Pluggable Infrastructure with CI/CD and DockerBob Killen
The docker cluster ecosystem is still young, and highly modular. This presentation covers some of the challenges we faced deciding on what infrastructure to deploy, and a few tips and tricks in making both applications and infrastructure easily adaptable.
Using Docker Containers to Improve Reproducibility in Software and Web Engine...Vincenzo Ferme
The ability to replicate and reproduce scientific results has become an increasingly important topic for many academic disciplines. In computer science and, more specifically, software and Web engineering, contributions of scientific work rely on developed algorithms, tools and prototypes, quantitative evaluations, and other computational analyses. Published code and data come with many undocumented assumptions, dependencies, and configurations that are internal knowledge and make reproducibility hard to achieve. This tutorial presents how Docker containers can overcome these issues and aid the reproducibility of research artefacts in software engineering and discusses their applications in the field.
Cite us: http://link.springer.com/chapter/10.1007/978-3-319-38791-8_58
Docker for any type of workload and any IT InfrastructureDocker, Inc.
This presentation discusses the different types of workloads typical enterprises are required to run, which use cases exist for containerizing them and how leading-edge workload orchestration can be used to deploy, run and manage the containerized workloads or various types or scale-out infrastructures, such as on-premise clusters, public clouds or hybrid clouds.
Docker Bday #5, SF Edition: Introduction to DockerDocker, Inc.
In celebration of Docker's 5th birthday in March, user groups all around the world hosted birthday events with an introduction to Docker presentation and hands-on-labs. We invited Docker users to recognize where they were on their Docker journey and the goal was to help them take the next step of their journey with the help of mentors. This presentation was done at the beginning of the events (this one is from the San Francisco event in HQ) and gives a run down of the birthday event series, Docker's momentum, a basic explanation of containers, the benefits of using the Docker platform, Docker + Kubernetes and more.
Slides from my DockerCon EU 2017 Talk.
Find the abstract below:
"In this talk, we'll discover how Docker comes to the rescue of the Ops Team, while rebuilding from scratch our monitoring infrastructure. We'll start by quickly describing the challenges, to focus on why and how using docker saved the project. From fixing dependencies and isolation issues, implementing rolling upgrades and new features hot addition, to building a completely modular, scalable and resilient infrastructure, we'll talk about why CI/CD workflows, docker tooling and Docker Swarm were the key to success."
Pluggable Infrastructure with CI/CD and DockerBob Killen
The docker cluster ecosystem is still young, and highly modular. This presentation covers some of the challenges we faced deciding on what infrastructure to deploy, and a few tips and tricks in making both applications and infrastructure easily adaptable.
Using Docker Containers to Improve Reproducibility in Software and Web Engine...Vincenzo Ferme
The ability to replicate and reproduce scientific results has become an increasingly important topic for many academic disciplines. In computer science and, more specifically, software and Web engineering, contributions of scientific work rely on developed algorithms, tools and prototypes, quantitative evaluations, and other computational analyses. Published code and data come with many undocumented assumptions, dependencies, and configurations that are internal knowledge and make reproducibility hard to achieve. This tutorial presents how Docker containers can overcome these issues and aid the reproducibility of research artefacts in software engineering and discusses their applications in the field.
Cite us: http://link.springer.com/chapter/10.1007/978-3-319-38791-8_58
Docker for any type of workload and any IT InfrastructureDocker, Inc.
This presentation discusses the different types of workloads typical enterprises are required to run, which use cases exist for containerizing them and how leading-edge workload orchestration can be used to deploy, run and manage the containerized workloads or various types or scale-out infrastructures, such as on-premise clusters, public clouds or hybrid clouds.
Docker Bday #5, SF Edition: Introduction to DockerDocker, Inc.
In celebration of Docker's 5th birthday in March, user groups all around the world hosted birthday events with an introduction to Docker presentation and hands-on-labs. We invited Docker users to recognize where they were on their Docker journey and the goal was to help them take the next step of their journey with the help of mentors. This presentation was done at the beginning of the events (this one is from the San Francisco event in HQ) and gives a run down of the birthday event series, Docker's momentum, a basic explanation of containers, the benefits of using the Docker platform, Docker + Kubernetes and more.
Slides from my DockerCon EU 2017 Talk.
Find the abstract below:
"In this talk, we'll discover how Docker comes to the rescue of the Ops Team, while rebuilding from scratch our monitoring infrastructure. We'll start by quickly describing the challenges, to focus on why and how using docker saved the project. From fixing dependencies and isolation issues, implementing rolling upgrades and new features hot addition, to building a completely modular, scalable and resilient infrastructure, we'll talk about why CI/CD workflows, docker tooling and Docker Swarm were the key to success."
Containers, OCI, CNCF, Magnum, Kuryr, and You!Daniel Krook
Presentation at the OpenStack Summit in Austin, Texas on April 28, 2016.
http://bit.ly/os-oci-cncf-ses
The technology industry has been abuzz about cloud workload containerization since the open source Docker project became a phenomenon in early 2014.
Meanwhile, an OpenStack Containers Team was formed and the Magnum project launched to provide users with a convenient Containers-as-a-Service solution for OpenStack environments.
As the potential of both technologies emerged, many wanted to see shared governance over the baseline container specification and runtime technology to ensure an open cloud ecosystem.
This past December, two new groups were launched with a goal of creating open, industry standards. The first called the Open Container Initiative (http://www.opencontainers.org), and the second called the Cloud Native Computing Foundation (http://cncf.io)
Jeffrey Borek - Program Director, Open Tech, IBM - @JeffBorek
Daniel Krook - Senior Software Engineer, IBM - @DanielKrook
Val Bercovici - Global Cloud CTO, NetApp/SolidFire - @valb00
Docker and Containers overview - Docker WorkshopJonas Rosland
Docker and Containers overview - Docker Workshop
Parth of the docker Workshop we lead, all content can be found here: https://github.com/emccode/training/tree/master/docker-workshop
All Things Containers - Docker, Kubernetes, Helm, Istio, GitOps and moreAll Things Open
Presented by: Brent Laster, SAS
Presented at All Things Open 2020
Abstract: In this workshop, students will get a quick overview of what containers are and why they form the basis for many of the key technologies that we use today in cloud environments.
We’ll explore what makes up a container and how they are managed and leveraged in key industry tooling including Docker, Kubernetes, Helm, and Istio. You’ll also learn the basics of these technologies, what they are used for, and see some simple examples of how to use them.
This workshop will include hands-on labs where you will get experience:
Building container images, running them as containers, and tagging and pushing them into a Docker repository.
Creating deployments, services, and pods for containers and instantiating and running those in Kubernetes.
Working with Helm to leverage templates for Kubernetes objects and managing releases in Kubernetes.
Working with Istio to do traffic shaping between multiple versions of your app, fault and delay injection for testing and validation in Kubernetes.
We’ll also briefly cover GitOps – the recommended Git-based way to manage infrastructure like your Kubernetes cluster.
Docker Overview - Rise of the ContainersRyan Hodgin
Containers allow for applications to become more portable, organized more efficiently, and configured to make better use of system resources. This presentation will explain Docker's container technology, DevOps approach, partner ecosystem, popularity, performance, challenges, and roadmap. We'll review how containers are changing application and operating system designs.
Webinar container management in OpenStackCREATE-NET
This webinar covers the topics of Containers in OpenStack and, in particular it offers an overview of what containers are, LXC, Docker and Kubernetes. It also includes the topic of Containers in OpenStack and the specific examples of Nova docker, Murano and Magnum. In the final part there are live Demos about the elements covered earlier.
DockerCon SF 2015: Enabling Microservices @OrbitzDocker, Inc.
The slides from Steve Hoffman and Rick Fast's presentation at DockerCon SF 2015 -
Talk Description:
In this talk we will discuss how we enabled decomposition of one of our 250+ system components into a continously deployed microservice cluster.
This includes building a standardized Docker server composed of various local companion services along side the Docker daemon including: dynamic service discovery via Consul, a log relay to a centralized Elasticsearch cluster, and forwarding/batching of Dropwizard metrics to Graphite.
Building on this we'll cover our Jenkins driven automated pipeline for building Docker images and rolling deployments via Ansible using static placement on existing infrastructure while prototyping dynamic placement using Docker + Apache Mesos.
Docker provides PODA (Package Once Deploy Anywhere) and complements WORA (Write Once Run Anywhere) provided by Java. It also helps you reduce the impedance mismatch between dev, test, and production environment and simplifies Java application deployment.
This session will explain how to:
* Run your first Java application with Docker
* Package your Java application with Docker
* Share your Java application using Docker Hub
* Deploy your Java application using Maven
* Deploy your application using Docker for AWS
* Scale Java services with Docker Engine swarm mode
* Package your multi-container application and use service discovery
* Monitor your Docker + Java applications
* Build a deployment pipeline using common tools
What’s the key to successfully adopting microservices on Kubernetes?
Building a development workflow that helps developers code faster.
In this webinar, we introduce the principles of a cloud-native development workflow where individual teams build and ship software independently from each other.
Back to the Future: Containerize Legacy ApplicationsDocker, Inc.
People typically think of Docker for microservices and try to make the smallest container they can. There are tremendous benefits to a microservices model but those are not the only apps that qualify for containers. Traditional, homegrown, monolithic apps are also great candidates for Docker - why? By containerizing these apps, many of the same agility, portability, security and cost savings benefits can be applied to the hundreds (if not thousands) of apps in your datacenters. But where to begin? Attend this session to learn how to approach modernizing traditional apps (MTA), considerations, the available tools and possibilities.
Docker 101 - High level introduction to dockerDr Ganesh Iyer
This deck will help you understand the basics of Docker. It introduces dockers and containers, gives a comparison with virtualization and gives some getting started guides.
DevOps Days Boston 2017: Developer first workflows for KubernetesAmbassador Labs
Kubernetes is a powerful, operational platform for containerized applications. However, the developer workflow on Kubernetes – how you code, deploy, update, and monitor your services – is much less mature.
How should you lay out your Git repo? How do you create loosely coupled services? How do you support deploying your service at any time?
In this talk, we’ll talk about these questions and more. We’ll discuss the journey towards a rapid development workflow, discuss best practices, and, talk about the process we followed to get to a rapid development workflow.
DevOps Days Boston 2017
Containers, OCI, CNCF, Magnum, Kuryr, and You!Daniel Krook
Presentation at the OpenStack Summit in Austin, Texas on April 28, 2016.
http://bit.ly/os-oci-cncf-ses
The technology industry has been abuzz about cloud workload containerization since the open source Docker project became a phenomenon in early 2014.
Meanwhile, an OpenStack Containers Team was formed and the Magnum project launched to provide users with a convenient Containers-as-a-Service solution for OpenStack environments.
As the potential of both technologies emerged, many wanted to see shared governance over the baseline container specification and runtime technology to ensure an open cloud ecosystem.
This past December, two new groups were launched with a goal of creating open, industry standards. The first called the Open Container Initiative (http://www.opencontainers.org), and the second called the Cloud Native Computing Foundation (http://cncf.io)
Jeffrey Borek - Program Director, Open Tech, IBM - @JeffBorek
Daniel Krook - Senior Software Engineer, IBM - @DanielKrook
Val Bercovici - Global Cloud CTO, NetApp/SolidFire - @valb00
Docker and Containers overview - Docker WorkshopJonas Rosland
Docker and Containers overview - Docker Workshop
Parth of the docker Workshop we lead, all content can be found here: https://github.com/emccode/training/tree/master/docker-workshop
All Things Containers - Docker, Kubernetes, Helm, Istio, GitOps and moreAll Things Open
Presented by: Brent Laster, SAS
Presented at All Things Open 2020
Abstract: In this workshop, students will get a quick overview of what containers are and why they form the basis for many of the key technologies that we use today in cloud environments.
We’ll explore what makes up a container and how they are managed and leveraged in key industry tooling including Docker, Kubernetes, Helm, and Istio. You’ll also learn the basics of these technologies, what they are used for, and see some simple examples of how to use them.
This workshop will include hands-on labs where you will get experience:
Building container images, running them as containers, and tagging and pushing them into a Docker repository.
Creating deployments, services, and pods for containers and instantiating and running those in Kubernetes.
Working with Helm to leverage templates for Kubernetes objects and managing releases in Kubernetes.
Working with Istio to do traffic shaping between multiple versions of your app, fault and delay injection for testing and validation in Kubernetes.
We’ll also briefly cover GitOps – the recommended Git-based way to manage infrastructure like your Kubernetes cluster.
Docker Overview - Rise of the ContainersRyan Hodgin
Containers allow for applications to become more portable, organized more efficiently, and configured to make better use of system resources. This presentation will explain Docker's container technology, DevOps approach, partner ecosystem, popularity, performance, challenges, and roadmap. We'll review how containers are changing application and operating system designs.
Webinar container management in OpenStackCREATE-NET
This webinar covers the topics of Containers in OpenStack and, in particular it offers an overview of what containers are, LXC, Docker and Kubernetes. It also includes the topic of Containers in OpenStack and the specific examples of Nova docker, Murano and Magnum. In the final part there are live Demos about the elements covered earlier.
DockerCon SF 2015: Enabling Microservices @OrbitzDocker, Inc.
The slides from Steve Hoffman and Rick Fast's presentation at DockerCon SF 2015 -
Talk Description:
In this talk we will discuss how we enabled decomposition of one of our 250+ system components into a continously deployed microservice cluster.
This includes building a standardized Docker server composed of various local companion services along side the Docker daemon including: dynamic service discovery via Consul, a log relay to a centralized Elasticsearch cluster, and forwarding/batching of Dropwizard metrics to Graphite.
Building on this we'll cover our Jenkins driven automated pipeline for building Docker images and rolling deployments via Ansible using static placement on existing infrastructure while prototyping dynamic placement using Docker + Apache Mesos.
Docker provides PODA (Package Once Deploy Anywhere) and complements WORA (Write Once Run Anywhere) provided by Java. It also helps you reduce the impedance mismatch between dev, test, and production environment and simplifies Java application deployment.
This session will explain how to:
* Run your first Java application with Docker
* Package your Java application with Docker
* Share your Java application using Docker Hub
* Deploy your Java application using Maven
* Deploy your application using Docker for AWS
* Scale Java services with Docker Engine swarm mode
* Package your multi-container application and use service discovery
* Monitor your Docker + Java applications
* Build a deployment pipeline using common tools
What’s the key to successfully adopting microservices on Kubernetes?
Building a development workflow that helps developers code faster.
In this webinar, we introduce the principles of a cloud-native development workflow where individual teams build and ship software independently from each other.
Back to the Future: Containerize Legacy ApplicationsDocker, Inc.
People typically think of Docker for microservices and try to make the smallest container they can. There are tremendous benefits to a microservices model but those are not the only apps that qualify for containers. Traditional, homegrown, monolithic apps are also great candidates for Docker - why? By containerizing these apps, many of the same agility, portability, security and cost savings benefits can be applied to the hundreds (if not thousands) of apps in your datacenters. But where to begin? Attend this session to learn how to approach modernizing traditional apps (MTA), considerations, the available tools and possibilities.
Docker 101 - High level introduction to dockerDr Ganesh Iyer
This deck will help you understand the basics of Docker. It introduces dockers and containers, gives a comparison with virtualization and gives some getting started guides.
DevOps Days Boston 2017: Developer first workflows for KubernetesAmbassador Labs
Kubernetes is a powerful, operational platform for containerized applications. However, the developer workflow on Kubernetes – how you code, deploy, update, and monitor your services – is much less mature.
How should you lay out your Git repo? How do you create loosely coupled services? How do you support deploying your service at any time?
In this talk, we’ll talk about these questions and more. We’ll discuss the journey towards a rapid development workflow, discuss best practices, and, talk about the process we followed to get to a rapid development workflow.
DevOps Days Boston 2017
Microservices: What's Missing - O'Reilly Software Architecture New YorkAdrian Cockcroft
Assuming you have already figured out microservices, what else do you need to figure out to get them to work properly. This talk skips my usual introduction to why and what, and goes deeper on how.
Microservices, Kubernetes and Istio - A Great Fit!Animesh Singh
Microservices and containers are now influencing application design and deployment patterns. Sixty percent of all new applications will use cloud-enabled continuous delivery microservice architectures and containers. Service discovery, registration, and routing are fundamental tenets of microservices. Kubernetes provides a platform for running microservices. Kubernetes can be used to automate the deployment of Microservices and leverage features such as Kube-DNS, Config Maps, and Ingress service for managing those microservices. This configuration works fine for deployments up to a certain size. However, with complex deployments consisting of a large fleet of microservices, additional features are required to augment Kubernetes.
Kubernetes Architecture - beyond a black box - Part 2Hao H. Zhang
This continues the Kubernetes architecture deep dive series. (Part 1 see https://www.slideshare.net/harryzhang735/kubernetes-beyond-a-black-box-part-1)
In Part 2 I'm going to cover the following:
- Kubernetes's 3 most import design choices: Micro-service Choreography, Level-Triggered Control, Generalized Workload and Centralized Controller
- Default scheduler limitation and community's next step
- Interface to production environment
- Workload abstraction: strength and limitations
This concludes my work and knowledge sharing about Kubernetes.
Webcast - Making kubernetes production readyApplatix
Slides from our techical webcast where Harry Zhang and Abhinav Das discuss the problems the Applatix engineering team ran into in building large-scale production apps on Kubernetes and our resulting solutions, tips, and settings to resolve them. Full youtube video of webcast at https://www.youtube.com/watch?v=tbD6Rcm2sI8&spfreload=5
An introduction to Kubernetes and a look at how it leverages AWS IaaS features to provide its own virtual clustering, and demonstration of some of the behaviour inside the cluster that makes Kubernetes a popular choice for microservice deployments.
Kubernetes Architecture - beyond a black box - Part 1Hao H. Zhang
This is part 1 of my Kubernetes architecture deep-dive slide series.
I have been working with Kubernetes for more than a year, from v1.3.6 to v1.6.7, and I am a CNCF certified Kubernetes administrator. Before I move on to something else, I would like to summarize and share my knowledges and take-aways about Kubernetes, from a software engineer perspective.
This set of slides is a humble dig into one level below your running application in production, revealing how different components of Kubernetes work together to orchestrate containers and present your applications to the rest of the world.
The slides contains 80+ external links to Kubernetes documentations, blog posts, Github issues, discussions, design proposals, pull requests, papers, source code files I went through when I was working with Kubernetes - which I think are valuable for people to understand how Kubernetes works, Kubernetes design philosophies and why these design came into places.
Kubernetes has been a key component for many companies to reduce technical debt in infrastructure by:
• Fostering the Adoption of Docker
• Simplifying Container Management
• Onboarding Developers On Infrastructure
• Unlocking Continuous Integration and Delivery
During this meetup we are going to discuss the following topics and share some best practices
• What's new with Kubernetes 1.3
• Generate Cluster Configuration using CloudFormation
• Deploy Kubernetes Clusters on AWS
• Scaling the Cluster
• Integrating Ingress with Elastic Load Balancer
• Using Internal ELB's as Kubernetes' Service
• Using EBS for persistent volumes
• Integrating Route53
Large Scale Kubernetes on AWS at Europe's Leading Online Fashion Platform - A...Henning Jacobs
Bootstrapping a Kubernetes cluster is easy, rolling it out to nearly 200 engineering teams and operating it at scale is a challenge.
In this talk, we are presenting our approach to Kubernetes provisioning on AWS, operations and developer experience for our growing Zalando Technology department. We will highlight in the context of Kubernetes: AWS service integrations, our IAM/OAuth infrastructure, cluster autoscaling, continuous delivery and general developer experience. The talk will cover our most important learnings and we will openly share failure stories.
Presented on 2017-09-28 at AWS Tech Community Days in Cologne.
Kubernetes on AWS at Europe's Leading Online Fashion PlatformHenning Jacobs
Henning Jacobs is a Kubernetes on AWS Hacker at Zalando Tech. His talk briefly covers our learnings in Zalando Tech while running Kubernetes on AWS in production.
Topics include:
- Cluster provisioning,
- AWS integration,
- Ingress,
- Cluster autoscaling,
- OAuth/IAM and
- Operations/monitoring.
https://www.meetup.com/Zalando-Tech-Events-Berlin/events/238212872/
The attached is a summary of terms, description of constructs, integration alternatives and more in the networking world of Kubernetes, Openshift and AWS
Beyond Ingresses - Better Traffic Management in KubernetesMark McBride
Kubernetes makes deploying code easy, but conflating deploys and releases is risky. Using smarter proxies you can dramatically reduce the risk of a release, which in turn helps you ship code to customers faster.
Just about all of my current technical content in one 364 slide mega-deck. Source files at https://github.com/adrianco/slides
Sections on:
Scene Setting
State of the Cloud
What Changes?
Product Processes
Microservices
State of the Art
Segmentation
What’s Missing?
Monitoring
Challenges
Migration
Response Times
Serverless
Lock-In
Teraservices
Wrap-Up
Microservices are small services with independent lifecycles that work together. There is an underlying tension in that definition – how independent can you be when you have to be part of a whole? I’ve spent much of the last couple of years trying to understand how to find the right balance, and in this talk/tutorial I’ll be presenting the core seven principles that I think represent what makes microservices tick.
After a brief introduction of what microservices are and why they are important, we’ll spend the bulk of the time looking at the principles themselves, wherever possible covering real-world examples and technology:
- Modelled around business domain – using techniques from domain-driven design to find service boundaries leads to better team alignment and more stable service boundaries, avoiding expensive cross-service changes.
- Culture of automation – all organisations that use microservices at scale have strong cultures of automation. We’ll look at some of their stories and think about which sort of automation is key.
- Hide implementation details – how do you hide the detail inside each service to avoid coupling, and ensure each service retains its autonomous nature?
- Decentralize all the things! – we have to push power down as far as we can, and this goes for both the system and organisational architecture. We’ll look at everything from autonomous self-contained teams and internal open source, to using choreographed systems to handle long-lived business transactions.
- Deploy independently – this is all about being able to deploy safely. So we’ll cover everything from deployment models to consumer-driven contracts and the importance of separating deployment from release.
- Isolate failure – just making a system distributed doesn’t make it more stable than a monolithic application. So what do you need to look for?
- Highly observable – we need to understand the health of a single service, but also the whole ecosystem. How?
In terms of learning outcomes, beginners will get a sense of what microservices are and what makes them different, whereas more experienced practitioners will get insight and practical advice into how to implement them.
Top 5 Deep Learning and AI Stories - October 6, 2017NVIDIA
Read this week's top 5 news updates in deep learning and AI: Gartner predicts top 10 strategic technology trends for 2018; Oracle adds GPU Accelerated Computing to Oracle Cloud Infrastructure; chemistry and physics Nobel Prizes are awarded to teams supported by GPUs; MIT uses deep learning to help guide decisions in ICU; and portfolio management firms are using AI to seek alpha.
This presentation gives a brief understanding of docker architecture, explains what docker is not, followed by a description of basic commands and explains CD/CI as an application of docker.
docker : how to deploy Digital Experience in a container drinking a cup of co...Matteo Bisi
This was my session @ IconUK 2016. We was talking about docker and ibm and giving some tips to use it and build it your own container with ibm social collaboration software
.docker : How to deploy Digital Experience in a container, drinking a cup of ...ICON UK EVENTS Limited
Matteo Bisi / Factor-y srl
Andrea Fontana / SOWRE SA
Docker is one of best technologies available on market to install and run and deploy application fastest , securely like never before. In this session you will see how to deploy a complete digital experience inside containers that will enable you to deploy a Portal drinking a cup of coffee. We will start from a deep overview of docker: what is docker, where you can find that, what is a container and why you should use container instead a complete Virtual Machine. After the overview we will enter inside how install IBM software inside a container using docker files that will run the setup using silent setup script. At last part we will talk about possible use of this configuration in real work scenario like staging or development environment or in WebSphere Portal farm setup.
Docker is in all the news and this talk presents you the technology and shows you how to leverage it to build your applications according to the 12 factor application model.
Accelerate your software development with DockerAndrey Hristov
Docker is in all the news and this talk presents you the technology and shows you how to leverage it to build your applications according to the 12 factor application model.
This presentation by Andrew Aslinger discusses best practices and pitfalls of integrating Docker into Continuous Delivery Pipelines. Learn how Andrew and his team used Docker to replace Chef to simplify their development and migration processes.
PuppetConf 2017: What’s in the Box?!- Leveraging Puppet Enterprise & Docker- ...Puppet
“Docker, Docker, Docker.” It’s a phrase we hear often, but what are containers, what can they be used for, and why should you know more about them? In this session, Grace (Puppet) and Tricia (AppDynamics) will introduce attendees to Docker and help them build and deploy their first container with Puppet. They will leverage the docker_image_build module from the Puppet Forge and take attendees through the proper workflow for coupling Docker and Puppet together. The session will focus on how to use some of the newest Docker features, such as multi-stage build files and password stores within Docker so you can pass "secrets" to a swarm for login credentials. The goal is to provide newcomers with a working proficiency of how to get started deploying containers using Puppet as their automation tool.
Containers, Docker, and Microservices: the Terrific TrioJérôme Petazzoni
One of the upsides of Microservices is the ability to deploy often,at arbitrary schedules, and independently of other services, instead of requiring synchronized deployments happening on a fixed time.
But to really leverage this advantage, we need fast, efficient, and reliable deployment processes. That's one of the value propositions of Containers in general, and Docker in particular.
Docker offers a new, lightweight approach to application portability.It can build applications using easy-to-write, repeatable, efficient recipes; then it can ship them across environments using a common container format; and it can run them within isolated namespaces which abstract the operating environment, independently of the distribution,versions, network setup, and other details of this environment.
But Docker can do way more than deploy your apps. Docker also enables you to generalize Microservices principles and apply them on operational tasks like logging, remote access, backups, and troubleshooting.This decoupling results in independent, smaller, simpler moving parts.
DCEU 18: Building Your Development PipelineDocker, Inc.
Oliver Pomeroy - Solution Engineer, Docker
Laura Frank Tacho - Director of Engineering, CloudBees
Enterprises often want to provide automation and standardisation on top of their container platform, using a pipeline to build and deploy their containerized applications. However this opens up new challenges… Do I have to build a new CI/CD Stack? Can I build my CI/CD pipeline with Kubernetes orchestration? What should my build agents look like? How do I integrate my pipeline into my enterprise container registry? In this session full of examples and “how-to”s, Olly and Laura will guide you through common situations and decisions related to your pipelines. We’ll cover building minimal images, scanning and signing images, and give examples on how to enforce compliance standards and best practices across your teams.
Building Microservice Systems Without Cooking Your Laptop: Going “Remocal” wi...Ambassador Labs
When you adopt microservices, containers, and cloud native development, the technologies and architectures may change, but the need for fast feedback doesn’t. Kubernetes enables us to deploy and run applications at scale, but whether you’re coding or testing applications, you want to be able to get work done quickly without spinning up all of your microservices locally and driving your laptop fans into high speed!
Join me for a tour of coding, testing, and shipping microservices using remote-to-local “remocal” tools and techniques. You will:
Understand the challenges with scaling container-based application development – i.e. you can only run so many microservices locally before minikube melts your laptop.
Learn when to use various types of development practices and tooling based on your use case and requirements for production realism, speed, and practicality.
Explore how to utilize containerized dependencies and Docker for testing, including for both apps and services you own and those you don’t.
Learn how Telepresence can enable “remocal” development, expanding your local machine and Docker Desktop out into a remote Kubernetes cluster.
Ship Week 1: Intro to Continuous Delivery and GitOps
When building cloud native applications, software developers are no longer just responsible for coding new features. In the next module of Summer of Kubernetes, our expert guides (with the help of some special guests) will cover how to safely and effectively ship software without disrupting end users. To do this you will:
✅ Understand the basics of continuous delivery and GitOps
✅ Learn about how K8s enables declarative CD (via the use of reconciliation loops)
At GOTO Amsterdam in 2019 I presented how to create an effective cloud native developer workflow. Two years later and many new developer technologies have come and gone, but I still hear daily from cloud developers about the pain and friction associated with building, debugging, and deploying to the cloud. In this talk I'll share my latest learning on how to bring the fun and productivity back into delivering Kubernetes-based software.
In this talk, you will:
- Learn why the core tenets of continuous delivery -- speed and safety -- must be considered in all parts of the cloud native SDLC
- Explore how cloud native coding benefits from thinking separately about the inner development loop, continuous integration, continuous deployment, observability, and analysis
- Understand how cloud native best practices and tooling fit together. Learn about artifact syncing (e.g. Skaffold), dev environment bridging (e.g. Telepresence), GitOps (e.g. Argo), and observability-focused monitoring (e.g. Prometheus, Jaeger)
- Explore the importance of cultivating an effective cloud platform and associated team of experts
- Walk away with an overview of tools that can help you develop and debug effectively when using Kubernetes
Webinar: Accelerate Your Inner Dev Loop for Kubernetes Services Ambassador Labs
Many turn to static duplicate dev environments to shorten the dev loop and isolate code tests, but those bring about additional issues. The idea of safely sharing a dev environment and seeing your code changes in action immediately before sharing them probably seems impossible.
Service Preview, powered by Telepresence and the Ambassador Edge Stack, is here to help! This capability enables you to preview changes immediately and test locally with your tool of choice, while sharing a development cluster.
In this 45-minute webinar, Abhay Saxena will demonstrate using Service Preview to have a fast inner development loop while fixing a bug in a microservice, including stepping through the code in a debugger while other developers continue working unaffected.
[Confoo Montreal 2020] From Grief to Growth: The 7 Stages of Observability - ...Ambassador Labs
In this case-study talk, we will share Brent’s journey through the adoption of modern observability practices as he operated an architecture of distributed services. Facing difficulties using application logs as the primary tool to debug performance and reliability issues? Learn how to improve your company toolkit and engineering habits using existing monitoring tools with the addition of distributed tracing.
https://confoo.ca/en/yul2020/session/from-grief-to-growth-the-7-stages-of-observability
[Confoo Montreal 2020] Build Your Own Serverless with Knative - Alex GervaisAmbassador Labs
Google Cloud Run’s use of Knative introduced a portable Serverless solution built on top of Kubernetes. In this talk, we’ll recap the basic guidelines, use cases, and benefits of a Serverless architecture. Getting up and started, you will learn to take advantage of containers and the Ambassador API Gateway to serve event-driven application workloads and save costs using your existing Kubernetes resources.
https://confoo.ca/en/yul2020/session/build-your-own-serverless-with-knative
[QCon London 2020] The Future of Cloud Native API Gateways - Richard LiAmbassador Labs
The introduction of microservices, Kubernetes, and cloud technology has provided many benefits for developers. However, the age-old problem of getting user traffic routed correctly to the API of your backend applications can still be an issue, and may be complicated with the adoption of cloud native approaches: applications are now composed of multiple (micro)services that are built and released by independent teams; the underlying infrastructure is dynamically changing; services support multiple protocols, from HTTP/JSON to WebSockets and gRPC, and more; and many API endpoints require custom configuration of cross-cutting concerns, such as authn/z, rate limiting, and retry policies.
A cloud native API gateway is on the critical path of all requests, and also on the critical path for the workflow of any developer that is releasing functionality. Join this session to learn about the underlying technology and the required changes in engineering workflows. Key takeaways will include:
A brief overview of the evolution of API gateways over the past ten years, and how the original problems being solved have shifted in relation to cloud native technologies and workflow
Two important challenges when using an API gateway within Kubernetes: scaling the developer workflow; and supporting multiple architecture styles and protocols
Strategies for exposing Kubernetes services and APIs at the edge of your system
Insight into the (potential) future of cloud native API gateways
https://qconlondon.com/london2020/presentation/future-cloud-native-api-gateways
What's New in the Ambassador Edge Stack 1.0? Ambassador Labs
Before Kubernetes, the boundary between your users and your monolithic application was simple to manage. Now with Kubernetes, managing the edge has become dynamic and complex. More developers are involved, there are exponentially more edge operations, and each microservice has diverse requirements.
To fully capitalize on the benefits of Kubernetes, you need to provide a solution that supports the autonomy of application developers, the various requirements of your microservices, and your ability to scale.
You no longer need an API Gateway - you need a self-service, comprehensive edge stack.
In this 40 minute webinar on January 30th, we will discuss and demo the new functionality available with the Ambassador Edge Stack.
Edge Policy Console- graphical UI to visualize and manage all of your edge policies
Security Features- automatic TLS setup via ACME integration, OAuth/OpenID Connect integration, rate limiting, and fine-grained access control
Developer Onboarding- API catalog, Swagger/OpenAPI documentation support, and a fully customizable developer portal
Webinar: Effective Management of APIs and the Edge when Adopting Kubernetes Ambassador Labs
As you adopt Kubernetes, the requirements for your edge change. You now have teams working on multiple services all with different requirements. How can you make sure your edge is Kubernetes-ready?
[KubeCon NA 2018] Telepresence Deep Dive Session - Rafael Schloming & Luke Sh...Ambassador Labs
One of the challenges facing Telepresence is growing the contributor community. It’s a complex application that requires a good understanding of OS networking, VPNs, Kubernetes, and everything in between. We’ll kick off this meeting with a general architectural overview of Telepresence. We’ll talk about how we’ve managed the project to date, and our investments to make it easier. We want to then turn it over for an interactive discussion with participants to see what we can do to make it easier to contribute and grow the Telepresence community.
[KubeCon NA 2018] Effective Kubernetes Develop: Turbocharge Your Dev Loop - P...Ambassador Labs
Every software development cycle is rife with inefficiency. Seasoned devs know the pain of getting access to essential remote systems, waiting for tests to run (and then fail), or debugging with only log files. This talk teaches you how to best leverage Kubernetes, remote infrastructure and related tooling to create a dev cycle that maximizes velocity and minimizes developer friction and frustration.
Using tools such as Kubernetes, Docker and Telepresence, I will walk attendees through several advanced techniques that can be used to produce an effective developer experience and optimized dev loop. The goal of this is to eliminate many sources of frustrating inefficiency and reduce cycle time between releases. I will demonstrate how to incrementally adopt some of these techniques and how to approach introducing new and unfamiliar technology and techniques to skeptical dev teams.
The rise of Layer 7, microservices, and the proxy war with Envoy, NGINX, and ...Ambassador Labs
Modern cloud applications today are built as distributed microservices. These microservices talk to each other over L7 protocols: HTTP, gRPC, Redis, Kafka, and more. In this world, L7 proxies have assumed a crucial role in managing and observing L7 protocols. In this talk, I’ll discuss the evolution of service architectures, the role L7 proxies play in this world, and how there is now a battle raging between Envoy Proxy, HAProxy, and NGINX. I’ll wrap by talking about why we chose Envoy Proxy as the anchor of our Ambassador API Gateway and show how that has enabled a number of new capabilities.
The Simply Complex Task of Implementing Kubernetes Ingress - Velocity NYCAmbassador Labs
Getting traffic into a Kubernetes cluster should be simple, but it’s not. Richard Li explains how software architectures have evolved to take advantage of Kubernetes and discusses the implications that these changes have on ingress. Richard then covers some of the nuances of modern ingress, including authentication, resilience, and observability at the edge, explores how Kubernetes handles ingress today, with NodePorts, LoadBalancers, and ingress controllers, and shares his experience and lessons learned from using several real-world implementations of ingress on Kubernetes.
KubeCon NA 2017: Ambassador and Envoy (Envoy Salon)Ambassador Labs
Ambassador is an open source Kubernetes-native API Gateway built on the Envoy proxy. We talked about why and how we built Ambassador during the Envoy salon at KubeCon.
QCon SF 2017 - Microservices: Service-Oriented DevelopmentAmbassador Labs
Conventional wisdom is that microservices is an architecture that is the spiritual successor to service-oriented architecture. While true, this myopic view of microservices ignores some of the profound workflow shifts in today’s microservices organizations.
The reality is that microservices is an architecture _and_ workflow. In this talk, we’ll introduce the workflow of service-oriented development. Rafael will talk about how the real goal of microservices is to break up a monolithic development workflow. We’ll show you how, by breaking up your workflow, you can build software that lets you move fast and make things.
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptxrickgrimesss22
Discover the essential features to incorporate in your Winzo clone app to boost business growth, enhance user engagement, and drive revenue. Learn how to create a compelling gaming experience that stands out in the competitive market.
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERRORTier1 app
Even though at surface level ‘java.lang.OutOfMemoryError’ appears as one single error; underlyingly there are 9 types of OutOfMemoryError. Each type of OutOfMemoryError has different causes, diagnosis approaches and solutions. This session equips you with the knowledge, tools, and techniques needed to troubleshoot and conquer OutOfMemoryError in all its forms, ensuring smoother, more efficient Java applications.
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...Anthony Dahanne
Les Buildpacks existent depuis plus de 10 ans ! D’abord, ils étaient utilisés pour détecter et construire une application avant de la déployer sur certains PaaS. Ensuite, nous avons pu créer des images Docker (OCI) avec leur dernière génération, les Cloud Native Buildpacks (CNCF en incubation). Sont-ils une bonne alternative au Dockerfile ? Que sont les buildpacks Paketo ? Quelles communautés les soutiennent et comment ?
Venez le découvrir lors de cette session ignite
Enhancing Research Orchestration Capabilities at ORNL.pdfGlobus
Cross-facility research orchestration comes with ever-changing constraints regarding the availability and suitability of various compute and data resources. In short, a flexible data and processing fabric is needed to enable the dynamic redirection of data and compute tasks throughout the lifecycle of an experiment. In this talk, we illustrate how we easily leveraged Globus services to instrument the ACE research testbed at the Oak Ridge Leadership Computing Facility with flexible data and task orchestration capabilities.
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamtakuyayamamoto1800
In this slide, we show the simulation example and the way to compile this solver.
In this solver, the Helmholtz equation can be solved by helmholtzFoam. Also, the Helmholtz equation with uniformly dispersed bubbles can be simulated by helmholtzBubbleFoam.
Understanding Globus Data Transfers with NetSageGlobus
NetSage is an open privacy-aware network measurement, analysis, and visualization service designed to help end-users visualize and reason about large data transfers. NetSage traditionally has used a combination of passive measurements, including SNMP and flow data, as well as active measurements, mainly perfSONAR, to provide longitudinal network performance data visualization. It has been deployed by dozens of networks world wide, and is supported domestically by the Engagement and Performance Operations Center (EPOC), NSF #2328479. We have recently expanded the NetSage data sources to include logs for Globus data transfers, following the same privacy-preserving approach as for Flow data. Using the logs for the Texas Advanced Computing Center (TACC) as an example, this talk will walk through several different example use cases that NetSage can answer, including: Who is using Globus to share data with my institution, and what kind of performance are they able to achieve? How many transfers has Globus supported for us? Which sites are we sharing the most data with, and how is that changing over time? How is my site using Globus to move data internally, and what kind of performance do we see for those transfers? What percentage of data transfers at my institution used Globus, and how did the overall data transfer performance compare to the Globus users?
top nidhi software solution freedownloadvrstrong314
This presentation emphasizes the importance of data security and legal compliance for Nidhi companies in India. It highlights how online Nidhi software solutions, like Vector Nidhi Software, offer advanced features tailored to these needs. Key aspects include encryption, access controls, and audit trails to ensure data security. The software complies with regulatory guidelines from the MCA and RBI and adheres to Nidhi Rules, 2014. With customizable, user-friendly interfaces and real-time features, these Nidhi software solutions enhance efficiency, support growth, and provide exceptional member services. The presentation concludes with contact information for further inquiries.
Enhancing Project Management Efficiency_ Leveraging AI Tools like ChatGPT.pdfJay Das
With the advent of artificial intelligence or AI tools, project management processes are undergoing a transformative shift. By using tools like ChatGPT, and Bard organizations can empower their leaders and managers to plan, execute, and monitor projects more effectively.
Enterprise Resource Planning System includes various modules that reduce any business's workload. Additionally, it organizes the workflows, which drives towards enhancing productivity. Here are a detailed explanation of the ERP modules. Going through the points will help you understand how the software is changing the work dynamics.
To know more details here: https://blogs.nyggs.com/nyggs/enterprise-resource-planning-erp-system-modules/
Exploring Innovations in Data Repository Solutions - Insights from the U.S. G...Globus
The U.S. Geological Survey (USGS) has made substantial investments in meeting evolving scientific, technical, and policy driven demands on storing, managing, and delivering data. As these demands continue to grow in complexity and scale, the USGS must continue to explore innovative solutions to improve its management, curation, sharing, delivering, and preservation approaches for large-scale research data. Supporting these needs, the USGS has partnered with the University of Chicago-Globus to research and develop advanced repository components and workflows leveraging its current investment in Globus. The primary outcome of this partnership includes the development of a prototype enterprise repository, driven by USGS Data Release requirements, through exploration and implementation of the entire suite of the Globus platform offerings, including Globus Flow, Globus Auth, Globus Transfer, and Globus Search. This presentation will provide insights into this research partnership, introduce the unique requirements and challenges being addressed and provide relevant project progress.
May Marketo Masterclass, London MUG May 22 2024.pdfAdele Miller
Can't make Adobe Summit in Vegas? No sweat because the EMEA Marketo Engage Champions are coming to London to share their Summit sessions, insights and more!
This is a MUG with a twist you don't want to miss.
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...Mind IT Systems
Healthcare providers often struggle with the complexities of chronic conditions and remote patient monitoring, as each patient requires personalized care and ongoing monitoring. Off-the-shelf solutions may not meet these diverse needs, leading to inefficiencies and gaps in care. It’s here, custom healthcare software offers a tailored solution, ensuring improved care and effectiveness.
SOCRadar Research Team: Latest Activities of IntelBrokerSOCRadar
The European Union Agency for Law Enforcement Cooperation (Europol) has suffered an alleged data breach after a notorious threat actor claimed to have exfiltrated data from its systems. Infamous data leaker IntelBroker posted on the even more infamous BreachForums hacking forum, saying that Europol suffered a data breach this month.
The alleged breach affected Europol agencies CCSE, EC3, Europol Platform for Experts, Law Enforcement Forum, and SIRIUS. Infiltration of these entities can disrupt ongoing investigations and compromise sensitive intelligence shared among international law enforcement agencies.
However, this is neither the first nor the last activity of IntekBroker. We have compiled for you what happened in the last few days. To track such hacker activities on dark web sources like hacker forums, private Telegram channels, and other hidden platforms where cyber threats often originate, you can check SOCRadar’s Dark Web News.
Stay Informed on Threat Actors’ Activity on the Dark Web with SOCRadar!
Experience our free, in-depth three-part Tendenci Platform Corporate Membership Management workshop series! In Session 1 on May 14th, 2024, we began with an Introduction and Setup, mastering the configuration of your Corporate Membership Module settings to establish membership types, applications, and more. Then, on May 16th, 2024, in Session 2, we focused on binding individual members to a Corporate Membership and Corporate Reps, teaching you how to add individual members and assign Corporate Representatives to manage dues, renewals, and associated members. Finally, on May 28th, 2024, in Session 3, we covered questions and concerns, addressing any queries or issues you may have.
For more Tendenci AMS events, check out www.tendenci.com/events
A Comprehensive Look at Generative AI in Retail App Testing.pdfkalichargn70th171
Traditional software testing methods are being challenged in retail, where customer expectations and technological advancements continually shape the landscape. Enter generative AI—a transformative subset of artificial intelligence technologies poised to revolutionize software testing.
2. datawire.io | https://d6e.co/2hZ0MQv
Before we begin ...
● You’re running latest version of Docker on your laptop
● You’ve created an account on hub.docker.com
● You’ve set up a working environment (we’ve pre-installed everything for you)
○ Ubuntu Docker image
○ git clone https://github.com/datawire/shopbox
○ cd shopbox
○ ./shopbox.sh
● You’ve downloaded some key Docker images
○ docker pull datawire/ambassador-envoy
○ docker pull prom/prometheus
○ docker pull python:3-alpine
● You have your favorite terminal & text editor ready to go!
Go to the presentation here: https://d6e.co/2hZ0MQv
2
3. datawire.io | https://d6e.co/2hZ0MQv
About us
● Worked on microservices for past 2.5 years, both with our own cloud services and
with consulting
● Datawire builds open source tools for developers building microservices, based on
our own experiences
● Run microservices.com, which has talks from dozens of practitioners on
microservices
3
4. datawire.io | https://d6e.co/2hZ0MQv
Introduction: Microservices,
Kubernetes, Docker, Envoy
20 minutes Presentation
Core Concepts of Docker &
Kubernetes
70 minutes Workshop
Break around 3pm 30 minutes
Building & deploying a
microservice in production
60 minutes Workshop
Wrap-up 20 minutes Presentation / Q&A
Feedback 5 minutes
Our schedule for today
4
5. datawire.io | https://d6e.co/2hZ0MQv
Our focus today
1. Communicate the key concepts
2. Minimize time spent on the mechanics, since they’re impossible to remember until
you do them often enough
3. Try to give you a mental model to understand the different (overwhelming) choices
in the Kubernetes ecosystem, and how to start.
4. If you don’t understand the purpose of a specific exercise, please ask!
Also …
Minikube is a popular choice for these trainings, since you can run things locally. But
minikube is a big performance hog and isn’t quite as realistic with some of the things
we’re doing, so we’re going to try to use the Internet. (We have done some work to
minimize bandwidth consumption.)
5
9. Take the standard development process:
Code
(Dev)
Test
(QA)
Prod
(Ops)
Release
(Release)
Define
(Product)
10. 1
0
… and make it distributed.
> No central release, test, dev cycle. Each person/team operates
an independent development process.
> Team needs to have the skills / knowledge to operate all
aspects of the development process.
Service A Service B Service C
11. 1
1
Microservices is a distributed
development process for cloud-native
software.
> Not an architecture! Your architecture supports
the process, and not the other way around.
13. Start by creating an independent process!
(with a from-scratch API service)
New serviceMonolith
independent
process!!
(think spinning off a
developer or dev team)
14. 1
4
1. Self-sufficiency. Each team needs to be self-sufficient in all aspects
of the development cycle to avoid bottlenecks.
2. Safety. Since it’s hard to be an expert in every area of the
development, need to insure an oops isn’t catastrophic.
Give the developer / dev team the ability to
SUCCESSFULLY operate independently.
15. The definition of self-sufficient safety varies based on
the evolution of your microservice.
Stage 1:
Prototyping
Stage 2:
Production
Stage 3: Internal
service
consumption
Service doesn’t crash
Workflow for prod
deploys, monitoring,
& debugging
No cascade failures
Productive dev
environment
Transparently add
service resilience
No negative user
impact
Self
sufficiency
Safety
17. 17
1. Microservices is a distributed development workflow
that helps you go faster.
2. An efficient workflow for your team provides
self-sufficiency and safety.
3. The Kubernetes ecosystem, Docker, and Envoy provide
the foundational components you need to build that
workflow.
20. datawire.io | https://d6e.co/2hZ0MQv
What is a container?
● Lightweight Linux environment. It is a form of virtualization… but very different
from a full virtual machine.
● Immutable, deployable artifact.
● Runnable.
● Popularized by Docker but there are many runtime implementations (e.g. LXC,
Rkt).
20
21. datawire.io | https://d6e.co/2hZ0MQv
What is Docker?
● A tool, ecosystem and platform for building, pushing and
running containers.
● The most popular container runtime currently.
● Default container runtime in Kubernetes.
21
22. datawire.io | https://d6e.co/2hZ0MQv
Why Containers?
● Easy and fast to produce.
● Great way to isolate different components in a complex system.
● Ensures a reproducible runtime for your app along the dev -> build -> test -> prod
pipeline.
● Easy to share in a team or with external partners.
22
24. datawire.io | https://d6e.co/2hZ0MQv
Let’s Get Started...
● We’ve built an Ubuntu container image for you
○ Includes all the client-side tools we’ll use for the training (e.g., kubectl)
● We’ll use Kubernaut for Kubernetes clusters
○ On-demand, ephemeral clusters (designed for CI … or training!)
● The container mounts a local directory into /workspace in
the image your files are synchronized with your laptop.
24
25. datawire.io | https://d6e.co/2hZ0MQv
Let’s Get Started...
Run the below commands in your terminal if you haven’t
already:
$ git clone https://github.com/datawire/shopbox
$ cd shopbox
$ ./shopbox.sh
Pre-configured dev environment with kubectl (with tab completion),
kubernaut, and various utilities we will use today.
25
27. datawire.io | https://d6e.co/2hZ0MQv
Let’s build a service as a container
A simple web application: Quote of The Moment (“QOTM”).
● Requires Python
● Uses Flask
GET STARTED
$ git clone https://github.com/datawire/qotm-ws
$ cd /workspace/qotm-ws
27
28. datawire.io | https://d6e.co/2hZ0MQv
The Dockerfile
FROM python:3-alpine
MAINTAINER Datawire <dev@datawire.io>
WORKDIR /service
COPY requirements.txt .
RUN pip install -r requirements.txt
COPY . ./
EXPOSE 5000
ENTRYPOINT [“python3”, “qotm/qotm.py”]
28
29. datawire.io | https://d6e.co/2hZ0MQv
Let’s build it!
Run the below command to build the image (the trailing period on the below
command is required!):
$ docker build -t <your-docker-user>/qotm-ws:1 .
29
Each Docker image consists of layers. A layer is an ordered union of files
and directory changes to an image.
Because layers are cached, putting the parts of the Dockerfile least likely to
change first (e.g., the OS) can make a huge difference in build speed.
30. datawire.io | https://d6e.co/2hZ0MQv
What Just Happened?
1. Docker executed the instructions in the Dockerfile. Each command created a new
layer.
2. Docker composes an image from all the layers.
3. The docker engine pointed a named reference
<your-docker-user>/qotm-ws:1 at the final image.
30
31. datawire.io | https://d6e.co/2hZ0MQv
Tagging is Important and Useful
● Tags allow you to easily reference and reuse an image.
● You can create multiple tags to point at the same image which can be useful in
sharing contexts.
● Tags can be pushed to a Docker registry so other people can reuse your image!
31
32. datawire.io | https://d6e.co/2hZ0MQv
Run the image!
Images are an inert, immutable file. When you want to run an image, a container is
produced.
RUN THE IMAGE
$ docker run --rm -dit -p 5000:5000 <your-docker-user>/qotm-ws:1
# open another shell (that is *not* running shopbox)
$ curl localhost:5000
32
33. datawire.io | https://d6e.co/2hZ0MQv
Share the image
We’ve got an image running on your laptop, but you really want to share it -- with
Kubernetes, with your colleagues, with your family & friends ...
PUSH THE IMAGE
$ docker login
$ docker push <your-docker-user>/qotm-ws:1
33
You can see the image on your public Docker Hub account at
https://hub.docker.com.
34. datawire.io | https://d6e.co/2hZ0MQv
One last thing ...
Docker does a great job of running the container. Why can’t I just use Docker
everywhere?
WHAT HAPPENS IF WE CRASH?
$ curl localhost:5000/crash
$ curl localhost:5000
Uh oh … we need something that is a little bit smarter!
34
36. datawire.io | https://d6e.co/2hZ0MQv
What is Kubernetes?
● Runs massive numbers of containers based on
lessons learned by Google.
● Schedules and runs all kinds of containers
○ long-lived (e.g. services)
○ short-lived (e.g. pre-launch hooks, cronjobs etc)
● Kubernetes can be thought of as a Distributed OS or process manager
36
38. datawire.io | https://d6e.co/2hZ0MQv
The Office Tower Analogy
Kubernetes provides the
infrastructure to build your
app around.
38
It is the foundational app
platform for your team to
build your businesses apps
around.
39. datawire.io | https://d6e.co/2hZ0MQv
Kubernetes Architecture
Types of nodes: Masters and Workers
39
Docker Kubelet
Kubeproxy
Kubernetes Node
Docker Kubelet
Kubeproxy
Kubernetes Node
Docker Kubelet
Kubeproxy
Kubernetes Node
Etcd API Server
Controller Manager
Kubernetes Master
Scheduler
40. datawire.io | https://d6e.co/2hZ0MQv
4 basic concepts
40
Container packages your code in
a portable way
Pod gives your code a temporary
home inside the cluster
Deployment keeps your code
running, even when it is updated
Service provides a stable address
that can reach many pods
42. datawire.io | https://d6e.co/2hZ0MQv
Kubernaut
● You can get your own Kubernetes cluster easily with Google, Microsoft etc.
● Or you can install Kubernetes yourself in AWS
● To simplify things, we’re going to let you borrow some of our Kubernetes clusters
:)
● We’re going to use Kubernaut which provides on-demand K8S clusters for our
internal CI/CD systems.
42
46. datawire.io | https://d6e.co/2hZ0MQv
Let’s run our container
$ kubectl run qotm-ws --image=<your-docker-user>/qotm-ws:1
$ kubectl get pods
We see a pod! How do we talk to the pod?
46
Pod gives your code a temporary
home inside the cluster
47. datawire.io | https://d6e.co/2hZ0MQv
We need to talk to the pod!
We can tell Kubernetes to forward requests from outside the cluster to the pod, and
vice versa.
$ kubectl port-forward <pod-name> 5000 &
$ curl localhost:5000
47
48. datawire.io | https://d6e.co/2hZ0MQv
What happens when a pod crashes?
48
Let’s crash the pod again.
$ curl localhost:5000/crash
$ curl localhost:5000
Note: don’t run this loop too often. If you crash your server too frequently, Kubernetes
will assume it is having deeper problems, and will introduce a delay before attempting
to restart.
49. datawire.io | https://d6e.co/2hZ0MQv
What just happened?
The Kubernetes pod automatically restarted the container!
● By default, Kubernetes will detect failures and auto-restart (with exponential
backoff, capped at 5 minutes)
● Kubernetes also lets you extend this with custom liveness and readiness probes
49
50. datawire.io | https://d6e.co/2hZ0MQv
Managing pods
● What if we want to update the software on our pod?
● What if we want more than one pod running, for availability or scalability
reasons?
50
Deployment keeps your code
running, even when it is updated
52. datawire.io | https://d6e.co/2hZ0MQv
Let’s try using a deployment
52
$ kubectl get pods
$ kubectl delete deployment qotm-ws
$ kubectl apply -f kubernetes/qotm-deployment.yaml
$ kubectl get pods
We see we’re now running three pods!
To save bandwidth, this
deployment.yaml points to a
prebuilt QOTM image we’ve
already uploaded. Feel free to
edit it to point to your Docker
repo.
53. datawire.io | https://d6e.co/2hZ0MQv
How do we talk to these pods?
It would be silly to set up port-forwards to each pod … and load balancing would be
nice.
53
Service provides a stable address
that can reach many pods
55. datawire.io | https://d6e.co/2hZ0MQv
Services Illustrated
A Service becomes a DNS A record pointing the pod IP addresses
55
IP: 100.124.71.175
blog-0
kube-worker-0
IP: 100.124.71.176
blog-1
kube-worker-1
Kubernetes cluster
blog DNS (short) => blog
DNS (long) => blog.default.cluster.local
56. datawire.io | https://d6e.co/2hZ0MQv
Service Flavors
● Many different flavors of “Service” in Kubernetes
○ ClusterIP
○ NodePort
○ LoadBalancer
○ ExternalName - often forgotten, but very useful!
56
57. datawire.io | https://d6e.co/2hZ0MQv
Let’s try using a service
57
$ cd /workspace/qotm-ws
$ kubectl apply -f kubernetes/qotm-service.yaml
$ kubectl get services # get qotm port highlighted below
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes 10.96.0.1 <none> 443/TCP 2d
qotm 10.107.109.252 <nodes> 80:<port>/TCP 6s
$ kubectl cluster-info # get cluster hostname
$ curl http://<cluster-hostname>:<port>
# or use this script for convenience:
$ curl $(url.sh qotm-ws)
58. datawire.io | https://d6e.co/2hZ0MQv 58
Container packages your code in
a portable way
Pod gives your code a temporary
home inside the cluster
Deployment keeps your code
running, even when it is updated
Service provides a stable address
that can reach many pods
60. datawire.io | https://d6e.co/2hZ0MQv
Let’s try making a change in qotm/qotm.py:
$ cd /workspace/qotm-ws
Search for the following line:
__version__ = “1”
And change the version number from 1 to 2, so it reads:
__version__ = “2”
Now, we need to build a new docker image, with a new tag:
$ docker build -t <your-docker-user>/qotm-ws:2 .
$ docker push <your-docker-user>/qotm-ws:2
What if I want to update my code?
60
61. datawire.io | https://d6e.co/2hZ0MQv
Edit kubernetes/qotm-deployment.yaml, and replace qotm-ws:1 with qotm-ws:2
Now re-apply the deployment:
$ cd /workspace/qotm-ws
$ kubectl apply -f kubernetes/qotm-deployment.yaml
Now run kubectl get pods with the watch option and you will see your rollout in
progress:
$ kubectl get pods -w
You should see your new pods spin up. Now, see version 2 running:
$ curl $(url.sh qotm-ws)
Now let’s rollout our new version
61
62. datawire.io | https://d6e.co/2hZ0MQv
The source -> Kubernetes workflow
62
A
Build a container image that contains your code,
dependencies, and configuration, based on the Dockerfile.
B Tag the image.
C Push image to a container registry.
D Update Kubernetes manifest with tag.
E Apply Kubernetes manifest to cluster.
F Repeat for all dependencies.
63. datawire.io | https://d6e.co/2hZ0MQv
Forge (https://forge.sh)
63
● Define & run multi-container apps in
Kubernetes
○ Do this consistently, regardless of
your target Kubernetes
environment
○ Do this from source code
● To “forge-ify” a service:
○ service.yaml
○ Templated Kubernetes manifest
64. datawire.io | https://d6e.co/2hZ0MQv
The QOTM service, part 2
● In the k8s/ directory, there’s a templated Kubernetes manifest that Forge will
use
○ Jinja2 template
○ Uses two values: build.name & build.images[“Dockerfile”]
● These values are supplied by forge and can be customized via the service.yaml
file, e.g.:
○ name: qotm-ws
64
65. datawire.io | https://d6e.co/2hZ0MQv
Now, we can automatically deploy
# delete the original services
$ kubectl delete svc qotm-ws
$ kubectl delete deploy qotm-ws
# First, setup forge (this is one time only)
$ cd /workspace # make sure you’re in /workspace
$ forge setup # configure forge to deploy your source
# Now, deploy from source to cluster
$ cd /workspace/qotm-ws
$ forge deploy # deploy qotm from source to cluster
65
66. datawire.io | https://d6e.co/2hZ0MQv
Let’s see what it did!
Run
$ kubectl get services
$ kubectl get deployments
$ kubectl get pods
You should see a:
● qotm-ws-stable service,
● qotm-ws-stable deployment
● and several qotm-ws-stable-<???> pods:
66
67. datawire.io | https://d6e.co/2hZ0MQv
What’s up with the -stable suffix?
● Forge has a concept of profiles
● Profiles allow multiple versions of the same code to be deployed into the same
cluster
● More about this in the next section
67
68. datawire.io | https://d6e.co/2hZ0MQv
Summary
Kubernetes:
● Powerful building blocks
● Understands containers, *not* source code
Kubernetes + Docker:
● Builds source -> containers
● Doesn’t understand versioning, environments, or kubernetes
Kubernetes + Docker + Forge (or your own script):
● Source -> cluster in one command
● Automatically handles versioning and multiple environments (profiles)
68
72. The definition of self-sufficient safety varies based on
the evolution of your microservice.
Stage 1:
Prototyping
Stage 2:
Production
Stage 3: Internal
service
consumption
Service doesn’t crash
Workflow for prod
deploys, monitoring,
& debugging
No cascade failures
Productive dev
environment
Transparently add
service resilience
No negative user
impact
73. datawire.io | https://d6e.co/2hZ0MQv
Measuring user impact is a L7 problem!
● What is L7?
○ We really mean application-level protocols
○ HTTP, gRPC, Thrift, redis://, pgsql://, ...
● In a microservices architecture, your services are an L7 network
● For you to write a service that talks to your users and/or other services, you need
to understand & manage L7
73
74. datawire.io | https://d6e.co/2hZ0MQv
L7 is now a development concern
● Everything has always been wired together with L7
● But in development, you could leave it (mostly) to operations
● Now, with microservices, L7 is a development concern as well:
○ More services
○ More remote dependencies
○ Greater release frequency
● So what does this mean for you?
74
75. datawire.io | https://d6e.co/2hZ0MQv
You: stuck in the middle
● Users consume your service over L7
● You consume your dependencies over L7
● Literally everything in this picture is a source of failure
75
Layer 7
76. datawire.io | https://d6e.co/2hZ0MQv
All your distributed systems problems are amplified
● Single points of failure
● Catastrophic failure modes
● Cascade failures
76
77. datawire.io | https://d6e.co/2hZ0MQv
In plain terms
77
Layer 7
Users can
DDOS you
Your dependencies can
fail
Your hardware can failYour hardware can fail
You ship a buggy
update
78. datawire.io | https://d6e.co/2hZ0MQv
In plain terms
78
Layer 7
Users can
DDOS you
Your dependencies can
fail
Your hardware can failYour hardware can fail
You ship a buggy
update
(rate limiting) (circuit breakers, timeouts, etc.)(software level redundancy)
79. datawire.io | https://d6e.co/2hZ0MQv
How do we protect us from ourselves?
● If all our redundant hardware runs the same code, our own bugs quickly become
the biggest source of catastrophic failure
79
80. datawire.io | https://d6e.co/2hZ0MQv
Create software level redundancy
● Redundant hardware protects us from mechanical failures
● We need redundant software implementations to protect us from our own bugs
● Canary testing is the most basic version of this
○ run multiple versions of your code to improve resiliency (like genetic diversity)
Envoy helps us do this as well, but we need to wire it into our developer workflow
● This is what we will focus on
80
81. datawire.io | https://d6e.co/2hZ0MQv
Envoy
● Modern, L7 proxy, designed for distributed cloud architectures
○ L7 observability
○ Resilience
■ Global rate limiting
■ Advanced load balancing
■ Circuit breakers
○ HTTP/2 & gRPC support
○ APIs for managing fleets of Envoys
● Adopted by the CNCF (which also hosts Kubernetes, Prometheus, Docker, among
other projects)
● Originally written by the engineering team at Lyft, and now with committers from
Google, IBM, Datawire, and others
● Alternatives: NGINX Plus, HAProxy
81
82. datawire.io | https://d6e.co/2hZ0MQv
Ambassador (https://getambassador.io)
82
● Builds on Envoy with
○ An authentication plugin
○ Kubernetes integration
● Kubernetes integration provides:
○ Self service usage via service
annotations
○ Canary routing
○ And more...
85. datawire.io | https://d6e.co/2hZ0MQv
How does Ambassador know to route to QOTM?
Run
$ kubectl get service qotm-ws-stable -o yaml
You should see something like:
apiVersion: v1
kind: Service
metadata:
annotations:
ambassador: |
---
apiVersion: ambassador/v1
kind: Mapping
name: qotm-ws-stable-mapping
prefix: /qotm/
service: qotm-ws-stable
85
86. datawire.io | https://d6e.co/2hZ0MQv
Canary testing
● Route X% of your traffic to new version
● Monitor your metrics to make sure no difference between old version and new
version
● Gradually ramp up traffic to new version
Benefits
● Immediate rollback to old version
● Minimize impact of any error
Costs
● Need extra capacity for canary testing
● Need a L7 router (you can only do coarse canaries with K8S)
86
87. datawire.io | https://d6e.co/2hZ0MQv
We’ll set up Prometheus to view the Envoy metrics..
$ cd /workspace
$ git clone https://github.com/datawire/prometheus-canary
$ cd prometheus-canary
$ forge deploy
$ url.sh prometheus
In your browser, visit http://<prometheus-url>.
87
89. datawire.io | https://d6e.co/2hZ0MQv
First change into the qotm-ws directory:
$ cd /workspace/qotm-ws
In qotm/qotm.py, we’ll simulate a performance bug by adding a sleep command.
Search for the following line:
# XXX time.sleep(0.5)
And uncomment the line (and delete the XXX):
time.sleep(0.5)
Please note this is python, whitespace is important, make sure your statements
line up!
Now, let’s create a bug
89
90. datawire.io | https://d6e.co/2hZ0MQv
Deploy a canary version of the QOTM service.
$ cd /workspace/qotm-ws
$ forge --profile canary deploy
Forge creates new pods for the “canary” release which can be seen with kubectl:
$ kubectl get pods
Let’s simulate enough requests on the service to go between the original version of the
service, and the canary.
$ while true; do curl $API/qotm/; done
Now, let’s deploy a canary
90
91. datawire.io | https://d6e.co/2hZ0MQv
What’s different about the Canary deployment?
Run
$ kubectl get service qotm-ws-canary -o yaml
You should see something like:
apiVersion: v1
kind: Service
metadata:
annotations:
ambassador: |
---
apiVersion: ambassador/v1
kind: Mapping
name: qotm-ws-canary-mapping
prefix: /qotm/
service: qotm-ws-canary
weight: 10.0
91
92. datawire.io | https://d6e.co/2hZ0MQv
How did it get that way?
The service.yaml defines settings for different profiles, the deployment template uses
the one you choose:
profiles:
stable:
endpoint: /qotm/
max_memory: 0.5G
max_cpu: 0.5
canary:
endpoint: /qotm/
weight: 10.0 # percentage of traffic to route
max_memory: 0.5G
max_cpu: 0.5G
default:
max_memory: 0.25G
max_cpu: 0.25
92
93. datawire.io | https://d6e.co/2hZ0MQv
Monitor the canary
In Prometheus, execute this query:
{__name__=~"envoy_cluster_cluster_qotm_ws_stable_upstream_rq_time_
timer|envoy_cluster_cluster_qotm_ws_canary_upstream_rq_time_timer"
}
Hit execute periodically to see changes (you might also want to reduce the granularity
of the time window to 5 minutes).
93
95. datawire.io | https://d6e.co/2hZ0MQv
The story so far ...
1. Adopting a fast, distributed workflow is critical to accelerating productivity.
2. Start building your workflow by thinking about the single developer/team, for a
single service.
3. We showed how Kubernetes, Docker, Envoy, and monitoring (e.g., Prometheus)
can be used to build your workflow.
4. Your workflow depends on the stage of your service.
5. Managing L7 is really important, and gives you new, critical capabilities such as
canary testing and transparent monitoring.
95
96. 5
Analyze metrics by collecting them from Envoy and
adding to Prometheus.
96
Stage 1
prototyping
workflow
Stage 2
production
workflow
Recapping the workflow
1 Bootstrap the service. Clone a GitHub repo.
2 Code.
3
Run your code (in a dev Kube cluster). Docker build,
Kubernetes manifest, etc.
4
Deploy to production Kubernetes cluster. Canary
routing via Envoy.
98. Service mesh
Stage 1:
Prototyping
Stage 2:
Production
Stage 3: Internal
service
consumption
Service doesn’t crash
Workflow for prod
deploys, monitoring,
& debugging
No cascade failures
Productive dev
environment
Transparently add
service resilience
No negative user
impact
99. datawire.io | https://d6e.co/2hZ0MQv
Service meshes
● When you have stage 3 services, you want to think about a service mesh
○ But you should start with 1 service, so don’t worry about the service mesh right away!
● Provide two critical functions
○ Observability (e.g., tracing) across all of your services
○ Resilience across all of your services
● Function by deploying a sidecar proxy (e.g., Envoy) next to each of your services
● Use iptables or equivalent to insure all service egress traffic is routed through
sidecar
● Sidecar adds in trace IDs, circuit breaking, etc.
99
101. datawire.io | https://d6e.co/2hZ0MQv
Stateful services
● Databases and such can be deployed with a Kubernetes manifest -- same
technique as Envoy or the existing services, but a different configuration
● Standard canary testing doesn’t work as well for stateful services
○ Envoy supports shadowing of requests
○ (We’re working on this so it’s more useable)
● If you have non-K8S resources (e.g., AWS RDS, etc.) consider adding the
Terraform/Ansible/etc. Scripts for creating these resources in another folder as
part of your standard service
101
102. datawire.io | https://d6e.co/2hZ0MQv
Organizational adoption
● Build an API service, just like Stripe or Twilio
● Staff with a single, spinoff team
● Define the purpose of the service from the perspective of the user
● Don’t allow the service team to make any changes to the existing code base, or
vice versa
102
103. datawire.io | https://d6e.co/2hZ0MQv
Thank you!
● (Anonymous) feedback survey -- would be VERY grateful if you could spend 5
minutes filling it out so we can get better
○ https://d6e.co/2yxVnmn
● Feel free to email us:
○ richard@datawire.io
○ rhs@datawire.io
○ plombardi@datawire.io
● If you’re interested in any of our open source tools, check them out:
○ https://forge.sh for deployment
○ https://www.telepresence.io for fast development cycles
○ https://www.getambassador.io easiest way to deploy/configure Envoy on Kubernetes
103
105. datawire.io | https://d6e.co/2hZ0MQv
Testing microservices
● Traditional approach to testing a microservices architecture is with a staging
environment
○ First push services to staging
○ Then run integration tests
○ If tests pass, then push to production
● But this introduces a big tradeoff
○ In order to do a “true” integration testing, you need to synchronize your different service versions
in staging … and push those versions into production
○ But this introduces a bottleneck!
● So you want to think about more distributed strategies for integration testing
105