Clocker, Calico and Docker

Transcript

1. Clocker, Calico and Docker Running Workloads in the Cloud Andrew

   Kennedy, Container Con, 18 August 2015

2. @grkvlt Agenda • Introduction • Application Management • Networking with

   Calico • Demonstration • Roadmap • Questions Copyright 2015 by Cloudsoft Corporation Limited

3. Clocker  Introduction

4. None

5. @grkvlt Clocker Statistics • Open Source • 1 Year Old

   • 636 Commits • 131 Pull Requests • 10 Contributors • 2 External • 14 KLOC • 20 Releases http://www.redotheweb.com/CodeFlower/ Copyright 2015 by Cloudsoft Corporation Limited

6. @grkvlt • Application Management Platform • Deploy, Manage and Monitor

   Blueprints • Provisioning, Installation and Customization • Management • AutoScaling, Resilience, Performance, Security Apache Brooklyn

7. @grkvlt Apache jclouds • Java Cloud Library • API Agnostic

   • SoftLayer, OpenStack, AWS EC2, GCE… • Create Virtual Machines • Return SSH Endpoint • Create Containers • Docker REST API Copyright 2015 by Cloudsoft Corporation Limited

8. @grkvlt Docker • Containers • Isolation • Performance • Composable

   • Huge Ecosystem • Compute Abstraction • Process Wrapper

9. @grkvlt • Software-­‐Defined  Networking • Weave • Calico • Storage

    and  Volume  Management • Flocker • More  Being  Developed… • Native  Plugins Docker Extras

10. @grkvlt What does it do? 1. Spins up and Manages

    Docker Clusters in the Clouds 2. Serves up Containers on Demand 3. Manages Composite Application Deployments Copyright 2015 by Cloudsoft Corporation Limited

11. @grkvlt What does it provide? • Infrastructure Management • Docker

    Hosts • Swarm Controller • Multi Host and Multi Container Applications • Seamless Networking • Communication Between Services • Orchestration and Clustering • Control of Containers • Container Management Copyright 2015 by Cloudsoft Corporation Limited

12. @grkvlt Clocker and Brooklyn Summary • What is it? •

    Brooklyn Application • Brooklyn Location • What does it provide? • First Class Docker Support in Brooklyn • Optimized Brooklyn Blueprints for Docker • Container Orchestration Copyright 2015 by Cloudsoft Corporation Limited

13. Application  Management

14. @grkvlt Brooklyn Blueprints • Describe Applications • OASIS CAMP Standard

    • List of Services • NoSQL Database Clusters • Web Servers and Load Balancers • Shell or Python Scripts • Tree Structure • Sensors, Effectors and Policies Copyright 2015 by Cloudsoft Corporation Limited

15. @grkvlt Application Management • Sensors • Data from Services •

    Effectors • Brooklyn Policies • Attached to Entities in Application • Nothing Docker Specific • Elastic Scaling and Cluster Resizing • Service Resilience and Replacement Copyright 2015 by Cloudsoft Corporation Limited

16. @grkvlt Blueprint Example Copyright 2015 by Cloudsoft Corporation Limited id:

     docker-­‐redis name:  "Docker  Hub  Redis  Service" origin:  "https://registry.hub.docker.com/_/redis/" locations: -­‐ my-­‐docker-­‐cloud services: -­‐ type:  docker:redis:latest openPorts: -­‐ 6379 directPorts: -­‐ 6379

17. @grkvlt Blueprint Example name:   appserver-­‐w-­‐policy services: -­‐ type:  

    org.apache.brooklyn.entity.webapp.ControlledDynamicWebAppCluster initialSize:   3 memberSpec: $brooklyn:entitySpec: type:   org.apache.brooklyn.entity.webapp.tomcat.Tomcat8Server brooklyn.config: wars.root: http://search.maven.org/remotecontent?filepath=io/brooklyn/example/brooklyn-­‐example-­‐hello-­‐world-­‐sql-­‐webapp/0.6.0/brooklyn-­‐example-­‐hello-­‐ world-­‐sql-­‐webapp-­‐0.6.0.war http.port:   8080+ java.sysprops:   brooklyn.example.db.url:   $brooklyn:formatString("jdbc:%s%s?user=%s\\&password=%s", component("db").attributeWhenReady("datastore.url"),   "visitors",   "brooklyn",   "br00k11n") brooklyn.policies: -­‐ policyType:   org.apache.brooklyn.policy.autoscaling.AutoScalerPolicy brooklyn.config: metric:   $brooklyn:sensor("org.apache.brooklyn.entity.webapp.DynamicWebAppCluster",   "webapp.reqs.perSec.windowed.perNode") metricLowerBound:   10 metricUpperBound:   100 minPoolSize:   1 maxPoolSize:   5 -­‐ type:   org.apache.brooklyn.entity.database.mysql.MySqlNode id:  db name:   DB  HelloWorld   Visitors brooklyn.config: datastore.creation.script.url: https://github.com/apache/incubator-­‐brooklyn/raw/master/usage/launcher/src/test/resources/visitors-­‐creation-­‐script.sql Copyright 2015 by Cloudsoft Corporation Limited

18. @grkvlt Clocker Blueprints Copyright 2015 by Cloudsoft Corporation Limited

19. @grkvlt Docker Cloud • Brooklyn Blueprint for Docker Cluster •

    Docker Engine on Cloud VM or Bare Metal • Configuration for Host • TLS Certificates • Setup Volumes • Logging • Install SDN Agents • Manage Capacity or Headroom Copyright 2015 by Cloudsoft Corporation Limited

20. @grkvlt Headroom • Ensure resources available • Based on MaxContainers

    strategy limit • Or Percentage Utilisation • Or CPU and RAM allocation • Scale Docker Host Cluster Automatically • Add new Docker hosts • Remove empty Docker hosts Copyright 2015 by Cloudsoft Corporation Limited

21. @grkvlt Clocker 1.x Architecture Copyright 2015 by Cloudsoft Corporation Limited

22. @grkvlt Docker Cloud 1. On-demand 2. Multi-Tenant 3. Hardware Independent

    4. Application Level Copyright 2015 by Cloudsoft Corporation Limited

23. @grkvlt Clocker Features • Docker Extensions to Brooklyn –Docker Image

    as First-Class Service Type –Placement Strategies for Containers –Create Docker Images and Networks • Manages Docker Engine and Swarm –Deployment and Management –Installation and Configuration –Software-Defined Networking Copyright 2015 by Cloudsoft Corporation Limited

24. @grkvlt Clocker Features • Application Blueprints –Oasis CAMP YAML –TOSCA

    and Compose in Development –Same as Core Brooklyn • Targeting Multiple Destinations –Some Virtual Machines –Some Bare Metal –Some Containers Copyright 2015 by Cloudsoft Corporation Limited

25. @grkvlt Clocker Orchestration Copyright 2015 by Cloudsoft Corporation Limited Docker

    Engine Virtual Machine Container Clocker Network Segment SDN Provider Cloud Provider Brooklyn

26. @grkvlt Container Management • Sources • Docker Image Definition •

    Docker Hub or Registry • Dockerfile • Brooklyn Entity Definition • Create Image Automatically • Commit or Push for Reuse Copyright 2015 by Cloudsoft Corporation Limited

27. @grkvlt Container Placement • Placement Strategies • Random, Depth or

    Breadth First • CPU or Memory Usage • Memory, CPU or Container Limits • Geographic Constraints • User Defined • Java Predicate Copyright 2015 by Cloudsoft Corporation Limited

28. Clocker  Networking

29. @grkvlt Software-Defined Networking • Needed for Seamless Provisioning • Host

    to Host Communication • Same LAN Segment • No Port Forwarding • Natural Application Configuration • Initial Driver was EPMD Applications • Useful for any opinionated applications Copyright 2015 by Cloudsoft Corporation Limited

30. @grkvlt Networking Providers • Standardized Interfaces • Pluggable Providers •

    Weave • Project Calico • ... • Same Basic Features • Extra capabilities defined in configuration Copyright 2015 by Cloudsoft Corporation Limited

31. @grkvlt Networking Providers • Implementation Agnostic • L2 overlay, L3

    routing etc. • Similar to Hypervisor in Clouds • Generic Interfaces • Host Component • Service Component (or Endpoint) • Same idea as Docker Network Plugins Copyright 2015 by Cloudsoft Corporation Limited

32. @grkvlt Networking Capabilities • Provide Multiple Networks • Single Application

    or Shared • Private Addresses • Segmented by CIDR • Docker Port Forwarding Access • Debug Mechanism Copyright 2015 by Cloudsoft Corporation Limited

33. @grkvlt Clocker Networking Container Host SDN Bridge Container Internet SDN

    Gateway Copyright 2015 by Cloudsoft Corporation Limited

34. @grkvlt Networking Capabilities • IP Pool Controlled by Clocker •

    Clocker Controls Subnet Allocation • Applications Segmented by CIDR • Delegate to SDN or Cloud • Bring your own IP • Both Weave and Calico offer this now • Calico can use routable CIDR or VPN Copyright 2015 by Cloudsoft Corporation Limited

35. @grkvlt Networking Capabilities • Wide Area and Multi Region SDN

    • Cross Platform SDN • Both VMs and Containers on one VLAN • Name Resolution • Contributing to Weave DNS for orchestration • Use traditional external BIND service entity Copyright 2015 by Cloudsoft Corporation Limited

36. @grkvlt Metaswitch Project Calico • SDN for Bare Metal, VMs

    and Containers • Layer 3 • Uses OS IP routing and forwarding • Configuration in an etcd Cluster • Version 0.4 in Clocker • 0.5.x once working on Docker stable • Spans VMs and Containers • OpenStack Neutron network driver Copyright 2015 by Cloudsoft Corporation Limited

37. @grkvlt Copyright 2015 by Cloudsoft Corporation Limited Cross-Target Deployment

38. @grkvlt Virtual Network Entity • Clocker Specific Entity • Provisions

    a Virtual Network or Subnet • Looks for NetworkProvisioningExtension • Registered in DockerLocation by SDN Provider • Also defined with JcloudsLocation for OpenStack • Part of Application Blueprint Copyright 2015 by Cloudsoft Corporation Limited

39. @grkvlt Network Provisioning • Create Named Virtual Networks • Uses

    Available Provider • Currently Weave, Calico and OpenStack Neutron Supported -­‐ type:  brooklyn.networking.VirtualNetwork networkId:   my-­‐application cidr:  192.168.12.0/24 gateway:   192.168.12.1 dnsServers: -­‐ 8.8.8.8 brooklyn.config: sdn.example.securityGroup:   "my-­‐security-­‐group" Copyright 2015 by Cloudsoft Corporation Limited

40. @grkvlt Network Provisioning • Allow Minimal (Zero!) Configuration • Use

    Sensible Defaults • Also SDN or Cloud Specific Configuration, e.g. Calico or OpenStack • Allocate Address Space on Demand -­‐ type:  brooklyn.networking.OpenStackVirtualNetwork networkId:   database-­‐net cidr:  192.168.34.0/24 -­‐ type:  brooklyn.networking.VirtualNetwork networkId:   couchbase-­‐net Copyright 2015 by Cloudsoft Corporation Limited

41. @grkvlt Network Provisioning • Attach Containers to Networks brooklyn.config: network.list:

    -­‐ couchbase-­‐net -­‐ management-­‐net • Create Networks as Required • Also Attach to VMs and Metal • Only supported with Calico at present Copyright 2015 by Cloudsoft Corporation Limited

42. Demonstration

43. @grkvlt Copyright 2015 by Cloudsoft Corporation Limited Clocker Console 1

44. @grkvlt Copyright 2015 by Cloudsoft Corporation Limited Clocker Console 2

45. @grkvlt • Orchestrated Docker deployment with Calico SDN integration •

    Automated attachment of containers to multiple dynamic networks • Brooklyn application blueprints deployed with network topology • Management of running applications Copyright 2015 by Cloudsoft Corporation Limited Features

46. Clocker  1.x

47. @grkvlt Roadmap • Mesos Integration • Deploy the Mesos infrastructure

    • Brooklyn as a Mesos framework • Provide Mesos as another Brooklyn endpoint • Container Mobility • Stateless Services • Brooklyn Core Integration Copyright 2015 by Cloudsoft Corporation Limited

48. @grkvlt Roadmap Copyright 2015 by Cloudsoft Corporation Limited

49. @grkvlt Roadmap • Docker Experimental Features • Separate release for

    now • Not yet stable • More networking providers • Clocker Experimental Release • Coming soon... Copyright 2015 by Cloudsoft Corporation Limited

50. Clocker Solves: – Docker Cloud Networking – Container Placement and

    Provisioning – Composite Application Management Summary

51. Questions?

52. @grkvlt Resources http://clocker.io/ http://brooklyn.io/ https://github.com/brooklyncentral/clocker/ https://github.com/apache/incubator-­‐brooklyn/ https://github.com/weaveworks/weave/ https://github.com/Metaswitch/calico-­‐docker/ http://blog.abstractvisitorpattern.co.uk/