docker for php developers (nomadphp)

Docker for PHP Developers ChrisTankersley@dragonmantankNomadPHPEUApril2016

NomadPHPEUApril2016 1

Who Am I

• PHPProgrammerforover11years•  Sysadmin/DevOpsforaround9years• UsingLinuxformorethan15years• hJps://github.com/dragonmantank

• Authorof“DockerforDevelopers”• Reigning,Defending,UndisputedPHPMTGChampionoftheWorld

NomadPHPEUApril2016 2

Docker

NomadPHPEUApril2016 3

What Is Docker?

“DockerisanopenplaWormfordevelopersandsysadminstobuild,ship,andrundistributedapplicaXons.ConsisXngofDockerEngine,aportable,lightweightrunXmeandpackagingtool,andDockerHub,acloudserviceforsharingapplicaXonsandautomaXngworkflows,DockerenablesappstobequicklyassembledfromcomponentsandeliminatesthefricXonbetweendevelopment,QA,andproducXonenvironments.”

NomadPHPEUApril2016 4

hJps://www.docker.com/whaXsdocker/

What is it from a technical standpoint?

• DockerisawrapperaroundContainers• DockerEngineisthepackagingporXonthatbuildsandrunsthecontainers• DockerHuballowsyoutopublishimagesforotherstouse• DockerMachineisabare-metalprovisioningtool• DockerSwarmisanload-balancingdeploymenttool• DockerComposeisamulX-containerbuildsystem

NomadPHPEUApril2016 5

Containers

NomadPHPEUApril2016 6

Normal Bare-Metal Server

NomadPHPEUApril2016 7

CPU RAM HD Network

OperaXngSystem

nginx PHP DB

Virtual Machines

NomadPHPEUApril2016 8

CPU RAM HD Network

OperaXngSystem

nginx PHP DB

OperaXngSystem

nginx PHP DB

OperaXngSystem

Hypervisor

Containers

NomadPHPEUApril2016 9

CPU RAM HD Network

OperaXngSystem

nginxnginx PHP DB PHP DB

Docker can use many different containers

•  Since0.9.0itsupports:•  LXC(LinuxContainers)–StartedwithLXCwhenitwasreleased•  OpenVZ•  Systemd-nspawn•  libvert-sandbox•  Qemu/kvm•  BSDJails•  SolarisZones•  chroot

NomadPHPEUApril2016 10

Runs on *nix and Windows Hyper-V

• NonaXvecontainerdriversforOSX*• AmazonhasElasXcContainerService,andMicrosokAzurehasAzureContainerService

NomadPHPEUApril2016 11

Sorry OSX Users

• DockersupportisofficiallymaintainedthroughDockerToolbox

NomadPHPEUApril2016 12

Docker Toolbox also is for Windows

NomadPHPEUApril2016 13

Let’s use Docker

NomadPHPEUApril2016 14

Running a container

•  `dockerrun`willrunacontainer•  ThiswillnotrestartanexisXngcontainer,justcreateanewone• dockerrun[opXons]IMAGE[command][arguments]

•  [opXons]modifythedockerprocessforthiscontainer•  IMAGEistheimagetouse•  [command]isthecommandtoruninsidethecontainer•  [arguments]areargumentsforthecommand

NomadPHPEUApril2016 15

Running a simple shell

NomadPHPEUApril2016 16

Running a simple shell

NomadPHPEUApril2016 17

Running a simple shell

NomadPHPEUApril2016 18

Running Two Webservers

NomadPHPEUApril2016 19

Running Two Webservers

NomadPHPEUApril2016 20

Running Two Webservers

NomadPHPEUApril2016 21

Running Two Webservers

NomadPHPEUApril2016 22

Running Two Webservers

NomadPHPEUApril2016 23

Running Two Webservers

NomadPHPEUApril2016 24

Running Two Webservers

NomadPHPEUApril2016 25

Running Two Webservers

NomadPHPEUApril2016 26

Some Notes

• Allthreecontainersare100%selfcontained• Dockercontainerssharecommonancestors,butkeeptheirownfiles•  `dockerrun`parameters:

•  --rm–Destroyacontaineronceitexits•  -d–Runinthebackground(daemonmode)•  -i–RunininteracXvemode•  --name–Givethecontaineraname•  -p[localport]:[containerport]–Forwardthelocalporttothecontainerport

NomadPHPEUApril2016 27

Volumes

NomadPHPEUApril2016 28

Modifying a running container

•  `dockerexec`canrunacommandinsideofanexisXngcontainer• UseVolumestosharedata

NomadPHPEUApril2016 29

Persistent Data with Volumes

•  Youcandesignateavolumewith-v• Volumescanbesharedamongstcontainers• Volumescanmountdatafromthehostsystem

NomadPHPEUApril2016 30

Mounting from the host machine

NomadPHPEUApril2016 31

Mounting from the host machine

NomadPHPEUApril2016 32

Mounting from the host machine

NomadPHPEUApril2016 33

Mounting from the host machine

NomadPHPEUApril2016 34

Mounting from the host machine

NomadPHPEUApril2016 35

Mounting from the host isn’t perfect

•  Thecontainernowhasawindowintoyourhostmachine• Permissionscangetscrewyifyouaremodifyinginthecontainer

•  Mostthingsitcreateswillberootbydefault,andyouprobablyaren’trootonthehostmachine

• Host-mountedvolumesarenotportableatall• DockerToolbox’sVMonlyallowsmounXngfromwithinyourhomedirectory

NomadPHPEUApril2016 36

Container Data Volumes

• Usesasmallcontainerthatdoesnothingbutstoresdata• Haveourappcontainersusethedatavolumetostoredata• Use‘editorcontainers’togoinandmodifydatawhenneeded

NomadPHPEUApril2016 37

Mounting Data Volumes

NomadPHPEUApril2016 38

Mounting Data Volumes

NomadPHPEUApril2016 39

Mounting Data Volumes

NomadPHPEUApril2016 40

Mounting Data Volumes

NomadPHPEUApril2016 41

Mounting Data Volumes

NomadPHPEUApril2016 42

Mounting Data Volumes

NomadPHPEUApril2016 43

Mounting Data Volumes

NomadPHPEUApril2016 44

Mounting Data Volumes

NomadPHPEUApril2016 45

Why not run SSH inside of the container?

• Well,youcan…• Dockerisdesignedforonecommandpercontainer•  Ifyouneedtomodifydata,thenyouneedtochangeyoursetup•  IfyouhavetorunSSH,thenyouneedawaytorunSSHandyourcommand

NomadPHPEUApril2016 46

Why go through the hassle?

• Datavolumesareportable• Datavolumesaresafer•  Separatestheappcontainersfromdata

•  ProducXoncanuseadatavolume,devcanuseahostvolume

• Ourappcontainersstaysmall

NomadPHPEUApril2016 47

Network Linking

NomadPHPEUApril2016 48

Docker Links

• Allowscontainersto‘see’eachotheroverthenetwork•  Eachcontainerthinkstheotheroneisjustanothermachine• Containersallhaveaninternalnetworkaddress,sowedon’tneedtoexposeeverythingthroughthehost• Currentlyonlyworksifallthecontainersareononemachine,Docker1.10shouldfixthat

NomadPHPEUApril2016 49

More Traditional Setup

NomadPHPEUApril2016 50

INTARWEBS Nginx PHP-FPM

DataVolume

Port9000

Editor

Let’s Build It

NomadPHPEUApril2016 51

Let’s Build It

NomadPHPEUApril2016 52

Let’s Build It

NomadPHPEUApril2016 53

Let’s Build It

NomadPHPEUApril2016 54

Let’s Build It

NomadPHPEUApril2016 55

Let’s Build It

NomadPHPEUApril2016 56

More Notes!

• WecannowrebuildsecXonsoftheappasneeded• WecanrestartnginxwithoutimpacXngPHP• Wecanextendmucheasier

•  Linkedcontainerswillnotupdateiftheyarestopped/started•  IfweupgradePHP,wehavetodestroy/createtheweb_servercontaineragain

NomadPHPEUApril2016 57

Creating your own Images

NomadPHPEUApril2016 58

Dockerfile

• DockerfileistheconfiguraXonstepsforanimage• Canbecreatedfromscratch,orbasedonanotherimage• Allowsyoutoaddfiles,createdefaultvolumes,ports,etc• CanbeusedprivatelyorpushedtoDockerHub

NomadPHPEUApril2016 59

FROMphusion/baseimage:0.9.10#…CMD["/sbin/my_init"]#Nginx-PHPInstallationRUNapt-getupdateRUNapt-getinstall-yvimgitcurlwgetbuild-essentialpython-software-properties\

php5-cliphp5-fpmphp5-mysqlphp5-pgsqlphp5-sqlitephp5-curl\ php5-gdphp5-mcryptphp5-intlphp5-imapphp5-tidymysql-client

#…RUNmkdir/var/wwwADDbuild/default/etc/nginx/sites-available/default#…EXPOSE8022VOLUME/var/wwwVOLUME/etc/nginxVOLUME/etc/php/VOLUME/var/logRUNapt-getclean&&rm-rf/var/lib/apt/lists/*/tmp/*/var/tmp/*

NomadPHPEUApril2016 60

Build it

dockerbuild-ttag_name./

•  ThisrunsthroughtheDockerfileandgeneratestheimage• Wecannowusethetagnametoruntheimage

NomadPHPEUApril2016 61

Other Helpful Commands

NomadPHPEUApril2016 62

Inspect a container

dockerinspect[opXons]CONTAINER_NAME

• ReturnsaJSONstringwithdataaboutthecontainer• Canalsoquery

•  dockerinspect-f“{{.NetworkSe{ngs.IPAddres}}”web_server

• ReallyhandyforscripXngoutthingslikereverseproxies

NomadPHPEUApril2016 63

Work with images

• dockerpullIMAGE–Pullsdownanimagebeforeusing• dockerimages–Listsalltheimagesthataredownloaded• dockerrmiIMAGE–Deletesanimageifit’snotbeingused

NomadPHPEUApril2016 64

Docker Machine

NomadPHPEUApril2016 65

What is Docker Machine?

• AprovisioningtoolthatisusedtosetupaboxwithDocker• UsedinDockerToolboxtocreatetheVM•  Supports:

•  EC2•  Azure•  DigitalOcean•  Hyper-V•  OpenStack•  Virtualbox•  VMWare

NomadPHPEUApril2016 66

Why use it?

• Makesitveryeasytospinupnewboxes• DockerMachinehandlesallofthedirtystuffforyou• DockerToolboxusersarealreadyusingit•  IntegrateswithDockerSwarm

•  Itisnotnecessarilyportable

NomadPHPEUApril2016 67

Docker Swarm

NomadPHPEUApril2016 68

What is Docker Swarm?

• ClustermanagementtooldevelopedbyDocker•  Lookslikeamachinerunningdocker,butisactuallymanymachines

NomadPHPEUApril2016 69

Docker Compose

NomadPHPEUApril2016 70

What is Docker Compose?

• MulX-containerorchestraXon• Asingleconfigfileholdsallofyourcontainerinfo• WorkswithDockerSwarmandafewothertools,likeRancher

NomadPHPEUApril2016 71

Sample docker-compose.yml phpserver:build:./docker/phpvolumes:-/home/ctankersley/Projects/dockerfordevs:/var/www/links:-mysqlservermysqlserver:image:mysqlenvironment:MYSQL_DATABASE:dockerfordevsMYSQL_ROOT_PASSWORD:dockervolumes:-/var/lib/mysqlnginx:build:./docker/nginxports:-"80:80"-"443:443"links:-phpserver

NomadPHPEUApril2016 72

Deploying

NomadPHPEUApril2016 73

I can’t answer this for you

NomadPHPEUApril2016 74

¯\_(ツ)_/¯

Questions?

NomadPHPEUApril2016 75

Each situation is different

•  Youwillprobablybuildsomethingcustom,usingexisXngtools• Doyouusedatavolumes?• DoyoujustpackagetheenXrecompiledapp?• Doesitneedtobedistributed?•  IsitgoingonSwarm,orAmazonECS?

NomadPHPEUApril2016 76

Things to consider

• DockerComposewillonlydeployanapptooneserver• DockerSwarmispreJylow-levelandbare-bones• VolumesonSwarmcannotbesharedacrosshosts• HostmounXngis99.99999%oftheXmenotwhatyouwanttodo

NomadPHPEUApril2016 77

Rancher is a good start

• ProvidesaniceGUItomanageeverything• Allowsvolumesharingandnetworkingacrosshosts• Workswithdocker-compose.ymlfiles

•  Thesefilescanbesupplementedwithenvironmentvariables

NomadPHPEUApril2016 78

Rancher in action

NomadPHPEUApril2016 79

Questions?

NomadPHPEUApril2016 80

http://ctankersley.com chris@ctankersley.com

@dragonmantank

https://joind.in/talk/42cba

NomadPHPEUApril2016 81