SlideShare a Scribd company logo

CoreOS Battle Stories

Kontena, Inc.
Kontena, Inc.

Kontena is an open source container platform that aims to maximize developer happiness. It uses CoreOS as the underlying OS and handles orchestration of containerized workloads across multiple nodes through tools like etcd for service discovery, Weave Net for the overlay network, and automated updates. Initially setting up etcd and the overlay network posed challenges, but Kontena's implementation addresses these by running etcd in containers only accessible via localhost/overlay network and having the master coordinate etcd discovery and network configuration. CoreOS and its bundled tools provide an ideal minimal base for containers, but Kontena abstracts away its complexity through automation and orchestration.

Technology
1 of 42
Download to read offline
CoreOS Battle Stories Jari Kolehmainen, Founder
Background
© 2015 Kontena, Inc. What is Kontena? Open Source container platform built to maximize developer happiness. Works on any cloud, easy to setup, simple to use.
How does it work? Kontena Grid A number of physical or virtual machines – Kontena Nodes – create a Kontena Grid. The nodes may be located anywhere; in single data center, different AZs or different cloud providers. Overlay Network Kontena will automatically create an overlay network powered by Weave and connect all nodes of a Grid. Overlay network enable services to communicate with each other in multi-host, multi-AZ environment. Service Discovery Kontena has a built-in service discovery powered by etcd. It is used to automatically assign DNS addresses for any services running in Kontena. It is also used by Kontena’s load balancer for zero-downtime operation. Orchestration Kontena’s orchestrator is distributing, running and monitoring all Kontena Services in a Grid. Services may be stateless or stateful, and they are automatically distributed across Nodes in a Grid. Containerized Workloads With Kontena, all containerized workloads are described as Services. Kontena Service is composed of containers based on the same image file. Services may be scaled and linked together to create complex elastic apps. OS Docker Kontena Nodes & Agent Kontena Agent may be installed to any machine capable of running Docker. It is running as a privileged container in a machine. Kontena Master Kontena Master is orchestrating the entire Kontena system. It provides APIs used by Kontena CLI, Web UI and third party integrations. Kontena Master may be installed as high-availability setup if needed.
What about OS?
© 2016 Kontena, Inc. Perfect OS: Requirements • Minimal footprint • Container native • Zero maintenance • Stable • Secure
© 2016 Kontena, Inc. Why Container OS? • Our expectation from an OS has changed • “Pets vs Cattle” • Maintaining the system should be easy • It needs to be more secure than traditional OS
Finding the Right OS
© 2016 Kontena, Inc. Choices (Back Then) • Boot2Docker • CoreOS • Project Atomic • DIY (not an option, really)
© 2016 Kontena, Inc. Boot2Docker • Based on Tiny Core Linux • Small (24MB download, 5s to boot) • No automatic updates • Not recommended for production use
© 2016 Kontena, Inc. CoreOS • Based on Gentoo • Minimal (~100MB) • Designed for containers • Focus on security and stability • Automatic updates
© 2016 Kontena, Inc. Project Atomic • Not a new Linux distribution • Framework to create on OS from RHEL, CentOS and Fedora • Designed for containers • Focus on security and stability
CoreOS
Is not just an OS…
© 2016 Kontena, Inc. CoreOS Project • etcd • rkt • fleet • locksmith • flannel • many more…
© 2016 Kontena, Inc. CoreOS Host
Automation
© 2016 Kontena, Inc. Kontena Provisioning Goals • single command that “just works” • register host to etcd cluster • register host to Kontena Grid • should work on any infrastructure
© 2016 Kontena, Inc. CoreOS Problems • configuration management • etcd cluster / discovery • etcd security • coordinated auto-updates
© 2016 Kontena, Inc. CoreOS & Configuration Management • Chef • Puppet • Ansible • Saltstack • ??
CloudInit
© 2016 Kontena, Inc. Bootstrapping with CloudInit • de-facto way to initialize cloud instances • integrated to CoreOS • only sane way to bootstrap
etcd
© 2016 Kontena, Inc. Etcd: The Hard Parts • discovery • security (tls certificates) • central services vs workers • maintenance
© 2016 Kontena, Inc. Initial Implementation • run etcd inside a container • bind etcd only to localhost & overlay network • use public discovery service
© 2016 Kontena, Inc. Etcd: Current Implementation • run etcd inside a container • bind etcd only to localhost & overlay network • master coordicates etcd discovery • static ip’s
© 2016 Kontena, Inc. Etcd: Future Improvements • automatic failover with magic • support for external etcd cluster • compose.io
Automatic Updates
© 2016 Kontena, Inc. Automatic Updates • several update strategies • best-effort, etcd-lock, reboot, off • our pick: best-effort • if etcd is running, locksmith coordinates the reboots • otherwise just reboot once update is available
© 2016 Kontena, Inc. Automatic Updates • chaos monkey for free! • updates also kontena-agent • works like a charm
Overlay Network
© 2016 Kontena, Inc. Overlay Network Options • Flannel by CoreOS • Weave Net by Weaveworks • Calico • Docker Overlay Network • Most likely you need one of these
© 2016 Kontena, Inc. Flannel • bundled with CoreOS • depends on working etcd • has multiple backends to choose from
© 2016 Kontena, Inc. Weave Net • simple setup • optional encryption • multicast, multi-hop, fast datapath • dns • requires “some” external coordination • needs information about other peers
© 2016 Kontena, Inc. Our Pick: Weave Net • can start before etcd • makes it possible to expose etcd only to overlay net • secure communication between nodes • not dependant on infrastructure features • easy-ish to orchestrate • “just works”
Demo!
Summary
© 2016 Kontena, Inc. CoreOS Summary • the “OS” part is currently best option for containers • etcd is a must, but a little hard to handle • pick orchestrator that hides all the complexities • automate everything
Thank You!www.kontena.io

Recommended

Running Containers on Nebula OpenStack
Running Containers on Nebula OpenStackRunning Containers on Nebula OpenStack
Running Containers on Nebula OpenStackKontena, Inc.
 
WordPressCafe - Deploying WordPress using Kontena
WordPressCafe - Deploying WordPress using KontenaWordPressCafe - Deploying WordPress using Kontena
WordPressCafe - Deploying WordPress using KontenaKontena, Inc.
 
Running Dockerized services across several cloud providers
Running Dockerized services across several cloud providersRunning Dockerized services across several cloud providers
Running Dockerized services across several cloud providersKontena, Inc.
 
Running and Scaling Symfony app in container(s)
Running and Scaling Symfony app in container(s)Running and Scaling Symfony app in container(s)
Running and Scaling Symfony app in container(s)Kontena, Inc.
 
Barcelona MeetUp - Kontena Intro
Barcelona MeetUp - Kontena IntroBarcelona MeetUp - Kontena Intro
Barcelona MeetUp - Kontena IntroKontena, Inc.
 
Dockerizing Ruby Applications - The Best Practices
Dockerizing Ruby Applications - The Best PracticesDockerizing Ruby Applications - The Best Practices
Dockerizing Ruby Applications - The Best PracticesKontena, Inc.
 
Docker in Production - Stateful Services
Docker in Production - Stateful ServicesDocker in Production - Stateful Services
Docker in Production - Stateful ServicesKontena, Inc.
 
Automating the CI / CD pipeline of your containerized applications
Automating the CI / CD pipeline of your containerized applicationsAutomating the CI / CD pipeline of your containerized applications
Automating the CI / CD pipeline of your containerized applicationsKontena, Inc.
 

Recommended

Running Containers on Nebula OpenStack
Running Containers on Nebula OpenStackRunning Containers on Nebula OpenStack
Running Containers on Nebula OpenStackKontena, Inc.
 
WordPressCafe - Deploying WordPress using Kontena
WordPressCafe - Deploying WordPress using KontenaWordPressCafe - Deploying WordPress using Kontena
WordPressCafe - Deploying WordPress using KontenaKontena, Inc.
 
Running Dockerized services across several cloud providers
Running Dockerized services across several cloud providersRunning Dockerized services across several cloud providers
Running Dockerized services across several cloud providersKontena, Inc.
 
Running and Scaling Symfony app in container(s)
Running and Scaling Symfony app in container(s)Running and Scaling Symfony app in container(s)
Running and Scaling Symfony app in container(s)Kontena, Inc.
 
Barcelona MeetUp - Kontena Intro
Barcelona MeetUp - Kontena IntroBarcelona MeetUp - Kontena Intro
Barcelona MeetUp - Kontena IntroKontena, Inc.
 
Dockerizing Ruby Applications - The Best Practices
Dockerizing Ruby Applications - The Best PracticesDockerizing Ruby Applications - The Best Practices
Dockerizing Ruby Applications - The Best PracticesKontena, Inc.
 
Docker in Production - Stateful Services
Docker in Production - Stateful ServicesDocker in Production - Stateful Services
Docker in Production - Stateful ServicesKontena, Inc.
 
Automating the CI / CD pipeline of your containerized applications
Automating the CI / CD pipeline of your containerized applicationsAutomating the CI / CD pipeline of your containerized applications
Automating the CI / CD pipeline of your containerized applicationsKontena, Inc.
 
Beginners Guide to Kontena
Beginners Guide to KontenaBeginners Guide to Kontena
Beginners Guide to KontenaLauri Nevala
 
Running Docker in Production - The Good, the Bad and The Ugly
Running Docker in Production - The Good, the Bad and The UglyRunning Docker in Production - The Good, the Bad and The Ugly
Running Docker in Production - The Good, the Bad and The UglyKontena, Inc.
 
OpenStack Storage Overview
OpenStack Storage OverviewOpenStack Storage Overview
OpenStack Storage OverviewBharat Kumar Kobagana
 
Nebulaworks Docker Overview 09-22-2015
Nebulaworks Docker Overview 09-22-2015Nebulaworks Docker Overview 09-22-2015
Nebulaworks Docker Overview 09-22-2015Chris Ciborowski
 
Deep Dive into Openstack Storage, Sean Cohen, Red Hat
Deep Dive into Openstack Storage, Sean Cohen, Red HatDeep Dive into Openstack Storage, Sean Cohen, Red Hat
Deep Dive into Openstack Storage, Sean Cohen, Red HatCloud Native Day Tel Aviv
 
Docker Online Meetup: Infrakit update and Q&A
Docker Online Meetup: Infrakit update and Q&ADocker Online Meetup: Infrakit update and Q&A
Docker Online Meetup: Infrakit update and Q&ADocker, Inc.
 
Orchestrating Linux Containers while tolerating failures
Orchestrating Linux Containers while tolerating failuresOrchestrating Linux Containers while tolerating failures
Orchestrating Linux Containers while tolerating failuresDocker, Inc.
 
What's New in Docker 1.12?
What's New in Docker 1.12?What's New in Docker 1.12?
What's New in Docker 1.12?Ajeet Singh Raina
 
OpenStack Cinder
OpenStack CinderOpenStack Cinder
OpenStack CinderDeepti Ramakrishna
 
Demystifying puppet
Demystifying puppetDemystifying puppet
Demystifying puppetAjeet Singh Raina
 
Dev with Docker WCPHX 2019
Dev with Docker WCPHX 2019Dev with Docker WCPHX 2019
Dev with Docker WCPHX 2019Maura Teal
 
Practical Design Patterns in Docker Networking
Practical Design Patterns in Docker NetworkingPractical Design Patterns in Docker Networking
Practical Design Patterns in Docker NetworkingDocker, Inc.
 
Container Orchestration Integration: OpenStack Kuryr
Container Orchestration Integration: OpenStack KuryrContainer Orchestration Integration: OpenStack Kuryr
Container Orchestration Integration: OpenStack KuryrTaku Fukushima
 
Cloudfoundry Overview
Cloudfoundry OverviewCloudfoundry Overview
Cloudfoundry Overviewrajdeep
 
Open stack solidfire-mavenspire-meetup
Open stack solidfire-mavenspire-meetupOpen stack solidfire-mavenspire-meetup
Open stack solidfire-mavenspire-meetupGene Dubensky
 
Monitoring Dell Infrastructure using Docker & Microservices
Monitoring Dell Infrastructure using Docker & MicroservicesMonitoring Dell Infrastructure using Docker & Microservices
Monitoring Dell Infrastructure using Docker & MicroservicesAjeet Singh Raina
 
Architecture Overview: Kubernetes with Red Hat Enterprise Linux 7.1
Architecture Overview: Kubernetes with Red Hat Enterprise Linux 7.1Architecture Overview: Kubernetes with Red Hat Enterprise Linux 7.1
Architecture Overview: Kubernetes with Red Hat Enterprise Linux 7.1Etsuji Nakai
 
Scaling Microservices with Kubernetes
Scaling Microservices with KubernetesScaling Microservices with Kubernetes
Scaling Microservices with KubernetesDeivid Hahn Fração
 
ContainerDayVietnam2016: Containers with OpenStack
ContainerDayVietnam2016: Containers with OpenStackContainerDayVietnam2016: Containers with OpenStack
ContainerDayVietnam2016: Containers with OpenStackDocker-Hanoi
 
Service Discovery & Load-Balancing under Docker 1.12.0 @ Docker Meetup #22
Service Discovery & Load-Balancing under Docker 1.12.0 @ Docker Meetup #22Service Discovery & Load-Balancing under Docker 1.12.0 @ Docker Meetup #22
Service Discovery & Load-Balancing under Docker 1.12.0 @ Docker Meetup #22Ajeet Singh Raina
 
Emilio Chinea - Resume 04.23.15
Emilio Chinea - Resume 04.23.15Emilio Chinea - Resume 04.23.15
Emilio Chinea - Resume 04.23.15Emilio Chinea
 
Beginners Guide To Kontena
Beginners Guide To KontenaBeginners Guide To Kontena
Beginners Guide To KontenaKontena, Inc.
 

More Related Content

What's hot

Beginners Guide to Kontena
Beginners Guide to KontenaBeginners Guide to Kontena
Beginners Guide to KontenaLauri Nevala
 
Running Docker in Production - The Good, the Bad and The Ugly
Running Docker in Production - The Good, the Bad and The UglyRunning Docker in Production - The Good, the Bad and The Ugly
Running Docker in Production - The Good, the Bad and The UglyKontena, Inc.
 
Nebulaworks Docker Overview 09-22-2015
Nebulaworks Docker Overview 09-22-2015Nebulaworks Docker Overview 09-22-2015
Nebulaworks Docker Overview 09-22-2015Chris Ciborowski
 
Deep Dive into Openstack Storage, Sean Cohen, Red Hat
Deep Dive into Openstack Storage, Sean Cohen, Red HatDeep Dive into Openstack Storage, Sean Cohen, Red Hat
Deep Dive into Openstack Storage, Sean Cohen, Red HatCloud Native Day Tel Aviv
 
Docker Online Meetup: Infrakit update and Q&A
Docker Online Meetup: Infrakit update and Q&ADocker Online Meetup: Infrakit update and Q&A
Docker Online Meetup: Infrakit update and Q&ADocker, Inc.
 
Orchestrating Linux Containers while tolerating failures
Orchestrating Linux Containers while tolerating failuresOrchestrating Linux Containers while tolerating failures
Orchestrating Linux Containers while tolerating failuresDocker, Inc.
 
Dev with Docker WCPHX 2019
Dev with Docker WCPHX 2019Dev with Docker WCPHX 2019
Dev with Docker WCPHX 2019Maura Teal
 
Practical Design Patterns in Docker Networking
Practical Design Patterns in Docker NetworkingPractical Design Patterns in Docker Networking
Practical Design Patterns in Docker NetworkingDocker, Inc.
 
Container Orchestration Integration: OpenStack Kuryr
Container Orchestration Integration: OpenStack KuryrContainer Orchestration Integration: OpenStack Kuryr
Container Orchestration Integration: OpenStack KuryrTaku Fukushima
 
Cloudfoundry Overview
Cloudfoundry OverviewCloudfoundry Overview
Cloudfoundry Overviewrajdeep
 
Open stack solidfire-mavenspire-meetup
Open stack solidfire-mavenspire-meetupOpen stack solidfire-mavenspire-meetup
Open stack solidfire-mavenspire-meetupGene Dubensky
 
Monitoring Dell Infrastructure using Docker & Microservices
Monitoring Dell Infrastructure using Docker & MicroservicesMonitoring Dell Infrastructure using Docker & Microservices
Monitoring Dell Infrastructure using Docker & MicroservicesAjeet Singh Raina
 
Architecture Overview: Kubernetes with Red Hat Enterprise Linux 7.1
Architecture Overview: Kubernetes with Red Hat Enterprise Linux 7.1Architecture Overview: Kubernetes with Red Hat Enterprise Linux 7.1
Architecture Overview: Kubernetes with Red Hat Enterprise Linux 7.1Etsuji Nakai
 
Scaling Microservices with Kubernetes
Scaling Microservices with KubernetesScaling Microservices with Kubernetes
Scaling Microservices with KubernetesDeivid Hahn Fração
 
ContainerDayVietnam2016: Containers with OpenStack
ContainerDayVietnam2016: Containers with OpenStackContainerDayVietnam2016: Containers with OpenStack
ContainerDayVietnam2016: Containers with OpenStackDocker-Hanoi
 
Service Discovery & Load-Balancing under Docker 1.12.0 @ Docker Meetup #22
Service Discovery & Load-Balancing under Docker 1.12.0 @ Docker Meetup #22Service Discovery & Load-Balancing under Docker 1.12.0 @ Docker Meetup #22
Service Discovery & Load-Balancing under Docker 1.12.0 @ Docker Meetup #22Ajeet Singh Raina
 

What's hot (20)

Beginners Guide to Kontena
Beginners Guide to KontenaBeginners Guide to Kontena
Beginners Guide to Kontena
 
Running Docker in Production - The Good, the Bad and The Ugly
Running Docker in Production - The Good, the Bad and The UglyRunning Docker in Production - The Good, the Bad and The Ugly
Running Docker in Production - The Good, the Bad and The Ugly
 
OpenStack Storage Overview
OpenStack Storage OverviewOpenStack Storage Overview
OpenStack Storage Overview
 
Nebulaworks Docker Overview 09-22-2015
Nebulaworks Docker Overview 09-22-2015Nebulaworks Docker Overview 09-22-2015
Nebulaworks Docker Overview 09-22-2015
 
Deep Dive into Openstack Storage, Sean Cohen, Red Hat
Deep Dive into Openstack Storage, Sean Cohen, Red HatDeep Dive into Openstack Storage, Sean Cohen, Red Hat
Deep Dive into Openstack Storage, Sean Cohen, Red Hat
 
Docker Online Meetup: Infrakit update and Q&A
Docker Online Meetup: Infrakit update and Q&ADocker Online Meetup: Infrakit update and Q&A
Docker Online Meetup: Infrakit update and Q&A
 
Orchestrating Linux Containers while tolerating failures
Orchestrating Linux Containers while tolerating failuresOrchestrating Linux Containers while tolerating failures
Orchestrating Linux Containers while tolerating failures
 
What's New in Docker 1.12?
What's New in Docker 1.12?What's New in Docker 1.12?
What's New in Docker 1.12?
 
OpenStack Cinder
OpenStack CinderOpenStack Cinder
OpenStack Cinder
 
Demystifying puppet
Demystifying puppetDemystifying puppet
Demystifying puppet
 
Dev with Docker WCPHX 2019
Dev with Docker WCPHX 2019Dev with Docker WCPHX 2019
Dev with Docker WCPHX 2019
 
Practical Design Patterns in Docker Networking
Practical Design Patterns in Docker NetworkingPractical Design Patterns in Docker Networking
Practical Design Patterns in Docker Networking
 
Container Orchestration Integration: OpenStack Kuryr
Container Orchestration Integration: OpenStack KuryrContainer Orchestration Integration: OpenStack Kuryr
Container Orchestration Integration: OpenStack Kuryr
 
Cloudfoundry Overview
Cloudfoundry OverviewCloudfoundry Overview
Cloudfoundry Overview
 
Open stack solidfire-mavenspire-meetup
Open stack solidfire-mavenspire-meetupOpen stack solidfire-mavenspire-meetup
Open stack solidfire-mavenspire-meetup
 
Monitoring Dell Infrastructure using Docker & Microservices
Monitoring Dell Infrastructure using Docker & MicroservicesMonitoring Dell Infrastructure using Docker & Microservices
Monitoring Dell Infrastructure using Docker & Microservices
 
Architecture Overview: Kubernetes with Red Hat Enterprise Linux 7.1
Architecture Overview: Kubernetes with Red Hat Enterprise Linux 7.1Architecture Overview: Kubernetes with Red Hat Enterprise Linux 7.1
Architecture Overview: Kubernetes with Red Hat Enterprise Linux 7.1
 
Scaling Microservices with Kubernetes
Scaling Microservices with KubernetesScaling Microservices with Kubernetes
Scaling Microservices with Kubernetes
 
ContainerDayVietnam2016: Containers with OpenStack
ContainerDayVietnam2016: Containers with OpenStackContainerDayVietnam2016: Containers with OpenStack
ContainerDayVietnam2016: Containers with OpenStack
 
Service Discovery & Load-Balancing under Docker 1.12.0 @ Docker Meetup #22
Service Discovery & Load-Balancing under Docker 1.12.0 @ Docker Meetup #22Service Discovery & Load-Balancing under Docker 1.12.0 @ Docker Meetup #22
Service Discovery & Load-Balancing under Docker 1.12.0 @ Docker Meetup #22
 

Viewers also liked

Emilio Chinea - Resume 04.23.15
Emilio Chinea - Resume 04.23.15Emilio Chinea - Resume 04.23.15
Emilio Chinea - Resume 04.23.15Emilio Chinea
 
Beginners Guide To Kontena
Beginners Guide To KontenaBeginners Guide To Kontena
Beginners Guide To KontenaKontena, Inc.
 
The 12 Factor App
The 12 Factor AppThe 12 Factor App
The 12 Factor Apprudiyardley
 
Container Orchestration Wars (Micro Edition)
Container Orchestration Wars (Micro Edition)Container Orchestration Wars (Micro Edition)
Container Orchestration Wars (Micro Edition)Karl Isenberg
 
Drone.io のご紹介
Drone.io のご紹介Drone.io のご紹介
Drone.io のご紹介Uchio Kondo
 
Achieving CI/CD with Kubernetes
Achieving CI/CD with KubernetesAchieving CI/CD with Kubernetes
Achieving CI/CD with KubernetesRamit Surana
 
Anatomy of a Continuous Integration and Delivery (CICD) Pipeline
Anatomy of a Continuous Integration and Delivery (CICD) PipelineAnatomy of a Continuous Integration and Delivery (CICD) Pipeline
Anatomy of a Continuous Integration and Delivery (CICD) PipelineRobert McDermott
 
Présentation CoreOS
Présentation CoreOSPrésentation CoreOS
Présentation CoreOSgcatt
 

Viewers also liked (8)

Emilio Chinea - Resume 04.23.15
Emilio Chinea - Resume 04.23.15Emilio Chinea - Resume 04.23.15
Emilio Chinea - Resume 04.23.15
 
Beginners Guide To Kontena
Beginners Guide To KontenaBeginners Guide To Kontena
Beginners Guide To Kontena
 
The 12 Factor App
The 12 Factor AppThe 12 Factor App
The 12 Factor App
 
Container Orchestration Wars (Micro Edition)
Container Orchestration Wars (Micro Edition)Container Orchestration Wars (Micro Edition)
Container Orchestration Wars (Micro Edition)
 
Drone.io のご紹介
Drone.io のご紹介Drone.io のご紹介
Drone.io のご紹介
 
Achieving CI/CD with Kubernetes
Achieving CI/CD with KubernetesAchieving CI/CD with Kubernetes
Achieving CI/CD with Kubernetes
 
Anatomy of a Continuous Integration and Delivery (CICD) Pipeline
Anatomy of a Continuous Integration and Delivery (CICD) PipelineAnatomy of a Continuous Integration and Delivery (CICD) Pipeline
Anatomy of a Continuous Integration and Delivery (CICD) Pipeline
 
Présentation CoreOS
Présentation CoreOSPrésentation CoreOS
Présentation CoreOS
 

Similar to CoreOS Battle Stories

Continuous Delivery of Containers with Drone & Kontena
Continuous Delivery of Containers with Drone & KontenaContinuous Delivery of Containers with Drone & Kontena
Continuous Delivery of Containers with Drone & KontenaJussi Nummelin
 
DevOps Unleashed: Strategies that Speed Deployments
DevOps Unleashed: Strategies that Speed DeploymentsDevOps Unleashed: Strategies that Speed Deployments
DevOps Unleashed: Strategies that Speed DeploymentsForgeRock
 
NYC Identity Summit Tech Day: ForgeRock DevOps/Cloud Strategy
NYC Identity Summit Tech Day: ForgeRock DevOps/Cloud StrategyNYC Identity Summit Tech Day: ForgeRock DevOps/Cloud Strategy
NYC Identity Summit Tech Day: ForgeRock DevOps/Cloud StrategyForgeRock
 
Kontena@Berlin OpenSource MeetUp
Kontena@Berlin OpenSource MeetUpKontena@Berlin OpenSource MeetUp
Kontena@Berlin OpenSource MeetUpJussi Nummelin
 
Running and Scaling Docker Containers with Kontena
Running and Scaling Docker Containers with KontenaRunning and Scaling Docker Containers with Kontena
Running and Scaling Docker Containers with KontenaJussi Nummelin
 
CI/CD with AWS Code Services
CI/CD with AWS Code ServicesCI/CD with AWS Code Services
CI/CD with AWS Code ServicesPulkit Gupta
 
The Developer Friendly Container & Micro Services Platform
The Developer Friendly Container & Micro Services PlatformThe Developer Friendly Container & Micro Services Platform
The Developer Friendly Container & Micro Services PlatformExove
 
The Perils and Triumphs of using Cassandra at a .NET/Microsoft Shop
The Perils and Triumphs of using Cassandra at a .NET/Microsoft ShopThe Perils and Triumphs of using Cassandra at a .NET/Microsoft Shop
The Perils and Triumphs of using Cassandra at a .NET/Microsoft ShopJeff Smoley
 
C* Summit 2013: The Perils and Triumphs of using Cassandra at a .NET/Microsof...
C* Summit 2013: The Perils and Triumphs of using Cassandra at a .NET/Microsof...C* Summit 2013: The Perils and Triumphs of using Cassandra at a .NET/Microsof...
C* Summit 2013: The Perils and Triumphs of using Cassandra at a .NET/Microsof...DataStax Academy
 
Introducing LinuxKit
Introducing LinuxKitIntroducing LinuxKit
Introducing LinuxKitDocker, Inc.
 
Private cloud cloud-phoenix-april-2014
Private cloud cloud-phoenix-april-2014Private cloud cloud-phoenix-april-2014
Private cloud cloud-phoenix-april-2014Miguel Zuniga
 
Docker San Diego 2015-03-25
Docker San Diego 2015-03-25Docker San Diego 2015-03-25
Docker San Diego 2015-03-25Casey Bisson
 
Optimizing Cloud Foundry and OpenStack for large scale deployments
Optimizing Cloud Foundry and OpenStack for large scale deploymentsOptimizing Cloud Foundry and OpenStack for large scale deployments
Optimizing Cloud Foundry and OpenStack for large scale deploymentsAnimesh Singh
 
Building the Glue for Service Discovery & Load Balancing Microservices
Building the Glue for Service Discovery & Load Balancing MicroservicesBuilding the Glue for Service Discovery & Load Balancing Microservices
Building the Glue for Service Discovery & Load Balancing MicroservicesSargun Dhillon
 
Triton + Docker, July 2015
Triton + Docker, July 2015Triton + Docker, July 2015
Triton + Docker, July 2015Casey Bisson
 
Inside Triton, July 2015
Inside Triton, July 2015Inside Triton, July 2015
Inside Triton, July 2015Casey Bisson
 
Mesos swam-kubernetes-vds-02062017
Mesos swam-kubernetes-vds-02062017Mesos swam-kubernetes-vds-02062017
Mesos swam-kubernetes-vds-02062017Christophe Furmaniak
 
State of the Container Ecosystem
State of the Container EcosystemState of the Container Ecosystem
State of the Container EcosystemVinay Rao
 
Ecosystem Projects for Data Management Challenges: Cinder
Ecosystem Projects for Data Management Challenges: CinderEcosystem Projects for Data Management Challenges: Cinder
Ecosystem Projects for Data Management Challenges: CinderBrian Rosmaita
 
Rami Sayar - Node microservices with Docker
Rami Sayar - Node microservices with DockerRami Sayar - Node microservices with Docker
Rami Sayar - Node microservices with DockerWeb à Québec
 

Similar to CoreOS Battle Stories (20)

Continuous Delivery of Containers with Drone & Kontena
Continuous Delivery of Containers with Drone & KontenaContinuous Delivery of Containers with Drone & Kontena
Continuous Delivery of Containers with Drone & Kontena
 
DevOps Unleashed: Strategies that Speed Deployments
DevOps Unleashed: Strategies that Speed DeploymentsDevOps Unleashed: Strategies that Speed Deployments
DevOps Unleashed: Strategies that Speed Deployments
 
NYC Identity Summit Tech Day: ForgeRock DevOps/Cloud Strategy
NYC Identity Summit Tech Day: ForgeRock DevOps/Cloud StrategyNYC Identity Summit Tech Day: ForgeRock DevOps/Cloud Strategy
NYC Identity Summit Tech Day: ForgeRock DevOps/Cloud Strategy
 
Kontena@Berlin OpenSource MeetUp
Kontena@Berlin OpenSource MeetUpKontena@Berlin OpenSource MeetUp
Kontena@Berlin OpenSource MeetUp
 
Running and Scaling Docker Containers with Kontena
Running and Scaling Docker Containers with KontenaRunning and Scaling Docker Containers with Kontena
Running and Scaling Docker Containers with Kontena
 
CI/CD with AWS Code Services
CI/CD with AWS Code ServicesCI/CD with AWS Code Services
CI/CD with AWS Code Services
 
The Developer Friendly Container & Micro Services Platform
The Developer Friendly Container & Micro Services PlatformThe Developer Friendly Container & Micro Services Platform
The Developer Friendly Container & Micro Services Platform
 
The Perils and Triumphs of using Cassandra at a .NET/Microsoft Shop
The Perils and Triumphs of using Cassandra at a .NET/Microsoft ShopThe Perils and Triumphs of using Cassandra at a .NET/Microsoft Shop
The Perils and Triumphs of using Cassandra at a .NET/Microsoft Shop
 
C* Summit 2013: The Perils and Triumphs of using Cassandra at a .NET/Microsof...
C* Summit 2013: The Perils and Triumphs of using Cassandra at a .NET/Microsof...C* Summit 2013: The Perils and Triumphs of using Cassandra at a .NET/Microsof...
C* Summit 2013: The Perils and Triumphs of using Cassandra at a .NET/Microsof...
 
Introducing LinuxKit
Introducing LinuxKitIntroducing LinuxKit
Introducing LinuxKit
 
Private cloud cloud-phoenix-april-2014
Private cloud cloud-phoenix-april-2014Private cloud cloud-phoenix-april-2014
Private cloud cloud-phoenix-april-2014
 
Docker San Diego 2015-03-25
Docker San Diego 2015-03-25Docker San Diego 2015-03-25
Docker San Diego 2015-03-25
 
Optimizing Cloud Foundry and OpenStack for large scale deployments
Optimizing Cloud Foundry and OpenStack for large scale deploymentsOptimizing Cloud Foundry and OpenStack for large scale deployments
Optimizing Cloud Foundry and OpenStack for large scale deployments
 
Building the Glue for Service Discovery & Load Balancing Microservices
Building the Glue for Service Discovery & Load Balancing MicroservicesBuilding the Glue for Service Discovery & Load Balancing Microservices
Building the Glue for Service Discovery & Load Balancing Microservices
 
Triton + Docker, July 2015
Triton + Docker, July 2015Triton + Docker, July 2015
Triton + Docker, July 2015
 
Inside Triton, July 2015
Inside Triton, July 2015Inside Triton, July 2015
Inside Triton, July 2015
 
Mesos swam-kubernetes-vds-02062017
Mesos swam-kubernetes-vds-02062017Mesos swam-kubernetes-vds-02062017
Mesos swam-kubernetes-vds-02062017
 
State of the Container Ecosystem
State of the Container EcosystemState of the Container Ecosystem
State of the Container Ecosystem
 
Ecosystem Projects for Data Management Challenges: Cinder
Ecosystem Projects for Data Management Challenges: CinderEcosystem Projects for Data Management Challenges: Cinder
Ecosystem Projects for Data Management Challenges: Cinder
 
Rami Sayar - Node microservices with Docker
Rami Sayar - Node microservices with DockerRami Sayar - Node microservices with Docker
Rami Sayar - Node microservices with Docker
 

Recently uploaded

Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...AliaaTarek5
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 

Recently uploaded (20)

Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 

CoreOS Battle Stories

  • 1. CoreOS Battle Stories Jari Kolehmainen, Founder
  • 3. © 2015 Kontena, Inc. What is Kontena? Open Source container platform built to maximize developer happiness. Works on any cloud, easy to setup, simple to use.
  • 4. How does it work? Kontena Grid A number of physical or virtual machines – Kontena Nodes – create a Kontena Grid. The nodes may be located anywhere; in single data center, different AZs or different cloud providers. Overlay Network Kontena will automatically create an overlay network powered by Weave and connect all nodes of a Grid. Overlay network enable services to communicate with each other in multi-host, multi-AZ environment. Service Discovery Kontena has a built-in service discovery powered by etcd. It is used to automatically assign DNS addresses for any services running in Kontena. It is also used by Kontena’s load balancer for zero-downtime operation. Orchestration Kontena’s orchestrator is distributing, running and monitoring all Kontena Services in a Grid. Services may be stateless or stateful, and they are automatically distributed across Nodes in a Grid. Containerized Workloads With Kontena, all containerized workloads are described as Services. Kontena Service is composed of containers based on the same image file. Services may be scaled and linked together to create complex elastic apps. OS Docker Kontena Nodes & Agent Kontena Agent may be installed to any machine capable of running Docker. It is running as a privileged container in a machine. Kontena Master Kontena Master is orchestrating the entire Kontena system. It provides APIs used by Kontena CLI, Web UI and third party integrations. Kontena Master may be installed as high-availability setup if needed.
  • 6. © 2016 Kontena, Inc. Perfect OS: Requirements • Minimal footprint • Container native • Zero maintenance • Stable • Secure
  • 7. © 2016 Kontena, Inc. Why Container OS? • Our expectation from an OS has changed • “Pets vs Cattle” • Maintaining the system should be easy • It needs to be more secure than traditional OS
  • 9. © 2016 Kontena, Inc. Choices (Back Then) • Boot2Docker • CoreOS • Project Atomic • DIY (not an option, really)
  • 10. © 2016 Kontena, Inc. Boot2Docker • Based on Tiny Core Linux • Small (24MB download, 5s to boot) • No automatic updates • Not recommended for production use
  • 11. © 2016 Kontena, Inc. CoreOS • Based on Gentoo • Minimal (~100MB) • Designed for containers • Focus on security and stability • Automatic updates
  • 12. © 2016 Kontena, Inc. Project Atomic • Not a new Linux distribution • Framework to create on OS from RHEL, CentOS and Fedora • Designed for containers • Focus on security and stability
  • 14. Is not just an OS…
  • 15. © 2016 Kontena, Inc. CoreOS Project • etcd • rkt • fleet • locksmith • flannel • many more…
  • 16. © 2016 Kontena, Inc. CoreOS Host
  • 18. © 2016 Kontena, Inc. Kontena Provisioning Goals • single command that “just works” • register host to etcd cluster • register host to Kontena Grid • should work on any infrastructure
  • 19. © 2016 Kontena, Inc. CoreOS Problems • configuration management • etcd cluster / discovery • etcd security • coordinated auto-updates
  • 20. © 2016 Kontena, Inc. CoreOS & Configuration Management • Chef • Puppet • Ansible • Saltstack • ??
  • 21.
  • 23. © 2016 Kontena, Inc. Bootstrapping with CloudInit • de-facto way to initialize cloud instances • integrated to CoreOS • only sane way to bootstrap
  • 24. etcd
  • 25. © 2016 Kontena, Inc. Etcd: The Hard Parts • discovery • security (tls certificates) • central services vs workers • maintenance
  • 26.
  • 27. © 2016 Kontena, Inc. Initial Implementation • run etcd inside a container • bind etcd only to localhost & overlay network • use public discovery service
  • 28.
  • 29. © 2016 Kontena, Inc. Etcd: Current Implementation • run etcd inside a container • bind etcd only to localhost & overlay network • master coordicates etcd discovery • static ip’s
  • 30. © 2016 Kontena, Inc. Etcd: Future Improvements • automatic failover with magic • support for external etcd cluster • compose.io
  • 32. © 2016 Kontena, Inc. Automatic Updates • several update strategies • best-effort, etcd-lock, reboot, off • our pick: best-effort • if etcd is running, locksmith coordinates the reboots • otherwise just reboot once update is available
  • 33. © 2016 Kontena, Inc. Automatic Updates • chaos monkey for free! • updates also kontena-agent • works like a charm
  • 35. © 2016 Kontena, Inc. Overlay Network Options • Flannel by CoreOS • Weave Net by Weaveworks • Calico • Docker Overlay Network • Most likely you need one of these
  • 36. © 2016 Kontena, Inc. Flannel • bundled with CoreOS • depends on working etcd • has multiple backends to choose from
  • 37. © 2016 Kontena, Inc. Weave Net • simple setup • optional encryption • multicast, multi-hop, fast datapath • dns • requires “some” external coordination • needs information about other peers
  • 38. © 2016 Kontena, Inc. Our Pick: Weave Net • can start before etcd • makes it possible to expose etcd only to overlay net • secure communication between nodes • not dependant on infrastructure features • easy-ish to orchestrate • “just works”
  • 39. Demo!
  • 41. © 2016 Kontena, Inc. CoreOS Summary • the “OS” part is currently best option for containers • etcd is a must, but a little hard to handle • pick orchestrator that hides all the complexities • automate everything