I-ProHoster > Π‘Π»ΠΎΠ³ > Ukuphatha > Ingabe i-Docker iyithoyizi noma cha? Noma kuseyiqiniso?

Ingabe i-Docker iyithoyizi noma cha? Noma kuseyiqiniso?

Sawubona wonke umuntu!

Ngifuna ukuqonde ngqo esihlokweni, kodwa kungaba okulungile ukusho okuncane ngendaba yami:

entry

Ngingumhleli onolwazi lokuthuthukisa izinhlelo zokusebenza zekhasi elilodwa elingaphambili, i-scala/java nama-nodej kuseva.

Isikhathi eside impela (iminyaka embalwa noma emithathu ngokuqinisekile), nganginombono wokuthi i-Docker iyimana evela ezulwini futhi ngokuvamile iyithuluzi elipholile futhi wonke umthuthukisi kufanele akwazi ukulisebenzisa. Futhi kulokhu kulandela ukuthi wonke umthuthukisi kufanele abe ne-Docker efakwe emshinini wabo wasendaweni. Kuthiwani ngombono wami, bheka izikhala ezifakwe kuyona hh. Isesibili ngasinye siqukethe okushiwo yi-docker, futhi uma ungumnikazi wayo, lokhu kuzoba inzuzo yakho yokuncintisana πŸ˜‰

Endleleni yami, ngahlangana nabantu abaningi, benezimo zabo zengqondo ezihlukile nge-Docker kanye ne-ecosystem yayo. Abanye bathi lokhu kuyinto elula eqinisekisa ukusebenza kwe-cross-platform. Eyesibili yayingaqondi ukuthi kungani kufanele igijime ngamacontainer nokuthi iyiphi inzuzo eyayizovela kukho, eyesithathu yayingenandaba nakancane futhi ayizange izihluphe (bavele babhala ikhodi bagoduka - ngiyabahawukela, by the indlela :)

Izizathu zokusetshenziswa

Kungani ngisebenzise i-docker? Mhlawumbe kungenxa yalezi zizathu ezilandelayo:

  • ukwethulwa kwedathabheyisi, ama-99% ezinhlelo zokusebenza ayazisebenzisa
  • yethula i-nginx yokusabalalisa okungaphambili kanye nokwenza ummeleli ku-backend
  • ungapakisha uhlelo lokusebenza esithombeni se-docker, ngale ndlela uhlelo lwami lokusebenza luzosebenza noma kuphi lapho i-docker ikhona, inkinga yokusabalalisa ixazululwa ngokushesha.
  • ukutholwa kwesevisi ngaphandle kwebhokisi, ungakha ama-microservices, isiqukathi ngasinye (esixhunywe kunethiwekhi evamile) singafinyelela kalula kwesinye nge-alias, elula kakhulu.
  • Kuyajabulisa ukwakha isitsha futhi "udlale" kuso.

ENGINGAKUTHANDI njalo nge-docker:

  • Ukuze isicelo sami sisebenze, ngidinga i-Docker ngokwayo kuseva. Kungani ngidinga lokhu uma izinhlelo zami zokusebenza zisebenza ku-jre noma ku-nodejs futhi indawo yazo isivele ikuseva?
  • uma ngifuna ukusebenzisa isithombe sami (esiyimfihlo) esakhelwe endaweni kuseva ekude, khona-ke ngidinga inqolobane yami ye-docker, ngidinga ukubhaliswa ukuze ngisebenze ndawana thize futhi ngidinga nokumisa i-https, ngoba i-docker cli isebenza kuphela ku-https. Oh damn... kunezinketho, kunjalo, zokulondoloza isithombe endaweni nge docker save futhi vele uthumele isithombe nge-scp ... Kodwa lokho kungukunyakaza komzimba okuningi. Futhi ngaphandle kwalokho, kubukeka njengesixazululo "se-crutch" kuze kuvele indawo yakho yokugcina
  • docker-compose. Kudingeka kuphela ukusebenzisa iziqukathi. Yilokho kuphela. Akukho okunye angakwenza. Docker-compose inenqwaba yezinguqulo zamafayela ayo, i-syntax yayo. Noma ngabe kumenyezelwa kangakanani, angifuni ukufunda imibhalo yabo. Ngeke ngiyidinge kwenye indawo.
  • lapho usebenza eqenjini, abantu abaningi babhala i-Dockerfile ngokugwegwile kakhulu, abaqondi ukuthi igcinwe kanjani kunqolobane, engeza konke abakudingayo nabangakudingi esithombeni, njengefa ezithombeni ezingekho ku-Dockerhub noma inqolobane yangasese, dala ezinye. docker-compose amafayela anemininingwane yolwazi futhi akukho lutho oluqhubekayo. Ngasikhathi sinye, abathuthukisi bamemezela ngokuziqhenya ukuthi i-Docker ipholile, yonke into ibasebenzela endaweni, futhi u-HR ubhala ngokubalulekile esikhaleni esithi: β€œSisebenzisa i-Docker futhi sidinga umuntu ozongenela ukhetho onolwazi olunjalo lomsebenzi.”
  • Ngihlale ngikhathazwa imicabango mayelana nokukhulisa yonke into e-Docker: postgresql, kafka, redis. Kuyadabukisa ukuthi akuyona yonke into esebenza ezitsheni, akuyona yonke into elula ukuyilungisa nokusebenza. Lokhu kusekelwa onjiniyela bezinkampani zangaphandle, hhayi abathengisi ngokwabo. Futhi ngendlela, umbuzo uphakama ngokushesha: abathengisi abakhathazeki ngokugcina imikhiqizo yabo ku-Docker, kungani lokhu, mhlawumbe kukhona abakwaziyo?
  • Umbuzo uhlala uphakama mayelana nokuphikelela kwedatha yesiqukathi. bese ucabanga ukuthi, kufanele ngivele ngifake umkhombandlela wokusingatha noma ngenze ivolumu ye-docker noma ngenze isitsha sedatha esikhona manje deprecated? Uma ngikhweza uhla lwemibhalo, kuzomele ngiqinisekise ukuthi i-uid ne-gid yomsebenzisi esiqukathini ifana ne-id yomsebenzisi oqalise isiqukathi, ngaphandle kwalokho amafayela adalwe yisiqukathi azodalwa anamalungelo empande. Uma ngisebenzisa volume khona-ke idatha izomane idalwe kwezinye /usr/* futhi kuzoba nendaba efanayo nge-uid ne-gid njengasekuqaleni. Uma wethula ingxenye yenkampani yangaphandle, udinga ukufunda amadokhumenti bese ubheka impendulo yombuzo othi: "ingxenye ibhala kuphi amafayela?"

Bengihlala ngingathandi iqiniso lokuthi bekufanele ngixoxe ne-Docker isikhathi eside kakhulu esigabeni sokuqala: Ngithole ukuthi ngizokwethula kanjani iziqukathi, yiziphi izithombe engizokwethula kuzo, ngenza ama-Makefiles aqukethe iziteketiso emiyalweni ende ye-Docker. Ngangizonda i-docker-compose ngoba ngangingafuni ukufunda elinye ithuluzi ku-ecosystem ye-docker. KANYE docker-compose up Kwangiphatha kabi, ikakhulukazi uma besahlangana lapho build izakhiwo, kunezithombe eseziqoqiwe. Engangikufuna ngempela kwakuwukwenza umkhiqizo ngendlela ephumelelayo futhi ngokushesha. Kepha angikwazanga ukuthola indlela yokusebenzisa i-docker.

Sethula u-Ansible

Muva nje (ezinyangeni ezintathu ezedlule), ngisebenze neqembu le-DevOps, cishe wonke amalungu ayenombono ongemuhle nge-Docker. Ngenxa yezizathu:

  • I-docker ilawula ama-iptables (yize ungayikhubaza ku-daemon.json)
  • i-docker iyi-buggy futhi ngeke siyiqhube ekukhiqizeni
  • uma i-docker daemon iphahlazeka, zonke iziqukathi ezinengqalasizinda ziyaphahlazeka ngokufanele
  • asikho isidingo se-docker
  • kungani docker uma kukhona Ansible futhi imishini virtual

Emsebenzini ofanayo, ngajwayelana nelinye ithuluzi - Ansible. Ngake ngezwa ngakho, kodwa angizange ngizame ukubhala izincwadi zami zokudlala. Futhi manje ngaqala ukubhala imisebenzi yami futhi umbono wami washintsha ngokuphelele! Ngoba ngibonile: I-Ansible inamamojula okusebenzisa iziqukathi ze-docker ezifanayo, ukwakhiwa kwezithombe, amanethiwekhi, njll., kanye neziqukathi azikwazi ukuqhutshwa endaweni yangakini kuphela, kodwa nakumaseva akude! Intokozo yami yayingenamingcele - ngathola ithuluzi le-NORMAL futhi ngalahla amafayela wami we-Makefile kanye ne-docker-compose, athathelwa indawo imisebenzi ye-yaml. Ikhodi yehliswa ngokusebenzisa izakhi ezifana loop, when, Njll

I-Docker yokusebenzisa izingxenye zezinkampani zangaphandle ezifana nesizindalwazi

Ngisanda kujwayelana nama-ssh tunnels. Kuvele ukuthi kulula kakhulu "ukudlulisa" imbobo yesiphakeli esikude echwebeni lendawo. Iseva ekude ingaba umshini osefwini noma umshini obonakalayo osebenza ku-VirtualBox. Uma uzakwethu noma mina ngidinga isizindalwazi (noma enye ingxenye yenkampani yangaphandle), singavele siqale iseva ngale ngxenye bese siyivala lapho iseva ingadingeki. Ukudluliselwa kwembobo kunikeza umphumela ofanayo nesizindalwazi esisebenza esitsheni sedokhu.

Lo myalo udlulisela imbobo yami yendawo kuseva ekude egijima i-postgresql:

ssh -L 9000:indawo yokuhlala:5432 [i-imeyili ivikelwe]

Ukusebenzisa iseva ekude kuxazulula inkinga ngokuthuthukiswa kweqembu. Iseva enjalo ingasetshenziswa onjiniyela abaningana ngesikhathi esisodwa; abadingi ukuthi bakwazi ukumisa i-postgresql, baqonde i-Docker nezinye izinto eziyinkimbinkimbi. Kuseva ekude, ungafaka i-database efanayo ku-Docker ngokwayo, uma kunzima ukufaka inguqulo ethile. Konke okudingayo onjiniyela ukuhlinzeka ngokufinyelela kwe-ssh!

Ngisanda kufunda ukuthi imigudu ye-SSH iwumsebenzi olinganiselwe we-VPN evamile! Ungamane ufake i-OpenVPN noma okunye ukusetshenziswa kwe-VPN, usethe ingqalasizinda futhi uyinikeze abathuthukisi ukuze bayisebenzise. Lokhu kuhle kakhulu!

Ngenhlanhla, i-AWS, GoogleCloud nezinye zikunikeza unyaka wokusebenzisa mahhala, ngakho zisebenzise! Ashibhile uma uwacisha lapho angasetshenziswa. Ngangihlale ngizibuza ukuthi kungani ngizodinga iseva ekude njenge-gcloud, kubonakala sengathi ngibatholile.

Njengomshini wendawo obonakalayo, ungasebenzisa i-Alpine efanayo, esetshenziswa ngenkuthalo ezitsheni ze-docker. Hhayi-ke, noma okunye ukusabalalisa okungasindi ukwenza umshini uqalise ngokushesha.

Iphuzu elibalulekile: ungakwazi futhi kufanele usebenzise isizindalwazi nezinye izinto zengqalasizinda kumaseva akude noma ebhokisini le-virtual. Angiyidingi idokha ngalezi zinhloso.

Okuncane mayelana nezithombe ze-docker nokusabalalisa

Sengibhalile indatshana lapho bengifuna ukuveza ukuthi ukusebenzisa izithombe ze-docker akunikezeli nganoma yisiphi isiqinisekiso. Izithombe ze-Docker zidingeka kuphela ukudala isitsha se-docker. Uma uthuthukela esithombeni se-docker, lapho-ke uthuthukela ukusebenzisa iziqukathi ze-docker futhi uzozisebenzisa kuphela.

Uke wabona noma yikuphi lapho abathuthukisi be-software befaka khona imikhiqizo yabo kuphela esithombeni sedokhu?
Umphumela wemikhiqizo eminingi ungamafayela kanambambili epulatifomu ethile; avele engezwe esithombeni sedokhu, esizuzwa njengefa endaweni oyifunayo. Wake wazibuza ukuthi kungani kunezithombe eziningi ezifanayo ku-dockerhub? Faka i-nginx ngokwesibonelo, uzobona izithombe ezingu-100500 ezivela kubantu abahlukene. Laba bantu abazange bazithuthukisele i-nginx ngokwayo, bamane bengeze i-nginx esemthethweni esithombeni sabo sedokhu futhi basinonga ngezilungiselelo zabo ukuze kube lula ukwethula iziqukathi.

Ngokuvamile, ungamane uyigcine ku-tgz, uma othile edinga ukuyiqhuba ku-docker, bese ubavumela ukuthi bengeze i-tgz ku-Dockerfile, bazuze njengefa endaweni oyifunayo futhi bakhe amabhanisi engeziwe angashintshi uhlelo lokusebenza ngokwalo ku-tgz. Noma ubani ozodala isithombe se-docker uzokwazi ukuthi yini i-tgz nokuthi yini okudingeka ayisebenze. Ngale ndlela ngisebenzisa i-docker lapha

Okubalulekile: Angikudingi ukubhaliswa kwe-docker, ngizosebenzisa uhlobo oluthile lwe-S3 noma nje isitoreji sefayela njenge-google drive/dropbox

I-Docker ku-CI

Zonke izinkampani engizisebenzele ziyefana. Ngokuvamile igilosa. Okusho ukuthi, banohlelo lokusebenza olulodwa, isitaki esisodwa sobuchwepheshe (kahle, mhlawumbe izilimi ezimbalwa noma ezintathu zokuhlela).

Lezi zinkampani zisebenzisa i-docker kumaseva azo lapho inqubo ye-CI isebenza khona. Umbuzo: Kungani udinga ukwakha amaphrojekthi esitsheni se-docker kumaseva akho? Kungani ungavele ulungiselele indawo yokwakha, isibonelo, bhala i-playbook Ansible ezofaka izinguqulo ezidingekayo ze-nodejs, php, jdk, kopisha okhiye be-ssh, njll. kuseva lapho ukwakhiwa kuzokwenziwa khona?

Manje sengiyaqonda ukuthi lokhu kuzidubula onyaweni, ngoba i-docker ayilethi nzuzo ngokuzihlukanisa kwayo. Izinkinga engihlangabezane nazo ne-CI kudocker:

  • futhi udinga isithombe se-docker ukuze wakhe. udinga ukubheka isithombe noma ubhale i-dockerfile yakho.
  • I-90% oyidingayo ukuze udlulisele okhiye be-ssh, idatha eyimfihlo ongafuni ukuyibhalela esithombeni sedokhu.
  • isitsha siyadalwa futhi siyafa, zonke izinqolobane ziyalahleka kanye nayo. isakhiwo esilandelayo sizodawuniloda kabusha zonke izinto ezincike kuphrojekthi, okudla isikhathi nokungasebenzi, futhi isikhathi siyimali.

Onjiniyela abawakhi amaphrojekthi ezitsheni ze-docker (Ngake ngaba umlandeli onjalo, ngempela, ngiyazisola nge-xD edlule). Ku-java kungenzeka ukuthi ube nezinguqulo ezimbalwa futhi uziguqule ngomyalo owodwa kulowo oyidingayo manje. Kuyafana kuma-nodejs, kukhona i-nvm.

isiphetho

Ngikholelwa ukuthi i-docker iyithuluzi elinamandla kakhulu futhi eliguquguqukayo, lokhu kuyi-drawback yayo (kuzwakala kungavamile, yebo). Ngosizo lwayo, izinkampani zingangena kalula kuyo futhi ziyisebenzise lapho kudingekile futhi kungadingeki. Onjiniyela bethula iziqukathi zabo, ezinye zezindawo zabo, bese konke kugeleza kahle ku-CI nasekukhiqizeni. Ithimba le-DevOps libhala uhlobo oluthile lwekhodi ukusebenzisa lezi ziqukathi.

Sebenzisa i-docker kuphela okwakamuva kakhulu esiteji ekuhambeni kwakho komsebenzi, ungakudonseli kuphrojekthi ekuqaleni. Ngeke kuxazulule izinkinga zebhizinisi lakho. Uzohambisa izinkinga KWELINYE izinga futhi anikeze ezakhe izixazululo, uzokwenza umsebenzi ophindwe kabili.

Lapho i-docker idingeka: Ngifinyelele esiphethweni sokuthi i-docker inhle kakhulu ekuthuthukiseni inqubo enikeziwe, kodwa hhayi ekwakheni ukusebenza okuyisisekelo

Uma usanquma ukusebenzisa i-docker, bese:

  • qaphela ngokwedlulele
  • ungaphoqi abathuthukisi ukuthi basebenzise i-docker
  • yenza ukusetshenziswa kwayo kube okwasendaweni endaweni eyodwa, ungakusabalalisi kuwo wonke amakhosombe e-Dockefile kanye ne-docker-compose

PS:

Ngiyabonga ngokufunda, ngikufisela izinqumo ezisobala ezindabeni zakho nezinsuku zokusebenza ezikhiqizayo!

Source: www.habr.com

Engeza amazwana