clocker, calico and docker
TRANSCRIPT
Clocker, Calico and DockerRunning Workloads in the Cloud
Andrew Kennedy, Container Con, 18 August 2015
@grkvlt
Agenda
• Introduction• Application Management• Networking with Calico• Demonstration• Roadmap• Questions
Copyright 2015 by Cloudsoft Corporation Limited
Clocker Introduction
@grkvlt
Clocker Statistics
• Open Source• 1 Year Old• 636 Commits• 131 Pull Requests• 10 Contributors
• 2 External
• 14 KLOC• 20 Releases
http://www.redotheweb.com/CodeFlower/
Copyright 2015 by Cloudsoft Corporation Limited
@grkvlt
• Application Management Platform• Deploy, Manage and Monitor Blueprints• Provisioning, Installation and Customization• Management
• AutoScaling, Resilience, Performance, Security
Apache Brooklyn
@grkvlt
Apache jclouds
• Java Cloud Library• API Agnostic
• SoftLayer, OpenStack, AWS EC2, GCE…
• Create Virtual Machines• Return SSH Endpoint
• Create Containers• Docker REST API
Copyright 2015 by Cloudsoft Corporation Limited
@grkvlt
Docker
• Containers• Isolation• Performance• Composable
• Huge Ecosystem• Compute Abstraction• Process Wrapper
@grkvlt
• Software-‐Defined Networking• Weave• Calico
• Storage and Volume Management• Flocker
• More Being Developed…• Native Plugins
Docker Extras
@grkvlt
What does it do?
1. Spins up and Manages Docker Clusters in the Clouds
2. Serves up Containers on Demand
3. Manages Composite Application Deployments
Copyright 2015 by Cloudsoft Corporation Limited
@grkvlt
What does it provide?
• Infrastructure Management• Docker Hosts• Swarm Controller
• Multi Host and Multi Container Applications• Seamless Networking• Communication Between Services
• Orchestration and Clustering• Control of Containers• Container Management
Copyright 2015 by Cloudsoft Corporation Limited
@grkvlt
Clocker and Brooklyn Summary
• What is it?• Brooklyn Application• Brooklyn Location
• What does it provide?• First Class Docker Support in Brooklyn• Optimized Brooklyn Blueprints for Docker• Container Orchestration
Copyright 2015 by Cloudsoft Corporation Limited
Application Management
@grkvlt
Brooklyn Blueprints
• Describe Applications• OASIS CAMP Standard• List of Services• NoSQL Database Clusters• Web Servers and Load Balancers• Shell or Python Scripts
• Tree Structure• Sensors, Effectors and Policies
Copyright 2015 by Cloudsoft Corporation Limited
@grkvlt
Application Management
• Sensors• Data from Services
• Effectors• Brooklyn Policies
• Attached to Entities in Application
• Nothing Docker Specific
• Elastic Scaling and Cluster Resizing
• Service Resilience and Replacement
Copyright 2015 by Cloudsoft Corporation Limited
@grkvlt
Blueprint Example
Copyright 2015 by Cloudsoft Corporation Limited
id: docker-‐redisname: "Docker Hub Redis Service"origin: "https://registry.hub.docker.com/_/redis/"locations:-‐ my-‐docker-‐cloud
services:-‐ type: docker:redis:latest
openPorts:-‐ 6379directPorts:-‐ 6379
@grkvlt
Blueprint Examplename: appserver-‐w-‐policyservices:-‐ type: org.apache.brooklyn.entity.webapp.ControlledDynamicWebAppCluster
initialSize: 3memberSpec:
$brooklyn:entitySpec:type: org.apache.brooklyn.entity.webapp.tomcat.Tomcat8Serverbrooklyn.config:
wars.root:http://search.maven.org/remotecontent?filepath=io/brooklyn/example/brooklyn-‐example-‐hello-‐world-‐sql-‐webapp/0.6.0/brooklyn-‐example-‐hello-‐
world-‐sql-‐webapp-‐0.6.0.warhttp.port: 8080+java.sysprops:
brooklyn.example.db.url: $brooklyn:formatString("jdbc:%s%s?user=%s\\&password=%s",component("db").attributeWhenReady("datastore.url"), "visitors", "brooklyn", "br00k11n")
brooklyn.policies:-‐ policyType: org.apache.brooklyn.policy.autoscaling.AutoScalerPolicy
brooklyn.config:metric: $brooklyn:sensor("org.apache.brooklyn.entity.webapp.DynamicWebAppCluster", "webapp.reqs.perSec.windowed.perNode")metricLowerBound: 10metricUpperBound: 100minPoolSize: 1maxPoolSize: 5
-‐ type: org.apache.brooklyn.entity.database.mysql.MySqlNodeid: dbname: DB HelloWorld Visitorsbrooklyn.config:
datastore.creation.script.url:https://github.com/apache/incubator-‐brooklyn/raw/master/usage/launcher/src/test/resources/visitors-‐creation-‐script.sql
Copyright 2015 by Cloudsoft Corporation Limited
@grkvlt
Clocker Blueprints
Copyright 2015 by Cloudsoft Corporation Limited
@grkvlt
Docker Cloud
• Brooklyn Blueprint for Docker Cluster• Docker Engine on Cloud VM or Bare Metal
• Configuration for Host• TLS Certificates
• Setup Volumes
• Logging
• Install SDN Agents
• Manage Capacity or HeadroomCopyright 2015 by Cloudsoft Corporation Limited
@grkvlt
Headroom
• Ensure resources available• Based on MaxContainers strategy limit
• Or Percentage Utilisation• Or CPU and RAM allocation
• Scale Docker Host Cluster Automatically • Add new Docker hosts• Remove empty Docker hosts
Copyright 2015 by Cloudsoft Corporation Limited
@grkvlt
Clocker 1.x Architecture
Copyright 2015 by Cloudsoft Corporation Limited
@grkvlt
Docker Cloud
1. On-demand
2. Multi-Tenant
3. Hardware Independent
4. Application LevelCopyright 2015 by Cloudsoft Corporation Limited
@grkvlt
Clocker Features
• Docker Extensions to Brooklyn–Docker Image as First-Class Service Type–Placement Strategies for Containers–Create Docker Images and Networks
• Manages Docker Engine and Swarm–Deployment and Management– Installation and Configuration–Software-Defined Networking
Copyright 2015 by Cloudsoft Corporation Limited
@grkvlt
Clocker Features
• Application Blueprints–Oasis CAMP YAML–TOSCA and Compose in Development–Same as Core Brooklyn
• Targeting Multiple Destinations–Some Virtual Machines–Some Bare Metal–Some Containers
Copyright 2015 by Cloudsoft Corporation Limited
@grkvlt
Clocker Orchestration
Copyright 2015 by Cloudsoft Corporation Limited
Docker Engine
Virtual Machine
Container
Clocker Network Segment
SDNProvider
CloudProvider
Brooklyn
@grkvlt
Container Management
• Sources• Docker Image Definition
• Docker Hub or Registry• Dockerfile• Brooklyn Entity Definition
• Create Image Automatically• Commit or Push for Reuse
Copyright 2015 by Cloudsoft Corporation Limited
@grkvlt
Container Placement
• Placement Strategies• Random, Depth or Breadth First• CPU or Memory Usage• Memory, CPU or Container Limits• Geographic Constraints
• User Defined• Java Predicate
Copyright 2015 by Cloudsoft Corporation Limited
Clocker Networking
@grkvlt
Software-Defined Networking
• Needed for Seamless Provisioning• Host to Host Communication
• Same LAN Segment• No Port Forwarding• Natural Application Configuration
• Initial Driver was EPMD Applications• Useful for any opinionated applications
Copyright 2015 by Cloudsoft Corporation Limited
@grkvlt
Networking Providers
• Standardized Interfaces• Pluggable Providers
• Weave• Project Calico• ...
• Same Basic Features • Extra capabilities defined in configuration
Copyright 2015 by Cloudsoft Corporation Limited
@grkvlt
Networking Providers
• Implementation Agnostic• L2 overlay, L3 routing etc.• Similar to Hypervisor in Clouds
• Generic Interfaces• Host Component• Service Component (or Endpoint)
• Same idea as Docker Network Plugins
Copyright 2015 by Cloudsoft Corporation Limited
@grkvlt
Networking Capabilities
• Provide Multiple Networks• Single Application or Shared• Private Addresses• Segmented by CIDR
• Docker Port Forwarding Access• Debug Mechanism
Copyright 2015 by Cloudsoft Corporation Limited
@grkvlt
Clocker Networking
ContainerHost
SDN Bridge
Container
InternetSDN
Gateway
Copyright 2015 by Cloudsoft Corporation Limited
@grkvlt
Networking Capabilities
• IP Pool Controlled by Clocker• Clocker Controls Subnet Allocation
• Applications Segmented by CIDR
• Delegate to SDN or Cloud• Bring your own IP• Both Weave and Calico offer this now• Calico can use routable CIDR or VPN
Copyright 2015 by Cloudsoft Corporation Limited
@grkvlt
Networking Capabilities
• Wide Area and Multi Region SDN• Cross Platform SDN
• Both VMs and Containers on one VLAN
• Name Resolution• Contributing to Weave DNS for orchestration• Use traditional external BIND service entity
Copyright 2015 by Cloudsoft Corporation Limited
@grkvlt
Metaswitch Project Calico
• SDN for Bare Metal, VMs and Containers• Layer 3
• Uses OS IP routing and forwarding
• Configuration in an etcd Cluster• Version 0.4 in Clocker
• 0.5.x once working on Docker stable
• Spans VMs and Containers• OpenStack Neutron network driver
Copyright 2015 by Cloudsoft Corporation Limited
@grkvltCopyright 2015 by Cloudsoft Corporation Limited
Cross-Target Deployment
@grkvlt
Virtual Network Entity
• Clocker Specific Entity• Provisions a Virtual Network or Subnet• Looks for NetworkProvisioningExtension
• Registered in DockerLocation by SDN Provider• Also defined with JcloudsLocation for OpenStack
• Part of Application Blueprint
Copyright 2015 by Cloudsoft Corporation Limited
@grkvlt
Network Provisioning
• Create Named Virtual Networks• Uses Available Provider
• Currently Weave, Calico and OpenStack Neutron Supported
-‐ type: brooklyn.networking.VirtualNetworknetworkId: my-‐applicationcidr: 192.168.12.0/24gateway: 192.168.12.1dnsServers:-‐ 8.8.8.8brooklyn.config:
sdn.example.securityGroup: "my-‐security-‐group"
Copyright 2015 by Cloudsoft Corporation Limited
@grkvlt
Network Provisioning
• Allow Minimal (Zero!) Configuration• Use Sensible Defaults
• Also SDN or Cloud Specific Configuration, e.g. Calico or OpenStack
• Allocate Address Space on Demand
-‐ type: brooklyn.networking.OpenStackVirtualNetworknetworkId: database-‐netcidr: 192.168.34.0/24
-‐ type: brooklyn.networking.VirtualNetworknetworkId: couchbase-‐net
Copyright 2015 by Cloudsoft Corporation Limited
@grkvlt
Network Provisioning
• Attach Containers to Networksbrooklyn.config:
network.list:-‐ couchbase-‐net-‐ management-‐net
• Create Networks as Required• Also Attach to VMs and Metal
• Only supported with Calico at present
Copyright 2015 by Cloudsoft Corporation Limited
Demonstration
@grkvltCopyright 2015 by Cloudsoft Corporation Limited
Clocker Console 1
@grkvltCopyright 2015 by Cloudsoft Corporation Limited
Clocker Console 2
@grkvlt
• Orchestrated Docker deployment with Calico SDN integration
• Automated attachment of containers to multiple dynamic networks
• Brooklyn application blueprints deployed with network topology
• Management of running applicationsCopyright 2015 by Cloudsoft Corporation Limited
Features
Clocker 1.x
@grkvlt
Roadmap
• Mesos Integration• Deploy the Mesos infrastructure• Brooklyn as a Mesos framework• Provide Mesos as another Brooklyn endpoint
• Container Mobility• Stateless Services
• Brooklyn Core Integration
Copyright 2015 by Cloudsoft Corporation Limited
@grkvlt
Roadmap
Copyright 2015 by Cloudsoft Corporation Limited
@grkvlt
Roadmap
• Docker Experimental Features• Separate release for now• Not yet stable• More networking providers
• Clocker Experimental Release• Coming soon...
Copyright 2015 by Cloudsoft Corporation Limited
Clocker Solves:–Docker Cloud Networking–Container Placement and Provisioning–Composite Application Management
Summary
Questions?
@grkvlt
Resources
http://clocker.io/
http://brooklyn.io/
https://github.com/brooklyncentral/clocker/
https://github.com/apache/incubator-‐brooklyn/
https://github.com/weaveworks/weave/
https://github.com/Metaswitch/calico-‐docker/
http://blog.abstractvisitorpattern.co.uk/