Challenges of containers in production

Transcript

1. Challenges of containers in production Thursday, 27. April 2017 @

   code.talks commerce special Andy Grunwald / @andygrunwald

2. Andy Grunwald

3. Andy Grunwald

4. Andy Grunwald Site Reliability- and Platform Engineering @andygrunwald andygrunwald

5. A few basics ...

6. None
7. None
8. None
9. None

10. Kurma rkt Jetpack Jails Zones cgroups LXC OCI appc runc

    libcontainer chroot systemd- nspawn libvirt

11. Kurma rkt Jetpack Jails Zones cgroups LXC OCI appc runc

    libcontainer chroot systemd- nspawn libvirt

12. Kurma rkt Jetpack Jails Zones cgroups LXC OCI appc runc

    libcontainer chroot systemd- nspawn libvirt Specs / Organisations OS Features Runtimes Tools
13. None

14. 10 And what about the future ?

15. 10 And what about the future ?

16. 10 And what about the future ?

17. 10 And what about the future ?

18. None

19. 12 Our ship is our datacenter / cloud

20. 12 Our ship is our datacenter / cloud

21. 12 Our ship is our datacenter / cloud

22. 12 Our ship is our datacenter / cloud

23. “Apache Mesos abstracts CPU, memory, storage, and other compute resources

    away from machines (physical or virtual), enabling fault-tolerant and elastic distributed systems to easily be built and run effectively.” Mesos website mesos.apache.org 13

24. Program against your datacenter like it’s a single pool of

    resources.
25. None
26. None

27. This is awesome, because ...

28. Things in production ...

29. None

30. J.A.R.V.I.S. Just A Rather Very Intelligent Scheduler

31. None
32. None

33. Does it compile? Ship it! We can do this, but

    ...

34. Your application Logs in stdout and stderr, Configuration by env

    vars, ...

35. Your application Logs in stdout and stderr, Configuration by env

    vars, ... https://12factor.net/

36. 25 When we start with a green field project ...

37. 25 When we start with a green field project ...

    1. Codebase
 One codebase tracked in revision control, ... 2. Dependencies
 Explicitly declare and isolate dependencies 3. Config
 Store config in the environment 4. Backing services
 Treat backing services as attached resources 5. Build, release, run
 Strictly separate build and run stages 6. Processes
 Execute the app as [...] stateless processes

38. 25 When we start with a green field project ...

    1. Codebase
 One codebase tracked in revision control, ... 2. Dependencies
 Explicitly declare and isolate dependencies 3. Config
 Store config in the environment 4. Backing services
 Treat backing services as attached resources 5. Build, release, run
 Strictly separate build and run stages 6. Processes
 Execute the app as [...] stateless processes 7. Port binding
 Export services via port binding 8. Concurrency
 Scale out via the process model 9. Disposability
 Robustness with fast startup / graceful shutdown 10.Dev/prod parity
 Keep dev, stage and prod as similar as possible 11.Logs
 Treat logs as event streams 12.Admin processes
 Run management tasks as one-off processes
39. None

40. Docker API Backwards Compatibility is hard

41. 28 $ docker ps Error response from daemon: client and


    server don't have same version (client: 1.13, server: 1.12)

42. Docker Registry Layers over layers and maintenance is necessary ...

43. None

44. Configuration Management What was your $$$ investment?

45. None

46. 33 $ docker build ... $ docker run -v ./playbooks:files

    ... $ docker diff ... $ docker commit ...

47. Operating System Support Docker + Kubernetes (Golang), Mesos (C++, Java,

    Scala)
48. None
49. None

50. State or no State Rely on data on the same

    node?
51. None

52. Distributed Systems ... Leader election, Communication between nodes, ...

53. Distributed Systems ... Leader election, Communication between nodes, ... https://aphyr.com/

54. None
55. None
56. None

57. Networking / Linking Between containers and different machines / racks

    / datacenter
58. None

59. Monitoring Internal and external metrics ... Everything in your container?

60. The cloud solves everything AWS Elastic Container Service to the

    rescue

61. And a lot more things ... Service discovery, load balancing,

    size of an image, 
 security / 0-day issues, fragmented ecosystem, 
 garbage collection, fast changing environment, ...

62. Challenges of containers in production Thursday, 27. April 2017 @

    code.talks commerce special Andy Grunwald / @andygrunwald