1/4 Webinar: How to Automate Deployment and Orchestration of Application (MiCADO introduction)
This first part of the webinar introduces MiCADO and its unique features allowing to accomplish automated deployments and orchestration of application clusters. It was presented by Jozsef Kovacs (MTA SZTAKI). The webinar took place on the 26th of September 2019. If you would like to have more information visit: https://micado-scale.eu
MiCADO is open-source and a highly customisable multi-cloud orchestration and auto-scaling framework for Docker containers, orchestrated by Kubernetes.
Developed by Project COLA funded by the European Commission (grant agreement no: 731574). https://project-cola.eu
2. Webinar on MiCADO [26/09/2019]
Agenda
• Introduction
1. Jozsef Kovacs (SZTAKI): What is MiCADO (good for)? [15 mins]
2. James Deslauriers (WMIN): How to develop an application in MiCADO? [15 mins]
• Questions [5 mins]
• Use cases
3. Matt Kendon (Outlandish): Wordpress [10 mins]
4. Amjad Ullah (WMIN): JQueuer [10 mins]
• Questions [5 mins]
9/29/2019 www.project-cola.eu 2
3. Example
9/29/2019 www.project-cola.eu 3
Conta
iner scaling
scaling
scaling
scaling
CPU
BASED
TIME
BASED
NO
SCALE
1
NODE
1 PER
NODE
CPU
BASED
1
AN APPLICATION
AND ITS
ASSOCIATED
RESOURCES
RESOURCES
Small
VM
Medium
VM
Large
VM
Apache
server
(Word
press)
Php
servers
Data
base
APPLICATION
CONTAINERS
SCALING LOGIC
ADT = Application Description Template
Based on ADT
MiCADO will
• create the
virtual
machines
specified
• deploy the
containers
specified
• automatically
scale the VMs
based on the
rules defined
• automatically
scale the
containers
defined
VM
4. Overview
Microservices-based Cloud Application-level Dynamic Orchestrator
• Automated application deployment on Cloud based on ADT
• Automated scaling based on highly customisable scaling policies
• Scaling at both container and virtual machine levels
• Multi-cloud support
• Standardised TOSCA-based application and policy description (ADT)
• Modular architecture based on open source components
• Easy Ansible-based deployment
• Intuitive dashboard
• Policy driven security settings
• Open source: https://github.com/micado-scale
9/29/2019 www.project-cola.eu 4
6. Autoscaling framework
9/29/2019 www.project-cola.eu 6
• Customizable monitoring:
• Monitored metrics are collected by Prometheus exporters (data collectors)
• MiCADO supports dynamically attachable exporters
• Wide range of exporters supports practically any monitorable metrics
• Customizable scaling logic:
• Scaling logic is predefined in other auto-scaling systems
• Policy/appication developers can develop a scaling logic in Python language
• Scaling logic is fully programmable, not hardcoded
• => wide range of scaling use case supported
7. 9/29/2019 www.project-cola.eu 7
TOSCA-
based
Application
Description
Template
(ADT)
MiCADO MASTER NODE
MiCADO
WORKER NODE
HTTPS
IPSEC
App-level
Firewall
(Zorp)
L7 Filtering
(Zorp)
User
management
(Flask-User)
Secret
Management
(Hashicorp
Vault)
Password-based
authentication
(Zorp)
Secret Storage
(Kubernetes
secret)
Increased security in MiCADO
• implements
industry-
standard best
practices
• provides security
functions lacking
in most cloud
environments
• minimize the need
of user-supplied
configuration
• pluggable
architecture
• validated by
penetration
testing
13. Project Director: Dr. Tamas Kiss, University of Westminster, UK
The COLA Project – Cloud Orchestration at the Level of Application (COLA) - receives funding from
the European Union´s Horizon 2020 research and innovation programme under grant agreement No 731574
Questions after the second talk!
https://micado-scale.eu/
József Kovács
Developer of MiCADO
MTA SZTAKI
jozsef.kovacs@sztaki.mta.hu
9/29/2019 www.project-cola.eu 13
- Security in micado- implement industry-standard best practices- provide security functions lacking in most cloud environments e.g. encrypted communication between master and workers- minimize the need of user-supplied configuration to provide a seamless security experience- pluggable architecture to enable replacing components- validated by penetration testing to find security weaknesses
Do not read the url.
Mention that everything is open-source and publicly available.