knife container workflow clarification

Question

I've recently started trying to learn how to use Chef to manage Docker containers. Currently, I'm trying to figure out how to bootstrap a Docker container using the knife-container gem, but I'm a little confused about the workflow for this scenario. Here is a high-level description of the steps that I've taken so far to do this:

• First off, in order to learn how these technologies work together I have configured three Ubuntu 14.04 Virtualbox VMs, one for the Chef Server, one for a node to host my containers, and one workstation for development. The network configuration for these machines allows for connecting to the internet and to each other using a NAT Network interface and a Host-Only interface.
• I have successfully bootstrapped the Chef node by itself using knife commands from my workstation VM, and can verify this using the Chef Management Console in a browser.

My confusion is about what to do next in order to bootstrap a container that I want to have running on the above mentioned Chef node. Currently, I'm attempting to do a docker installation and container setup from within a couple of recipes that run during the node bootstrap process that I start from my workstation. Here are the relevant commands from one of the recipes that runs on the node during the bootstrap:

dockerfile = data_bag_item('dockerfiles', 'ubuntu-dockerfile')["script"].join()

...

execute "knife container docker init test_app -f chef/ubuntu-14.04"

file "/var/chef/dockerfiles/test_app/Dockerfile" do
    content dockerfile
    action :create
end

...

execute "knife container build test_app -d /var/chef/dockerfiles"

execute "docker run -d -p 80:8000 -v /etc/chef /etc/chef/secure test_app python test_app/manage.py runserver 0.0.0.0:8000"

And here is what the Dockerfile looks like after the data bag string array has been joined:

FROM chef/ubuntu-14.04
RUN chef-init --bootstrap
RUN rm -rf /etc/chef/secure/*
RUN apt-get -qq update
RUN apt-get -qq install build-essential python-django
RUN apt-get clean
ENV DJANGO_PATH /usr/lib/python2.7/dist-packages/django/bin
RUN chmod u+x $DJANGO_PATH/django-admin.py
RUN $DJANGO_PATH/django-admin.py startproject test
RUN chmod u+x test/manage.py
EXPOSE 8000
ENTRYPOINT ["chef-init", "--onboot"]

The first problem is that even though the changes that I made to the Dockerfile in the recipe are successfully being written to the file at /var/chef/dockerfiles/test_app/Dockerfile, those changes are not being applied to the image when the new Docker image is built, which is evident from the error message that I receive stating that python isn't on the PATH. I have seen from the documentation for knife container that it's possible to supply a cookbook path and recipe run list for running on the containers themselves. I'm thinking that a recipe that performs the same tasks as my Dockerfile could be a better solution, but I'm unsure what the cookbook path should be since my cookbooks are synced with the Chef Server and not the container host.

Any insight or advice about what I'm missing here would be much appreciated.

Answer 1

As far as I know, the typical workflow used with Chef container is generating a Dockerfile from your workstation, configuring the chef-server, the run-list... This will generate the files needed to build a Dockerimage (Dockerfile from a base image with Chef-client and the files needed to sync with your server), and then you can build that container. This is not pretended to install Docker to a node and run inside it a container, but Chef container is pretended to build docker images using the resources (chef cookbooks, and chef server). I recommend you to watch the talk Managing your container workflow with Chef from Chef container author Tom Duffield, to clarify what is the workflow with it. I think this is not pretended to manage the execution of the containers in chef nodes. For that you can check some Docker orchestration tools.