Building Infrastructure with Containers (SJSU Talk)

•Descargar como PPTX, PDF•

0 recomendaciones•1,529 vistas

How can contain two jedis Darth and Luke from each other? There are three building blocks of containers. 1. Namespace 2. CGroups 3. Capabilities

Tecnología

Building Infrastructure with
Containers
Pradeep Padala, Co-Founder/CTO
Presented at SJSU Operating Systems Class in Dec 2015

Operating System Level Virtualization
©ContainerX, http://containerx.io, @ContainerXInc

Containers
©ContainerX, http://containerx.io, @ContainerXInc

How to contain?
darth
(user: root)
(pid: 1)
luke
(user: root)
(pid: 2)
©ContainerX, http://containerx.io, @ContainerXInc

©ContainerX, http://containerx.io, @ContainerXInc

How to contain?
darth
(user: root)
(pid: 1)
luke
(user: root)
(pid: 2)
# pkill -9 luke
©ContainerX, http://containerx.io, @ContainerXInc

What If Darth can’t see Luke?
darth
(user: root)
(pid: 1)
luke
(user: root)
(pid: 2)
# pkill -9 luke
process not found
©ContainerX, http://containerx.io, @ContainerXInc

How to contain?
1. PID isolation
©ContainerX, http://containerx.io, @ContainerXInc

But, Darth can still see Luke 
darth
(user: root)
(pid: 1)
luke
(user: root)
(pid: 2)
# pkill -9 luke
process not found
# cd /home/luke
# rm –rf *
©ContainerX, http://containerx.io, @ContainerXInc

How to contain?
Namespaces
1. PID
2. File system (or mount)
3. UTS – isolate hostname, nodename
4. IPC – mq and other IPC objects
5. Network – sockets, IP address, network stack
6. …
©ContainerX, http://containerx.io, @ContainerXInc

Darth can’t see Luke!
darth
(user: root)
(pid: 1)
luke
(user: root)
(pid: 2)
# pkill -9 luke
process not found
# cd /home/luke
no such directory
©ContainerX, http://containerx.io, @ContainerXInc

But, resources are shared
darth
(user: root)
(pid: 1)
luke
(user: root)
(pid: 2)
# cat /dev/zero > /dev/null
©ContainerX, http://containerx.io, @ContainerXInc

$Use cgroups to limit resources group limitcpu { cpu { cpu.shares = 400; } } group limitmem { memory { memory.limit_in_bytes = 512m; } } ©ContainerX, http://containerx.io, @ContainerXInc$

How to contain?
1. Namespaces
2. Cgroups
©ContainerX, http://containerx.io, @ContainerXInc

We are not done yet
darth
(user: nonroot)
(pid: 1)
luke
(user: root)
(pid: 2)
$ bindto 22
©ContainerX, http://containerx.io, @ContainerXInc

Capabilities
Two modes
1. Run as root, deny all, grant selected capabilities
2. Run as non-root, grant selected capabilities
a) grant net_bind_service
©ContainerX, http://containerx.io, @ContainerXInc

How to contain?
1. Namespaces
2. Cgroups
3. Capabilities
©ContainerX, http://containerx.io, @ContainerXInc

Container Stack
Linux kernel with lxc
lxc user-space tools cgroups
Docker
©ContainerX, http://containerx.io, @ContainerXInc

Docker is a wrapper around lxc
simplifies container creation
©ContainerX, http://containerx.io, @ContainerXInc

Docker Images
Source: https://docs.docker.com/terms/layer/
©ContainerX, http://containerx.io, @ContainerXInc

Build layers using Dockerfile
FROM ubuntu
RUN apt-get install -y apache2
CMD ["/usr/sbin/apache2ctl", "-D", "FOREGROUND"]
©ContainerX, http://containerx.io, @ContainerXInc

Build, Run and Inspect a container
• Setup a Docker host using docker-machine
• Write a Dockerfile
• Build
• Run
• Inspect
©ContainerX, http://containerx.io, @ContainerXInc

Demo
©ContainerX, http://containerx.io, @ContainerXInc

How to manage multiple hosts and
containers?
• It’s easy to setup a Docker hos and run a container
• It’s “super hard” to manage many of them, why?
1. Scale
2. Allocating resources (compute, storage and network)
3. Day-to-day management
4. Running infrastructure efficiently
©ContainerX, http://containerx.io, @ContainerXInc

The Container Platform for Enterprise IT
©ContainerX, http://containerx.io, @ContainerXInc

kernel
lxc cg
Docker
kernel
lxc cg
Docker
kernel
lxc cg
Docker
kernel
lxc cg
Docker
kernel
lxc cg
Docker
On-Premise Cloud
©ContainerX, http://containerx.io, @ContainerXInc

Host and Container Management
• Cluster concept – aggregation
• Elasticity
• Addition and deletion of hosts
• Automatically in cloud environments
• Horizontal scaling
• Storage
• Network
©ContainerX, http://containerx.io, @ContainerXInc

Resource Management
0%
Green Container Pool
CPU Limit: 30%
Mem Limit: 30%
Priority: Medium
20% 0%
Yellow Container Pool
CPU Limit: 60%
Mem Limit: 70%
Priority: High
60%0%
Blue Container Pool
CPU Limit: 30%
Mem Limit: 20%
Priority: Low
20%
30%30% 40%
©ContainerX, http://containerx.io, @ContainerXInc

Resource Management Trade-offs
Utilization
vs
Isolation
©ContainerX, http://containerx.io, @ContainerXInc

Many Scheduling Algorithms
What works?
• Feedback based algorithms
• Simple heuristics
• Extensive simulation to understand corner cases
Real-world robustness is most important!
©ContainerX, http://containerx.io, @ContainerXInc

Cluster scheduling – feedback loop
Monitor
Control
Action
Stats
Performance goals
Control parameters
Model
Model can model
applications, containers,
and underlying resources
Change allocation
©ContainerX, http://containerx.io, @ContainerXInc

Summary
• What are containers?
• OS virtualization
• Namespaces + CGroups + Capabilities
• Docker
• Wrapper around lxc
• User-friendly containers
• Container management – hard!
• Aggregation, Elastiticy, Multi-tenancy …
• Feedback loop for cluster scheduling
©ContainerX, http://containerx.io, @ContainerXInc

Más contenido relacionado

La actualidad más candente

Docker for Developers - Part 2 by Borja Burgos and Fernando Mayo

Docker, Inc.

Developer workflow with docker

Lalatendu Mohanty

Карманный PaaS с Dokku (Александр Белецкий)

GeeksLab Odessa

Vagrant

Denys Kurets

Docker 1.11

Maciej Lasyk

Docker is a relatively new technology, but it is based on solid underpinnings of the Linux Kernel. It can provision instances in a fraction of the time versus a traditional virtual machine. This makes it a great candidate for development teams to create consistent test benches for their developers. To set up your own disposable Docker environments bring a laptop and make your development a pleasurable experience.

Building Reusable Development Environments with Docker

Revelation Technologies

Hide your development environment and application in a container

Johan Janssen

CONTAINERS WORKSHOP DURING SAUDI HPC 2016 : DOCKER 101, DOCKER, AND ITS ECO SYSTEM FOR DISTRIBUTED SYSTEMS by Walid Shaari This workshop will cover the Theory and hands-on of Docker containers, and Its eco system. The foundations of the Docker platform, including an overview of the platform system components, images, containers and repositories, installation , using Docker containers from repositories e.g. dockerhub, how to create a container using Dockerfile, containers development life cycle. The strategy is to demonstrate through "live demo, and shared exercise" the reuse and customization of components to build a distributed system case service gradually http://www.hpcsaudi.com/

Docker 101 @KACST Saudi HPC 2016

Walid Shaari

HP Advanced Technology Group: Docker and Ansible

Patrick Galbraith

Docker linuxday 2015

Massimiliano Dessì

Introduction to Docker Compose | Docker Intermediate Workshop

Ajeet Singh Raina

Puppeteerのお話

Shinji Kobayashi

dkr_django_slides

Gladson Manuel

Running Docker with OpenStack | Docker workshop #1

dotCloud

RHEL/Fedora + Docker (and SELinux)

Maciej Lasyk

Docker - 15 great Tutorials

Julien Barbier

Containerizing Web Application with Docker

msyukor

Installaling Puppet Master and Agent

Ranjit Avasarala

Intro to docker

Towfiqul Islam

Docker dDessi november 2015

Massimiliano Dessì

La actualidad más candente (20)

Docker for Developers - Part 2 by Borja Burgos and Fernando Mayo

Developer workflow with docker

Карманный PaaS с Dokku (Александр Белецкий)

Vagrant

Docker 1.11

Building Reusable Development Environments with Docker

Hide your development environment and application in a container

Docker 101 @KACST Saudi HPC 2016

HP Advanced Technology Group: Docker and Ansible

Docker linuxday 2015

Introduction to Docker Compose | Docker Intermediate Workshop

Puppeteerのお話

dkr_django_slides

Running Docker with OpenStack | Docker workshop #1

RHEL/Fedora + Docker (and SELinux)

Docker - 15 great Tutorials

Containerizing Web Application with Docker

Installaling Puppet Master and Agent

Intro to docker

Docker dDessi november 2015

Similar a Building Infrastructure with Containers (SJSU Talk)

Docker Kubernetes Istio

Araf Karsh Hamid

O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...

Ambassador Labs

DevAssistant, Docker and You

BalaBit

Accelerate your development with Docker

Andrey Hristov

Accelerate your software development with Docker

Andrey Hristov

Learning Docker with Thomas

Thomas Tong, FRM, PMP

This presentation will introduce you to Docker - the new shiny star on the Devops horizon. It will teach you everything you need to know to get started with Docker, why you'd want to use it and which tools to use to get the most out of it. Additionally to showing the basics, it will introduce helpful libraries available for the JVM and how they can be used together with Docker to create secure, scalable and maintainable cloud setups for your applications.

JDD2014: Docker.io - versioned linux containers for JVM devops - Dominik Dorn

PROIDEA

Docker_Interview_Questions__Answers.pdf

RifqiMultazamOfficia

2015 05-06-elias weingaertner-docker-intro

Haufe-Lexware GmbH & Co KG

Docker and the Container Revolution

Romain Dorgueil

Docker DANS workshop

vty

HPC Cloud Burst Using Docker

IRJET Journal

Docker San Francisco Meetup April 2015 - The Docker Orchestration Ecosystem o...

Patrick Chanezon

Containers Roadshow: How to Develop Containers for the Enterprise

Honza Horák

Recent changes in one desktop product generated many doubts in developer communities regarding containers. Can we still use or create them? Do we have alternatives to docker? We have some answers! Join us in this session to learn more about some popular docker alternatives. You can create containers without docker, and you can also run and publish them. There's life after docker, and containers are here to stay.

Containers without docker | DevNation Tech Talk

Red Hat Developers

[@NaukriEngineering] Docker 101

Naukri.com

Architecting .NET Applications for Docker and Container Based Deployments

Ben Hall

Docker for Developers

JasonStraughan1

In this webinar, Gary Forgheti, Technical Alliance Engineer at Docker, and Gunnar Aasen, Partner Engineering, provide an introduction to Docker and InfluxData. From there, they will show you how to use the two together to setup and monitor your containers and microservices to properly manage your infrastructure and track key metrics (CPU, RAM, storage, network utilization), as well as the availability of your application endpoints.

Introduction to Docker and Monitoring with InfluxData

InfluxData

Docker-Hanoi @DKT , Presentation about Docker Ecosystem

Van Phuc

Similar a Building Infrastructure with Containers (SJSU Talk) (20)

Docker Kubernetes Istio

O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...

DevAssistant, Docker and You

Accelerate your development with Docker

Accelerate your software development with Docker

Learning Docker with Thomas

JDD2014: Docker.io - versioned linux containers for JVM devops - Dominik Dorn

Docker_Interview_Questions__Answers.pdf

2015 05-06-elias weingaertner-docker-intro

Docker and the Container Revolution

Docker DANS workshop

HPC Cloud Burst Using Docker

Docker San Francisco Meetup April 2015 - The Docker Orchestration Ecosystem o...

Containers Roadshow: How to Develop Containers for the Enterprise

Containers without docker | DevNation Tech Talk

[@NaukriEngineering] Docker 101

Architecting .NET Applications for Docker and Container Based Deployments

Docker for Developers

Introduction to Docker and Monitoring with InfluxData

Docker-Hanoi @DKT , Presentation about Docker Ecosystem

Último

Building Digital Trust in a Digital Economy Veronica Tan, Director - Cyber Security Agency of Singapore Apidays Singapore 2024: Connecting Customers, Business and Technology (April 17 & 18, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

apidays

Abhishek Deb(1), Mr Abdul Kalam(2) M. Des (UX) , School of Design, DIT University , Dehradun. This paper explores the future potential of AI-enabled smartphone processors, aiming to investigate the advancements, capabilities, and implications of integrating artificial intelligence (AI) into smartphone technology. The research study goals consist of evaluating the development of AI in mobile phone processors, analyzing the existing state as well as abilities of AI-enabled cpus determining future patterns as well as chances together with reviewing obstacles as well as factors to consider for more growth.

Exploring the Future Potential of AI-Enabled Smartphone Processors

debabhi2

The presentation explores the development and application of artificial intelligence (AI) from its inception to its current status in the modern world. The term "artificial intelligence" was first coined by John McCarthy in 1956 to describe efforts to develop computer programs capable of performing tasks that typically require human intelligence. This concept was first introduced at a conference held at Dartmouth College, where programs demonstrated capabilities such as playing chess, proving theorems, and interpreting texts. In the early stages, Alan Turing contributed to the field by defining intelligence as the ability of a being to respond to certain questions intelligently, proposing what is now known as the Turing Test to evaluate the presence of intelligent behavior in machines. As the decades progressed, AI evolved significantly. The 1980s focused on machine learning, teaching computers to learn from data, leading to the development of models that could improve their performance based on their experiences. The 1990s and 2000s saw further advances in algorithms and computational power, which allowed for more sophisticated data analysis techniques, including data mining. By the 2010s, the proliferation of big data and the refinement of deep learning techniques enabled AI to become mainstream. Notable milestones included the success of Google's AlphaGo and advancements in autonomous vehicles by companies like Tesla and Waymo. A major theme of the presentation is the application of generative AI, which has been used for tasks such as natural language text generation, translation, and question answering. Generative AI uses large datasets to train models that can then produce new, coherent pieces of text or other media. The presentation also discusses the ethical implications and the need for regulation in AI, highlighting issues such as privacy, bias, and the potential for misuse. These concerns have prompted calls for comprehensive regulations to ensure the safe and equitable use of AI technologies. Artificial intelligence has also played a significant role in healthcare, particularly highlighted during the COVID-19 pandemic, where it was used in drug discovery, vaccine development, and analyzing the spread of the virus. The capabilities of AI in healthcare are vast, ranging from medical diagnostics to personalized medicine, demonstrating the technology's potential to revolutionize fields beyond just technical or consumer applications. In conclusion, AI continues to be a rapidly evolving field with significant implications for various aspects of society. The development from theoretical concepts to real-world applications illustrates both the potential benefits and the challenges that come with integrating advanced technologies into everyday life. The ongoing discussion about AI ethics and regulation underscores the importance of managing these technologies responsibly to maximize their their benefits while minimizing potential harms.

Artificial Intelligence: Facts and Myths

Joaquim Jorge

Histor y of HAM Radio presentation slide

vu2urc

[2024]Digital Global Overview Report 2024 Meltwater.pdf

hans926745

With more memory available, system performance of three Dell devices increased, which can translate to a better user experience Conclusion When your system has plenty of RAM to meet your needs, you can efficiently access the applications and data you need to finish projects and to-do lists without sacrificing time and focus. Our test results show that with more memory available, three Dell PCs delivered better performance and took less time to complete the Procyon Office Productivity benchmark. These advantages translate to users being able to complete workflows more quickly and multitask more easily. Whether you need the mobility of the Latitude 5440, the creative capabilities of the Precision 3470, or the high performance of the OptiPlex Tower Plus 7010, configuring your system with more RAM can help keep processes running smoothly, enabling you to do more without compromising performance.

Boost PC performance: How more available memory can improve productivity

Principled Technologies

Real Time Object Detection Using Open CV

Khem

What is a good lead in your organisation? Which leads are priority? What happens to leads? When sales and marketing give different answers to these questions, or perhaps aren't sure of the answers at all, frustrations build and opportunities are left on the table. Join us for an illuminating session with Cian McLoughlin, HubSpot Principal Customer Success Manager, as we look at that crucial piece of the customer journey in which leads are transferred from marketing to sales.

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx

HampshireHUG

BooK Now Call us at +918448380779 to hire a gorgeous and seductive call girl for sex. Take a Delhi Escort Service. The help of our escort agency is mostly meant for men who want sexual Indian Escorts In Delhi NCR. It should be noted that any impersonator will get 100 attention from our Young Girls Escorts in Delhi. They will assume the position of reliable allies. VIP Call Girl With Original Photos Book Tonight +918448380779 Our Cheap Price 1 Hour not available 2 Hours 5000 Full Night 8000 TAG: Call Girls in Delhi, Noida, Gurgaon, Ghaziabad, Connaught Place, Greater Kailash Delhi, Lajpat Nagar Delhi, Mayur Vihar Delhi, Chanakyapuri Delhi, New Friends Colony Delhi, Majnu Ka Tilla, Karol Bagh, Malviya Nagar, Saket, Khan Market, Noida Sector 18, Noida Sector 76, Noida Sector 51, Gurgaon Mg Road, Iffco Chowk Gurgaon, Rajiv Chowk Gurgaon All Delhi Ncr Free Home Deliver

08448380779 Call Girls In Greater Kailash - I Women Seeking Men

Delhi Call girls

The Raspberry Pi 5 was announced on October 2023. This new version of the popular embedded device comes with a new iteration of Broadcom’s VideoCore GPU platform, and was released with a fully open source driver stack, developed by Igalia. The presentation will discuss some of the major changes required to support this new Video Core iteration, the challenges we faced in the process and the solutions we provided in order to deliver conformant OpenGL ES and Vulkan drivers. The talk will also cover the next steps for the open source Raspberry Pi 5 graphics stack. (c) Embedded Open Source Summit 2024 April 16-18, 2024 Seattle, Washington (US) https://events.linuxfoundation.org/embedded-open-source-summit/ https://eoss24.sched.com/event/1aBEx

Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...

Igalia

CNv6 Instructor Chapter 6 Quality of Service

giselly40

Sara Mae O’Brien Scott and Tatiana Baquero Cakici, Senior Consultants at Enterprise Knowledge (EK), presented “AI Fast Track to Search-Focused AI Solutions” at the Information Architecture Conference (IAC24) that took place on April 11, 2024 in Seattle, WA. In their presentation, O’Brien-Scott and Cakici focused on what Enterprise AI is, why it is important, and what it takes to empower organizations to get started on a search-based AI journey and stay on track. The presentation explored the complexities of enterprise search challenges and how IA principles can be leveraged to provide AI solutions through the use of a semantic layer. O’Brien-Scott and Cakici showcased a case study where a taxonomy, an ontology, and a knowledge graph were used to structure content at a healthcare workforce solutions organization, providing personalized content recommendations and increasing content findability. In this session, participants gained insights about the following: Most common types of AI categories and use cases; Recommended steps to design and implement taxonomies and ontologies, ensuring they evolve effectively and support the organization’s search objectives; Taxonomy and ontology design considerations and best practices; Real-world AI applications that illustrated the value of taxonomies, ontologies, and knowledge graphs; and Tools, roles, and skills to design and implement AI-powered search solutions.

IAC 2024 - IA Fast Track to Search Focused AI Solutions

Enterprise Knowledge

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...

Neo4j

As privacy and data protection regulations evolve rapidly, organizations operating in multiple jurisdictions face mounting challenges to ensure compliance and safeguard customer data. With state-specific privacy laws coming up in multiple states this year, it is essential to understand what their unique data protection regulations will require clearly. How will data privacy evolve in the US in 2024? How to stay compliant? Our panellists will guide you through the intricacies of these states' specific data privacy laws, clarifying complex legal frameworks and compliance requirements. This webinar will review: - The essential aspects of each state's privacy landscape and the latest updates - Common compliance challenges faced by organizations operating in multiple states and best practices to achieve regulatory adherence - Valuable insights into potential changes to existing regulations and prepare your organization for the evolving landscape

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments

TrustArc

08448380779 Call Girls In Civil Lines Women Seeking Men

Delhi Call girls

Enterprise Knowledge’s Urmi Majumder, Principal Data Architecture Consultant, and Fernando Aguilar Islas, Senior Data Science Consultant, presented "Driving Behavioral Change for Information Management through Data-Driven Green Strategy" on March 27, 2024 at Enterprise Data World (EDW) in Orlando, Florida. In this presentation, Urmi and Fernando discussed a case study describing how the information management division in a large supply chain organization drove user behavior change through awareness of the carbon footprint of their duplicated and near-duplicated content, identified via advanced data analytics. Check out their presentation to gain valuable perspectives on utilizing data-driven strategies to influence positive behavioral shifts and support sustainability initiatives within your organization. In this session, participants gained answers to the following questions: - What is a Green Information Management (IM) Strategy, and why should you have one? - How can Artificial Intelligence (AI) and Machine Learning (ML) support your Green IM Strategy through content deduplication? - How can an organization use insights into their data to influence employee behavior for IM? - How can you reap additional benefits from content reduction that go beyond Green IM?

Driving Behavioral Change for Information Management through Data-Driven Gree...

Enterprise Knowledge

🐬 The future of MySQL is Postgres 🐘

RTylerCroy

2024: Domino Containers - The Next Step. News from the Domino Container commu...

Martijn de Jong

The 7 Things I Know About Cyber Security After 25 Years | April 2024

Rafal Los

Tata AIG General Insurance Company - Insurer Innovation Award 2024

The Digital Insurer

Building Infrastructure with Containers (SJSU Talk)

1. Building Infrastructure with Containers Pradeep Padala, Co-Founder/CTO Presented at SJSU Operating Systems Class in Dec 2015

4. How to contain? darth (user: root) (pid: 1) luke (user: root) (pid: 2) ©ContainerX, http://containerx.io, @ContainerXInc

6. How to contain? darth (user: root) (pid: 1) luke (user: root) (pid: 2) # pkill -9 luke ©ContainerX, http://containerx.io, @ContainerXInc

7. What If Darth can’t see Luke? darth (user: root) (pid: 1) luke (user: root) (pid: 2) # pkill -9 luke process not found ©ContainerX, http://containerx.io, @ContainerXInc

9. But, Darth can still see Luke  darth (user: root) (pid: 1) luke (user: root) (pid: 2) # pkill -9 luke process not found # cd /home/luke # rm –rf * ©ContainerX, http://containerx.io, @ContainerXInc

10. How to contain? Namespaces 1. PID 2. File system (or mount) 3. UTS – isolate hostname, nodename 4. IPC – mq and other IPC objects 5. Network – sockets, IP address, network stack 6. … ©ContainerX, http://containerx.io, @ContainerXInc

11. Darth can’t see Luke! darth (user: root) (pid: 1) luke (user: root) (pid: 2) # pkill -9 luke process not found # cd /home/luke no such directory ©ContainerX, http://containerx.io, @ContainerXInc

12. But, resources are shared darth (user: root) (pid: 1) luke (user: root) (pid: 2) # cat /dev/zero > /dev/null ©ContainerX, http://containerx.io, @ContainerXInc

13. Use cgroups to limit resources group limitcpu { cpu { cpu.shares = 400; } } group limitmem { memory { memory.limit_in_bytes = 512m; } } ©ContainerX, http://containerx.io, @ContainerXInc

15. We are not done yet darth (user: nonroot) (pid: 1) luke (user: root) (pid: 2) $ bindto 22 ©ContainerX, http://containerx.io, @ContainerXInc

16. Capabilities Two modes 1. Run as root, deny all, grant selected capabilities 2. Run as non-root, grant selected capabilities a) grant net_bind_service ©ContainerX, http://containerx.io, @ContainerXInc

18. Container Stack Linux kernel with lxc lxc user-space tools cgroups Docker ©ContainerX, http://containerx.io, @ContainerXInc

21. Build layers using Dockerfile FROM ubuntu RUN apt-get install -y apache2 CMD ["/usr/sbin/apache2ctl", "-D", "FOREGROUND"] ©ContainerX, http://containerx.io, @ContainerXInc

22. Build, Run and Inspect a container • Setup a Docker host using docker-machine • Write a Dockerfile • Build • Run • Inspect ©ContainerX, http://containerx.io, @ContainerXInc

24. How to manage multiple hosts and containers? • It’s easy to setup a Docker hos and run a container • It’s “super hard” to manage many of them, why? 1. Scale 2. Allocating resources (compute, storage and network) 3. Day-to-day management 4. Running infrastructure efficiently ©ContainerX, http://containerx.io, @ContainerXInc

26. kernel lxc cg Docker kernel lxc cg Docker kernel lxc cg Docker kernel lxc cg Docker kernel lxc cg Docker On-Premise Cloud ©ContainerX, http://containerx.io, @ContainerXInc

27. Host and Container Management • Cluster concept – aggregation • Elasticity • Addition and deletion of hosts • Automatically in cloud environments • Horizontal scaling • Storage • Network ©ContainerX, http://containerx.io, @ContainerXInc

28. Resource Management 0% Green Container Pool CPU Limit: 30% Mem Limit: 30% Priority: Medium 20% 0% Yellow Container Pool CPU Limit: 60% Mem Limit: 70% Priority: High 60%0% Blue Container Pool CPU Limit: 30% Mem Limit: 20% Priority: Low 20% 30%30% 40% ©ContainerX, http://containerx.io, @ContainerXInc

30. Many Scheduling Algorithms What works? • Feedback based algorithms • Simple heuristics • Extensive simulation to understand corner cases Real-world robustness is most important! ©ContainerX, http://containerx.io, @ContainerXInc

31. Cluster scheduling – feedback loop Monitor Control Action Stats Performance goals Control parameters Model Model can model applications, containers, and underlying resources Change allocation ©ContainerX, http://containerx.io, @ContainerXInc

32. Summary • What are containers? • OS virtualization • Namespaces + CGroups + Capabilities • Docker • Wrapper around lxc • User-friendly containers • Container management – hard! • Aggregation, Elastiticy, Multi-tenancy … • Feedback loop for cluster scheduling ©ContainerX, http://containerx.io, @ContainerXInc

Building Infrastructure with Containers (SJSU Talk)

Recomendados

Recomendados

Más contenido relacionado

La actualidad más candente

La actualidad más candente (20)

Similar a Building Infrastructure with Containers (SJSU Talk)

Similar a Building Infrastructure with Containers (SJSU Talk) (20)

Último

Último (20)

Building Infrastructure with Containers (SJSU Talk)