Upgrade to Pro — share decks privately, control downloads, hide ads and more …

From Engines to Orchestrators

Lee Calcote
September 30, 2016

From Engines to Orchestrators

A brisk introduction to container runtimes (engines) and an understanding of when container orchestrators enter and what role they play. We’ll look at what makes them alike, yet unique. Presented at ContainerizeThis 2016.

Lee Calcote

September 30, 2016
Tweet

More Decks by Lee Calcote

Other Decks in Technology

Transcript

  1. System Containers Like a VM Full OS image Multiple processes

    Application Containers Single process Use namespaces to deal with resource isolation for a single process. Use cgroups to manage resources for a group of processes. Similarities:
  2. @lcalcote rkt docker runC kurma --- containerd systemd-nspawn OpenVZ Solaris

    Zones BSD jails Linux-VServer AIX WPARs LXC ---- LXD CGManager machinectl ---- qemu-kvm, lkvm System Container Engines Application Container Engines
  3. @lcalcote Implemented by - is the canonical implementation leverages runC

    is an implementation of for FreeBSD using jails and ZFS rkt Kurma Jetpack Implemented by - is the reference implementation is a hypervisor-based runtime launches an Intel VT-x secured Clear Containers 2.0 hypervisor runC runV cc-oci-runtime
  4. @lcalcote a specification for the lifecycle of a running container

    tooling for the runtime a software shipping container image format spec with security and naming as components tooling for the image runtime-spec runtime-tools image-spec image-tools https://opencontainers.org
  5. Popular Engine process models rkt executes as CLI; no daemon

    Can run Docker Images and also App Container Images (ACIs) Security has been a focal concern uses HTTPS to locate and download remote ACIs and their attached signatures Docker Engine runs a daemon rkt systemd $ rkt run postgres application systemd $ docker run postgres application Docker Engine containerd runC
  6. Core Capabilities Cluster Management Host Discovery Host Health Monitoring Scheduling

    Orchestrator Updates and Host Maintenance Service Discovery Networking and Load-Balancing Additional Key Capabilities Application Health Monitoring Application Deployments Application Performance Monitoring
  7. One size does not fit all. @lcalcote A strict apples-to-apples

    comparison is inappropriate and not the objective, hence characterizing and contrasting.
  8. Genesis & Purpose an opinionated framework for building distributed systems

    or as its tagline states "an open source system for automating deployment, scaling, and operations of applications." Written in Golang, Kubernetes is lightweight, modular and extensible considered a third generation container orchestrator led by Google, Red Hat and others. bakes in load-balancing, scale, volumes, deployments, secret management and cross- cluster federated services among other features. Declaratively, opinionated with many key features included @lcalcote
  9. Genesis & Purpose Swarm is simple and easy to setup.

    Swarm is responsible for the clustering and scheduling aspects of orchestration. Originally an imperative system, now declarative Swarm’s architecture is not complex as those of Kubernetes and Mesos Written in Golang, Swarm is lightweight, modular and extensible @lcalcote