Upgrade to Pro — share decks privately, control downloads, hide ads and more …

4 orquestadores de Docker en 40 minutos

Alejandro Guirao Rodríguez
November 18, 2016
Programming
2
900

4 orquestadores de Docker en 40 minutos

Charla de Codemotion 2016

Alejandro Guirao Rodríguez

November 18, 2016
Tweet

More Decks by Alejandro Guirao Rodríguez

See All by Alejandro Guirao Rodríguez
Python para Administradores de Sistemas
lekum
0
330
t3chfest - 4 logging and metrics systems in 40 minutes
lekum
0
150
4 logging and metrics systems in 40 minutes
lekum
0
350
4 CI/CD systems in 40 minutes
lekum
0
310
Serverless with Python
lekum
2
370
From 0 to Anomaly Detection in your infrastructure metrics in 15 minutes
lekum
0
160
Enter MicroPython
lekum
2
490
All your pins are belong to us - Python meets Arduino
lekum
0
220

Other Decks in Programming

See All in Programming
mrubyでマイコンの世界に足を踏み入れる
yuuu
0
470
AT Protocol (BlueSky Social)仕様解説 ~ W3C DID仕様を添えて ~
gpsnmeajp
0
120
一緒にスクラム開発___GPT-4と人間が共創するプロダクトの進化.pdf
itohiro73
5
4.9k
Android端末のNFCを無効化しようとしてダメだった話
mitchan
1
2.8k
Kubernetesコントローラーのパフォーマンスチューニング
zoetrope
4
420
CSC308 Lecture 26
javiergs
PRO
0
110
prototype大全 / YAPC::Kyoto 2023
utgwkk
0
820
Structure for Enterprise-Scale Angular Applications: Nx Monorepos, Micro Frontends, and Module Federation
manfredsteyer
PRO
0
100
Famm Android改善記
akatsuki174
0
120
ゴーファーくんと辿るプログラミング言語の歴史/history-of-programming-languages-with-gopher
iwasiman
13
5.5k
Automated testing in Ruby 101
okuramasafumi
1
450
トランクベース開発の実現に向けた開発プロセスとCIパイプラインの継続的改善
aanrii
5
860

Featured

See All Featured
Building an army of robots
kneath
300
41k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
500
130k
Code Review Best Practice
trishagee
50
12k
Web Components: a chance to create the future
zenorocha
304
41k
For a Future-Friendly Web
brad_frost
166
7.9k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
109
16k
Streamline your AJAX requests with AmplifyJS and jQuery
dougneiner
128
8.8k
Intergalactic Javascript Robots from Outer Space
tanoku
261
26k
GraphQLの誤解/rethinking-graphql
sonatard
39
8k
Keith and Marios Guide to Fast Websites
keithpitt
407
21k
Building Flexible Design Systems
yeseniaperezcruz
314
35k
Building Applications with DynamoDB
mza
86
5k

Transcript

  1. 4 orquestadores
    de Docker en 40
    minutos
    by @lekum
    MADRID · NOV 18-19 · 2016
    Alejandro Guirao

    View Slide

  2. MADRID · NOV 18-19 · 2016
    ¿Por qué necesita Docker un
    orquestador?
    - Mantener el estado de un cluster
    - Networking entre hosts
    - Load balancing
    - Service Discovery
    - Rolling updates
    - ...

    View Slide

  3. MADRID · NOV 18-19 · 2016
    Hoy veremos...
    - Docker Swarm (1.12)
    - Kubernetes (1.4)
    - DC/OS (1.8)
    - Nomad (0.5)

    View Slide

  4. MADRID · NOV 18-19 · 2016
    DOCKER SWARM

    View Slide

  5. MADRID · NOV 18-19 · 2016
    FUNCIONALIDAD

    View Slide

  6. MADRID · NOV 18-19 · 2016
    Funcionalidad
    - Gestión de un cluster de Dockerhosts
    - Abstracción de servicio en el cluster
    - Networking multi-host (red de overlay)
    - Service discovery
    - Load balancing entre nodos
    - Rolling updates

    View Slide

  7. MADRID · NOV 18-19 · 2016
    ARQUITECTURA

    View Slide

  8. MADRID · NOV 18-19 · 2016
    Cluster

    View Slide

  9. MADRID · NOV 18-19 · 2016
    Servicios

    View Slide

  10. MADRID · NOV 18-19 · 2016
    ¿Cómo se crea un servicio?

    View Slide

  11. MADRID · NOV 18-19 · 2016
    CÓMO SE INSTALA

    View Slide

  12. MADRID · NOV 18-19 · 2016
    El modo Swarm de Docker
    $ docker swarm init --advertise-addr 192.168.99.121
    Swarm initialized: current node (bvz81updecsj6wjz393c09vti) is now a manager.
    To add a worker to this swarm, run the following command:
    docker swarm join \
    --token 1awxwuwd3z9j1z3puu7rcgdbx \
    172.17.0.2:2377
    To add a manager to this swarm, run 'docker swarm join-token manager' and follow the
    instructions.

    View Slide

  13. MADRID · NOV 18-19 · 2016
    Gestión del cluster
    $ docker node COMMAND
    Commands:
    demote Demote one or more nodes from manager in the swarm
    inspect Display detailed information on one or more nodes
    ls List nodes in the swarm
    promote Promote one or more nodes to manager in the swarm
    rm Remove one or more nodes from the swarm
    ps List tasks running on a node
    update Update a node

    View Slide

  14. MADRID · NOV 18-19 · 2016
    CÓMO SE
    DESPLIEGAN
    APLICACIONES

    View Slide

  15. MADRID · NOV 18-19 · 2016
    Comando docker service
    $ docker service create \
    --name my_web \
    --replicas 4 \
    --constraint 'node.labels.type == web' \
    --mount type=bind,src=/data/www,dst=/opt/nginx/html \
    --publish 80:80 \
    --update-parallelism 2 \
    nginx

    View Slide

  16. MADRID · NOV 18-19 · 2016
    - En 1.12 es funcionalidad experimental
    - Se pueden generar a partir de un
    docker-compose.yml
    - $docker-compose bundle
    Docker Application Bundles (DAB)

    View Slide

  17. MADRID · NOV 18-19 · 2016
    Docker Application Bundles (DAB)
    {
    "Services": {
    "db": {
    "Image": "[email protected]:d6b51879ca8558c68c...",
    "Networks": ["default"]
    },
    "vote": {
    "Args": [ "python", "app.py" ],
    "Image": "lachlanevenson/[email protected]:c5cd487ae93..”,
    "Networks": [ "default" ],
    "Ports": [ { "Port": 80, "Protocol": "tcp" } ]
    }
    },
    "Version": "0.1"
    }

    View Slide

  18. MADRID · NOV 18-19 · 2016
    Despligue de DABs
    $ docker stack COMMAND
    Manage Docker stacks
    Commands:
    config Print the stack configuration
    deploy Create and update a stack from a Distributed Application Bundle (DAB)
    rm Remove the stack
    ps List the tasks in the stack

    View Slide

  19. MADRID · NOV 18-19 · 2016
    Despligue de DABs
    docker-compose bundle
    docker stack deploy voting
    docker service scale voting_worker=3
    docker service update --publish-add 5000:80 voting_vote
    docker service update --publish-add 5001:80 voting_result

    View Slide

  20. MADRID · NOV 18-19 · 2016
    KUBERNETES

    View Slide

  21. MADRID · NOV 18-19 · 2016
    FUNCIONALIDAD

    View Slide

  22. MADRID · NOV 18-19 · 2016
    Funcionalidad
    - Aporta abstracciones adicionales
    - Gestión de replicación de las aplicaciones
    - Service discovery y load balancing
    - Rolling updates
    - Distribución de secretos
    - Montaje de volúmenes

    View Slide

  23. MADRID · NOV 18-19 · 2016
    Funcionalidad
    - Monitorización de recursos
    - Autoescalado horizontal
    - Networking mediante add-ons
    - Identificación y autorización
    - Gestión de logs de containers

    View Slide

  24. MADRID · NOV 18-19 · 2016
    ARQUITECTURA

    View Slide

  25. MADRID · NOV 18-19 · 2016
    Pods

    View Slide

  26. MADRID · NOV 18-19 · 2016
    Nodos

    View Slide

  27. MADRID · NOV 18-19 · 2016
    Cluster y deployments

    View Slide

  28. MADRID · NOV 18-19 · 2016
    Servicios

    View Slide

  29. MADRID · NOV 18-19 · 2016
    CÓMO SE INSTALA

    View Slide

  30. MADRID · NOV 18-19 · 2016
    Entorno local: minikube
    $ minikube start
    Starting local Kubernetes cluster...
    Running pre-create checks...
    Creating machine...
    Starting local Kubernetes cluster…
    $ minikube dashboard

    View Slide

  31. MADRID · NOV 18-19 · 2016
    Instalador automatizado: kubeadm
    $ kubeadm init
    generated token: "f0c861.753c505740ecde4c"
    [...]
    Kubernetes master initialised successfully! You can connect any number of nodes by
    running:
    kubeadm join --token
    $ kubectl apply -f

    View Slide

  32. MADRID · NOV 18-19 · 2016
    Otras formas de instalación
    - En AWS: kops
    - Resto de instalaciones: script de kube-up.sh
    - Script para generar un cluster con valores por
    defecto:
    export KUBERNETES_PROVIDER=YOUR_PROVIDER;
    curl -sS https://get.k8s.io | bash

    View Slide

  33. MADRID · NOV 18-19 · 2016
    CÓMO SE
    DESPLIEGAN
    APLICACIONES

    View Slide

  34. MADRID · NOV 18-19 · 2016
    La navaja suiza: kubectl
    $ kubectl run kubernetes-bootcamp --image=docker.io/jocatalin/kubernetes-bootcamp:v1
    --port=8080
    $ kubectl expose deployment/kubernetes-bootcamp --type="NodePort" --port 8080

    View Slide

  35. MADRID · NOV 18-19 · 2016
    Definición de un deployment
    apiVersion: extensions/v1beta1
    kind: Deployment
    metadata:
    name: my-nginx
    spec:
    replicas: 1
    template:
    metadata:
    labels:
    run: my-nginx
    spec:
    volumes:
    - name: apps
    emptyDir: {}
    containers:
    - name: nginx
    image: nginx:1.9.0
    ports:
    - containerPort: 80
    volumeMounts:
    - mountPath: /usr/share/nginx/html
    name: apps

    View Slide

  36. MADRID · NOV 18-19 · 2016
    Definición de un servicio
    apiVersion: v1
    kind: Service
    metadata:
    name: my-nginx
    spec:
    type: NodePort
    ports:
    - port: 8080
    targetPort: 80
    protocol: TCP
    name: http
    selector:
    run: my-nginx

    View Slide

  37. MADRID · NOV 18-19 · 2016
    Operaciones con kubectl
    $ kubectl apply -f deployment.yml -f service.yml
    $ kubectl get deployments
    $ kubectl describe service my-nginx
    $ kubectl rollout status deployment/my-nginx
    $ kubectl set image deployment/my-nginx nginx=nginx:1.9.1
    $ kubectl rollout history deployment/my-nginx --revision=1
    $ kubectl rollout undo deployment/my-nginx --to-revision=1

    View Slide

  38. MADRID · NOV 18-19 · 2016
    Aplicaciones especiales
    - DaemonSets
    - Jobs y Scheduled Jobs
    - PetSets

    View Slide

  39. MADRID · NOV 18-19 · 2016
    DC/OS

    View Slide

  40. MADRID · NOV 18-19 · 2016
    FUNCIONALIDAD

    View Slide

  41. MADRID · NOV 18-19 · 2016
    Funcionalidad de DC/OS
    - Scheduling de dos niveles
    - Multiples workloads en el mismo hardware
    - Gestión de aislamiento de recursos
    - Gestión del almacenamiento
    - Repositorios de paquetes
    - Alta disponibilidad
    - Service discovery y load balancing

    View Slide

  42. MADRID · NOV 18-19 · 2016
    Funcionalidad de Marathon
    - Soporta Docker y Mesos Containers
    - Graphical User Interface
    - REST API
    - Zero downtime upgrades

    View Slide

  43. MADRID · NOV 18-19 · 2016
    Funcionalidad de Marathon
    - Constraints
    - Health Checks
    - Subscripción a eventos
    - Métricas

    View Slide

  44. MADRID · NOV 18-19 · 2016
    ARQUITECTURA

    View Slide

  45. MADRID · NOV 18-19 · 2016

    View Slide

  46. MADRID · NOV 18-19 · 2016

    View Slide

  47. MADRID · NOV 18-19 · 2016
    CÓMO SE INSTALA

    View Slide

  48. MADRID · NOV 18-19 · 2016
    Instalación manual
    $ mkdir -p genconf
    Crear un genconf/ip-detect script
    Generar un genconf/config.yaml
    $ cp genconf/ssh_key && chmod 0600 genconf/ssh_key
    $ curl -O https://downloads.dcos.io/dcos/stable/dcos_generate_config.sh
    $ sudo bash dcos_generate_config.sh --genconf
    $ sudo bash dcos_generate_config.sh --install-prereqs
    $ sudo bash dcos_generate_config.sh --preflight
    $ sudo bash dcos_generate_config.sh --deploy
    $ sudo bash dcos_generate_config.sh --postflight
    Monitorizar la convergencia de Zookeeper en Exhibitor http://:8181/exhibitor/v1/ui/index.html
    Hacer login en http:///

    View Slide

  49. MADRID · NOV 18-19 · 2016
    config.yaml
    agent_list:
    -
    -
    bootstrap_url: file:///opt/dcos_install_tmp
    cluster_name:
    exhibitor_storage_backend: static
    master_discovery: static
    master_list:
    -
    -
    -
    public_agent_list:
    -
    resolvers:
    - 8.8.4.4
    - 8.8.8.8
    ssh_port: 22
    ssh_user:

    View Slide

  50. MADRID · NOV 18-19 · 2016
    Otras instalaciones
    - Local: Vagrant
    - AWS: CloudFormation
    - Azure: Marketplace
    - GCE: Scripts
    - DigitalOcean, Packet: Terraform templates

    View Slide

  51. MADRID · NOV 18-19 · 2016
    Instalación de Marathon
    (marathon user)
    $ dcos auth login
    $ dcos package install marathon

    View Slide

  52. MADRID · NOV 18-19 · 2016
    CÓMO SE
    DESPLIEGAN
    APLICACIONES

    View Slide

  53. MADRID · NOV 18-19 · 2016
    GUI

    View Slide

  54. MADRID · NOV 18-19 · 2016
    GUI

    View Slide

  55. MADRID · NOV 18-19 · 2016
    basic-3.json
    {
    "id": "basic-3",
    "cmd": "python3 -m http.server 8080",
    "cpus": 0.5,
    "mem": 32.0,
    "container": {
    "type": "DOCKER",
    "docker": {
    "image": "python:3",
    "network": "BRIDGE",
    "portMappings": [
    { "containerPort": 8080, "hostPort": 0 }
    ]
    }
    }
    }

    View Slide

  56. MADRID · NOV 18-19 · 2016
    CLI
    $ dcos marathon app add basic-3.json
    $ dcos marathon app update /basic-3 instances=2
    $ dcos marathon deployment list /basic-3
    $ dcos marathon deployment rollback

    View Slide

  57. MADRID · NOV 18-19 · 2016
    Load Balancing
    "labels":{
    "HAPROXY_DEPLOYMENT_GROUP":"dcos-website",
    "HAPROXY_DEPLOYMENT_ALT_PORT":"10005",
    "HAPROXY_GROUP":"external",
    "HAPROXY_0_REDIRECT_TO_HTTPS":"true",
    "HAPROXY_0_VHOST": ""
    }

    View Slide

  58. MADRID · NOV 18-19 · 2016
    Service Discovery
    app1.marathon.mesos
    app2.marathon.mesos
    ...

    View Slide

  59. MADRID · NOV 18-19 · 2016
    NOMAD

    View Slide

  60. MADRID · NOV 18-19 · 2016
    FUNCIONALIDAD

    View Slide

  61. MADRID · NOV 18-19 · 2016
    Funcionalidad
    - Drivers: Docker, fork/exec, Java, LXC, Qemu, Rkt…
    - Único binario en versiones para todos los OS
    - Multi-datacenter y multi-región
    - Altamente escalable
    - Scheduler optimísticamente concurrente

    View Slide

  62. MADRID · NOV 18-19 · 2016
    Integración con productos Hashicorp
    - Cónsul
    - Service discovery
    - Healthchecks
    - Registro de nodos en el cluster
    - Templating
    - Vault
    - Gestión de secretos

    View Slide

  63. MADRID · NOV 18-19 · 2016
    ARQUITECTURA

    View Slide

  64. MADRID · NOV 18-19 · 2016
    Región

    View Slide

  65. MADRID · NOV 18-19 · 2016
    Federación de regiones

    View Slide

  66. MADRID · NOV 18-19 · 2016
    Conceptos

    View Slide

  67. MADRID · NOV 18-19 · 2016
    CÓMO SE INSTALA

    View Slide

  68. MADRID · NOV 18-19 · 2016
    Instalación automática: con Cónsul
    # /etc/nomad.d/server.hcl
    server {
    enabled = true
    bootstrap_expect = 3
    }
    $ nomad agent \
    -config=/etc/nomad.d/server.hcl
    # /etc/nomad.d/client.hcl
    datacenter = "dc1"
    client {
    enabled = true
    }
    $ nomad agent \
    -config=/etc/nomad.d/client.hcl

    View Slide

  69. MADRID · NOV 18-19 · 2016
    Instalación manual
    $ nomad server-join
    # /etc/nomad.d/client.hcl
    datacenter = "dc1"
    client {
    enabled = true
    servers = [":4647"]
    }

    View Slide

  70. MADRID · NOV 18-19 · 2016
    CÓMO SE
    DESPLIEGAN
    APLICACIONES

    View Slide

  71. MADRID · NOV 18-19 · 2016
    Job (driver “exec”)
    job "echo" {
    datacenters = ["dc1"]
    group "echo-group" {
    task "server" {
    driver = "exec"
    config {
    command = "/bin/http-echo"
    args = ["-listen", ":${NOMAD_PORT_http}","-text", "hello world"]
    }
    resources {
    cpu = 100
    memory = 15
    network {
    mbits = 10
    port "http" {}
    }
    }
    }
    }
    }

    View Slide

  72. MADRID · NOV 18-19 · 2016
    Job (driver “docker”)
    [...]
    task "cache" {
    driver = "docker"
    config {
    image = "redis:latest"
    port_map {
    db = 6379
    }
    }
    service {
    name = "${TASKGROUP}-redis"
    tags = ["global", "cache"]
    port = "db"
    check {
    name = "alive"
    type = "tcp"
    interval = "10s"
    timeout = "2s"
    }
    }
    }

    View Slide

  73. MADRID · NOV 18-19 · 2016
    Ejecutar un job
    $ nomad run echo.nomad
    ==> Monitoring evaluation "1cb1720e"
    Evaluation triggered by job "echo"
    Allocation "c7f66ffe" created: node "15cfa6e3", group "example"
    Evaluation status changed: "pending" -> "complete"
    ==> Evaluation "1cb1720e" finished with status "complete"
    $ nomad status echo
    ID = echo
    [...]
    Summary
    Task Group Queued Starting Running Failed Complete Lost
    example 0 0 1 0 0 0
    Allocations
    ID Eval ID Node ID Task Group Desired Status Created At
    c7f66ffe 1cb1720e 15cfa6e3 example run running 11/12/16 21:35:48 UTC

    View Slide

  74. MADRID · NOV 18-19 · 2016
    Updates
    $ nomad plan echo.nomad
    +/- Job: "echo"
    +/- Task Group: "example" (1 create/destroy update)
    +/- Task: "server" (forces create/destroy update)
    +/- Config {
    args[0]: "-listen"
    args[1]: ":${NOMAD_PORT_http}"
    args[2]: "-text"
    +/- args[3]: "hello world" => "goodbye world"
    command: "/bin/http-echo"
    }
    Scheduler dry-run:
    - All tasks successfully allocated.
    Job Modify Index: 532
    To submit the job with version verification run:
    nomad run -check-index 532 echo.nomad

    View Slide

  75. MADRID · NOV 18-19 · 2016
    (MI) COMPARATIVA

    View Slide

  76. MADRID · NOV 18-19 · 2016
    Facilidad de instalación

    View Slide

  77. MADRID · NOV 18-19 · 2016
    Batteries included

    View Slide

  78. MADRID · NOV 18-19 · 2016
    Complejidad

    View Slide

  79. MADRID · NOV 18-19 · 2016
    Madurez / Fiabilidad

    View Slide

  80. MADRID · NOV 18-19 · 2016
    Docker Swarm
    - Mayor facilidad de transición
    - Plug and play para muchos casos de uso
    - 100% compatible con Docker
    - Parte experimental del DAB
    - Sólo soporta Docker

    View Slide

  81. MADRID · NOV 18-19 · 2016
    Kubernetes
    - Excelentes funcionalidades y abstracciones para
    containers
    - Ritmo imparable
    - Curva de aprendizaje pronunciada
    - Sólo vale para Docker y Rkt

    View Slide

  82. MADRID · NOV 18-19 · 2016
    DC/OS
    - Arquitectura de schedulers muy potente
    - Excelente para otro tipo de tareas distintas de
    containers
    - Curva de aprendizaje muy pronunciada
    - Docker no es su prioridad

    View Slide

  83. MADRID · NOV 18-19 · 2016
    Nomad
    - Liviano y sencillo
    - Arquitectura robusta, escalable
    - Impresionante soporte multi-plataforma y
    multi-driver
    - Sólo es responsable de una funcionalidad
    - Le falta rodaje

    View Slide

  84. MADRID · NOV 18-19 · 2016
    Happy hacking!
    Alejandro Guirao
    @lekum
    lekum.org
    github.com/lekum
    http://www.intelygenz.es/unete-a-intelygenz/

    View Slide

  85. MADRID · NOV 18-19 · 2016
    Despliegues en producción
    - Swarm: Bugsnag, Flugel.it, Runnable
    - Kubernetes: GKE, HP Helion, Red Hat Openshift,
    eBay
    - DC/OS: Autodesk, ESRI, Time Warner Cable, Verizon,
    Bloomberg, Azure Container service
    - (Mesos): Twitter, Uber, PayPal
    - Nomad: Citadel

    View Slide