Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

OSDC 2018 | Ops hates containers. Why? by Martin Alfke

154 views

Published on

“Docker, Docker, Docker, Docker,…” developers really love Docker. Usually one sees the no longer need for configuration management, the easy way to spin up a platform on a laptop, the low resource footprint. But how do you deploy laptops in data centers? This talk will give you an insight how we (more Ops then Dev) started to learn (and love) containers, the issues we saw when running them in larger scale and how Ops people should start dealing with Container technologies.

Published in: Software
  • Be the first to comment

  • Be the first to like this

OSDC 2018 | Ops hates containers. Why? by Martin Alfke

  1. 1. Ops hates containers. Why? Martin Alfke - ma@example42.com Open Source Data Center Conference - June 12-13 2018
  2. 2. Ops hates containers! Why? OSDC 2018 - Martin Alfke © example42 GmbH !2 example42 GmbH - Berlin / Germany
  3. 3. Ops hates containers! Why? OSDC 2018 - Martin Alfke © example42 GmbH Ops hates containers! Why? !3 Customer Meeting with Dev, Sec and Ops: Dev statements: • Ops responsible for base container • Ops responsible for running container • Ops stages containers • Ops responsible for container security
  4. 4. Ops hates containers! Why? OSDC 2018 - Martin Alfke © example42 GmbH Ops hates containers! Why? !4 Sec statements: • Dev must ensure security • Dev must name Kernel capabilities and CGroup settings • Dev asks: what is that? • Sec sends everybody back “Learn the basics, then we meet again”
  5. 5. Ops hates containers! Why? OSDC 2018 - Martin Alfke © example42 GmbH DOCKER DOCKER DOCKER DOCKER DOCKER DOCKER !5 Image: wikimedia.org
  6. 6. Ops hates containers! Why? OSDC 2018 - Martin Alfke © example42 GmbH Container Myths !6 • No need for configuration management - anywhere • Easier to build, deploy and run • Easier to test and verify • Easier to fix issues Image: tatlin
  7. 7. Ops hates containers! Why? OSDC 2018 - Martin Alfke © example42 GmbH Container Myths - Part 2 !7 • No need to check status and health? • No need to identify security? • No need to login, no need for logs? • No need for dedicated hardware, runs on cloud? Image: tatlin
  8. 8. Ops hates containers! Why? OSDC 2018 - Martin Alfke © example42 GmbH Container Runtime !8 • People start with docker because it is easy • docker pull / docker run • like curl -k | bash Image: tatlin
  9. 9. Ops hates containers! Why? OSDC 2018 - Martin Alfke © example42 GmbH Container de-mystified !9 • It is just a change-root, delivered as a ‘package’ • Build steps are layers like VCS commits • Containers need infrastructure • Containers are managed like binaries Image: tatlin
  10. 10. Ops hates containers! Why? OSDC 2018 - Martin Alfke © example42 GmbH OPS, NET, SEC: Act! !10 Simple can be harder than complex: You have to work hard to get your thinking clean to make it simple. But it's worth it in the end because once you get there, you can move mountains. - Steve Jobs
  11. 11. Ops hates containers! Why? OSDC 2018 - Martin Alfke © example42 GmbH OPS, NET, SEC: Act! !11 • Mainframe • PC • VM • Container Image: example42 GmbH
  12. 12. Ops hates containers! Why? OSDC 2018 - Martin Alfke © example42 GmbH OPS, NET, SEC: Act! !12 • Uptime decreasing • Maintenance increasing Image: example42 GmbH
  13. 13. Ops hates containers! Why? OSDC 2018 - Martin Alfke © example42 GmbH OPS, NET, SEC: Act! !13 • Staff does not scale with platform Image: example42 GmbH
  14. 14. Ops hates containers! Why? OSDC 2018 - Martin Alfke © example42 GmbH OPS, NET, SEC: Act! !14 • 100% Automation ! Image: example42 GmbH
  15. 15. Ops hates containers! Why? OSDC 2018 - Martin Alfke © example42 GmbH OPS, NET, SEC: Act! !15 • 80/20 - Pattern: Image: tatlin
  16. 16. Ops hates containers! Why? OSDC 2018 - Martin Alfke © example42 GmbH OPS, NET, SEC: Act! !16 • 80/20 - Pattern: • 80% time spending on 20% not automated Image: tatlin
  17. 17. Ops hates containers! Why? OSDC 2018 - Martin Alfke © example42 GmbH Containers !17 Image: wikimedia.org
  18. 18. Ops hates containers! Why? OSDC 2018 - Martin Alfke © example42 GmbH Understanding containers !18 • Short living instances • 12factor (http://12factor.net) • Persistant vs volatile data • Single node view Image: tatlin
  19. 19. Ops hates containers! Why? OSDC 2018 - Martin Alfke © example42 GmbH Troubleshoot containers !19 • registry and container build process • docker down • docker in docker Image: tatlin
  20. 20. Ops hates containers! Why? OSDC 2018 - Martin Alfke © example42 GmbH Using containers !20 • CI/CD Pipelines • Build Processes • Dashboards Image: tatlin
  21. 21. Ops hates containers! Why? OSDC 2018 - Martin Alfke © example42 GmbH Container Management !21 Image: wikimedia.org
  22. 22. Ops hates containers! Why? OSDC 2018 - Martin Alfke © example42 GmbH Understanding container management !22 • Multi node container runtime • Orchestration • Network (Egress / Ingress / Proxy) • Maintenance Image: tatlin
  23. 23. Ops hates containers! Why? OSDC 2018 - Martin Alfke © example42 GmbH Troubleshoot container management !23 • Kill a node / container • Why running an CM API service as container might be a bad idea? • Misconfiguration • Upgrades Image: tatlin
  24. 24. Ops hates containers! Why? OSDC 2018 - Martin Alfke © example42 GmbH Commercial container management !24 • Self hosted vs Managed • everybody does K8s? Image: tatlin
  25. 25. Ops hates containers! Why? OSDC 2018 - Martin Alfke © example42 GmbH Other container management !25 • Mesos/Aurora/Marathon • Titus (Netflix) • Docker Swarm • Nomad/Terraform • CoreOS / rkt Image: tatlin
  26. 26. Ops hates containers! Why? OSDC 2018 - Martin Alfke © example42 GmbH Was there something in the past? !26 Image: tatlin
  27. 27. Ops hates containers! Why? OSDC 2018 - Martin Alfke © example42 GmbH Containers and CfgMgmt !27 • Where do you run your databases? • Can you move everything to containers? • What about legacy applications? Image: tatlin
  28. 28. Ops hates containers! Why? OSDC 2018 - Martin Alfke © example42 GmbH Containers and Monitoring !28 • Dynamic Resources need dynamic monitoring solution • Global platform and service health • Container Status • sysdig, cAdvisor, Lumogon, Prometheus Image: tatlin
  29. 29. Ops hates containers! Why? OSDC 2018 - Martin Alfke © example42 GmbH Containers and Hardware !29 • Serverless does not mean no hardware • Opsless does not mean no Ops • Check with finance (CAPEX vs. OPEX) Image: tatlin
  30. 30. Ops hates containers! Why? OSDC 2018 - Martin Alfke © example42 GmbH Conclusion !30 Image: tatlin
  31. 31. Ops hates containers! Why? OSDC 2018 - Martin Alfke © example42 GmbH Conclusion !31 • Containers coming • Start learning, stop complaining • Can you fix it? • Automate everything • Choose wisely Image: tatlin
  32. 32. Ops hates containers. Why? Martin Alfke - ma@example42.com Open Source Data Center Conference - June 12-13 2018

×