Wednesday, July 08, 2015

The Sweet Spot of Docker

I just stumbled across this "Ask HN: What is the actual purpose of Docker?".

After using Docker more and more over the last months, my answers have gradually changed. It used to be more hype-like, with "immutable infrastructure", "portable" and stuff like that. Now it's more practical, I feel I can say more concretely what our benefits are.

My favorite answer comes down to Docker being a standardized way of deploying and running applications.

The old way of deploying our software was complex with a taste of chaos, then became managed but complicated through the introduction of Puppet (or your configuration management tool of choice). I'm hoping Docker will nudge it more towards the simple (quadrant).

How we used to deploy (and still do) - most of these are done through home-made shell scripts we distribute using Puppet:

  • Installing Debian packages (mostly standard packages, sometimes from 3rd party repositories)
  • Dropping WAR files into Tomcat (application server)
  • Expanding tar.gz files with Java applications embedding Jetty (application server) and home-made init/service-scripts

On top of that, some extra configuration is again provided by Puppet.

Our scripts handle downloading artifacts from Maven repositories, restarting application servers, running the services, PID-files and log files. Always some variations from application to application.

So in order to get an application running on a new server, we'd do this:

  1. Acquire the server
  2. Install OS and provision environment using Puppet
  3. Include deployment scripts for downloading and setting up the application
  4. Include service scripts for the application (start, stop)
  5. Run the deployment scripts and start the application

With Docker, we do this:
  1. Acquire the server
  2. Install OS and set up Docker log into the Docker repository (using Puppet)
  3. docker pull our application image
  4. docker run our application image

It looks kind of similar, and it's not really a big drastic change. But we are saving a couple of steps:

  • We don't have to write and distribute the deploy script for the application.
  • We don't have to nurse the service scripts for the the application.

Docker provides the above routines for us. And we can use the same routine whether it's a Java application built with appassembler, a Tomcat with a Grails application in it, a database, some simple executable or a cronjob. I always wanted something like appmgr for fixing this for my Java applications, but Docker solves it for everything.

We do have to provision the container's parameters/configuration, but at least this is a uniform step no matter what application we're talking about.

Of course, it's a lot of work to dockerize your infrastructure, and if it was only for the sake of the above benefits alone, it might not be worth it. As often mentioned in the HN discussion, I think Vagrant is a much more helpful tool to gain the benefits that you get from Docker from a developer's perspective, but Vagrant doesn't help you deploy software out on the real servers. So right now we've got Vagrant recipes that use Puppet to install Docker (see routine above, replace "acquire the server" with "vagrant up").