Container management with Docker, Mesos/Marathon & Kubernetes

Slide 1

Slide 1 text

Slide 2

Slide 2 text

© 2015 Mesosphere, Inc. All Rights Reserved. AGENDA 2 1. Goals & teams (10min) 2. Container 101 (30min + 50min) 3. Mesos & Marathon (30min + 30min) 4. Kubernetes (30min + 30min) 5. Putting it all together (2h+) 6. Wrap up (15min)

Slide 3

Slide 3 text

Slide 4

Slide 4 text

© 2015 Mesosphere, Inc. All Rights Reserved. GOALS 4 • Understand container basics incl. Docker • Able to ﬁnd and launch Docker images, create own, troubleshoot containers • Understand orchestration options • Understand deployment options • Able to implement an application using Docker, Kubernetes & Marathon

Slide 5

Slide 5 text

Slide 6

Slide 6 text

© 2015 Mesosphere, Inc. All Rights Reserved. YOUR TEAM ... 6 • We have 10 clusters prepared → team up in groups of 3 to 4 people • Find a place where you can work together • One person should drive, others help/comment/plan • Reach out to one of the Mesosphere team members to announce team • Check against http://j.mp/velocity-2015-container-training

Slide 7

Slide 7 text

Slide 8

Slide 8 text

© 2015 Mesosphere, Inc. All Rights Reserved. LINUX  CONTAINERS 8 The why and the what: • Containers vs VMs • dependency management • lightweight (startup time, footprint, average runtime) • isolation & security • pets vs cattle

Slide 9

Slide 9 text

© 2015 Mesosphere, Inc. All Rights Reserved. WHAT  IS  THIS  ALL ABOUT? 9 Pets vs Cattle Pets are individuals that you give names and when they get ill you nurse them back to health. Cattle are anonymous, identical to other cattle you assign numbers and when they get ill → next one. http://www.theregister.co.uk/2013/03/18/servers_pets_or_cattle_cern/

Slide 10

Slide 10 text

© 2015 Mesosphere, Inc. All Rights Reserved. CONSEQUENCES  OF GOING  ALL-IN WITH  CATTLE APPROACH 10 Pets vs Cattle • scale out on commodity hardware • elasticity • 'cheap' & 'simple' • R U on pager duty? Just sleep through! • social ≫ technology challenge • new technical challenges such as service discovery http://www.theregister.co.uk/2013/03/18/servers_pets_or_cattle_cern/

Slide 11

Slide 11 text

© 2015 Mesosphere, Inc. All Rights Reserved. LINUX  CONTAINERS 11 • namespaces • Isolate PIDs between processes • Isolate process to network resources • Isolate the hostname to fake it out (UTS) • Isolate the filesystem mount points (chroot) • Isolate inter process communication (IPC) • Isolate specific users to specific processes • cgroups  https://sysadmincasts.com/episodes/14-introduction-to-linux-control-groups-cgroups

Slide 12

Slide 12 text

Slide 13

Slide 13 text

© 2015 Mesosphere, Inc. All Rights Reserved. DOCKER 13 Registries • Docker Hub  https://hub.docker.com/ • Google Cloud  https://cloud.google.com/tools/container-registry/ • AWS  https://aws.amazon.com/ecr/ • Run your own  https://docs.docker.com/registry/deploying/

Slide 14

Slide 14 text

Slide 15

Slide 15 text

Slide 16

Slide 16 text

Slide 17

Slide 17 text

© 2015 Mesosphere, Inc. All Rights Reserved. • A top-level ASF project • A cluster resource negotiator • Scalable to 10,000s of nodes but also useful for a handful of nodes • Fault-tolerant, battle-tested • An SDK for distributed apps • Native Docker support 17 Apache Mesos

Slide 18

Slide 18 text

Slide 19

Slide 19 text

© 2015 Mesosphere, Inc. All Rights Reserved. Master Node(s) Master Node(s) Slave Node(s) Master Node(s) Master Node(s) Master Node(s) Mesos Task Mesos Task Framework Scheduler Framework Scheduler Framework Container Mesos Mesos Slave SETUP 19 Mesos

Slide 20

Slide 20 text

Slide 21

Slide 21 text

Slide 22

Slide 22 text

Slide 23

Slide 23 text

Slide 24

Slide 24 text

Slide 25

Slide 25 text

Slide 26

Slide 26 text

Slide 27

Slide 27 text

Slide 28

Slide 28 text

Slide 29

Slide 29 text

Slide 30

Slide 30 text

Slide 31

Slide 31 text

Slide 32

Slide 32 text

Slide 33

Slide 33 text

Slide 34

Slide 34 text

Slide 35

Slide 35 text

Slide 36

Slide 36 text

Slide 37

Slide 37 text

© 2015 Mesosphere, Inc. All Rights Reserved. MEET THE DATACENTER OPERATING SYSTEM 37 Any Service or Container Any Infrastructure Mesosphere DCOS Your favorite services, container formats, and those yet to come Build apps once on DCOS, and run it anywhere Runs distributed apps anywhere   as simply as running apps on your laptop

Slide 38

Slide 38 text

Slide 39

Slide 39 text

© 2015 Mesosphere, Inc. All Rights Reserved. DCOS IS A DISTRIBUTED OPERATING SYSTEM 39 • kernel (Apache Mesos, written in C++) scales to 10,000 of nodes • fault-tolerant in all components, rolling upgrades throughout • containers ﬁrst class citizens (LXC, Docker) • local OS per node (+container enabled) • scheduling (long-lived, batch) • service discovery, monitoring, logging, debugging

Slide 40

Slide 40 text

Slide 41

Slide 41 text

© 2015 Mesosphere, Inc. All Rights Reserved. BENEFITS 41 • Run stateless services such as Web servers, app servers (via Marathon) and stateful services like Crate, Kafka, HDFS, Cassandra, ArangoDB etc. together on one cluster • Dynamic partitioning of your cluster, depending on your needs (business requirements) • Increased utilization (10% → 80% an more)

Slide 42

Slide 42 text

Slide 43

Slide 43 text

Slide 44

Slide 44 text

Slide 45

Slide 45 text

© 2015 Mesosphere, Inc. All Rights Reserved. MARATHON 45 An init System for datacenters • starts instances of your stateless service somewhere in the cluster, for example as Docker containers • restarts the instances somewhere in the cluster if they crash • It's a “meta-framework"

Slide 46

Slide 46 text

© 2015 Mesosphere, Inc. All Rights Reserved. 46 BASICS • apps and groups • health checks HTTP API • curl | http • DCOS CLI TEAM PLAYER • Integrates nicely into the DCOS ecosystem • Doesn’t try to solve everything itself MARATHON 101

Slide 47

Slide 47 text

© 2015 Mesosphere, Inc. All Rights Reserved. MARATHON 47 { "id": "webserver", "cmd": "python3 -m http.server 8080", "cpus": 0.5, "mem": 32.0, "container": { "type": "DOCKER", "docker": { "image": "python:3", "network": "BRIDGE", "portMappings": [ { "containerPort": 8080, "hostPort": 0 } ] } }, "acceptedResourceRoles": [ "slave_public" ], "constraints": [ [ "hostname", "UNIQUE" ] ] }

Slide 48

Slide 48 text

Slide 49

Slide 49 text

Slide 50

Slide 50 text

© 2015 Mesosphere, Inc. All Rights Reserved. WHAT IS KUBERNETES? 50 • open source container orchestration system • scheduling apps onto nodes + scaling • manages apps to match declared intentions • based on Google's internal cluster managers such as Borg

Slide 51

Slide 51 text

Slide 52

Slide 52 text

© 2015 Mesosphere, Inc. All Rights Reserved. KUBERNETES CONCEPTS 52 • container—sealed application package (Docker) • pod—small group of tightly coupled containers • labels—identifying metadata attached to objects (pods, services, etc.) • selector—query against labels, producing a set result • controller—control loop driving current state towards desired state • service—set of pods that work together (incl. proxy/load balancer)

Slide 53

Slide 53 text

© 2015 Mesosphere, Inc. All Rights Reserved. KUBERNETES: PODS 53 • unit of scheduling • data sharing between its containers • shared mount point (volumes) • shared network namespace (same IP, see each other on localhost)

Slide 54

Slide 54 text

© 2015 Mesosphere, Inc. All Rights Reserved. KUBERNETES: LABELS & SELECTORS 54 • arbitrary metadata (in key-value format) attached to any API object • used for grouping, queryable by selectors • examples • pods managed by a replication controller • nodes capabilities for scheduling

Slide 55

Slide 55 text

Slide 56

Slide 56 text

Slide 57

Slide 57 text

© 2015 Mesosphere, Inc. All Rights Reserved. KUBERNETES: CLUSTER-WIDE SERVICES 57 • monitoring (e.g.: cAdvisor + InﬂuxDB + Heapster) • logging (e.g.: ﬂuentd + ES + Kibana) • DNS (e.g.: skydns + kube2sky) • all of the above can be replaced by custom solutions (GCP, AWS, etc.)

Slide 58

Slide 58 text

© 2015 Mesosphere, Inc. All Rights Reserved. KUBERNETES + MESOS Master Node(s) Master Node(s) Slave Node(s) Master Node(s) Master Node(s) kubectl Master Node(s) Mesos Master Mesos Slave Mesos Task Mesos Task Kublet Kubernetes Framework API Server Controller Manager Kube DNS Kube UI Proxy Kublet Proxy Scheduler 58

Slide 59

Slide 59 text

Slide 60

Slide 60 text

Slide 61

Slide 61 text

© 2015 Mesosphere, Inc. All Rights Reserved. BENEFITS 61 • Node-level auto-scaling • Dynamic partitioning: co-location of Kubernetes with other services such as Spark, Chronos, Cassandra, etc. on the same cluster • Independence from special network infrastructure • Mesosphere DCOS speciﬁc: • High Availability • Easy installation • Easy maintenance

Slide 62

Slide 62 text

© 2015 Mesosphere, Inc. All Rights Reserved. USE CASES 62 • Kubernetes: 100% containerized workloads (cloud-native apps) • Mesos/Marathon: containerized & non-containerized workloads • Kubernetes+Mesos: hybrid workloads • legacy apps/microservices integration • state-less + analytical workloads

Slide 63

Slide 63 text

Slide 64

Slide 64 text

Slide 65

Slide 65 text

Slide 66

Slide 66 text

Slide 67

Slide 67 text

Slide 68

Slide 68 text

Slide 69

Slide 69 text

Slide 70

Slide 70 text

© 2015 Mesosphere, Inc. All Rights Reserved. REFERENCES 70 Look up stuff: FAQ: help.mesosphere.com Docs: docs.mesosphere.com Talk with others and us about stuff: Slack: chat.mesosphere.com Intercom (embedded in DCOS) IRC: #mesos on irc.freenode.net

Slide 71

Slide 71 text

Slide 72

Slide 72 text

Slide 73

Slide 73 text

© 2015 Mesosphere, Inc. All Rights Reserved. SEE ALSO … 73 • @mhausenblas • mhausenblas.info • @mesosphere • mesosphere.io/product http://shop.oreilly.com/product/9781939902184.do http://p24e.io http://shop.oreilly.com/product/0636920039952.do https://manning.com/books/mesos-in-action