ProHoster > Блог > Gudanarwa > Shin Docker abin wasa ne ko a'a? Ko har yanzu gaskiya ne?

Shin Docker abin wasa ne ko a'a? Ko har yanzu gaskiya ne?

Hello kowa da kowa!

Ina so in kai ga batun kai tsaye, amma zai fi kyau in faɗi ɗan labarina:

Gabatarwa

Ni mai shirye-shirye ne tare da gogewa wajen haɓaka aikace-aikacen shafi guda ɗaya na gaba, scala/java da nodejs akan sabar.

Na dogon lokaci (tabbas kamar ma'aurata ko shekaru uku), Ina da ra'ayin cewa Docker manna ne daga sama kuma gabaɗaya kayan aiki ne mai sanyi sosai kuma kowane mai haɓaka yakamata ya iya amfani da shi. Kuma daga wannan ya biyo baya cewa kowane mai haɓaka yakamata ya sanya Docker akan injin ɗin su. Menene ra'ayina, duba ta cikin guraben da aka buga akan wannan hh. Kowane daƙiƙa yana ɗauke da ambaton docker, kuma idan kun mallake ta, wannan zai zama fa'idar gasa ku 😉

A kan hanyata, na sadu da mutane da yawa, tare da halayensu daban-daban game da Docker da yanayin halittu. Wasu sun ce wannan abu ne mai dacewa wanda ke ba da garantin ayyukan giciye. Na biyu kuma ba su fahimci dalilin da ya sa su gudu a cikin kwantena ba, kuma wace riba za ta samu, na uku bai damu ba kuma bai damu ba (kawai sun rubuta code sun tafi gida - Ina musu hassada, by the. hanyar :)

Dalilan amfani

Me yasa na yi amfani da docker? Wataƙila saboda dalilai masu zuwa:

  • ƙaddamar da bayanai, 99% na aikace-aikacen suna amfani da su
  • ƙaddamar da nginx don rarrabawar gaba da proxying zuwa baya
  • zaku iya haɗa aikace-aikacen a cikin hoton docker, ta wannan hanyar aikace-aikacen na zai yi aiki a duk inda docker yake, ana magance matsalar rarraba nan da nan.
  • gano sabis daga cikin akwatin, zaku iya ƙirƙirar microservices, kowane akwati (wanda aka haɗa zuwa cibiyar sadarwar gama gari) yana iya isa ga wani cikin sauƙi ta hanyar laƙabi, mai dacewa sosai.
  • Yana da ban sha'awa don ƙirƙirar akwati da "wasa" a ciki.

Abin da koyaushe ba na so game da docker:

  • Domin aikace-aikacena yayi aiki, Ina buƙatar Docker kanta akan sabar. Me yasa nake buƙatar wannan idan aikace-aikace na suna gudana akan jre ko nodejs kuma yanayin su ya riga ya kasance akan sabar?
  • idan ina son gudanar da hoto na (na sirri) na gida akan sabar nesa, to ina buƙatar ma'ajiyar docker dina, Ina buƙatar rajista don yin aiki a wani wuri kuma ina buƙatar saita https, saboda docker cli yana aiki akan https kawai. Oh tsine... akwai zaɓuɓɓuka, ba shakka, don adana hoton a cikin gida ta hanyar docker save kuma kawai aika hoton ta hanyar scp ... Amma wannan shine yawancin motsin jiki. Kuma baya ga haka, yana kama da mafita na “crutch” har sai wurin ajiyar ku ya bayyana
  • docker-compose. Ana buƙatar kawai don gudanar da kwantena. Shi ke nan. Ba zai iya yin wani abu ba. Docker-compose yana da tarin juzu'i na fayilolinsa, nasa syntax. Ko ta yaya za a bayyana, ba na son karanta takardunsu. Ba zan buƙaci shi a ko'ina ba.
  • Lokacin aiki a cikin ƙungiya, yawancin mutane suna rubuta Dockerfile sosai a cikin karkace, ba sa fahimtar yadda aka adana shi, ƙara duk abin da suke buƙata kuma ba sa buƙatar hoton, suna gado daga hotunan da ba a cikin Dockerhub ko wurin ajiyar sirri, ƙirƙirar wasu. docker-compose fayiloli tare da bayanan bayanai kuma babu abin da ke ci gaba. A lokaci guda, masu haɓakawa suna nuna alfahari cewa Docker yana da sanyi, komai yana aiki a gida a gare su, kuma HR yana rubuta mahimmanci a cikin guraben: "Muna amfani da Docker kuma muna buƙatar ɗan takara mai irin wannan ƙwarewar aiki."
  • Tunani koyaushe yana damuna game da haɓaka komai a Docker: postgresql, kafka, redis. Abin takaici ne cewa ba duk abin da ke aiki a cikin kwantena ba, ba duk abin da ke da sauƙi don daidaitawa da gudu ba. Wannan yana samun goyon bayan masu haɓaka ɓangare na uku, kuma ba na masu siyar da kansu ba. Kuma ta hanyar, tambayar nan da nan ta taso: masu sayarwa ba su damu da kula da samfurori a Docker ba, me yasa wannan, watakila sun san wani abu?
  • Tambayar koyaushe tana tasowa game da dagewar bayanan kwantena. sannan kuna tunanin, shin in hau kundin jagorar ne kawai ko in ƙirƙiri ƙarar docker ko sanya kwandon bayanai wanda yake yanzu. deprecated? Idan na hau directory, to ina buƙatar tabbatar da cewa uid da gid na mai amfani a cikin akwati sun dace da id na mai amfani wanda ya ƙaddamar da akwati, in ba haka ba za a ƙirƙiri fayilolin da akwati ya ƙirƙira tare da haƙƙin tushen. Idan na yi amfani volume to za a ƙirƙiri bayanan ne kawai a cikin wasu /usr/* kuma za a yi labari daya da uid da gid kamar yadda aka yi a farkon lamarin. Idan kuna ƙaddamar da ɓangaren ɓangare na uku, kuna buƙatar karanta takaddun kuma ku nemo amsar tambayar: "A cikin waɗanne kundayen adireshi ne ɓangaren ke rubuta fayiloli?"

A koyaushe ba na son gaskiyar cewa dole ne in yi tinker tare da Docker na dogon lokaci a matakin farko: Na gano yadda za a kaddamar da kwantena, abin da hotunan da za a kaddamar daga, sanya Makefiles wanda ya ƙunshi sunayen laƙabi zuwa Docker Docker. Na tsani docker-compose saboda ba na son koyon wani kayan aiki a cikin mahallin docker. KUMA docker-compose up Ya dame ni, musamman idan har yanzu sun hadu a can build gine-gine, maimakon hotuna da aka riga aka haɗa. Duk abin da nake so kawai shine in yi samfuri cikin inganci da sauri. Amma na kasa gane yadda ake amfani da docker.

Gabatar da Mai yiwuwa

Kwanan nan (watanni uku da suka gabata), Na yi aiki tare da ƙungiyar DevOps, kusan kowane memba wanda ke da mummunan hali ga Docker. Saboda dalilai:

  • Docker dokokin iptables (ko da yake kuna iya kashe shi a cikin daemon.json)
  • docker yana da wahala kuma ba za mu gudanar da shi a samarwa ba
  • idan docker daemon ya fado, to duk kwantena tare da abubuwan more rayuwa sun fadi daidai
  • babu bukatar docker
  • me yasa docker idan akwai na'urori masu yiwuwa da kama-da-wane

A wannan aikin, na saba da wani kayan aiki - Mai yiwuwa. Na ji labarinsa sau ɗaya, amma ban yi ƙoƙarin rubuta littattafan wasana ba. Kuma yanzu na fara rubuta ayyukana sannan hangen nesa na ya canza gaba daya! Domin na gane: Mai yiwuwa yana da kayayyaki don gudanar da kwantena docker iri ɗaya, gina hoto, cibiyoyin sadarwa, da dai sauransu, kuma ana iya gudanar da kwantena ba kawai a cikin gida ba, har ma a kan sabobin nesa! Abin farin cikina bai san iyaka ba - Na sami kayan aiki na al'ada kuma na jefar da Makefile na da fayilolin mai docker, an maye gurbinsu da ayyukan yaml. An rage lambar ta yin amfani da ginin kamar loop, when, Da dai sauransu

Docker don gudanar da abubuwan ɓangare na uku kamar bayanan bayanai

Kwanan nan na saba da tunnels ssh. Ya juya cewa yana da sauƙi don "gabatar" tashar jiragen ruwa na uwar garken nesa zuwa tashar jiragen ruwa na gida. Sabar mai nisa na iya zama ko dai na'ura a cikin gajimare ko na'ura mai kama da aiki a cikin VirtualBox. Idan abokin aiki na ko ni na buƙatar bayanan bayanai (ko wani ɓangaren ɓangare na uku), za mu iya kawai fara uwar garken tare da wannan bangaren kuma mu kashe shi lokacin da ba a buƙatar uwar garken. Canza tashar tashar jiragen ruwa yana ba da tasiri iri ɗaya da ma'ajin bayanai da ke gudana a cikin akwati na docker.

Wannan umarnin yana tura tashar jiragen ruwa na gida zuwa sabar mai nisa da ke gudana postgresql:

ssh -L 9000: localhost: 5432 [email kariya]

Yin amfani da uwar garken nesa yana magance matsalar tare da haɓaka ƙungiyar. Irin wannan uwar garken na iya amfani da masu haɓakawa da yawa a lokaci ɗaya; ba sa buƙatar samun damar daidaita postgresql, fahimtar Docker da sauran ɓarna. A kan uwar garken nesa, zaku iya shigar da bayanai iri ɗaya a cikin Docker kanta, idan yana da wahala a shigar da takamaiman sigar. Duk masu haɓakawa suna buƙatar samar da damar ssh!

Kwanan nan na karanta cewa tunnels SSH ƙayyadaddun ayyuka ne na VPN na yau da kullun! Kuna iya kawai shigar da OpenVPN ko wasu ayyukan VPN, saita abubuwan more rayuwa kuma ku ba masu haɓakawa don amfani. Wannan yana da kyau sosai!

Abin farin ciki, AWS, GoogleCloud da sauransu suna ba ku shekara ta amfani da kyauta, don haka yi amfani da su! Suna da arha idan kun kashe su lokacin da ba a amfani da su. Kullum ina mamakin dalilin da yasa zan buƙaci uwar garken nesa kamar gcloud, da alama na same su.

A matsayin injin kama-da-wane na gida, zaku iya amfani da Alpine iri ɗaya, wanda ake amfani da shi sosai a cikin kwantena na docker. To, ko wasu rabe-rabe masu nauyi don sa injin ya yi sauri.

Layin ƙasa: za ku iya kuma ya kamata ku gudanar da bayanan bayanai da sauran abubuwan more rayuwa akan sabar nesa ko cikin akwatin kama-da-wane. Bana buƙatar docker don waɗannan dalilai.

Kadan game da hotunan docker da rarrabawa

Na riga na rubuta labarin wanda na so in isar da cewa yin amfani da hotunan docker baya bayar da wani garanti. Hotunan docker ana buƙatar kawai don ƙirƙirar akwati na docker. Idan kuna haɓaka zuwa hoton docker, to kuna haɓaka don amfani da kwantenan docker kuma za ku yi amfani da su kawai.

Shin kun ga ko'ina inda masu haɓaka software ke jigilar samfuran su kawai a cikin hoton docker?
Sakamakon yawancin samfurori shine fayilolin binary don takamaiman dandamali; ana ƙara su kawai zuwa hoton docker, wanda aka gaji daga dandalin da ake so. Shin kun taɓa mamakin dalilin da yasa ake samun hotuna masu kama da yawa akan dockerhub? Shigar nginx misali, zaku ga hotuna 100500 daga mutane daban-daban. Waɗannan mutanen ba su haɓaka nginx da kanta ba, kawai sun ƙara nginx na hukuma zuwa hoton docker ɗin su kuma sun ɗanɗana shi tare da nasu tsarin don dacewa da ƙaddamar da kwantena.

Gabaɗaya, zaku iya adana shi a cikin tgz kawai, idan wani yana buƙatar kunna shi a cikin docker, to bari su ƙara tgz a cikin Dockerfile, su gaji daga yanayin da ake so kuma su ƙirƙiri ƙarin buns waɗanda ba su canza aikace-aikacen kanta a cikin tgz. Duk wanda zai ƙirƙiri hoton docker zai san menene tgz da abin da yake buƙatar yin aiki. Wannan shine yadda nake amfani da docker a nan

Layin ƙasa: Bana buƙatar rajistar docker, zan yi amfani da wani nau'in S3 ko kawai ajiyar fayil kamar google drive/box

Docker in CI

Duk kamfanonin da na yi wa aiki iri ɗaya ne. Yawancin kayan abinci ne. Wato suna da aikace-aikacen guda ɗaya, fasahar fasaha guda ɗaya (da kyau, watakila ma'aurata ko harsunan shirye-shirye guda uku).

Waɗannan kamfanoni suna amfani da docker akan sabar su inda tsarin CI ke gudana. Tambaya: Me yasa kuke buƙatar gina ayyuka a cikin akwati na docker akan sabar ku? Me yasa ba kawai shirya yanayi don ginin ba, alal misali, rubuta littafin wasan kwaikwayo mai yiwuwa wanda zai shigar da buƙatun nodejs, php, jdk, kwafin ssh maɓallan, da sauransu zuwa uwar garken da ginin zai gudana?

Yanzu na fahimci cewa wannan yana harbi kaina a kafa, saboda docker ba ya kawo wata riba tare da keɓantacce. Matsalolin da na ci karo da CI a docker:

  • Hakanan kuna buƙatar hoton docker don ginawa. kuna buƙatar nemo hoto ko rubuta naku dockerfile.
  • 90% cewa kuna buƙatar tura wasu maɓallan ssh, bayanan sirri waɗanda ba kwa son rubutawa zuwa hoton docker.
  • an halicci akwati kuma ya mutu, duk caches sun ɓace tare da shi. ginin na gaba zai sake sauke duk abubuwan da suka dogara da aikin, wanda yake cin lokaci da rashin amfani, kuma lokaci shine kudi.

Masu haɓakawa ba sa gina ayyuka a cikin kwantena na docker (Na kasance sau ɗaya irin wannan fan, da gaske, ina jin tausayin kaina a baya xD). A cikin java yana yiwuwa a sami nau'ikan iri da yawa kuma canza su tare da umarni ɗaya zuwa wanda kuke buƙata yanzu. Haka yake a cikin nodejs, akwai nvm.

ƙarshe

Na yi imani cewa docker kayan aiki ne mai ƙarfi da sassauƙa, wannan shine koma baya (sauti baƙon abu, a). Tare da taimakonsa, kamfanoni za su iya shiga cikin sauƙi kuma su yi amfani da shi a inda ake buƙata kuma ba a buƙata ba. Masu haɓakawa sun ƙaddamar da kwantenansu, wasu daga cikin mahallin su, sannan duk suna gudana cikin sauƙi cikin CI da samarwa. Ƙungiyar DevOps tana rubuta wasu nau'ikan lamba don gudanar da waɗannan kwantena.

Yi amfani da docker kawai a kunne na baya-bayan nan mataki a cikin aikin ku, kar a ja shi cikin aikin a farkon. Ba zai magance matsalolin kasuwancin ku ba. Zai matsar da matsalolin zuwa wani matakin kuma ya ba da nasa mafita, za ku yi aiki sau biyu.

Lokacin da ake buƙatar docker: Na yanke shawarar cewa docker yana da kyau sosai wajen inganta tsarin da aka bayar, amma ba a gina aikin asali ba.

Idan har yanzu kuna yanke shawarar amfani da docker, to:

  • a yi taka tsantsan
  • kar a tilasta masu haɓaka amfani da docker
  • sarrafa amfani da shi a wuri guda, kar a yada shi a cikin duk Dockfile da ma'ajiyar docker.

PS:

Na gode don karantawa, Ina yi muku fatan yanke shawara na gaskiya a cikin lamuran ku da kwanakin aiki masu fa'ida!

source: www.habr.com

Add a comment