Docker & aPaaS: Enterprise Innovation

and Trends for 2015

Samir Adams Ghosh, CEO

Anurag Parashar, Technical Architect

WaveMaker, Inc.

Presenters

2

Technical Architect

Samir Ghosh

CEO

Anurag Parashar

WaveMaker, Inc.• Headquartered in Mountain View, CA• Enterprise Software Platform for Custom App Delivery

• Scarce, Expensive Resources

• Complex Supply Chains

• Social-media Empowered Customers

• Global Competition

• Demanding Consumerized Employees

• Disruptive Business Models

Enterprises Facing Increasing Challenges

• Governance and Compliance

Successful Enterprises

Enable Agility

Democratize Decision Making

Foster Innovation

IBM CIO Study – Successful Companies…

• Build a workplace strategy and roadmap that drives innovation and productivity

• Enable secure anytime, anywhere access instead of restricting usage

Custom Applications are Key Enablers

Making information more broadly available

Capturing and refining competitive and innovative processes

Gather input and interaction from broader constituents

Improved accessibility = faster decision making

Automation for consistency and speed

Improved customer service

Competitive advantage: Get the top-tier right

6

Data. Low change apps.

Incremental Change

High Volume of Change. Experimentation.

Systems of

Differentiation

Systems of

Innovation

Systems ofRecord

”Pace Layering” - Gartner

Why new Applications are

important?

7

Software Is Eating the WorldMark Andreesen, August 2011*

*Read more at http://online.wsj.com/news/articles/SB10001424053111903480904576512250915629460

All New Business Strategy is powered by New Software

But there is a problem…

8

Build Run

Enterprise App Gaps

BusinessPro

DeveloperIT Ops

9

Long-tail app / Shadow IT problem

Self-service vs. Control/LegacyPro dev doesn’t want lock-in to RAD tools

Trends in Enterprise App Delivery

Development

Deployment

Integration

10

Rapid API Application

Development (RAAD)

App Optimized Cloud

(Docker containers)

Microservices

Architecture

Trends in Enterprise App Delivery

Development

Deployment

Integration

11

Rapid API Application

Development (RAAD)

App Optimized Cloud

(Docker containers)

Microservices

Architecture

Rapid Developers

Business Expert Pro Developer

• Non-programmer• Needs app quickly• Cannot wait for IT

• Time constrained• Limited front end experience• Needs to extend

Modern RAAD

Visual Development

• WYSIWYG, Drag & Drop, Live Data

Standards Based Code

• AngularJS, Java/JEE, Spring, Hibernate

Auto Device Responsiveness

Easy Services Consumption

Re-usable Components

Avoid Vendor Lock-in

• Open Source, Support

Extendable and Maintainable

• Eclipse, MavenData Visualization

SaaS & Desktop

• Evaluate using data behind firewall

Social Team Development

• Multi-dev, feeds, follow

Version Control

• Git, BitBucket, Apache SVN

1-Click Deployment

Poll

How should business users create custom apps for their needs?

• They shouldn’t

• Let them choose the tools of their choice

• Provide company approved tool(s)

14

Trends in Enterprise App Delivery

Development

Deployment

Integration

15

Rapid API Application

Development (RAAD)

App Optimized Cloud

(Docker containers)

Microservices

Architecture

APIs are becoming Ubiquitous

16

11,927 APIsSept 2014

API Success

17

Poll

How easy is it to leverage APIs within your organization (or, if you’re a vendor, in the average enterprises you work with)?

• Impossible

• Difficult even for the Pros

• Fine if you’re a Professional Developer

• Possible for even non-Professional Developers

• Super easy

18

Trends in Enterprise App Delivery

Development

Deployment

Integration

19

Rapid API Application

Development (RAAD)

App Optimized Cloud

(Docker containers)

Microservices

Architecture

Challenges

Implementing Docker

for enterprise

application delivery

Problem – A lot of scripts

http://blog.docker.com/2013/08/paas-present-and-future/

Problem – A lot of scripts

• Combination of technologies (Java, Node, Ruby …),

– Layers (DB, Web app, LB …),

– Targets (dev machine, staging, production …)

– Platforms (linux, windows, cloud …)

• What?! Microsoft will also support Docker?

• Consistent delivery is challenging,

– Even with best devops tools: Puppet, Chef, Ansible ...

Ideal solution = run

exactly the same

image everywhere

VM vs Container.

• Containers are “orders of magnitude better” than virtual machines.

• Shared OS

• “Multi-tenancy at OS level”

• Building VMs

take mins to hrs

• Launching VMs

takes minutes vs

sub-seconds for

container.

24

Phil Wainewright, Diginomica 2-Jul-2014

Virtualization Approaches Compared.Hypervisor Vs. Container

25

Hypervisor-based VM Docker on bare metal

More JuiceSame Glass

Multiple-OS-layers

Virtualization Approaches Compared.Application density

26

Hypervisor-based VM Docker on bare metal

Reserve Capacity

App#1

App Stack

App#2

App#1

Shared App Stack

Reserve space could hold other apps

App could grow using available capacity

What is Container?

• Not a new concept

– Solaris Zones

– BSD Jails

– Warden containers for CloudFoundry

– LXC

• Isolated OS process with its own process space, network interface, user space

• Share kernel with host

What is Container?

• Isolation with namespaces for

– pid, mnt, net, uts , ipc, user

• Control with cgroups for

– memory, cpu, blkio, devices

Why Docker?

• Commoditize containers

– Usable tools and APIs

• Copy-on-write and layers for quick provisioning

• Create and share the images

• Standard format for container

• Reproducible images with DockerFile

Use Case

Source Code

Repository

Dockerfile

Docker Engine

DockerRegistry

Build

Do

cker

Host 2 OS (Linux)

Co

ntain

er A

Co

ntain

er B

Co

ntain

er C

Co

ntain

er A

Push

SearchPull

Run

Host 1 OS (Linux)

What does Docker provide?

• Compose application stack with Docker file

• Ability to run more than one Docker container on VM

• Lightweight and provision new containers in seconds

• Portable and can be run on any hardware

• Complete isolation for app and its stack

• Keep the application footprint on the disk minimal

– By separating out read-only O/S & software stack directories from writeable app-specific directories

• Docker Registry public / private (portability)

31

Is Docker a cloud platform?

32

No, Docker only provides necessary tooling to

build your own private cloud

It is up-to the Enterprise or the Platform Vendor

to get the solution right for the IT and Developer

needs, bridging that gap.

What does it take to

use Docker to build

your cloud platform?

Orchestration – Why?

• Micro Services and integration

– Easy upgrades and fine grained control

• Optimized Utilization

• Fault Tolerance

• Scalability

Optimized Utilization

35

Stack v1.0

App #1

App #2

Stack v1.0

App #1

App #4

Activate new app

container from

saved app data

Passivate app

contents to disk for

later activation

1

App #3 App #3

Hibernate container,

freeing the resources

utilized

2

3

Fault Tolerance

36

Stack v1.0

App #1

App #2

App #3

Stack v1.0

App #1

App #4

App #3

Stack v1.0

App #1

App #2

App #4

Should be resilient to app &

stack failures, as well as VM

or hardware problems

Horizontal Scaling & Replication

37

Stack v1.0

App #1

App #2

Stack v1.0

App #1

App #2

Load balance app requests across

containers

Orchestration tools

• CoreOS/Fleet

• Kubernetes from Google

• Apache Mesos / Marathon

• Consul from Hashicorp

• Geard from Redhat

• Helios

• Centurian

• Fig

• Shipper

• …

Docker libswarm- Standardized APIs for Docker

Orchestration (and more)- Adaptors for actual

implementations- Far from finalized

Orchestration - Bootstrapping

Docker

• Setting up and managing Docker

– Boot2docker for developer machine

– Evolving lightweight OS like CoreOS provides Docker by default. Can be initialized with PXE boot.

– On other infrastructure like public clouds, OpenStack, VMWare or a single VM setup using Vagrant/Virtual Box

• Separate set of instructions.

– “docker hosts” command proposal

• https://github.com/docker/docker/issues/8681

• Plugins/adaptors for different providers

Orchestration - Communication

• Create and manage a multi container service

– Docker acquired Fig, plans to include it in Docker product. But multi-host support still evolving.

• Inter container communication

– Docker provides port mapping for configuring container port to the external port on the machine/VM (-P or –p options)

– Docker also has container linking for local containers (link based on container name and environment properties). Static links as of now.

– Ambassador pattern for solving static nature of links and providing fault tolerance.

– Missing multi host inter container communication with docker container linking.

– Docker Networking Proposals

• https://github.com/docker/docker/issues/8951 - Multi host networking

• https://github.com/docker/docker/issues/8952 - Network Drivers

• https://github.com/docker/docker/issues/7468 - Dynamic links

• https://github.com/docker/docker/issues/7467 - Upgrade network model

• Enable communication among containers running on different machines.

– Link containers using Open vSwitch.

Orchestration - Cluster Management

• Scheduled containers on a bunch of distributed resources

– Constraints (MySQL master and slave not running on the same node)

– Scaling resources

• Distributed configuration management

• Service Discovery

• Distributed init system

• Logging / Monitoring / Alerting

Orchestration -Schedule containers

• Optimized container placement Enterprise have different needs

– Heterogeneous workloads

– Limit h/w resources

• Constraints (e.g. MySQL master / slave containers should not run on same host)

• Docker Clustering Proposal https://github.com/aluzzardi/docker/blob/clustering-proposal/docs/sources/userguide/cluster.md

• Relevant products

– CoreOS Fleet

– Kubernetes

– Mesos (can write custom scheduler)

Orchestration - Distributed

configuration management

Consistent configuration across cluster, distributed locking and consensus.

• Master Election

– RAFT / Paxos

• Relevant products

– etcd

– Consul

– Zookeeper

Orchestration - Service Discovery

• Env variables

– static

• Mounted configuration

– still need to reload files

• DNS

– how will restart with new IP work?

• Ambassador Pattern

– Still using env variables, but more dynamic and a proxy container can be restarted.

• Other products

– etcd (CoreOS and Kubernetes use this)

– Consul

– HAProxy(Marathon)

– confd (watcher for etcd, env variable, consul)

• Service Events

Orchestration - Cluster Service

Manager

• For fault tolerance and scalability

• Like systemd for cluster

• Relevant products

– Fleet for CoreOS

– Marathon for Mesos

– Kubernetes

46

Host VM

Platform Stack

Container

Volume Layer

App Data resides in an attached device/volume

Host VM

Platform Stack

Container

Move & swap containers

1. Portable containers enable seamless Application Stack upgrades separating Application data from Stack & libraries

2. Containers restored quickly in the event of Host VM failures

3. Allows replication of Containers for scalability

Failed VM & Container

Managing and migrating data volumes

Recovery and Backup

• File systems which makes snapshotting easier

– AUFS file based snapshots

– BTRFS other block snapshotting file systems

– OverlayFS

• Still need to create integration for backup infrastructure and recovery semantics

48

Stack v1.0

App #1

App #2

Stack v1.0

App #1

App #2

Keep data transfers for

snapshots minimal and

hence a faster

recovery time

Incremental

snapshots at time

intervals

App #3 App #3

12

OverlayFS/AUFS/BTRFS

provides support for

incremental snapshots

Recovery and Backup

Upgrades

• Support for rolling upgrades for 0-downtime upgrades in redundant distributed deployments

Application Stack Upgrades

50

Create a container with new

version of application stack

Stack v1.0

App #1

App #2

Stack v2.0

App #1

App #2

Application versions & migration

51

Stack v1.0

App #1

App #1 version2

Swap out older version

after successful migration

Use same stack for

guaranteed stability

Logging / Monitoring / Alerting

• cAdvisor for Kubernetes

• libswarm (API for aggregation)

Application Stack creation and

management

• Address complexity of creation of application stack

– Developers need not be aware of docker image creation and management

– Multi-image orchestrated application stacks need to be made reusable.

– Panamax enabling application templates sharing through a central repository.

• Better abstraction is needed for fine tuning existing stacks.

Security

• Implementation needs to ensure end to end security.

• Not giving host root access to containers.

• Docker support

– SELinux

– AppArmor

– Seccomp

• Application Isolation, disable inter container communication.

• Multi-tenancy

Docker Related

Infrastructure

Technologies

Mesos

• Popular open source cluster manager from apache

• Enables building resource-efficient distributed systems

• Efficient dynamic resource isolation and sharing across multiple distributed applications e.g. Hadoop, Spark, Memcache

• Production Tested Application Scaling to 10,000+ nodes

Mesos

http://mesos.apache.org/documentation/latest/mesos-architecture/

Mesos

Data Center or cloudWith Mesos and related technologies• Apache Mesos• Apache ZooKeeper• Mesosphere Marathon• Chronos• HAProxy

Kubernetes

Builds upon Google’s more than decade experience with GAE

• Manages containers across multiple hosts

• Provides mechanisms for deployment, maintenance and scaling application

• Multi-cloud support

• Pluggable architecture

• Self-healing – auto restart, auto-placement, auto-replication

Kubernetes

https://github.com/GoogleCloudPlatform/kubernetes/blob/master/DESIGN.md

CoreOS

• CoreOS Linux

– Minimum Linux OS

– Automatic clustering

– Automatic updates for security

61

• fleet

– cluster-level init system

– etcd + systemd

https://coreos.com/using-coreos/clustering/

Service Discovery with etcd

• etcd provides a service registry for containers

• Service metadata can be looked up from etcd

• etcd cluster allows for service lookup across a cluster of machines

• Services can listen on dependent service lifecycle events, e.g.: Start, stop, update etc.

62

https://coreos.com/using-coreos/

Flocker

• Flocker is a data volume manager

• Flocker can run multiple containers on multiple nodes.

• Connect to any node on a Flocker cluster and traffic is routed to the node hosting the appropriate container (based on port).

• Flocker - Application State

– Flocker manages ZFS filesystem as Docker volumes. It attaches them to your containers.

– Flocker provides tools for copying those volumes between nodes.

– If an application container is moved from one node to another, Flocker automatically moves the volume with it.

Flocker

https://docs.clusterhq.com/en/latest/introduction.html

Technology Landscape - Summary

• Address evolving problems

• Fast moving technology space

• No standardization

PaaS can provide abstraction to handle this change

Docker is not a ready-made solution

For Enterprise IT or DevOps to manage their application infrastructure using Docker, they need to understand a complex set of things:

– Linux images

– Read-Write & Layered file systems

– Disk snapshots and other recovery mechanisms

– Managing firewall and port bridges

– Network configuration for containers

– Setting up monitoring

– Managing software stacks & their configurations

– Automating deployment processes

66

A good Docker PaaS should simplify

above complexities, e.g.

• Console on top of Docker

• Provision and Manage Containers and App Stacks within Containers

Simplified Docker Container Management

• Automatic Container Passivation, Hibernation, and Activation

Effective Scheduling and Resource Utilization

• Container, Application, Deployment, Instance, Usage

Comprehensive Monitoring

• For container management operations

Role-based Access Control

• Efficient backup support & faster recovery

Data and Incremental Snapshots

…

67

Poll

How likely are you to explore Docker and/or Docker-architected PaaS solutions?

• Neither

• Docker yes, but probably don’t need Docker PaaS

• Docker PaaS, yes.

68

Our Findings

• WaveMaker RAAD Studio: millions of downloads

• In Beta, we hosted thousands of custom Java apps across 90+ countries via our Docker PaaS on AWS.

• We found:

– 30x greater VM density

– 50-100x performance (e.g., 2 sec vs. 5 min app start in VM)

• E.g., Enables hibernation

– Literally, 80% cost savings!

69

Summary

• Custom apps are key to enabling agility and innovation in the enterprise.

• Platform should leverage RAD + Microservices + Docker.

• Docker is ideal for optimizing custom app workloads.

• A well-architected Docker management platform is needed to manage complexity and extract value out of Docker.

70

Q&A

Contact us: info@wavemaker.comWaveMaker.com

Docker aPaaS trial: WaveMakerOnline.comThank

You