How to automate application deployment when using LXD containers?

Question

How should applications be scripted/automatically deployed when in LXD containers?

For example is best way to deploy applications in LXD containers to use a bash script (which deploys an application)? How to execute this bash script inside the container by executing a command on the host?

Are there any tools/methods of doing this in a similar way to Docker recipes?

Answer 1

In my case, I use Ansible to:

1. build the LXD containers (web, database, redis for example).
2. connect to the containers and deploy the services and code needed.

you can build your own images for example with the services and/or code already deployed and build specific containers from this images.

I was doing this from before LXD had Ansible support (Ansible 2.2) i prefer to use ssh instead of lxd connection, when i connect to the containers to deploy services/code. they comes with a profile where i had setup my ssh public key (to have direct ssh connection by keys ... no passwords)

Answer 2

Take a look at my open source project on bitbucket devops_lxd_containers It includes:

• Scripts to build lxd image templates including Apache, tomcat, haproxy.
• Scripts to demonstrate custom application image builds such as Apache hosting and key/value content and haproxy configured as a router.
• Code to launch the containers and map ports so they are accessible to the larger network
• Code to configure haproxy as layer 7 proxy to route http requests between boxes and containers based on uri prefix routing. Based on where it previously deployed and mapped ports.
• At the higher level it accepts a data drive spec and will deploy an entire environment compose of many containers spread across many hosts and hook them all up to act as a cohesive whole via a layer 7 proxy.
• Extensive documentation showing how I accomplished each major step using code snippets before automating.
• Code to support zero-outage upgrades using the layer7 ability to gracefully bleed off old connections while accepting new connections at the new layer.

The entire system is built on the premise that image building is best done in layers. We build a updated Ubuntu image. From it we build a hardened Ubuntu image. From it we build a basic Apache image. From it we build an application specific image like our apacheKV sample. The goal is to never rebuild any more than once and to re-use the common functionality such as the basicJDK as the source for all JDK dependent images so we can avoid having duplicate code in any location. I have strived to keep Image or template creation completely separate from deployment and port mapping. The exception is that I could not complete creation of the layer 7 routing image until we knew everything about how other images would be mapped.

Answer 3

I've been using Hashicorp Packer with the ansible provisioner using ansible_connection = lxd

• Some notes here for constructing a template

• When iterating through local files on your host system you may need to be using ansible_connection = local (e.g for stat & friends)

• Using local_action in ansible with the lxd connection is still action inside the container when using stat (but not with include_vars & lookup function for files)

• Using lots of debug messages in Ansible is helpful to know which local environment ansible is actually operating in.