DevOps with Docker 2일차

0 %
100 %
Information about DevOps with Docker 2일차
Entertainment

Published on July 21, 2018

Author: k16wire

Source: authorstream.com

slide 1: 1 DEVOPS WITH DOCKER Docker DevOps 88 52 65 79 52 DevOps DAY2 slide 2: 2 DEVOPS WITH DOCKER 4 20 DevOps Docker . Day1 Docker Docker Docker Docker VM Day2 Docker Docker Compose Docker Hub Registry CI Redis Day3 Docker Docker Swarm Kubernetes Docker slide 3: 3 DEVOPS WITH DOCKER 4 20 DevOps Docker . Day4 DevOps DevOps Docker Security Docker Aws DevOps slide 4: 4 DEVOPS WITH DOCKER Docker ‘Docker Compose’ Docker Compose . ‘Docker Hub Registry’ Docker . ‘ ’ Docker . ‘Docker CI ’ Docker CI . slide 5: 5 DEVOPS WITH DOCKER Docker Compose slide 6: 6 Docker Compose 여러개 컨테이너 구성된 어플리케이션을 만들고 관리할수 있게해주는도구 • 웹프런트엔드 • 사용자관리 • 결재 • 데이터베이스 slide 7: 7 docker-toolbox와docerCEforxxx설치시함께설치 된다. -수동설치 • curl -L "https://github.com/docker/compose/ releases/download/1.11.2/docker-compose-uname - s-uname -m" -o /usr/local/bin/docker-compose chmod +x /usr/local/bin/docker-compose slide 8: 8 docker-compose.yml 어플리케이션을만드는서비스를정의하는yaml파일 slide 9: 9 docker-compose.yml web: build:. ports: -"5000:5000" volumes: -.:/code links: -redis redis: image:redis Version 1 version:2 services: web: build:. ports: -"5000:5000" volumes: -.:/code redis: image:redis Version 2 version:"3" services: db: image:postgres volumes: -data:/var/lib/postgresql/data volumes: data: driver:mydriver Version 3 slide 10: docker-compose.ymlCheatSheet1/2 imagebuild할이미지를지정한다. image:webapp:tag build빌드에적용할옵션을설정한다. build: context:./dir dockerfile:mysql.yml args: buildno:1 links 다른서비스에컨테이너를연결한다. SERVICE:ALIAS web: links: -mysql_1:db -redis external-links 현재docker-compose.yml 외부에서시작된컨테이너를연결한다. external_links: -mysql_1:mysql ports포트를드러낸다. ports: -“8000:8000” -“9090-9091:8080-8081” expose호스트바인딩없이포트를드러낸다. exposeUME: -“3000” volumes호스트와컨테이너특정패스를마 운트한다. volumes: -/opt/data:/var/lib/mysql volumes_from다른서비스나컨테이너로부 터볼륨을마운트한다. volumes_from: -mysql_dev -service_name:ro slide 11: docker-compose.ymlCheatSheet environment환경변수를정의한다. image:webapp:tag web: environment: -TAG1 web: image:”webapp:TAG” net 네트워크모드 net:“bridge” net:“host” dns사설dns서버를지정한다. dns:8.8.8.8 dns: -8.8.8.8 -9.9.9.9 env_file 환경변수를정의하는파일을지정한 다. env_file:.env env_file: -./common.env extends다른서비스설정을상속받는다. extends: file:common.yml service:webapp dns_search사설dns서버를도메인으로지 정한다. dns_search:example.com dns_search: -dc1.example.com -dc2.example.com slide 12: 12 • docker-composeup-d • docker-composeup-dmydb • docker-composeup-d—no-recreate • docker-composedown • docker-composerm slide 13: 13 link link를걸면도커엔진이컨테이너에환경변수로 필요한정보를주입시킨다. 이환경변수를직접사용하지말것 docker-compose run SERVICE env slide 14: 실습2-1compose를컨테이너로실행 컨테이너로설치한다. curl -L https://github.com/docker/compose/ releases/download/1.11.2/run.sh /usr/local/bin/ docker-compose chmod +x /usr/local/bin/docker-compose slide 15: 실습2-2DB실행 mysql.yml파일을정의한다. mysql컨테이너를실행한다. mydb: image:mysql:5.6 environment: -MYSQL_ROOT_PASSWORDPassw0rd ports: -3306:3306 volumes: -/home/docker/my.cnf:/etc/mysql/conf.d/my.cnf -/db_master:/var/lib/mysql docker-compose -f mysql.yml up -d slide 16: 실습2-3W eb/W as실행 docker-compose.yml파일을정의한다. myweb: image:nginx:latest ports: -80:80 volumes: -/home/docker/nginx.conf:/etc/nginx/nginx.conf links: -mywas:tomcat mywas: image:tomcat:8.0 ports: -8080:8080 docker-compose up -d slide 17: 실습2-4W AS스케일아웃 mywas컨테이너를3개로늘린다. Q:myweb이mywas를번갈아바라보도록하려면 docker-compose scale mywas3 slide 18: 실습2-5워드프레스실행 version2docker-compose.yml파일을정의한다. version: 2 services: db: image: mysql:5.7 volumes: - "./.data/db:/var/lib/mysql" restart: always environment: MYSQL_ROOT_PASSWORD: wordpress MYSQL_DATABASE: wordpress MYSQL_USER: wordpress MYSQL_PASSWORD: wordpress wordpress: depends_on: - db image: wordpress:latest links: - db ports: - "8000:80" restart: always environment: WORDPRESS_DB_HOST: db:3306 WORDPRESS_DB_PASSWORD: wordpress slide 19: 실습2-6W eb/DB로깅 mywebmydb컨테이너를로그를확인한다. docker-compose logs slide 20: 20 DEVOPS WITH DOCKER Docker Hub Registry slide 21: 21 Docker Hub • 도커이미지공개저장소 • Root:공식저장소official마크 • User:repository:tag • 공개저장소는무료비공개저장소는유료 slide 22: 실습2-7Repo에이미지푸시 slide 23: docker tag 85e9c577cf0c k16wire/docker-whale:latest slide 24: 실습2-8Repo에이미지푸시 dockertag85e9c577cf0ck16wire/docker- whale:latest dockerpushk16wire/docker-whale:latest dockerlogin slide 25: 25 Registry • 도커이미지를저장하고공유할수있는서버 • 오픈소스Apache라이센스 • v1과v2가호환되지않는다. • 클라우드:DockerHub • 인트라넷:DTR slide 26: 실습2-9PrivateRegistry실행 dockerrun-d-p5000:5000--namemyregistry registry:2 slide 27: 실습2-10PrivateRegistry푸시 dockertagae7d6ffe6742localhost:5000/docker- whale:latest dockerpushlocalhost:5000/docker-whale:latest slide 28: 실습2-11PrivateRegistry풀링 dockerpulllocalhost:5000/docker-whale:latest dockerrmi-f7d9495d03763 dockerrunlocalhost:5000/docker-whale:latest slide 29: 29 - • 이미지데이터를어디에저장할것인가 • Local • StorageDrivers:클라우드저장소 dockerrun-d-p5000:5000-vpwd/registry- data:/var/lib/registry--namemyregistry registry:2 slide 30: 30 - • StorageDrivers https://docs.docker.com/registry/ storage-drivers • s3:A WSS3bucket • azure:MicrosoftBlobStorage • swift:OpenstackSwift • oss:AliynOSS • gcs:GoogleCloudStorage slide 31: 31 - • TLS도메인지원 • Let’sEncrypt추천 • 접근권한관리 • 인증:nginx를활용한basicauth • 이미지무결성:ssh사이닝 slide 32: 32 slide 33: 33 - • 네이밍기준:루트Repo명 • 이미지데이터관리:gc필요 • 성능이슈 • 대용량레지스트리 • 분산레지스트리 • 토렌토활용 slide 34: 실습2-12docker-compose로registry실행 docker-compose-fregistry.ymlup-d slide 35: 35 registry.yml registry: restart: always image: registry:2 ports: - 5000:5000 environment: REGISTRY_HTTP_TLS_CERTIFICATE: /certs/domain.crt REGISTRY_HTTP_TLS_KEY: /certs/domain.key REGISTRY_AUTH: htpasswd REGISTRY_AUTH_HTPASSWD_PATH: /auth/htpasswd REGISTRY_AUTH_HTPASSWD_REALM: Registry Realm volumes: - /path/data:/var/lib/registry - /path/certs:/certs - /path/auth:/auth slide 36: 36 registry.yml storage: s3 s3_access_key: S3_ACCESS_KEY s3_secret_key: S3_SECRET_KEY s3_bucket: docker-registry s3_encrypt: true s3_secure: true s3_region: ap-northeast-1 secret_key: SECRET_KEY storage_path: /images https://dobest.io/docker-registry-02-install-on-ec2-and-s3/ slide 37: 37 DEVOPS WITH DOCKER slide 39: 39 Docker CI T ool Stack slide 40: 실습2-13docker-ci-tool-stack docker-machinecreate-dvirtualboxdocker-ci evaldocker-machineenvdocker-ci gitclonehttps://github.com/marcelbirkner/ docker-ci-tool-stack.git docker-composeup-d slide 41: 실습2-14docker-ci-tool-stack slide 42: 42 구분 제품 비고 형상관리 git-scm https://git-scm.com/ gitlab https://about.gitlab.com/ gogs https://gogs.io/ Y ona http://yona.io/ 빌드 Jenkins https://jenkins.io/ Drone https://github.com/drone/drone go https://www.gocd.io/ 패키지관리 Nexus http://www.sonatype.org/nexus/ 정적분석 SonaQube https://www.sonarqube.org/ 성능테스트 nGrinder https://naver.github.io/ngrinder/ slide 43: 43 구분 제품 비고 이슈관리 Redmine http://www.redmine.org/ trac https://trac.edgewall.org/ mantis http://www.mantisbt.org/ 위키 MediaWiki https://www.mediawiki.org/wiki/MediaWiki DokuWiki https://www.dokuwiki.org/dokuwiki https://opensource.com/business/16/2/top-issue-support-and-bug-tracking-tools slide 44: 44 GitLab • GitLab은이슈관리코드리뷰CI/CD를지원하는통합 개발환경서버 • 라이센스:CM버전은무료엔터프라이즈유료클라우 드무료유료 slide 45: 45 GitLab • 데이터저장위치 • 포트:8044322 https://docs.gitlab.com/omnibus/docker/prerequisites slide 46: 실습2-15git-lab설치및실행 dockerrun--detach\ --hostnamegitlab.example.com\ --publish443:443--publish80:80--publish 22:22\ --namegitlab\ --restartalways\ --volume/srv/gitlab/config:/etc/gitlab\ --volume/srv/gitlab/logs:/var/log/gitlab\ --volume/srv/gitlab/data:/var/opt/gitlab\ gitlab/gitlab-ce:latest slide 47: 실습2-16docker-compose로gitlab실행 docker-compose-fgitlab.ymlup-d slide 48: gitlab.yml 48 web: image: gitlab/gitlab-ce:latest restart: always hostname: gitlab.example.com environment: GITLAB_OMNIBUS_CONFIG: | external_url https://gitlab.example.com ports: - 80:80 - 443:443 - 22:22 volumes: - /srv/gitlab/config:/etc/gitlab - /srv/gitlab/logs:/var/log/gitlab - /srv/gitlab/data:/var/opt/gitlab slide 50: 50 Y ona • 프로젝트단위로형상관리이슈관리코드리뷰게시판 을지원하는협업개발플랫폼 • 네이버Y obi의후속프로젝트 • 참고자료 https://github.com/yona-projects/yona https://hub.docker.com/r/yongseoklee/docker-yona/ slide 51: 실습2-17yona설치및실행 dockerrun--d\ --publish9000:9000\ --nameyona\ --restartalways\ yongseoklee/docker-yona:latest slide 52: 52 gogs • go로개발된git서비스가볍고빠르다. • 웹콘솔지원 slide 53: 실습2-18gogs설치및실행 dockerrun--namegogs-data--entrypoint/bin/ truegogs/gogs dockerrun-d--namegogs--volumes-fromgogs- data-p10022:22-p3000:3000gogs/gogs slide 54: 54 Nexus Repo. OSS • 다양한형식의컴포넌트레파지터리매니저 • https://www.sonatype.com/nexus-repository-oss slide 55: 실습2-19nexus설치및실행 dockerrun-d--namenexus-datasonatype/nexus echo"data-onlycontainerforNexus" dockerrun-d-p8081:8081--namenexus-- volumes-fromnexus-datasonatype/nexus slide 56: 56 nGrinder • 서버에대한성능테스트를위한오픈소스 • 성능테스트를위한웹UI • Agent와Controller slide 57: 실습2-20ngrinder컨트롤러설치 dockerrun-d-v/.ngrinder:/root/.ngrinder-p 80:80-p16001:16001-p12000-12009:12000-12009 ngrinder/controller:3.3 slide 58: 실습2-21ngrinder에이전트설치 dockerrun-d-e ‘CONTROLLER_ADDRcontroller_ip:80’ngrinder/ agent:3.3 slide 59: 59 Redmine • 프로젝트관리이슈관리도구위키 • RoR로개발 • 형상서버연계현황차트제공 slide 60: 실습2-22Redmine설치및실행 dockerrun-d-P--namemyredmineredmine dockerrun-d--nameredmine-postgres-e POSTGRES_PASSWORD‘password1’-e POSTGRES_USERredminepostgres dockerrun-d-p3000:3000--namemyredmine-- linkredmine-postgres:postgresredmine slide 61: version:2 services: redmine: image:redmine ports: -8080:3000 environment: REDMINE_DB_MYSQL:db REDMINE_DB_PASSWORD:example depends_on: -db restart:always db: image:mariadb environment: MYSQL_ROOT_PASSWORD:example MYSQL_DATABASE:redmine restart:always 실습2-23Compose로Redmine설치 slide 62: 62 MediaWiki • 위키피디아같은오픈소스위키 • PHP로개발 slide 63: 실습2-24MediaWiki설치및실행 dockerrun-d--namemediawiki-mysql\ -eMYSQL_ROOT_PASSWORD‘password1’mysql dockerrun--namemy-mediawiki\ --linkmediawiki-mysql:mysql\ -p8080:80-dsynctree/mediawiki slide 65: 실습2-25MediaWiki로컬설정반영 dockerrun-d--namemy-mediawiki\ --linkmediawiki-mysql:mysql\ -p8080:80-v/home/docker/mediawiki/ LocalSettings.php:/var/www/html/LocalSettings.php synctree/mediawiki slide 66: 66 DEVOPS WITH DOCKER Docker CI slide 67: 67 github DockerHub • github과DockerHub를이용한자동빌드환경구성 slide 68: 실습2-26DockerHubAutomatedBuild slide 71: 71 Jenkins Docker • US1:도커이미지를빌드/테스트/배포하는데Jenkins 를활용한다. • US2:JenkinsMasterSlave를도커로실행한다. slide 72: 72 US1: slide 73: 73 CI slide 74: 74 Docker CI slide 75: 75 Pipeline Stages http://www.slideshare.net/Docker/build-publish-deploy-and-test-docker-images-and-containers-with-jenkins-workflow slide 76: 76 Docker in Docker • Docker컨테이너가Docker명령어를실행할수있게 하려면 • Docker소켓파일에대한접근권한 • Docker클라이언트실행권한 slide 77: 실습2-27Image빌드용Jenkins실행 dockerrun-d--namejenkins-p8080:8080-v/ var/run/docker.sock:/var/run/docker.sockk16wire/ docker-jenkins dockerexecjenkinscat/var/jenkins_home/ secrets/initialAdminPassword slide 78: 실습2-28Image빌드용Jenkins실행 jenkins: image:k16wire/docker-jenkins:latest ports: -8080:8080 volumes: -/data/jenkins:/var/jenkins_home -/var/run/docker.sock:/var/run/docker.sock slide 79: 실습2-29Image빌드Job dockerbuild-tdocker-whale. dockertagdocker-whalek16wire/docker-whale:TAG dockerlogin-e이메일-u아이디-p암호 dockerpushk16wire/docker-whale:TAG slide 80: 80 US2:Jenkins Master Slave slide 81: 81 Jenkins Master/Slave Master/Slave구성의장점 • 다양한환경의빌드진행이가능 • 오래걸리는빌드를슬레이브에위임가능 • Jenkins를여러개사용하는것에비해관리가용이 slide 82: 82 Jenkins Master/Slave slide 83: 실습2-30slave빌드 slide 84: 84 • 이미지빌드의어려움 • 컴파일테스트패키징etc • 도 커 이 미 지 빌 드 전 에 어 플 리 케 이 션 을 빌 드 해 야 한 다 . • 특징 slide 85: First stage to build the application FROM maven:3.5.0-jdk-8-alpine AS build-env ADD ./pom.xml pom.xml ADD ./src src/ RUN mvn clean package Final stage to define our minimal runtime FROM FROM openjdk:8-jre COPY --frombuild-env target/app.jar app.jar RUN java -jar app.jar slide 86: 실습2-31멀티스테이지빌드 FROM golang:1.7.3 WORKDIR /go/src/github.com/alexellis/href-counter/ RUN go get -d -v golang.org/x/net/html COPY app.go . RUN CGO_ENABLED0 GOOSlinux go build -a -installsuffix cgo -o app . FROM alpine:latest RUN apk --no-cache add ca-certificates WORKDIR /root/ COPY --from0 /go/src/github.com/alexellis/href-counter/ app . CMD "./app" slide 87: 실습2-32멀티스테이지빌드 docker build -t alexellis2/href-counter:latest . slide 88: 88 DEVOPS WITH DOCKER Redis slide 89: 89 redis • REmoteDIctionarySystem • 메모리기반의Key/V alue스토어 • 저장가능한데이터용량은물리적인메모리크기를넘 어설수없다. • 서버재시작을위해Disk에데이터를저장 slide 90: 90 redis slide 91: 91 redis-cli • setkey“value” • getkey • msetaapplebbird • mgetab • dela • ping • exista slide 92: 실습2-33redis서버실행 dockerrun-d-p6379:6379--namefc-redisredis dockerrun-d--namefc-redis\ -v/apps/redis:/data\ redisredis-server--appendonlyyes slide 93: 실습2-34redis-cli확인 dockerrun-it--linkfcredis:redis--rmredis redis-cli-hredis-p6379 slide 94: 실습2-35redis이미지빌드 FROMredis:3.0 COPYredis.conf/usr/local/etc/redis/redis.conf CMD"redis-server""/usr/local/etc/redis/redis.conf" port6379 timeout300 databases1 requirepasspassword1 maxclients1000 appendonlyno tcp-keepalive60 syslog-enabledyes slide 95: 실습2-36redis-cluster구성 dockerrun-d-Pgrokzen/redis-cluster:3.0.6

Add a comment

Related presentations