The only constant is changeThe only constant is change

Container Orchestration

Kubernetes, Swarm, and beyond

The only constant is change

Introduction

• Open source advocate for the past 10 years.

• Actively involved with Cloud and OpenStack since its inception..

• CTO & Founder GigaSpaces

• Cloudify and GigaSpaces tech specialist

• Solution Architect & Evangelist

• CTO Group Architect @ GigaSpaces

The only constant is change

About Cloudify

• Open source orchestration tool• Extremely

unopinionated• TOSCA model based• Can manage containers

directly or indirectly• Plugin oriented design

The only constant is change

Orchestration

• Overloaded term• For our purposes:

– Automation– Perhaps the final frontier

of devops– Usually refers to high

level automation of distributed systems

The only constant is change

Container Orchestration (CME)• Multiple hosts• Placement control• Networking• Placement• Affinity/anti-affinity• High availability• Scaling• Load balancing• Rolling upgrades

The only constant is change

Focus• Kubernetes• Docker Swarm• Related Infrastructure

Automation • Cloudify/TOSCA

Approach• Demo

The only constant is change

Kubernetes Overview• Open sourced by Google• Master/worker• Pod unit of deployment/scale• Replication Controller (autoheal/scale)• Service support with LB external IP• Overlay networks (IP per pod) + DNS• No supported master HA• Container agnostic• Placement, affinity + anti-affinity• YAML deployment model

The only constant is change

Kubernetes Overview

The only constant is change

Swarm (Docker 1.12) Overview

The only constant is change

Swarm (Docker 1.12) Overview• Integrated into Docker engine• Manager/worker• Auto heal, manual scale• Service support with LB fixed IP• Overlay networks & DNS• Highly available manager• Network security (TLS) with CA• Node placement + Affinity/anti-affinity• Deployment modeling via Compose

The only constant is change

Kubernetes/Swarm Contrasts• Swarm Setup Super Simple• Lack of Pod in Swarm a –• Lack of HA in Kubernetes a –• Swarm tie to Docker may be a –• Swarm lack of autoscale may be a –• Swarm built in security a +• Declarative vs imperative?• Swarm playing catchup (service/replicas) but

also some cool features

The only constant is change

Related Services• Google Container Engine (GKE)

– Hosted Kubernetes in Google Compute Engine– Dynamic infrastructure

• AWS Containers– Docker + autoscaled infrastructure

• Azure– Hosted Swarm (heal,scale)

• IBM– Docker + autoscaled/healed infrastructure

• Many others , and…..

The only constant is change

The only constant is change

The only constant is change

Openstack Magnum• Container clusters as a service

– K8S– Swarm– Mesos

• Infrastructure automation– Uses Heat– Bays– Healing– Scaling– LBAAS integration– Security (TLS)

• But naturally limited to Openstack

The only constant is change

Openstack Magnum• Kubernetes first and most mature

– Adds TLS config• Cert generation + CA

– Adds HA to master• Bays provide multi-tenant

isolation• Support VMs and bare metal

(ironic)• Very active project

The only constant is change

Cloudify And TOSCA• Consider Magnum style capabilities

but cloud agnostic– Standards based model (TOSCA)– Hybrid management (containers, non-

containers intermixed).– High availability and autoscaling for

container orchestrators.– Target any cloud, virtualization or bare

metal.

The only constant is change

TOSCA• Oasis Spec• Defines modeling language:

• Describe components and relationships• Veeerrry generic• Components can be hardware, software,

or just abstract.• Each component can have code

associated• Each relationship can have code

associated

The only constant is change

Sample Blueprint

The only constant is change

Cloudify Manager Overview

The only constant is change

Cloudify Manager Event Processing

The only constant is change

Simple Swarm Demo• Swarm Cluster on Openstack• Simple start: 1 manager, 1 worker• Sufficient to show infrastructure

level– Autohealing– Auto-scale up: based on CPU sliding

window (Riemann driven)– Auto-scale down: same window, after

cooldown.

The only constant is change

Hybrid Possibilities• Consider architecture with mixed

container/non-container components– E.g. database on VM, web on K8s

• Unopinionated orchestration to the rescue

• All components modeled in blueprints• Configuration overlayed on native

Kubernetes descriptors (YAML)• Example walkthrough ……

The only constant is change

Thanks for being hereQuestions? Email dewayne@gigaspaces.comBlog: http://getcloudify.org/blog/Github: https://github.com/cloudify-examples/docker-swarm-blueprint, https://github.com/cloudify-examples/kubernetes-cluster-blueprint, https://github.com/cloudify-examples/cloudify-kubernetes-plugin-blueprint