Upload
jim-bugwadia
View
256
Download
0
Embed Size (px)
Citation preview
Containerizing Traditional Applications
Microservices and Cloud-native Applications
Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 2
“We started Nirmata to bring DevOps agility to all enterprises!”
Jim BugwadiaFounder and CEO at Nirmata
Ritesh PatelFounder and Product Lead at Nirmata
Developer, architect, and leadership roles at Cisco, Trapeze Networks, and Pano Logic,
Bell Labs, Motorola. Univ of Illinios.
Developer and business leadership at Brocade, Trapeze Networks, Nortel and
Motorola. MBA from Berkley Haas
Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 3
Why Nirmata?
Software infrastructure is best delivered “as-a-service”
Cloud-native applications need cloud-native management
Applications should not be locked in to a cloud provider
1
2
3
• Founded Sep 2013 -> Beta Jan 2015 -> GA 2016!
• Fortune 50 as well as startup customers in production
• 1M+ pulls; 10K+ managed containers per month!
• Wide range of apps – from Enterprise IT to IoT!
we believe….
Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 4
Containerizing Traditional Applications
• Why bother?
• Can traditional applications be containerized?
• How to containerize traditional applications
• Step-by-step demo
• Questions & Answers
Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 5
Why containerize an existing application?
Agility
Portability
Consistency
Control
Efficiencies
Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 6
‐ University blog‐ Apache 2.2.10‐ OpenSSL 0.9.8H‐ Java 1.6 (EOL 2/13)‐ Confluence 5.6.5
Application
https://blog.docker.com/2016/07/it-all-started-with-dockerizing-an-old-version-of-confluence-
with-docker-datacenter/
1592staff hrs saved over 6 mos
‐ Manual upgrade processes‐ Older versions of software‐ 6 month upgrade process‐ Variations across environments‐ Untracked customizations
Challenges
2 monthsproject time ‐ App portable to any cloud
‐ Frequent upgrades possible ‐ Reduced downtime; improved
HA and DR‐ Staff can now focus on
strategic projects!
Benefits
10X productivity gain
Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 7
‐ Web Portal App
‐ Liferay on tcServer
‐ PHP app-tier
‐ Nginx LB
‐ Gemfire, MySQL
Application
‐ Several hours to deploy a new environment
‐ Variations across different environment types
‐ Coordinating across large distributed DevOps team
Challenges
3 monthsproject time ‐ Reduced applictaion deploy
time to under 5 minutes‐ Immutable images for
consistency across env types‐ Fully automated updates via
vRealize Automation suite
Benefits
48X productivity gain
http://devops.com/2015/08/31/webinar-enabling-devops-and-
containers-on-vmware-with-nirmata/
IT Applications
82,246staff hrs saved over 12 mos
Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 8
Can traditional apps be containerized?
Yes! Consider containerizing :
• 3rd party apps that are:
o mission critical
o require manual maintenance and updates
• Custom developed applications with:
o complex configurations
o time-consuming and semi-automated deployments
Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 9
Key Considerations for Containerizing any App
1. Application state
2. Mapping components / tiers to containers
3. Networking
4. Storage
5. Security
Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 10
Containers are ephemeral and so only good for stateless microservices-style applications.
here’s a common myth:
Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 11
Application State
• All applications are stateful!
• Architectural patterns describe how to package with state and behaviors:
o In 3-tier applications, state is delegated to a data-tier or a mid-tier cache.
o In microservices-style applications, each service instance is stateless for elasticity and resiliency and each service has its own data management
Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 12
Types of application state
1. Persistent State
2. Configuration State
3. Session State
4. Connection State
5. Cluster State
Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 13
Persistent State
Domain data that needs to survive application restarts and outages. Typically stored in a database tier with durable storage and backups.
Host
Container
Host
Container
Host
Container
Data in the containerLost when the container terminates
Data in a Host VolumeLost when the host terminates
Networked Volume / File SystemIndependent of host and container
Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 14
Persistent State
Containerization solutions and best practices:
• Try to manage DB as a separate tier (possibly shared across apps) with its own lifecycle
• Use host storage and container host volumes for smaller datasets and if database software handles stateless replicas
• Use shared file systems, or shared volumes, if data needs to be pinned to replicas and managed independently of hosts. Check orchestration support.
Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 15
Configuration State
Non-domain data required by the application to execute. For example: addresses, tunables, secrets, etc.
Containerization solutions and best practices:
• Environment variables for non-sensitive configuration data
• Encrypted and trusted store (KeyWhiz, Vault, etc.) for secret data. Use one-time keys, or volumes, to make secrets available to containers.
• Dynamic property service (NetflixOSS Archaius, NirmataOSS go-configfiles) if data needs to be changed without requiring a restart.
Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 16
Session State
User data associated with login session. Commonly used in multi-page web applications, so all pages see user information.
Load Balancer
Server 1
Server 2
Server 3
User 1
User 2
User 2
Connection
User 1
Connection
my.app.com
User 1 Session
User 2 Session
Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 17
Session State
Containerization solutions and best practices:
• Traditional load-balancers (e.g. HAProxy etc.) support “sticky sessions” but need to be made container-aware, and require management.
• Container-native load balancers (e.g. Avi, NetflixOSS Zuul, Nirmata Service
Gateway, etc.) allow Layer 7 routing with “sticky sessions”, dynamically handle container updates and are themselves delivered as microservices (stateless, elastic, and resilient!)
Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 18
Connection State
Protocols like Websockets are “stateful” as the client and server can exchange a sequence of messages.
Containerization solutions and best practices:
• Layer 4 load balancers support TCP (port-based) load-balancing but need to be made container-aware, and require management.
• Container-native load balancers (e.g. Avi, Nirmata Service Gateway, etc.)
also allow Layer 4 TCP routing, dynamically handle container updates and delivered as microservices (stateless, elastic, and resilient!)
Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 19
Cluster State
Clustered applications share and maintain state across members.
Solutions and best practices:
1. Determine how cluster members are bootstrapped and updated
• If addresses and ports, the container orchestrator will need to support. Kubernetes introduced PetSets. Nirmata supports has staged deployments with reservations.
• Use static IP addresses or names, if the number of cluster members is known.
• Consider using host mode networking if static IPs addresses (or names) are used.
2. Determine how membership roles are handled
• If the cluster requires static roles, some in-container scripting along with variable injection will be needed.
Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 20
Containers are ephemeral and so only good for stateless microservices-style applications.
here’s a common myth:
Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 21
Steps to Containerize any Application
1. Identify and handle application statepersistent state, configuration state, session state, connection state, cluster state
2. Decide on how many containersSingle container? Split each tier? Split a tier into multiple services?
3. Select container networking optionsService Discovery or Dependency Injection? - Bridge mode? Host Mode? Overlay? Network plugin?
4. Select container storage optionsHost storage? Shared storage? Volume plugin?
5. Select container security optionsPrivileges, host & net segregation, access controls, secrets, image scanning & signing
Demo Time!
Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 23
Web Application(Apache Tomcat 7.x)
RDBMS(HSQLDB/MySQL)
https://github.com/spring-projects/spring-petclinic
https://github.com/NirmataOSS/petclinic-mysql
Application: Pet Clinic• Java/Spring application
• Relational Database
Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 24
Summary
• Traditional and stateful applications can be containerized.
• There are huge benefits with containerizing traditional applications.
• Containerizing traditional apps on VMs is a great way to get started
try.nirmata.io
Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 25
Get in touch
o @JimBugwadia
o https://www.linkedin.com/in/jimbugwadia
o @riteshdp
o https://www.linkedin.com/in/patelrit
we love to help!
Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 26
Questions
Answers
&