Can traditional applications be containerized? Does it make sense to do so? In this meetup session we tackle some of these questions, with a focus on managing stateful applications using Docker or other container technologies!
2. Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 2
“We started Nirmata to bring DevOps agility to all enterprises!”
Jim Bugwadia
Founder and CEO at Nirmata
Ritesh Patel
Founder and Product Lead at Nirmata
Developer, architect, and leadership roles at
Cisco, Trapeze Networks, and Pano Logic,
Bell Labs, Motorola. Univ of Illinios.
Developer and business leadership at
Brocade, Trapeze Networks, Nortel and
Motorola. MBA from Berkley Haas
3. Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 3
Why Nirmata?
Software infrastructure is best
delivered “as-a-service”
Cloud-native applications need
cloud-native management
Applications should not be
locked in to a cloud provider
1
2
3
• Founded Sep 2013 ->
Beta Jan 2015 -> GA 2016!
• Fortune 50 as well as startup
customers in production
• 1M+ pulls; 10K+ managed
containers per month!
• Wide range of apps – from
Enterprise IT to IoT!
we believe….
4. Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 4
Containerizing Traditional Applications
• Why bother?
• Can traditional applications be containerized?
• How to containerize traditional applications
• Step-by-step demo
• Questions & Answers
5. Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 5
Why containerize an existing application?
Agility
Portability
Consistency
Control
Efficiencies
6. Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 6
‐ University blog
‐ Apache 2.2.10
‐ OpenSSL 0.9.8H
‐ Java 1.6 (EOL 2/13)
‐ Confluence 5.6.5
Application
https://blog.docker.com/2016/07
/it-all-started-with-dockerizing-
an-old-version-of-confluence-
with-docker-datacenter/
1592
staff hrs saved over 6 mos
‐ Manual upgrade processes
‐ Older versions of software
‐ 6 month upgrade process
‐ Variations across environments
‐ Untracked customizations
Challenges
2 months
project time ‐ App portable to any cloud
‐ Frequent upgrades possible
‐ Reduced downtime; improved
HA and DR
‐ Staff can now focus on
strategic projects!
Benefits
10X
productivity gain
7. Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 7
‐ Web Portal App
‐ Liferay on tcServer
‐ PHP app-tier
‐ Nginx LB
‐ Gemfire, MySQL
Application
‐ Several hours to deploy a new
environment
‐ Variations across different
environment types
‐ Coordinating across large
distributed DevOps team
Challenges
3 months
project time ‐ Reduced applictaion deploy
time to under 5 minutes
‐ Immutable images for
consistency across env types
‐ Fully automated updates via
vRealize Automation suite
Benefits
48X
productivity gain
http://devops.com/2015/08/31/
webinar-enabling-devops-and-
containers-on-vmware-with-
nirmata/
IT Applications
82,246
staff hrs saved over 12 mos
8. Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 8
Can traditional apps be containerized?
Yes! Consider containerizing :
• 3rd party apps that are:
o mission critical
o require manual maintenance and updates
• Custom developed applications with:
o complex configurations
o time-consuming and semi-automated deployments
9. Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 9
Key Considerations for Containerizing any App
1. Application state
2. Mapping components / tiers to containers
3. Networking
4. Storage
5. Security
10. Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 10
Containers are ephemeral and so only good
for stateless microservices-style applications.
here’s a common myth:
11. Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 11
Application State
• All applications are stateful!
• Architectural patterns describe how to package with state
and behaviors:
o In 3-tier applications, state is delegated to a data-tier or a mid-tier
cache.
o In microservices-style applications, each service instance is stateless
for elasticity and resiliency and each service has its own data
management
12. Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 12
Types of application state
1. Persistent State
2. Configuration State
3. Session State
4. Connection State
5. Cluster State
13. Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 13
Persistent State
Domain data that needs to survive application restarts and outages.
Typically stored in a database tier with durable storage and backups.
Host
Container
Host
Container
Host
Container
Data in the container
Lost when the container terminates
Data in a Host Volume
Lost when the host terminates
Networked Volume / File System
Independent of host and container
14. Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 14
Persistent State
Containerization solutions and best practices:
• Try to manage DB as a separate tier (possibly shared across apps)
with its own lifecycle
• Use host storage and container host volumes for smaller datasets
and if database software handles stateless replicas
• Use shared file systems, or shared volumes, if data needs to be
pinned to replicas and managed independently of hosts. Check
orchestration support.
15. Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 15
Configuration State
Non-domain data required by the application to execute. For example:
addresses, tunables, secrets, etc.
Containerization solutions and best practices:
• Environment variables for non-sensitive configuration data
• Encrypted and trusted store (KeyWhiz, Vault, etc.) for secret data. Use
one-time keys, or volumes, to make secrets available to containers.
• Dynamic property service (NetflixOSS Archaius, NirmataOSS go-configfiles) if
data needs to be changed without requiring a restart.
16. Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 16
Session State
User data associated with login session. Commonly used in multi-page
web applications, so all pages see user information.
Load
Balancer
Server 1
Server 2
Server 3
User 1
User 2
User 2
Connection
User 1
Connection
my.app.com
User 1
Session
User 2
Session
17. Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 17
Session State
Containerization solutions and best practices:
• Traditional load-balancers (e.g. HAProxy etc.) support “sticky sessions”
but need to be made container-aware, and require management.
• Container-native load balancers (e.g. Avi, NetflixOSS Zuul, Nirmata Service
Gateway, etc.) allow Layer 7 routing with “sticky sessions”, dynamically
handle container updates and are themselves delivered as
microservices (stateless, elastic, and resilient!)
18. Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 18
Connection State
Protocols like Websockets are “stateful” as the client and server can
exchange a sequence of messages.
Containerization solutions and best practices:
• Layer 4 load balancers support TCP (port-based) load-balancing but
need to be made container-aware, and require management.
• Container-native load balancers (e.g. Avi, Nirmata Service Gateway, etc.)
also allow Layer 4 TCP routing, dynamically handle container updates
and delivered as microservices (stateless, elastic, and resilient!)
19. Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 19
Cluster State
Clustered applications share and maintain state across members.
Solutions and best practices:
1. Determine how cluster members are bootstrapped and updated
• If addresses and ports, the container orchestrator will need to support. Kubernetes
introduced PetSets. Nirmata supports has staged deployments with reservations.
• Use static IP addresses or names, if the number of cluster members is known.
• Consider using host mode networking if static IPs addresses (or names) are used.
2. Determine how membership roles are handled
• If the cluster requires static roles, some in-container scripting along with variable
injection will be needed.
20. Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 20
Containers are ephemeral and so only good
for stateless microservices-style applications.
here’s a common myth:
21. Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 21
Steps to Containerize any Application
1. Identify and handle application state
persistent state, configuration state, session state, connection state, cluster state
2. Decide on how many containers
Single container? Split each tier? Split a tier into multiple services?
3. Select container networking options
Service Discovery or Dependency Injection? - Bridge mode? Host Mode? Overlay? Network plugin?
4. Select container storage options
Host storage? Shared storage? Volume plugin?
5. Select container security options
Privileges, host & net segregation, access controls, secrets, image scanning & signing
23. Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 23
Web Application
(Apache Tomcat 7.x)
RDBMS
(HSQLDB/MySQL)
https://github.com/spring-projects/spring-petclinic
https://github.com/NirmataOSS/petclinic-mysql
Application: Pet Clinic
• Java/Spring application
• Relational Database
24. Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 24
Summary
• Traditional and stateful applications
can be containerized.
• There are huge benefits with
containerizing traditional applications.
• Containerizing traditional apps on VMs
is a great way to get started
try.nirmata.io
25. Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 25
Get in touch
o jim@nirmata.com,
o @JimBugwadia
o https://www.linkedin.com/in/jimbugwadia
o ritesh@nirmata.com
o @riteshdp
o https://www.linkedin.com/in/patelrit
we love to help!