Containerizing Traditional Applications

Containerizing Traditional Applications

Microservices and Cloud-native Applications

Containerizing Traditional Applications – SF Bay Area Microservices Meetup - August 2nd 2016 2

“We started Nirmata to bring DevOps agility to all enterprises!”

Jim BugwadiaFounder and CEO at Nirmata

Ritesh PatelFounder and Product Lead at Nirmata

Developer, architect, and leadership roles at Cisco, Trapeze Networks, and Pano Logic,

Bell Labs, Motorola. Univ of Illinios.

Developer and business leadership at Brocade, Trapeze Networks, Nortel and

Motorola. MBA from Berkley Haas


Why Nirmata?

Software infrastructure is best delivered “as-a-service”

Cloud-native applications need cloud-native management

Applications should not be locked in to a cloud provider

1

2

3

• Founded Sep 2013 -> Beta Jan 2015 -> GA 2016!

• Fortune 50 as well as startup customers in production

• 1M+ pulls; 10K+ managed containers per month!

• Wide range of apps – from Enterprise IT to IoT!

we believe….


Containerizing Traditional Applications

• Why bother?

• Can traditional applications be containerized?

• How to containerize traditional applications

• Step-by-step demo

• Questions & Answers


Why containerize an existing application?

Agility

Portability

Consistency

Control

Efficiencies


‐ University blog‐ Apache 2.2.10‐ OpenSSL 0.9.8H‐ Java 1.6 (EOL 2/13)‐ Confluence 5.6.5

Application

https://blog.docker.com/2016/07/it-all-started-with-dockerizing-an-old-version-of-confluence-

with-docker-datacenter/

1592staff hrs saved over 6 mos

‐ Manual upgrade processes‐ Older versions of software‐ 6 month upgrade process‐ Variations across environments‐ Untracked customizations

Challenges

2 monthsproject time ‐ App portable to any cloud

‐ Frequent upgrades possible ‐ Reduced downtime; improved

HA and DR‐ Staff can now focus on

strategic projects!

Benefits

10X productivity gain

https://blog.docker.com/2016/07/it-all-started-with-dockerizing-an-old-version-of-confluence-with-docker-datacenter/


‐ Web Portal App

‐ Liferay on tcServer

‐ PHP app-tier

‐ Nginx LB

‐ Gemfire, MySQL

Application

‐ Several hours to deploy a new environment

‐ Variations across different environment types

‐ Coordinating across large distributed DevOps team

Challenges

3 monthsproject time ‐ Reduced applictaion deploy

time to under 5 minutes‐ Immutable images for

consistency across env types‐ Fully automated updates via

vRealize Automation suite

Benefits

48X productivity gain

http://devops.com/2015/08/31/webinar-enabling-devops-and-

containers-on-vmware-with-nirmata/

IT Applications

82,246staff hrs saved over 12 mos

http://devops.com/2015/08/31/webinar-enabling-devops-and-containers-on-vmware-with-nirmata/


Can traditional apps be containerized?

Yes! Consider containerizing :

• 3rd party apps that are:

o mission critical

o require manual maintenance and updates

• Custom developed applications with:

o complex configurations

o time-consuming and semi-automated deployments


Key Considerations for Containerizing any App

1. Application state

2. Mapping components / tiers to containers

3. Networking

4. Storage

5. Security


Containers are ephemeral and so only good for stateless microservices-style applications.

here’s a common myth:


Application State

• All applications are stateful!

• Architectural patterns describe how to package with state and behaviors:

o In 3-tier applications, state is delegated to a data-tier or a mid-tier cache.

o In microservices-style applications, each service instance is stateless for elasticity and resiliency and each service has its own data management


Types of application state

1. Persistent State

2. Configuration State

3. Session State

4. Connection State

5. Cluster State


Persistent State

Domain data that needs to survive application restarts and outages. Typically stored in a database tier with durable storage and backups.

Host

Container

Host

Container

Host

Container

Data in the containerLost when the container terminates

Data in a Host VolumeLost when the host terminates

Networked Volume / File SystemIndependent of host and container


Persistent State

Containerization solutions and best practices:

• Try to manage DB as a separate tier (possibly shared across apps) with its own lifecycle

• Use host storage and container host volumes for smaller datasets and if database software handles stateless replicas

• Use shared file systems, or shared volumes, if data needs to be pinned to replicas and managed independently of hosts. Check orchestration support.


Configuration State

Non-domain data required by the application to execute. For example: addresses, tunables, secrets, etc.


• Environment variables for non-sensitive configuration data

• Encrypted and trusted store (KeyWhiz, Vault, etc.) for secret data. Use one-time keys, or volumes, to make secrets available to containers.

• Dynamic property service (NetflixOSS Archaius, NirmataOSS go-configfiles) if data needs to be changed without requiring a restart.


Session State

User data associated with login session. Commonly used in multi-page web applications, so all pages see user information.

Load Balancer

Server 1

Server 2

Server 3

User 1

User 2

User 2

Connection

User 1

Connection

my.app.com

User 1 Session

User 2 Session


Session State


• Traditional load-balancers (e.g. HAProxy etc.) support “sticky sessions” but need to be made container-aware, and require management.

• Container-native load balancers (e.g. Avi, NetflixOSS Zuul, Nirmata Service

Gateway, etc.) allow Layer 7 routing with “sticky sessions”, dynamically handle container updates and are themselves delivered as microservices (stateless, elastic, and resilient!)


Connection State

Protocols like Websockets are “stateful” as the client and server can exchange a sequence of messages.


• Layer 4 load balancers support TCP (port-based) load-balancing but need to be made container-aware, and require management.

• Container-native load balancers (e.g. Avi, Nirmata Service Gateway, etc.)

also allow Layer 4 TCP routing, dynamically handle container updates and delivered as microservices (stateless, elastic, and resilient!)


Cluster State

Clustered applications share and maintain state across members.

Solutions and best practices:

1. Determine how cluster members are bootstrapped and updated

• If addresses and ports, the container orchestrator will need to support. Kubernetes introduced PetSets. Nirmata supports has staged deployments with reservations.

• Use static IP addresses or names, if the number of cluster members is known.

• Consider using host mode networking if static IPs addresses (or names) are used.

2. Determine how membership roles are handled

• If the cluster requires static roles, some in-container scripting along with variable injection will be needed.


Containers are ephemeral and so only good for stateless microservices-style applications.

here’s a common myth:


Steps to Containerize any Application

1. Identify and handle application statepersistent state, configuration state, session state, connection state, cluster state

2. Decide on how many containersSingle container? Split each tier? Split a tier into multiple services?

3. Select container networking optionsService Discovery or Dependency Injection? - Bridge mode? Host Mode? Overlay? Network plugin?

4. Select container storage optionsHost storage? Shared storage? Volume plugin?

5. Select container security optionsPrivileges, host & net segregation, access controls, secrets, image scanning & signing

Demo Time!


Web Application(Apache Tomcat 7.x)

RDBMS(HSQLDB/MySQL)

https://github.com/spring-projects/spring-petclinic

https://github.com/NirmataOSS/petclinic-mysql

Application: Pet Clinic• Java/Spring application

• Relational Database

https://github.com/spring-projects/spring-petclinic

https://github.com/NirmataOSS/petclinic-mysql


Summary

• Traditional and stateful applications can be containerized.

• There are huge benefits with containerizing traditional applications.

• Containerizing traditional apps on VMs is a great way to get started

try.nirmata.io

https://try.nirmata.io/devops-webinar


Get in touch

o [email protected],

o @JimBugwadia

o https://www.linkedin.com/in/jimbugwadia

o [email protected]

o @riteshdp

o https://www.linkedin.com/in/patelrit

we love to help!

mailto:[email protected]

https://www.linkedin.com/in/jimbugwadia

mailto:[email protected]

https://www.linkedin.com/in/patelrit


Questions

Answers

&

Thank you!

Explore Nirmata for free at: nirmata.io

https://try.nirmata.io/devops-webinar

Engineering

Containerizing Traditional Applications