KubeCon EU 2016: Bringing an open source Containerized Container Platform to Kubernetes

•

1 like•334 views

Kurma is a open source container runtime that is based on the container instrumentation built into the Apcera Platform. Kurma, and its accompanied "KurmaOS" is our vision of a lightweight, fully containerized operating system. This presentation will cover Apcera's journey in its container instrumentation. Beginning with the pre-Docker landscape, how it grew over the course of 3+ years, and the "next-gen" adaption of it, where the base container instrumentation has been adapted to stand as its own open source project, and growing it to be used beyond just Apcera's own usage. Kurma incorporates a lot of lessons learned with both development and operations of a container platform, including building modular vs monolith, extensibility being built in vs built on, and managing a cluster of hosts and containers. We'll also cover our experiences with introducing it to Kubernetes as another first class runtime provider. Taking how Kurma works and have it work with Kubernetes, and how we'd like to see Kubernetes grow in some of the areas we see Kurma growing. Sched Link: http://sched.co/6BlW

Technology

Instance Manager
State Machine Apocalypse
● Started out simple, but naive about the future
● Few small libraries…
● … but all integration logic was central
● 8 states
● 53 function handlers

Existing Weight
● Ubuntu base OS
● CAPS deployment
● .deb packaging
● Operational tooling

System Skew is a Problem
● Deploys non-atomic
● Different lifecycle per host
● Operational access

A New Model
Kurma
● Minimize host dependencies
● Everything is a container
● Simple notions that could be easily extended
● Simple, well defined APIs

What is Kurma made of?
Existing
● Go + C
● App Container (AppC)
● Apcera’s existing
instrumentation
Coming soon
● Go + C
● AppC
● libcontainer based
● CNI for networking

Delivery
kurmad
● Existing host
● Download and run
● Immediately benefit
● Depends on host kernel
and libc
kurmaOS
● Minimalist distro
● Services as containers
● A/B partition model
● Console is just a
container

Stager
Pluggable Process Orchestration
● Responsible for instrumenting the pod
● Packaged as a signed, trusted ACI image
● Gets own mount and network namespace

Stager API
● Simplest unit of work: an executable
● Setup via image ‘Exec’ setting
● Other calls through expected executables
– /opt/stager/run
– /opt/stager/status
– /opt/stager/logs
– ...

Networking API
● ACI image
● Passes along JSON configuration
● Executes commands to setup networking on
other containers
– /opt/network/add <ns> <container-id>
– /opt/network/del <ns> <container-id>

Kurma
Reusable Unit for Extensibility
/opt/stager/run cni /opt/network/add ...

Kurma
Extending Boundries with Semantics

Why?
● Kurma usage outside Apcera
● Increased platform flexibility
● Integrating with broader community

Kubelet
● Has existing Runtime interface
● Rich interface for engine communication
● Kubelet is a bit of a leaky abstraction
● Workarounds for Dockerisms

Testing
● Mystical
● Documentation gaps
● Excellent Github/PR integration

Codebase
● Godep pains
● “hack” directory?
● Documentation gaps
● Interface movement
Runtime.ConvertPodStatusToAPIPodStatus()

Kurmanetes
● Maturing Kurma based on Kubernetes needs
– Pods
– Networking
– Image management
● Runtime abstraction nearly complete

Kurmanetes
● Done
– Pod management
– Image retrieval and management
● Remaining
– Landing Kurma’s pod/stager branch
– cAdvisor integration
– Integration testing
– Work towards improving the abstraction leaks

Resources
Kurma
kurma.io
github.com/apcera/kurma
Me
ken@apcera.com
@krobertson
We’re hiring for the Kurma team.

What's hot

Docker e git lab

Gianluca Padovani

DevOps in AWS with Kubernetes

Oleg Chunikhin

KubeCon 2017: Kubernetes from Dev to Prod

Subhas Dandapani

A talk given on Tuesday and Wednesday the 27th and 28th of February 2018 at the Docker Mountain View and Docker SF meetup groups. In this talk, Docker Captain Phil Estes provides a history of the Docker engine from its early days as a single statically linked binary providing all the Docker engine functions to today's Moby and Docker CE projects comprising multiple projects and layers, including the Open Container Initiative (OCI) specifications and runC implementation, and the Cloud Native Computing Foundation (CNCF) containerd project. This talk also describes how these lower layer components spun out from Docker are being used to enhance other projects and offerings in the container ecosystem.

Docker Engine Evolution: From Monolith to Discrete Components

Phil Estes

Kubernetes and Hybrid Deployments

Sandeep Parikh

The relationship between Docker, Kubernetes and CRI

HungWei Chiu

In this deck from the Docker Workshop at ISC 2015, Andreas Schmidt from Cassini Consulting describes Docker in a Nutshell "As the newest flavor of Linux Containers, Docker gained a lot of momentum in the last 12 months. With a very convenient and open API-driven architecture Docker is able to help decrease the complexity of operations and increase the productivity of computation. During the last two years Andreas, Christian, and Wolfgang gained a lot of experience with Docker and were thrilled by its possible impact early on. Andreas started working with Docker in mid-2013 and is interested in developing tools for solving Enterprise IT requirements on networking and security. In 2014 he held talks and workshops about these topics. Christian started using Docker in 2013 to virtualize a complete HPC cluster stack and since then held multiple talks about how Docker might impact HPC. Wolfgang and his partner Burak Yenier introduced Docker as a corner-stone of the UberCloud Marketplace to drastically improve and simplify access to HPC cloud resources. UberCloud just announced their new containers for computational fluid dynamics software like Fluent, STAR-CCM+ and OpenFOAM." Watch the video presentation: http://wp.me/p3RLHQ-enP Sign up for our insideHPC Newsletter: http://insidehpc.com/newsletter

Docker for HPC in a Nutshell

inside-BigData.com

Deploying WSO2 Middleware on Kubernetes

Imesh Gunaratne

Do you have this build script that with a single command builds your software? Does this still apply on a brand new PC? This presentation takes you on the journey to construct complex build environments using Docker. The journey follows our lessons learned and experiences going from hand crafted to Dockerized build environments. We will look at different patterns to build modular containers, ways to chain containers and the specialties of Windows containers.

The Fairy Tale of the One Command Build Script

Docker, Inc.

How does awesome Android benefit from dazzling Docker? With an introduction to the Docker way of continuous integration for Android, it would help you get a consistent Android development and build environment with minimal effort. Syllabus: * Background story - where the problem happened * Why Android dev should care? * How to provision an Android environment to build project usually? How Docker is gonna solve it? * Typical machine dependant failing unit tests examples, which could be revealed by using Docker * Philosophy, features, improvements, comparison against traditional approach * Limitations * Quick setup of Jenkins using AndroidSDK docker slaves (live demo)

Android Meets Docker

Docker, Inc.

Hands on docker

inovex GmbH

Docker's lightweight containers can quickly launch more containers when needed and then shut them down easily when they're no longer needed. Also it gets easier to make lots of small changes instead of huge, big bang updates that leads to reduced risk but more uptime. Saying that huge number of micro services leads to increase in complexity of the application deployment, orchestration and monitoring in production. Apache Stratos is a Platform as a Service (PaaS) integrated with Docker, CoreOS, Kubernetes gives more powerful single tool kit for container orchestration, monitoring, autoscaling and auto healing support. Smart policies and IaaS agnostic support provide capability of runs containers in almost every popular public and private clouds. This session included installing and deploying sample applications using Docker,CoreOS and Kubernetes and a demonstration of app deployment, provisioning, auto-scaling, and more.

Containers in production with docker, coreos, kubernetes and apache stratos

WSO2

FOSDEM 2019: A containerd Project Update

Phil Estes

Securing Containerized Applications: A Primer

Phil Estes

Introduction to Kubernetes

Ross Kukulinski

Kubernetes 架構與虛擬化之差異

inwin stack

Kubernetes is an open source system for automating deployment, operations, and scaling of containerized applications. It’s one of the promising options you have for deploying your container-based applications to the Internet. In this session we’ll take a look at the concepts of Kubernetes and then go trough all steps necessary to launch and maintain a real-world PHP application in your own Kubernetes cluster.

IPC16: A Practical Introduction to Kubernetes

Robert Lemke

Container orchestration

Timo Derstappen

Securing Containerized Applications: A Primer

Phil Estes

Slides from the talk given to the Startup Berlin Slack Group that demonstrates how TruckIN is implementing its continuous delivery workflow using technologies and open-source tools. Topics that are covered: Automated Cloud Provisioning (Network, Subnets, VMs, Kubernetes Cluster, Firewall, Disks, Credentials, Private Docker Registry); Configuration Management (Salt Stack), Continuous Integration (Jenkins CI), Continuous Delivery/Deployment (Salt API/Reactor + Kubernetes) to a Google Cloud Kubernetes Cluster, Remote Application Debugging, Managing Google Cloud Kubernetes Cluster, Logging, Monitoring and ChatOps (Slack and operable.io)

From Code to Kubernetes

Daniel Oliveira Filho

What's hot (20)

Docker e git lab

DevOps in AWS with Kubernetes

KubeCon 2017: Kubernetes from Dev to Prod

Docker Engine Evolution: From Monolith to Discrete Components

Kubernetes and Hybrid Deployments

The relationship between Docker, Kubernetes and CRI

Docker for HPC in a Nutshell

Deploying WSO2 Middleware on Kubernetes

The Fairy Tale of the One Command Build Script

Android Meets Docker

Hands on docker

Containers in production with docker, coreos, kubernetes and apache stratos

FOSDEM 2019: A containerd Project Update

Securing Containerized Applications: A Primer

Introduction to Kubernetes

Kubernetes 架構與虛擬化之差異

IPC16: A Practical Introduction to Kubernetes

Container orchestration

Securing Containerized Applications: A Primer

From Code to Kubernetes

Similar to KubeCon EU 2016: Bringing an open source Containerized Container Platform to Kubernetes

Apache Provisionr (incubating) - Bucharest JUG 10

Andrei Savu

Truemotion Adventures in Containerization

Ryan Hunter

From swarm to swam-mode in the CERN container service

Spyros Trigazis

OpenStack Nova Scheduler

Peeyush Gupta

Creating pools of Virtual Machines - ApacheCon NA 2013

Andrei Savu

Scalable Spark deployment using Kubernetes

datamantra

OpenStack & Ubuntu (india openstack day)

openstackindia

Shir Bromberg (Big Data team leader) @ Yotpo: Nowadays, many of an organization’s main applications rely on Spark pipelines. As these applications become more significant to businesses, so does the need to quickly deploy, test and monitor them. The standard way of running spark jobs is to deploy it on a dedicated managed cluster. However, this solution is relatively expensive with potentially high setup time. Therefore, we developed a way to run Spark on any container orchestration platform. This allows us to run Spark in a simple, custom and testable way. In this talk, we will present our open-source dockers for running Spark on Nomad servers. We will cover: * The issues we had running spark on managed clusters and the solution we developed. * How to build a spark docker. * And finally, what you may achieve by using Spark on Nomad.

The benefits of running Spark on your own Docker

Itai Yaffe

LCU14 310- Cisco ODP v2

Linaro

Docker 0.11 at MaxCDN meetup in Los Angeles

Jérôme Petazzoni

Workshop : 45 minutes pour comprendre Docker avec Jérôme Petazzoni

TheFamily

Introduction to Docker, December 2014 "Tour de France" Edition

Jérôme Petazzoni

Introduction to Docker and Containers

Docker, Inc.

OpenStack Best Practices and Considerations - terasky tech day

Arthur Berezin

Docker+java

DPC Consulting Ltd

A Gentle Introduction to Docker and Containers

Docker, Inc.

20141111_SOS3_Gallo

Andrea Gallo

QuestDB es una base de datos open source de alto rendimiento. Mucha gente nos comentaba que les gustaría usarla como servicio, sin tener que gestionar las máquinas. Así que nos pusimos manos a la obra para desarrollar una solución que nos permitiese lanzar instancias de QuestDB con provisionado, monitorización, seguridad o actualizaciones totalmente gestionadas. Unos cuantos clusters de Kubernetes más tarde, conseguimos lanzar nuestra oferta de QuestDB Cloud. Esta charla es la historia de cómo llegamos ahí. Hablaré de herramientas como Calico, Karpenter, CoreDNS, Telegraf, Prometheus, Loki o Grafana, pero también de retos como autenticación, facturación, multi-nube, o de a qué tienes que decir que no para poder sobrevivir en la nube.

Como creamos QuestDB Cloud, un SaaS basado en Kubernetes alrededor de QuestDB...

javier ramirez

LXC, Docker, and the future of software delivery | LinuxCon 2013

dotCloud

LXC Docker and the Future of Software Delivery

Docker, Inc.

Similar to KubeCon EU 2016: Bringing an open source Containerized Container Platform to Kubernetes (20)

Apache Provisionr (incubating) - Bucharest JUG 10

Truemotion Adventures in Containerization

From swarm to swam-mode in the CERN container service

OpenStack Nova Scheduler

Creating pools of Virtual Machines - ApacheCon NA 2013

Scalable Spark deployment using Kubernetes

OpenStack & Ubuntu (india openstack day)

The benefits of running Spark on your own Docker

LCU14 310- Cisco ODP v2

Docker 0.11 at MaxCDN meetup in Los Angeles

Workshop : 45 minutes pour comprendre Docker avec Jérôme Petazzoni

Introduction to Docker, December 2014 "Tour de France" Edition

Introduction to Docker and Containers

OpenStack Best Practices and Considerations - terasky tech day

Docker+java

A Gentle Introduction to Docker and Containers

20141111_SOS3_Gallo

Como creamos QuestDB Cloud, un SaaS basado en Kubernetes alrededor de QuestDB...

LXC, Docker, and the future of software delivery | LinuxCon 2013

LXC Docker and the Future of Software Delivery

More from KubeAcademy

The building industry in the world today is at large, far behind the rest of the world, technically. Alongside this, it is at threat of being dominated by a small selection of software vendors. These vendors push specific software solutions to the technically unskilled consumers in the AEC industry. The software they provide however is monolithic, native and heavy. Containers, distributed computing, and open source microservices and applications offer a solution to turn the construction industries future on its head. When computing is ubiquitous in our buildings with the internet of things, the whole way we think about building design has to change. We need to think in advance about how our applications which will run our buildings are developed. Each building is bespoke and the offers currently on the software market simply wont fit the bill in the near future. We are trying to develop a kubernetes based platform to lay the foundations for the future of lightweight bespoke apps developed for our built environment. Sched Link:

KubeCon EU 2016: Distributed containers in the physical world

KubeAcademy

KubeCon EU 2016:

KubeAcademy

ChatOps is a term often credited to GitHub, and it is all about putting the tools in the middle of the conversations. At Unacast, most of our conversations go through Slack. When we integrated ChatOps into our workflow, we got the tools closer to the conversation. We are using a version of GitHub Flow for our development process. That means all new features goes in a branch, someone opens a pull request and we merge continuously from master into the feature branch. When we have something that is ready to deploy to a server we trigger a deploy of the branch to a test environment. When the new feature gets verified it gets deployed to production, gets verified again, and then merged back into master. This workflow enables us to maintain a clean master branch so we can roll back in case something fails. Sched Link: http://sched.co/67c1

KubeCon EU 2016: ChatOps and Automatic Deployment on Kubernetes

KubeAcademy

Containers are at the forefront of a new wave of technology innovation but the methods for scheduling and managing them are still new to most developers. In this talk we'll look at the kind of problems that container scheduling solves and at how maximising efficiency and maiximising QoS don't have to be exclusive goals. We'll take a behind the scenes look at the Kubernetes scheduler: How does it prioritize? What about node selection and external dependencies? How do you schedule based on your own specific needs? How does it scale and what’s in it both for developers already using containers and for those that aren't? We’ll use a combination of slides, code, demos to answer all these questions and hopefully all of yours. Sched Link: http://sched.co/6BZa

KubeCon EU 2016: A Practical Guide to Container Scheduling

KubeAcademy

KubeCon EU 2016: Trading in the Kube

KubeAcademy

Being able to trust your containers requires that you be able to trust the systems your containers are running on. Trusted computing makes it possible for computers to prove what they’ve booted, making it practical for clusters to verify that systems haven’t been compromised, but up until now it’s been a heroic task to deploy a trusted computing environment. This presentation will describe the integration of trusted computing technologies into Kubernetes, making it possible to define policies that provide fine-grained access control to cluster resources and distribute secrets in a secure manner. It will then introduce functionality added to the rkt runtime, making it possible to extend trusted computing from initial system state to validation of individual containers. Sched Link: http://sched.co/67eX

KubeCon EU 2016: Integrated trusted computing in Kubernetes

KubeAcademy

One of the most underrated features of Kubernetes is namespaces. In the market, instead of using this feature, people are still stuck with having different clusters for their environments. This talk will try to break this approach, and will introduce how we end up using ephemeral namespaces within our CI/CD pipeline. It will cover the architecture of our system for running the user acceptance tests on isolated ephemeral namespaces with every bits and pieces running within pods. While doing this, we will set up our CI/CD pipeline on top of TravisCI, GoCD, and Selenium that is controlled by Nightwatch.js. Sched Link: http://sched.co/6Bcb

KubeCon EU 2016: Leveraging ephemeral namespaces in a CI/CD pipeline

KubeAcademy

KubeCon EU 2016: Secure, Cloud-Native Networking with Project Calico

KubeAcademy

Arkena's video-on-demand platform is used as backend by major european channels (TF1 / beIN SPORTS / Elisa) to propose a non-linear experience to their customers. Previously hosted on Heroku, the number of our users is increasing constantly. In order to optimize resources we decided to move on a bare metal infrastructure powered by Kubernetes. We'll share thoughts, feedbacks and technical details about this successful transition. Sched Link:

KubeCon EU 2016: Heroku to Kubernetes

KubeAcademy

This talk is documents the UK Home Office's cloud-native journey, changing how we did devops forever! At the UK Home Office, we run Kubernetes in production. This talk is about how we got there, where we came from, where we are right now and where do we want to go from here. We will also cover what things worked out and which things didn't. From on-boarding projects into Kubernetes to continous delivery, this talk will give you a good understanding of what lies ahead if you decided to take the road to schedule containers in production. Sched Link: http://sched.co/68xS

KubeCon EU 2016: Transforming the Government

KubeAcademy

When you hear words such as Kubernetes or OpenShift you immediately start thinking about long running processes you can easily scale at will. However, Kubernetes includes a lesser known feature which allows you to run pretty much anything from simple tasks up to highly-complicated ones. During this presentation, the author of the Job resource in Kubernetes will guide you through several techniques for performing anything ranging from simple Pi calculations to rendering a movie. No matter if you're a data scientist running large scale calculations across several data centers or a hobby programmer running simple day-to-day tasks, this presentation is to teach you how to efficiently use Kubernetes Jobs on their own or as the building blocks of something bigger. This presentation will feature a number of live demos to help illustrate the various ways that you can put Jobs to work. Don’t miss out on learning about one of the coolest features of Kubernetes! Sched Link: http://sched.co/6BUw

KubeCon EU 2016: Getting the Jobs Done With Kubernetes

KubeAcademy

You have deployed your application on Kube and now you want to actually do something permanent with it?? You will need STORAGE. This talk will be a good introduction to using storage in Kubernetes. It will cover the use of EmptyDir, HostPath and Persistent Storage options. How to configure and use each type. This talk will also discuss the security features for storage in the open source OpenShift project. Sched Link: http://sched.co/6BcS

KubeCon EU 2016: Kubernetes Storage 101

KubeAcademy

Testing applications is important, as shown by the rise of continuous integration and automated testing. In this talk, I will focus on one area of testing that is difficult to automate: poor network connectivity. Developers usually work within reliable networking conditions so they might not notice issues that arise in other networking conditions. I will give examples of software that would benefit from test scenarios with varying connectivity. I will explain how traffic control on Linux can help to simulate various network connectivity. Finally, I will run a demo showing how an application running in Kubernetes behaves when changing network parameters. Sched Link: http://sched.co/6Bb3

KubeCon EU 2016: Using Traffic Control to Test Apps in Kubernetes

KubeAcademy

The New York Times’ is a US media company serves digital journalism to millions of visitors every day. The format of our stories is constantly experimented with; for example we publish graphics based on election data ingested from APIs, question and answer led discussions, breaking news live coverage, and quizzes. This leads to a lot of applications. Our previous experience with infrastructure may be a familiar one: an unruly number of virtual machines, which led us to containers. Containers give our web developers who are not infrastructure engineers the opportunity to configure and launch their applications with little oversight. Kubernetes offers us an infrastructure for our numerous applications at scale. Leveraging the Kubernetes API, we’ve built a self-service admin interface for developers (not sysadmins) to configure and launch their applications at scale, similar to the Kubernetes Dashboard project, tailored to our development workflow. Sched Link: http://sched.co/67f2

KubeCon EU 2016: Kubernetes in Production in The New York Times newsroom

KubeAcademy

With growing demand for containers in the enterprise, build pipelines are a bottleneck to success. Traditional workflows can't release application candidates quickly enough to fulfill demand. With over 400 development teams across many different business units, Pearson had to move away from massive installs of traditional build pipeline tools and rethink the entire concept. In this talk we'll demonstrate how we have built in security compliance, performance testing, quality assurance, abstracted away complexity, reduced overhead, aim to recover 10% of developers time and turned build tools into cattle. This represents the story to date of an in-flight engineering project to modernise the digital estate of a global enterprise organisation and how scale of the operation is leading us to challenge many established beliefs. Attendees will walk away with everything from workflows to code which they can use to get started in their own endeavors. Sched Link:

KubeCon EU 2016: ITNW (If This Now What): Orchestrating an Enterprise

KubeAcademy

Modern cities are rapidly adopting smart technologies to deliver realtime data about a number of city services. These technologies heavily rely on a high quality network interconnecting all sensors and reactors as lamps with controlling services. Many low level PLC systems solve the automation, but their purpose is limited to narrow areas of usage as these device have limited computational power. On the other hand, the rise of single-board computers as Raspberry Pi with multi-core processors and plenty of memory can serve as a platform for virtualized services based on Kubernetes. The distributed cluster across whole city on public streetlights gives operators the possibility to adapt to rapidly changing conditions. We propose distribution of HA clusters of single-board devices in key topological points of smart city mesh networks connected together by reliable SDN network. These virtualized services fulfill various tasks as data collection, data processing or and all of these services can rely on cloud backends, that provide much more computational and storage capacity. Services can be operated at both locations to serve local as well as foreign users. We will share whole concept and architecture of SmartCity project, which covers deployment of more than 3000 endpoints[, both sensoric and reactive devices,] and about 30 smart gateways running in HA mode on Kubernetes Nodes. Sched Link: http://sched.co/6BUM

KubeCon EU 2016: SmartCity IoT on Kubernetes

KubeAcademy

Kubernetes gives developers a platform on which to run images and many configuration objects to control those images, but constructing a cohesive application made up of images and configuration objects is currently a challenge. Reconstructing or sharing that configuration can also be a challenge. This talk will cover the Template feature implemented in OpenShift to simplify the process of defining and repeatably deploying coordinated objects, discuss what is coming to Kubernetes with respect to this capability, and touch on several other existing projects that enable templatizing application definitions. Sched Link: http://sched.co/6BVH

KubeCon EU 2016: Templatized Application Configuration on OpenShift and Kuber...

KubeAcademy

The Kubernetes community has aspirations of becoming the Linux kernel of distributed systems. Together we want to build a scalable, stable, and secure platform for distributed system that is the ubiquitous choice for people building server infrastructure. This talk will discuss the major community efforts made in recent months to deliver this goal and the work we need to do to continue our momentum. Sched Link: http://sched.co/68lU

KubeCon EU 2016 Keynote: Pushing Kubernetes Forward

KubeAcademy

Load balancing is an important part of any resilient web application. Kubernetes supports a few options for external load balancing, but they are limited in features. After a brief discussion of those options and the features they lack, we’ll show how to build an advanced load balancing solution for Kubernetes on top of NGINX, utilizing Kubernetes features including Ingress, Annotations, and ConfigMap. We’ll conclude with a demo of how to use NGINX and NGINX Plus to expose services to the Internet. Sched Link: http://sched.co/6Bc9

KubeCon EU 2016: Creating an Advanced Load Balancing Solution for Kubernetes ...

KubeAcademy

The Met Office Informatics Lab includes scientists, developers and designers. We build prototypes exploring new technologies to make environmental data useful. Here we describe a recent project to process multi-dimensional weather data to create a fully interactive 4D browser application. We used long-running containers to serve data and web pages and short-running processes to ingest and compress the data. Forecast data is issued every three hours so our data ingestion goes through regular and predictable bursts (i.e. perfect for autoscaling). We built a Kubernetes cluster in an AWS group which auto-scales based on load. We used replication controllers to process the data. Every three hours ingestion jobs are added to a queue and the number of ingestion containers are set in proportion to the queue length. Each worker completes exactly one ingestion job from the queue and then exits, at which point Kubernetes creates a new one to process the next message. This has allowed us to remove the lifespan logic from the containers and keep them light, fast and massively scalable. We are now in the process of using this in our production systems. Sched Link: http://sched.co/6BWQ

KubeCon EU 2016: Killing containers to make weather beautiful

KubeAcademy

More from KubeAcademy (20)

KubeCon EU 2016: Distributed containers in the physical world

KubeCon EU 2016:

KubeCon EU 2016: ChatOps and Automatic Deployment on Kubernetes

KubeCon EU 2016: A Practical Guide to Container Scheduling

KubeCon EU 2016: Trading in the Kube

KubeCon EU 2016: Integrated trusted computing in Kubernetes

KubeCon EU 2016: Leveraging ephemeral namespaces in a CI/CD pipeline

KubeCon EU 2016: Secure, Cloud-Native Networking with Project Calico

KubeCon EU 2016: Heroku to Kubernetes

KubeCon EU 2016: Transforming the Government

KubeCon EU 2016: Getting the Jobs Done With Kubernetes

KubeCon EU 2016: Kubernetes Storage 101

KubeCon EU 2016: Using Traffic Control to Test Apps in Kubernetes

KubeCon EU 2016: Kubernetes in Production in The New York Times newsroom

KubeCon EU 2016: ITNW (If This Now What): Orchestrating an Enterprise

KubeCon EU 2016: SmartCity IoT on Kubernetes

KubeCon EU 2016: Templatized Application Configuration on OpenShift and Kuber...

KubeCon EU 2016 Keynote: Pushing Kubernetes Forward

KubeCon EU 2016: Creating an Advanced Load Balancing Solution for Kubernetes ...

KubeCon EU 2016: Killing containers to make weather beautiful

Recently uploaded

MINDCTI Revenue Release Quarter One 2024

MIND CTI

WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...

WSO2

In this session, we will discuss the journey of API governance from its initial, ungoverned state to the development of sophisticated models that tackle contemporary challenges. We'll explore how APIs have become essential in the intersection of business and technology, adapting to advancements and evolving needs. We'll focus on how organizations have moved from launching to monetizing APIs, using models like pay-per-use and subscriptions, and finding the right balance between technical implementation and business strategy. We'll also highlight the impact of governance on monetization strategies, especially how data security, compliance, and service quality influence pricing. Real-world examples will demonstrate the effective integration of governance with monetization, including AI's role in dynamic pricing. Looking ahead, we'll share insights into future trends in API governance and monetization, emphasizing the importance of adaptability, continuous learning, and innovation.

API Governance and Monetization - The evolution of API governance

WSO2

Tracing the root cause of a performance issue requires a lot of patience, experience, and focus. It’s so hard that we sometimes attempt to guess by trying out tentative fixes, but that usually results in frustration, messy code, and a considerable waste of time and money. This talk explains how to correctly zoom in on a performance bottleneck using three levels of profiling: distributed tracing, metrics, and method profiling. After we learn to read the JVM profiler output as a flame graph, we explore a series of bottlenecks typical for backend systems, like connection/thread pool starvation, invisible aspects, blocking code, hot CPU methods, lock contention, and Virtual Thread pinning, and we learn to trace them even if they occur in library code you are not familiar with. Attend this talk and prepare for the performance issues that will eventually hit any successful system. About authorWith two decades of experience, Victor is a Java Champion working as a trainer for top companies in Europe. Five thousands developers in 120 companies attended his workshops, so he gets to debate every week the challenges that various projects struggle with. In return, Victor summarizes key points from these workshops in conference talks and online meetups for the European Software Crafters, the world’s largest developer community around architecture, refactoring, and testing. Discover how Victor can help you on victorrentea.ro : company training catalog, consultancy and YouTube playlists.

Finding Java's Hidden Performance Traps @ DevoxxUK 2024

Victor Rentea

Key topics covered: - Real-world examples of Choreo's comprehensive coverage from application design and deployment, security, scaling, and monitoring - Running different types of workloads, such as web applications, APIs, microservices, integrations, and tasks at scale, and wire them together to deliver seamless omnichannel digital experiences - How Choreo improves the developer experience by eliminating repetition, silos, and redundancy through enhanced discoverability and self-serviceability

Choreo: Empowering the Future of Enterprise Software Engineering

WSO2

Following the popularity of "Cloud Revolution: Exploring the New Wave of Serverless Spatial Data," we're thrilled to announce this much-anticipated encore webinar. In this sequel, we'll dive deeper into the Cloud-Native realm by uncovering practical applications and FME support for these new formats, including COGs, COPC, FlatGeoBuf, GeoParquet, STAC, and ZARR. Building on the foundation laid by industry leaders Michelle Roby of Radiant Earth and Chris Holmes of Planet in the first webinar, this second part offers an in-depth look at the real-world application and behind-the-scenes dynamics of these cutting-edge formats. We will spotlight specific use-cases and workflows, showcasing their efficiency and relevance in practical scenarios. Discover the vast possibilities each format holds, highlighted through detailed discussions and demonstrations. Our expert speakers will dissect the key aspects and provide critical takeaways for effective use, ensuring attendees leave with a thorough understanding of how to apply these formats in their own projects. Elevate your understanding of how FME supports these cutting-edge technologies, enhancing your ability to manage, share, and analyze spatial data. Whether you're building on knowledge from our initial session or are new to the serverless spatial data landscape, this webinar is your gateway to mastering cloud-native formats in your workflows.

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Safe Software

Exploring Multimodal Embeddings with Milvus

Zilliz

Webinar Recording: https://www.panagenda.com/webinars/why-teams-call-analytics-is-critical-to-your-entire-business Nothing is as frustrating and noticeable as being in an important call and being unable to see or hear the other person. Not surprising then, that issues with Teams calls are among the most common problems users call their helpdesk for. Having in depth insight into everything relevant going on at the user’s device, local network, ISP and Microsoft itself during the call is crucial for good Microsoft Teams Call quality support. To ensure a quick and adequate solution and to ensure your users get the most out of their Microsoft 365. But did you know that ‘bad calls’ are also an excellent indicator of other problems arising? Precisely because it is so noticeable!? Like the canary in the mine, bad calls can be early indicators of problems. Problems that might otherwise not have been noticed for a while but can have a big impact on productivity and satisfaction. Join this session by Christoph Adler to learn how true Microsoft Teams call quality analytics helped other organizations troubleshoot bad calls and identify and fix problems that impacted Teams calls or the use of Microsoft365 in general. See what it can do to keep your users happy and productive! In this session we will cover - Why CQD data alone is not enough to troubleshoot call problems - The importance of attributing call problems to the right call participant - What call quality analytics can do to help you quickly find, fix-, and prevent problems - Why having retrospective detailed insights matters - Real life examples of how others have used Microsoft Teams call quality monitoring to problem shoot problems with their ISP, network, device health and more.

Why Teams call analytics are critical to your entire business

panagenda

In this keynote, Asanka Abeysinghe, CTO,WSO2 will explore the shift towards platformless technology ecosystems and their importance in driving digital adaptability and innovation. We will discuss strategies for leveraging decentralized architectures and integrating diverse technologies, with a focus on building resilient, flexible, and future-ready IT infrastructures. We will also highlight WSO2's roadmap, emphasizing our commitment to supporting this transformative journey with our evolving product suite.

Platformless Horizons for Digital Adaptability

WSO2

Quantum Leap in Next-Generation Computing

WSO2

Join our latest Connector Corner webinar to discover how UiPath Integration Service revolutionizes API-centric automation in a 'Quote to Cash' process—and how that automation empowers businesses to accelerate revenue generation. A comprehensive demo will explore connecting systems, GenAI, and people, through powerful pre-built connectors designed to speed process cycle times. Speakers: James Dickson, Senior Software Engineer Charlie Greenberg, Host, Product Marketing Manager

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

DianaGray10

Dubai, often portrayed as a shimmering oasis in the desert, faces its own set of challenges, including the occasional threat of flooding. Despite its reputation for opulence and modernity, the emirate is not immune to the forces of nature. In recent years, Dubai has experienced sporadic but significant floods, testing the resilience of its infrastructure and communities. Among the critical lifelines in this bustling metropolis is the Dubai International Airport, a bustling hub that connects the city to the world. This article explores the intersection of Dubai flood events and the resilience demonstrated by the Dubai International Airport in the face of such challenges.

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

Orbitshub

DBX First Quarter 2024 Investor Presentation

Dropbox

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...

Zilliz

AWS Community Day CPH - Three problems of Terraform

Andrey Devyatkin

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Juan lago vázquez

💥 You’re lucky! We’ve found two different (lead) developers that are willing to share their valuable lessons learned about using UiPath Document Understanding! Based on recent implementations in appealing use cases at Partou and SPIE. Don’t expect fancy videos or slide decks, but real and practical experiences that will help you with your own implementations. 📕 Topics that will be addressed: • Training the ML-model by humans: do or don't? • Rule-based versus AI extractors • Tips for finding use cases • How to start 👨‍🏫👨‍💻 Speakers: o Dion Morskieft, RPA Product Owner @Partou o Jack Klein-Schiphorst, Automation Developer @Tacstone Technology

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam

UiPathCommunity

CNIC Information System with Pakdata Cf In Pakistan

danishmna97

Vector Search -An Introduction in Oracle Database 23ai.pptx

Remote DBA Services

Dubai, known for its towering skyscrapers, luxurious lifestyle, and relentless pursuit of innovation, often finds itself in the global spotlight. However, amidst the glitz and glamour, the emirate faces its own set of challenges, including the occasional threat of flooding. In recent years, Dubai has experienced sporadic but significant floods, disrupting normalcy and posing unique challenges to its infrastructure. Among the critical nodes in this bustling metropolis is the Dubai International Airport, a vital hub connecting the world. This article delves into the intersection of Dubai flood events and the resilience demonstrated by the Dubai International Airport in the face of such challenges.

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

Orbitshub

Recently uploaded (20)

MINDCTI Revenue Release Quarter One 2024

WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...

API Governance and Monetization - The evolution of API governance

Finding Java's Hidden Performance Traps @ DevoxxUK 2024

Choreo: Empowering the Future of Enterprise Software Engineering

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Exploring Multimodal Embeddings with Milvus

Why Teams call analytics are critical to your entire business

Platformless Horizons for Digital Adaptability

Quantum Leap in Next-Generation Computing

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

DBX First Quarter 2024 Investor Presentation

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...

AWS Community Day CPH - Three problems of Terraform

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam

CNIC Information System with Pakdata Cf In Pakistan

Vector Search -An Introduction in Oracle Database 23ai.pptx

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

KubeCon EU 2016: Bringing an open source Containerized Container Platform to Kubernetes

2. 2016

3. In the beginning… (2012)

4. The Go Landscape 2012

5. Apcera Platform The Instance Manager

6. Instance Manager State Machine Apocalypse ● Started out simple, but naive about the future ● Few small libraries… ● … but all integration logic was central ● 8 states ● 53 function handlers

7. Existing Weight ● Ubuntu base OS ● CAPS deployment ● .deb packaging ● Operational tooling

8. System Skew is a Problem ● Deploys non-atomic ● Different lifecycle per host ● Operational access

10. A New Model Kurma ● Minimize host dependencies ● Everything is a container ● Simple notions that could be easily extended ● Simple, well defined APIs

11. What is Kurma made of? Existing ● Go + C ● App Container (AppC) ● Apcera’s existing instrumentation Coming soon ● Go + C ● AppC ● libcontainer based ● CNI for networking

12. What is Kurma made of? Existing ● Go + C ● App Container (AppC) ● Apcera’s existing instrumentation Coming soon ● Go + C ● AppC ● libcontainer based ● CNI for networking

13. Delivery kurmad ● Existing host ● Download and run ● Immediately benefit ● Depends on host kernel and libc kurmaOS ● Minimalist distro ● Services as containers ● A/B partition model ● Console is just a container

14. Delivery kurmad ● Existing host ● Download and run ● Immediately benefit ● Depends on host kernel and libc kurmaOS ● Minimalist distro ● Services as containers ● A/B partition model ● Console is just a container

15. Kurma Process Model

16. Kurma Stager Process

17. Kurma User Processes

18. Stager Pluggable Process Orchestration ● Responsible for instrumenting the pod ● Packaged as a signed, trusted ACI image ● Gets own mount and network namespace

19. Stager API ● Simplest unit of work: an executable ● Setup via image ‘Exec’ setting ● Other calls through expected executables – /opt/stager/run – /opt/stager/status – /opt/stager/logs – ...

20. Kurma Reusable Unit

21. Kurma Reusable Unit for Extensibility

22. Networking API ● ACI image ● Passes along JSON configuration ● Executes commands to setup networking on other containers – /opt/network/add <ns> <container-id> – /opt/network/del <ns> <container-id>

23. Kurma Reusable Unit for Extensibility /opt/stager/run cni /opt/network/add ...

24. Kurma Extensibility Through Reuse

25. Kurma Extensibility Through Reuse

26. Kurma Extending Boundries with Semantics

27. Kurma Remote API

28. Kubernetes + Kurma

29. Why? ● Kurma usage outside Apcera ● Increased platform flexibility ● Integrating with broader community

30. Kubelet ● Has existing Runtime interface ● Rich interface for engine communication ● Kubelet is a bit of a leaky abstraction ● Workarounds for Dockerisms

31. Testing ● Mystical ● Documentation gaps ● Excellent Github/PR integration

32. Codebase ● Godep pains ● “hack” directory? ● Documentation gaps ● Interface movement Runtime.ConvertPodStatusToAPIPodStatus()

33. Kurmanetes ● Maturing Kurma based on Kubernetes needs – Pods – Networking – Image management ● Runtime abstraction nearly complete

34. Kurmanetes ● Done – Pod management – Image retrieval and management ● Remaining – Landing Kurma’s pod/stager branch – cAdvisor integration – Integration testing – Work towards improving the abstraction leaks

35. Questions?

36. Resources Kurma kurma.io github.com/apcera/kurma Me ken@apcera.com @krobertson We’re hiring for the Kurma team.

KubeCon EU 2016: Bringing an open source Containerized Container Platform to Kubernetes

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to KubeCon EU 2016: Bringing an open source Containerized Container Platform to Kubernetes

Similar to KubeCon EU 2016: Bringing an open source Containerized Container Platform to Kubernetes (20)

More from KubeAcademy

More from KubeAcademy (20)

Recently uploaded

Recently uploaded (20)

KubeCon EU 2016: Bringing an open source Containerized Container Platform to Kubernetes