Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Docker & Pods

01dc8e954957a10b428aa60b28c89d52?s=47 Ian Lewis
March 05, 2016
Technology
8
2k

Docker & Pods

01dc8e954957a10b428aa60b28c89d52?s=128

Ian Lewis

March 05, 2016
Tweet

More Decks by Ian Lewis

See All by Ian Lewis
Kubernetes Security Best Practices
01dc8e954957a10b428aa60b28c89d52?s=48 ianlewis
38
25k
The Enemy Within: Running untrusted code in Kubernetes
01dc8e954957a10b428aa60b28c89d52?s=48 ianlewis
0
980
The Enemy Within: Running untrusted code with gVisor
01dc8e954957a10b428aa60b28c89d52?s=48 ianlewis
4
600
KubeCon EU Runtime Track Recap
01dc8e954957a10b428aa60b28c89d52?s=48 ianlewis
3
1.2k
コンテナによるNoOpsオートメーション
01dc8e954957a10b428aa60b28c89d52?s=48 ianlewis
2
110
Google Kubernetes Engine 概要 & アップデート @ GCPUG Kansai Summit Day 2018
01dc8e954957a10b428aa60b28c89d52?s=48 ianlewis
2
680
Extending Kubernetes with Custom Resources and Operator Frameworks
01dc8e954957a10b428aa60b28c89d52?s=48 ianlewis
10
3.1k
Kubernetesのセキュリティのベストプラクティス
01dc8e954957a10b428aa60b28c89d52?s=48 ianlewis
12
15k
Scheduling and Resource Management in Kubernetes
01dc8e954957a10b428aa60b28c89d52?s=48 ianlewis
2
1.3k

Other Decks in Technology

See All in Technology
BFFとmicroservicesアーキテクチャ
8feecda0ab340ae974eea7f1d86b85ff?s=48 hirac1220
0
110
srenext2022-skaru
B16717ef4b7aab0b253d933c3934f280?s=48 mixi_engineers
PRO
1
1.1k
20220523_akibaaws-online-08-s3
3cb071df50ed06febdfb3262fb5a67a3?s=48 hiashisan
0
110
GMO pepabo and hey 2022-05-26
4ab9c4c8dec50dc08b89981e23e111f2?s=48 katsumataryo
0
120
Dagu | オンプレ向けワークフローエンジン(WebUI 同梱)
2a80a0a6f834a75cc418ef59175ecbb0?s=48 yohamta
1
210
Unity Package Managerで自作パッケージを配布する方法
3dfed36dc1543f0007b5fd46fcb41a47?s=48 yunoda
0
270
Remixの凄みを紹介したい
56f81d479d44a1e00a577424bb45fd4a?s=48 aiji42
5
3.4k
數據的多重宇宙 @ LINE Taiwan
2102a6b8760bd6f57f672805723dd83a?s=48 line_developers_tw
PRO
0
1k
ヘキサゴナルアーキテクチャを利用したLambda 関数のドメインモデルの実装 Live
7689d16bbad8f2fa05a5e9afb8527675?s=48 fatsushi
3
740
テスト自動化の成功を支えるチームと仕組み/TestAutomation
32fe1b1b174c69d06b455799ed1fb285?s=48 goyoki
6
1.4k
OSS ことはじめ
Eabad423977cfc6873b8f5df62b848a6?s=48 hsbt
3
600
成長を続ける組織でのSRE戦略:プレモーテムによる信頼性の認識共有 SRE Next 2022
Dccc861c47a9a7bfc7f71a86e1245897?s=48 niwatakeru
7
3.1k

Featured

See All Featured
Statistics for Hackers
56c4053438af8e8b90d6f53cbb7573be?s=48 jakevdp
781
210k
Making Projects Easy
C4de88ea47538e4594750e3861a341c8?s=48 brettharned
98
4.3k
GitHub's CSS Performance
64827b31aef81498662e8af4bd6d5157?s=48 jonrohan
1020
410k
Designing for humans not robots
D36d2c1821af9249b69ff7f5ed60529b?s=48 tammielis
241
23k
The Language of Interfaces
Fde6c3a50ca518a909ef35c22c0ee0e4?s=48 destraynor
148
20k
Happy Clients
C51b39fa3c79ccb99dcb8a076bc98287?s=48 brianwarren
89
5.6k
ReactJS: Keep Simple. Everything can be a component!
Af6a12710770ad9a7cfd08c97efd40d3?s=48 pedronauck
655
120k
We Have a Design System, Now What?
95d9f37115fbb0d13135d0f77132f856?s=48 morganepeng
35
2.9k
Bash Introduction
812e1705ff0f8bc1bcf18587bde687d5?s=48 62gerente
596
210k
What's new in Ruby 2.0
7edec06b5435e0dac07a353b2cc26253?s=48 geeforr
336
30k
VelocityConf: Rendering Performance Case Studies
96270e4c3e5e9806cf7245475c00b275?s=48 addyosmani
316
22k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
B3ace07412a5178ea778e7eec161fc0a?s=48 jcasabona
12
900

Transcript

  1. Docker & Pods The many forms of containers

  2. Confidential & Proprietary Google Cloud Platform 2 Ian Lewis Developer

    Advocate - Google Cloud Platform Tokyo, Japan google.com/+IanLewis-hoge @IanMLewis
  3. None

  4. Confidential & Proprietary Google Cloud Platform 4 What are containers?

  5. Confidential & Proprietary Google Cloud Platform 5 1. Linux cgroup

    2. Linux Namespace a. IPC b. Network (eth & IP address) c. Mount d. PID e. User f. UTS (Hostname & NIS) Containers

  6. Confidential & Proprietary Google Cloud Platform 6 1. Linux cgroup

    2. Linux Namespace a. IPC b. Network (eth & IP address) c. Mount d. PID e. User f. UTS (Hostname & NIS) Containers Container Image File System Metadata

  7. Confidential & Proprietary Google Cloud Platform 7 docker run nginx

  8. Google Cloud Platform Docker Containers IPC Network PID Hostname Mount

    nginx IPC Network PID Hostname Mount nginx IPC Network PID Hostname Mount nginx

  9. Google Cloud Platform IPC Network PID Hostname Mounts nginx IPC

    Network PID Hostname Mount git pull IPC Network PID Hostname Mount nginx Docker Containers

  10. Google Cloud Platform IPC Network PID Hostname IPC Network PID

    Hostname Mount git pull IPC Network PID Hostname Mount nginx VOLUME Docker Containers nginx

  11. Copyright 2015 Google Inc Container Cluster Management Node Node Cluster

    Node

  12. Copyright 2015 Google Inc Container Cluster Management Node Node Node

    VOLUME?? VOLUME?? Cluster

  13. Copyright 2015 Google Inc Container Cluster Management Node VOLUME

  14. Copyright 2015 Google Inc Container Cluster Management Node NFS NFS

    NAS

  15. Copyright 2015 Google Inc Node Container Cluster Management Node N

    FS N FS NAS

  16. Google Cloud Platform Pods & Docker? confd nginx HUP W

    RITE READ etcd CHANGE nginx.conf app app app IP Address LB

  17. Google Cloud Platform Container Container Pods & Docker? confd nginx

    HUP W RITE READ etcd CHANGE ? ? ? ?

  18. Google Cloud Platform Pods & Docker? Container nginx confd foreman

  19. Google Cloud Platform Container foreman Pods & Docker? nginx confd

  20. Google Cloud Platform Container foreman Pods & Docker? Everything’s A-OK!!

    nginx confd Crash-Restart Loop

  21. Copyright 2015 Google Inc Google has been running all of

    it’s services in containers for about 10 years. We start about 2 billion containers per week. Images by Connie Zhou

  22. Confidential & Proprietary Google Cloud Platform 22 http://research.google.com/pubs/pub43438.html

  23. http://research.google.com/pubs/pub43438.html

  24. Image by Connie Zhou

  25. job hello_world = { runtime = { cell = 'ic'

    } // Cell (cluster) to run in binary = '.../hello_world_webserver' // Program to run args = { port = '%port%' } // Command line parameters requirements = { // Resource requirements ram = 100M disk = 100M cpu = 0.1 } replicas = 5 // Number of tasks } 10000 Developer View

  26. Hello world! Hello world! Hello world! Hello world! Hello world!

    Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Image by Connie Zhou Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world!

  27. Kubernetes κυβερνήτης: Greek for “pilot” or “helmsman of a ship”

    the open source cluster manager from Google

  28. Google Cloud Platform Pods Small group of containers & volumes

    Tightly coupled The atom of scheduling & placement Shared namespace • share IP address & localhost • share IPC, etc. Managed lifecycle • bound to a node, restart in place • can die, cannot be reborn with same ID Example: data puller & web server Consumers Content Manager File Puller Web Server Volume Pod

  29. Google Cloud Platform Pods & Docker? confd nginx HUP W

    RITE READ etcd CHANGE nginx.conf app app app IP Address LB

  30. Google Cloud Platform IPC Network Pods docker … --net=container: id

    --ipc=container:id Hostname cgroup Web Server Pod cgroup File Puller localhost

  31. Google Cloud Platform Pods (TODO) docker … --net=container: id --ipc=container:id

    -- pid=container:id https://github. com/docker/docker/issue s/10163 IPC Network PID Hostname cgroup Web Server cgroup File Puller localhost

  32. Kubernetes Master/Scheduler Cluster: Execution Environment Machine Host Machine Host Machine

    Host Machine Host Machine Host Machine Host Machine Host Container Agent Container Agent Container Agent Container Agent Container Agent Container Agent Container Agent Node

  33. Log Roller Web Server Machine Host Machine Host Machine Host

    Machine Host Machine Host Machine Host Machine Host Container Agent Container Agent Container Agent Container Agent Container Agent Container Agent Container Agent Kubernetes Master/Scheduler Pods Container Container Pod

  34. FE FE FE FE FE FE BE BE BE BE

    BE BE BE BE BE Machine Host Machine Host Machine Host Machine Host Machine Host Machine Host Machine Host Container Agent Container Agent Container Agent Container Agent Container Agent Container Agent Container Agent Kubernetes - Master/Scheduler How to differentiate multiple pods?

  35. labels: role: frontend FE FE FE FE FE FE BE

    BE BE BE BE BE BE BE BE Machine Host Machine Host Machine Host Machine Host Machine Host Machine Host Machine Host Container Agent Container Agent Container Agent Container Agent Container Agent Container Agent Container Agent Kubernetes - Master/Scheduler Labels

  36. labels: role: frontend stage: production Machine Host Machine Host Machine

    Host Machine Host Machine Host Machine Host Machine Host Container Agent Container Agent Container Agent Container Agent Container Agent Container Agent Container Agent Kubernetes - Master/Scheduler FE FE FE FE FE FE BE BE BE BE BE BE BE BE BE Labels

  37. FE FE FE FE replicas: 4 template: ... labels: role:

    frontend stage: production Machine Host Machine Host Machine Host Machine Host Machine Host Machine Host Machine Host Container Agent Container Agent Container Agent Container Agent Container Agent Container Agent Container Agent Kubernetes - Master/Scheduler Replication Controller: Managing Many Pods

  38. FE replicas: 1 template: ... labels: role: frontend stage: production

    Machine Host Machine Host Machine Host Machine Host Machine Host Machine Host Machine Host Container Agent Container Agent Container Agent Container Agent Container Agent Container Agent Container Agent Kubernetes - Master/Scheduler Replication Controller: Scaling FE FE FE

  39. FE FE FE replicas: 3 template: ... labels: role: frontend

    stage: production Machine Host Machine Host Machine Host Machine Host Machine Host Machine Host Machine Host Container Agent Container Agent Container Agent Container Agent Container Agent Container Agent Container Agent Kubernetes - Master/Scheduler Replication Controller: Scaling

  40. Thank you! Thanks! Ian Lewis twitter.com/IanMLewis