SlideShare a Scribd company logo

Orchestrating Linux Containers while tolerating failures

Docker, Inc.
Docker, Inc.

lthough containers are bringing a refreshing flexibility when deploying services in production, the management of those containers in such an environment still requires special care in order to keep the application up and running. In this regard, orchestration platforms like Docker, Kubernetes and Nomad have been trying to alleviate this responsibility, facilitating the task of deploying and maintaining the entire application stack in its desired state. This ensures that a service will be always running, tolerating machine failures, network erratic behavior or software updates and downtime. The purpose of this talk is to explain the mechanisms and architecture of the Docker Engine orchestration platform (using a framework called swarmkit) to tolerate failures of services and machines, from cluster state replication and leader-election to container re-scheduling logic when a host goes down.

Technology
1 of 44
Download to read offline
Orchestrating Linux Containers while Tolerating Failures Container Camp, London September 9, 2016 Nishant Totla, Core Team Software Engineer, Docker Inc. @nishanttotla
What is a Linux Container? • A Linux container is a self-contained execution environment with isolated resources • The technology has been around for a while - LXC, FreeBSD Jails, Solaris Zones • The Docker project, open-sourced in 2013 made containers extremely popular and significantly easier to use
What is a Linux Container? • A Linux container is a self-contained execution environment with isolated resources • The technology has been around for a while - LXC, FreeBSD Jails, Solaris Zones • The Docker project, open-sourced in 2013 made containers extremely popular and significantly easier to use Source: Docker blog (August ‘16)
Real-world Applications • The growth of containers has brought a fresh perspective on deploying containerized applications, particularly microservices • This brings up interesting problems • Infrastructure • Deployment • Security • Networking • Scaling • Fault-tolerance • New tools and abstractions needed • Container Orchestration is the key!
Trends Docker Orchestration, etc.
Orchestration is Hard • Distributed Systems are hard to get right • Failures happen all the time! • Machines go down • Networks can fail or drop packets • Latency can cause unexpected scenarios
Can we make it easier to orchestrate real-world containerized applications?
Can we make it easier to orchestrate real-world containerized applications? à Swarm Mode in Docker 1.12
Swarm Mode in Docker 1.12 • Goals • It should be simple to setup and use a distributed cluster • It should be seamless to move from development to deployment
Swarm Mode in Docker 1.12 • Goals • It should be simple to setup and use a distributed cluster • It should be seamless to move from development to deployment • Starting with 1.12, Docker now has inbuilt orchestration • The easiest way to orchestrate Docker containers is now Docker • Multiple Docker Engines can be brought together to form a Swarm cluster • Really easy to manage applications on the cluster
The Docker approach to container orchestration 1. Swarm Topology 2. Managing Cluster State 3. Managing Application State Demo
Part 1: Swarm Topology
Single Node Cluster $ docker swarm init --advertise-addr 198.211.109.17 Engine
Adding another Node $ docker swarm init --advertise-addr 198.211.109.17 $ docker swarm join 198.211.109.17:2377 Engine Engine
More Nodes $ docker swarm init --advertise-addr 198.211.109.17 $ docker swarm join 198.211.109.17:2377 Engine Engine Engine Engine Engine
Managers and Workers • Swarm nodes can be workers or managers • Worker nodes • Run Tasks (containers) • Manager nodes • Run Tasks (containers) • Accept specifications from the user • Reconcile desired and and actual cluster state • Workers can be promoted to managers • Managers can be demoted to workers Engine Engine
Secure by Default with end to end Encryption • Cryptographic node identity • Automatic encryption and mutual auth (TLS) • Automatic certificate rotation • External CA integration • Encrypted communication Manager [TLS] [CA] Manager [TLS] [CA] Manager [TLS] [CA] Agent [TLS] Agent [TLS] Agent [TLS]
Part 2: Managing Cluster State
The Raft Algorithm • Raft is a popular distributed consensus algorithm • Features • Single leader performs all updates • Leader election – elect a leader • Log replication – replicate the log of cluster operations • Consensus is maintained as long as a majority of nodes are working
Raft Consensus Layer Manager Internal Distributed State Store Manager Manager Raft consensus group • Built on top of the etcd Raft library • Strongly consistent - holds desired state • Fast (in-memory reads, domain-specific indexing, batched operations) • Secure
Raft Consensus Layer • Swarm managers are crucial • Manager nodes form a Raft consensus group • No need to set up an external KV store • As long as a majority of managers are running, the cluster will function normally (should start with an odd number) • All managers can accept API requests (HA, no single point of failure)
Worker to Worker Gossip Engine Engine Engine EngineEngine Gossip Network • Different from Raft to keep Raft concise • High volume, p2p network between workers • Eventually consistent – networking, load balancing rules, etc. • Secure: symmetric encryption with key rotation in Raft
Putting it All Together
Full Architecture Engine Engine Engine EngineEngine Gossip Network Manager Internal Distributed State Store Manager Manager Raft consensus group gRPC
Part 3: Managing Application State
A Higher Level of Abstraction • From containers to services $ docker run $ docker service create • Docker services • Allow declarative specification • Work seamlessly on any number of nodes • Perform desired state reconciliation • Can be scaled or updated easily
Services $ docker service create --replicas 3 --name frontend --network mynet --publish 8080:80 frontend_image:1.0 Engine Engine Engine Engine Engine mynet
Swarm Routing Mesh • All nodes expose port 8080 for myapp • Routing mesh ensures traffic is routed transparently to a running container of the service Manager Agent 1 Agent 2 Agent 3 $ docker service create --replicas 3 --name frontend --network mynet --publish 8080:80 frontend_image:1.0 :8080 :8080 :8080 :8080 access myapp.com:8080
Swarm Routing Mesh • Every service gets assigned a virtual IP (VIP) • Built-in DNS-based service discovery: service name resolves to service VIP • VIP round-robins between container IPs using Linux IPVS Manager Agent 1 Agent 2 Agent 3 $ docker service create --replicas 3 --name frontend --network mynet --publish 8080:80 frontend_image:1.0 :8080 :8080 :8080 :8080 access myapp.com:8080
Node Failure $ docker service create --replicas 3 --name frontend --network mynet --publish 8080:80 frontend_image:1.0 Engine Engine Engine Engine Engine mynet
Desired State ≠ Actual State Engine Engine Engine Engine mynet $ docker service create --replicas 3 --name frontend --network mynet --publish 8080:80 frontend_image:1.0
Converge back to Desired State Engine Engine Engine Engine mynet $ docker service create --replicas 3 --name frontend --network mynet --publish 8080:80 frontend_image:1.0
Service Scaling Engine Engine Engine Engine mynet $ docker service scale frontend=6
And more! • Global services • Configurable rolling updates • Constraints • Restart policies • Resource aware scheduling
Behind the scenes API Orchestrator Allocator Scheduler Dispatcher Worker Executor Manager node Worker node Accepts command from client and creates service object Reconciliation loop for service objects and updates tasks Allocates IP address to tasks Assigns nodes to tasks Dispatches tasks and checks in on workers (heartbeat) Connects to Dispatcher to check on assigned tasks Executes tasks assigned to worker node $ docker service create
Node Failure • Manager failure • Handled by the Raft algorithm, as long as consensus is maintained • Worker failure • Dispatcher detects a node is down (failed heartbeat) • Orchestrator reconciles tasks • Allocator, Scheduler, and Dispatcher redo the previous steps to set up new tasks
If Everything Fails $ docker swarm init --advertise-addr 198.211.109.17 --force-new-cluster • The flag forces an existing node that was part of a lost quorum to restart as a single node Manager without losing its data
To Conclude • Swarm mode in Docker 1.12 makes it very easy to create and manage a failure-tolerant cluster • Networking and security are handled out of the box • The service abstraction allows for a declarative specification of how the application is expected to run • Much more coming up in the next few releases!
Contributions welcome! • Docker open-source on GitHub • github.com/docker/swarmkit | github.com/docker/docker
Special thanks to my co-workers for helping out with this talk - Nathan LeClaire, - Alexandre Beslic, - Aaron Lehmann, - Drew Erny, - Jana Radhakrishnan, - Dongluo Chen
Nishant Totla @nishanttotla Thank You!
Constraints Engine Engine Engine Engine Engine $ docker daemon --label com.example.storage=“ssd” $ docker daemon --label com.example.storage=“ssd”
Constraints $ docker service create --replicas 5 --name frontend --network mynet --publish 8080:80 --constraint engine.labels.com.example.storage==ssd frontend_image:1.0 Engine Engine Engine Engine Engine mynet $ docker daemon --label com.example.storage=“ssd” $ docker daemon --label com.example.storage=“ssd”
Constraints Engine Engine Engine Engine Engine mynet $ docker daemon --label com.example.storage=“ssd” $ docker daemon --label com.example.storage=“ssd” $ docker service scale frontend=10

Recommended

Docker Datacenter Overview and Production Setup Slides
Docker Datacenter Overview and Production Setup SlidesDocker Datacenter Overview and Production Setup Slides
Docker Datacenter Overview and Production Setup Slides
Docker, Inc.
 
Docker Meetup 08 03-2016
Docker Meetup 08 03-2016Docker Meetup 08 03-2016
Docker Meetup 08 03-2016
Docker
 
Docker Online Meetup: Infrakit update and Q&A
Docker Online Meetup: Infrakit update and Q&ADocker Online Meetup: Infrakit update and Q&A
Docker Online Meetup: Infrakit update and Q&A
Docker, Inc.
 
Docker SF Meetup January 2016
Docker SF Meetup January 2016Docker SF Meetup January 2016
Docker SF Meetup January 2016
Patrick Chanezon
 
Container orchestration from theory to practice
Container orchestration from theory to practiceContainer orchestration from theory to practice
Container orchestration from theory to practice
Docker, Inc.
 
Docker HK Meetup - 201707
Docker HK Meetup - 201707Docker HK Meetup - 201707
Docker HK Meetup - 201707
Clarence Ho
 
Docker and Microsoft - Windows Server 2016 Technical Deep Dive
Docker and Microsoft - Windows Server 2016 Technical Deep DiveDocker and Microsoft - Windows Server 2016 Technical Deep Dive
Docker and Microsoft - Windows Server 2016 Technical Deep Dive
Docker, Inc.
 
Monitoring Dell Infrastructure using Docker & Microservices
Monitoring Dell Infrastructure using Docker & MicroservicesMonitoring Dell Infrastructure using Docker & Microservices
Monitoring Dell Infrastructure using Docker & Microservices
Ajeet Singh Raina
 

Recommended

Docker Datacenter Overview and Production Setup Slides
Docker Datacenter Overview and Production Setup SlidesDocker Datacenter Overview and Production Setup Slides
Docker Datacenter Overview and Production Setup Slides
Docker, Inc.
 
Docker Meetup 08 03-2016
Docker Meetup 08 03-2016Docker Meetup 08 03-2016
Docker Meetup 08 03-2016
Docker
 
Docker Online Meetup: Infrakit update and Q&A
Docker Online Meetup: Infrakit update and Q&ADocker Online Meetup: Infrakit update and Q&A
Docker Online Meetup: Infrakit update and Q&A
Docker, Inc.
 
Docker SF Meetup January 2016
Docker SF Meetup January 2016Docker SF Meetup January 2016
Docker SF Meetup January 2016
Patrick Chanezon
 
Container orchestration from theory to practice
Container orchestration from theory to practiceContainer orchestration from theory to practice
Container orchestration from theory to practice
Docker, Inc.
 
Docker HK Meetup - 201707
Docker HK Meetup - 201707Docker HK Meetup - 201707
Docker HK Meetup - 201707
Clarence Ho
 
Docker and Microsoft - Windows Server 2016 Technical Deep Dive
Docker and Microsoft - Windows Server 2016 Technical Deep DiveDocker and Microsoft - Windows Server 2016 Technical Deep Dive
Docker and Microsoft - Windows Server 2016 Technical Deep Dive
Docker, Inc.
 
Monitoring Dell Infrastructure using Docker & Microservices
Monitoring Dell Infrastructure using Docker & MicroservicesMonitoring Dell Infrastructure using Docker & Microservices
Monitoring Dell Infrastructure using Docker & Microservices
Ajeet Singh Raina
 
Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown
Dockerizing Windows Server Applications by Ender Barillas and Taylor BrownDockerizing Windows Server Applications by Ender Barillas and Taylor Brown
Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown
Docker, Inc.
 
Docker Container As A Service - March 2016
Docker Container As A Service - March 2016Docker Container As A Service - March 2016
Docker Container As A Service - March 2016
Patrick Chanezon
 
Docker Practice in Alibaba Cloud by Li Yi (Mark) & Zuhe Li (Sogo)
Docker Practice in Alibaba Cloud by Li Yi (Mark) & Zuhe Li (Sogo)Docker Practice in Alibaba Cloud by Li Yi (Mark) & Zuhe Li (Sogo)
Docker Practice in Alibaba Cloud by Li Yi (Mark) & Zuhe Li (Sogo)
Docker, Inc.
 
Securing your Containers
Securing your ContainersSecuring your Containers
Securing your Containers
Riyaz Faizullabhoy
 
Docker Security workshop slides
Docker Security workshop slidesDocker Security workshop slides
Docker Security workshop slides
Docker, Inc.
 
Demystifying puppet
Demystifying puppetDemystifying puppet
Demystifying puppet
Ajeet Singh Raina
 
Taking Docker to Production: What You Need to Know and Decide
Taking Docker to Production: What You Need to Know and DecideTaking Docker to Production: What You Need to Know and Decide
Taking Docker to Production: What You Need to Know and Decide
Docker, Inc.
 
Introduction to Docker - IndiaOpsUG
Introduction to Docker - IndiaOpsUGIntroduction to Docker - IndiaOpsUG
Introduction to Docker - IndiaOpsUG
Ajeet Singh Raina
 
Enabling Production Grade Containerized Applications through Policy Based Inf...
Enabling Production Grade Containerized Applications through Policy Based Inf...Enabling Production Grade Containerized Applications through Policy Based Inf...
Enabling Production Grade Containerized Applications through Policy Based Inf...
Docker, Inc.
 
Cloudfoundry Overview
Cloudfoundry OverviewCloudfoundry Overview
Cloudfoundry Overview
rajdeep
 
What's New in Docker 1.12?
What's New in Docker 1.12?What's New in Docker 1.12?
What's New in Docker 1.12?
Ajeet Singh Raina
 
Docker Roadshow 2016
Docker Roadshow 2016Docker Roadshow 2016
Docker Roadshow 2016
Docker, Inc.
 
Kubernetes - Sailing a Sea of Containers
Kubernetes - Sailing a Sea of ContainersKubernetes - Sailing a Sea of Containers
Kubernetes - Sailing a Sea of Containers
Kel Cecil
 
Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to Docker
Aditya Konarde
 
Docker on Docker
Docker on DockerDocker on Docker
Docker on Docker
Docker, Inc.
 
Online Meetup: What's new in docker 1.13.0
Online Meetup: What's new in docker 1.13.0 Online Meetup: What's new in docker 1.13.0
Online Meetup: What's new in docker 1.13.0
Docker, Inc.
 
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea LuzzardiWhat's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
Mike Goelzer
 
Online Meetup: Why should container system / platform builders care about con...
Online Meetup: Why should container system / platform builders care about con...Online Meetup: Why should container system / platform builders care about con...
Online Meetup: Why should container system / platform builders care about con...
Docker, Inc.
 
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
Patrick Chanezon
 
Production Ready Containers from IBM and Docker
Production Ready Containers from IBM and DockerProduction Ready Containers from IBM and Docker
Production Ready Containers from IBM and Docker
Docker, Inc.
 
Docker Networking Deep Dive
Docker Networking Deep DiveDocker Networking Deep Dive
Docker Networking Deep Dive
Docker, Inc.
 
containerd summit - Deep Dive into containerd
containerd summit - Deep Dive into containerdcontainerd summit - Deep Dive into containerd
containerd summit - Deep Dive into containerd
Docker, Inc.
 

More Related Content

What's hot

Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown
Dockerizing Windows Server Applications by Ender Barillas and Taylor BrownDockerizing Windows Server Applications by Ender Barillas and Taylor Brown
Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown
Docker, Inc.
 
Docker Container As A Service - March 2016
Docker Container As A Service - March 2016Docker Container As A Service - March 2016
Docker Container As A Service - March 2016
Patrick Chanezon
 
Docker Practice in Alibaba Cloud by Li Yi (Mark) & Zuhe Li (Sogo)
Docker Practice in Alibaba Cloud by Li Yi (Mark) & Zuhe Li (Sogo)Docker Practice in Alibaba Cloud by Li Yi (Mark) & Zuhe Li (Sogo)
Docker Practice in Alibaba Cloud by Li Yi (Mark) & Zuhe Li (Sogo)
Docker, Inc.
 
Securing your Containers
Securing your ContainersSecuring your Containers
Securing your Containers
Riyaz Faizullabhoy
 
Docker Security workshop slides
Docker Security workshop slidesDocker Security workshop slides
Docker Security workshop slides
Docker, Inc.
 
Demystifying puppet
Demystifying puppetDemystifying puppet
Demystifying puppet
Ajeet Singh Raina
 
Taking Docker to Production: What You Need to Know and Decide
Taking Docker to Production: What You Need to Know and DecideTaking Docker to Production: What You Need to Know and Decide
Taking Docker to Production: What You Need to Know and Decide
Docker, Inc.
 
Introduction to Docker - IndiaOpsUG
Introduction to Docker - IndiaOpsUGIntroduction to Docker - IndiaOpsUG
Introduction to Docker - IndiaOpsUG
Ajeet Singh Raina
 
Enabling Production Grade Containerized Applications through Policy Based Inf...
Enabling Production Grade Containerized Applications through Policy Based Inf...Enabling Production Grade Containerized Applications through Policy Based Inf...
Enabling Production Grade Containerized Applications through Policy Based Inf...
Docker, Inc.
 
Cloudfoundry Overview
Cloudfoundry OverviewCloudfoundry Overview
Cloudfoundry Overview
rajdeep
 
What's New in Docker 1.12?
What's New in Docker 1.12?What's New in Docker 1.12?
What's New in Docker 1.12?
Ajeet Singh Raina
 
Docker Roadshow 2016
Docker Roadshow 2016Docker Roadshow 2016
Docker Roadshow 2016
Docker, Inc.
 
Kubernetes - Sailing a Sea of Containers
Kubernetes - Sailing a Sea of ContainersKubernetes - Sailing a Sea of Containers
Kubernetes - Sailing a Sea of Containers
Kel Cecil
 
Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to Docker
Aditya Konarde
 
Docker on Docker
Docker on DockerDocker on Docker
Docker on Docker
Docker, Inc.
 
Online Meetup: What's new in docker 1.13.0
Online Meetup: What's new in docker 1.13.0 Online Meetup: What's new in docker 1.13.0
Online Meetup: What's new in docker 1.13.0
Docker, Inc.
 
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea LuzzardiWhat's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
Mike Goelzer
 
Online Meetup: Why should container system / platform builders care about con...
Online Meetup: Why should container system / platform builders care about con...Online Meetup: Why should container system / platform builders care about con...
Online Meetup: Why should container system / platform builders care about con...
Docker, Inc.
 
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
Patrick Chanezon
 
Production Ready Containers from IBM and Docker
Production Ready Containers from IBM and DockerProduction Ready Containers from IBM and Docker
Production Ready Containers from IBM and Docker
Docker, Inc.
 

What's hot (20)

Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown
Dockerizing Windows Server Applications by Ender Barillas and Taylor BrownDockerizing Windows Server Applications by Ender Barillas and Taylor Brown
Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown
 
Docker Container As A Service - March 2016
Docker Container As A Service - March 2016Docker Container As A Service - March 2016
Docker Container As A Service - March 2016
 
Docker Practice in Alibaba Cloud by Li Yi (Mark) & Zuhe Li (Sogo)
Docker Practice in Alibaba Cloud by Li Yi (Mark) & Zuhe Li (Sogo)Docker Practice in Alibaba Cloud by Li Yi (Mark) & Zuhe Li (Sogo)
Docker Practice in Alibaba Cloud by Li Yi (Mark) & Zuhe Li (Sogo)
 
Securing your Containers
Securing your ContainersSecuring your Containers
Securing your Containers
 
Docker Security workshop slides
Docker Security workshop slidesDocker Security workshop slides
Docker Security workshop slides
 
Demystifying puppet
Demystifying puppetDemystifying puppet
Demystifying puppet
 
Taking Docker to Production: What You Need to Know and Decide
Taking Docker to Production: What You Need to Know and DecideTaking Docker to Production: What You Need to Know and Decide
Taking Docker to Production: What You Need to Know and Decide
 
Introduction to Docker - IndiaOpsUG
Introduction to Docker - IndiaOpsUGIntroduction to Docker - IndiaOpsUG
Introduction to Docker - IndiaOpsUG
 
Enabling Production Grade Containerized Applications through Policy Based Inf...
Enabling Production Grade Containerized Applications through Policy Based Inf...Enabling Production Grade Containerized Applications through Policy Based Inf...
Enabling Production Grade Containerized Applications through Policy Based Inf...
 
Cloudfoundry Overview
Cloudfoundry OverviewCloudfoundry Overview
Cloudfoundry Overview
 
What's New in Docker 1.12?
What's New in Docker 1.12?What's New in Docker 1.12?
What's New in Docker 1.12?
 
Docker Roadshow 2016
Docker Roadshow 2016Docker Roadshow 2016
Docker Roadshow 2016
 
Kubernetes - Sailing a Sea of Containers
Kubernetes - Sailing a Sea of ContainersKubernetes - Sailing a Sea of Containers
Kubernetes - Sailing a Sea of Containers
 
Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to Docker
 
Docker on Docker
Docker on DockerDocker on Docker
Docker on Docker
 
Online Meetup: What's new in docker 1.13.0
Online Meetup: What's new in docker 1.13.0 Online Meetup: What's new in docker 1.13.0
Online Meetup: What's new in docker 1.13.0
 
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea LuzzardiWhat's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
 
Online Meetup: Why should container system / platform builders care about con...
Online Meetup: Why should container system / platform builders care about con...Online Meetup: Why should container system / platform builders care about con...
Online Meetup: Why should container system / platform builders care about con...
 
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
 
Production Ready Containers from IBM and Docker
Production Ready Containers from IBM and DockerProduction Ready Containers from IBM and Docker
Production Ready Containers from IBM and Docker
 

Viewers also liked

Docker Networking Deep Dive
Docker Networking Deep DiveDocker Networking Deep Dive
Docker Networking Deep Dive
Docker, Inc.
 
containerd summit - Deep Dive into containerd
containerd summit - Deep Dive into containerdcontainerd summit - Deep Dive into containerd
containerd summit - Deep Dive into containerd
Docker, Inc.
 
Docker Online Meetup: Announcing Docker CE + EE
Docker Online Meetup: Announcing Docker CE + EEDocker Online Meetup: Announcing Docker CE + EE
Docker Online Meetup: Announcing Docker CE + EE
Docker, Inc.
 
Heart of the SwarmKit: Store, Topology & Object Model
Heart of the SwarmKit: Store, Topology & Object ModelHeart of the SwarmKit: Store, Topology & Object Model
Heart of the SwarmKit: Store, Topology & Object Model
Docker, Inc.
 
Cilium - BPF & XDP for containers
Cilium - BPF & XDP for containers Cilium - BPF & XDP for containers
Cilium - BPF & XDP for containers
Docker, Inc.
 
Talking TUF: Securing Software Distribution
Talking TUF: Securing Software DistributionTalking TUF: Securing Software Distribution
Talking TUF: Securing Software Distribution
Docker, Inc.
 
'The History of Metrics According to me' by Stephen Day
'The History of Metrics According to me' by Stephen Day'The History of Metrics According to me' by Stephen Day
'The History of Metrics According to me' by Stephen Day
Docker, Inc.
 
Prometheus design and philosophy
Prometheus design and philosophy Prometheus design and philosophy
Prometheus design and philosophy
Docker, Inc.
 
Orchestrating Least Privilege by Diogo Monica
Orchestrating Least Privilege by Diogo Monica Orchestrating Least Privilege by Diogo Monica
Orchestrating Least Privilege by Diogo Monica
Docker, Inc.
 
Infinit: Modern Storage Platform for Container Environments
Infinit: Modern Storage Platform for Container EnvironmentsInfinit: Modern Storage Platform for Container Environments
Infinit: Modern Storage Platform for Container Environments
Docker, Inc.
 
Persistent storage tailored for containers
Persistent storage tailored for containersPersistent storage tailored for containers
Persistent storage tailored for containers
Docker, Inc.
 
Using Docker Swarm Mode to Deploy Service Without Loss by Dongluo Chen & Nish...
Using Docker Swarm Mode to Deploy Service Without Loss by Dongluo Chen & Nish...Using Docker Swarm Mode to Deploy Service Without Loss by Dongluo Chen & Nish...
Using Docker Swarm Mode to Deploy Service Without Loss by Dongluo Chen & Nish...
Docker, Inc.
 
Containerd - core container runtime component
Containerd - core container runtime component Containerd - core container runtime component
Containerd - core container runtime component
Docker, Inc.
 
Docker Networking: Control plane and Data plane
Docker Networking: Control plane and Data planeDocker Networking: Control plane and Data plane
Docker Networking: Control plane and Data plane
Docker, Inc.
 
Docker 101 - Nov 2016
Docker 101 - Nov 2016Docker 101 - Nov 2016
Docker 101 - Nov 2016
Docker, Inc.
 
containerd and CRI
containerd and CRIcontainerd and CRI
containerd and CRI
Docker, Inc.
 
Driving containerd operations with gRPC
Driving containerd operations with gRPCDriving containerd operations with gRPC
Driving containerd operations with gRPC
Docker, Inc.
 
What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16
What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16 What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16
What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16
Docker, Inc.
 
Unikernels: the rise of the library hypervisor in MirageOS
Unikernels: the rise of the library hypervisor in MirageOSUnikernels: the rise of the library hypervisor in MirageOS
Unikernels: the rise of the library hypervisor in MirageOS
Docker, Inc.
 
Test What You Write, Ship What You Test
Test What You Write, Ship What You TestTest What You Write, Ship What You Test
Test What You Write, Ship What You TestDocker, Inc.
 

Viewers also liked (20)

Docker Networking Deep Dive
Docker Networking Deep DiveDocker Networking Deep Dive
Docker Networking Deep Dive
 
containerd summit - Deep Dive into containerd
containerd summit - Deep Dive into containerdcontainerd summit - Deep Dive into containerd
containerd summit - Deep Dive into containerd
 
Docker Online Meetup: Announcing Docker CE + EE
Docker Online Meetup: Announcing Docker CE + EEDocker Online Meetup: Announcing Docker CE + EE
Docker Online Meetup: Announcing Docker CE + EE
 
Heart of the SwarmKit: Store, Topology & Object Model
Heart of the SwarmKit: Store, Topology & Object ModelHeart of the SwarmKit: Store, Topology & Object Model
Heart of the SwarmKit: Store, Topology & Object Model
 
Cilium - BPF & XDP for containers
Cilium - BPF & XDP for containers Cilium - BPF & XDP for containers
Cilium - BPF & XDP for containers
 
Talking TUF: Securing Software Distribution
Talking TUF: Securing Software DistributionTalking TUF: Securing Software Distribution
Talking TUF: Securing Software Distribution
 
'The History of Metrics According to me' by Stephen Day
'The History of Metrics According to me' by Stephen Day'The History of Metrics According to me' by Stephen Day
'The History of Metrics According to me' by Stephen Day
 
Prometheus design and philosophy
Prometheus design and philosophy Prometheus design and philosophy
Prometheus design and philosophy
 
Orchestrating Least Privilege by Diogo Monica
Orchestrating Least Privilege by Diogo Monica Orchestrating Least Privilege by Diogo Monica
Orchestrating Least Privilege by Diogo Monica
 
Infinit: Modern Storage Platform for Container Environments
Infinit: Modern Storage Platform for Container EnvironmentsInfinit: Modern Storage Platform for Container Environments
Infinit: Modern Storage Platform for Container Environments
 
Persistent storage tailored for containers
Persistent storage tailored for containersPersistent storage tailored for containers
Persistent storage tailored for containers
 
Using Docker Swarm Mode to Deploy Service Without Loss by Dongluo Chen & Nish...
Using Docker Swarm Mode to Deploy Service Without Loss by Dongluo Chen & Nish...Using Docker Swarm Mode to Deploy Service Without Loss by Dongluo Chen & Nish...
Using Docker Swarm Mode to Deploy Service Without Loss by Dongluo Chen & Nish...
 
Containerd - core container runtime component
Containerd - core container runtime component Containerd - core container runtime component
Containerd - core container runtime component
 
Docker Networking: Control plane and Data plane
Docker Networking: Control plane and Data planeDocker Networking: Control plane and Data plane
Docker Networking: Control plane and Data plane
 
Docker 101 - Nov 2016
Docker 101 - Nov 2016Docker 101 - Nov 2016
Docker 101 - Nov 2016
 
containerd and CRI
containerd and CRIcontainerd and CRI
containerd and CRI
 
Driving containerd operations with gRPC
Driving containerd operations with gRPCDriving containerd operations with gRPC
Driving containerd operations with gRPC
 
What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16
What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16 What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16
What's New in Docker 1.12 by Nishant Totla for Docker SF Meetup 08.03.16
 
Unikernels: the rise of the library hypervisor in MirageOS
Unikernels: the rise of the library hypervisor in MirageOSUnikernels: the rise of the library hypervisor in MirageOS
Unikernels: the rise of the library hypervisor in MirageOS
 
Test What You Write, Ship What You Test
Test What You Write, Ship What You TestTest What You Write, Ship What You Test
Test What You Write, Ship What You Test
 

Similar to Orchestrating Linux Containers while tolerating failures

Docker Swarm and Traefik 2.0
Docker Swarm and Traefik 2.0Docker Swarm and Traefik 2.0
Docker Swarm and Traefik 2.0
Jakub Hajek
 
Rami Sayar - Node microservices with Docker
Rami Sayar - Node microservices with DockerRami Sayar - Node microservices with Docker
Rami Sayar - Node microservices with Docker
Web à Québec
 
Everything you need to know about Docker
Everything you need to know about DockerEverything you need to know about Docker
Everything you need to know about Docker
Alican Akkuş
 
Demystfying container-networking
Demystfying container-networkingDemystfying container-networking
Demystfying container-networking
Balasundaram Natarajan
 
Killer Docker Workflows for Development
Killer Docker Workflows for DevelopmentKiller Docker Workflows for Development
Killer Docker Workflows for Development
Chris Tankersley
 
Docker Container Security
Docker Container SecurityDocker Container Security
Docker Container Security
Suraj Khetani
 
Dokcer swarm
Dokcer swarmDokcer swarm
Dokcer swarm
Tanmay Mehra
 
Docker and kubernetes
Docker and kubernetesDocker and kubernetes
Docker and kubernetes
Dongwon Kim
 
Docker Introduction
Docker IntroductionDocker Introduction
Docker Introduction
Jeffrey Ellin
 
Containers 101
Containers 101Containers 101
Containers 101
Black Duck by Synopsys
 
MariaDB on Docker
MariaDB on DockerMariaDB on Docker
MariaDB on Docker
MariaDB plc
 
Docker Orchestration: Welcome to the Jungle! Devoxx & Docker Meetup Tour Nov ...
Docker Orchestration: Welcome to the Jungle! Devoxx & Docker Meetup Tour Nov ...Docker Orchestration: Welcome to the Jungle! Devoxx & Docker Meetup Tour Nov ...
Docker Orchestration: Welcome to the Jungle! Devoxx & Docker Meetup Tour Nov ...
Patrick Chanezon
 
Docker
DockerDocker
Docker
Codeister Technolgoies
 
Oracle CODE 2017 San Francisco: Docker on Raspi Swarm to OCCS
Oracle CODE 2017 San Francisco: Docker on Raspi Swarm to OCCSOracle CODE 2017 San Francisco: Docker on Raspi Swarm to OCCS
Oracle CODE 2017 San Francisco: Docker on Raspi Swarm to OCCS
Frank Munz
 
DockerCon EU 2015 Barcelona
DockerCon EU 2015 BarcelonaDockerCon EU 2015 Barcelona
DockerCon EU 2015 Barcelona
Roman Dembitsky
 
Docker Introduction
Docker IntroductionDocker Introduction
Docker Introduction
Peng Xiao
 
stackconf 2020 | Replace your Docker based Containers with Cri-o Kata Contain...
stackconf 2020 | Replace your Docker based Containers with Cri-o Kata Contain...stackconf 2020 | Replace your Docker based Containers with Cri-o Kata Contain...
stackconf 2020 | Replace your Docker based Containers with Cri-o Kata Contain...
NETWAYS
 
Containers orchestrators: Docker vs. Kubernetes
Containers orchestrators: Docker vs. KubernetesContainers orchestrators: Docker vs. Kubernetes
Containers orchestrators: Docker vs. Kubernetes
Dmitry Lazarenko
 
Collabnix Online Webinar - Demystifying Docker & Kubernetes Networking by Bal...
Collabnix Online Webinar - Demystifying Docker & Kubernetes Networking by Bal...Collabnix Online Webinar - Demystifying Docker & Kubernetes Networking by Bal...
Collabnix Online Webinar - Demystifying Docker & Kubernetes Networking by Bal...
Ajeet Singh Raina
 
Putting Kafka In Jail – Best Practices To Run Kafka On Kubernetes & DC/OS
Putting Kafka In Jail – Best Practices To Run Kafka On Kubernetes & DC/OSPutting Kafka In Jail – Best Practices To Run Kafka On Kubernetes & DC/OS
Putting Kafka In Jail – Best Practices To Run Kafka On Kubernetes & DC/OS
Lightbend
 

Similar to Orchestrating Linux Containers while tolerating failures (20)

Docker Swarm and Traefik 2.0
Docker Swarm and Traefik 2.0Docker Swarm and Traefik 2.0
Docker Swarm and Traefik 2.0
 
Rami Sayar - Node microservices with Docker
Rami Sayar - Node microservices with DockerRami Sayar - Node microservices with Docker
Rami Sayar - Node microservices with Docker
 
Everything you need to know about Docker
Everything you need to know about DockerEverything you need to know about Docker
Everything you need to know about Docker
 
Demystfying container-networking
Demystfying container-networkingDemystfying container-networking
Demystfying container-networking
 
Killer Docker Workflows for Development
Killer Docker Workflows for DevelopmentKiller Docker Workflows for Development
Killer Docker Workflows for Development
 
Docker Container Security
Docker Container SecurityDocker Container Security
Docker Container Security
 
Dokcer swarm
Dokcer swarmDokcer swarm
Dokcer swarm
 
Docker and kubernetes
Docker and kubernetesDocker and kubernetes
Docker and kubernetes
 
Docker Introduction
Docker IntroductionDocker Introduction
Docker Introduction
 
Containers 101
Containers 101Containers 101
Containers 101
 
MariaDB on Docker
MariaDB on DockerMariaDB on Docker
MariaDB on Docker
 
Docker Orchestration: Welcome to the Jungle! Devoxx & Docker Meetup Tour Nov ...
Docker Orchestration: Welcome to the Jungle! Devoxx & Docker Meetup Tour Nov ...Docker Orchestration: Welcome to the Jungle! Devoxx & Docker Meetup Tour Nov ...
Docker Orchestration: Welcome to the Jungle! Devoxx & Docker Meetup Tour Nov ...
 
Docker
DockerDocker
Docker
 
Oracle CODE 2017 San Francisco: Docker on Raspi Swarm to OCCS
Oracle CODE 2017 San Francisco: Docker on Raspi Swarm to OCCSOracle CODE 2017 San Francisco: Docker on Raspi Swarm to OCCS
Oracle CODE 2017 San Francisco: Docker on Raspi Swarm to OCCS
 
DockerCon EU 2015 Barcelona
DockerCon EU 2015 BarcelonaDockerCon EU 2015 Barcelona
DockerCon EU 2015 Barcelona
 
Docker Introduction
Docker IntroductionDocker Introduction
Docker Introduction
 
stackconf 2020 | Replace your Docker based Containers with Cri-o Kata Contain...
stackconf 2020 | Replace your Docker based Containers with Cri-o Kata Contain...stackconf 2020 | Replace your Docker based Containers with Cri-o Kata Contain...
stackconf 2020 | Replace your Docker based Containers with Cri-o Kata Contain...
 
Containers orchestrators: Docker vs. Kubernetes
Containers orchestrators: Docker vs. KubernetesContainers orchestrators: Docker vs. Kubernetes
Containers orchestrators: Docker vs. Kubernetes
 
Collabnix Online Webinar - Demystifying Docker & Kubernetes Networking by Bal...
Collabnix Online Webinar - Demystifying Docker & Kubernetes Networking by Bal...Collabnix Online Webinar - Demystifying Docker & Kubernetes Networking by Bal...
Collabnix Online Webinar - Demystifying Docker & Kubernetes Networking by Bal...
 
Putting Kafka In Jail – Best Practices To Run Kafka On Kubernetes & DC/OS
Putting Kafka In Jail – Best Practices To Run Kafka On Kubernetes & DC/OSPutting Kafka In Jail – Best Practices To Run Kafka On Kubernetes & DC/OS
Putting Kafka In Jail – Best Practices To Run Kafka On Kubernetes & DC/OS
 

More from Docker, Inc.

Containerize Your Game Server for the Best Multiplayer Experience
Containerize Your Game Server for the Best Multiplayer Experience Containerize Your Game Server for the Best Multiplayer Experience
Containerize Your Game Server for the Best Multiplayer Experience
Docker, Inc.
 
How to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker BuildHow to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker Build
Docker, Inc.
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWS
Docker, Inc.
 
Securing Your Containerized Applications with NGINX
Securing Your Containerized Applications with NGINXSecuring Your Containerized Applications with NGINX
Securing Your Containerized Applications with NGINX
Docker, Inc.
 
How To Build and Run Node Apps with Docker and Compose
How To Build and Run Node Apps with Docker and ComposeHow To Build and Run Node Apps with Docker and Compose
How To Build and Run Node Apps with Docker and Compose
Docker, Inc.
 
Hands-on Helm
Hands-on Helm Hands-on Helm
Hands-on Helm
Docker, Inc.
 
Distributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at SalesforceDistributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at Salesforce
Docker, Inc.
 
The First 10M Pulls: Building The Official Curl Image for Docker Hub
The First 10M Pulls: Building The Official Curl Image for Docker HubThe First 10M Pulls: Building The Official Curl Image for Docker Hub
The First 10M Pulls: Building The Official Curl Image for Docker Hub
Docker, Inc.
 
Monitoring in a Microservices World
Monitoring in a Microservices WorldMonitoring in a Microservices World
Monitoring in a Microservices World
Docker, Inc.
 
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
Docker, Inc.
 
Predicting Space Weather with Docker
Predicting Space Weather with DockerPredicting Space Weather with Docker
Predicting Space Weather with Docker
Docker, Inc.
 
Become a Docker Power User With Microsoft Visual Studio Code
Become a Docker Power User With Microsoft Visual Studio CodeBecome a Docker Power User With Microsoft Visual Studio Code
Become a Docker Power User With Microsoft Visual Studio Code
Docker, Inc.
 
How to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container RegistryHow to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container Registry
Docker, Inc.
 
Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!
Docker, Inc.
 
Kubernetes at Datadog Scale
Kubernetes at Datadog ScaleKubernetes at Datadog Scale
Kubernetes at Datadog Scale
Docker, Inc.
 
Labels, Labels, Labels
Labels, Labels, Labels Labels, Labels, Labels
Labels, Labels, Labels
Docker, Inc.
 
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment ModelUsing Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Docker, Inc.
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWS
Docker, Inc.
 
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
Docker, Inc.
 
Developing with Docker for the Arm Architecture
Developing with Docker for the Arm ArchitectureDeveloping with Docker for the Arm Architecture
Developing with Docker for the Arm Architecture
Docker, Inc.
 

More from Docker, Inc. (20)

Containerize Your Game Server for the Best Multiplayer Experience
Containerize Your Game Server for the Best Multiplayer Experience Containerize Your Game Server for the Best Multiplayer Experience
Containerize Your Game Server for the Best Multiplayer Experience
 
How to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker BuildHow to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker Build
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWS
 
Securing Your Containerized Applications with NGINX
Securing Your Containerized Applications with NGINXSecuring Your Containerized Applications with NGINX
Securing Your Containerized Applications with NGINX
 
How To Build and Run Node Apps with Docker and Compose
How To Build and Run Node Apps with Docker and ComposeHow To Build and Run Node Apps with Docker and Compose
How To Build and Run Node Apps with Docker and Compose
 
Hands-on Helm
Hands-on Helm Hands-on Helm
Hands-on Helm
 
Distributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at SalesforceDistributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at Salesforce
 
The First 10M Pulls: Building The Official Curl Image for Docker Hub
The First 10M Pulls: Building The Official Curl Image for Docker HubThe First 10M Pulls: Building The Official Curl Image for Docker Hub
The First 10M Pulls: Building The Official Curl Image for Docker Hub
 
Monitoring in a Microservices World
Monitoring in a Microservices WorldMonitoring in a Microservices World
Monitoring in a Microservices World
 
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
 
Predicting Space Weather with Docker
Predicting Space Weather with DockerPredicting Space Weather with Docker
Predicting Space Weather with Docker
 
Become a Docker Power User With Microsoft Visual Studio Code
Become a Docker Power User With Microsoft Visual Studio CodeBecome a Docker Power User With Microsoft Visual Studio Code
Become a Docker Power User With Microsoft Visual Studio Code
 
How to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container RegistryHow to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container Registry
 
Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!
 
Kubernetes at Datadog Scale
Kubernetes at Datadog ScaleKubernetes at Datadog Scale
Kubernetes at Datadog Scale
 
Labels, Labels, Labels
Labels, Labels, Labels Labels, Labels, Labels
Labels, Labels, Labels
 
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment ModelUsing Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWS
 
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
 
Developing with Docker for the Arm Architecture
Developing with Docker for the Arm ArchitectureDeveloping with Docker for the Arm Architecture
Developing with Docker for the Arm Architecture
 

Recently uploaded

Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
Frank van Harmelen
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
Product School
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Product School
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Product School
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 

Recently uploaded (20)

Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 

Orchestrating Linux Containers while tolerating failures

  • 1. Orchestrating Linux Containers while Tolerating Failures Container Camp, London September 9, 2016 Nishant Totla, Core Team Software Engineer, Docker Inc. @nishanttotla
  • 2. What is a Linux Container? • A Linux container is a self-contained execution environment with isolated resources • The technology has been around for a while - LXC, FreeBSD Jails, Solaris Zones • The Docker project, open-sourced in 2013 made containers extremely popular and significantly easier to use
  • 3. What is a Linux Container? • A Linux container is a self-contained execution environment with isolated resources • The technology has been around for a while - LXC, FreeBSD Jails, Solaris Zones • The Docker project, open-sourced in 2013 made containers extremely popular and significantly easier to use Source: Docker blog (August ‘16)
  • 4. Real-world Applications • The growth of containers has brought a fresh perspective on deploying containerized applications, particularly microservices • This brings up interesting problems • Infrastructure • Deployment • Security • Networking • Scaling • Fault-tolerance • New tools and abstractions needed • Container Orchestration is the key!
  • 6. Orchestration is Hard • Distributed Systems are hard to get right • Failures happen all the time! • Machines go down • Networks can fail or drop packets • Latency can cause unexpected scenarios
  • 7. Can we make it easier to orchestrate real-world containerized applications?
  • 8. Can we make it easier to orchestrate real-world containerized applications? à Swarm Mode in Docker 1.12
  • 9. Swarm Mode in Docker 1.12 • Goals • It should be simple to setup and use a distributed cluster • It should be seamless to move from development to deployment
  • 10. Swarm Mode in Docker 1.12 • Goals • It should be simple to setup and use a distributed cluster • It should be seamless to move from development to deployment • Starting with 1.12, Docker now has inbuilt orchestration • The easiest way to orchestrate Docker containers is now Docker • Multiple Docker Engines can be brought together to form a Swarm cluster • Really easy to manage applications on the cluster
  • 11. The Docker approach to container orchestration 1. Swarm Topology 2. Managing Cluster State 3. Managing Application State Demo
  • 12. Part 1: Swarm Topology
  • 13. Single Node Cluster $ docker swarm init --advertise-addr 198.211.109.17 Engine
  • 14. Adding another Node $ docker swarm init --advertise-addr 198.211.109.17 $ docker swarm join 198.211.109.17:2377 Engine Engine
  • 15. More Nodes $ docker swarm init --advertise-addr 198.211.109.17 $ docker swarm join 198.211.109.17:2377 Engine Engine Engine Engine Engine
  • 16. Managers and Workers • Swarm nodes can be workers or managers • Worker nodes • Run Tasks (containers) • Manager nodes • Run Tasks (containers) • Accept specifications from the user • Reconcile desired and and actual cluster state • Workers can be promoted to managers • Managers can be demoted to workers Engine Engine
  • 17. Secure by Default with end to end Encryption • Cryptographic node identity • Automatic encryption and mutual auth (TLS) • Automatic certificate rotation • External CA integration • Encrypted communication Manager [TLS] [CA] Manager [TLS] [CA] Manager [TLS] [CA] Agent [TLS] Agent [TLS] Agent [TLS]
  • 18. Part 2: Managing Cluster State
  • 19. The Raft Algorithm • Raft is a popular distributed consensus algorithm • Features • Single leader performs all updates • Leader election – elect a leader • Log replication – replicate the log of cluster operations • Consensus is maintained as long as a majority of nodes are working
  • 20. Raft Consensus Layer Manager Internal Distributed State Store Manager Manager Raft consensus group • Built on top of the etcd Raft library • Strongly consistent - holds desired state • Fast (in-memory reads, domain-specific indexing, batched operations) • Secure
  • 21. Raft Consensus Layer • Swarm managers are crucial • Manager nodes form a Raft consensus group • No need to set up an external KV store • As long as a majority of managers are running, the cluster will function normally (should start with an odd number) • All managers can accept API requests (HA, no single point of failure)
  • 22. Worker to Worker Gossip Engine Engine Engine EngineEngine Gossip Network • Different from Raft to keep Raft concise • High volume, p2p network between workers • Eventually consistent – networking, load balancing rules, etc. • Secure: symmetric encryption with key rotation in Raft
  • 23. Putting it All Together
  • 24. Full Architecture Engine Engine Engine EngineEngine Gossip Network Manager Internal Distributed State Store Manager Manager Raft consensus group gRPC
  • 25. Part 3: Managing Application State
  • 26. A Higher Level of Abstraction • From containers to services $ docker run $ docker service create • Docker services • Allow declarative specification • Work seamlessly on any number of nodes • Perform desired state reconciliation • Can be scaled or updated easily
  • 27. Services $ docker service create --replicas 3 --name frontend --network mynet --publish 8080:80 frontend_image:1.0 Engine Engine Engine Engine Engine mynet
  • 28. Swarm Routing Mesh • All nodes expose port 8080 for myapp • Routing mesh ensures traffic is routed transparently to a running container of the service Manager Agent 1 Agent 2 Agent 3 $ docker service create --replicas 3 --name frontend --network mynet --publish 8080:80 frontend_image:1.0 :8080 :8080 :8080 :8080 access myapp.com:8080
  • 29. Swarm Routing Mesh • Every service gets assigned a virtual IP (VIP) • Built-in DNS-based service discovery: service name resolves to service VIP • VIP round-robins between container IPs using Linux IPVS Manager Agent 1 Agent 2 Agent 3 $ docker service create --replicas 3 --name frontend --network mynet --publish 8080:80 frontend_image:1.0 :8080 :8080 :8080 :8080 access myapp.com:8080
  • 30. Node Failure $ docker service create --replicas 3 --name frontend --network mynet --publish 8080:80 frontend_image:1.0 Engine Engine Engine Engine Engine mynet
  • 31. Desired State ≠ Actual State Engine Engine Engine Engine mynet $ docker service create --replicas 3 --name frontend --network mynet --publish 8080:80 frontend_image:1.0
  • 32. Converge back to Desired State Engine Engine Engine Engine mynet $ docker service create --replicas 3 --name frontend --network mynet --publish 8080:80 frontend_image:1.0
  • 34. And more! • Global services • Configurable rolling updates • Constraints • Restart policies • Resource aware scheduling
  • 35. Behind the scenes API Orchestrator Allocator Scheduler Dispatcher Worker Executor Manager node Worker node Accepts command from client and creates service object Reconciliation loop for service objects and updates tasks Allocates IP address to tasks Assigns nodes to tasks Dispatches tasks and checks in on workers (heartbeat) Connects to Dispatcher to check on assigned tasks Executes tasks assigned to worker node $ docker service create
  • 36. Node Failure • Manager failure • Handled by the Raft algorithm, as long as consensus is maintained • Worker failure • Dispatcher detects a node is down (failed heartbeat) • Orchestrator reconciles tasks • Allocator, Scheduler, and Dispatcher redo the previous steps to set up new tasks
  • 37. If Everything Fails $ docker swarm init --advertise-addr 198.211.109.17 --force-new-cluster • The flag forces an existing node that was part of a lost quorum to restart as a single node Manager without losing its data
  • 38. To Conclude • Swarm mode in Docker 1.12 makes it very easy to create and manage a failure-tolerant cluster • Networking and security are handled out of the box • The service abstraction allows for a declarative specification of how the application is expected to run • Much more coming up in the next few releases!
  • 39. Contributions welcome! • Docker open-source on GitHub • github.com/docker/swarmkit | github.com/docker/docker
  • 40. Special thanks to my co-workers for helping out with this talk - Nathan LeClaire, - Alexandre Beslic, - Aaron Lehmann, - Drew Erny, - Jana Radhakrishnan, - Dongluo Chen
  • 42. Constraints Engine Engine Engine Engine Engine $ docker daemon --label com.example.storage=“ssd” $ docker daemon --label com.example.storage=“ssd”
  • 43. Constraints $ docker service create --replicas 5 --name frontend --network mynet --publish 8080:80 --constraint engine.labels.com.example.storage==ssd frontend_image:1.0 Engine Engine Engine Engine Engine mynet $ docker daemon --label com.example.storage=“ssd” $ docker daemon --label com.example.storage=“ssd”
  • 44. Constraints Engine Engine Engine Engine Engine mynet $ docker daemon --label com.example.storage=“ssd” $ docker daemon --label com.example.storage=“ssd” $ docker service scale frontend=10