SlideShare a Scribd company logo

ContainerDays NYC 2015: "What It Really Takes to Build a Container Platform" (Matt Butcher)

DynamicInfraDays
DynamicInfraDays

The document outlines 10 things a company learned while building a container platform. It discusses mistakes made like assuming everyone wanted a single storage solution and success found by focusing on object storage. Other lessons include spending more time hardening clustering solutions, accepting Docker's limitations, and choosing one scheduler to support rather than trying to support all of them. The overall conclusion is that while building the platform presented challenges, containers remain a good approach for microservice architectures.

Technology
1 of 45
What It Really Takes to Build a Container Platform 10 Things We Learned the Hard Way
Matt Butcher Platform Architect at Deis Matt is responsible for defining Deis v2 and overseeing what he likes to call… The Great Kubernetes Rebase 11/18/2015 Putting Containers into Production
This is not a commercial for Deis 11/18/2015 Putting Containers into Production
Our View (Subject to Change) • Component architecture is haute couture. • Containers are the idea vehicle for contemporary architecture • Avoid the “thrown over the wall” problem by building good tools 11/18/2015 Putting Containers into Production
Background Deis v1 • Focus: Better Heroku for You • Docker to the max • Mostly Go • Flexibility, but no services • Big success Deis v2 • Focus: PaaS as a Set of Microservices • Kubernetes to the max • Still mostly Go • Building blocks • About 40% complete 11/18/2015 Putting Containers into Production
Top Ten List of Things We Learned the Wrong Way 11/18/2015 Putting Containers into Production Hard
SAY “YES” TO OBJECT STORAGE Lesson 10 11/18/2015 Putting Containers into Production
… and probably “no” to network file systems 11/18/2015 Putting Containers into Production
11/18/2015 Putting Containers into Production Mistake: We assumed everyone wanted a single storage solution. Solution: Focus on object storage for core components
Object Storage vs. Network FS Object Storage • Standard interface: S3 API • Dozens of nearly uniform implementations • Unit of work: object (file) Filesystem/Block Storage • POSIX-ish, lots of standards • Too many choices for implementation • Lots of variants with important discrepancies • But can handle streaming 11/18/2015 Putting Containers into Production
TURTLES ALL THE WAY DOWN Lesson 9 11/18/2015 Putting Containers into Production
The strange things we do for security 11/18/2015 Putting Containers into Production
11/18/2015 Putting Containers into Production Mistake: We built our containers inside of containers (insecure). Solution: Well…
Docker and Security • Running containers: relatively small set of issues • Building containers is much riskier 11/18/2015 Putting Containers into Production
“What if we ran Docker in a VM in a container?” 11/18/2015 Putting Containers into Production Kubernetes Node Container VM (Qemu) Build Container
THE CLUSTERBOMB Lesson 8 11/18/2015 Putting Containers into Production
HA clustering is hard. Ask etcd. 11/18/2015 Putting Containers into Production
11/18/2015 Putting Containers into Production Mistake: We used Etcd in a naïve way, assuming clustering was fairly dynamic. Solution: Spend lots more time hardening clustering solutions.
DOCKER IS A WHALE ON THE MOVE Lesson 7 11/18/2015 Putting Containers into Production
11/18/2015 Putting Containers into Production Mistake: We committed to stay on the latest release of Docker within the 1.x line (SemVer). Solution: Hang back until a particular version emerges as stable.
Docker doesn’t do SemVer 11/18/2015 Putting Containers into Production
SINK THE TITANIC WHILE IT’S STILL AT HARBOR Lesson 6 11/18/2015 Putting Containers into Production
11/18/2015 Putting Containers into Production Mistake: Underestimate the complexity of a fully operational container platform. Solution: Testing of as many varieties as possible.
Testing with vim and vigor 11/18/2015 Putting Containers into Production http://is.gd/GWKfGv
GOPHERS ARE AWESOME…ISH Lesson 5 11/18/2015 Putting Containers into Production
Five Things I Love About Go 1. Great tools 2. Static compilation is huge for containers 3. Rich libraries, esp. for networking 4. Easy to learn 5. Cross-platform (for very small definitions of “platform”) 11/18/2015 Putting Containers into Production
11/18/2015 Putting Containers into Production Mistake: We might have been just a little starry eyed. Solution: Accept the limitations.
O Go, Y U NO… 11/18/2015 Putting Containers into Production http://meme.wikia.com/wiki/File:Y_u_no_sketch.png
Trouble in Paradise • “Go is easy” == simple syntax, verbose code • Package management • Package management • Package management 11/18/2015 Putting Containers into Production
YOUR TEAM IS LIKE YOUR UNDERPANTS Lesson 4 11/18/2015 Putting Containers into Production
They can only stretch so far 11/18/2015 Putting Containers into Production
Microservice Architecture 11/18/2015 Putting Containers into Production http://assets2.ignimgs.com/2014/06/24/ready-player-one-book-art-1280jpg-b68ca1_1280w.jpg
11/18/2015 Putting Containers into Production Mistake: Microservice all the things, but without a plan for maintenance. Solution: Process saves the day.
ALL YOUR SCHEDULERS ARE BELONG TO US Lesson 3 11/18/2015 Putting Containers into Production
Somebody set up us the bomb! 11/18/2015 Putting Containers into Production
11/18/2015 Putting Containers into Production Mistake: “Support all of the schedulers” means “support the weakest scheduler” Solution: Choose just one, and choose based on power & flexibility.
MONOREPOS ARE EVIL Lesson 2 11/18/2015 Putting Containers into Production
Monorepos Pros • All the code is in just one place. • Everyone gets alerted on everything. • Simplifies builds, documentation, issue queue, etc. Cons • Huge dependency tree • Everyone gets alerted on everything • Stable and “preview” mixed • Monorepo vs. microservice • Our users couldn’t effectively re-use 11/18/2015 Putting Containers into Production
11/18/2015 Putting Containers into Production Mistake: One repo with everything in it! (Hey! Google does it!) Solution: Break out microservices into their own repo.
KUBERNETES FLOATS MY BOAT Lesson 1 11/18/2015 Putting Containers into Production
But it’s a very big and complex boat 11/18/2015 Putting Containers into Production http://is.gd/bUGF1J
11/18/2015 Putting Containers into Production Mistake: “Kubernetes is easy! After all, we only have to support one scheduler!” Solution: Educate, cooperate, and build really good tooling!
Package Management Make working with Kubernetes as easy as… $ helm install redis- cluster 11/18/2015 Putting Containers into Production Github.com/deis/helm
Conclusion • Our guiding philosophy: containers for microservices without “throwing over the wall” • We’ve learned some lessons along the way • But the bottom line: Containers are the right bet for the microservice architecture. 11/18/2015 Putting Containers into Production
11/18/2015 Putting Containers into Production

Recommended

Continuous Deployment
Continuous DeploymentContinuous Deployment
Continuous DeploymentPhilippe Lafoucrière
 
Introduction to pre-commit
Introduction to pre-commitIntroduction to pre-commit
Introduction to pre-commitmozillazg
 
ContainerDays NYC 2015: "Easing Your Way Into Docker: Lessons From a Journey ...
ContainerDays NYC 2015: "Easing Your Way Into Docker: Lessons From a Journey ...ContainerDays NYC 2015: "Easing Your Way Into Docker: Lessons From a Journey ...
ContainerDays NYC 2015: "Easing Your Way Into Docker: Lessons From a Journey ...DynamicInfraDays
 
ContainerDays Boston 2016: "Autopilot: Running Real-world Applications in Con...
ContainerDays Boston 2016: "Autopilot: Running Real-world Applications in Con...ContainerDays Boston 2016: "Autopilot: Running Real-world Applications in Con...
ContainerDays Boston 2016: "Autopilot: Running Real-world Applications in Con...DynamicInfraDays
 
ContainerDays NYC 2015: "Container Orchestration Compared: Kubernetes and Doc...
ContainerDays NYC 2015: "Container Orchestration Compared: Kubernetes and Doc...ContainerDays NYC 2015: "Container Orchestration Compared: Kubernetes and Doc...
ContainerDays NYC 2015: "Container Orchestration Compared: Kubernetes and Doc...DynamicInfraDays
 
ContainerDays NYC 2016: "Securing Your Docker Image Registry for Production" ...
ContainerDays NYC 2016: "Securing Your Docker Image Registry for Production" ...ContainerDays NYC 2016: "Securing Your Docker Image Registry for Production" ...
ContainerDays NYC 2016: "Securing Your Docker Image Registry for Production" ...DynamicInfraDays
 
ContainerDays Boston 2015: "Continuous Delivery with Containers" (Nick Gauthier)
ContainerDays Boston 2015: "Continuous Delivery with Containers" (Nick Gauthier)ContainerDays Boston 2015: "Continuous Delivery with Containers" (Nick Gauthier)
ContainerDays Boston 2015: "Continuous Delivery with Containers" (Nick Gauthier)DynamicInfraDays
 
ContainerDays NYC 2016: "Introduction to Application Automation with Habitat"...
ContainerDays NYC 2016: "Introduction to Application Automation with Habitat"...ContainerDays NYC 2016: "Introduction to Application Automation with Habitat"...
ContainerDays NYC 2016: "Introduction to Application Automation with Habitat"...DynamicInfraDays
 

Recommended

Continuous Deployment
Continuous DeploymentContinuous Deployment
Continuous DeploymentPhilippe Lafoucrière
 
Introduction to pre-commit
Introduction to pre-commitIntroduction to pre-commit
Introduction to pre-commitmozillazg
 
ContainerDays NYC 2015: "Easing Your Way Into Docker: Lessons From a Journey ...
ContainerDays NYC 2015: "Easing Your Way Into Docker: Lessons From a Journey ...ContainerDays NYC 2015: "Easing Your Way Into Docker: Lessons From a Journey ...
ContainerDays NYC 2015: "Easing Your Way Into Docker: Lessons From a Journey ...DynamicInfraDays
 
ContainerDays Boston 2016: "Autopilot: Running Real-world Applications in Con...
ContainerDays Boston 2016: "Autopilot: Running Real-world Applications in Con...ContainerDays Boston 2016: "Autopilot: Running Real-world Applications in Con...
ContainerDays Boston 2016: "Autopilot: Running Real-world Applications in Con...DynamicInfraDays
 
ContainerDays NYC 2015: "Container Orchestration Compared: Kubernetes and Doc...
ContainerDays NYC 2015: "Container Orchestration Compared: Kubernetes and Doc...ContainerDays NYC 2015: "Container Orchestration Compared: Kubernetes and Doc...
ContainerDays NYC 2015: "Container Orchestration Compared: Kubernetes and Doc...DynamicInfraDays
 
ContainerDays NYC 2016: "Securing Your Docker Image Registry for Production" ...
ContainerDays NYC 2016: "Securing Your Docker Image Registry for Production" ...ContainerDays NYC 2016: "Securing Your Docker Image Registry for Production" ...
ContainerDays NYC 2016: "Securing Your Docker Image Registry for Production" ...DynamicInfraDays
 
ContainerDays Boston 2015: "Continuous Delivery with Containers" (Nick Gauthier)
ContainerDays Boston 2015: "Continuous Delivery with Containers" (Nick Gauthier)ContainerDays Boston 2015: "Continuous Delivery with Containers" (Nick Gauthier)
ContainerDays Boston 2015: "Continuous Delivery with Containers" (Nick Gauthier)DynamicInfraDays
 
ContainerDays NYC 2016: "Introduction to Application Automation with Habitat"...
ContainerDays NYC 2016: "Introduction to Application Automation with Habitat"...ContainerDays NYC 2016: "Introduction to Application Automation with Habitat"...
ContainerDays NYC 2016: "Introduction to Application Automation with Habitat"...DynamicInfraDays
 
ContainerDays NYC 2016: "From Hello World to Real World: Building a Productio...
ContainerDays NYC 2016: "From Hello World to Real World: Building a Productio...ContainerDays NYC 2016: "From Hello World to Real World: Building a Productio...
ContainerDays NYC 2016: "From Hello World to Real World: Building a Productio...DynamicInfraDays
 
ContainerDays NYC 2016: "Observability and Manageability in a Container Envir...
ContainerDays NYC 2016: "Observability and Manageability in a Container Envir...ContainerDays NYC 2016: "Observability and Manageability in a Container Envir...
ContainerDays NYC 2016: "Observability and Manageability in a Container Envir...DynamicInfraDays
 
ContainerDays NYC 2015: "How Yodle Cleaned Up the Mess Using Containers and M...
ContainerDays NYC 2015: "How Yodle Cleaned Up the Mess Using Containers and M...ContainerDays NYC 2015: "How Yodle Cleaned Up the Mess Using Containers and M...
ContainerDays NYC 2015: "How Yodle Cleaned Up the Mess Using Containers and M...DynamicInfraDays
 
ContainerDays Boston 2015: "A Brief History of Containers" (Jeff Victor & Kir...
ContainerDays Boston 2015: "A Brief History of Containers" (Jeff Victor & Kir...ContainerDays Boston 2015: "A Brief History of Containers" (Jeff Victor & Kir...
ContainerDays Boston 2015: "A Brief History of Containers" (Jeff Victor & Kir...DynamicInfraDays
 
ContainerDays Boston 2015: "CoreOS: Building the Layers of the Scalable Clust...
ContainerDays Boston 2015: "CoreOS: Building the Layers of the Scalable Clust...ContainerDays Boston 2015: "CoreOS: Building the Layers of the Scalable Clust...
ContainerDays Boston 2015: "CoreOS: Building the Layers of the Scalable Clust...DynamicInfraDays
 
ContainerDays Boston 2016: "Docker For the Developer" (Borja Burgos)
ContainerDays Boston 2016: "Docker For the Developer" (Borja Burgos)ContainerDays Boston 2016: "Docker For the Developer" (Borja Burgos)
ContainerDays Boston 2016: "Docker For the Developer" (Borja Burgos)DynamicInfraDays
 
ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...
ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...
ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...DynamicInfraDays
 
ContainerDays NYC 2016: "State of the Persistence Art: Present Best Practices...
ContainerDays NYC 2016: "State of the Persistence Art: Present Best Practices...ContainerDays NYC 2016: "State of the Persistence Art: Present Best Practices...
ContainerDays NYC 2016: "State of the Persistence Art: Present Best Practices...DynamicInfraDays
 
ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...
ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...
ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...DynamicInfraDays
 
ContainerDays NYC 2016: "OpenWhisk: A Serverless Computing Platform" (Rodric ...
ContainerDays NYC 2016: "OpenWhisk: A Serverless Computing Platform" (Rodric ...ContainerDays NYC 2016: "OpenWhisk: A Serverless Computing Platform" (Rodric ...
ContainerDays NYC 2016: "OpenWhisk: A Serverless Computing Platform" (Rodric ...DynamicInfraDays
 
ContainerDays NYC 2016: "Containers in Azure: Understanding the Microsoft Con...
ContainerDays NYC 2016: "Containers in Azure: Understanding the Microsoft Con...ContainerDays NYC 2016: "Containers in Azure: Understanding the Microsoft Con...
ContainerDays NYC 2016: "Containers in Azure: Understanding the Microsoft Con...DynamicInfraDays
 
My Journey to Becoming a Docker Captain
My Journey to Becoming a Docker CaptainMy Journey to Becoming a Docker Captain
My Journey to Becoming a Docker CaptainAjeet Singh Raina
 
Devoxx 2017 "Continuous Delivery with Containers: The Good, the Bad, and the ...
Devoxx 2017 "Continuous Delivery with Containers: The Good, the Bad, and the ...Devoxx 2017 "Continuous Delivery with Containers: The Good, the Bad, and the ...
Devoxx 2017 "Continuous Delivery with Containers: The Good, the Bad, and the ...Daniel Bryant
 
Docker - A high level introduction to dockers and containers
Docker - A high level introduction to dockers and containersDocker - A high level introduction to dockers and containers
Docker - A high level introduction to dockers and containersDr Ganesh Iyer
 
Object Oriented Containers - Applying SOLID Principles to Docker/Container De...
Object Oriented Containers - Applying SOLID Principles to Docker/Container De...Object Oriented Containers - Applying SOLID Principles to Docker/Container De...
Object Oriented Containers - Applying SOLID Principles to Docker/Container De...Nitin Bhide
 
d2iq, d2iq konvoy, day 2 operations, lifecycle management, mayadata, mayadata...
d2iq, d2iq konvoy, day 2 operations, lifecycle management, mayadata, mayadata...d2iq, d2iq konvoy, day 2 operations, lifecycle management, mayadata, mayadata...
d2iq, d2iq konvoy, day 2 operations, lifecycle management, mayadata, mayadata...MayaData Inc
 
10 tips for Cloud Native Security
10 tips for Cloud Native Security10 tips for Cloud Native Security
10 tips for Cloud Native SecurityKarthik Gaekwad
 
Using containerization to enable your microservice architecture
Using containerization to enable your microservice architecture Using containerization to enable your microservice architecture
Using containerization to enable your microservice architecture Apigee | Google Cloud
 
StackEngine Demo - Docker Austin
StackEngine Demo - Docker AustinStackEngine Demo - Docker Austin
StackEngine Demo - Docker AustinBoyd Hemphill
 
DevSecOps in a cloudnative world
DevSecOps in a cloudnative worldDevSecOps in a cloudnative world
DevSecOps in a cloudnative worldKarthik Gaekwad
 
Continuous Delivery with Containers: The Good, the Bad, and the Ugly - Daniel...
Continuous Delivery with Containers: The Good, the Bad, and the Ugly - Daniel...Continuous Delivery with Containers: The Good, the Bad, and the Ugly - Daniel...
Continuous Delivery with Containers: The Good, the Bad, and the Ugly - Daniel...Codemotion
 
Dockerize it all
Dockerize it allDockerize it all
Dockerize it allPuneet Behl
 

More Related Content

Viewers also liked

ContainerDays NYC 2016: "From Hello World to Real World: Building a Productio...
ContainerDays NYC 2016: "From Hello World to Real World: Building a Productio...ContainerDays NYC 2016: "From Hello World to Real World: Building a Productio...
ContainerDays NYC 2016: "From Hello World to Real World: Building a Productio...DynamicInfraDays
 
ContainerDays NYC 2016: "Observability and Manageability in a Container Envir...
ContainerDays NYC 2016: "Observability and Manageability in a Container Envir...ContainerDays NYC 2016: "Observability and Manageability in a Container Envir...
ContainerDays NYC 2016: "Observability and Manageability in a Container Envir...DynamicInfraDays
 
ContainerDays NYC 2015: "How Yodle Cleaned Up the Mess Using Containers and M...
ContainerDays NYC 2015: "How Yodle Cleaned Up the Mess Using Containers and M...ContainerDays NYC 2015: "How Yodle Cleaned Up the Mess Using Containers and M...
ContainerDays NYC 2015: "How Yodle Cleaned Up the Mess Using Containers and M...DynamicInfraDays
 
ContainerDays Boston 2015: "A Brief History of Containers" (Jeff Victor & Kir...
ContainerDays Boston 2015: "A Brief History of Containers" (Jeff Victor & Kir...ContainerDays Boston 2015: "A Brief History of Containers" (Jeff Victor & Kir...
ContainerDays Boston 2015: "A Brief History of Containers" (Jeff Victor & Kir...DynamicInfraDays
 
ContainerDays Boston 2015: "CoreOS: Building the Layers of the Scalable Clust...
ContainerDays Boston 2015: "CoreOS: Building the Layers of the Scalable Clust...ContainerDays Boston 2015: "CoreOS: Building the Layers of the Scalable Clust...
ContainerDays Boston 2015: "CoreOS: Building the Layers of the Scalable Clust...DynamicInfraDays
 
ContainerDays Boston 2016: "Docker For the Developer" (Borja Burgos)
ContainerDays Boston 2016: "Docker For the Developer" (Borja Burgos)ContainerDays Boston 2016: "Docker For the Developer" (Borja Burgos)
ContainerDays Boston 2016: "Docker For the Developer" (Borja Burgos)DynamicInfraDays
 
ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...
ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...
ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...DynamicInfraDays
 
ContainerDays NYC 2016: "State of the Persistence Art: Present Best Practices...
ContainerDays NYC 2016: "State of the Persistence Art: Present Best Practices...ContainerDays NYC 2016: "State of the Persistence Art: Present Best Practices...
ContainerDays NYC 2016: "State of the Persistence Art: Present Best Practices...DynamicInfraDays
 
ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...
ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...
ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...DynamicInfraDays
 
ContainerDays NYC 2016: "OpenWhisk: A Serverless Computing Platform" (Rodric ...
ContainerDays NYC 2016: "OpenWhisk: A Serverless Computing Platform" (Rodric ...ContainerDays NYC 2016: "OpenWhisk: A Serverless Computing Platform" (Rodric ...
ContainerDays NYC 2016: "OpenWhisk: A Serverless Computing Platform" (Rodric ...DynamicInfraDays
 
ContainerDays NYC 2016: "Containers in Azure: Understanding the Microsoft Con...
ContainerDays NYC 2016: "Containers in Azure: Understanding the Microsoft Con...ContainerDays NYC 2016: "Containers in Azure: Understanding the Microsoft Con...
ContainerDays NYC 2016: "Containers in Azure: Understanding the Microsoft Con...DynamicInfraDays
 

Viewers also liked (11)

ContainerDays NYC 2016: "From Hello World to Real World: Building a Productio...
ContainerDays NYC 2016: "From Hello World to Real World: Building a Productio...ContainerDays NYC 2016: "From Hello World to Real World: Building a Productio...
ContainerDays NYC 2016: "From Hello World to Real World: Building a Productio...
 
ContainerDays NYC 2016: "Observability and Manageability in a Container Envir...
ContainerDays NYC 2016: "Observability and Manageability in a Container Envir...ContainerDays NYC 2016: "Observability and Manageability in a Container Envir...
ContainerDays NYC 2016: "Observability and Manageability in a Container Envir...
 
ContainerDays NYC 2015: "How Yodle Cleaned Up the Mess Using Containers and M...
ContainerDays NYC 2015: "How Yodle Cleaned Up the Mess Using Containers and M...ContainerDays NYC 2015: "How Yodle Cleaned Up the Mess Using Containers and M...
ContainerDays NYC 2015: "How Yodle Cleaned Up the Mess Using Containers and M...
 
ContainerDays Boston 2015: "A Brief History of Containers" (Jeff Victor & Kir...
ContainerDays Boston 2015: "A Brief History of Containers" (Jeff Victor & Kir...ContainerDays Boston 2015: "A Brief History of Containers" (Jeff Victor & Kir...
ContainerDays Boston 2015: "A Brief History of Containers" (Jeff Victor & Kir...
 
ContainerDays Boston 2015: "CoreOS: Building the Layers of the Scalable Clust...
ContainerDays Boston 2015: "CoreOS: Building the Layers of the Scalable Clust...ContainerDays Boston 2015: "CoreOS: Building the Layers of the Scalable Clust...
ContainerDays Boston 2015: "CoreOS: Building the Layers of the Scalable Clust...
 
ContainerDays Boston 2016: "Docker For the Developer" (Borja Burgos)
ContainerDays Boston 2016: "Docker For the Developer" (Borja Burgos)ContainerDays Boston 2016: "Docker For the Developer" (Borja Burgos)
ContainerDays Boston 2016: "Docker For the Developer" (Borja Burgos)
 
ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...
ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...
ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...
 
ContainerDays NYC 2016: "State of the Persistence Art: Present Best Practices...
ContainerDays NYC 2016: "State of the Persistence Art: Present Best Practices...ContainerDays NYC 2016: "State of the Persistence Art: Present Best Practices...
ContainerDays NYC 2016: "State of the Persistence Art: Present Best Practices...
 
ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...
ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...
ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...
 
ContainerDays NYC 2016: "OpenWhisk: A Serverless Computing Platform" (Rodric ...
ContainerDays NYC 2016: "OpenWhisk: A Serverless Computing Platform" (Rodric ...ContainerDays NYC 2016: "OpenWhisk: A Serverless Computing Platform" (Rodric ...
ContainerDays NYC 2016: "OpenWhisk: A Serverless Computing Platform" (Rodric ...
 
ContainerDays NYC 2016: "Containers in Azure: Understanding the Microsoft Con...
ContainerDays NYC 2016: "Containers in Azure: Understanding the Microsoft Con...ContainerDays NYC 2016: "Containers in Azure: Understanding the Microsoft Con...
ContainerDays NYC 2016: "Containers in Azure: Understanding the Microsoft Con...
 

Similar to ContainerDays NYC 2015: "What It Really Takes to Build a Container Platform" (Matt Butcher)

My Journey to Becoming a Docker Captain
My Journey to Becoming a Docker CaptainMy Journey to Becoming a Docker Captain
My Journey to Becoming a Docker CaptainAjeet Singh Raina
 
Devoxx 2017 "Continuous Delivery with Containers: The Good, the Bad, and the ...
Devoxx 2017 "Continuous Delivery with Containers: The Good, the Bad, and the ...Devoxx 2017 "Continuous Delivery with Containers: The Good, the Bad, and the ...
Devoxx 2017 "Continuous Delivery with Containers: The Good, the Bad, and the ...Daniel Bryant
 
Docker - A high level introduction to dockers and containers
Docker - A high level introduction to dockers and containersDocker - A high level introduction to dockers and containers
Docker - A high level introduction to dockers and containersDr Ganesh Iyer
 
Object Oriented Containers - Applying SOLID Principles to Docker/Container De...
Object Oriented Containers - Applying SOLID Principles to Docker/Container De...Object Oriented Containers - Applying SOLID Principles to Docker/Container De...
Object Oriented Containers - Applying SOLID Principles to Docker/Container De...Nitin Bhide
 
d2iq, d2iq konvoy, day 2 operations, lifecycle management, mayadata, mayadata...
d2iq, d2iq konvoy, day 2 operations, lifecycle management, mayadata, mayadata...d2iq, d2iq konvoy, day 2 operations, lifecycle management, mayadata, mayadata...
d2iq, d2iq konvoy, day 2 operations, lifecycle management, mayadata, mayadata...MayaData Inc
 
10 tips for Cloud Native Security
10 tips for Cloud Native Security10 tips for Cloud Native Security
10 tips for Cloud Native SecurityKarthik Gaekwad
 
Using containerization to enable your microservice architecture
Using containerization to enable your microservice architecture Using containerization to enable your microservice architecture
Using containerization to enable your microservice architecture Apigee | Google Cloud
 
StackEngine Demo - Docker Austin
StackEngine Demo - Docker AustinStackEngine Demo - Docker Austin
StackEngine Demo - Docker AustinBoyd Hemphill
 
DevSecOps in a cloudnative world
DevSecOps in a cloudnative worldDevSecOps in a cloudnative world
DevSecOps in a cloudnative worldKarthik Gaekwad
 
Continuous Delivery with Containers: The Good, the Bad, and the Ugly - Daniel...
Continuous Delivery with Containers: The Good, the Bad, and the Ugly - Daniel...Continuous Delivery with Containers: The Good, the Bad, and the Ugly - Daniel...
Continuous Delivery with Containers: The Good, the Bad, and the Ugly - Daniel...Codemotion
 
Dockerize it all
Dockerize it allDockerize it all
Dockerize it allPuneet Behl
 
Murat Karslioglu, VP Solutions @ OpenEBS - Containerized storage for containe...
Murat Karslioglu, VP Solutions @ OpenEBS - Containerized storage for containe...Murat Karslioglu, VP Solutions @ OpenEBS - Containerized storage for containe...
Murat Karslioglu, VP Solutions @ OpenEBS - Containerized storage for containe...Outlyer
 
RedisConf18 - Using Redis as a Backend in a Serverless Application With Kubeless
RedisConf18 - Using Redis as a Backend in a Serverless Application With KubelessRedisConf18 - Using Redis as a Backend in a Serverless Application With Kubeless
RedisConf18 - Using Redis as a Backend in a Serverless Application With KubelessRedis Labs
 
Devoxx 2016 Using Jenkins, Gerrit and Spark for Continuous Delivery Analytics
Devoxx 2016 Using Jenkins, Gerrit and Spark for Continuous Delivery AnalyticsDevoxx 2016 Using Jenkins, Gerrit and Spark for Continuous Delivery Analytics
Devoxx 2016 Using Jenkins, Gerrit and Spark for Continuous Delivery AnalyticsLuca Milanesio
 
How to share a Kubernetes cluster securely through Lens spaces
How to share a Kubernetes cluster securely through Lens spacesHow to share a Kubernetes cluster securely through Lens spaces
How to share a Kubernetes cluster securely through Lens spacesLibbySchulze
 
Real World CI/CD with Kubernetes
Real World CI/CD with KubernetesReal World CI/CD with Kubernetes
Real World CI/CD with KubernetesOpsta
 
Docker for Developers
Docker for DevelopersDocker for Developers
Docker for Developersnine
 
Out of the Blue - the Workflow in Bluemix Development
Out of the Blue - the Workflow in Bluemix DevelopmentOut of the Blue - the Workflow in Bluemix Development
Out of the Blue - the Workflow in Bluemix DevelopmentOliver Busse
 

Similar to ContainerDays NYC 2015: "What It Really Takes to Build a Container Platform" (Matt Butcher) (20)

My Journey to Becoming a Docker Captain
My Journey to Becoming a Docker CaptainMy Journey to Becoming a Docker Captain
My Journey to Becoming a Docker Captain
 
Devoxx 2017 "Continuous Delivery with Containers: The Good, the Bad, and the ...
Devoxx 2017 "Continuous Delivery with Containers: The Good, the Bad, and the ...Devoxx 2017 "Continuous Delivery with Containers: The Good, the Bad, and the ...
Devoxx 2017 "Continuous Delivery with Containers: The Good, the Bad, and the ...
 
Docker - A high level introduction to dockers and containers
Docker - A high level introduction to dockers and containersDocker - A high level introduction to dockers and containers
Docker - A high level introduction to dockers and containers
 
Object Oriented Containers - Applying SOLID Principles to Docker/Container De...
Object Oriented Containers - Applying SOLID Principles to Docker/Container De...Object Oriented Containers - Applying SOLID Principles to Docker/Container De...
Object Oriented Containers - Applying SOLID Principles to Docker/Container De...
 
d2iq, d2iq konvoy, day 2 operations, lifecycle management, mayadata, mayadata...
d2iq, d2iq konvoy, day 2 operations, lifecycle management, mayadata, mayadata...d2iq, d2iq konvoy, day 2 operations, lifecycle management, mayadata, mayadata...
d2iq, d2iq konvoy, day 2 operations, lifecycle management, mayadata, mayadata...
 
10 tips for Cloud Native Security
10 tips for Cloud Native Security10 tips for Cloud Native Security
10 tips for Cloud Native Security
 
Using containerization to enable your microservice architecture
Using containerization to enable your microservice architecture Using containerization to enable your microservice architecture
Using containerization to enable your microservice architecture
 
StackEngine Demo - Docker Austin
StackEngine Demo - Docker AustinStackEngine Demo - Docker Austin
StackEngine Demo - Docker Austin
 
DevSecOps in a cloudnative world
DevSecOps in a cloudnative worldDevSecOps in a cloudnative world
DevSecOps in a cloudnative world
 
Continuous Delivery with Containers: The Good, the Bad, and the Ugly - Daniel...
Continuous Delivery with Containers: The Good, the Bad, and the Ugly - Daniel...Continuous Delivery with Containers: The Good, the Bad, and the Ugly - Daniel...
Continuous Delivery with Containers: The Good, the Bad, and the Ugly - Daniel...
 
Dockerize it all
Dockerize it allDockerize it all
Dockerize it all
 
Murat Karslioglu, VP Solutions @ OpenEBS - Containerized storage for containe...
Murat Karslioglu, VP Solutions @ OpenEBS - Containerized storage for containe...Murat Karslioglu, VP Solutions @ OpenEBS - Containerized storage for containe...
Murat Karslioglu, VP Solutions @ OpenEBS - Containerized storage for containe...
 
RedisConf18 - Using Redis as a Backend in a Serverless Application With Kubeless
RedisConf18 - Using Redis as a Backend in a Serverless Application With KubelessRedisConf18 - Using Redis as a Backend in a Serverless Application With Kubeless
RedisConf18 - Using Redis as a Backend in a Serverless Application With Kubeless
 
Devoxx 2016 Using Jenkins, Gerrit and Spark for Continuous Delivery Analytics
Devoxx 2016 Using Jenkins, Gerrit and Spark for Continuous Delivery AnalyticsDevoxx 2016 Using Jenkins, Gerrit and Spark for Continuous Delivery Analytics
Devoxx 2016 Using Jenkins, Gerrit and Spark for Continuous Delivery Analytics
 
How to share a Kubernetes cluster securely through Lens spaces
How to share a Kubernetes cluster securely through Lens spacesHow to share a Kubernetes cluster securely through Lens spaces
How to share a Kubernetes cluster securely through Lens spaces
 
Real World CI/CD with Kubernetes
Real World CI/CD with KubernetesReal World CI/CD with Kubernetes
Real World CI/CD with Kubernetes
 
Kubernetes Security
Kubernetes SecurityKubernetes Security
Kubernetes Security
 
Up GitLab Presentation 2015
Up GitLab Presentation 2015Up GitLab Presentation 2015
Up GitLab Presentation 2015
 
Docker for Developers
Docker for DevelopersDocker for Developers
Docker for Developers
 
Out of the Blue - the Workflow in Bluemix Development
Out of the Blue - the Workflow in Bluemix DevelopmentOut of the Blue - the Workflow in Bluemix Development
Out of the Blue - the Workflow in Bluemix Development
 

Recently uploaded

Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)Samir Dash
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKJago de Vreede
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 

Recently uploaded (20)

Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 

ContainerDays NYC 2015: "What It Really Takes to Build a Container Platform" (Matt Butcher)

  • 1. What It Really Takes to Build a Container Platform 10 Things We Learned the Hard Way
  • 2. Matt Butcher Platform Architect at Deis Matt is responsible for defining Deis v2 and overseeing what he likes to call… The Great Kubernetes Rebase 11/18/2015 Putting Containers into Production
  • 3. This is not a commercial for Deis 11/18/2015 Putting Containers into Production
  • 4. Our View (Subject to Change) • Component architecture is haute couture. • Containers are the idea vehicle for contemporary architecture • Avoid the “thrown over the wall” problem by building good tools 11/18/2015 Putting Containers into Production
  • 5. Background Deis v1 • Focus: Better Heroku for You • Docker to the max • Mostly Go • Flexibility, but no services • Big success Deis v2 • Focus: PaaS as a Set of Microservices • Kubernetes to the max • Still mostly Go • Building blocks • About 40% complete 11/18/2015 Putting Containers into Production
  • 6. Top Ten List of Things We Learned the Wrong Way 11/18/2015 Putting Containers into Production Hard
  • 7. SAY “YES” TO OBJECT STORAGE Lesson 10 11/18/2015 Putting Containers into Production
  • 8. … and probably “no” to network file systems 11/18/2015 Putting Containers into Production
  • 9. 11/18/2015 Putting Containers into Production Mistake: We assumed everyone wanted a single storage solution. Solution: Focus on object storage for core components
  • 10. Object Storage vs. Network FS Object Storage • Standard interface: S3 API • Dozens of nearly uniform implementations • Unit of work: object (file) Filesystem/Block Storage • POSIX-ish, lots of standards • Too many choices for implementation • Lots of variants with important discrepancies • But can handle streaming 11/18/2015 Putting Containers into Production
  • 11. TURTLES ALL THE WAY DOWN Lesson 9 11/18/2015 Putting Containers into Production
  • 12. The strange things we do for security 11/18/2015 Putting Containers into Production
  • 13. 11/18/2015 Putting Containers into Production Mistake: We built our containers inside of containers (insecure). Solution: Well…
  • 14. Docker and Security • Running containers: relatively small set of issues • Building containers is much riskier 11/18/2015 Putting Containers into Production
  • 15. “What if we ran Docker in a VM in a container?” 11/18/2015 Putting Containers into Production Kubernetes Node Container VM (Qemu) Build Container
  • 16. THE CLUSTERBOMB Lesson 8 11/18/2015 Putting Containers into Production
  • 17. HA clustering is hard. Ask etcd. 11/18/2015 Putting Containers into Production
  • 18. 11/18/2015 Putting Containers into Production Mistake: We used Etcd in a naïve way, assuming clustering was fairly dynamic. Solution: Spend lots more time hardening clustering solutions.
  • 19. DOCKER IS A WHALE ON THE MOVE Lesson 7 11/18/2015 Putting Containers into Production
  • 20. 11/18/2015 Putting Containers into Production Mistake: We committed to stay on the latest release of Docker within the 1.x line (SemVer). Solution: Hang back until a particular version emerges as stable.
  • 21. Docker doesn’t do SemVer 11/18/2015 Putting Containers into Production
  • 22. SINK THE TITANIC WHILE IT’S STILL AT HARBOR Lesson 6 11/18/2015 Putting Containers into Production
  • 23. 11/18/2015 Putting Containers into Production Mistake: Underestimate the complexity of a fully operational container platform. Solution: Testing of as many varieties as possible.
  • 24. Testing with vim and vigor 11/18/2015 Putting Containers into Production http://is.gd/GWKfGv
  • 25. GOPHERS ARE AWESOME…ISH Lesson 5 11/18/2015 Putting Containers into Production
  • 26. Five Things I Love About Go 1. Great tools 2. Static compilation is huge for containers 3. Rich libraries, esp. for networking 4. Easy to learn 5. Cross-platform (for very small definitions of “platform”) 11/18/2015 Putting Containers into Production
  • 27. 11/18/2015 Putting Containers into Production Mistake: We might have been just a little starry eyed. Solution: Accept the limitations.
  • 28. O Go, Y U NO… 11/18/2015 Putting Containers into Production http://meme.wikia.com/wiki/File:Y_u_no_sketch.png
  • 29. Trouble in Paradise • “Go is easy” == simple syntax, verbose code • Package management • Package management • Package management 11/18/2015 Putting Containers into Production
  • 30. YOUR TEAM IS LIKE YOUR UNDERPANTS Lesson 4 11/18/2015 Putting Containers into Production
  • 31. They can only stretch so far 11/18/2015 Putting Containers into Production
  • 32. Microservice Architecture 11/18/2015 Putting Containers into Production http://assets2.ignimgs.com/2014/06/24/ready-player-one-book-art-1280jpg-b68ca1_1280w.jpg
  • 33. 11/18/2015 Putting Containers into Production Mistake: Microservice all the things, but without a plan for maintenance. Solution: Process saves the day.
  • 34. ALL YOUR SCHEDULERS ARE BELONG TO US Lesson 3 11/18/2015 Putting Containers into Production
  • 35. Somebody set up us the bomb! 11/18/2015 Putting Containers into Production
  • 36. 11/18/2015 Putting Containers into Production Mistake: “Support all of the schedulers” means “support the weakest scheduler” Solution: Choose just one, and choose based on power & flexibility.
  • 37. MONOREPOS ARE EVIL Lesson 2 11/18/2015 Putting Containers into Production
  • 38. Monorepos Pros • All the code is in just one place. • Everyone gets alerted on everything. • Simplifies builds, documentation, issue queue, etc. Cons • Huge dependency tree • Everyone gets alerted on everything • Stable and “preview” mixed • Monorepo vs. microservice • Our users couldn’t effectively re-use 11/18/2015 Putting Containers into Production
  • 39. 11/18/2015 Putting Containers into Production Mistake: One repo with everything in it! (Hey! Google does it!) Solution: Break out microservices into their own repo.
  • 40. KUBERNETES FLOATS MY BOAT Lesson 1 11/18/2015 Putting Containers into Production
  • 41. But it’s a very big and complex boat 11/18/2015 Putting Containers into Production http://is.gd/bUGF1J
  • 42. 11/18/2015 Putting Containers into Production Mistake: “Kubernetes is easy! After all, we only have to support one scheduler!” Solution: Educate, cooperate, and build really good tooling!
  • 43. Package Management Make working with Kubernetes as easy as… $ helm install redis- cluster 11/18/2015 Putting Containers into Production Github.com/deis/helm
  • 44. Conclusion • Our guiding philosophy: containers for microservices without “throwing over the wall” • We’ve learned some lessons along the way • But the bottom line: Containers are the right bet for the microservice architecture. 11/18/2015 Putting Containers into Production
  • 45. 11/18/2015 Putting Containers into Production