SlideShare a Scribd company logo

Packing It In: Images, Containers and Config Management

Download as PPT, PDF
Michael Goetz
Michael Goetz

Learn about the many different tools gaining momentum to manage system configurations. Hear about when you should think about configuration management tools and when it might be OK to just pack it into a re-usable image. We’ll cover the basics around Docker and Packer before diving into a full-stack example leveraging all three topics in harmony together.

Technology
1 of 24
Packing It In: Images, Containers, and Config Management LOPSA-East 2014 Michael Goetz mpgoetz@getchef.com
Who am I? • Michael Goetz • Sr. Consulting Engineer @ Chef • @michaelpgoetz
This talk isn’t about joining a cult... • Lots of opinions about the “only right way” • Use a combination that makes you fast, safe and secure • Use a toolbox, not one tool http://static.tvtropes.org/pmwiki/pub/images/cult.jpg
So what are my options? • Artisanal machines made of metal and sweat • Pristine virtual machines • Isolated containers • Just-in-time automatic configuration management • All (or some) of the above?
Artisanal machines made of metal and sweat • If you want to work on artisan crafts, take up woodworking http://www.juggernautwoodworking.com/images/carve.jpg
Containers vs. Virtual Machines • Containers consist of an application and its dependencies, running in isolation in userland outside the kernel. • Virtual Machines create an entire machine, including a fully functional operating system. https://www.docker.io/static/img/about/docker_vm.jpg
Hurray! We can go back to golden images, right? • The “golden image” problem still exists with containers, but on a much smaller scale • A dozen “server” images become dozens of “container” images • AUFS layering mitigates some sprawl, but has a limit • Modularity of applications without convergence of the entire system just kicks the can down the road http://images.smh.com.au/2011/10/28/2737998/ipad-art-wide-shipping-420x0.jpg
What about configuration management? • Convergence - coming to a desired end state • Congruence - building a result from a blank state • Always building from scratch can be time consuming • Specification of application versions becomes extremely important • Changes can happen unexpectedly if you don’t plan ahead Convergence is like fixing the outcome and compute the route (like a GPS finder), and congruence is about repeating a recipe in a sequence of known steps to massage a system into shape” – Mark Burgess
Let’s talk real world here... • My application system has: • An OS layer that rarely changes • A few supporting applications that change semi- frequently • My application code that changes rapidly • This can translate to: • VM image to act as a base OS + some deltas • Container images for supporting applications • Configuration management to maintain overall state
So wait... that still seems like a lot of work • With 3 layers of your application stack to maintain, it feels like the maintenance demand will only go up • We’ll use three tools to manage each layer: • Packer - building and maintaining images • Docker - running and managing the containers • Chef - managing the real-time automated configuration, image build steps and VM provisioning
What is Packer? • Half the battle is keeping VM images up-to-date • Refreshing images == table flipping rage • Packer creates identical machine images from a single source configuration • Makes programmatically building VM images super easy! { "builders”: [{ "type": "amazon-ebs", "region": "us-east-1", "source_ami": "ami-8ade42ba”, "instance_type": "m3.medium", "ssh_username": "ubuntu", "ami_name": "my ami {{timestamp}}" }], "provisioners": [{ "type": "chef-solo", "cookbook_paths": ["cookbooks"], "json": { "name": "my_node", "run_list": [ "recipe[packer]", "recipe[docker]", "recipe[my_application]" ] } } ]}
What is Docker? • Docker combines an execution driver with AUFS to create portable, lightweight application containers • Execution drivers customize the execution environment surrounding each container (LXC, libcontainer, Solaris Zones, chroot, etc) • Docker images can be shared via a public or private registry • Packer has built-in support for building Docker images • Does not use Dockerfiles • Can use existing shell scripts, Chef recipes, etc.
What is Chef? • Automation platform that manages infrastructure as code • Reusable recipes across your entire infrastructure • Topology data made available across entire infrastructure • Runs on demand or as a managed service to keep infrastructure convergent
Let’s get to building! • Solid foundation == key to success • Identify the core components unlikely to change often • Security policies/applications • Image hardening • Core component packages • Docker tooling • Create a minimal base VM, combined with the components that are consistently configured across your entire application infrastructure
Demo: Building the VM
Building the Docker containers • Repeatable factory for building Docker images • Minimal isolation is key - create the smallest Docker images that will work • Don’t overload with multiple applications! • We could use Packer to build Docker images, but then we lose metadata and layering (for now!)
Demo: Building the Docker containers
Bringing it all together • VM images and Docker containers aren’t the whole story • Chef provisions servers with the base VM and manage Docker containers • Ongoing convergence of desired state is managed by Chef
Demo: Using Chef to manage the entire system
Wrapping Up • Don’t join a cult • Use what works to make things faster, more secure and more stable • Keep the base VM small, but not too small • Use containers to manage isolated, reusable application processes • Maintain a convergent infrastructure with automated configuration management
More Info • Packer - http://www.packer.io/ • Docker - https://www.docker.io/ • Chef - http://www.getchef.com/ • Docker-chef - https://github.com/bflad/chef-docker • Dockworker cookbook - https://github.com/micgo/dockworker
We’re Hiring (and so are others)! http://www.getchef.com/careers/ http://www.getchef.com/jobboard/
Thank You! Michael Goetz mpgoetz@getchef.com @michaelpgoetz

Recommended

Packing It In: Images, Containers, and Config Management
Packing It In: Images, Containers, and Config ManagementPacking It In: Images, Containers, and Config Management
Packing It In: Images, Containers, and Config ManagementMichael Goetz
 
Docker presentation for sharing
Docker presentation for sharingDocker presentation for sharing
Docker presentation for sharingWaruna Viraj Perera
 
Essential git for developers
Essential git for developersEssential git for developers
Essential git for developersAidan Casey
 
Kudu voodoo slideshare
Kudu voodoo slideshareKudu voodoo slideshare
Kudu voodoo slideshareAidan Casey
 
The 7 deadly sins of micro services
The 7 deadly sins of micro servicesThe 7 deadly sins of micro services
The 7 deadly sins of micro servicesAidan Casey
 
ISACA SV Chapter: Securing Software Supply Chains
ISACA SV Chapter: Securing Software Supply ChainsISACA SV Chapter: Securing Software Supply Chains
ISACA SV Chapter: Securing Software Supply ChainsJim Bugwadia
 
The 7 deadly sins of micro services
The 7 deadly sins of micro servicesThe 7 deadly sins of micro services
The 7 deadly sins of micro servicesAidan Casey
 
Improved development workflows using vagrant
Improved development workflows using vagrantImproved development workflows using vagrant
Improved development workflows using vagrantMakis Asimidis
 

Recommended

Packing It In: Images, Containers, and Config Management
Packing It In: Images, Containers, and Config ManagementPacking It In: Images, Containers, and Config Management
Packing It In: Images, Containers, and Config ManagementMichael Goetz
 
Docker presentation for sharing
Docker presentation for sharingDocker presentation for sharing
Docker presentation for sharingWaruna Viraj Perera
 
Essential git for developers
Essential git for developersEssential git for developers
Essential git for developersAidan Casey
 
Kudu voodoo slideshare
Kudu voodoo slideshareKudu voodoo slideshare
Kudu voodoo slideshareAidan Casey
 
The 7 deadly sins of micro services
The 7 deadly sins of micro servicesThe 7 deadly sins of micro services
The 7 deadly sins of micro servicesAidan Casey
 
ISACA SV Chapter: Securing Software Supply Chains
ISACA SV Chapter: Securing Software Supply ChainsISACA SV Chapter: Securing Software Supply Chains
ISACA SV Chapter: Securing Software Supply ChainsJim Bugwadia
 
The 7 deadly sins of micro services
The 7 deadly sins of micro servicesThe 7 deadly sins of micro services
The 7 deadly sins of micro servicesAidan Casey
 
Improved development workflows using vagrant
Improved development workflows using vagrantImproved development workflows using vagrant
Improved development workflows using vagrantMakis Asimidis
 
Serverless
ServerlessServerless
ServerlessVishwas N
 
Vagrant for Effective DevOps Culture
Vagrant for Effective DevOps CultureVagrant for Effective DevOps Culture
Vagrant for Effective DevOps CultureVaidik Kapoor
 
Continuous Delivery and Infrastructure as Code
Continuous Delivery and Infrastructure as CodeContinuous Delivery and Infrastructure as Code
Continuous Delivery and Infrastructure as CodeSascha Möllering
 
Microservices without servers
Microservices without serversMicroservices without servers
Microservices without servers99X Technology
 
Implementation of the Continuous Integration based on Atlassian Bamboo
Implementation of the Continuous Integration based on Atlassian Bamboo Implementation of the Continuous Integration based on Atlassian Bamboo
Implementation of the Continuous Integration based on Atlassian BambooАнете Аннемария
 
Mini-training: Let’s Git It!
Mini-training: Let’s Git It!Mini-training: Let’s Git It!
Mini-training: Let’s Git It!Betclic Everest Group Tech Team
 
Microservices: Living Large in Your Castle Made of Sand
Microservices: Living Large in Your Castle Made of SandMicroservices: Living Large in Your Castle Made of Sand
Microservices: Living Large in Your Castle Made of SandMongoDB
 
Rapid CQ deployments by Jakub Wadolowski
Rapid CQ deployments by Jakub WadolowskiRapid CQ deployments by Jakub Wadolowski
Rapid CQ deployments by Jakub WadolowskiAEM HUB
 
Voxxed Athens 2018 - Java EE is dead Long live jakarta EE!
Voxxed Athens 2018 - Java EE is dead Long live jakarta EE!Voxxed Athens 2018 - Java EE is dead Long live jakarta EE!
Voxxed Athens 2018 - Java EE is dead Long live jakarta EE!Voxxed Athens
 
Making maven and grunt play nice
Making maven and grunt play niceMaking maven and grunt play nice
Making maven and grunt play niceZoran Nikolovski
 
Continous Delivery with CQ
Continous Delivery with CQContinous Delivery with CQ
Continous Delivery with CQolibur
 
Infrastructure as Code
Infrastructure as CodeInfrastructure as Code
Infrastructure as CodeSascha Möllering
 
Jenkins scaling best practices
Jenkins scaling best practicesJenkins scaling best practices
Jenkins scaling best practicesHenry McBride
 
Docker With Asp.net Core
Docker With Asp.net CoreDocker With Asp.net Core
Docker With Asp.net CoreFatih Şimşek
 
Deploy applications with TFS Build
Deploy applications with TFS BuildDeploy applications with TFS Build
Deploy applications with TFS BuildGian Maria Ricci
 
Towards automated testing - CloudStack Collab Conference
Towards automated testing - CloudStack Collab ConferenceTowards automated testing - CloudStack Collab Conference
Towards automated testing - CloudStack Collab Conferenceamoghvk
 
From zero to hero with Docker
From zero to hero with DockerFrom zero to hero with Docker
From zero to hero with DockerMaurice De Beijer [MVP]
 
ThatConference 2016 - Highly Available Node.js
ThatConference 2016 - Highly Available Node.jsThatConference 2016 - Highly Available Node.js
ThatConference 2016 - Highly Available Node.jsBrad Williams
 
The Story of Automation
The Story of AutomationThe Story of Automation
The Story of Automation99X Technology
 
Infrastructure as Code (IaC)
Infrastructure as Code (IaC)Infrastructure as Code (IaC)
Infrastructure as Code (IaC)Srinivas Kantipudi
 
Compliance at Velocity with Chef (2)
Compliance at Velocity with Chef (2)Compliance at Velocity with Chef (2)
Compliance at Velocity with Chef (2)Toby Thorslund
 
Compliance at Velocity with Chef
Compliance at Velocity with ChefCompliance at Velocity with Chef
Compliance at Velocity with ChefJames Casey
 

More Related Content

What's hot

Vagrant for Effective DevOps Culture
Vagrant for Effective DevOps CultureVagrant for Effective DevOps Culture
Vagrant for Effective DevOps CultureVaidik Kapoor
 
Continuous Delivery and Infrastructure as Code
Continuous Delivery and Infrastructure as CodeContinuous Delivery and Infrastructure as Code
Continuous Delivery and Infrastructure as CodeSascha Möllering
 
Microservices without servers
Microservices without serversMicroservices without servers
Microservices without servers99X Technology
 
Implementation of the Continuous Integration based on Atlassian Bamboo
Implementation of the Continuous Integration based on Atlassian Bamboo Implementation of the Continuous Integration based on Atlassian Bamboo
Implementation of the Continuous Integration based on Atlassian BambooАнете Аннемария
 
Microservices: Living Large in Your Castle Made of Sand
Microservices: Living Large in Your Castle Made of SandMicroservices: Living Large in Your Castle Made of Sand
Microservices: Living Large in Your Castle Made of SandMongoDB
 
Rapid CQ deployments by Jakub Wadolowski
Rapid CQ deployments by Jakub WadolowskiRapid CQ deployments by Jakub Wadolowski
Rapid CQ deployments by Jakub WadolowskiAEM HUB
 
Voxxed Athens 2018 - Java EE is dead Long live jakarta EE!
Voxxed Athens 2018 - Java EE is dead Long live jakarta EE!Voxxed Athens 2018 - Java EE is dead Long live jakarta EE!
Voxxed Athens 2018 - Java EE is dead Long live jakarta EE!Voxxed Athens
 
Making maven and grunt play nice
Making maven and grunt play niceMaking maven and grunt play nice
Making maven and grunt play niceZoran Nikolovski
 
Continous Delivery with CQ
Continous Delivery with CQContinous Delivery with CQ
Continous Delivery with CQolibur
 
Jenkins scaling best practices
Jenkins scaling best practicesJenkins scaling best practices
Jenkins scaling best practicesHenry McBride
 
Docker With Asp.net Core
Docker With Asp.net CoreDocker With Asp.net Core
Docker With Asp.net CoreFatih Şimşek
 
Deploy applications with TFS Build
Deploy applications with TFS BuildDeploy applications with TFS Build
Deploy applications with TFS BuildGian Maria Ricci
 
Towards automated testing - CloudStack Collab Conference
Towards automated testing - CloudStack Collab ConferenceTowards automated testing - CloudStack Collab Conference
Towards automated testing - CloudStack Collab Conferenceamoghvk
 
ThatConference 2016 - Highly Available Node.js
ThatConference 2016 - Highly Available Node.jsThatConference 2016 - Highly Available Node.js
ThatConference 2016 - Highly Available Node.jsBrad Williams
 
The Story of Automation
The Story of AutomationThe Story of Automation
The Story of Automation99X Technology
 

What's hot (20)

Serverless
ServerlessServerless
Serverless
 
Vagrant for Effective DevOps Culture
Vagrant for Effective DevOps CultureVagrant for Effective DevOps Culture
Vagrant for Effective DevOps Culture
 
Continuous Delivery and Infrastructure as Code
Continuous Delivery and Infrastructure as CodeContinuous Delivery and Infrastructure as Code
Continuous Delivery and Infrastructure as Code
 
Microservices without servers
Microservices without serversMicroservices without servers
Microservices without servers
 
Implementation of the Continuous Integration based on Atlassian Bamboo
Implementation of the Continuous Integration based on Atlassian Bamboo Implementation of the Continuous Integration based on Atlassian Bamboo
Implementation of the Continuous Integration based on Atlassian Bamboo
 
Mini-training: Let’s Git It!
Mini-training: Let’s Git It!Mini-training: Let’s Git It!
Mini-training: Let’s Git It!
 
Microservices: Living Large in Your Castle Made of Sand
Microservices: Living Large in Your Castle Made of SandMicroservices: Living Large in Your Castle Made of Sand
Microservices: Living Large in Your Castle Made of Sand
 
Rapid CQ deployments by Jakub Wadolowski
Rapid CQ deployments by Jakub WadolowskiRapid CQ deployments by Jakub Wadolowski
Rapid CQ deployments by Jakub Wadolowski
 
Voxxed Athens 2018 - Java EE is dead Long live jakarta EE!
Voxxed Athens 2018 - Java EE is dead Long live jakarta EE!Voxxed Athens 2018 - Java EE is dead Long live jakarta EE!
Voxxed Athens 2018 - Java EE is dead Long live jakarta EE!
 
Making maven and grunt play nice
Making maven and grunt play niceMaking maven and grunt play nice
Making maven and grunt play nice
 
Continous Delivery with CQ
Continous Delivery with CQContinous Delivery with CQ
Continous Delivery with CQ
 
Infrastructure as Code
Infrastructure as CodeInfrastructure as Code
Infrastructure as Code
 
Jenkins scaling best practices
Jenkins scaling best practicesJenkins scaling best practices
Jenkins scaling best practices
 
Docker With Asp.net Core
Docker With Asp.net CoreDocker With Asp.net Core
Docker With Asp.net Core
 
Deploy applications with TFS Build
Deploy applications with TFS BuildDeploy applications with TFS Build
Deploy applications with TFS Build
 
Towards automated testing - CloudStack Collab Conference
Towards automated testing - CloudStack Collab ConferenceTowards automated testing - CloudStack Collab Conference
Towards automated testing - CloudStack Collab Conference
 
From zero to hero with Docker
From zero to hero with DockerFrom zero to hero with Docker
From zero to hero with Docker
 
ThatConference 2016 - Highly Available Node.js
ThatConference 2016 - Highly Available Node.jsThatConference 2016 - Highly Available Node.js
ThatConference 2016 - Highly Available Node.js
 
The Story of Automation
The Story of AutomationThe Story of Automation
The Story of Automation
 
Infrastructure as Code (IaC)
Infrastructure as Code (IaC)Infrastructure as Code (IaC)
Infrastructure as Code (IaC)
 

Viewers also liked

Compliance at Velocity with Chef (2)
Compliance at Velocity with Chef (2)Compliance at Velocity with Chef (2)
Compliance at Velocity with Chef (2)Toby Thorslund
 
Compliance at Velocity with Chef
Compliance at Velocity with ChefCompliance at Velocity with Chef
Compliance at Velocity with ChefJames Casey
 
Chef: Compliance @ Velocity
Chef: Compliance @ VelocityChef: Compliance @ Velocity
Chef: Compliance @ VelocityChef
 
Chef Compliance & Workflow w/Delivery
Chef Compliance & Workflow w/Delivery Chef Compliance & Workflow w/Delivery
Chef Compliance & Workflow w/Delivery Chef
 
AWS OpsWorks for Chef Automate
AWS OpsWorks for Chef AutomateAWS OpsWorks for Chef Automate
AWS OpsWorks for Chef AutomatePolarSeven Pty Ltd
 
Compliance as Code: Velocity with Security - Fraser Pollock, Chef
Compliance as Code: Velocity with Security - Fraser Pollock, ChefCompliance as Code: Velocity with Security - Fraser Pollock, Chef
Compliance as Code: Velocity with Security - Fraser Pollock, ChefAlert Logic
 
Using Chef for Automated Infrastructure in the Cloud
Using Chef for Automated Infrastructure in the CloudUsing Chef for Automated Infrastructure in the Cloud
Using Chef for Automated Infrastructure in the CloudJesse Robbins
 
TXLF: Automated Deployment of OpenStack with Chef
TXLF: Automated Deployment of OpenStack with ChefTXLF: Automated Deployment of OpenStack with Chef
TXLF: Automated Deployment of OpenStack with ChefMatt Ray
 
Chef compliance - Intermediate Training
Chef compliance - Intermediate TrainingChef compliance - Intermediate Training
Chef compliance - Intermediate TrainingSarah Hynes Cheney
 
Compliance Automation with Inspec Part 1
Compliance Automation with Inspec Part 1Compliance Automation with Inspec Part 1
Compliance Automation with Inspec Part 1Chef
 
London Community Summit 2016 - Chef Automate
London Community Summit 2016 - Chef AutomateLondon Community Summit 2016 - Chef Automate
London Community Summit 2016 - Chef AutomateChef
 
Chef Fundamentals Training Series Module 1: Overview of Chef
Chef Fundamentals Training Series Module 1: Overview of ChefChef Fundamentals Training Series Module 1: Overview of Chef
Chef Fundamentals Training Series Module 1: Overview of ChefChef Software, Inc.
 
Compliance Automation Workshop
Compliance Automation WorkshopCompliance Automation Workshop
Compliance Automation WorkshopChef
 
Overview of Chef - Fundamentals Webinar Series Part 1
Overview of Chef - Fundamentals Webinar Series Part 1Overview of Chef - Fundamentals Webinar Series Part 1
Overview of Chef - Fundamentals Webinar Series Part 1Chef
 

Viewers also liked (15)

Compliance at Velocity with Chef (2)
Compliance at Velocity with Chef (2)Compliance at Velocity with Chef (2)
Compliance at Velocity with Chef (2)
 
Compliance at Velocity with Chef
Compliance at Velocity with ChefCompliance at Velocity with Chef
Compliance at Velocity with Chef
 
Chef: Compliance @ Velocity
Chef: Compliance @ VelocityChef: Compliance @ Velocity
Chef: Compliance @ Velocity
 
Chef Compliance & Workflow w/Delivery
Chef Compliance & Workflow w/Delivery Chef Compliance & Workflow w/Delivery
Chef Compliance & Workflow w/Delivery
 
AWS OpsWorks for Chef Automate
AWS OpsWorks for Chef AutomateAWS OpsWorks for Chef Automate
AWS OpsWorks for Chef Automate
 
Compliance as Code: Velocity with Security - Fraser Pollock, Chef
Compliance as Code: Velocity with Security - Fraser Pollock, ChefCompliance as Code: Velocity with Security - Fraser Pollock, Chef
Compliance as Code: Velocity with Security - Fraser Pollock, Chef
 
Using Chef for Automated Infrastructure in the Cloud
Using Chef for Automated Infrastructure in the CloudUsing Chef for Automated Infrastructure in the Cloud
Using Chef for Automated Infrastructure in the Cloud
 
TXLF: Automated Deployment of OpenStack with Chef
TXLF: Automated Deployment of OpenStack with ChefTXLF: Automated Deployment of OpenStack with Chef
TXLF: Automated Deployment of OpenStack with Chef
 
Chef compliance - Intermediate Training
Chef compliance - Intermediate TrainingChef compliance - Intermediate Training
Chef compliance - Intermediate Training
 
Compliance Automation with Inspec Part 1
Compliance Automation with Inspec Part 1Compliance Automation with Inspec Part 1
Compliance Automation with Inspec Part 1
 
London Community Summit 2016 - Chef Automate
London Community Summit 2016 - Chef AutomateLondon Community Summit 2016 - Chef Automate
London Community Summit 2016 - Chef Automate
 
Chef Fundamentals Training Series Module 1: Overview of Chef
Chef Fundamentals Training Series Module 1: Overview of ChefChef Fundamentals Training Series Module 1: Overview of Chef
Chef Fundamentals Training Series Module 1: Overview of Chef
 
Compliance Automation Workshop
Compliance Automation WorkshopCompliance Automation Workshop
Compliance Automation Workshop
 
Overview of Chef - Fundamentals Webinar Series Part 1
Overview of Chef - Fundamentals Webinar Series Part 1Overview of Chef - Fundamentals Webinar Series Part 1
Overview of Chef - Fundamentals Webinar Series Part 1
 
DevOps and Chef
DevOps and ChefDevOps and Chef
DevOps and Chef
 

Similar to Packing It In: Images, Containers and Config Management

eZ Publish 5: from zero to automated deployment (and no regressions!) in one ...
eZ Publish 5: from zero to automated deployment (and no regressions!) in one ...eZ Publish 5: from zero to automated deployment (and no regressions!) in one ...
eZ Publish 5: from zero to automated deployment (and no regressions!) in one ...Gaetano Giunta
 
An introduction to configuring Domino for Docker
An introduction to configuring Domino for DockerAn introduction to configuring Domino for Docker
An introduction to configuring Domino for DockerGabriella Davis
 
Packaging tool options
Packaging tool optionsPackaging tool options
Packaging tool optionsLen Bass
 
OSDC 2013 | Introduction into Chef by Andy Hawkins
OSDC 2013 | Introduction into Chef by Andy HawkinsOSDC 2013 | Introduction into Chef by Andy Hawkins
OSDC 2013 | Introduction into Chef by Andy HawkinsNETWAYS
 
Alternatives to layer-based image distribution: using CERN filesystem for images
Alternatives to layer-based image distribution: using CERN filesystem for imagesAlternatives to layer-based image distribution: using CERN filesystem for images
Alternatives to layer-based image distribution: using CERN filesystem for imagesGeorge Lestaris
 
Preparing your dockerised application for production deployment
Preparing your dockerised application for production deploymentPreparing your dockerised application for production deployment
Preparing your dockerised application for production deploymentDave Ward
 
Rami Sayar - Node microservices with Docker
Rami Sayar - Node microservices with DockerRami Sayar - Node microservices with Docker
Rami Sayar - Node microservices with DockerWeb à Québec
 
Introduction to Containers - SQL Server and Docker
Introduction to Containers - SQL Server and DockerIntroduction to Containers - SQL Server and Docker
Introduction to Containers - SQL Server and DockerChris Taylor
 
Containerize all the things!
Containerize all the things!Containerize all the things!
Containerize all the things!Mike Melusky
 
The Rocky Cloud Road
The Rocky Cloud RoadThe Rocky Cloud Road
The Rocky Cloud RoadGert Drapers
 
The container revolution, and what it means to operators bay lisa - july 2016
The container revolution, and what it means to operators bay lisa - july 2016The container revolution, and what it means to operators bay lisa - july 2016
The container revolution, and what it means to operators bay lisa - july 2016Robert Starmer
 
An Introduction To Docker
An Introduction To DockerAn Introduction To Docker
An Introduction To DockerGabriella Davis
 
Container Orchestration for .NET Developers
Container Orchestration for .NET DevelopersContainer Orchestration for .NET Developers
Container Orchestration for .NET DevelopersMike Melusky
 
Journey to Docker Production: Evolving Your Infrastructure and Processes - Br...
Journey to Docker Production: Evolving Your Infrastructure and Processes - Br...Journey to Docker Production: Evolving Your Infrastructure and Processes - Br...
Journey to Docker Production: Evolving Your Infrastructure and Processes - Br...Docker, Inc.
 
Docker for developers - The big picture
Docker for developers - The big pictureDocker for developers - The big picture
Docker for developers - The big pictureGeorge Dyrrahitis
 
Immutable infrastructure isn’t the answer
Immutable infrastructure isn’t the answerImmutable infrastructure isn’t the answer
Immutable infrastructure isn’t the answerSam Bashton
 
Sitecore on Azure
Sitecore on AzureSitecore on Azure
Sitecore on AzureClearPeople
 
Microservices: How loose is loosely coupled?
Microservices: How loose is loosely coupled?Microservices: How loose is loosely coupled?
Microservices: How loose is loosely coupled?John Rofrano
 
Infrastructure as Code Patterns
Infrastructure as Code PatternsInfrastructure as Code Patterns
Infrastructure as Code PatternsKris Buytaert
 

Similar to Packing It In: Images, Containers and Config Management (20)

eZ Publish 5: from zero to automated deployment (and no regressions!) in one ...
eZ Publish 5: from zero to automated deployment (and no regressions!) in one ...eZ Publish 5: from zero to automated deployment (and no regressions!) in one ...
eZ Publish 5: from zero to automated deployment (and no regressions!) in one ...
 
An introduction to configuring Domino for Docker
An introduction to configuring Domino for DockerAn introduction to configuring Domino for Docker
An introduction to configuring Domino for Docker
 
Packaging tool options
Packaging tool optionsPackaging tool options
Packaging tool options
 
OSDC 2013 | Introduction into Chef by Andy Hawkins
OSDC 2013 | Introduction into Chef by Andy HawkinsOSDC 2013 | Introduction into Chef by Andy Hawkins
OSDC 2013 | Introduction into Chef by Andy Hawkins
 
Alternatives to layer-based image distribution: using CERN filesystem for images
Alternatives to layer-based image distribution: using CERN filesystem for imagesAlternatives to layer-based image distribution: using CERN filesystem for images
Alternatives to layer-based image distribution: using CERN filesystem for images
 
Preparing your dockerised application for production deployment
Preparing your dockerised application for production deploymentPreparing your dockerised application for production deployment
Preparing your dockerised application for production deployment
 
Rami Sayar - Node microservices with Docker
Rami Sayar - Node microservices with DockerRami Sayar - Node microservices with Docker
Rami Sayar - Node microservices with Docker
 
Introduction to Containers - SQL Server and Docker
Introduction to Containers - SQL Server and DockerIntroduction to Containers - SQL Server and Docker
Introduction to Containers - SQL Server and Docker
 
Containerize all the things!
Containerize all the things!Containerize all the things!
Containerize all the things!
 
DevOps in Silos
DevOps in SilosDevOps in Silos
DevOps in Silos
 
The Rocky Cloud Road
The Rocky Cloud RoadThe Rocky Cloud Road
The Rocky Cloud Road
 
The container revolution, and what it means to operators bay lisa - july 2016
The container revolution, and what it means to operators bay lisa - july 2016The container revolution, and what it means to operators bay lisa - july 2016
The container revolution, and what it means to operators bay lisa - july 2016
 
An Introduction To Docker
An Introduction To DockerAn Introduction To Docker
An Introduction To Docker
 
Container Orchestration for .NET Developers
Container Orchestration for .NET DevelopersContainer Orchestration for .NET Developers
Container Orchestration for .NET Developers
 
Journey to Docker Production: Evolving Your Infrastructure and Processes - Br...
Journey to Docker Production: Evolving Your Infrastructure and Processes - Br...Journey to Docker Production: Evolving Your Infrastructure and Processes - Br...
Journey to Docker Production: Evolving Your Infrastructure and Processes - Br...
 
Docker for developers - The big picture
Docker for developers - The big pictureDocker for developers - The big picture
Docker for developers - The big picture
 
Immutable infrastructure isn’t the answer
Immutable infrastructure isn’t the answerImmutable infrastructure isn’t the answer
Immutable infrastructure isn’t the answer
 
Sitecore on Azure
Sitecore on AzureSitecore on Azure
Sitecore on Azure
 
Microservices: How loose is loosely coupled?
Microservices: How loose is loosely coupled?Microservices: How loose is loosely coupled?
Microservices: How loose is loosely coupled?
 
Infrastructure as Code Patterns
Infrastructure as Code PatternsInfrastructure as Code Patterns
Infrastructure as Code Patterns
 

Recently uploaded

New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????blackmambaettijean
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 

Recently uploaded (20)

New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 

Packing It In: Images, Containers and Config Management

  • 1. Packing It In: Images, Containers, and Config Management LOPSA-East 2014 Michael Goetz mpgoetz@getchef.com
  • 2. Who am I? • Michael Goetz • Sr. Consulting Engineer @ Chef • @michaelpgoetz
  • 3. This talk isn’t about joining a cult... • Lots of opinions about the “only right way” • Use a combination that makes you fast, safe and secure • Use a toolbox, not one tool http://static.tvtropes.org/pmwiki/pub/images/cult.jpg
  • 4. So what are my options? • Artisanal machines made of metal and sweat • Pristine virtual machines • Isolated containers • Just-in-time automatic configuration management • All (or some) of the above?
  • 5. Artisanal machines made of metal and sweat • If you want to work on artisan crafts, take up woodworking http://www.juggernautwoodworking.com/images/carve.jpg
  • 6. Containers vs. Virtual Machines • Containers consist of an application and its dependencies, running in isolation in userland outside the kernel. • Virtual Machines create an entire machine, including a fully functional operating system. https://www.docker.io/static/img/about/docker_vm.jpg
  • 7. Hurray! We can go back to golden images, right? • The “golden image” problem still exists with containers, but on a much smaller scale • A dozen “server” images become dozens of “container” images • AUFS layering mitigates some sprawl, but has a limit • Modularity of applications without convergence of the entire system just kicks the can down the road http://images.smh.com.au/2011/10/28/2737998/ipad-art-wide-shipping-420x0.jpg
  • 8. What about configuration management? • Convergence - coming to a desired end state • Congruence - building a result from a blank state • Always building from scratch can be time consuming • Specification of application versions becomes extremely important • Changes can happen unexpectedly if you don’t plan ahead Convergence is like fixing the outcome and compute the route (like a GPS finder), and congruence is about repeating a recipe in a sequence of known steps to massage a system into shape” – Mark Burgess
  • 9.
  • 10. Let’s talk real world here... • My application system has: • An OS layer that rarely changes • A few supporting applications that change semi- frequently • My application code that changes rapidly • This can translate to: • VM image to act as a base OS + some deltas • Container images for supporting applications • Configuration management to maintain overall state
  • 11. So wait... that still seems like a lot of work • With 3 layers of your application stack to maintain, it feels like the maintenance demand will only go up • We’ll use three tools to manage each layer: • Packer - building and maintaining images • Docker - running and managing the containers • Chef - managing the real-time automated configuration, image build steps and VM provisioning
  • 12. What is Packer? • Half the battle is keeping VM images up-to-date • Refreshing images == table flipping rage • Packer creates identical machine images from a single source configuration • Makes programmatically building VM images super easy! { "builders”: [{ "type": "amazon-ebs", "region": "us-east-1", "source_ami": "ami-8ade42ba”, "instance_type": "m3.medium", "ssh_username": "ubuntu", "ami_name": "my ami {{timestamp}}" }], "provisioners": [{ "type": "chef-solo", "cookbook_paths": ["cookbooks"], "json": { "name": "my_node", "run_list": [ "recipe[packer]", "recipe[docker]", "recipe[my_application]" ] } } ]}
  • 13. What is Docker? • Docker combines an execution driver with AUFS to create portable, lightweight application containers • Execution drivers customize the execution environment surrounding each container (LXC, libcontainer, Solaris Zones, chroot, etc) • Docker images can be shared via a public or private registry • Packer has built-in support for building Docker images • Does not use Dockerfiles • Can use existing shell scripts, Chef recipes, etc.
  • 14. What is Chef? • Automation platform that manages infrastructure as code • Reusable recipes across your entire infrastructure • Topology data made available across entire infrastructure • Runs on demand or as a managed service to keep infrastructure convergent
  • 15. Let’s get to building! • Solid foundation == key to success • Identify the core components unlikely to change often • Security policies/applications • Image hardening • Core component packages • Docker tooling • Create a minimal base VM, combined with the components that are consistently configured across your entire application infrastructure
  • 17. Building the Docker containers • Repeatable factory for building Docker images • Minimal isolation is key - create the smallest Docker images that will work • Don’t overload with multiple applications! • We could use Packer to build Docker images, but then we lose metadata and layering (for now!)
  • 18. Demo: Building the Docker containers
  • 19. Bringing it all together • VM images and Docker containers aren’t the whole story • Chef provisions servers with the base VM and manage Docker containers • Ongoing convergence of desired state is managed by Chef
  • 20. Demo: Using Chef to manage the entire system
  • 21. Wrapping Up • Don’t join a cult • Use what works to make things faster, more secure and more stable • Keep the base VM small, but not too small • Use containers to manage isolated, reusable application processes • Maintain a convergent infrastructure with automated configuration management
  • 22. More Info • Packer - http://www.packer.io/ • Docker - https://www.docker.io/ • Chef - http://www.getchef.com/ • Docker-chef - https://github.com/bflad/chef-docker • Dockworker cookbook - https://github.com/micgo/dockworker
  • 23. We’re Hiring (and so are others)! http://www.getchef.com/careers/ http://www.getchef.com/jobboard/