploying an application with Chef and Docker
Deploying an application with Chef and DockerDeploying an application with Chef and Docker
Deploying an application with Chef and Docker
Daniel Ku
 
Automating Dev Environment - Introduction to Docker and Chef
Automating Dev Environment - Introduction to Docker and ChefAutomating Dev Environment - Introduction to Docker and Chef
Automating Dev Environment - Introduction to Docker and Chef
kamalikamj
 
Using Docker with Puppet - PuppetConf 2014
Using Docker with Puppet - PuppetConf 2014Using Docker with Puppet - PuppetConf 2014
Using Docker with Puppet - PuppetConf 2014
Puppet
 
Continuous Delivery in Enterprise Environments using Docker, Ansible and Jenkins
Continuous Delivery in Enterprise Environments using Docker, Ansible and JenkinsContinuous Delivery in Enterprise Environments using Docker, Ansible and Jenkins
Continuous Delivery in Enterprise Environments using Docker, Ansible and Jenkins
Marcel Birkner
 
Docker Docker Docker Chef
Docker Docker Docker ChefDocker Docker Docker Chef
Docker Docker Docker Chef
Sean OMeara
 
Deployment Automation with Docker
Deployment Automation with DockerDeployment Automation with Docker
Deployment Automation with Docker
Egor Pushkin
 
Provisioning & Deploying with Docker
Provisioning & Deploying with DockerProvisioning & Deploying with Docker
Provisioning & Deploying with Docker
Erica Windisch
 
Ansible Introduction
Ansible Introduction Ansible Introduction
Ansible Introduction
Robert Reiz
 

Recomendados

Deploying an application with Chef and Docker
Deploying an application with Chef and DockerDeploying an application with Chef and Docker
Deploying an application with Chef and Docker
Daniel Ku
 
Automating Dev Environment - Introduction to Docker and Chef
Automating Dev Environment - Introduction to Docker and ChefAutomating Dev Environment - Introduction to Docker and Chef
Automating Dev Environment - Introduction to Docker and Chef
kamalikamj
 
Using Docker with Puppet - PuppetConf 2014
Using Docker with Puppet - PuppetConf 2014Using Docker with Puppet - PuppetConf 2014
Using Docker with Puppet - PuppetConf 2014
Puppet
 
Continuous Delivery in Enterprise Environments using Docker, Ansible and Jenkins
Continuous Delivery in Enterprise Environments using Docker, Ansible and JenkinsContinuous Delivery in Enterprise Environments using Docker, Ansible and Jenkins
Continuous Delivery in Enterprise Environments using Docker, Ansible and Jenkins
Marcel Birkner
 
Docker Docker Docker Chef
Docker Docker Docker ChefDocker Docker Docker Chef
Docker Docker Docker Chef
Sean OMeara
 
Deployment Automation with Docker
Deployment Automation with DockerDeployment Automation with Docker
Deployment Automation with Docker
Egor Pushkin
 
Provisioning & Deploying with Docker
Provisioning & Deploying with DockerProvisioning & Deploying with Docker
Provisioning & Deploying with Docker
Erica Windisch
 
Ansible Introduction
Ansible Introduction Ansible Introduction
Ansible Introduction
Robert Reiz
 
Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...
Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...
Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...
Puppet
 
Infrastructure testing with Jenkins, Puppet and Vagrant - Agile Testing Days ...
Infrastructure testing with Jenkins, Puppet and Vagrant - Agile Testing Days ...Infrastructure testing with Jenkins, Puppet and Vagrant - Agile Testing Days ...
Infrastructure testing with Jenkins, Puppet and Vagrant - Agile Testing Days ...
Carlos Sanchez
 
Orchestration? You Don't Need Orchestration. What You Want is Choreography.
Orchestration? You Don't Need Orchestration. What You Want is Choreography.Orchestration? You Don't Need Orchestration. What You Want is Choreography.
Orchestration? You Don't Need Orchestration. What You Want is Choreography.
Julian Dunn
 
Testing with Docker
Testing with DockerTesting with Docker
Testing with Docker
toffermann
 
Vagrant to-aws-flow
Vagrant to-aws-flowVagrant to-aws-flow
Vagrant to-aws-flow
Kimberly Macias
 
Vagrant introduction for Developers
Vagrant introduction for DevelopersVagrant introduction for Developers
Vagrant introduction for Developers
Antons Kranga
 
Jenkins, pipeline and docker
Jenkins, pipeline and docker Jenkins, pipeline and docker
Jenkins, pipeline and docker
AgileDenver
 
Test-Driven Infrastructure with Chef
Test-Driven Infrastructure with ChefTest-Driven Infrastructure with Chef
Test-Driven Infrastructure with Chef
Michael Lihs
 
Continuous Integration/Deployment with Docker and Jenkins
Continuous Integration/Deployment with Docker and JenkinsContinuous Integration/Deployment with Docker and Jenkins
Continuous Integration/Deployment with Docker and Jenkins
Francesco Bruni
 
Zero to Continuous Delivery on Google Cloud
Zero to Continuous Delivery on Google CloudZero to Continuous Delivery on Google Cloud
Zero to Continuous Delivery on Google Cloud
James Heggs
 
Continuous Deployment with Jenkins on Kubernetes
Continuous Deployment with Jenkins on KubernetesContinuous Deployment with Jenkins on Kubernetes
Continuous Deployment with Jenkins on Kubernetes
Matt Baldwin
 
Testable Infrastructure with Chef, Test Kitchen, and Docker
Testable Infrastructure with Chef, Test Kitchen, and DockerTestable Infrastructure with Chef, Test Kitchen, and Docker
Testable Infrastructure with Chef, Test Kitchen, and Docker
Mandi Walls
 
How Puppet Enables the Use of Lightweight Virtualized Containers - PuppetConf...
How Puppet Enables the Use of Lightweight Virtualized Containers - PuppetConf...How Puppet Enables the Use of Lightweight Virtualized Containers - PuppetConf...
How Puppet Enables the Use of Lightweight Virtualized Containers - PuppetConf...
Puppet
 
Portland PUG April 2014: Beaker 101: Acceptance Test Everything
Portland PUG April 2014: Beaker 101: Acceptance Test EverythingPortland PUG April 2014: Beaker 101: Acceptance Test Everything
Portland PUG April 2014: Beaker 101: Acceptance Test Everything
Puppet
 
Kubelet with no Kubernetes Masters | DevNation Tech Talk
Kubelet with no Kubernetes Masters | DevNation Tech TalkKubelet with no Kubernetes Masters | DevNation Tech Talk
Kubelet with no Kubernetes Masters | DevNation Tech Talk
Red Hat Developers
 
Building kubectl plugins with Quarkus | DevNation Tech Talk
Building kubectl plugins with Quarkus | DevNation Tech TalkBuilding kubectl plugins with Quarkus | DevNation Tech Talk
Building kubectl plugins with Quarkus | DevNation Tech Talk
Red Hat Developers
 
CI and CD at Scale: Scaling Jenkins with Docker and Apache Mesos
CI and CD at Scale: Scaling Jenkins with Docker and Apache MesosCI and CD at Scale: Scaling Jenkins with Docker and Apache Mesos
CI and CD at Scale: Scaling Jenkins with Docker and Apache Mesos
Carlos Sanchez
 
Docker
DockerDocker
Docker
Michael Lihs
 
Steamlining your puppet development workflow
Steamlining your puppet development workflowSteamlining your puppet development workflow
Steamlining your puppet development workflow
Tomas Doran
 
Automated Deployment Pipeline using Jenkins, Puppet, Mcollective and AWS
Automated Deployment Pipeline using Jenkins, Puppet, Mcollective and AWSAutomated Deployment Pipeline using Jenkins, Puppet, Mcollective and AWS
Automated Deployment Pipeline using Jenkins, Puppet, Mcollective and AWS
Bamdad Dashtban
 
Docker
DockerDocker
Docker
The Software House
 
Docker and configuration management
Docker and configuration managementDocker and configuration management
Docker and configuration management
Mukta Aphale
 

Mais conteúdo relacionado

Mais procurados

Infrastructure testing with Jenkins, Puppet and Vagrant - Agile Testing Days ...
Infrastructure testing with Jenkins, Puppet and Vagrant - Agile Testing Days ...Infrastructure testing with Jenkins, Puppet and Vagrant - Agile Testing Days ...
Infrastructure testing with Jenkins, Puppet and Vagrant - Agile Testing Days ...
Carlos Sanchez
 
Jenkins, pipeline and docker
Jenkins, pipeline and docker Jenkins, pipeline and docker
Jenkins, pipeline and docker
AgileDenver
 
CI and CD at Scale: Scaling Jenkins with Docker and Apache Mesos
CI and CD at Scale: Scaling Jenkins with Docker and Apache MesosCI and CD at Scale: Scaling Jenkins with Docker and Apache Mesos
CI and CD at Scale: Scaling Jenkins with Docker and Apache Mesos
Carlos Sanchez
 
Automated Deployment Pipeline using Jenkins, Puppet, Mcollective and AWS
Automated Deployment Pipeline using Jenkins, Puppet, Mcollective and AWSAutomated Deployment Pipeline using Jenkins, Puppet, Mcollective and AWS
Automated Deployment Pipeline using Jenkins, Puppet, Mcollective and AWS
Bamdad Dashtban
 

Mais procurados (20)

Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...
Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...
Continuous Infrastructure: Modern Puppet for the Jenkins Project - PuppetConf...
 
Infrastructure testing with Jenkins, Puppet and Vagrant - Agile Testing Days ...
Infrastructure testing with Jenkins, Puppet and Vagrant - Agile Testing Days ...Infrastructure testing with Jenkins, Puppet and Vagrant - Agile Testing Days ...
Infrastructure testing with Jenkins, Puppet and Vagrant - Agile Testing Days ...
 
Orchestration? You Don't Need Orchestration. What You Want is Choreography.
Orchestration? You Don't Need Orchestration. What You Want is Choreography.Orchestration? You Don't Need Orchestration. What You Want is Choreography.
Orchestration? You Don't Need Orchestration. What You Want is Choreography.
 
Testing with Docker
Testing with DockerTesting with Docker
Testing with Docker
 
Vagrant to-aws-flow
Vagrant to-aws-flowVagrant to-aws-flow
Vagrant to-aws-flow
 
Vagrant introduction for Developers
Vagrant introduction for DevelopersVagrant introduction for Developers
Vagrant introduction for Developers
 
Jenkins, pipeline and docker
Jenkins, pipeline and docker Jenkins, pipeline and docker
Jenkins, pipeline and docker
 
Test-Driven Infrastructure with Chef
Test-Driven Infrastructure with ChefTest-Driven Infrastructure with Chef
Test-Driven Infrastructure with Chef
 
Continuous Integration/Deployment with Docker and Jenkins
Continuous Integration/Deployment with Docker and JenkinsContinuous Integration/Deployment with Docker and Jenkins
Continuous Integration/Deployment with Docker and Jenkins
 
Zero to Continuous Delivery on Google Cloud
Zero to Continuous Delivery on Google CloudZero to Continuous Delivery on Google Cloud
Zero to Continuous Delivery on Google Cloud
 
Continuous Deployment with Jenkins on Kubernetes
Continuous Deployment with Jenkins on KubernetesContinuous Deployment with Jenkins on Kubernetes
Continuous Deployment with Jenkins on Kubernetes
 
Testable Infrastructure with Chef, Test Kitchen, and Docker
Testable Infrastructure with Chef, Test Kitchen, and DockerTestable Infrastructure with Chef, Test Kitchen, and Docker
Testable Infrastructure with Chef, Test Kitchen, and Docker
 
How Puppet Enables the Use of Lightweight Virtualized Containers - PuppetConf...
How Puppet Enables the Use of Lightweight Virtualized Containers - PuppetConf...How Puppet Enables the Use of Lightweight Virtualized Containers - PuppetConf...
How Puppet Enables the Use of Lightweight Virtualized Containers - PuppetConf...
 
Portland PUG April 2014: Beaker 101: Acceptance Test Everything
Portland PUG April 2014: Beaker 101: Acceptance Test EverythingPortland PUG April 2014: Beaker 101: Acceptance Test Everything
Portland PUG April 2014: Beaker 101: Acceptance Test Everything
 
Kubelet with no Kubernetes Masters | DevNation Tech Talk
Kubelet with no Kubernetes Masters | DevNation Tech TalkKubelet with no Kubernetes Masters | DevNation Tech Talk
Kubelet with no Kubernetes Masters | DevNation Tech Talk
 
Building kubectl plugins with Quarkus | DevNation Tech Talk
Building kubectl plugins with Quarkus | DevNation Tech TalkBuilding kubectl plugins with Quarkus | DevNation Tech Talk
Building kubectl plugins with Quarkus | DevNation Tech Talk
 
CI and CD at Scale: Scaling Jenkins with Docker and Apache Mesos
CI and CD at Scale: Scaling Jenkins with Docker and Apache MesosCI and CD at Scale: Scaling Jenkins with Docker and Apache Mesos
CI and CD at Scale: Scaling Jenkins with Docker and Apache Mesos
 
Docker
DockerDocker
Docker
 
Steamlining your puppet development workflow
Steamlining your puppet development workflowSteamlining your puppet development workflow
Steamlining your puppet development workflow
 
Automated Deployment Pipeline using Jenkins, Puppet, Mcollective and AWS
Automated Deployment Pipeline using Jenkins, Puppet, Mcollective and AWSAutomated Deployment Pipeline using Jenkins, Puppet, Mcollective and AWS
Automated Deployment Pipeline using Jenkins, Puppet, Mcollective and AWS
 

Semelhante a Baking docker using chef

DevOps Workflow: A Tutorial on Linux Containers
DevOps Workflow: A Tutorial on Linux ContainersDevOps Workflow: A Tutorial on Linux Containers
DevOps Workflow: A Tutorial on Linux Containers
inside-BigData.com
 
Docker for developers on mac and windows
Docker for developers on mac and windowsDocker for developers on mac and windows
Docker for developers on mac and windows
Docker, Inc.
 

Semelhante a Baking docker using chef (20)

Docker
DockerDocker
Docker
 
Docker and configuration management
Docker and configuration managementDocker and configuration management
Docker and configuration management
 
How to _docker
How to _dockerHow to _docker
How to _docker
 
Docker and Puppet for Continuous Integration
Docker and Puppet for Continuous IntegrationDocker and Puppet for Continuous Integration
Docker and Puppet for Continuous Integration
 
DevOps Workflow: A Tutorial on Linux Containers
DevOps Workflow: A Tutorial on Linux ContainersDevOps Workflow: A Tutorial on Linux Containers
DevOps Workflow: A Tutorial on Linux Containers
 
Simple docker hosting in FIWARE Lab
Simple docker hosting in FIWARE LabSimple docker hosting in FIWARE Lab
Simple docker hosting in FIWARE Lab
 
Docker Basic to Advance
Docker Basic to AdvanceDocker Basic to Advance
Docker Basic to Advance
 
Develop with docker 2014 aug
Develop with docker 2014 augDevelop with docker 2014 aug
Develop with docker 2014 aug
 
Docker Starter Pack
Docker Starter PackDocker Starter Pack
Docker Starter Pack
 
Docker in Action
Docker in ActionDocker in Action
Docker in Action
 
[Codelab 2017] Docker 기초 및 활용 방안
[Codelab 2017] Docker 기초 및 활용 방안[Codelab 2017] Docker 기초 및 활용 방안
[Codelab 2017] Docker 기초 및 활용 방안
 
Docker Introduction.pdf
Docker Introduction.pdfDocker Introduction.pdf
Docker Introduction.pdf
 
Docker for developers on mac and windows
Docker for developers on mac and windowsDocker for developers on mac and windows
Docker for developers on mac and windows
 
The Docker "Gauntlet" - Introduction, Ecosystem, Deployment, Orchestration
The Docker "Gauntlet" - Introduction, Ecosystem, Deployment, OrchestrationThe Docker "Gauntlet" - Introduction, Ecosystem, Deployment, Orchestration
The Docker "Gauntlet" - Introduction, Ecosystem, Deployment, Orchestration
 
Java microservicesdockerdockerhubusecase2
Java microservicesdockerdockerhubusecase2Java microservicesdockerdockerhubusecase2
Java microservicesdockerdockerhubusecase2
 
Docker, Kubernetes, and Google Cloud
Docker, Kubernetes, and Google CloudDocker, Kubernetes, and Google Cloud
Docker, Kubernetes, and Google Cloud
 
Drupal Development with Docker
Drupal Development with DockerDrupal Development with Docker
Drupal Development with Docker
 
時代在變 Docker 要會:台北 Docker 一日入門篇
時代在變 Docker 要會:台北 Docker 一日入門篇時代在變 Docker 要會:台北 Docker 一日入門篇
時代在變 Docker 要會:台北 Docker 一日入門篇
 
Docker: A New Way to Turbocharging Your Apps Development
Docker: A New Way to Turbocharging Your Apps DevelopmentDocker: A New Way to Turbocharging Your Apps Development
Docker: A New Way to Turbocharging Your Apps Development
 
How to Dockerize Web Application using Docker Compose
How to Dockerize Web Application using Docker ComposeHow to Dockerize Web Application using Docker Compose
How to Dockerize Web Application using Docker Compose
 

Mais de Mukta Aphale

Mais de Mukta Aphale (9)

CI with Docker in Docker
CI with Docker in DockerCI with Docker in Docker
CI with Docker in Docker
 
Using Docker for Testing
Using Docker for TestingUsing Docker for Testing
Using Docker for Testing
 
Baking Docker Using Chef
Baking Docker Using ChefBaking Docker Using Chef
Baking Docker Using Chef
 
What is DevOps?
What is DevOps?What is DevOps?
What is DevOps?
 
Application Monitoring using Datadog
Application Monitoring using DatadogApplication Monitoring using Datadog
Application Monitoring using Datadog
 
Continuous Testing using Shippable and Docker
Continuous Testing using Shippable and DockerContinuous Testing using Shippable and Docker
Continuous Testing using Shippable and Docker
 
What is dev ops?
What is dev ops?What is dev ops?
What is dev ops?
 
MomOps in DevOps
MomOps in DevOpsMomOps in DevOps
MomOps in DevOps
 
Ice breaker with dev ops
Ice breaker with dev opsIce breaker with dev ops
Ice breaker with dev ops
 

Último

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 

Último (20)

CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 

Baking docker using chef

  • 2.  Ruby, Java, C Developer turned into DevOps Architect  Contributed to Chef development  Chef azure extension  Knife plugins: knife-azure, knife-ec2, knife-openstack  Knife WinRM, knife windows listener  Working with iHealth Technologies  Technology, innovation and the thirst to keep learning are what define me  Love to travel, read, write  Above all, I am a mother to two boys!  @muktaa
  • 3. Docker Chef + Docker CD pipeline that uses knife-ssh Push Jobs Chef Cookbook Chef Containers Our Story
  • 5. Linux Container 3 Components: Docker Engine Docker Hub Docker Images Benefits: Speed Portability Density Open Source “Can create lightweight, self sufficient containers from any application”
  • 7. FROM ubuntu:14.04 RUN apt-get update RUN apt-get install libfuse-dev ADD dev.conf/etc/myapp- config/ Codify your configuration Set of bash commands Example: HelloScala Dockerfile dev.conf Docker build HelloScala
  • 8. Shared Hosting – PaaS Microservices Lightweight Testing
  • 9. Getting the best of both worlds!
  • 10. Automate Make Whole Enchilada Deliver!
  • 11. Control the environment Vs System Image / Runtime image Tradeoff between flexibility and manageability CM is the vein of DevOps Shell scripts -> Chef Immutable Infrastructure
  • 13. Replaces Human Tasks, Idempotence, Thick client - thin servers, Order Matters, Huge Community Support An improved Robot, Fast, Easy, Fresh fish in the market, ready to be baked!
  • 14. Because simple things can bring the most happiness!
  • 15. •git push •Triggers Build Code •Build tools have docker support •Build tools generate a docker image Build Process Save imageDocker Image Unique tagDocker Registry •docker pull •docker stop •docker run Deploy using knife- ssh or Push Jobs CI Server
  • 16.  git push to https://github.com/muktaa/HelloScala  Triggers a build on your CI server  sbt docker  docker push muktaa/hello-scala  knife ssh 'role:test' 'deploy.sh' -x ssh-user -i ssh-key -c knife.rb  Build tools offer docker integration  Eg: Maven has docker-maven-plugin  https://github.com/spotify/docker-maven-plugin  mvn clean package docker:build -DpushImage
  • 17. ~/github/HelloScala > sbt docker [info] Loading project definition from /Users/muktaaphale/github/HelloScala/project [info] Set current project to hello-scala (in build file:/Users/muktaaphale/github/HelloScala/) [info] Creating docker image with name: 'muktaa/hello-scala' : [info] Sending build context to Docker daemon [info] Step 0 : FROM dockerfile/java [info] ---> 1126c85d8a06 [info] Step 1 : ADD /app/hello-scala_2.11-1.4-one-jar.jar /app/hello-scala_2.11-1.4-one-jar.jar [info] ---> Using cache [info] ---> 61871958f108 [info] Step 2 : ENTRYPOINT java -jar /app/hello-scala_2.11-1.4- one-jar.jar [info] ---> Using cache [info] ---> a8005b32ddc4 [info] Successfully built a8005b32ddc4 [info] Successfully built Docker image: muktaa/hello-scala [success] Total time: 1 s, completed Mar 3, 2015 2:10:04 PM ~/github/HelloScala > docker images | grep hello-scala muktaa/hello-scala latest a8005b32ddc4 12 hours ago 715 MB ~/github/HelloScala > docker run muktaa/hello-scala Hello, world! #1 Hello, world! #2 Hello, world! #3
  • 18. Docker Hub Link: https://registry.hub.docker.com/u/m uktaa/hello-scala Automated Build in Docker: https://registry.hub.docker.com/u/m uktaa/helloscala-automated-build/
  • 19. Do you need to push harder?
  • 20. Knife-ssh works like “push”. Almost. Journey from pull to push “Chef push jobs is an extension of the Chef server that allows jobs to be run against nodes independently of a chef-client run” Job: set of commands to be run on node  Docker pull  Docker stop  Docker run
  • 21. Push Jobs  Use message bus (zeromq)  Claims to attack the scalability issue  Deployment status is relayed back  New born baby  Complex at the moment, ready with just the basic foundation Knife SSH  Parallel ssh  SSH Protocol is slow and CPU hungry at scale  Feedback on deployment status is not as easy  Been in the market for long  Easy to use
  • 22. Enterprise Chef 11 or Chef server 12 Standalone or HA Run the commands on Chef Server: chef-server-ctl install opscode-push-jobs-server opscode-push-jobs-server-ctl reconfigure chef-server-ctl reconfigure
  • 23.  Install knife push plugin  Gem install knife-jobs  Knife cookbook site download push-jobs  Extract and save to your cookbook path  Edit the attributes file (push-jobs/attributes/default.rb)  default['push_jobs']['package_url'] = 'https://opscode-private- chef.s3.amazonaws.com/ubuntu/12.04/x86_64/opscode-push-jobs- client_1.1.5-1_amd64.deb'  default['push_jobs']['package_checksum'] = 'd659c06c72397ed2bc6cd88488349857f1958538‘  Upload the push-jobs cookbook to your ChefServer
  • 24. Create 2 groups  Pushy_job_writers  Pushy_job_readers Add user to the groups Sudo chef-client –r “recipe[push-jobs]” From Workstation:  Knife node status  Knife node status <node-name>
  • 25.  knife job start ‘chef-client –r recipe[run-docker]’ <node-name> knife job start ‘docker.sh’ my_node Where docker.sh:  Docker pull muktaa/hello-scala  docker ps | grep muktaa/hello-scala| awk -F" " '{print $1}‘  Docker run muktaa/hello-scala
  • 26.
  • 27. If only applications were Hello World programs!
  • 29. Packages Custom SetupsCredentials Softwares Database Files Environment Specific Configuration Ports
  • 31. Unsolved problem with Docker today Credentials inside docker containers Hard codes Set environment variables
  • 32. Create Base Image Manually, with configuration embedded Build Tool uses the custom Base Image Deploy using knife-ssh
  • 33. To manage docker images and deployment
  • 34.  Available in Supermarket: https://supermarket.chef.io/cookbooks/docker  Install docker  Build docker image  Pull image and run container  Push docker image to registry  LWRPs  Docker_container  Docker_image  Docker_registry  https://github.com/bflad/chef-docker/blob/master/README.md
  • 35. secret = Chef::EncryptedDataBagItem.load_secret @docker_cred = Chef::EncryptedDataBagItem.load( node['docker']['creds']['databag'], node['docker']['user'], secret ) docker_registry ‘https://registry.hub.docker.com/u/muktaa/hello-scala/’ do email docker_cred['email'] username docker_cred['username'] password docker_cred['password'] end
  • 36. # Build a docker image using docker_image resource docker_image node['docker']['image'] do tag node['docker']['image']['tag'] source '/var/docker' action :build end # Push the image to docker registery docker_image node['docker']['image'] do action :push end # Delete the image from the machine docker_image node['docker']['image'] do action :remove end
  • 37. # Run Container docker_container ‘muktaa/hello-scala’ detach true port ‘8081:8081’, ‘8085:8085’ env ‘ENVIRONMENT=pre-prod’ volume ‘/mnt/docker/docker-storage’ action :run end
  • 38. # Generate a docker file using template. template "#{node['docker']['directory']}/Dockerfile" do source 'dockerfile.erb' variables image: node['docker']['base']['image']['name'], maintainer: @docker_cred['maintainer'], email: docker_cred['email'], build_cmd: node['docker']['build']['commands'], entry_point: node['docker']['build']['entry_point'] action :create end
  • 39. Build Application • Save the Artifact to a Repository Manager Build Docker Image • Docker cookbook would build and save the docker image Deploy • Docker cookbook runs the container on the nodes
  • 43. Bootstrap chef-client without SSH connection Manage multiple services inside your container Manage running state of your container Consistency across Architectures Mixed Architecture Applications
  • 44. Transitioning traditional architecture to containers Handling last mile configuration when container boots Getting the best of two worlds without complexity
  • 45. Gem install knife-container knife container docker init NAMESPACE/IMAGE_NAME [options] -f base docker image (default is ubuntu 12.04) - chef container should be already installed on it -r runlist -z chef client local mode -b use berkshelf
  • 46. $ sudo knife container docker init muktaa/hello-scala-cc Compiling Cookbooks... Recipe: knife_container::docker_init * directory[/home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala-cc] action create * template[/home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala-cc/Dockerfile] action create - update content in file /home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala- cc/Dockerfile from none to 943017 - * template[/home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala-cc/.dockerignore] action create - create new file /home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala- cc/.dockerignore - update content in file /home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala- cc/.dockerignore from none to e3b0c4 * directory[/home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala-cc/chef] action create - create new directory /home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala-cc/chef * template[/home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala-cc/chef/client.rb] action create - create new file /home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala- cc/chef/client.rb - update content in file /home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala- cc/chef/client.rb from none to 7de61f * file[/home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala-cc/chef/first-boot.json] action create - create new file /home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala-cc/chef/first- boot.json - update content in file /home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala- cc/chef/first-boot.json from none to 5269ef * template[/home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala-cc/chef/.node_name] action create - create new file /home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala- cc/chef/.node_name - update content in file /home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala- cc/chef/.node_name from none to 4764d2 * template[/home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala-cc/Berksfile] action create (skipped due to only_if) * directory[/home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala-cc/chef/secure] action create - create new directory /home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala- cc/chef/secure * file[/home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala- cc/chef/secure/validation.pem] action create - create new file /home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala- cc/chef/secure/validation.pem - update content in file /home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala- cc/chef/secure/validation.pem from none to ec1f3e - change mode from '' to '0600' Downloading base image: chef/ubuntu-12.04:latest. This process may take awhile... Tagging base image chef/ubuntu-12.04 as muktaa/hello-scala-cc Context Created: /home/ubuntu/chef-repo/dockerfiles/muktaa/hello-scala-cc
  • 47. run command docker images knife container docker build resolve docker dependencies build docker image cleanup chef artifacts
  • 48. $ sudo knife container docker build muktaa/hello-scala-cc Sending build context to Docker daemon 9.728 kB Sending build context to Docker daemon Step 0 : FROM muktaa/hello-scala-cc ---> 50d3c5c9e133 Step 1 : ADD chef/ /etc/chef/ ---> 4933cc9e13e0 Removing intermediate container da0a08413a91 Step 2 : RUN chef-init --bootstrap ---> Running in add27db609cc [2015-03-31T21:44:44+00:00] INFO: Starting Supervisor... [2015-03-31T21:44:44+00:00] INFO: Supervisor pid: 9 [2015-03-31T21:44:49+00:00] INFO: Starting chef-client run... [2015-03-31T21:44:50+00:00] INFO: Forking chef instance to converge... [2015-03-31T21:44:50+00:00] INFO: *** Chef 11.16.2 *** [2015-03-31T21:44:50+00:00] INFO: Chef-client pid: 16 [2015-03-31T21:44:53+00:00] INFO: Client key /etc/chef/secure/client.pem is not present - registering [2015-03-31T21:44:53+00:00] INFO: HTTP Request Returned 404 Object Not Found: error [2015-03-31T21:44:54+00:00] INFO: Setting the run_list to [] from CLI options [2015-03-31T21:44:54+00:00] INFO: Run List is [] [2015-03-31T21:44:54+00:00] INFO: Run List expands to [] [2015-03-31T21:44:54+00:00] INFO: Starting Chef Run for muktaa-hello-scala-cc-build [2015-03-31T21:44:54+00:00] INFO: Running start handlers [2015-03-31T21:44:54+00:00] INFO: Start handlers complete. [2015-03-31T21:44:55+00:00] INFO: Loading cookbooks [] [2015-03-31T21:44:55+00:00] WARN: Node muktaa-hello-scala-cc-build has an empty run list. [2015-03-31T21:44:55+00:00] INFO: Chef Run complete in 1.121705004 seconds [2015-03-31T21:44:55+00:00] INFO: Running report handlers [2015-03-31T21:44:55+00:00] INFO: Report handlers complete [2015-03-31T21:44:55+00:00] INFO: Sending resource update report (run-id: 6f637baf-18cc- 4620-b3e2-9afc90e8cd6b) ---> 2c2ec6fab1ef Removing intermediate container add27db609cc Step 3 : RUN rm -rf /etc/chef/secure/* ---> Running in 30a3611b083f ---> cab28d6eed90 Removing intermediate container 30a3611b083f Step 4 : ENTRYPOINT ["chef-init"] ---> Running in 0a9f4e96bbf7 ---> a8577b66b103 Removing intermediate container 0a9f4e96bbf7 Step 5 : CMD ["--onboot"] ---> Running in f9a444817229 ---> 21b3800bc9b3 Removing intermediate container f9a444817229 Successfully built 21b3800bc9b3
  • 49. $ sudo docker images REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE muktaa/hello-scala-cc latest 21b3800bc9b3 2 hours ago 311.9 MB <none> <none> b343c8301cc8 2 hours ago 311.9 MB chef/ubuntu-12.04 latest 50d3c5c9e133 6 months ago 311.9 MB $ sudo docker push muktaa/hello-scala-cc $ sudo docker –d run muktaa/hello-scala-cc
  • 50. Product under Development. Super Cool DevOps Culture.
  • 51.
  • 52. Running apps in containers is easy Debugging apps in containers is difficult You can very well run multiple services inside a docker container Ah the woes of Docker networking! Sequential Progression Bake carefully… Happy Baking!

Notas do Editor

  1. Hello Chefs! Good afternoon!  I will be talking about using Docker with Chef! Baking docker using chef! 
  2. Currently I am working with IHT. At IHT we are building a new product with an exciting technology stack. The product is primarily written in Scala, uses Akka framework and Triple store (triple rush). Similarly We are implementing a solid DevOps strategy. My job and role perfectly suits my passion for technology, innovation and the thirst to keep learning. Flew 20 hrs from india
  3. We will go through a quick introduction to docker Why Chef and Docker are needed together to build an awesome solution We will Build a very simple CD pipeline that uses knife-ssh Quickly delve into using push jobs , quickly since yesterday we had a very good session on push jobs by See how we can Use the docker chef cookbook to manage docker And Conclude with Chef Containers
  4. lightweight virtualization provided by libraries inside linux kernel Docker engine is a portable, lightweight runtime and packaging tool Docker Hub: is a cloud service for sharing applications and automating workflows Docker images: layered file system
  5. guest operating system - which may weigh 10s of GB. Docker runs as an isolated process in userspace on the host operating system, sharing the kernel with other containers. Thus, it enjoys the resource isolation and allocation benefits of VMs but is much more portable and efficient.
  6. dockerfiles help you codify your configuration, its a set of bash commands which results in a docker image. Docker images are diff to maintain. not idempotent This is a very basic example of config management done inside docker image. Consider repo HelloScala with a dockerfile & Hello-scala.conf. The right side shows the dockerfile which picks up the conf and uses it for the apache config. There is a need to do high quality config management inside docker images, while taking advantage of the many benefits docker containers provide. Example – *instead of long bash script in your dockerfile, you can use chef recipe *if you have already invested in chef, don’t have to make big changes
  7. Shared Hosting – PaaS Many hosted CI servers like Travis-CI or internet search providers use Docker for infrastructure virtualization and application isolation Microservices microservices architecture has small services which have independent deployment but depend on each other. Docker provide an ideal environment for deployment of these services with respect to speed, isolation, and lifecycle ,management. Lightweight Testing Docker is widely used in testing applications. Docker containers can be destroyed post testing and new ones are created for every test run. *There is support in test kitchen to test cookbook inside docker containers
  8. we want to automate everything. In DevOps. Iteratively progress to achieve automation We want to include all the awesome features. We want to ensure we stay in the market even after a couple of years. And that IS an important consideration - when the industry and technology are moving at such a fast pace! We want to do it all.. and yet deliver on time! We can achieve this is by defining a solution that would give us the best of both the worlds!
  9. Chef Vs Docker is like considering CM Vs golden images. With CM you can control the environment by using tools like Chef. Docker belongs to the school of golden-images which favours clones of a single and well maintained system image. Generally, people look down on Golden Images as The state of the machine tends to change over time and becomes an unmanageable mess. Golden images were gradually discarded for more advanced methods of config management! But having said that, golden images have been pulled off successfully for a long time. Now With Docker or containerization generally, the concept of immutable infrastructure has again come to the fore. Immutable infrastructure is a stack that you build once, run any number of times as new instances, and never change again. If you want to change deployment then you need to terminate the instance or container and start over from step one: that is, build a new image.
  10. Docker attacks a subset of problems in DevOps, while an umbrella of solutions is provided by Chef. Lets see why & how we can do that Complementary
  11. Chef was born to replace human tasks. It was based on 3 core principles: idempotence - configuration should be defined such that it can run on any machine, “pull” philosophy thereby maintaining a thin server, and the importance of the order in which the configuration is defined. Chef grew up to be one of the most prefered CM tools, with a large community contribution. Its tried and tested. Its safe. Then came the container era. Containers are faster. With Docker, there have been debates that complex CM tools are not needed. Docker makes your life simpler, they say. But Docker is new and not as much explored. There is risk in getting docker to production. Lets bake the fresh fish into a hot and healthy meal!
  12. Consider you have a github repo which triggers build on your CI server with a git push. Most of the build tools now have docker support. With a successful build & maybe tests, a docker image is created by the build tool. The docker image can be saved to the docker registry. It can be given a unique tag in the docker registry. This docker image needs to run on your node. As we know, it is just 3 commands that need to run: docker pull latest images (or pull a particular tag), stop the running container, start a new container. Note – docker stop may or may not be needed, or it can be stopped later as per the requirement or design. How can you take your deployment to your nodes? Use knife-ssh!
  13. Here are the steps in detail, of how this can be done. A sample demo project, HelloScala triggers a Travis-CI build. SBT is “scala build tool”. Sbt docker command creates a docker image. Muktaa/hello-scala is a repo on the docker registry where we would save the docker images. Other build toolsl ike maven offer docker integration too. Run the command mvn docker:build to create docker image That’s it! Did I hear using Chef is complex? Esp in this particular case?
  14. That’s how the command execution looks…
  15. We talked about docker registry which woud save docker images. Docker hub provides a hosted docker registry. The links above show 2 different repos on the docker registry. We can setup automated builds in that registry. With git push, this build can be triggered, or the build can be triggered from your CI server using the API call. However this feature is in a crude phase with very less flexibility, it takes a long time for the docker image to build. You can setup the docker registry in your data centre too. It works very similar to the docker hub.
  16. The CD pipeline we saw last was almost like a push model. Almost. Because the changes were pushed into the node by the CI server and not your chef server! The world seems to be going round and round, traversing the same path again and again! Golden images are coming back. Chef too had a reason for the pull model, to keep the server “thin”. But the changing challenges demand that there is a need for a pull model. So chef has introduced push jobs by keeping the server is thin! Chef push jobs is an extension of the Chef server that allows jobs to be run against nodes independently of a chef-client run – that’s how push jobs are defined. A job is a set of commands that need to be run on the target node. From docker perspective the commands are docker pull, stop & run.
  17. As mentioned in the previous slide, push jobs fit in the real “push model”. <Read out the diff>
  18. You need either Enterprise Chef or Chef Server 12. It relies on the ACL system that was open sourced with Chef Sever 12. Also, the install command was introduced with Chef Server 12. Push Jobs does not work with Open Source Chef Server 11.  Can be setup as standalone or as HA Run the commands on your chef server, to set it up to use the push jobs feature.
  19. Install the knife push plugin Push jobs cookbook would be used. So download it from the site or git clone the cookbook. You would have to fetch its dependency cookbooks as well. Update the attributes to add the push jobs package URL and checksum as mentioned. Upload the cookbook to your chef server
  20. Simply run the chef client with the recipe Run the knife node status commands to check the node status. It will just show the status “available” at this stage which confirms that the node is prepared for push events. Create the pushy_job_writers and pushy_job_readers on the organization of the Chef server and add your workstation user to that group.
  21. Knife-ssh won for us. Push jobs need to mature. They are still under development and complex to implement. I believe if people are comparing Ansible with Chef for this feature, it should be compared with knife-ssh! 
  22. We looked at the demo use case, but in actuality the systems are complex
  23. Docker image is made up of the Application and the configuration.
  24. By configuration, we mean the setups needed for the application to run as well as the environment specific configuration. Packages: apache. Softwares: jdk Files: xml Log levels Eg: There is a database that the application reads. This DB is different for the 3 environments. Consider the case where the application reads some reference data. This ref data source and volume varies in all environments. More specifically consider an Akka cluster, which is a group of nodes and few nodes are defined as the SEED nodes. This akka config is different for diff environments
  25. Docker containers that host the application, or components of the application. The workflow is such that the docker containers need to be deployed continuously to diff environments. Dev, pre prod and prod. Each env has a different configuration. Now also consider the case, that initially the docker container runs on DEV. When its performance meets expectations, it needs to be promoted to the pre prod and then to the prod env. Since the environment conf is embedded inside the docker image, any idea how we can promote the docker container from DEV to preprod? Docker containers can run on any machine or VM so the “environment” should not matter, you say? Let me explain further...
  26. Managing Credentials is an unsolved problem with Docker today Hard coding or setting variables is not secure, they are the workarounds. So if in the prev slides you thought you could pass the configuration to the docker containers, then reconsider the approach for passing the credentials in that manner! Well, one can be adamant and find workarounds, which would only get more complex. If you decide to use Chef, this can be managed using databags.
  27. This worked well for us, until we had to keep making changes to the configuration
  28. The docker cookbook is available in chef supermarket Using it, you can install docker, build docker images, commit & push to docker registry, pull image and run container. For the docker image management and deploy, the 3 LWRPs are useful.
  29. Using lwrp docker_image to build and push the image to docker registry
  30. Elegant and working solution
  31. Package that provides config managemet for your containers
  32. chef-client Latest chef-client that runs within the container. runit - RUNit - lightweight cross-platform init scheme to ensure all child processes are properly managed chef-init - root process which can launch and manage multiple processes inside a container . It is custom built by chef. Each OS has an init. docker replaces the init of the OS. chef-init runs as PID1 and delegates managing child processes to runit.
  33. Bootstrap the chef-client without an SSH connection Manage multiple services inside your container Use the knife container plugin to work with Linux containers; use the docker build and docker init arguments to manage Docker image contexts Use chef-client resources the same way in a container as on any UNIX- or Linux-based platform Consistency across architecgures – you don’t need different CM tools for Physical, virtual, or machines on cloud. If you have invested in Chef already which runs for you on a physical machine you leverage the same config on chef container Mixed architecture. You might be using docker for development or test environments. But not in production. If you use chef containers for your dev & test env but physical machines on production, then it is lot easier to manage the config on each, as the config is idempotent if you use Chef for CM.
  34. transitioning trad architecture to containers - all you need is the chef run list, it can run on bare metal, VMs or containers. handling last mile config when container boots - registering an agent you need for monitoring maybe,  or some env specific changes. e.g.: in our DEV env we read some reference data which is a truncated version of the real data while in the test env its a full blown test data. and in prod it is the real data & not the synthetic test data. Using chef containers is not complex. You can define container configuration using chef recipies instead of long bash scripts Chef container can be used to manage docker images. You can set certain services to launch when the container launches using the enable action of the chef resource. When chef-init starts, it can launch chef-client and you can configure which service you want to start using start action of the chef resource.
  35. 1. install knife-container gem knife container is the only command needed to manage the docker lifecycle 2 Knife container docker init creates the docker context which comprises of docker components and chef components To initialize the Docker context, use the init command. The knife container uses a folder called dockerfiles to organize all the Docker contexts that you manage. By default, the dockerfiles folder is created in your chef repo. To initialize the Docker context, type the following command: Pass in your image name (in this example,demo/apache2), a run list, a –zand a –b. The –z is for local mode and the –b says to generate a Berksfile.
  36. { "run_list": [ "recipe[apache2]" ], "container_service": { "apache2": { "command": "/usr/sbin/apache2 -k start" } } } Resolves chef dependencies Build docker image Cleansup chef artifacts
  37. Note step 2: chef-init —bootstrap (this runs the chef-client) step 1: adds the chef dir to /etc/chef step 0: & last tag: only 1 copy of the image, see docker images so we created an image from ubuntu 14.04 and created image, the new image will have same tag but diff image id.
  38. Our product is still under development. It is not yet live. So how easy can you imagine the DevOps work would be?
  39. 6 man years of code. All developed by pure developers, without any Ops or systems idea. We had to start at: how do we run the application?! We had to figure out how to run using SBT – the scala build tool!  And just while we figured out how to run it, the product architecture gets changed. And the process continues. It was not difficult to get the application working as docker. We used the scala build tool to create docker images that ran as docker containers and that ran rather well. But there were a couple of lessons we learnt…
  40. We will be using containers, we are planning to use mesos.