More Related Content Similar to Containers and Kubernetes without limits (20) Containers and Kubernetes without limits1. CONTAINERS AND KUBERNETES WITHOUT LIMITS
How to make stateless containers
reliable and available for stateful applications!
Copenhagen, September 18th, 2018
2. 2 © 2018 MapR Technologies, Inc. // MapR Confidential
Today‘s Goal
Learn how to build a reliable, scalable, and secure containerized
platform,
and to handle persistent data in large containerized environments
across multiple data centers or geographic locations.
(DATA)
3. 4 © 2018 MapR Technologies, Inc. // MapR Confidential
Agenda
Introduction to Containers and Kubernetes
• Architectural concepts
• Use cases for containers
• Container challenges
How to build a Reliable, Scalable, and Secure Containerized Platform
• Kubernetes
• Challenges for stateful applications
• #Kubernetes4Data
DEMO SUMMARY Q&A SWAG J FOR YOU
5. 6 © 2018 MapR Technologies, Inc. // MapR Confidential
Virtual Machines are Computers
in a Box
Containers are Applications
in a Box
6. 7 © 2018 MapR Technologies, Inc. // MapR Confidential
hardware
os
hypervisor
vm
os
libs
app
vm
os
libs
app
hardware
os
container
libs
app
container
libs
app
container
libs
app
VM vs Container
7. 8 © 2018 MapR Technologies, Inc. // MapR Confidential
Pets vs Cattle
- long lived
- name them
- care for them
- ephemeral
- brand them with #’s
- well.. vets are expensive
8. 9 © 2018 MapR Technologies, Inc. // MapR Confidential
Container characteristics
Light-weight,
easy and quick to
deploy
Portable Break complex monolithic
applications into smaller,
modules
9. 10 © 2018 MapR Technologies, Inc. // MapR Confidential
Typical use cases for containers
ENTERPRISE
APPLICATION
MODERNIZATION
All Applications
that can be run in
containers
MACHINE
LEARNING
Deploy
portable, smart
applications
MICROSERVICES
Create distributed
applications by using
containers to creating
independent tasks
CI/CD
Continuous
Integration/
Development
10. 11 © 2018 MapR Technologies, Inc. // MapR Confidential
Source:
Marko Luksa (2017). Kubernetes in Action.
Shelter Island, NY: Manning Publications Co.
• Docker combined several Linux technologies into a single
set of tools
• Docker uses Linux ‘cgroups’ (process isolation), overlay file
systems (OverlayFS/aufs), virtual networks & bridges, and
virtual directory mount points to create “containers”
• These tools separately have been in the Linux community
for many years: Docker put them all together in a single,
simple set of commands
Containers & Docker
11. 12 © 2018 MapR Technologies, Inc. // MapR Confidential
cgroups
● cpu
● memory
● network
● etc.
namespaces
● pids
● mnts
● etc.
Chroot (filesystem)
Isolation
12. 13 © 2018 MapR Technologies, Inc. // MapR Confidential
File File Read-only Layer
Container Images
13. 14 © 2018 MapR Technologies, Inc. // MapR Confidential
File File
File
Read-only Layer
Read-only Layer
Container Images
14. 15 © 2018 MapR Technologies, Inc. // MapR Confidential
File File
File
Read-only Layer
Read-only Layer
Writable Layer
Container Images
15. 16 © 2018 MapR Technologies, Inc. // MapR Confidential
File File File Container Image
chroot
cgroups
● cpu
● memory
● network
● etc.
namespaces
● pids
● mnts
● etc.
Container = Image + Isolation
16. 17 © 2018 MapR Technologies, Inc. // MapR Confidential
Why are containers called stateless?
CONTAINER A
APP
BIN/LIBs
APP
BIN/LIBs
CONTAINER B
SHARED RESOURCES
• Build containers with what is
minimally needed for the
application
• Infrastructure resources are
shared and assigned for each
container
• Container does not hold data
17. 18 © 2018 MapR Technologies, Inc. // MapR Confidential
What is the impact of containers being stateless?
APP
• Application server run as a service in
container
• Updating containers is not applicable.
Update the docker image, stop and restart
containers
• Backing up a container is not needed
18. 19 © 2018 MapR Technologies, Inc. // MapR Confidential
Container growth – Trend towards production
Source: CNCF Survey, 2018.
https://www.cncf.io/blog/2018/08/29/cncf-survey-use-of-cloud-native-technologies-in-production-has-grown-over-200-percent/
• 73% of respondents are currently
using containers in production
today, with the remaining 27%
planning to use them in the
future.
• 89% of respondents are currently
using containers for proof of
concepts, as well as testing (85%)
and development (86%).
19. 20 © 2018 MapR Technologies, Inc. // MapR Confidential
Containers – What we know so far!
• Are lightweight
• Are stateless
• Are portable
• Targeted for developing applications
• Surely moving towards production
• Docker made it popular
… and added a whole lot of jargon for us to learn! J
20. 21 © 2018 MapR Technologies, Inc. // MapR Confidential
But…
Containers have a problem
21. 22 © 2018 MapR Technologies, Inc. // MapR Confidential
Challenges in using / deploying containers
Source: CNCF Survey, 2018.
https://www.cncf.io/blog/2018/08/29/cncf-survey-use-of-cloud-native-technologies-in-production-has-grown-over-200-percent/
• Cultural Changes with
Development Team
• Complexity
• Lack of Training
• Security
• Monitoring
• Storage
• Networking
22. 23 © 2018 MapR Technologies, Inc. // MapR Confidential
Some of the things Docker can’t do
• Monitor running containers
• Handle dead containers
• Move containers so utilization improves
• Auto-scale container instances to handle load
• Solve port mapping hell
• …
23. 24 © 2018 MapR Technologies, Inc. // MapR Confidential
You can never get away from pets
unless:
• You have an environment to
support cattle
• You handle the problem of
container state
25. 26 © 2018 MapR Technologies, Inc. // MapR Confidential
Now home
at the CNCF!
Large-scale cluster management at Google with Borg, 2015.
https://ai.google/research/pubs/pub43438
Kubernetes started life as
a successor to Google’s
Borg project...
https://www.cncf.io/ https://kubernetes.io/
26. 27 © 2018 MapR Technologies, Inc. // MapR Confidential
Kubernetes is an API and agents
The Kubernetes API provides containers with a
scheduling, configuration, network, and
storage
The Kubernetes runtime manages the containers
27. 28 © 2018 MapR Technologies, Inc. // MapR Confidential
Kubernetes – Why is it so popular?
• There are many management software
solutions to create, manage & delete
containers with newer vendors
emerging everyday
• Kubernetes remains the leader with
83% (up from 77%)
• The ecosystem and developer
community augmented by Google’s
support gave Kubernetes the edge over
others
Source: CNCF Survey, 2018.
https://www.cncf.io/blog/2018/08/29/cncf-survey-use-of-cloud-native-technologies-in-production-has-grown-over-200-percent/
28. 29 © 2018 MapR Technologies, Inc. // MapR Confidential
Key K8s features that help you orchestrate containers at scale
• Creating, managing multiple containers in a single entity, a POD.
• Container Scheduling on same host or on particular hosts, and sharing IP address
allows the containers to communicate with each other
• Auto scaling, replication and recovery of containers
• cAdvisor resource usage monitoring module
• Network pluggable architecture
• Load balancer
• Health check mechanisms
29. 30 © 2018 MapR Technologies, Inc. // MapR Confidential
*Pods are not containers!
IP address: 1.2.3.4
container #1
container #2
pod
• Pods are the atomic unit of
scheduling/mgmt in k8s
• Pods can have multiple containers
• Containers in pod have same IP
• Containers in pod share IPC address
space
• Many advanced management
features directed at pods
30. 31 © 2018 MapR Technologies, Inc. // MapR Confidential
api server
scheduler
controller manager
etcd
node 1 node 2 node 3 node 4 node 5
kubelet
kube-proxy
docker
Control Plane Workers
31. 32 © 2018 MapR Technologies, Inc. // MapR Confidential
kubectl
yaml
pod pod
pod
pod
etcd
pods plans
The API server turns YAML
into pods and plans.
api server
32. 33 © 2018 MapR Technologies, Inc. // MapR Confidential
Kubernetes – an open, pluggable framework
33. 34 © 2018 MapR Technologies, Inc. // MapR Confidential
Kubernetes – an open, pluggable framework
Source: CNCF landscape, see https://github.com/cncf/landscape and http://l.cncf.io
34. 35 © 2018 MapR Technologies, Inc. // MapR Confidential
• From eval to prod: How a Service Mesh Helped Us Build Production Cloud-Native Services - Israel
Sotomayor, Moltin
o Session recording: https://youtu.be/VoYAtCVz3Ig
• What Does “Production Ready” Really Mean for a Kubernetes Cluster? - Lucas Käldström, Individual
o Session recording: https://youtu.be/EjSiZgGdRqk
• Keynote: Running with Scissors - Liz Rice, Technology Evangelist, Aqua Security
• Session recording: https://youtu.be/ltrV-Qmh3oY
KubeCon: Learn from the community how to use the services
35. 36 © 2018 MapR Technologies, Inc. // MapR Confidential
We still have a problem
36. 37 © 2018 MapR Technologies, Inc. // MapR Confidential
State!
37. 38 © 2018 MapR Technologies, Inc. // MapR Confidential
Problem with Containers and State
What about stateful applications?
Real applications are stateful - they need to persist data somewhere!
Pod and ReplicaSet abstract compute and memory.
1. Containers are ephemeral: no way to persist state
• Container termination / crashes result in loss of data
• Can’t run stateful applications
2. Containers can’t share data between each other
38. 39 © 2018 MapR Technologies, Inc. // MapR Confidential
Give Containers Persistent Volumes
Source: CNCF Webinar - Introduction to Cloud Native Storage,
https://www.youtube.com/watch?v=S9PnpnrHdIs
ü Data survives (persists) beyond container,
pod, host
ü Workload can choose its best storage
39. 40 © 2018 MapR Technologies, Inc. // MapR Confidential
Persistence & Portability
Source: CNCF Webinar - Introduction to Cloud Native Storage,
https://www.youtube.com/watch?v=S9PnpnrHdIs
40. 41 © 2018 MapR Technologies, Inc. // MapR Confidential
Pod to Persistence Volume
Source: CNCF Webinar - Introduction to Cloud Native Storage,
https://www.youtube.com/watch?v=S9PnpnrHdIs
3
42. 43 © 2018 MapR Technologies, Inc. // MapR Confidential
Cloud native storage takes many forms
Source: CNCF Webinar - Introduction to Cloud Native Storage,
https://www.youtube.com/watch?v=S9PnpnrHdIs
43. 44 © 2018 MapR Technologies, Inc. // MapR Confidential
Cloud native storage takes many forms
Source: CNCF Webinar - Introduction to Cloud Native Storage,
https://www.youtube.com/watch?v=S9PnpnrHdIs
MAPR DATA PLATFORM
FILES / OBJECTS / TABLES / STREAMS APIs: NFS, POSIX, REST, S3, HDFS, HBASE, JSON, KAFKA
DATA CENTER CLOUD MULTI-CLOUD EDGE KUBERNETES
COMMODITY
SERVER
VIRTUAL
MACHINE
IoT & Edge
AI / ML
ADV. ANALYTICS
ENTERPRISE
APPLICATIONS
Pod Pod Pod Pod
44. 45 © 2018 MapR Technologies, Inc. // MapR Confidential
Scale. It distributes data across the cluster and offers a global namespace for a unified view of data
regardless of its physical location
High Availability. Offers configurable levels of replication to ensure data durability. In event of a failure,
all nodes participate to self-heal and reconstruct data automatically
Data Protection. End-to-end security, per volume Access control expressions, space efficient
snapshots, volume mirroring, offers several choices to build a data protection strategy
Intelligent Data Placement. Offers three different storage tiers with automated storage policies to
place data based on their SLAs
Edge, on-premises, Cloud: Can be deployed in on-premises datacenters, edge and on the cloud
Modern Data Platform
45. 46 © 2018 MapR Technologies, Inc. // MapR Confidential
MapR Data Container Architecture
Built For Speed, Scale, Reliability
Data & metadata fully distributed
A
A
A
B
B
B
C
C
C
D
D
D
E
E
E
32 GB
256 MB
8 KB
Hierarchical organization of data
No single point of failure
Fast parallel access
Exabyte scale
Full read-write
46. 47 © 2018 MapR Technologies, Inc. // MapR Confidential
MapR Volumes
Volumes are logical units of management, holding files, directories, tables, messages.
WHAT CAN YOU DO WITH VOLUMES?
• Schedule snapshots
• Schedule mirrors
• Control data placement
• Access permissions
• Enforce volume quotas
• Manage performance
• Specify replication factor
Volumes:
Shared MapR Cluster
r : user:sally |
(group:research & group:managers)
MAPR ACCESS CONTROL EXPRESSIONS
/mktg /finance /projectx
47. 48 © 2018 MapR Technologies, Inc. // MapR Confidential
MapR Volumes
Volumes are used for easy control of access, multi-tenancy, data locality & DR
48. 49 © 2018 MapR Technologies, Inc. // MapR Confidential
ü Global data view in a single
namespace
ü Distributed data processing
ü Unified Security
ü Global Replication For Data
Distribution & DR
ü Bandwidth-aware to manage
global data flows
ü Simplify cross cloud application
development & deployment
Global Namespace – common path to connect to any data
Globally Protected
Globally Accessible
Globally Managed
Globally Replicated
Across Locations Across Clouds
/mapr
/us.mapr.com
/eu_cloud.mapr.com
/asia.mapr.com
/us_cloud.mapr.com
49. 50 © 2018 MapR Technologies, Inc. // MapR Confidential
Automatically Synchronized Globally Distributed Data
Topic
Topic
Topic
On-Premises
S3
EDGE
DATA
PLATFORM
DATA
PLATFORM
DATA
PLATFORM
DATA
PLATFORM
Multi-Cloud Data Movement & Application Portability
Enabling Application and Data Portability
50. 51 © 2018 MapR Technologies, Inc. // MapR Confidential
“Kubernetes is our platform for apps.
We view MapR as our Kubernetes for data.”
“The combination of the two allows us to support future & current workloads on any
infrastructure. With SLA enforcement and the ability to move apps & data seamlessly
across clouds.”
CUSTOMERS
#Kubernetes4Data
51. 52 © 2018 MapR Technologies, Inc. // MapR Confidential
MapR Persistent Application Client Container (PACC)
• Pre-built, certified container image
for connecting to MapR services
• Secure authentication at
container level, secure connection
• Extensible support for application
layers
• Available in Docker Hub, Dockerfile
for customizability
MapR POSIX Client
for Containers
MapR Converged
Client for
Containers
Space for Customer Application
MapR PACC
MAPR DATA PLATFORM
EVENT DATA
STREAMS
ANALYTICS & ML
ENGINES
OPERATIONAL
DATABASE
CLOUD-SCALE
FILE AND OBJECT
STORE
52. 53 © 2018 MapR Technologies, Inc. // MapR Confidential
Containerized Microservices have real-time access to
files/tables/streams
Microservices
Databases/files
Microservices
Databases/files
Microservices
Databases/files
Microservices Microservices Microservices
Microservices Microservices Microservices
MAPR DATA PLATFORM
Stream Stream
54. 55 © 2018 MapR Technologies, Inc. // MapR Confidential
MapR Data Fabric for Kubernetes
node
Pod
Pod
node
Pod
Pod
node
Pod
Pod
MAPR MAPR MAPR
MAPR DATA PLATFORM
• Integration with Kubernetes APIs,
packaged and run as a POSIX client on
each Kubernetes host
• MapR Volumes are mounted for
containers
• Persist data for containerized
applications
• Scale data and performance as
containers grow
• Highly available by leveraging replicas,
snapshots, mirroring of data
• Benefit from MapR tickets, for end-to-
end security
• Multi-tenant deployment and access
55. 56 © 2018 MapR Technologies, Inc. // MapR Confidential
There are two ways to provision a volume:
1. Kubernetes Volume with Static Provisioner
This is used to mount an existing MapR Volume to Containers
managed by Kubernetes.
2. Kubernetes Persistent Volumes with Dynamic Provisioner
This is used to create and mount a new MapR Volume to Containers
managed by Kubernetes.
Kubernetes Integration via Volume Driver Plugin
56. 57 © 2018 MapR Technologies, Inc. // MapR Confidential
pod
kubelet
docker
plugin
mapr
fuse
Example 1: You have a Postgres container that needs persistent
storage. Plugin mounts MapR path via fuse
Static Provisioning
• Kdf volume plugin
• Admin provisions
• Fast, uses Posix drivers
• Secured with MapR tickets
• MapR cluster can be external
to K8s
57. 58 © 2018 MapR Technologies, Inc. // MapR Confidential
KUBERNETES (CLIENT HOST)
YOUR CONTAINER
MAPR VOLUME PLUGIN - POSIX CLIENT
K8S PERSISTANT VOLUME
MAPR DATA PLATFORM
1. Request Volume
2. Mount POSIX Volume
Mounting An Existing MapR Volume (Static Provisioner)
58. 59 © 2018 MapR Technologies, Inc. // MapR Confidential
pod
kubelet
docker
plugin mapr
fuse
provisioner rest
Example 2: You are testing a new container. You want the
storage in MapR automatically allocated for the container.
Dynamic provisioning
• Kdf provisioner
• Uses MapR REST API’s to
allocate/delete MapR
volumes
• Mounting is the same as
static provisioning
59. 60 © 2018 MapR Technologies, Inc. // MapR Confidential
KUBERNETES (CLIENT HOST)
YOUR CONTAINER
MAPR VOLUME PLUGIN - POSIX CLIENT
K8S PERSISTANT VOLUME
MAPR DATA PLATFORM
1. Request Volume
5. Mount POSIX Volume
PERSISTENT VOLUME CLAIM
STORAGE CLASS
DYNAMIC PROVISIONER
2. Request Volume
3. Request Volume
Creating A New MapR Volume (Dynamic Provisioner)
Volume Claim binds the
volume created to the
container(s)
Storage Classes used by
Administrators express
the type, size and other
characteristics that the
volume should contain
61. 62 © 2018 MapR Technologies, Inc. // MapR Confidential
Demo: Run database server container in high availability
Run PostgreSQL in Container
Dynamically create and store
the Postgres data on MapR as
the persistent data store.
62. 63 © 2018 MapR Technologies, Inc. // MapR Confidential
Demo: Run database server container in high availability
Dynamically create MapR Volume
Use the Volume Driver Plugin to
dynamically create a MapR Volume
as the PostgreSQL data store.
1
1
Launch PostgreSQL container
The PostgreSQL uses the Volume
Driver plugin to locate the volume.
2
2
Simulate PostgreSQL failover
The PostgreSQL container can
failover without having effect on
the data stored on MapR.
3
3
4 Relaunch PostgreSQL container
A new PostgreSQL container will
leverage the existing data on MapR.
4
64. 65 © 2018 MapR Technologies, Inc. // MapR Confidential
RECAP: Today‘s Goal
Learn how to build a reliable, scalable, and secure containerized
platform,
and to handle persistent data in large containerized environments
across multiple data centers or geographic locations.
(DATA)
65. 66 © 2018 MapR Technologies, Inc. // MapR Confidential
COMPUTE AGILITY
MAPR DATA PLATFORM
Containers & Kubernetes without limits!
MAPR KUBERNETES VOLUME PLUGIN
TENANT N
Application…..
TENANT 1
Application APP AGILITY
DATA AGILITY
DATA CENTER CLOUD MULTI-CLOUD KUBERNETES EDGE ACROSS
INFRASTRUCTURES
ENTERPRISE
APPLICATIONS
AI AND ML
ADV. ANALYTICS
Stateful app
container
MAPR POSIX
CLIENT FOR
CONTAINERS
Application
67. 68 © 2018 MapR Technologies, Inc. // MapR Confidential
Kubernetes (e)books
68. 69 © 2018 MapR Technologies, Inc. // MapR Confidential
MapR Data Fabric for Kubernetes
https://mapr.com/solutions/data-fabric/kubernetes/
MapR Data Fabric for Kubernetes - Documentation
https://mapr.com/docs/60/PersistentStorage/kdf_overview.html
MapR Data Fabric for Kubernetes - GitHub
https://github.com/mapr/KubernetesDataFabric
MapR Tutorial: How to Install and Deploy Applications at Scale on K8s
Part 1: https://mapr.com/blog/making-data-actionable-at-scale-part-1-of-3
Part 2: https://mapr.com/blog/making-data-actionable-at-scale-part-2-of-3
Part 3: https://mapr.com/blog/making-data-actionable-at-scale-part-3-of-3
MapR Data Fabric for Kubernetes
69. 70 © 2018 MapR Technologies, Inc. // MapR Confidential
MapR Academy
Free Online Training: learn.mapr.com
70. 71 © 2018 MapR Technologies, Inc. // MapR Confidential
New O’Reilly Book!
by Ted Dunning
and Ellen Friedman
Just released at Strata New York,
September 2018
GRAB YOUR FREE COPY HERE!
or download the e-book here:
https://mapr.com/ebook/ai-and-analytics-in-
production/