CoreOS and (The) Edge of Tomorrow

CoreOS and (The) Edge of Tomorrow

Presentation from the first inaugural CoreOS Meetup in London (http://www.meetup.com/CoreOS-London/)

3a05235ac9d98378afddbaf95c0d1f6f?s=128

Milos Gajdos

October 13, 2014
Tweet

Transcript

  1. CoreOS and (The) Edge of Tomorrow CoreOS meetup, London 13th

    October, 2014
  2. About me… • SysAdmin by trade (10+ years) • Programming

    language tourist, mostly Go, exploring Rust • I blog about Linux containers https://containerops.org/ • Twitter: @milosgajdos
  3. Road to CoreOS “What I’m about to tell you sounds

    crazy, but you have to listen to me! Your very lives depend on it…”, Cage, Edge of Tomorrow
  4. Road to CoreOS Part 1 - Wake up

  5. Every day felt like the same day Broken HW, debugging

    bash scripts….
  6. You got in, picked up your weapons and fought Albeit

    the weapons were Nagios, ssh for loops….
  7. You learnt how to use your weapons You became a

    very skilful soldier
  8. Road to CoreOS Part 2 - Meet Rita

  9. There are smart people who care just like you do.

    There is hope!
  10. You find out about configuration management, better tooling and monitoring,

    continuos delivery etc.
  11. You put together a DevOps team and fight together, hoping

    some day you won’t have to fight any more….
  12. Road to CoreOS Part 3 - Grenade

  13. With all the infrastructure tooling you build a massive DevOps

    ship - surely you’re gonna win now!
  14. But the infrastructures are getting even more complex: You hazz

    MICROSERVICES now!
  15. Then you discover Docker! Surely this is it! You take

    it and throw it all over the infrastructure hoping to win once and for all!
  16. Road to CoreOS
 Epilogue - Evolution • Robot soldiers ->

    
 (Micro)service delivery men • Delivering Applications -> 
 delivering Distributed Platforms • Ultimate evolution:
 SysAdmin + Devs -> DevOps -> DistOps • ULTIMATE QUESTION: • Have the OS’ evolved ?
  17. OS as a Service

  18. CoreOS Opening credits • Originally based on Chrome OS •

    Apps as Docker containers • Started with read only /, now read only ext4 /usr and btrfs / • etcd, systemd, fleet • Automatic updates (inspired by Omaha project)
  19. CoreOS Scene 1 - etcd • Distributed k-v store written

    in Go, • HTTP API (JSON) • SSL optional, ACLs in the future • TTL support • “Watch” support via HTTP long- polling - no push! • etcdctl client • missing proper benchmark information :-(
  20. CoreOS Scene 2 - fleet • Distributed init system built

    on top of systemd • It schedules services across the cluster • fleetd service has 2 components: 
 engine and agent • Service lifecycle: create (submit) -> schedule (load) ->run (start) -> remove (destroy) • fleetctl client
  21. CoreOS Scene 3 - Updates and security • No package

    manager \o/ YESSSS! • Dual partition scheme: active (live) and passive (for updates) • Atomic (no partial upgrade!) and automatic (not just available!) • signed and verified • updateservicectl to control and test update service • SSH key auth only BUT sudo without password for core user • No SELinux/AppArmor etc., YET
  22. CoreOS Closing credits • Still fairly young project - first

    stable release July 2014 - HUGE POTENTIAL • Extensive docs but some of the concepts are not easy to grasp • Few “??” • Security • Backup and Restore • Networking: flannel, WEAVE • Storage: FLOCKER
  23. –Rita, Edge of Tomorrow “Every time you die, you get

    smarter and you’re gonna make sure we will win!”
  24. –Bret Victor “The most dangerous thought you can have as

    a creative person is to think that you know what you are doing”