Orchestrating Docker using Puppet

Dockers containers are revolutionizing the cloud computing world, spreading everywhere and powering developers world-wide to automate deployment of applications as a portable self-sufficient containers. In this blog post we will see how Puppet can be used as an orchestration tool in order to provision, deploy, and manage your servers with Docker running on them.

Docker is a lightweight containerization technology that has gained widespread popularity in cloud and application packaging world. It is an open source framework that automates the deployment of applications in lightweight and portable containers. It uses a host of the Linux kernel’s features such as namespaces, cgroups, AppArmor profiles, and so on, to sandbox processes into configurable virtual environments. Though the concept of container virtualization isn’t new but it’s getting attention lately with bigwigs like Red Hat, Microsoft, VMware, SaltStack, IBM, HP etc. trying to throw their support behind newcomer Docker. Start-ups are betting their fortunes on Docker as well. CoreOS, Drone.io, and Shippable are some of the start-ups that are modeled such that they provide services based around Docker. Red Hat has already included it as a primary supported container format for Red Hat Enterprise Linux 7. Recently, Google collaborated with CoreOS team for an open source system that manages containerized application across multiple hosts which they call as “Kubernetes”.

One of the major driving factor for Docker’s popularity is in terms of speed, ease of use and largely free. In terms of performance, they have even been called comparable to KVM. A container-based approach, in which applications can run in isolation and without relying on a separate operating system, can really save huge amounts of hardware resources. Industry experts have started looking at it as hardware multi-tenancy for applications. Instead of having 100s of VMs running per server, what if it is possible to have 1000s of hardware-isolated applications.

On the other hand, Puppet has already matured as a robust configuration management system that allows you to define the state of your IT infrastructure, then automatically enforces the correct state. Whether you’re managing just a few servers or thousands of physical and virtual machines, Puppet automates tasks that system administrators often do manually, freeing up time and mental space so they can work on the projects that deliver greater business value. Puppet enforces states of resources defined in a puppet manifest. A resource can be anything that has a state, including files, daemons, databases and custom services. The exact implementation of how to manipulate a resource and what are the possible states of a resource are defined in modules. It runs in a master-agent (server-client) architecture, where agents periodically check in at the master and ask for the manifest.

While moving into the cloud, today scaling has become a whole lot easier as one could go from a single machine to hundreds without breaking a sweat. But this also meant configuring and maintaining these machines. Configuration management tools such as Puppet arose from the need to automate deploying applications in public/private clouds. Today, Puppet is popular everywhere and being used by start-ups and corporates all over the world to manage their cloud environments.
Though Puppet has matured well as a robust orchestration tool but it is very slow to execute at the same time. Docker can fill this gap as it is extremely fast to spin a new container based on an existing image. The idea is to use Puppet to provision a complete service into a Docker image, then use this image on the agents to start the services.
To illustrate how Puppet can automate the provisioning of Docker containers, I assume that you have puppetmaster and agents configured properly.

Setting up the Puppetmaster

1. Docker installation on the puppet master requires puppetlabs-stdlibs library module. Install the required puppet module as shown below:

#puppet module install puppetlabs/stdlib
Notice: Preparing to install into /etc/puppet/modules …
Notice: Downloading from https://forgeapi.puppetlabs.com …
Notice: Installing — do not interrupt …
/etc/puppet/modules
+– puppetlabs-stdlib (v4.5.1)

2. Docker needs EPEL repo to be enabled in order to install Docker successfully. A quick way to install EPEL repo is installing the module directly.

#puppet module install –force stahnma-epel
Notice: Preparing to install into /etc/puppet/modules …
Notice: Downloading from https://forgeapi.puppetlabs.com …
Notice: Installing — do not interrupt …
/etc/puppet/modules
+– stahnma-epel (v1.0.2)

3. It’s time to install Docker. Installation of Docker is very easy with the excellent puppet module provided by Gareth R. (https://github.com/garethr/garethr-docker). Run the following command to pull the docker module from puppetforge as shown:

#puppet module install garethr/docker –ignore-dependencies
Notice: Preparing to install into /etc/puppet/modules …
Notice: Downloading from https://forgeapi.puppetlabs.com …
Notice: Installing — do not interrupt …
/etc/puppet/modules
+– garethr-docker (v3.5.0)
[root@puppetmaster ~]#

4. Open /etc/puppet/manifests folder and create site.pp if not available. If newly created, the site.pp should look like as shown below:

#cat /etc/puppet/manifests/site.pp

node “aster.collabnix.com” {
include ‘docker’

5. Let us apply the puppet module in order to get docker installed on the puppet master.

#puppet apply site.pp

Notice: Compiled catalog for master.collabnix.com in environment production in 1.75 seconds
Notice: /Stage[main]/Docker::Service/File[/etc/sysconfig/docker-storage]/content: content changed ‘{md5}ab8c4963d7da2df915a052babb0e1b89’ to ‘{md5}a6d7017ae0cf60008ff76ce39f3a4245’
Notice: /Stage[main]/Docker::Service/File[/etc/sysconfig/docker]/content: content changed ‘{md5}670c789326a6013f8a4de5340cb44d95’ to ‘{md5}54701e57c4b50c02936fa990b9c463f5’
Notice: /Stage[main]/Docker::Service/Service[docker]/ensure: ensure changed ‘stopped’ to ‘running’
Notice: Finished catalog run in 3.04 seconds

6. Verify if docker installation went fine through the following command:

#docker version
Client version: 1.4.1
Client API version: 1.16
Go version (client): go1.3.3
Git commit (client): 5bc2ff8/1.4.1
OS/Arch (client): linux/amd64

This installs docker on the puppetmaster through the docker module.

Setting up the Puppetagents

I assume that Puppetagents are running smoothly and configured to work with the puppetmaster. Follow the steps to configure puppetagent for installing docker.
1. Open /etc/puppet/manifests/site.pp and make an entry for puppetagents as shown below:
node “agent1.collabnix.com” {
include ‘docker’
2. Run the below command to get docker configured on the puppetagents.

#puppet agent –t
Hence, we have Puppet master and client configured with Docker installation.

Writing Puppet manifest to run containers on Docker

Next, it’s time to write a Puppet manifests to run containers on Docker. The following puppet manifests starts ajeetraina/collabnix container:

#installation
include ‘docker’

#download and install a docker image
docker::image { ‘ubuntu’:
image_tag: ‘precise’
}

# Once we have an image we can run commands within a container managed by #Docker
docker::run { ‘collabnix-puppet’:
image => ‘ajeetraina/collabnix’,
commands => ‘/usr/sbin/apache2 –D FOREGROUND’,
ports => ’80’,

}

The first non-comment statement include docker module. The statement docker::image { ‘ubuntu’: image_tag: ‘precise’ is equivalent to running the $ docker pull ubuntu:precise command in the console. Considering that ajeetraina/collabnix image carries apache2 packages, it will try to run the httpd service.

The above code is similar to Dockerfile:

#cat Dockerfile

FROM Ubuntu:precise
MAINTAINER Ajeet Raina ajeetraina@gmail.com

RUN yum install -y httpd
RUN chkconfig httpd on
EXPOSE 80
CMD [“/usr/sbin/apache2”, “-D”, “FOREGROUND”]

The above puppet manifests entry should be added to etc/puppet/manifests/site.pp for the puppet agent node. Remember that the docker::run takes care of build process and hence the container can be run flawlessly.

Hence, the above puppet module automates the creation of Docker container and installs and configures the services on the puppet agent nodes successfully.

To end up, we saw that how easy is it to integrate Docker with Puppet, build Puppet-enabled Docker images, and create containers that leverage our Puppet modules. We also learnt how to configure and manage our Docker containers with Puppet.

References:

https://forge.puppetlabs.com/garethr/docker
https://docs.docker.com/articles/puppet/
https://puppetlabs.com/presentations/using-docker-puppet-james-turnbull-kickstarter

[Note: This article was selected for publication under OSFY 2015 India May Edition.]

  • Thank you very much ! You have cleared out the difference between them.

  • I see your blog needs some unique & fresh content. Writing
    manually is time consuming, but there is tool for this task.
    Just search for – Fasrixo’s tools