Advertisement
Advertisement

More Related Content

Advertisement

Recently uploaded(20)

Virtualization, Containers, Docker and scalable container management services

  1. Abhishek Chawla & Aneesh Devasthale Software Engineers LimeTray! 17th December MeetUp
  2. Session Agenda 1. Introduction to the concept of virtualization and software containers 2. Understanding Docker as a software containerization platform 3. Scalable container management services a. Overview of AWS ECR and ECS b. Overview of kubernetes 4. Scaling Dockerized applications at LimeTray! With Kubernetes 5. Q&A 6. Problem Statement
  3. Key Takeaways 1. How to run multiple isolated applications on a single host. 2. Run Docker containers on your local machine. 3. Learn about container orchestration platforms 4. Learn about deploying and managing microservices in production.
  4. What is virtualization in computing? • Technology that transforms hardware into software upon which other software runs.
  5. Types of Virtualizations • Hardware Virtualization • Server virtualization • Software Virtualization • Operating System level virtualization
  6. Hardware virtualization • Art of running multiple operating systems (guests) in same machine (host) completely isolated from each other. • Each guest operating system runs on its own ‘virtual machine’ controlled via Hypervisor. • Each virtual machine has its own kernel. • Hypervisor - Manages these virtual machines in host operating system by allocating hardware resources to them thereby allowing you to have several virtual machines all working optimally on a single piece of computer hardware. • Example hypervisors: Oracle VirtualBox, Vmware Workstation
  7. CPU MEMORY STORAGE NIC HYPERVISOR VM VM VM VM OS OS OS OS kernel kernel kernel kernel Hardware Virtualization Architecture Applications Applications Applications Applications
  8. Operating system level virtualization • Virtualization is provided by the host Operating System • Doesn’t use external hypervisor at all • OS kernel itself performs all the functionalities of a fully virtualized hypervisor by allowing existence of multiple user space instances called as software containers. • Examples : Linux Containers, Docker
  9. Introduction to Software Containers • A lightweight virtual machine • Illusion of running multiple operating systems on a single machine sharing same host kernel • A linux container is itself a process in host operating system • Makes use of namespace isolation and cgroups
  10. Container versus virtual machine 1. Lightweight and fast : Occupies much less memory compared to host VM’s. 2. Hardware resources like CPU and memory are shared between host machine and container 3. Density - can install many more containers on host machine compared to VM’s. 4. Much faster startup and shutdown since the kernel and hardware resources are shared
  11. APP1 APP2
  12. What is Docker? • Software containerization platform • An extension of LXC’s capabilities • Platform for packaging and running applications inside software containers
  13. Advantages and use cases • Simplifies distribution, shipping and deployment of applications • Build once, run anywhere • No worries of missing dependencies, installing and configuring the application during subsequent deployments • Each application runs in its own isolated container, thereby allowing running of multiple/similar versions of same app/library in same host machine • Easier to scale applications, application already packed and installed, just run it • Easier to run you application as a failsafe long running service
  14. Docker’s Architecture • Client-Server Architecture • Client - Communicates with docker host, gives it instructions to build, run and distribute your applications • Host - Communicates with clients via REST, Socket. • Registry - A library of docker images, can be locally or publically hosted.
  15. Docker’s Architecture
  16. Docker images and layers • Immutable snapshot of application installed in Linux based OS or Linux based OS itself. • Can be built from scratch • Can be downloaded via any Docker Registry • Can be easily extended • Every image extends a base image ex: ubuntu, centos, alpine .. • Instructions to create an image are described in ‘Dockerfile’ • It's the docker images which make distribution and shipping of Dockerized applications a breeze
  17. Docker images and layers • Can be distributed via publically/privately hosted docker registry • Each image consists of series of layers • New layer built on every application update • Layering makes it easier to distributes updates to a dockerized application since only updated layer is transferred over the network
  18. Docker Containers • Runnable instance of an image, created when images are started with ‘run’ command • if an image is a class, then a container is an instance of a class, a runtime object • Image defines container’s contents and configuration details • Containers can be started, stopped or deleted anytime • Runs in complete isolation
  19. Docker Containers • Running containers add a read/write layer on top of the image • Can enter into container using docker client API’s • The persistence state of the container can be committed into a new image and is retained even after the container is stopped • Committing a container’s state creates a new image by adding an extra layer to the existing image
  20. Docker Registries • Stored Docker images • Can be publically or privately hosted • Docker images can be pulled or pushed to/from these registries • Popular Hosted Registries : Docker Hub, AWS ECR, google container registry, Azure container registry
  21. Docker Volumes • Data directory which can be initialized within the container • Can be initialized via image at runtime or configured in Dockerfile • Data volume is shared with the host machine in /var/lib/docker/volumes directory • Any change in data directory within the container is reflected in real-time in the host machine and vice versa • Can also mount a directory from your Docker engine’s host into a container • This helps data volumes to be shared among multiple containers simultaneously • Persist even if container is deleted
  22. The Dockerfile • Contains instructions for building docker images • FROM - specifies base image • RUN - Executes the command in new layer on top of current image and commits the result, examples : • RUN mkdir /test, RUN apt-get update • yum update && yum install wget -y && • yum -y install initscripts && yum clean all • WORKDIR : Specifies the working directory for RUN, CMD, ENTRYPOINT, COPY and ADD instructions
  23. The Dockerfile • COPY - copies specified contents from host to docker image filesystem at specified path, example: • COPY temp/test.txt /opt • CMD - commands to be executed at the start of the container, can be overridden at the time of container start, examples: • CMD java -jar test.jar • CMD [“java”,”-jar”,”test.jar”] • CMD ./script.sh • EXPOSE - exposes the local container port on which the container will listen for connections, example: EXPOSE 8080
  24. The Dockerfile • ENTRYPOINT - commands to be executed at the start of the container, cannot be overridden at the time of container start, examples: • ENTRYPOINT java -jar test.jar • ENTRYPOINT [“java”,”-jar”,”test.jar”] • ENTRYPOINT ./script.sh • Best practice - use ENTRYPOINT to set image’s main command and CMD to set default flags • VOLUME - creates a mount point in the container mapped to the host directory, example VOLUME /data/db
  25. Essential commands • $ docker images • Lists existing images on the host • $ docker run -it <imageId/image tag> • Run the image in a new container in interactive mode (enters into container) • $ docker exec -it <containerId/name> /bin/bash • Enters into container
  26. Essential commands • $ docker ps -a • Lists existing containers with details on the host • $ docker start <containerId/name> • Starts a stopped container • $ docker stop <containerId/name>. • Stops a running container
  27. Essential commands • docker commit <containerId/name> repository:tag_name • create a new image from existing image • docker run -it <imageId/image tag> cmd • Run docker image with a command • docker rmi <imageName/repo:tag> • Remove image
  28. Essential commands • Docker rm <containerId> • Removes the container • docker tag <imageID> abhidtu/dockertest:latest • Tags the image • docker login • Login to dockerhub with your credentials • docker push abhidtu/dockertest • Push the local image a hosted registry
  29. Essential commands • docker pull abhidtu/dockertest • Push the image from a hosted registry • docker run -it -p host port:container port <imageId/image tag> • Maps host port to container port • Docker inspect <containerId/name> • Lists down container details
  30. Essential commands • Docker run -it -v /temp <imageName/repo:tag> • Mounts /temp directory inside the container, maps to host directory in var/lib/docker/volumes • Docker run -it -v /home/uname/temp:temp <imageName/repo:tag> • Mounts /temp directory inside the container, maps to host directory /home/uname/temp
  31. Building custom Docker images Docker build -t <yourImageTag> <path to Dockerfile> - builds the docker image with specified tag using instructions from Dockerfile in same directory. Builds images in layers and uses local cache if layer already exists
  32. Running images in Docker containers • Docker run <imageId/reop:tag> runs the image in a new container. • Containers can be stopped, killed, started anytime
  33. Pushing and pulling images from Docker Hub • Steps to push/pull images from Docker Hub • Docker login • Docker push • Docker pull
  34. Scalable Container Management Services 1. Amazon ECS 2. Kubernetes 3. Docker Swarm 4. Azure Container Service
  35. Amazon Elastic Container Registry • Fully managed docker container registry • Integrated with Amazon ECS • eliminates the need to operate your own container repositories • Repositories hosted in a scalable and highly available architecture • Pay only for the data stored in repositories and transferred to internet
  36. Amazon Elastic Container Service • Highly scalable and fast container management service • Easily deploy and scale Docker containers on cluster of EC2 instances • Supports auto-scaling • Create Task definitions using hosted Docker images • Runt tasks or create services from this task definition to run on EC2 cluster • Start service via aws console or aws-cli
  37. Monolith to 40 Microservices in 3 months With AWS and Kubernetes at LimeTray • What We Do? • Get restaurant's online. • Provide them tools to engage better with their business. • Help them operate as efficiently as possible.
  38. Some of our clients
  39. Our Tech Stack Looked Like... • A PHP monolith application, supported by a few external services. • Scaling was tough. • Low release velocity. • Bad developer experience. • Bad QA experience.
  40. Microservices to the rescue • Define service boundaries based on business domains. • Isolated databases. • Independent deployments. • Establish a few standards without compromising on developer freedom.
  41. Kubernetes to the rescue • Production-Grade Container Orchestration System by Google. • Automates deployment, scaling, and management of containerized applications.
  42. Kubernetes Architecture • Master: Runs control plane • Minions: Run your application containers
  43. Kubernetes objects • Services • Deployments • Replica Sets • Pods
  44. Challenges in the microservice world • Environments • Config • Service discovery and networking • Access • Auto Scaling • Automation • Logging and Monitoring
  45. Environments • Have at least 3 isolated different environments. • We called them test, staging and production. • Kubernetes namespaces + different clusters. Everybody has a testing environment. Some people are lucky enough enough to have a totally separate environment to run production in.
  46. Config • Manage environment specific configuration • Keep config independent of application. • Combination of environment variables + Secrets
  47. Service Discovery & Networking • Communication via HTTP APIs and Pub/Sub. • Inter-service communication should not leak across environment boundaries. • Painless as possible for developers to write code that utilize other services. • KubeDNS: Use DNS Service’s IP to resolve DNS names.
  48. Access Control • Wanted an easy way to expose web based applications on the internet. - LTProxy • At the same time, restrict access to internal core services. • Service Types: ClusterIP / LoadBalancer • Ingress via Nginx+KubeLego for automating SSL cert generation.
  49. Horizontal autoscaling Launch instances basis CPU usage/load. Automatically scale down when load goes down. Alerts on autoscaling: lime-bot
  50. Automation • Set up a Jenkins Pipeline to automate deployments via Github webhooks. • Versioned Docker image to ensure that the same code runs on all 3 envs.
  51. Logging and Monitoring • Elasticsearch + Kibana for application logs. • Log collection via Fluentd • Heapster + InfluxDB + Grafana for monitoring
  52. We’re Hiring! Liked what we do? Come join us to be a part of more interesting challenges! limetray.com/careers
  53. Q&A
  54. Problem Statement 1. Create a RESTful web API which prints 'hello' in the language and framework of your choice 2. Write the Dockerfile for this project, build the image and push it to AWS ECR 3. Create an ECS task with this image 4. Create an ECS optimized EC2 cluster 5. Deploy this task on the cluster as a service 6. Test the API

Editor's Notes

  1. Writing microservice code is easy. The challenge is in deployment and establishing a process. Learning/adapting to team requirements
Advertisement