5. A commercial product,
built on
a development platform,
built on
infrastructure,
built on
standards.
Docker is building a stack to program the Internet
21. Cloud Zone 1
Cloud Zone 2 Data Center
Development
Center
Headquarters
Containerization: standard containers
on a standardized container engine
Orchestration: build and deploy
complex systems easily
Enterprise: Enable delivery and time
to value across a large, complex,
rapidly evolving enterprise
The Global Enterprise Supply Chain
22. BUILD
Development Environments
SHIP
Registry: Secure Content &
Collaboration
RUN
Control Plane: Deploy,
Orchestrate, Manage, Scale
Networking Volumes MonitoringLoggingConfig MgtCI/CD
IT Operations
Developers IT Operations
Docker CaaS Workflow
23. Docker Containers as a Service platform
24
BUILD
Developer Workflows
SHIP
Registry Services
RUN
Management
Docker for Mac and Windows Docker Trusted Registry Docker Universal Control Plane
Docker Cloud
Docker Container Engine
Ecosystem Plugins and Integrations
30. Notary
“Let’s stop using curl|sh”
Trusted collections for any content
Transport-agnostic
Reliable updates, proof of origin, resistant to untrusted
transport, survivable key compromise
Build on industry-leading standards and research
45. Declarative
• JSON configuration for desired infrastructure state:
• Specification of instances — vm image, instance type, etc.
• Group properties — size, logical identifiers, etc.
• Design patterns encourage
• encapsulation
• composition
• Config is input to all operations — system figures out what to do
47
46. Self-healing
• Composed of a set of active components / processes that
• monitor infrastructure state
• detect state divergence
• take actions
• Continuous monitoring and reconciliation — always on
• No downtime — rolling update
48
47. Toolkit
• Primitives for managing collections of resources
• create, scale, destroy
• rolling update
• Abstractions & Developer SPI
• Group - manages collection of resources
• Instance - describes the physical resource
• Flavor - extra semantics for handling instances
• A collection of executable, active components — plugins
• Initially, Go daemons in the toolkit
• Soon, easy management via Docker Plugins (runc)
49. Instance Plugin
• Spec: specification / model of an instance (e.g. vagrant, EC2):
• Logical ID, Init, Tags, and attachment
• Platform-specific properties
• Methods:
• /Instance.Validate
• /Instance.Provision
• /Instance.Destroy
• /Instance.DescribeInstances
• Examples: instance plugins for EC2, Azure VM, Vagrant, …51
50. Flavor Plugin
• Gives more context about the group members:
• Size, or list of Logical ID’s (e.g. IP addresses for ‘pets’)
• Application-specific notions of ‘health’
Is the node not only present but also joined a swarm?
• Methods:
• /Flavor.Validate
• /Flavor.Prepare
• /Flavor.Healthy
• Examples: flavor for Zookeeper members, Docker swarm
nodes52
51. Group Plugin
• Main entry point for user interaction:
• Create, describe update, update, destroy
• Config JSON is always the input
• Composed of Instance and Flavor — mix and match to
manage cattle (fungible) or pets (special)
• Methods:
• /Group.Watch
• /Group.Unwatch
• /Group.Inspect
53
• /Group.DescribeUpdate
• /Group.Update
• /Group.StopUpdate
• /Group.Destroy
53. Operations
• Make sure the plugins are running:
• infrakit/group &; infrakit/zookeeper &; infrakit/vagrant &;
• “Watch” the group starts management:
• infrakit/cli group watch zk.conf
• Update the config, e.g. change size or add IP address
• Describe changes before committing —
infrakit/cli group describe zk.conf
• Begin update —
infrakit/cli group update zk.conf
55
63. Today
65
• InfraKit is just getting started… only
primitives for working with groups like
clusters of hosts
• But we have big plans
• Improve group management strategies
• More resource types — networking, load
balancers, storage…
• A cohesive framework for active
management of infrastructure — physical,
virtual, or containers
64. Get Involved
• Help define and implement new and interesting plugins
• Instance plugins for different infrastructure providers
• Flavor plugins for systems like etcd or mysql clusters
• Group controller plugins — metrics-driven auto scaling
and more
• Help define interfaces and implement new infrastructure
resource types — load balancers, networks and storage
volume provisioners
66
Local development environments
Self service app images
Build, Test, Deploy applications
Define app behavior and infra needs
Registry services for image storage, management and distribution
IT Ops maintains library of secure base content
Manage role based access to repos/images
Management consoles
Provision, manage infrastructure resources
Monitor, manage, scale infrastructure and applications
Docker for Mac is super easy to use. It self-updates. But how to do you do that for other platforms??
Infrastructure management holds an interesting position — it has to prepare the environment for the container engine.
Infrastructure management sets up the environment for the container engine. It then collaborates with it to service the user’s needs.
integration in the future as Docker Plugins (as runc containers)
goes back to initial goal of simplifying user experience through a common Docker plugin install experience
InfraKit can be used set up to run with leader election (e.g. integrated with Docker swarm mode) to achieve high availability. Multiple plugin sets are running as hot standby but only one is active (the leader).
no method to update !!— opinionated immutable infrastructure
Prepare modifies the Spec for the instance. It can inject additional init scripts, tags.
Healthy goes beyond just presence — is a node present AND part of a swarm?
No operations to create: watching nodes that don’t exist —> will create them … declarative state
explain cases for using each. why explicit is better than implicit (use unwatch / destroy example)
Simple patterns
Compose them into a large configuration. Group is made up of Instance and Flavor
Note the config is used for all inputs.
The system figures out what needs to be done.
Only signals to system to start managing
Docker plugins in a future implementation