$30 off During Our Annual Pro Sale. View Details »

Docker & Pods

Ian Lewis
March 05, 2016
Technology
8
2k

Docker & Pods

Ian Lewis

March 05, 2016
Tweet

More Decks by Ian Lewis

See All by Ian Lewis
Kubernetes Security Best Practices
ianlewis
39
25k
The Enemy Within: Running untrusted code in Kubernetes
ianlewis
0
1k
The Enemy Within: Running untrusted code with gVisor
ianlewis
4
660
KubeCon EU Runtime Track Recap
ianlewis
3
1.3k
コンテナによるNoOpsオートメーション
ianlewis
2
120
Google Kubernetes Engine 概要 & アップデート @ GCPUG Kansai Summit Day 2018
ianlewis
2
720
Extending Kubernetes with Custom Resources and Operator Frameworks
ianlewis
10
3.3k
Kubernetesのセキュリティのベストプラクティス
ianlewis
12
16k
Scheduling and Resource Management in Kubernetes
ianlewis
2
1.3k

Other Decks in Technology

See All in Technology
Enjoy the Web
herablog
3
860
明日使えるかもしれないGitテクニック / Gunma.web#47
yug1224
0
100
ひさしぶりの英語セッションでも『読める、読めるぞ!』 〜 別の角度の re:Invent 事前準備 〜
maroon1st
0
360
DevelopersIO BASECAMPで扱うサービスのアップデート紹介
fukazawashun
0
150
布教Git
streamwest1629
0
100
オラクルのブロックチェーンソリューションご紹介 /blockchain
oracle4engineer
PRO
0
1k
Next decade of Rails Girls and the community
okuramasafumi
1
120
Adopting Jetpack Compose in your Android app - DevFest 2022
patilshreyas
0
420
ユーザー理解は、自組織理解から!インナーリサーチのススメ / SDC_okusa
recruitengineers
PRO
0
370
【再学習】リアルガチでCloudWatchを有効活用してますか?
honma12345
0
150
ラクスサービスを支えるAnsibleのこれまでとこれから
keijiuehata
1
170
FastAPIでKubernetesを扱うときに役立つTips
hrk091
0
140

Featured

See All Featured
Agile that works and the tools we love
rasmusluckow
320
19k
The Cult of Friendly URLs
andyhume
68
5k
GitHub's CSS Performance
jonrohan
1020
430k
Bootstrapping a Software Product
garrettdimon
299
110k
Build The Right Thing And Hit Your Dates
maggiecrowley
21
1.4k
Facilitating Awesome Meetings
lara
33
4.5k
Making Projects Easy
brettharned
101
4.7k
Designing for humans not robots
tammielis
244
24k
Embracing the Ebb and Flow
colly
74
3.5k
Practical Orchestrator
shlominoach
178
8.9k
Scaling GitHub
holman
453
140k
How GitHub (no longer) Works
holman
298
140k

Transcript

  1. Docker & Pods The many forms of containers

  2. Confidential & Proprietary Google Cloud Platform 2 Ian Lewis Developer

    Advocate - Google Cloud Platform Tokyo, Japan google.com/+IanLewis-hoge @IanMLewis
  3. None

  4. Confidential & Proprietary Google Cloud Platform 4 What are containers?

  5. Confidential & Proprietary Google Cloud Platform 5 1. Linux cgroup

    2. Linux Namespace a. IPC b. Network (eth & IP address) c. Mount d. PID e. User f. UTS (Hostname & NIS) Containers

  6. Confidential & Proprietary Google Cloud Platform 6 1. Linux cgroup

    2. Linux Namespace a. IPC b. Network (eth & IP address) c. Mount d. PID e. User f. UTS (Hostname & NIS) Containers Container Image File System Metadata

  7. Confidential & Proprietary Google Cloud Platform 7 docker run nginx

  8. Google Cloud Platform Docker Containers IPC Network PID Hostname Mount

    nginx IPC Network PID Hostname Mount nginx IPC Network PID Hostname Mount nginx

  9. Google Cloud Platform IPC Network PID Hostname Mounts nginx IPC

    Network PID Hostname Mount git pull IPC Network PID Hostname Mount nginx Docker Containers

  10. Google Cloud Platform IPC Network PID Hostname IPC Network PID

    Hostname Mount git pull IPC Network PID Hostname Mount nginx VOLUME Docker Containers nginx

  11. Copyright 2015 Google Inc Container Cluster Management Node Node Cluster

    Node

  12. Copyright 2015 Google Inc Container Cluster Management Node Node Node

    VOLUME?? VOLUME?? Cluster

  13. Copyright 2015 Google Inc Container Cluster Management Node VOLUME

  14. Copyright 2015 Google Inc Container Cluster Management Node NFS NFS

    NAS

  15. Copyright 2015 Google Inc Node Container Cluster Management Node N

    FS N FS NAS

  16. Google Cloud Platform Pods & Docker? confd nginx HUP W

    RITE READ etcd CHANGE nginx.conf app app app IP Address LB

  17. Google Cloud Platform Container Container Pods & Docker? confd nginx

    HUP W RITE READ etcd CHANGE ? ? ? ?

  18. Google Cloud Platform Pods & Docker? Container nginx confd foreman

  19. Google Cloud Platform Container foreman Pods & Docker? nginx confd

  20. Google Cloud Platform Container foreman Pods & Docker? Everything’s A-OK!!

    nginx confd Crash-Restart Loop

  21. Copyright 2015 Google Inc Google has been running all of

    it’s services in containers for about 10 years. We start about 2 billion containers per week. Images by Connie Zhou

  22. Confidential & Proprietary Google Cloud Platform 22 http://research.google.com/pubs/pub43438.html

  23. http://research.google.com/pubs/pub43438.html

  24. Image by Connie Zhou

  25. job hello_world = { runtime = { cell = 'ic'

    } // Cell (cluster) to run in binary = '.../hello_world_webserver' // Program to run args = { port = '%port%' } // Command line parameters requirements = { // Resource requirements ram = 100M disk = 100M cpu = 0.1 } replicas = 5 // Number of tasks } 10000 Developer View

  26. Hello world! Hello world! Hello world! Hello world! Hello world!

    Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Image by Connie Zhou Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world!

  27. Kubernetes κυβερνήτης: Greek for “pilot” or “helmsman of a ship”

    the open source cluster manager from Google

  28. Google Cloud Platform Pods Small group of containers & volumes

    Tightly coupled The atom of scheduling & placement Shared namespace • share IP address & localhost • share IPC, etc. Managed lifecycle • bound to a node, restart in place • can die, cannot be reborn with same ID Example: data puller & web server Consumers Content Manager File Puller Web Server Volume Pod

  29. Google Cloud Platform Pods & Docker? confd nginx HUP W

    RITE READ etcd CHANGE nginx.conf app app app IP Address LB

  30. Google Cloud Platform IPC Network Pods docker … --net=container: id

    --ipc=container:id Hostname cgroup Web Server Pod cgroup File Puller localhost

  31. Google Cloud Platform Pods (TODO) docker … --net=container: id --ipc=container:id

    -- pid=container:id https://github. com/docker/docker/issue s/10163 IPC Network PID Hostname cgroup Web Server cgroup File Puller localhost

  32. Kubernetes Master/Scheduler Cluster: Execution Environment Machine Host Machine Host Machine

    Host Machine Host Machine Host Machine Host Machine Host Container Agent Container Agent Container Agent Container Agent Container Agent Container Agent Container Agent Node

  33. Log Roller Web Server Machine Host Machine Host Machine Host

    Machine Host Machine Host Machine Host Machine Host Container Agent Container Agent Container Agent Container Agent Container Agent Container Agent Container Agent Kubernetes Master/Scheduler Pods Container Container Pod

  34. FE FE FE FE FE FE BE BE BE BE

    BE BE BE BE BE Machine Host Machine Host Machine Host Machine Host Machine Host Machine Host Machine Host Container Agent Container Agent Container Agent Container Agent Container Agent Container Agent Container Agent Kubernetes - Master/Scheduler How to differentiate multiple pods?

  35. labels: role: frontend FE FE FE FE FE FE BE

    BE BE BE BE BE BE BE BE Machine Host Machine Host Machine Host Machine Host Machine Host Machine Host Machine Host Container Agent Container Agent Container Agent Container Agent Container Agent Container Agent Container Agent Kubernetes - Master/Scheduler Labels

  36. labels: role: frontend stage: production Machine Host Machine Host Machine

    Host Machine Host Machine Host Machine Host Machine Host Container Agent Container Agent Container Agent Container Agent Container Agent Container Agent Container Agent Kubernetes - Master/Scheduler FE FE FE FE FE FE BE BE BE BE BE BE BE BE BE Labels

  37. FE FE FE FE replicas: 4 template: ... labels: role:

    frontend stage: production Machine Host Machine Host Machine Host Machine Host Machine Host Machine Host Machine Host Container Agent Container Agent Container Agent Container Agent Container Agent Container Agent Container Agent Kubernetes - Master/Scheduler Replication Controller: Managing Many Pods

  38. FE replicas: 1 template: ... labels: role: frontend stage: production

    Machine Host Machine Host Machine Host Machine Host Machine Host Machine Host Machine Host Container Agent Container Agent Container Agent Container Agent Container Agent Container Agent Container Agent Kubernetes - Master/Scheduler Replication Controller: Scaling FE FE FE

  39. FE FE FE replicas: 3 template: ... labels: role: frontend

    stage: production Machine Host Machine Host Machine Host Machine Host Machine Host Machine Host Machine Host Container Agent Container Agent Container Agent Container Agent Container Agent Container Agent Container Agent Kubernetes - Master/Scheduler Replication Controller: Scaling

  40. Thank you! Thanks! Ian Lewis twitter.com/IanMLewis