The Promotion Pyramid Prod
Build/Deploy time
Pre-Prod
Staging
Integr. tests Dev Integration tests Development builds
Amount of builds
Amount of binaries
Slide 11
Pipeline: quality gates and visibility If quality requirments are hit
CI SERVER
1
If quality requirments are hit
2
Integration
If quality requirments are hit
3
System Testing
4
Staging
Production
*
@jbaruch
@DockerAtlanta
Letâs docker build in every env!
@jbaruch
@DockerAtlanta
http://jfrog.com/shownotes
Slide 15
Slide 16
Thatâs why. FROM ubuntu
Latest version
RUN apt-get install -y software-properties-common python RUN apt-get install -y nodejs RUN mkdir /var/www Latest version ADD app.js /var/www/app.js
Latest version Latest version
CMD [â/usr/bin/nodeâ, â/var/www/app.jsâ] @jbaruch
@DockerAtlanta
http://jfrog.com/shownotes
Slide 17
Thatâs why. FROM ubuntu:19.04
Better now?
RUN apt-get install -y software-properties-common python RUN apt-get install -y nodejs RUN mkdir /var/www ADD app.js /var/www/app.js CMD [â/usr/bin/nodeâ, â/var/www/app.jsâ] @jbaruch
@DockerAtlanta
http://jfrog.com/shownotes
Slide 18
Thatâs why. FROM ubuntu:4033353383af19ec179c01dda7f355a246c6adcafaf93c8f98 And now? RUN apt-get install -y software-properties-common python RUN apt-get install -y nodejs RUN mkdir /var/www ADD app.js /var/www/app.js CMD [â/usr/bin/nodeâ, â/var/www/app.jsâ] @jbaruch
@DockerAtlanta
http://jfrog.com/shownotes
Slide 19
Thatâs why. FROM ubuntu:4033353383af19ec179c01dda7f355a246c6adcafaf93c8f98 RUN apt-get install -y software-properties-common python RUN apt-get install -y nodejs RUN mkdir /var/www What about those? ADD app.js /var/www/app.js CMD [â/usr/bin/nodeâ, â/var/www/app.jsâ] @jbaruch
@DockerAtlanta
http://jfrog.com/shownotes
Slide 20
Thatâs why. FROM ubuntu:4033353383af19ec179c01dda7f355a246c6adcafaf93c8f98 RUN mvn clean install
What about this?
CMD âjava âjar Main.classâ @jbaruch
@DockerAtlanta
http://jfrog.com/shownotes
Slide 21
Thatâs why. FROM ubuntu:4033353383af19ec179c01dda7f355a246c6adcafaf93c8f98 RUN download_random_sh*t_from_the_internet.sh
And how about this?
CMD [â/usr/bin/nodeâ, â/var/www/app.jsâ] @jbaruch
@DockerAtlanta
http://jfrog.com/shownotes
Slide 22
Thatâs why you donât trust Docker
@jbaruch
@DockerAtlanta
http://jfrog.com/shownotes
Slide 23
Slide 24
Slide 25
Whatâs up with the gates?! - QA shouldnât test dev images - non-tested images shouldnât be staged - non-staged, non-tested or dev images shouldnât end up in production!!! @jbaruch
@DockerAtlanta
http://jfrog.com/shownotes
Slide 26
Letâs build Rock-solid pipeline!
Slide 27
How do I separate dev from prod?!
@jbaruch
@DockerAtlanta
http://jfrog.com/shownotes
Separate registries per environment If quality requirments are hit
CI SERVER
1
If quality requirments are hit
2
Integration
If quality requirments are hit
3
System Testing
4
Staging
Production
*
@jbaruch
@DockerAtlanta
The Anatomy of Docker Tag
@jbaruch
@DockerAtlanta
http://jfrog.com/shownotes
Slide 36
Wait a second, how can I have more than one registry per host now?!
@jbaruch
@DockerAtlanta
http://jfrog.com/shownotes
Slide 37
How can we support this?
https://host:8081/registry/docker-dev/busybox https://host:8081/registry/docker-qa/busybox https://host:8081/registry/docker-staging/busybox https://host:8081/registry/docker-prod/busybox
@jbaruch
@DockerAtlanta
http://jfrog.com/shownotes
Slide 38
âONE REGISTRY PER HOST OUGHT TO BE ENOUGH FOR ANYBODY.â
Virtual hosts/ports to the rescue docker tag host:port/busybox
Registry host
@jbaruch
Tag name
@DockerAtlanta
http://jfrog.com/shownotes
Slide 41
Virtual hosts/ports to the rescue docker tag host:port/busybox
Registry host
Tag name
https://host:port/v2/busybox
@jbaruch
@DockerAtlanta
http://jfrog.com/shownotes
Slide 42
Virtual hosts/ports to the rescue docker tag host:port/busybox
Registry host
Tag name
https://host:port/v2/busybox https://host:8081/registry/docker-dev/busybox
Context name
Registry name
Tag name
Slide 43
server { listen 5001;
}
server_name 192.168.99.100; if ($http_x_forwarded_proto = â) { set $http_x_forwarded_proto $scheme; } rewrite ^/(v1|v2)/(.*) /artifactory/api/docker/docker-dev/$1/$2; ⊠}
@jbaruch
@DockerAtlanta
http://jfrog.com/shownotes
dev cluster
test cluster
staging cluster
prod cluster @jbaruch
@DockerAtlanta
http://jfrog.com/shownotes
Slide 50
Slide 51
Repository (docker): Top level directory in a registry
Repository (the rest of the world): A registry
@jbaruch
@DockerAtlanta
http://jfrog.com/shownotes
Slide 52
Win-win-win
Single point of access to multiple registries when needed - Completely isolated environments - Immediate and free promotions
Simplicity of latest - Always know what it really means - As long as you promoted immutable artifact @jbaruch
@DockerAtlanta
http://jfrog.com/shownotes