Nuxeo, profile picture
Uploaded byNuxeo
PDF, PPTX3,502 views

[NYC Meetup] Docker at Nuxeo

The document outlines the Nuxeo platform's evolution towards a scalable infrastructure utilizing Docker and CoreOS for quick provisioning and easy setups. It discusses challenges in automation, container management, and service linking, presenting Gogeta and etcd as solutions for service discovery and load balancing in a clustered environment. The conclusion highlights the benefits of adopting micro containers and the potential of Arken for enhanced deployment models.

Embed presentation

Download as PDF, PPTX
Docker at Nuxeo
Who we are
What is Nuxeo platform • A platform to develop you own content apps • Highly pluggable thru extension points • Model you content with Nuxeo Studio • Point and click UI to define your business model • with hot-reload
Nuxeo tech. stack • Java stack : Seam + JSF for Nuxeo DM and DAM • Rest API to build your JS Apps • Nuxeo Studio (Saas) to model your business • Thru data model (doc types, schemas) • Thru Automation chains
Nuxeo in the cloud ?
Goals • Customers ask to host their app • Provide quick access to test instances (onboarding) • Provide onDemand dev or CI instances
Goals • Customers ask to host their app • Provide quick access to test instances (onboarding) • Provide onDemand dev or CI instances This is the nuxeo.io promise
First attempt
Manual OnDemand • Based on AWS CloudFormation • Manually deployed • Works but : • not scalable • manual admin & monitoring • difficult upgrade process
Second attempt
AWS Automation • Provisionning may be automated • Working mockup (python, celery, boto) but… • Strong adherence to AWS • difficult to test • slow provisionning (one EC2 instance per Nuxeo instance) • upgrade process still difficult • scaling out is difficult • sensible to failures
This leads to our challenge
Current challenge • Build a scalable infrastructure • Quick provisioning (less than a minute) • Easy setup (no admin needed) • Easy upgrade process • Automated healing • Easy to test
How Docker solves some of these issues ?
Quick provisioning • We don’t have to start a server • No VM overhead • Start time is Nuxeo start time
Data free containers • Docker container doesn’t hold data • Upgrading is just using a new version of the image • Healing means killing and restarting Nuxeo v5.9.3 S3Postgres
Data free containers • Docker container doesn’t hold data • Upgrading is just using a new version of the image • Healing means killing and restarting S3Postgres
Data free containers • Docker container doesn’t hold data • Upgrading is just using a new version of the image • Healing means killing and restarting S3Postgres Nuxeo v5.9.4
Several containers per server • Scaling is just a matter of starting several containers • But means infinite CPU / RAM and IO Nuxeo.io server io container NXIO-0001 io container NXIO-0002 io container NXIO-0003 io container NXIO-XXXX …
Challenge status • Build a scalable infrastructure • Quick provisioning (less than a minute) • Easy setup (no admin needed) • Easy upgrade process • Automated healing • Easy to test
How to solve the other issues ? … with a little help from my friends
The infinite resource computer…
… is a cluster
Docker is not sufficient • Docker handles processes at the OS level • On the cluster level we need a companion • To load balance the processes • To check the statuses of the processes • We need a docker ps at the cluster level
Introducing CoreOS • A minimal Linux distribution (small footprint) • Designed to handle cluster • Providing cluster tooling • Docker • etcd • fleet https://coreos.com/
etcd : service discovery • etcd is • small distributed key value store • keys may have TTL • using Raft protocol to elect cluster leader • suitable for : • shared configuration • service discovery
fleet : clustered init system • fleet is : • an init system at the cluster level • compatible with systemd unit files • suitable for : • launching docker containers • distributing load across cluster • get the status of the jobs
fleet demo • Deploy our nuxeo container in the cluster
Challenge status • Build a scalable infrastructure • Quick provisioning (less than a minute) • Easy setup (no admin needed) • Easy upgrade process • Automated healing • Easy to test
What are the admin tasks ? • Launch the fleetctl command • Setup DNS and reverse proxies • Link container to external services (S3, Postgres etc…)
DNS and reverse proxy • docker start containers and link host port to container port • The cluster has to redirect calls to mycustomDNS.io to the running container meaning knowing • the ip of the host • the port on the host
Introducing Gogeta ! /services/NXIO-0001/location:{host:172.31.51.1,port:49153}!                 /status/current:started!                       /expected:started! !! ! ! ! ! /alive:1! /domains/mydomain.nuxeo.io/type:iocontainer!                           /value:NXIO-0001 Given this etcd configuration
Cluster CoreOS 172.31.51.20 etcd io container NXIO-0098 systemd CoreOS 172.31.51.1 etcd io container NXIO-0001 Gogeta systemd … … … … Fleet … Gogeta … Introducing Gogeta Round robin load Balancer etcd ! /services/NXIO-0098/location:{host:172.31.51.20,port:49153}!                 /status/current:started!                       /expected:started! !! ! ! ! ! /alive:1! /domains/mydomain.nuxeo.io/type:iocontainer!                           /value:NXIO-0001
Cluster CoreOS 172.31.51.20 etcd io container NXIO-0098 systemd CoreOS 172.31.51.1 etcd io container NXIO-0001 Gogeta systemd … … … … Fleet … Gogeta … Introducing Gogeta Round robin load Balancer etcd ! /services/NXIO-0098/location:{host:172.31.51.20,port:49153}!                 /status/current:started!                       /expected:started! !! ! ! ! ! /alive:1! /domains/mydomain.nuxeo.io/type:iocontainer!                           /value:NXIO-0001
Cluster CoreOS 172.31.51.20 etcd io container NXIO-0098 systemd CoreOS 172.31.51.1 etcd io container NXIO-0001 Gogeta systemd … … … … Fleet … Gogeta … Introducing Gogeta Round robin load Balancer etcd ! /services/NXIO-0098/location:{host:172.31.51.20,port:49153}!                 /status/current:started!                       /expected:started! !! ! ! ! ! /alive:1! /domains/mydomain.nuxeo.io/type:iocontainer!                           /value:NXIO-0001
Cluster CoreOS 172.31.51.20 etcd io container NXIO-0098 systemd CoreOS 172.31.51.1 etcd io container NXIO-0001 Gogeta systemd … … … … Fleet … Gogeta … Introducing Gogeta Round robin load Balancer etcd ! /services/NXIO-0098/location:{host:172.31.51.20,port:49153}!                 /status/current:started!                       /expected:started! !! ! ! ! ! /alive:1! /domains/mydomain.nuxeo.io/type:iocontainer!                           /value:NXIO-0001
Cluster CoreOS 172.31.51.20 etcd io container NXIO-0098 systemd CoreOS 172.31.51.1 etcd io container NXIO-0001 Gogeta systemd … … … … Fleet … Gogeta … Introducing Gogeta Round robin load Balancer etcd ! /services/NXIO-0098/location:{host:172.31.51.20,port:49153}!                 /status/current:started!                       /expected:started! !! ! ! ! ! /alive:1! /domains/mydomain.nuxeo.io/type:iocontainer!                           /value:NXIO-0001
Cluster CoreOS 172.31.51.20 etcd io container NXIO-0098 systemd CoreOS 172.31.51.1 etcd io container NXIO-0001 Gogeta systemd … … … … Fleet … Gogeta … Introducing Gogeta Round robin load Balancer etcd ! /services/NXIO-0098/location:{host:172.31.51.20,port:49153}!                 /status/current:started!                       /expected:started! !! ! ! ! ! /alive:1! /domains/mydomain.nuxeo.io/type:iocontainer!                           /value:NXIO-0001
Introducing Gogeta • Easy to start as a docker container ! ! • Written in Go • Available at : http://github.com/nuxeo/gogeta /usr/bin/docker run --rm --name gogeta -p 7777:7777 nuxeo/gogeta
Application startup unit ! [Unit]! Description=Sample startup script! ! [Service]! ExecStartPre= Set starting status in etcd! ExecStart= Launch docker container! ExecStartPost= Wait container to be launched and set app location in etcd! ExecStop= Stop docker container! ExecStopPost= Set stopped status in etcd!
Linking services • Docker recommend to use ambassadors to link services • Service may be hosted on other servers or outside of the cluster • We’ve implemented dynamic ambassadors • http://coreos.com/blog/docker-dynamic-ambassador- powered-by-etcd/
Cluster CoreOS 172.31.51.20 etcd Postgres systemd CoreOS 172.31.51.1 etcd io-container NXIO-0001 systemd … … … … Fleet postgres-amb Dynamic ambassador etcd ! /services/postgres/location:{host:172.31.51.20,port:49159}! https://github.com/nuxeo/etcd-netfw
Cluster CoreOS 172.31.51.20 etcd Postgres systemd CoreOS 172.31.51.1 etcd io-container NXIO-0001 systemd … … … … Fleet postgres-amb Dynamic ambassador etcd ! /services/postgres/location:{host:172.31.51.20,port:49159}! https://github.com/nuxeo/etcd-netfw
Cluster CoreOS 172.31.51.20 etcd Postgres systemd CoreOS 172.31.51.1 etcd io-container NXIO-0001 systemd … … … … Fleet postgres-amb Dynamic ambassador etcd ! /services/postgres/location:{host:172.31.51.20,port:49159}! https://github.com/nuxeo/etcd-netfw
Dynamic ambassador • Very easy to start ! • Uses https://github.com/nuxeo/etcd-netfw docker run --rm --name postgres-amb -P nuxeo/service-amb postgres-service
Launching commands • A manager web app now launches commands : • sets up basic etcd values (like domain to service resolution) • launches fleet commands (start & stop apps) • polls statuses
Challenge status • Build a scalable infrastructure • Quick provisioning (less than a minute) • Easy setup (no admin needed) • Easy upgrade process • Automated healing • Easy to test
Let’s resume
From nuxeo.io… • We’ve built a cluster infrastructure that : • knows how to deploy Docker containers (with fleet) • Expose those containers thru domain name resolution (with gogeta) • Link dependent services to the container (with etcd-netfw)
From nuxeo.io… • Given that a container should represent an application • Running this apps means : • Launch it with runtime parameters • Link it to its dependent services • Then we can build a metamodel around it
… name: io-container! version: 1.0! params:! - env_tech_id: ! - description: The id of the environment to run! - type:string! - clid:! - description: a registered connect client ID! - type:string! ! buildimage:! path: "./docker"! ! dependencies:! - postgres.service! - s3.service! !
… to arken • to be able to run any application ! • it will take care of : • Submitting the model to the cluster • Building the image if needed • Launching the container • Registering everything in etcd arkenctl start iocontainer.ark —domain myapp.mycluster.io
Arken status • We are extracting things from http://github.com/nuxeo/nuxeo.io • http://github.com/arkenio • home of gogeta and etcd • provide cluster init instruction • arken and arkenctl tools needs to be done • new opensource projects (not in nuxeo repo) • pull requests are welcome
Conclusion • Docker helped us to enter the micro containers world • Lots of new features : multi-repo, automatic /etc/hosts etc… • CoreOS provided us cluster deployment • Arken wants to provide a higher deployment model
Time for questions @damienmetzler

More Related Content

PPTX
Apache Performance Tuning: Scaling Up
bySander Temme
 
PDF
Varnish Configuration Step by Step
byKim Stefan Lindholm
 
PDF
Running the Oracle SOA Suite Environment in a Docker Container
byGuido Schmutz
 
PDF
Performance Benchmarking of Clouds Evaluating OpenStack
byPradeep Kumar
 
PDF
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
byOpen Source Consulting
 
PDF
douban happyday docker for daeqaci
byTianwei Liu
 
PDF
[2018.10.19] Andrew Kong - Tunnel without tunnel (Seminar at OpenStack Korea ...
byOpenStack Korea Community
 
ODP
Nagios Conference 2012 - Mike Weber - Failover
byNagios
 
Apache Performance Tuning: Scaling Up
bySander Temme
 
Varnish Configuration Step by Step
byKim Stefan Lindholm
 
Running the Oracle SOA Suite Environment in a Docker Container
byGuido Schmutz
 
Performance Benchmarking of Clouds Evaluating OpenStack
byPradeep Kumar
 
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
byOpen Source Consulting
 
douban happyday docker for daeqaci
byTianwei Liu
 
[2018.10.19] Andrew Kong - Tunnel without tunnel (Seminar at OpenStack Korea ...
byOpenStack Korea Community
 
Nagios Conference 2012 - Mike Weber - Failover
byNagios
 

What's hot

PDF
Introduction to Docker storage, volume and image
byejlp12
 
PPTX
Apache Performance Tuning: Scaling Out
bySander Temme
 
PPTX
Docker on openstack by OpenSource Consulting
byOpen Source Consulting
 
PDF
[오픈소스컨설팅] EFK Stack 소개와 설치 방법
byOpen Source Consulting
 
PDF
OSv presentation from Linux Foundation Collaboration Summit
byDon Marti
 
PDF
Live migrating a container: pros, cons and gotchas
byDocker, Inc.
 
PDF
AF Ceph: Ceph Performance Analysis and Improvement on Flash
byCeph Community
 
PPTX
CloudStack Day Japan 2015 - Hypervisor Selection in CloudStack 4.5
byTim Mackey
 
PDF
Apache Traffic Server & Lua
byKit Chan
 
PDF
An Updated Performance Comparison of Virtual Machines and Linux Containers
byKento Aoyama
 
PPT
Python Deployment with Fabric
byandymccurdy
 
PDF
Cobbler - Fast and reliable multi-OS provisioning
byRUDDER
 
PDF
Cobbler, Func and Puppet: Tools for Large Scale Environments
byViSenze - Artificial Intelligence for the Visual Web
 
PPT
Running High Performance and Fault Tolerant Elasticsearch Clusters on Docker
bySematext Group, Inc.
 
PDF
XPDS14 - Towards Massive Server Consolidation - Filipe Manco, NEC
byThe Linux Foundation
 
PPTX
VMworld 2016: vSphere 6.x Host Resource Deep Dive
byVMworld
 
PPTX
To Build My Own Cloud with Blackjack…
bySergey Dzyuban
 
PPT
SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack
bySaltStack
 
PDF
Docker vs kvm
byWilson Cunalata
 
PDF
Erlang On Xen: Redefining the Cloud Software Stack
byViktor Sovietov
 
Introduction to Docker storage, volume and image
byejlp12
 
Apache Performance Tuning: Scaling Out
bySander Temme
 
Docker on openstack by OpenSource Consulting
byOpen Source Consulting
 
[오픈소스컨설팅] EFK Stack 소개와 설치 방법
byOpen Source Consulting
 
OSv presentation from Linux Foundation Collaboration Summit
byDon Marti
 
Live migrating a container: pros, cons and gotchas
byDocker, Inc.
 
AF Ceph: Ceph Performance Analysis and Improvement on Flash
byCeph Community
 
CloudStack Day Japan 2015 - Hypervisor Selection in CloudStack 4.5
byTim Mackey
 
Apache Traffic Server & Lua
byKit Chan
 
An Updated Performance Comparison of Virtual Machines and Linux Containers
byKento Aoyama
 
Python Deployment with Fabric
byandymccurdy
 
Cobbler - Fast and reliable multi-OS provisioning
byRUDDER
 
Cobbler, Func and Puppet: Tools for Large Scale Environments
byViSenze - Artificial Intelligence for the Visual Web
 
Running High Performance and Fault Tolerant Elasticsearch Clusters on Docker
bySematext Group, Inc.
 
XPDS14 - Towards Massive Server Consolidation - Filipe Manco, NEC
byThe Linux Foundation
 
VMworld 2016: vSphere 6.x Host Resource Deep Dive
byVMworld
 
To Build My Own Cloud with Blackjack…
bySergey Dzyuban
 
SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack
bySaltStack
 
Docker vs kvm
byWilson Cunalata
 
Erlang On Xen: Redefining the Cloud Software Stack
byViktor Sovietov
 

Viewers also liked

PDF
etcd based PostgreSQL HA Cluster
bywinsletts
 
PDF
Production Readiness Strategies in an Automated World
bySean Chittenden
 
PDF
Creating PostgreSQL-as-a-Service at Scale
bySean Chittenden
 
PDF
KubeCon EU 2016: Full Automatic Database: PostgreSQL HA with Kubernetes
byKubeAcademy
 
PDF
Dynamic Database Credentials: Security Contingency Planning
bySean Chittenden
 
PDF
PostgreSQL High-Availability and Geographic Locality using consul
bySean Chittenden
 
PDF
FreeBSD: Dev to Prod
bySean Chittenden
 
PDF
High Availability PostgreSQL with Zalando Patroni
byZalando Technology
 
PDF
gRPC: The Story of Microservices at Square
byApigee | Google Cloud
 
PDF
Ingesting Drone Data into Big Data Platforms
byTimothy Spann
 
etcd based PostgreSQL HA Cluster
bywinsletts
 
Production Readiness Strategies in an Automated World
bySean Chittenden
 
Creating PostgreSQL-as-a-Service at Scale
bySean Chittenden
 
KubeCon EU 2016: Full Automatic Database: PostgreSQL HA with Kubernetes
byKubeAcademy
 
Dynamic Database Credentials: Security Contingency Planning
bySean Chittenden
 
PostgreSQL High-Availability and Geographic Locality using consul
bySean Chittenden
 
FreeBSD: Dev to Prod
bySean Chittenden
 
High Availability PostgreSQL with Zalando Patroni
byZalando Technology
 
gRPC: The Story of Microservices at Square
byApigee | Google Cloud
 
Ingesting Drone Data into Big Data Platforms
byTimothy Spann
 

Similar to [NYC Meetup] Docker at Nuxeo

PDF
CoreOS, or How I Learned to Stop Worrying and Love Systemd
byRichard Lister
 
PPTX
Core os dna_oscon
byPatrick Galbraith
 
PDF
AWS Workshop 102
bylynn80827
 
PDF
Meetup Docker@Nuxeo - Build a Cloud Platform with Docker
byNuxeo
 
PDF
Beyond static configuration
byStefan Schimanski
 
PDF
Docker Application to Scientific Computing
byPeter Bryzgalov
 
PPTX
Core os dna_automacon
byPatrick Galbraith
 
PDF
Introduction to Docker & CoreOS - Symfony User Group Cologne
byD
 
PDF
Docker and friends at Linux Days 2014 in Prague
bytomasbart
 
PDF
Karl Grzeszczak: September Docker Presentation at Mediafly
byMediafly
 
PDF
Docking postgres
byrycamor
 
PDF
Docker-v3.pdf
byBruno Cornec
 
PDF
ECS & ECR Deep Dive - 김기완 솔루션즈 아키텍트 :: AWS Container Day
byAmazon Web Services Korea
 
PDF
Docker Intro
byRuben Taelman
 
PDF
Docker 0.11 at MaxCDN meetup in Los Angeles
byJérôme Petazzoni
 
PDF
Running your dockerized application(s) on AWS Elastic Container Service
byMarco Pas
 
PPTX
Docker on Amazon ECS
byDeepak Kumar
 
PDF
Shipping NodeJS with Docker and CoreOS
byRoss Kukulinski
 
PDF
Shipping Applications to Production in Containers with Docker
byJérôme Petazzoni
 
PDF
WebSphere and Docker
byDavid Currie
 
CoreOS, or How I Learned to Stop Worrying and Love Systemd
byRichard Lister
 
Core os dna_oscon
byPatrick Galbraith
 
AWS Workshop 102
bylynn80827
 
Meetup Docker@Nuxeo - Build a Cloud Platform with Docker
byNuxeo
 
Beyond static configuration
byStefan Schimanski
 
Docker Application to Scientific Computing
byPeter Bryzgalov
 
Core os dna_automacon
byPatrick Galbraith
 
Introduction to Docker & CoreOS - Symfony User Group Cologne
byD
 
Docker and friends at Linux Days 2014 in Prague
bytomasbart
 
Karl Grzeszczak: September Docker Presentation at Mediafly
byMediafly
 
Docking postgres
byrycamor
 
Docker-v3.pdf
byBruno Cornec
 
ECS & ECR Deep Dive - 김기완 솔루션즈 아키텍트 :: AWS Container Day
byAmazon Web Services Korea
 
Docker Intro
byRuben Taelman
 
Docker 0.11 at MaxCDN meetup in Los Angeles
byJérôme Petazzoni
 
Running your dockerized application(s) on AWS Elastic Container Service
byMarco Pas
 
Docker on Amazon ECS
byDeepak Kumar
 
Shipping NodeJS with Docker and CoreOS
byRoss Kukulinski
 
Shipping Applications to Production in Containers with Docker
byJérôme Petazzoni
 
WebSphere and Docker
byDavid Currie
 

More from Nuxeo

PDF
Own the Digital Shelf Strategies Food and Beverage Companies
byNuxeo
 
PDF
How DAM Librarians Can Get Ready for the Uncertain Future
byNuxeo
 
PDF
How Insurers Fueled Transformation During a Pandemic
byNuxeo
 
PDF
Manage your Content at Scale with MongoDB and Nuxeo
byNuxeo
 
PDF
Accelerate the Digital Supply Chain From Idea to Support
byNuxeo
 
PDF
Where are you in the DAM Continuum
byNuxeo
 
PDF
Customer Experience in 2021
byNuxeo
 
PPTX
L’IA personnalisée, clé d’une gestion de l’information innovante
byNuxeo
 
PDF
Gérer ses contenus avec MongoDB et Nuxeo
byNuxeo
 
PPTX
Le DAM en 2021 : Tendances, points clés et critères d'évaluation
byNuxeo
 
PPTX
Enabling Digital Transformation Amidst a Global Pandemic | Low-Code, Cloud, A...
byNuxeo
 
PDF
Elevate your Customer's Experience and Stay Ahead of the Competition
byNuxeo
 
PDF
Driving Brand Loyalty Through Superior Customer Experience
byNuxeo
 
PDF
Drive Enterprise Speed and Scale with A Cloud-Native DAM
byNuxeo
 
PPTX
The Big Picture: the Role of Video, Photography, and Content in Enhancing the...
byNuxeo
 
PDF
How Creatives Are Getting Creative in 2020 and Beyond
byNuxeo
 
PPTX
Digitalisation : Améliorez la collaboration et l’expérience client grâce au DAM
byNuxeo
 
PDF
Reimagine Your Claims Process with Future-Proof Technologies
byNuxeo
 
PPTX
Comment le Centre Hospitalier Laborit dématérialise ses processus administratifs
byNuxeo
 
PDF
Accelerating the Packaging Design Process with Artificial Intelligence
byNuxeo
 
Own the Digital Shelf Strategies Food and Beverage Companies
byNuxeo
 
How DAM Librarians Can Get Ready for the Uncertain Future
byNuxeo
 
How Insurers Fueled Transformation During a Pandemic
byNuxeo
 
Manage your Content at Scale with MongoDB and Nuxeo
byNuxeo
 
Accelerate the Digital Supply Chain From Idea to Support
byNuxeo
 
Where are you in the DAM Continuum
byNuxeo
 
Customer Experience in 2021
byNuxeo
 
L’IA personnalisée, clé d’une gestion de l’information innovante
byNuxeo
 
Gérer ses contenus avec MongoDB et Nuxeo
byNuxeo
 
Le DAM en 2021 : Tendances, points clés et critères d'évaluation
byNuxeo
 
Enabling Digital Transformation Amidst a Global Pandemic | Low-Code, Cloud, A...
byNuxeo
 
Elevate your Customer's Experience and Stay Ahead of the Competition
byNuxeo
 
Driving Brand Loyalty Through Superior Customer Experience
byNuxeo
 
Drive Enterprise Speed and Scale with A Cloud-Native DAM
byNuxeo
 
The Big Picture: the Role of Video, Photography, and Content in Enhancing the...
byNuxeo
 
How Creatives Are Getting Creative in 2020 and Beyond
byNuxeo
 
Digitalisation : Améliorez la collaboration et l’expérience client grâce au DAM
byNuxeo
 
Reimagine Your Claims Process with Future-Proof Technologies
byNuxeo
 
Comment le Centre Hospitalier Laborit dématérialise ses processus administratifs
byNuxeo
 
Accelerating the Packaging Design Process with Artificial Intelligence
byNuxeo
 

Recently uploaded

PPTX
Building Cyber Resilience for 2026: Best Practices for a Secure, AI-Driven Bu...
byYasir Naveed Riaz
 
PDF
GPUS and How to Program Them by Manya Bansal
byScyllaDB
 
PDF
Unlocking the Power of Salesforce Architecture: Frameworks for Effective Solu...
byvarsha30tiwari
 
PDF
DevFest El Jadida 2025 - Product Thinking
byElmehdi AMLOU
 
PDF
Internet_of_Things_IoT_for_Next_Generation_Smart_Systems_Utilizing.pdf
byRoshanSyed12
 
PPT
software-security-intro in information security.ppt
byismaeelsahib032
 
PPTX
Unit-4-ARTIFICIAL NEURAL NETWORKS.pptx ANN ppt Artificial neural network
byssuserd4481a
 
PDF
Day 1 - Cloud Security Strategy and Planning ~ 2nd Sight Lab ~ Cloud Security...
by2nd Sight Lab
 
PDF
Dev Dives: AI that builds with you - UiPath Autopilot for effortless RPA & AP...
byUiPathCommunity
 
PDF
Energy Storage Landscape Clean Energy Ministerial
bySurajitBanerjee38
 
PDF
Security Technologys: Access Control, Firewall, VPN
byShielaLasala
 
PPTX
cybercrime in Information security .pptx
byismaeelsahib032
 
PDF
Our Digital Tribe_ Cultivating Connection and Growth in Our Slack Community 🌿...
bysanjeetmishra30
 
PPTX
wob-report.pptxwob-report.pptxwob-report.pptx
byssuser0d171c
 
PPTX
AI's Impact on Cybersecurity - Challenges and Opportunities
byYasir Naveed Riaz
 
PDF
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
PDF
December Patch Tuesday
byIvanti
 
PDF
Day 3 - Data and Application Security - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
DOCX
iRobot Post‑Mortem and Alternative Paths - Discussion Document for Boards and...
byDave Litwiller
 
PPTX
Cloud-and-AI-Platform-FY26-Partner-Playbook.pptx
byiuiuiuiu1
 
Building Cyber Resilience for 2026: Best Practices for a Secure, AI-Driven Bu...
byYasir Naveed Riaz
 
GPUS and How to Program Them by Manya Bansal
byScyllaDB
 
Unlocking the Power of Salesforce Architecture: Frameworks for Effective Solu...
byvarsha30tiwari
 
DevFest El Jadida 2025 - Product Thinking
byElmehdi AMLOU
 
Internet_of_Things_IoT_for_Next_Generation_Smart_Systems_Utilizing.pdf
byRoshanSyed12
 
software-security-intro in information security.ppt
byismaeelsahib032
 
Unit-4-ARTIFICIAL NEURAL NETWORKS.pptx ANN ppt Artificial neural network
byssuserd4481a
 
Day 1 - Cloud Security Strategy and Planning ~ 2nd Sight Lab ~ Cloud Security...
by2nd Sight Lab
 
Dev Dives: AI that builds with you - UiPath Autopilot for effortless RPA & AP...
byUiPathCommunity
 
Energy Storage Landscape Clean Energy Ministerial
bySurajitBanerjee38
 
Security Technologys: Access Control, Firewall, VPN
byShielaLasala
 
cybercrime in Information security .pptx
byismaeelsahib032
 
Our Digital Tribe_ Cultivating Connection and Growth in Our Slack Community 🌿...
bysanjeetmishra30
 
wob-report.pptxwob-report.pptxwob-report.pptx
byssuser0d171c
 
AI's Impact on Cybersecurity - Challenges and Opportunities
byYasir Naveed Riaz
 
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
December Patch Tuesday
byIvanti
 
Day 3 - Data and Application Security - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
iRobot Post‑Mortem and Alternative Paths - Discussion Document for Boards and...
byDave Litwiller
 
Cloud-and-AI-Platform-FY26-Partner-Playbook.pptx
byiuiuiuiu1
 

[NYC Meetup] Docker at Nuxeo

  • 1.
  • 2.
  • 3.
    What is Nuxeoplatform • A platform to develop you own content apps • Highly pluggable thru extension points • Model you content with Nuxeo Studio • Point and click UI to define your business model • with hot-reload
  • 4.
    Nuxeo tech. stack •Java stack : Seam + JSF for Nuxeo DM and DAM • Rest API to build your JS Apps • Nuxeo Studio (Saas) to model your business • Thru data model (doc types, schemas) • Thru Automation chains
  • 5.
    Nuxeo in thecloud ?
  • 6.
    Goals • Customers askto host their app • Provide quick access to test instances (onboarding) • Provide onDemand dev or CI instances
  • 7.
    Goals • Customers askto host their app • Provide quick access to test instances (onboarding) • Provide onDemand dev or CI instances This is the nuxeo.io promise
  • 8.
  • 9.
    Manual OnDemand • Basedon AWS CloudFormation • Manually deployed • Works but : • not scalable • manual admin & monitoring • difficult upgrade process
  • 10.
  • 11.
    AWS Automation • Provisionningmay be automated • Working mockup (python, celery, boto) but… • Strong adherence to AWS • difficult to test • slow provisionning (one EC2 instance per Nuxeo instance) • upgrade process still difficult • scaling out is difficult • sensible to failures
  • 12.
    This leads toour challenge
  • 13.
    Current challenge • Builda scalable infrastructure • Quick provisioning (less than a minute) • Easy setup (no admin needed) • Easy upgrade process • Automated healing • Easy to test
  • 14.
    How Docker solves someof these issues ?
  • 15.
    Quick provisioning • Wedon’t have to start a server • No VM overhead • Start time is Nuxeo start time
  • 16.
    Data free containers •Docker container doesn’t hold data • Upgrading is just using a new version of the image • Healing means killing and restarting Nuxeo v5.9.3 S3Postgres
  • 17.
    Data free containers •Docker container doesn’t hold data • Upgrading is just using a new version of the image • Healing means killing and restarting S3Postgres
  • 18.
    Data free containers •Docker container doesn’t hold data • Upgrading is just using a new version of the image • Healing means killing and restarting S3Postgres Nuxeo v5.9.4
  • 19.
    Several containers perserver • Scaling is just a matter of starting several containers • But means infinite CPU / RAM and IO Nuxeo.io server io container NXIO-0001 io container NXIO-0002 io container NXIO-0003 io container NXIO-XXXX …
  • 20.
    Challenge status • Builda scalable infrastructure • Quick provisioning (less than a minute) • Easy setup (no admin needed) • Easy upgrade process • Automated healing • Easy to test
  • 21.
    How to solvethe other issues ? … with a little help from my friends
  • 22.
  • 23.
    … is acluster
  • 24.
    Docker is notsufficient • Docker handles processes at the OS level • On the cluster level we need a companion • To load balance the processes • To check the statuses of the processes • We need a docker ps at the cluster level
  • 25.
    Introducing CoreOS • Aminimal Linux distribution (small footprint) • Designed to handle cluster • Providing cluster tooling • Docker • etcd • fleet https://coreos.com/
  • 26.
    etcd : servicediscovery • etcd is • small distributed key value store • keys may have TTL • using Raft protocol to elect cluster leader • suitable for : • shared configuration • service discovery
  • 27.
    fleet : clusteredinit system • fleet is : • an init system at the cluster level • compatible with systemd unit files • suitable for : • launching docker containers • distributing load across cluster • get the status of the jobs
  • 28.
    fleet demo • Deployour nuxeo container in the cluster
  • 29.
    Challenge status • Builda scalable infrastructure • Quick provisioning (less than a minute) • Easy setup (no admin needed) • Easy upgrade process • Automated healing • Easy to test
  • 30.
    What are theadmin tasks ? • Launch the fleetctl command • Setup DNS and reverse proxies • Link container to external services (S3, Postgres etc…)
  • 31.
    DNS and reverseproxy • docker start containers and link host port to container port • The cluster has to redirect calls to mycustomDNS.io to the running container meaning knowing • the ip of the host • the port on the host
  • 32.
    Introducing Gogeta ! /services/NXIO-0001/location:{host:172.31.51.1,port:49153}!                /status/current:started!                       /expected:started! !! ! ! ! ! /alive:1! /domains/mydomain.nuxeo.io/type:iocontainer!                           /value:NXIO-0001 Given this etcd configuration
  • 33.
    Cluster CoreOS 172.31.51.20 etcd io container NXIO-0098 systemd CoreOS 172.31.51.1 etcd io container NXIO-0001 Gogeta systemd … …… … Fleet … Gogeta … Introducing Gogeta Round robin load Balancer etcd ! /services/NXIO-0098/location:{host:172.31.51.20,port:49153}!                 /status/current:started!                       /expected:started! !! ! ! ! ! /alive:1! /domains/mydomain.nuxeo.io/type:iocontainer!                           /value:NXIO-0001
  • 34.
    Cluster CoreOS 172.31.51.20 etcd io container NXIO-0098 systemd CoreOS 172.31.51.1 etcd io container NXIO-0001 Gogeta systemd … …… … Fleet … Gogeta … Introducing Gogeta Round robin load Balancer etcd ! /services/NXIO-0098/location:{host:172.31.51.20,port:49153}!                 /status/current:started!                       /expected:started! !! ! ! ! ! /alive:1! /domains/mydomain.nuxeo.io/type:iocontainer!                           /value:NXIO-0001
  • 35.
    Cluster CoreOS 172.31.51.20 etcd io container NXIO-0098 systemd CoreOS 172.31.51.1 etcd io container NXIO-0001 Gogeta systemd … …… … Fleet … Gogeta … Introducing Gogeta Round robin load Balancer etcd ! /services/NXIO-0098/location:{host:172.31.51.20,port:49153}!                 /status/current:started!                       /expected:started! !! ! ! ! ! /alive:1! /domains/mydomain.nuxeo.io/type:iocontainer!                           /value:NXIO-0001
  • 36.
    Cluster CoreOS 172.31.51.20 etcd io container NXIO-0098 systemd CoreOS 172.31.51.1 etcd io container NXIO-0001 Gogeta systemd … …… … Fleet … Gogeta … Introducing Gogeta Round robin load Balancer etcd ! /services/NXIO-0098/location:{host:172.31.51.20,port:49153}!                 /status/current:started!                       /expected:started! !! ! ! ! ! /alive:1! /domains/mydomain.nuxeo.io/type:iocontainer!                           /value:NXIO-0001
  • 37.
    Cluster CoreOS 172.31.51.20 etcd io container NXIO-0098 systemd CoreOS 172.31.51.1 etcd io container NXIO-0001 Gogeta systemd … …… … Fleet … Gogeta … Introducing Gogeta Round robin load Balancer etcd ! /services/NXIO-0098/location:{host:172.31.51.20,port:49153}!                 /status/current:started!                       /expected:started! !! ! ! ! ! /alive:1! /domains/mydomain.nuxeo.io/type:iocontainer!                           /value:NXIO-0001
  • 38.
    Cluster CoreOS 172.31.51.20 etcd io container NXIO-0098 systemd CoreOS 172.31.51.1 etcd io container NXIO-0001 Gogeta systemd … …… … Fleet … Gogeta … Introducing Gogeta Round robin load Balancer etcd ! /services/NXIO-0098/location:{host:172.31.51.20,port:49153}!                 /status/current:started!                       /expected:started! !! ! ! ! ! /alive:1! /domains/mydomain.nuxeo.io/type:iocontainer!                           /value:NXIO-0001
  • 39.
    Introducing Gogeta • Easyto start as a docker container ! ! • Written in Go • Available at : http://github.com/nuxeo/gogeta /usr/bin/docker run --rm --name gogeta -p 7777:7777 nuxeo/gogeta
  • 40.
    Application startup unit ! [Unit]! Description=Samplestartup script! ! [Service]! ExecStartPre= Set starting status in etcd! ExecStart= Launch docker container! ExecStartPost= Wait container to be launched and set app location in etcd! ExecStop= Stop docker container! ExecStopPost= Set stopped status in etcd!
  • 41.
    Linking services • Dockerrecommend to use ambassadors to link services • Service may be hosted on other servers or outside of the cluster • We’ve implemented dynamic ambassadors • http://coreos.com/blog/docker-dynamic-ambassador- powered-by-etcd/
  • 42.
    Cluster CoreOS 172.31.51.20 etcd Postgres systemd CoreOS 172.31.51.1 etcd io-container NXIO-0001 systemd … … …… Fleet postgres-amb Dynamic ambassador etcd ! /services/postgres/location:{host:172.31.51.20,port:49159}! https://github.com/nuxeo/etcd-netfw
  • 43.
    Cluster CoreOS 172.31.51.20 etcd Postgres systemd CoreOS 172.31.51.1 etcd io-container NXIO-0001 systemd … … …… Fleet postgres-amb Dynamic ambassador etcd ! /services/postgres/location:{host:172.31.51.20,port:49159}! https://github.com/nuxeo/etcd-netfw
  • 44.
    Cluster CoreOS 172.31.51.20 etcd Postgres systemd CoreOS 172.31.51.1 etcd io-container NXIO-0001 systemd … … …… Fleet postgres-amb Dynamic ambassador etcd ! /services/postgres/location:{host:172.31.51.20,port:49159}! https://github.com/nuxeo/etcd-netfw
  • 45.
    Dynamic ambassador • Veryeasy to start ! • Uses https://github.com/nuxeo/etcd-netfw docker run --rm --name postgres-amb -P nuxeo/service-amb postgres-service
  • 46.
    Launching commands • Amanager web app now launches commands : • sets up basic etcd values (like domain to service resolution) • launches fleet commands (start & stop apps) • polls statuses
  • 47.
    Challenge status • Builda scalable infrastructure • Quick provisioning (less than a minute) • Easy setup (no admin needed) • Easy upgrade process • Automated healing • Easy to test
  • 48.
  • 49.
    From nuxeo.io… • We’vebuilt a cluster infrastructure that : • knows how to deploy Docker containers (with fleet) • Expose those containers thru domain name resolution (with gogeta) • Link dependent services to the container (with etcd-netfw)
  • 50.
    From nuxeo.io… • Giventhat a container should represent an application • Running this apps means : • Launch it with runtime parameters • Link it to its dependent services • Then we can build a metamodel around it
  • 51.
    … name: io-container! version: 1.0! params:! -env_tech_id: ! - description: The id of the environment to run! - type:string! - clid:! - description: a registered connect client ID! - type:string! ! buildimage:! path: "./docker"! ! dependencies:! - postgres.service! - s3.service! !
  • 52.
    … to arken •to be able to run any application ! • it will take care of : • Submitting the model to the cluster • Building the image if needed • Launching the container • Registering everything in etcd arkenctl start iocontainer.ark —domain myapp.mycluster.io
  • 53.
    Arken status • Weare extracting things from http://github.com/nuxeo/nuxeo.io • http://github.com/arkenio • home of gogeta and etcd • provide cluster init instruction • arken and arkenctl tools needs to be done • new opensource projects (not in nuxeo repo) • pull requests are welcome
  • 54.
    Conclusion • Docker helpedus to enter the micro containers world • Lots of new features : multi-repo, automatic /etc/hosts etc… • CoreOS provided us cluster deployment • Arken wants to provide a higher deployment model
  • 55.