Daniël van Gils @foldingbeauty daniel@cloud66.com

www.cloud66.com

!"

How the hell do I run Microservices Docker in Production?...

and will it scale?

OpsDev

Design

Developer Advocate

Build, deploy and maintain any application on any server, on the cloud provider of your choice or bring your own servers.

Running Docker in production for almost 1½ years for our customers.

We simplify DevOps.

Researched how our customers are using Docker.

Daniël van Gils @folding beauty daniel@cloud66.com

www.cloud66.com

!"

How the hell do I run Docker in Production?...

and will it scale?

#

$

%

#1 the right container image

#2 containers in production

$$

api / ruby

static / middleman

whatsapp api / python

AI / tensor flowhidden service / tor

chat bot / go

analytics / R

bigdata / java

iot / c++

NOISE

$docker run alpine echo 'hello world’

you don’t know what kind of skills you need

production

you know what kind of skill you need

you think you know your gained all the skills

but you don’t know

time

skill

s

$

&&

containers

$ $$$$$

$

bin/libs

os

#

bin/libs bin/libs

'

(

)*

#

&server

os

bin/libs

(

+

&&

cloud/VM

os

bin/libs

#

'

(

&os

bin/libs

'

(

cloud/VM

#

'

(

)*

containers

##(

server

dev

ops

ops

ops

dev dev+

simple

complex

%Minimal Lovable Service

technology

%♥

NOISE

- service

$ containers

server cluster(s)&

image$%

$$

= code

= docker file

= docker engine

= platform

$

build

ship

deploy

#containerisation

'

(

)*

the containerisation machine

$$$

'you can’t polish a turd

#

$

containerisation

(

).

$$$ =

dev » test » stage » production

small - secure - performant - stable - immutable

%Minimal Lovable Service Image

SMALL SECURE

PERFORMANT STABLE

IMMUTABLE

$%

SMALL Start with the smallest minimal image you can find. Remove compile time dependencies. Remove packages you don’t need. Run stats for the image.

$%

SMALL SECURE

PERFORMANT STABLE

IMMUTABLE

$%

SECURE Remove all the secrets. Patch to the latest security updates. Run the image with the right UID. Test the image.

$%

SMALL SECURE

PERFORMANT STABLE

IMMUTABLE

$%

PERFORMANT Optimise code. Memory and cpu usage. One process. Load testing.

$%

SMALL SECURE

PERFORMANT STABLE

IMMUTABLE

$%

STABLE Lock the image version. Lock the runtime version(s). Tag your image. Proper logging. Image guideline for your team.

$%

SMALL SECURE

PERFORMANT STABLE

IMMUTABLE

$%

IMMUTABLE Use volumes wisely. Loosely coupled. Don’t use databases inside a image. Use external services for persistency.

$%

dev » test » stage » production

small - secure - performant - stable - immutable

%Minimal Lovable Service Image

How the hell do I run Docker in Production?...

and will it scale?

-

$%

$ 0

monolith containerisation ± 70 %

monolith 1x

monolith image FAT

-

$%

$

0

API first containerisation ± 20%

$%

$api 1x

frontend 1x

image frontend FAT

image api FAT

-

$%

$

0

splitting monolith containerisation ± 6%

$%api 6x

frontend 1x $%

$

workers 10x

$$$$$$$$$

image frontend FAT

image api THIN

image workers THIN

$$$$$$

-

$%

10

$%A 6x

B 12x $%

$

C 10x

$$$$$$$$$

image B THIN

image A THIN

image C THIN

$$$$$$

microservice architecture ± 4%

$$$$$$$

$$$$$

message queue

people

good service

%

DEV/OPS/DESIGN FLOW ORCHESTRATION DISCOVERY SCALING DATA MANAGMENT MONITORING SECURITY

0

DEV/OPS/DESIGN FLOW Have an image guideline. Create a workflow using the same image in all the software cycle stages. From design to production mimic the environment. Test heavily.

20

DEV/OPS/DESIGN FLOW ORCHESTRATION DISCOVERY SCALING DATA MANAGMENT MONITORING SECURITY

3

ORCHESTRATION Isolation of services. Make use of the resource available. Self healing. Load distribution. Adding nodes to your cluster.

23

DEV/OPS/DESIGN FLOW ORCHESTRATION DISCOVERY SCALING DATA MANAGMENT MONITORING SECURITY

4

DISCOVERY Find your services and datasources with minimal code change. Versioning of running services. Automagically update discovery when new services are online or scaled up/down.

24

DEV/OPS/DESIGN FLOW ORCHESTRATION DISCOVERY SCALING/SCHEDULING DATA MANAGMENT MONITORING SECURITY

5

SCALING/SCHEDULING Scale your containers. Scale your docker cluster. Scale your on/off jobs. Failover groups. Cross cloud clusters. Load balancing.

25

DEV/OPS/DESIGN FLOW ORCHESTRATION DISCOVERY SCALING DATA MANAGMENT MONITORING SECURITY

DATA MANAGEMENT Backup and restores. Clustering. Verify your backups. Run natively not in a container.

2

DEV/OPS/DESIGN FLOW ORCHESTRATION DISCOVERY SCALING DATA MANAGMENT MONITORING SECURITY

6

MONITORING Get all the statistics of resources (mem/load/net/res) used. Aggregating of logs. Debugging your containers.

26

DEV/OPS/DESIGN FLOW ORCHESTRATION DISCOVERY SCALING DATA MANAGMENT MONITORING SECURITY2

SECURITY Intrusion detection and prevention systems. Denial of service protection. Firewalling. Failover groups. Segregate container groups VPC / bastion servers. Verification of images.

22

'start small & smart - scale up later

#

$

containerisation

(

7.

$$$

SMALL SECURE PERFORMANT STABLEIMMUTABLE

$%DEV/OPS/DESIGN FLOW ORCHESTRATION DISCOVERY SCALING/SCHEDULING DATA MANAGMENT MONITORING SECURITY

#

MLI PLATFORM CONTAINERS AS A SERVICE

When you get DevOps right, Microservices architecture right and creating the right minimal lovable Image and having the right platform to run containers. Ohh man, the future is bright and you don’t go to hell!

%

Daniël van Gils @foldingbeauty daniel@cloud66.com

www.cloud66.com

!"

www.cloud66.com blog.cloud66.com habitus.io startwithdocker.com

ready for your quest?

thank you