Structured Container Delivery

Oscar RenaliasAccenture Container Platforms Lead

Infrastructure

DevOps

Architecture

Virtualization/ Cloud savings

Hardware savings

Flexible platforms

Predictability

Flexible application environments

Efficiency

Alignment with modern architectures

Developer Productivity

• Reduce/eliminate virtualization licenses for workloads to be containerized

• Reduce number of hardware blades/servers/cloud instances

• Faster container startup times means instances can be turned off when not used, or dynamically scaled according to demand

• Minimize environment and configuration defects in new environment setup by packaging all components and dependencies in containers

• Provision an arbitrary number of application environments easily, when needed, and destroy them when done

• Minimize human effort / involvement with deploying code to new environments

• Containers are a great runtime platforms for modern scalable and high performance application architectures, e.g. microservices

• Greatly reduce the amount of time needed for a developer to create a working application environment locally

$$$

$$$

$

$$

$$$

⭐⭐⭐

⭐

⭐⭐

Benefit

Container Business Case

So you want to run containers?

Container Platform

Dev Tools

Official Repositories

Operating Systems

Big Data

Service Discovery

Build / Continuous Integration

Configuration Management

Management

Storage

Clustering & Scheduling

Networking

Infrastructure & Service Providers

Security

Monitoring & Logging

Where do we start?

Container Platform Architecture

Container Platform Architecture

Principles Patterns Capabilities

Reference Implementations

Understanding how to design for, and with containers

Business Continuity

Operations Agility Prepare for Failure Fit for Purpose

Adaptability and Flexibility

Infrastructure Independence

Information Security

Leverage service discovery for

inter/external service lookup

Use standard protocols to interact with

interfaces

Use standardized and best-practice components

Reuse services offered by platform and extend

components if necessary

Data Integrity Communications

Prefer container image digital-signing

Use isolated networking between containers,

regardless of their location

Prefer lightweight infrastructure components

Use container clustering and/or other HA

practices

Use external persistence data sources for container data

Leverage DevOps practices for container

image build and deployment

L1

Principles

L2

Decisions

Leverage dynamic routing capabilities

Monitor container infrastructure components

Limit container access

Use private or secure hosted image registry

Container as the build artifact

Immutable infrastructure, deploy by replacing old containers

with new ones

Make sure that logs aren't retained only in

containers

Version container images in repository

Encourage reuse of container definitions

Data and process must be encapsulated

Multi-tenancy – keep teams isolated

How do we do <…> with containers?

Clustering Security Service Discovery Persistence

What features do we need?

Clustering

Load balancing

Fail-over

Authentication

Authorization

Encryption

Digital Signature

Service Lookup & Indirection

Publishing & Subscribing

APIs

Image Persistence

Versioning

Data persistence

Infrastructure

Runtime

Platform

Administration

Public/ Private Cloud VM Bare Metal

Host OS Container OS

Container Engine

Container Tooling

Browser Application Integrations Containers

Data

Registry

Storage

Orchestration Resource Management

Service Discovery

Data AccessNetworkingMetrics

DevOps

Image Build/ Deployment

Monitoring

Logging

What components do we need?

Getting opinionated: Component Reference Architecture for Docker Datacenter on AWS

Infrastructure

Runtime

Services

Administration

Orchestration Resource Management Service Discovery

Data Access

Browser Containers

Data

Metrics

DevOps

CloudWatch

Networking

Overlay Network Flocker

Docker Compose Universal Control Plane Overlay DNS (intra-cluster)

EC2

Storage

RegistryDocker Trusted

Registry

Docker Volumes

Storage

EBS

Service Discovery

Interlock

Container OS

Docker Docker

Amazon Linux

Engine

Host OS

Container Tooling

Monitoring

CloudWatch

Logging

CloudWatch Logs

Image build/ Deployment

Jenkins CI

How about the old stuff?

Container Platform

Old stuff New stuff

Efficiently migrating existingapplications to containers

Central Internal Team Project-based migration Migration factory

Centralized team working in concert with project teams to coordinate and migrate projects to the new platform

Leverage existing project team group to orchestrate and execute migration effort

+ Fast, efficient deployment+ Shared team provides

economies of scale and knowledge sharing

+ Optimized resource model+ Focused on migration

delivery and managed to avoid cost overruns

- Increased number of resources

- Limited cross-team knowledge sharing

- Lengthier migration- Inconsistent migrations

- Team has other priorities - Limited or non-existent

container skills- Limited migration skills

Migration conducted by an internal team, staffed by current IT resources

Centralizing the migration effort

Migration Factory

Docker

Migration Team

Migration Framework

Container Patterns

Container Best

Practices

Base Images

Container Reference Architecture

Legacy Application

Expertise + Framework + Feedback loop

Establish Overall Migration Plan

Perform Detailed Migration Planning

Upgrade/MigrateApplications

Certify/DeployApplications

Migration & RolloutDiscovery & Assessment

High-Level Assessment & Planning

Detailed Application

Assessment Testing & Certification

App. ArchitectureRecommendations

Container Infrastructure Planning

Rollout & Decom-mission

Containerize Application

@oscarrenaliasgithub.com/accentureoscar.renalias@accenture.comwww.linkedin.com/oscarrenaliaswww.slideshare.net/oscarrenalias

Thank you!