DevOps and CI/CD Integration with Docker
Understanding DevOps with Docker
What is DevOps?
DevOps is a set of practices that combines software development (Dev) and IT operations (Ops) to:
- Shorten the development lifecycle
- Provide continuous delivery
- Ensure high software quality
Docker's Role in DevOps
Docker facilitates DevOps practices by providing:
-
Consistency
- Same environment across development and production
- Reproducible builds
- Consistent testing environments
-
Automation
- Automated builds
- Automated testing
- Automated deployments
-
Scalability
- Easy horizontal scaling
- Load balancing
- Resource optimization
CI/CD Pipeline Integration
Continuous Integration (CI)
1. Setting up CI with Docker
GitHub Actions Example
name: CI Pipeline
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Build Docker image
run: docker build -t myapp:test .
- name: Run tests
run: |
docker run myapp:test npm test
- name: Security scan
uses: anchore/scan-action@v2
with:
image: myapp:test
GitLab CI Example
stages:
- build
- test
- scan
- push
build:
stage: build
script:
- docker build -t $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA .
test:
stage: test
script:
- docker run $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA npm test
security_scan:
stage: scan
script:
- trivy image $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
Continuous Delivery (CD)
1. Automated Deployment Strategies
Blue-Green Deployment
version: '3'
services:
blue:
image: myapp:1.0
ports:
- "8080:80"
green:
image: myapp:2.0
ports:
- "8081:80"
nginx:
image: nginx
ports:
- "80:80"
depends_on:
- blue
- green
Rolling Updates
version: '3'
services:
web:
image: myapp:latest
deploy:
replicas: 4
update_config:
parallelism: 2
delay: 10s
2. Deployment Pipeline Example
name: CD Pipeline
on:
workflow_run:
workflows: ["CI Pipeline"]
types:
- completed
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- name: Deploy to Production
uses: appleboy/ssh-action@master
with:
host: ${{ secrets.SERVER_HOST }}
username: ${{ secrets.SERVER_USERNAME }}
key: ${{ secrets.SSH_PRIVATE_KEY }}
script: |
docker-compose pull
docker-compose up -d
Infrastructure as Code (IaC)
Docker Compose as IaC
version: '3'
services:
app:
build: .
environment:
- NODE_ENV=production
ports:
- "3000:3000"
depends_on:
- db
- redis
db:
image: postgres:13
volumes:
- db_data:/var/lib/postgresql/data
environment:
- POSTGRES_PASSWORD_FILE=/run/secrets/db_password
redis:
image: redis:alpine
volumes:
- redis_data:/data
volumes:
db_data:
redis_data:
secrets:
db_password:
file: ./secrets/db_password.txt
Monitoring and Logging
1. Container Monitoring
- Prometheus for metrics
- Grafana for visualization
- cAdvisor for container metrics
2. Log Management
version: '3'
services:
app:
logging:
driver: "json-file"
options:
max-size: "200m"
max-file: "10"
3. ELK Stack Integration
version: '3'
services:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:7.9.3
logstash:
image: docker.elastic.co/logstash/logstash:7.9.3
kibana:
image: docker.elastic.co/kibana/kibana:7.9.3
Security Best Practices
1. Image Security
- Use official base images
- Regular security scans
- Keep images updated
2. Runtime Security
# Example secure Dockerfile
FROM node:18-alpine
# Create non-root user
RUN addgroup -S appgroup && adduser -S appuser -G appgroup
# Set working directory
WORKDIR /app
# Copy application files
COPY --chown=appuser:appgroup . .
# Use non-root user
USER appuser
# Start application
CMD ["npm", "start"]
3. Secret Management
- Use Docker secrets
- Environment variables
- External vaults (HashiCorp Vault)
Automation and Scaling
1. Auto-scaling Configuration
version: '3'
services:
web:
image: nginx
deploy:
replicas: 5
resources:
limits:
cpus: '0.5'
memory: 512M
restart_policy:
condition: on-failure
placement:
constraints:
- node.role == worker
2. Load Balancing
http {
upstream backend {
server web1:80;
server web2:80;
server web3:80;
}
server {
listen 80;
location / {
proxy_pass http://backend;
}
}
}
Best Practices
1. Pipeline Design
- Keep pipelines fast
- Implement proper testing
- Use caching effectively
- Implement proper versioning
2. Environment Management
- Use environment variables
- Implement proper secrets management
- Maintain parity between environments
3. Monitoring and Logging
- Implement comprehensive monitoring
- Centralize logs
- Set up proper alerting
Next Steps
After understanding DevOps and CI/CD integration:
- Set up your first CI/CD pipeline
- Implement automated testing
- Configure monitoring and logging
- Deploy your application using Docker
The next section will cover Docker components and their interactions.