Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .
More Tips and Tricks for
Running Containers like a Pro
February 28, 20...
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .
Shannon Williams
Co-Founder/VP Sales
@smw355
1
Darren Shepherd
Co-Foun...
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .
Rajashree
Mandaogane
Software Engineer
Rancher Labs
@rajashree_28
2 #r...
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .
Sidhartha Mani
Software Engineer
Rancher Labs
@utter_babbage
3 #ranche...
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .
First things first…
This is a not a !
4 #ranchermeetup
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .5
There are rules for a meetup!
• We won’t be done on time
• Questions ...
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .6
Join the conversation on Twitter
#ranchermeetup
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .
Agenda
• Integrated Secrets Management – Bill
• Autoscaling with Ranch...
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .
Rancher Labs
8 #ranchermeetup
An open-source software platform for
man...
© 2017 Rancher Labs, Inc.
A complete container management
platform that makes it easy to…
9
INNOVATE WITH CONTAINERS
witho...
© 2017 Rancher Labs, Inc.
Complete
Container
Management
Platform
10
Application Catalog
Container Orchestration and Schedu...
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .#ranchermeetup
Tips, Tricks
and Tools for
Running
Containers
Like a Pro
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .12
https://youtu.be/ZovLwCvb2Is
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .
Integrated Secrets Management
13
© 2017 Rancher Labs, Inc.
New Components
© 2017 Rancher Labs, Inc.
Secrets Creation Flow
© 2017 Rancher Labs, Inc.
Secret Container Flow
© 2017 Rancher Labs, Inc.
 Lock down the local key at rest.
 Vault:
 Support storing secrets in Vault secrets backend.
...
© 2017 Rancher Labs, Inc.
 Docs:
http://docs.rancher.com/rancher/v1.4/en/cattle/s
ecrets/
 Repos:
 Github.com/rancher/s...
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .19
Demo
#ranchermeetup
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .
Scaling in Rancher with Webhooks
20
• Scaling of services
• Scaling of...
© 2017 Rancher Labs, Inc.
Autoscaling using webhooks
• Create webhooks for scaling up/down a service
• Configure an extern...
© 2017 Rancher Labs, Inc.
Webhooks for service upgrade
• Add receiver hook to use as a Docker Hub
webhook for an image
• W...
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .23
Demo
#ranchermeetup
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .
Hands on with Træfik
24
• Træfik is a modern HTTP
reverse proxy and lo...
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .
Architecture
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .
Internal Logic
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .
Static config
# traefik.toml
logLevel = "INFO"
traefikLogsFile = "/opt...
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .
Dynamic config
[backends]
[backends.web-test__webtest]
[backends.web-t...
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .
Catalog
- Admin ui
- http and https ports
- Deploy by host label
- htt...
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .
Catalog
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .
Service labels
- traefik.enable = <true | stack | false>
- true: the s...
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .32
Demo
#ranchermeetup
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .
Using the Kubernetes Dashboard and Helm
33
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .
Kubernetes Dashboard
• Web based Kubernetes control UI
• Deploy applic...
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .
Kubernetes Helm
• Package manager for Kubernetes
• Supports private re...
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .36
Demo
#ranchermeetup
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .
Latest Release
37
Rancher 1.4 – February 4, 2017
Key Features:
- Kuber...
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .
Next Releases
38
Rancher 1.5 – Early March
Key features:
- Catalog Enh...
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .
Getting Started
Rancher and RancherOS are in GitHub – Get Involved!
39...
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .
Even better - try.rancher.com…
40
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .
Then join a free training class…
41
http://rancher.com/training
© 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .
Thank you
rancher.com
#ranchermeetup
Prochain SlideShare
Chargement dans…5
×

More tips and tricks for running containers like a pro - Rancher Online MEetup - February 2017

1 849 vues

Publié le

Whether you’re a longtime container user, or entirely new to Docker, it’s never too late to pick up more tips and tricks for running containers in production. In the February 2017 online Rancher meetup, we covered four topics useful for anyone managing containers and infrastructure at scale.

- Autoscaling Docker containers and infrastructure with webhooks in Rancher
- Secrets Management with Rancher and Vault
- Getting the most out of containers and the Traefik load balancer
- Launching applications with Kubernetes Dashboard and Helm

You can find a recording of the meetup at: http://rancher.com/event/february-2017-online-meetup/

Publié dans : Technologie
  • Soyez le premier à commenter

More tips and tricks for running containers like a pro - Rancher Online MEetup - February 2017

  1. 1. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc . More Tips and Tricks for Running Containers like a Pro February 28, 2017 #ranchermeetup
  2. 2. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc . Shannon Williams Co-Founder/VP Sales @smw355 1 Darren Shepherd Co-Founder/Chief Architect @ibuildthecloud Freenode: darren0 #ranchermeetup
  3. 3. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc . Rajashree Mandaogane Software Engineer Rancher Labs @rajashree_28 2 #ranchermeetup Bill Maxwell Sr. Devops Lead Rancher Labs @cloudnautique
  4. 4. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc . Sidhartha Mani Software Engineer Rancher Labs @utter_babbage 3 #ranchermeetup Raul Sanchez Sr. Field Engineer Rancher Labs @rawmindNet
  5. 5. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc . First things first… This is a not a ! 4 #ranchermeetup
  6. 6. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .5 There are rules for a meetup! • We won’t be done on time • Questions are always welcome • Demo, then demo some more • Things will break, be patient #ranchermeetup
  7. 7. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .6 Join the conversation on Twitter #ranchermeetup
  8. 8. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc . Agenda • Integrated Secrets Management – Bill • Autoscaling with Rancher webhooks – Rajashree • Hand-on with Traefik – Raul • Using the Kubernetes Dashboard and Helm – Sidhartha • Latest Releases – Darren 7 #ranchermeetup
  9. 9. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc . Rancher Labs 8 #ranchermeetup An open-source software platform for managing containers A minimalist OS built explicitly to run Docker
  10. 10. © 2017 Rancher Labs, Inc. A complete container management platform that makes it easy to… 9 INNOVATE WITH CONTAINERS without compromising flexibility by empowering developers with fast access to the latest tools MANAGE APPLICATIONS by simplifying day to day application lifecycle management RUN CONTAINERS with the most complete set of container and infrastructure management capabilities Production ready ✔ 20 million+ downloads ✔ Open platform for innovating ✔ Easy to use interface ✔ Multi-tenant ✔ Role based access ✔ 24X7 support ✔ And more….
  11. 11. © 2017 Rancher Labs, Inc. Complete Container Management Platform 10 Application Catalog Container Orchestration and SchedulingUser Mgmt RBAC AD/LDAP SAML Ops Mgmt CI/CD Registries Monitoring Networking Multi-tenant Environments Environment 1 Environment N Infrastructure Services Storage ……. ..Environment 2 Security DNS/LB
  12. 12. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .#ranchermeetup Tips, Tricks and Tools for Running Containers Like a Pro
  13. 13. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .12 https://youtu.be/ZovLwCvb2Is
  14. 14. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc . Integrated Secrets Management 13
  15. 15. © 2017 Rancher Labs, Inc. New Components
  16. 16. © 2017 Rancher Labs, Inc. Secrets Creation Flow
  17. 17. © 2017 Rancher Labs, Inc. Secret Container Flow
  18. 18. © 2017 Rancher Labs, Inc.  Lock down the local key at rest.  Vault:  Support storing secrets in Vault secrets backend.  Long Term improvements  Signing Public Keys  Create and deploy Vault tokens. Road to GA
  19. 19. © 2017 Rancher Labs, Inc.  Docs: http://docs.rancher.com/rancher/v1.4/en/cattle/s ecrets/  Repos:  Github.com/rancher/secrets-api  Github.com/rancher/secrets-flexvol  Resources
  20. 20. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .19 Demo #ranchermeetup
  21. 21. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc . Scaling in Rancher with Webhooks 20 • Scaling of services • Scaling of hosts • Upgrading services based on Docker Hub webhooks
  22. 22. © 2017 Rancher Labs, Inc. Autoscaling using webhooks • Create webhooks for scaling up/down a service • Configure an external service to monitor it, example Prometheus • Prometheus raises alerts and triggers configured webhooks • Webhook-service handles scaling
  23. 23. © 2017 Rancher Labs, Inc. Webhooks for service upgrade • Add receiver hook to use as a Docker Hub webhook for an image • When any tag of the image is pushed, webhook is triggered • Webhook-service upgrades all services based on service selectors used while creating receiver hook
  24. 24. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .23 Demo #ranchermeetup
  25. 25. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc . Hands on with Træfik 24 • Træfik is a modern HTTP reverse proxy and load balancer made to deploy microservices with ease
  26. 26. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc . Architecture
  27. 27. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc . Internal Logic
  28. 28. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc . Static config # traefik.toml logLevel = "INFO" traefikLogsFile = "/opt/traefik/log/traefik.log" accessLogsFile = "/opt/traefik/log/access.log" defaultEntryPoints = ["http", "https"] [entryPoints] [entryPoints.http] address = ":8080" [entryPoints.https] address = ":8443" [entryPoints.https.tls] [[entryPoints.https.tls.certificates]] certFile = "/opt/traefik/certs/traefik.crt" keyFile = "/opt/traefik/certs/traefik.key" [web] address = ":8000" [file] filename = "/opt/traefik/etc/rules.toml" watch = true
  29. 29. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc . Dynamic config [backends] [backends.web-test__webtest] [backends.web-test__webtest.circuitbreaker] expression = "NetworkErrorRatio() > 0.5" [backends.web-test__webtest.LoadBalancer] method = "drr" [backends.web-test__webtest.servers.webtest-web-test-1] url = "http://10.42.115.5:8080" weight = 0 [backends.web-test__webtest.servers.webtest-web-test-2] url = "http://10.42.90.235:8080" weight = 0 [backends.web-test__webtest.servers.webtest-web-test-3] url = "http://10.42.251.194:8080" weight = 0 [frontends] [frontends.web-test__webtest] backend = "web-test__webtest" passHostHeader = true priority = 5 [frontends.web-test__webtest.routes.service] rule = "Host:webtest.local,test2.local,test3.local;"
  30. 30. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc . Catalog - Admin ui - http and https ports - Deploy by host label - https and sticky bit support - Letsencrypt (ACME) support - Autoconfig by services labels TODO - Rancher internal certs and sni - Real time backend update and traefik built in support https://github.com/containous/traefik/pull/1173 Will be included in traefik release v1.2.0-rc2
  31. 31. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc . Catalog
  32. 32. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc . Service labels - traefik.enable = <true | stack | false> - true: the service will be published as *service_name.stack_name.traefik_domain* - stack: the service will be published as *stack_name.domain*. WARNING of collisions - false: the service will not be published - traefik.priority = <priority> # Override for frontend priority. 5 by default - traefik.protocol = <http | https> # Override the default http protocol - traefik.sticky = <true | false> # Enable/disable sticky sessions to the backend - traefik.alias = <alias> # Alternate names to route rule. traefik.domain is appended - traefik.alias.fqdn = < alias fqdn > # Alternate names to route rule. traefik.domain is not appended. - traefik.domain = < domain.name > # Domain names to route rules. Multiple domains separated by "," - traefik.domain.regexp = < domain.regexp > # Domain name regexp rule. Multiple domains separated by "," - traefik.port = <port> # port to expose throught traefik - traefik.acme = < true | false > # Enable/disable ACME traefik feature - traefik.path = < path > # Path rule. Multiple values separated by "," - traefik.path.strip = < path > # Path strip rule. Multiple values separated by "," - traefik.path.prefix = < path > # Path prefix rule. Multiple values separated by "," - traefik.path.prefix.strip = < path > # Path prefix strip rule. Multiple values separated by "," WARNING: Only services with healthy state are added to traefik, so health checks are mandatory.
  33. 33. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .32 Demo #ranchermeetup
  34. 34. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc . Using the Kubernetes Dashboard and Helm 33
  35. 35. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc . Kubernetes Dashboard • Web based Kubernetes control UI • Deploy applications • Provides overview of various Kubernetes resources • Provides a log viewer for easy debugging 34 #ranchermeetup
  36. 36. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc . Kubernetes Helm • Package manager for Kubernetes • Supports private repositories • Search for packages • Configure and Install packages • Delete packages 35 #ranchermeetup
  37. 37. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc .36 Demo #ranchermeetup
  38. 38. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc . Latest Release 37 Rancher 1.4 – February 4, 2017 Key Features: - Kubernetes Dashboard & Helm - Webhooks - Network Policies - Multi-IP Host Scheduling - Secrets Management (Experimental)
  39. 39. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc . Next Releases 38 Rancher 1.5 – Early March Key features: - Catalog Enhancements – Ability to add catalogs per environment - Additional Webhooks – Host scaling, service redeploy - Additional Network Policies – Enhances network policies to support services that are linked - API Interceptor – Admins can now configure pre and post filter hooks into Rancher API requests - Metadata Refactoring – Improvements to allow increased environment scaling
  40. 40. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc . Getting Started Rancher and RancherOS are in GitHub – Get Involved! 39 #ranchermeetup http://github.com/rancher
  41. 41. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc . Even better - try.rancher.com… 40
  42. 42. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc . Then join a free training class… 41 http://rancher.com/training
  43. 43. © 2017 Rancher Labs, Inc.© 2017 Rancher Labs, Inc . Thank you rancher.com #ranchermeetup

×