Enable Fig to deploy to multiple servers

1

2

Who am I?

Willy Kuo, from Taipei, Taiwan

The organizor of the meetup of Docker.Taipei

An entrepreneur

http://twitter.com/waitingkuo

http://github.com/waitingkuo

3

Outline

Introduction to Fig

My hack day project:

enable Fig to depoy to multiple servers

Demo

4

Fig

Fig - Fast, isolated development environments using Docker

http://www.fig.sh/

fig.ymldocker

server

docker run

docker rm

docker build

describe

services Fig

5

fig.yml

web:

build: .

command: python app.py

links:

- redis

ports:

- "8000:8000"

redis:

image: redis

6

Example - Overview

Run a python web app

Use Redis as the database

7

Example - Redis

Pull the image from Docker Hub

docker pull redis

Run it

docker run --name redis

8

Example - Web App

Dockerfile

FROM python:2.7

ADD . /code

WORKDIR /code

RUN pip install -r requirements.txt

Build the image

docker build -t waitingkuo/myweb .

Run it

docker run --name web --link redis:redis --port 8000:8000 \

waitingkuo/myweb python app.py

9

Example - Construct fig.yml

To run the redis:

docker pull redis

docker run --name redis redis

fig.yml

redis:

image: redis

To run the web:

docker build -t waitingkuo/myweb .

python app.py

docker run --name web \

--link redis:redis \

--port 8000:8000 \

waitingkuo/myweb \

web:

build: .

command: python app.py

links:

- redis

ports:

- "8000:8000"

10

Example - fig.yml

web:

build: .

command: python app.py

links:

- redis

ports:

- "8000:8000"

redis:

image: redis

11

Example - fig up

Then type fig up to run your app

12

What if we want to deploy to multiple

servers?

13

Docker Global Hack Day #2

Theme:

Distributed apps by docker

Our idea:

Enable Fig to deploy to multiple servers

14

Enable Fig to deploy to multiple servers

1. Create a CA, server and client keys with OpenSSL

2. Make Docker daemon accept HTTPS connections

3. Enable fig to connect the server via HTTPS

15

CA, Server and client keys

Create a CA, server and client key with OpenSSL

http://docs.docker.com/articles/https/

Follow the document, you’ll generate following pem files

ca.pem

server-cert.pem

server-key.pem

cert.pem

key.pem

16

Make Docker Daemon Accept HTTPS Connections

To run a Docker daemon with HTTPS

1. Enable Transport Layer Security (TLS)

2. Provide CA, server key, and the certification trusted by the CA

3. Listen to port 2376

Running Docker daemon

docker -d --tlsverify \

--tlscacert=ca.pem \

--tlskey=server-key.pem \

--tlscert=server-cert.pem \

-H=tcp://0.0.0.0:2376

17

Enable fig to connect the server via HTTPS

Copy CA, client key, and the certification trusted by the CA to the

client

/path/to/your/cert/directory/ca.pem

/path/to/your/cert/directory/cert.pem

/path/to/your/cert/directory/key.pem

Add new parameters to Fig

docker_host: tcp://host1/2376

docker_cert_path: /path/to/your/cert/directory

docker_tls_verify: 1

18

The new fig.ymlweb1:

build: .

command: python app.py

docker_host: tcp://host1/2376

docker_cert_path: /path/to/your/cert1/directory

docker_tls_verify: 1

links:

- redis1

ports:

- "8000:8000"

redis1:

image: redis

docker_host: tcp://host1/2376

docker_cert_path: /path/to/your/cert1/directory

docker_tls_verify: 1

19

Deploy to multiple serversweb1:

build: .

command: python app.py

docker_host: tcp://host1/2376

docker_cert_path: /path/to/your/cert1/directory

docker_tls_verify: 1

links:

- redis1

ports:

- "8000:8000"

redis1:

image: redis

docker_host: tcp://host1/2376

docker_cert_path: /path/to/your/cert1/directory

docker_tls_verify: 1

web2:

build: .

command: python app.py

docker_host: tcp://host2/2376

docker_cert_path: /path/to/your/cert2/directory

docker_tls_verify: 1

links:

- redis1

ports:

- "8000:8000"

redis2:

image: redis

docker_host: tcp://host2/2376

docker_cert_path: /path/to/your/cert2/directory

docker_tls_verify: 1

20

Demo

Thank You.

21