docker cloud hybridation & orchestration
TRANSCRIPT
Adrien BlindDevOps Coach@adrienblind
Ludovic Piot, OxalideConseil, architecture, DevOps@lpiot
Usecase: cloud hybridationleveraging on Docker 1.12
@adrienblind @lpiotPlease twit us on #experiences !
On-demand & pay-per-use
DevOps compliant : easy automation, Infra-as-code, versionnable, reproductible
Leads to new usecases: elastic applications, ephemeral environments…
The cloud is sexy
@adrienblind @lpiotPlease twit us on #experiences !
Versatile resources Fail-over through distributed architecture Rebuild vs. restore Frequency of reinstall
Pay per-use but… low perf/cost ratio load-balancing network-based architecture : asynchronous
architecture
A cloudy picture
@adrienblind @lpiotPlease twit us on #experiences !
Security No network peripheral security New organisation-based security model
Managed services very appealing but… vendor lock-in consequences on project/prod collaboration
Keep a decent ROI on recent on-premise assets
A cloudy picture
@adrienblind @lpiotPlease twit us on #experiences !
Docker benefits‘’A universal, self-sufficient and standard artifact embedding an app module,
and its subsequent infrastructure configuration’’
Docker provides both the artifact and the ecosystem to handle it!
Immutable
Portable Lightweight
Incremental
Versionned/taggedDisposable
@adrienblind @lpiotPlease twit us on #experiences !
Topology & orchestration
App 3
App 2
App 1
X64/WIN X64/LINUX ARM/LINUX
An app is made of several atomic containers
Compose, Stack & Service enable to manage topologies of containers accross a logical cluster of nodes
Docker supports ARM & Windows Third-part assets may be handled
artificially through abassador containers
@adrienblind @lpiotPlease twit us on #experiences !
Span a cluster over providers
Directly over Internet ;) Swarm mode secures interactions between its nodes (TLS mutual auth, authz, & encryption) Overlay network trafic may be encrypted across nodes too (use switch --opt encrypted at creation time, enabling
use of IPSEC tunnels / 12h rotating keys) However, you may wish to interconnect your DC and cloud nodes through dedicated
network connections (ex. Intercloud) , VPNs…
@adrienblind @lpiotPlease twit us on #experiences !
Scale the application through docker service replicas
Scale the swarm cluster capacity leveraging on docker-machine
Scale up, scale down
BEWARE OFAPP ARCHI !
Adrien BlindDevOps Coach@adrienblind
Ludovic Piot, OxalideConseil, architecture, DevOps@lpiot
Demo
@adrienblind @lpiotPlease twit us on #experiences !
Demo’s architecture
Raspberry(ARM)
Win 2016SWARMCLUSTER
Load injector (Apache AB) IIS Website MySQL Backend Overlay network
LinuxX86_64
LinuxX86_64
LinuxX86_64
LinuxX86_64
LinuxX86_64
INTERNET
REDIS
@adrienblind @lpiotPlease twit us on #experiences !
A real, hybrid clusterARM/Linux
x86_64/Linux
x86_64/Winx86_64/Linux
@adrienblind @lpiotPlease twit us on #experiences !
Spawning docker services
@adrienblind @lpiotPlease twit us on #experiences !
Scale the app up & down
Adrien BlindDevOps Coach@adrienblind
Ludovic Piot, OxalideConseil, architecture, DevOps@lpiot
Conclusion
@adrienblind @lpiotPlease twit us on #experiences !
Docker offers a nice opportunity to create an abstraction layer to facilitate transition to the cloud
Hybridation facilitates composite orchestration when it’ll be fully operational
Conclusion
@adrienblind @lpiotPlease twit us on #experiences !
Step 1 Shift to docker packaging pardigmes Start deploying your apps through docker (trough CD pipelines
for instance) Step 2
Shift to dynamic orchestration: swarm cluster handles container deployments over the cluster, ensures desired instances are up, etc.
Step 3 Extend your local own cluster to third-part vendors
Step 4 Shift to self-healing clusters (autoscaling nodes for instance)
Plan your migration
Adrien BlindDevOps Coach@adrienblind
Ludovic Piot, OxalideConseil, architecture, DevOps@lpiot
Thank you!