What Should I Know About (Insert Container Project Here)

What Should I Know About

Mi ke Metr a l | Pr od uct A r ch i tec t |@ m i kem etr a l

O c t o b e r 2 7 , 2 0 1 5

2

Let’s Play A Game…

3

Mike Metra l

• Facts About Me

• Product Architect

• Been @ Rackspace for ~3.5 Years

• Focusing on Containers for last 1.5 Years

• Things You May Not Know

• I enjoy coding in Go

• I play Golf

• My favorite editor is vim

• Endorsements and/or Skills• Python

• Cloud Computing

• Bash

• Reddit

4

Containers

5

Containers

• Facts About Me

• Aid in faster dev iteration

• 4-6x more app instances per server than using VM’s with traditional hypervisors

• Operate at near bare metal speeds


• Not just to enable a PaaS

• Many legacy / enterprise apps are skipping VM’s & going straight to containers

• Containers share the same kernel

• Endorsements and/or Skills• Very lightweight

• Makes app isolation easier

• Plays well across various cloud platforms

6

Container Runtimes

7

Docker

• Facts About Me

• Popularized containers by abstracting LXC

• Pluggable architecture

• Great way to package & distribute apps


• Docker engine is the only abstraction necessary to enable cross platform portability

• Docker Hub has 100k+ apps

• Runs on all modern Linux distros AND supports Windows 7.1 + too!

• Endorsements and/or Skills

• Extremely fast boot up

• Embraced by many tech giants as standard for container foundation

https://www.docker.com

8

CoreOS’ rkt

• Facts About Me

• Implementation of new AppC spec to run containers

• Aimed at enterprise primitives such as security & image auditing


• Brings its own container image format, ACI

• Still under heavy development & unstable

• Aimed at being a “true” container building block


• Embraces security via joint effort with Intel’s Clear Containers

• Kubernetes supports rkt

• Many early implementations of AppC are popping up

https://coreos.com/rkt/docs/latest

9

OpenStack Container Solutions

10

OpenStack Docker Dr iver

• Facts About Me

• Hypervisor driver for Nova Compute to instantiate Docker containers

• Glance is my Docker image registry


• I’m a StackForge project

• I’m essentially a tiny HTTP client that controls Docker’s via its API

• Endorsements and/or Skills• Works well & easily with DevStack

https://wiki.openstack.org/wiki/Docker

11

OpenStack’s Magnum

• Facts About Me

• Containers Service for OpenStack

• Uses Heat to deploy Swarm, Kubernetes & Mesos


• Provides extra abstraction layer via Bay & its own API

• Deployments can be done in a multi-tenant fashion


• Google’s involvement in OpenStack lends Magnum to be a sweet spot for collaboration

https://wiki.openstack.org/wiki/Magnum

12

Corekube

• Facts About Me

• The simplest way to deploy a POC Kubernetes cluster using a Heat template in 5-10 min.

• Utilizes CoreOS as microOS


• Runs on many RAX envs & pure OpenStack

• Utilizes etcd & fleet API’s for deployment to CoreOS nodes & flannel for K8s networking

• Supports SkyDNS for K8s Service registration & discovery

• Written in Go

• Endorsements and/or Skills• Requires no add’l services or installations

to use, just native OpenStack & Heat

https://github.com/metral/corekube

13

Container Orchestration Engines (COE)

14

Docker Swarm

• Facts About Me

• Serves as clustering & scheduling tool to make a pool of Docker hosts appear as a single, virtual Docker host

• Aimed to provide common interface for many COE


• With a Swarm cluster up, Swarm resembles the familiar Docker usage

• Not battle hardened: no container fail over, no HA for swarm processes & plugin support w/ other COE is incomplete

• No real foundation for enabling microservices & their requirements

• Endorsements and/or Skills• Perfect for smaller env: <50 hosts

https://www.docker.com/docker-swarm

15

Mesos / DCOS + Marathon

• Facts About Me

• Mesos is a dist. sys kernel & cluster manager

• DCOS is enterprise pkg of Mesos

• Mesosphere’s Marathon is an init/control plane for Docker containers


• Marathon can run on Mesos or DCOS

• Kubernetes is similar to Marathon & can run alongside it or in lieu of

• Mesos & OpenStack have some overlap

• Endorsements and/or Skills• Twitter, Airbnb & Apple use Mesos

• Verizon deploy DC services w/ Mesosphere

• Airbnb, eBay, PayPal & Yelp use Marathon

• Mesos is for large envs: 100s–1000s

https://mesos.apache.org/

https://mesosphere.com/product/

https://mesosphere.github.io/marathon/

16

Google ’s Kubernetes

• Facts About Me

• Fully featured, large-scale container management system modeled after Borg

• Supported on OpenStack, RAX, AWS, GCE, Azure, RedHat etc.


• The Pod is a perfect atomic unit for an app

• Equipped to support add-ons for: monitoring, elastic search, UI, DNS

• Many other COE’s & ecosystem tools looking to integrate with Kubernetes

• Endorsements and/or Skills• Ideal for large envs: 100s – 1000s (TBD)

• Community advocacy: ~20k commits | ~600 contrib | avg. 250-300 commits/wk

• Being used in prod by Box, eBay, RedHat

http://kubernetes.io

17

Specialized Systems /“One-Off’s”

18

Engine Yard’s De is

• Facts About Me

• PaaS offering that faciliates app deployment & management

• Built on Docker & CoreOS (etcd, fleet, OS)

• Structurally abides the Heroku 12-factor methodology


• Private Heroku

• Lacks persistent storage & state aware support for apps

• Leverages Heroku Buildpacks

• Can be deployed anywhere incl. on-prem & in the cloud

• V2 is set to be running on top of K8

• Endorsements and/or Skills• Used by some small-medium biz

http://deis.io

19

Pr ime Direct ive ’s Flynn

• Facts About Me

• PaaS offering aimed at solving the stateful problems

• Where Deis is aimed to have feature parity with Heroku, Flynn is more about the dev lifecycle & its problems

• Less prescriptive than Deis in terms of tech used


• Private Heroku (not limited to 12-factor)

• Leverages Heroku Buildpacks

• Provides appliance for auto provisioning, HA / fail-over abilities for Postgres9.4

• Endorsements and/or Skills• Coinbase, Shopify & CenturyLink utilize

Flynn

https://flynn.io

20

Flocker

• Facts About Me

• Data volume & multi-host container manager

• Handling state within containers & mobility of storage volumes across hosts

• Backend of shared or local storage fabric

• Frontend network proxy for container linking & routing requests to respective host running active container


• Now available as Docker plugin

• Supports AWS EBS, OpenStack Cinder

• EMC is enchancing Flocker to work with XtremIO & ScaleIO drivers

• Endorsements and/or Skills• Flocker is officially at v1.0

https://clusterhq.com/flocker/introduction

21

MicroOS’

22

CoreOS

• Facts About Me

• Minimal Linux OS aimed at being the distrofor massive linux server deployments

• Provides subset of linux bins & abstracts userland apps to run in Docker containers


• Fork of ChromeOS

• Its flagship projects etcd & fleet were born out of necessity

• Acquired Quay.io for both public & enterprise container registry

• Endorsements and/or Skills• CoreOS, etcd, fleet & flannel are widely

being adopted by: Kubernetes, Deis, Rackspace etc.

• CoreOS is available on all major cloud platforms, incl. OpenStack

https://coreos.com

23

RedHat’s Pro ject Atomic

• Facts About Me

• Minimal Linux OS aimed at hosting & managing containers

• Security is more of a focus using SELinuxby default


• Base of Atomic is similar to Fedora 20

• Started about 6 months after CoreOS

• Best suited for RedHat’s projects such as OpenShift

• Includes Kubernetes support

• Endorsements and/or Skills• Atomic itself is avail as opensource but

Enterprise Platform is in EA

• Atomic is integral to OpenShift

http://www.projectatomic.io

24

Rancher Labs RancherOS

• Facts About Me

• Very tiny Linux OS aimed at hosting & managing containers

• Core components incl. cross-host networking, load balancing, storage mgmt, service discovery & native Docker (run, compose, registry & machine)


• Docker daemon runs as PID 1 is responsible for all system services which are themselves in containers

• User containers run in separate Dockerdaemon

• Updates to OS are as simple as rolling out new Docker containers

• Endorsements and/or Skills• Still very early – offering Beta Platform

http://rancher.com/rancher-os

25

h t t p s : / / w w w . m i n d m e i s t e r . c o m / 3 8 9 6 717 2 2 / d o c k e r -e c o s y s t e m #

26

Reeling Things In For OpenStack

27

What Should OpenStack Do?• Be aware of the shift in app dev &

accommodate for containers

• Infrastructure management is still needed

• Knowing where & when to decouple

responsibilities is important

28

There is a lot of noise out therePick the right tool for the job

O N E FA N AT I C A L P L A C E | S A N A N T O N I O , T X 7 8 2 1 8

U S S A L E S : 1 - 8 0 0 - 9 6 1 - 2 8 8 8 | U S S U P P O R T: 1 - 8 0 0 - 9 6 1 - 4 4 5 4 | W W W . R A C K S PA C E . C O M

© R AC KS PAC E LT D. | R AC KS PAC E® AND FANAT IC AL S U PPOR T ® AR E S ER VIC E MAR KS OF R AC KS PAC E U S , INC . R EGIS T ER ED IN T HE U NIT ED S T AT ES AND OT HER C OU NT R IES . | WWW. RA C K S P A C E. C OM

US

Thank you

https://github.com/metral/whitepapers

Follow me on Twitter: @mikemetral

Documents

What Should I Know About (Insert Container Project Here)