Container as a Service
(CaaS)
Ashish Pandey
@ashishapy
blog.ashishapy.com
Disclaimer:
This is a personal talk and all opinions expressed here are my own and not those of my current or previous employers or partners, I work or worked with.
Use of container for you?
Who are using container in production?
At what scale you are using container?
Containers as a Service (CaaS) is a model where IT organisations and developers can work together to build, ship & run their applications anywhere. CaaS enables an IT secured and managed application environment consisting of content and infrastructure, from which developers are able build and deploy applications in a self service manner. - Docker
- together = Collaboration
- build, ship & run = CI / CD
- anywhere = Multi Cloud / Hybrid Cloud
- secured = Secured + policy compliant
- managed = Managed Services + Auto Scale
- content = App + User Data
- infrastructure = Compute Resources + IT Services
- self service = Self-service + Governance
Containers as a Service
often and fast
fully automatic
zero-downtime
ability to rollback
resilient
scale
self-healing
cost effective
Secure & compliant
New Stack Ops
Container Management Framework
helps you to build CaaS
Cloud providers:
How to choose one?
Choice of the orchestration layer often drives the ‘Container Management Framework’ selection decision.
But orchestration is just a piece of the puzzle
Orchestration
Don’t be blinded by orchestration capabilities.
How to choose one?
Focus on governance, security and policy enforcement
Orchestration tools are Ops focused
What container management framework can't do for us?
- Manage it's own life cycle :
Install / bootstrap, upgrade / rollback / security fixes, disaster recovery of container management framework itself.
- Infrastructure Management:
Infrastructure (computing, network & storage) provisioning, scaling up / down, upgrading / rollback / security fixes.
How to manage then ... ?
- Have well tested disaster recovery & rollback plan in-place
Capabilities of CaaS
Features of Container Management Framework
Orchestration
1) Scheduling of containers:
Placement, replication, scaling, rescheduling, upgrades, rollback of containers.
2) Computing resource management:
Memory, cpu, volume, port, ip, image, network of containers.
3) Management of services:
Service discovery & orchestrating multiple containers together (using label, group, namespace, load balancing, readiness checking, health checking).
4) Governance:
Access control, isolation, resource utilisation, limits & quotas, network segmentation & encryption.
5) Image registry:
A place where you can store & distribute container (Docker) images.
Tools:
7) Persistant Storage:
Place to store all your app data. A software-defined storage (SDS)
Tools:
-
Object Storage
-
Block Storage
You may want to continue with your traditional storage solution until world settles for stateful containers.
8) Security solutions:
Enforce security policies, manage secrets, security scanning, image signing.
Tools:
9) Load balancer:
To manage & distribute your external traffic.
Tools:
10) Monitoring:
Log management, Metrics collection, time-series monitoring, analytics & visualisation & alerting.
Tools:
- Splunk
- Elastic Stack
- Sysdig
- Prometheus
- Others (cAdvisor, Fluentd, Heapster, Grafana etc.)
11) Authentication & authorisation:
Policy compliance, role based access control (RBAC), app to app communication
Tools:
12) Continuous Integration:
Developers to integrate code into a shared repository & verified by an automated build, allowing teams to detect problems early
Tools:
15) Cloud provider services
Cloud Provider Interface (CPI) e.g. AWS, Azure, Google
16) Billing system
Meter your platform uses & charge back to your CaaS user.
17) Auditing system
Audit your system for any security, governance & policy related compliance.
18) DNS
Domain name system to map your nice looking URL with load-balancer.
Any Recommendations ...
No! One size doesn’t fit all.
Try this ...
-
First choose a cloud provider (public / private).
-
Decide on what cloud services you are gonna use to build infrastructure (VMs / bare metal).
-
Make a checklist (based on your need) as listed in this talk & see which Container Management Framework best suited to you.
-
Choose tools which will help you to create infrastructure, deploy container management framework, upgrade & rollback it.
-
Don’t forget to adopt DevOps tools, principles & 12Factor apps for CaaS.
CaaS
By Ashish Pandey
CaaS
Container as a Service
- 2,009