modernizing applications with containers on or distribution · native docker container hosts in...

Karthik NarayanProduct Line Manager

@_KarthikNarayan

SER3152BU

#VMworld #SER3152BU

Modernizing Applications With Containers On vSphere

VMworld 2017 Content: Not fo

r publication or distri

bution

• This presentation may contain product features that are currently under development.

• This overview of new technology represents no commitment from VMware to deliver these features in any generally available product.

• Features are subject to change, and must not be included in contracts, purchase orders, or sales agreements of any kind.

• Technical feasibility and market demand will affect final delivery.

• Pricing and packaging for any new technologies or features discussed or presented have not been determined.

Disclaimer

2#SER3152BU CONFIDENTIAL



bution

Agenda

1 Refresher on containers

2 The current way of deploying containers

3 vSphere Integrated Containers terminology

4Native Docker container hosts in vSphere

Integrated Containers

5 Demo 1

6 Isolated containers using the Virtual Container Hosts

7 Demo 2

8 What’s new in vSphere Integrated Containers

#SER1875BU CONFIDENTIAL 3



bution

Refresher On Containers



bution

5

What is a Container?

A container includes an application

and all its runtime dependencies.

#SER3152BU CONFIDENTIAL



bution

Why Do We Need Containers?




bution

Container is an Isolated Instance of User Space




bution


What Is An Image?



bution

9

Images Are Layers




bution

Where Are Images Stored?

10

Docker Hub VMware Enterprise Registry

Public Registry Private Registry




bution

VMs vs. Containers


Hardware

VM

OS

App

Hypervisor

VM

OS

App

VM

OS

App

VM

OS

App

Hardware

|||||||

App

OS

|||||||

App

|||||||

App

|||||||

App



bution

Containers Are Not New


2000 2004 2008 2013 2014



bution

Docker Made It Simple

~# docker build my_app

~# docker push my_app

~#




bution

The Current Way Of Deploying Containers



bution

Physical

Hardware

Linux

Container Engine

CCC

Container Deployment On Bare Metal

Linux

Container Engine

CCC




bution

Linux

Container Engine

CCC

VM

vSphere

Container Deployment In VMs

• Involves ticketing

• IT creates the VM, Developers install the rest

• Results in snowflake deployments

• IT is on the hook to manage these

• Semi-permanent allocation of resources –Cannot be reclaimed easily




bution

vSphere Integrated Containers Terminology



bution

vSphere Integrated Containers Terminology

• Virtual Container Hosts

– Virtual equivalent of Container Hosts. They are vSphere resource pools that host your Container VMs

• Container VMs

– Virtual Machines deployed from a container image

• Endpoint VM

– The VM that your developers connect to, and issue commands against




bution

Native Docker Container Hosts In vSphere Integrated Containers



bution

Native Docker Container Hosts In vSphere Integrated Containers

• Ticketless dev environment with IT governance and control

• Run a full fledged Docker engine as a Container VM

• Docker container hosts are packaged as containers and instantiated like a container

• To start a Docker Container host you run:

$ docker run -p 12375:2375 -d vmware/dch-photon:1.13

And then connect to the newly deployed docker engine with:

$ docker -H <VCH Host>:12375 info




bution

DemoVMworld 2017 Content: N

ot for publicatio

n or distribution

Isolated Containers Using The Virtual Container Hosts



bution

Linux

Container Engine

CCC

VM

vSphere

But Wait… There Is More

23

• Security concerns from a shared kernel

• Lack of multi-tenancy

• Inefficient resource utilization

• Non-elastic infrastructure

• Restricted visibility for IT admins

• Lacks of tools, best practices and experience

• DIY / Build your own stack not suited for some customers




bution

Linux

Container Engine

CCC

VM

Linux

Kernel

Linux

Kernel

Linux

Kernel

vSphere

Virtual Container Host

Introducing The vSphere Integrated Containers Engine

24

Container Host




bution

DemoVMworld 2017 Content: N

ot for publicatio

n or distribution

NSX ESXi vSAN

Virtual Container Hosts Docker Container Hosts

Provisioning / Scheduling

Physical Infrastructure

Two Ways Of Running Containers On vSphere

26

C

Docker Engine

Linux Kernel

C C

Se

cu

rity

/ M

icro

-se

gm

en

tatio

nS

ecu

rity

VIC

Se

rvic

e E

ngin

e

Ma

na

ge

ment /

Regis

try

Linux

Kernel

C

Linux

Kernel

C

Linux

Kernel

C




bution

What’s New In vSphere Integrated Containers



bution

vSphere Integrated Containers

28

Focus Areas For The Upcoming Release

Security

• Content Trust

• Vulnerability Scan

SSO

• RBAC

• Projects

Native Docker container hosts

• On-demand via VCH

VCH enhancements

• Reconfigure

• Support for additional Docker commands

UX Improvements

• Updated vSphere UI in HTML5

• Integrated Portal and Registry UI

• Install / upgrade enhancements




bution



bution

modernizing applications with containers on or distribution · native docker container hosts in...

Documents