6. The problem (or requirements)
• Resource sharing
• Simplify configuration
▫ DRY: build once, run anywhere
• On-demand deployment
▫ No interruption allowed for financial services
• Security
▫ All is about MONEY at dianrong.com
7. OS
cgroups, namespace, etc.
Libraries Libraries Libraries
Apps Apps Apps
VM vs. Docker
Host OS/Hypervisor
Guest OS Guest OS Guest OS
Libraries Libraries Libraries
Apps Apps Apps
8. Key factors in the decision
• Cost
• Technology & Knowledge
• Performance
• Easy to adopt/manage/integrate
• Production strategy
13. Test Cloud powered by Docker
• TestEnv as a Service
▫ Free developers from complex and error-prone
configurations
▫ Identical configuration as production env
▫ Resource sharing among many test environments,
such as DB and 3rd-party services.
18. Docker: Production-ready
• Simple Architecture & Stable enough
• Monitor – restart policy
▫ Since 1.2.0 (Aug 2014)
• Security: sandbox
• API & Libs
▫ Easy to integrate or develop your own apps
19. Docker @ Dianrong production
Firewall
Docker
RegistryLB1 LB2
…
Oracle Data Guard
DockerMan
Service
Node
Service
Node
Service
Node
NodeJSNodeJSNodeJS
MainApp
MainAppMainApp
MainApp
MainAppWorkflow
Monitoring
System
21. Best practices
• Volume on disk directly, instead of the default
loop device
▫ Performance
▫ Size limitation
▫ DOCKER_STORAGE_OPTIONS="--storage-opt
dm.metadatadev=/dev/vg-app/dr-metadata --
storage-opt dm.datadev=/dev/vg-app/dr-data"
• Identify varieties and use environment variables
for changes
• Tips to minimize Docker images
22. Nothing will ever be 100% perfect
• Interruption across updates
▫ https://github.com/docker/docker/issues/2658
• Granularity of access control
• User mapping
• Poor network to the official registry from China
▫ DaoCloud.io, docker.cn, dockerpool.com
• Network virtualization
▫ http://www.slideshare.net/adrienblind/docker-
networking-basics-using-software-defined-networks
▫ But not good enough