Docker + Apache

Speaker : Benoit Tellier

Retrieve this presentation online : https://rawgit.com/Open-Up/openup02_06/master/presentation/index.html
And on GitHub

Objectives

  • Understand docker purpose
  • Use docker cli and docker file
  • Use apache web server

Docker

What is virtualisation ?

Why should I use virtualisation

  • Specialization : risk reduction
  • Specialization : security
  • Cost reduction
  • Ease of management
  • High availability ?

Different types

  • Full (KVM, VirtualBox, etc...)
  • Paravirtualized (drivers KVM, XEN)
  • Containers (OpenVZ, LXC, Docker)

docker

Container

Packaging applications

Uses LXC and cgroups

Proposes a high level API

Why use docker ?

  • Immutability
  • Repeatability
  • Shared enviroment
  • Versionning
  • Automation

A developper

  • We have the same environment for reporting bugs
  • If we do the same actions, we will get the same result
  • One command to try my application
  • Use it from your tests

An OPS

  • I have the same environment everywhere
  • I have versions attached to my deployed softwares
  • I can start application with one command line
  • Common environment to exchange with developpers
  • We can review deployements
  • I can replace stateless containers

Vocabulary

  • Image
  • Container
  • Volume
  • Expose a port
  • link
  • SHA1 / names

Sample commands

docker ps
docker ps -a
docker rm container

Sample commands

docker images
docker rmi image

Sample commands

docker run image
docker run --port "80:8080" image
docker run --link "dnsEntryUsed:linkedContainerName" image
docker run --volume "onMyComputer:inTheContainer" image
docker run --name "containerName" image

Sample commands

docker inspect container
# !!!! Should not modify the state of the container !!!!
docker exec container command

Dockerfile

Declarative file to build docker images

One line defines one intermediate image

Dockerfile

FROM 

   specifies origin image

   Exemple : FROM java:openjdk-8-jdk

Dockerfile

ENV

   defines environment variables

   Exemple : ENV GIT_VERSION 1:2.1.4-2.1

Dockerfile

WORKDIR

   Changes of directory

   Exemple : WORKDIR /root

Dockerfile

RUN

   Run a command inside the container

   Exemple : RUN apt-get install -y git

Dockerfile

COPY

   Copy files into the container

   Example : COPY compile.sh /root/compile.sh

Dockerfile

ENTRYPOINT

   Defines the command to execute when starting the container

   Exemple : ENTRYPOINT ["/root/compile.sh"]

Dockerfile

FROM java:openjdk-8-jdk

ENV GIT_VERSION 1:2.1.4-2.1

# Install Maven
WORKDIR /root
RUN wget http://mirrors.ircam.fr/pub/apache/maven/maven-3/3.3.1/binaries/apache-maven-3.3.1-bin.tar.gz
RUN tar -xvf apache-maven-3.3.1-bin.tar.gz
RUN ln -s /root/apache-maven-3.3.1/bin/mvn /usr/bin/mvn

# Install git
RUN apt-get update
RUN apt-get install -y git

# Copy the script
COPY compile.sh /root/compile.sh
COPY integration_tests.sh /root/integration_tests.sh

# Define the entrypoint
WORKDIR /james-project
ENTRYPOINT ["/root/compile.sh"]

Docker build

docker build
docker build --tag "tag"
docker build path/to/dockerfile

Usefull links

DockerFile

docker run

docker command line interface

Apache

Apache

apt-get install apache2
/etc/init.d/apache2 start / stop / reload
Apache project page
Apache documentation

Configuration

/etc/apache2/apache2.conf


#	/etc/apache2/
#	|-- apache2.conf
#	|	`--  ports.conf
#	|-- mods-enabled
#	|	|-- *.load
#	|	`-- *.conf
#	|-- conf-enabled
#	|	`-- *.conf
# 	`-- sites-enabled
#	 	`-- *.conf
Mutex file:${APACHE_LOCK_DIR} default
PidFile ${APACHE_PID_FILE}
Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 5
User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}
HostnameLookups Off
ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn

IncludeOptional mods-enabled/*.load
IncludeOptional mods-enabled/*.conf
Include ports.conf


	Options FollowSymLinks
	AllowOverride None
	Require all denied



	AllowOverride None
	Require all granted



	Options Indexes FollowSymLinks
	AllowOverride None
	Require all granted


AccessFileName .htaccess


	Require all denied


LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent

IncludeOptional conf-enabled/*.conf

IncludeOptional sites-enabled/*.conf

apache2ctl

# apachectl configtest
Syntax OK
# apachectl restart
# apachectl graceful

Authentication

AuthType Basic
AuthName "Authentification obligatoire"
AuthUserFile /path/access/passwd
Require valid-user
$ htpasswd -c passwd identifier
$ htpasswd passwd identifier

IP ACL

Require valid-user
Order allow,deny
Allow from 198.51.100.0/24
Satisfy Any

Virtual host


	ServerAdmin webmaster@localhost

	ServerName weathermap-editor.minet.net
	ServerAlias weathermap-editor

	DocumentRoot /var/www/weathermap.minet.net
	
		Options FollowSymLinks
		AllowOverride None
	
	
		Options -Indexes +FollowSymLinks +MultiViews
		AllowOverride all
		Order allow,deny
		allow from all

               	AuthType Basic
               	AuthName "Intranet MiNET"
               	AuthBasicProvider ldap
               	#AuthzLDAPAuthoritative off
               	AuthLDAPUrl ldap://ldap/ou=equipe,dc=minet,dc=net?uid
               	AuthLDAPBindDN "cn=Apache,ou=auths,ou=systems,ou=equipe,dc=minet,dc=net"
               	AuthLDAPBindPassword "egfuzeivkzeuf"
               	Require valid-user
	

	ErrorLog ${APACHE_LOG_DIR}/weathermap-editor-error.log
	LogLevel warn
	CustomLog ${APACHE_LOG_DIR}/weathermap-editor-access.log combined

Questions ?