This document discusses containers and how they differ from virtual machines. It explains that containers leverage existing features in the Linux kernel like namespaces and cgroups to provide isolation. Containers run a single process, while VMs run an entire guest operating system. The document also discusses how container orchestration systems like Kubernetes can provide clustering, scheduling, and self-healing of container workloads. It notes how immutable infrastructure and configuration management are important when using containers at scale.

2. Derrick J. Wippler
Blog: http://thrawn01.org
Twitter: @thrawn01

4. Android Super NES Emulator
http://www.superretro16.com/

5. Containers

7. What Containers Are NOT

8. DOCKER != CONTAINERS

10. Container Technology is
provided by the Linux
Kernel

11. NOT LXC

12. Linux Kernel Containers

13. Everything you need to create and
run containers already exists in the
linux kernel

14. Everything you need to create and
run containers already exists in the
linux kernel

15. However…….

21. CHROOT

23. CHROOT PROVIDES
Isolate Process & File systems

24. CHROOT

25. CHROOT
Kernel Namespaces
CGroups

26. Namespaces

27. PID Namespaces
NET Namespaces

28. PID Namespaces Provide
Process Isolation

30. PID NameSpace 1

31. PID NameSpace 1
PID NameSpace 2
PID NameSpace 3
PID NameSpace 4

32. PID NameSpace 1
PID NameSpace 2
PID NameSpace 3
PID NameSpace 4
CHROOT ?

33. NET Namespaces

34. NET Namespaces Provide
Network Isolation

35. Root NET Namespace
NET Namespace 1
NET Namespace 2

36. Root NET Namespace
NET Namespace 1
NET Namespace 2

37. Network your chroots together inside the
kernel

38. Network your chroots together inside the
kernel
Sounds like - VM Hypervisor

39. Container is NOT a VM

40. Container is NOT a VM
VM’s run entire OS

41. Container is NOT a VM
VM’s run entire OS
Containers run a single process

42. <demo>

53. Prepare for coolness

64. Remember, when you start a container, you are just
starting a process with namespaces

71. Existing container
workloads on VMs
1X DataCenters

74. Configuration
Management

75. Infrastructure is in a known state.
Prevent Infrastructure drift.
Self Healing

76. Container Images treated as
immutable
No more Infrastructure Drift

77. Prevent Infrastructure drift
Infrastructure is in a known state
Self Healing

78. Clustering

79. What is Kubernetes
Kubernetes is an open source orchestration system for Docker
containers. It handles scheduling onto nodes in a compute cluster and
actively manages workloads to ensure that their state matches the
user's declared intentions.

80. Kubernetes Monitoring
Builtin support for application level health checks
(DB Checks, Socket & Http checks, etc…)
Automatically restart crashed processes (aka containers)
Natively React to Monitor Events

81. Prevent Infrastructure drift
Infrastructure is in a known state
Self Healing

83. MANAGED BY KUBERNETES
Self healing
No Infrastructure Drift
Infrastructure is in a known state
Reliability

84. Why do we need Configuration
Management?

85. What about Operating System Configuration?

86. Immutable Operating Systems
Immutable Infrastructure
AKA

87. Brandon Phillips CTO Alex Polvi CEO

88. All you need is a OS that can run
Containers

89. No Package Manager
Immutable Config files

90. Why configure the OS?
Our containers can contain all OS config
files and daemons necessary for our
application to run

91. How to configure all the disparate containers?

92. Consistent Distributed Key Store

94. Why do we need Configuration
Management?

95. Brian Redbeard
Principal Architect CoreOS

96. “If we do our job correctly, future releases
of CoreOS will NOT have SSH server
installed”

97. “If we do our job correctly, future releases
of CoreOS will NOT have SSH server
installed”

98. How you would design your
infrastructure/software if you were unable
to SSH into the host OS?

100. Typical Operating System
Kernel
Configuration
Storage
Workloads

101. Typical Operating System
Kernel
Configuration
Storage
Linux Kernel
/etc
FileSystems EXT4
Workloads Processes

102. Typical Operating System
Kernel
Configuration
Storage
Linux Kernel
/etc
FileSystems EXT4
Kubernetes
etcd
ISCSI Block or
FSAS
Workloads Processes Containers

103. Cloud Operating System

104. Infinite CPU Power
Distributed Scale
Self Healing
Always Available

105. GIFEE

106. GIFEE
Google Infrastructure For Everyone Else

107. All I WANT
create my application in a container
make it scale
I don’t want it to go down

108. Blog: http://thrawn01.org
Twitter: @thrawn01