Kernel load-balancing for Docker containers using IPVS

•

25 j'aime•14,570 vues

IPVS is a Linux kernel module that provides high performance virtual server capabilities including load balancing, failover and dynamic configuration. GORB is an open source REST API and daemon that controls IPVS to provide load balancing for Docker containers. It supports TCP and HTTP health checks and integrates with Docker links. Using IPVS, GORB and Docker, high performance load balancing can be achieved without the need for expensive proprietary hardware load balancers.

Technologie

IPVS for Docker Containers
Andrey Sibiryov
Bulldozer Operator at Uber

This guy on the stage
2
…who the hell are you and why should we believe
a Russian?

What is IPVS
…and why didn’t we hear about it before?

IP Virtual Server
6
…and why didn’t we hear about it before?

IP Virtual Server
7
Works inside the Linux Kernel, based on
Netfilter.
Supports TCP, SCTP & UDP, v4 and v6.
8+ methods: WRR, WLC, LBLCR, SH
and much more – plugins.
NAT, Tunneling, Direct Routing.
Address bundling via FWMark services.
Most importantly, it is bloody fucking fast!

IP Virtual Server
8
…and a little bit more about these weird acronyms.
IPIP
Encapsulates IP
Routable anywhere
NAT
Rewrites DST IP
Same L4
DSR
Rewrites DST MAC
Same L2

IP Virtual Server
9
…and a few more words about DR since it’s awesome!
TPS
50
66
82
98
114
130
Single IPVS DR HAProxy MySQL Proxy

I don’t need this
10
…and why would we load balance and route
anything at all?

I don’t need this
11
…also, our nginx, haproxy, hipache, vulcand
setup works fine – get off the stage, please!

I don’t need this
12
…and we run our stuff in the cloud, it takes care of
everything – our work is perpetual siesta!

IP Virtual Server
13
IPVS NGINX HAPROXY AWS ELB
OSI layer L4 L7 L7 L4
TCP ✅ ℹ ✅ ✅
UDP ✅ 🚫 🚫 🚫
Dynamic
configuration ✅ 🚫 ℹ ✅
Forwarding
methods 4 NAT NAT NAT
Balancing
methods 8+ 3 6 RR
Health checks ✅ 🚫 ✅ ✅

What is IPVS
…and how do we use it since it sounds so amazing!

GORB
15
Go Routing and Balancing
github.com/kobolog/gorb

What is GORB
16
…and why is it cool for Docker Containers?

17
REST API daemon to control IPVS.
Simple GET, PUT, DELETE interface.
Docker Link to control GORB.
TCP, HTTP health checks built-in.
Written in Go, LGPL licensed, on GitHub.
Docker + GORB + MacVLAN network
plugin + IPVS DR forwarding mode = ❤
What is GORB
…and why is it cool for Docker Containers?

What is GORB
…and how do we use it? Live demo or GTFO!

What is GORB
19
The guy on the stage is doing roughly this right now.
kobolog@gorb:~$ go install github.com/kobolog/gorb
kobolog@gorb:~$ sudo modprobe ip_vs
kobolog@gorb:~$ sudo gorb &
kobolog@docker:~$ go install github.com/kobolog/gorb/gorb-docker-link
kobolog@docker:~$ export DOCKER_HOST=<...>
kobolog@docker:~$ gorb-docker-link -r gorb:4672 &
kobolog@docker:~$ docker run -d -p 80 nginx
kobolog@gorb:~$ curl -i -XGET http://localhost:80

A few more words about BGP
20
…black belt in networking is not complete without
a few words about BGP.

How stable is GORB
21
…and is it production-ready? Can we blame you if
it doesn’t work?

«I'll let you in on a secret: my
pet hamster did all the coding.
I was just a channel, a «front»
if you will, in my pet's grand
plan. So, don't blame me if
there are bugs. Blame the
cute, furry one» —Rusty Russel
22

€25,000
23
…is the price for an enterprise hardware load-
balancer.

€0
24
…is a price for IPVS and BGP (and GORB).
Works on commodity hardware.
No special software or tools, no SNMP.
1000-word man page vs. 1000-page
vendor manual.
1 GBPS line rate = 1% CPU in DR mode.
IPVS is around for more than 15 years.

Thank you!
Andrey Sibiryov
@kobolog
me@kobology.ru

Contenu connexe

Tendances

Using Rook to Manage Kubernetes Storage with Ceph

CloudOps2005

Disaggregating Ceph using NVMeoF

ShapeBlue

On-demand recording: nginx.com/resources/webinars/nginx-basics-best-practices You’ve heard of NGINX and the benefits it can provide to your web application, but maybe you’re not sure how to get started. There are a lot of tutorials online, but they can be outdated and contradict each other, making things more challenging. In this webinar we’ll cover the basics of NGINX to help you effectively begin using it as part of your existing or new web app. This webinar covers how to: * Install NGINX and verify it's properly running * Create NGINX configurations for reverse proxy, load balancer, etc. * Improve performance using keepalives and other NGINX directives * Debug and troubleshoot using NGINX logs

NGINX: Basics and Best Practices

NGINX, Inc.

Deep dive into highly available open stack architecture openstack summit va...

Arthur Berezin

Network virtualization

Damian Parniewicz

OVN - Basics and deep dive

Trinath Somanchi

ELK Stack

Eberhard Wolff

We present a new open source project which provides IPv6 networking for Linux Containers by generating programs for each individual container on the fly and then runs them as JITed BPF code in the kernel. By generating and compiling the code, the program is reduced to the minimally required feature set and then heavily optimised by the compiler as parameters become plain variables. The upcoming addition of the Express Data Plane (XDP) to the kernel will make this approach even more efficient as the programs will get invoked directly from the network driver.

Cilium - Fast IPv6 Container Networking with BPF and XDP

Thomas Graf

Access Network Evolution

Cisco Canada

Overview of kubernetes network functions

HungWei Chiu

Routed Provider Networks on OpenStack

Romana Project

Dockerized containers are the current wave that promising to revolutionize IT. Everybody is talking about containers, but a lot of people remain confused on how they work and why they are different or better than virtual machines. In this session, Black Duck container and virtualization expert Tim Mackey will demystify containers, explain their core concepts, and compare and contrast them with the virtual machine architectures that have been the staple of IT for the last decade.

Containers 101

Black Duck by Synopsys

Docker is the world's leading software containerization platform. This is a comprehensive introduction to Docker, suitable for delivering in introductory meetups to an audience who does not know about docker. In case you want to deliver this presentation somewhere, kindly drop me a mail at aditya.konarde@gmail.com You can contact me at: Connect with me onLinkedIN: https://www.linkedin.com/in/adityakonarde Add me on Facebook: https://www.facebook.com/Aditya.Konarde Tweet to me @aditya_konarde

Introduction to Docker

Aditya Konarde

Learn how to load balance your applications following best practices with NGINX and NGINX Plus. Join this webinar to learn: - How to configure basic HTTP load balancing features - The essential elements of load balancing: session persistence, health checks, and SSL termination - How to load balance MySQL, DNS, and other common TCP/UDP applications - How to have NGINX Plus automatically discover new service instances in an auto-scaling or microservices environment

NGINX: High Performance Load Balancing

NGINX, Inc.

Architecting a private cloud to meet the use cases of its users can be a daunting task. How do you determine which of the many L2/L3 Neutron plugins and drivers to implement? Does network performance outweigh reliability? Are overlay networks just as performant as VLAN networks? The answers to these questions will drive the appropriate technology choice. In this presentation, we will look at many of the common drivers built around the ML2 framework, including LinuxBridge, OVS, OVS+DPDK, SR-IOV, and more, and will provide performance data to help drive decisions around selecting a technology that's right for the situation. We will discuss our experience with some of these technologies, and the pros and cons of one technology over another in a production environment.

Pushing Packets - How do the ML2 Mechanism Drivers Stack Up

James Denton

IT organizations of the future (and present) are faced with managing infrastructure that spans multiple private data centers and multiple public clouds. Emerging tools and operational patterns like kubernetes and microservices are easing the process of deploying applications across multiple environments, but the achilles heel of such efforts remains that most applications require large quantities of state, either in databases, object stores, or file systems. Unlike stateless microservices, state is hard to move. Ceph is known for providing scale-out file, block, and object storage within a single data center, but it also includes a robust set of multi-cluster federation capabilities. This talk will cover how Ceph's underlying multi-site capabilities complement and enable true portability across cloud footprints--public and private--and how viewing Ceph from a multi-cloud perspective has fundamentally shifted our data services roadmap, especially for Ceph object storage.

Ceph data services in a multi- and hybrid cloud world

Sage Weil

[OpenStack Days Korea 2016] Track3 - 오픈스택 환경에서 공유 파일 시스템 구현하기: 마닐라(Manila) 프로젝트

OpenStack Korea Community

OpenSCAP Overview(security scanning for docker image and container)

Jooho Lee

Our Sr. Web Operations Engineer, Justin Lintz, goes over some parameters we tuned in TCP and NGINX to improve the performance and stability of our systems. These slides are a complement to a two part blog post found over on our engineering blog. http://engineering.chartbeat.com/2014/01/02/part-1-lessons-learned-tuning-tcp-and-nginx-in-ec2/ http://engineering.chartbeat.com/2014/02/12/part-2-lessons-learned-tuning-tcp-and-nginx-in-ec2/

Tuning TCP and NGINX on EC2

Chartbeat

Zabbix

pundir5

Tendances (20)

Using Rook to Manage Kubernetes Storage with Ceph

Disaggregating Ceph using NVMeoF

NGINX: Basics and Best Practices

Deep dive into highly available open stack architecture openstack summit va...

Network virtualization

OVN - Basics and deep dive

ELK Stack

Cilium - Fast IPv6 Container Networking with BPF and XDP

Access Network Evolution

Overview of kubernetes network functions

Routed Provider Networks on OpenStack

Containers 101

Introduction to Docker

NGINX: High Performance Load Balancing

Pushing Packets - How do the ML2 Mechanism Drivers Stack Up

Ceph data services in a multi- and hybrid cloud world

[OpenStack Days Korea 2016] Track3 - 오픈스택 환경에서 공유 파일 시스템 구현하기: 마닐라(Manila) 프로젝트

OpenSCAP Overview(security scanning for docker image and container)

Tuning TCP and NGINX on EC2

Zabbix

Similaire à Kernel load-balancing for Docker containers using IPVS

This presentation will introduce you to Docker - the new shiny star on the Devops horizon. It will teach you everything you need to know to get started with Docker, why you'd want to use it and which tools to use to get the most out of it. Additionally to showing the basics, it will introduce helpful libraries available for the JVM and how they can be used together with Docker to create secure, scalable and maintainable cloud setups for your applications.

JDD2014: Docker.io - versioned linux containers for JVM devops - Dominik Dorn

PROIDEA

With buzz on eBPF, XDP, bpfilter etc,, it's important to get the basics right. We will show the route of a networ packet from kernel driver to TCP/IP stack to userspace socket and explain how and where it's processed en route. Modern environment uses a lot of the Linux networking stack capability. Every docker container requires a dedicated bridge, usually a few iptables entries to expose port, and a dnsmasq daemon, and masquarading to allow internet access. It is hence important to understand Linux network fundumentals. From the driver interrupt/NAPI, to the network stack, the various filters it passes through and the various hooks you have at your disposal to alter and view the network packets flow. We will first review the theory, and then present useful tools to apply the theory and debug problems in common situations. We will survey common containers situations and see how packets move from the hardware to the container's veth.

How Linux Processes Your Network Packet - Elazar Leibovich

DevOpsDays Tel Aviv

Docker 101 - An introduction to docker

Richard Banks

Raspberry Pi + ROS

ArnoldBail

Apt get no more let Vagrant, Puppet and Docker take the stage

Alessandro Cinelli (cirpo)

Clustering Docker with Docker Swarm on openSUSE

Saputro Aryulianto

GDGSCL - Docker a jeho provoz v Heroku a AWS

Ladislav Prskavec

Making kubernetes simple for developers

Suraj Deshmukh

Coodiners Meetup Rosenheim, März 2023, Mario-Leander Reimer (@LeanderReimer, Principal Software Architect bei QAware). == Dokument bitte herunterladen, falls unscharf! Please download slides if blurred! == This talk focused on modern and efficient Inter Process Communication (IPC) for microservices. We start with a REST API, built using JAX-RS and Quarkus to briefly discuss the pros and cons of this approach. We extended the API with an efficient Protobuf payload representation in order to finally transform the API into a fully fledged high-performance gRPC interface definition. But that’s not all! To put some extra icing on the cake, this talk demonstrated how to consume the gRPC service from a JavaScript web client and also how to completely generate a matching REST API from an enhanced gRPC interface definition to ensure full interoperability in a microservice architecture.

REST in Peace. Long live gRPC! @ Codineers

QAware GmbH

IXP Route Servers with RPKI and IXP Manager

APNIC

Networking in Kubernetes

Minhan Xia

The Docker network overlay driver relies on several technologies: network namespaces, VXLAN, Netlink and a distributed key-value store. This talk will present each of these mechanisms one by one along with their userland tools and show hands-on how they interact together when setting up an overlay to connect containers. The talk will continue with a demo showing how to build your own simple overlay using these technologies. Finally, it will show how we can dynamically distribute IP and MAC information to every hosts in the overlay.

Deeper Dive in Docker Overlay Networks

Docker, Inc.

Docker1.12イングレスロードバランサ

Yuji Oshima

Docker module 1

Liang Bo

Introduction to Docker

Nissan Dookeran

Container Days Hamburg, September 2022, Dirk Kröhan, (Software Architect), Andreas Zitzelsberger (@andreasz82, Lead Software Architect) at QAware. == Dokument bitte herunterladen, falls unscharf! Please download slides if blurred! == This workshop focuses on modern and efficient Inter Process Communication (IPC) for microservices. We start with a REST API, built using JAX-RS and Quarkus to briefly discuss the pros and cons of this approach. Then, we will extend the API with an efficient Protobuf payload representation in order to finally transform the API into a fully fledged high-performance gRPC interface definition. But that’s not all! To put some extra icing on the cake, this workshop will demonstrate how to consume the gRPC service from a JavaScript web client and also how to completely generate a matching REST API from an enhanced gRPC interface definition to ensure full interoperability in a microservice architecture.

Cloud native IPC for Microservices Workshop @ Containerdays 2022

QAware GmbH

Deeper dive in Docker Overlay Networks

Laurent Bernaille

Kubernetes Networking

CJ Cullen

Java 開発者のための次世代 DevOps: BinOps

Tsuyoshi Miyake

Docker Setting for Static IP allocation

Ji-Woong Choi

Similaire à Kernel load-balancing for Docker containers using IPVS (20)

JDD2014: Docker.io - versioned linux containers for JVM devops - Dominik Dorn

How Linux Processes Your Network Packet - Elazar Leibovich

Docker 101 - An introduction to docker

Raspberry Pi + ROS

Apt get no more let Vagrant, Puppet and Docker take the stage

Clustering Docker with Docker Swarm on openSUSE

GDGSCL - Docker a jeho provoz v Heroku a AWS

Making kubernetes simple for developers

REST in Peace. Long live gRPC! @ Codineers

IXP Route Servers with RPKI and IXP Manager

Networking in Kubernetes

Deeper Dive in Docker Overlay Networks

Docker1.12イングレスロードバランサ

Docker module 1

Introduction to Docker

Cloud native IPC for Microservices Workshop @ Containerdays 2022

Deeper dive in Docker Overlay Networks

Kubernetes Networking

Java 開発者のための次世代 DevOps: BinOps

Docker Setting for Static IP allocation

Plus de Docker, Inc.

Raymond Arifianto, AccelByte and Mark Mandel, Google - We have been deploying containerized micro-services for our Game Backend Services for a while. Now we are tackling the challenge to scale up fleets of game dedicated servers in multiple regions, multiple data centers and multiple providers - some in bare metal, some in Cloud. So we leverage docker containerization to deploy Game Servers to achieve Portability, Fast Deployment and Predictability, enabling us to scale up to thousands of servers, on demand, without a sweat.

Containerize Your Game Server for the Best Multiplayer Experience

Docker, Inc.

Nicholas Dille, Haufe-Lexware + Docker Captain - Docker continues to be the standard tool for building container images. For more than a year Docker ships with BuildKit as an alternative image builder, providing advanced features for secret and cache management. These features help to make image builds faster and more secure. In this session, Docker Captain Nicholas Dille will teach you how to use Buildkit features to your advantage.

How to Improve Your Image Builds Using Advance Docker Build

Docker, Inc.

Lukonde Mwila, Entelect - As the cloud-native approach to development and deployment becomes more prevalent, it's an exciting time for software engineers to be equipped on how to dockerize multi-container applications and deploy them to the cloud. In this talk, Lukonde Mwila, Software Engineer at Entelect, will cover the following topics: - Docker Compose - Containerizing an Nginx Server - Containerizing an React App - Containerizing an Node.JS App - Containerizing anMongoDB App - Runing Multi-Container App Locally - Creating a CI/CD Pipeline - Adding a build stage to test containers and push images to Docker Hub - Deploying Multi-Container App to AWS Elastic Beanstalk Lukonde will start by giving an overview of how Docker Compose works and how it makes it very easy and straightforward to startup multiple Docker containers at the same time and automatically connect them together with some form of networking. After that, Lukonde will take a hands on approach to containerize an Nginx server, a React app, a NodeJS app and a MongoDB instance to demonstrate the power of Docker Compose. He'll demonstrate usage of two Docker files for an application, one production grade and the other for local development and running of tests. Lastly, he'll demonstrate creating a CI/CD pipeline in AWS to build and test our Docker images before pushing them to Docker Hub or AWS ECR, and finally deploying our multi-container application AWS Elastic Beanstalk.

Build & Deploy Multi-Container Applications to AWS

Docker, Inc.

Kevin Jones, NGNIX - NGINX is one of the most popular images on Docker Hub and has been at the forefront of the web since the early 2000's. In this talk we will discuss how and why NGINX's lightweight and powerful architecture makes it a very popular choice for securing containerized applications as a sidecar reverse proxy within containers. We will highlight important aspects of application security that NGINX can help with, such as TLS, HTTP, AuthN, AuthZ and traffic control.

Securing Your Containerized Applications with NGINX

Docker, Inc.

Kathleen Juell, Digital Ocean - Containers are an essential part of today's microservice ecosystem, as they allow developers and operators to maintain standards of reliability and reproducibility in fast-paced deployment scenarios. And while there are best practices that extend across stacks in containerized environments, there are also things that make each stack distinct, starting with the application image itself. This talk will dive into some of these particularities, both at the image and service level, while also covering general best practices for building and running Node applications with database backends using Docker and Compose.

How To Build and Run Node Apps with Docker and Compose

Docker, Inc.

Hands-on Helm

Docker, Inc.

Jeff Hajewski, Salesforce - There is a wealth of information on building deep learning models with PyTorch or TensorFlow. Anyone interested in building a deep learning model is only a quick search away from a number of clear and well written tutorials that will take them from zero knowledge to having a working image classifier. But what happens when you need to deploy these models in a production setting? At Salesforce, we use TensorFlow models to help us provide customers with insights into their data, and we do this as close to real-time as possible. Designing these systems in a scalable manner requires overcoming a number of design challenges, but the core component is Docker. Docker enables us to design highly scalable systems by allowing us to focus on service interactions, rather than how our services will interact with the hardware. Docker is also at the core of our test infrastructure, allowing developers and data scientists to build and test the system in an end to end manner on their local machines. While some of this may sound complex, the core message is simplicity - Docker allows us to focus on the aspects of the system that matter, greatly simplifying our lives.

Distributed Deep Learning with Docker at Salesforce

Docker, Inc.

James Fuller, webcomposite s.r.o. - Curl is the venerable (yet very modern) 'swiss army knife' command line tool and library for transferring data with URLs. Recently we (the Curl team) decided to build a release for Docker Hub. This talk will outline our current development workflow with respect to the docker image and provide insights on what it takes to build a docker image for mass public consumption. We are also keen to learn from users and other developers how we might improve and enhance the official curl docker image.

The First 10M Pulls: Building The Official Curl Image for Docker Hub

Docker, Inc.

Fabian Stäber, Instana - In recent years, we saw a great paradigm shift in software engineering away from static monolithic applications towards dynamic distributed horizontally scalable architectures. Docker is one of the key technologies enabling this development. This shift poses a lot of new challenges for application monitoring, ranging from practical issues (need for automation) to technical challenges (Docker networking) to organizational topics (blurring line between software engineers and operations) to fundamental questions (define what is an application). In this talk we show how Docker changed the way we do monitoring, how modern application monitoring systems work, and what future developments we expect.

Monitoring in a Microservices World

Docker, Inc.

Clemente Biondo, Engineering Ingegneria Informatica - When the COVID 19 pandemic started, Engineering Ingegneria Informatica Group (1.25 billion euros of revenues, 65 offices around the world, 12.000 employees) was forced to put their digital transformation to the test in order to maintain operational continuity. In this session, Clemente Biondo, the Tech Lead of the Information Systems Department, will share how his company is reacting to this unforeseeable scenario and how Docker-driven digital transformation had paved the path for work to continue remotely. Clemente will discuss learnings moving from colocated teams, manual approaches, email based-business processes, and a monolithic application to a mature DevOps culture characterized by a distributed autonomous workforce and a continuous deployment process that deploys backward-compatible Docker containerized microservices into hybrid multi cloud datacenters an average of twice a day with zero-downtime. He will detail how they use Docker to unify dev, test and production environments, and as an efficient and automated mechanism for deploying applications. Lastly, Clemente shares how, in our darkest hour, he and others are working to shine their brightest light.

COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...

Docker, Inc.

Chris Lauer, NOAA Space Weather Prediction Center - This is the story of how adopting a containerized workflow changed the way our small software team works at NOAA’s Space Weather Prediction Center. Our old architecture, a big ball of mud shared-database integration, just wasn’t cutting it - it was killing our agility. Over the past two years, our small team has adopted a microservice style architecture, using Docker with docker-compose and environment files as our deployment strategy for all new development. We’ve discovered the joys of using containers for identical dev, staging, and production environments. We work closely with scientists: much of the code we’re running has complicated and conflicting library dependencies. Docker captures these beautifully - we’ve even had some success teaching our scientists to use it! I’ll share what we’ve learned, some of the persistent challenges we face, and one place we really got it wrong. This talk builds off of a popular hallway track from DockerCon 2019.

Predicting Space Weather with Docker

Docker, Inc.

Brian Christner, 56k + Docker Captain - In this session, we will unlock the full potential of using Microsoft Visual Studio Code (VS Code) and Docker Desktop to turn you into a Docker Power User. When we expand and utilize the VS Code Docker plugin, we can take our projects and Docker skills to the next level. In addition to using VS Code, we streamline our Docker Desktop development workflow with less context switching and built-in shortcuts. You will learn how to bootstrap new projects, quickly write Dockerfiles utilizing templates, build, run, and interact with containers all from VS Code.

Become a Docker Power User With Microsoft Visual Studio Code

Docker, Inc.

How to Use Mirroring and Caching to Optimize your Container Registry

Docker, Inc.

Ashish Sharma, SS&C Eze - SS&C Eze provides various products in the stock market domain. We spent the last couple of years building Eclipse which is an investment suite born in cloud. The journey so far has been very interesting. The very first version of the product were a bunch of monolithic windows services and deployed using Octopus tool. We successfully managed to bring all the monolithic problem to the cloud and created a nightmare for ourselves. We then started applying microservices architecture principles and started breaking the monolithic into small services. Very soon we realized that we need a better packaging/deployment tool. Docker looked like a magical solution to our problem. Since its adoption, It has not only solved the deployment problem for us but has made a deep impact on different aspects of SDLC. It allowed us to use heterogeneous technology stacks, simplified development environment setup, simplified our testing strategy, improved our speed of delivery, and made our developers more productive. In this talk I would like to share our experience of using Docker and its positive impact on our SDLC.

Monolithic to Microservices + Docker = SDLC on Steroids!

Docker, Inc.

Ara Pulido, Datadog - Container technologies, although not new, have increased their popularity in the past few years, with container orchestrators allowing companies around the world to adopt these technologies to help them ship and scale microservices with precision and velocity. Kubernetes is currently the most popular container orchestration platform, and while many organizations are migrating their workloads to it, Kubernetes is still relatively immature. New corner cases, errors, and quirks are regularly discovered as users push the boundaries of size and scale. When Datadog adopted Kubernetes we discovered some of these boundaries the hard way, and we continuously challenge and modify our infrastructure decisions in order to fit our use case. Join me in this talk for our story on what we learned while we scaled our Kubernetes clusters, the contributions to Kubernetes we made along the way, and how you can apply those learnings when growing your Kubernetes clusters from a handful to hundreds or thousands of nodes.

Kubernetes at Datadog Scale

Docker, Inc.

Andy Clemenko, StackRox - One underutilized, and amazing, thing about the docker image scheme is labels. Labels are a built in way to document all aspects about the image itself. Think about all the information that the tags inside your clothing carry. If you care to look you can find out everything about the garment. All that information can be very valuable. Now think about how we can leverage labels to carry similar information. We can even use the labels to contain Docker Compose or even Kubernetes Yaml. We can even include labels into the CI/CD process making things more secure and smoother. Come find out some fun techniques on how to leverage labels to do some fun and amazing things.

Labels, Labels, Labels

Docker, Inc.

Patrick Deloulay, Micro Focus - Micro Focus started their digital transformation 3 years ago, moving the entire portfolio into hundreds of container images. Leveraging Docker Hub as our primary registry service, we will cover how we ended up building a simple but secure push/pull model to publish and deliver our premium assets to our customers and partners to both meet the high agility of our DevOps teams while greatly simplifying the deployment of our applications.

Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model

Docker, Inc.

Lukonde Mwila, Entelect As the cloud-native approach to development and deployment becomes more prevalent, it's an exciting time for software engineers to be equipped on how to dockerize multi-container applications and deploy them to the cloud. In this talk, Lukonde Mwila, Software Engineer at Entelect, will cover the following topics: - Docker Compose - Containerizing an Nginx Server - Containerizing an React App - Containerizing an Node.JS App - Containerizing anMongoDB App - Runing Multi-Container App Locally - Creating a CI/CD Pipeline - Adding a build stage to test containers and push images to Docker Hub - Deploying Multi-Container App to AWS Elastic Beanstalk Lukonde will start by giving an overview of how Docker Compose works and how it makes it very easy and straightforward to startup multiple Docker containers at the same time and automatically connect them together with some form of networking. After that, Lukonde will take a hands on approach to containerize an Nginx server, a React app, a NodeJS app and a MongoDB instance to demonstrate the power of Docker Compose. He'll demonstrate usage of two Docker files for an application, one production grade and the other for local development and running of tests. Lastly, he'll demonstrate creating a CI/CD pipeline in AWS to build and test our Docker images before pushing them to Docker Hub or AWS ECR, and finally deploying our multi-container application AWS Elastic Beanstalk.

Build & Deploy Multi-Container Applications to AWS

Docker, Inc.

Elton Stoneman, Docker Captain + Container Consultant and Trainer How do you provide a SaaS offering when your product is a 10-year old Fortran app, currently built to run on Windows 10? With Docker and Kubernetes of course - and you can do it in a week (... to prototype level at least). In this session I'll walk through the processes and practicalities of taking an older Windows app, making it run in containers with Kubernetes, and then building a simple API wrapper to host the whole stack as a cloud-based SaaS product. There's a lot of technology here from a real world case study, and I'll focus on: - running Windows apps in Docker containers - building a .NET Core API which can run in Linux or Windows containers - running the stack in Kubernetes with Docker Desktop locally and AKS in the cloud - configuring AKS workloads in Azure to burst out to Azure Container Instances And there's a core theme to this session: Docker and Kubernetes are complex technologies, but they're the key to modern development. If you invest time learning them, they make projects like this simple, portable, fast and fun.

From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...

Docker, Inc.

This virtual meetup introduces the concepts and best practices of using Docker containers for software development for the Arm architecture across a variety of hardware systems. Using Docker Desktop on Windows or Mac, Amazon Web Services (AWS) A1 instances, and embedded Linux, we will demonstrate the latest Docker features to build, share, and run multi-architecture images with transparent support for Arm.

Developing with Docker for the Arm Architecture

Docker, Inc.

Plus de Docker, Inc. (20)

Containerize Your Game Server for the Best Multiplayer Experience

How to Improve Your Image Builds Using Advance Docker Build

Build & Deploy Multi-Container Applications to AWS

Securing Your Containerized Applications with NGINX

How To Build and Run Node Apps with Docker and Compose

Hands-on Helm

Distributed Deep Learning with Docker at Salesforce

The First 10M Pulls: Building The Official Curl Image for Docker Hub

Monitoring in a Microservices World

COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...

Predicting Space Weather with Docker

Become a Docker Power User With Microsoft Visual Studio Code

How to Use Mirroring and Caching to Optimize your Container Registry

Monolithic to Microservices + Docker = SDLC on Steroids!

Kubernetes at Datadog Scale

Labels, Labels, Labels

Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model

Build & Deploy Multi-Container Applications to AWS

From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...

Developing with Docker for the Arm Architecture

Dernier

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

Edi Saputra

Dubai, known for its towering skyscrapers, luxurious lifestyle, and relentless pursuit of innovation, often finds itself in the global spotlight. However, amidst the glitz and glamour, the emirate faces its own set of challenges, including the occasional threat of flooding. In recent years, Dubai has experienced sporadic but significant floods, disrupting normalcy and posing unique challenges to its infrastructure. Among the critical nodes in this bustling metropolis is the Dubai International Airport, a vital hub connecting the world. This article delves into the intersection of Dubai flood events and the resilience demonstrated by the Dubai International Airport in the face of such challenges.

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

Orbitshub

FWD Group - Insurer Innovation Award 2024

The Digital Insurer

[BuildWithAI] Introduction to Gemini.pdf

Sandro Moreira

Following the popularity of “Cloud Revolution: Exploring the New Wave of Serverless Spatial Data,” we’re thrilled to announce this much-anticipated encore webinar. In this sequel, we’ll dive deeper into the Cloud-Native realm by uncovering practical applications and FME support for these new formats, including COGs, COPC, FlatGeoBuf, GeoParquet, STAC, and ZARR. Building on the foundation laid by industry leaders Michelle Roby of Radiant Earth and Chris Holmes of Planet in the first webinar, this second part offers an in-depth look at the real-world application and behind-the-scenes dynamics of these cutting-edge formats. We will spotlight specific use-cases and workflows, showcasing their efficiency and relevance in practical scenarios. Discover the vast possibilities each format holds, highlighted through detailed discussions and demonstrations. Our expert speakers will dissect the key aspects and provide critical takeaways for effective use, ensuring attendees leave with a thorough understanding of how to apply these formats in their own projects. Elevate your understanding of how FME supports these cutting-edge technologies, enhancing your ability to manage, share, and analyze spatial data. Whether you’re building on knowledge from our initial session or are new to the serverless spatial data landscape, this webinar is your gateway to mastering cloud-native formats in your workflows.

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Safe Software

Corporate and higher education. Two industries that, in the past, have had a clear divide with very little crossover. The difference in goals, learning styles and objectives paved the way for differing learning technologies platforms to evolve. Now, those stark lines are blurring as both sides are discovering they have content that’s relevant to the other. Join Tammy Rutherford as she walks through the pros and cons of corporate and higher ed collaborating. And the challenges of these different technology platforms working together for a brighter future.

Corporate and higher education May webinar.pptx

Rustici Software

ICT role in 21st century education and its challenges

rafiqahmad00786416

The microservices honeymoon is over. When starting a new project or revamping a legacy monolith, teams started looking for alternatives to microservices. The Modular Monolith, or 'Modulith', is an architecture that reaps the benefits of (vertical) functional decoupling without the high costs associated with separate deployments. This talk will delve into the advantages and challenges of this progressive architecture, beginning with exploring the concept of a 'module', its internal structure, public API, and inter-module communication patterns. Supported by spring-modulith, the talk provides practical guidance on addressing the main challenges of a Modultith Architecture: finding and guarding module boundaries, data decoupling, and integration module-testing. You should not miss this talk if you are a software architect or tech lead seeking practical, scalable solutions. About the author With two decades of experience, Victor is a Java Champion working as a trainer for top companies in Europe. Five thousands developers in 120 companies attended his workshops, so he gets to debate every week the challenges that various projects struggle with. In return, Victor summarizes key points from these workshops in conference talks and online meetups for the European Software Crafters, the world’s largest developer community around architecture, refactoring, and testing. Discover how Victor can help you on victorrentea.ro : company training catalog, consultancy and YouTube playlists.

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024

Victor Rentea

MS Copilot expands with MS Graph connectors

Nanddeep Nachan

Exploring Multimodal Embeddings with Milvus

Zilliz

Abhishek Deb(1), Mr Abdul Kalam(2) M. Des (UX) , School of Design, DIT University , Dehradun. This paper explores the future potential of AI-enabled smartphone processors, aiming to investigate the advancements, capabilities, and implications of integrating artificial intelligence (AI) into smartphone technology. The research study goals consist of evaluating the development of AI in mobile phone processors, analyzing the existing state as well as abilities of AI-enabled cpus determining future patterns as well as chances together with reviewing obstacles as well as factors to consider for more growth.

Exploring the Future Potential of AI-Enabled Smartphone Processors

debabhi2

Webinar Recording: https://www.panagenda.com/webinars/why-teams-call-analytics-is-critical-to-your-entire-business Nothing is as frustrating and noticeable as being in an important call and being unable to see or hear the other person. Not surprising then, that issues with Teams calls are among the most common problems users call their helpdesk for. Having in depth insight into everything relevant going on at the user’s device, local network, ISP and Microsoft itself during the call is crucial for good Microsoft Teams Call quality support. To ensure a quick and adequate solution and to ensure your users get the most out of their Microsoft 365. But did you know that ‘bad calls’ are also an excellent indicator of other problems arising? Precisely because it is so noticeable!? Like the canary in the mine, bad calls can be early indicators of problems. Problems that might otherwise not have been noticed for a while but can have a big impact on productivity and satisfaction. Join this session by Christoph Adler to learn how true Microsoft Teams call quality analytics helped other organizations troubleshoot bad calls and identify and fix problems that impacted Teams calls or the use of Microsoft365 in general. See what it can do to keep your users happy and productive! In this session we will cover - Why CQD data alone is not enough to troubleshoot call problems - The importance of attributing call problems to the right call participant - What call quality analytics can do to help you quickly find, fix-, and prevent problems - Why having retrospective detailed insights matters - Real life examples of how others have used Microsoft Teams call quality monitoring to problem shoot problems with their ISP, network, device health and more.

Why Teams call analytics are critical to your entire business

panagenda

When you’re building (micro)services, you have lots of framework options. Spring Boot is no doubt a popular choice. But there’s more! Take Quarkus, a framework that’s considered the rising star for Kubernetes-native Java. It always depends on what's best for your situation, but how to choose the best solution if you're comparing 2 frameworks? Both Spring Boot and Quarkus have their positives and negatives. Let us compare the two by live coding a couple of common use cases in Spring Boot and Quarkus. After this talk, you’ll be ready to get started with Quarkus yourself, and know when to select Quarkus or Spring Boot.

Spring Boot vs Quarkus the ultimate battle - DevoxxUK

Jago de Vreede

Artificial Intelligence Chap.5 : Uncertainty

Khushali Kathiriya

Dubai, often portrayed as a shimmering oasis in the desert, faces its own set of challenges, including the occasional threat of flooding. Despite its reputation for opulence and modernity, the emirate is not immune to the forces of nature. In recent years, Dubai has experienced sporadic but significant floods, testing the resilience of its infrastructure and communities. Among the critical lifelines in this bustling metropolis is the Dubai International Airport, a bustling hub that connects the city to the world. This article explores the intersection of Dubai flood events and the resilience demonstrated by the Dubai International Airport in the face of such challenges.

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

Orbitshub

The Good, the Bad and the Governed - Why is governance a dirty word? David O'Neill, Chief Operating Officer - APIContext Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

apidays

Three things you will take away from the session: • How to run an effective tenant-to-tenant migration • Best practices for before, during, and after migration • Tips for using migration as a springboard to prepare for Copilot in Microsoft 365 Main ideas: Migration Overview: The presentation covers the current reality of cross-tenant migrations, the triggers, phases, best practices, and benefits of a successful tenant migration Considerations: When considering a migration, it is important to consider the migration scope, performance, customization, flexibility, user-friendly interface, automation, monitoring, support, training, scalability, data integrity, data security, cost, and licensing structure Next Wave: The next wave of change includes the launch of Copilot, which requires businesses to be prepared for upcoming changes related to Copilot and the cloud, and to consolidate data and tighten governance ShareGate: ShareGate can help with pre-migration analysis, configurable migration tool, and automated, end-user driven collaborative governance

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

sammart93

Axa Assurance Maroc - Insurer Innovation Award 2024

The Digital Insurer

AWS Community Day CPH - Three problems of Terraform

Andrey Devyatkin

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

MadyBayot

Dernier (20)

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

FWD Group - Insurer Innovation Award 2024

[BuildWithAI] Introduction to Gemini.pdf

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Corporate and higher education May webinar.pptx

ICT role in 21st century education and its challenges

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024

MS Copilot expands with MS Graph connectors

Exploring Multimodal Embeddings with Milvus

Exploring the Future Potential of AI-Enabled Smartphone Processors

Why Teams call analytics are critical to your entire business

Spring Boot vs Quarkus the ultimate battle - DevoxxUK

Artificial Intelligence Chap.5 : Uncertainty

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Axa Assurance Maroc - Insurer Innovation Award 2024

AWS Community Day CPH - Three problems of Terraform

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

Kernel load-balancing for Docker containers using IPVS

1. IPVS for Docker Containers Andrey Sibiryov Bulldozer Operator at Uber

2. This guy on the stage 2 …who the hell are you and why should we believe a Russian?

3. What is IPVS …and why didn’t we hear about it before?

4. International Pig Veterinary Society 4

5. IP Virtual Server 5

6. IP Virtual Server 6 …and why didn’t we hear about it before?

7. IP Virtual Server 7 Works inside the Linux Kernel, based on Netfilter. Supports TCP, SCTP & UDP, v4 and v6. 8+ methods: WRR, WLC, LBLCR, SH and much more – plugins. NAT, Tunneling, Direct Routing. Address bundling via FWMark services. Most importantly, it is bloody fucking fast!

8. IP Virtual Server 8 …and a little bit more about these weird acronyms. IPIP Encapsulates IP Routable anywhere NAT Rewrites DST IP Same L4 DSR Rewrites DST MAC Same L2

9. IP Virtual Server 9 …and a few more words about DR since it’s awesome! TPS 50 66 82 98 114 130 Single IPVS DR HAProxy MySQL Proxy

10. I don’t need this 10 …and why would we load balance and route anything at all?

11. I don’t need this 11 …also, our nginx, haproxy, hipache, vulcand setup works fine – get off the stage, please!

12. I don’t need this 12 …and we run our stuff in the cloud, it takes care of everything – our work is perpetual siesta!

13. IP Virtual Server 13 IPVS NGINX HAPROXY AWS ELB OSI layer L4 L7 L7 L4 TCP ✅ ℹ ✅ ✅ UDP ✅ 🚫 🚫 🚫 Dynamic configuration ✅ 🚫 ℹ ✅ Forwarding methods 4 NAT NAT NAT Balancing methods 8+ 3 6 RR Health checks ✅ 🚫 ✅ ✅

14. What is IPVS …and how do we use it since it sounds so amazing!

15. GORB 15 Go Routing and Balancing github.com/kobolog/gorb

16. What is GORB 16 …and why is it cool for Docker Containers?

17. 17 REST API daemon to control IPVS. Simple GET, PUT, DELETE interface. Docker Link to control GORB. TCP, HTTP health checks built-in. Written in Go, LGPL licensed, on GitHub. Docker + GORB + MacVLAN network plugin + IPVS DR forwarding mode = ❤ What is GORB …and why is it cool for Docker Containers?

18. What is GORB …and how do we use it? Live demo or GTFO!

19. What is GORB 19 The guy on the stage is doing roughly this right now. kobolog@gorb:~$ go install github.com/kobolog/gorb kobolog@gorb:~$ sudo modprobe ip_vs kobolog@gorb:~$ sudo gorb & kobolog@docker:~$ go install github.com/kobolog/gorb/gorb-docker-link kobolog@docker:~$ export DOCKER_HOST=<...> kobolog@docker:~$ gorb-docker-link -r gorb:4672 & kobolog@docker:~$ docker run -d -p 80 nginx kobolog@gorb:~$ curl -i -XGET http://localhost:80

20. A few more words about BGP 20 …black belt in networking is not complete without a few words about BGP.

21. How stable is GORB 21 …and is it production-ready? Can we blame you if it doesn’t work?

22. «I'll let you in on a secret: my pet hamster did all the coding. I was just a channel, a «front» if you will, in my pet's grand plan. So, don't blame me if there are bugs. Blame the cute, furry one» —Rusty Russel 22

23. €25,000 23 …is the price for an enterprise hardware load- balancer.

24. €0 24 …is a price for IPVS and BGP (and GORB). Works on commodity hardware. No special software or tools, no SNMP. 1000-word man page vs. 1000-page vendor manual. 1 GBPS line rate = 1% CPU in DR mode. IPVS is around for more than 15 years.

25. 25 A good way to spend €25,000

26. Thank you! Andrey Sibiryov @kobolog me@kobology.ru

Kernel load-balancing for Docker containers using IPVS

Recommandé

Recommandé

Contenu connexe

Tendances

Tendances (20)

Similaire à Kernel load-balancing for Docker containers using IPVS

Similaire à Kernel load-balancing for Docker containers using IPVS (20)

Plus de Docker, Inc.

Plus de Docker, Inc. (20)

Dernier

Dernier (20)

Kernel load-balancing for Docker containers using IPVS