Thinking Inside the Container A Continuous Delivery Story

  • Slides: 72
Download presentation
Thinking Inside the Container: A Continuous Delivery Story Maxfield Stewart Engineering Manager: Riot Games

Thinking Inside the Container: A Continuous Delivery Story Maxfield Stewart Engineering Manager: Riot Games

Who’s This Guy?

Who’s This Guy?

Thinking Inside the Container

Thinking Inside the Container

A Quick Note on Riot Games

A Quick Note on Riot Games

The Scale of League MORE THAN 67 MILLION MONTHLY ACTIVE PLAYERS MORE THAN 27

The Scale of League MORE THAN 67 MILLION MONTHLY ACTIVE PLAYERS MORE THAN 27 MILLION DAILY ACTIVE PLAYERS 7. 5 MILLION PEAK CONCURRENT PLAYERS

1. 25 Million Builds a Year

1. 25 Million Builds a Year

10, 000 - 14, 000 Containers A Week

10, 000 - 14, 000 Containers A Week

120 Jobs An Hour

120 Jobs An Hour

A Containerized Build Farm BUILD HOSTS SSH JENKINS Docker API SWARM Docker API Cent.

A Containerized Build Farm BUILD HOSTS SSH JENKINS Docker API SWARM Docker API Cent. OS 7. 2/Docker 1. 10. 3 c. Advisor Docker-GC Container Metrics 4 Core/32 GB RAM/120 GB LVS DOCKERHOST DOCKERHOST Docker API DRYDOCK

STORY TIME! (aka. Presenting the Problem)

STORY TIME! (aka. Presenting the Problem)

3500+ Unique Build Jobs

3500+ Unique Build Jobs

650+ Builds an Hour

650+ Builds an Hour

90+ Build Slaves

90+ Build Slaves

Expecting 100 More!

Expecting 100 More!

Story Time. . Ticket Engineers Build Team

Story Time. . Ticket Engineers Build Team

Story Time. . T Tiick T Tickeetick ck t e t Ti Tic e

Story Time. . T Tiick T Tickeetick ck t e t Ti Tic e ck ke TTi i t T i et t cckk eet t cke Ti t ck T et ic ke t Engineers Build Team

What Did We Want? TEAMS NEEDED TO MOVE FAST PRODUCTS HAD TO OWN THEIR

What Did We Want? TEAMS NEEDED TO MOVE FAST PRODUCTS HAD TO OWN THEIR STACK CONFIGURA TION AS CODE

Maybe We Want. . .

Maybe We Want. . .

“Along Came a Whale” (More Story Time!)

“Along Came a Whale” (More Story Time!)

Oh Look! Another Way to Deploy!

Oh Look! Another Way to Deploy!

Docker For Newbz

Docker For Newbz

Jenkins Primer

Jenkins Primer

Jenkins Primer Master JENKINS Slaves “Win 32” + “Java” + ”Team. A” “Cent 7”

Jenkins Primer Master JENKINS Slaves “Win 32” + “Java” + ”Team. A” “Cent 7” + “Java” + ”Team. B” “Cent 7” + “Go. Lang” + ”Team. B”

Jenkins Primer Master Build Job “Win 32” + “Java” + ”Team. A” JENKINS Slaves

Jenkins Primer Master Build Job “Win 32” + “Java” + ”Team. A” JENKINS Slaves “Win 32” + “Java” + ”Team. A” “Cent 7” + “Java” + ”Team. B” “Cent 7” + “Go. Lang” + ”Team. B”

Jenkins Primer Master Slaves Queue Build Job “Win 32” + “Java” + ”Team. A”

Jenkins Primer Master Slaves Queue Build Job “Win 32” + “Java” + ”Team. A” Build Job JENKINS “Win 32” + “Java” + ”Team. A” “Cent 7” + “Java” + ”Team. B” “Cent 7” + “Go. Lang” + ”Team. B”

Jenkins Primer Master Slaves Queue Build Job “Win 32” + “Java” + ”Team. A”

Jenkins Primer Master Slaves Queue Build Job “Win 32” + “Java” + ”Team. A” Build Job JENKINS “Win 32” + “Java” + ”Team. A” “Cent 7” + “Java” + ”Team. B” “Cent 7” + “Go. Lang” + ”Team. B”

What Did We Need? CONTAINER RUNNING AS A BUILD SLAVE WAY TO HAVE ENGINEERS

What Did We Need? CONTAINER RUNNING AS A BUILD SLAVE WAY TO HAVE ENGINEERS PROVIDE DOCKERFILES HOW TO SCALE IT PROFIT?

A Build Slave Container

A Build Slave Container

Add a Bit of Secret Sauce. . . Base Slave Image Universal Riot Tools

Add a Bit of Secret Sauce. . . Base Slave Image Universal Riot Tools Product/App Specific Build Stuff

A Real Example

A Real Example

Provisioning and Plugins + =?

Provisioning and Plugins + =?

Of Whales and Plugins DOCKER PLUGIN MESOS PLUGIN KUBERNETES PLUGIN

Of Whales and Plugins DOCKER PLUGIN MESOS PLUGIN KUBERNETES PLUGIN

Of Whales and Plugins DOCKER PLUGIN MESOS PLUGIN KUBERNETES PLUGIN

Of Whales and Plugins DOCKER PLUGIN MESOS PLUGIN KUBERNETES PLUGIN

Quick Look

Quick Look

Provisioning and Plugins Image Name Label

Provisioning and Plugins Image Name Label

ttps: //github. com/maxfields 2000/dockerjenkins_tu orial/tree/master/jenkinsscripts Groovy To the Rescue

ttps: //github. com/maxfields 2000/dockerjenkins_tu orial/tree/master/jenkinsscripts Groovy To the Rescue

We Created A Monster

We Created A Monster

We Need to Inspect Our Containers

We Need to Inspect Our Containers

We Need to Inspect Our Containers. /harbormaster --registry_user "$REGISTRY_USER" --registry_token "$REGISTRY_TOKEN" --jenkins_user $USER -jenkins_pass

We Need to Inspect Our Containers. /harbormaster --registry_user "$REGISTRY_USER" --registry_token "$REGISTRY_TOKEN" --jenkins_user $USER -jenkins_pass $PASSWORD --jenkins --dockerhost $TEST_DOCKER_HOST "$IMAGENAME" "$CLOUDNAME" "$LABELNAME"

Are We Done?

Are We Done?

But It Needs to Scale!

But It Needs to Scale!

If Only. . .

If Only. . .

If Only. . .

If Only. . .

But It Needs to Scale! BUILD HOSTS SSH JENKINS Docker API SWARM Docker API

But It Needs to Scale! BUILD HOSTS SSH JENKINS Docker API SWARM Docker API Cent. OS 7. 2/Docker 1. 10. 3 c. Advisor Docker-GC Container Metrics 4 Core/32 GB RAM/120 GB LVS DOCKERHOST DOCKERHOST

Putting It All Together Image REGISTRY Engineer

Putting It All Together Image REGISTRY Engineer

Putting It All Together Image Name + Jenkins Label REGISTRY Engineer HARBOR MASTER

Putting It All Together Image Name + Jenkins Label REGISTRY Engineer HARBOR MASTER

Putting It All Together HARBOR MASTER REGISTRY Engineer Runs Tests

Putting It All Together HARBOR MASTER REGISTRY Engineer Runs Tests

Putting It All Together REGISTRY HARBOR MASTER DOCKERHOST SWARM DOCKERHOST Engineer Image Pulled to

Putting It All Together REGISTRY HARBOR MASTER DOCKERHOST SWARM DOCKERHOST Engineer Image Pulled to Swarm

Putting It All Together Groovy API Called Jenkins REGISTRY Engineer HARBOR MASTER DOCKERHOST SWARM

Putting It All Together Groovy API Called Jenkins REGISTRY Engineer HARBOR MASTER DOCKERHOST SWARM DOCKERHOST

Build Job Quick Look

Build Job Quick Look

Dockerception

Dockerception

Where to Build Containers? BUILD HOSTS SSH JENKINS Docker API SWARM Docker API Cent.

Where to Build Containers? BUILD HOSTS SSH JENKINS Docker API SWARM Docker API Cent. OS 7. 2/Docker 1. 10. 3 c. Advisor Docker-GC Container Metrics 4 Core/32 GB RAM/120 GB LVS DOCKERHOST DOCKERHOST Docker API DRYDOCK

Mai Tai’s On the Beach Build Engineer

Mai Tai’s On the Beach Build Engineer

How Do You Actually Build It?

How Do You Actually Build It?

How Do You Actually Build It? (engineering. riotgames. com)

How Do You Actually Build It? (engineering. riotgames. com)

https: //github. com/maxfields 2000/dockerjenkins_tutorial

https: //github. com/maxfields 2000/dockerjenkins_tutorial

You Make This Sound Simple.

You Make This Sound Simple.

Lesson 1 - Docker Isn’t “Simple” DOCKERFILES REQUIRE DECENT SYSTEMS ADMIN KNOWLEDGE DOCKER IMAGES

Lesson 1 - Docker Isn’t “Simple” DOCKERFILES REQUIRE DECENT SYSTEMS ADMIN KNOWLEDGE DOCKER IMAGES THAT BUILD DOCKER IMAGES IS DOCKERCEPTION DOCKER “VOODOO AND BLACK MAGIC” QUESTIONS

Lesson 2 - Containers != VM’s CANNOT MOUNT REMOTE FILE SYSTEMS EPHEMERAL CONTAINERS DON’T

Lesson 2 - Containers != VM’s CANNOT MOUNT REMOTE FILE SYSTEMS EPHEMERAL CONTAINERS DON’T MAINTAIN STATE HAVE RULES FOR DOCKERFILE VS RUN TIME

Lesson 3 - Garbage Collection DOCKER BUILD DOCKER RUN DOCKER PULL VOLUME

Lesson 3 - Garbage Collection DOCKER BUILD DOCKER RUN DOCKER PULL VOLUME

Lesson 4 - Maintenance/Failure PULL HOSTS ON/OFFLINE UPDATE ALL IMAGES ROLLING RESTARTS

Lesson 4 - Maintenance/Failure PULL HOSTS ON/OFFLINE UPDATE ALL IMAGES ROLLING RESTARTS

Lesson 5 - How Will You Upgrade?

Lesson 5 - How Will You Upgrade?

Lesson 7 - Credentials & Security WHAT SHOULD YOU PUT IN YOUR BASE IMAGE?

Lesson 7 - Credentials & Security WHAT SHOULD YOU PUT IN YOUR BASE IMAGE? SSH KEYS IN YOUR REGISTRY? PASSWORDS IN YOUR SOURCE CODE? PASSING EVERYTHING IN AS A ENVIRONMENT VARIABLE?

Over 1200 New Build Jobs Created

Over 1200 New Build Jobs Created

30% of All Environments Are Containers

30% of All Environments Are Containers

Environment Change/Create/Fix Tickets Dissappeared

Environment Change/Create/Fix Tickets Dissappeared

We No Longer Have “Just” A Build Team

We No Longer Have “Just” A Build Team

QUESTIONS?

QUESTIONS?