Patterns and antipatterns in Docker image lifecycle as was presented at DC Docker Meetup August 2017
•
0 likes•417 views
While Docker has enabled an unprecedented velocity of software production, it is all too easy to spin out of control. A promotion-based model is required to control and track the flow of Docker images as much as it is required for a traditional software development lifecycle. New tools often introduce new paradigms. We will examine the patterns and the antipatterns for Docker image management, and what impact the new tools have on the battle-proven paradigms of the software development lifecycle.
Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Similar to Patterns and antipatterns in Docker image lifecycle as was presented at DC Docker Meetup August 2017
Similar to Patterns and antipatterns in Docker image lifecycle as was presented at DC Docker Meetup August 2017 (20)
More from Baruch Sadogursky
More from Baruch Sadogursky (20)
Recently uploaded
Recently uploaded (20)
Patterns and antipatterns in Docker image lifecycle as was presented at DC Docker Meetup August 2017
- 2. whoami Baruch Sadogursky, JFrog Developer Advocate, @jbaruch
- 3. Show notes! • http://jfrog.com/shownotes – Video (soon!) – Slides – Links – Feedback – Raffle! (come early)
- 4. JFrog Xray
- 5. Poll Time!
- 6. Poll Time! üHeard about Docker üCan do the tutorial üPoCing, playing etc. üProduction, baby! @JBARUCH #DOCKERDC HTTP://JFROG.COM/SHOWNOTES
- 10. JFrog Artifactory + Docker @JBARUCH #DOCKERDC HTTP://JFROG.COM/SHOWNOTES
- 11. Who’s using Docker and nothing else?
- 14. The Promotion Pyramid Development builds Dev Integration tests Integr. tests Staging Pre-Prod Prod Amount of builds Build/Deploy time Amount of binaries
- 15. Pipeline: Quality Gates and Visibility Source: Agile ALM, Michael Hüttermann, Manning Publications Co. @JBARUCH #DOCKERDC HTTP://JFROG.COM/SHOWNOTES
- 16. $docker build @JBARUCH #DOCKERDC HTTP://JFROG.COM/SHOWNOTES
- 18. Let’s docker build in every env! @JBARUCH #DOCKERDC HTTP://JFROG.COM/SHOWNOTES
- 20. That’s why. @JBARUCH #DOCKERDC HTTP://JFROG.COM/SHOWNOTES FROM ubuntu RUN apt-get install -y software-properties-common python RUN apt-get install -y nodejs RUN mkdir /var/www ADD app.js /var/www/app.js CMD ["/usr/bin/node", "/var/www/app.js"] Latest version Latest version Latest version Latest version
- 21. That’s why. @JBARUCH #DOCKERDC HTTP://JFROG.COM/SHOWNOTES FROM ubuntu:14.04 RUN apt-get install -y software-properties-common python RUN apt-get install -y nodejs RUN mkdir /var/www ADD app.js /var/www/app.js CMD ["/usr/bin/node", "/var/www/app.js"] Better now?
- 22. That’s why. @JBARUCH #DOCKERDC HTTP://JFROG.COM/SHOWNOTES FROM ubuntu:4033353383af19ec179c01dda7f355a246c6adcafaf93c8f98 RUN apt-get install -y software-properties-common python RUN apt-get install -y nodejs RUN mkdir /var/www ADD app.js /var/www/app.js CMD ["/usr/bin/node", "/var/www/app.js"] And now?
- 23. That’s why. @JBARUCH #DOCKERDC HTTP://JFROG.COM/SHOWNOTES FROM ubuntu:4033353383af19ec179c01dda7f355a246c6adcafaf93c8f98 RUN apt-get install -y software-properties-common python RUN apt-get install -y nodejs RUN mkdir /var/www ADD app.js /var/www/app.js CMD ["/usr/bin/node", "/var/www/app.js"] And now?What about those?
- 24. That’s why. @JBARUCH #DOCKERDC HTTP://JFROG.COM/SHOWNOTES FROM ubuntu:4033353383af19ec179c01dda7f355a246c6adcafaf93c8f98 RUN mvn clean install CMD ”java –jar Main.class" What about this?
- 25. That’s why. @JBARUCH #DOCKERDC HTTP://JFROG.COM/SHOWNOTES FROM ubuntu:4033353383af19ec179c01dda7f355a246c6adcafaf93c8f98 RUN download_random_sh*t_from_the_internet.sh CMD ["/usr/bin/node", "/var/www/app.js"] And how about this?
- 26. That’s why you don’t trust Docker @JBARUCH #DOCKERDC HTTP://JFROG.COM/SHOWNOTES
- 27. Traditional Server Pattern http://martinfowler.com/bliki/ImmutableServer.html @JBARUCH #DOCKERDC HTTP://JFROG.COM/SHOWNOTES
- 28. Immutable Server Pattern http://martinfowler.com/bliki/ImmutableServer.html @JBARUCH #DOCKERDC HTTP://JFROG.COM/SHOWNOTES
- 31. What’s up with the gates?!
- 33. What’s up with the gates?!
- 34. What’s up with the gates?! - QA shouldn’t test dev images
- 35. What’s up with the gates?! - QA shouldn’t test dev images - non-tested images shouldn't be staged
- 36. What’s up with the gates?! - QA shouldn’t test dev images - non-tested images shouldn't be staged - non-staged, non-tested or dev images shouldn’t end up in production!!!
- 37. Not so fast… @JBARUCH #DOCKERDC HTTP://JFROG.COM/SHOWNOTES
- 38. Trumped-up limitations @JBARUCH #DOCKERDC HTTP://JFROG.COM/SHOWNOTES
- 39. The Anatomy of Docker Tag @JBARUCH #DOCKERDC HTTP://JFROG.COM/SHOWNOTES
- 41. How can we support this? https://host:8081/artifactory/docker-dev/busybox https://host:8081/artifactory/docker-staging/busybox https://host:8081/artifactory/docker-qa/busybox https://host:8081/artifactory/docker-prod/busybox @JBARUCH #DOCKERDC HTTP://JFROG.COM/SHOWNOTES
- 42. “ONE REGISTRY PER HOST OUGHT TO BE ENOUGH FOR ANYBODY.”
- 44. Virtual hosts/ports to the rescue Registry host Tag name docker tag host:port/busybox
- 45. Virtual hosts/ports to the rescue https://host:port/v2/busybox Registry host Tag name docker tag host:port/busybox
- 46. Virtual hosts/ports to the rescue https://host:8081/artifactory/docker-dev/busybox Virtual repository name Tag name https://host:port/v2/busybox Context name Registry host Tag name docker tag host:port/busybox
- 47. server { listen 5001; server_name 192.168.99.100; if ($http_x_forwarded_proto = '') { set $http_x_forwarded_proto $scheme; } rewrite ^/(v1|v2)/(.*) /artifactory/api/docker/docker-dev/$1/$2; … } } @JBARUCH #DOCKERDC HTTP://JFROG.COM/SHOWNOTES
- 48. But then you realize… Wait a second, now I need to pull, retag and push for every step?!
- 51. Anatomy of a container @JBARUCH #DOCKERDC HTTP://JFROG.COM/SHOWNOTES
- 53. Framework build - Verified base image - Add system dependencies from artifactory - JDK - wildfly - Own it!
- 54. Minimal Framework build Dockerfile FROM centos:7 MAINTAINER you@yourorg.com @JBARUCH #DOCKERDC HTTP://JFROG.COM/SHOWNOTES
- 55. Application build - Framework is your base - Run a java build - Add a file to base - Done!
- 56. Application build Dockerfile FROM yourorg-docker.jfrog.io/yourorg/framework:latest MAINTAINER you@yourorg.com ADD https://yourorg.jfrog.io/yourorg/java-release-local/…/app-[RELEASE].war /opt/jboss/wildfly/standalone/deployments/app.war @JBARUCH #DOCKERDC HTTP://JFROG.COM/SHOWNOTES
- 57. Application build Dockerfile FROM yourorg-docker.jfrog.io/yourorg/framework:latest MAINTAINER you@yourorg.com ADD https://yourorg.jfrog.io/yourorg/java-release-local/…/app-[RELEASE].war /opt/jboss/wildfly/standalone/deployments/app.war @JBARUCH #DOCKERDC HTTP://JFROG.COM/SHOWNOTES
- 58. Application build Dockerfile FROM yourorg-docker.jfrog.io/yourorg/framework:latest MAINTAINER you@yourorg.com ADD https://yourorg.jfrog.io/yourorg/java-release-local/…/app-[RELEASE].war /opt/jboss/wildfly/standalone/deployments/app.war @JBARUCH #DOCKERDC HTTP://JFROG.COM/SHOWNOTES
- 59. Application build Dockerfile FROM yourorg-docker.jfrog.io/yourorg/framework:latest MAINTAINER you@yourorg.com ADD https://yourorg.jfrog.io/yourorg/java-release-local/…/app-[RELEASE].war /opt/jboss/wildfly/standalone/deployments/app.war @JBARUCH #DOCKERDC HTTP://JFROG.COM/SHOWNOTES
- 67. HIGH QUALITY (software and information) SPEED LOW COST (automation) Fast releases > Modular > Automation Conclusions: Release Fast or Die!
- 68. Q&A and Links • @jbaruch • #DockerDC • http://jfrog.com/shownotes – Video (soon!) – Slides – Links – Feedback – Raffle! (come early)