11thDockerMeetupSwitzerland

Docker Meetup | container-solutions.com | info@container-solutions.com | @michmueller_
Orchestrator
comparison
11th Docker Switzerland User Group Meetup

How important is orchestration and what is it for ?
- Might not need it for small apps
- No orchestration == manual orchestration
- Manually place containers, network, scale, check, update
- Microservices | Cloud Native Applications

Design principles for Cloud Native Applications:
- Design for Performance: responsive; concurrency; efficiency
- Design for Automation: automate dev & ops tasks
- Design for Resiliency: fault-tolerant; self-healing
- Design for Elasticity: automatically scale
- Design for Delivery: short roundtrips; automated delivery
- Design for Diagnosability: cluster-wide logs, traces, metrics

Welcome to the socks shop

Microservice reference application
- Intended to help people get started with microservices
- Great for comparing frameworks etc
- Similar to "Pet Store"for Java
- ... or TodoMVC for JavaScript
Lots of implementations already
https://github.com/microservices-demo/microservices-demo/tree/master/dep
loy

Architecture

Comparing
Orchestrators

Comparing orchestrators
- All work and are improving rapidly
- Understand the differences
- Understand your requirements
- Please don't roll your own!

The players
- Kubernetes
- Mesos (different workloads)
- Docker Swarm Mode
- Plus others
- Nomad, PaaSs...

Side note - The Borg/Omega paper
- Influential papers from Google
- Lessons learnt from 10 years with containers
- Google contributed cgroups to the Linux kernel, cgroups and linux
namespaces are the heart of containers

Docker swarm mode

Swarm mode
- New in Docker 1.12
- Docker Inc's official solution
- Part of core distribution
- Major improvement over old Swarm

Core components
- Manager nodes
- coordinate via Raft
- no need for separate etcd/zookeeper
- Worker nodes

Usability
- Docker native uses concepts from single-node Docker and extends them to
the Swarm.
- If you are up to date on Docker concepts, the learning curve is fairly
gradual.
- The setup for a swarm is trivial

Easy to install
docker swarm init
Swarm initialized: current node (10vh26gyxppo6j2vyb8rcvjwj) is now a
manager.
To add a worker to this swarm, run the following command:
docker swarm join
--token
SWMTKN-1-5td5x39z8jw69aloe8aaqs26c9vf6nc7pzfepsq0xfmo9ldfk2-2747zp8w
0enbccrjmkt1o8du3
172.17.9.102:2377
To add a manager to this swarm, run 'docker swarm join-token
manager' and follow the instructions.

Secure communication by default
- TLS set up using self-signed certs
- Certificates automatically rotated

Feature Set
- Services
- Networks
- Constraints and labels
- Support of volume drivers

Services
- Services
- Set of containers that are launched and a certain number of
containers are kept running at all times.
- There are two types of services, replicated or global.
- Replicated services maintain a specified number of containers
across the cluster
- Global services run one instance of a container on each of your
swarm nodes.

Networks
- You can create named overlay networks
- Using the named overlay network you can create isolated, flat, encrypted
virtual networks across your set of nodes to launch your containers into.

- Control which node a container can be scheduled on
- E.g:
- Only nodes labeled "staging"
- Only nodes which have the image
- Only the node running a given container (affinity)
Constraints and Filters

Other features
- Spread scheduling
- chooses "least loaded" node
- more options later
- Mesh Networking

Application definition
- Apps are defined in DAB can be deployed on a Swarm cluster
- Possible to scale individual containers defined in the DAB file (manual)
Testing Swarm Mode with Sock Shop:
https://raw.githubusercontent.com/microservices-demo/microservices-demo/master/deploy/swarmk
it/start-swarmkit-services.sh

Swarm mode advantages
- Easy to install
- Secure by default
- “Bundled with Docker”

Swarm Mode disadvantages
- New
- Some Docker features unsupported (privileged,
- DAB still WIP

Kubernetes

Kubernetes
- Based on Google's experience running containers
- Bakes in various features
- Load-balancing, secret management, RBAC, …
- More opinionated

Core concepts
- Pods
- Labels
- Services
- Deployments
- ReplicaSets

Pods
- Groups of containers deployed and scheduled together
- Atomic unit
- Containers in a pod share IP address
- Single container pods are common
- Pods are ephemeral

Labels
- K/V pairs attached to objects (primarily pods)
- e.g:"version: dev","tier: frontend"
- Label selectors then used to identify groups
- Used for load-balancing etc

Services
- Stable endpoints addressed by name
- Forward traffic to pods
- Pods are selected by labels
- Round-robin load-balancing
- Separates endpoint from implementation

Deployments & ReplicaSets
- ReplicaSets monitor status of Pods
- start/stop pods as needed
- Deployments start/create ReplicaSets
- Rollout/Rollback & Updates

Usability
- Setting up a production grade Kubernetes-cluster from scratch requires
setting up etcd, networking plugins, DNS servers and certificate authorities.
- Will change pretty soon. kubeadm already existing
- Beyond initial setup, Kubernetes still has a steep learning curve

Snap to install
kubeadm init
<master/tokens> generated token: "f0c861.753c505740ecde4c"
<master/pki> created keys and certificates in "/etc/kubernetes/pki"
<util/kubeconfig> created "/etc/kubernetes/kubelet.conf"
<util/kubeconfig> created "/etc/kubernetes/admin.conf"
<master/apiclient> created API client configuration
<master/apiclient> created API client, waiting for the control plane to become ready
<master/apiclient> all control plane components are healthy after 61.346626 seconds
<master/apiclient> waiting for at least one node to register and become ready
<master/apiclient> first node is ready after 4.506807 seconds
<master/discovery> created essential addon: kube-discovery
<master/addons> created essential addon: kube-proxy
<master/addons> created essential addon: kube-dns
Kubernetes master initialised successfully!
You can connect any number of nodes by running:
kubeadm join --token <token> <master-ip>

Application Definition
- A combination of Pods, Replication Controllers, Replica Sets, Services and
Deployments
- Each application tier is defined as a pod and can be scaled when managed
by a Deployment or ReplicationController/ReplicaSet. The scaling can be
manual or automated
- Auto-scaling using a simple number-of-pods target is defined declaratively
with the API exposed by ReplicationControllers or ReplicaSets
Testing kubernetes with Sock Shop:
https://github.com/microservices-demo/microservices-demo/blob/master/dep
loy/kubernetes/complete-demo.yaml

Kubernetes Advantages
- Snap to install
- Currently limited to a single master installation
- Currently limited to a single etcd installation
- Advanced features baked-in
- Lot of momentum behind the community

Kubernetes disadvantages
- Harder to get started
- Extra concepts

Conclusion
- Different options with different strengths
- In some ways surprisingly similar (k8s deployment | Swarm service)
- Hard to predict a winner
- All are much better than rolling-your-own

11thDockerMeetupSwitzerland

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Andere mochten auch

Andere mochten auch (19)

Ähnlich wie 11thDockerMeetupSwitzerland

Ähnlich wie 11thDockerMeetupSwitzerland (20)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

11thDockerMeetupSwitzerland