containers - (austin cloud meetup april 2016)
Post on 07-Jan-2017
11.596 Views
Preview:
TRANSCRIPT
Derrick J. WipplerBlog: http://thrawn01.org
Twitter: @thrawn01
Android Super NES Emulatorhttp://www.superretro16.com/
Containers
What Containers Are NOT
DOCKER != CONTAINERS
Container Technology is provided by the Linux
Kernel
NOT LXC
Linux Kernel Containers
Everything you need to create and run containers already exists in the
linux kernel
Everything you need to create and run containers already exists in the
linux kernel
However…….
CHROOT
CHROOT PROVIDES
Isolate Process & File systems
CHROOT
CHROOTKernel Namespaces
CGroups
Namespaces
PID Namespaces
NET Namespaces
PID Namespaces ProvideProcess Isolation
PID NameSpace 1
PID NameSpace 1
PID NameSpace 2
PID NameSpace 3
PID NameSpace 4
PID NameSpace 1
PID NameSpace 2
PID NameSpace 3
PID NameSpace 4
CHROOT ?
NET Namespaces
NET Namespaces ProvideNetwork Isolation
Root NET Namespace
NET Namespace 1
NET Namespace 2
Root NET Namespace
NET Namespace 1
NET Namespace 2
Network your chroots together inside the kernel
Network your chroots together inside the kernel
Sounds like - VM Hypervisor
Container is NOT a VM
Container is NOT a VM
VM’s run entire OS
Container is NOT a VM
VM’s run entire OS
Containers run a single process
<demo>
Prepare for coolness
Remember, when you start a container, you are just starting a process with namespaces
Existing container workloads on VMs
1X DataCenters
Configuration Management
Infrastructure is in a known state.Prevent Infrastructure drift.
Self Healing
Container Images treated as immutable
No more Infrastructure Drift
Prevent Infrastructure driftInfrastructure is in a known state
Self Healing
Clustering
What is KubernetesKubernetes is an open source orchestration system for Docker containers. It handles scheduling onto nodes in a compute cluster and actively manages workloads to ensure that their state matches the user's declared intentions.
Kubernetes MonitoringBuiltin support for application level health checks
(DB Checks, Socket & Http checks, etc…)
Automatically restart crashed processes (aka containers)
Natively React to Monitor Events
Prevent Infrastructure driftInfrastructure is in a known state
Self Healing
MANAGED BY KUBERNETES
Self healingNo Infrastructure Drift
Infrastructure is in a known state
Reliability
Why do we need Configuration Management?
What about Operating System Configuration?
Immutable Operating Systems
Immutable InfrastructureAKA
Brandon Phillips CTO Alex Polvi CEO
All you need is a OS that can run Containers
No Package Manager
Immutable Config files
Why configure the OS?
Our containers can contain all OS config files and daemons necessary for our
application to run
How to configure all the disparate containers?
Consistent Distributed Key Store
Why do we need Configuration Management?
Brian Redbeard
Principal Architect CoreOS
“If we do our job correctly, future releases of CoreOS will NOT have SSH server
installed”
“If we do our job correctly, future releases of CoreOS will NOT have SSH server
installed”
How you would design your infrastructure/software if you were unable
to SSH into the host OS?
Typical Operating System
Kernel
Configuration
Storage
Workloads
Typical Operating System
Kernel
Configuration
Storage
Linux Kernel
/etc
FileSystems EXT4
Workloads Processes
Typical Operating System
Kernel
Configuration
Storage
Linux Kernel
/etc
FileSystems EXT4
Kubernetes
etcd
ISCSI Block or FSAS
Workloads Processes Containers
Cloud Operating System
Infinite CPU Power
Distributed Scale
Self Healing
Always Available
GIFEE
GIFEEGoogle Infrastructure For Everyone Else
All I WANTcreate my application in a container
make it scale
I don’t want it to go down
Blog: http://thrawn01.org
Twitter: @thrawn01
top related