Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

[Container world 2017] The Questions You're Afraid to Ask about Containers

7,519 views

Published on

Use the Right Container Technology for the Job

Application containers, machine containers, process containers, system containers -- what's the difference? 12-factor apps, Microservices, cloud-native application design -- are these real? Docker, Rocket, OCID, LXD -- do I need all of them? Should I run PaaS on top of my IaaS, or my IaaS on top of my PaaS? Do containers fit into PaaS or IaaS? Or both? Neither? Where are the intersections of Kubernetes, Swarm, Mesos, and OpenStack? How do I ensure compatibility across my public and private clouds? And how does bare metal -- from my commodity, scale-out x86 to my powerful, scale-up mainframes fit into all of this? Can any of this stuff actually be used in a highly secure environment? In this session, Dustin Kirkland, Ubuntu Product and Strategy Lead at Canonical, will explain the container ecosystem in clear, concise terms, from real enterprise user experience -- the successes and the failures.

Published in: Software
  • Hello! Get Your Professional Job-Winning Resume Here - Check our website! https://vk.cc/818RFv
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

[Container world 2017] The Questions You're Afraid to Ask about Containers

  1. 1. #CONTAINERWORLD Using the right container tech for the job or, the questions you’re too afraid to ask about containers @DustinKirkland
  2. 2. @DustinKirkland Canonical is the company behind Ubuntu
  3. 3. @DustinKirkland EMPLOYEES London Boston Shanghai Taipei 800+ COUNTRIES 47+ FOUNDED 2004 Beijing Austin Tokyo
  4. 4. @DustinKirkland What’s all the hype about? Containers have been around forever… They’re just little VMs, aren’t they? asked no one, ever.
  5. 5. @DustinKirkland virtual machines process containers application containers machine containers Taxonomy
  6. 6. @DustinKirkland let’s see a quick demo
  7. 7. @DustinKirkland Should I run my PAAS on top of my IAAS? Or should I run my IAAS on top of my PAAS? asked no one, ever.
  8. 8. @DustinKirkland Kubernetes on top of OpenStack Docker Kubernetes OpenStack LXD MAAS Bare Metal LXD
  9. 9. @DustinKirkland OpenStack on top of Kubernetes Docker OpenStack Kubernetes LXD MAAS Bare Metal LXD
  10. 10. @DustinKirkland Kubernetes along with OpenStack Docker Kubernetes + OpenStack LXD MAAS Bare Metal LXD
  11. 11. @DustinKirkland $ conjure-up kubernetes One command to deploy a complete Kubernetes on Ubuntu 16.04 LTS
  12. 12. @DustinKirkland Just how fast are containers, really? asked no one, ever.
  13. 13. @DustinKirkland let’s run some benchmarks
  14. 14. @DustinKirkland If we take a VM running on IaaS, and run it on PaaS in a Docker container, does that mean the app is now “dockerized”? asked no one, ever.
  15. 15. @DustinKirkland let’s break that down
  16. 16. @DustinKirkland IaaS PaaS
  17. 17. @DustinKirkland let’s look at a workload
  18. 18. @DustinKirkland ● SwissCom’s new workloads are “dockerized” ● Was 400 VMs running 400 databases ● Now 20 VMs running 400 Databases ● DBaaS through the organization ● Build, Ship, Run mentality within the IT organization Source: https://www.docker.com/use-cases/infrastructure-optimization
  19. 19. @DustinKirkland ● Digitized transaction workflow, mathematically secured ● Shared, replicated ledger ● IBM Blockchain workloads are “dockerized” ● IBM Mainframe hardware ● Ubuntu Linux ● Docker images ● Hyperledger software ● Cutting edge technology ● Lots of run-to-completion, stateless number crunching Source: http://www.ibm.com/blockchain/hyperledger.html
  20. 20. @DustinKirkland ● Mature, legacy code base, that generally “just works” ● No desire really to ever touch it again ● Linux, Apache, PHP, Postgres, on AWS -- should dockerize easily, right? ● Those were easy, but what about Cron? Logrotate? Vacuumdb? Backup? Package updates? ● DivItUp.com moved to LXD much more easily
  21. 21. @DustinKirkland Does your new 12-factor app implement a cloud-native design with a microservice architecture? asked no one, ever.
  22. 22. @DustinKirkland 12-factor cloud-native micro-service, huh?
  23. 23. @DustinKirkland Source: http://microservices.io/patterns/microservices.html Microservice Architecture
  24. 24. @DustinKirkland Source: http://12factor.net 12-factor app
  25. 25. @DustinKirkland Cloud Native Design Source: https://pivotal.io/cloud-native
  26. 26. @DustinKirkland Can any of this container stuff actually be used securely in production in an enterprise environment? asked no one, ever.
  27. 27. @DustinKirkland Resource Control Discretionary Access Mandatory Access Fine Grained Access cgroups namespaces apparmor seccomp Container Security
  28. 28. # Count the CPUs and Memory available lxc exec demo1 -- grep processor /proc/cpuinfo lxc exec demo1 -- free # Limit the container to 1 CPU and 128MB of Mem lxc config set demo1 limits.cpu 1 lxc config set demo1 limits.memory 128MB lxc stop demo1 && lxc start demo1 # Recount the CPUs and Memory available lxc exec demo1 -- grep processor /proc/cpuinfo lxc exec demo1 -- free
  29. 29. Ubuntu in production
  30. 30. @DustinKirkland How do you ensure patches get applied everywhere? asked no one, ever.
  31. 31. @DustinKirkland let’s recreate new stateless containers
  32. 32. @DustinKirkland let’s update stateful containers
  33. 33. @DustinKirkland
  34. 34. @DustinKirkland@DustinKirkland Using the right container tech for the job or, the questions you’re too afraid to ask about containers Container World Santa Clara, CA February 21, 2017

×