Mesos swam-kubernetes-vds-02062017
Download as PPTX, PDF7 likes1,217 views
This document provides an overview and comparison of common container orchestration platforms including Docker Swarm, Mesosphere DC/OS, and Kubernetes. It begins with an introduction to using containers without an orchestrator and the challenges that presents at scale. Examples of Docker Swarm, DC/OS, and Kubernetes demonstrations are then shown. The document analyzes the features and suitability of each orchestrator for both production and development uses before concluding with additional resources.
![© ZENIKA 2017
CONTAINERS WITHOUT AN ORCHESTRATOR
• Through command line
that's not for production of course (is it?)
• With custom (shell) script
one step towards your own orchestrator? (seriously?)
• With ansible [insert here another tool name providing a
nice syntax]
Immutable Infrastructure As Code?
H o w d o y o u s t a r t y o u r c o n t a i n e r s ?](https://image.slidesharecdn.com/mesos-swam-kubernetes-vds-02062017-170602065200/85/Mesos-swam-kubernetes-vds-02062017-4-320.jpg)
![© ZENIKA 2017
ORCHESTRATORS AND FRIENDS
• Kubernetes
• Docker Swarm
• Mesos + Marathon
• Rancher
• Nomad
• Titus (Mesos + Mantis [scheduling/job mgmt] + Titan)
• Deis (Kubernetes)
• Mantl (Mesos + Marathon and Kubernetes)
• Openshift V3 (Kubernetes)
• Kontena
• CloudFoundry
• ...
L o a d s o f o r c h e s t r a t o r s !](https://image.slidesharecdn.com/mesos-swam-kubernetes-vds-02062017-170602065200/85/Mesos-swam-kubernetes-vds-02062017-9-320.jpg)
![© ZENIKA 2017
DC/OS FEATURES
• Failure resiliency (provided by Frameworks)
• Service Discovery :
• VIPs (MinuteMan)
• Mesos DNS (A/IP [fixed port] or SRV)
• LoadBalancing : MarathonLB
• Rolling Upgrades and BlueGreen Deployments
• Persistent storage (limited to single instance of app):
• local persistent volume on single node
• external volumes
• 'Pods' since Mesos 1.1.0/marathon 1.4.04 / DCOS 1.9
o r c h e s t r a t i o n](https://image.slidesharecdn.com/mesos-swam-kubernetes-vds-02062017-170602065200/85/Mesos-swam-kubernetes-vds-02062017-21-320.jpg)
Mesos swam-kubernetes-vds-02062017
- 1. © ZENIKA 2017 All rights reserved - Proprietary & confidential Mesos vs Kubernetes vs Swarm : Fight! © ZENIKA 2017 All rights reserved - Proprietary & confidential Christophe Furmaniak / 2017-06-02
- 2. © ZENIKA 2017 /me Christophe Furmaniak: • Twitter : @cfurmaniak • Github : looztra • Docker hub store : looztra • Full-blown consultant for Zenika ( b e n e v o l e n t d i s c l a i m e r : I s u c k a t s l i d e s , b e s i d e s b e i n g F r e n c h )
- 3. © ZENIKA 2017 WARMUP • Who uses docker/containers on a daily basis? • In production? • Who has already "played" with an orchestrator? • Who is running an orchestrator in Production?
- 4. © ZENIKA 2017 CONTAINERS WITHOUT AN ORCHESTRATOR • Through command line that's not for production of course (is it?) • With custom (shell) script one step towards your own orchestrator? (seriously?) • With ansible [insert here another tool name providing a nice syntax] Immutable Infrastructure As Code? H o w d o y o u s t a r t y o u r c o n t a i n e r s ?
- 5. © ZENIKA 2017 CONTAINERS WITHOUT AN ORCHESTRATOR • Host port binding • auto-mapping (-P) • manual mapping ('port registry') service discovery for the win! • docker run -d -p 8000:80 ns/frontend • docker run -d -p 8080:8080 ns/api-server • docker run -d -p 6379:6379 ns/redis-master • docker run -d -p 6380:6379 ns/redis-slave H o w d o y o u m a k e y o u r c o n t a i n e r s c o m m u n i c a t e ?
- 6. © ZENIKA 2017 CONTAINERS WITHOUT AN ORCHESTRATOR Schedule containers on your hosts? (pets?) Deal with container/service/node failure? Deal with scale up/down? Deal with host maintenance? How do you do when your app gets more complex? Update your app's components? One by One... All at the same time... H o w d o y o u . . . ?
- 7. © ZENIKA 2017 NOT SUCH THING LIKE FREE LUNCH! Yo u a n d y o u r f r i e n d l y o p s d u r i n g d e l i v e r i e s
- 8. © ZENIKA 2017 CONTAINER ORCHESTRATION • Container scheduling/placement • Failover (containers, nodes, management) • Load Balancing • Service Discovery • Overlay Networks • Storage (distributed, persistent) • Secret Management • (Auto) Scaling • CLI and REST api • Deployment Configuration as Code • RBAC B y d e s i g n !
- 9. © ZENIKA 2017 ORCHESTRATORS AND FRIENDS • Kubernetes • Docker Swarm • Mesos + Marathon • Rancher • Nomad • Titus (Mesos + Mantis [scheduling/job mgmt] + Titan) • Deis (Kubernetes) • Mantl (Mesos + Marathon and Kubernetes) • Openshift V3 (Kubernetes) • Kontena • CloudFoundry • ... L o a d s o f o r c h e s t r a t o r s !
- 10. © ZENIKA 2017 HOW TO CHOOSE? • match your ops and dev (and others) expectations • support for modern software development strategies • support for modern operationnal strategies To o M a n y O r c h e s t r a t o r s E x c e p t i o n ?
- 11. © ZENIKA 2017 WHO SHOULD/WILL CHOOSE? • Container related strategies are usefull for both Dev and Ops! • There will be impacts on both Dev and Ops folks! F o r g e t a b o u t s i l o s , f o c u s o n D e v O p s C a l m S
- 12. © ZENIKA 2017 IMPACTS ON OPS FOLKS? • New (exciting) way to work! • Less pet nodes • More cattle => Infrastructure As Code (mandatory?) • New procedures and tools : • Network and Storage management • Metrics and Log management • Monitoring c a t / r o o t / e x c i t i n g . m d
- 13. © ZENIKA 2017 IMPACTS ON DEV FOLKS • New (exciting) way to work! • New notions like Service Discovery • More concerned: • Metrics • Healtchecks • Logs • Can I use it on my devbox? @ E x c i t i n g S t u ff
- 14. © ZENIKA 2017 DOCKER SWARM • Native orchestration shipped with Docker (since 1.12) • Replacement of 'stand alone Swarm' (swarm v1) • All-in, no external dependencies • Trivial setup • Secure by default (automatic TLS keying and signing) M o d e , S wa r m M o d e
- 15. © ZENIKA 2017 DOCKER SWARM DISTRIBUTIONS • Manual official setup • Azure Container Services (Engine Option) • Rancher (Orchestration Engine Option) • Ansible roles • Terraform recipes I n s t a l l i n g D o c k e r S wa r m
- 16. © ZENIKA 2017 DOCKER SWARM FEATURES • Declarative service model • Desired state reconciliation • Placement with labels and constraints • Overlay networks provide isolation • Service Discovery through DNS • Load Balancing • Rolling Upgrades • Persistent storage • Secrets O r c h e s t r a t i o n
- 17. © ZENIKA 2017 DOCKERCOINS! • It is a DockerCoin miner! • How DockerCoins works • DockerCoins application courtesy of Jérôme Petazzoni (https://github.com/jpetazzo) M i n e m i n e m i n e
- 18. © ZENIKA 2017 DOCKER SWARM DEMO (running on Azure Container Services thx to ACS Engine) D e m o
- 19. © ZENIKA 2017 MESOSPHERE DC/OS • DC/OS : Data Center Operating System • Mesosphere: the company that built DC/OS • Relies on Mesos, the underlying task scheduler • Frameworks: • Marathon for apps • Metronome for jobs • and others... D C / O S , M e s o s a n d F r i e n d s
- 20. © ZENIKA 2017 DC/OS AND MESOS DISTRIBUTIONS • Manual setup (dcos cli) • Rancher (Mesos and Marathon as orchestration engine) • Azure Container Service (engine option) • Ansible and Terraform recipes I n s t a l l i n g D C / O S a n d M e s o s
- 21. © ZENIKA 2017 DC/OS FEATURES • Failure resiliency (provided by Frameworks) • Service Discovery : • VIPs (MinuteMan) • Mesos DNS (A/IP [fixed port] or SRV) • LoadBalancing : MarathonLB • Rolling Upgrades and BlueGreen Deployments • Persistent storage (limited to single instance of app): • local persistent volume on single node • external volumes • 'Pods' since Mesos 1.1.0/marathon 1.4.04 / DCOS 1.9 o r c h e s t r a t i o n
- 22. © ZENIKA 2017 DC/OS DEMO (running on Azure Container Services) D e m o
- 23. © ZENIKA 2017 KUBERNETES • Groups containers that make up an application into logical units for easy management and discovery • Built upon 15 years of running production workloads at Google • Google and Redhat as contributors I n t r o d u c t i o n
- 24. © ZENIKA 2017 KUBERNETES DISTRIBUTIONS • kubeadm • Apprenda Kismatic • CoreOS Tectonic • Azure Container Service (engine option) • Rancher (engine option) • RedHat Openshift v3 • Ansible and Terraform recipes I n s t a l l K 8 S
- 25. © ZENIKA 2017 KUBERNETES FEATURES • Pods • Service Discovery • Load Balancing • Rolling Updates and BlueGreen deployments • Storage orchestration • Daemon Sets and Stateful/Pet Sets • Configuration Objects • Secrets O r c h e s t r a t i o n
- 26. © ZENIKA 2017 KUBERNETES DEMO (running on Azure Container Services) D e m o
- 27. © ZENIKA 2017 SWARM WRAP UP • quickest ramp-up, no vendor lock-in (except Docker :D) • good choice for simple web/stateless applications • not for complicated large scale app • no POD support • no RBAC • no UI (available in commercial Docker DataCenter) • no specific multi-datacenter support S h o u l d y o u s t a y o r s h o u l d y o u g o ?
- 28. © ZENIKA 2017 SWARM WRAP UP (FOCUS ON DEV) • docker-compose out of the box • local setup with docker swarm init S h o u l d y o u s t a y o r s h o u l d y o u g o ?
- 29. © ZENIKA 2017 DCOS WRAP UP • Also works for non-containerized apps • Packages available for well -know apps (DCOS Universe) • Nice for mixed apps • Tested with tens of thousands nodes • UIs and CLI • Support for multi-datacenters • Support for Authentication S h o u l d y o u s t a y o r s h o u l d y o u g o ?
- 30. © ZENIKA 2017 DCOS WRAP UP (continued) • More stacks to assemble/debug (DCOS/Mesos/Marathon/Mesos DNS/MarathonLB/...) • Load balancing between services can be more complicated • Overlay Network still a little bit tricky • Limited support for persistent volumes • Support for Authorization in the commercial DC/OS S h o u l d y o u s t a y o r s h o u l d y o u g o ?
- 31. © ZENIKA 2017 DCOS WRAP UP (FOCUS ON DEV) • native application deployment descriptor • docker-compose with the Docker Compose Executor • MiniMesos project (but limited support for frameworks) • you have to specify limits (memory, cpu) every time S h o u l d y o u s t a y o r s h o u l d y o u g o ?
- 32. © ZENIKA 2017 KUBERNETES WRAP UP • More feature rich and mature • Nice POD workload definition • Stateful/Pet sets to support stateful apps • Strong support from Google and RedHat • Strong community • Tested with thousands nodes • UI and CLI (kubectl) • RBAC support through Namespaces • Support for multi datacenters through Federation S h o u l d y o u s t a y o r s h o u l d y o u g o ?
- 33. © ZENIKA 2017 KUBERNETES WRAP UP (CONTINUED) • More complex (etcd, API server, scheduler, kubelet, kubeproxy, ...) • No network overlay by default (but easily installable throught pod networks) • No direct interaction with the docker daemon • Opinionated piece of software S h o u l d y o u s t a y o r s h o u l d y o u g o ?
- 34. © ZENIKA 2017 KUBERNETES WRAP UP (FOCUS ON DEV) • native application deployment descriptor • docker-compose support with project Kompose • packaging with Helm (by DEIS Microsoft) • ... and workflow with Draft (by Microsoft) • ksonnet to simply configuration • istio to connect, manage and secure microservices • local testing with MiniKube • ... or MiniShift (for the openshift version) S h o u l d y o u s t a y o r s h o u l d y o u g o ?
- 35. © ZENIKA 2017 META-ORCHESTRATION • Kubernetes in Mesos (link) • Swarm in Mesos (link) • Mesos, Kubernetes and Swarm in Rancher O r c h e s t r a t o r i n c e p t i o n
- 36. © ZENIKA 2017 POINTERS • Application Delivery with Mesosphere DC/OS • Mesos: a state of the art container orchestrator • Comparing Rancher orchestration engine option • Orchestration Kit / Devoxx France • Containerus Bellum by Octo (French) • Container Pods with Docker Compose in Mesos • Mesos Docker Compose Executor • Project Kompose • Helm Packager • Project Draft • Compose Version 3 N i c e t o s h a r e
- 37. © ZENIKA 2017 POINTERS (CONTINUED) • DockerCoins project source code • Docker Swarm Visualizer • MiniMesos • MiniKube • MiniShift • Ksonnet intro • Ksonnet • Istio M o r e n i c e t o s h a r e
- 38. © ZENIKA 2017 This is the end Thank You!
- 39. © ZENIKA 2017 or not... Questions?
Editor's Notes
- #23: How DockerCoins works: worker asks to rng to give it random bytes worker feeds those random bytes into hasher each hash starting with 0 is a DockerCoin DockerCoins are stored in redis redis is also updated every second to track speed you can see the progress with the webui