Upgrade to Pro — share decks privately, control downloads, hide ads and more …

The Journey to #GIFEE: Intro to the Open Source

Sponsored · Your Podcast. Everywhere. Effortlessly. Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
Avatar for Brandon Philips Brandon Philips
April 10, 2016
Technology
1
110

The Journey to #GIFEE: Intro to the Open Source

At Linux Foundation Collab Summit 2016

Avatar for Brandon Philips

Brandon Philips

April 10, 2016
Tweet

More Decks by Brandon Philips

See All by Brandon Philips
Node.js Workflow with Minikube and Skaffold
Avatar for Brandon Philips philips
0
280
Manage the App on Kubernetes
Avatar for Brandon Philips philips
0
360
Production Backbone Monitoring Containerized Apps
Avatar for Brandon Philips philips
0
210
KubeCon EU 2017: Dancing on the Edge of a Volcano
Avatar for Brandon Philips philips
1
810
rkt - KubeCon EU keynote - 2017
Avatar for Brandon Philips philips
1
290
FOSDEM_Keynote_2017-_.pdf
Avatar for Brandon Philips philips
0
150
Tectonic Summit Day 2 Keynote
Avatar for Brandon Philips philips
0
380
Kubernetes: Simple to Manage Anywhere (self-hosted, Tectonic upgrade demo)
Avatar for Brandon Philips philips
0
420
KubeCon Keynote 2016- Distributed Systems Simplified on Kubernetes
Avatar for Brandon Philips philips
2
570

Other Decks in Technology

See All in Technology
20260204_Midosuji_Tech
Avatar for Takuya Yonezawa takuyay0ne
1
160
Frontier Agents (Kiro autonomous agent / AWS Security Agent / AWS DevOps Agent) の紹介
Avatar for msysh msysh
3
190
ファインディの横断SREがTakumi byGMOと取り組む、セキュリティと開発スピードの両立
Avatar for adachi.ryo rvirus0817
1
1.6k
Why Organizations Fail: ノーベル経済学賞「国家はなぜ衰退するのか」から考えるアジャイル組織論
Avatar for Yasunobu Kawaguchi kawaguti
PRO
1
200
Codex 5.3 と Opus 4.6 にコーポレートサイトを作らせてみた / Codex 5.3 vs Opus 4.6
Avatar for ama-ch ama_ch
0
200
日本の85%が使う公共SaaSは、どう育ったのか
Avatar for たけだ taketakekaho
1
240
【Ubie】AIを活用した広告アセット「爆速」生成事例 | AI_Ops_Community_Vol.2
Avatar for Yoshiki yoshiki_0316
1
120
顧客の言葉を、そのまま信じない勇気
Avatar for yamatai12 yamatai1212
1
360
AIと新時代を切り拓く。これからのSREとメルカリIBISの挑戦
Avatar for ktykogm 0gm
2
3.2k
Greatest Disaster Hits in Web Performance
Avatar for Estela Franco guaca
0
290
Kiro IDEのドキュメントを全部読んだので地味だけどちょっと嬉しい機能を紹介する
Avatar for khmoryz khmoryz
0
210
制約が導く迷わない設計 〜 信頼性と運用性を両立するマイナンバー管理システムの実践 〜
Avatar for ないとー bwkw
3
1k

Featured

See All Featured
Exploring the relationship between traditional SERPs and Gen AI search
Avatar for Ray Grieselhuber raygrieselhuber
PRO
2
3.6k
ラッコキーワード サービス紹介資料
Avatar for ラッコ株式会社 rakko
1
2.3M
Performance Is Good for Brains [We Love Speed 2024]
Avatar for Tammy Everts tammyeverts
12
1.4k
How to Ace a Technical Interview
Avatar for Jacob Kaplan-Moss jacobian
281
24k
Designing Dashboards & Data Visualisations in Web Apps
Avatar for Des Traynor destraynor
231
54k
Building a Scalable Design System with Sketch
Avatar for Laura Van Doore lauravandoore
463
34k
Why Your Marketing Sucks and What You Can Do About It - Sophie Logan
Avatar for Sophie Logan marketingsoph
0
77
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
Avatar for Vitaly Friedman smashingmag
254
22k
Scaling GitHub
Avatar for Zach Holman holman
464
140k
Reflections from 52 weeks, 52 projects
Avatar for Jefferson Lam jeffersonlam
356
21k
How STYLIGHT went responsive
Avatar for nonsquared nonsquared
100
6k
Self-Hosted WebAssembly Runtime for Runtime-Neutral Checkpoint/Restore in Edge–Cloud Continuum
Avatar for Yuki Nakata chikuwait chikuwait
0
340

Transcript

  1. Brandon Philips @brandonphilips | [email protected] The Journey to #GIFEE Intro

    to the Open Source

  2. Secure the Internet MISSION

  3. None
  4. None
  5. None
  6. None
  7. None
  8. None

  9. 3 Application packaging Clustering Linux at scale

  10. #GIFEE Borg/Omega Linux Chubby

  11. #GIFEE Borg/Omega Linux Chubby

  12. #GIFEE Borg/Omega Linux Chubby

  13. Avoid single points of failure Design for constant updates Consistent

    environment Why build #GIFEE?

  14. Why build #GIFEE? Design for constant updates

  15. Application Packaging 1

  16. Abstract away app from the OS OS App

  17. None
  18. None

  19. Base software managed by CoreOS kernel systemd OpenSSH

  20. Protect apps from each other Isolated network namespace Isolated file

    system namespace Mixed versions of dependencies eg. python 3.4 & python 2.7

  21. $ sudo rkt run coreos.com/etcd:v2.0.0 $ sudo rkt run coreos.com/etcd:v2.0.0

    \ --cpu=750m --memory=128M $ sudo rkt run --net=host coreos.com/etcd:v2.0.0 rkt run

  22. Search container metadata Identify vulnerabilities Explain update actions Clair container

    security auditing

  23. After scanning millions of containers we found that over 80%

    still had Heartbleed 80% Clair container security auditing
  24. None

  25. In-Progress Universal Container Format Packaged Downloaded Verified

  26. Linux at Scale 2

  27. Patches to the OS and kernel are hard Retest after

    updates No automation SECURITY Dependency breakage Uptime risk APPLICATION
  28. None

  29. Auto-updating browsers fixed security We got HTML5 at the same

    time

  30. Atomic operating system updates

  31. Atomic operating system updates

  32. Clustering 3

  33. Patches to the OS and kernel are hard Retest after

    updates No automation SECURITY Dependency breakage Uptime risk APPLICATION

  34. Patches to the OS and kernel are hard No automation

    SECURITY Uptime risk APPLICATION

  35. Operations Paradise Easy scale out Painless app upgrades Tolerant of

    machine failure

  36. App Req/sec: 6,000 App Healthy: True

  37. App Req/sec: 6,000 App Healthy: True

  38. App Req/sec: 7,000 App Healthy: True

  39. App Req/sec: 8,000 App Healthy: True

  40. App Req/sec: 7,000 App Healthy: True

  41. App Req/sec: 6,000 App Healthy: True

  42. App Req/sec: 8,000 App Healthy: True

  43. App Req/sec: 7,000 App Healthy: True

  44. App Req/sec: 8,000 App Healthy: True

  45. App Req/sec: 8,000 App Healthy: True

  46. App Req/sec: 8,000 App Healthy: True

  47. When do you need cluster coordination? Leader election Cluster-wide Semaphores

    Service discovery Dynamic configuration

  48. Hard Computer Science Problem ?

  49. Hard Computer Science Problem Chubby

  50. A highly-available key value store for shared configuration and service

    discovery
  51. None
  52. None
  53. None
  54. None
  55. None
  56. None
  57. None

  58. No existing “cloud native” solutions Simple HTTP + JSON APIs

    Dynamic reconfiguration Why build etcd?

  59. Simple key/value “Distributed etc” Keys are versioned Changes can be

    watch

  60. Cluster-wide reboot lock - locksmith Service discovery - vulcand, skydns

    Cluster orchestration - k8s, cloud foundry

  61. Industry Adoption 500+ projects on Github

  62. App Req/sec: 8,000 App Healthy: True

  63. App Req/sec: 8,000 App Healthy: True

  64. App Req/sec: 8,000 App Healthy: True

  65. App Req/sec: 8,000 App Healthy: True

  66. Kubernetes is our choice for orchestration platform

  67. Guides & Tools coreos.com/kubernetes kube-aws Cloud-configs

  68. Upstream rktnetes Auth/OIDC Node self-signed TLS

  69. Scaling 15x scheduler performance 30k pods on 1k nodes SIG-scale

  70. 3 Application packaging Clustering Linux at scale

  71. Sounds good, but... Is anyone successful with all this in

    prod?

  72. Publically traded options exchange

  73. Containers on CoreOS are powering ISE's high- throughput, low-latency financial

    exchange Running in production Bare metal & AWS Billions of transactions a day 150 million req/sec
  74. None

  75. Secure the Internet MISSION

  76. coreos.com/fest - @coreosfest May 9 & 10, 2016 - Berlin,

    Germany
  77. None

  78. Thank you! Brandon Philips @brandonphilips | [email protected] | coreos.com We’re

    hiring in all departments! Email: [email protected] Positions: coreos.com/ careers