Upload
others
View
8
Download
0
Embed Size (px)
Citation preview
ContainerizationThe Future Virtualization
bdNOG92 – 10 August, 2018Dhaka, Bangladesh
SANOG32
What is ?
What is Virtualization ?
What is ?
Virtualization is the process of creating a virtual version ofsomething, such as a server or computer system, using softwareinstead of hardware.
The evolution of virtualization greatly revolves around one pieceof very important software.
The hypervisor.
The hypervisor is a piece of software which allows physicalhardware like ram, cpu, hard disk, network card etc, to sharetheir resource amongst virtual machines running as guests on topof that physical hardware.
What is ?
Virtual Machine ?
What is ?
A Virtual Machine (VM) is an emulation of realcomputer that executes programs like a realcomputer with the help of “Hypervisor”
Type I and Type II hypervisor
Virtual machine can run on top of both hypervisor
What is ?
Type I hypervisor: Sometimes called a bare-metalhypervisor. This type of hypervisor installed directly ontop of the bare-metal physical server. Type I hypervisorhas direct access to the hardware.
Type II hypervisor: Also known as hosted hypervisor,which operates as an application on top of an existingoperating system. This type of hypervisor is installedas a software application on an existing operatingsystem.
What is ?
PhysicalHardware
Memory Processors
NetworkcardsDisks
Hypervisor
VM
OS
APP
VM
OS
APP
Type1hypervisor
PhysicalHardware
Memory Processors
NetworkcardsDisks
Hypervisor
VM
OS
APP
VM
OS
APP
HostOS
Type2hypervisor
What is ?
Containerization ?
What is ?
Containerization also called container-basedvirtualization is an OS-level virtualization method fordeploying and running distributed applications withoutlaunching an entire VM
Containers do not require a hypervisor and thereforeprovide better performance than applications running invirtual machines.
What is ?
They share the host system’s kernel with othercontainers.
That’s the reason you cannot run Linux on windows andwindows on Linux in containers like VMs do.
Image based which is lighter than full operating system.
Images has online repository and you can make your owncustomize image.
What is ?
Hardware
Operatingsystemkernel
Container1 Container2
Operatingsystem
Libraries
Application
Operatingsystem
Libraries
Application
What is ?
HardwareHypervisor
VM1 VM2
VirtualHW
Kernel
OperatingSystem
Libraries
Application
VirtualHW
Kernel
OperatingSystem
Libraries
Application
Hardware
Operatingsystemkernel
Container1 Container2
Operatingsystem
Libraries
Application
Operatingsystem
Libraries
Application
Virtualization Containeraization
What is ?
VM’s are like houseContainers are like
hotel rooms
Who are they ?
Who are they
VMWareVirtualBox
OpenVZ
LXD
Types
Types
VMWare
Hypervisor (Type I and II)
Container
VirtualBox
KVM
Microsoft Hyper-V
LXC
OpenVZ
Docker, LXD (use container technology)
Rocket
And many more..
Types: Container
LXC: The Linux Container
Docker: Is not a container, it’s an application which uses container technology.
LXD: A tool that utilizes LXC featuresAnd many more..
Types: Container
Types: Container
Docker: Is not a container, it’s an application which uses container technology.
Developed by dotCloud, Inc (todays Docker, Inc) to help their PaaS product
An easy tools for containers
Community Edition (ce) and Enterprise Edition (ee)
Types: Container
source: http://nordicapis.com/api-driven-devops-spotlight-on-docker/
Types: Container
Docker Client: End user of Docker
Docker Daemon: is what actually executes commands sent to the Docker Client
Docker Engine: is the layer on which Docker run
Types: Container
Docker File: Is the place (file) where instructions aregiven to build the Docker image.
EXAMPLE
FROM ubuntu:16.04
RUN apt update -yRUN apt upgrade –y
RUN apt install –y apache2
Types: Container
Docker images: Read-only templates that was builtfrom a set of instructions from Dockerfile
Registry: A registry is a storage and contentdelivery system, holding named Docker images,available in different tagged versions.
Docker Hub: Cloud-based registry service
Types: Container
LXD
Types: Container
A tool that utilizes LXC features
LXD
Developed by Canonical.
Types: Container
Hardware
UbuntuOperatingSystem
Container1 Container2
Operatingsystem
Libraries
Application
Operatingsystem
Libraries
Application
LXD
Types: Container
LXD: Storage
zfs, btrfs, dir
Types: Container
LXD: Networking
lxdbr0
Performance
Performance
Container shares the same kernel from its host machine. Hence itboots first, backup and restore is also fast, as a result, deployingapplications on the container is fast.
Virtual machine requires a full set of OS and act like a physicalmachine. it has its own kernel. For this reason, boot time is highon a virtual machine. Because of its isolated nature deploymenttime is relatively slow in the virtual machine.
Migration
Containers can run inside virtual machines, so both technologies can be used simultaneously
Do we really need migration ?
Financial facts
Financial facts
HardwareBoth technologies need hardware resources
so cost is involved in this area.
Financial facts
HypervisorIs a requirement for virtualization but
not for containerization.
Financial facts
Host and Guest OSDepends on licenses or open source
Financial facts
ApplicationDepends on paid or non paid.
Financial facts
Item Virtualization Containerization
Hardware Yes Yes
Hypervisor Yes No
Host OS Yes(Ifnot opensource)
No(Ifnot licensed)
GuestOS Yes(Ifnot opensource) No
Application Yes/No Yes/No
Security
Security: Container
Privileged containers: Any container where the container uid 0Is mapped to the host’s uid 0.
Unprivileged containers: The container uid 0 is mapped to anunprivileged user outside of the container
Security: Container
CGroups: Control resources to groups of process
Namespaces: Separate resources to make them visible only toprocess with the Namespace.
CPU, Memory, I/O, Bandwidth, network, device …..
Network, hostname, Mount, IPC, Process ID, User.
Security: Container
cgroups: limits how mauch you can use
namespaces: limits what you can see
Common Question ?Container or VMs ?
Container or VMs ?
Virtual machine: Multiple application on multiple server
Container: Same application multiple copy
Both can be run in the same infrastructure
Thanks
Questions ??