SlideShare une entreprise Scribd logo

Containerization - The DevOps Revolution

Télécharger en tant que PPTX, PDF
Yulian Slobodyan
Yulian Slobodyan
1  sur  30
Containerization: The DevOps Revolution
Why do we need containers?
Shipping Containers • Standardized dimensions • Mechanized handling system • Remote sorting and packing • Remote customs services • Greatly decreases cost and speed of international trade
Software Container is like a VM • Own Process Space • Can run commands • Packages can be installed • Can run services/daemons • Isolated root privileges • Shell access
Software Container is not like a VM • Uses host kernel • Restricted to host OS • Can’t have it’s own kernel modules • Is plain user-space process
VM vs Container
Containers Chronology • 1982 - chroot • 2000 - FreeBSD Jail • 2001 – Linux VServer • 2004 – Solaris Containers • 2007 – HP-UX Containers • 2008 – LXC (Linux Containers) • 2013 - Docker
Linux cgroups (control groups) • Resource limiting • Prioritization • Accounting • Control • Used by • LXC • libvirt • systemd • Docker • Kubernetes • Mesos
Linux namespaces • Isolate and virtualize resources • Every process (group) has its own view of the system • 6 kinds of namespaces: • mnt – mount points • pid – process IDs • net – network stack • ipc – POSIX mq filesystem • uts - hostname • user – users and groups
• Resource Metering and Limiting • CPU and CPUSet • Memory • Network • Block I/O • /dev/* cgroups (control groups):
• Provides containers with their own view of the system • Limits what you can see (and use) • Multiple namespaces: pid, net, mnt, uts, ipc, user Namespace:
• Create new container instantly instead of copying whole system • Storage keeps tracking of what has change (AUFS, ZFS, etc) • Reduces footprint and overhead • Decreases boot time Copy-on-write storage:
• LXC • systemd-nspawn • Docker Engine • rkt/runC • OpenVZ • Jails (FreeBSD), Zones (Solaris) Container Runtimes:
• Uses the same kernel features => Performance will be the same • What matters is: Design Features Ecosystem (e.g. 100.000+ apps in Docker Hub) Support What’s the difference between them?
The Story of Success
Problem & Opportunity • Rapid innovation in computing and application development services • No single service is optimal for all solutions • Customers want to run multiple services in a single cluster and run multiple clusters in Intercloud environment ...to maximize utilization ...to share data between services
Datacenter and solution today VM7 VM8 VM4 VM5 VM6 VM1 VM2 VM3 VM1 VM2 VM2 Visualization Service Data Ingestion Service Analytics Service • Configuration and management of 3 separate clusters • Resources stay idle if service is not active • Need to move data between clusters for each service
What do we want to do? Data Ingestion Service Analytics Service Visualization Service ….to maximize utilization ...to share data between services Shared cluster Multiple clusters
Shared Cluster AWS VM1 VM2 VM3 VM4 VM5
What is in it for customers? Maximize utilization Deliver more services with smaller footprint Shared clusters for all services Easier deployment and management with unified service platform Shared data between services Faster and more competitive services and solutions
How does this work? Mesos Slave Spark Task Executor Mesos Executor Mesos Slave Docker Executor Docker Executor Mesos Master Task #1 Task #2 ./python XYZ java -jar XYZ.jar ./xyz Mesos Master Mesos Master Spark Service Scheduler Marathon Service Scheduler Zookeeper quorum
How does this work? Mesos provides fine grained resource isolation Mesos Slave Process Spark Task Executor Mesos Executor Task #1 Task #2 ./python XYZ Compute Node Executor Container (cgroups)
How does this work? Mesos provides scalability Mesos Slave Process Spark Task Executor Task #1 Task #2 ./ruby XYZ Compute Node Python executor finished, more available resources more Spark Container (cgroups) Task #3 Task #4
How does this work? Mesos has no single point of failure Mesos MasterMesos Master Mesos Master VM1 VM2 VM3 VM4 VM5 Services keep running if VM fails!
How does this work? Master node can failover Mesos MasterMesos Master Mesos Master VM1 VM2 VM3 VM4 VM5 Services keep running if Mesos Master fails!
How does this work? Slave process can failover Tasks keep running if Mesos Slave Process fails! Mesos Slave Process Spark Task Executor Task #1 Task #2 ./ruby XYZ Compute Node Task #3 Task #4
How does this work? Can deploy in many environments Get orchestrated by Openstack, Ansible (scripts), Cloudbreak True Hybrid Cloud deployment: AWS, CIS, UCS, vSphere, other AWS VM5VM1 VM2 VM3 VM4 Terraform REST API (policy, auto- scaling) REST API (direct provisioning) Scripted provisioning
Containers: Service Product Cloud/Virtualization AWS/CIS/vSphere/Metacloud/UCS… Provisioning Terraform Automation Ansible Clustering & Resource Management Mesos, Marathon, Docker Load Balancing Avi Networks ETL & Data Shaping StreamSets Log Data Gathering Logstash Metrics Gathering CollectD, Avi Networks Messaging Kafka, Solace Data Storing (Batch) HDFS Data Storing (OLTP/Real-time) Cassandra Data Storing (Indexing) Elastic search Data Processing Apache Spark Visualization Zoomdata *Subset example
Issues • Service Discovering • Networking for Containers • Persistent Storage • Docker Performance
More Details https://mantl.io

Recommandé

Amazon Cloud Overview
Amazon Cloud OverviewAmazon Cloud Overview
Amazon Cloud OverviewYulian Slobodyan
 
Docker for Ops: Docker Networking Deep Dive, Considerations and Troubleshooti...
Docker for Ops: Docker Networking Deep Dive, Considerations and Troubleshooti...Docker for Ops: Docker Networking Deep Dive, Considerations and Troubleshooti...
Docker for Ops: Docker Networking Deep Dive, Considerations and Troubleshooti...Docker, Inc.
 
Sebastien goasguen cloud stack and docker
Sebastien goasguen cloud stack and dockerSebastien goasguen cloud stack and docker
Sebastien goasguen cloud stack and dockerShapeBlue
 
Sebastien goasguen cloud stack the next year
Sebastien goasguen cloud stack the next yearSebastien goasguen cloud stack the next year
Sebastien goasguen cloud stack the next yearShapeBlue
 
Kubernetes meetup - 2018-05-23
Kubernetes meetup - 2018-05-23Kubernetes meetup - 2018-05-23
Kubernetes meetup - 2018-05-23Ruben Ernst
 
Stateful set in kubernetes implementation & usecases
Stateful set in kubernetes implementation & usecases Stateful set in kubernetes implementation & usecases
Stateful set in kubernetes implementation & usecases Krishna-Kumar
 
Building Micro-Services with Scala
Building Micro-Services with ScalaBuilding Micro-Services with Scala
Building Micro-Services with ScalaYardena Meymann
 
Deploying microservices on AWS
Deploying microservices on AWSDeploying microservices on AWS
Deploying microservices on AWSMichael Haberman
 

Recommandé

Amazon Cloud Overview
Amazon Cloud OverviewAmazon Cloud Overview
Amazon Cloud OverviewYulian Slobodyan
 
Docker for Ops: Docker Networking Deep Dive, Considerations and Troubleshooti...
Docker for Ops: Docker Networking Deep Dive, Considerations and Troubleshooti...Docker for Ops: Docker Networking Deep Dive, Considerations and Troubleshooti...
Docker for Ops: Docker Networking Deep Dive, Considerations and Troubleshooti...Docker, Inc.
 
Sebastien goasguen cloud stack and docker
Sebastien goasguen cloud stack and dockerSebastien goasguen cloud stack and docker
Sebastien goasguen cloud stack and dockerShapeBlue
 
Sebastien goasguen cloud stack the next year
Sebastien goasguen cloud stack the next yearSebastien goasguen cloud stack the next year
Sebastien goasguen cloud stack the next yearShapeBlue
 
Kubernetes meetup - 2018-05-23
Kubernetes meetup - 2018-05-23Kubernetes meetup - 2018-05-23
Kubernetes meetup - 2018-05-23Ruben Ernst
 
Stateful set in kubernetes implementation & usecases
Stateful set in kubernetes implementation & usecases Stateful set in kubernetes implementation & usecases
Stateful set in kubernetes implementation & usecases Krishna-Kumar
 
Building Micro-Services with Scala
Building Micro-Services with ScalaBuilding Micro-Services with Scala
Building Micro-Services with ScalaYardena Meymann
 
Deploying microservices on AWS
Deploying microservices on AWSDeploying microservices on AWS
Deploying microservices on AWSMichael Haberman
 
Serverless
ServerlessServerless
ServerlessDaniel Cottone
 
A brief introduction to CloudFormation
A brief introduction to CloudFormationA brief introduction to CloudFormation
A brief introduction to CloudFormationSWIFTotter Solutions
 
Monitoring, the Prometheus Way - Julius Voltz, Prometheus
Monitoring, the Prometheus Way - Julius Voltz, Prometheus Monitoring, the Prometheus Way - Julius Voltz, Prometheus
Monitoring, the Prometheus Way - Julius Voltz, Prometheus Docker, Inc.
 
AWS Quick Intro
AWS Quick IntroAWS Quick Intro
AWS Quick Introrocketcircus
 
Gdg using docker to streamline development
Gdg using docker to streamline developmentGdg using docker to streamline development
Gdg using docker to streamline developmentTrond Marius Øvstetun
 
ACS & vSphere Draft
ACS & vSphere DraftACS & vSphere Draft
ACS & vSphere DraftAaron Delp
 
Micro services infrastructure with AWS and Ansible
Micro services infrastructure with AWS and AnsibleMicro services infrastructure with AWS and Ansible
Micro services infrastructure with AWS and AnsibleBamdad Dashtban
 
Integrating Puppet with Cloud Infrastructures-Remco Overdijk
Integrating Puppet with Cloud Infrastructures-Remco OverdijkIntegrating Puppet with Cloud Infrastructures-Remco Overdijk
Integrating Puppet with Cloud Infrastructures-Remco OverdijkMaxServ
 
Clouds presentation, aws meetup v2
Clouds presentation, aws meetup v2Clouds presentation, aws meetup v2
Clouds presentation, aws meetup v2Cristian Măgherușan-Stanciu
 
Docker - for all // just a_first date
Docker - for all // just a_first dateDocker - for all // just a_first date
Docker - for all // just a_first dateNicolas Piquot
 
Container Orchestration
Container OrchestrationContainer Orchestration
Container Orchestrationdfilppi
 
(APP309) Running and Monitoring Docker Containers at Scale | AWS re:Invent 2014
(APP309) Running and Monitoring Docker Containers at Scale | AWS re:Invent 2014(APP309) Running and Monitoring Docker Containers at Scale | AWS re:Invent 2014
(APP309) Running and Monitoring Docker Containers at Scale | AWS re:Invent 2014Amazon Web Services
 
Aws Fargate clusterless serverless
Aws Fargate clusterless serverlessAws Fargate clusterless serverless
Aws Fargate clusterless serverlessRodrigo Galba
 
Weaveworks at AWS re:Invent 2016: Operations Management with Amazon ECS
Weaveworks at AWS re:Invent 2016: Operations Management with Amazon ECSWeaveworks at AWS re:Invent 2016: Operations Management with Amazon ECS
Weaveworks at AWS re:Invent 2016: Operations Management with Amazon ECSWeaveworks
 
Cloudsolutionday 2016: DevOps workflow with Docker on AWS
Cloudsolutionday 2016: DevOps workflow with Docker on AWSCloudsolutionday 2016: DevOps workflow with Docker on AWS
Cloudsolutionday 2016: DevOps workflow with Docker on AWSAWS Vietnam Community
 
Docker in the Cloud
Docker in the CloudDocker in the Cloud
Docker in the CloudSascha Möllering
 
Docker on mesos
Docker on mesosDocker on mesos
Docker on mesosBart Spaans
 
Cooking Akka.net and Azure Service Fabric together
Cooking Akka.net and Azure Service Fabric togetherCooking Akka.net and Azure Service Fabric together
Cooking Akka.net and Azure Service Fabric togetherAlessandro Melchiori
 
Intro to Serverless
Intro to ServerlessIntro to Serverless
Intro to ServerlessCliff Chao-kuan Lu
 
vBrownBag @ VMworld - Apache CloudStack (ACS) & vSphere
vBrownBag @ VMworld - Apache CloudStack (ACS) & vSpherevBrownBag @ VMworld - Apache CloudStack (ACS) & vSphere
vBrownBag @ VMworld - Apache CloudStack (ACS) & vSphereAaron Delp
 
Containerization: The DevOps Revolution
Containerization: The DevOps Revolution Containerization: The DevOps Revolution
Containerization: The DevOps Revolution SoftServe
 
SplunkLive Brisbane Splunk for Operational Security Intelligence
SplunkLive Brisbane Splunk for Operational Security IntelligenceSplunkLive Brisbane Splunk for Operational Security Intelligence
SplunkLive Brisbane Splunk for Operational Security IntelligenceSplunk
 

Contenu connexe

Tendances

A brief introduction to CloudFormation
A brief introduction to CloudFormationA brief introduction to CloudFormation
A brief introduction to CloudFormationSWIFTotter Solutions
 
Monitoring, the Prometheus Way - Julius Voltz, Prometheus
Monitoring, the Prometheus Way - Julius Voltz, Prometheus Monitoring, the Prometheus Way - Julius Voltz, Prometheus
Monitoring, the Prometheus Way - Julius Voltz, Prometheus Docker, Inc.
 
Gdg using docker to streamline development
Gdg using docker to streamline developmentGdg using docker to streamline development
Gdg using docker to streamline developmentTrond Marius Øvstetun
 
ACS & vSphere Draft
ACS & vSphere DraftACS & vSphere Draft
ACS & vSphere DraftAaron Delp
 
Micro services infrastructure with AWS and Ansible
Micro services infrastructure with AWS and AnsibleMicro services infrastructure with AWS and Ansible
Micro services infrastructure with AWS and AnsibleBamdad Dashtban
 
Integrating Puppet with Cloud Infrastructures-Remco Overdijk
Integrating Puppet with Cloud Infrastructures-Remco OverdijkIntegrating Puppet with Cloud Infrastructures-Remco Overdijk
Integrating Puppet with Cloud Infrastructures-Remco OverdijkMaxServ
 
Docker - for all // just a_first date
Docker - for all // just a_first dateDocker - for all // just a_first date
Docker - for all // just a_first dateNicolas Piquot
 
Container Orchestration
Container OrchestrationContainer Orchestration
Container Orchestrationdfilppi
 
(APP309) Running and Monitoring Docker Containers at Scale | AWS re:Invent 2014
(APP309) Running and Monitoring Docker Containers at Scale | AWS re:Invent 2014(APP309) Running and Monitoring Docker Containers at Scale | AWS re:Invent 2014
(APP309) Running and Monitoring Docker Containers at Scale | AWS re:Invent 2014Amazon Web Services
 
Aws Fargate clusterless serverless
Aws Fargate clusterless serverlessAws Fargate clusterless serverless
Aws Fargate clusterless serverlessRodrigo Galba
 
Weaveworks at AWS re:Invent 2016: Operations Management with Amazon ECS
Weaveworks at AWS re:Invent 2016: Operations Management with Amazon ECSWeaveworks at AWS re:Invent 2016: Operations Management with Amazon ECS
Weaveworks at AWS re:Invent 2016: Operations Management with Amazon ECSWeaveworks
 
Cloudsolutionday 2016: DevOps workflow with Docker on AWS
Cloudsolutionday 2016: DevOps workflow with Docker on AWSCloudsolutionday 2016: DevOps workflow with Docker on AWS
Cloudsolutionday 2016: DevOps workflow with Docker on AWSAWS Vietnam Community
 
Cooking Akka.net and Azure Service Fabric together
Cooking Akka.net and Azure Service Fabric togetherCooking Akka.net and Azure Service Fabric together
Cooking Akka.net and Azure Service Fabric togetherAlessandro Melchiori
 
vBrownBag @ VMworld - Apache CloudStack (ACS) & vSphere
vBrownBag @ VMworld - Apache CloudStack (ACS) & vSpherevBrownBag @ VMworld - Apache CloudStack (ACS) & vSphere
vBrownBag @ VMworld - Apache CloudStack (ACS) & vSphereAaron Delp
 

Tendances (20)

Serverless
ServerlessServerless
Serverless
 
A brief introduction to CloudFormation
A brief introduction to CloudFormationA brief introduction to CloudFormation
A brief introduction to CloudFormation
 
Monitoring, the Prometheus Way - Julius Voltz, Prometheus
Monitoring, the Prometheus Way - Julius Voltz, Prometheus Monitoring, the Prometheus Way - Julius Voltz, Prometheus
Monitoring, the Prometheus Way - Julius Voltz, Prometheus
 
AWS Quick Intro
AWS Quick IntroAWS Quick Intro
AWS Quick Intro
 
Gdg using docker to streamline development
Gdg using docker to streamline developmentGdg using docker to streamline development
Gdg using docker to streamline development
 
ACS & vSphere Draft
ACS & vSphere DraftACS & vSphere Draft
ACS & vSphere Draft
 
Micro services infrastructure with AWS and Ansible
Micro services infrastructure with AWS and AnsibleMicro services infrastructure with AWS and Ansible
Micro services infrastructure with AWS and Ansible
 
Integrating Puppet with Cloud Infrastructures-Remco Overdijk
Integrating Puppet with Cloud Infrastructures-Remco OverdijkIntegrating Puppet with Cloud Infrastructures-Remco Overdijk
Integrating Puppet with Cloud Infrastructures-Remco Overdijk
 
Clouds presentation, aws meetup v2
Clouds presentation, aws meetup v2Clouds presentation, aws meetup v2
Clouds presentation, aws meetup v2
 
Docker - for all // just a_first date
Docker - for all // just a_first dateDocker - for all // just a_first date
Docker - for all // just a_first date
 
Container Orchestration
Container OrchestrationContainer Orchestration
Container Orchestration
 
(APP309) Running and Monitoring Docker Containers at Scale | AWS re:Invent 2014
(APP309) Running and Monitoring Docker Containers at Scale | AWS re:Invent 2014(APP309) Running and Monitoring Docker Containers at Scale | AWS re:Invent 2014
(APP309) Running and Monitoring Docker Containers at Scale | AWS re:Invent 2014
 
Aws Fargate clusterless serverless
Aws Fargate clusterless serverlessAws Fargate clusterless serverless
Aws Fargate clusterless serverless
 
Weaveworks at AWS re:Invent 2016: Operations Management with Amazon ECS
Weaveworks at AWS re:Invent 2016: Operations Management with Amazon ECSWeaveworks at AWS re:Invent 2016: Operations Management with Amazon ECS
Weaveworks at AWS re:Invent 2016: Operations Management with Amazon ECS
 
Cloudsolutionday 2016: DevOps workflow with Docker on AWS
Cloudsolutionday 2016: DevOps workflow with Docker on AWSCloudsolutionday 2016: DevOps workflow with Docker on AWS
Cloudsolutionday 2016: DevOps workflow with Docker on AWS
 
Docker in the Cloud
Docker in the CloudDocker in the Cloud
Docker in the Cloud
 
Docker on mesos
Docker on mesosDocker on mesos
Docker on mesos
 
Cooking Akka.net and Azure Service Fabric together
Cooking Akka.net and Azure Service Fabric togetherCooking Akka.net and Azure Service Fabric together
Cooking Akka.net and Azure Service Fabric together
 
Intro to Serverless
Intro to ServerlessIntro to Serverless
Intro to Serverless
 
vBrownBag @ VMworld - Apache CloudStack (ACS) & vSphere
vBrownBag @ VMworld - Apache CloudStack (ACS) & vSpherevBrownBag @ VMworld - Apache CloudStack (ACS) & vSphere
vBrownBag @ VMworld - Apache CloudStack (ACS) & vSphere
 

En vedette

Containerization: The DevOps Revolution
Containerization: The DevOps Revolution Containerization: The DevOps Revolution
Containerization: The DevOps Revolution SoftServe
 
SplunkLive Brisbane Splunk for Operational Security Intelligence
SplunkLive Brisbane Splunk for Operational Security IntelligenceSplunkLive Brisbane Splunk for Operational Security Intelligence
SplunkLive Brisbane Splunk for Operational Security IntelligenceSplunk
 
Microsoft threat modeling tool 2016
Microsoft threat modeling tool 2016Microsoft threat modeling tool 2016
Microsoft threat modeling tool 2016Rihab Chebbah
 
Threat Modeling: Best Practices
Threat Modeling: Best PracticesThreat Modeling: Best Practices
Threat Modeling: Best PracticesSource Conference
 
Security Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsSecurity Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsYulian Slobodyan
 
Threat modeling web application: a case study
Threat modeling web application: a case studyThreat modeling web application: a case study
Threat modeling web application: a case studyAntonio Fontes
 
Real World Application Threat Modelling By Example
Real World Application Threat Modelling By ExampleReal World Application Threat Modelling By Example
Real World Application Threat Modelling By ExampleNCC Group
 
Application Threat Modeling
Application Threat ModelingApplication Threat Modeling
Application Threat ModelingMarco Morana
 
CCNA Security - Chapter 1
CCNA Security - Chapter 1CCNA Security - Chapter 1
CCNA Security - Chapter 1Irsandi Hasan
 

En vedette (10)

Containerization: The DevOps Revolution
Containerization: The DevOps Revolution Containerization: The DevOps Revolution
Containerization: The DevOps Revolution
 
SplunkLive Brisbane Splunk for Operational Security Intelligence
SplunkLive Brisbane Splunk for Operational Security IntelligenceSplunkLive Brisbane Splunk for Operational Security Intelligence
SplunkLive Brisbane Splunk for Operational Security Intelligence
 
Microsoft threat modeling tool 2016
Microsoft threat modeling tool 2016Microsoft threat modeling tool 2016
Microsoft threat modeling tool 2016
 
Threat Modeling: Best Practices
Threat Modeling: Best PracticesThreat Modeling: Best Practices
Threat Modeling: Best Practices
 
Threat Modelling
Threat ModellingThreat Modelling
Threat Modelling
 
Security Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsSecurity Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and Tools
 
Threat modeling web application: a case study
Threat modeling web application: a case studyThreat modeling web application: a case study
Threat modeling web application: a case study
 
Real World Application Threat Modelling By Example
Real World Application Threat Modelling By ExampleReal World Application Threat Modelling By Example
Real World Application Threat Modelling By Example
 
Application Threat Modeling
Application Threat ModelingApplication Threat Modeling
Application Threat Modeling
 
CCNA Security - Chapter 1
CCNA Security - Chapter 1CCNA Security - Chapter 1
CCNA Security - Chapter 1
 

Similaire à Containerization - The DevOps Revolution

Integration in the age of DevOps
Integration in the age of DevOpsIntegration in the age of DevOps
Integration in the age of DevOpsAlbert Wong
 
Docker and kubernetes
Docker and kubernetesDocker and kubernetes
Docker and kubernetesDongwon Kim
 
OSDC 2015: Bernd Mathiske | Why the Datacenter Needs an Operating System
OSDC 2015: Bernd Mathiske | Why the Datacenter Needs an Operating SystemOSDC 2015: Bernd Mathiske | Why the Datacenter Needs an Operating System
OSDC 2015: Bernd Mathiske | Why the Datacenter Needs an Operating SystemNETWAYS
 
Rami Sayar - Node microservices with Docker
Rami Sayar - Node microservices with DockerRami Sayar - Node microservices with Docker
Rami Sayar - Node microservices with DockerWeb à Québec
 
The container revolution, and what it means to operators open stack southba...
The container revolution, and what it means to operators open stack southba...The container revolution, and what it means to operators open stack southba...
The container revolution, and what it means to operators open stack southba...Robert Starmer
 
MANTL Data Platform, Microservices and BigData Services
MANTL Data Platform, Microservices and BigData ServicesMANTL Data Platform, Microservices and BigData Services
MANTL Data Platform, Microservices and BigData ServicesCisco DevNet
 
stackconf 2020 | Replace your Docker based Containers with Cri-o Kata Contain...
stackconf 2020 | Replace your Docker based Containers with Cri-o Kata Contain...stackconf 2020 | Replace your Docker based Containers with Cri-o Kata Contain...
stackconf 2020 | Replace your Docker based Containers with Cri-o Kata Contain...NETWAYS
 
The container revolution, and what it means to operators.pptx
The container revolution, and what it means to operators.pptxThe container revolution, and what it means to operators.pptx
The container revolution, and what it means to operators.pptxRobert Starmer
 
Why Kubernetes as a container orchestrator is a right choice for running spar...
Why Kubernetes as a container orchestrator is a right choice for running spar...Why Kubernetes as a container orchestrator is a right choice for running spar...
Why Kubernetes as a container orchestrator is a right choice for running spar...DataWorks Summit
 
Docker - Portable Deployment
Docker - Portable DeploymentDocker - Portable Deployment
Docker - Portable Deploymentjavaonfly
 
Containers #101 Meetup: Containers & OpenStack
Containers #101 Meetup: Containers & OpenStack Containers #101 Meetup: Containers & OpenStack
Containers #101 Meetup: Containers & OpenStack Brittany Ingram
 
State of the Container Ecosystem
State of the Container EcosystemState of the Container Ecosystem
State of the Container EcosystemVinay Rao
 
An Updated Performance Comparison of Virtual Machines and Linux Containers
An Updated Performance Comparison of Virtual Machines and Linux ContainersAn Updated Performance Comparison of Virtual Machines and Linux Containers
An Updated Performance Comparison of Virtual Machines and Linux ContainersKento Aoyama
 
Putting Kafka In Jail – Best Practices To Run Kafka On Kubernetes & DC/OS
Putting Kafka In Jail – Best Practices To Run Kafka On Kubernetes & DC/OSPutting Kafka In Jail – Best Practices To Run Kafka On Kubernetes & DC/OS
Putting Kafka In Jail – Best Practices To Run Kafka On Kubernetes & DC/OSLightbend
 
Docker and kubernetes_introduction
Docker and kubernetes_introductionDocker and kubernetes_introduction
Docker and kubernetes_introductionJason Hu
 
Apache Cassandra Lunch #41: Cassandra on Kubernetes - Docker/Kubernetes/Helm ...
Apache Cassandra Lunch #41: Cassandra on Kubernetes - Docker/Kubernetes/Helm ...Apache Cassandra Lunch #41: Cassandra on Kubernetes - Docker/Kubernetes/Helm ...
Apache Cassandra Lunch #41: Cassandra on Kubernetes - Docker/Kubernetes/Helm ...Anant Corporation
 
Introduction to Kubernetes
Introduction to KubernetesIntroduction to Kubernetes
Introduction to KubernetesVishal Biyani
 
Containers orchestrators: Docker vs. Kubernetes
Containers orchestrators: Docker vs. KubernetesContainers orchestrators: Docker vs. Kubernetes
Containers orchestrators: Docker vs. KubernetesDmitry Lazarenko
 
Containing the world with Docker
Containing the world with DockerContaining the world with Docker
Containing the world with DockerGiuseppe Piccolo
 

Similaire à Containerization - The DevOps Revolution (20)

Integration in the age of DevOps
Integration in the age of DevOpsIntegration in the age of DevOps
Integration in the age of DevOps
 
Docker and kubernetes
Docker and kubernetesDocker and kubernetes
Docker and kubernetes
 
OSDC 2015: Bernd Mathiske | Why the Datacenter Needs an Operating System
OSDC 2015: Bernd Mathiske | Why the Datacenter Needs an Operating SystemOSDC 2015: Bernd Mathiske | Why the Datacenter Needs an Operating System
OSDC 2015: Bernd Mathiske | Why the Datacenter Needs an Operating System
 
Rami Sayar - Node microservices with Docker
Rami Sayar - Node microservices with DockerRami Sayar - Node microservices with Docker
Rami Sayar - Node microservices with Docker
 
The container revolution, and what it means to operators open stack southba...
The container revolution, and what it means to operators open stack southba...The container revolution, and what it means to operators open stack southba...
The container revolution, and what it means to operators open stack southba...
 
MANTL Data Platform, Microservices and BigData Services
MANTL Data Platform, Microservices and BigData ServicesMANTL Data Platform, Microservices and BigData Services
MANTL Data Platform, Microservices and BigData Services
 
stackconf 2020 | Replace your Docker based Containers with Cri-o Kata Contain...
stackconf 2020 | Replace your Docker based Containers with Cri-o Kata Contain...stackconf 2020 | Replace your Docker based Containers with Cri-o Kata Contain...
stackconf 2020 | Replace your Docker based Containers with Cri-o Kata Contain...
 
The container revolution, and what it means to operators.pptx
The container revolution, and what it means to operators.pptxThe container revolution, and what it means to operators.pptx
The container revolution, and what it means to operators.pptx
 
Why Kubernetes as a container orchestrator is a right choice for running spar...
Why Kubernetes as a container orchestrator is a right choice for running spar...Why Kubernetes as a container orchestrator is a right choice for running spar...
Why Kubernetes as a container orchestrator is a right choice for running spar...
 
Docker - Portable Deployment
Docker - Portable DeploymentDocker - Portable Deployment
Docker - Portable Deployment
 
Containers #101 Meetup: Containers & OpenStack
Containers #101 Meetup: Containers & OpenStack Containers #101 Meetup: Containers & OpenStack
Containers #101 Meetup: Containers & OpenStack
 
State of the Container Ecosystem
State of the Container EcosystemState of the Container Ecosystem
State of the Container Ecosystem
 
An Updated Performance Comparison of Virtual Machines and Linux Containers
An Updated Performance Comparison of Virtual Machines and Linux ContainersAn Updated Performance Comparison of Virtual Machines and Linux Containers
An Updated Performance Comparison of Virtual Machines and Linux Containers
 
Putting Kafka In Jail – Best Practices To Run Kafka On Kubernetes & DC/OS
Putting Kafka In Jail – Best Practices To Run Kafka On Kubernetes & DC/OSPutting Kafka In Jail – Best Practices To Run Kafka On Kubernetes & DC/OS
Putting Kafka In Jail – Best Practices To Run Kafka On Kubernetes & DC/OS
 
Docker and kubernetes_introduction
Docker and kubernetes_introductionDocker and kubernetes_introduction
Docker and kubernetes_introduction
 
Docker-Intro
Docker-IntroDocker-Intro
Docker-Intro
 
Apache Cassandra Lunch #41: Cassandra on Kubernetes - Docker/Kubernetes/Helm ...
Apache Cassandra Lunch #41: Cassandra on Kubernetes - Docker/Kubernetes/Helm ...Apache Cassandra Lunch #41: Cassandra on Kubernetes - Docker/Kubernetes/Helm ...
Apache Cassandra Lunch #41: Cassandra on Kubernetes - Docker/Kubernetes/Helm ...
 
Introduction to Kubernetes
Introduction to KubernetesIntroduction to Kubernetes
Introduction to Kubernetes
 
Containers orchestrators: Docker vs. Kubernetes
Containers orchestrators: Docker vs. KubernetesContainers orchestrators: Docker vs. Kubernetes
Containers orchestrators: Docker vs. Kubernetes
 
Containing the world with Docker
Containing the world with DockerContaining the world with Docker
Containing the world with Docker
 

Plus de Yulian Slobodyan

Mono - Alternative .NET CLR Implementation
Mono - Alternative .NET CLR ImplementationMono - Alternative .NET CLR Implementation
Mono - Alternative .NET CLR ImplementationYulian Slobodyan
 
Security Training: #4 Development: Typical Security Issues
Security Training: #4 Development: Typical Security IssuesSecurity Training: #4 Development: Typical Security Issues
Security Training: #4 Development: Typical Security IssuesYulian Slobodyan
 
Security Training: #1 What Actually a Security Is?
Security Training: #1 What Actually a Security Is?Security Training: #1 What Actually a Security Is?
Security Training: #1 What Actually a Security Is?Yulian Slobodyan
 
Security Training: #2 Cryptography Basics
Security Training: #2 Cryptography BasicsSecurity Training: #2 Cryptography Basics
Security Training: #2 Cryptography BasicsYulian Slobodyan
 
StreamInsight Breakthrough
StreamInsight BreakthroughStreamInsight Breakthrough
StreamInsight BreakthroughYulian Slobodyan
 

Plus de Yulian Slobodyan (9)

Slides Saturn-final
Slides Saturn-finalSlides Saturn-final
Slides Saturn-final
 
IoT, Demystified
IoT, DemystifiedIoT, Demystified
IoT, Demystified
 
Mono - Alternative .NET CLR Implementation
Mono - Alternative .NET CLR ImplementationMono - Alternative .NET CLR Implementation
Mono - Alternative .NET CLR Implementation
 
Security Training: #4 Development: Typical Security Issues
Security Training: #4 Development: Typical Security IssuesSecurity Training: #4 Development: Typical Security Issues
Security Training: #4 Development: Typical Security Issues
 
Security Training: #1 What Actually a Security Is?
Security Training: #1 What Actually a Security Is?Security Training: #1 What Actually a Security Is?
Security Training: #1 What Actually a Security Is?
 
Security Training: #2 Cryptography Basics
Security Training: #2 Cryptography BasicsSecurity Training: #2 Cryptography Basics
Security Training: #2 Cryptography Basics
 
.NET Micro Framework
.NET Micro Framework.NET Micro Framework
.NET Micro Framework
 
eBiz#3: CEP
eBiz#3: CEPeBiz#3: CEP
eBiz#3: CEP
 
StreamInsight Breakthrough
StreamInsight BreakthroughStreamInsight Breakthrough
StreamInsight Breakthrough
 

Containerization - The DevOps Revolution

  • 2. Why do we need containers?
  • 3. Shipping Containers • Standardized dimensions • Mechanized handling system • Remote sorting and packing • Remote customs services • Greatly decreases cost and speed of international trade
  • 4. Software Container is like a VM • Own Process Space • Can run commands • Packages can be installed • Can run services/daemons • Isolated root privileges • Shell access
  • 5. Software Container is not like a VM • Uses host kernel • Restricted to host OS • Can’t have it’s own kernel modules • Is plain user-space process
  • 7. Containers Chronology • 1982 - chroot • 2000 - FreeBSD Jail • 2001 – Linux VServer • 2004 – Solaris Containers • 2007 – HP-UX Containers • 2008 – LXC (Linux Containers) • 2013 - Docker
  • 8. Linux cgroups (control groups) • Resource limiting • Prioritization • Accounting • Control • Used by • LXC • libvirt • systemd • Docker • Kubernetes • Mesos
  • 9. Linux namespaces • Isolate and virtualize resources • Every process (group) has its own view of the system • 6 kinds of namespaces: • mnt – mount points • pid – process IDs • net – network stack • ipc – POSIX mq filesystem • uts - hostname • user – users and groups
  • 10. • Resource Metering and Limiting • CPU and CPUSet • Memory • Network • Block I/O • /dev/* cgroups (control groups):
  • 11. • Provides containers with their own view of the system • Limits what you can see (and use) • Multiple namespaces: pid, net, mnt, uts, ipc, user Namespace:
  • 12. • Create new container instantly instead of copying whole system • Storage keeps tracking of what has change (AUFS, ZFS, etc) • Reduces footprint and overhead • Decreases boot time Copy-on-write storage:
  • 13. • LXC • systemd-nspawn • Docker Engine • rkt/runC • OpenVZ • Jails (FreeBSD), Zones (Solaris) Container Runtimes:
  • 14. • Uses the same kernel features => Performance will be the same • What matters is: Design Features Ecosystem (e.g. 100.000+ apps in Docker Hub) Support What’s the difference between them?
  • 15. The Story of Success
  • 16. Problem & Opportunity • Rapid innovation in computing and application development services • No single service is optimal for all solutions • Customers want to run multiple services in a single cluster and run multiple clusters in Intercloud environment ...to maximize utilization ...to share data between services
  • 17. Datacenter and solution today VM7 VM8 VM4 VM5 VM6 VM1 VM2 VM3 VM1 VM2 VM2 Visualization Service Data Ingestion Service Analytics Service • Configuration and management of 3 separate clusters • Resources stay idle if service is not active • Need to move data between clusters for each service
  • 18. What do we want to do? Data Ingestion Service Analytics Service Visualization Service ….to maximize utilization ...to share data between services Shared cluster Multiple clusters
  • 20. What is in it for customers? Maximize utilization Deliver more services with smaller footprint Shared clusters for all services Easier deployment and management with unified service platform Shared data between services Faster and more competitive services and solutions
  • 21. How does this work? Mesos Slave Spark Task Executor Mesos Executor Mesos Slave Docker Executor Docker Executor Mesos Master Task #1 Task #2 ./python XYZ java -jar XYZ.jar ./xyz Mesos Master Mesos Master Spark Service Scheduler Marathon Service Scheduler Zookeeper quorum
  • 22. How does this work? Mesos provides fine grained resource isolation Mesos Slave Process Spark Task Executor Mesos Executor Task #1 Task #2 ./python XYZ Compute Node Executor Container (cgroups)
  • 23. How does this work? Mesos provides scalability Mesos Slave Process Spark Task Executor Task #1 Task #2 ./ruby XYZ Compute Node Python executor finished, more available resources more Spark Container (cgroups) Task #3 Task #4
  • 24. How does this work? Mesos has no single point of failure Mesos MasterMesos Master Mesos Master VM1 VM2 VM3 VM4 VM5 Services keep running if VM fails!
  • 25. How does this work? Master node can failover Mesos MasterMesos Master Mesos Master VM1 VM2 VM3 VM4 VM5 Services keep running if Mesos Master fails!
  • 26. How does this work? Slave process can failover Tasks keep running if Mesos Slave Process fails! Mesos Slave Process Spark Task Executor Task #1 Task #2 ./ruby XYZ Compute Node Task #3 Task #4
  • 27. How does this work? Can deploy in many environments Get orchestrated by Openstack, Ansible (scripts), Cloudbreak True Hybrid Cloud deployment: AWS, CIS, UCS, vSphere, other AWS VM5VM1 VM2 VM3 VM4 Terraform REST API (policy, auto- scaling) REST API (direct provisioning) Scripted provisioning
  • 28. Containers: Service Product Cloud/Virtualization AWS/CIS/vSphere/Metacloud/UCS… Provisioning Terraform Automation Ansible Clustering & Resource Management Mesos, Marathon, Docker Load Balancing Avi Networks ETL & Data Shaping StreamSets Log Data Gathering Logstash Metrics Gathering CollectD, Avi Networks Messaging Kafka, Solace Data Storing (Batch) HDFS Data Storing (OLTP/Real-time) Cassandra Data Storing (Indexing) Elastic search Data Processing Apache Spark Visualization Zoomdata *Subset example
  • 29. Issues • Service Discovering • Networking for Containers • Persistent Storage • Docker Performance

Notes de l'éditeur

  1. Containerization is a system of intermodal freight transport using intermodal containers (also called shipping containers andISO containers) made of weathering steel. The containers have standardized dimensions. They can be loaded and unloaded, stacked, transported efficiently over long distances, and transferred from one mode of transport to another—container ships,rail transport flatcars, and semi-trailer trucks—without being opened.
  2. Poul-Henning Kamp
  3. cgroups (abbreviated from control groups) is a Linux kernel feature that limits, accounts for, and isolates the resource usage (CPU, memory, disk I/O, network, etc.) of a collection of processes. Engineers at Google (primarily Paul Menage and Rohit Seth) started the work on this feature in 2006 under the name "process containers”
  4. Namespaces are a Linux kernel feature that isolates and virtualizes resources (PID, hostname, userid, network, ipc, filesystem) of a collection of processes. Each process is assigned a symbolic link per namespace kind in /proc/<pid>/ns/. This symlink is handled specially by the kernel, the inode number pointed to by this symlink is the same for each process in this namespace, this way each namespace is uniquely identified by the inode number pointed to by one of its symlinks. Reading the symlink via readlink returns a string containing the namespace kind name and the inode number of the namespace.