You may enter a project using Docker. (Just hit docker-compose up -d at the front)
However, when working at intervals, if you start up with a branch, an error screen will appear, or if the developer contacts you to rebuild because the Docker settings have changed, check it for the time being. I deleted the container → deleted the image → pulled it from gitHub and rebuilt it ... but what happened? I wanted to get rid of.
Actually, I thought about trying Docker a while ago, I saw an article somewhere and started the container from the docker file, but even if I shut down the PC recently, I noticed that it started in the background and I was scared. It was.
Perhaps I was using docker-compose stop as the command to stop the container, and it would have been okay if it was docker-compose down. Maybe. I wanted to know including that.
Even if you create a service, it will be difficult to operate if the infrastructure is not solid. The reason why it is operating properly is because it has a proper operation design.
There are two main requirements for the system.
A summary of system functions and what can be done with software
Requirements other than functional requirements, system performance and reliability, security, etc.
The system infrastructure is the infrastructure such as hardware and OS / middleware required to run applications.
Windows Server / Unix / Linux etc. Specialized for high-speed, stable and long-term operation of the system.
Server Software that has a function for a server to play a specific role on the OS. Web server / Web application server, database server, system management tool, etc.
Data centers (physical) and networks connect servers.
Roughly divided into three
--Services with variable traffic --Video distribution, reservation system, etc. Even if the number of accesses increases unexpectedly, the system can be prepared immediately (in that case, a temporary additional charge). --Systems that you want to get in service quickly —— Less initial investment than on-premises.
On-premises may be more suitable, so consider carefully --Highly soluble, confidential, non-general purpose special platform --Systems for employees, etc. Traffic is easy to predict, so you can plan and enhance it. A service that should never be stopped. (Maintenance does not depend on the cloud vendor)
Two. In the world of networks, network addresses are used to identify servers and clients.
192.168.1.1
With IPv4, only 2 to the 32nd power can be connected to one network, so it will be exhausted. In the company network, a (NAT) device that translates between private addresses and global addresses is installed. The newer IPv6 can use 128 bits, so there is plenty of room.It is the basis of network technology. The OSI basic reference model is a conceptual model that divides the communication functions established by ISO into a hierarchical structure. There are 7 levels. Interoperability is ensured by layering.
Communication protocol is a convention for communication. It's like a language for communicating with each other.--Application layer 7 --SSH, HTTP, DNS, etc. are typical protocols --Transport layer 4 --For TCP and UDP. TCP is sure, UDP is sent. --Network layer 3 --In the case of IP, manage "where to where" using IP
LAN cable-> MAC address-> Router-> IP-> TCP-> Determine the timing of data transmission-> Determine the compression and character code expression format-> Specify the application protocol (HTTP, FTP)
Keep your internal safe with a firewall to keep your system running safely. For controlling internal and external communication.
--Packet filter type --Filter the passing packets based on the port number and IP address. Only number 80 may pass. Control by deciding rules such as not being able to communicate other than that. --Proxy server --Substitute and control communication with the outside at the application protocol level. It's like an alternative to HTTP.
The core part of the OS, written in C and assembly. --Device management --Control using software with a device driver. --Process management --The program expanded in memory when executing an instruction is called a ** process **. Manage the process with an identifier (PID). It plays the role of efficiently allocating CPU. --Memory management --When a process is started, the program is expanded in memory, but the data used in that program is also expanded in memory. It has the role of efficiently allocating it to physical memory. When the execution is finished, the memory area is released. However, since the memory capacity is limited, it is saved in a data virtual memory area that is not frequently used. It's called ** swap **.
For operating the Linux kernel. Command with a command. A text file that summarizes the instructions you want to execute in the shell is called a shell script. Control syntax can be used. (if, for ..) Shell is bash, zsh, etc.
VFS: Transparent access to data is possible with a mechanism called a virtual file system. No matter where it is stored, everything can be retrieved as a file in a directory. (You don't have to be aware of the inside of the hard disk or USB)
Various commands and configuration files are placed in the directory. This directory list is standardized by a standard called FHS. There are differences depending on the Linux distribution (OS that is different outside the Linux kernel such as CentOS, Fedora, Ubuntu), but it is almost the same.
Privileges can be set by root user and general user. root is a privileged user and has all execute privileges. You can set general user accounts as a group and set permissions in detail. You can decide the access authority. It's probably the same as when uploading via FTP, sometimes it is restricted by permissions and not displayed.
There are many other security measures
Knowledge of middleware is required in addition to basic knowledge of hardware / network / OS to start the application.
It has a function to receive http request, return Web contents (html, css, etc.) as a response, and call other server-side programs. Apache, Nginx, etc.
Middleware for data management. DBMS. MySQL, PostgreSQL (Postogureskyueru), Oracle Database
A relational database is a database that manages data in the form of a two-dimensional table. You can combine multiple tables and use them. (relation)
NoSQL A format different from RDBMS. Since it is good at accumulating large amounts of data and parallel processing, it is necessary to process access from a large number of users. Widely used in XML database online systems. MongoDB,Redis
For stable operation of the system. Zabbix, Datadog, Mackerel (Hatena)
With the advent of cloud systems and various technological branches, it has become possible to build servers and networks that were difficult on-premises, and to immediately destroy them. It is no longer necessary to manage the change history. It has changed to manage the state of the infrastructure that is currently operating.
I used a parameter sheet (like a detailed design document or program design document in infrastructure), but when management was insufficient, sometimes when I tried to change the configuration, it did not work well. It causes the worst security incident.
By building it with code and managing it with git, even if there is a change in production, the log will remain in git and the change history can also be managed. You can also leave a message. It can eliminate personalization, it is easy to share, and it will be in the same state no matter who executes it.
With Docker, infrastructure configuration information can be described in a file called ** Dockerfile **.
Vagrant to create a virtual environment
A tool for automating middleware installation and version control of database servers / web servers / monitoring agents, OS and middleware configuration files, firewall settings, etc. Chef, Ansible
There are multiple servers that make up a large-scale system. A tool for managing this distributed server. The container orchestration tool ** Kubernetes ** is a tool that comprehensively manages multiple containers in a container virtual environment.
You can use Docker to make the environment the same. In addition to the advantage of being standardized, there is also the advantage of preventing personalization.
I'm really bad at infrastructure knowledge, and I find it difficult to grasp the image of the OSI reference model written at the beginning of any book or article. Every time I read it, I started by asking what it was like ... so I think it's about time to get it.
I'm a front desk person, so I'd like to see Docker from the front side someday.