Mastering Docker Enterprise电子书

Title Page

Copyright and Credits

Mastering Docker Enterprise

About Packt

Why subscribe?

Packt.com

Contributors

About the author

About the reviewers

Packt is searching for authors like you

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the example code files

Download the color images

Conventions used

Get in touch

Reviews

Section 1: Getting Started with Docker Enterprise

Making the Case for Docker Enterprise

Zero to everywhere in five years

The Docker story

Containers change application development and deployment

Containers gain popularity

Docker Engine-Community – free Docker

Docker Engine-Community includes key capabilities

Running Docker Engine-Community on AWS or Azure

Docker Enterprise – enterprise support and features

Kubernetes and Docker Enterprise

Kubernetes and Swarm orchestration

Kubernetes and Swarm – different philosophies to solve different problems

Moving Kubernetes to the mainstream

New era for app Dev, DevOps, and IT operations

DevOps

Operations

Container-first and strategic impact of containers

Container-first as a cloud adoption strategy

Get ready to bring workloads back from the public cloud

Application modernization – the containerization path

Support for microservices and DevOps

Compliance

How Docker Enterprise 2.0 has changed the game

Summary

Questions

Further reading

Docker Enterprise - an Architectural Overview

Moving from science projects to production platforms

The landscape of emerging container platforms

Economics, features, and key components of Docker Enterprise

The estimated cost of Docker Enterprise

Docker Enterprise pricing illustration

Docker Enterprise architecture-related benefits

Docker support benefits

Computational efficiency benefits

Benefits of choice

Rapid innovation – platform-neutral DevOps skills benefit the shift-left strategy

UCP and DTR benefits

Container-first benefits

Operational architecture of Docker Enterprise

Docker Enterprise's main components

Docker Enterprise operation architecture – infrastructure, platform, and application layers

Breaking down the layers

Infrastructure layer – network, nodes, and storage

The platform layer – Docker Enterprise engine, UCP, and DTR

Application layer – interacting with the cluster

Docker Enterprise reference architecture

Simple view of the Docker Enterprise cluster architecture

Drill-down – high-level Docker Enterprise 2 components

Summary

Questions

Further reading

Getting Started - Docker Enterprise Proof of Concept

Assembling a Docker Enterprise PoC cross-functional team

Preparing a Docker Enterprise platform for the PoC step

Preparing a four-node cluster

Set up a four-node cluster

Overview of a sample PoC environment

Installing Docker Enterprise Engine on all nodes

Getting a Docker Enterprise 30-day trial license and storebit URL

Installing the Docker Enterprise Engine on all nodes

Sample Ubuntu Docker Engine install

Windows 2016 Docker Engine install

Installing Docker's Universal Control Plane

Logging to the UCP web interface and uploading your trial license

Adding work nodes to the UCP cluster

Joining Linux worker nodes to the cluster

Joining the remaining worker nodes into the cluster

Joining a Windows server 2016 worker node to the cluster

Installing the DTR

Configuring RBAC for PoC

PoC application

Picking a PoC application

Installing Docker on a local workstation

Containerizing and testing the PoC application on a Dev workstation

Review application documentation

Containerizing and locally testing each application component

Containerizing the database

Containerizing the Webforms application

Creating deployment files and testing locally

Pushing images

Connecting to the PoC DTR

Preparing and pushing your images

Deploying a PoC application to a Docker Enterprise cluster

The Docker Enterprise CLI bundle

Using Bash with Docker API to get the CLI bundle

Using PowerShell with the Docker API to get the CLI bundle

Deploying the PoC application to the Docker Enterprise cluster

Updating the PoC application

Summary

Questions

Further reading

Section 2: Piloting Docker Enterprise

Prepare the Docker Enterprise Pilot Cluster

Docker Enterprise cluster plumbing

Introduction to Docker single-node networking

No Domain Name System (DNS) for the Docker0 default network

Introduction to cluster-based container networking

Swarm and Kubernetes DNS and service discovery

The management and control planes

Docker Enterprise pilot network implementation

Internal cluster users

End users of Docker Enterprise-hosted applications

Highly available cluster

DNS, certificates, and certificate termination

Hostnames for Docker cluster nodes

Bare metal cluster – network setup example

Step 1 – define a domain name and hostname structure

Step 2 – define a certificate structure and termination plan

Step 3 – design and implement a network infrastructure

Load balancer setup and configuration design

Docker Enterprise pilot platform

Preparing cluster nodes

Node sizing consideration

Network adapters considerations

Cluster-based storage considerations

Network timing and node synchronization

Docker Enterprise pilot bare metal walk-through

Installing the Docker Enterprise Engine on all nodes

Installing the Docker Enterprise Engine onto each node in the cluster

Setting up the NFS server node

Installing the first manager node

Joining initial DTR 1 and worker 1 nodes

Installing the DTR

Adding additional DTR replicas

Final configuration of load balancers

Summary

Questions

Further reading

Prepare and Deploy a Docker Enterprise Pilot Application

Planning for a pilot application

Sample pilot planning and execution

Configure UCP pilot settings

RBAC in Docker Enterprise

Setting up Docker Enterprise teams and organizations

Team member sync using LDAP

Collection for pilot team

DTR pilot settings

The sample pilot wiki application

Containerizing the application

Collect and document application assets

Containerizing and testing the Postgres database

Containerizing and testing the wiki application

Pushing the images

Deploying the wiki to the pilot cluster

Pilot application strategy

Application flow for wiki pilot

Deployment architecture for the pilot wiki

Deploying the pilot wiki application

Summary

Questions

Further reading

Design and Pilot a Docker Enterprise CI Pipeline

Pilot application development with Docker Enterprise

Using Docker for faster developer on-boarding

Using Docker to improve software development cycles

Docker Containers as a Service (CaaS)

What you need to know about distributed applications

Key principles for container application design

Docker Swarm services

Swarm service networks and routing mesh

Docker Enterprise layer 7 routing

Defensive coding

Centralized logging

Secrets

Docker tools for the local development and testing of the AtSea application

AtSea application structure

Using docker-compose as a Makefile

Building and running an application with Compose and Swarm

Mocking layer 7 routing and TSL termination for local Swarm testing

Final steps for local Swarm testing

Deploying a custom app to the Docker Enterprise cluster

Layer 7 routing with Docker Enterprise

Building and deploying the custom app with a CI pipeline

Sample CI pipeline overview

Connecting GitLab to Docker Enterprise

Adding a GitLab Runner to the build machine

DTR CI integration

Building our services

Simple build and push pipeline for atsea-db image

Simple build and push pipeline for the atsea-payment image

Build, End to End Test, and Push pipeline for the atsea-web image

Pipeline deployment to Docker Enterprise

Deployment pipeline file

Understanding Docker Swarm resource scoping

Triggering the pipeline manually

Summary

Questions

Further reading

Pilot Docker Enterprise Platform Monitoring and Logging

Logging and monitoring distributed, containerized applications

Default Docker Engine logs

Centralized logging

Publish approach with an ELK Stack

Polling approach with Prometheus

Simple Prometheus setup

Prometheus on Docker and checking Docker

Logging and monitoring in Docker Enterprise

Docker Enterprise UCP and Prometheus

Docker Enterprise with Prometheus and Grafana

Commercial example – Sysdig

Our pilot Sysdig architecture

Installing the Sysdig agents

The Wiki pilot dashboard

Setting up alarms

Summary

Questions

Further reading

Section 3: In Production with Docker Enterprise

First Application in Production with Docker Enterprise

Docker Enterprise production cluster

High-level cluster flow and concepts

Image mirroring

Image signing

UCP production scheduling with Docker Content Trust

Immutability for DTR repos

Image scanning in production

Production cluster considerations

Avoiding cluster sprawl

Production-installation considerations

Production manager nodes

Node sizing

Setup and installation considerations

Center for Internet Security (CIS) docker benchmarks

Locking down SSH access

No public access to Docker nodes

Production UCP configuration

Production DTR configuration

Data management

Host volume mounts

Docker NFS volume plugin

Other volume storage solutions

Backing up data

Backing up UCP

Backing up DTR

Backing up application data

Applying OS and Docker updates

OS and Docker Enterprise Engine updates

UCP manager nodes

Worker nodes

Upgrading the UCP software

Upgrading the DTR software

Summary

Questions

Further reading

Important Docker Enterprise Production Topics

Working with orchestrators in production

Health checks

Ephemeral containers and orchestration

Application startup and health checks

Swarm service health check for AtSea-web

Passing signals into containers

Managed and unmanaged cluster resources

Orchestrators and resource management

Container reservations, requests, and limits

Setting CPU and memory reservations

Production ingress

Ingress model overview

Layer 7 dynamic routing

Layer 4 simple port-based routing

Static host deployments

Key concepts of blue/green deployments

Blue/green deployments with Swarm

Kubernetes blue/green deployment

Layer 7 routing in production

Layer 4 routing in production

Docker service updates

Layer 4 blue/green deployment

Layer 4 canary deployment

Production monitoring

Summary

Questions

Further reading

More on Kubernetes with Docker Enterprise

Overview of Docker Enterprise with Kubernetes

CNI networking

Docker Enterprise install – Kubernetes

Advanced Kubernetes networking philosophy

Coexistence – Swarm and Kube

Docker Enterprise Kubernetes role-based access control

Kubernetes persistent volume management

Docker Desktop to Docker Enterprise Kubernetes

Docker Desktop – Converting AtSea to Kubernetes

Setting up Docker Desktop with Kubernetes

Configuring an application with Kubernetes (Namespace/Secrets/ConfigMaps)

Converting and testing the DB

Creating the DB ClusterIP

Converting the web app

Creating the webapp NodePort

Testing locally

Docker Enterprise for a pilot release of AtSea Kubernetes

Setting up Docker RBAC for the atsea-test namespace

Blue/green deployment of AtSea to the Docker Enterprise Kubernetes cluster

Smoke-testing the AtSea Kubernetes application

Configuring the load balancer for blue/green deployment

Third-party Docker Enterprise Kubernetes integrations

Helm charts on Docker Enterprise Kubernetes

GitLab and Docker Enterprise Kubernetes

Kubernetes persistent volumes with an existing NFS server

Attaching your UCP Kube cluster to an existing on-premises NFS server

The setup

Ingress controller

Installing the NGINX ingress controller

Using the Docker demo application to test our ingress setup

Installing the dockerdemo application and docker-demo-svc

Configuring ingress rules to dockerdemo

Testing the ingress controller flow

Summary

Questions

Further reading

Taking the Docker Enterprise Platform into the Future

Container-first culture

Life before a container-first culture

Life after a container-first culture

Container-first culture for developers

Container-first for DevOps

Container first for operations

Container-first adoption challenges

The cloudy path to organic adoption

Trying to move everyone in the same direction

Container-first target application areas

Considerations for building a container culture

Keeping it simple in the beginning

Recognizing enthusiastic learners and committed adopters

Establishing a learning culture

Docker Enterprise managed clusters

Agile adoption for containers and beyond

Agile Docker Enterprise adoption and container-first

Building your future on the platform

Serverless and containers

Summary

Further reading

Assessments

Chapter 1: Making the Case for Docker Enterprise

Chapter 2: Docker Enterprise – an Architectural Overview

Chapter 3: Getting Started – Docker Enterprise Proof of Concept

Chapter 4: Prepare the Docker Enterprise Pilot Cluster

Chapter 5: Prepare and Deploy a Docker Enterprise Pilot Application

Chapter 6: Design and Pilot a Docker Enterprise CI Pipeline

Chapter 7: Pilot Docker Enterprise Platform Monitoring and Logging

Chapter 8: First Application in Production with Docker Enterprise

Chapter 9: Important Docker Enterprise Production Topics

Chapter 10: More on Kubernetes with Docker Enterprise

Other Books You May Enjoy

Leave a review - let other readers know what you think