Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Container management with Docker, Mesos/Marathon & Kubernetes

Container management with Docker, Mesos/Marathon & Kubernetes

Michael Hausenblas

October 12, 2015
Tweet

More Decks by Michael Hausenblas

Other Decks in Technology

Transcript

  1. © 2015 Mesosphere, Inc. All Rights Reserved. CONTAINER MANAGEMENT WITH

    DOCKER, MESOS/ MARATHON & KUBERNETES 1 Velocity NYC | 2015-10-12
  2. © 2015 Mesosphere, Inc. All Rights Reserved. AGENDA 2 1.

    Goals & teams (10min) 2. Container 101 (30min + 50min) 3. Mesos & Marathon (30min + 30min) 4. Kubernetes (30min + 30min) 5. Putting it all together (2h+) 6. Wrap up (15min)
  3. © 2015 Mesosphere, Inc. All Rights Reserved. GOALS 4 •

    Understand container basics incl. Docker • Able to find and launch Docker images, create own, troubleshoot containers • Understand orchestration options • Understand deployment options • Able to implement an application using Docker, Kubernetes & Marathon
  4. © 2015 Mesosphere, Inc. All Rights Reserved. YOUR MESOSPHERE TEAM

    … 5 Michael Karl James Vishnu Tyler Inyoung
  5. © 2015 Mesosphere, Inc. All Rights Reserved. YOUR TEAM ...

    6 • We have 10 clusters prepared → team up in groups of 3 to 4 people • Find a place where you can work together • One person should drive, others help/comment/plan • Reach out to one of the Mesosphere team members to announce team • Check against http://j.mp/velocity-2015-container-training
  6. © 2015 Mesosphere, Inc. All Rights Reserved. LINUX
 CONTAINERS 8

    The why and the what: • Containers vs VMs • dependency management • lightweight (startup time, footprint, average runtime) • isolation & security • pets vs cattle
  7. © 2015 Mesosphere, Inc. All Rights Reserved. WHAT
 IS
 THIS


    ALL ABOUT? 9 Pets vs Cattle Pets are individuals that you give names and when they get ill you nurse them back to health. Cattle are anonymous, identical to other cattle you assign numbers and when they get ill → next one. http://www.theregister.co.uk/2013/03/18/servers_pets_or_cattle_cern/
  8. © 2015 Mesosphere, Inc. All Rights Reserved. CONSEQUENCES
 OF GOING


    ALL-IN WITH
 CATTLE APPROACH 10 Pets vs Cattle • scale out on commodity hardware • elasticity • 'cheap' & 'simple' • R U on pager duty? Just sleep through! • social ≫ technology challenge • new technical challenges such as service discovery http://www.theregister.co.uk/2013/03/18/servers_pets_or_cattle_cern/
  9. © 2015 Mesosphere, Inc. All Rights Reserved. LINUX
 CONTAINERS 11

    • namespaces • Isolate PIDs between processes • Isolate process to network resources • Isolate the hostname to fake it out (UTS) • Isolate the filesystem mount points (chroot) • Isolate inter process communication (IPC) • Isolate specific users to specific processes • cgroups
 https://sysadmincasts.com/episodes/14-introduction-to-linux-control-groups-cgroups
  10. © 2015 Mesosphere, Inc. All Rights Reserved. DOCKER 13 Registries

    • Docker Hub
 https://hub.docker.com/ • Google Cloud
 https://cloud.google.com/tools/container-registry/ • AWS
 https://aws.amazon.com/ecr/ • Run your own
 https://docs.docker.com/registry/deploying/
  11. © 2015 Mesosphere, Inc. All Rights Reserved. WORKLOADS* … 16

    *) kudos to Timothy St. Clair, @timothysc batch streaming PaaS MapReduce
  12. © 2015 Mesosphere, Inc. All Rights Reserved. • A top-level

    ASF project • A cluster resource negotiator • Scalable to 10,000s of nodes but also useful for a handful of nodes • Fault-tolerant, battle-tested • An SDK for distributed apps • Native Docker support 17 Apache Mesos
  13. © 2015 Mesosphere, Inc. All Rights Reserved. ARCHITECTURE 18 Mesos

    http://mesos.berkeley.edu/mesos_tech_report.pdf *) now: agent *
  14. © 2015 Mesosphere, Inc. All Rights Reserved. Master Node(s) Master

    Node(s) Slave Node(s) Master Node(s) Master Node(s) Master Node(s) Mesos Task Mesos Task Framework Scheduler Framework Scheduler Framework Container Mesos Mesos Slave SETUP 19 Mesos
  15. © 2015 Mesosphere, Inc. All Rights Reserved. RESOURCES 20 Mesos

    • resource == anything a task/executor consumes in order to do their work • standard resources: cpu, mem, disk, ports • DRF
  16. © 2015 Mesosphere, Inc. All Rights Reserved. MEET THE DATACENTER

    OPERATING SYSTEM 37 Any Service or Container Any Infrastructure Mesosphere DCOS Your favorite services, container formats, and those yet to come Build apps once on DCOS, and run it anywhere Runs distributed apps anywhere 
 as simply as running apps on your laptop
  17. © 2015 Mesosphere, Inc. All Rights Reserved. LOCAL OS VS.

    DISTRIBUTED OS 38 http://bitly.com/os-vs-dcos
  18. © 2015 Mesosphere, Inc. All Rights Reserved. DCOS IS A

    DISTRIBUTED OPERATING SYSTEM 39 • kernel (Apache Mesos, written in C++) scales to 10,000 of nodes • fault-tolerant in all components, rolling upgrades throughout • containers first class citizens (LXC, Docker) • local OS per node (+container enabled) • scheduling (long-lived, batch) • service discovery, monitoring, logging, debugging
  19. © 2015 Mesosphere, Inc. All Rights Reserved. BENEFITS 41 •

    Run stateless services such as Web servers, app servers (via Marathon) and stateful services like Crate, Kafka, HDFS, Cassandra, ArangoDB etc. together on one cluster • Dynamic partitioning of your cluster, depending on your needs (business requirements) • Increased utilization (10% → 80% an more)
  20. © 2015 Mesosphere, Inc. All Rights Reserved. DCOS ARCHITECTURE 44

    https://docs.mesosphere.com/getting-started/dcosarchitecture/
  21. © 2015 Mesosphere, Inc. All Rights Reserved. MARATHON 45 An

    init System for datacenters • starts instances of your stateless service somewhere in the cluster, for example as Docker containers • restarts the instances somewhere in the cluster if they crash • It's a “meta-framework"
  22. © 2015 Mesosphere, Inc. All Rights Reserved. 46 BASICS •

    apps and groups • health checks HTTP API • curl | http • DCOS CLI TEAM PLAYER • Integrates nicely into the DCOS ecosystem • Doesn’t try to solve everything itself MARATHON 101
  23. © 2015 Mesosphere, Inc. All Rights Reserved. MARATHON 47 {

    "id": "webserver", "cmd": "python3 -m http.server 8080", "cpus": 0.5, "mem": 32.0, "container": { "type": "DOCKER", "docker": { "image": "python:3", "network": "BRIDGE", "portMappings": [ { "containerPort": 8080, "hostPort": 0 } ] } }, "acceptedResourceRoles": [ "slave_public" ], "constraints": [ [ "hostname", "UNIQUE" ] ] }
  24. © 2015 Mesosphere, Inc. All Rights Reserved. WHAT IS KUBERNETES?

    50 • open source container orchestration system • scheduling apps onto nodes + scaling • manages apps to match declared intentions • based on Google's internal cluster managers such as Borg
  25. © 2015 Mesosphere, Inc. All Rights Reserved. KUBERNETES CONCEPTS 52

    • container—sealed application package (Docker) • pod—small group of tightly coupled containers • labels—identifying metadata attached to objects (pods, services, etc.) • selector—query against labels, producing a set result • controller—control loop driving current state towards desired state • service—set of pods that work together (incl. proxy/load balancer)
  26. © 2015 Mesosphere, Inc. All Rights Reserved. KUBERNETES: PODS 53

    • unit of scheduling • data sharing between its containers • shared mount point (volumes) • shared network namespace (same IP, see each other on localhost)
  27. © 2015 Mesosphere, Inc. All Rights Reserved. KUBERNETES: LABELS &

    SELECTORS 54 • arbitrary metadata (in key-value format) attached to any API object • used for grouping, queryable by selectors • examples • pods managed by a replication controller • nodes capabilities for scheduling
  28. © 2015 Mesosphere, Inc. All Rights Reserved. KUBERNETES: REPLICATION CONTROLLERS

    55 • constitutes a control loop • ensures a desired state (x pods running) • scoped by selector
  29. © 2015 Mesosphere, Inc. All Rights Reserved. KUBERNETES: SERVICES 56

    • compensate for dynamics of pods • provides a stable VIP (through proxy) • access policy: load-balanced or headless
  30. © 2015 Mesosphere, Inc. All Rights Reserved. KUBERNETES: CLUSTER-WIDE SERVICES

    57 • monitoring (e.g.: cAdvisor + InfluxDB + Heapster) • logging (e.g.: fluentd + ES + Kibana) • DNS (e.g.: skydns + kube2sky) • all of the above can be replaced by custom solutions (GCP, AWS, etc.)
  31. © 2015 Mesosphere, Inc. All Rights Reserved. KUBERNETES + MESOS

    Master Node(s) Master Node(s) Slave Node(s) Master Node(s) Master Node(s) kubectl Master Node(s) Mesos Master Mesos Slave Mesos Task Mesos Task Kublet Kubernetes Framework API Server Controller Manager Kube DNS Kube UI Proxy Kublet Proxy Scheduler 58
  32. © 2015 Mesosphere, Inc. All Rights Reserved. KUBERNETES + MESOS

    59 https://github.com/kubernetes/kubernetes/blob/release-1.0/contrib/mesos/docs/architecture.md
  33. © 2015 Mesosphere, Inc. All Rights Reserved. KUBERNETES + MESOS

    60 https://github.com/kubernetes/kubernetes/blob/release-1.0/contrib/mesos/docs/architecture.md
  34. © 2015 Mesosphere, Inc. All Rights Reserved. BENEFITS 61 •

    Node-level auto-scaling • Dynamic partitioning: co-location of Kubernetes with other services such as Spark, Chronos, Cassandra, etc. on the same cluster • Independence from special network infrastructure • Mesosphere DCOS specific: • High Availability • Easy installation • Easy maintenance
  35. © 2015 Mesosphere, Inc. All Rights Reserved. USE CASES 62

    • Kubernetes: 100% containerized workloads (cloud-native apps) • Mesos/Marathon: containerized & non-containerized workloads • Kubernetes+Mesos: hybrid workloads • legacy apps/microservices integration • state-less + analytical workloads
  36. © 2015 Mesosphere, Inc. All Rights Reserved. SERVICE DISCOVERY 65

    • MesosDNS • Consul • Static/Dynamic Ports • See also http://programmableinfrastructure.com/components/service-discovery/
  37. © 2015 Mesosphere, Inc. All Rights Reserved. DEPLOYMENT OPTIONS 66

    • On premises • Cloud (AWS, GCP, Azure, DO, etc.)
  38. © 2015 Mesosphere, Inc. Example: a hybrid workload 67 gen.sh

    distributed kernel orchestration application https://github.com/mesosphere/velocity-training/tree/master/piat
  39. © 2015 Mesosphere, Inc. All Rights Reserved. REFERENCES 70 Look

    up stuff: FAQ: help.mesosphere.com Docs: docs.mesosphere.com Talk with others and us about stuff: Slack: chat.mesosphere.com Intercom (embedded in DCOS) IRC: #mesos on irc.freenode.net
  40. © 2015 Mesosphere, Inc. All Rights Reserved. WE ARE HIRING,

    WORLDWIDE … San Francisco New York Hamburg https://mesosphere.com/careers/
  41. © 2015 Mesosphere, Inc. All Rights Reserved. TELL US WHAT

    YOU LIKED (OR NOT LIKED ;) 72 http://bit.ly/containersatvelocity
  42. © 2015 Mesosphere, Inc. All Rights Reserved. SEE ALSO …

    73 • @mhausenblas • mhausenblas.info • @mesosphere • mesosphere.io/product http://shop.oreilly.com/product/9781939902184.do http://p24e.io http://shop.oreilly.com/product/0636920039952.do https://manning.com/books/mesos-in-action