Moby is killing your devops efforts
•
6 likes•2,714 views
Slides for my talk at Code CPH 2017 in Copenhagen. A rant on failing culture and failing tooling. (Long version)
Recommended
More Related Content
What's hot
What's hot (20)
Similar to Moby is killing your devops efforts
Similar to Moby is killing your devops efforts (20)
More from Kris Buytaert
More from Kris Buytaert (14)
Recently uploaded
Recently uploaded (20)
Moby is killing your devops efforts
- 1. Moby is killing your devops efforts Kris Buytaert @krisbuytaert
- 2. NOT this guy !NOT this guy !
- 3. Kris BuytaertKris Buytaert ● I used to be a Dev,I used to be a Dev, ● Then Became an OpThen Became an Op ● CTO and Open Source ConsultantCTO and Open Source Consultant @@inuits.euinuits.eu ● Everything is a freaking DNSEverything is a freaking DNS ProblemProblem ● Evangelizing devopsEvangelizing devops ● Organiser of #devopsdays,Organiser of #devopsdays, #cfgmgmtcamp, #loadays, ….#cfgmgmtcamp, #loadays, ….
- 4. Today's Plan:Today's Plan: ● Opening some eyesOpening some eyes ● Reusing 8 year old slidesReusing 8 year old slides
- 5. C(L)AMSC(L)AMS ● CultureCulture ● (Lean)(Lean) ● AutomationAutomation ● MeasurementMeasurement ● SharingSharing Damon Edwards and JohnDamon Edwards and John WillisWillis
- 6. A global movement to improve theA global movement to improve the quality of software delivery leveragingquality of software delivery leveraging Open Source experience, started in GentOpen Source experience, started in Gent in 2009in 2009
- 7. Because the old days:Because the old days: ● ““Put this Code Live, here's a tarball” NOW!Put this Code Live, here's a tarball” NOW! ● What dependencies ?What dependencies ? ● No machines available ?No machines available ? ● What database ?What database ? ● Security ?Security ? ● High Availability ?High Availability ? ● Scalability ?Scalability ? ● My computer can't install this ?My computer can't install this ?
- 8. 10 days into operations10 days into operations
- 9. This new 'D' hypeThis new 'D' hype ● New kid on the blockNew kid on the block ● Vagrant-lxc with a nice cliVagrant-lxc with a nice cli ● The Ultimate “devops tool”The Ultimate “devops tool” ● ““Unseen” growthUnseen” growth ● Docker is the new cool thing to doDocker is the new cool thing to do
- 12. People think I`m the whalePeople think I`m the whale
- 14. openMosixopenMosix (+/- 2001-2005)(+/- 2001-2005) ● 2.4 Kernel patch,2.4 Kernel patch, ● Loadbalance multiple similar processesLoadbalance multiple similar processes ● Both short (compilations) and longlivedBoth short (compilations) and longlived (calculations) processes(calculations) processes ● Parts of processes migrated to other nodesParts of processes migrated to other nodes ● OMFS allowed identical access to data from allOMFS allowed identical access to data from all nodesnodes
- 15. openMosix LimitationsopenMosix Limitations ● shared memoryshared memory • Limited type of applications could migrateLimited type of applications could migrate • Patches available but not successfulPatches available but not successful ● Filesystem accessFilesystem access oMFS : unstable => removedoMFS : unstable => removed
- 16. Lessons from openMosixLessons from openMosix ● Applications need to be adaptedApplications need to be adapted ● Files need to be accessible (oMFS)Files need to be accessible (oMFS) ● Huge gap between developers and consumersHuge gap between developers and consumers => Limited working use cases=> Limited working use cases
- 17. Linux-HALinux-HA (2005- now)(2005- now) ● Hearbeat, Heartbeat v2, Pacemaker , CorosyncHearbeat, Heartbeat v2, Pacemaker , Corosync ● Define resource (OCF)Define resource (OCF) ● Define constraints, clones, colocation, …Define constraints, clones, colocation, … ● Long running services that should not stopLong running services that should not stop
- 18. Working with developersWorking with developers ● State vs StatelessState vs Stateless • Most applications have state somewhereMost applications have state somewhere • Discuss how to share/access stateDiscuss how to share/access state ● Data accessData access • Local filesystem is kingLocal filesystem is king • We needed distributed / shared filesystemsWe needed distributed / shared filesystems ● HealthHealth ● MetricsMetrics
- 19. Lessons from Linux-HALessons from Linux-HA ● Applications need to be adaptedApplications need to be adapted ● Files need to be accessible (shared/distributedFiles need to be accessible (shared/distributed FS)FS) ● Monitoring strategy needs changeMonitoring strategy needs change ● Good collaboration between developers andGood collaboration between developers and ops folksops folks => Many general purpose use cases=> Many general purpose use cases ● Works better with an Open Source MindsetWorks better with an Open Source Mindset
- 20. Cloud Adoption is (s)lowCloud Adoption is (s)low ● Enterprises are afraid of cloudEnterprises are afraid of cloud • Security, Cost, Control, Stability, (insert moreSecurity, Cost, Control, Stability, (insert more fud here)fud here) ● ““Private cloud” will solve thisPrivate cloud” will solve this ● Please fill in 4 word documents for for each VMPlease fill in 4 word documents for for each VM you wantyou want
- 21. Failed (Private) CloudFailed (Private) Cloud ProjectsProjects● Identical copies of Bare Metal or vm's movedIdentical copies of Bare Metal or vm's moved to the cloudto the cloud ● No config managementNo config management ● No monitoringNo monitoring ● No resilienceNo resilience ● No API usageNo API usage
- 22. Why ?Why ? ● I want a VMI want a VM • Please fill in these 4 formsPlease fill in these 4 forms • Wait 5 weeksWait 5 weeks ● RepeatRepeat IT Departments have not adapted,IT Departments have not adapted, 'Shadow'-IT is winning'Shadow'-IT is winning
- 24. A Enterprise ContainerA Enterprise Container ● No different from aNo different from a full vmfull vm ● Multiple servicesMultiple services running in onerunning in one containercontainer ● Ssh is the defaultSsh is the default connectionconnection
- 25. Elephant , MonolithElephant , Monolith vsvs MicroservicesMicroservices
- 26. Docker is a Package managerDocker is a Package manager
- 28. These DaysThese Days ● ““Put this Code Live, here's a DockerPut this Code Live, here's a Docker Container ”Container ” ● No machines available ?No machines available ? ● What database ? Where to store theWhat database ? Where to store the data ?data ? ● Security ? What distro is this even ?Security ? What distro is this even ? Bad Cows ?Bad Cows ? ● How do we monitor his ?How do we monitor his ? ● Backups ?Backups ? ● How did you build this ?How did you build this ?
- 30. 11 days into operations11 days into operations ● ““Put this Code Live, here's Dockerfile”Put this Code Live, here's Dockerfile” ● What corporate proxy ?What corporate proxy ? ● Oh I missed 2 other containersOh I missed 2 other containers ● Security ? What distro is this even ?Security ? What distro is this even ? Bad Cows ?Bad Cows ? ● What do you mean “We are a RHELWhat do you mean “We are a RHEL shop ?”shop ?”
- 31. Closing the gaps between devClosing the gaps between dev and ops,and ops, AGAIN !!AGAIN !! ● Where do your containers come from ?Where do your containers come from ? ● Who build it ?Who build it ? ● Can you rebuild it ?Can you rebuild it ? ● Do you even need a containerDo you even need a container ● How do you build the hosts that run theHow do you build the hosts that run the containers ?containers ? ● Infrastructure as code ++Infrastructure as code ++
- 32. Operations teams catching upOperations teams catching up
- 33. Image Build by devs,Image Build by devs, maintained by nobodymaintained by nobody
- 34. Can you ?Can you ? ● When GitHub is down ?When GitHub is down ? ● When rubygems.org isWhen rubygems.org is down ?down ? ● When someone removesWhen someone removes a Node.js library ?a Node.js library ? ● Fix critical SecurityFix critical Security Issues ?Issues ? ● Can your business suriveCan your business surive if you answer NO toif you answer NO to these questions ?these questions ?
- 35. Going to ProductionGoing to Production
- 36. Dev vs ProdDev vs Prod ● 1 local dev machine1 local dev machine ● 1 local application1 local application ● A clusterA cluster • SwarmSwarm • KuberenetesKuberenetes • MesosMesos • NomadNomad ● Other ApplicationsOther Applications
- 37. Dev vs ProdDev vs Prod ● Localhost :8081Localhost :8081 ● HttpsHttps ● DnsDns ● IngressIngress ● LoadBalancingLoadBalancing ● Service DiscoveryService Discovery ● Or Vendor Lock InOr Vendor Lock In
- 38. Dev vs ProdDev vs Prod ● Local diskLocal disk ● No real dataNo real data ● Actual customer dataActual customer data ● Distributed StorageDistributed Storage • 2017 is the year of2017 is the year of NFS (again)NFS (again) ● Object StorageObject Storage ● BackupsBackups
- 39. Dev vs ProdDev vs Prod ● Random image fromRandom image from the internetthe internet + Some local files+ Some local files ● CI PipelineCI Pipeline ● Image RegistryImage Registry ● Security ScanningSecurity Scanning
- 40. Dev vs ProdDev vs Prod ● Works on myWorks on my machinemachine ● docker pull yolodocker pull yolo ● MonitoringMonitoring ● MetricsMetrics ● SecuritySecurity
- 41. ● I love docker as aI love docker as a technologytechnology ● I hate that it too oftenI hate that it too often put us back 5 yearsput us back 5 years with regards towith regards to Culture adoptionCulture adoption ● Docker is an easyDocker is an easy victim,victim, ● It's still mostly aboutIt's still mostly about CultureCulture It's still aboutIt's still about collaborationcollaboration
- 42. ContactContact Kris Buytaert Kris.Buytaert@inuits.euKris Buytaert Kris.Buytaert@inuits.eu Further ReadingFurther Reading @krisbuytaert@krisbuytaert http://www.krisbuytaert.be/blog/http://www.krisbuytaert.be/blog/ http://www.inuits.eu/http://www.inuits.eu/ Inuits.euInuits.eu Essensteenweg 31Essensteenweg 31 BrasschaatBrasschaat BelgiumBelgium 891.514.231891.514.231 +32 475 961221+32 475 961221