Docker Support

Would like to see docker as a virtualization type with support for hub images (maybe a search?), using a docker file to build, and using docker volumes. An example of the only thing I could consider a docker "VPS" panel is shipyard.

Future things could be docker-compose support too, but that might get a big complicated.

Some of this may need to be implemented as a webmin module for cloudmin to rely on.

Status: 
Active

Comments

Docker is on our roadmap to support as a Cloudmin VPS type.

I'm curious what this support would look like. I'm just getting more into Docker after roughly ignoring it (bad me, I suppose). I'm mostly only learning about it because a couple interesting applications have Docker containers available, so it got me wondering how I might change things up going forward -- if at all.

I've historically just used mostly dedicated servers and/or VMs and then put Virtual/Cloudmin on on them to help manage them in general. Things like RoR apps or other applications (game servers or whatever) have just been sloppily tacked on by me or others, using Virtualmin to create some user spaces and handle backups... I often wonder how poorly I'm using all this stuff, tbh. I'm either Doing it Right, or I should be embarrassed.. maybe a touch of both? I try to segregate like items onto separate servers, to make sure things like a web server are not co-mingling with a game server, for instance, but I don't always have the willpower or funds to spin up new VMs.

Anyway, my current thought as I need to start yet another VM, is if I should maybe be setting up everything in Docker (or Docker-like) clusters, instead of just keep having all these different machines/VM OSes to manage. ...also, a few of these physical servers really ought to be either retired, or made less crucial in case they start failing. I am now wondering if I should re-install my rigs (and VMs?) with something like Docker and then set it back up with separate containers for things like a MySQL server container, a web server container, email container (I try not to host much email anymore), etc.

This post is rambling, sorry.. but I don't really know how to ask about this stuff in light of how Virtualmin/Cloudmin work. It seems like it would be amazing to be able to containerize a database server, for instance, letting a separate Apache/Nginx/Node.js/whichever container access dbs across the cluster. That seems like it would be awesome, since then you could scale up ONLY the database server's container (or replicate/load-balance it?) and leave the others alone if they're good enough.

...that is, if I even understand all this correctly? Sorry for the ramble, but I don't know how to more succinctly discuss this stuff or ask the right question.

I suppose the tl;dr: is "what sort of use case do you see Docker providing for Cloudmin users?"

Does it make sense to start a new server as a Docker setup, where maybe it has one container that is running the whole Virtualmin/Cloudmin stack on it? I'm thinking of a base OS with Docker (obviously), but then can I install Virtualmin inside it in a container, for instance?

...very sorry if this is not making sense. I'm knee-deep in too many research pages trying to figure some of this out very quickly, while also being late for setting up a couple new client hosting accounts.

Thanks for reading/commenting. Also, as usual, thanks VERY much for your work on *min!!

So, the docker support is almost code-complete, and will be in the next Cloudmin release. Basically, we are treating Docker like other virtualization types, but much more limited - the idea is that users will be able to create and move Docker containers using the existing Cloudmin UI and tools.

There's no plan yet to move some or all Virtualmin components into Docker containers though.

Joe's picture
Submitted by Joe on Mon, 03/14/2016 - 21:40 Pro Licensee

We're still figuring out how it will all fit together, as well. I suspect Cloudmin Connect (which is a thingy that allows Virtualmin to use remote MySQL/Postgres, DNS, and mail processing servers) would be somewhat trivial to modify to support a "Dockerized MySQL" instance, for example. The ephemeral nature of Docker instances is still weird, and I don't quite get how one does that with a database that needs to always be current (I feel like it's pushing state "out of sight, out of mind" without actually dealing with state. But, I'm still wrapping my head around it.

A lot of the things people are using Docker for are gratuitous...they're overcomplicating their deployments with plans for "scaling up", but most sites never "scale up" past one server, so it's silly to build for that scale from day one.

But, anyway, it is on our radar, but we don't know what to make of it yet. We're just now starting to tinker with Docker ourselves, and the initial support in Cloudmin will help us figure out how our users want to use it beyond the basics of spinning the things up and down.

Great info, thanks.

I'm personally feeling like I'm trying to use the concepts of containers/Docker as a bit of a "solution without a problem", for my use cases, at least. I've thought about taking several of my old physical servers and rebuilding them as Docker machines in a cluster... but all those words I just said may not actually fit together, so this is right about where I typically stop thinking about it and looking for other solutions. :)

I think for now I'm happy to just spin up a new GCE VM and put Cloudmin on it so I can get some client sites built. I keep thinking about separating out the SQL to an external cloud DB (on GCE or Rackspace or ??) but also haven't pulled the plug there either. These sites haven't been getting enough traffic to worry much about this stuff, but a new gig I got may end up with some traffic spikes (from press releases and such) that I haven't dealt with before.

..sooo, add me to the "I better get ready to scale this thing" crowd, who will likely never scale more than needed by a single server.

Heh. Back to the books on this, for me. Thanks a ton for the info!

Cheers.

Cloudmin should absolutely take Docker seriously because well, it’s the perfect product for it. Just like others have mentioned I also ignored Docker before and I think most people do it because they don’t properly understand new technologies. Docker is actually not new, it’s a software OS type container similar to how OpenVZ exists for decades, the difference is the extremely heavy support its receiving from almost every possible tech vendor including Google. Docker takes virtualization right to the application level.

Application virtualization is not new, I played with it on Windows for years and VmWare also had a product to virtualize apps from the OS to make them portable. But Docker is really taking off.

First of all you should not confuse what Cloudmin does with Dockers. Dockers is not going to replace hardware virtualization like KVM or Xen. You still need them. Most people that will run Docker will do it out of a VM in the first place. XenServer for example understand this concept and instead of feeling Docker as a threat to them they see it as a platform so they also introduced Docker support where if you run Dockers inside CentOS 7 or CoreOS you can actually manage and measure the metrics from the hypervisor or XenCenter directly.

Similar to Cloudmin, you are still going to need Cloudmin because you are going to probably run your dockers somewhere and I don’t think it would be smart (pretty dumb actually) to run it from your master where Cloudmin is running. You will probably have physical servers running CentOS or CoreOS or virtual machines running them (nodes), so CloudMin will manage your physical servers or Virtual node Machines as usual and those instances are going to manage the containers inside them. I know it sounds confusing but Cloudmin didn’t replace Virtualmin either just like Virtualmin didn’t replace Webmin. They complement each other. You need one for the other. Someone that wants to host one email account is going to sign up with a Virtualmin hosting account not a Xen machine VM because he does not even know what an operating system is. A developer on the other part the needs root access, kernel compilation or install several of its own stuff is going to get a virtual machine with a full blown Linux on it. And Webmin is still applies for server side admins running those systems.

So where does Docker fit here? Docker allows you to provide the end application to users isolated. Just like a VM except there is no operating system, no kernel, no firewall, nothing. All what is inside the container is for example WordPress, Apache and MySQL. Or you could have 3 separate containers for each one and connect them in a pod. Cloudmin should do much more than just manage the containers. It should provision them, measure them, deploy them, scale them and bill them. You could launch 10 MySQL containers in different servers, and Cloudmin would be aware as it’s also managing those machines. You could connect them, cluster them, fail them over. Whatever you want and need.

An example of this is for example KuberDock, they basically took Kubernetes which is to manage and scale Dockers and made a web panel for it for providers, to bill them, measure them and integrate them with cPanel hosters. Why is Cloudmin a perfect fit here? Well because Cloudmin already has Virtualmin, that is why, they don’t need to rely on something like cPanel or another software. What Jamie should do is take something like Shipyard or Kubernetes and expose it to Cloudmin or integrate it, then connect a deeper integration with Virtualmin, VM’s running dockers managed by both by Cloudmin. One of the best thing of Cloudmin personally is the API and the tools it provides for vendors, besides the web GUI of course.

I can manage VM’s from other visual tools but I cannot automate everything together like it would be possible with Cloudmin. The power here is that Cloudmin can measure the VM’s and interact with them directly as well the containers running on them, take actions based on specific metrics, or bill them. This also where the API takes place, your own billing or another software will not log into Cloudmin like a human does, they will interact with the API. And so the API should be able to manage Dockers inside VM’s that are managed by Cloudmin just like you can do some API calls to manage VM’s and get billing metrics. Cloudmin should add automation tools that can interact with both VM’s and the containers running inside the VM’s or just directly with containers. You could have a fleet of applications and clusters managed this way. This is a very powerful combination which I think they are not tackling correctly.

Let me make a few practical examples of how Cloudmin could make some of integration:

Cloudmin could have resource usage metrics for each container just like it has for VM’s. This can be with or without VM’s calculations combined (let providers see what ever model they want to create).

Cloudmin can reboot Dockers or its applications if something fails in the main VM, or can move Dockers to another VM with more free resources to load balance them.

Cloudmin needs to see into the Dockers and together with what it can do with VM’s this is an extremely powerful combination to manage fleets of clusters and services. Want a more practical example? Dockers containers don’t have a public IP by default and giving a public IP per container is too expensive for most people, so what for example KuberDock did was to proxy the requests trough the cPanel domain (Apache proxy) where the user is running the container, so they are using the domain to access the container and isolate the traffic to that user container. Smart right? Well but you still need cPanel for this which sounds strange if you only want the container and not the shared hosting account. Kuberdock can’t auto delete or create DNS records, or assign IP’s on its own. But Cloudmin can because it has Virtualmin for this !!! You can create a new domain inside Virtualmin, assign it a shared or dedicated IP, create the proper DNS records, and voila, give the user a finished Container running his own dedicated WordPress instance!!!

Don’t reinvent the wheel either. Google created terrible amazing tools which can auto scale, auto balance and do all sort of things with containers using Kubernetes. Just use something like that and integrate it with Cloudmin. Of course Cloudmin as a software will not do magic for some things you are still going to require your hardware part like having a Ceph or other clustered storage or a load balancer. But no other software as a whole is more ready for something like Dockers. I think Cloudmin is really missing a big potential here. Just to give you an idea, both Amazon and Google are offering containers already. Don’t ignore containers. They are the future of the cloud for some type of apps and services.

Those are some interesting ideas, particularly the proxy suggestion! We are very close to releasing Docker support - in fact, if anyone wants to volunteer to beta test it, please let me know.

This is are some the ideas that could be planned:

Users want to buy a docker container (IPv4 are expensive and mainly gone), of course Cloudmin can assign him a dedicated IP, the way it would work is: 1. Cloudmin has root access and manages the VM, lets say CentOS 7 running on XenServer or CoreOS. So Cloudmin can assign from the pool of IP’s assigned to that VM the specific container.

  1. Scenario 2. Most probably you have shared IP’s. You want or can’t give him a dedicated IP per container. So in this case Cloudmin which has a Virtualmin instance creates the proper hosting account for the server, lets say example.com, then it basically creates an Apache proxy which can route traffic from that domain to the proper container like example.com/container

Providers does not need to give an IP per container, and Cloudmin can also instruct Virtualm to create the DNS records properly for the account. Since Cloudmin talks to Virtualmin and Dockers, the combination of this 3 products can be fully automated. Customer can order a container and it can all be automated.

On the provider side the things you could potentially implement are unlimited. Like load sharing containers between different servers even on different datacenters. Just connect all VM to Cloudmin, Cloudmin manages them and can also interact with the containers inside them. With something like Kubernetes Cloudmin can then auto scale vertically and horizontally apps but starting more VM’s running containers or my moving containers between systems. Another idea is to access container data similar to how XenServer does now: https://www.youtube.com/watch?v=sUBluy3u3Mo

Actually, Cloudmin can manage XenServer VM machines, so someone can access that functionality today as well. XenSever will expose more API calls for Dockers in the future as they are serious into Dockers like basically everyone else is, so Cloudmin will have access to the XenAPI to handle Docker containers just like it has access to the XenAPI today to manage VM’s.

Docker fans - we have a beta release of Cloudmin ready for testing! If anyone would like to try it out, please let me know via this ticket..

For anyone who wants to try it out, please let me know your email address and the Linux distribution your master system is running, and I'll email you a beta package.

JamieCameron I would love to try this, can you send it to my e-mail? (the one registered)

@femanso - sure, but which Linux distribution are you running?

@jamieCameron it's Centos 7.2

Hi, I installed Ubuntu 16.04 and the last version of cloudmin, when I try to create a docker container from cloudmin it says failed to create, and that's all.

edit: my bad, it works.

Hi, I am running a new centos 7 system running docker 1.11. I have created an image on this machine when I try to use the cloudmin tools to create a container the message returned is image not found. Any idea how I can debug this to get it working?

Thanks

Ted - can you post the full error message?

Hi, From /var/webmin/miniserv.error

Error: Docker image uoftcentos does not exist

If there is someplace else I can look for a better diagnosis you would have to direct me I am very new to cloudmin.

FYI This is brand new system provisioned just a day ago running centos 7.

If you login to the Docker host system and run docker images , what does it output?

[root@cloudmin-master webmin]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
uoftcentos 7.2.1511 d201afd26246 45 hours ago 245.3 MB

The image was selected from the popup window that was generated by cloudmin software.
I also tried not using the popup and typing the qualified name and got the following:

Failed to create system : Docker image uoftcentos:7.2.1511 does not exist

Sorry updated wrong issue

What if you just enter uoftcentos as the image name?

tried that as well same result

Which module is actually being called to create the image. I am willing to insert debugging just haven't found out where this particular code is.

If I enter the image ID rather than the image name I do get a different result but it still doesn't work.

Creating virtual system with Docker ..
.. creation failed : Failed to pull image : Using default tag: latest Pulling repository docker.io/library/d201afd26246 Error: image library/d201afd26246 not found

I am not logged into docker hub. I was going to open a different issue about being able to specify my own docker repository rather than docker hub's since I want to have total control of the images that I am running.

Ted

If you go to Docker -> Local Docker Images, is the uoftcentos image shown?

Yes.

Image ID Image name Tags Host systems Used by containers
d201afd26246 uoftcentos 7.2.1511 cloudmin-master.eis.utoronto.ca No systems

I figured I would provide the following because you will probably ask for it:

[root@cloudmin-master webmin]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@cloudmin-master webmin]#

[root@cloudmin-master webmin]# uname -a
Linux cloudmin-master 3.10.0-327.18.2.el7.x86_64 #1 SMP Thu May 12 11:03:55 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
[root@cloudmin-master webmin]#

root@cloudmin-master webmin]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
uoftcentos 7.2.1511 d201afd26246 2 days ago 245.3 MB

[root@cloudmin-master webmin]# docker info
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 1
Server Version: 1.11.1
Storage Driver: zfs
Zpool: zpool-docker
Zpool Health: ONLINE
Parent Dataset: zpool-docker/docker
Space Used By Parent: 19456
Space Available: 107374162944
Parent Quota: 107374182400
Compression: off
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: host bridge null
Kernel Version: 3.10.0-327.18.2.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 3.695 GiB
Name: cloudmin-master
ID: XRTS:6ILZ:RWLR:ZTYS:VI7L:ZQ6B:B7LV:MRCG:GFMV:E2OQ:JOEE:2NOS
Docker Root Dir: /var/lib/docker
Debug mode (client): false
Debug mode (server): false
Registry: https://index.docker.io/v1/
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled

[root@cloudmin-master webmin]# cloudmin list-docker-images --host cloudmin-master.eis.utoronto.ca
ID Name Size
---------- -------------------------------------------------- ----------
d201afd262 uoftcentos 245.30 MB

[root@cloudmin-master webmin]# cloudmin create-docker-image --host cloudmin-master.eis.utoronto.ca --name test4 --tag test4 --port 8080
System cloudmin-master.eis.utoronto.ca is not a Docker container

Create a new Docker image from a system.

cloudmin create-docker-image --host name
--name image-name
[--desc description]
[--author name]
[--tag string]*
[--command "binary args" | --no-command]
[--port port-to-open]*
[root@cloudmin-master webmin]# cloudmin create-docker-image --host uoftcentos --name test4 --tag test4 --port 8080 System with hostname uoftcentos does not exist

Create a new Docker image from a system.

cloudmin create-docker-image --host name
--name image-name
[--desc description]
[--author name]
[--tag string]*
[--command "binary args" | --no-command]
[--port port-to-open]*

Can't think of any more diagnostics to give you.

I haven't mistyped the name I used your facilities to select the name and I have cut and pasted from the docker images command when not using your selector. I have tried line mode but can't figure out the syntax.

This system is not in production so any additional diagnostics you would like me to try I am willing to do it.

Do you have more than one Docker host system registered with Cloudmin?

Also, what if you try creating a container from the command line with a command like :

cloudmin create-system --type docker --host dockertest --docker-host cloudmin-master.eis.utoronto.ca --docker-image uoftcentos

cloudmin create-system --type docker --host dockertest --docker-host cloudmin-master.eis.utoronto.ca --docker-image uoftcentos
Starting creation of Docker system ..
.. creation started

Waiting for creation to complete ..
.. creation failed : Unable to find image 'uoftcentos:latest' locally
Pulling repository docker.io/library/uoftcentos
docker: Error: image library/uoftcentos not found.
See 'docker run --help'.

[root@cloudmin-master docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
uoftcentos 7.2.1511 d201afd26246 2 days ago 245.3 MB
[root@cloudmin-master docker]# cloudmin create-system --type docker --host dockertest --docker-host cloudmin-master.eis.utoronto.ca --docker-image uoftcentos:7.2.1511
The Docker image uoftcentos:7.2.1511 does not exist

I created an image called uoftcentos:latest which is a simple "hello world" with a sleep function which keeps it active here is the result.

[root@cloudmin-master centos-apache]# cloudmin create-system --type docker --host dockertest --docker-host cloudmin-master.eis.utoronto.ca --docker-image uoftcentos
Starting creation of Docker system ..
.. creation started

Waiting for creation to complete ..
.. creation complete

Adding DNS entry dockertest.cloudmin.eis.utoronto.ca. for IP address 172.17.0.2 ..
.. done

Refreshing status ..
.. done (nowebmin)

Refreshing status of host system cloudmin-master.eis.utoronto.ca ..
.. done (novirt)

Creating console access user ..
.. done

Creation of Docker system dockertest.cloudmin.eis.utoronto.ca is complete
[root@cloudmin-master centos-apache]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2c27d915d117 uoftcentos "/test.sh" 22 seconds ago Up 20 seconds dockertest

So we are making progress great.

Ted

So creation from the command line works, but not from the web UI?

Which Linux distribution and version is your Docker host system running, and how did you install Docker on it?

See item #27 above.
I will repeat here.
Docker version 1.11 on a Centos 7 system. Docker installed from rpm's from Docker official repositories. Centos 7 system newly built for the purpose of running cloudmin and docker.
docker-engine-1.11.1-1.el7.centos.x86_64
Linux cloudmin-master 3.10.0-327.18.2.el7.x86_64 #1 SMP Thu May 12 11:03:55 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux

Online sort of works:

I did the following:

docker build --tag uoftcentos:test .
Sending build context to Docker daemon 3.072 kB
Step 1 : FROM uoftcentos:7.2.1511
---> d201afd26246
Step 2 : MAINTAINER Ted.Sikorski@utoronto.ca
---> Using cache
---> 920421e7c550
Step 3 : COPY test.sh /test.sh
---> Using cache
---> 88b948f569ac
Step 4 : ENTRYPOINT /test.sh
---> Using cache
---> 7a1eddb2af03
Successfully built 7a1eddb2af03

[root@cloudmin-master centos-apache]# cloudmin create-system --type docker --host dockertest2 --docker-host cloudmin-master.eis.utoronto.ca --docker-image uoftcentos:test
The Docker image uoftcentos:test does not exist

Creates a new virtual system of some type. ...

[root@cloudmin-master centos-apache]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
uoftcentos latest 7a1eddb2af03 32 hours ago 245.3 MB
uoftcentos test 7a1eddb2af03 32 hours ago 245.3 MB

I plan on using the tag to distinguish various aspects of my built images. Being restricted to "latest" is not reasonable. TEST, QA and PROD come to mind as builds work their way through their life cycle.

For your info here is the stack trace from the gui:

Failed to create system : Docker image uoftcentos does not exist

Call Stack Trace

File Line Function
/usr/libexec/webmin/server-manager/docker-type-lib.pl 464 WebminCore::error
/usr/libexec/webmin/server-manager/create.cgi 108 server_manager::type_docker_create_parse
(eval 53) 6 (eval)
/usr/libexec/webmin/miniserv.pl 2392 (eval)
/usr/libexec/webmin/miniserv.pl 914 miniserv::handle_request

Ok, we'll do some testing on CentOS 7 and get back to you on this ticket.

FYI, the next release of Cloudmin will support tagged images properly.