ocker is quickly becoming an invaluable development and deployment tool for many organizations. Come and spend the day learning about what Docker is and how to use it. Discover how to integrate it into your workflow and build an environment that works for you and your team. This hands-on training will give you the kick-start needed to begin using Docker effectively.
4. php[tek] 2017
What Is Docker?
âDocker is an open platform for developers and sysadmins to build,
ship, and run distributed applications. Consisting of Docker Engine, a
portable, lightweight runtime and packaging tool, and Docker Hub, a
cloud service for sharing applications and automating workflows,
Docker enables apps to be quickly assembled from components and
eliminates the friction between development, QA, and production
environments.â
4
https://www.docker.com/whatisdocker/
6. php[tek] 2017
Normal Bare-Metal Server
6
CPU RAM HD Network
Operating System
nginx PHP DB
CPU RAM I/O
0
5
10
15
20
25
% Resources
7. php[tek] 2017
Normal Bare-Metal Server
7
CPU RAM HD Network
Operating System
nginx PHP DB
CPU RAM I/O
0
5
10
15
20
25
30
35
App Resources
% Resources
8. php[tek] 2017
Virtual Machines
8
CPU RAM HD Network
Operating System
nginx PHP DB
Operating System
nginx PHP DB
Operating System
Hypervisor
CPU RAM I/O
0
10
20
30
40
50
60
70
App Resources
% Resources
9. php[tek] 2017
Containers
9
CPU RAM HD Network
Operating System
nginxnginx PHP DB PHP DB
CPU RAM I/O
0
5
10
15
20
25
30
35
40
45
App Resources
% Resources
19. php[tek] 2017
Running a container
⢠`docker run` will run a container
⢠This will not restart an existing container, just create a new one
⢠docker run [options] IMAGE [command] [arguments]
⢠[options ]modify the docker process for this container
⢠IMAGE is the image to use
⢠[command] is the command to run inside the container
⢠[arguments] are arguments for the command
19
32. php[tek] 2017
Some Notes
⢠All three containers are 100% self contained
⢠Docker containers share common ancestors, but keep their own files
⢠`docker run` parameters:
⢠--rm â Destroy a container once it exits
⢠-d â Run in the background (daemon mode)
⢠-i â Run in interactive mode
⢠--name â Give the container a name
⢠-p [local port]:[container port] â Forward the local port to the container port
32
34. php[tek] 2017
Modifying a running container
⢠`docker exec` can run a command inside of an existing container
⢠Use Volumes to share data
34
35. php[tek] 2017
Persistent Data with Volumes
⢠You can designate a volume with âv
⢠Create a named volume with `volume create`
⢠Volumes can be shared amongst containers
⢠Volumes can mount data from the host system
35
41. php[tek] 2017
Mounting from the host isnât perfect
⢠The container now has a window into your host machine
⢠Permissions can get screwy if you are modifying in the container
⢠Most things it creates will be root by default, and you probably arenât root on
the host machine
⢠Host-mounted volumes are not portable at all
⢠OSX and Hyper-V VMs have limited pathings to mount
⢠OSX has poor I/O performance
41
42. php[tek] 2017
Named Data Volumes
⢠Creates a space that becomes persistent
⢠Can be mounted anywhere inside your images
⢠Have our app containers use the data volume to store data
⢠Use âeditor containersâ to go in and modify data when needed
42
43. php[tek] 2017
vim Tutorial
⢠vim is a Modal text editor
⢠ESC will drop you back to default mode
⢠:new /opt/webconfig/default to create a new file
⢠In default mode, i will get us into interactive (edit) mode
⢠:w to save a file
⢠:q will quit
43
50. php[tek] 2017
Why go through the hassle?
⢠Data volumes are portable, depending on the driver
⢠Data volumes are safer
⢠Separates the app containers from data
⢠Production can use a data volume, dev can use a host volume
⢠Our app containers stay small
⢠Works directly with other tools
50
52. php[tek] 2017
Networking
⢠Docker can create multiple network âpoolsâ
⢠Each container gets an IP address
⢠Containers can be attached to multiple networks
⢠Docker network allow service discovery inside networks
52
53. php[tek] 2017
Legacy - Docker Links
⢠Legacy Links work with `--link`
⢠Only works on the legacy âbridgeâ network
⢠Doesnât support service discovery
⢠Not worth it to use anymore
53
54. php[tek] 2017
Docker Networks
⢠Discreet IP pool for containers
⢠Containers can be added and removed to the network at whim
⢠Service discovery though â--network-aliasâ
⢠Can be set up to work across hosts
54
61. php[tek] 2017
Inspect a container
docker inspect [options] CONTAINER_NAME
⢠Returns a JSON string with data about the container
⢠Can also query
⢠docker inspect -f â{{ .NetworkSettings.IPAddress }}â web_server
⢠Really handy for scripting out things like reverse proxies
61
62. php[tek] 2017
Work with images
⢠docker pull IMAGE â Pulls down an image before using
⢠docker images â Lists all the images that are downloaded
⢠docker rmi IMAGE â Deletes an image if itâs not being used
62
70. php[tek] 2017
Dockerfile
⢠Dockerfile is the configuration steps for an image
⢠Can be created from scratch, or based on another image
⢠Allows you to add files, create default volumes, ports, etc
⢠Can be used privately or pushed to Docker Hub
70
72. php[tek] 2017
Build it
docker build -t tag_name ./
⢠This runs through the Dockerfile and generates the image
⢠We can now use the tag name to run the image
72
87. php[tek] 2017
What is Docker Compose?
⢠Multi-container orchestration
⢠A single config file holds all of your container info
⢠Works with Docker Swarm and a few other tools, like Rancher
87
106. What is Docker Machine?
⢠A provisioning tool that is used to set up a box with Docker
⢠Used in Docker Toolbox to create the VM
⢠Supports:
⢠EC2
⢠Azure
⢠Digital Ocean
⢠Hyper-V
⢠OpenStack
⢠Virtualbox
⢠VMWare
php[tek] 2017 106
107. Why use it?
⢠Makes it very easy to spin up new boxes
⢠Docker Machine handles all of the dirty stuff for you
⢠Docker Toolbox users are already using it
⢠Integrates with Docker Swarm
⢠It is not necessarily portable
php[tek] 2017 107
118. Configuration
⢠Anything that is environment specific should move to environment
vars
⢠Makes it much easier to build and deploy code
⢠Code cares less what external services it is talking to
php[tek] 2017 118
119. Use Environment Vars
⢠Can specify them one-by-one
â docker run Âe VAR_NAME=value
⢠Can specify a file
â docker run ÂÂenvÂfile=filename
⢠Can specify in docker-compose.yml
php[tek] 2017 119
121. Everything is âexternalâ
⢠Never talk to local sockets
⢠Donât make a determination between âlocallyâ hosted and third party
⢠Easier to switch environments
⢠Easier to scale up
php[tek] 2017 121
122. 5. Build, release, run
Strictly separate build and run stages
php[tek] 2017 122
123. The Workflow
⢠Build step installs dependencies, compiles files, and generates a Build
Artifact that can be deployed
â Does not contain any deployment configuration
⢠Release step pushes a Build Artifact into an environment
â Runs DB migrations, anything needed to happen before running
⢠Run step runs the app fully in the environment
php[tek] 2017 123
124. Tips
⢠Build Artifact can be an image
⢠Builds should be completely reproducible
⢠Release always take a build artifact, never directly from the repo
⢠Tag all your builds
⢠Track all your releases
php[tek] 2017 124
125. Build Step - Start Small
⢠Build your application
⢠Run composer
⢠Run npm/bower
⢠Build JS/CSS
⢠Use the compiled output to build an image with docker build
⢠Push full image to private registry
php[tek] 2017 125
126. docker build
⢠Additional options to look at
⢠-f, --file â Specify a different filename for the Dockerfile
⢠--no-cache â Donât use a cached layer
⢠--pull â Always pull a new version of the image
php[tek] 2017 126
130. Built Into Docker
⢠One Process per container
⢠Allows tools to scale just what needs to be scaled
⢠Allows images to be swapped out as needed
php[tek] 2017 130
132. Built Into Docker (Again)
⢠Each container gets its own IP and exposes its own ports
⢠Processes should already be talking over a network
⢠Can work with service locators that are port-based
php[tek] 2017 132
134. How well does your app handle scaling?
php[tek] 2017 134
135. Built Into Docker (Again) (Again)
⢠One Process per container
⢠Scale up just the container that is needed
⢠App should not care how many instances of each service are running
php[tek] 2017 135
137. Signals
⢠Docker starts containers fairly quickly
⢠Applications should gracefully shut down, not just die
⢠Docker sends a SIGTERM when shutting down a container
⢠Your CLI apps may need to handle SIGTERM properly
â Cal Evans, âSignalling PHPâ
php[tek] 2017 137
138. 10. Dev/prod Parity
Keep development, staging, and production as similar as possible
php[tek] 2017 138
140. Logging in Docker
⢠Various logging options built in
â JSON file (default)
â Fluentd
â Syslog
â Journald
â Gelf
â Splunk
â Aws
â Etwlogs
â Gcplogs php[tek] 2017 140
141. Push logs remotely
⢠When possible, push Docker logs to a remote service
â Container logs only exist while the container exists
⢠Allows logs to be viewed in a single place
⢠No need to get into actual servers
⢠Can host yourself, or pay for a SaaS
⢠ELK stack is very popular
â Docker uses fluentd instead
php[tek] 2017 141
146. Setting up ElasticSearch and Kibana
services:
  elasticsearch:
    image: elasticsearch
    expose:
      Â 9200
    ports:
      Â 9200:9200
  kibana:
    image: kibana
    depends_on:
      Â elasticsearch
    ports:
      Â 5601:5601
php[tek] 2017 146
148. Logging notes
⢠docker logs does not work with external logging, only JSON
⢠This example can be cleaned up a bit
⢠Kibana syntax can be a bit odd to work with
php[tek] 2017 148
155. Switch to the remote node
⢠Run docker-machine env sunshinephp2017
& "C:Program
FilesDockerDockerResourcesbindocker-
machine.exe" env sunshinephp2017 | Invoke-Expression
php[tek] 2017 155
156. Set up docker-compose
⢠Docker Compose allows multiple config files with -f
⢠Have a base docker-compose.yml for Production
⢠Add a secondary one for Development
php[tek] 2017 156