Upload
wavemaker-inc
View
2.313
Download
3
Tags:
Embed Size (px)
Citation preview
Docker & aPaaS: Enterprise Innovation
and Trends for 2015
Samir Adams Ghosh, CEO
Anurag Parashar, Technical Architect
WaveMaker, Inc.
Presenters
2
Technical Architect
Samir Ghosh
CEO
Anurag Parashar
WaveMaker, Inc.• Headquartered in Mountain View, CA• Enterprise Software Platform for Custom App Delivery
• Scarce, Expensive Resources
• Complex Supply Chains
• Social-media Empowered Customers
• Global Competition
• Demanding Consumerized Employees
• Disruptive Business Models
Enterprises Facing Increasing Challenges
• Governance and Compliance
Successful Enterprises
Enable Agility
Democratize Decision Making
Foster Innovation
IBM CIO Study – Successful Companies…
• Build a workplace strategy and roadmap that drives innovation and productivity
• Enable secure anytime, anywhere access instead of restricting usage
Custom Applications are Key Enablers
Making information more broadly available
Capturing and refining competitive and innovative processes
Gather input and interaction from broader constituents
Improved accessibility = faster decision making
Automation for consistency and speed
Improved customer service
Competitive advantage: Get the top-tier right
6
Data. Low change apps.
Incremental Change
High Volume of Change. Experimentation.
Systems of
Differentiation
Systems of
Innovation
Systems ofRecord
”Pace Layering” - Gartner
Why new Applications are
important?
7
Software Is Eating the WorldMark Andreesen, August 2011*
*Read more at http://online.wsj.com/news/articles/SB10001424053111903480904576512250915629460
All New Business Strategy is powered by New Software
But there is a problem…
8
Build Run
Enterprise App Gaps
BusinessPro
DeveloperIT Ops
9
Long-tail app / Shadow IT problem
Self-service vs. Control/LegacyPro dev doesn’t want lock-in to RAD tools
Trends in Enterprise App Delivery
Development
Deployment
Integration
10
Rapid API Application
Development (RAAD)
App Optimized Cloud
(Docker containers)
Microservices
Architecture
Trends in Enterprise App Delivery
Development
Deployment
Integration
11
Rapid API Application
Development (RAAD)
App Optimized Cloud
(Docker containers)
Microservices
Architecture
Rapid Developers
Business Expert Pro Developer
• Non-programmer• Needs app quickly• Cannot wait for IT
• Time constrained• Limited front end experience• Needs to extend
Modern RAAD
Visual Development
• WYSIWYG, Drag & Drop, Live Data
Standards Based Code
• AngularJS, Java/JEE, Spring, Hibernate
Auto Device Responsiveness
Easy Services Consumption
Re-usable Components
Avoid Vendor Lock-in
• Open Source, Support
Extendable and Maintainable
• Eclipse, MavenData Visualization
SaaS & Desktop
• Evaluate using data behind firewall
Social Team Development
• Multi-dev, feeds, follow
Version Control
• Git, BitBucket, Apache SVN
1-Click Deployment
Poll
How should business users create custom apps for their needs?
• They shouldn’t
• Let them choose the tools of their choice
• Provide company approved tool(s)
14
Trends in Enterprise App Delivery
Development
Deployment
Integration
15
Rapid API Application
Development (RAAD)
App Optimized Cloud
(Docker containers)
Microservices
Architecture
APIs are becoming Ubiquitous
16
11,927 APIsSept 2014
API Success
17
Poll
How easy is it to leverage APIs within your organization (or, if you’re a vendor, in the average enterprises you work with)?
• Impossible
• Difficult even for the Pros
• Fine if you’re a Professional Developer
• Possible for even non-Professional Developers
• Super easy
18
Trends in Enterprise App Delivery
Development
Deployment
Integration
19
Rapid API Application
Development (RAAD)
App Optimized Cloud
(Docker containers)
Microservices
Architecture
Challenges
Implementing Docker
for enterprise
application delivery
Problem – A lot of scripts
http://blog.docker.com/2013/08/paas-present-and-future/
Problem – A lot of scripts
• Combination of technologies (Java, Node, Ruby …),
– Layers (DB, Web app, LB …),
– Targets (dev machine, staging, production …)
– Platforms (linux, windows, cloud …)
• What?! Microsoft will also support Docker?
• Consistent delivery is challenging,
– Even with best devops tools: Puppet, Chef, Ansible ...
Ideal solution = run
exactly the same
image everywhere
VM vs Container.
• Containers are “orders of magnitude better” than virtual machines.
• Shared OS
• “Multi-tenancy at OS level”
• Building VMs
take mins to hrs
• Launching VMs
takes minutes vs
sub-seconds for
container.
24
Phil Wainewright, Diginomica 2-Jul-2014
Virtualization Approaches Compared.Hypervisor Vs. Container
25
Hypervisor-based VM Docker on bare metal
More JuiceSame Glass
Multiple-OS-layers
Virtualization Approaches Compared.Application density
26
Hypervisor-based VM Docker on bare metal
Reserve Capacity
App#1
App Stack
App#2
App#1
Shared App Stack
Reserve space could hold other apps
App could grow using available capacity
What is Container?
• Not a new concept
– Solaris Zones
– BSD Jails
– Warden containers for CloudFoundry
– LXC
• Isolated OS process with its own process space, network interface, user space
• Share kernel with host
What is Container?
• Isolation with namespaces for
– pid, mnt, net, uts , ipc, user
• Control with cgroups for
– memory, cpu, blkio, devices
Why Docker?
• Commoditize containers
– Usable tools and APIs
• Copy-on-write and layers for quick provisioning
• Create and share the images
• Standard format for container
• Reproducible images with DockerFile
Use Case
Source Code
Repository
Dockerfile
Docker Engine
DockerRegistry
Build
Do
cker
Host 2 OS (Linux)
Co
ntain
er A
Co
ntain
er B
Co
ntain
er C
Co
ntain
er A
Push
SearchPull
Run
Host 1 OS (Linux)
What does Docker provide?
• Compose application stack with Docker file
• Ability to run more than one Docker container on VM
• Lightweight and provision new containers in seconds
• Portable and can be run on any hardware
• Complete isolation for app and its stack
• Keep the application footprint on the disk minimal
– By separating out read-only O/S & software stack directories from writeable app-specific directories
• Docker Registry public / private (portability)
31
Is Docker a cloud platform?
32
No, Docker only provides necessary tooling to
build your own private cloud
It is up-to the Enterprise or the Platform Vendor
to get the solution right for the IT and Developer
needs, bridging that gap.
What does it take to
use Docker to build
your cloud platform?
Orchestration – Why?
• Micro Services and integration
– Easy upgrades and fine grained control
• Optimized Utilization
• Fault Tolerance
• Scalability
Optimized Utilization
35
Stack v1.0
App #1
App #2
Stack v1.0
App #1
App #4
Activate new app
container from
saved app data
Passivate app
contents to disk for
later activation
1
App #3 App #3
Hibernate container,
freeing the resources
utilized
2
3
Fault Tolerance
36
Stack v1.0
App #1
App #2
App #3
Stack v1.0
App #1
App #4
App #3
Stack v1.0
App #1
App #2
App #4
Should be resilient to app &
stack failures, as well as VM
or hardware problems
Horizontal Scaling & Replication
37
Stack v1.0
App #1
App #2
Stack v1.0
App #1
App #2
Load balance app requests across
containers
Orchestration tools
• CoreOS/Fleet
• Kubernetes from Google
• Apache Mesos / Marathon
• Consul from Hashicorp
• Geard from Redhat
• Helios
• Centurian
• Fig
• Shipper
• …
Docker libswarm- Standardized APIs for Docker
Orchestration (and more)- Adaptors for actual
implementations- Far from finalized
Orchestration - Bootstrapping
Docker
• Setting up and managing Docker
– Boot2docker for developer machine
– Evolving lightweight OS like CoreOS provides Docker by default. Can be initialized with PXE boot.
– On other infrastructure like public clouds, OpenStack, VMWare or a single VM setup using Vagrant/Virtual Box
• Separate set of instructions.
– “docker hosts” command proposal
• https://github.com/docker/docker/issues/8681
• Plugins/adaptors for different providers
Orchestration - Communication
• Create and manage a multi container service
– Docker acquired Fig, plans to include it in Docker product. But multi-host support still evolving.
• Inter container communication
– Docker provides port mapping for configuring container port to the external port on the machine/VM (-P or –p options)
– Docker also has container linking for local containers (link based on container name and environment properties). Static links as of now.
– Ambassador pattern for solving static nature of links and providing fault tolerance.
– Missing multi host inter container communication with docker container linking.
– Docker Networking Proposals
• https://github.com/docker/docker/issues/8951 - Multi host networking
• https://github.com/docker/docker/issues/8952 - Network Drivers
• https://github.com/docker/docker/issues/7468 - Dynamic links
• https://github.com/docker/docker/issues/7467 - Upgrade network model
• Enable communication among containers running on different machines.
– Link containers using Open vSwitch.
Orchestration - Cluster Management
• Scheduled containers on a bunch of distributed resources
– Constraints (MySQL master and slave not running on the same node)
– Scaling resources
• Distributed configuration management
• Service Discovery
• Distributed init system
• Logging / Monitoring / Alerting
Orchestration -Schedule containers
• Optimized container placement Enterprise have different needs
– Heterogeneous workloads
– Limit h/w resources
• Constraints (e.g. MySQL master / slave containers should not run on same host)
• Docker Clustering Proposal https://github.com/aluzzardi/docker/blob/clustering-proposal/docs/sources/userguide/cluster.md
• Relevant products
– CoreOS Fleet
– Kubernetes
– Mesos (can write custom scheduler)
Orchestration - Distributed
configuration management
Consistent configuration across cluster, distributed locking and consensus.
• Master Election
– RAFT / Paxos
• Relevant products
– etcd
– Consul
– Zookeeper
Orchestration - Service Discovery
• Env variables
– static
• Mounted configuration
– still need to reload files
• DNS
– how will restart with new IP work?
• Ambassador Pattern
– Still using env variables, but more dynamic and a proxy container can be restarted.
• Other products
– etcd (CoreOS and Kubernetes use this)
– Consul
– HAProxy(Marathon)
– confd (watcher for etcd, env variable, consul)
• Service Events
Orchestration - Cluster Service
Manager
• For fault tolerance and scalability
• Like systemd for cluster
• Relevant products
– Fleet for CoreOS
– Marathon for Mesos
– Kubernetes
46
Host VM
Platform Stack
Container
Volume Layer
App Data resides in an attached device/volume
Host VM
Platform Stack
Container
Move & swap containers
1. Portable containers enable seamless Application Stack upgrades separating Application data from Stack & libraries
2. Containers restored quickly in the event of Host VM failures
3. Allows replication of Containers for scalability
Failed VM & Container
Managing and migrating data volumes
Recovery and Backup
• File systems which makes snapshotting easier
– AUFS file based snapshots
– BTRFS other block snapshotting file systems
– OverlayFS
• Still need to create integration for backup infrastructure and recovery semantics
48
Stack v1.0
App #1
App #2
Stack v1.0
App #1
App #2
Keep data transfers for
snapshots minimal and
hence a faster
recovery time
Incremental
snapshots at time
intervals
App #3 App #3
12
OverlayFS/AUFS/BTRFS
provides support for
incremental snapshots
Recovery and Backup
Upgrades
• Support for rolling upgrades for 0-downtime upgrades in redundant distributed deployments
Application Stack Upgrades
50
Create a container with new
version of application stack
Stack v1.0
App #1
App #2
Stack v2.0
App #1
App #2
Application versions & migration
51
Stack v1.0
App #1
App #1 version2
Swap out older version
after successful migration
Use same stack for
guaranteed stability
Logging / Monitoring / Alerting
• cAdvisor for Kubernetes
• libswarm (API for aggregation)
Application Stack creation and
management
• Address complexity of creation of application stack
– Developers need not be aware of docker image creation and management
– Multi-image orchestrated application stacks need to be made reusable.
– Panamax enabling application templates sharing through a central repository.
• Better abstraction is needed for fine tuning existing stacks.
Security
• Implementation needs to ensure end to end security.
• Not giving host root access to containers.
• Docker support
– SELinux
– AppArmor
– Seccomp
• Application Isolation, disable inter container communication.
• Multi-tenancy
Docker Related
Infrastructure
Technologies
Mesos
• Popular open source cluster manager from apache
• Enables building resource-efficient distributed systems
• Efficient dynamic resource isolation and sharing across multiple distributed applications e.g. Hadoop, Spark, Memcache
• Production Tested Application Scaling to 10,000+ nodes
Mesos
http://mesos.apache.org/documentation/latest/mesos-architecture/
Mesos
Data Center or cloudWith Mesos and related technologies• Apache Mesos• Apache ZooKeeper• Mesosphere Marathon• Chronos• HAProxy
Kubernetes
Builds upon Google’s more than decade experience with GAE
• Manages containers across multiple hosts
• Provides mechanisms for deployment, maintenance and scaling application
• Multi-cloud support
• Pluggable architecture
• Self-healing – auto restart, auto-placement, auto-replication
Kubernetes
https://github.com/GoogleCloudPlatform/kubernetes/blob/master/DESIGN.md
CoreOS
• CoreOS Linux
– Minimum Linux OS
– Automatic clustering
– Automatic updates for security
61
• fleet
– cluster-level init system
– etcd + systemd
https://coreos.com/using-coreos/clustering/
Service Discovery with etcd
• etcd provides a service registry for containers
• Service metadata can be looked up from etcd
• etcd cluster allows for service lookup across a cluster of machines
• Services can listen on dependent service lifecycle events, e.g.: Start, stop, update etc.
62
https://coreos.com/using-coreos/
Flocker
• Flocker is a data volume manager
• Flocker can run multiple containers on multiple nodes.
• Connect to any node on a Flocker cluster and traffic is routed to the node hosting the appropriate container (based on port).
• Flocker - Application State
– Flocker manages ZFS filesystem as Docker volumes. It attaches them to your containers.
– Flocker provides tools for copying those volumes between nodes.
– If an application container is moved from one node to another, Flocker automatically moves the volume with it.
Flocker
https://docs.clusterhq.com/en/latest/introduction.html
Technology Landscape - Summary
• Address evolving problems
• Fast moving technology space
• No standardization
PaaS can provide abstraction to handle this change
Docker is not a ready-made solution
For Enterprise IT or DevOps to manage their application infrastructure using Docker, they need to understand a complex set of things:
– Linux images
– Read-Write & Layered file systems
– Disk snapshots and other recovery mechanisms
– Managing firewall and port bridges
– Network configuration for containers
– Setting up monitoring
– Managing software stacks & their configurations
– Automating deployment processes
66
A good Docker PaaS should simplify
above complexities, e.g.
• Console on top of Docker
• Provision and Manage Containers and App Stacks within Containers
Simplified Docker Container Management
• Automatic Container Passivation, Hibernation, and Activation
Effective Scheduling and Resource Utilization
• Container, Application, Deployment, Instance, Usage
Comprehensive Monitoring
• For container management operations
Role-based Access Control
• Efficient backup support & faster recovery
Data and Incremental Snapshots
…
67
Poll
How likely are you to explore Docker and/or Docker-architected PaaS solutions?
• Neither
• Docker yes, but probably don’t need Docker PaaS
• Docker PaaS, yes.
68
Our Findings
• WaveMaker RAAD Studio: millions of downloads
• In Beta, we hosted thousands of custom Java apps across 90+ countries via our Docker PaaS on AWS.
• We found:
– 30x greater VM density
– 50-100x performance (e.g., 2 sec vs. 5 min app start in VM)
• E.g., Enables hibernation
– Literally, 80% cost savings!
69
Summary
• Custom apps are key to enabling agility and innovation in the enterprise.
• Platform should leverage RAD + Microservices + Docker.
• Docker is ideal for optimizing custom app workloads.
• A well-architected Docker management platform is needed to manage complexity and extract value out of Docker.
70