[kwlug-disc] Docker on VPSes
Mikalai Birukou
mb at 3nsoft.com
Tue Jan 22 10:39:37 EST 2019
< -- inlined replies -- >
> I am working on migrating a LAMP application -- Drupal, as it turns
> out -- from a VPS on Linode onto a different VPS on Linode. (Yes, I
> really want to migrate to a new instance and not just upgrade the
> existing one.)
Talking only about migration, transplant (tar, untar, recreating users
with same uid/gid's) AMP into LXC container on the same machine/linode.
Snapshot container, better in off state, import it in a new machine/linode.
Note that this is using container tech without going into Docker
approach. With LXD, your LXC container has a normal system inside,
modulo imposed restrictions. With Docker, your also-LXC container is
meant to be a single-process containing thingy. For example, starting
container in LXD feels like starting computer/VM, starting Docker
container comes with specifying a command that is run in it
(specification is either explicit or implicit, but is always present).
Another example, Nginx Docker image runs a non-daemon (!) process with
run command. Feel it: ... non-daemon process. You tell Docker to restart
process in container if it quits.
> It seems that Docker is the cool new thing to use for deploying
> applications. It sounds as if Docker is good for scaling things out,
> and for allowing different versions of LAMP components (different
> versions of PHP, for example) to exist on the same VPS when they are
> used by different applications. But does it make sense if you are
> sticking with a standard LAMP configuration on a standard Ubuntu
> install? It might be possible to containerize this application, but
> would it be worth the trouble? What advantages would there be?
Let's unpack scaling. Splitting AMP into two or three images should
allow you to scale in those sections of stack that need to scale. The
ingestion part may still depend on HAProxy attachment to the LAMP --
clouds may or may not provide ingestion magic, but you may have it as
one more container. And this split for scaling can be achieved via LXD,
like having different machines for different parts of the stack.
Docker.
Since there will be more than one container, Docker composer is your
friend. Since, db part has a state, and Docker containers like to be
stateless, you must use volumes (logs better got to volumes, too). Not
all trust Docker to run db, but trust is coming. Me? I have dbs in LXD.
Of cause, testing cycle uses db in docker, but its not production.
> I am also confused how one keeps all of these containerized images up
> to date,
You assemble an updated image and introduce it instead of an old one.
When you have a sea of machines/linodes, it might be useful to know that
only versions of your containers define what is up-to-date-state on each
computing drop in your cloud.
So, you make a new version of the site. The Docker way may be packing
new container based on Nginx, adding static content. The dynamic part
goes into container with your scripting language inside. Yes, instead of
2MB, your new version artifact will be 100's of MB's.
> and even why I should trust images that come from
> hub.docker.com . I trust Ubuntu/Debian updates because I understand
> the social infrastructure that makes them relatively trustworthy.
I make my containers from Ubuntu's official one. Making means adding
lines in docker file like "RUN apt install -y gcc ...". And in one case
I managed to use less space than some suggested thingy (node+C+fuse
build container for gitlab runner).
> I also understand that I can upgrade these components with an "apt
> upgrade". I do not know how people do this in the Docker world.
Your Docker container setup will probably be more bespoke in terms of
settings than your single machine/linode, or LXD setup.
By now I have a few of LXD containers, based on Ubuntu. Regular apt is
used in them. apt-cache-ng for caching packages is you friend when you
have more than one machine.
> Help? There are a bunch of tutorials in getting started with Docker,
> but not much about when to choose it, and under what situations it
> does/does not make sense.
Is it vendors app? If yes: they give you docker image -> use it; they
give you updates via apt, use LXD.
If its your own app, and you already have a flow of packing things into
one machine, start splitting for a few machines. You may say it is
micro-servicing route, I say it is a good engineering practice that will
help with scaling. Let's not forget, how chef decides to chop meat is
chef's choice. Put chops into LXD. Put all lxc creation commands into a
script. Turning that into Docker file will be easy, when you decide to
go Docker.
More so, you can mix Docker and LXD, cause subsystems talk over the
network, anyway.
Right now I am staring at gitlab's continuous integration script. We use
docker-based gitlab runner. Developer (!) has info to tell what is in
the container, into which new version of software is packaged. This is
cool. There is style "it runs on my machine" syndrome, but contained, as
now I have to make it to run in this particular contained environment.
Docker file provides pretty good prescription of it.
More information about the kwlug-disc
mailing list