Comments (13)
We're certainly thinking about how this might work. Would you want to use Fig to deploy to production? What things do you think are missing to make this work?
from compose.
I assume you don't want to do multi-host orchestration yet, just orchestrating a fig setup on one host.
How would deploying to production be different than development?
Would you still be using Fig on production - if so:
How would you have the OS (initd / systemd / launchd / startupd ...) start up fig services, and keep them always running?
How would you update a running service? (Hopefully very seamlessly.)
How would logging work?
For those that don't want to using Fig for production (in the case they need multi-host orchestration), could Fig integrate with other deployment/orchestration systems - such as being a plugin that reads fig.yml, or dumping out config compatible with other systems?
On Feb 15, 2014, at 15:38 , Ben Firshman [email protected] wrote:
We're certainly thinking about how this might work. Would you want to use Fig to deploy to production? What things do you think are missing to make this work?
—
Reply to this email directly or view it on GitHub.
from compose.
I've been reading through the Fig code and it probably wouldn't be too terrible of a task to build a tool that can export fig files as json to send through your docker client of choice.
I'm just not 100% sure where the best place to hook into fig to do that. For now, I'm using the branch with -f alt-fig-file.yml on the server so developers can map port 80 to 8000, and on the server it get's bound to a randomized port.
My ideal workflow:
On the developer workstation:
Orchestrate your containers in a fig file
Build the images
Push to a private docker registry
On the server:
Fig file is exported to json
Containers are built, run, and linked via json -> docker client
One question I have not tried answering yet is if volumes follow symlinks.
For example:
Let's say I have /var/www/project as a symlink to ~/releases/release_number
If I tell docker to mount /var/www/project to a container, and later update the symlink to point to a different release_number, will this work?
from compose.
It seems this may end up being easier than expected. Ubuntu is ditching upstart in favor of systemd.
Production orchestration with Fig may become as simple as using fig2coreos, which reads a fig file and outputs a systemd config file.
Thoughts?
from compose.
fig2coreos looks great, but having Fig work against a remote Docker daemon using only the remote API would still be a huge win.
I've made some notes after playing with it for a bit, which I'll dump here in the interests of stimulating discussion:
How to use Fig with a remote Docker daemon
To get set up:
- Write an alternate fig file with some important things changed (see below)
- Tell fig to use that file (
-f
orFIG_FILE
- implemented in #113) - Point fig at the remote daemon with
DOCKER_HOST
In your alternate fig file:
- Don't mount volumes that are supposed to come from your machine (e.g. your web app's code).
- Don't expose db container ports to the world.
- Map port 80 to your web container (or put nginx in front).
To start:
$ fig build
$ fig up -d
To deploy changes to specific services:
$ fig build [SERVICE...]
$ fig up -d [SERVICE...]
Issues:
- If the db image doesn't expose ports, there's no way to set it without opening it up to the world. Fig needs to support the
expose
config option, so that the ports are only open to linked containers. fig up
results in downtime, as the existing container is shut down before the new one is started/active.- Dependent services aren't currently automatically restarted, and the order of events is not optimal (see #116).
from compose.
For context, I'm planning to use Docker containers for isolating Django instances. Each project has three containers; postgresql, redis, and a web server with nginx and uwisgi running under supervisord.
I agree 100% that Fig talking to a remote docker would be a huge win. So far the main thing giving me the willies about that is the lack of authentication in docker. There are some interesting schemes involving proxying through a web server like nginx and using SSL but it would be great if Docker had a built in way of handing this.
Another winning feature would be to export a fig file as either a systemd, supervisor, or upstart script.
So for now, it seems some judicious use of fabric, private registries, and a process manager is the way to go for us.
from compose.
So far the main thing giving me the willies about that is the lack of authentication in docker. There are some interesting schemes involving proxying through a web server like nginx and using SSL but it would be great if Docker had a built in way of handing this.
Agreed. This is an opportune moment to mention that Orchard (https://orchardup.com/) does HTTPS proxying for you, and that Docker is working on native support (moby/moby#3068).
from compose.
Any progress on this?
from compose.
One way to move forward on this might simply be to add a "fig publish" command that essentially publishes the entire stack by building (if neccessary) and pushing tagged images to the docker repo. While everyones production environment varies widely, we all need to transport/ship images from development to production. This might be a good first step.
from compose.
@jkingyens +1
from compose.
I have a pull request for "fig push" (/pull/467). Its good enough for my uses right now but still might need some polish. It pushes all images that are specified as "build" in fig.yml. You pass the repo name with the -r option.
from compose.
Adding to this, fig is missing Docker -p
/ --publish
commands which are not just to have near zero downtime deployment, but a necessity to have staging environment. Current without that, one cannot simply link a Fig/Docker port to for Prod and another for Staging, or even just run system tests in a completely private port environment, and only expose the port when test pass.
from compose.
There are a bunch of related tickets about deployment and production use. I've linked them all up to #1786. I'm going to close this issue so we can concentrate the discussion in that ticket.
from compose.
Related Issues (20)
- [BUG] `volumes_from` from `depends_on` container retain old volumes when depended-on image is updated HOT 2
- [BUG] COMPOSE_PROFILES not read from env file if `--env-file` flag is passed HOT 3
- [BUG] fatal error: limiterEvent.stop: found wrong event in p's limiter event slot HOT 4
- Official expected behavior about default ENV variables set in images and listed in docker-compose manifest HOT 6
- [BUG] defining more than one env_file parameter in docker compose will result in strange behaviour HOT 5
- [BUG] all=1 parameter is marked as invalid using Docker Compose with Podman HOT 2
- [BUG] 2.28.1 multiple COMPOSE_* vars no longer read from .env file
- [BUG] Completion doesn't work for files HOT 4
- [BUG] docker-compose cli fails due to missing distutils HOT 1
- compose-files include not support pattern HOT 6
- [BUG] Secret is unexpectedly empty at build time HOT 1
- [BUG] service refers to undefined network HOT 3
- [BUG] docker compose up service fails because of required network from another service HOT 1
- Warnings about unset environment variables even when not used in running containers HOT 4
- [BUG] !reset in override file doesn't work for depends_on HOT 2
- Add "--wait" to "docker compose run" HOT 2
- [BUG] <.env variable network name not working> HOT 7
- [BUG] Compose Templates when using Yaml Anchors aren't merging properly when service stack has additional values HOT 3
- Configure essential services - kill all services when essential services exit
- [BUG] Secret not being read from Environment HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from compose.