Docker Compose and Docker network support in Puppet

The Puppet-supported Docker module already has a range of features for installing and managing the Docker engine, as well as working with Docker containers and images. But Docker has a number of other features, too. With the recent 2.1 release of the puppetlabs/docker_platform module, we now have support for managing Docker networks, and for integrating Puppet with Docker Compose.

Docker networks

Since Docker 1.9, Docker has had support for creating container networks. Docker networks allow users to define their own networks and connect containers to them. Using this feature, you can create a network on a single host, or a network that spans multiple hosts.

The Puppet module allows users to create those networks using the Puppet DSL. Specifically, the module includes a new type, docker_network. Here’s a quick example:

docker_network { 'my-net':
  ensure   => present,
  driver   => 'overlay',
  subnet   => '192.168.1.0/24',
  gateway  => '192.168.1.1',
  ip_range => '192.168.1.4/32',
}

Only the name is required, along with an ensure value. If you don't pass a driver, Docker network will use the default bridge. Note that some networks require the Docker daemon to be configured to use them. For instance, for the overlay network, you'll need a cluster store configured. You can do that on the docker class like so:

extra_parameters => '--cluster-store=<backend>://172.17.8.101:<port> --cluster-advertise=<interface>:2376'

If you’d rather use Hiera to describe your networks, the module includes a docker::networks class you can configure, which can be used like so with the standard YAML backend:

---
  classes:
    - docker::networks

  docker::networks::networks:
    local-docker:
      ensure: 'present'
      subnet: '192.168.1.0/24'
      gateway: '192.168.1.1'

One reason for doing this is that the data for the network is coming from a separate system, or you might simply prefer a clear separation between code and data.

Docker Compose

A separate tool from the main Docker engine, Docker Compose allows for describing a set of containers in a simple YAML format, and then running a command to build and run those containers. The docker_compose type included in the module allows for using Puppet to run Compose. This means you can have Puppet remediate any issues (for example if someone manually stopped a container), and make sure reality matches the model in your Compose file. Here's a quick example. Take a look at this Compose file:

compose_test:
  image: ubuntu:14.04
  command: /bin/sh -c "while true; do echo hello world; sleep 1; done"

This could be added to the machine on which you're running Puppet, by using a file resource or by any other means. Then define a docker_compose resource pointing at the Compose file, like so:

docker_compose { '/tmp/docker-compose.yml':
  ensure  => present,
}

Now when Puppet runs, it will automatically run Compose if required — for example, because the relevant Compose services aren't already running. You can also pass additional options (for example, to enable experimental features) as well as provide scaling rules.

Compose files don’t contain the number of each container you want to run. This is typically only provided when you run the compose CLI. This breaks in the case where you want to describe all of your infrastructure configuration in code. The following example uses Compose to request that two of the compose_test containers be running (this is the name given in the above Compose file). Puppet will now run Compose if the number of containers for a given service don't match the provided scale values.

docker_compose { '/tmp/docker-compose.yml':
  ensure  => present,
  scale   => {
    'compose_test' => 2,
  },
  options => '--x-networking'
}

It’s worth noting that the module also contains a class for installing Compose in the first place, if you need to do so:

Class { 'docker::compose':
  ensure  => present,
  version => '1.7.0',
}

Conclusion

Thanks to the active community of contributors to the Puppet Docker module, new features in Docker tend to be quickly supported in the module. If any features in particular are missing, please do let us know in the comments or on our issue tracker.

Gareth Rushgrove is a senior software engineer at Puppet.

Learn more

Puppet sites use proprietary and third-party cookies. By using our sites, you agree to our cookie policy.