Container orchestration
quick Docker recap
Containers
Images
- Immutable snapshot of a container
- Compact, mutli-layer
- Represent a deploy ready artifact of a service/app
Image registry
- A registry/store for images
- Largest public one is DockerHub
- Contains thousands of services/applications like redis, wordpress, graphite, nginx, gitlab and many other relevant pieces of software.
Docker is not really a virtualization software, but rather an application delivery solution
production CHALLENGES
- Application in micro-service architecture
- How do we bring it to production?
- How do handle:
- Services discovery and coordination
- Scale
- Networking
- Security
- Storage
- Monitoring and logging
- Health and recovery
- etc...
CLOUD state (2012)
source: https://www.slideshare.net/KarlIsenberg/container-orchestration-wars-2017-edition
CLOUD STATE (2017)
source: https://www.slideshare.net/KarlIsenberg/container-orchestration-wars-2017-edition
Current container solutions landscape at soluto
- AWS EB (PAAS, production)
- Two production swarm clusters (CAAS, production, Tweek)
- One experimental swarm cluster (CAAS, Tweek)
- One experimental k8s cluster (CAAS, future)
What is A container platform?
A platform for running container workloads, the central piece of the platform is the orchestrator.
ORCHESTRATOR RESPONSIBILITIES
Managing container workloads
- Scheduling
- Replication
- Isolation
- Upgrades
- Daemons
ORCHESTRATOR RESPONSIBILITIES
Resource management
- CPU
- GPU
- Memory
ORCHESTRATOR RESPONSIBILITIES
Networking
- Container Ips
- DNS
- Service discovery
- Port mapping
- VIPs, Load balancing - lv4, le7 (http/s)
- Ingress/Overlay
ORCHESTRATOR RESPONSIBILITIES
Storage management
- Volumes (local, remote)
- Configuration
- Secrets
ORCHESTRATOR RESPONSIBILITIES
Operations
- Health checking
- Metrics collection
- Log collection
- Auto recovery
- Autoscaling
- Federation
ORCHESTRATOR RESPONSIBILITIES
Administration
- UI
- Security (RBAC)
- Auditing
ORCHESTRATOR RESPONSIBILITIES
And there's much more:
https://www.slideshare.net/KarlIsenberg/container-orchestration-wars-2017-edition
orchestrator landscape
Demo
play-with-docker.com
play-with-k8s.com
https://gist.github.com/Yshayy/1a4c7dc7d2db962f82d03dcd2cf8032e
Demo
- 2 instances running lots of services
- Deployments of different stacks
- Deployment as configuration files
- A faas platform with monitoring and autoscaling on top of our cluster
Pitfalls
- Still young ecosystem
- Limited auto-scaling capabilities (infra, containers)
- Not very stable tools/apis
- Lots of patches
- More management overhead
- Shared infrastructure -> Less isolation
future
FUTURE?
- Self-managed, self-healing stateful services (DBs)
- configuration
- network
- storage
- autoscaling
- backups
- "Serverless" containers (ACI, hyper.sh)
- Enhanced service communication (istio, calico)
- security, routing, tracing,
load-balancing, gradual releases, and more... - Distributed application packages (helm)
QUESTIONS
Container orchestration
By yshayy
