SlideShare uma empresa Scribd logo

Lessons Learned from Running Docker in Production

Nicholas Dille
Nicholas Dille

This document provides lessons learned from running Docker in production. Key lessons include: - Do not use the Docker "latest" tag and instead specify exact versions to ensure repeatability. - Derive Docker images from specific base images and update them regularly to get security fixes. - Plan for processes like supervisors that handle signals and allow containers to exit gracefully. - Use microlabeling to annotate images with metadata about their origin and version. - Parameterize Dockerfiles and configurations to separate configurable values from code.

Tecnologia
1 de 17
Baixar para ler offline
Lessons Learned from Running Docker in Production Nicholas Dille, Docker Captain & CDM MVP
Nicholas Dille Ehemann, Vater, Geek, Autor Microsoft MVP seit 2010 Docker Captain seit 2017 DevOps Engineer @ Haufe-Lexware http://dille.name/blog @NicholasDille
Run Docker Tools Host docker-compose.yml Dockerfile Image Image Container Registry Container Push Pull ImageBuild
Do not use latest Latest is like buying a pig in a poke ubuntu:latest = ubuntu:xenial until new LTS ubuntu:xenial = ubuntu:xenial-20180123 until new monthly patch Latest breaks repeatability Derive from specific version Update regularly, fail early
Do not use latest Dockerfile FROM ubuntu #... Dockerfile FROM nginx #... Dockerfile FROM ubuntu:xenial-20180123 #... Dockerfile FROM nginx:1.12.1 #...
Derive from code Using community images is also like buying a pig in a poke h1kkan/jenkins-docker is has lots of useful stuff Community images may not receive updates Community images may follow undesirable paths Fork Dockerfile and build yourself
Plan for PID 1 Even containerized services want to exit gracefully Only containerized PID 1 received signals Several processed require an init process Choices include supervisor, dumb-init, tini Use exec when starting from scripts Isolate in sidekicks
Plan for PID 1 Dockerfile FROM ubuntu:xenial-20180123 RUN apt update && apt install -y nginx ADD entrypoint.sh / ENTRYPOINT /entrypoint.sh entrypoint.sh #!/bin/bash #... exec nginx -g daemon=off;
Plan for PID 1 Dockerfile FROM ubuntu:xenial-20180123 RUN apt update && apt install -y nginx supervisor ADD nginx.conf /etc/supervisor/conf.d/ ENTRYPOINT supervisord nginx.conf [program:nginx] command=nginx -g daemon=off;
Use microlabeling Mark images with information about origin Easily find corresponding code Use image annotations by the OCI Deprecated: https://label-schema.org
Use microlabeling Dockerfile FROM ubuntu:xenial-20180123 LABEL org.opencontainers.image.created=“2018-01-31T20:00:00Z+01:00“ org.opencontainers.image.authors=“nicholas@dille.name“ org.opencontainers.image.source=“https://github.com/nicholasdille/docker“ org.opencontainers.image.revision=“566a5e0“ org.opencontainers.image.vendor=“Nicholas Dille“ #...
Parameterize Hardcoded values increase maintenance Separate environmental information Use ENV in Dockerfile Use environment in docker-compose.yml
Parameterize Dockerfile FROM ubuntu:xenial-20180123 RUN apt update && apt -y install nginx=1.10.3* Dockerfile FROM ubuntu:xenial-20180123 ENV NGINX_VERSION=1.10.3 RUN apt update && apt -y install nginx=${NGINX_VERSION}*
Parameterize docker-compose.yml version: ‘2.0‘ services: db: image: postgres-${POSTGRES_VERSION} environment: POSTGRES_PASSWORD: ${POSTGRES_ROOT_PASSWORD} web: image: nginx-${NGINX_VERSION}
Readability beats size Myth: More layers reduce access time My own tests prove otherwise Layers improve performance on pull (parallel downloads) One layer per installed tool Separate functionality into chains of images dind  dind-gocd-agent  linux-agent  linux-agent-gocd  linux-agent-jenkins
Tips and tricks Building behind a proxy docker build --build-arg http_proxy --build-arg https_proxy --build-arg no_proxy . Running behind a proxy docker run -it --env http_proxy --env https_proxy --env no_proxy ubuntu:xenial-20180123 Implicit pull on build docker build --pull . Automatic cleanup docker run -it --rm ubuntu:xenial Derive dynamically ARG VERSION=xenial-20180123 FROM ubuntu:${VERSION}
Learn your own lessons Do my lessons apply to you? Automate Do CI/CD Containers are just one option Link to code https://github.com/nicholasdille/Sessions/tree/master/2018-01- 31%20Docker%20%40%20Devsmeetup

Recomendados

Azure Meetup Stuttgart - Multi-arch Docker images
Azure Meetup Stuttgart - Multi-arch Docker imagesAzure Meetup Stuttgart - Multi-arch Docker images
Azure Meetup Stuttgart - Multi-arch Docker imagesStefan Scherer
 
Jenkins X Hands-on - automated CI/CD solution for cloud native applications o...
Jenkins X Hands-on - automated CI/CD solution for cloud native applications o...Jenkins X Hands-on - automated CI/CD solution for cloud native applications o...
Jenkins X Hands-on - automated CI/CD solution for cloud native applications o...Ted Won
 
Introduction to Jenkins X
Introduction to Jenkins XIntroduction to Jenkins X
Introduction to Jenkins XFaithlin Paul
 
Docker 101
Docker 101Docker 101
Docker 101Andy Melichar
 
DockerCon EU 2015: Continuous Integration with Jenkins, Docker and Compose
DockerCon EU 2015: Continuous Integration with Jenkins, Docker and ComposeDockerCon EU 2015: Continuous Integration with Jenkins, Docker and Compose
DockerCon EU 2015: Continuous Integration with Jenkins, Docker and ComposeDocker, Inc.
 
ASP.NET 5 auf Raspberry PI & docker
ASP.NET 5 auf Raspberry PI & dockerASP.NET 5 auf Raspberry PI & docker
ASP.NET 5 auf Raspberry PI & dockerJürgen Gutsch
 
Using Docker for Testing
Using Docker for TestingUsing Docker for Testing
Using Docker for TestingCarlos Sanchez
 
Developer South Coast 2018: Modernizing .NET Apps with Docker
Developer South Coast 2018: Modernizing .NET Apps with DockerDeveloper South Coast 2018: Modernizing .NET Apps with Docker
Developer South Coast 2018: Modernizing .NET Apps with DockerElton Stoneman
 

Recomendados

Azure Meetup Stuttgart - Multi-arch Docker images
Azure Meetup Stuttgart - Multi-arch Docker imagesAzure Meetup Stuttgart - Multi-arch Docker images
Azure Meetup Stuttgart - Multi-arch Docker imagesStefan Scherer
 
Jenkins X Hands-on - automated CI/CD solution for cloud native applications o...
Jenkins X Hands-on - automated CI/CD solution for cloud native applications o...Jenkins X Hands-on - automated CI/CD solution for cloud native applications o...
Jenkins X Hands-on - automated CI/CD solution for cloud native applications o...Ted Won
 
Introduction to Jenkins X
Introduction to Jenkins XIntroduction to Jenkins X
Introduction to Jenkins XFaithlin Paul
 
Docker 101
Docker 101Docker 101
Docker 101Andy Melichar
 
DockerCon EU 2015: Continuous Integration with Jenkins, Docker and Compose
DockerCon EU 2015: Continuous Integration with Jenkins, Docker and ComposeDockerCon EU 2015: Continuous Integration with Jenkins, Docker and Compose
DockerCon EU 2015: Continuous Integration with Jenkins, Docker and ComposeDocker, Inc.
 
ASP.NET 5 auf Raspberry PI & docker
ASP.NET 5 auf Raspberry PI & dockerASP.NET 5 auf Raspberry PI & docker
ASP.NET 5 auf Raspberry PI & dockerJürgen Gutsch
 
Using Docker for Testing
Using Docker for TestingUsing Docker for Testing
Using Docker for TestingCarlos Sanchez
 
Developer South Coast 2018: Modernizing .NET Apps with Docker
Developer South Coast 2018: Modernizing .NET Apps with DockerDeveloper South Coast 2018: Modernizing .NET Apps with Docker
Developer South Coast 2018: Modernizing .NET Apps with DockerElton Stoneman
 
Bauen und Verteilen von Multi-Arch Docker Images für Linux und Windows
Bauen und Verteilen von Multi-Arch Docker Images für Linux und WindowsBauen und Verteilen von Multi-Arch Docker Images für Linux und Windows
Bauen und Verteilen von Multi-Arch Docker Images für Linux und WindowsStefan Scherer
 
Docker on Windows and Linux - Red Shirt Dev Tour
Docker on Windows and Linux - Red Shirt Dev TourDocker on Windows and Linux - Red Shirt Dev Tour
Docker on Windows and Linux - Red Shirt Dev TourElton Stoneman
 
Docker - A container full of Chocolatey
Docker - A container full of ChocolateyDocker - A container full of Chocolatey
Docker - A container full of ChocolateyStefan Scherer
 
CI/CD with Jenkins and Docker - DevOps Meetup Day Thailand
CI/CD with Jenkins and Docker - DevOps Meetup Day ThailandCI/CD with Jenkins and Docker - DevOps Meetup Day Thailand
CI/CD with Jenkins and Docker - DevOps Meetup Day ThailandTroublemaker Khunpech
 
How To Make A Framework Plugin That Does Not Suck
How To Make A Framework Plugin That Does Not SuckHow To Make A Framework Plugin That Does Not Suck
How To Make A Framework Plugin That Does Not SuckMax Andersen
 
Debugging Go in Kubernetes
Debugging Go in KubernetesDebugging Go in Kubernetes
Debugging Go in KubernetesAlexei Ledenev
 
How to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container RegistryHow to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container RegistryDocker, Inc.
 
Google ko: fast Kubernetes microservice development in Go - Sangam Biradar, E...
Google ko: fast Kubernetes microservice development in Go - Sangam Biradar, E...Google ko: fast Kubernetes microservice development in Go - Sangam Biradar, E...
Google ko: fast Kubernetes microservice development in Go - Sangam Biradar, E...sangam biradar
 
Docker Plugin for Heat
Docker Plugin for HeatDocker Plugin for Heat
Docker Plugin for HeatDocker, Inc.
 
Setup a Dev environment that feels like $HOME on Windows 10
Setup a Dev environment that feels like $HOME on Windows 10Setup a Dev environment that feels like $HOME on Windows 10
Setup a Dev environment that feels like $HOME on Windows 10Stefan Scherer
 
Docker Tooling for Eclipse
Docker Tooling for EclipseDocker Tooling for Eclipse
Docker Tooling for EclipseMax Andersen
 
Cloud Native Okteto Cloud
Cloud Native Okteto Cloud Cloud Native Okteto Cloud
Cloud Native Okteto Cloud sangam biradar
 
#dddsw - Modernizing .NET Apps with Docker
#dddsw - Modernizing .NET Apps with Docker#dddsw - Modernizing .NET Apps with Docker
#dddsw - Modernizing .NET Apps with DockerElton Stoneman
 
Neo4j on Azure Step by Step
Neo4j on Azure Step by StepNeo4j on Azure Step by Step
Neo4j on Azure Step by StepNeo4j
 
#SDD2017 - Modernizing .NET Apps with Docker
#SDD2017 - Modernizing .NET Apps with Docker#SDD2017 - Modernizing .NET Apps with Docker
#SDD2017 - Modernizing .NET Apps with DockerElton Stoneman
 
CI/CD Pipeline with Docker
CI/CD Pipeline with DockerCI/CD Pipeline with Docker
CI/CD Pipeline with Dockerkushalsingh007
 
Introduction to dockerfile, SF Peninsula Software Development Meetup @Guidewire
Introduction to dockerfile, SF Peninsula Software Development Meetup @Guidewire Introduction to dockerfile, SF Peninsula Software Development Meetup @Guidewire
Introduction to dockerfile, SF Peninsula Software Development Meetup @Guidewire dotCloud
 
Neo4j 2.0.1 Windows Azure VM Release
Neo4j 2.0.1 Windows Azure VM ReleaseNeo4j 2.0.1 Windows Azure VM Release
Neo4j 2.0.1 Windows Azure VM ReleaseNeo4j
 
Zalenium - SeleniumConf Austin 2017
Zalenium - SeleniumConf Austin 2017Zalenium - SeleniumConf Austin 2017
Zalenium - SeleniumConf Austin 2017Selenium Conference Austin 2017
 
Deploying Windows Containers with Draft, Helm and Kubernetes
Deploying Windows Containers with Draft, Helm and KubernetesDeploying Windows Containers with Draft, Helm and Kubernetes
Deploying Windows Containers with Draft, Helm and KubernetesJessica Deen
 
How to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker BuildHow to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker BuildDocker, Inc.
 
Develop with docker 2014 aug
Develop with docker 2014 augDevelop with docker 2014 aug
Develop with docker 2014 augVincent De Smet
 

Mais conteúdo relacionado

Mais procurados

Bauen und Verteilen von Multi-Arch Docker Images für Linux und Windows
Bauen und Verteilen von Multi-Arch Docker Images für Linux und WindowsBauen und Verteilen von Multi-Arch Docker Images für Linux und Windows
Bauen und Verteilen von Multi-Arch Docker Images für Linux und WindowsStefan Scherer
 
Docker on Windows and Linux - Red Shirt Dev Tour
Docker on Windows and Linux - Red Shirt Dev TourDocker on Windows and Linux - Red Shirt Dev Tour
Docker on Windows and Linux - Red Shirt Dev TourElton Stoneman
 
Docker - A container full of Chocolatey
Docker - A container full of ChocolateyDocker - A container full of Chocolatey
Docker - A container full of ChocolateyStefan Scherer
 
CI/CD with Jenkins and Docker - DevOps Meetup Day Thailand
CI/CD with Jenkins and Docker - DevOps Meetup Day ThailandCI/CD with Jenkins and Docker - DevOps Meetup Day Thailand
CI/CD with Jenkins and Docker - DevOps Meetup Day ThailandTroublemaker Khunpech
 
How To Make A Framework Plugin That Does Not Suck
How To Make A Framework Plugin That Does Not SuckHow To Make A Framework Plugin That Does Not Suck
How To Make A Framework Plugin That Does Not SuckMax Andersen
 
Debugging Go in Kubernetes
Debugging Go in KubernetesDebugging Go in Kubernetes
Debugging Go in KubernetesAlexei Ledenev
 
How to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container RegistryHow to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container RegistryDocker, Inc.
 
Google ko: fast Kubernetes microservice development in Go - Sangam Biradar, E...
Google ko: fast Kubernetes microservice development in Go - Sangam Biradar, E...Google ko: fast Kubernetes microservice development in Go - Sangam Biradar, E...
Google ko: fast Kubernetes microservice development in Go - Sangam Biradar, E...sangam biradar
 
Docker Plugin for Heat
Docker Plugin for HeatDocker Plugin for Heat
Docker Plugin for HeatDocker, Inc.
 
Setup a Dev environment that feels like $HOME on Windows 10
Setup a Dev environment that feels like $HOME on Windows 10Setup a Dev environment that feels like $HOME on Windows 10
Setup a Dev environment that feels like $HOME on Windows 10Stefan Scherer
 
Docker Tooling for Eclipse
Docker Tooling for EclipseDocker Tooling for Eclipse
Docker Tooling for EclipseMax Andersen
 
Cloud Native Okteto Cloud
Cloud Native Okteto Cloud Cloud Native Okteto Cloud
Cloud Native Okteto Cloud sangam biradar
 
#dddsw - Modernizing .NET Apps with Docker
#dddsw - Modernizing .NET Apps with Docker#dddsw - Modernizing .NET Apps with Docker
#dddsw - Modernizing .NET Apps with DockerElton Stoneman
 
Neo4j on Azure Step by Step
Neo4j on Azure Step by StepNeo4j on Azure Step by Step
Neo4j on Azure Step by StepNeo4j
 
#SDD2017 - Modernizing .NET Apps with Docker
#SDD2017 - Modernizing .NET Apps with Docker#SDD2017 - Modernizing .NET Apps with Docker
#SDD2017 - Modernizing .NET Apps with DockerElton Stoneman
 
CI/CD Pipeline with Docker
CI/CD Pipeline with DockerCI/CD Pipeline with Docker
CI/CD Pipeline with Dockerkushalsingh007
 
Introduction to dockerfile, SF Peninsula Software Development Meetup @Guidewire
Introduction to dockerfile, SF Peninsula Software Development Meetup @Guidewire Introduction to dockerfile, SF Peninsula Software Development Meetup @Guidewire
Introduction to dockerfile, SF Peninsula Software Development Meetup @Guidewire dotCloud
 
Neo4j 2.0.1 Windows Azure VM Release
Neo4j 2.0.1 Windows Azure VM ReleaseNeo4j 2.0.1 Windows Azure VM Release
Neo4j 2.0.1 Windows Azure VM ReleaseNeo4j
 
Deploying Windows Containers with Draft, Helm and Kubernetes
Deploying Windows Containers with Draft, Helm and KubernetesDeploying Windows Containers with Draft, Helm and Kubernetes
Deploying Windows Containers with Draft, Helm and KubernetesJessica Deen
 

Mais procurados (20)

Bauen und Verteilen von Multi-Arch Docker Images für Linux und Windows
Bauen und Verteilen von Multi-Arch Docker Images für Linux und WindowsBauen und Verteilen von Multi-Arch Docker Images für Linux und Windows
Bauen und Verteilen von Multi-Arch Docker Images für Linux und Windows
 
Docker on Windows and Linux - Red Shirt Dev Tour
Docker on Windows and Linux - Red Shirt Dev TourDocker on Windows and Linux - Red Shirt Dev Tour
Docker on Windows and Linux - Red Shirt Dev Tour
 
Docker - A container full of Chocolatey
Docker - A container full of ChocolateyDocker - A container full of Chocolatey
Docker - A container full of Chocolatey
 
CI/CD with Jenkins and Docker - DevOps Meetup Day Thailand
CI/CD with Jenkins and Docker - DevOps Meetup Day ThailandCI/CD with Jenkins and Docker - DevOps Meetup Day Thailand
CI/CD with Jenkins and Docker - DevOps Meetup Day Thailand
 
How To Make A Framework Plugin That Does Not Suck
How To Make A Framework Plugin That Does Not SuckHow To Make A Framework Plugin That Does Not Suck
How To Make A Framework Plugin That Does Not Suck
 
Debugging Go in Kubernetes
Debugging Go in KubernetesDebugging Go in Kubernetes
Debugging Go in Kubernetes
 
How to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container RegistryHow to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container Registry
 
Google ko: fast Kubernetes microservice development in Go - Sangam Biradar, E...
Google ko: fast Kubernetes microservice development in Go - Sangam Biradar, E...Google ko: fast Kubernetes microservice development in Go - Sangam Biradar, E...
Google ko: fast Kubernetes microservice development in Go - Sangam Biradar, E...
 
Docker Plugin for Heat
Docker Plugin for HeatDocker Plugin for Heat
Docker Plugin for Heat
 
Setup a Dev environment that feels like $HOME on Windows 10
Setup a Dev environment that feels like $HOME on Windows 10Setup a Dev environment that feels like $HOME on Windows 10
Setup a Dev environment that feels like $HOME on Windows 10
 
Docker Tooling for Eclipse
Docker Tooling for EclipseDocker Tooling for Eclipse
Docker Tooling for Eclipse
 
Cloud Native Okteto Cloud
Cloud Native Okteto Cloud Cloud Native Okteto Cloud
Cloud Native Okteto Cloud
 
#dddsw - Modernizing .NET Apps with Docker
#dddsw - Modernizing .NET Apps with Docker#dddsw - Modernizing .NET Apps with Docker
#dddsw - Modernizing .NET Apps with Docker
 
Neo4j on Azure Step by Step
Neo4j on Azure Step by StepNeo4j on Azure Step by Step
Neo4j on Azure Step by Step
 
#SDD2017 - Modernizing .NET Apps with Docker
#SDD2017 - Modernizing .NET Apps with Docker#SDD2017 - Modernizing .NET Apps with Docker
#SDD2017 - Modernizing .NET Apps with Docker
 
CI/CD Pipeline with Docker
CI/CD Pipeline with DockerCI/CD Pipeline with Docker
CI/CD Pipeline with Docker
 
Introduction to dockerfile, SF Peninsula Software Development Meetup @Guidewire
Introduction to dockerfile, SF Peninsula Software Development Meetup @Guidewire Introduction to dockerfile, SF Peninsula Software Development Meetup @Guidewire
Introduction to dockerfile, SF Peninsula Software Development Meetup @Guidewire
 
Neo4j 2.0.1 Windows Azure VM Release
Neo4j 2.0.1 Windows Azure VM ReleaseNeo4j 2.0.1 Windows Azure VM Release
Neo4j 2.0.1 Windows Azure VM Release
 
Zalenium - SeleniumConf Austin 2017
Zalenium - SeleniumConf Austin 2017Zalenium - SeleniumConf Austin 2017
Zalenium - SeleniumConf Austin 2017
 
Deploying Windows Containers with Draft, Helm and Kubernetes
Deploying Windows Containers with Draft, Helm and KubernetesDeploying Windows Containers with Draft, Helm and Kubernetes
Deploying Windows Containers with Draft, Helm and Kubernetes
 

Semelhante a Lessons Learned from Running Docker in Production

How to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker BuildHow to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker BuildDocker, Inc.
 
Develop with docker 2014 aug
Develop with docker 2014 augDevelop with docker 2014 aug
Develop with docker 2014 augVincent De Smet
 
2015 DockerCon Using Docker in production at bity.com
2015 DockerCon Using Docker in production at bity.com2015 DockerCon Using Docker in production at bity.com
2015 DockerCon Using Docker in production at bity.comMathieu Buffenoir
 
DCSF 19 Building Your Development Pipeline
DCSF 19 Building Your Development Pipeline DCSF 19 Building Your Development Pipeline
DCSF 19 Building Your Development Pipeline Docker, Inc.
 
IBM Index 2018 Conference Workshop: Modernizing Traditional Java App's with D...
IBM Index 2018 Conference Workshop: Modernizing Traditional Java App's with D...IBM Index 2018 Conference Workshop: Modernizing Traditional Java App's with D...
IBM Index 2018 Conference Workshop: Modernizing Traditional Java App's with D...Eric Smalling
 
PuppetConf 2017: What’s in the Box?!- Leveraging Puppet Enterprise & Docker- ...
PuppetConf 2017: What’s in the Box?!- Leveraging Puppet Enterprise & Docker- ...PuppetConf 2017: What’s in the Box?!- Leveraging Puppet Enterprise & Docker- ...
PuppetConf 2017: What’s in the Box?!- Leveraging Puppet Enterprise & Docker- ...Puppet
 
DockerCon EU 2015: Trading Bitcoin with Docker
DockerCon EU 2015: Trading Bitcoin with DockerDockerCon EU 2015: Trading Bitcoin with Docker
DockerCon EU 2015: Trading Bitcoin with DockerDocker, Inc.
 
[@NaukriEngineering] Docker 101
[@NaukriEngineering] Docker 101[@NaukriEngineering] Docker 101
[@NaukriEngineering] Docker 101Naukri.com
 
Docker - What it is and how to get started?
Docker - What it is and how to get started?Docker - What it is and how to get started?
Docker - What it is and how to get started?Niko Virtala
 
Using docker to develop NAS applications
Using docker to develop NAS applicationsUsing docker to develop NAS applications
Using docker to develop NAS applicationsTerry Chen
 
Docker primer and tips
Docker primer and tipsDocker primer and tips
Docker primer and tipsSamuel Chow
 
Cloud native buildpacks-cncf
Cloud native buildpacks-cncfCloud native buildpacks-cncf
Cloud native buildpacks-cncfSuman Chakraborty
 
Docker in everyday development
Docker in everyday developmentDocker in everyday development
Docker in everyday developmentJustyna Ilczuk
 
SDLC Using Docker for Fun and Profit
SDLC Using Docker for Fun and ProfitSDLC Using Docker for Fun and Profit
SDLC Using Docker for Fun and Profitdantheelder
 
Mihai Criveti - PyCon Ireland - Automate Everything
Mihai Criveti - PyCon Ireland - Automate EverythingMihai Criveti - PyCon Ireland - Automate Everything
Mihai Criveti - PyCon Ireland - Automate EverythingMihai Criveti
 
Docker for .NET Developers - Michele Leroux Bustamante, Solliance
Docker for .NET Developers - Michele Leroux Bustamante, SollianceDocker for .NET Developers - Michele Leroux Bustamante, Solliance
Docker for .NET Developers - Michele Leroux Bustamante, SollianceDocker, Inc.
 
Deliver Python Apps with Docker
Deliver Python Apps with DockerDeliver Python Apps with Docker
Deliver Python Apps with DockerAnton Egorov
 
Dockerizing Ruby Applications - The Best Practices
Dockerizing Ruby Applications - The Best PracticesDockerizing Ruby Applications - The Best Practices
Dockerizing Ruby Applications - The Best PracticesKontena, Inc.
 

Semelhante a Lessons Learned from Running Docker in Production (20)

How to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker BuildHow to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker Build
 
Develop with docker 2014 aug
Develop with docker 2014 augDevelop with docker 2014 aug
Develop with docker 2014 aug
 
2015 DockerCon Using Docker in production at bity.com
2015 DockerCon Using Docker in production at bity.com2015 DockerCon Using Docker in production at bity.com
2015 DockerCon Using Docker in production at bity.com
 
DCSF 19 Building Your Development Pipeline
DCSF 19 Building Your Development Pipeline DCSF 19 Building Your Development Pipeline
DCSF 19 Building Your Development Pipeline
 
IBM Index 2018 Conference Workshop: Modernizing Traditional Java App's with D...
IBM Index 2018 Conference Workshop: Modernizing Traditional Java App's with D...IBM Index 2018 Conference Workshop: Modernizing Traditional Java App's with D...
IBM Index 2018 Conference Workshop: Modernizing Traditional Java App's with D...
 
PuppetConf 2017: What’s in the Box?!- Leveraging Puppet Enterprise & Docker- ...
PuppetConf 2017: What’s in the Box?!- Leveraging Puppet Enterprise & Docker- ...PuppetConf 2017: What’s in the Box?!- Leveraging Puppet Enterprise & Docker- ...
PuppetConf 2017: What’s in the Box?!- Leveraging Puppet Enterprise & Docker- ...
 
Learning Docker with Thomas
Learning Docker with ThomasLearning Docker with Thomas
Learning Docker with Thomas
 
DockerCon EU 2015: Trading Bitcoin with Docker
DockerCon EU 2015: Trading Bitcoin with DockerDockerCon EU 2015: Trading Bitcoin with Docker
DockerCon EU 2015: Trading Bitcoin with Docker
 
[@NaukriEngineering] Docker 101
[@NaukriEngineering] Docker 101[@NaukriEngineering] Docker 101
[@NaukriEngineering] Docker 101
 
Docker - What it is and how to get started?
Docker - What it is and how to get started?Docker - What it is and how to get started?
Docker - What it is and how to get started?
 
Using docker to develop NAS applications
Using docker to develop NAS applicationsUsing docker to develop NAS applications
Using docker to develop NAS applications
 
Docker primer and tips
Docker primer and tipsDocker primer and tips
Docker primer and tips
 
Cloud native buildpacks-cncf
Cloud native buildpacks-cncfCloud native buildpacks-cncf
Cloud native buildpacks-cncf
 
Docker in everyday development
Docker in everyday developmentDocker in everyday development
Docker in everyday development
 
SDLC Using Docker for Fun and Profit
SDLC Using Docker for Fun and ProfitSDLC Using Docker for Fun and Profit
SDLC Using Docker for Fun and Profit
 
Mihai Criveti - PyCon Ireland - Automate Everything
Mihai Criveti - PyCon Ireland - Automate EverythingMihai Criveti - PyCon Ireland - Automate Everything
Mihai Criveti - PyCon Ireland - Automate Everything
 
Docker for .NET Developers - Michele Leroux Bustamante, Solliance
Docker for .NET Developers - Michele Leroux Bustamante, SollianceDocker for .NET Developers - Michele Leroux Bustamante, Solliance
Docker for .NET Developers - Michele Leroux Bustamante, Solliance
 
Deliver Python Apps with Docker
Deliver Python Apps with DockerDeliver Python Apps with Docker
Deliver Python Apps with Docker
 
Docker e git lab
Docker e git labDocker e git lab
Docker e git lab
 
Dockerizing Ruby Applications - The Best Practices
Dockerizing Ruby Applications - The Best PracticesDockerizing Ruby Applications - The Best Practices
Dockerizing Ruby Applications - The Best Practices
 

Último

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 

Último (20)

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 

Lessons Learned from Running Docker in Production

  • 1. Lessons Learned from Running Docker in Production Nicholas Dille, Docker Captain & CDM MVP
  • 2. Nicholas Dille Ehemann, Vater, Geek, Autor Microsoft MVP seit 2010 Docker Captain seit 2017 DevOps Engineer @ Haufe-Lexware http://dille.name/blog @NicholasDille
  • 3. Run Docker Tools Host docker-compose.yml Dockerfile Image Image Container Registry Container Push Pull ImageBuild
  • 4. Do not use latest Latest is like buying a pig in a poke ubuntu:latest = ubuntu:xenial until new LTS ubuntu:xenial = ubuntu:xenial-20180123 until new monthly patch Latest breaks repeatability Derive from specific version Update regularly, fail early
  • 5. Do not use latest Dockerfile FROM ubuntu #... Dockerfile FROM nginx #... Dockerfile FROM ubuntu:xenial-20180123 #... Dockerfile FROM nginx:1.12.1 #...
  • 6. Derive from code Using community images is also like buying a pig in a poke h1kkan/jenkins-docker is has lots of useful stuff Community images may not receive updates Community images may follow undesirable paths Fork Dockerfile and build yourself
  • 7. Plan for PID 1 Even containerized services want to exit gracefully Only containerized PID 1 received signals Several processed require an init process Choices include supervisor, dumb-init, tini Use exec when starting from scripts Isolate in sidekicks
  • 8. Plan for PID 1 Dockerfile FROM ubuntu:xenial-20180123 RUN apt update && apt install -y nginx ADD entrypoint.sh / ENTRYPOINT /entrypoint.sh entrypoint.sh #!/bin/bash #... exec nginx -g daemon=off;
  • 9. Plan for PID 1 Dockerfile FROM ubuntu:xenial-20180123 RUN apt update && apt install -y nginx supervisor ADD nginx.conf /etc/supervisor/conf.d/ ENTRYPOINT supervisord nginx.conf [program:nginx] command=nginx -g daemon=off;
  • 10. Use microlabeling Mark images with information about origin Easily find corresponding code Use image annotations by the OCI Deprecated: https://label-schema.org
  • 11. Use microlabeling Dockerfile FROM ubuntu:xenial-20180123 LABEL org.opencontainers.image.created=“2018-01-31T20:00:00Z+01:00“ org.opencontainers.image.authors=“nicholas@dille.name“ org.opencontainers.image.source=“https://github.com/nicholasdille/docker“ org.opencontainers.image.revision=“566a5e0“ org.opencontainers.image.vendor=“Nicholas Dille“ #...
  • 12. Parameterize Hardcoded values increase maintenance Separate environmental information Use ENV in Dockerfile Use environment in docker-compose.yml
  • 13. Parameterize Dockerfile FROM ubuntu:xenial-20180123 RUN apt update && apt -y install nginx=1.10.3* Dockerfile FROM ubuntu:xenial-20180123 ENV NGINX_VERSION=1.10.3 RUN apt update && apt -y install nginx=${NGINX_VERSION}*
  • 15. Readability beats size Myth: More layers reduce access time My own tests prove otherwise Layers improve performance on pull (parallel downloads) One layer per installed tool Separate functionality into chains of images dind  dind-gocd-agent  linux-agent  linux-agent-gocd  linux-agent-jenkins
  • 16. Tips and tricks Building behind a proxy docker build --build-arg http_proxy --build-arg https_proxy --build-arg no_proxy . Running behind a proxy docker run -it --env http_proxy --env https_proxy --env no_proxy ubuntu:xenial-20180123 Implicit pull on build docker build --pull . Automatic cleanup docker run -it --rm ubuntu:xenial Derive dynamically ARG VERSION=xenial-20180123 FROM ubuntu:${VERSION}
  • 17. Learn your own lessons Do my lessons apply to you? Automate Do CI/CD Containers are just one option Link to code https://github.com/nicholasdille/Sessions/tree/master/2018-01- 31%20Docker%20%40%20Devsmeetup