11thDockerMeetupSwitzerland

Docker Meetup | container-solutions.com | info@container-solutions.com | @michmueller_
Orchestrator
comparison
11th Docker Switzerland User Group Meetup

How important is orchestration and what is it for ?
- Might not need it for small apps
- No orchestration == manual orchestration
- Manually place containers, network, scale, check, update
- Microservices | Cloud Native Applications

Design principles for Cloud Native Applications:
- Design for Performance: responsive; concurrency; efficiency
- Design for Automation: automate dev & ops tasks
- Design for Resiliency: fault-tolerant; self-healing
- Design for Elasticity: automatically scale
- Design for Delivery: short roundtrips; automated delivery
- Design for Diagnosability: cluster-wide logs, traces, metrics

Welcome to the socks shop

Microservice reference application
- Intended to help people get started with microservices
- Great for comparing frameworks etc
- Similar to "Pet Store"for Java
- ... or TodoMVC for JavaScript
Lots of implementations already
https://github.com/microservices-demo/microservices-demo/tree/master/dep
loy

Architecture

Comparing
Orchestrators

Comparing orchestrators
- All work and are improving rapidly
- Understand the differences
- Understand your requirements
- Please don't roll your own!

The players
- Kubernetes
- Mesos (different workloads)
- Docker Swarm Mode
- Plus others
- Nomad, PaaSs...

Side note - The Borg/Omega paper
- Influential papers from Google
- Lessons learnt from 10 years with containers
- Google contributed cgroups to the Linux kernel, cgroups and linux
namespaces are the heart of containers

Docker swarm mode

Swarm mode
- New in Docker 1.12
- Docker Inc's official solution
- Part of core distribution
- Major improvement over old Swarm

Core components
- Manager nodes
- coordinate via Raft
- no need for separate etcd/zookeeper
- Worker nodes

Usability
- Docker native uses concepts from single-node Docker and extends them to
the Swarm.
- If you are up to date on Docker concepts, the learning curve is fairly
gradual.
- The setup for a swarm is trivial

Easy to install
docker swarm init
Swarm initialized: current node (10vh26gyxppo6j2vyb8rcvjwj) is now a
manager.
To add a worker to this swarm, run the following command:
docker swarm join
--token
SWMTKN-1-5td5x39z8jw69aloe8aaqs26c9vf6nc7pzfepsq0xfmo9ldfk2-2747zp8w
0enbccrjmkt1o8du3
172.17.9.102:2377
To add a manager to this swarm, run 'docker swarm join-token
manager' and follow the instructions.

Secure communication by default
- TLS set up using self-signed certs
- Certificates automatically rotated

Feature Set
- Services
- Networks
- Constraints and labels
- Support of volume drivers

Services
- Services
- Set of containers that are launched and a certain number of
containers are kept running at all times.
- There are two types of services, replicated or global.
- Replicated services maintain a specified number of containers
across the cluster
- Global services run one instance of a container on each of your
swarm nodes.

Networks
- You can create named overlay networks
- Using the named overlay network you can create isolated, flat, encrypted
virtual networks across your set of nodes to launch your containers into.

- Control which node a container can be scheduled on
- E.g:
- Only nodes labeled "staging"
- Only nodes which have the image
- Only the node running a given container (affinity)
Constraints and Filters

Other features
- Spread scheduling
- chooses "least loaded" node
- more options later
- Mesh Networking

Application definition
- Apps are defined in DAB can be deployed on a Swarm cluster
- Possible to scale individual containers defined in the DAB file (manual)
Testing Swarm Mode with Sock Shop:
https://raw.githubusercontent.com/microservices-demo/microservices-demo/master/deploy/swarmk
it/start-swarmkit-services.sh

Swarm mode advantages
- Easy to install
- Secure by default
- “Bundled with Docker”

Swarm Mode disadvantages
- New
- Some Docker features unsupported (privileged,
- DAB still WIP

Kubernetes

Kubernetes
- Based on Google's experience running containers
- Bakes in various features
- Load-balancing, secret management, RBAC, …
- More opinionated

Core concepts
- Pods
- Labels
- Services
- Deployments
- ReplicaSets

Pods
- Groups of containers deployed and scheduled together
- Atomic unit
- Containers in a pod share IP address
- Single container pods are common
- Pods are ephemeral

Labels
- K/V pairs attached to objects (primarily pods)
- e.g:"version: dev","tier: frontend"
- Label selectors then used to identify groups
- Used for load-balancing etc

Services
- Stable endpoints addressed by name
- Forward traffic to pods
- Pods are selected by labels
- Round-robin load-balancing
- Separates endpoint from implementation

Deployments & ReplicaSets
- ReplicaSets monitor status of Pods
- start/stop pods as needed
- Deployments start/create ReplicaSets
- Rollout/Rollback & Updates

Usability
- Setting up a production grade Kubernetes-cluster from scratch requires
setting up etcd, networking plugins, DNS servers and certificate authorities.
- Will change pretty soon. kubeadm already existing
- Beyond initial setup, Kubernetes still has a steep learning curve

Snap to install
kubeadm init
<master/tokens> generated token: "f0c861.753c505740ecde4c"
<master/pki> created keys and certificates in "/etc/kubernetes/pki"
<util/kubeconfig> created "/etc/kubernetes/kubelet.conf"
<util/kubeconfig> created "/etc/kubernetes/admin.conf"
<master/apiclient> created API client configuration
<master/apiclient> created API client, waiting for the control plane to become ready
<master/apiclient> all control plane components are healthy after 61.346626 seconds
<master/apiclient> waiting for at least one node to register and become ready
<master/apiclient> first node is ready after 4.506807 seconds
<master/discovery> created essential addon: kube-discovery
<master/addons> created essential addon: kube-proxy
<master/addons> created essential addon: kube-dns
Kubernetes master initialised successfully!
You can connect any number of nodes by running:
kubeadm join --token <token> <master-ip>

Application Definition
- A combination of Pods, Replication Controllers, Replica Sets, Services and
Deployments
- Each application tier is defined as a pod and can be scaled when managed
by a Deployment or ReplicationController/ReplicaSet. The scaling can be
manual or automated
- Auto-scaling using a simple number-of-pods target is defined declaratively
with the API exposed by ReplicationControllers or ReplicaSets
Testing kubernetes with Sock Shop:
https://github.com/microservices-demo/microservices-demo/blob/master/dep
loy/kubernetes/complete-demo.yaml

Kubernetes Advantages
- Snap to install
- Currently limited to a single master installation
- Currently limited to a single etcd installation
- Advanced features baked-in
- Lot of momentum behind the community

Kubernetes disadvantages
- Harder to get started
- Extra concepts

Conclusion
- Different options with different strengths
- In some ways surprisingly similar (k8s deployment | Swarm service)
- Hard to predict a winner
- All are much better than rolling-your-own

11thDockerMeetupSwitzerland

More Related Content

What's hot

Viewers also liked

Similar to 11thDockerMeetupSwitzerland

Recently uploaded

11thDockerMeetupSwitzerland