• Home

  • Technology

  • London CD: "Continuous Delivery with Containers: Lessons Learned the Hard Way"
14
Containers and Continuous Delivery: Lessons Learned the Hard Way Daniel Bryant @danielbryantuk

London CD: "Continuous Delivery with Containers: Lessons Learned the Hard Way"

Embed Size (px)

Citation preview

Page 1: London CD: "Continuous Delivery with Containers: Lessons Learned the Hard Way"

Containers and Continuous Delivery:Lessons Learned the Hard Way

Daniel Bryant @danielbryantuk

Page 2: London CD: "Continuous Delivery with Containers: Lessons Learned the Hard Way"

03/05/2023 @danielbryantuk

TL;DR

• Container image becomes ‘single binary’

• Adding metadata is essential

• Cultivate ‘mechanical sympathy’

Page 3: London CD: "Continuous Delivery with Containers: Lessons Learned the Hard Way"

03/05/2023 @danielbryantuk

Containers: Expectations versus reality

“DevOps”

Page 4: London CD: "Continuous Delivery with Containers: Lessons Learned the Hard Way"

03/05/2023 @danielbryantuk

Container technology (and CD)

• OS-level virtualisation• cgroups, namespaces, rootfs

• Package and execute software

• Container image == ‘single binary’

Page 5: London CD: "Continuous Delivery with Containers: Lessons Learned the Hard Way"

03/05/2023 @danielbryantuk

Changing the pipeline

Page 6: London CD: "Continuous Delivery with Containers: Lessons Learned the Hard Way"

03/05/2023 @danielbryantuk

What to put in the Dockerfile

• OS choice• Exposed to OS (often implictly?)• Choose lightweight OS if possible e.g.

Alpine, Debian Jessie

• Configuration?

• Build artefacts

• Java• JDK vs JRE• Oracle vs OpenJDK

• Golang• Statically compiled binary

• Python• Virtualenv

Page 7: London CD: "Continuous Delivery with Containers: Lessons Learned the Hard Way"

03/05/2023 @danielbryantuk

Please talk to the sysadmin people:Their operational knowledge is invaluable

Page 8: London CD: "Continuous Delivery with Containers: Lessons Learned the Hard Way"

03/05/2023 @danielbryantuk

Different dev and test containers?• Separate ‘test’ container?• Test tools• Test data

• Easy to see configuration drift!

• Interesting ONTEST proposal by Alexi Ledenev

http://blog.terranillius.com/post/docker_testing/

http://blog.terranillius.com/post/docker_testing/
http://blog.terranillius.com/post/docker_testing/
Page 9: London CD: "Continuous Delivery with Containers: Lessons Learned the Hard Way"

03/05/2023 @danielbryantuk

Testing: Jenkins Pipeline as Code

Page 10: London CD: "Continuous Delivery with Containers: Lessons Learned the Hard Way"

03/05/2023 @danielbryantuk

Testing: Functional and NFRs• Automate all the things!• Deploy to realistic environments

• Execution (runtime)• Security• Observability

• Evolvability (static)• Scalability

Page 11: London CD: "Continuous Delivery with Containers: Lessons Learned the Hard Way"

03/05/2023 @danielbryantuk

Metadata

• Beware of the ‘latest’ Docker tag

• Metadata is vital• h/t microbadger.com

https://microbadger.com/
Page 12: London CD: "Continuous Delivery with Containers: Lessons Learned the Hard Way"

03/05/2023 @danielbryantuk | @spoole167 12

Mechanical sympathy: Docker and Java• Watch for cgroup limits (and cgroup awareness)• getAvailableProcessors issue (bugs.openjdk.java.net/browse/JDK-8140793)• Default fork/join thread pool sizes (based from host CPU count)

• Set container memory appropriately • JVM requirements = Heap size (Xmx) + Metaspace + JVM overhead• Account for native thread requirements e.g. thread stack size (Xss)

• Entropy • Host entropy can soon be exhausted by crypto operations

https://bugs.openjdk.java.net/browse/JDK-8140793
Page 13: London CD: "Continuous Delivery with Containers: Lessons Learned the Hard Way"

03/05/2023 @danielbryantuk

Want to know more?

O’Reilly mini-book coming soon

https://github.com/danielbryantuk/oreilly-docker-java-shopping

https://github.com/danielbryantuk/oreilly-docker-java-shopping
https://github.com/danielbryantuk/oreilly-docker-java-shopping
Page 14: London CD: "Continuous Delivery with Containers: Lessons Learned the Hard Way"

03/05/2023 @danielbryantuk

Thanks for listening

• Any questions?

• Feel free to contact me• @danielbryantuk• [email protected]


Tessellation: Refactoring the OS around explicit resource containers with continuous adaptation

Tessellation: Refactoring the OS around explicit resource containers with continuous adaptation

Documents
Using containers and Continuous Packaging to Build native FOSSology packages

Using containers and Continuous Packaging to Build native FOSSology packages

Technology
Continuous Delivered Containers

Continuous Delivered Containers

Technology
OReilly/Nginx 2016: "Continuous Delivery with Containers: The Trials and Tribulations"

OReilly/Nginx 2016: "Continuous Delivery with Containers: The Trials and Tribulations"

Technology
JAXLondon 2017 "Continuous Delivery with Containers and Java"

JAXLondon 2017 "Continuous Delivery with Containers and Java"

Technology
Introduction To Continuous Integration How I Learned To Stop Worrying And Love The Bugs

Introduction To Continuous Integration How I Learned To Stop Worrying And Love The Bugs

Technology
The road to continuous deployment (V4:Jax) · 2018-06-21 · the road to continuous deployment - a case study michiel rook @michieltcs ... containers. legacy elastic search db job

The road to continuous deployment (V4:Jax) · 2018-06-21 · the road to continuous deployment - a case study michiel rook @michieltcs ... containers. legacy elastic search db job

Documents
Continuous Delivery mit Docker - bed-con.orgbed-con.org/2014/files/slides/CD-docker-BED2014.pdf · Definition und Provisionierung eines Linux-Containers 04.04.14 Continuous Delivery

Continuous Delivery mit Docker - bed-con.orgbed-con.org/2014/files/slides/CD-docker-BED2014.pdf · Definition und Provisionierung eines Linux-Containers 04.04.14 Continuous Delivery

Documents
Continuous Delivery in an Ephemeral World · • Continuous integration and delivery as a service ... Pipeline spins up containers for build/test/deploy 5. Build/test/deploy run,

Continuous Delivery in an Ephemeral World · • Continuous integration and delivery as a service ... Pipeline spins up containers for build/test/deploy 5. Build/test/deploy run,

Documents
JUC Europe 2015: From Virtual Machines to Containers: Achieving Continuous Integration, Build Reproducibility, Isolation and Scalability

JUC Europe 2015: From Virtual Machines to Containers: Achieving Continuous Integration, Build Reproducibility, Isolation and Scalability

Technology
IBM MQ in containers · MQ marked as -eus. Otherwise, IBM MQ 9.2 is considered a Continuous Delivery release for the certified containers. The IBM MQ Advanced certified container

IBM MQ in containers · MQ marked as -eus. Otherwise, IBM MQ 9.2 is considered a Continuous Delivery release for the certified containers. The IBM MQ Advanced certified container

Documents
Continuous Delivery with Containerskrumba.ch/presentations/2018/All_Things_Open_2018...Jenkins-1 Jenkins-2 GitLab Tests Tests Legacy Infrastructure + Containers Continue running your

Continuous Delivery with Containerskrumba.ch/presentations/2018/All_Things_Open_2018...Jenkins-1 Jenkins-2 GitLab Tests Tests Legacy Infrastructure + Containers Continue running your

Documents
Lessons Learned from Continuous Delivery

Lessons Learned from Continuous Delivery

Technology
Continuous Engagement of Adult Students-Lessons Learned and Applied, Lisa Gallina

Continuous Engagement of Adult Students-Lessons Learned and Applied, Lisa Gallina

Marketing
Continuous Delivery of Containers with Drone & Kontena

Continuous Delivery of Containers with Drone & Kontena

Technology
O'Reilly 2016: "Continuous Delivery with Containers: The Trials and Tribulations" By Daniel Bryant

O'Reilly 2016: "Continuous Delivery with Containers: The Trials and Tribulations" By Daniel Bryant

Technology
Containers and DevOps Red Hat Roadmap for · Red Hat Roadmap for Containers and DevOps Brian Gracely, ... Move from Continuous Integration to ... By JBoss BRMS In Memory Data Grid

Containers and DevOps Red Hat Roadmap for · Red Hat Roadmap for Containers and DevOps Brian Gracely, ... Move from Continuous Integration to ... By JBoss BRMS In Memory Data Grid

Documents
A DevOps State of Mind: Continuous Security with DevSecOps ... · A DevOps State of Mind: Continuous Security with DevSecOps + Containers ... CI/CD Source Control Management Collaboration

A DevOps State of Mind: Continuous Security with DevSecOps ... · A DevOps State of Mind: Continuous Security with DevSecOps + Containers ... CI/CD Source Control Management Collaboration

Documents
Denver Union Station Lessons Learned · 2011-10-19 · To facilitate the continuous collection, analysis, and sharing of Lessons Learned, tRTD he FasTracks project team has deployed

Denver Union Station Lessons Learned · 2011-10-19 · To facilitate the continuous collection, analysis, and sharing of Lessons Learned, tRTD he FasTracks project team has deployed

Documents
Don't hate, automate. lessons learned from implementing continuous delivery

Don't hate, automate. lessons learned from implementing continuous delivery

Technology
Using Containers for Continuous Integration and Continuous Delivery

Using Containers for Continuous Integration and Continuous Delivery

Software
Continuous Delivery with Jenkins: Lessons Learned

Continuous Delivery with Jenkins: Lessons Learned

Technology
Continuous Monitoring and Incident Responseus.areva.com/home/liblocal/docs/Solutions/campaigns/engineering/i… · deploying continuous monitoring and incident ... lessons learned

Continuous Monitoring and Incident Responseus.areva.com/home/liblocal/docs/Solutions/campaigns/engineering/i… · deploying continuous monitoring and incident ... lessons learned

Documents
CONTAINER SECURITY WITH THE FALCON PLATFORM...Continuous availability: ... to the dynamic scalability of containers in real time with continuous integration/ continuous delivery (CI/CD)

CONTAINER SECURITY WITH THE FALCON PLATFORM...Continuous availability: ... to the dynamic scalability of containers in real time with continuous integration/ continuous delivery (CI/CD)

Documents
Containers #101 Meetup: Containers & OpenStack

Containers #101 Meetup: Containers & OpenStack

Technology
Introduction to continuous integration how i learned to stop worrying and love the bugs

Introduction to continuous integration how i learned to stop worrying and love the bugs

Technology
1 Container Types Container Types Sequence Containers Sequence Containers Associative Containers Associative Containers Adapter Classes Adapter Classes

1 Container Types Container Types Sequence Containers Sequence Containers Associative Containers Associative Containers Adapter Classes Adapter Classes

Documents
Continuous Compression Moulding Multilayer · SACMI CLOSURES, CONTAINERS & PET 4 5 CCMM CONTINUOUS COMPRESSION MOULDING MULTILAYER 0.0070 0.0060 0.0050 0.0020 0.0040 0.0010 0.0030

Continuous Compression Moulding Multilayer · SACMI CLOSURES, CONTAINERS & PET 4 5 CCMM CONTINUOUS COMPRESSION MOULDING MULTILAYER 0.0070 0.0060 0.0050 0.0020 0.0040 0.0010 0.0030

Documents
Continuous Delivery with Containers: The Good, the …€¢Independent Technical Consultant, Product Architect at Datawire •Architecture, DevOps, Java, microservices, cloud, containers

Continuous Delivery with Containers: The Good, the …€¢Independent Technical Consultant, Product Architect at Datawire •Architecture, DevOps, Java, microservices, cloud, containers

Documents
Continuous Analysis ATLAS User Containers on the Grid · Many existing use-cases of containers within WLCG focus on streamlining operations (SLC6 base images on CC7) However, this

Continuous Analysis ATLAS User Containers on the Grid · Many existing use-cases of containers within WLCG focus on streamlining operations (SLC6 base images on CC7) However, this

Documents