Service container deployment and Docker Compose
In the face of complex distributed micro-service applications, the traditional manual-based low efficiency of deployment of physical or virtual machines and error-prone; appear Docker container technology provides a reliable delivery mechanism for micro-packaging and services; in addition to the introduction of container cloud platforms such K8s, we can further simplify the deployment and management of distributed micro services; by K8s can do one-click deployment of the entire micro-service applications, can also be a key expansion of micro-service applications; so the industry began to make cloud-native cloud Native architecture philosophy, organizational structure that is the way not only to use micro application development services, but also in architecture outset to consider direct-to-cloud deployment container. Micro cloud service architecture and native architecture complement each other, if they leave the service micro-container or container cloud, deployment and operation and maintenance efficiency is compromised
Local development and deployment architecture and requirements
- Local IDE deployment architecture
- Each corresponding to a different port services
- Software Requirements
- SwitchHosts
- SkyWalking 6.1.0:配置agent.service_name、collector.backend_service
- MySQL 5.7
- Ali cloud mail accounts: a checking function
Manual deployment and testing services
- Deployment Steps
- Cleanup release memory
- Activity Monitor
- Close Docker and other large process
- Deployment database
- staffjoy_account
- staffjoy_company
- Deployment SkyWalking
- bin / startup.sh (the bytecode run)
- IDE provided skywalking-agent
- VM options: -javaagent:D:\apache-skywalking-apm-bin\agent
- Environment variables: SW_AGENT_NAME:account-svc
- Deployment Services
- Local confidential data configuration
- config / *. YML
- faraday gateway configuration review
mappings: - name: faraday_route host: faraday.staffjoy-v2.local destinations: httpbin.org - name: account_route host: account.staffjoy-v2.local destinations: localhost:8081 - name: company_route host: company.staffjoy-v2.local destinations: localhost:8082 - name: ical_route host: ical.staffjoy-v2.local destinations: localhost:8083 - name: whoami_route host: whoami.staffjoy-v2.local destinations: localhost:8084 timeout: connect: 10000 read: 10000 - name: superpowers_route host: superpowers.staffjoy-v2.local destinations: localhost:8085 - name: www_route host: www.staffjoy-v2.local destinations: localhost:8086 - name: myaccount_route host: myaccount.staffjoy-v2.local destinations: localhost:9000 - name: app_route host: app.staffjoy-v2.local destinations: localhost:9001
- Boot sequence: mail -> bot -> account -> company -> www -> whoami -> faraday
- Local confidential data configuration
- Deploying a single-page application (app and myaccount under staffjoy / frontend)
- npm install
- Elevation start
- Enable SwitchHosts
- hosts file for local DNS service, using [ip domain name] format unload a text document, the role is to build a relational database of some popular web site domain names and corresponding ip address: When a user enters a URL in a browser , the system will automatically find the first corresponding ip address from the hosts file, once found immediately opens the corresponding page, if it is not found then will be submitted URLs DNS DNS server for resolution of ip address
127.0.0.1 account.staffjoy-v2.local 127.0.0.1 faraday.staffjoy-v2.local 127.0.0.1 myaccount.staffjoy-v2.local 127.0.0.1 whoami.staffjoy-v2.local 127.0.0.1 www.staffjoy-v2.local 127.0.0.1 ical.staffjoy-v2.local 127.0.0.1 staffjoy-v2.local 127.0.0.1 app.staffjoy-v2.local 127.0.0.1 company.staffjoy-v2.local
- Cleanup release memory
- Test Procedure
- Browser access www.staffjoy-v2.local
- Check business processes: Administrators and registered company, log on; employees registered, login; scheduling
- Enter your e -> click on the activation link Mailbox -> password, full name, phone number -> Settings Company name, address -> Jump to app.staffjoy-v2.local
- Create employee -> Settings employee's full name, email, phone number -> employees to activate Mailbox -> Employees perfect password -> Jump to myaccount.staffjoy-v2.local
- logout-> administrator login -> SETTINGS-> Add New Job-> SCHEDULER-> select the date, time, employees and Job-> Publish Week
- Check cookie
- chrome dev tools->Application->Cookies
- name is staffjoy-faraday, value of the token JWT
- Check DB
SkyWalking call chain monitoring experiment
- Test Procedure
- Browser to access the dashboard
- http://localhost:8080
- admin / admin
- Checking topology
- Check dashboard
- Check tracking
- Liquidation
- Close Service
- Close single page applications
- Close SkyWalking (jps)
- Browser to access the dashboard
Docker Docker Compose and Introduction
- Use containers
- Standardized packaging mechanism: the container is realized by mirroring
- Isolation: the linux control groups, namespace technology
- Standardized Deployment: container introduced between software applications and operating system abstraction layer, on the one hand to ensure the consistency of the deployment environment, on the other hand the large-scale deployment of standardization known as possible. This is why it is difficult to do before the docker container technology appears standardized deployment, both general and specific language publishing platform technology stack and bind, such as tomcat deployment of java and python, ruby to develop different publishing tools; container technology appears, like k8s publishing platform and application-independent standardization of these began to appear, release can be unified, language does not need to stack framework for developing individual publishing tools, you can use a unified platform to deploy
- OS & Kernel operating system and kernel
- User Space: User Progress / Applications / Programs user space and kernel space function call
- Kernel Space: Operating System: Kernel hardware management, scheduling process
- Hardware:Memory - Disk - Network Interface - CPU
- Virtual machines and containers
- VM: virtualization and hardware virtualization kernel together to achieve, in the host operating system or hardware based on the physical machine to create a layer of virtualized hardware by introducing Hypervisor, can be virtualized cpu, disks, network cards, etc., which the the re-run guest operating systems; isolation is good, a strong isolation mechanism, but more weight, start slow, consume more resources
- Containers: directly built on the host operating system, sharing the host operating system kernel, introduced into only a small portion of the guest os, it is relatively lightweight container; isolated inferior to the virtual machine is a software isolation, but lightweight, quick start, less consumption of resources; number of containers on the same physical machine can be started much more than the number of virtual machines
virtual machine Application container Bins/Libs Application Guest OS Bins/Libs Hypervisor Minimal Guest OS Container Engine Host OS Host OS Hardware Hardware - Docker container core technology
- Container mainly based on some linux kernel implementation mechanism
- Linux Kernel
- Cgroups (control of the amount of container cpu and memory resources): cpu, cpuset, memory, device
- Networking (container implementation underlying network technologies, including virtual network card, a virtual bridge, these techniques iptables): veth, bridge, iptables
- Namespaces (Control Each container has isolated from each other in the process, file systems, network space): PID, MNT, IPC, UTS, NET
- The Storage (storage drive): Device Mapper, Btrfs, Aufs
- Mirroring container
- Can be considered a cure operating system, unlike the full operating system on the host (including a file system, binaries, kernel), the vessel contains only the operating system and file system binaries, shared host operating system kernel
- Container mirror stratified way to organize
- The underlying base image Base Image, the container is the operating system used, such as the Ubuntu, the host operating system and can not the same, but they share the host operating system kernel
- On the basis of image may have a multilayer mirror, such as the JDK dependent layer
- Dependent layer can contain binary files over Java applications, etc.
- Mirror hierarchically organized form of a container is also known as onion file system, this approach can easily reuse the mirror layer: If the same two vessels underlying the mirror, the mirror layer may have a unique hash value to identify, can be the common mirror layer, which saves the cost of storage and transmission
- Docker architecture
- Docker client
- Docker command to perform an operation command-line tool can be operated locally or remotely
- docker build: the mirror can be constructed according to dockerfile
- docker pull: got me a mirror from a mirrored warehouse
- docker run: Run containers
- Docker host
- Stationed Docker daemon, docker client receives an instruction execution pulling mirrored cache, starting, running, container management, generate an image of these operations
- Images
- Containers
- Docker registry
- Mirrored centralized storage container warehouse, the official is dockerhub, it can also be self-built private warehouse
- Process Example:
- Docker client users by running docker run helloworld
- daemon on a docker host receives a run command will first look helloworld local cache mirroring, if not then go docker registry pulling, and then do the local cache; it will create and launch container with the mirror inside the container last command executed
- Docker client
- Docker Compose
- Docker tool for running a single main container applications, docker compose container for defining and running multiple applications
- Docker compose multi-use containers can be applied in a yml deployment architecture specification document which, as a more complex micro-services dependent on the overall dependency, deployment architecture specification in a docker-compose.yml file inside
- By docker-compose up a key way to start the entire application, but also through docker-compose down a key to the destruction of the entire application
- Mainly applied to the development and testing environment, can be used to run the micro rapid deployment and testing services, it should be used for the production of these production-level containers k8s cloud platform
Construction container mirror parsing Dockerfile
Account Services Dockerfile
# 构建用基础镜像 FROM java:8-jdk-alpine # 将maven build生成的jar包拷贝到镜像的/usr/app/目录下 COPY ./target/account-svc-1.0.0.jar /usr/app/ # 设置工作目录 WORKDIR /usr/app RUN sh -c 'touch account-svc-1.0.0.jar' # 容器启动后,如何运行account service ENTRYPOINT ["java", "-jar", "account-svc-1.0.0.jar"]
- MyAccount single-page application Dockerfile
- Construction of stage two: Build a single-page application must first generate static resource, and then copied to nginx in
# 构建用的基础镜像 FROM node:alpine as builder # 设置工作目录 WORKDIR '/build' # 将单页应用源代码、构建需要的资源、第三方依赖拷贝到镜像中 COPY myaccount ./myaccount COPY resources ./resources COPY third_party ./third_party # 设置工作目录 WORKDIR '/build/myaccount' # 构建:安装reactJs需要的依赖 RUN npm install # 构建:构建node-sass RUN npm rebuild node-sass # 构建:生成静态html和js文件 RUN npm run build RUN ls /build/myaccount/dist # 换新的基础镜像 FROM nginx # 暴露80端口 EXPOSE 80 # 把生成的builder资源拷贝到nginx镜像里 COPY --from=builder /build/myaccount/dist /usr/share/nginx/html
Docker Compose deployment file parsing
- Docker Compose deployment architecture
- IDE when using each service with a different port, if docker compose ways: micro-services, front-end application, the gateway with the port 80, since the docker compose the internal environment separate networks, these services can be considered micro-independent small virtual environment, has its own network stack, each of which can all use the same port, there will be no conflict
- Deployment file parsing
- .env put privacy configuration
SPRING_PROFILES_ACTIVE=test SERVER_PORT=80 EMAIL_SERVICE_ENDPOINT=http://email-service COMPANY_SERVICE_ENDPOINT=http://company-service ACCOUNT_SERVICE_ENDPOINT=http://account-service BOT_SERVICE_ENDPOINT=http://bot-service SMS_SERVICE_ENDPOINT=http://sms-service SENTRY_DSN=https://[email protected]/1380198 SIGNING_SECRET=secret INTERCOM_ACCESS_TOKEN=YOUR_INTERCOM_ACCESS_TOKEN INTERCOM_APP_ID=TBD INTERCOM_SIGNING_SECRET=TBD ALIYUN_ACCESS_KEY=YOUR_ALIYUN_ACCESS_KEY ALIYUN_ACCESS_SECRET=YOUR_ALIYUN_ACCESS_SECRET RECAPTCHA_PUBLIC=test-recaptcha-public RECAPTCHA_PRIVATE=test-recaptcha-private ACCOUNT_DATASOURCE_URL=jdbc:mysql://host.docker.internal:3306/staffjoy_account?useUnicode=true&characterEncoding=utf-8 ACCOUNT_DATASOURCE_USERNAME=root ACCOUNT_DATASOURCE_PASSWORD=root COMPANY_DATASOURCE_URL=jdbc:mysql://host.docker.internal:3306/staffjoy_company?useUnicode=true&characterEncoding=utf-8 COMPANY_DATASOURCE_USERNAME=root COMPANY_DATASOURCE_PASSWORD=root
- Docker-compose.yml
version: '3.7' services: account-service: build: ./account-svc # dockerfile路径,用于做构建 image: boboweike/account-svc # 构建产生的镜像名称 environment: # 环境变量 - SPRING_PROFILES_ACTIVE - SERVER_PORT - SIGNING_SECRET - SENTRY_DSN - EMAIL_SERVICE_ENDPOINT - COMPANY_SERVICE_ENDPOINT - BOT_SERVICE_ENDPOINT - INTERCOM_ACCESS_TOKEN - ACCOUNT_DATASOURCE_URL - ACCOUNT_DATASOURCE_USERNAME - ACCOUNT_DATASOURCE_PASSWORD depends_on: # 服务之间依赖的指定 - bot-service - email-service networks: # 网络配置 - internal_access - external_access # db access ... faraday-service: build: ./faraday image: boboweike/faraday-svc ports: - 80:80 # 不仅内部有80端口,还要向外暴露80端口 environment: - SPRING_PROFILES_ACTIVE - SERVER_PORT - SENTRY_DSN - SIGNING_SECRET depends_on: - account-service - company-service - www-service - whoami-service # - ical-service # commented for demo - myaccount-service - app-service networks: - internal_access - external_access myaccount-service: build: context: ./frontend dockerfile: myaccount/Dockerfile image: boboweike/myaccount-spa networks: - internal_access ... networks: internal_access: internal: true external_access:
The Staffjoy deployed to the local environment Docker Compose
- Docker Desktop for Mac/Win
Download and install: https://docs.docker.com/docker-for-windows/install/
download example
git clone https://github.com/docker/doodle.git
- Build & tag image a docker
cd doodle\cheers2019 docker build -t wnzhong/cheers2019
- run container
docker run -it --rm wnzhong/cheers2019
- share image on Docker Hub
docker login docker push wnzhong/cheers2019
- Build and deploy
- Mirror building
- mvn clean package -DskipTests
- docker-compose build
- docker images
- MySQL database deployment
- staffjoy_account
- staffjoy_company
- Deployment Staffjoy
- docker-compose up
- docker-made ps
- Enable SwitchHosts
- Check Staffjoy
- Clear up
- docker-compose down
- Mirror building