Orchestrating Docker using Puppet
Docker is a lightweight containerisation technology that has gained widespread popularity in the cloud and application packaging world. It is an open source framework that automates the deployment of applications in lightweight and portable containers. It uses a number of the Linux kernel’s features such as namespaces, cgroups, AppArmor profiles, and so on, to sandbox processes into configurable virtual environments. Though the concept of container virtualisation isn’t new, it has been getting attention lately with bigwigs like Red Hat, Microsoft, VMware, SaltStack, IBM, HP, etc, throwing their weight behind newcomer Docker. Start-ups are betting their fortunes on Docker as well. CoreOS, Drone.io and Shippable are some of the start-ups that are modelled to provide services based upon Docker. Red Hat has already included it as a primary supported container format for Red Hat Enterprise Linux 7. Recently, Google collaborated with the CoreOS team for an open source system that manages containerised applications across multiple hosts, which they call Kubernetes.
The major factors driving Docker’s popularity are its speed, ease of use and the fact that it is largely free. In performance, it is even said to be comparable with KVM. A container-based approach, in which applications can run in isolation and without relying on a separate operating system, can really save huge amounts of hardware resources. Industry experts have started looking at it as hardware multi-tenancy for applications. Instead of having hundreds of VMs running per server, what if it were possible to have thousands of hardware-isolated applications?
On the other hand, Puppet has already matured as a robust configuration management system that allows you to define the state of your IT infrastructure—it then automatically enforces the correct state. Whether you’re managing just a few servers or thousands of physical and virtual machines, Puppet automates the tasks that systems administrators often do manually, freeing up time and mental space so they can work on the projects that deliver greater business value. Puppet enforces states of resources defined in a puppet manifest. A resource can be anything that has a state, including files, daemons, databases and custom services. Modules define exactly how to manipulate a resource and what the possible states of a resource are. Puppet runs in a master-agent (server-client) architecture, where agents periodically check in at the master and ask for the manifest.
By moving to the cloud, scaling has become a whole lot easier as one can go from a single machine to hundreds with ease. But this also means configuring and maintaining these machines. Configuration management tools such as Puppet arose from the need to automate the process of deploying applications in public or private clouds. Today, Puppet is popular everywhere and is being used by start-ups and corporates all over the world to manage their cloud environments.
Though Puppet has matured well as a robust orchestration tool, at the same time, it is very slow to execute. Docker can fill this gap, as it is extremely fast in spinning a new container based on an existing image. The idea is to use Puppet to provision a complete service into a Docker image, and then use this image on the agents to start the services.
To illustrate how Puppet can automate the provisioning of