SlideShare une entreprise Scribd logo

Microservices, Containers and Docker

Ioannis Papapanagiotou
Ioannis Papapanagiotou

Course: High Performance Cloud Services http://ipapapa.github.io/teach/cloudCourse

Formation
1  sur  54
Télécharger pour lire hors ligne
Microservices, Containers and Docker Ioannis Papapanagiotou, PhD ipapapa@ncsu.edu
Agenda § Microservices § Linux Containers § Docker § Orchestration 2
Microservices 3 Microservice architectural style: developing a single application as a suite of small services, each running in its own process and communicating with lightweight mechanisms, e.g. REST API.
Microservice style vs Monolythics 4
So why Microservices? § Fast deployment: Code changes for each service can be made independently (as long as the API contract with other services isn’t violated) and therefore, build+test+deploy cycles speed up dramatically. – Netflix, for example, deploys code a hundred times in a single day thanks to the early adoption of the microservices architecture! § Efficient scaling: Each microservice can be scaled independently, – a much more efficient way of scaling an application, because not every part of an application experiences the same amount of load and needs to be scaled equally. § Design autonomy: Developers get the freedom to employ different technologies, frameworks, and design patterns to design and implement each microservice, – pursuing a horses for the courses strategy as necessary. 5 Move Fast, Fail Fast (and Small)
From microservices to containers § Agile software development is a broadly adopted methodology in enterprises today. § "full-stack-responsibility" for the individual services. – infrastructures need to scale differently and the self-service model for projects is taking center stage. § Containers are the foundation for this. – Along with proper DevOps and orchestration. 6
Microservices: Complexities and design considerations § Distributed application logic: with microservices the logic is spread across the services and, more importantly, embedded in the control and data flow between those services. § Diverse technology stack: the system may be comprised of in house developed services, open source software, and external libraries. § Hard to test and debug: there might be thousands of interactions between the constituent services – Equivalent to the “butterfly effect” (a minor change of service, could potentially be catastrophic) 7
Netflix service ecosystem 8
Containers – New degree of freedom Containerization: § Use lightweight packages instead of full VMs § Move from a single large monolithic app to composition of microservices § Containerize different parts of an application § Move parts of apps into different types of cloud infrastructure § Simplify migration of applications between private, public and hybrid clouds 9 New concept of virtualization solution for PaaS and IaaS due to container’s increased density, isolation, elasticity and rapid provisioning
History of cargo transport 10
Solution to Shipping Challenge 11
Analogy with virtualization § Historical way: $M mainframes § Modern way: virtual machines § Problem: performance overhead
The Solution to Software Shipping 13 § A Standard Container System
Why use containers? § Reduces build & deploy times § Cost control and granularity § Libraries dependency can be complicated § Infrastructure configuration = spaghetti 14
Containers vs VMs § Container technology simplifies cloud portability. –Run same application in different environments 1. A container encapsulates applications and defines their interface with the surrounding system 2. In a virtual machine: a full OS install with the associated overhead of virtualized device drivers, etc., § Containers use and share the OS and device drivers of the host. 3. Virtual machines have a full OS with its own memory management, device drivers, daemons, etc. § Containers share the host’s OS and are therefore lighter weight.
Virtual Machines vs Containers
Containers can and can’t §Can –Get shell (i.e. ssh) –Own process space –Own network interface –Run as root –Install packages –Run services –… 17 §Can’t –Use the host kernel –Boot a different OS –Have its own modules –Doesn’t need init as PID 1
Containers vs Processes § Containers are processes with their full environment. – A computer science textbook will define a process as having its own address space, program, CPU state, and process table entry. – The program text is actually memory mapped from the filesystem into the process address space and often consists of dozens of shared libraries in addition to the program itself, thus all these files are really part of the process.
LinuX Containers (LXC) § Operation System level virtualization method for Linux § LXC (LinuX Containers) is an OS virtual for running isolated Linux systems (containers) on a single control host 19
Is containers a new thing? § Cgroups is a mechanism to control resources per hierarchical groups of processes § cgroups (abbreviated from control groups) is a Linux kernel feature to limit, account, and isolate resource usage (CPU, memory, disk I/O, etc.) of process groups. – This work was started by engineers at Google in 2006 under the name "process containers". – In late 2007, it was renamed to "Control Groups" due to the confusion caused by multiple meanings of the term "container" in the Linux kernel, and merged into kernel version 2.6.24. – Since then, new features and controllers have been added.
Cgroups design goals § Provide a unified interface to many different use cases, from controlling single processes to whole operating system-level virtualization § Cgroups provides: –Resource limitation: groups can be set to not exceed a set memory limit — this also includes file system cache. • The original paper was presented at Linux Symposium and can be found at Containers: Challenges with the memory resource controller and its performance. –Prioritization: some groups may get a larger share of CPU or disk I/O throughput. –Accounting: to measure how much resources certain systems use for e.g. billing purposes. –Control: freezing groups or check-pointing and restarting.
Namespaces 22 § The purpose of each namespace is to wrap a particular global system resource in an abstraction that makes it appear to the processes within the namespace that they have their own isolated instance of the global resource. § Cgroups vs namespaces –Cgroups: limits how much you can use –Namespaces: limits how much you can see (and use) § Namespaces –mnt –uts –ipc –net –pid –usr
Mount Namespace nThe “mount namespace” isolates the set of filesystem mount points seen by a group of processes n processes in a different mount namespaces can have different view of the filesystem hierarchy. nMounts can be private or shared nThe tasks running in each mount namespace doing mount/unmount will not affect the file system layout of the other mount namespace. 23
IPC Namespace nIPC namespace isolates the inter-process communication resources. nA process or a group of processes have their own: nIPC shared memory nIPC semaphore nIPC message queues 24
Network Namespace nNet namespace isolates the networking related resources nEvery net namespace has independent nNetwork devices, IP addresses, firewall rules, routing table, sockets etc. 25
PID Namespace § PID namespace isolates the Process ID, implemented as a hierarchy. § PID namespace is a hierarchy comprised of “Parent” and “Child”. – The parent pid-ns can have many children pid-ns. Each Child pid-ns only has one parent pidns. 26
Other Namespaces § UTS namespace § UTS = UNIX Time-sharing System § Each process has a separate copy of the hostname and the (now mostly unused) NIS domain name à isolation! § In containers: useful for init and config scripts that tailor their actions based on the names § User namespace § kuid/kgid: Original uid/gid, Global § uid/gid: user id in user namespace, will be translated to kuid/kgid finally § Only parent User NS has rights to set map
So what is Docker? Docker is an open-source project that automates the deployment of applications inside software containers, by providing an additional layer of abstraction and automation of operating system–level virtualization on Linux.
Virtual Machines vs Containers vs Docker
Why Docker? § Docker makes it easy to build, modify, publish, search, and run containers. –With Docker, a container comprises both an application and all of its dependencies. –Containers can either be created manually or, if a source code repository contains a DockerFile, automatically. –Subsequent modifications to a baseline Docker image can be committed to a new container using the Docker Commit Function and then Pushed to a Central Registry. 30
How Docker works §Containers can be found in a Docker Registry (either public or private), using Docker Search. §Containers can be pulled from the registry using Docker Pull and can be run, started, stopped, etc. 31
Docker Use Cases § Development Environment § Environments for Integration Tests § Quick evaluation of software § Microservices § Multi-Tenancy § Unified execution environment (dev à test à prod (local, VM, cloud, ...) 32
Hello World § Simple Command - Ad-Hoc Container –$ sudo docker run ubuntu /bin/echo 'Hello World' Hello World § Interactive Container –$ sudo docker run -t -i ubuntu:14.04 /bin/bash root@af8bae53bdd3:/# § Commands inside a container –root@af8bae53bdd3:/# pwd / –root@af8bae53bdd3:/# ls bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var 33
Container Orchestration 34 Goal: how do we orchestration billions of containers across perhaps millions of VMs?
Shared resources § All containers share the same set of resources (CPU, RAM, disk, various kernel things…) § Need fair distribution of goods so everyone gets fair share § Need DoS prevention § Need prioritizations –“All animals are equal, but some animals are more equal than others” – George Orwell
Container Orchestration Orchestrate containers to facilitate microservices architecture § Provision containers § Manage container dependencies § Enable discovery § Handle container failure § Scale Containers 36
Which one to choose? 37
Kubernetes § Kubernetes is based on Google’s experience of many years working with Linux containers. § Some abilities: – Mount persistent volumes that allows to move containers without loosing data, – it has load balancer integrated – it uses Etcd for service discovery. § Kubernetes uses a different CLI, different API and different YAML definitions. – cannot use Docker CLI 38
Kubernetes: Pods § Pods: – Pods are groups of containers that are deployed and scheduled together. – A pod will typically include 1 to 5 containers which work together to provide a service. – Kubernetes will run other containers to provide logging and monitoring services. – Pods are treated as ephemeral in Kubernetes; 39
Kubernetes: Services & Replication Controllers § Services – Services are stable endpoints that can be addressed by name. – Services can be connected to pods by using label selectors; for example my “DB” service may connect to several “C*” pods identified by the label selector “type”: “Cassandra”. – The service will automatically round-robin requests between the pods. § Replication Controllers – Replication controllers are used to instantiate pods in Kubernetes – They control and monitor the number of running pods (called replicas) for a service. 40
Kubernetes: Net space and Labels § Flat Networking Space: – Containers within a pod share an IP address, but the address space is “flat” across all pods, • all pods can talk to each other without any Network Address Translation (NAT). – This makes multi-host clusters much more easy to manage, at the cost of not supporting links and making single host (or, more accurately, single pod) networking a little more tricky. – As containers in the same pod share an IP, they can communicate by using ports on the localhost address. § Labels: – Labels are key-value pairs attached to objects in Kubernetes, primarily pods, used to describe identifying characteristics of the object • e.g. version: dev and tier: frontend. – Labels are not normally unique; they are expected to identify groups of containers. – Label selectors can then be used to identify objects or groups of objects, for example all the pods in the frontend tier with environment set to production. 41
Docker Swarm § A native clustering for Docker. § Exposes standard Docker API – meaning that any tool that you used to communicate with Docker (Docker CLI, Docker Compose, Dokku, Krane, and so on) can work equally well with Docker Swarm. § Bound by the limitations of Docker API 42
Docker Swarm: Architecture § Architecture: – each host runs a Swarm agent and one host runs a Swarm manager (on small test clusters this host may also run an agent). – The manager is responsible for the orchestration and scheduling of containers on the hosts. – Swarm can be run in a high-availability mode where one of etcd, Consul or ZooKeeper is used to handle fail-over to a back-up manager. – There are several different methods for how hosts are found and added to a cluster, which is known as discovery in Swarm. • By default, token based discovery is used, where the addresses of hosts are kept in a list stored on the Docker Hub. 43
Mesos § Apache Mesos (https://mesos.apache.org) is an open-source cluster manager. It’s designed to scale to very large clusters involving hundreds or thousands of hosts. – Mesos supports diverse workloads from multiple tenants; one user’s Docker containers may be running next to another user’s Hadoop tasks. § Apache Mesos was started as a project at the University of Berkeley before becoming the underlying infrastructure used to power Twitter and an important tool at many major companies such as eBay and Airbnb. § With Mesos, we can run many frameworks simultaneously: – Marathon and Chronos are the most well known 44
Mesos: Architecture § Mesos Agent Nodes – Responsible for actually running tasks. All agents submit a list of their available resources to the master. – There will typically be 10s to 1000s of agent nodes. § Mesos Master – The master is responsible for sending tasks to the agents. – maintains a list of available resources and makes “offers” of them to frameworks. – decides how many resources to offer based on an allocation strategy. There will typically be 2 or 4 stand-by masters ready to take over in case of a failure. § ZooKeeper – Used in elections and for looking up address of current master. – Typically 3 or 5 ZooKeeper instances will be running to ensure availability and handle failures. 45
Mesos with Marathon: Architecture § Frameworks – Frameworks co-ordinate with the master to schedule tasks onto agent nodes. Frameworks are composed of: – executor process which runs on the agents and takes care of running the tasks – scheduler which registers with the master and selects which resources to use based on offers from the master. – There may be multiple frameworks running on a Mesos cluster for different kinds of task. Users wishing to submit jobs interact with frameworks rather than directly with Mesos. § Marathon is designed to start, monitor and scale long-running applications. – Marathon is designed to be flexible about the applications it launches, • It can even be used to start other complementary frameworks such Chronos (“cron” for the datacenter). – It makes a good choice of framework for running Docker containers, which are directly supported in Marathon. – Marathon supports various affinity and constraint rules. – Clients interact with Marathon through a REST API. – Other features include support for health checks and an event stream that can be used to integrate with load-balancers or for analyzing metrics. 46
Conclusion? There are three types of lies: "Lies, damned lies, and benchmarks” 47
Background Docker info 48
Terminology - Image § Persisted snapshot that can be run images: List all local images run: Create a container from an image and execute a command in it tag: Tag an image pull: Download image from repository rmi: Delete a local image • This will also remove intermediate images if no longer used 49
Terminology - Container § Runnable instance of an image ps: List all running containers ps –a: List all containers (incl. stopped) top: Display processes of a container start: Start a stopped container stop: Stop a running container pause: Pause all processes within a container rm: Delete a container commit: Create an image from a container 50
Daemon Container 51 § Open Terminal in container: –docker run –it ubuntu /bin/bash § Make any modification § We can create a new image with the modifications: –Docker commit [containerId] [image] • Image: e.g. mytest/test1:1.0 § Run as deamon: docker run –d [image] command –docker logs [-f] [containerId]
Dockerfile § Docker can build images automatically by reading the instructions from a Dockerfile. – Dockerfile: text document that contains all the commands a user could call on the command line to assemble an image. – Using docker build a user can create an automated build that executes several command-line instructions in succession. – Command: $ docker build -f /path/to/a/Dockerfile . § Can be versioned in a version control system like Git or SVN, along with all dependencies § Docker Hub can automatically build images based on dockerfiles on Github 52
Docker Hub § Public repository of Docker images –https://hub.docker.com/ –docker search [term] § Automated: Has been automatically built from Dockerfile –Source for build is available on GitHub 53
References and Acknowledgements § Some images have been borrowed from: : http://scm.zoomquiet.io/data/20131004215734/index.html § Docker Engine and Docker Hub: http://blog.docker.com/category/registry-2/ § Microservices: http://martinfowler.com/articles/microservices.html § Swarm vs Fleet vs Kubernetes vs Mesos: https://www.oreilly.com/ideas/swarm-v- fleet-v-kubernetes-v-mesos § There are more public information that have been used… 54

Recommandé

Docker & kubernetes
Docker & kubernetesDocker & kubernetes
Docker & kubernetesNexThoughts Technologies
 
Azure App Service
Azure App ServiceAzure App Service
Azure App ServiceBizTalk360
 
OpenShift 4 installation
OpenShift 4 installationOpenShift 4 installation
OpenShift 4 installationRobert Bohne
 
Microsoft Azure Cloud Services
Microsoft Azure Cloud ServicesMicrosoft Azure Cloud Services
Microsoft Azure Cloud ServicesDavid J Rosenthal
 
OpenShift-Technical-Overview.pdf
OpenShift-Technical-Overview.pdfOpenShift-Technical-Overview.pdf
OpenShift-Technical-Overview.pdfJuanSalinas593459
 
Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Ryan Jarvinen
 
Open shift 4 infra deep dive
Open shift 4 infra deep diveOpen shift 4 infra deep dive
Open shift 4 infra deep diveWinton Winton
 
CKA Certified Kubernetes Administrator Notes
CKA Certified Kubernetes Administrator Notes CKA Certified Kubernetes Administrator Notes
CKA Certified Kubernetes Administrator Notes Adnan Rashid
 

Recommandé

Docker & kubernetes
Docker & kubernetesDocker & kubernetes
Docker & kubernetesNexThoughts Technologies
 
Azure App Service
Azure App ServiceAzure App Service
Azure App ServiceBizTalk360
 
OpenShift 4 installation
OpenShift 4 installationOpenShift 4 installation
OpenShift 4 installationRobert Bohne
 
Microsoft Azure Cloud Services
Microsoft Azure Cloud ServicesMicrosoft Azure Cloud Services
Microsoft Azure Cloud ServicesDavid J Rosenthal
 
OpenShift-Technical-Overview.pdf
OpenShift-Technical-Overview.pdfOpenShift-Technical-Overview.pdf
OpenShift-Technical-Overview.pdfJuanSalinas593459
 
Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Ryan Jarvinen
 
Open shift 4 infra deep dive
Open shift 4 infra deep diveOpen shift 4 infra deep dive
Open shift 4 infra deep diveWinton Winton
 
CKA Certified Kubernetes Administrator Notes
CKA Certified Kubernetes Administrator Notes CKA Certified Kubernetes Administrator Notes
CKA Certified Kubernetes Administrator Notes Adnan Rashid
 
Red hat ansible automation technical deck
Red hat ansible automation technical deckRed hat ansible automation technical deck
Red hat ansible automation technical deckJuraj Hantak
 
Introduction of Kubernetes - Trang Nguyen
Introduction of Kubernetes - Trang NguyenIntroduction of Kubernetes - Trang Nguyen
Introduction of Kubernetes - Trang NguyenTrang Nguyen
 
Getting Started with Kubernetes
Getting Started with Kubernetes Getting Started with Kubernetes
Getting Started with Kubernetes VMware Tanzu
 
kubernetes, pourquoi et comment
kubernetes, pourquoi et commentkubernetes, pourquoi et comment
kubernetes, pourquoi et commentJean-Baptiste Claramonte
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to dockerInstruqt
 
Introduction to Docker Containers - Docker Captain
Introduction to Docker Containers - Docker CaptainIntroduction to Docker Containers - Docker Captain
Introduction to Docker Containers - Docker CaptainAjeet Singh Raina
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes IntroductionMartin Danielsson
 
Kubernetes presentation
Kubernetes presentationKubernetes presentation
Kubernetes presentationGauranG Bajpai
 
Cloud Native Application
Cloud Native ApplicationCloud Native Application
Cloud Native ApplicationVMUG IT
 
Istio service mesh introduction
Istio service mesh introductionIstio service mesh introduction
Istio service mesh introductionKyohei Mizumoto
 
Docker 101: Introduction to Docker
Docker 101: Introduction to DockerDocker 101: Introduction to Docker
Docker 101: Introduction to DockerDocker, Inc.
 
Introduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopIntroduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopBob Killen
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetesGabriel Carro
 
Docker swarm
Docker swarmDocker swarm
Docker swarmAlberto Guimarães Viana
 
Azure App Service Architecture. Web Apps.
Azure App Service Architecture. Web Apps.Azure App Service Architecture. Web Apps.
Azure App Service Architecture. Web Apps.Alexander Feschenko
 
Introduction to microservices
Introduction to microservicesIntroduction to microservices
Introduction to microservicesPaulo Gandra de Sousa
 
Rancher and Kubernetes Best Practices
Rancher and Kubernetes Best PracticesRancher and Kubernetes Best Practices
Rancher and Kubernetes Best PracticesAvinash Patil
 
Kubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation SlidesKubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation SlidesSlideTeam
 
OpenShift 4, the smarter Kubernetes platform
OpenShift 4, the smarter Kubernetes platformOpenShift 4, the smarter Kubernetes platform
OpenShift 4, the smarter Kubernetes platformKangaroot
 
Introduction to Red Hat OpenShift 4
Introduction to Red Hat OpenShift 4Introduction to Red Hat OpenShift 4
Introduction to Red Hat OpenShift 4HngNguyn748044
 
The ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of DockerThe ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of DockerAniekan Akpaffiong
 
Introduction to Apache Mesos and DC/OS
Introduction to Apache Mesos and DC/OSIntroduction to Apache Mesos and DC/OS
Introduction to Apache Mesos and DC/OSSteve Wong
 

Contenu connexe

Tendances

Red hat ansible automation technical deck
Red hat ansible automation technical deckRed hat ansible automation technical deck
Red hat ansible automation technical deckJuraj Hantak
 
Introduction of Kubernetes - Trang Nguyen
Introduction of Kubernetes - Trang NguyenIntroduction of Kubernetes - Trang Nguyen
Introduction of Kubernetes - Trang NguyenTrang Nguyen
 
Getting Started with Kubernetes
Getting Started with Kubernetes Getting Started with Kubernetes
Getting Started with Kubernetes VMware Tanzu
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to dockerInstruqt
 
Introduction to Docker Containers - Docker Captain
Introduction to Docker Containers - Docker CaptainIntroduction to Docker Containers - Docker Captain
Introduction to Docker Containers - Docker CaptainAjeet Singh Raina
 
Kubernetes presentation
Kubernetes presentationKubernetes presentation
Kubernetes presentationGauranG Bajpai
 
Cloud Native Application
Cloud Native ApplicationCloud Native Application
Cloud Native ApplicationVMUG IT
 
Istio service mesh introduction
Istio service mesh introductionIstio service mesh introduction
Istio service mesh introductionKyohei Mizumoto
 
Docker 101: Introduction to Docker
Docker 101: Introduction to DockerDocker 101: Introduction to Docker
Docker 101: Introduction to DockerDocker, Inc.
 
Introduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopIntroduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopBob Killen
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetesGabriel Carro
 
Azure App Service Architecture. Web Apps.
Azure App Service Architecture. Web Apps.Azure App Service Architecture. Web Apps.
Azure App Service Architecture. Web Apps.Alexander Feschenko
 
Rancher and Kubernetes Best Practices
Rancher and Kubernetes Best PracticesRancher and Kubernetes Best Practices
Rancher and Kubernetes Best PracticesAvinash Patil
 
Kubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation SlidesKubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation SlidesSlideTeam
 
OpenShift 4, the smarter Kubernetes platform
OpenShift 4, the smarter Kubernetes platformOpenShift 4, the smarter Kubernetes platform
OpenShift 4, the smarter Kubernetes platformKangaroot
 
Introduction to Red Hat OpenShift 4
Introduction to Red Hat OpenShift 4Introduction to Red Hat OpenShift 4
Introduction to Red Hat OpenShift 4HngNguyn748044
 

Tendances (20)

Red hat ansible automation technical deck
Red hat ansible automation technical deckRed hat ansible automation technical deck
Red hat ansible automation technical deck
 
Introduction of Kubernetes - Trang Nguyen
Introduction of Kubernetes - Trang NguyenIntroduction of Kubernetes - Trang Nguyen
Introduction of Kubernetes - Trang Nguyen
 
Getting Started with Kubernetes
Getting Started with Kubernetes Getting Started with Kubernetes
Getting Started with Kubernetes
 
kubernetes, pourquoi et comment
kubernetes, pourquoi et commentkubernetes, pourquoi et comment
kubernetes, pourquoi et comment
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to docker
 
Introduction to Docker Containers - Docker Captain
Introduction to Docker Containers - Docker CaptainIntroduction to Docker Containers - Docker Captain
Introduction to Docker Containers - Docker Captain
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes Introduction
 
Kubernetes presentation
Kubernetes presentationKubernetes presentation
Kubernetes presentation
 
Cloud Native Application
Cloud Native ApplicationCloud Native Application
Cloud Native Application
 
Istio service mesh introduction
Istio service mesh introductionIstio service mesh introduction
Istio service mesh introduction
 
Docker 101: Introduction to Docker
Docker 101: Introduction to DockerDocker 101: Introduction to Docker
Docker 101: Introduction to Docker
 
Introduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopIntroduction to Kubernetes Workshop
Introduction to Kubernetes Workshop
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
 
Docker swarm
Docker swarmDocker swarm
Docker swarm
 
Azure App Service Architecture. Web Apps.
Azure App Service Architecture. Web Apps.Azure App Service Architecture. Web Apps.
Azure App Service Architecture. Web Apps.
 
Introduction to microservices
Introduction to microservicesIntroduction to microservices
Introduction to microservices
 
Rancher and Kubernetes Best Practices
Rancher and Kubernetes Best PracticesRancher and Kubernetes Best Practices
Rancher and Kubernetes Best Practices
 
Kubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation SlidesKubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation Slides
 
OpenShift 4, the smarter Kubernetes platform
OpenShift 4, the smarter Kubernetes platformOpenShift 4, the smarter Kubernetes platform
OpenShift 4, the smarter Kubernetes platform
 
Introduction to Red Hat OpenShift 4
Introduction to Red Hat OpenShift 4Introduction to Red Hat OpenShift 4
Introduction to Red Hat OpenShift 4
 

Similaire à Microservices, Containers and Docker

The ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of DockerThe ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of DockerAniekan Akpaffiong
 
Introduction to Apache Mesos and DC/OS
Introduction to Apache Mesos and DC/OSIntroduction to Apache Mesos and DC/OS
Introduction to Apache Mesos and DC/OSSteve Wong
 
Oscon 2017: Build your own container-based system with the Moby project
Oscon 2017: Build your own container-based system with the Moby projectOscon 2017: Build your own container-based system with the Moby project
Oscon 2017: Build your own container-based system with the Moby projectPatrick Chanezon
 
An Updated Performance Comparison of Virtual Machines and Linux Containers
An Updated Performance Comparison of Virtual Machines and Linux ContainersAn Updated Performance Comparison of Virtual Machines and Linux Containers
An Updated Performance Comparison of Virtual Machines and Linux ContainersKento Aoyama
 
Container Shangri-La Attaining the Promise of Container Paradise
Container Shangri-La Attaining the Promise of Container ParadiseContainer Shangri-La Attaining the Promise of Container Paradise
Container Shangri-La Attaining the Promise of Container ParadiseXebiaLabs
 
Cloud Native Application @ VMUG.IT 20150529
Cloud Native Application @ VMUG.IT 20150529Cloud Native Application @ VMUG.IT 20150529
Cloud Native Application @ VMUG.IT 20150529VMUG IT
 
Academy PRO: Docker. Lecture 1
Academy PRO: Docker. Lecture 1Academy PRO: Docker. Lecture 1
Academy PRO: Docker. Lecture 1Binary Studio
 
Kubernetes solutions
Kubernetes solutionsKubernetes solutions
Kubernetes solutionsEric Cattoir
 
Intro to kubernetes
Intro to kubernetesIntro to kubernetes
Intro to kubernetesElad Hirsch
 
Powering Microservices with Docker
Powering Microservices with DockerPowering Microservices with Docker
Powering Microservices with DockerCognizant
 
Containerization Report
Containerization ReportContainerization Report
Containerization ReportJatin Chauhan
 
State of the Container Ecosystem
State of the Container EcosystemState of the Container Ecosystem
State of the Container EcosystemVinay Rao
 
Containers for Lawyers Richard Fontana
Containers for Lawyers Richard FontanaContainers for Lawyers Richard Fontana
Containers for Lawyers Richard FontanaBlack Duck by Synopsys
 
Mesos and Kubernetes ecosystem overview
Mesos and Kubernetes ecosystem overviewMesos and Kubernetes ecosystem overview
Mesos and Kubernetes ecosystem overviewKrishna-Kumar
 
Containers and workload security an overview
Containers and workload security an overview Containers and workload security an overview
Containers and workload security an overview Krishna-Kumar
 
Evolution of containers to kubernetes
Evolution of containers to kubernetesEvolution of containers to kubernetes
Evolution of containers to kubernetesKrishna-Kumar
 

Similaire à Microservices, Containers and Docker (20)

The ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of DockerThe ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of Docker
 
Introduction to Apache Mesos and DC/OS
Introduction to Apache Mesos and DC/OSIntroduction to Apache Mesos and DC/OS
Introduction to Apache Mesos and DC/OS
 
Oscon 2017: Build your own container-based system with the Moby project
Oscon 2017: Build your own container-based system with the Moby projectOscon 2017: Build your own container-based system with the Moby project
Oscon 2017: Build your own container-based system with the Moby project
 
An Updated Performance Comparison of Virtual Machines and Linux Containers
An Updated Performance Comparison of Virtual Machines and Linux ContainersAn Updated Performance Comparison of Virtual Machines and Linux Containers
An Updated Performance Comparison of Virtual Machines and Linux Containers
 
Container Shangri-La Attaining the Promise of Container Paradise
Container Shangri-La Attaining the Promise of Container ParadiseContainer Shangri-La Attaining the Promise of Container Paradise
Container Shangri-La Attaining the Promise of Container Paradise
 
BRKSDN-2115
BRKSDN-2115 BRKSDN-2115
BRKSDN-2115
 
Cloud Native Application @ VMUG.IT 20150529
Cloud Native Application @ VMUG.IT 20150529Cloud Native Application @ VMUG.IT 20150529
Cloud Native Application @ VMUG.IT 20150529
 
paper
paperpaper
paper
 
Academy PRO: Docker. Lecture 1
Academy PRO: Docker. Lecture 1Academy PRO: Docker. Lecture 1
Academy PRO: Docker. Lecture 1
 
What is Docker?
What is Docker?What is Docker?
What is Docker?
 
Kubernetes solutions
Kubernetes solutionsKubernetes solutions
Kubernetes solutions
 
Intro to kubernetes
Intro to kubernetesIntro to kubernetes
Intro to kubernetes
 
Powering Microservices with Docker
Powering Microservices with DockerPowering Microservices with Docker
Powering Microservices with Docker
 
Containerization Report
Containerization ReportContainerization Report
Containerization Report
 
State of the Container Ecosystem
State of the Container EcosystemState of the Container Ecosystem
State of the Container Ecosystem
 
Containers for Lawyers Richard Fontana
Containers for Lawyers Richard FontanaContainers for Lawyers Richard Fontana
Containers for Lawyers Richard Fontana
 
Mesos and Kubernetes ecosystem overview
Mesos and Kubernetes ecosystem overviewMesos and Kubernetes ecosystem overview
Mesos and Kubernetes ecosystem overview
 
SW Docker Security
SW Docker SecuritySW Docker Security
SW Docker Security
 
Containers and workload security an overview
Containers and workload security an overview Containers and workload security an overview
Containers and workload security an overview
 
Evolution of containers to kubernetes
Evolution of containers to kubernetesEvolution of containers to kubernetes
Evolution of containers to kubernetes
 

Plus de Ioannis Papapanagiotou

Fast and Scalable Authentication for Vehicular Internet of Things
Fast and Scalable Authentication for Vehicular Internet of ThingsFast and Scalable Authentication for Vehicular Internet of Things
Fast and Scalable Authentication for Vehicular Internet of ThingsIoannis Papapanagiotou
 
Internet of Things @ Purdue University
Internet of Things @ Purdue UniversityInternet of Things @ Purdue University
Internet of Things @ Purdue UniversityIoannis Papapanagiotou
 

Plus de Ioannis Papapanagiotou (7)

Graph Databases at Netflix
Graph Databases at NetflixGraph Databases at Netflix
Graph Databases at Netflix
 
Netflix Data Benchmark @ HPTS 2017
Netflix Data Benchmark @ HPTS 2017Netflix Data Benchmark @ HPTS 2017
Netflix Data Benchmark @ HPTS 2017
 
Dynomite @ RedisConf 2017
Dynomite @ RedisConf 2017Dynomite @ RedisConf 2017
Dynomite @ RedisConf 2017
 
Dynomite - PerconaLive 2017
Dynomite - PerconaLive 2017Dynomite - PerconaLive 2017
Dynomite - PerconaLive 2017
 
Dynomite @ Redis Conference 2016
Dynomite @ Redis Conference 2016Dynomite @ Redis Conference 2016
Dynomite @ Redis Conference 2016
 
Fast and Scalable Authentication for Vehicular Internet of Things
Fast and Scalable Authentication for Vehicular Internet of ThingsFast and Scalable Authentication for Vehicular Internet of Things
Fast and Scalable Authentication for Vehicular Internet of Things
 
Internet of Things @ Purdue University
Internet of Things @ Purdue UniversityInternet of Things @ Purdue University
Internet of Things @ Purdue University
 

Dernier

Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptx
Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptxExploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptx
Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptxPooja Bhuva
 
Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and ModificationsMJDuyan
 
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...Pooja Bhuva
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jisc
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...pradhanghanshyam7136
 
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxHMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxmarlenawright1
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxEsquimalt MFRC
 
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxCOMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxannathomasp01
 
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...Nguyen Thanh Tu Collection
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxAreebaZafar22
 
Plant propagation: Sexual and Asexual propapagation.pptx
Plant propagation: Sexual and Asexual propapagation.pptxPlant propagation: Sexual and Asexual propapagation.pptx
Plant propagation: Sexual and Asexual propapagation.pptxUmeshTimilsina1
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...ZurliaSoop
 
Single or Multiple melodic lines structure
Single or Multiple melodic lines structureSingle or Multiple melodic lines structure
Single or Multiple melodic lines structuredhanjurrannsibayan2
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxJisc
 
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...Nguyen Thanh Tu Collection
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxCeline George
 
Interdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxInterdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxPooja Bhuva
 
REMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptxREMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptxDr. Ravikiran H M Gowda
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsMebane Rash
 
Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomPooky Knightsmith
 

Dernier (20)

Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptx
Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptxExploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptx
Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptx
 
Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and Modifications
 
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
 
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxHMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
 
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxCOMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
 
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
Plant propagation: Sexual and Asexual propapagation.pptx
Plant propagation: Sexual and Asexual propapagation.pptxPlant propagation: Sexual and Asexual propapagation.pptx
Plant propagation: Sexual and Asexual propapagation.pptx
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
 
Single or Multiple melodic lines structure
Single or Multiple melodic lines structureSingle or Multiple melodic lines structure
Single or Multiple melodic lines structure
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptx
 
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptx
 
Interdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxInterdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptx
 
REMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptxREMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptx
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the Classroom
 

Microservices, Containers and Docker

  • 1. Microservices, Containers and Docker Ioannis Papapanagiotou, PhD ipapapa@ncsu.edu
  • 2. Agenda § Microservices § Linux Containers § Docker § Orchestration 2
  • 3. Microservices 3 Microservice architectural style: developing a single application as a suite of small services, each running in its own process and communicating with lightweight mechanisms, e.g. REST API.
  • 4. Microservice style vs Monolythics 4
  • 5. So why Microservices? § Fast deployment: Code changes for each service can be made independently (as long as the API contract with other services isn’t violated) and therefore, build+test+deploy cycles speed up dramatically. – Netflix, for example, deploys code a hundred times in a single day thanks to the early adoption of the microservices architecture! § Efficient scaling: Each microservice can be scaled independently, – a much more efficient way of scaling an application, because not every part of an application experiences the same amount of load and needs to be scaled equally. § Design autonomy: Developers get the freedom to employ different technologies, frameworks, and design patterns to design and implement each microservice, – pursuing a horses for the courses strategy as necessary. 5 Move Fast, Fail Fast (and Small)
  • 6. From microservices to containers § Agile software development is a broadly adopted methodology in enterprises today. § "full-stack-responsibility" for the individual services. – infrastructures need to scale differently and the self-service model for projects is taking center stage. § Containers are the foundation for this. – Along with proper DevOps and orchestration. 6
  • 7. Microservices: Complexities and design considerations § Distributed application logic: with microservices the logic is spread across the services and, more importantly, embedded in the control and data flow between those services. § Diverse technology stack: the system may be comprised of in house developed services, open source software, and external libraries. § Hard to test and debug: there might be thousands of interactions between the constituent services – Equivalent to the “butterfly effect” (a minor change of service, could potentially be catastrophic) 7
  • 9. Containers – New degree of freedom Containerization: § Use lightweight packages instead of full VMs § Move from a single large monolithic app to composition of microservices § Containerize different parts of an application § Move parts of apps into different types of cloud infrastructure § Simplify migration of applications between private, public and hybrid clouds 9 New concept of virtualization solution for PaaS and IaaS due to container’s increased density, isolation, elasticity and rapid provisioning
  • 10. History of cargo transport 10
  • 11. Solution to Shipping Challenge 11
  • 12. Analogy with virtualization § Historical way: $M mainframes § Modern way: virtual machines § Problem: performance overhead
  • 13. The Solution to Software Shipping 13 § A Standard Container System
  • 14. Why use containers? § Reduces build & deploy times § Cost control and granularity § Libraries dependency can be complicated § Infrastructure configuration = spaghetti 14
  • 15. Containers vs VMs § Container technology simplifies cloud portability. –Run same application in different environments 1. A container encapsulates applications and defines their interface with the surrounding system 2. In a virtual machine: a full OS install with the associated overhead of virtualized device drivers, etc., § Containers use and share the OS and device drivers of the host. 3. Virtual machines have a full OS with its own memory management, device drivers, daemons, etc. § Containers share the host’s OS and are therefore lighter weight.
  • 16. Virtual Machines vs Containers
  • 17. Containers can and can’t §Can –Get shell (i.e. ssh) –Own process space –Own network interface –Run as root –Install packages –Run services –… 17 §Can’t –Use the host kernel –Boot a different OS –Have its own modules –Doesn’t need init as PID 1
  • 18. Containers vs Processes § Containers are processes with their full environment. – A computer science textbook will define a process as having its own address space, program, CPU state, and process table entry. – The program text is actually memory mapped from the filesystem into the process address space and often consists of dozens of shared libraries in addition to the program itself, thus all these files are really part of the process.
  • 19. LinuX Containers (LXC) § Operation System level virtualization method for Linux § LXC (LinuX Containers) is an OS virtual for running isolated Linux systems (containers) on a single control host 19
  • 20. Is containers a new thing? § Cgroups is a mechanism to control resources per hierarchical groups of processes § cgroups (abbreviated from control groups) is a Linux kernel feature to limit, account, and isolate resource usage (CPU, memory, disk I/O, etc.) of process groups. – This work was started by engineers at Google in 2006 under the name "process containers". – In late 2007, it was renamed to "Control Groups" due to the confusion caused by multiple meanings of the term "container" in the Linux kernel, and merged into kernel version 2.6.24. – Since then, new features and controllers have been added.
  • 21. Cgroups design goals § Provide a unified interface to many different use cases, from controlling single processes to whole operating system-level virtualization § Cgroups provides: –Resource limitation: groups can be set to not exceed a set memory limit — this also includes file system cache. • The original paper was presented at Linux Symposium and can be found at Containers: Challenges with the memory resource controller and its performance. –Prioritization: some groups may get a larger share of CPU or disk I/O throughput. –Accounting: to measure how much resources certain systems use for e.g. billing purposes. –Control: freezing groups or check-pointing and restarting.
  • 22. Namespaces 22 § The purpose of each namespace is to wrap a particular global system resource in an abstraction that makes it appear to the processes within the namespace that they have their own isolated instance of the global resource. § Cgroups vs namespaces –Cgroups: limits how much you can use –Namespaces: limits how much you can see (and use) § Namespaces –mnt –uts –ipc –net –pid –usr
  • 23. Mount Namespace nThe “mount namespace” isolates the set of filesystem mount points seen by a group of processes n processes in a different mount namespaces can have different view of the filesystem hierarchy. nMounts can be private or shared nThe tasks running in each mount namespace doing mount/unmount will not affect the file system layout of the other mount namespace. 23
  • 24. IPC Namespace nIPC namespace isolates the inter-process communication resources. nA process or a group of processes have their own: nIPC shared memory nIPC semaphore nIPC message queues 24
  • 25. Network Namespace nNet namespace isolates the networking related resources nEvery net namespace has independent nNetwork devices, IP addresses, firewall rules, routing table, sockets etc. 25
  • 26. PID Namespace § PID namespace isolates the Process ID, implemented as a hierarchy. § PID namespace is a hierarchy comprised of “Parent” and “Child”. – The parent pid-ns can have many children pid-ns. Each Child pid-ns only has one parent pidns. 26
  • 27. Other Namespaces § UTS namespace § UTS = UNIX Time-sharing System § Each process has a separate copy of the hostname and the (now mostly unused) NIS domain name à isolation! § In containers: useful for init and config scripts that tailor their actions based on the names § User namespace § kuid/kgid: Original uid/gid, Global § uid/gid: user id in user namespace, will be translated to kuid/kgid finally § Only parent User NS has rights to set map
  • 28. So what is Docker? Docker is an open-source project that automates the deployment of applications inside software containers, by providing an additional layer of abstraction and automation of operating system–level virtualization on Linux.
  • 29. Virtual Machines vs Containers vs Docker
  • 30. Why Docker? § Docker makes it easy to build, modify, publish, search, and run containers. –With Docker, a container comprises both an application and all of its dependencies. –Containers can either be created manually or, if a source code repository contains a DockerFile, automatically. –Subsequent modifications to a baseline Docker image can be committed to a new container using the Docker Commit Function and then Pushed to a Central Registry. 30
  • 31. How Docker works §Containers can be found in a Docker Registry (either public or private), using Docker Search. §Containers can be pulled from the registry using Docker Pull and can be run, started, stopped, etc. 31
  • 32. Docker Use Cases § Development Environment § Environments for Integration Tests § Quick evaluation of software § Microservices § Multi-Tenancy § Unified execution environment (dev à test à prod (local, VM, cloud, ...) 32
  • 33. Hello World § Simple Command - Ad-Hoc Container –$ sudo docker run ubuntu /bin/echo 'Hello World' Hello World § Interactive Container –$ sudo docker run -t -i ubuntu:14.04 /bin/bash root@af8bae53bdd3:/# § Commands inside a container –root@af8bae53bdd3:/# pwd / –root@af8bae53bdd3:/# ls bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var 33
  • 34. Container Orchestration 34 Goal: how do we orchestration billions of containers across perhaps millions of VMs?
  • 35. Shared resources § All containers share the same set of resources (CPU, RAM, disk, various kernel things…) § Need fair distribution of goods so everyone gets fair share § Need DoS prevention § Need prioritizations –“All animals are equal, but some animals are more equal than others” – George Orwell
  • 36. Container Orchestration Orchestrate containers to facilitate microservices architecture § Provision containers § Manage container dependencies § Enable discovery § Handle container failure § Scale Containers 36
  • 37. Which one to choose? 37
  • 38. Kubernetes § Kubernetes is based on Google’s experience of many years working with Linux containers. § Some abilities: – Mount persistent volumes that allows to move containers without loosing data, – it has load balancer integrated – it uses Etcd for service discovery. § Kubernetes uses a different CLI, different API and different YAML definitions. – cannot use Docker CLI 38
  • 39. Kubernetes: Pods § Pods: – Pods are groups of containers that are deployed and scheduled together. – A pod will typically include 1 to 5 containers which work together to provide a service. – Kubernetes will run other containers to provide logging and monitoring services. – Pods are treated as ephemeral in Kubernetes; 39
  • 40. Kubernetes: Services & Replication Controllers § Services – Services are stable endpoints that can be addressed by name. – Services can be connected to pods by using label selectors; for example my “DB” service may connect to several “C*” pods identified by the label selector “type”: “Cassandra”. – The service will automatically round-robin requests between the pods. § Replication Controllers – Replication controllers are used to instantiate pods in Kubernetes – They control and monitor the number of running pods (called replicas) for a service. 40
  • 41. Kubernetes: Net space and Labels § Flat Networking Space: – Containers within a pod share an IP address, but the address space is “flat” across all pods, • all pods can talk to each other without any Network Address Translation (NAT). – This makes multi-host clusters much more easy to manage, at the cost of not supporting links and making single host (or, more accurately, single pod) networking a little more tricky. – As containers in the same pod share an IP, they can communicate by using ports on the localhost address. § Labels: – Labels are key-value pairs attached to objects in Kubernetes, primarily pods, used to describe identifying characteristics of the object • e.g. version: dev and tier: frontend. – Labels are not normally unique; they are expected to identify groups of containers. – Label selectors can then be used to identify objects or groups of objects, for example all the pods in the frontend tier with environment set to production. 41
  • 42. Docker Swarm § A native clustering for Docker. § Exposes standard Docker API – meaning that any tool that you used to communicate with Docker (Docker CLI, Docker Compose, Dokku, Krane, and so on) can work equally well with Docker Swarm. § Bound by the limitations of Docker API 42
  • 43. Docker Swarm: Architecture § Architecture: – each host runs a Swarm agent and one host runs a Swarm manager (on small test clusters this host may also run an agent). – The manager is responsible for the orchestration and scheduling of containers on the hosts. – Swarm can be run in a high-availability mode where one of etcd, Consul or ZooKeeper is used to handle fail-over to a back-up manager. – There are several different methods for how hosts are found and added to a cluster, which is known as discovery in Swarm. • By default, token based discovery is used, where the addresses of hosts are kept in a list stored on the Docker Hub. 43
  • 44. Mesos § Apache Mesos (https://mesos.apache.org) is an open-source cluster manager. It’s designed to scale to very large clusters involving hundreds or thousands of hosts. – Mesos supports diverse workloads from multiple tenants; one user’s Docker containers may be running next to another user’s Hadoop tasks. § Apache Mesos was started as a project at the University of Berkeley before becoming the underlying infrastructure used to power Twitter and an important tool at many major companies such as eBay and Airbnb. § With Mesos, we can run many frameworks simultaneously: – Marathon and Chronos are the most well known 44
  • 45. Mesos: Architecture § Mesos Agent Nodes – Responsible for actually running tasks. All agents submit a list of their available resources to the master. – There will typically be 10s to 1000s of agent nodes. § Mesos Master – The master is responsible for sending tasks to the agents. – maintains a list of available resources and makes “offers” of them to frameworks. – decides how many resources to offer based on an allocation strategy. There will typically be 2 or 4 stand-by masters ready to take over in case of a failure. § ZooKeeper – Used in elections and for looking up address of current master. – Typically 3 or 5 ZooKeeper instances will be running to ensure availability and handle failures. 45
  • 46. Mesos with Marathon: Architecture § Frameworks – Frameworks co-ordinate with the master to schedule tasks onto agent nodes. Frameworks are composed of: – executor process which runs on the agents and takes care of running the tasks – scheduler which registers with the master and selects which resources to use based on offers from the master. – There may be multiple frameworks running on a Mesos cluster for different kinds of task. Users wishing to submit jobs interact with frameworks rather than directly with Mesos. § Marathon is designed to start, monitor and scale long-running applications. – Marathon is designed to be flexible about the applications it launches, • It can even be used to start other complementary frameworks such Chronos (“cron” for the datacenter). – It makes a good choice of framework for running Docker containers, which are directly supported in Marathon. – Marathon supports various affinity and constraint rules. – Clients interact with Marathon through a REST API. – Other features include support for health checks and an event stream that can be used to integrate with load-balancers or for analyzing metrics. 46
  • 47. Conclusion? There are three types of lies: "Lies, damned lies, and benchmarks” 47
  • 49. Terminology - Image § Persisted snapshot that can be run images: List all local images run: Create a container from an image and execute a command in it tag: Tag an image pull: Download image from repository rmi: Delete a local image • This will also remove intermediate images if no longer used 49
  • 50. Terminology - Container § Runnable instance of an image ps: List all running containers ps –a: List all containers (incl. stopped) top: Display processes of a container start: Start a stopped container stop: Stop a running container pause: Pause all processes within a container rm: Delete a container commit: Create an image from a container 50
  • 51. Daemon Container 51 § Open Terminal in container: –docker run –it ubuntu /bin/bash § Make any modification § We can create a new image with the modifications: –Docker commit [containerId] [image] • Image: e.g. mytest/test1:1.0 § Run as deamon: docker run –d [image] command –docker logs [-f] [containerId]
  • 52. Dockerfile § Docker can build images automatically by reading the instructions from a Dockerfile. – Dockerfile: text document that contains all the commands a user could call on the command line to assemble an image. – Using docker build a user can create an automated build that executes several command-line instructions in succession. – Command: $ docker build -f /path/to/a/Dockerfile . § Can be versioned in a version control system like Git or SVN, along with all dependencies § Docker Hub can automatically build images based on dockerfiles on Github 52
  • 53. Docker Hub § Public repository of Docker images –https://hub.docker.com/ –docker search [term] § Automated: Has been automatically built from Dockerfile –Source for build is available on GitHub 53
  • 54. References and Acknowledgements § Some images have been borrowed from: : http://scm.zoomquiet.io/data/20131004215734/index.html § Docker Engine and Docker Hub: http://blog.docker.com/category/registry-2/ § Microservices: http://martinfowler.com/articles/microservices.html § Swarm vs Fleet vs Kubernetes vs Mesos: https://www.oreilly.com/ideas/swarm-v- fleet-v-kubernetes-v-mesos § There are more public information that have been used… 54