Embed Size (px)
Citation preview
A Developers Guide to Containers and Google Cloud Platform
Codemotion Rome - March 2015Mandy Waite - Google Developer Relations Engineer
@tekgrrl
Containers, containers, everywhere
Containers at Google
Brief intro to Docker
Google Container Engine (Demo)
1
2
3
4
Agenda
Containers
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
● Lightweight environment for running applications
● Hermetically sealed static binaries
○ No External Dependencies
● Isolated applications running on a single host
○ Resources, Users, Filesystem, Network
● Moves us from “Idealized Hardware” to an “Idealized OS”
What is a container?
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
Implemented on top of a number of (unrelated) Linux APIs:
cgroups: Restrict resources a process can consume
CPU, memory, disk IO, ...
namespaces: Change a process’s view of the system
Network interfaces, PIDs, users, mounts, ...
capabilities: Limits what a user can do
mount, kill, chown, ...
chroots: Determines what parts of the filesystem a user can see
What makes Containers Possible?
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
Why Should Developers Care?
Static application environment
= reliable deployments
No stress deployment
Repeatable, runnable artifact
= portability
Develop here, run there
Pick your cloud solely on its merits
Loosely coupled
= easier to build and manage
Compose applications from micro-services
Facilitates re-use
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
Hypervisor
Guest environment
app code
libraries
guest os
Vanilla virtualizationIdealized Hardware
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
It has downsides:No Isolation
Hypervisor
Guest environment
app code
libraries
guest os
dependency???app code
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
It has downsides:Little Reuse
Hypervisor
Guest environment
app code
libraries
guest os
Guest environment
app code
libraries
guest os
Guest environment
app code
libraries
guest osredundant
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
Containers create a better abstraction layer
Hypervisor
Guest environment
app code
libraries
guest os
cut here
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
Node environment
Portable, isolated, static app environments, Idealized OS
Hypervisor
node os
app code
libraries
app code
libraries
app code
libraries
container 1 container 2 container 3
Containers at Google
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
● Gmail, Web Search, Maps, ...
● MapReduce, batch, ...
● GFS, Colossus, ...
● Even GCE itself: VMs in containers
Images by Connie Zhou
Everything at Google runs in a container
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
● Performance
● Repeatability
● Isolation
● Quality of service
● Accounting
● Visibility
● Portability
Why Google Likes Containers
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
Managed Base OS
Node Container Manager
Scheduled Containers
Cluster Scheduler
Google Internal cluster management stack
Docker
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
Docker - Bringing Containers to the Mainstream
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
More Popular than Fernando Alonso (ex Ferrari Driver)
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
But what is Docker?
An implementation of the container idea
A package format
An ecosystem
A company
An open-source juggernaut
A phenomenon
Container Image
Dependencies
App Code
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
Docker Swarm
Spotify Helios
CoreOS Fleet
Kubernetes
Orchestrating Docker Containers
Kubernetes
Container Cluster Anyone?
Images by Connie Zhou
$ gcloud preview container clusters create guestbook
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
Greek for “Helmsman”; also the root of the word “Governor”
• Orchestrator for running Docker containers
• Supports multi-cloud environments
• Inspired and informed by Google’s experiences and internal systems
• Open source, written in Go
Manage applications, not machines
Kubernetes
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
Cluster: A group of nodes on which containers are scheduledContainer: A sealed application package (Docker)Pod: A small group of tightly coupled Containers
example: content syncer & web server
ReplicationController: A loop that drives current state towards desired state
Service: A set of running pods that work togetherexample: load-balanced backends
Labels: Identifying metadata attached to other objectsexample: phase=canary vs. phase=prod
Selector: A query against labels, producing a set resultexample: all pods where label phase == prod
Key Concepts
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
node 1
f0118
node 3
node 4node 2
d9376
b0111
a1209
Kubernetes Cluster
node 5
c8743
node 3
node 4node 2
x5621
b0111
a1209
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
Small group of containers & volumes
Tightly coupled
The atom of cluster scheduling & placement
Shared namespace• share IP address & localhost
Ephemeral• can die and be replaced
Example: data puller & web server
Pods
Pod
File Puller Web Server
Volume
ConsumersContent Manager
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
Dashboard
show: FE
● Metadata with semantic meaning● Membership identifier● The only Grouping Mechanism
➔ Allow for intent of many users (e.g. dashboards)➔ Build higher level systems … ➔ Queryable by Selectors
Behavior Benefits
Pod Pod
frontend
Pod
frontend
Pod Pod
FE FE v2
Dashboard
show: v2
more at labels.md
Labels
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
Behavior Benefits
ReplicationController
#Pods → 2label selector: v1
Pod Pod
frontend
Pod
frontend
Pod Pod
v1 v1
ReplicationController
#Pods → 1label selector: v2
v2
● Keeps Pods running● Gives direct control of Pod #s
➔ Recreates Pods, maintains desired state
➔ Fine-grained control for scaling
more at rc.md
Replication Controllers
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
Replication Controllers
Replication Controller- Name = “nifty-rc”- Selector = {“App”: “Nifty”}- PodTemplate = { ... }- NumReplicas = 4
API Server
How many?
3
Start 1 more
OK
How many?
4
Canonical example of control loops
Have 1 job: ensure N copies of a pod● if too few, start new ones● if too many, kill some● group == selector
Replicated pods are fungible● No implied ordinality or identity
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
node 1
f0118
node 3
node 4node 2
d9376
b0111
a1209
Replication Controller- Desired = 4- Current = 4
Replication Controllers
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
node 1
f0118
node 3
node 4node 2
Replication Controller- Desired = 4- Current = 4
d9376
b0111
a1209
Replication Controllers
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
node 1
f0118
node 3
node 4
Replication Controller- Desired = 4- Current = 3
b0111
a1209
Replication Controllers
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
node 1
f0118
node 3
node 4
Replication Controller- Desired = 4- Current = 4
b0111
a1209
c9bad
Replication Controllers
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
node 1
f0118
node 3
node 4node 2
Replication Controller- Desired = 4- Current = 5
d9376
b0111
a1209
c9bad
Replication Controllers
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
node 1
f0118
node 3
node 4node 2
Replication Controller- Desired = 4- Current = 4
d9376
b0111
a1209
c9bad
Replication Controllers
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
A group of pods that act as one == Service• group == selector
Defines access policy• only “load balanced” for now
Gets a stable virtual IP and port• called the service portal• also a DNS name
VIP is captured by kube-proxy• watches the service constituency• updates when backends change
Hide complexity - ideal for non-native apps
Services
Portal (VIP)
Client
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
Kubernetes StatusOpen sourced in June, 2014
• won the BlackDuck “rookie of the year” award• so did cAdvisor :)
Google launched Google Container Engine (GKE)• hosted Kubernetes• https://cloud.google.com/container-engine/
Roadmap:• https://github.com/GoogleCloudPlatform/kubernetes/blob/master/docs/roadmap.md
Driving towards a 1.0 release in O(months)• O(100) nodes, O(50) pods per node• focus on web-like app serving use-cases
Google Container Engine- Inspired by a decade within Google - Reimagines Cluster computing- Designed for a multi-cloud world
Photo by Connie Zhou
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
Let’s build something
Guestbook PHP App
Redis Worker
Redis Worker
Redis Master
Guestbook PHP AppGuestbook
PHP App
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
Demo
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
Kubernetes is Open SourceWe want your help!
http://kubernetes.iohttps://github.com/GoogleCloudPlatform/kubernetes
irc.freenode.net #google-containers@kubernetesio
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
Local Meetups
Docker Roma Meetup
GDG Roma LAB
Feedback: goo.gl/FTHOv7 Twiitter: @tekgrrl
Feedback: goo.gl/FTHOv7Tweet Me questions: @tekgrrl
Questions
plus.google.com/+MandyWaite
Thank you!
