2. • Daniele Vistalli
• This year I’m 42, perfect number for achieving objectives.
• Geek & entrepreneur.
• Founder of Factor-y S.r.l. / HCL Partner & Cloud Hosting MSP
• Domino Admin & Developer since 1999
• Software architect with Domino, JavaEE, HCL DX skills
• Technology geek and early adopter
• Founder of Dxers community for Devs and Admins of HCL Digital Experience (once known as WebSphere Portal & WCM) (www.dxers.ug)
• I performed the first ever Domino on Docker presentation at IBM Connect in 2016 (5 years ago, even before IBM or HCL considered it)
• HCL Digital Solutions Ambassador 2020, 2021
https://www.linkedin.com/in/dvistalli/
About me
4. • Containers ARE NOT:
• Virtual Machines
• Containers ARE:
• Linux processes, yes, whatever Linux process can ideally become a container
• Run in a specific way (available in the linux kernel for a long time) under the
control of Linux’ Cgroups
• Using the “host’s” Kernel and Devices
• With access to a virtual filesystem that’s defined by the container image with
the addition of mounted “volumes”
• With access to networking trough abstractions and controls defined by the
container runtime
Linux Containers – What’s this stuff really ?
5. 1. An image is «just» a tar file containing layers (as tar files)
2. A layer is a directory containing a set of files
3. When a container is run all the layers of an image are expanded in sequence
to rebuild the filesystem needed by the process to run.
• You could expect this to take a lot of disk space… Wrong
• Container technology allows to optimize. 1000 containers using the same image
take up the image space just once.
• What changes per container is the “data” stored in “volumes”
• You can think of images as a way of de-duplicating binaries and base data that
a process need
Container Images – What are those really ?
6. Is Domino a “Cloud Native” Technology ?
Cloud native technologies empower organizations to build and run scalable applications in modern, dynamic
environments such as public, private, and hybrid clouds. Containers, service meshes, microservices, immutable
infrastructure, and declarative APIs exemplify this approach.
These techniques enable loosely coupled systems that are resilient, manageable, and observable. Combined
with robust automation, they allow engineers to make high-impact changes frequently and predictably with
minimal toil.
https://github.com/cncf/foundation/blob/master/charter.md
Cloud Native – Definition / Is Domino Cloud-Native ?
7. • Think about automated testing
• Start a clean server everytime and test your software or automate
it with scripting
• Create «acceptance» environment in seconds
• Keep an archive of images for every software/release to perform
back-version debugging/testing (time machine for domino ???)
• Think about saving time
• Use a standard image your admin built for you, just fire it up
Where containers can help your life with domino as Developers
8. Just a few reasons for Admins
• Make deployment of linux servers a breeze
• Create and control images for developers to define standard
configurations and lean towards «immutable» images
• Create images to ship & deploy your product with high density
(cloud native… )
• New HCL licensing helps with this !!! (No more server count)
• Manage upgrades just by starting the container with a new image and the
«current» NotesData
• Consolidate multiple servers on a single powerful machine but
maintain complete isolation (domino partitioning reloaded)
Where containers can help your life with domino as Administrators
10. • HCL’s official Domino container image
• Responds to business and formal requirements for support on
OpenShift’s platform
• Based on RedHat UBI8 Image
• Community driven Domino/Traveler/Volt image
• Responds to broader, less formal needs
• Richer choice of base platform/images
• Easier to extend
• Built for extensibility
Two main and PUBLIC options exist
11. HCL Image Community image
How do I get it ? Download from Flexnet, then load to
your docker environment
You build it from standard domino
installers.
Can I find on a public registry ? No public distribution option, license
restricts it
No public distribution option, license
restricts it
What’s the base container image of
this ?
RedHat Universal Base Image (UBI) 8 You pick, supports: Centos 7, 8, RH UBI
8, Suse Leap, Alma Linux, Oracle
Enterprise Linux, VMWare photon.
Can also EXTEND the official image.
Can run in OpenShift ? Yes, RedHat mandates UBI8 or RHEL
based image to provide linux support
Yes, RedHat mandates UBI8 or RHEL
based image to provide linux support.
You must build using UBI or RHEL base
image
Can I add linux packages ? Yes, limited options due to UBI 8
reduced packages set. Can unlock if
you are RedHat customer as you get
access to RHEL packages. Mandates
support contract
Yes, depends on the base image you
pick. You can derive your own image
and install all the packages you need
Is Dockerfile available / documented No, HCL internal Yes, fully documented Git Repository
Face to face: Vendor And Community – 1 of 3
12. HCL Image Community image
Which HCL products are available as
container images
Domino V11 (FP1 only)
Domino V12
Domino 10.0.1 / FP3 / FP4
Domino 11.0.1 / FP2 / FP3
Domino 12.0.0
Traveler 10.0.1 & 10.0.2
Traveler 11.0.1, 11.0.1FP1 & 11.0.2
Traveler 12.0.0
Volt 1.0.2.9 & 1.0.3.18
HCL Support statement Official support is pretty limited:
https://help.hcltechsw.com/domino/1
2.0.0/admin/inst_dock_domino_overvi
ew.html
Officially this image does not exists.
The problem needs to be
reproducible in a non-container
environment.
Supported container platforms Docker
Podman (since V12)
Docker, Podman, Containerd
Not «support»: We know it works
Supported «host» Linux RHEL 7.4+, 8
Centos 7.4+, 8
Almost every linux distribution that has
a kernel compatible with Domino
How many server per hosts ? As many as you can fit. Network
configuration is on you. (covered
later)
As many as you can fit. Network
configuration is on you. (covered
later)
Face to face: Vendor And Community – 2 of 3
13. HCL Image Community image
What’s the image size 1.56 Gb 1,78 Gb
Domino server setup experience &
lifecycle
Multiple runs requried with different
parameters.
1. Server setup
2. Server run
3. Server upgrade
All require different parameters and
manual execution.
https://help.hcltechsw.com/domino/1
2.0.0/admin/inst_dock_domino_overvi
ew.html
Automated. The container detects
the current status (NOTES.INI /
Notesdata is cheked) and:
1. Can start V12 autoconfig or V11
silent setup if context is passed
2. Can fallback to start in setup listen
mode if server not configured
3. Can upgrade notesdata / other
products if current image is newer
than “filesystem / notesdata”
4. Can just start the server if
everything is already set
Face to face: Vendor And Community – 3 of 3
15. Docker compose, you need to know it
• Is an addon to docker
• Uses yaml files to define a composition:
• A set of containers to be built and run in a specific way
• Removes the need for complex command lines
• It is easy to undestand
• It is easy to version and store in a code repository (Infrastructure as code)
Installation:
https://docs.docker.com/compose/install/
You can get full reference here:
https://docs.docker.com/compose/compose-file/
Introducing docker compose
16. Item / command What it is ?
docker-compose.yaml The default name of the file defining the composition. By
default we look in the current directory
docker-compose [-f xyz.yml] up Starts «services» defined in the composition in
foreground (useful at time for debugging)
docker-compose [-f xyz.yml] up –d Starts the composition but daemonize it.
Perfect to have services running in background
docker-compose [-f xyz.yml] logs [<servicename>] [-f] Attaches to container output and show logs, eventually
following (as in tail)
docker-compose [-f xyz.yml] ps Lists status of services and port binding in the
composition
docker-compose [-f xyz.yml] down Shuts down the composition, containers and network
bindings
docker-compose [-f xyz.yml] exec <service> <command> Starts a shell inside the container using <command>
Docker-compose cheat sheet
17. Let’s start with a simple composition:
1. Create a volume for our server
2. Start the server and auto-configure
3. Fetch admin.id and copy to local
4. Connect to the server using Notes’ client
5. Activate some service
Building and running my personal dev server (basic)
19. In this demo we use the new AutoSetup feature instead of
variables.
What’s good for:
• Store your dev server configuration in git
• Fine tune settings
• Quickly reset your server
Building and running my personal dev server (advanced)
21. In this demo we use the new AutoSetup feature instead of
variables but we create a custom image adding a few
tools
What’s good for:
• Add tools you need to run from your apps
• Standarize installation as immutable config
• Add packaged extension
Building and running my CUSTOM dev server (custom images)
24. Preparation:
• A server host (Linux) with multiple IP addresses
• Docker & Docker Compose
• Systemd
• Domino image loaded into docker
Setting up networking
25. Let’s evolve our docker composition:
• Same as before
• We talk about Docker networking
• We set a fixed IP for our container
• Bind container ports to a specific IP, not 0.0.0.0
Recipe 4 - Running a docker compose with fixed ip
26. • Let’s evolve our docker composition:
• Now with 3 servers defined
• Ad-hoc dedicated IPS
• Network reachable
• Different images
Recipe 5 – Multiple servers as docker services on a single host
27. Add Systemd units to control services:
• Start/stop
• Autostart
• Journal log
Recipe 6 – Integrate with OS using systemd
28. Domino in kubernetes, more
perspectives
Sharing lessons learned running domino production
workloads in containers on an orchestrated infrastructure
29. (Local) Docker is good for a small number of hosts and containers.
• It simplifies updates, configuration, testing.
• It is not an orchestration platform.
• Docker is «easy» to adopt for the small, medium, average, large company
Kubernetes:
• Is an orchestator for running containers
• Storage is managed on a different level (storage classes and provisioners)
• Networking is managed on a different level (overlays, POD Network and Service Network)
• Powerful but requires serious study to understand and manage
• Domino is a «stateful» service with lots of data
• You need to ensure your storage management can serve domino with good IO
• Domino loves DNS resolution, Kubernetes controls it:
• Some hacks needed to translate hostnames into domino resolvable names
• Beware… Ips are dynamicaly assigned by the orchestrator, stuff can change at every restart
• Domino uses NRPC and it’s not a routable protocol (no SNI / Proxies)
• Kubernetes assigns IP in the Cluster Network
• Reaching your domino pod in the cluster might require additional work
From Docker to Kubernetes – Lessons learned
30. Description Idea
Make NRPC a «routable» protocol. Allow 1 IP
to be front-end to a number of real domino
server even on NRPC
https://domino-
ideas.hcltechsw.com/ideas/DOMINO-I-1044
Create a prometheus compliant exporter for
domino stats to allow statistics to be
captured and graphed the cloud-native way
https://domino-
ideas.hcltechsw.com/ideas/DOMINO-I-1255
Improvements worth supporting
33. This session’s material
You can find all the scripts / demos of the session at:
https://github.com/DanieleVistalli/dominocamp2021-dominodocker
34. Daniel Nashed’s Blog https://blog.nashcom.de/
Thomas Hamepl’s Blog https://blog.thomashampel.com/
Domino-Docker git repository https://github.com/IBM/domino-docker/
Shipping Domino, my original
presentation with Matteo Bisi
https://www.slideshare.net/mbisi/connect2016-1172-
shipping-domino
Precious resources