Upgrade to Pro — share decks privately, control downloads, hide ads and more …

ESPC 2019 - Running Docker containers on Azure: the overview

Pascal Naber
December 05, 2019
0
62

ESPC 2019 - Running Docker containers on Azure: the overview

Pascal Naber

December 05, 2019
Tweet

More Decks by Pascal Naber

See All by Pascal Naber
Container Orchestration on Azure @ DevOn
pascalnaber
0
55
Azure Serbia UG - Introduction to Kubernetes using AKS
pascalnaber
0
29
Ignite the Tour Paris: Running Docker containers on Azure: The ultimate overview
pascalnaber
0
64
Ignite the Tour Paris: 8 lessons learned running K8S with Azure Kubernetes Service
pascalnaber
0
210
Devoxx Poland - The ultimate introduction to Kubernetes
pascalnaber
0
8
ExpertsliveNL 2019: Containers on Azure the: overview
pascalnaber
0
38
IntelligentCloud 2019: 8 lessons learned using k8s with Azure Kubernetes Service
pascalnaber
0
150
Ignite the Tour Johannesburg 2019 8 lessons learned using k8s with Azure Kubernetes Service
pascalnaber
0
160
Ignite the Tour Johannesburg 2019 The Ultimate introduction to Kubernetes on Azure
pascalnaber
0
79

Featured

See All Featured
Bash Introduction
62gerente
604
210k
Fireside Chat
paigeccino
21
2.6k
Why Our Code Smells
bkeepers
PRO
331
56k
From Idea to $5000 a Month in 5 Months
shpigford
377
45k
The Illustrated Children's Guide to Kubernetes
chrisshort
31
46k
Building Adaptive Systems
keathley
31
1.9k
5 minutes of I Can Smell Your CMS
philhawksworth
199
19k
Design by the Numbers
sachag
274
18k
Designing the Hi-DPI Web
ddemaree
276
33k
How STYLIGHT went responsive
nonsquared
92
4.8k
Thoughts on Productivity
jonyablonski
58
3.8k
Build The Right Thing And Hit Your Dates
maggiecrowley
24
2k

Transcript

  1. Running Docker containers on Azure: the overview Pascal Naber Coding

    Azure Architect Microsoft Azure MVP The Netherlands

  2. Think ahead. Act now. Pascal Naber @pascalnaber Running Docker containers

    on Azure: the overview

  3. Azure Web App for Containers Azure Service Fabric (Mesh) Azure

    Batch Azure Red Hat OpenShift Azure Kubernetes Service (AKS) Azure Container Instances (ACI) Azure Container Registry (ACR) Run containers on Azure

  4. Think ahead. Act now.

  5. Think ahead. Act now. WHY I LIKE Containers

  6. Think ahead. Act now. They are FAST

  7. Think ahead. Act now. They are PORTABLE

  8. Think ahead. Act now. They are ISOLATED

  9. None

  10. Think ahead. Act now. How HOT are containers actually?

  11. https://insights.stackoverflow.com/survey/2019 Nearly 90.000 developers 2019 Developer Survey

  12. https://insights.stackoverflow.com/survey/2019 Nearly 90.000 developers 2019 Developer Survey

  13. https://insights.stackoverflow.com/survey/2019 Nearly 90.000 developers 2019 Developer Survey By 2022, Gartner

    predicts that “more than 75 percent of global organizations will be running containerized applications in production https://www.gartner.com/smarterwithgartner/6-best- practices-for-creating-a-container-platform-strategy/

  14. Azure Web App for Containers Azure Service Fabric (Mesh) Azure

    Batch Azure Red Hat OpenShift Azure Kubernetes Service (AKS) Azure Container Instances (ACI) Azure Container Registry (ACR) Run containers on Azure

  15. Azure Web App for Containers Azure Service Fabric (Mesh) Azure

    Batch Azure Red Hat OpenShift Azure Kubernetes Service (AKS) Azure Container Instances (ACI) Azure Container Registry (ACR) Run containers on Azure

  16. Development Source code Build Pipeline Docker Images Container Registry CI

    pipeline (Build) CD pipeline (Release) Development Staging Production Tag: 1.1 Staging Production Tag: 1.1 Azure Tag: 1.1 Tag: 1.1

  17. Think ahead. Act now. Azure Container Registry Private Container Image

    registry Based on Open Standard Helm Repo Geo replication ACR Tasks

  18. Azure Web App for Containers Azure Service Fabric (Mesh) Azure

    Batch Azure Red Hat OpenShift Azure Kubernetes Service (AKS) Azure Container Instances (ACI) Azure Container Registry (ACR) Run containers on Azure

  19. Backend process No UI Every hour, 5 minutes Project Rome

    v1:

  20. Azure Web App for Containers Azure Service Fabric (Mesh) Azure

    Batch Azure Red Hat OpenShift Azure Kubernetes Service (AKS) Azure Container Instances (ACI) Azure Container Registry (ACR) Run containers on Azure

  21. Azure Web App for Containers Azure Service Fabric (Mesh) Azure

    Batch Azure Red Hat OpenShift Azure Kubernetes Service (AKS) Azure Container Registry (ACR) Run containers on Azure Azure Container Instances (ACI)

  22. Azure Container Instances (ACI) Pay for use Serverless containers Public

    or Private accessible For short lived workloads like Bursts Scheduled work From € 1.05 for 1 CPU with 1 GB for 24 hours To € 5.22 for 4 CPU with 14 GB for 24 hours

  23. Think ahead. Act now. DEMO Azure Container Instances (ACI)

  24. Project Rome Backend process No UI Every hour, 5 minutes

    Backend process & Front end With public available UI Run Continuously Over SSL with authentication Regularly new releases No downtime Scaling v2: v1:

  25. Azure Container Instances (ACI) Pay for use Serverless containers Public

    or Private accessible 1 container instance only No High Availability No zero-downtime deployment No scale out Limited scale up No autoscaling No out of the box SSL support No cache for pulled containers Pay extra for Windows containers For short lived workloads like Bursts Scheduled work

  26. Azure Service Fabric (Mesh) Azure Batch Azure Red Hat OpenShift

    Azure Kubernetes Service (AKS) Azure Container Registry (ACR) Azure Container Instances (ACI) Run containers on Azure Azure Web App for Containers

  27. WebApp for Container Pay for Hostingplan as long as it

    exists Scale up Scale out Auto scaling Zero-downtime deployment SSL by default Authentication Identity Custom domains Hostingplan From € 3.59 for 1 CPU with 3.5 GB for 24 hours To € 14.37 for 4 CPU with 14 GB for 24 hours

  28. WebApp for Container - Scaling

  29. WebApp for Container - Scaling

  30. WebApp for Container – Zero-downtime deployment Deployment slots webapp staging

    Release Pipeline production 1. deploy 3. swap 2. ready? Container Registry https://myapp.azurewebsites.net https://myapp-staging.azurewebsites.net

  31. WebApp for Container != WebApp WebApp WebApp for Container

  32. Think ahead. Act now. DEMO Azure Webapp for Container

  33. Think ahead. Act now. Project Rome Lots of containers Layer

    7 Firewall for all traffic Better density of our resources Make use of some CNCF projects - Mesh: Istio - Logging: Prometheus, Jaeger - Service discovery: CoreDNS - Messaging: NATS v3: v2: Backend process & Front end With public available UI Run Continuously Over SSL with authentication Regularly new releases No downtime Auto scaling

  34. Firewall Application Gateway & Firewall traffic https://myapp.azurewebsites.net

  35. Firewall Application Gateway & Firewall vnet App Service Environment Certificate

    DevOps Agent Azure Container Instances traffic AKS https://myapp.azurewebsites.net

  36. WebApp for Container Pay for Hostingplan as long as it

    exists Scale up Scale out Auto scaling Zero downtime deployment SSL by default Authentication Identity Custom domains Scaling out is slow No optimal use of resources No firewall possibility (yet) Limited logging possibilities No health check functionality (yet) Only support for port 80 & 443 Not suitable for lots of containers Not portable

  37. Azure Service Fabric (Mesh) Azure Batch Azure Red Hat OpenShift

    Azure Container Registry (ACR) Azure Container Instances (ACI) Azure Web App for Containers Azure Kubernetes Service (AKS) Run containers on Azure

  38. Kubernetes De facto standard container orchestrator Started by Google Since

    v1 Open Source by Large, rapidly growing ecosystem Declarative configuration

  39. Google trends

  40. Kubernetes - Ecosystem Kubernetes Ecosystem

  41. Azure Kubernetes Service (AKS) Running containers at scale Scaling up

    & scaling out Autoscaling Zero downtime deployment High Availability Public & Private endpoints Health management Enormous ecosystem Portable SSL Support* Identity management* Keyvault integration*

  42. Think ahead. Act now. https://aka.ms/LearnKubernetes

  43. Azure Kubernetes Service (AKS) master master master worker worker worker

    AKS 100% managed by Microsoft IaaS managed by Microsoft € 0 € … (VM pricing)

  44. Azure resources for AKS MC_espc_aksdemo_westeurope espc

  45. Public & Private Endpoints - Services Service (LoadBalancer) Service (LoadBalancer)

    Service (LoadBalancer) Service (LoadBalancer) IP-Address IP-Address IP-Address IP-Address

  46. Public & Private Endpoints - Ingress Service (ClusterIP) Service (ClusterIP)

    Service (ClusterIP) Service (ClusterIP) Service (Loadbalancer) Ingress controller IP-Address Ingress OurExternalAPI.com Ingress Myproject.com Ingress AdminSite.com Ingress Myproject.com/apis

  47. SSL Service (ClusterIP) Service (ClusterIP) Service (ClusterIP) Service (ClusterIP) Service

    (Loadbalancer) Ingress controller IP-Address Ingress OurExternalAPI.com Ingress Myproject.com Ingress AdminSite.com Ingress Myproject.com/apis Works on ingress Auto request certificate Auto renewal https://github.com/jetstack/cert-manager DNS Zone

  48. Kubernetes - Health monitoring Every n seconds check Restarts container

    During rolling update deployment Stop deployment During container startup No traffic Default endpoint Health endpoint (/health) Health endpoints returns != 200?

  49. Azure Kubernetes Service (AKS) - Scaling worker worker worker worker

    replicas replicas 4 5 Pod Autoscaler 4-20 > 60% CPU Cluster Autoscaler

  50. AKS master master master worker worker worker AKS 100% managed

    by Microsoft IaaS managed by Microsoft

  51. AKS + ACI AKS 100% managed by Microsoft 100% managed

    by Microsoft worker master master master

  52. Think ahead. Act now. DEMO Azure Kubernetes Service (AKS)

  53. AKS as the Silver bullet Kubernetes created an ecosystem of

    expandable standards but this still needs configuration. For example: • Deployments • Network Policies • Role Based Access Controls • Pod Security Policies • Pod Priority and more... Common integration points can be different across cloud providers • Authentication • Logging & Metrics • Secrets • Storage

  54. Azure Kubernetes Service (AKS) Running containers at scale Scaling up

    & scaling out Autoscaling Zero downtime deployment High Availability Public & Private endpoints Health management Enormous ecosystem Portable SSL Support* Identity management* Keyvault integration* Authentication A lot of management for a couple of containers Steep learning curve Not all Azure functionality is mature (yet) • Network policies • Pod Security Policies No turnkey configuration

  55. Azure Batch Azure Kubernetes Service (AKS) Azure Container Registry (ACR)

    Azure Container Instances (ACI) Azure Web App for Containers Azure Red Hat OpenShift Run containers on Azure Azure Service Fabric (Mesh)

  56. Think ahead. Act now. Service Fabric Service Fabric Resource Model

    Application platform providing rich programming models - Reliable services - Reliable actors - Reliable collections Portable Run containers

  57. Think ahead. Act now. Service Fabric powers Azure

  58. Service Fabric Mesh Serverless Seamless integration with Azure Deploy &

    scale in seconds High availability Per second billing Not Portable Container only Responsibility You Azure Application Deployment Hardware OS Patching Runtime upgrades Micro-billing Capacity planning Network & Storage

  59. Think ahead. Act now. container groups networks auto scale update

    policies volumes secrets ………. Atlas Serverless Container Platform Service Service Fabric Mesh Atlas ResourceProvider App service RP Azure functions RP ACI RP Future serverless multitenant Services App Package Functions definition App model Service Fabric Mesh - Evolution n AKS Virtual Nodes ACI API

  60. Think ahead. Act now. Specification for building cloud native applications

    Agnostic application model Codename: Hydra By Microsoft and Alibaba Cloud Announced 16 October 2019 Inspired by Service Fabric Resource Model https://openappmodel.io/

  61. Think ahead. Act now. Rudr Kubernetes implementation of

  62. Think ahead. Act now.

  63. Think ahead. Act now. Azure Service Fabric (Mesh) Azure Batch

    Azure Kubernetes Service (AKS) Azure Container Registry (ACR) Azure Container Instances (ACI) Azure Web App for Containers Run containers on Azure Azure Red Hat OpenShift

  64. Azure Red Hat OpenShift Based on, and extends Kubernetes No

    virtual machine operation or patching Enterprise minded Support from RedHat Build in: Small cluster - pay as you go € 36.671 -1 year reserved € 21.952 OpenShift Kubernetes (DIY) Container Registry Docker, Azure Container Registry Monitoring Prometheus Log aggregator EFK stack Certificate management cert-manager CI/CD Jenkins/Azure DevOps Authentication dex

  65. Think ahead. Act now. Azure Service Fabric (Mesh) Azure Kubernetes

    Service (AKS) Azure Container Registry (ACR) Azure Container Instances (ACI) Azure Web App for Containers Azure Red Hat OpenShift Run containers on Azure Azure Batch

  66. Think ahead. Act now. Azure Batch For large-scale parallel and

    high-performance computing (HPC) batch jobs Native imperative Batch Shipyard declarative yaml Task Task Task Compute node Compute node Compute node Azure Batch Job Pool Azure Storage https://github.com/Azure/batch-shipyard

  67. Think ahead. Act now. pool.yaml job.yaml Azure Batch config.yaml credentials.yaml

  68. Azure Web App for Containers Azure Service Fabric (Mesh) Azure

    Batch Azure Red Hat OpenShift Azure Kubernetes Service (AKS) Azure Container Instances (ACI) Azure Container Registry (ACR) Run containers on Azure

  69. Think ahead. Act now. Pascal Naber Coding Azure Architect Xpirit

    Netherlands @pascalnaber http://pascalnaber.wordpress.com https://github.com/pascalnaber/escp2019
  70. None