DevOps engineers have come to rely on configuration management tools like Puppet, SaltStack, Chef and Ansible for faster deployments and minimizing errors. However, the quest for the perfect deployment solution is still on. As is the fate of any code, Puppet manifests, Chef cookbooks, etc., are affected by bugs, and requires extensive testing before it can be used in production servers.

This strategic shortfall of contemporary configuration management tools lay at the heart of an issue that was recently reported to us. Here are the important points:

Company : An online service provider with their custom developed application
Server infrastructure : A cluster of web servers, database servers, load balancers and caching servers running on dedicated servers.
Issue faced : As the infrastructure grew, a great deal of engineering time was being spent writing/testing new deployment or configuration modules, troubleshooting bugs in old or underlying modules, and dealing with one-off issues due to slight differences in environments. They had tried automated testing tools (Puppet automated testing in this case), but it just added another layer of complexity where the testing code also needed to be debugged. They wanted a solution which can ensure fast feature releases and painless scaling up.

Of course, server virtualization was our first thought. Why not just use Virtual Machines that were exact replicas of the production server? Well, the problem was that no matter how carefully you setup a VM image, it’ll still have something different from the production environment. Experience has shown that time and again. So, we needed another solution which will ensure that the environment configuration is uniformly updated in the whole infrastructure at the same time.

Simplifying configuration management

After considering different alternatives, Docker looked like the ideal solution for this scenario. Docker uses OS virtualization and runs off an image that can work on any Linux server. It enables DevOps engineers and developers to access the same virtual machine image for development in laptops/workstations, QA testing in stage and deployment in production.

With the push function a developer can update a configuration change in a Docker image, and an Ops engineer uses pull function to use the latest image to deploy in staging and production. This ability to SHARE the same image eliminates the need to create manifests to maintain the same configuration in all environments. The engineering time could be focused on just maintaining deployment manifests and cookbooks. Major configuration management tools like Puppet already have full fledged Docker support.

Simplifying infrastructure management

Now let’s see how we can save a bit more time for the Ops engineers. Monitoring tools like Nagios and Zabbix do a nice job of letting us know when an issue pops up in one of the Docker containers, and the usual reaction is to login to a terminal, and look through system logs or use diagnostic tools.

Here Cockpit from Red Hat can help. It is a central web-based interface to manage all your servers. It displays a nice summary of critical server parameters, and allows you to administer the server if needed from a web-based terminal.

Newer versions of Cockpit comes with built-in Docker integration. Cockpit allows easy management of Docker containers that includes getting new versions of images, adjusting resource usage and monitoring per container performance. Here’s a look at Cockpit’s Docker management interface:

Overall, the combination of Docker and Cockpit was seen to save a significant amount of engineering time in managing an application server infrastructure.