• 1. Now in production for 1 year by John Fiedler @johnfiedler
  • 2. AgendaTimeline - Use Cases of Docker Where we do/don’t deploy docker in production Operational standards we use Things we’ve run into
  • 3. Timeline of Use Cases over the year2013201420142014Q3-Q4Q4Q1Q2Dev EnvironmentContinuous Deployment in TeamcityWeb Zero Downtime DeploymentsFull Stack Container AzkabanDockerMeCraft CMS Main Website BeanstalkWhy Docker, Why Not Chef?Integrations Batch JobsMesosDockerCon 2014Dev/ Ops CLI
  • 4. Where we use / don’t use DockerPersistent StorageMiddleware / Integrations / Internal Tools / Scripts / Jobs / Batch ProcessWebMonitoring Logging SecurityDev EnvironmentOps EnvironmentCI / CDFully SomewhatNoCreateDeployRunOperateDockerized
  • 5. Where we use / don’t use DockerDev EnvironmentOps EnvironmentCreateVagrant Shell Scripts Cassandra Redis Elasticsearch KafkaChef Zero Knife git / repo Berkshelf AWS CLI’s FabricMongoDB FoundationDB Voldemort Statsd Test Kitchen Scripts Spiceweasel More (coming soon) Fully SomewhatNoDockerized
  • 6. Where we use / don’t use DockerCI / CDFully SomewhatNoDeployDockerizedTeamcity Server Agents (used to be) now autoscaling cloud agents Docker Private Registry (Replaced Quay.io) Production Web code Java Corp Web code PHP Integrations Python Dockerme branch web servers Java Internal tools Ruby/Python
  • 7. Where we use / don’t use DockerWebFully SomewhatNoRunDockerizedwebapp:v1webapp:v2hipacheredisUbuntu deployed with Chefdeploy_if_new.sh
  • 8. Where we use / don’t use Docker Middleware / Integrations / Internal Tools / Scripts / Jobs / Batch ProcessFully SomewhatNoRunDockerizedCron Scheduling Health Checks Port / Server Discovery Grid computing Microservices SOA Lots of innovation needed Where is vSphere for Docker?
  • 9. Where we use / don’t use DockerPersistent StorageFully SomewhatNoRunDockerizedWe don’t use Docker here Weird ownership issues Using more DB as a service Flocker is interesting Swarm/Mesos/CoreOS/Kubernetes/EC2 Container Service 2015 this will be solved
  • 10. Operational Standards Update Monitoring Logging SecurityFully SomewhatNoOperateDockerizedAll Containers log to the Host Host logs get picked up by Sumo Beanstalk logs to S3 > Sumo Chef deploys log rotate App Metrics (statsd) Service Metrics (datadog) Host Metrics (datadog) Docker Metrics (datadog)shell scripts (web deploy) Teamcity (beanstalk) Chef’s Docker cookbook Mesos deployUpdate / Deploy / OrchestrationMonitoringLoggingSecurityLow container to host ratio Teamcity/Mesos deploys continous updates Scanlogd container
  • 11. Issues we’ve found DEVICE MAPPER!!!! Registry Private registry issues Quay.io Private (everything from CI/CD) DockerHub (Open sourced) Security Containers have an OS.. (shellshock,GHOST) libs, OS, bugs, vulnerabilities, still exist Root Mesos/Authentication Keys... Container types Light weight stuff is great Ops scripts Full stack is hard to migrate off Azkaban
  • 12. Were hiring!Questions?