inside-BigData.com, profile picture
Uploaded byinside-BigData.com
PDF, PPTX1,646 views

The State of Linux Containers

The document discusses the state of Linux containers and the Docker ecosystem, highlighting its architecture, components, and containerization concepts. It emphasizes the integration of various technologies like Docker Swarm, SLURM, and Consul for orchestration and service discovery in high-performance computing. Additionally, it addresses challenges and opportunities arising from adopting new technologies in traditional environments.

Embed presentation

Download as PDF, PPTX
ssThe State of Linux Containers
2 Gaikai PS Now announcement at CES 2014
3 Gaikai - caching + controller feedback
1. “Linux Container” / “Docker Ecosystem” in a Nutshell 2. Confusion about Ecosystem / Vision to tackle it 3. Docker -> SWARM -> SLURM 
 -> BigData 4. Discussion of Opportunities and Problems 4 Agenda
The Bits and Pieces…
Userland (OS)Userland (OS) Userland (OS) Userland (OS) Ubuntu:14.04 Ubuntu:15.10 RHEL7.2 Tiny Core Linux Linux Containers 6 SERVER HOST KERNEL HYPERVISOR KERNEL SERVICE Userland (OS) KERNEL KERNEL Userland (OS)Userland (OS) Userland (OS) SERVICE SERVICE SERVER HOST KERNEL SERVICE SERVICE SERVICE Traditional Virtualisation Containerisation Containers do not spin up a distinct kernel all containers & the host share the same user-lands are independent they are separated by Kernel Namespaces
Containers are ‘grouped processes’ isolated by Kernel Namespaces resource restrictions applicable through CGroups (disk/netIO) HOST container1 7 Kernel Namespaces bash ls -l container2 apache container3 mysqld consul consul PIDNamespaces: Network Mount IPC UTS container4 slurmd ssh consul
Container Runtime Daemon creates/…/removes containers, exposes REST API handles Namespaces, CGroups, bind-mounts, etc. IP connectivity by default via ‘host-only’ network bridge Docker Engine 8 SERVER eth0 docker0 container1 container2 Docker-Engine
Docker Compose 9 Describes stack of container configurations instead of writing a small bash script… … it holds the runtime configuration as YAML file.
Docker Networking spans networks across engines KV-store to synchronise (Zookeeper, etcd, Consul) VXLAN to pass messages along SERVER0 SERVER1 SERVER<n> Docker Networking 10 Consul Docker-Engine Consul Consul Docker-Engine Docker-Engine Consul DC global container0 container1 containerN
Docker Swarm proxies docker-engines serves an API endpoint in front of multiple docker-engines does placement decisions. SERVER0 SERVER1 SERVER<n> Docker Swarm 11 Docker-Engine Docker-Engine Docker-Engine swarm-client swarm-client swarm-client swarm-master :2376 :2376 :2376 :2375 container1 -e constraint:node==SERVER0
Docker Swarm [cont] 12 query docker-enginequery docker-swarm
Introduce new Technologies
Introducing new Tech 14 Self-perception when introducing new tech… credit: TF2 - Meet the Pyro
Introducing new Tech 15 … not always the same as the perception of others. credit: TF2 - Meet the Pyro
Docker Buzzword Chaos! Distributions Solutions Auto-Scaling On-Premise & OverSpill Orchestration self-healing 16 production-ready enterprise-grade
1. No special distributions useful for certain use-cases, such as elasticity and green-field deployment not so much for an on-premise datacenter w/ legacy in it. 2. Leverage existing processes/resources install workflow, syslog, monitoring security (ssh infrastructure), user auth. 3. keep up with docker ecosystem incorporate new features of engine, swarm, compose networking, volumes, user-namespaces 17 Vision
Reduce to the max!
Hardware (courtesy of ) 8x Sun Fire x2250, 2x 4core XEON, 32GB, Mellanox ConnectX-2) Software Base installation CentOS 7.2 base installation (updated from 7-alpha) Ansible consul, sensu docker v1.10, docker-compose docker SWARM 19 Testbed
node1 node2 node8 20 Docker Networking Synchronised by Consul Consul Consul
 DC Consul Consul Docker-Engine Docker-Engine Docker-Engine
node1 node2 node8 21 Docker SWARM Docker SWARM Synchronised by Consul KV- store Consul Consul
 DC Consul Consul Docker-Engine Docker-Engine Docker-Engine swarm swarm SWARM swarm master
node8 node2 node1 22 SLURM Cluster Consul Consul
 DC Consul Consul SLURM within SWARM slurmctld slurmd slurmd slurmd Docker-Engine Docker-Engine Docker-Engine swarm swarm SWARM swarm master SLURM
23 SLURM Cluster [cont]
node8 node2 node1 24 SLURM Cluster [cont] Consul Consul
 DC Consul Consul SLURM within SWARM slurmd within app-container pre-stage containers slurmctld slurmd slurmd slurmd Docker-Engine Docker-Engine Docker-Engine swarm swarm hpcg hpcg SWARM hpcg swarm master SLURM
25 MPI Benchmark http://qnib.org/mpi http://qnib.org/mpi-paper
node8 node2 node1 26 SLURM Cluster [cont] Consul Consul
 DC Consul Consul SLURM within SWARM slurmd within app-container pre-stage containers slurmctld slurmd slurmd slurmd Docker-Engine Docker-Engine Docker-Engine swarm swarm hpcg hpcg SWARM hpcg OpenFOAM OpenFOAM OpenFOAM swarm master SLURM
27 OpenFOAM Benchmark http://qnib.org/immutable http://qnib.org/immutable-paper
node1 node2 node8 28 Samza Cluster Consul Consul
 DC Consul Consul Distributed Samza Zookeeper and Kafka cluster Samza instances to run jobs Docker-Engine Docker-Engine Docker-Engine swarm swarm SWARM swarm masterzookeeper zookeeper zookeeper kafka kafka kafka samza samza samza $ cat test.log |awk ‘{print $1}’ |sed -e ’s/HPC/BigData/g’ |tee out.log
To Be Explored
1. Where to base images on? Ubuntu/Fedora: ~200MB Debian: ~100MB Alpine Linux: 5MB (musl-libc) 2. Trimm the Images down at all cost? How about debugging tools? Possibility to run tools on the host and ‘inspect’ namespaced processes inside of a container. If PID-sharing arrives, carving out (e.g.) monitoring could be a thing. 30 Small vs. Big
1. In an ideal world… a container only runs one process, e.g. the HPC solver. 2. In reality… MPI want’s to connect to a sshd within the job-peers monitoring, syslog, service discovery should be present as well. 3. How fast / aggressive to break traditional approaches? 31 One vs. Many Processes
Plugin System VXLAN MACVLAN How about IPoIB? 32 Docker Network
Running OpenFOAM on small scale is cumbersome manually install OpenFOAM on a workstation be confident that the installation works correctly A containerised OpenFOAM installation tackles both 33 Reproducibility / Downscaling http://qnib.org/immutablehttp://qnib.org/immutable-paper
1. Since the environments are rather dynamic… how does the containers discover services? external registry as part of the framework? discovery service as part of the container stacks? 34 Service Discovery
With Docker Swarm it is rather easy to spin up a Kubernetes or Mesos cluster within Swarm. 35 Orchestration Frameworks SERVER0 SERVER1 SERVER<n> Docker-Engine Docker-Engine Docker-Engine swarm-client swarm-client swarm-client swarm-master etcd kubelet scheduler apiserver etcd kubelet etcd kubelet
1. Containers should be controlled via ENV or flags External access/change of a running container is discouraged 2. Configuration management Downgraded to bootstrap a host? 36 Immutable vs. Config Mgmt
If containers are immutable within pipeline testing/deployment should be automated developers should have a production replica 37 Continuous Dev./Integration
38 Docker Momentum Software Dev DatacenterOps IT Tinkering (Hello World) Continuous Dev/Int/Dep Microservices, hyper scale Big Data High Performance Computing HPC Disclaimer: subjective exaggeration
Spinning up production-like environment is great MongoDB, PostreSQL, memcached as separate containers python2.7, python3.4 39 Docker in Software Development Like python’s virtualenv on steroids, iteration speedup through reproducibility
Spinning up production-like environment is… …not that easy focus more on engineer/scientist, not the software-developer 1. For development it might work close to non-HPC software dev 2. But is that the iteration-focus? rather job settings / input data? 40 Docker in HPC development
Split input iteration / development from operation non-distributed stays vanilla transition to HPC cluster using tech to foster operation 41 Separation of Concerns? http://gmkurtzer.github.io/singularity Input/Dev
Docker-Engine 1.11 will not be the parent of containers runC usage under the hood 42 containerd Integration
1. Separat Dev and Ops don’t block the momentum fostering 
 iteration speed in Development  2. Using vanilla docker-tech keep up with the ecosystem and prevent vendor/ecosystem lock-in 3. 80/20 rule have caveats on the radar but don’t bother too much everything is so fast moving - it’s hard to predict 43 Recap aka. IMHO
Q&A https://github.com/qnib/hpcac-cluster2016 http://qnib.org eGalea Workshop (Pisa)
 <plz ping me if you are interested> 23.06.2016

More Related Content

PDF
VMware NSX 101: What, Why & How
byAniekan Akpaffiong
 
PDF
HPC Best Practices: Application Performance Optimization
byinside-BigData.com
 
PDF
VMware NSX for vSphere - Intro and use cases
byAngel Villar Garea
 
PPTX
Software Defined Networking(SDN) and practical implementation_trupti
bytrups7778
 
PDF
SUSE KVM Ecosystem
byPatrick Quairoli
 
PDF
Unified Underlay and Overlay SDNs for OpenStack Clouds
byPLUMgrid
 
PDF
[OpenStack Day in Korea 2015] Keynote 5 - The evolution of OpenStack Networking
byOpenStack Korea Community
 
PDF
[2015-05월 세미나] Network Bottlenecks Mutiply with NFV Don't Forget Performance ...
byOpenStack Korea Community
 
VMware NSX 101: What, Why & How
byAniekan Akpaffiong
 
HPC Best Practices: Application Performance Optimization
byinside-BigData.com
 
VMware NSX for vSphere - Intro and use cases
byAngel Villar Garea
 
Software Defined Networking(SDN) and practical implementation_trupti
bytrups7778
 
SUSE KVM Ecosystem
byPatrick Quairoli
 
Unified Underlay and Overlay SDNs for OpenStack Clouds
byPLUMgrid
 
[OpenStack Day in Korea 2015] Keynote 5 - The evolution of OpenStack Networking
byOpenStack Korea Community
 
[2015-05월 세미나] Network Bottlenecks Mutiply with NFV Don't Forget Performance ...
byOpenStack Korea Community
 

What's hot

PDF
NSX Reference Design version 3.0
byDoddi Priyambodo
 
PDF
VMware NSX - Lessons Learned from real project
byDavid Pasek
 
PDF
VMware NSX + Cumulus Networks: Software Defined Networking
byCumulus Networks
 
PDF
Presentation cloud orchestration
byxKinAnx
 
PPTX
Introduction to the Helium release of OpenDaylight
bySDN Hub
 
ODP
Introduction to Red Hat
byAlbert Wong
 
PDF
Building Resilient Applications with Cloudflare DNS
byDevOps.com
 
PPTX
DPDK IPSec performance benchmark ~ Georgii Tkachuk
byIntel
 
PDF
Cloud Computing using OpenStack
byJobayer Almahmud Hossain (RHCA, RHCDS, RHCSS)
 
PDF
Cisco UCS for OpenStack Cloud
byLora O'Haver
 
PPTX
Cont0519
bySamuel Dratwa
 
PPTX
BRKSDN-2115
byRohit Agarwalla
 
PDF
Introduction to Apache Mesos and DC/OS
bySteve Wong
 
PPTX
VMworld 2015: VMware NSX Deep Dive
byVMworld
 
ODP
OpenSolaris Introduction
bysatyajit_t
 
PPTX
Virtualization technolegys for amdocs
bySamuel Dratwa
 
PDF
Opening Up Your Network with SDN
byOpen Networking Summits
 
PPTX
SDN Scale-out Testing at OpenStack Innovation Center (OSIC)
byPLUMgrid
 
PPTX
OpenStack: Everything You Need to Know To Get Started
byAll Things Open
 
PDF
SDN Service Provider use cases Network Function Virtualization (NFV)
byBrent Salisbury
 
NSX Reference Design version 3.0
byDoddi Priyambodo
 
VMware NSX - Lessons Learned from real project
byDavid Pasek
 
VMware NSX + Cumulus Networks: Software Defined Networking
byCumulus Networks
 
Presentation cloud orchestration
byxKinAnx
 
Introduction to the Helium release of OpenDaylight
bySDN Hub
 
Introduction to Red Hat
byAlbert Wong
 
Building Resilient Applications with Cloudflare DNS
byDevOps.com
 
DPDK IPSec performance benchmark ~ Georgii Tkachuk
byIntel
 
Cloud Computing using OpenStack
byJobayer Almahmud Hossain (RHCA, RHCDS, RHCSS)
 
Cisco UCS for OpenStack Cloud
byLora O'Haver
 
Cont0519
bySamuel Dratwa
 
BRKSDN-2115
byRohit Agarwalla
 
Introduction to Apache Mesos and DC/OS
bySteve Wong
 
VMworld 2015: VMware NSX Deep Dive
byVMworld
 
OpenSolaris Introduction
bysatyajit_t
 
Virtualization technolegys for amdocs
bySamuel Dratwa
 
Opening Up Your Network with SDN
byOpen Networking Summits
 
SDN Scale-out Testing at OpenStack Innovation Center (OSIC)
byPLUMgrid
 
OpenStack: Everything You Need to Know To Get Started
byAll Things Open
 
SDN Service Provider use cases Network Function Virtualization (NFV)
byBrent Salisbury
 

Viewers also liked

PDF
Co-Design Architecture for Exascale
byinside-BigData.com
 
PDF
IBM Power8 announce
byAnna Landolfi
 
PPTX
Understanding the IBM Power Systems Advantage
byIBM Power Systems
 
PDF
IlOUG Tech Days 2016 - Big Data for Oracle Developers - Towards Spark, Real-T...
byMark Rittman
 
PDF
IBM POWER8 as an HPC platform
byAlexander Pozdneev
 
PDF
OpenPOWER Roadmap Toward CORAL
byinside-BigData.com
 
PDF
Oracle Solaris Cloud Management and Deployment with OpenStack
byOTN Systems Hub
 
PPTX
Bitcoin explained
byBenjamin Fuentes
 
PPTX
Puppet + Windows Nano Server
byAlessandro Pilotti
 
PDF
Solaris 11.2 What's New
byOrgad Kimchi
 
PDF
Oracle Solaris Software Integration
byOTN Systems Hub
 
PDF
Open Innovation with Power Systems
byIBM Power Systems
 
PDF
OpenPOWER Update
byinside-BigData.com
 
PPTX
Expert summit SQL Server 2016
byŁukasz Grala
 
PPTX
Accelerating Business Intelligence Solutions with Microsoft Azure pass
byJason Strate
 
PDF
Presentacin webinar move_up_to_power8_with_scale_out_servers_final
byDiego Alberto Tamayo
 
PPTX
Georgia Azure Event - Scalable cloud games using Microsoft Azure
byMicrosoft
 
PDF
Oracle Solaris Simple, Flexible, Fast: Virtualization in 11.3
byOTN Systems Hub
 
PDF
Oracle Solaris Build and Run Applications Better on 11.3
byOTN Systems Hub
 
PPTX
Blockchain
byBenjamin Fuentes
 
Co-Design Architecture for Exascale
byinside-BigData.com
 
IBM Power8 announce
byAnna Landolfi
 
Understanding the IBM Power Systems Advantage
byIBM Power Systems
 
IlOUG Tech Days 2016 - Big Data for Oracle Developers - Towards Spark, Real-T...
byMark Rittman
 
IBM POWER8 as an HPC platform
byAlexander Pozdneev
 
OpenPOWER Roadmap Toward CORAL
byinside-BigData.com
 
Oracle Solaris Cloud Management and Deployment with OpenStack
byOTN Systems Hub
 
Bitcoin explained
byBenjamin Fuentes
 
Puppet + Windows Nano Server
byAlessandro Pilotti
 
Solaris 11.2 What's New
byOrgad Kimchi
 
Oracle Solaris Software Integration
byOTN Systems Hub
 
Open Innovation with Power Systems
byIBM Power Systems
 
OpenPOWER Update
byinside-BigData.com
 
Expert summit SQL Server 2016
byŁukasz Grala
 
Accelerating Business Intelligence Solutions with Microsoft Azure pass
byJason Strate
 
Presentacin webinar move_up_to_power8_with_scale_out_servers_final
byDiego Alberto Tamayo
 
Georgia Azure Event - Scalable cloud games using Microsoft Azure
byMicrosoft
 
Oracle Solaris Simple, Flexible, Fast: Virtualization in 11.3
byOTN Systems Hub
 
Oracle Solaris Build and Run Applications Better on 11.3
byOTN Systems Hub
 
Blockchain
byBenjamin Fuentes
 

Similar to The State of Linux Containers

PDF
State of Linux Containers for HPC
byinside-BigData.com
 
PDF
Containerization is more than the new Virtualization: enabling separation of ...
byJérôme Petazzoni
 
PPTX
Introduction To Docker, Docker Compose, Docker Swarm
byAn Nguyen
 
PDF
Docker-v3.pdf
byBruno Cornec
 
PPTX
Intro to Docker November 2013
byDocker, Inc.
 
PDF
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
byCodemotion
 
PDF
Introduction to Docker - VIT Campus
byAjeet Singh Raina
 
PDF
Introduction to Containers
byDharmit Shah
 
PPTX
Docker introduction
bydotCloud
 
PDF
Containerization Is More than the New Virtualization
byC4Media
 
PDF
Going Production with Docker and Swarm
byC4Media
 
PDF
Swarm: Native Docker Clustering
byRoyee Tager
 
PDF
Docker Online Meetup #3: Docker in Production
byDocker, Inc.
 
PDF
Shipping Applications to Production in Containers with Docker
byJérôme Petazzoni
 
PDF
Introduction to Docker - Vellore Institute of Technology
byAjeet Singh Raina
 
PDF
Alibaba Cloud Conference 2016 - Docker Enterprise
byJohn Willis
 
PDF
11thDockerMeetupSwitzerland
byMichael Mueller
 
PPTX
The challenge of application distribution - Introduction to Docker (2014 dec ...
bySébastien Portebois
 
ODP
Docker and stuff
byRaimondas Rimkevičius
 
PDF
An Introduction to Configuring Domino for Docker
byGabriella Davis
 
State of Linux Containers for HPC
byinside-BigData.com
 
Containerization is more than the new Virtualization: enabling separation of ...
byJérôme Petazzoni
 
Introduction To Docker, Docker Compose, Docker Swarm
byAn Nguyen
 
Docker-v3.pdf
byBruno Cornec
 
Intro to Docker November 2013
byDocker, Inc.
 
Why everyone is excited about Docker (and you should too...) - Carlo Bonamic...
byCodemotion
 
Introduction to Docker - VIT Campus
byAjeet Singh Raina
 
Introduction to Containers
byDharmit Shah
 
Docker introduction
bydotCloud
 
Containerization Is More than the New Virtualization
byC4Media
 
Going Production with Docker and Swarm
byC4Media
 
Swarm: Native Docker Clustering
byRoyee Tager
 
Docker Online Meetup #3: Docker in Production
byDocker, Inc.
 
Shipping Applications to Production in Containers with Docker
byJérôme Petazzoni
 
Introduction to Docker - Vellore Institute of Technology
byAjeet Singh Raina
 
Alibaba Cloud Conference 2016 - Docker Enterprise
byJohn Willis
 
11thDockerMeetupSwitzerland
byMichael Mueller
 
The challenge of application distribution - Introduction to Docker (2014 dec ...
bySébastien Portebois
 
Docker and stuff
byRaimondas Rimkevičius
 
An Introduction to Configuring Domino for Docker
byGabriella Davis
 

More from inside-BigData.com

PDF
State of ARM-based HPC
byinside-BigData.com
 
PDF
CUDA-Python and RAPIDS for blazing fast scientific computing
byinside-BigData.com
 
PPTX
Transforming Private 5G Networks
byinside-BigData.com
 
PDF
How to Achieve High-Performance, Scalable and Distributed DNN Training on Mod...
byinside-BigData.com
 
PDF
Versal Premium ACAP for Network and Cloud Acceleration
byinside-BigData.com
 
PDF
Overview of HPC Interconnects
byinside-BigData.com
 
PDF
HPC at Scale Enabled by DDN A3i and NVIDIA SuperPOD
byinside-BigData.com
 
PDF
Machine Learning for Weather Forecasts
byinside-BigData.com
 
PDF
Introducing HPC with a Raspberry Pi Cluster
byinside-BigData.com
 
PDF
Energy Efficient Computing using Dynamic Tuning
byinside-BigData.com
 
PDF
The Incorporation of Machine Learning into Scientific Simulations at Lawrence...
byinside-BigData.com
 
PDF
Major Market Shifts in IT
byinside-BigData.com
 
PDF
Biohybrid Robotic Jellyfish for Future Applications in Ocean Monitoring
byinside-BigData.com
 
PPTX
HPC AI Advisory Council Update
byinside-BigData.com
 
PDF
Fugaku Supercomputer joins fight against COVID-19
byinside-BigData.com
 
PDF
Preparing to program Aurora at Exascale - Early experiences and future direct...
byinside-BigData.com
 
PDF
HPC Impact: EDA Telemetry Neural Networks
byinside-BigData.com
 
PDF
Evolving Cyberinfrastructure, Democratizing Data, and Scaling AI to Catalyze ...
byinside-BigData.com
 
PDF
Zettar: Moving Massive Amounts of Data across Any Distance Efficiently
byinside-BigData.com
 
PDF
Scaling TCO in a Post Moore's Era
byinside-BigData.com
 
State of ARM-based HPC
byinside-BigData.com
 
CUDA-Python and RAPIDS for blazing fast scientific computing
byinside-BigData.com
 
Transforming Private 5G Networks
byinside-BigData.com
 
How to Achieve High-Performance, Scalable and Distributed DNN Training on Mod...
byinside-BigData.com
 
Versal Premium ACAP for Network and Cloud Acceleration
byinside-BigData.com
 
Overview of HPC Interconnects
byinside-BigData.com
 
HPC at Scale Enabled by DDN A3i and NVIDIA SuperPOD
byinside-BigData.com
 
Machine Learning for Weather Forecasts
byinside-BigData.com
 
Introducing HPC with a Raspberry Pi Cluster
byinside-BigData.com
 
Energy Efficient Computing using Dynamic Tuning
byinside-BigData.com
 
The Incorporation of Machine Learning into Scientific Simulations at Lawrence...
byinside-BigData.com
 
Major Market Shifts in IT
byinside-BigData.com
 
Biohybrid Robotic Jellyfish for Future Applications in Ocean Monitoring
byinside-BigData.com
 
HPC AI Advisory Council Update
byinside-BigData.com
 
Fugaku Supercomputer joins fight against COVID-19
byinside-BigData.com
 
Preparing to program Aurora at Exascale - Early experiences and future direct...
byinside-BigData.com
 
HPC Impact: EDA Telemetry Neural Networks
byinside-BigData.com
 
Evolving Cyberinfrastructure, Democratizing Data, and Scaling AI to Catalyze ...
byinside-BigData.com
 
Zettar: Moving Massive Amounts of Data across Any Distance Efficiently
byinside-BigData.com
 
Scaling TCO in a Post Moore's Era
byinside-BigData.com
 

Recently uploaded

PDF
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
PDF
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
PDF
Agentic Automation for Testers – A Hands-On Deep Dive
byUiPathCommunity
 
PPTX
Basics of Identity Access Management In mordern Infrastructure
byPrinceXavier18
 
PDF
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
PPTX
Combining Induction and Transduction for Abstract Reasoning.pptx
byallen578468
 
PDF
Knowing and Doing: Knowledge graphs, AI, and work
bymarainglezakis1
 
PDF
Zero Trust & Defense-in-Depth: The Future of Critical Infrastructure Security
byYasir Naveed Riaz
 
PDF
How Mobile Apps Are Shaping the Future of Digital Innovation
byWilliam Taylor
 
PPTX
Ritesh_kumar_Aatmanirbhar Bharat: Make in India, Make for the World.pptx
byriteshrkgs2008
 
PDF
DIGITAL FORENSICS - Notes for Everything.pdf
bypankajkumavatbeit
 
PDF
TPPmark2025 Kenta Inoue's answer 12/04/2025
byKenta Inoue
 
PDF
Accelerating Responsible AI Adoption in Public Sector and Private Organizations.
byYasir Naveed Riaz
 
PPTX
RISE with SAP for Automotive - S4 HANA Value.pptx
byAmira Jemi
 
PDF
The Ultimate Guide to Problem Management Dashboards for IT Teams.pdf
byomnex systems
 
PDF
Greetings All Students Update 3 by Mia Corp
by©LDMMIA, ©Reiki Yoga
 
PDF
eResource Scheduler Enterprise Resource Management and Scheduling Software.pdf
byeResource Scheduler
 
PDF
Top Cybersecurity Threats 2025 Guide by Sureshdas
byPrintersassist
 
PDF
AI Technology important knowledge ......
byutkarshj2007
 
PDF
Ransomware_Resilience_Strategic_Playbook.pdf
byAfonso Henrique Rodrigues Alves
 
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
Agentic Automation for Testers – A Hands-On Deep Dive
byUiPathCommunity
 
Basics of Identity Access Management In mordern Infrastructure
byPrinceXavier18
 
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
Combining Induction and Transduction for Abstract Reasoning.pptx
byallen578468
 
Knowing and Doing: Knowledge graphs, AI, and work
bymarainglezakis1
 
Zero Trust & Defense-in-Depth: The Future of Critical Infrastructure Security
byYasir Naveed Riaz
 
How Mobile Apps Are Shaping the Future of Digital Innovation
byWilliam Taylor
 
Ritesh_kumar_Aatmanirbhar Bharat: Make in India, Make for the World.pptx
byriteshrkgs2008
 
DIGITAL FORENSICS - Notes for Everything.pdf
bypankajkumavatbeit
 
TPPmark2025 Kenta Inoue's answer 12/04/2025
byKenta Inoue
 
Accelerating Responsible AI Adoption in Public Sector and Private Organizations.
byYasir Naveed Riaz
 
RISE with SAP for Automotive - S4 HANA Value.pptx
byAmira Jemi
 
The Ultimate Guide to Problem Management Dashboards for IT Teams.pdf
byomnex systems
 
Greetings All Students Update 3 by Mia Corp
by©LDMMIA, ©Reiki Yoga
 
eResource Scheduler Enterprise Resource Management and Scheduling Software.pdf
byeResource Scheduler
 
Top Cybersecurity Threats 2025 Guide by Sureshdas
byPrintersassist
 
AI Technology important knowledge ......
byutkarshj2007
 
Ransomware_Resilience_Strategic_Playbook.pdf
byAfonso Henrique Rodrigues Alves
 

The State of Linux Containers

  • 1.
    ssThe State ofLinux Containers
  • 2.
  • 3.
  • 4.
    1. “Linux Container”/ “Docker Ecosystem” in a Nutshell 2. Confusion about Ecosystem / Vision to tackle it 3. Docker -> SWARM -> SLURM 
 -> BigData 4. Discussion of Opportunities and Problems 4 Agenda
  • 5.
    The Bits andPieces…
  • 6.
    Userland (OS)Userland (OS) Userland (OS) Userland (OS) Ubuntu:14.04 Ubuntu:15.10RHEL7.2 Tiny Core Linux Linux Containers 6 SERVER HOST KERNEL HYPERVISOR KERNEL SERVICE Userland (OS) KERNEL KERNEL Userland (OS)Userland (OS) Userland (OS) SERVICE SERVICE SERVER HOST KERNEL SERVICE SERVICE SERVICE Traditional Virtualisation Containerisation Containers do not spin up a distinct kernel all containers & the host share the same user-lands are independent they are separated by Kernel Namespaces
  • 7.
    Containers are ‘groupedprocesses’ isolated by Kernel Namespaces resource restrictions applicable through CGroups (disk/netIO) HOST container1 7 Kernel Namespaces bash ls -l container2 apache container3 mysqld consul consul PIDNamespaces: Network Mount IPC UTS container4 slurmd ssh consul
  • 8.
    Container Runtime Daemon creates/…/removescontainers, exposes REST API handles Namespaces, CGroups, bind-mounts, etc. IP connectivity by default via ‘host-only’ network bridge Docker Engine 8 SERVER eth0 docker0 container1 container2 Docker-Engine
  • 9.
    Docker Compose 9 Describes stackof container configurations instead of writing a small bash script… … it holds the runtime configuration as YAML file.
  • 10.
    Docker Networking spansnetworks across engines KV-store to synchronise (Zookeeper, etcd, Consul) VXLAN to pass messages along SERVER0 SERVER1 SERVER<n> Docker Networking 10 Consul Docker-Engine Consul Consul Docker-Engine Docker-Engine Consul DC global container0 container1 containerN
  • 11.
    Docker Swarm proxiesdocker-engines serves an API endpoint in front of multiple docker-engines does placement decisions. SERVER0 SERVER1 SERVER<n> Docker Swarm 11 Docker-Engine Docker-Engine Docker-Engine swarm-client swarm-client swarm-client swarm-master :2376 :2376 :2376 :2375 container1 -e constraint:node==SERVER0
  • 12.
    Docker Swarm [cont] 12 querydocker-enginequery docker-swarm
  • 13.
  • 14.
    Introducing new Tech 14 Self-perceptionwhen introducing new tech… credit: TF2 - Meet the Pyro
  • 15.
    Introducing new Tech 15 …not always the same as the perception of others. credit: TF2 - Meet the Pyro
  • 16.
    Docker Buzzword Chaos! Distributions Solutions Auto-Scaling On-Premise& OverSpill Orchestration self-healing 16 production-ready enterprise-grade
  • 17.
    1. No specialdistributions useful for certain use-cases, such as elasticity and green-field deployment not so much for an on-premise datacenter w/ legacy in it. 2. Leverage existing processes/resources install workflow, syslog, monitoring security (ssh infrastructure), user auth. 3. keep up with docker ecosystem incorporate new features of engine, swarm, compose networking, volumes, user-namespaces 17 Vision
  • 18.
  • 19.
    Hardware (courtesy of) 8x Sun Fire x2250, 2x 4core XEON, 32GB, Mellanox ConnectX-2) Software Base installation CentOS 7.2 base installation (updated from 7-alpha) Ansible consul, sensu docker v1.10, docker-compose docker SWARM 19 Testbed
  • 20.
    node1 node2 node8 20 Docker Networking Synchronised byConsul Consul Consul
 DC Consul Consul Docker-Engine Docker-Engine Docker-Engine
  • 21.
    node1 node2 node8 21 Docker SWARM Docker SWARM Synchronisedby Consul KV- store Consul Consul
 DC Consul Consul Docker-Engine Docker-Engine Docker-Engine swarm swarm SWARM swarm master
  • 22.
    node8 node2 node1 22 SLURM Cluster Consul Consul
 DC Consul Consul SLURM withinSWARM slurmctld slurmd slurmd slurmd Docker-Engine Docker-Engine Docker-Engine swarm swarm SWARM swarm master SLURM
  • 23.
  • 24.
    node8 node2 node1 24 SLURM Cluster [cont] Consul Consul
 DC Consul Consul SLURMwithin SWARM slurmd within app-container pre-stage containers slurmctld slurmd slurmd slurmd Docker-Engine Docker-Engine Docker-Engine swarm swarm hpcg hpcg SWARM hpcg swarm master SLURM
  • 25.
  • 26.
    node8 node2 node1 26 SLURM Cluster [cont] Consul Consul
 DC Consul Consul SLURMwithin SWARM slurmd within app-container pre-stage containers slurmctld slurmd slurmd slurmd Docker-Engine Docker-Engine Docker-Engine swarm swarm hpcg hpcg SWARM hpcg OpenFOAM OpenFOAM OpenFOAM swarm master SLURM
  • 27.
  • 28.
    node1 node2 node8 28 Samza Cluster Consul Consul
 DC Consul Consul Distributed Samza Zookeeperand Kafka cluster Samza instances to run jobs Docker-Engine Docker-Engine Docker-Engine swarm swarm SWARM swarm masterzookeeper zookeeper zookeeper kafka kafka kafka samza samza samza $ cat test.log |awk ‘{print $1}’ |sed -e ’s/HPC/BigData/g’ |tee out.log
  • 29.
  • 30.
    1. Where tobase images on? Ubuntu/Fedora: ~200MB Debian: ~100MB Alpine Linux: 5MB (musl-libc) 2. Trimm the Images down at all cost? How about debugging tools? Possibility to run tools on the host and ‘inspect’ namespaced processes inside of a container. If PID-sharing arrives, carving out (e.g.) monitoring could be a thing. 30 Small vs. Big
  • 31.
    1. In anideal world… a container only runs one process, e.g. the HPC solver. 2. In reality… MPI want’s to connect to a sshd within the job-peers monitoring, syslog, service discovery should be present as well. 3. How fast / aggressive to break traditional approaches? 31 One vs. Many Processes
  • 32.
    Plugin System VXLAN MACVLAN How aboutIPoIB? 32 Docker Network
  • 33.
    Running OpenFOAM onsmall scale is cumbersome manually install OpenFOAM on a workstation be confident that the installation works correctly A containerised OpenFOAM installation tackles both 33 Reproducibility / Downscaling http://qnib.org/immutablehttp://qnib.org/immutable-paper
  • 34.
    1. Since theenvironments are rather dynamic… how does the containers discover services? external registry as part of the framework? discovery service as part of the container stacks? 34 Service Discovery
  • 35.
    With Docker Swarmit is rather easy to spin up a Kubernetes or Mesos cluster within Swarm. 35 Orchestration Frameworks SERVER0 SERVER1 SERVER<n> Docker-Engine Docker-Engine Docker-Engine swarm-client swarm-client swarm-client swarm-master etcd kubelet scheduler apiserver etcd kubelet etcd kubelet
  • 36.
    1. Containers shouldbe controlled via ENV or flags External access/change of a running container is discouraged 2. Configuration management Downgraded to bootstrap a host? 36 Immutable vs. Config Mgmt
  • 37.
    If containers areimmutable within pipeline testing/deployment should be automated developers should have a production replica 37 Continuous Dev./Integration
  • 38.
    38 Docker Momentum Software Dev DatacenterOps ITTinkering (Hello World) Continuous Dev/Int/Dep Microservices, hyper scale Big Data High Performance Computing HPC Disclaimer: subjective exaggeration
  • 39.
    Spinning up production-likeenvironment is great MongoDB, PostreSQL, memcached as separate containers python2.7, python3.4 39 Docker in Software Development Like python’s virtualenv on steroids, iteration speedup through reproducibility
  • 40.
    Spinning up production-likeenvironment is… …not that easy focus more on engineer/scientist, not the software-developer 1. For development it might work close to non-HPC software dev 2. But is that the iteration-focus? rather job settings / input data? 40 Docker in HPC development
  • 41.
    Split input iteration/ development from operation non-distributed stays vanilla transition to HPC cluster using tech to foster operation 41 Separation of Concerns? http://gmkurtzer.github.io/singularity Input/Dev
  • 42.
    Docker-Engine 1.11 willnot be the parent of containers runC usage under the hood 42 containerd Integration
  • 43.
    1. Separat Devand Ops don’t block the momentum fostering 
 iteration speed in Development  2. Using vanilla docker-tech keep up with the ecosystem and prevent vendor/ecosystem lock-in 3. 80/20 rule have caveats on the radar but don’t bother too much everything is so fast moving - it’s hard to predict 43 Recap aka. IMHO
  • 44.