In [1]:
#!/usr/bin/env python3
from traitlets.config.manager import BaseJSONConfigManager
cm = BaseJSONConfigManager()
cm.update(
    "rise",
    {
        "transition": "zoom",
        "start_slideshow_at": "selected",
        "footer": "<h3>Python Girona 2020</h3>"
    }
)

{'transition': 'zoom',
 'start_slideshow_at': 'selected',
 'footer': '<h3>Python Girona 2020</h3>'}

# Containers and Orchestration: Docker and Kubernetes

--------------------

Python Girona - March 2020

--------------------

[Jordi Bagot](https://github.com/jbagot), [Xavi Torelló](https://github.com/XaviTorello)

## Python Girona

![alt text](./pictures/python_girona_small.jpeg "Python Girona")

- [Meetup](https://www.meetup.com/es-ES/PythonGirona/)  JOIN US!

- Share knowledge

- Have fun

- Eat pizzas

## General Agenda

- 1) Explanation of Docker and examples

- 2) Explanation of docker-compose and examples

- 3) Create a Django + React + Postgres application using docker and docker-compose! (Workshop)

- 4) Introduction to Kubernetes

# Let's start!


![alt text](./pictures/ready.gif "Ready")

## Docker Agenda

- 1) What's docker?

- 2) How to create our images?

- 3) How to build our images?

- 4) How to create containers?

- 5) How to manipulate containers?

### 1) What's docker?

`Docker` is a platform for developers and sysadmins to develop, ship, and run applications

- `Docker Engine`: open source containerization technology

- `Docker Hub`: SaaS service for sharing and managing app stacks

Wait... let me go back, some years ago...

### One application in one physical server

![alt text](./pictures/physical_server.jpg "Physical Server")

### Problems:

- Slow deployments
- Complicate to scale
- Expensive
- Wasted resources

Little bit after...

### Hypervisor virtualization


![alt text](./pictures/hypervisor_virtualization.jpg "Hypervisor virtualization")

### Advantages:

- One server have multiple applications
- Better resources
- VMs in the cloud as AWS, Digital Ocean, Azure...
- Easier to scale


### Disadvantages:

- Each VM has an OS
- Each VM has hardware limitations: memory, CPU, ...
- Application portability

and now...

### Docker!

![alt text](./pictures/docker_structure.jpg "Docker Structure")

### Advantages:

- Speed, there is no OS to boot
- Portability 
- Efficiency
- Scalability

## What is a container?

- It is the unit where the application is embeded with its dependencies

- It is the result when an image is builded and ran

- Isolation

- Ready to run

- Portable, run everywhere

### Docker basics

![alt text](./pictures/docker_basics.png "Docker Basics")

### 2) How to create our images?

- With a file called `Dockerfile`

- It is like a recipe, with the needed ingredients (dependencies) and steps to create a dish (image)

- Defines the behaviour of the image

```
FROM alpine:latest
ADD . /app
RUN make app
CMD python /app/app.py
```

#### Docker image

- Made by multiple layers

- The containers are created from the images

```
$ docker images
REPOSITORY                        TAG                 IMAGE ID            CREATED             SIZE
shodand_scanner_scanner           latest              82daf18d5d92        11 days ago         551MB
empireproject/empire              latest              527d5d78e7fc        3 months ago        1.19GB
redis                             alpine              05097a3a0549        12 days ago         30MB
redis                             2.8                 481995377a04        2 years ago         186MB
elpaso/qgis-testing-environment   master              334775a61a4f        2 weeks ago         3.39GB
docker_erp                        latest              285af92a3352        4 weeks ago         1.05GB
ubuntu                            16.04               b9e15a5d1e1a        5 weeks ago         115MB
python                            2.7                 4ee4ea2f0113        5 weeks ago         908MB
mongo                             3.0                 fdab8031e252        5 months ago        232MB
```

### 3) How to build our images?

- Build an image means create an image from the Dockerfile.

- `docker build .` (in the Dockerfile path)

- This will download all the layers, for example an alpine, python and so on and will build all of them in one image, ready to be run

### 4) How to create containers?

- When we have the image built, execute: `docker run <image_name>`

[![asciicast](https://asciinema.org/a/309102.svg)](https://asciinema.org/a/309102?t=9)

### Container caracteristics

- **NOT persistents** (normally)

- Does **not expose** any container **port** to the host by default

- Does **not map** any host **resource** to the container by default

### 5) How to manipulate containers?

[![asciicast](https://asciinema.org/a/309106.svg)](https://asciinema.org/a/309106)

Reviewing existing containers:
```
docker ps                                   
CONTAINER ID   IMAGE          COMMAND        CREATED        STATUS         PORTS          NAMES
c06ea563da0e   python:3.8     "bash"         3 seconds ago  Up 2 seconds                  upbeat_taussig
```

Use `-a` flag to see all (not just the started ones) 

```$ docker ps -a
CONTAINER ID        IMAGE                              COMMAND                  CREATED             STATUS                     PORTS               NAMES
c06ea563da0e        python:3.8                         "bash"                   2 minutes ago       Up 2 minutes                                   upbeat_taussig
47cf55fd3aac        nginx                              "nginx -g 'daemon of…"   7 weeks ago         Exited (137) 4 weeks ago                       k8s_workshop_nginx_1
285fa7d421c2        pentux/pygrn_k8s_workshop:latest   "/entrypoint /start"     7 weeks ago         Exited (137) 4 weeks ago                       k8s_workshop_django_1
...
...
```

Start a container
```
$ docker start <container_name>
```

Stop it!
```
$ docker stop <container_name>
```

Delete it!
```
$ docker rm docker_erp
```

## But I want to communicate with my container!!!!

- **Expose** ports with
  - `- p $HOST_PORT:$CONTAINER_PORT` at run time
    - i.e `-p 8081:8080` to expose the 8080 container port to 8081's host
  - use the `EXPOSE $PORT` command in your `Dockerfile`

- **Mount** paths
  - `- v $HOST_PATH:$CONTAINER_PATH` at run time
  - see the difference mount vs `ADD` `Dockerfile` command

## But my application needs more than one service...

## docker-compose is your friend!
![alt text](./pictures/old_friends.gif "Friends")

## docker-compose Agenda

- 1) What's docker-compose?

- 2) How to create our compositions?

- 3) How to run our compositions?

### 1) What's docker-compose?

- With a single file we can manage multiple images, our images or external ones. Building or pulling them

- Run multiple containers at same time

- The containers will be connected with an internal network

- You can define how many replicas of each image you want

### 2) How to create our compositions?

An example of the YAML file:

```
version: '3'
services:
  web:
    build: .
    ports:
     - "5000:5000"
  redis:
    image: "redis:alpine"

```

this will provide two containers
  - `web`: that uses local `Dockerfile` definition and binds the TCP#5000
  - `redis`: that runs an `alpine` tagged `redis` image 

### 3) How to run our compositions?

`docker-compose up` in the directory where you have the docker-compose.yml to run the composition.

In the previous example:
- 1) The web service have to build the docker file
- 2) The redis service have to be pulled from Docker Hub
- 3) Run both containers
- 4) Create a network to interconnect both services

`docker-compose down` to stop all the containers


#### Review logs
`$ docker-compose logs -f [$service]`

####  Rescale service
`$ docker-compose scale $service=4`

#### Stream container events
`$ docker-compose events --json`

#### Drop an interactive shell

`$ docker-compose -it exec $service bash`

### Docker Hub

- Repository with a lot of images ready to use

- Pull images from `Docker Hub` with Dockerfile

- Create your own repository. Ex: Gitlab registry

- Push your images to your repository or to `Docker Hub` with `docker push`

### Share your images!!! Share your knowledge!!!

![Share!](./pictures/share.gif "Share")

## Workshop time!

Now we're going to extend a real and **very, very very imporant project** with a `Composition`:

https://github.com/pygrn/todos_django


![alt text](./pictures/troll.gif "Troll")

This is a `Django` project that serves an example TODOS `API` created by [@manelclos](https://github.com/manelclos)

### Prepare the repo

```bash
$ git clone https://github.com/pygrn/todos_django.git .
``` 

### Create our build file

- Create a new file named `Dockerfile`

```dockerfile
FROM python:3.6
ENV PYTHONUNBUFFERED 1
COPY . /code/
WORKDIR /code
RUN pip install -r requirements.txt
```

, that means:
- use `python:3.6` public image, and extend it with
- `export PYTHONUNBUFFERED=1`
- copy all the repo code at `/code`
- assume that current directory will be `/code`
- process and install all project requirements

- Create the image*

```bash
docker build -t todos_django:latest .
```
, this will tag the resultant image as `todos_django:latest`

- Run the image, just to review what it contains*

```bash
docker run --rm -it todos_django:latest bash
```
, this will provide an interactive temporal container that uses our image and drops a shell

### Create our Composition

- Create a new file named `docker-compose.yml`

```yaml
version: '3'
services:
  api:
    build: .
    volumes:
      - .:/code
    ports:
      - "81:8000"
    command: ["python", "manage.py", "runserver"]  
```

, that means:
- hey "mrs compose", this is a version3 composition that should deploy a container serving the `api`
- the image should be builded using our `Dockerfile`
- at run time, `host` project directory should be mounted inside `container` `/code` folder
- `container` `8000/tcp` will be exposed to `host` at `81/tcp`
- once everything is ready the command `python manage.py runserver` will be executed to run our django app

#### , it works, but we should add a DB to our composition!

```
...
api_1  |   File "/usr/local/lib/python3.6/site-packages/django/db/backends/postgresql/base.py", line 176, in get_new_connection
api_1  |     connection = Database.connect(**conn_params)
api_1  |   File "/usr/local/lib/python3.6/site-packages/psycopg2/__init__.py", line 130, in connect
api_1  |     conn = _connect(dsn, connection_factory=connection_factory, **kwasync)
api_1  | django.db.utils.OperationalError: could not connect to server: No such file or directory
api_1  | 	Is the server running locally and accepting
api_1  | 	connections on Unix domain socket "/var/run/postgresql/.s.PGSQL.5432"?
api_1  | 
```

```
version: '3'
services:
    
  db:
    image: kartoza/postgis:latest
    environment:
      - POSTGRES_DB=a_database
      - POSTGRES_USER=a_user
      - POSTGRES_PASS=a_password
      - ALLOW_IP_RANGE=0.0.0.0/0
    ports:
      - 35432:5432
```
, this will
- provide a new service named `db` that will start a PostgreSQL with PostGIS extensions ready
- creating a new database named `a_database`
- granting access for `a_user:a_password`
- allowing connections from any IP
- exposing the container's psql port `5432` as host `35432`

### WTF?? Both containers are correctly defined, but the DB is not ready for our web

```
db_1   | 2019-03-05 15:37:23.354 UTC [40] LOG:  database system was shut down at 2019-02-01 14:24:17 UTC
db_1   | 2019-03-05 15:37:23.388 UTC [27] LOG:  database system is ready to accept connections
api_1  | Try to load extra settings: settings-production.py
api_1  | Performing system checks...
api_1  | 
api_1  | System check identified no issues (0 silenced).
api_1  | Unhandled exception in thread started by <function check_errors.<locals>.wrapper at 0x7fdc5d447268>
api_1  | Traceback (most recent call last):
api_1  |   File "/usr/local/lib/python3.6/site-packages/django/db/backends/base/base.py", line 213, in ensure_connection
api_1  |     self.connect()
api_1  |   File "/usr/local/lib/python3.6/site-packages/django/db/backends/base/base.py", line 189, in connect
api_1  |     self.connection = self.get_new_connection(conn_params)
api_1  |   File "/usr/local/lib/python3.6/site-packages/django/db/backends/postgresql/base.py", line 176, in get_new_connection
api_1  |     connection = Database.connect(**conn_params)
api_1  |   File "/usr/local/lib/python3.6/site-packages/psycopg2/__init__.py", line 130, in connect
api_1  |     conn = _connect(dsn, connection_factory=connection_factory, **kwasync)
api_1  | psycopg2.OperationalError: could not connect to server: No such file or directory
api_1  | 	Is the server running locally and accepting
api_1  | 	connections on Unix domain socket "/var/run/postgresql/.s.PGSQL.5432"?

...
...

db_1   | postgres ready
db_1   | Postgis is missing, installing now
db_1   | Creating template postgis
db_1   | Enabling template_postgis as a template
db_1   | UPDATE 1
db_1   | Loading postgis extension
db_1   | CREATE EXTENSION
db_1   | Enabling hstore in the template
db_1   | CREATE EXTENSION
db_1   | Enabling topology in the template
db_1   | CREATE EXTENSION

``` 

### Solution: Use wait scripts!

https://github.com/vishnubob/wait-for-it

- Fetch the `wait-for-it.sh` script and save it at `utils/wait-for-it.sh` //ensure that is executable!
```bash
$ mkdir -p utils && curl https://raw.githubusercontent.com/vishnubob/wait-for-it/master/wait-for-it.sh -o utils/wait-for-it.sh && chmod +x utils/wait-for-it.sh
```

- Prepare an start script! `utils/start-server.sh` //it should be executable!


```bash
pip install -r requirements.txt
python manage.py migrate
python manage.py runserver 0.0.0.0:8000
```
, this will ensure to review requirements, apply latest pending migrations and start Django!

- Improve our composition to change `web` start command and define a depedency to `db`:

```yaml
  api:
    build: .
    volumes:
      - .:/code
    ports:
      - "81:8000"
    command: ["bash", "./utils/wait-for-it.sh", "db:5432", "--", "bash",  "./utils/start-server.sh"]
    depends_on:
      - db    
```
, this will start our Django once the `5432/tcp@db` is ready to accept connections!

### OK! Now our Django is waiting for the DB, but still breaking!

We should review our `Django` config, **it needs some ENV vars to point to our backend**

```bash
$ vi todos_project/settings-production.py

DATABASES = {
    'default': {
        # 'ENGINE': 'django.db.backends.postgresql_psycopg2',
        'ENGINE': 'django.db.backends.postgresql',
        'NAME': os.environ.get('DB_NAME'),
        'USER': os.environ.get('DB_USER'),
        'PASSWORD': os.environ.get('DB_PASSWORD'),
        'HOST': os.environ.get('DB_HOST'),
        'PORT': os.environ.get('DB_PORT'),
    },
}
ALLOWED_HOSTS = ['*']
```

### Config the environment vars in the docker-compose file


```yaml
...

  api:
    environment:
      - DB_HOST=${DB_HOST}
      - DB_PORT=${DB_PORT}
      - DB_NAME=${DB_NAME}
      - DB_USER=${DB_USER}
      - DB_PASSWORD=${DB_PASSWORD}

...

  db:
    environment:
      - POSTGRES_DB=${DB_NAME}
      - POSTGRES_USER=${DB_USER}
      - POSTGRES_PASS=${DB_PASSWORD}
      - ALLOW_IP_RANGE=0.0.0.0/0
```

- Create an `.env` file

```bash
DB_HOST=db
DB_PORT=5432
DB_NAME=todos
DB_USER=todos
DB_PASSWORD=this_is_not_a_secure_password
```

### It's magic!! It works!!!

http://0.0.0.0:81/api/v1/


![alt text](./pictures/todos_api.png "TODOs API")

### It can be more intense...

We'll try to integrate the `React` frontend created by [@francescarpi](http://github.com/francescarpi):

https://github.com/pygrn/todos_react

### The idea is to show alternative ways to provide a container as a service

- Create another build script named `Dockerfile_frontend`

```Dockerfile
# Use an alpine-based (ver small base) node image
FROM node:alpine
RUN apk update && apk upgrade && \
    apk add --no-cache bash git openssh
    
# Prepare our project and their dependencies
RUN mkdir /code
WORKDIR /code
RUN git clone https://github.com/pygrn/todos_react . 
RUN sed -i 's;https://server3.microdisseny.com/apps/todos;http://localhost:81;g' src/lib/apiclient.js
RUN yarn install

# Directly upload the wait-for-it script to the image
ADD utils/wait-for-it.sh ./
RUN chmod +x wait-for-it.sh
```

- Add the new service!

```yaml
...

  web:
    build: 
     context: ./
     dockerfile: Dockerfile_frontend
    command: ["bash", "./wait-for-it.sh", "api:8000", "--", "yarn",  "start"]
    ports:
      - "80:3000"
    depends_on:
      - api
    restart: always
```

**Now, you can check http://localhost ...**

![alt text](./pictures/please.gif "Please")

## Kubernetes Agenda

- 1) What's Kubernetes?

- 2) Kubernetes structure

### 1) What's Kubernetes?

- Container orchestrator
- The most famous one
- Layer to manage a cluster of containers
- Auto-scaling

### Container orchestrator

- Easy deploy, gracefully, stateless
- Replication: run X copies
- Built-in load balancers
- Auto-scaling: better resource use

### Layer to manage a cluster

- Manifest: one file to define all your cluster
- Automate cluster maintenance
- Load balancers
- Manage secrets

### Scalability

- Specify number of container replicas
- Auto pod scaling, based on CPU, memory or custom metrics
- It's a cluster, add more nodes

### 2) Kubernetes structure

- Pod
- Service
- Namespace
- Node

![alt text](./pictures/kubernetes_cluster.png "Kubernetes cluster")

And **much much much more...**

If you want more we can do another session

## Resources:

- https://www.slideshare.net/Docker/introduction-to-docker-2017

# It's all!

![Thanks!](pictures/thanks.gif "Thanks")

# Questions?