Professional Documents
Culture Documents
Scaling MariaDB With Docker - Webinar
Scaling MariaDB With Docker - Webinar
Scaling MariaDB With Docker - Webinar
Scaling MariaDB
Conclusion
Containers + Databases = Happy Developers
Ephemeral Containers + Databases = DevOps headaches
4 Things you must use to evaluate
Data Redundancy
Dynamic Self Discovery & Cluster formation
Self Healing (as containers enter and leave)
Application Tier discovery of Database Cluster
Part One
Heres another nice mess
you have got me into
Laurel & Hardy circa 1929
Existing Deployment Models Are Broken
Version
control
Developer QA / QE Sysadmin
Architectures Are Complex & Static
Maintainability
Durability
Process Isolation
Isolate the process from anything else running
Infrastructure Infrastructure
Deployment Simplicity
Plumbing
Runtime Trust
Open Standards
Container Image
run-time spec spec
Dockerfile - Example
FROM python:2.7
ADD . /code
WORKDIR /code
EXPOSE 5000
CMD python app.py
Open Container Initiative (OCI) Polyglot Vendors
Container
Compose orchestrates
Container deployment
Docker Engine
Machine provisions
Docker Engines
Docker Machine Docker Compose
But Docker evolves: 1.13 / 17.3 GA features
Docker Stacks
Bundles of Services
Sort of compatible with docker-compose
Docker Services
Image + Configuration
Replicable across the cluster
Scale Up & Down
Part Three
Databases & Docker
Requirements
Data Redundancy
Containers are Ephemeral Need more than one copy of the data
Self Healing
Loss of nodes must not be fatal to the cluster integrity
Addition of nodes must scale capacity
Faster Failover
All nodes synchronized,
therefore equal
MariaDB MariaDB
Galera Cluster + R/W split routing
MaxScale + Galera
Use Case
Development
Build & Run an App in Development
Python + MariaDB
Production
Deploy to a Swarm cluster in Production
Scale Web nodes
Add more Web containers behind HAProxy
Database High Availability
Deploy 3 nodes Galera cluster
Deploy 2 node MaxScale
Lets Build An App!
app
Python / Flask
Development
Then Scale in Production...
HAProxy
app Virtual
IP
Virtual
IP
MaxScale 1 MaxScale 2
1 2 3
Development Production
Demo 1
Build an Application
Dockerfile
FROM python:2.7
RUN apt-get update && apt-get -y install python-dev libssl-dev
WORKDIR /app
ADD . /app
EXPOSE 5000
HAProxy
app Virtual
IP
app1
Virtual
IP
MaxScale 1
1
Development Production
Scale the Application Tier
HAProxy
app Virtual
IP
Virtual
IP
MaxScale 1 MaxScale 2
1 2 3
Development Production
Docker Networking
Docker Host (swarm-0) Docker Host (swarm-1)
HAProxy App
Container Container
Endpoint Endpoint Endpoint
front Network
MaxScale MariaDB
Container Container
Endpoint Endpoint
$ cat docker-compose.stack.yml
...
networks:
front:
back:
external:
name: myapp_back
Demo 2
Scale Web Tier
Secrets Opppsss
services:
web:
build: .
ports:
- "5000:5000"
links:
- mariadb
hostname: dev.myapp.com
environment:
APP_MARIADB_HOST: dev_mariadb_1
APP_PASSWORD: foo
mariadb:
image: mariadb:10.1
environment:
MYSQL_ROOT_PASSWORD: foo
Docker secrets
$ more ./app_password.txt
appfoo
$ cat docker-compose.stack.yml
...
secrets:
app_password:
file: ./app_password.txt
mariadb_root_password:
file: ./mariadb_password.txt
xtrabackup_password:
file: ./xtrabackup_password.txt
haproxy & web services
services: web:
haproxy: image: alvinr/demo-webapp-vote:mariadb
image: dockercloud/haproxy environment:
networks: SERVICE_PORTS: "5000"
- front VIRTUAL_HOST: "prod.myapp.com"
- back APP_MARIADB_HOST: "maxscale"
volumes: APP_USER: "app"
- /var/run/docker.sock:/var/run/docker.sock APP_PASSWORD_FILE: "/run/secrets/app_password"
ports: APP_DATABASE: "test"
- 80:80 networks:
deploy: - back
placement: deploy:
constraints: [node.role == manager] placement:
constraints: [node.role != manger]
secrets:
- app_password
Demo 3
Hardened
Database Tier
Container Placement
Docker Host (swarm-0) Docker Host (swarm-1)
HAProxy App
Container Container
Endpoint Endpoint Endpoint
front Network
HAProxy App
Container Container
Endpoint Endpoint Endpoint
front Network
maxscale:
image: alvinr/maxscale-swarm
...
labels:
com.mariadb.cluster: "myapp-maxscale"
networks:
- back
deploy:
replicas: 1
restart_policy:
condition: on-failure
delay: 10s
placement:
constraints: [engine.labels.com.mariadb.cluster != myapp-maxscale]
secrets:
- app_password
Part Six
Considerations
& Conclusions
Service Discovery - How to mesh nodes?
DNS RESOLUTION
Docker assigns VIP to Service, each Task has
own IP
nslookup, dig, getent etc.
3rd PARTY
consul, etcd, zookeeper etc.
DOCKER EVENTS
https://docs.docker.com/engine/
reference/api/docker_remote_api/
Interlock -
ttps://github.com/ehazlett/interlock
Storage: Inside or Outside the Container?
Host
Container Container
Local Disk e.g.
/dev/xvdb
SSD / NVMe
Networked
/mnt/xx:/var/lib/mysql e.g. EBS
Volume
Inside Outside
Encapsulation Separation of Concerns
of Concerns Storage features (e.g. Snapshots)
3rd Party options
NetApp, Google Compute Engine, Rancher Convoy
Flocker
Storage: Data Container?
Host Host
Container Container
--volumes-from
{container name}
Inside
Managed like
other containers
Special rule for
Destruction
TBD: Performance
And...
Swarm locking
Image verification (trusted Images)
AppArmor / Seccomp profiles
Monitoring
Heathchecks
Rolling Upgrades
Summary
Code
https://github.com/alvinr/docker-demo/tree/master/mariadb/vote
Docker Images
https://hub.docker.com/_/mariadb/
Contact me!
alvin@mariadb.com
@jonnyeight