Docker for Developers

ChrisTankersley@dragonmantankLonestarPHP2016

LonestarPHP2016 1

Who Am I

• PHPProgrammerforover11years•  Sysadmin/DevOpsforaround9years• UsingLinuxformorethan15years• hGps://github.com/dragonmantank

• Authorof“DockerforDevelopers”• Reigning,Defending,UndisputedPHPMTGChampionoftheWorld

LonestarPHP2016 2

Docker

LonestarPHP2016 3

What Is Docker?

“DockerisanopenplaUormfordevelopersandsysadminstobuild,ship,andrundistributedapplicaVons.ConsisVngofDockerEngine,aportable,lightweightrunVmeandpackagingtool,andDockerHub,acloudserviceforsharingapplicaVonsandautomaVngworkflows,DockerenablesappstobequicklyassembledfromcomponentsandeliminatesthefricVonbetweendevelopment,QA,andproducVonenvironments.”

LonestarPHP2016 4

hGps://www.docker.com/whaVsdocker/

What is it from a technical standpoint?

• DockerisawrapperaroundContainers• DockerEngineisthepackagingporVonthatbuildsandrunsthecontainers• DockerHuballowsyoutopublishimagesforotherstouse• DockerMachineisabare-metalprovisioningtool• DockerSwarmisanload-balancingdeploymenttool• DockerComposeisamulV-containerbuildsystem

LonestarPHP2016 5

Containers

LonestarPHP2016 6

Normal Bare-Metal Server

LonestarPHP2016 7

CPU RAM HD Network

OperaVngSystem

nginx PHP DB

Virtual Machines

LonestarPHP2016 8

CPU RAM HD Network

OperaVngSystem

nginx PHP DB

OperaVngSystem

nginx PHP DB

OperaVngSystem

Hypervisor

Containers

LonestarPHP2016 9

CPU RAM HD Network

OperaVngSystem

nginxnginx PHP DB PHP DB

Docker can use many different containers

•  Since0.9.0itsupports:•  LXC(LinuxContainers)–StartedwithLXCwhenitwasreleased•  OpenVZ•  Systemd-nspawn•  libvert-sandbox•  Qemu/kvm•  BSDJails•  SolarisZones•  chroot

LonestarPHP2016 10

Runs on *nix and Windows Hyper-V

• NonaVvecontainerdriversforOSX*• AmazonhasElasVcContainerService,andMicrosokAzurehasAzureContainerService

LonestarPHP2016 11

Sorry OSX Users

• DockersupportisofficiallymaintainedthroughDockerToolbox

LonestarPHP2016 12

Docker Toolbox also is for Windows

LonestarPHP2016 13

Let’s use Docker

LonestarPHP2016 14

Running a container

•  `dockerrun`willrunacontainer•  ThiswillnotrestartanexisVngcontainer,justcreateanewone• dockerrun[opVons]IMAGE[command][arguments]

•  [opVons]modifythedockerprocessforthiscontainer•  IMAGEistheimagetouse•  [command]isthecommandtoruninsidethecontainer•  [arguments]areargumentsforthecommand

LonestarPHP2016 15

Running a simple shell

LonestarPHP2016 16

Running Two Webservers

LonestarPHP2016 17

Some Notes

• Allthreecontainersare100%selfcontained• Dockercontainerssharecommonancestors,butkeeptheirownfiles•  `dockerrun`parameters:

•  --rm–Destroyacontaineronceitexits•  -d–Runinthebackground(daemonmode)•  -i–RunininteracVvemode•  --name–Givethecontaineraname•  -p[localport]:[containerport]–Forwardthelocalporttothecontainerport

LonestarPHP2016 18

Volumes

LonestarPHP2016 19

Modifying a running container

•  `dockerexec`canrunacommandinsideofanexisVngcontainer• UseVolumestosharedata

LonestarPHP2016 20

Persistent Data with Volumes

•  Youcandesignateavolumewith-v• Volumescanbesharedamongstcontainers• Volumescanmountdatafromthehostsystem

LonestarPHP2016 21

Mounting from the host machine

LonestarPHP2016 22

Mounting from the host isn’t perfect

•  Thecontainernowhasawindowintoyourhostmachine• Permissionscangetscrewyifyouaremodifyinginthecontainer

•  Mostthingsitcreateswillberootbydefault,andyouprobablyaren’trootonthehostmachine

• Host-mountedvolumesarenotportableatall• DockerToolbox’sVMonlyallowsmounVngfromwithinyourhomedirectory

LonestarPHP2016 23

Container Data Volumes

• Usesasmallcontainerthatdoesnothingbutstoresdata• Haveourappcontainersusethedatavolumetostoredata• Use‘editorcontainers’togoinandmodifydatawhenneeded

LonestarPHP2016 24

Mounting Data Volumes

LonestarPHP2016 25

Why not run SSH inside of the container?

• Well,youcan…• Dockerisdesignedforonecommandpercontainer•  Ifyouneedtomodifydata,thenyouneedtochangeyoursetup•  IfyouhavetorunSSH,thenyouneedawaytorunSSHandyourcommand

LonestarPHP2016 26

Why go through the hassle?

• Datavolumesareportable• Datavolumesaresafer•  Separatestheappcontainersfromdata

•  ProducVoncanuseadatavolume,devcanuseahostvolume

• Ourappcontainersstaysmall

LonestarPHP2016 27

Network Linking

LonestarPHP2016 28

Docker Links

• Allowscontainersto‘see’eachotheroverthenetwork•  Eachcontainerthinkstheotheroneisjustanothermachine• Containersallhaveaninternalnetworkaddress,sowedon’tneedtoexposeeverythingthroughthehost• Currentlyonlyworksifallthecontainersareononemachine,Docker1.10shouldfixthat

LonestarPHP2016 29

More Traditional Setup

LonestarPHP2016 30

INTARWEBS Nginx PHP-FPM

DataVolume

Port9000

Editor

Let’s Build It

LonestarPHP2016 31

More Notes!

• WecannowrebuildsecVonsoftheappasneeded• WecanrestartnginxwithoutimpacVngPHP• Wecanextendmucheasier

•  Linkedcontainerswillnotupdateiftheyarestopped/started•  IfweupgradePHP,wehavetodestroy/createtheweb_servercontaineragain

LonestarPHP2016 32

Creating your own Images

LonestarPHP2016 33

Dockerfile

• DockerfileistheconfiguraVonstepsforanimage• Canbecreatedfromscratch,orbasedonanotherimage• Allowsyoutoaddfiles,createdefaultvolumes,ports,etc• CanbeusedprivatelyorpushedtoDockerHub

LonestarPHP2016 34

FROMphusion/baseimage:0.9.10#…CMD["/sbin/my_init"]#Nginx-PHPInstallationRUNapt-getupdateRUNapt-getinstall-yvimgitcurlwgetbuild-essentialpython-software-properties\

php5-cliphp5-fpmphp5-mysqlphp5-pgsqlphp5-sqlitephp5-curl\ php5-gdphp5-mcryptphp5-intlphp5-imapphp5-tidymysql-client

#…RUNmkdir/var/wwwADDbuild/default/etc/nginx/sites-available/default#…EXPOSE8022VOLUME/var/wwwVOLUME/etc/nginxVOLUME/etc/php/VOLUME/var/logRUNapt-getclean&&rm-rf/var/lib/apt/lists/*/tmp/*/var/tmp/*

LonestarPHP2016 35

Build it

dockerbuild-ttag_name./

•  ThisrunsthroughtheDockerfileandgeneratestheimage• Wecannowusethetagnametoruntheimage

LonestarPHP2016 36

Other Helpful Commands

LonestarPHP2016 37

Inspect a container

dockerinspect[opVons]CONTAINER_NAME

• ReturnsaJSONstringwithdataaboutthecontainer• Canalsoquery

•  dockerinspect-f“{{.NetworkSe{ngs.IPAddres}}”web_server

• ReallyhandyforscripVngoutthingslikereverseproxies

LonestarPHP2016 38

Work with images

• dockerpullIMAGE–Pullsdownanimagebeforeusing• dockerimages–Listsalltheimagesthataredownloaded• dockerrmiIMAGE–Deletesanimageifit’snotbeingused

LonestarPHP2016 39

Docker Machine

LonestarPHP2016 40

What is Docker Machine?

• AprovisioningtoolthatisusedtosetupaboxwithDocker• UsedinDockerToolboxtocreatetheVM•  Supports:

•  EC2•  Azure•  DigitalOcean•  Hyper-V•  OpenStack•  Virtualbox•  VMWare

LonestarPHP2016 41

Creating a new machine

LonestarPHP2016 42

Why use it?

• Makesitveryeasytospinupnewboxes• DockerMachinehandlesallofthedirtystuffforyou• DockerToolboxusersarealreadyusingit•  IntegrateswithDockerSwarm

•  Itisnotnecessarilyportable

LonestarPHP2016 43

Docker Swarm

LonestarPHP2016 44

What is Docker Swarm?

• ClustermanagementtooldevelopedbyDocker•  Lookslikeamachinerunningdocker,butisactuallymanymachines

LonestarPHP2016 45

Create a Swarm token

$dockerrun--rmswarmcreate2//...340122bb69c98825b4ac7094c87a07e21

LonestarPHP2016 46

Create a Swarm Master

$docker-machinecreate-dvirtualbox\--swarm\--swarm-master\--swarm-discoverytoken://40122bb69c98825b4ac7094c87a07e21\swarm-master

LonestarPHP2016 47

Add nodes to the swarm

docker-machinecreate-dvirtualbox\--swarm\--swarm-discoverytoken://40122bb69c98825b4ac7094c87a07e21\swarm-node-1docker-machinecreate-dvirtualbox\--swarm\--swarm-discoverytoken://40122bb69c98825b4ac7094c87a07e21\swarm-node-2

LonestarPHP2016 48

Switch to the master

eval$(docker-machineenv--swarmswarm-master)

LonestarPHP2016 49

Add some containers

LonestarPHP2016 50

Docker Compose

LonestarPHP2016 51

What is Docker Compose?

• MulV-containerorchestraVon• Asingleconfigfileholdsallofyourcontainerinfo• WorkswithDockerSwarmandafewothertools,likeRancher

LonestarPHP2016 52

Sample docker-compose.yml phpserver:build:./docker/phpvolumes:-/home/ctankersley/Projects/dockerfordevs:/var/www/links:-mysqlservermysqlserver:image:mysqlenvironment:MYSQL_DATABASE:dockerfordevsMYSQL_ROOT_PASSWORD:dockervolumes:-/var/lib/mysqlnginx:build:./docker/nginxports:-"80:80"-"443:443"links:-phpserver

LonestarPHP2016 53

Docker Compose in Action

LonestarPHP2016 54

Let’s build an application

LonestarPHP2016 55

The Goal

• AthreecontainerapplicaVonwithnginx,php,andmysql• ApplicaVonwillreadandwritetothedatabase• CandeploytoaproducVonmachine

LonestarPHP2016 56

Folder Structure

LonestarPHP2016 57

A basic docker-compose.yml

phpserver:image:php:7-fpmvolumes:-./application:/var/www/nginx:image:nginxports:-"80:80"-"443:443"volumes:-./nginx:/etc/nginx/conf.d/links:-phpserver

LonestarPHP2016 58

nginx/nginx.conf server{listen80;root/var/www/html;indexindex.htmlindex.htmindex.php;access_log/dev/stdout;error_log/dev/stderr;location/{try_files$uri$uri//index.html/index.php?$query_string;}location~\.php${fastcgi_split_path_info^(.+\.php)(/.+)$;fastcgi_passphpserver:9000;fastcgi_paramSCRIPT_FILENAME$document_root$fastcgi_script_name;includefastcgi_params;}}

LonestarPHP2016 59

Hello World

<?phpecho"HelloWorld";

LonestarPHP2016 60

Bringing it to life

LonestarPHP2016 61

Adding in MySQL

phpserver:image:php:7-fpmvolumes:-./application:/var/www/links:-mysqlservermysqlserver:image:mysqlenvironment:MYSQL_DATABASE:dockerfordevsMYSQL_ROOT_PASSWORD:dockervolumes:-/var/lib/mysql

LonestarPHP2016 62

Docker Compose changes aren’t automatic •  Youwillneedtostop,thenbringthesystemagain

•  docker-composestop•  docker-composeup

• DockerComposewillgenerallyonlyrestartboxesthathaveconfigchanges• DockerComposewillnotautomaVcallyfixlinks

LonestarPHP2016 63

Connecting to the database <?php$hostname='mysqlserver';$database='dockerfordevs';$user='root';$password='docker';$dbh=newPDO('mysql:host='.$hostname.';dbname='.$database.'',$user,$password);echo'HelloWorld';

LonestarPHP2016 64

Testing it

LonestarPHP2016 65

Why didn’t it work?

• DefaultPHPimagesshipwithbarelyanyextensionsenabledbydefault• WewillneedacustomPHPImage

LonestarPHP2016 66

Update our docker-compose.yml

phpserver:build:./docker/phpvolumes:-./application:/var/www/links:-mysqlserver

LonestarPHP2016 67

Custom Docker File

FROMphp:7-fpm#InstallmodulesRUNapt-getupdate&&apt-getinstall-y\libmcrypt-dev\&&docker-php-ext-installpdo\&&docker-php-ext-installpdo_mysqlCMD["php-fpm"]

LonestarPHP2016 68

Let’s try that again

LonestarPHP2016 69

Deploying

LonestarPHP2016 70

I can’t answer this for you

LonestarPHP2016 71

¯\_(ツ)_/¯

Questions?

LonestarPHP2016 72

Each situation is different

•  Youwillprobablybuildsomethingcustom,usingexisVngtools• Doyouusedatavolumes?• DoyoujustpackagetheenVrecompiledapp?• Doesitneedtobedistributed?•  IsitgoingonSwarm,orAmazonECS?

LonestarPHP2016 73

Things to consider

• DockerComposewillonlydeployanapptooneserver• DockerSwarmispreGylow-levelandbare-bones• VolumesonSwarmcannotbesharedacrosshosts• HostmounVngis99.99999%oftheVmenotwhatyouwanttodo

LonestarPHP2016 74

Rancher is a good start

• ProvidesaniceGUItomanageeverything• Allowsvolumesharingandnetworkingacrosshosts• Workswithdocker-compose.ymlfiles

•  Thesefilescanbesupplementedwithenvironmentvariables

LonestarPHP2016 75

Rancher in action

LonestarPHP2016 76

Questions?

LonestarPHP2016 77

http://ctankersley.com chris@ctankersley.com

@dragonmantank

https://joind.in/talk/2d8b6

LonestarPHP2016 78