SlideShare a Scribd company logo
1 of 58
Download to read offline
BUTTER BEI DIE FISCHE
Ein Jahr Entwicklung und Produktion mit Docker
Johannes Unterstein und Patrick Busch
AGENDA
How can we make a single tenant system suitable
for multitenancy and scalable without changing the
whole system?
AGENDA
• Introduction
• Dockerizing the Application
• Dockerizing the Infrastructure
• Best Practices
• Lessons Learned
INTRODUCTION
• One existing application
• Have it available for several different legal entities
• No way to implement multitenancy the existing
application
INTRODUCTION
SOAP
SQL
STORED
PROCEDURES
NO CACHING
flens/web
flens/burg
flens/db
INTRODUCTION
SOAP
SQL
STORED
PROCEDURES
NO CACHING
SOAP
SQL
STORED
PROCEDURES
NO CACHING
SOAP
SQL
STORED
PROCEDURES
NO CACHING
etc.
PROXY
A B C
DOCKERIZINGTHE
APPLICATION
VARIANT 1
VARIANT 1
• Pros
• Easy to understand/build/run/host
• Cons
• Separation
• Scalability
• Updates
VARIANT 2
VARIANT 2
• Pros
• Scalability
• Separation
• Updates
• Cons
• Advanced connection between containers needed
VARIANT 2
• Connection between containers
• Not via docker linkage
• Via /etc/host entry and environment variable
• Interpreting startup shell script in container
VARIANT 2
docker run -dP --env
flensburgHost=someHost --env
flensburgPort=1234 flens/web:1.23
DOCKERIZINGTHE
INFRASTRUCTURE
VARIANT A
VARIANT A
FRONTEND
MW/MANAGER
REGISTRY
EXECUTOR
VARIANT A
FRONTEND
MW/MANAGER
REGISTRY
EXECUTOR
builds the image
stores the image
runs the container
VARIANT A
• Classic approach
• Running applications on the metal
• Physical servers, each needs to be configured for the
application
• One server that runs the application containers
VARIANT B
VARIANT B
• More flexibility
• Every physical server is basically the same
• Installation done via script in a few minutes each
• Containers can then be run on any server
• Images contain all the needed configuration
VARIANT C
VARIANT C
*n
VARIANT C
• Multiple servers for the application containers
• Better load distribution
• Improved security
VARIANT D
PROXY
*n
PROXY
PROXY ?
FIREWALL
FIREWALL
FIREWALL
VARIANT D
• Configure containers to point to proxies
• Proxies manage certificates
• Proxies pass through containers
• Allows multiple containers per system to run in
parallel while they can be addressed on their own
FULL SCALE
*n
BUILD
IMAGES
PROXY
PROXYFIREWALL
FIREWALL
FIREWALL
FULL SCALE
*n
BUILD
IMAGES
STORE
IMAGES
PUSH
PROXY
PROXYFIREWALL
FIREWALL
FIREWALL
RUN
CONTAINERS
FULL SCALE
*n
BUILD
IMAGES
STORE
IMAGES
PUSH
PULL
*n
*n
*n
PROXY
PROXYFIREWALL
FIREWALL
FIREWALL
ADDED BENEFITS
• Self Service
• Flexibility
• Scalability
• Security
• A/B-Switching
STAGING
*n
PUSH
PULL
*n
PUSH
PULL
PRODUCTION STAGE
STAGING
*n
PUSH
PULL
*n
PUSH
PULL
PRODUCTION STAGE
SHARED REGISTRY FOR
INFRASTRUCTURE IMAGES
STAGING
• Easily duplicated environment
• Use docker registry for infrastructure images
• Release versioned images
• Script checks that versions cannot be overwritten
• Stage first approach
BEST PRACTICES
COMMON BASE IMAGES
• Common stuff in common base image
• As much as possible in base image
• Define versions of tools explicitly
• Lowers registry size
GROUP COMMANDS
• Try to combine commands with „&&“
• Less intermediate containers
• Increases build performance
• Lowers registry size
GROUP COMMANDS
RUN chmod u+x /home/app/start.sh
RUN chown app:app /home/app/start.sh
GROUP COMMANDS
RUN chmod u+x /home/app/start.sh && 
chown app:app /home/app/start.sh
ORDER COMMANDS
• Stable commands as early as possible
• ADD commands as late as possible
• Caching increases build performance
• Lowers registry size
USE SCRIPTS
docker run -d 
--read-only 
-p 127.0.0.1:30022:22 
-p 127.0.0.1:38080:8080 
-v /docker/data/nginx:/var/lib/nginx 
-v /docker/logs/nginx:/var/log/nginx 
-v /docker/tmp:/tmp 
-v /docker/run:/var/run 
--name flens_web 
repository_host_name:8888/flens/web:1.0
USE SCRIPTS
flens web run 1.0
USE SCRIPTS
• Running containers can be complicated on the
console
• Scripts can improve readability and memorability
• Improved speed and less failures
• Reusability
BUILD CONTINUOUS
• Use scripts in continuous integration server as well
• We use „Execute shell command“ jobs
• e.g.: flens web build && flens web rerun
USE PROXIES
• Proxy on the physical machines (e.g. nginx)
• Containers listen only to localhost device
• Nginx handles incoming requests and passes on
• Nginx handles security
• More than one container of a given type
• By symlinking nginx config files you can switch from one slot to another
USEVOLUMES
• Volumes are directories mounted from the
physical host
• Files in a volume are visible from inside the
container (and writeable)
• Useful for logging, syncing data, etc…
READ-ONLY CONTAINERS
• A read only container cannot write to its own file system
• Can only write to volumes
• Perfectly immutable containers are easily interchangable!
• Build and distribute containers even more freely
• No unexpected states, defined income -> defined outcome
MAKEYOUR CONTAINERS
FLEXIBLE
• Use /etc/hosts defined hostnames instead of IP
addresses
• Use environment variables at startup (--env)
LESSONS LEARNED
QUIRKS OF DOCKERFILES
• COPY vs ADD
• ADD can be a URL,ADD extracts tar.gz files automatically
• ENTRYPOINT vs CMD
• CMD can be overwritten at startup, ENTRYPOINT cannot
• Both are possible in a single Dockerfile
• ENTRYPOINT/CMD syntax
• determines if the executable is started directly or in a shell
QUIRKS OF DOCKERFILES
• COPY vs ADD
• ADD can be a URL,ADD extracts tar.gz files automatically
• ENTRYPOINT vs CMD
• CMD can be overwritten at startup, ENTRYPOINT cannot
• Both are possible in a single Dockerfile - this combines them!
• ENTRYPOINT/CMD syntax
• determines if the executable is started directly or in a shell
CMD AND ENTRYPOINT
CMD ping localhost
=> /bin/sh -c ‘ping localhost’
CMD[“ping”,”localhost”]
=> ping localhost
ENTRYPOINT[“ping”]
CMD [“localhost”]
=> ping localhost
$ docker run container_name www.flens.de
=> ping www.flens.de
TRUSTYOUR OWN SKILLS
• Young technology, many tutorials, everybody else
knows it better
• Linking is fine, but not for us
• Configuring /etc/hosts at startup works wonders
• Try to use your own solution
DON’T USE LINKAGE
• Not possible over real machine boundaries
• Often leads to problems during startup
• Use /etc/hosts and environment parameters
DOCKER IN DOCKER
• Our infrastructure builds docker images
dynamically
• Our infrastructure is dockerized
• Do we need „docker in docker?“
DOCKER IN DOCKER
•Docker in docker is possible
• docker run -- privileged flens/mw:1.23
•Container runs inside flens/mw
•Problems during update of outer app
DOCKER IN DOCKER
•We used client/server docker communication
•Client = flens/mw
•Server = Docker of host system
•Similar to boot2docker
•All container runs on host system
IT’S CHEAPER
• We can use off the shelf servers
• We can use virtualized servers
• We can distribute easily over different server
providers
• Easily scalable
IT’S BETTER
• Release on touch of a button
• Deployment on touch of a button
• Transparent versioning of all apps
• Transparency of OS environment running the apps
• Environment is now part of dev process and versionable
THANKS
Cheers

More Related Content

What's hot

Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013
Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013
Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013
dotCloud
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to docker
John Willis
 

What's hot (20)

The Three Musketeers
The Three MusketeersThe Three Musketeers
The Three Musketeers
 
Containers #101 : Docker ONBUILD triggers and Introduction to Docker Compose
Containers #101 : Docker ONBUILD triggers and Introduction to Docker ComposeContainers #101 : Docker ONBUILD triggers and Introduction to Docker Compose
Containers #101 : Docker ONBUILD triggers and Introduction to Docker Compose
 
Sharding Containers: Make Go Apps Computer-Friendly Again by Andrey Sibiryov
Sharding Containers: Make Go Apps Computer-Friendly Again by Andrey Sibiryov Sharding Containers: Make Go Apps Computer-Friendly Again by Andrey Sibiryov
Sharding Containers: Make Go Apps Computer-Friendly Again by Andrey Sibiryov
 
Making Developers Productive with Vagrant, VirtualBox, and Docker
Making Developers Productive with Vagrant, VirtualBox, and DockerMaking Developers Productive with Vagrant, VirtualBox, and Docker
Making Developers Productive with Vagrant, VirtualBox, and Docker
 
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
 
Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013
Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013
Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013
 
Docker and stuff
Docker and stuffDocker and stuff
Docker and stuff
 
Vagrant For DevOps
Vagrant For DevOpsVagrant For DevOps
Vagrant For DevOps
 
Getting started with Docker
Getting started with DockerGetting started with Docker
Getting started with Docker
 
Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to Docker
 
DockerCon SF 2015: Orchestration for Sysadmins
DockerCon SF 2015: Orchestration for SysadminsDockerCon SF 2015: Orchestration for Sysadmins
DockerCon SF 2015: Orchestration for Sysadmins
 
Dockerizing your applications - Docker workshop @Twitter
Dockerizing your applications - Docker workshop @TwitterDockerizing your applications - Docker workshop @Twitter
Dockerizing your applications - Docker workshop @Twitter
 
Docker worshop @Twitter - How to use your own private registry
Docker worshop @Twitter - How to use your own private registryDocker worshop @Twitter - How to use your own private registry
Docker worshop @Twitter - How to use your own private registry
 
Docker Introduction
Docker IntroductionDocker Introduction
Docker Introduction
 
Docker 101 - Getting started
Docker 101 - Getting startedDocker 101 - Getting started
Docker 101 - Getting started
 
Docker: From Zero to Hero
Docker: From Zero to HeroDocker: From Zero to Hero
Docker: From Zero to Hero
 
CT Software Developers Meetup: Using Docker and Vagrant Within A GitHub Pull ...
CT Software Developers Meetup: Using Docker and Vagrant Within A GitHub Pull ...CT Software Developers Meetup: Using Docker and Vagrant Within A GitHub Pull ...
CT Software Developers Meetup: Using Docker and Vagrant Within A GitHub Pull ...
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to docker
 
Docker Basics
Docker BasicsDocker Basics
Docker Basics
 
Docker lxc win
Docker lxc winDocker lxc win
Docker lxc win
 

Viewers also liked

Puppet for Java developers - JavaZone NO 2012
Puppet for Java developers - JavaZone NO 2012Puppet for Java developers - JavaZone NO 2012
Puppet for Java developers - JavaZone NO 2012
Carlos Sanchez
 

Viewers also liked (7)

Role based access control & rights management (2003)
Role based access control & rights management (2003)Role based access control & rights management (2003)
Role based access control & rights management (2003)
 
Docker Workshop Experten Forum Stuttgart 2015, Agile Methoden GmbH
Docker Workshop Experten Forum Stuttgart 2015, Agile Methoden GmbHDocker Workshop Experten Forum Stuttgart 2015, Agile Methoden GmbH
Docker Workshop Experten Forum Stuttgart 2015, Agile Methoden GmbH
 
Was ist Docker ?
Was ist Docker ?Was ist Docker ?
Was ist Docker ?
 
Vagrant, Puppet, Docker für Entwickler und Architekten
Vagrant, Puppet, Docker für Entwickler und ArchitektenVagrant, Puppet, Docker für Entwickler und Architekten
Vagrant, Puppet, Docker für Entwickler und Architekten
 
Docker - Containervirtualisierung leichtgemacht
Docker - Containervirtualisierung leichtgemachtDocker - Containervirtualisierung leichtgemacht
Docker - Containervirtualisierung leichtgemacht
 
Puppet for Java developers - JavaZone NO 2012
Puppet for Java developers - JavaZone NO 2012Puppet for Java developers - JavaZone NO 2012
Puppet for Java developers - JavaZone NO 2012
 
Docker Roadshow 2016
Docker Roadshow 2016Docker Roadshow 2016
Docker Roadshow 2016
 

Similar to Butter bei die Fische - Ein Jahr Entwicklung und Produktion mit Docker

Similar to Butter bei die Fische - Ein Jahr Entwicklung und Produktion mit Docker (20)

You, and Me, and Docker Makes Three
You, and Me, and Docker Makes ThreeYou, and Me, and Docker Makes Three
You, and Me, and Docker Makes Three
 
Docker and Microservice
Docker and MicroserviceDocker and Microservice
Docker and Microservice
 
Building Efficient Parallel Testing Platforms with Docker
Building Efficient Parallel Testing Platforms with DockerBuilding Efficient Parallel Testing Platforms with Docker
Building Efficient Parallel Testing Platforms with Docker
 
An introduction to configuring Domino for Docker
An introduction to configuring Domino for DockerAn introduction to configuring Domino for Docker
An introduction to configuring Domino for Docker
 
Efficient Parallel Testing with Docker by Laura Frank
Efficient Parallel Testing with Docker by Laura FrankEfficient Parallel Testing with Docker by Laura Frank
Efficient Parallel Testing with Docker by Laura Frank
 
Docker - A curtain raiser to the Container world
Docker - A curtain raiser to the Container worldDocker - A curtain raiser to the Container world
Docker - A curtain raiser to the Container world
 
Instant ColdFusion with Vagrant
Instant ColdFusion with VagrantInstant ColdFusion with Vagrant
Instant ColdFusion with Vagrant
 
Efficient Parallel Testing with Docker
Efficient Parallel Testing with DockerEfficient Parallel Testing with Docker
Efficient Parallel Testing with Docker
 
Use Docker to Enhance Your Testing
Use Docker to Enhance Your TestingUse Docker to Enhance Your Testing
Use Docker to Enhance Your Testing
 
Preparing your dockerised application for production deployment
Preparing your dockerised application for production deploymentPreparing your dockerised application for production deployment
Preparing your dockerised application for production deployment
 
Instant ColdFusion with Vagrant
Instant ColdFusion with VagrantInstant ColdFusion with Vagrant
Instant ColdFusion with Vagrant
 
Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to Docker
 
Killer Docker Workflows for Development
Killer Docker Workflows for DevelopmentKiller Docker Workflows for Development
Killer Docker Workflows for Development
 
Detailed Introduction To Docker
Detailed Introduction To DockerDetailed Introduction To Docker
Detailed Introduction To Docker
 
Virtualization, Containers, Docker and scalable container management services
Virtualization, Containers, Docker and scalable container management servicesVirtualization, Containers, Docker and scalable container management services
Virtualization, Containers, Docker and scalable container management services
 
A curtain-raiser to the container world Docker & Kubernetes
A curtain-raiser to the container world Docker & KubernetesA curtain-raiser to the container world Docker & Kubernetes
A curtain-raiser to the container world Docker & Kubernetes
 
DCEU 18: Building Your Development Pipeline
DCEU 18: Building Your Development PipelineDCEU 18: Building Your Development Pipeline
DCEU 18: Building Your Development Pipeline
 
Everything you need to know about Docker
Everything you need to know about DockerEverything you need to know about Docker
Everything you need to know about Docker
 
Week 8 lecture material
Week 8 lecture materialWeek 8 lecture material
Week 8 lecture material
 
Getting Started with Docker
Getting Started with DockerGetting Started with Docker
Getting Started with Docker
 

Recently uploaded

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers:  A Deep Dive into Serverless Spatial Data and FMECloud Frontiers:  A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 

Recently uploaded (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers:  A Deep Dive into Serverless Spatial Data and FMECloud Frontiers:  A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 

Butter bei die Fische - Ein Jahr Entwicklung und Produktion mit Docker