SlideShare a Scribd company logo

Declare your infrastructure: InfraKit, LinuxKit and Moby

Moby Project
Moby Project

InfraKit is a toolkit for infrastructure orchestration. With an emphasis on immutable infrastructure, it breaks down infrastructure automation and management processes into small, pluggable components. These components work together to actively ensure the infrastructure state matches the user's specifications. InfraKit therefore provides infrastructure support for higher-level container orchestration systems and can make your infrastructure self-managing and self-healing.

Technology
1 of 24
Download to read offline
Declare Your Infrastructure InfraKit, LinuxKit, and Moby Steven Kaufer, David Freitag – IBM Cloud
Infrakit Agenda Why Infrakit + Terraform? Terraform Instance Plugin Overview Topology Example Swarm Cluster Bootstrapping
Why Infrakit + Terraform? Terraform - Manages declarative infrastructure (as code) - Broad platform coverage - Focuses on initial deployment Infrakit - Active monitoring - Enforcement of declarative specifications - Group abstraction
Infrakit Terraform Instance Plugin • Each instance defined in unique tf.json file • Files built from a common instance specification with unique attributes • Update = File removal (destroy) + replacement (provision) $ ls instance-1507652020.tf.json instance-1507652021.tf.json instance-1507652022.tf.json terraform.tfstate { "resource": { "ibm_compute_vm_instance": { "instance-1507652020": { "cores": 2, "hostname": "worker-1507652020", "tags": [ "infrakit.group:workers", "name:instance-1507652020" ... } tf.json instance-1507652020.tf.json
Topology Example Node 1 Node 2 Node 3 $ ls instance-1.tf.json instance-2.tf.json instance-2.tf.json
Topology Example Block Storage 1 Block Storage 2 Block Storage 3 Node 1 Node 2 Node 3
Topology Example Network File Storage Block Storage 1 Block Storage 2 Block Storage 3 Node 1 Node 2 Node 3
Topology Example Network File Storage Block Storage 1 Block Storage 2 Block Storage 3 Node 1.1 Node 1 Node 2 Node 3
Topology Example Network File Storage Block Storage 1 Block Storage 2 Block Storage 3 Node 1.1 Node 1 Node 2 Node 3 • Where is the block and network storage defined? • How can node x reference the related resources?
Solution – Resource Scoping Network File Storage Block Storage 1 Block Storage 2 Block Storage 3 Node 1.1 Node 1 Node 2 Node 3 Dedicated Scope - Re-attach on rolling update Global Scope - Tied to group lifecycle
Solution – Resource Scoping Network File Storage Block Storage 1 Block Storage 2 Block Storage 3 Node 1.1 Node 1 Node 2 Node 3 Dedicated Scope - Re-attach on rolling update Global Scope - Tied to group lifecycle
Resource Scoping - Use @scope resource property - dedicated: Loosely coupled with VM - global: Coupled with the scope (group) { "Allocation": { "LogicalIDs": ["mgr1", "mgr2", "mgr3"] }, "Instance": { "Plugin": "instance-terraform", "Properties": { "resource": { "ibm_compute_vm_instance": { "host": {...} }, "ibm_storage_file": { "my_file_storage": { "@scope": "managers", ... } } "ibm_storage_block": { "my_block_storage": { "@scope": "@dedicated-managers", ... } }, ... $ ls instance-xxx1.tf.json instance-xxx2.tf.json instance-xxx3.tf.json managers_dedicated_mgr1.tf.json managers_dedicated_mgr2.tf.json managers_dedicated_mgr3.tf.json managers_global.tf.json @scope
Resource Scoping Reference related resource using terraform interpolation - Predicable “type.name.attribute” path: - Global: - Dedicated quorum: - Dedicated scaler: ${ibm_storage_file.managers-my_file_storage.id} ${ibm_storage_block.workers-{{ var "/self/dedicated/attachId" }}-my_block_storage.id} <resource-type>.<scope>-[<logicalID|index>-]<given-resource-name>.<attribute> [----------------resource-name------------------] ${ibm_storage_block.managers-{{ var "/self/logicalId" }}-my_block_storage.id}
Resource Scoping Demo
Swarm Cluster Bootstrapping Network File Storage Mgr-1 Goals: - Infrakit running on each swarm manager - Shared terraform files on NFS - Self-healing and self-managing with leadership failover Mgr-2 Mgr-3 InfraKit
Mgr-1 Bootstrap Flow: 1. Create seed VM in IBM Schematics SeedVM Swarm Cluster Bootstrapping
Swarm Cluster Bootstrapping Network File Storage Mgr-1 Bootstrap Flow: 1. Create seed VM in IBM Schematics 2. Mount NFS SeedVM
Swarm Cluster Bootstrapping Network File Storage Mgr-1 Bootstrap Flow: 1. Create seed VM in IBM Schematics 2. Mount NFS 3. Import current VM and NFS into TF and create import tf.json files SeedVM InfraKit tf.json
Swarm Cluster Bootstrapping Network File Storage Mgr-1 Bootstrap Flow: 1. Create seed VM in IBM Schematics 2. Mount NFS 3. Import current VM and NFS into TF and create import tf.json files 4. Scale out group SeedVM Mgr-2 Mgr-3 InfraKit tf.json
Bootstrapping Resources - Define resource(s) in plugin.config file - Imports resources into terraform state - Creates tf.json files "inproc": { "Kind": "terraform", "Options": { "ImportResources": [ { "ResourceType": "ibm_compute_vm_instance", "ResourceID": "<vm-id>" }, { "ResourceType": "ibm_storage_file", "ResourceID": "<file-storage-id>" } ] } } tf.json plugin.config plugin.config
Group Bootstrapping Demo
Thanks! Declare Your Infrastructure InfraKit, LinuxKit, and Moby
Resource Scoping Demo Backup # cat instance-1507834700.tf.json { "resource": { "ibm_compute_vm_instance": { "instance-1507834700": { "cores": "2", "datacenter": "dal10", "memory": "2048", "tags": [ "swarm-id:jwd0s2qozy4re26mbx0zcvj42", "infrakit.attach:workers_dedicated_1 workers_global", "name:instance-1507834700", "infrakit-link:rmncsfzc6l3f23nn", "infrakit-link-context:swarm::jwd0s2qozy4re26mbx0zcvj42::worker", "infrakit-link-created:2017-10-12t18:58:20z", "infrakit.config_sha:s3yqjs7hpijtxue5l2tbudqxq5dgkwhh", "infrakit.group:workers" ], "user_metadata": "echo NFS-ID: ${ibm_storage_file.workers-my_file_storage.id} BS-ID: ${ibm_storage_block.workers-1-my_block_storage.id} ... "
Resource Scoping Demo Backup # infrakit group/workers describe ID LOGICAL TAGS instance-1507652020 - infrakit.attach=workers_dedicated_1,workers_global instance-1507652021 - infrakit.attach=workers_dedicated_2,workers_global instance-1507652022 - infrakit.attach=workers_dedicated_3,workers_global # terraform show ibm_compute_vm_instance.instance-1507652020: id = 41638329 tags.1986196614 = infrakit.attach:workers_dedicated_1 workers_global user_metadata = echo NFS-ID: 32062003 BS-ID: 32062011 ibm_compute_vm_instance.instance-1507652021: id = 41639325 tags.1604993140 = infrakit.attach:workers_dedicated_2 workers_global user_metadata = echo NFS-ID: 32062003 BS-ID: 32062595 ibm_compute_vm_instance.instance-1507652022: id = 41640617 tags.4056076773 = infrakit.attach:workers_dedicated_3 workers_global user_metadata = echo NFS-ID: 32062003 BS-ID: 32062597 ibm_storage_block.workers-1-my_block_storage: id = 32062011 ibm_storage_block.workers-2-my_block_storage: id = 32062595 ibm_storage_block.workers-3-my_block_storage: id = 32062597 ibm_storage_file.workers-my_file_storage: id = 32062003

Recommended

Using linuxKit to build custom rancherOS systems
Using linuxKit to build custom rancherOS systems Using linuxKit to build custom rancherOS systems
Using linuxKit to build custom rancherOS systems Moby Project
 
CoreOS intro
CoreOS introCoreOS intro
CoreOS introTimo Derstappen
 
CoreOS: Control Your Fleet
CoreOS: Control Your FleetCoreOS: Control Your Fleet
CoreOS: Control Your FleetMatthew Jones
 
Docker n co
Docker n coDocker n co
Docker n coRohit Jnagal
 
CoreOS @Codetalks Hamburg
CoreOS @Codetalks HamburgCoreOS @Codetalks Hamburg
CoreOS @Codetalks HamburgTimo Derstappen
 
CoreOS + Kubernetes @ All Things Open 2015
CoreOS + Kubernetes @ All Things Open 2015CoreOS + Kubernetes @ All Things Open 2015
CoreOS + Kubernetes @ All Things Open 2015Brandon Philips
 
Object Storage with Gluster
Object Storage with GlusterObject Storage with Gluster
Object Storage with GlusterGluster.org
 
CoreOS introduction - Johann Romefort
CoreOS introduction - Johann RomefortCoreOS introduction - Johann Romefort
CoreOS introduction - Johann RomefortStylight
 

Recommended

Using linuxKit to build custom rancherOS systems
Using linuxKit to build custom rancherOS systems Using linuxKit to build custom rancherOS systems
Using linuxKit to build custom rancherOS systems Moby Project
 
CoreOS intro
CoreOS introCoreOS intro
CoreOS introTimo Derstappen
 
CoreOS: Control Your Fleet
CoreOS: Control Your FleetCoreOS: Control Your Fleet
CoreOS: Control Your FleetMatthew Jones
 
Docker n co
Docker n coDocker n co
Docker n coRohit Jnagal
 
CoreOS @Codetalks Hamburg
CoreOS @Codetalks HamburgCoreOS @Codetalks Hamburg
CoreOS @Codetalks HamburgTimo Derstappen
 
CoreOS + Kubernetes @ All Things Open 2015
CoreOS + Kubernetes @ All Things Open 2015CoreOS + Kubernetes @ All Things Open 2015
CoreOS + Kubernetes @ All Things Open 2015Brandon Philips
 
Object Storage with Gluster
Object Storage with GlusterObject Storage with Gluster
Object Storage with GlusterGluster.org
 
CoreOS introduction - Johann Romefort
CoreOS introduction - Johann RomefortCoreOS introduction - Johann Romefort
CoreOS introduction - Johann RomefortStylight
 
Docker Overview
Docker OverviewDocker Overview
Docker OverviewRohit Jnagal
 
CoreOS in a Nutshell
CoreOS in a NutshellCoreOS in a Nutshell
CoreOS in a NutshellCoreOS
 
Containers: What are they, Really?
Containers: What are they, Really?Containers: What are they, Really?
Containers: What are they, Really?Sneha Inguva
 
Docker 1.11 @ Docker SF Meetup
Docker 1.11 @ Docker SF MeetupDocker 1.11 @ Docker SF Meetup
Docker 1.11 @ Docker SF MeetupDocker, Inc.
 
CoreOS Intro
CoreOS IntroCoreOS Intro
CoreOS IntroIsaac Johnston
 
What Have Syscalls Done for you Lately?
What Have Syscalls Done for you Lately?What Have Syscalls Done for you Lately?
What Have Syscalls Done for you Lately?Docker, Inc.
 
Container & kubernetes
Container & kubernetesContainer & kubernetes
Container & kubernetesTed Jung
 
Launching containers with fleet
Launching containers with fleetLaunching containers with fleet
Launching containers with fleet충섭 김
 
Small, Simple, and Secure: Alpine Linux under the Microscope
Small, Simple, and Secure: Alpine Linux under the MicroscopeSmall, Simple, and Secure: Alpine Linux under the Microscope
Small, Simple, and Secure: Alpine Linux under the MicroscopeDocker, Inc.
 
Couch to OpenStack: Cinder - August 6, 2013
Couch to OpenStack: Cinder - August 6, 2013Couch to OpenStack: Cinder - August 6, 2013
Couch to OpenStack: Cinder - August 6, 2013Trevor Roberts Jr.
 
Docker volume-isolator-in-mesos
Docker volume-isolator-in-mesosDocker volume-isolator-in-mesos
Docker volume-isolator-in-mesosGuangya Liu
 
Painless ruby deployment on shelly cloud
Painless ruby deployment on shelly cloudPainless ruby deployment on shelly cloud
Painless ruby deployment on shelly cloudGiedrius Rimkus
 
2017-03-11 02 Денис Нелюбин. Docker & Ansible - лучшие друзья DevOps
2017-03-11 02 Денис Нелюбин. Docker & Ansible - лучшие друзья DevOps2017-03-11 02 Денис Нелюбин. Docker & Ansible - лучшие друзья DevOps
2017-03-11 02 Денис Нелюбин. Docker & Ansible - лучшие друзья DevOpsОмские ИТ-субботники
 
On MongoDB backup
On MongoDB backupOn MongoDB backup
On MongoDB backupWilliam Yeh
 
15 kubernetes failure points you should watch
15 kubernetes failure points you should watch15 kubernetes failure points you should watch
15 kubernetes failure points you should watchSysdig
 
How to operate containerized OpenStack
How to operate containerized OpenStackHow to operate containerized OpenStack
How to operate containerized OpenStackNalee Jang
 
Practical Glusto Example
Practical Glusto ExamplePractical Glusto Example
Practical Glusto ExampleGluster.org
 
Docker Swarm 0.2.0
Docker Swarm 0.2.0Docker Swarm 0.2.0
Docker Swarm 0.2.0Docker, Inc.
 
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby Michelle Antebi
 
Docker consul-registrator
Docker consul-registratorDocker consul-registrator
Docker consul-registratorlaonap166
 
Comprehensive Terraform Training
Comprehensive Terraform TrainingComprehensive Terraform Training
Comprehensive Terraform TrainingYevgeniy Brikman
 
Immutable Deployments with AWS CloudFormation and AWS Lambda
Immutable Deployments with AWS CloudFormation and AWS LambdaImmutable Deployments with AWS CloudFormation and AWS Lambda
Immutable Deployments with AWS CloudFormation and AWS LambdaAOE
 

More Related Content

What's hot

CoreOS in a Nutshell
CoreOS in a NutshellCoreOS in a Nutshell
CoreOS in a NutshellCoreOS
 
Containers: What are they, Really?
Containers: What are they, Really?Containers: What are they, Really?
Containers: What are they, Really?Sneha Inguva
 
Docker 1.11 @ Docker SF Meetup
Docker 1.11 @ Docker SF MeetupDocker 1.11 @ Docker SF Meetup
Docker 1.11 @ Docker SF MeetupDocker, Inc.
 
What Have Syscalls Done for you Lately?
What Have Syscalls Done for you Lately?What Have Syscalls Done for you Lately?
What Have Syscalls Done for you Lately?Docker, Inc.
 
Container & kubernetes
Container & kubernetesContainer & kubernetes
Container & kubernetesTed Jung
 
Launching containers with fleet
Launching containers with fleetLaunching containers with fleet
Launching containers with fleet충섭 김
 
Small, Simple, and Secure: Alpine Linux under the Microscope
Small, Simple, and Secure: Alpine Linux under the MicroscopeSmall, Simple, and Secure: Alpine Linux under the Microscope
Small, Simple, and Secure: Alpine Linux under the MicroscopeDocker, Inc.
 
Couch to OpenStack: Cinder - August 6, 2013
Couch to OpenStack: Cinder - August 6, 2013Couch to OpenStack: Cinder - August 6, 2013
Couch to OpenStack: Cinder - August 6, 2013Trevor Roberts Jr.
 
Docker volume-isolator-in-mesos
Docker volume-isolator-in-mesosDocker volume-isolator-in-mesos
Docker volume-isolator-in-mesosGuangya Liu
 
Painless ruby deployment on shelly cloud
Painless ruby deployment on shelly cloudPainless ruby deployment on shelly cloud
Painless ruby deployment on shelly cloudGiedrius Rimkus
 
2017-03-11 02 Денис Нелюбин. Docker & Ansible - лучшие друзья DevOps
2017-03-11 02 Денис Нелюбин. Docker & Ansible - лучшие друзья DevOps2017-03-11 02 Денис Нелюбин. Docker & Ansible - лучшие друзья DevOps
2017-03-11 02 Денис Нелюбин. Docker & Ansible - лучшие друзья DevOpsОмские ИТ-субботники
 
On MongoDB backup
On MongoDB backupOn MongoDB backup
On MongoDB backupWilliam Yeh
 
15 kubernetes failure points you should watch
15 kubernetes failure points you should watch15 kubernetes failure points you should watch
15 kubernetes failure points you should watchSysdig
 
How to operate containerized OpenStack
How to operate containerized OpenStackHow to operate containerized OpenStack
How to operate containerized OpenStackNalee Jang
 
Practical Glusto Example
Practical Glusto ExamplePractical Glusto Example
Practical Glusto ExampleGluster.org
 
Docker Swarm 0.2.0
Docker Swarm 0.2.0Docker Swarm 0.2.0
Docker Swarm 0.2.0Docker, Inc.
 
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby Michelle Antebi
 
Docker consul-registrator
Docker consul-registratorDocker consul-registrator
Docker consul-registratorlaonap166
 

What's hot (20)

Docker Overview
Docker OverviewDocker Overview
Docker Overview
 
CoreOS in a Nutshell
CoreOS in a NutshellCoreOS in a Nutshell
CoreOS in a Nutshell
 
Containers: What are they, Really?
Containers: What are they, Really?Containers: What are they, Really?
Containers: What are they, Really?
 
Docker 1.11 @ Docker SF Meetup
Docker 1.11 @ Docker SF MeetupDocker 1.11 @ Docker SF Meetup
Docker 1.11 @ Docker SF Meetup
 
CoreOS Intro
CoreOS IntroCoreOS Intro
CoreOS Intro
 
What Have Syscalls Done for you Lately?
What Have Syscalls Done for you Lately?What Have Syscalls Done for you Lately?
What Have Syscalls Done for you Lately?
 
Container & kubernetes
Container & kubernetesContainer & kubernetes
Container & kubernetes
 
Launching containers with fleet
Launching containers with fleetLaunching containers with fleet
Launching containers with fleet
 
Small, Simple, and Secure: Alpine Linux under the Microscope
Small, Simple, and Secure: Alpine Linux under the MicroscopeSmall, Simple, and Secure: Alpine Linux under the Microscope
Small, Simple, and Secure: Alpine Linux under the Microscope
 
Couch to OpenStack: Cinder - August 6, 2013
Couch to OpenStack: Cinder - August 6, 2013Couch to OpenStack: Cinder - August 6, 2013
Couch to OpenStack: Cinder - August 6, 2013
 
Docker volume-isolator-in-mesos
Docker volume-isolator-in-mesosDocker volume-isolator-in-mesos
Docker volume-isolator-in-mesos
 
Painless ruby deployment on shelly cloud
Painless ruby deployment on shelly cloudPainless ruby deployment on shelly cloud
Painless ruby deployment on shelly cloud
 
2017-03-11 02 Денис Нелюбин. Docker & Ansible - лучшие друзья DevOps
2017-03-11 02 Денис Нелюбин. Docker & Ansible - лучшие друзья DevOps2017-03-11 02 Денис Нелюбин. Docker & Ansible - лучшие друзья DevOps
2017-03-11 02 Денис Нелюбин. Docker & Ansible - лучшие друзья DevOps
 
On MongoDB backup
On MongoDB backupOn MongoDB backup
On MongoDB backup
 
15 kubernetes failure points you should watch
15 kubernetes failure points you should watch15 kubernetes failure points you should watch
15 kubernetes failure points you should watch
 
How to operate containerized OpenStack
How to operate containerized OpenStackHow to operate containerized OpenStack
How to operate containerized OpenStack
 
Practical Glusto Example
Practical Glusto ExamplePractical Glusto Example
Practical Glusto Example
 
Docker Swarm 0.2.0
Docker Swarm 0.2.0Docker Swarm 0.2.0
Docker Swarm 0.2.0
 
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby
 
Docker consul-registrator
Docker consul-registratorDocker consul-registrator
Docker consul-registrator
 

Similar to Declare your infrastructure: InfraKit, LinuxKit and Moby

Comprehensive Terraform Training
Comprehensive Terraform TrainingComprehensive Terraform Training
Comprehensive Terraform TrainingYevgeniy Brikman
 
Immutable Deployments with AWS CloudFormation and AWS Lambda
Immutable Deployments with AWS CloudFormation and AWS LambdaImmutable Deployments with AWS CloudFormation and AWS Lambda
Immutable Deployments with AWS CloudFormation and AWS LambdaAOE
 
Terrastore - A document database for developers
Terrastore - A document database for developersTerrastore - A document database for developers
Terrastore - A document database for developersSergio Bossa
 
AEM GEMs Session Oak Lucene Indexes
AEM GEMs Session Oak Lucene IndexesAEM GEMs Session Oak Lucene Indexes
AEM GEMs Session Oak Lucene IndexesAdobeMarketingCloud
 
Hopping in clouds - phpuk 17
Hopping in clouds - phpuk 17Hopping in clouds - phpuk 17
Hopping in clouds - phpuk 17Michele Orselli
 
Apache: Big Data - Starting with Apache Spark, Best Practices
Apache: Big Data - Starting with Apache Spark, Best PracticesApache: Big Data - Starting with Apache Spark, Best Practices
Apache: Big Data - Starting with Apache Spark, Best Practicesfelixcss
 
Terraform 0.9 + good practices
Terraform 0.9 + good practicesTerraform 0.9 + good practices
Terraform 0.9 + good practicesRadek Simko
 
Terraform in deployment pipeline
Terraform in deployment pipelineTerraform in deployment pipeline
Terraform in deployment pipelineAnton Babenko
 
UKOUG 2011 - Drag, Drop and other Stuff. Using your Database as a File Server
UKOUG 2011 - Drag, Drop and other Stuff. Using your Database as a File ServerUKOUG 2011 - Drag, Drop and other Stuff. Using your Database as a File Server
UKOUG 2011 - Drag, Drop and other Stuff. Using your Database as a File ServerMarco Gralike
 
Infrastructure as Code - Terraform - Devfest 2018
Infrastructure as Code - Terraform - Devfest 2018Infrastructure as Code - Terraform - Devfest 2018
Infrastructure as Code - Terraform - Devfest 2018Mathieu Herbert
 
A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices Nebulaworks
 
Real-Time Spark: From Interactive Queries to Streaming
Real-Time Spark: From Interactive Queries to StreamingReal-Time Spark: From Interactive Queries to Streaming
Real-Time Spark: From Interactive Queries to StreamingDatabricks
 
Declarative & workflow based infrastructure with Terraform
Declarative & workflow based infrastructure with TerraformDeclarative & workflow based infrastructure with Terraform
Declarative & workflow based infrastructure with TerraformRadek Simko
 
BGOUG 2012 - Drag & drop and other stuff - Using your database as a file server
BGOUG 2012 - Drag & drop and other stuff - Using your database as a file serverBGOUG 2012 - Drag & drop and other stuff - Using your database as a file server
BGOUG 2012 - Drag & drop and other stuff - Using your database as a file serverMarco Gralike
 
DevOps Enabling Your Team
DevOps Enabling Your TeamDevOps Enabling Your Team
DevOps Enabling Your TeamGR8Conf
 
CRESTCon Asia 2018 - Config Password Encryption Gone Wrong
CRESTCon Asia 2018 - Config Password Encryption Gone WrongCRESTCon Asia 2018 - Config Password Encryption Gone Wrong
CRESTCon Asia 2018 - Config Password Encryption Gone WrongKeith Lee
 

Similar to Declare your infrastructure: InfraKit, LinuxKit and Moby (20)

Comprehensive Terraform Training
Comprehensive Terraform TrainingComprehensive Terraform Training
Comprehensive Terraform Training
 
Immutable Deployments with AWS CloudFormation and AWS Lambda
Immutable Deployments with AWS CloudFormation and AWS LambdaImmutable Deployments with AWS CloudFormation and AWS Lambda
Immutable Deployments with AWS CloudFormation and AWS Lambda
 
Terrastore - A document database for developers
Terrastore - A document database for developersTerrastore - A document database for developers
Terrastore - A document database for developers
 
Oak Lucene Indexes
Oak Lucene IndexesOak Lucene Indexes
Oak Lucene Indexes
 
AEM GEMs Session Oak Lucene Indexes
AEM GEMs Session Oak Lucene IndexesAEM GEMs Session Oak Lucene Indexes
AEM GEMs Session Oak Lucene Indexes
 
Hopping in clouds - phpuk 17
Hopping in clouds - phpuk 17Hopping in clouds - phpuk 17
Hopping in clouds - phpuk 17
 
Apache: Big Data - Starting with Apache Spark, Best Practices
Apache: Big Data - Starting with Apache Spark, Best PracticesApache: Big Data - Starting with Apache Spark, Best Practices
Apache: Big Data - Starting with Apache Spark, Best Practices
 
Terraform 0.9 + good practices
Terraform 0.9 + good practicesTerraform 0.9 + good practices
Terraform 0.9 + good practices
 
Terraform in deployment pipeline
Terraform in deployment pipelineTerraform in deployment pipeline
Terraform in deployment pipeline
 
UKOUG 2011 - Drag, Drop and other Stuff. Using your Database as a File Server
UKOUG 2011 - Drag, Drop and other Stuff. Using your Database as a File ServerUKOUG 2011 - Drag, Drop and other Stuff. Using your Database as a File Server
UKOUG 2011 - Drag, Drop and other Stuff. Using your Database as a File Server
 
Infrastructure as Code - Terraform - Devfest 2018
Infrastructure as Code - Terraform - Devfest 2018Infrastructure as Code - Terraform - Devfest 2018
Infrastructure as Code - Terraform - Devfest 2018
 
London HUG 12/4
London HUG 12/4London HUG 12/4
London HUG 12/4
 
A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices
 
Laravel intake 37 all days
Laravel intake 37 all daysLaravel intake 37 all days
Laravel intake 37 all days
 
Real-Time Spark: From Interactive Queries to Streaming
Real-Time Spark: From Interactive Queries to StreamingReal-Time Spark: From Interactive Queries to Streaming
Real-Time Spark: From Interactive Queries to Streaming
 
Declarative & workflow based infrastructure with Terraform
Declarative & workflow based infrastructure with TerraformDeclarative & workflow based infrastructure with Terraform
Declarative & workflow based infrastructure with Terraform
 
BGOUG 2012 - Drag & drop and other stuff - Using your database as a file server
BGOUG 2012 - Drag & drop and other stuff - Using your database as a file serverBGOUG 2012 - Drag & drop and other stuff - Using your database as a file server
BGOUG 2012 - Drag & drop and other stuff - Using your database as a file server
 
TIAD : Automating the modern datacenter
TIAD : Automating the modern datacenterTIAD : Automating the modern datacenter
TIAD : Automating the modern datacenter
 
DevOps Enabling Your Team
DevOps Enabling Your TeamDevOps Enabling Your Team
DevOps Enabling Your Team
 
CRESTCon Asia 2018 - Config Password Encryption Gone Wrong
CRESTCon Asia 2018 - Config Password Encryption Gone WrongCRESTCon Asia 2018 - Config Password Encryption Gone Wrong
CRESTCon Asia 2018 - Config Password Encryption Gone Wrong
 

More from Moby Project

Libnetwork updates
Libnetwork updatesLibnetwork updates
Libnetwork updatesMoby Project
 
Notary - container signing
Notary - container signingNotary - container signing
Notary - container signingMoby Project
 
Moby Summit introduction
Moby Summit introductionMoby Summit introduction
Moby Summit introductionMoby Project
 
Moby and kubernetes entitlements
Moby and kubernetes entitlementsMoby and kubernetes entitlements
Moby and kubernetes entitlementsMoby Project
 
Builder and BuildKit
Builder and BuildKitBuilder and BuildKit
Builder and BuildKitMoby Project
 
OpenWhisk and IBM cloud functions
OpenWhisk and IBM cloud functionsOpenWhisk and IBM cloud functions
OpenWhisk and IBM cloud functionsMoby Project
 
The State of containerd
The State of containerdThe State of containerd
The State of containerdMoby Project
 
LinuxKit and OpenOverlay
LinuxKit and OpenOverlayLinuxKit and OpenOverlay
LinuxKit and OpenOverlayMoby Project
 
LinuxKit Swarm Nodes
LinuxKit Swarm NodesLinuxKit Swarm Nodes
LinuxKit Swarm NodesMoby Project
 

More from Moby Project (12)

Libnetwork updates
Libnetwork updatesLibnetwork updates
Libnetwork updates
 
CRI-containerd
CRI-containerdCRI-containerd
CRI-containerd
 
FaaS-and-Furious
FaaS-and-FuriousFaaS-and-Furious
FaaS-and-Furious
 
LinuxKit
LinuxKitLinuxKit
LinuxKit
 
Notary - container signing
Notary - container signingNotary - container signing
Notary - container signing
 
Moby Summit introduction
Moby Summit introductionMoby Summit introduction
Moby Summit introduction
 
Moby and kubernetes entitlements
Moby and kubernetes entitlementsMoby and kubernetes entitlements
Moby and kubernetes entitlements
 
Builder and BuildKit
Builder and BuildKitBuilder and BuildKit
Builder and BuildKit
 
OpenWhisk and IBM cloud functions
OpenWhisk and IBM cloud functionsOpenWhisk and IBM cloud functions
OpenWhisk and IBM cloud functions
 
The State of containerd
The State of containerdThe State of containerd
The State of containerd
 
LinuxKit and OpenOverlay
LinuxKit and OpenOverlayLinuxKit and OpenOverlay
LinuxKit and OpenOverlay
 
LinuxKit Swarm Nodes
LinuxKit Swarm NodesLinuxKit Swarm Nodes
LinuxKit Swarm Nodes
 

Recently uploaded

Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 

Recently uploaded (20)

DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 

Declare your infrastructure: InfraKit, LinuxKit and Moby

  • 1. Declare Your Infrastructure InfraKit, LinuxKit, and Moby Steven Kaufer, David Freitag – IBM Cloud
  • 2. Infrakit Agenda Why Infrakit + Terraform? Terraform Instance Plugin Overview Topology Example Swarm Cluster Bootstrapping
  • 3. Why Infrakit + Terraform? Terraform - Manages declarative infrastructure (as code) - Broad platform coverage - Focuses on initial deployment Infrakit - Active monitoring - Enforcement of declarative specifications - Group abstraction
  • 4. Infrakit Terraform Instance Plugin • Each instance defined in unique tf.json file • Files built from a common instance specification with unique attributes • Update = File removal (destroy) + replacement (provision) $ ls instance-1507652020.tf.json instance-1507652021.tf.json instance-1507652022.tf.json terraform.tfstate { "resource": { "ibm_compute_vm_instance": { "instance-1507652020": { "cores": 2, "hostname": "worker-1507652020", "tags": [ "infrakit.group:workers", "name:instance-1507652020" ... } tf.json instance-1507652020.tf.json
  • 5. Topology Example Node 1 Node 2 Node 3 $ ls instance-1.tf.json instance-2.tf.json instance-2.tf.json
  • 6. Topology Example Block Storage 1 Block Storage 2 Block Storage 3 Node 1 Node 2 Node 3
  • 7. Topology Example Network File Storage Block Storage 1 Block Storage 2 Block Storage 3 Node 1 Node 2 Node 3
  • 8. Topology Example Network File Storage Block Storage 1 Block Storage 2 Block Storage 3 Node 1.1 Node 1 Node 2 Node 3
  • 9. Topology Example Network File Storage Block Storage 1 Block Storage 2 Block Storage 3 Node 1.1 Node 1 Node 2 Node 3 • Where is the block and network storage defined? • How can node x reference the related resources?
  • 10. Solution – Resource Scoping Network File Storage Block Storage 1 Block Storage 2 Block Storage 3 Node 1.1 Node 1 Node 2 Node 3 Dedicated Scope - Re-attach on rolling update Global Scope - Tied to group lifecycle
  • 11. Solution – Resource Scoping Network File Storage Block Storage 1 Block Storage 2 Block Storage 3 Node 1.1 Node 1 Node 2 Node 3 Dedicated Scope - Re-attach on rolling update Global Scope - Tied to group lifecycle
  • 12. Resource Scoping - Use @scope resource property - dedicated: Loosely coupled with VM - global: Coupled with the scope (group) { "Allocation": { "LogicalIDs": ["mgr1", "mgr2", "mgr3"] }, "Instance": { "Plugin": "instance-terraform", "Properties": { "resource": { "ibm_compute_vm_instance": { "host": {...} }, "ibm_storage_file": { "my_file_storage": { "@scope": "managers", ... } } "ibm_storage_block": { "my_block_storage": { "@scope": "@dedicated-managers", ... } }, ... $ ls instance-xxx1.tf.json instance-xxx2.tf.json instance-xxx3.tf.json managers_dedicated_mgr1.tf.json managers_dedicated_mgr2.tf.json managers_dedicated_mgr3.tf.json managers_global.tf.json @scope
  • 13. Resource Scoping Reference related resource using terraform interpolation - Predicable “type.name.attribute” path: - Global: - Dedicated quorum: - Dedicated scaler: ${ibm_storage_file.managers-my_file_storage.id} ${ibm_storage_block.workers-{{ var "/self/dedicated/attachId" }}-my_block_storage.id} <resource-type>.<scope>-[<logicalID|index>-]<given-resource-name>.<attribute> [----------------resource-name------------------] ${ibm_storage_block.managers-{{ var "/self/logicalId" }}-my_block_storage.id}
  • 15. Swarm Cluster Bootstrapping Network File Storage Mgr-1 Goals: - Infrakit running on each swarm manager - Shared terraform files on NFS - Self-healing and self-managing with leadership failover Mgr-2 Mgr-3 InfraKit
  • 16. Mgr-1 Bootstrap Flow: 1. Create seed VM in IBM Schematics SeedVM Swarm Cluster Bootstrapping
  • 17. Swarm Cluster Bootstrapping Network File Storage Mgr-1 Bootstrap Flow: 1. Create seed VM in IBM Schematics 2. Mount NFS SeedVM
  • 18. Swarm Cluster Bootstrapping Network File Storage Mgr-1 Bootstrap Flow: 1. Create seed VM in IBM Schematics 2. Mount NFS 3. Import current VM and NFS into TF and create import tf.json files SeedVM InfraKit tf.json
  • 19. Swarm Cluster Bootstrapping Network File Storage Mgr-1 Bootstrap Flow: 1. Create seed VM in IBM Schematics 2. Mount NFS 3. Import current VM and NFS into TF and create import tf.json files 4. Scale out group SeedVM Mgr-2 Mgr-3 InfraKit tf.json
  • 20. Bootstrapping Resources - Define resource(s) in plugin.config file - Imports resources into terraform state - Creates tf.json files "inproc": { "Kind": "terraform", "Options": { "ImportResources": [ { "ResourceType": "ibm_compute_vm_instance", "ResourceID": "<vm-id>" }, { "ResourceType": "ibm_storage_file", "ResourceID": "<file-storage-id>" } ] } } tf.json plugin.config plugin.config
  • 23. Resource Scoping Demo Backup # cat instance-1507834700.tf.json { "resource": { "ibm_compute_vm_instance": { "instance-1507834700": { "cores": "2", "datacenter": "dal10", "memory": "2048", "tags": [ "swarm-id:jwd0s2qozy4re26mbx0zcvj42", "infrakit.attach:workers_dedicated_1 workers_global", "name:instance-1507834700", "infrakit-link:rmncsfzc6l3f23nn", "infrakit-link-context:swarm::jwd0s2qozy4re26mbx0zcvj42::worker", "infrakit-link-created:2017-10-12t18:58:20z", "infrakit.config_sha:s3yqjs7hpijtxue5l2tbudqxq5dgkwhh", "infrakit.group:workers" ], "user_metadata": "echo NFS-ID: ${ibm_storage_file.workers-my_file_storage.id} BS-ID: ${ibm_storage_block.workers-1-my_block_storage.id} ... "
  • 24. Resource Scoping Demo Backup # infrakit group/workers describe ID LOGICAL TAGS instance-1507652020 - infrakit.attach=workers_dedicated_1,workers_global instance-1507652021 - infrakit.attach=workers_dedicated_2,workers_global instance-1507652022 - infrakit.attach=workers_dedicated_3,workers_global # terraform show ibm_compute_vm_instance.instance-1507652020: id = 41638329 tags.1986196614 = infrakit.attach:workers_dedicated_1 workers_global user_metadata = echo NFS-ID: 32062003 BS-ID: 32062011 ibm_compute_vm_instance.instance-1507652021: id = 41639325 tags.1604993140 = infrakit.attach:workers_dedicated_2 workers_global user_metadata = echo NFS-ID: 32062003 BS-ID: 32062595 ibm_compute_vm_instance.instance-1507652022: id = 41640617 tags.4056076773 = infrakit.attach:workers_dedicated_3 workers_global user_metadata = echo NFS-ID: 32062003 BS-ID: 32062597 ibm_storage_block.workers-1-my_block_storage: id = 32062011 ibm_storage_block.workers-2-my_block_storage: id = 32062595 ibm_storage_block.workers-3-my_block_storage: id = 32062597 ibm_storage_file.workers-my_file_storage: id = 32062003