SlideShare ist ein Scribd-Unternehmen logo

Take care of hundred containers and not go crazy

Honza Horák
Honza Horák

This document summarizes Honza Horak's presentation on strategies for managing a large portfolio of container images. It discusses sharing sources and scripts across versions to reduce duplication and simplify maintenance. Templating approaches are presented to generate downstream variants from a single upstream source. Maintaining common packages and scripts in intermediate layers is suggested to facilitate reuse. The use of automated tests for container images on each change is also advocated to prevent regressions.

Ingenieurwesen
1 von 39
Downloaden Sie, um offline zu lesen
Take Care of Hundred Containers ...and Not Go Crazy Honza Horak DevConf.cz, Brno January 26th, 2018
I had a dream... 2 ...like every second boy in Czechia that time
I had a dream... 3 ...like every second boy in Czechia that time
ABOUT /me 4 Honza Horak Location ● Brno Background ● Databases, Python, Ruby ● Containers ○ Red Hat Software Collections ○ CentOS ○ Fedora
The final goal 5 (when developing container images) #> docker run -d -e MYSQL_ROOT_PASSWORD=pass mariadb-102 … is to make them work nicely in ...
The final goal 6 (when developing container images) #> docker run -d -e MYSQL_ROOT_PASSWORD=pass mariadb-102 #> oc new-app mariadb-102 -e MYSQL_ROOT_PASSWORD=pass #> oc process -f mariadb.json | oc create -f - … is to make them work nicely in ...
DEVELOP != MAINTAIN
Size of the portfolio matters 8 RHSCL based container images ● MariaDB ● PostgreSQL ● MySQL ● MongoDB ● Python ● Ruby ● NodeJS ● PHP ● Perl ● Apache ● Nginx ● Varnish ● … rhscl/mariadb-100-rhel7 f26/mariadb centos/mariadb-100-centos7 f27/mariadb centos/mariadb-101-centos7 centos/mariadb-102-centos7 rhscl/mariadb-101-rhel7 rhscl/mariadb-102-rhel7
PORTFOLIO GROWS QUICKLY.
10
EVERYTHING WILL BE FINE, IF...
Sources for container image 12 Downstream (e.g. Fedora dist-git component) Dockerfile README.md root/etc/my.cnf root/usr/bin/container-entrypoint root/usr/bin/run-mysqld root/usr/bin/run-mysqld-master root/usr/bin/run-mysqld-slave root/usr/libexec/container-setup root/usr/share/container-scripts/mysql/common.sh root/usr/share/container-scripts/mysql/helpers.sh root/usr/share/container-scripts/mysql/my-base.cnf.template root/usr/share/container-scripts/mysql/my-master.cnf.template root/usr/share/container-scripts/mysql/my-paas.cnf.template test/run
Upstream vs. Downstream 13 1 upstream repository -> 8 downstream repositories ● MariaDB ● PostgreSQL ● MySQL ● MongoDB ● Python ● Ruby ● NodeJS ● PHP ● Perl ● Apache ● Nginx ● Varnish ● … rhscl/mariadb-100-rhel7 f26/mariadb centos/mariadb-100-centos7 f27/mariadb centos/mariadb-101-centos7 centos/mariadb-102-centos7 rhscl/mariadb-101-rhel7 rhscl/mariadb-102-rhel7
Sources for container image 14 Upstream (http://github.com/sclorg/mariadb-container) 10.0/ 10.1/ 10.2/ |- /Dockerfile |- /Dockerfile.rhel7 |- /Dockerfile.fedora |- /README.md |- /root/etc/my.cnf |- /root/usr/bin/container-entrypoint |- /root/usr/bin/run-mysqld |- /tests/run |- /tests/run-openshift examples/ |- /mariadb-ephemeral.json ...
Sources for container image 15 ...tend to duplicate content. 10.1/ |- /Dockerfile |- /Dockerfile.rhel7 |- /Dockerfile.fedora |- /root/etc/my.cnf |- /root/usr/bin/container-entrypoint |- ... 10.2/ |- /Dockerfile |- /Dockerfile.rhel7 |- /Dockerfile.fedora |- /root/etc/my.cnf |- /root/usr/bin/container-entrypoint |- ...
SHARE SOURCES.
SAME SOURCES => SAME USER EXPERIENCE.
Common scripts for more versions 18 Click to add subtitle ... if [ -v MYSQL_ROOT_PASSWORD ]; then log_info "Setting password for MySQL root user ..." if [ "$MYSQL_VERSION" > "10.0" ] ; then mysql $mysql_flags <<EOSQL CREATE USER IF NOT EXISTS 'root'@'%'; EOSQL fi mysql $mysql_flags <<EOSQL GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}' WITH GRANT OPTION; EOSQL Fi ...
Differences between versions 19 Click to add subtitle $> diff -up 10.1/Dockerfile 10.2/Dockerfile ... RUN yum install -y centos-release-scl-rh && yum-config-manager --enable centos-sclo-rh-testing && - INSTALL_PKGS="rsync tar shadow-utils rh-mariadb101" && + INSTALL_PKGS="rsync tar shadow-utils rh-mariadb102" && yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS && rpm -V $INSTALL_PKGS && yum clean all ENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/mysql - MYSQL_PREFIX=/opt/rh/rh-mariadb101/root/usr - ENABLED_COLLECTIONS=rh-mariadb101 + MYSQL_PREFIX=/opt/rh/rh-mariadb102/root/usr + ENABLED_COLLECTIONS=rh-mariadb102 ...
SAME SCRIPTS FOR ALL VERSIONS. DIFFERENCES IN DOCKERFILES ONLY.
INSERT DESIGNATOR, IF NEEDED Let’s share some files 21 By putting them one dir up. Duplicate only different files. 10.2/ |- /Dockerfile |- /Dockerfile.rhel7 |- /README.md |- /root/etc/my.cnf |- /root/usr/bin/run-mysqld |- /tests/run 10.2/ |- /Dockerfile |- /Dockerfile.rhel7 |- /README.md root-common/ |- /etc/my.cnf |- /usr/bin/run-mysqld tests/ |- /run
INSERT DESIGNATOR, IF NEEDED Using shared files for docker build 22 While respecting docker build context dir. Dockerfile does not need to be in root of the docker build context. $> cd 10.2 $> cat Dockerfile ... COPY root/ / ... #> docker build . $> cd 10.2 $> cat Dockerfile ... COPY 10.2/root/ / ... #> docker build ..
Downstream structure 23 e.g. Fedora dist-git component needs to include a symlink 10.2 -> . Dockerfile README.md root/etc/my.cnf root/usr/bin/container-entrypoint root/usr/bin/run-mysqld root/usr/bin/run-mysqld-master root/usr/bin/run-mysqld-slave root/usr/libexec/container-setup root/usr/share/container-scripts/mysql/common.sh root/usr/share/container-scripts/mysql/helpers.sh root/usr/share/container-scripts/mysql/my-base.cnf.template root/usr/share/container-scripts/mysql/my-master.cnf.template root/usr/share/container-scripts/mysql/my-paas.cnf.template test/run
TEMPLATING.
Use one copy of everything in upstream 25 And generate specific variant for downstream only. -FROM rhel-7 +FROM {{ config.docker.from }} -ENV POSTGRESQL_VERSION=9.6 -RUN yum install rh-postgresql96 && +ENV POSTGRESQL_VERSION={{ spec.version }} +RUN yum install {{ spec.scl }} && yum clean all
INSERT DESIGNATOR, IF NEEDED Distgen 26 A simple make+bash+python based templating for container sources. 9.5/ |- /Dockerfile |- /Dockerfile.rhel7 |- /README.md 9.6/ |- /Dockerfile |- /Dockerfile.rhel7 |- /README.md ... src/ |- /Dockerfile |- /README.md ... |- rhel-7-x86_64.yaml |- centos-7-x86_64.yaml |- fedora-27-x86_64.yaml WIP pull-requests: https://github.com/sclorg/postgresql-container/pull/203 https://github.com/sclorg/container-common-scripts/pull/38
Distgen 27 Simple templating system Advantates ● One copy of everything ● More precise README.md ● Scripts without too many IFs Disadvantages ● Sources are not anymore usable directly as a documentation ● Contributors are required to use some specific workflow ○ make build ● Generated output not seen immediately
GITHUB SUBMODULES.
GitHub sub-modules work for “libraries” 29 And not bite... $> git ls-files container-common-scripts common/ common/build.sh common/clean.sh common/common.mk common/.git common/LICENSE common/Makefile common/README.md common/tag.sh common/test-lib-openshift.sh common/test-lib.sh common/test.sh
SHARE PACKAGES AND SCRIPTS IN AN INTERMEDIATE LAYER.
Sharing common RPMs and scripts 31 RHEL Server Base An intermediate layer Common scripts Another intermediate layer Common devel libraries Python runtime Ruby runtime MariaDB server Example of intermediate container images Django App for XYZ
Intermediate Container Images 32 Advantages Container layers help us to share and maintain on one place ● RPMs ○ various devel libraries ○ basic tools ○ common dependencies ● Scripts ○ fix-permissions ○ cgroup-limits ○ rpm-file-permissions RHEL Server Base Basic tools: findutils, unzip, fix-permissions, cgroup-limits, … Common dependencies: npm, common devel libraries Python runtime: pip, S2i scripts (assemble, run)
Intermediate Container Images 33 Disadvantages Maintenance of more layers require: ● Building in right order ○ OSBS ○ Chain Rebuilds ● Tests whether we’re using correct base image RHEL Server Base Basic tools: findutils, unzip, fix-permissions, cgroup-limits, … Common dependencies: npm, common devel libraries Python runtime: pip, S2i scripts (assemble, run)
Maintaining package & container image 34 How often the build is needed. CONTAINER IMAGE MAINTAINER Bundling by design. New build on parent change. New build on RPM change. New build on container source change. PACKAGE MAINTAINER No bundling. New build for each fix.
DOES IT STILL WORK?
AUTOMATIC TESTS FOR EVERY CONTAINER IMAGE.
Tests for containers 37 What to test ● Focus on container API When to test ● For every pull-request ● After each commit Environment: ● Automation everywhere ● Quick feedback via docker run … ● OpenShift quickstart templates via oc cluster up MTF workshop today at 2pm.
AVOID DUPLICATION. USE AUTOMATED TESTS.
THANK YOU plus.google.com/+RedHat linkedin.com/company/red-hat youtube.com/user/RedHatVideos facebook.com/redhatinc twitter.com/RedHatNews

Empfohlen

Inside Sqale's Backend at Sapporo Ruby Kaigi 2012
Inside Sqale's Backend at Sapporo Ruby Kaigi 2012Inside Sqale's Backend at Sapporo Ruby Kaigi 2012
Inside Sqale's Backend at Sapporo Ruby Kaigi 2012Gosuke Miyashita
 
2017-03-11 02 Денис Нелюбин. Docker & Ansible - лучшие друзья DevOps
2017-03-11 02 Денис Нелюбин. Docker & Ansible - лучшие друзья DevOps2017-03-11 02 Денис Нелюбин. Docker & Ansible - лучшие друзья DevOps
2017-03-11 02 Денис Нелюбин. Docker & Ansible - лучшие друзья DevOpsОмские ИТ-субботники
 
What Have Syscalls Done for you Lately?
What Have Syscalls Done for you Lately?What Have Syscalls Done for you Lately?
What Have Syscalls Done for you Lately?Docker, Inc.
 
Automating Mendix application deployments with Nix
Automating Mendix application deployments with NixAutomating Mendix application deployments with Nix
Automating Mendix application deployments with NixSander van der Burg
 
Embedded Linux Odp
Embedded Linux OdpEmbedded Linux Odp
Embedded Linux Odpghessler
 
Super powered Drupal development with docker
Super powered Drupal development with dockerSuper powered Drupal development with docker
Super powered Drupal development with dockerMaciej Lukianski
 
Who is afraid of privileged containers ?
Who is afraid of privileged containers ?Who is afraid of privileged containers ?
Who is afraid of privileged containers ?Marko Bevc
 
Container & kubernetes
Container & kubernetesContainer & kubernetes
Container & kubernetesTed Jung
 

Empfohlen

Inside Sqale's Backend at Sapporo Ruby Kaigi 2012
Inside Sqale's Backend at Sapporo Ruby Kaigi 2012Inside Sqale's Backend at Sapporo Ruby Kaigi 2012
Inside Sqale's Backend at Sapporo Ruby Kaigi 2012Gosuke Miyashita
 
2017-03-11 02 Денис Нелюбин. Docker & Ansible - лучшие друзья DevOps
2017-03-11 02 Денис Нелюбин. Docker & Ansible - лучшие друзья DevOps2017-03-11 02 Денис Нелюбин. Docker & Ansible - лучшие друзья DevOps
2017-03-11 02 Денис Нелюбин. Docker & Ansible - лучшие друзья DevOpsОмские ИТ-субботники
 
What Have Syscalls Done for you Lately?
What Have Syscalls Done for you Lately?What Have Syscalls Done for you Lately?
What Have Syscalls Done for you Lately?Docker, Inc.
 
Automating Mendix application deployments with Nix
Automating Mendix application deployments with NixAutomating Mendix application deployments with Nix
Automating Mendix application deployments with NixSander van der Burg
 
Embedded Linux Odp
Embedded Linux OdpEmbedded Linux Odp
Embedded Linux Odpghessler
 
Super powered Drupal development with docker
Super powered Drupal development with dockerSuper powered Drupal development with docker
Super powered Drupal development with dockerMaciej Lukianski
 
Who is afraid of privileged containers ?
Who is afraid of privileged containers ?Who is afraid of privileged containers ?
Who is afraid of privileged containers ?Marko Bevc
 
Container & kubernetes
Container & kubernetesContainer & kubernetes
Container & kubernetesTed Jung
 
Docker slides
Docker slidesDocker slides
Docker slidesAyla Khan
 
COSCUP 2016 - ROS + Gazebo機器人模擬器工作坊
COSCUP 2016 - ROS + Gazebo機器人模擬器工作坊COSCUP 2016 - ROS + Gazebo機器人模擬器工作坊
COSCUP 2016 - ROS + Gazebo機器人模擬器工作坊Po-Jen Lai
 
Intro django
Intro djangoIntro django
Intro djangoAlexander Lyabah
 
Inside Sqale's Backend at RubyConf Taiwan 2012
Inside Sqale's Backend at RubyConf Taiwan 2012Inside Sqale's Backend at RubyConf Taiwan 2012
Inside Sqale's Backend at RubyConf Taiwan 2012Gosuke Miyashita
 
Inside Sqale's Backend at YAPC::Asia Tokyo 2012
Inside Sqale's Backend at YAPC::Asia Tokyo 2012Inside Sqale's Backend at YAPC::Asia Tokyo 2012
Inside Sqale's Backend at YAPC::Asia Tokyo 2012Gosuke Miyashita
 
Challenges of container configuration
Challenges of container configurationChallenges of container configuration
Challenges of container configurationlutter
 
Using Nix and Docker as automated deployment solutions
Using Nix and Docker as automated deployment solutionsUsing Nix and Docker as automated deployment solutions
Using Nix and Docker as automated deployment solutionsSander van der Burg
 
PHP Development Tools
PHP Development ToolsPHP Development Tools
PHP Development ToolsAntony Abramchenko
 
Programming in Linux Environment
Programming in Linux EnvironmentProgramming in Linux Environment
Programming in Linux EnvironmentDongho Kang
 
JDO 2019: Kubernetes logging techniques with a touch of LogSense - Marcin Stożek
JDO 2019: Kubernetes logging techniques with a touch of LogSense - Marcin StożekJDO 2019: Kubernetes logging techniques with a touch of LogSense - Marcin Stożek
JDO 2019: Kubernetes logging techniques with a touch of LogSense - Marcin StożekPROIDEA
 
Extend Redis with Modules
Extend Redis with ModulesExtend Redis with Modules
Extend Redis with ModulesItamar Haber
 
Functional Operations (Functional Programming at Comcast Labs Connect)
Functional Operations (Functional Programming at Comcast Labs Connect)Functional Operations (Functional Programming at Comcast Labs Connect)
Functional Operations (Functional Programming at Comcast Labs Connect)Susan Potter
 
nix-processmgmt: An experimental Nix-based process manager-agnostic framework
nix-processmgmt: An experimental Nix-based process manager-agnostic frameworknix-processmgmt: An experimental Nix-based process manager-agnostic framework
nix-processmgmt: An experimental Nix-based process manager-agnostic frameworkSander van der Burg
 
Power to the People: Redis Lua Scripts
Power to the People: Redis Lua ScriptsPower to the People: Redis Lua Scripts
Power to the People: Redis Lua ScriptsItamar Haber
 
E bpf and dynamic tracing for mariadb db as (mariadb day during fosdem 2020)
E bpf and dynamic tracing for mariadb db as (mariadb day during fosdem 2020)E bpf and dynamic tracing for mariadb db as (mariadb day during fosdem 2020)
E bpf and dynamic tracing for mariadb db as (mariadb day during fosdem 2020)Valeriy Kravchuk
 
Devinsampa nginx-scripting
Devinsampa nginx-scriptingDevinsampa nginx-scripting
Devinsampa nginx-scriptingTony Fabeen
 
CoreOS + Kubernetes @ All Things Open 2015
CoreOS + Kubernetes @ All Things Open 2015CoreOS + Kubernetes @ All Things Open 2015
CoreOS + Kubernetes @ All Things Open 2015Brandon Philips
 
Docker.io
Docker.ioDocker.io
Docker.ioLadislav Prskavec
 
CoreOS: Control Your Fleet
CoreOS: Control Your FleetCoreOS: Control Your Fleet
CoreOS: Control Your FleetMatthew Jones
 
Dockerizing Symfony Applications - Symfony Live Berlin 2014
Dockerizing Symfony Applications - Symfony Live Berlin 2014Dockerizing Symfony Applications - Symfony Live Berlin 2014
Dockerizing Symfony Applications - Symfony Live Berlin 2014D
 
Introduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @GuidewireIntroduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @GuidewiredotCloud
 
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis OverviewLeo Lorieri
 

Weitere ähnliche Inhalte

Was ist angesagt?

Docker slides
Docker slidesDocker slides
Docker slidesAyla Khan
 
COSCUP 2016 - ROS + Gazebo機器人模擬器工作坊
COSCUP 2016 - ROS + Gazebo機器人模擬器工作坊COSCUP 2016 - ROS + Gazebo機器人模擬器工作坊
COSCUP 2016 - ROS + Gazebo機器人模擬器工作坊Po-Jen Lai
 
Inside Sqale's Backend at RubyConf Taiwan 2012
Inside Sqale's Backend at RubyConf Taiwan 2012Inside Sqale's Backend at RubyConf Taiwan 2012
Inside Sqale's Backend at RubyConf Taiwan 2012Gosuke Miyashita
 
Inside Sqale's Backend at YAPC::Asia Tokyo 2012
Inside Sqale's Backend at YAPC::Asia Tokyo 2012Inside Sqale's Backend at YAPC::Asia Tokyo 2012
Inside Sqale's Backend at YAPC::Asia Tokyo 2012Gosuke Miyashita
 
Challenges of container configuration
Challenges of container configurationChallenges of container configuration
Challenges of container configurationlutter
 
Using Nix and Docker as automated deployment solutions
Using Nix and Docker as automated deployment solutionsUsing Nix and Docker as automated deployment solutions
Using Nix and Docker as automated deployment solutionsSander van der Burg
 
Programming in Linux Environment
Programming in Linux EnvironmentProgramming in Linux Environment
Programming in Linux EnvironmentDongho Kang
 
JDO 2019: Kubernetes logging techniques with a touch of LogSense - Marcin Stożek
JDO 2019: Kubernetes logging techniques with a touch of LogSense - Marcin StożekJDO 2019: Kubernetes logging techniques with a touch of LogSense - Marcin Stożek
JDO 2019: Kubernetes logging techniques with a touch of LogSense - Marcin StożekPROIDEA
 
Extend Redis with Modules
Extend Redis with ModulesExtend Redis with Modules
Extend Redis with ModulesItamar Haber
 
Functional Operations (Functional Programming at Comcast Labs Connect)
Functional Operations (Functional Programming at Comcast Labs Connect)Functional Operations (Functional Programming at Comcast Labs Connect)
Functional Operations (Functional Programming at Comcast Labs Connect)Susan Potter
 
nix-processmgmt: An experimental Nix-based process manager-agnostic framework
nix-processmgmt: An experimental Nix-based process manager-agnostic frameworknix-processmgmt: An experimental Nix-based process manager-agnostic framework
nix-processmgmt: An experimental Nix-based process manager-agnostic frameworkSander van der Burg
 
Power to the People: Redis Lua Scripts
Power to the People: Redis Lua ScriptsPower to the People: Redis Lua Scripts
Power to the People: Redis Lua ScriptsItamar Haber
 
E bpf and dynamic tracing for mariadb db as (mariadb day during fosdem 2020)
E bpf and dynamic tracing for mariadb db as (mariadb day during fosdem 2020)E bpf and dynamic tracing for mariadb db as (mariadb day during fosdem 2020)
E bpf and dynamic tracing for mariadb db as (mariadb day during fosdem 2020)Valeriy Kravchuk
 
Devinsampa nginx-scripting
Devinsampa nginx-scriptingDevinsampa nginx-scripting
Devinsampa nginx-scriptingTony Fabeen
 
CoreOS + Kubernetes @ All Things Open 2015
CoreOS + Kubernetes @ All Things Open 2015CoreOS + Kubernetes @ All Things Open 2015
CoreOS + Kubernetes @ All Things Open 2015Brandon Philips
 
CoreOS: Control Your Fleet
CoreOS: Control Your FleetCoreOS: Control Your Fleet
CoreOS: Control Your FleetMatthew Jones
 
Dockerizing Symfony Applications - Symfony Live Berlin 2014
Dockerizing Symfony Applications - Symfony Live Berlin 2014Dockerizing Symfony Applications - Symfony Live Berlin 2014
Dockerizing Symfony Applications - Symfony Live Berlin 2014D
 

Was ist angesagt? (20)

Docker slides
Docker slidesDocker slides
Docker slides
 
COSCUP 2016 - ROS + Gazebo機器人模擬器工作坊
COSCUP 2016 - ROS + Gazebo機器人模擬器工作坊COSCUP 2016 - ROS + Gazebo機器人模擬器工作坊
COSCUP 2016 - ROS + Gazebo機器人模擬器工作坊
 
Intro django
Intro djangoIntro django
Intro django
 
Inside Sqale's Backend at RubyConf Taiwan 2012
Inside Sqale's Backend at RubyConf Taiwan 2012Inside Sqale's Backend at RubyConf Taiwan 2012
Inside Sqale's Backend at RubyConf Taiwan 2012
 
Inside Sqale's Backend at YAPC::Asia Tokyo 2012
Inside Sqale's Backend at YAPC::Asia Tokyo 2012Inside Sqale's Backend at YAPC::Asia Tokyo 2012
Inside Sqale's Backend at YAPC::Asia Tokyo 2012
 
Challenges of container configuration
Challenges of container configurationChallenges of container configuration
Challenges of container configuration
 
Using Nix and Docker as automated deployment solutions
Using Nix and Docker as automated deployment solutionsUsing Nix and Docker as automated deployment solutions
Using Nix and Docker as automated deployment solutions
 
PHP Development Tools
PHP Development ToolsPHP Development Tools
PHP Development Tools
 
Programming in Linux Environment
Programming in Linux EnvironmentProgramming in Linux Environment
Programming in Linux Environment
 
JDO 2019: Kubernetes logging techniques with a touch of LogSense - Marcin Stożek
JDO 2019: Kubernetes logging techniques with a touch of LogSense - Marcin StożekJDO 2019: Kubernetes logging techniques with a touch of LogSense - Marcin Stożek
JDO 2019: Kubernetes logging techniques with a touch of LogSense - Marcin Stożek
 
Extend Redis with Modules
Extend Redis with ModulesExtend Redis with Modules
Extend Redis with Modules
 
Functional Operations (Functional Programming at Comcast Labs Connect)
Functional Operations (Functional Programming at Comcast Labs Connect)Functional Operations (Functional Programming at Comcast Labs Connect)
Functional Operations (Functional Programming at Comcast Labs Connect)
 
nix-processmgmt: An experimental Nix-based process manager-agnostic framework
nix-processmgmt: An experimental Nix-based process manager-agnostic frameworknix-processmgmt: An experimental Nix-based process manager-agnostic framework
nix-processmgmt: An experimental Nix-based process manager-agnostic framework
 
Power to the People: Redis Lua Scripts
Power to the People: Redis Lua ScriptsPower to the People: Redis Lua Scripts
Power to the People: Redis Lua Scripts
 
E bpf and dynamic tracing for mariadb db as (mariadb day during fosdem 2020)
E bpf and dynamic tracing for mariadb db as (mariadb day during fosdem 2020)E bpf and dynamic tracing for mariadb db as (mariadb day during fosdem 2020)
E bpf and dynamic tracing for mariadb db as (mariadb day during fosdem 2020)
 
Devinsampa nginx-scripting
Devinsampa nginx-scriptingDevinsampa nginx-scripting
Devinsampa nginx-scripting
 
CoreOS + Kubernetes @ All Things Open 2015
CoreOS + Kubernetes @ All Things Open 2015CoreOS + Kubernetes @ All Things Open 2015
CoreOS + Kubernetes @ All Things Open 2015
 
Docker.io
Docker.ioDocker.io
Docker.io
 
CoreOS: Control Your Fleet
CoreOS: Control Your FleetCoreOS: Control Your Fleet
CoreOS: Control Your Fleet
 
Dockerizing Symfony Applications - Symfony Live Berlin 2014
Dockerizing Symfony Applications - Symfony Live Berlin 2014Dockerizing Symfony Applications - Symfony Live Berlin 2014
Dockerizing Symfony Applications - Symfony Live Berlin 2014
 

Ähnlich wie Take care of hundred containers and not go crazy

Introduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @GuidewireIntroduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @GuidewiredotCloud
 
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis OverviewLeo Lorieri
 
Lightweight Virtualization with Linux Containers and Docker I YaC 2013
Lightweight Virtualization with Linux Containers and Docker I YaC 2013Lightweight Virtualization with Linux Containers and Docker I YaC 2013
Lightweight Virtualization with Linux Containers and Docker I YaC 2013Docker, Inc.
 
Lightweight Virtualization with Linux Containers and Docker | YaC 2013
Lightweight Virtualization with Linux Containers and Docker | YaC 2013Lightweight Virtualization with Linux Containers and Docker | YaC 2013
Lightweight Virtualization with Linux Containers and Docker | YaC 2013dotCloud
 
Introduction to Docker and Containers
Introduction to Docker and ContainersIntroduction to Docker and Containers
Introduction to Docker and ContainersDocker, Inc.
 
Real-World Docker: 10 Things We've Learned
Real-World Docker: 10 Things We've Learned Real-World Docker: 10 Things We've Learned
Real-World Docker: 10 Things We've Learned RightScale
 
Настройка окружения для кросскомпиляции проектов на основе docker'a
Настройка окружения для кросскомпиляции проектов на основе docker'aНастройка окружения для кросскомпиляции проектов на основе docker'a
Настройка окружения для кросскомпиляции проектов на основе docker'acorehard_by
 
Kubernetes Story - Day 1: Build and Manage Containers with Podman
Kubernetes Story - Day 1: Build and Manage Containers with PodmanKubernetes Story - Day 1: Build and Manage Containers with Podman
Kubernetes Story - Day 1: Build and Manage Containers with PodmanMihai Criveti
 
A Gentle Introduction to Docker and Containers
A Gentle Introduction to Docker and ContainersA Gentle Introduction to Docker and Containers
A Gentle Introduction to Docker and ContainersDocker, Inc.
 
"Lightweight Virtualization with Linux Containers and Docker". Jerome Petazzo...
"Lightweight Virtualization with Linux Containers and Docker". Jerome Petazzo..."Lightweight Virtualization with Linux Containers and Docker". Jerome Petazzo...
"Lightweight Virtualization with Linux Containers and Docker". Jerome Petazzo...Yandex
 
Docker for mere mortals
Docker for mere mortalsDocker for mere mortals
Docker for mere mortalsHenryk Konsek
 
Start tracking your ruby infrastructure
Start tracking your ruby infrastructureStart tracking your ruby infrastructure
Start tracking your ruby infrastructureSergiy Kukunin
 
Developing with-devstack
Developing with-devstackDeveloping with-devstack
Developing with-devstackDeepak Garg
 
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special Edition
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special EditionIntroduction to Docker, December 2014 "Tour de France" Bordeaux Special Edition
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special EditionJérôme Petazzoni
 
Docker and-containers-for-development-and-deployment-scale12x
Docker and-containers-for-development-and-deployment-scale12xDocker and-containers-for-development-and-deployment-scale12x
Docker and-containers-for-development-and-deployment-scale12xrkr10
 
The internals and the latest trends of container runtimes
The internals and the latest trends of container runtimesThe internals and the latest trends of container runtimes
The internals and the latest trends of container runtimesAkihiro Suda
 
Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...
Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...
Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...Jérôme Petazzoni
 
Docker 0.11 at MaxCDN meetup in Los Angeles
Docker 0.11 at MaxCDN meetup in Los AngelesDocker 0.11 at MaxCDN meetup in Los Angeles
Docker 0.11 at MaxCDN meetup in Los AngelesJérôme Petazzoni
 
Introduction to Docker (as presented at December 2013 Global Hackathon)
Introduction to Docker (as presented at December 2013 Global Hackathon)Introduction to Docker (as presented at December 2013 Global Hackathon)
Introduction to Docker (as presented at December 2013 Global Hackathon)Jérôme Petazzoni
 
Introduction to Docker and all things containers, Docker Meetup at RelateIQ
Introduction to Docker and all things containers, Docker Meetup at RelateIQIntroduction to Docker and all things containers, Docker Meetup at RelateIQ
Introduction to Docker and all things containers, Docker Meetup at RelateIQdotCloud
 

Ähnlich wie Take care of hundred containers and not go crazy (20)

Introduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @GuidewireIntroduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @Guidewire
 
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview
 
Lightweight Virtualization with Linux Containers and Docker I YaC 2013
Lightweight Virtualization with Linux Containers and Docker I YaC 2013Lightweight Virtualization with Linux Containers and Docker I YaC 2013
Lightweight Virtualization with Linux Containers and Docker I YaC 2013
 
Lightweight Virtualization with Linux Containers and Docker | YaC 2013
Lightweight Virtualization with Linux Containers and Docker | YaC 2013Lightweight Virtualization with Linux Containers and Docker | YaC 2013
Lightweight Virtualization with Linux Containers and Docker | YaC 2013
 
Introduction to Docker and Containers
Introduction to Docker and ContainersIntroduction to Docker and Containers
Introduction to Docker and Containers
 
Real-World Docker: 10 Things We've Learned
Real-World Docker: 10 Things We've Learned Real-World Docker: 10 Things We've Learned
Real-World Docker: 10 Things We've Learned
 
Настройка окружения для кросскомпиляции проектов на основе docker'a
Настройка окружения для кросскомпиляции проектов на основе docker'aНастройка окружения для кросскомпиляции проектов на основе docker'a
Настройка окружения для кросскомпиляции проектов на основе docker'a
 
Kubernetes Story - Day 1: Build and Manage Containers with Podman
Kubernetes Story - Day 1: Build and Manage Containers with PodmanKubernetes Story - Day 1: Build and Manage Containers with Podman
Kubernetes Story - Day 1: Build and Manage Containers with Podman
 
A Gentle Introduction to Docker and Containers
A Gentle Introduction to Docker and ContainersA Gentle Introduction to Docker and Containers
A Gentle Introduction to Docker and Containers
 
"Lightweight Virtualization with Linux Containers and Docker". Jerome Petazzo...
"Lightweight Virtualization with Linux Containers and Docker". Jerome Petazzo..."Lightweight Virtualization with Linux Containers and Docker". Jerome Petazzo...
"Lightweight Virtualization with Linux Containers and Docker". Jerome Petazzo...
 
Docker for mere mortals
Docker for mere mortalsDocker for mere mortals
Docker for mere mortals
 
Start tracking your ruby infrastructure
Start tracking your ruby infrastructureStart tracking your ruby infrastructure
Start tracking your ruby infrastructure
 
Developing with-devstack
Developing with-devstackDeveloping with-devstack
Developing with-devstack
 
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special Edition
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special EditionIntroduction to Docker, December 2014 "Tour de France" Bordeaux Special Edition
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special Edition
 
Docker and-containers-for-development-and-deployment-scale12x
Docker and-containers-for-development-and-deployment-scale12xDocker and-containers-for-development-and-deployment-scale12x
Docker and-containers-for-development-and-deployment-scale12x
 
The internals and the latest trends of container runtimes
The internals and the latest trends of container runtimesThe internals and the latest trends of container runtimes
The internals and the latest trends of container runtimes
 
Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...
Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...
Docker 1 0 1 0 1: a Docker introduction, actualized for the stable release of...
 
Docker 0.11 at MaxCDN meetup in Los Angeles
Docker 0.11 at MaxCDN meetup in Los AngelesDocker 0.11 at MaxCDN meetup in Los Angeles
Docker 0.11 at MaxCDN meetup in Los Angeles
 
Introduction to Docker (as presented at December 2013 Global Hackathon)
Introduction to Docker (as presented at December 2013 Global Hackathon)Introduction to Docker (as presented at December 2013 Global Hackathon)
Introduction to Docker (as presented at December 2013 Global Hackathon)
 
Introduction to Docker and all things containers, Docker Meetup at RelateIQ
Introduction to Docker and all things containers, Docker Meetup at RelateIQIntroduction to Docker and all things containers, Docker Meetup at RelateIQ
Introduction to Docker and all things containers, Docker Meetup at RelateIQ
 

Kürzlich hochgeladen

Indian Dairy Industry Present Status and.ppt
Indian Dairy Industry Present Status and.pptIndian Dairy Industry Present Status and.ppt
Indian Dairy Industry Present Status and.pptMadan Karki
 
Past, Present and Future of Generative AI
Past, Present and Future of Generative AIPast, Present and Future of Generative AI
Past, Present and Future of Generative AIabhishek36461
 
welding defects observed during the welding
welding defects observed during the weldingwelding defects observed during the welding
welding defects observed during the weldingMuhammadUzairLiaqat
 
Research Methodology for Engineering pdf
Research Methodology for Engineering pdfResearch Methodology for Engineering pdf
Research Methodology for Engineering pdfCaalaaAbdulkerim
 
THE SENDAI FRAMEWORK FOR DISASTER RISK REDUCTION
THE SENDAI FRAMEWORK FOR DISASTER RISK REDUCTIONTHE SENDAI FRAMEWORK FOR DISASTER RISK REDUCTION
THE SENDAI FRAMEWORK FOR DISASTER RISK REDUCTIONjhunlian
 
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)Dr SOUNDIRARAJ N
 
home automation using Arduino by Aditya Prasad
home automation using Arduino by Aditya Prasadhome automation using Arduino by Aditya Prasad
home automation using Arduino by Aditya Prasadaditya806802
 
Main Memory Management in Operating System
Main Memory Management in Operating SystemMain Memory Management in Operating System
Main Memory Management in Operating SystemRashmi Bhat
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort servicejennyeacort
 
NO1 Certified Black Magic Specialist Expert Amil baba in Uae Dubai Abu Dhabi ...
NO1 Certified Black Magic Specialist Expert Amil baba in Uae Dubai Abu Dhabi ...NO1 Certified Black Magic Specialist Expert Amil baba in Uae Dubai Abu Dhabi ...
NO1 Certified Black Magic Specialist Expert Amil baba in Uae Dubai Abu Dhabi ...Amil Baba Dawood bangali
 
Correctly Loading Incremental Data at Scale
Correctly Loading Incremental Data at ScaleCorrectly Loading Incremental Data at Scale
Correctly Loading Incremental Data at ScaleAlluxio, Inc.
 
Arduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.pptArduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.pptSAURABHKUMAR892774
 
Virtual memory management in Operating System
Virtual memory management in Operating SystemVirtual memory management in Operating System
Virtual memory management in Operating SystemRashmi Bhat
 
Introduction to Machine Learning Unit-3 for II MECH
Introduction to Machine Learning Unit-3 for II MECHIntroduction to Machine Learning Unit-3 for II MECH
Introduction to Machine Learning Unit-3 for II MECHC Sai Kiran
 
Energy Awareness training ppt for manufacturing process.pptx
Energy Awareness training ppt for manufacturing process.pptxEnergy Awareness training ppt for manufacturing process.pptx
Energy Awareness training ppt for manufacturing process.pptxsiddharthjain2303
 
Mine Environment II Lab_MI10448MI__________.pptx
Mine Environment II Lab_MI10448MI__________.pptxMine Environment II Lab_MI10448MI__________.pptx
Mine Environment II Lab_MI10448MI__________.pptxRomil Mishra
 
Vishratwadi & Ghorpadi Bridge Tender documents
Vishratwadi & Ghorpadi Bridge Tender documentsVishratwadi & Ghorpadi Bridge Tender documents
Vishratwadi & Ghorpadi Bridge Tender documentsSachinPawar510423
 
Internet of things -Arshdeep Bahga .pptx
Internet of things -Arshdeep Bahga .pptxInternet of things -Arshdeep Bahga .pptx
Internet of things -Arshdeep Bahga .pptxVelmuruganTECE
 
Introduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxIntroduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxk795866
 

Kürzlich hochgeladen (20)

Indian Dairy Industry Present Status and.ppt
Indian Dairy Industry Present Status and.pptIndian Dairy Industry Present Status and.ppt
Indian Dairy Industry Present Status and.ppt
 
Past, Present and Future of Generative AI
Past, Present and Future of Generative AIPast, Present and Future of Generative AI
Past, Present and Future of Generative AI
 
welding defects observed during the welding
welding defects observed during the weldingwelding defects observed during the welding
welding defects observed during the welding
 
Research Methodology for Engineering pdf
Research Methodology for Engineering pdfResearch Methodology for Engineering pdf
Research Methodology for Engineering pdf
 
THE SENDAI FRAMEWORK FOR DISASTER RISK REDUCTION
THE SENDAI FRAMEWORK FOR DISASTER RISK REDUCTIONTHE SENDAI FRAMEWORK FOR DISASTER RISK REDUCTION
THE SENDAI FRAMEWORK FOR DISASTER RISK REDUCTION
 
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
 
home automation using Arduino by Aditya Prasad
home automation using Arduino by Aditya Prasadhome automation using Arduino by Aditya Prasad
home automation using Arduino by Aditya Prasad
 
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
 
Main Memory Management in Operating System
Main Memory Management in Operating SystemMain Memory Management in Operating System
Main Memory Management in Operating System
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
 
NO1 Certified Black Magic Specialist Expert Amil baba in Uae Dubai Abu Dhabi ...
NO1 Certified Black Magic Specialist Expert Amil baba in Uae Dubai Abu Dhabi ...NO1 Certified Black Magic Specialist Expert Amil baba in Uae Dubai Abu Dhabi ...
NO1 Certified Black Magic Specialist Expert Amil baba in Uae Dubai Abu Dhabi ...
 
Correctly Loading Incremental Data at Scale
Correctly Loading Incremental Data at ScaleCorrectly Loading Incremental Data at Scale
Correctly Loading Incremental Data at Scale
 
Arduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.pptArduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.ppt
 
Virtual memory management in Operating System
Virtual memory management in Operating SystemVirtual memory management in Operating System
Virtual memory management in Operating System
 
Introduction to Machine Learning Unit-3 for II MECH
Introduction to Machine Learning Unit-3 for II MECHIntroduction to Machine Learning Unit-3 for II MECH
Introduction to Machine Learning Unit-3 for II MECH
 
Energy Awareness training ppt for manufacturing process.pptx
Energy Awareness training ppt for manufacturing process.pptxEnergy Awareness training ppt for manufacturing process.pptx
Energy Awareness training ppt for manufacturing process.pptx
 
Mine Environment II Lab_MI10448MI__________.pptx
Mine Environment II Lab_MI10448MI__________.pptxMine Environment II Lab_MI10448MI__________.pptx
Mine Environment II Lab_MI10448MI__________.pptx
 
Vishratwadi & Ghorpadi Bridge Tender documents
Vishratwadi & Ghorpadi Bridge Tender documentsVishratwadi & Ghorpadi Bridge Tender documents
Vishratwadi & Ghorpadi Bridge Tender documents
 
Internet of things -Arshdeep Bahga .pptx
Internet of things -Arshdeep Bahga .pptxInternet of things -Arshdeep Bahga .pptx
Internet of things -Arshdeep Bahga .pptx
 
Introduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxIntroduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptx
 

Take care of hundred containers and not go crazy

  • 1. Take Care of Hundred Containers ...and Not Go Crazy Honza Horak DevConf.cz, Brno January 26th, 2018
  • 2. I had a dream... 2 ...like every second boy in Czechia that time
  • 3. I had a dream... 3 ...like every second boy in Czechia that time
  • 4. ABOUT /me 4 Honza Horak Location ● Brno Background ● Databases, Python, Ruby ● Containers ○ Red Hat Software Collections ○ CentOS ○ Fedora
  • 5. The final goal 5 (when developing container images) #> docker run -d -e MYSQL_ROOT_PASSWORD=pass mariadb-102 … is to make them work nicely in ...
  • 6. The final goal 6 (when developing container images) #> docker run -d -e MYSQL_ROOT_PASSWORD=pass mariadb-102 #> oc new-app mariadb-102 -e MYSQL_ROOT_PASSWORD=pass #> oc process -f mariadb.json | oc create -f - … is to make them work nicely in ...
  • 8. Size of the portfolio matters 8 RHSCL based container images ● MariaDB ● PostgreSQL ● MySQL ● MongoDB ● Python ● Ruby ● NodeJS ● PHP ● Perl ● Apache ● Nginx ● Varnish ● … rhscl/mariadb-100-rhel7 f26/mariadb centos/mariadb-100-centos7 f27/mariadb centos/mariadb-101-centos7 centos/mariadb-102-centos7 rhscl/mariadb-101-rhel7 rhscl/mariadb-102-rhel7
  • 10. 10
  • 11. EVERYTHING WILL BE FINE, IF...
  • 12. Sources for container image 12 Downstream (e.g. Fedora dist-git component) Dockerfile README.md root/etc/my.cnf root/usr/bin/container-entrypoint root/usr/bin/run-mysqld root/usr/bin/run-mysqld-master root/usr/bin/run-mysqld-slave root/usr/libexec/container-setup root/usr/share/container-scripts/mysql/common.sh root/usr/share/container-scripts/mysql/helpers.sh root/usr/share/container-scripts/mysql/my-base.cnf.template root/usr/share/container-scripts/mysql/my-master.cnf.template root/usr/share/container-scripts/mysql/my-paas.cnf.template test/run
  • 13. Upstream vs. Downstream 13 1 upstream repository -> 8 downstream repositories ● MariaDB ● PostgreSQL ● MySQL ● MongoDB ● Python ● Ruby ● NodeJS ● PHP ● Perl ● Apache ● Nginx ● Varnish ● … rhscl/mariadb-100-rhel7 f26/mariadb centos/mariadb-100-centos7 f27/mariadb centos/mariadb-101-centos7 centos/mariadb-102-centos7 rhscl/mariadb-101-rhel7 rhscl/mariadb-102-rhel7
  • 14. Sources for container image 14 Upstream (http://github.com/sclorg/mariadb-container) 10.0/ 10.1/ 10.2/ |- /Dockerfile |- /Dockerfile.rhel7 |- /Dockerfile.fedora |- /README.md |- /root/etc/my.cnf |- /root/usr/bin/container-entrypoint |- /root/usr/bin/run-mysqld |- /tests/run |- /tests/run-openshift examples/ |- /mariadb-ephemeral.json ...
  • 15. Sources for container image 15 ...tend to duplicate content. 10.1/ |- /Dockerfile |- /Dockerfile.rhel7 |- /Dockerfile.fedora |- /root/etc/my.cnf |- /root/usr/bin/container-entrypoint |- ... 10.2/ |- /Dockerfile |- /Dockerfile.rhel7 |- /Dockerfile.fedora |- /root/etc/my.cnf |- /root/usr/bin/container-entrypoint |- ...
  • 17. SAME SOURCES => SAME USER EXPERIENCE.
  • 18. Common scripts for more versions 18 Click to add subtitle ... if [ -v MYSQL_ROOT_PASSWORD ]; then log_info "Setting password for MySQL root user ..." if [ "$MYSQL_VERSION" > "10.0" ] ; then mysql $mysql_flags <<EOSQL CREATE USER IF NOT EXISTS 'root'@'%'; EOSQL fi mysql $mysql_flags <<EOSQL GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}' WITH GRANT OPTION; EOSQL Fi ...
  • 19. Differences between versions 19 Click to add subtitle $> diff -up 10.1/Dockerfile 10.2/Dockerfile ... RUN yum install -y centos-release-scl-rh && yum-config-manager --enable centos-sclo-rh-testing && - INSTALL_PKGS="rsync tar shadow-utils rh-mariadb101" && + INSTALL_PKGS="rsync tar shadow-utils rh-mariadb102" && yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS && rpm -V $INSTALL_PKGS && yum clean all ENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/mysql - MYSQL_PREFIX=/opt/rh/rh-mariadb101/root/usr - ENABLED_COLLECTIONS=rh-mariadb101 + MYSQL_PREFIX=/opt/rh/rh-mariadb102/root/usr + ENABLED_COLLECTIONS=rh-mariadb102 ...
  • 20. SAME SCRIPTS FOR ALL VERSIONS. DIFFERENCES IN DOCKERFILES ONLY.
  • 21. INSERT DESIGNATOR, IF NEEDED Let’s share some files 21 By putting them one dir up. Duplicate only different files. 10.2/ |- /Dockerfile |- /Dockerfile.rhel7 |- /README.md |- /root/etc/my.cnf |- /root/usr/bin/run-mysqld |- /tests/run 10.2/ |- /Dockerfile |- /Dockerfile.rhel7 |- /README.md root-common/ |- /etc/my.cnf |- /usr/bin/run-mysqld tests/ |- /run
  • 22. INSERT DESIGNATOR, IF NEEDED Using shared files for docker build 22 While respecting docker build context dir. Dockerfile does not need to be in root of the docker build context. $> cd 10.2 $> cat Dockerfile ... COPY root/ / ... #> docker build . $> cd 10.2 $> cat Dockerfile ... COPY 10.2/root/ / ... #> docker build ..
  • 23. Downstream structure 23 e.g. Fedora dist-git component needs to include a symlink 10.2 -> . Dockerfile README.md root/etc/my.cnf root/usr/bin/container-entrypoint root/usr/bin/run-mysqld root/usr/bin/run-mysqld-master root/usr/bin/run-mysqld-slave root/usr/libexec/container-setup root/usr/share/container-scripts/mysql/common.sh root/usr/share/container-scripts/mysql/helpers.sh root/usr/share/container-scripts/mysql/my-base.cnf.template root/usr/share/container-scripts/mysql/my-master.cnf.template root/usr/share/container-scripts/mysql/my-paas.cnf.template test/run
  • 25. Use one copy of everything in upstream 25 And generate specific variant for downstream only. -FROM rhel-7 +FROM {{ config.docker.from }} -ENV POSTGRESQL_VERSION=9.6 -RUN yum install rh-postgresql96 && +ENV POSTGRESQL_VERSION={{ spec.version }} +RUN yum install {{ spec.scl }} && yum clean all
  • 26. INSERT DESIGNATOR, IF NEEDED Distgen 26 A simple make+bash+python based templating for container sources. 9.5/ |- /Dockerfile |- /Dockerfile.rhel7 |- /README.md 9.6/ |- /Dockerfile |- /Dockerfile.rhel7 |- /README.md ... src/ |- /Dockerfile |- /README.md ... |- rhel-7-x86_64.yaml |- centos-7-x86_64.yaml |- fedora-27-x86_64.yaml WIP pull-requests: https://github.com/sclorg/postgresql-container/pull/203 https://github.com/sclorg/container-common-scripts/pull/38
  • 27. Distgen 27 Simple templating system Advantates ● One copy of everything ● More precise README.md ● Scripts without too many IFs Disadvantages ● Sources are not anymore usable directly as a documentation ● Contributors are required to use some specific workflow ○ make build ● Generated output not seen immediately
  • 29. GitHub sub-modules work for “libraries” 29 And not bite... $> git ls-files container-common-scripts common/ common/build.sh common/clean.sh common/common.mk common/.git common/LICENSE common/Makefile common/README.md common/tag.sh common/test-lib-openshift.sh common/test-lib.sh common/test.sh
  • 30. SHARE PACKAGES AND SCRIPTS IN AN INTERMEDIATE LAYER.
  • 31. Sharing common RPMs and scripts 31 RHEL Server Base An intermediate layer Common scripts Another intermediate layer Common devel libraries Python runtime Ruby runtime MariaDB server Example of intermediate container images Django App for XYZ
  • 32. Intermediate Container Images 32 Advantages Container layers help us to share and maintain on one place ● RPMs ○ various devel libraries ○ basic tools ○ common dependencies ● Scripts ○ fix-permissions ○ cgroup-limits ○ rpm-file-permissions RHEL Server Base Basic tools: findutils, unzip, fix-permissions, cgroup-limits, … Common dependencies: npm, common devel libraries Python runtime: pip, S2i scripts (assemble, run)
  • 33. Intermediate Container Images 33 Disadvantages Maintenance of more layers require: ● Building in right order ○ OSBS ○ Chain Rebuilds ● Tests whether we’re using correct base image RHEL Server Base Basic tools: findutils, unzip, fix-permissions, cgroup-limits, … Common dependencies: npm, common devel libraries Python runtime: pip, S2i scripts (assemble, run)
  • 34. Maintaining package & container image 34 How often the build is needed. CONTAINER IMAGE MAINTAINER Bundling by design. New build on parent change. New build on RPM change. New build on container source change. PACKAGE MAINTAINER No bundling. New build for each fix.
  • 35. DOES IT STILL WORK?
  • 36. AUTOMATIC TESTS FOR EVERY CONTAINER IMAGE.
  • 37. Tests for containers 37 What to test ● Focus on container API When to test ● For every pull-request ● After each commit Environment: ● Automation everywhere ● Quick feedback via docker run … ● OpenShift quickstart templates via oc cluster up MTF workshop today at 2pm.