Shrink your application containers, shrink your host OS, shrink your servers, shrink your Data Centre, choose Microservices!

1. 1
Microcontainers, Microservices, Microservers.
Less [Linux] is more!
Belfast Devops
15/09/2015
Dermot Bradley
dermot_bradley@yahoo.com
http://uk.linkedin.com/in/bradleydermot

2. 2
My Background
1993-1997 Set up first ISP in Northern Ireland (Genesis Project Ltd)
1997-2006
Senior Technical Support Engineer @
Aldiscon/APiON/Openwave Systems
2006-2011
Mobile Technology Consultant @ SLA Mobile, on-site at
Vodafone Global in Germany
2011-2012
Contractor @ Alcatel-Lucent Network Services in
Germany
2012-2015 Contractor @ Vodafone Group Services in Germany
2015 April-August Sabbatical/career break
2015 September Senior Linux Administrator @ Proofpoint

3. 3
Talk Overview
In a Microservices vision large scale services can be built by combining
Application Containers like Lego bricks. However App Containers are not
usually lightweight – a typical Docker container uses Ubuntu as its base.
Alternatively if based on minimal Linux distributions or (in a more extreme
case) applications are just statically linked, the resulting containers can be
far smaller. Lightweight means faster startup & migration time between
hosts and less RAM use. And as for the container hosts? Whether VM
instances or bare metal, the underlying OS can also be stripped right down
– CoreOS and RancherOS were designed with exactly this in mind.
Together lightweight containers and hosts mean savings – fewer, smaller,
cheaper cloud VM instances or bare metal servers (such as Microservers)
and potentially improved security.

4. 4
The progression from physical machines to
application containers

5. 5
Physical Machines
● Real machines hosting applications
● Individual machines often dedicated to hosting only a
single or a few applications
● Typically machines are underutilised (CPU, RAM use)
IBM HPDELL* * *
* apparently use of their logos requires prior written permission!

6. 6
Virtual Machines
●
Provides a degree of application isolation allowing
several physical machines to be replaced by 1 physical
machine hosting multiple VMs
●
Results in better physical machine utilisation

7. 7
OS Containers
●
Single kernel shared between containers – better I/O
(disk, network) performance than VMs but “weaker”
security isolation between containers
●
Faster startup time than VMs

8. 8
Application Containers
●
An application plus “just enough” OS to support the app
(i.e. no sshd, no syslogd, no init, etc)
●
Immutable Infrastructure – no need to use
Puppet/Chef/Ansible/Salt to manage them
●
The same container is portable across physical hosts,
VMs, and multiple cloud providers
●
The exact same container can be run on a developer's
laptop, in a testlab, and in production environment

9. 9
Various architectures of container use
Physical
Machine
Physical
Machine
Host OS
Host OSHost OS
Hypervisor
Cont
ainer
Cont
ainer
Cont
ainer
Cont
ainer
Cont
ainer
Cont
ainer
Cont
ainer
Cont
ainer
Cloud
Provider
Responsibility
Cloud
Provider
Responsibility
Bare Metal Virtualisation Cloud for VMs Cloud for
Containers

10. 10
Reducing the size of App Containers

11. 11
The range of sizes
Normal “full fat” Linux distribution
Lean but generic Linux distribution
Minimal application-specific container
(perhaps just a statically-linked binary)
Larger
Smaller

12. 12
Minimal App Containers (1)
An application-specific container where the application
is compiled & either statically linked (resulting in just a
single binary file in the container) or dynamically
linked (resulting in a binary plus dependant libraries).

13. 13
Minimal App Containers (2)
●
“dockerize” is a utility that analyses a dynamically-
linked binary to create a container with the binary plus
just the libraries it needs.
●
“gockerize” is a utility for building statically linked
golang binaries and creating Docker container
images.

14. 14
Minimal App Containers (3)
Examples of “extreme” minimal containers:
●
Nginx (with Openssl) – 3.034MB
●
Python (StaticPython) – 8.5MB
●
PostgreSQL – 15.82MB
http://mwcampbell.us/blog/tiny-docker-musl-images.html
https://github.com/elyase/docker/tree/master/staticpython
http://yasermartinez.com/blog/posts/creating-super-small-docker-images.html

15. 15
“Off the shelf” App Container base sizes

16. 16
Alpine Linux (1)
● Distribution based on musl and Busybox
● Official base image size in Docker Hub is only 5MB in size!
● Comes with a package manager. Large number of common
applications already packaged.
● Provides a useful middle ground between normal “full fat”
distributions and handcrafted minimal app-specific containers.

17. 17
Alpine Linux (2)
NGINX – 8MB
OpenJDK Java 7 JRE, 123MB
Oracle Java 8 JRE, 173MB
Example sizes of Alpine-based containers:

18. 18
Reducing the size of the Host OS

19. 19
Host OS Options (1)
● RancherOS, 20MB
● Boot2Docker, 24MB
● CoreOS, 190MB
● Vmware Photon OS, 207MB
● Intel ClearLinux, 800MB
● Project Atomic, 800MB
●
Snappy Core Linux, 3.9GB??
Container-oriented distributions:

20. 20
Host OS Options (2)
●
TinyCore Linux, 10MB+
●
Alpine Linux, 87MB+
Generic distributions:
Size is of base distribution, does not take into account size of Docker tools etc...

21. 21
Combined small App Containers with small Host
OS

22. 22
Benefits of combined reductions
● Smaller spec Cloud VMs or physical servers can be utilised
● Cost savings!
● Quicker app container and/or host VM migration
● Smaller attack surface

23. 23
Special case: App Container & slim VM merged

24. 24
Intel Clear Containers
● KVM hypervisor
● Uses kvmtool (no need for BIOS/UEFI)
● Stripped-down Linux kernel (only Virtio devices)
● Systemd as init
● Rkt containers supported (docker support soon)
● Startup almost as fast (150ms) as native container
● Per-container RAM overhead of 18-20MB
● Container running inside a lightweight VM

25. 25
Microservices

26. 26
Microservices (1)
“Microservices is a software architecture style in which
complex applications are composed of small, independent
processes communicating with each other using language-
agnostic APIs. These services are small, highly decoupled and
focus on doing a small task, facilitating a modular approach to
system-building”
Wikipedia definition:
http://en.wikipedia.org/wiki/Microservices

27. 27
Microservices (2)
●
“small independent processes”
●
“highly decoupled”
●
“modular approach to system building”
App Containers fit the Microservices model perfectly:

28. 28
Microservices (3)
Database Database
Application
Content
Server
Load
Balancer
Content
Server
Application Application
Lego brick
approach to
building
services

29. 29
Microservices (4)
●
Load Balancer: HAproxy
●
Content Server: Apache, Nginx
●
Application run-times: Perl, PHP, Python, Ruby,
Node.js, JVM
●
Database: MariaDB, PostgreSQL, MongoDB
●
Caching: Memcached, Varnish
Typical App Container building blocks:

30. 30
Microservices (5)
Perhaps there is a demand for a curated set of such
minimal App Container building blocks?
Am I volunteering? Who knows...

31. 31
Microservers

32. 32
Microservers (1)
Dell CS5220 12 unit chassis

33. 33
Microserver (2)
Facebook/OCP Mono Lake <90W microserver for Yosemite sled

34. 34
Microservers (3)

35. 35
Microservers (4)
● Low cost, low power usage, small size physical server
● Not every task needs high-end CPUs and lots of RAM

36. 36
Micro Data Centre

37. 37
Micro Data Centre (1)

38. 38
Micro Data Centre (2)
● Small rack cabinet with multiple compute nodes,
storage nodes, admin node(s), network switch, UPS,
etc
● 10U cabinet capable of hosting 4000+ containers?

39. 39
Micro Data Centre (3)
● No special (physical, power, cooling) room
requirements unlike a normal data centre
● Easier to keep data on-site for legal or privacy
reasons
● Potentially economical to have multi-site redundancy
with 2 MDCs in separate but geographically-close
(low network latency) locations

40. 40
Personal experimentation – my current Micro
Data Centre

41. 41
Testlab summary
● Multiple Compute Nodes
● 3+ Storage Nodes
● Admin Node
● Managed Switch

42. 42
Compute Nodes (1)
●
Off-the-shelf Mini-ITX motherboards with low power
CPUs (with passive heatsinks or heatsink/fans)
●
Small amounts of RAM, 4-8Gb. Low power (1.35V)
DDR3L if possible.
●
No local storage
●
Low wattage small power supply
●
Machines PXE boot the Host OS and run directly from
RAM

43. 43
Compute Nodes (2)

44. 44
Compute Nodes (3)
●
My intention is to make a custom low-cost blade-type
chassis for nodes.
●
Chassis will be approx. 6U high and 250mm deep with
12 compute nodes per chassis.
●
Individual nodes will be approx. 6Ux 35mm x 245mm

45. 45
Storage Nodes
●
Low power CPUs on Mini-ITX motherboards
●
Mix of SSDs and HDDs
●
Using CEPH to provide storage services

46. 46
Admin Node
Pair of HDDs used with software mirroring
●
Provides DHCP/TFTP/HTTP services for PXE booting
Compute Nodes
●
Will run InfluxDB, ElasticSearch and Kibana for metric
and log analysis

47. 47
Network Infrastructure
●
Gigabit Ethernet managed switch with VLAN, IPv6, and
SSH support
●
Use Ansible, via SSH, to configure the switch
●
Plan is for all containers & hosts to use only IPv6
addressing. The entry point to the “cloud” (i.e. Load
Balancer) will handle both IPv4 and IPv6 external
addresses and forward traffic onwards to internal IPv6
addresses.

48. 48
The End!
Questions?