Skip to content

PHP UserGroup Hamburg - 2016-02-09 - Dockerizing PHP Applications

Following some notes about my the last php usergroup meetup.

By Sebastian Heuer

  • docker is not one tool but a whole ecosystem
    • machine (provisioning)
    • swarm (clustering and container scheduling)
    • compose (multi container application)
    • registry (image distribution)
    • engine (the container)
    • ktematic (gui)
  • pretty small compared to virtual box/full virtual machines
  • updating means, building a new container
  • theoretically, you can use all the images from the hub
    • always ask yourself if you want to use them in production
      • are they maintained
      • how secure are they
  • docker compose
    • builds and pulls images
    • runs containers
    • enables networking between containers
    • aggregates STDOUT and STDERR output

example Dockerfile

FROM php:7.0.2-fpm

RUN docker-php-ext-install pdo pdo_mysql

COPY php/php.ini /usr/local/etc/php/
# copy the content of the source code into the image
# you can ship this code version now
COPY . /srv/meetup-service

# the date in the container is not persistent
# if ypu change something in it, it will bill lost afterwards

CMD ["php-fpm"]

example docker-compose.yml

webserver:
  build: ./nginx    #path to the docker file and configuration etc
  links:
    - application
  ports:
    - "80:80"   #from port 80 to port 80
  volumesfrom:
    - application
application:
  build: ./meetup-service   #your project
  links:
    - database
  ports:
    - "9000:9000"
  volumes:
    - ./meetup-service:/srv/meetup-service  #mounting local source code into the container
  environment:
    - MYSQLHOST=database
    - MYSQLDATABASE=application
    - MYSQLUSER=root
    - MYSQLPASSWORD=parola
database:
  image: mysql:5.7  #no build path, instead an image is used
  volumes:
    - /var/lib/mysql
  ports:
    - "3306:3306"
  environment:
    - MYSQLROOTPASSWORD=docker
    - MYSQLDATABASE=app

Translate to de es fr it pt ja

docker links cw 33

Translate to de es fr it pt ja

docker links cw 32

Translate to de es fr it pt ja

Categories: os
Defined tags for this entry: , , , ,
Vote for articles fresher than 7 days!
Derzeitige Beurteilung: 1 of 5, 2 Stimme(n) 915 hits

docker links cw 31

Translate to de es fr it pt ja

docker links cw 29

Translate to de es fr it pt ja

Categories: os
Defined tags for this entry: , , ,
Vote for articles fresher than 7 days!
[0] 1196 hits

docker links cw 28

Translate to de es fr it pt ja

Categories: os
Defined tags for this entry: , , ,
Vote for articles fresher than 7 days!
[0] 951 hits

docker links cw 26

Translate to de es fr it pt ja

Categories: os
Defined tags for this entry: , , ,
Vote for articles fresher than 7 days!
[-2] 966 hits

docker links cw 25

Translate to de es fr it pt ja

Categories: os
Defined tags for this entry: , , ,
Vote for articles fresher than 7 days!
[-2] 975 hits

Introduction Into Docker and Continous Delivery with Docker - Docker Usergroup Hamburg 09.06.2014

Docker UserGroup Hamburg

Introduction Docker

General

By Johannes Ziemke from docker

What is Docker

  • version 1.0 released a few hours ago - api stable (a bit)
  • written in go
  • build, packs and ships applications as lightweight containers
  • build once an run almost everywhere (since kernel 3.8.*)
  • rewrite of docCloud PaaS code

Benefits

  • start always from clean slate
  • spawn up complete test infrastructures in seconds
  • run your code against multiple versions easily
  • easy up setup of software environment
  • distribute complex setups as self-contained containers
  • build own infrastructure
  • easy ups deployment per day
  • scaling and mantaining of infrastructure (state convergence, manage everything)
  • helps you to solve managing complexity
    • similar problems
      • modules, classes, plugins
      • human communication: named concepts like car, cat or container
      • shipping goods: intermodal containers
    • solution: create an abstraction
      • does not matter what is in the container nor where it runs
      • clear separation of concerns (reduce communication between developers and ops)
      • developer can take care about used libraries, packagemanager, ...
      • op can take care about the system (alos resource planning and monitoring)
  • running commandos on top of:
    • immutable, shipable, layered images (defined by dockerfile, built by builder and pushed/pulled to registry)
    • copy-on-write storage on top (provides writeable layer on top of read only images to persists changes done by running container)
      • aufs
      • btrfs
      • devicemapper
    • isolated environment
      • using kernal features
        • namespaces (isolation by scoping, available: pid, mnt, net, uts, jpc, user)
        • cgroups (limit, accound and isolated general devices, cou, memory, ...)
        • future (solaris zones ...)
    • via RESTish API
    • missing pieces
      • docker can not address service discovery or dynamic scheduling
      • projects to close the gap
        • openstack
        • coreOs
        • mesos + marathon
        • flynn.io

Demotime

  • --privileged - can break out of container but control host
  • images are read only and creating a container on each start
  • docker commit - creates new image out of running container
  • use boot2docker

Continous Delivery with Docker

By Tobias Schwab from Dynport GmbH

Philosophie

  • continous delivery
  • canarien releases
  • "never touch running system", create a new one when something has to change
  • immutable releases (once created, never change it)

Why They used Docker

  • privacy concerns, aws not an option
  • hoster they could not pick
  • unreliable hoster API
  • flash based structure management
  • limited capacity
  • they are the biggest customer

Learnings

  • image based deployments -> use dockerfiles (do not add dockerfile generators on top)
  • use syslog and rsyslog to log out of the container
  • >>CMD ["/sbin/init"]<< to start debian based image
  • caching
  • configuration management
    • store configuration in environment
    • dependency injected with start of container (use same container for testing, stageing, testing ...)
    • logfiles and data outside of the container
  • do not
    • full blown vm (best case, one service per container)
    • ssh deamon inside containers
    • syslog deamon inside containters (sometimes needed)
    • user management (everything can run as root)
    • chef/puppet makes caching useles
    • rely on external services (github, gem page)
  • build management tools
    • bundler, pip, carton, composer, ...
    • problem is, they are slow on "clean slate"
    • ways to solve
      • add mainifest (like composer.lock) before code and use cached build files
      • pre-bundles base images
  • multi host
    • image distribution via docker registry
    • weighted load balancing via HAProxy
    • SSL termination via HAProxy (container exists by Johannes Ziemke)
  • load balancing
    • HAProxy
    • pool configuration stored in redis/etcd
    • configuration update
      • created
      • uploaded via ssh to host
      • verify configuration
      • replace configuration (old with new)
      • reload configuration
  • logging
    • putting container id, revision of image (host, code, request) via rsyslog out of the container
  • metrics
    • openTSDB
      • distributed, scalable time series database
      • hbase
      • tags/diminsions
      • from syslog via udp
      • rickshaw.js for graphs
      • compare status cudes, counts and times between actions of two revisions
  • benefits (reduces)
    • external dependencies
    • "did work on my machine"
    • unused cpu cycles
    • number of hosts
    • feedback times (number of deploys per day)
    • time to get new host online
    • hosts are more flexible
    • controlled revision change (controlled on each host)
    • faster build

Translate to de es fr it pt ja

docker links cw 18

And as bonus, i found a cool page called top static site generators comparison.

Translate to de es fr it pt ja

Betriebssystem für Docker Container

project atomic soll es ermöglichen, atomare Aktualisierungen durchführen zu können. Kurzum, jedes Bestandteil des Betriebssystems (und der Container) soll einzeln aktualisiert werden können.
Natürlich darf systemd nicht fehlen, es soll zum Starten und Stoppen der Container genutzt werden.
Red Hat möchte zukünftig noch enger mit Docker zusammen arbeiten, kann man nur hoffen, dass niemand (Red Hat, Facebook, Google) Docker aufkauft (bitte erst nach dem zweiten Major Release).

Links

Translate to de es fr it pt ja

more docker links cw 15 2014

Again some nice links about docker.

Translate to de es fr it pt ja

Categories: os
Defined tags for this entry: , , ,
Vote for articles fresher than 7 days!
[-2] 2144 hits

docker links april 2014

Some nice links containing stuff about docker. I'm still reading them and updating my docker howto section :-).

Translate to de es fr it pt ja

Categories: os
Defined tags for this entry: , , , ,
Vote for articles fresher than 7 days!
[-2] 974 hits

Web - Docker 09 ist unabhänging von lxc

Das ist eine der beiden großen Neuerungen, die Docker 0.9 mitbringt, dessen Entwicklung sich mit Vorausschau auf eine baldige stabile Version 1.0 weiterhin auf die mit Version 0.8 ausgegebene Devise »Qualität vor neuer Funktionalität« konzentriert. Daneben wurden wieder viele Fehler bereinigt.
[...]
Die zweite Neuerung in Docker 0.9 ist das neue Execution Driver API, welches die Anpassung der Ausführungsumgebung erlauben soll, die den jeweiligen Container umgibt. Damit will Docker die Vorteile der diversen Isolationswerkzeuge wie etwa OpenVZ, systemd-nspawn, libvirt-lxc, libvirt-sandbox, qemu/kvm, BSD Jails, Solaris Zones sowie der altbekannten chroot nutzen. Weitere Treiber sollen von dritter Seite bereits in Entwicklung sein.
[...]

Quelle

Danke pro-linux.de für diese erfreuliche Meldung. Docker macht wirklich Spaß :-).

Translate to de es fr it pt ja