CoreOS Technical Overview @ pdxdevops

Transcript

1. CoreOS

2. Linux for Massive Server Deployments

3. @BrandonPhilips github.com/philips

4. secure the internet Why?

5. manual updates

6. automatic updates

7. automatic updates

8. rpm replace files restart processes edit configs

9. apt replace files restart processes edit configs

10. chef replace files restart processes edit configs

11. puppet replace files restart processes edit configs

12. kernel systemd ssh docker python java nginx mysql openssl app

    distro distro distro distro distro distro dist

13. kernel systemd ssh docker python java nginx mysql openssl app

    distro distro distro distro distro distro dist

14. The Linux Kernel does not break userspace.

15. WE DO NOT BREAK USERSPACE! Seriously. How hard is this

    rule to understand? We particularly don't break user space with TOTAL CRAP. - Linus Torvalds
16. None
17. None

18. etcd

19. /etc distributed

20. A highly-available key value store for shared configuration and service

    discovery.

21. A highly-available key value store for shared configuration and service

    discovery.

22. Available 3 1 2 5 4

23. Available 3 1 5 4

24. Available 3 1 4

25. Unavailable 3 1

26. A highly-available key value store for shared configuration and service

    discovery.

27. $ mkdir services! ! $ set services/db0 10.0.0.8! $ set

    services/db1 10.0.0.10! ! $ set services/db-master db0 etcdctl

28. GET /services/db0 “10.0.0.8”

29. A highly-available key value store for shared configuration and service

    discovery.

30. { "password": "cleartext", "user": "root" }

31. A highly-available key value store for shared configuration and service

    discovery.

32. A highly-available key value store for shared configuration and service

    discovery & locking.

33. App etcd DB?

34. App etcd No DB

35. App etcd I will watch and wait

36. App etcd DB Master?

37. App etcd No DB Master. You’re it. DB Master appeared

38. App etcd Heartbeat Watch SELECT * from Awesome

39. App etcd Heartbeat DB Master? Watch

40. App etcd Heartbeat Master exists. Watch

41. App etcd Heartbeat Heartbeat Watch

42. App etcd You’re master now New DB

43. App etcd Watch Heartbeat DROP *

44. App etcd Watch Heartbeat DB Master?

45. App etcd master exists Heartbeat Watch

46. $ set services/db-master db0! ! $ set --swap-with-value "db1" \!

    services/db-master db0! ! Compare failed ([db1 != db0]! etcdctl

47. how does the db know
 how to talk to etcd?

48. buddy etcd { host: “db1”, port: 4349 }

49. buddy etcd heartbeat

50. etcd

51. linux+systemd CoreOS is

52. mount storage setup networks run processes linux+systemd manages the single

    server:

53. mount storage $ cat media-state.mount! [Mount]! What=/dev/disk/by-label/STATE! Where=/media/state! Options=commit=600,data=ordered! Type=ext4!

    FsckPassNo=0

54. setup networks $ cat public.link! [Match]! MACAddress=52:54:00:12:34:56! [Link]! Alias=public! !

    $ cat public.network! [Network]! DHCP=True!

55. run services $ cat docker.service! [Unit]! After=network.target! ! [Service]! ExecStart=/usr/bin/docker

    -d -H fd://! Restart=on-failure! ! [Install]! WantedBy=multi-user.target

56. docker runs containers $ cat scrup.service! [Unit]! Description=Scrup Service! After=docker.service!

    ! [Service]! ExecStart=/usr/bin/docker run -p 3000:3000 philips/scrup systemd logs and monitors

57. fleet demo

58. more security more reliability more stability

59. Credits: Browser Icons: https://www.iconfinder.com/ Thanks! @coreoslinux