enable fig to deploy to multiple docker servers by willy kuo
DESCRIPTION
Fig (http://www.fig.sh/) is an Docker-based development environment tool which is owned by Docker. Originally, we can only deploy to one host at one time. My hack in Docker Global Hack Day #2 is to enable Fig to deploy multiple hosts at one time. In this talk, I'll give a brief introduction to Fig first. Then describe my hack in the hack day. Finally I'll give a short demo about deploying apps to multi hosts at one time.TRANSCRIPT
Enable Fig to deploy to multiple servers
1
2
Who am I?
Willy Kuo, from Taipei, Taiwan
The organizor of the meetup of Docker.Taipei
An entrepreneur
http://twitter.com/waitingkuo
http://github.com/waitingkuo
3
Outline
Introduction to Fig
My hack day project:
enable Fig to depoy to multiple servers
Demo
4
Fig
Fig - Fast, isolated development environments using Docker
http://www.fig.sh/
fig.ymldocker
server
docker run
docker rm
docker build
describe
services Fig
5
fig.yml
web:
build: .
command: python app.py
links:
- redis
ports:
- "8000:8000"
redis:
image: redis
6
Example - Overview
Run a python web app
Use Redis as the database
7
Example - Redis
Pull the image from Docker Hub
docker pull redis
Run it
docker run --name redis
8
Example - Web App
Dockerfile
FROM python:2.7
ADD . /code
WORKDIR /code
RUN pip install -r requirements.txt
Build the image
docker build -t waitingkuo/myweb .
Run it
docker run --name web --link redis:redis --port 8000:8000 \
waitingkuo/myweb python app.py
9
Example - Construct fig.yml
To run the redis:
docker pull redis
docker run --name redis redis
fig.yml
redis:
image: redis
To run the web:
docker build -t waitingkuo/myweb .
python app.py
docker run --name web \
--link redis:redis \
--port 8000:8000 \
waitingkuo/myweb \
web:
build: .
command: python app.py
links:
- redis
ports:
- "8000:8000"
10
Example - fig.yml
web:
build: .
command: python app.py
links:
- redis
ports:
- "8000:8000"
redis:
image: redis
11
Example - fig up
Then type fig up to run your app
12
What if we want to deploy to multiple
servers?
13
Docker Global Hack Day #2
Theme:
Distributed apps by docker
Our idea:
Enable Fig to deploy to multiple servers
14
Enable Fig to deploy to multiple servers
1. Create a CA, server and client keys with OpenSSL
2. Make Docker daemon accept HTTPS connections
3. Enable fig to connect the server via HTTPS
15
CA, Server and client keys
Create a CA, server and client key with OpenSSL
http://docs.docker.com/articles/https/
Follow the document, you’ll generate following pem files
ca.pem
server-cert.pem
server-key.pem
cert.pem
key.pem
16
Make Docker Daemon Accept HTTPS Connections
To run a Docker daemon with HTTPS
1. Enable Transport Layer Security (TLS)
2. Provide CA, server key, and the certification trusted by the CA
3. Listen to port 2376
Running Docker daemon
docker -d --tlsverify \
--tlscacert=ca.pem \
--tlskey=server-key.pem \
--tlscert=server-cert.pem \
-H=tcp://0.0.0.0:2376
17
Enable fig to connect the server via HTTPS
Copy CA, client key, and the certification trusted by the CA to the
client
/path/to/your/cert/directory/ca.pem
/path/to/your/cert/directory/cert.pem
/path/to/your/cert/directory/key.pem
Add new parameters to Fig
docker_host: tcp://host1/2376
docker_cert_path: /path/to/your/cert/directory
docker_tls_verify: 1
18
The new fig.ymlweb1:
build: .
command: python app.py
docker_host: tcp://host1/2376
docker_cert_path: /path/to/your/cert1/directory
docker_tls_verify: 1
links:
- redis1
ports:
- "8000:8000"
redis1:
image: redis
docker_host: tcp://host1/2376
docker_cert_path: /path/to/your/cert1/directory
docker_tls_verify: 1
19
Deploy to multiple serversweb1:
build: .
command: python app.py
docker_host: tcp://host1/2376
docker_cert_path: /path/to/your/cert1/directory
docker_tls_verify: 1
links:
- redis1
ports:
- "8000:8000"
redis1:
image: redis
docker_host: tcp://host1/2376
docker_cert_path: /path/to/your/cert1/directory
docker_tls_verify: 1
web2:
build: .
command: python app.py
docker_host: tcp://host2/2376
docker_cert_path: /path/to/your/cert2/directory
docker_tls_verify: 1
links:
- redis1
ports:
- "8000:8000"
redis2:
image: redis
docker_host: tcp://host2/2376
docker_cert_path: /path/to/your/cert2/directory
docker_tls_verify: 1
20
Demo
Thank You.
21