name: inverse layout: true class: center, middle, inverse

Containers Patterns

Hello

.large[
.left[Haikel (@hguemar).............. ]
.left[Mario (@mariolet)................ ]
.left[Mike (@mjbright)................. ] ]

What is this talk about?

Patterns?

Patterns

Development Patterns

Copy Sources

Mount Sources

Dockerize Your Tools

ONBUILD Image

Dependencies First Dockerfile ] .tc-center-column[

Distribution Patterns

Build From Scratch

Containers Launcher ] .tc-right-column[

Runtime Patterns

Mount Sources

Docker Socket Mount

Containers Launcher

Build From Scratch

Host Spoofing

ENTRYPOINT and CMD combined

Exec Form ENTRYPOINT ]

Copy Sources

A development pattern

CS

Pattern

] .right-column[ .center[] ]

CS

Pattern

] .right-column[

Copy Sources

development pattern
Sources are copied inside the image
Simplest development pattern
A new image should be built for every code change
Build tools are included in the image
Usually a different image is used to run the application ]

CS

Pattern

Example

] .right-column[

Copy 2048

Docker Image
2048

Source code
https://github/l0rd/containerspatterns/CS/

Build and run commands

docker build -t 2048  .
docker run -d -p 8080:80 2048

]

??? In this pattern it's particularly important to separate in 2 distinct steps:

fetching the dependencies
build of the application

Mount Sources

A development and runtime pattern

CS

MS

Pattern

] .right-column[ .center[] ]

CS

MS

Pattern

] .right-column[

Mount Sources

Development and Runtime Pattern
Source folder is bind mounted when running the container
Pattern particularly suited for dynamic languages
Not recommended for production
No need to rebuild or restart container when sources are updated
Build tools are included in the image
The same image can be used to compile and run the application ]

CS

MS

Pattern

Example

] .right-column[

Mount 2048

Docker Image
2048

Source code
https://github/l0rd/containerspatterns/MS/

Build and run command

docker build -t 2048 .
docker run -p 8080:80 \
           -v $(pwd):/usr/local/apache2/htdocs/ \
           2048

]

Dockerize Your Tools

A development pattern

CS

MS

DYT

Pattern

] .right-column[ .center[] ]

CS

MS

DYT

Pattern

] .right-column[

Dockerize Your Tools

Development pattern
A tool is packaged and distributed as a Docker image
Allow to run multiple versions of the same tool
The tool version and installation is described in a Dockerfile
Files can be shared between the container and the host with volumes
alias command can be used to make it easier to run ]

CS

MS

DYT

Pattern

Example

] .right-column[

Dockerize maven

Docker Image
maven:3.3.3-jdk-8

Source code
https://github/l0rd/containerspatterns/DYT

Run command

# Make the alias of the dockerized tool
alias mvn="docker run \
   -v $(pwd):/usr/src \
   -v ~/.m2:/root/.m2 \
   -w /usr/src  \
   maven:3.3.3-jdk-8 \
   mvn"

# Run the tool
mvn -version

]

Docker Socket Mount

A runtime pattern

CS

MS

DYT

DSM

Pattern

] .right-column[

.center[] ]

CS

MS

DYT

DSM

Pattern

] .right-column[

Docker Socket Mount

Runtime Pattern
The Docker socket is bind mounted when the container is started
Allow to manage containers from another container
Usages:
- Container monitoring tools
- CI/CD tools
- Containers launchers ]

CS

MS

DYT

DSM

Pattern

Example

] .right-column[

Docker Socket Mount

Docker Image
containerslanguages/golang

Source code
https://github/l0rd/containerspatterns/DSM

Run command

docker run -v /var/run/docker.sock:/var/run/docker.sock \
        containerslanguages/golang

]

Containers Launcher

A Distribution and runtime pattern

...

DYT

DSM

CL

Pattern

] .right-column[ .center[] ]

...

DYT

DSM

CL

Pattern

] .right-column[

Containers Launcher

Runtime Pattern
The Docker socket is bind mounted when the container is started
Use to compose multiple containers without Docker compose or similar ]

...

DYT

DSM

CL

Pattern

Example

] .right-column[

Containers launcher

Docker Image
containerslanguages/rust-launcher

Source code
https://github/l0rd/containerspatterns/CL

Run command

docker run -v $(pwd):/src/ \
        -v /var/run/docker.sock:/var/run/docker.sock \
        containerslanguages/rust-launcher

]

Build From Scratch

A Distribution and runtime pattern

...

DSM

CL

BFS

Pattern

] .right-column[

.center[] ]

...

DSM

CL

BFS

Pattern

] .right-column[

Build From Scratch

Distribution and Runtime Pattern
The base image is the smallest possible: Scratch
Use to make ridiculously small images
Works well with statically linked applications (Go, Rust, C etc...) ]

...

DSM

CL

BFS

Pattern

Example

] .right-column[

Go HTTP server built from scratch

Docker Image
emilevauge/tictac

Source code
https://github/emilevauge/tictac/

Run command

docker build -t tictac .
# Compare tictac binary size with tictac docker image size

]

Host Spoofing

A runtime pattern

...

CL

BFS

HS

Pattern

] .right-column[

.center[] ]

...

CL

BFS

HS

Pattern

] .right-column[

Host Spoofing

Runtime Pattern
Run commands inside a container to inspect or alter the Docker host
Access to host network, filesystem, processes, users etc...
Break container isolation
Won't work when security hardening the Docker install ]

...

CL

BFS

HS

Pattern

Example

] .right-column[

Get host info from a container

Docker Image
alpine

Source code
https://github/l0rd/containerspatterns/HS

Run command

docker run --net=host                               \
           -v /:/hostfs/                            \
           --pid=host                               \
           --uts=host                               \
           --ipc=host                               \
           -v $(pwd):/src/                          \
           alpine sh -c ". /src/print_host_info.sh"

]

ENTRYPOINT and CMD Combined

A runtime pattern

...

BFS

HS

ECC

Pattern

] .right-column[

.center[] ]

...

BFS

HS

ECC

Pattern

] .right-column[

ENTRYPOINT and CMD Combined

Runtime Pattern
Instructions ENTRYPOINT and CMD are used together
ENTRYPOINT is the fixed part of the command
CMD is the variable part (usually the parameters) ]

...

BFS

HS

ECC

Pattern

Example

] .right-column[

Asciiart generator with ENTRYPOINT and CMD

Docker Image
ecc

Source code
https://github/l0rd/containerspatterns/ECC

Run command

docker run -ti --rm ecc
docker run -ti --rm ecc -f lean docker

]

Exec Form ENTRYPOINT

A runtime pattern

...

BFS

HS

EFE

Pattern

] .right-column[

.center[] ]

...

BFS

HS

EFE

Pattern

] .right-column[

Exec Form ENTRYPOINT

Runtime Pattern
JSON is used to define the command and its parameters
It's the alternative to the Shell Form (/bin/sh -c on Linux or cmd /S /C on Windows)
No varialbe substitution and the command is PID 1
Unix signals are notified directly to the program (not the shell) ]

...

BFS

HS

EFE

Pattern

Example

] .right-column[

`Exec` and `Shell` form compared

Docker Image
httpd

Source code
https://github/l0rd/containerspatterns/EFE/

Build and Run commands

docker build -t httpd-exec -f Dockerfile.exec .
docker build -t httpd-shell -f Dockerfile.shell .

docker run -i -P --rm httpd-exec
# Stop it using ^C
docker run -i -P --rm httpd-shell
# (Try to) stop it using ^C

]

ONBUILD Images

A development pattern

...

HS

EFE

OBI

Pattern

] .right-column[

.center[] ]

...

HS

EFE

OBI

Pattern

] .right-column[

ONBUILD Images

Development pattern
Build behaviour inherited from base image
Avoid duplicate code in Dockerfiles
Can make Dockerfile difficult to read ]

...

HS

EFE

OBI

Pattern

Example

] .right-column[

Build a Java app with ONBUILD

Docker Image
obi-java

Source code
https://github/l0rd/containerspatterns/OBI

Build/Run commands

docker build -t obi-java .
docker run --rm obi-java

]

Dependencies First Dockerfile

A development pattern

...

HS

EFE

DFD

Pattern

] .right-column[ .center[] ]

...

HS

EFE

DFD

Pattern

] .right-column[

Dependencies First Dockerfile

Development pattern
Dependencies should not be fetched at every change in source code
In Dockerfile dependency list should be copied before source code ]

...

HS

EFE

DFD

Pattern

Example

] .right-column[

Packaging a python application with Docker

Docker Image dfd

Source code
https://github/l0rd/containerspatterns/dfd
https://github/polyfunc/flask-todolist

Build command

docker build -t dfd .
docker build -t dfd-orig -f Dockerfile.orig .

touch onefile

docker build -t dfd .
docker build -t dfd-orig -f Dockerfile.orig .

]

Conclusion

Thank you

https://l0rd.github.io/containerspatterns

[@hguemar, @mariolet, @mjbright]

Files

dockermeetupnantes-2016-11-29.md

Latest commit

History

dockermeetupnantes-2016-11-29.md

File metadata and controls

name: inverse layout: true class: center, middle, inverse

Containers Patterns

Hello

What is this talk about?

Patterns?

Patterns

Development Patterns

Distribution Patterns

Runtime Patterns

Copy Sources

CS

Pattern

CS

Pattern

Copy Sources

CS

Pattern

Example

Copy 2048

Mount Sources

CS

MS

Pattern

CS

MS

Pattern

Mount Sources

CS

MS

Pattern

Example

Mount 2048

Dockerize Your Tools

CS

MS

DYT

Pattern

CS

MS

DYT

Pattern

Dockerize Your Tools

CS

MS

DYT

Pattern

Example

Dockerize maven

Docker Socket Mount

CS

MS

DYT

DSM

Pattern

CS

MS

DYT

DSM

Pattern

Docker Socket Mount

CS

MS

DYT

DSM

Pattern

Example

Docker Socket Mount

Containers Launcher

...

DYT

DSM

CL

Pattern

...