1、麻袋理财基于Docker的容器化实践,褚夫元麻袋理财,背景(互联网金融),征信,借款人借款之前会进行资格审核 还款意愿(征信的目的)还款能力我们通过两种方式来做征信 查询内部数据 查询外部数据,接口名称身份验证进件规则黑名单查询灰名单查询反欺诈规则,改造之前 Monolithic Application,提供统一API供内部服务访问根据业务规则调用不同第三方API使用HttpClient访问第三方API,架构服务拆分,原则(The Twelve-Factor App)单一职责:每一个模块(服务)只做一件事情项目粒度:每一个可以单独进程跑的项目拆分为一个单独的项目代码与配置分离:Build-Re
2、lease-Run,改造结果模块化服务化Docker化,API GatewayService APIAdmin APISchedule ServiceWorkerDubbo(ZooKeeper)Redis,架构图,Docker实践Host Linux版本,Host Linux Ubuntu:14.04.4 LTS Kernel 4.2 CentOS:7.2.1511 Kernel 3.10Docker minimum requirement:Kernel 3.10Docker 1.9:Kernel 3.16 for overlay network,Docker实践Docker版本,Docker
3、:版本 1.10Updating resource constraints on running containersContent-addressable storageAllow to set daemon configuration in a file Configuration hot-reloadSupport custom IP addresses,Docker Image,Less dependency,more customizationphusion/baseimage runit-service management syslog cron sshhttps:/contai
4、ner vs Thin container,Dockerfile,Union FilesystemJDK baseimageJAVA_OPTS-Dfile.encoding=UTF-8-Duser.timezone=Asia/Shanghaimvn-build toolsprivate maven repositorymvn-onbuild-dependency project-bootstrap,Docker Registry-Harbor,通过GUI可以轻松的浏览和搜索镜像仓库,能够方便的管理项目和权限。通过项目组织权限支持接入企业AD/LDAP 所有操作都会被追踪记录用于审计提供 RES
5、Tful API,https:/,Docker存储,COW overhead,Data volumes are not controlled by the storage driver,Promotes smaller images,Docker存储,Device mapper Block-level copy-on-write system-all blocks are 64KB Thin provisioning-*data 100G metadata 2G default Loop lvm by default.direct lvm for production.Not the most
6、 memory efficient Docker storage driverAUFS Each layer as a regular directory Works at the file level Any changes to this mountpoint goes into the topmost layer,Docker存储,CI/CD-SCM,SCM:gitlabEnvironment-Based Branchesdev-SIT Build&Unit Test&Integration Test|merge request Vuat-UAT Build&Deploy|merge r
7、equest Vmaster(tags)-pre_prod&prod Build&DeploySeparate configurations from code base.Automation by Jenkins,CI/CD-Jenkins,Docker Remote APITrigger Period Pull SCM Gitlab Web hook push&tag Trigger builds on QA project with parametersBuild Ship Runbash/python script private registry docker-compose,Doc
8、ker编排-Docker Compose,Application ConfigurationEnvironment variables priority:docker-compose.ymlCompose file override:docker-compose-f docker-compose.yml-f docker-compose.sit.yml-f docker-compose.sit.project.yml up dLog driver/Volume/Network:docker-compose.ymlEnv specified:docker-compose.sit.ymlProject specified:docker-compose.sit.project.yml,Docker集群管理-SwarmShipyard,Docker日志-ELK,需求:检索 排错,volumes:-/data/logs:/app/logs-/data/files:/app/files,Docker监控,cAdvisor+Prometheus+Grafana,部署架构图,We are hiring,麻袋极客帮:mdgeek,