Containers and Kubernetes without limits

CONTAINERS AND KUBERNETES WITHOUT LIMITS
How to make stateless containers
reliable and available for stateful applications!
Copenhagen, September 18th, 2018

2 © 2018 MapR Technologies, Inc. // MapR Confidential
Today‘s Goal
Learn how to build a reliable, scalable, and secure containerized
platform,
and to handle persistent data in large containerized environments
across multiple data centers or geographic locations.
(DATA)

Agenda
Introduction to Containers and Kubernetes
• Architectural concepts
• Use cases for containers
• Container challenges
How to build a Reliable, Scalable, and Secure Containerized Platform
• Kubernetes
• Challenges for stateful applications
• #Kubernetes4Data
DEMO SUMMARY Q&A SWAG J FOR YOU

Introduction to Containers and Kubernetes

Virtual Machines are Computers
in a Box
Containers are Applications
in a Box

hardware
os
hypervisor
vm
os
libs
app
vm
os
libs
app
hardware
os
container
libs
app
container
libs
app
container
libs
app
VM vs Container

Pets vs Cattle
- long lived
- name them
- care for them
- ephemeral
- brand them with #’s
- well.. vets are expensive

Container characteristics
Light-weight,
easy and quick to
deploy
Portable Break complex monolithic
applications into smaller,
modules

Typical use cases for containers
ENTERPRISE
APPLICATION
MODERNIZATION
All Applications
that can be run in
containers
MACHINE
LEARNING
Deploy
portable, smart
applications
MICROSERVICES
Create distributed
applications by using
containers to creating
independent tasks
CI/CD
Continuous
Integration/
Development

Source:
Marko Luksa (2017). Kubernetes in Action.
Shelter Island, NY: Manning Publications Co.
• Docker combined several Linux technologies into a single
set of tools
• Docker uses Linux ‘cgroups’ (process isolation), overlay file
systems (OverlayFS/aufs), virtual networks & bridges, and
virtual directory mount points to create “containers”
• These tools separately have been in the Linux community
for many years: Docker put them all together in a single,
simple set of commands
Containers & Docker

cgroups
● cpu
● memory
● network
● etc.
namespaces
● pids
● mnts
● etc.
Chroot (filesystem)
Isolation

File File Read-only Layer
Container Images

File File
File
Read-only Layer
Read-only Layer
Container Images

File File
File
Read-only Layer
Read-only Layer
Writable Layer
Container Images

File File File Container Image
chroot
cgroups
● cpu
● memory
● network
● etc.
namespaces
● pids
● mnts
● etc.
Container = Image + Isolation

Why are containers called stateless?
CONTAINER A
APP
BIN/LIBs
APP
BIN/LIBs
CONTAINER B
SHARED RESOURCES
• Build containers with what is
minimally needed for the
application
• Infrastructure resources are
shared and assigned for each
container
• Container does not hold data

What is the impact of containers being stateless?
APP
• Application server run as a service in
container
• Updating containers is not applicable.
Update the docker image, stop and restart
containers
• Backing up a container is not needed

Container growth – Trend towards production
Source: CNCF Survey, 2018.
https://www.cncf.io/blog/2018/08/29/cncf-survey-use-of-cloud-native-technologies-in-production-has-grown-over-200-percent/
• 73% of respondents are currently
using containers in production
today, with the remaining 27%
planning to use them in the
future.
• 89% of respondents are currently
using containers for proof of
concepts, as well as testing (85%)
and development (86%).

Containers – What we know so far!
• Are lightweight
• Are stateless
• Are portable
• Targeted for developing applications
• Surely moving towards production
• Docker made it popular
… and added a whole lot of jargon for us to learn! J

But…
Containers have a problem

Challenges in using / deploying containers
• Cultural Changes with
Development Team
• Complexity
• Lack of Training
• Security
• Monitoring
• Storage
• Networking

Some of the things Docker can’t do
• Monitor running containers
• Handle dead containers
• Move containers so utilization improves
• Auto-scale container instances to handle load
• Solve port mapping hell
• …

You can never get away from pets
unless:
• You have an environment to
support cattle
• You handle the problem of
container state

Kubernetes
kubernetes (n.) - greek word for pilot or helm

Now home
at the CNCF!
Large-scale cluster management at Google with Borg, 2015.
https://ai.google/research/pubs/pub43438
Kubernetes started life as
a successor to Google’s
Borg project...
https://www.cncf.io/ https://kubernetes.io/

Kubernetes is an API and agents
The Kubernetes API provides containers with a
scheduling, configuration, network, and
storage
The Kubernetes runtime manages the containers

Kubernetes – Why is it so popular?
• There are many management software
solutions to create, manage & delete
containers with newer vendors
emerging everyday
• Kubernetes remains the leader with
83% (up from 77%)
• The ecosystem and developer
community augmented by Google’s
support gave Kubernetes the edge over
others

Key K8s features that help you orchestrate containers at scale
• Creating, managing multiple containers in a single entity, a POD.
• Container Scheduling on same host or on particular hosts, and sharing IP address
allows the containers to communicate with each other
• Auto scaling, replication and recovery of containers
• cAdvisor resource usage monitoring module
• Network pluggable architecture
• Load balancer
• Health check mechanisms

*Pods are not containers!
IP address: 1.2.3.4
container #1
container #2
pod
• Pods are the atomic unit of
scheduling/mgmt in k8s
• Pods can have multiple containers
• Containers in pod have same IP
• Containers in pod share IPC address
space
• Many advanced management
features directed at pods

api server
scheduler
controller manager
etcd
node 1 node 2 node 3 node 4 node 5
kubelet
kube-proxy
docker
Control Plane Workers

kubectl
yaml
pod pod
pod
pod
etcd
pods plans
The API server turns YAML
into pods and plans.
api server

Kubernetes – an open, pluggable framework

Kubernetes – an open, pluggable framework
Source: CNCF landscape, see https://github.com/cncf/landscape and http://l.cncf.io

• From eval to prod: How a Service Mesh Helped Us Build Production Cloud-Native Services - Israel
Sotomayor, Moltin
o Session recording: https://youtu.be/VoYAtCVz3Ig
• What Does “Production Ready” Really Mean for a Kubernetes Cluster? - Lucas Käldström, Individual
o Session recording: https://youtu.be/EjSiZgGdRqk
• Keynote: Running with Scissors - Liz Rice, Technology Evangelist, Aqua Security
• Session recording: https://youtu.be/ltrV-Qmh3oY
KubeCon: Learn from the community how to use the services

We still have a problem

State!

Problem with Containers and State
What about stateful applications?
Real applications are stateful - they need to persist data somewhere!
Pod and ReplicaSet abstract compute and memory.
1. Containers are ephemeral: no way to persist state
• Container termination / crashes result in loss of data
• Can’t run stateful applications
2. Containers can’t share data between each other

Give Containers Persistent Volumes
Source: CNCF Webinar - Introduction to Cloud Native Storage,
https://www.youtube.com/watch?v=S9PnpnrHdIs
ü Data survives (persists) beyond container,
pod, host
ü Workload can choose its best storage

Persistence & Portability

Pod to Persistence Volume
3

Cloud native storage takes many forms

Cloud native storage takes many forms
MAPR DATA PLATFORM
FILES / OBJECTS / TABLES / STREAMS APIs: NFS, POSIX, REST, S3, HDFS, HBASE, JSON, KAFKA
DATA CENTER CLOUD MULTI-CLOUD EDGE KUBERNETES
COMMODITY
SERVER
VIRTUAL
MACHINE
IoT & Edge
AI / ML
ADV. ANALYTICS
ENTERPRISE
APPLICATIONS
Pod Pod Pod Pod

Scale. It distributes data across the cluster and offers a global namespace for a unified view of data
regardless of its physical location
High Availability. Offers configurable levels of replication to ensure data durability. In event of a failure,
all nodes participate to self-heal and reconstruct data automatically
Data Protection. End-to-end security, per volume Access control expressions, space efficient
snapshots, volume mirroring, offers several choices to build a data protection strategy
Intelligent Data Placement. Offers three different storage tiers with automated storage policies to
place data based on their SLAs
Edge, on-premises, Cloud: Can be deployed in on-premises datacenters, edge and on the cloud
Modern Data Platform

MapR Data Container Architecture
Built For Speed, Scale, Reliability
Data & metadata fully distributed
A
A
A
B
B
B
C
C
C
D
D
D
E
E
E
32 GB
256 MB
8 KB
Hierarchical organization of data
No single point of failure
Fast parallel access
Exabyte scale
Full read-write

MapR Volumes
Volumes are logical units of management, holding files, directories, tables, messages.
WHAT CAN YOU DO WITH VOLUMES?
• Schedule snapshots
• Schedule mirrors
• Control data placement
• Access permissions
• Enforce volume quotas
• Manage performance
• Specify replication factor
Volumes:
Shared MapR Cluster
r : user:sally |
(group:research & group:managers)
MAPR ACCESS CONTROL EXPRESSIONS
/mktg /finance /projectx

MapR Volumes
Volumes are used for easy control of access, multi-tenancy, data locality & DR

ü Global data view in a single
namespace
ü Distributed data processing
ü Unified Security
ü Global Replication For Data
Distribution & DR
ü Bandwidth-aware to manage
global data flows
ü Simplify cross cloud application
development & deployment
Global Namespace – common path to connect to any data
Globally Protected
Globally Accessible
Globally Managed
Globally Replicated
Across Locations Across Clouds
/mapr
/us.mapr.com
/eu_cloud.mapr.com
/asia.mapr.com
/us_cloud.mapr.com

Automatically Synchronized Globally Distributed Data
Topic
Topic
Topic
On-Premises
S3
EDGE
DATA
PLATFORM
DATA
PLATFORM
DATA
PLATFORM
DATA
PLATFORM
Multi-Cloud Data Movement & Application Portability
Enabling Application and Data Portability

“Kubernetes is our platform for apps.
We view MapR as our Kubernetes for data.”
“The combination of the two allows us to support future & current workloads on any
infrastructure. With SLA enforcement and the ability to move apps & data seamlessly
across clouds.”
CUSTOMERS
#Kubernetes4Data

MapR Persistent Application Client Container (PACC)
• Pre-built, certified container image
for connecting to MapR services
• Secure authentication at
container level, secure connection
• Extensible support for application
layers
• Available in Docker Hub, Dockerfile
for customizability
MapR POSIX Client
for Containers
MapR Converged
Client for
Containers
Space for Customer Application
MapR PACC
MAPR DATA PLATFORM
EVENT DATA
STREAMS
ANALYTICS & ML
ENGINES
OPERATIONAL
DATABASE
CLOUD-SCALE
FILE AND OBJECT
STORE

Containerized Microservices have real-time access to
files/tables/streams
Microservices
Databases/files
Microservices
Databases/files
Microservices
Databases/files
Microservices Microservices Microservices
Microservices Microservices Microservices
MAPR DATA PLATFORM
Stream Stream

MapR Data Fabric for Kubernetes

node
Pod
Pod
node
Pod
Pod
node
Pod
Pod
MAPR MAPR MAPR
MAPR DATA PLATFORM
• Integration with Kubernetes APIs,
packaged and run as a POSIX client on
each Kubernetes host
• MapR Volumes are mounted for
containers
• Persist data for containerized
applications
• Scale data and performance as
containers grow
• Highly available by leveraging replicas,
snapshots, mirroring of data
• Benefit from MapR tickets, for end-to-
end security
• Multi-tenant deployment and access

There are two ways to provision a volume:
1. Kubernetes Volume with Static Provisioner
This is used to mount an existing MapR Volume to Containers
managed by Kubernetes.
2. Kubernetes Persistent Volumes with Dynamic Provisioner
This is used to create and mount a new MapR Volume to Containers
managed by Kubernetes.
Kubernetes Integration via Volume Driver Plugin

pod
kubelet
docker
plugin
mapr
fuse
Example 1: You have a Postgres container that needs persistent
storage. Plugin mounts MapR path via fuse
Static Provisioning
• Kdf volume plugin
• Admin provisions
• Fast, uses Posix drivers
• Secured with MapR tickets
• MapR cluster can be external
to K8s

KUBERNETES (CLIENT HOST)
YOUR CONTAINER
MAPR VOLUME PLUGIN - POSIX CLIENT
K8S PERSISTANT VOLUME
MAPR DATA PLATFORM
1. Request Volume
2. Mount POSIX Volume
Mounting An Existing MapR Volume (Static Provisioner)

pod
kubelet
docker
plugin mapr
fuse
provisioner rest
Example 2: You are testing a new container. You want the
storage in MapR automatically allocated for the container.
Dynamic provisioning
• Kdf provisioner
• Uses MapR REST API’s to
allocate/delete MapR
volumes
• Mounting is the same as
static provisioning

KUBERNETES (CLIENT HOST)
YOUR CONTAINER
MAPR VOLUME PLUGIN - POSIX CLIENT
K8S PERSISTANT VOLUME
MAPR DATA PLATFORM
1. Request Volume
5. Mount POSIX Volume
PERSISTENT VOLUME CLAIM
STORAGE CLASS
DYNAMIC PROVISIONER
2. Request Volume
3. Request Volume
Creating A New MapR Volume (Dynamic Provisioner)
Volume Claim binds the
volume created to the
container(s)
Storage Classes used by
Administrators express
the type, size and other
characteristics that the
volume should contain

Demo: Run database server container in high availability
Run PostgreSQL in Container
Dynamically create and store
the Postgres data on MapR as
the persistent data store.

Demo: Run database server container in high availability
Dynamically create MapR Volume
Use the Volume Driver Plugin to
dynamically create a MapR Volume
as the PostgreSQL data store.
1
1
Launch PostgreSQL container
The PostgreSQL uses the Volume
Driver plugin to locate the volume.
2
2
Simulate PostgreSQL failover
The PostgreSQL container can
failover without having effect on
the data stored on MapR.
3
3
4 Relaunch PostgreSQL container
A new PostgreSQL container will
leverage the existing data on MapR.
4

RECAP: Today‘s Goal
Learn how to build a reliable, scalable, and secure containerized
platform,
and to handle persistent data in large containerized environments
across multiple data centers or geographic locations.
(DATA)

COMPUTE AGILITY
MAPR DATA PLATFORM
Containers & Kubernetes without limits!
MAPR KUBERNETES VOLUME PLUGIN
TENANT N
Application…..
TENANT 1
Application APP AGILITY
DATA AGILITY
DATA CENTER CLOUD MULTI-CLOUD KUBERNETES EDGE ACROSS
INFRASTRUCTURES
ENTERPRISE
APPLICATIONS
AI AND ML
ADV. ANALYTICS
Stateful app
container
MAPR POSIX
CLIENT FOR
CONTAINERS
Application

Kubernetes (e)books

https://mapr.com/solutions/data-fabric/kubernetes/
MapR Data Fabric for Kubernetes - Documentation
https://mapr.com/docs/60/PersistentStorage/kdf_overview.html
MapR Data Fabric for Kubernetes - GitHub
https://github.com/mapr/KubernetesDataFabric
MapR Tutorial: How to Install and Deploy Applications at Scale on K8s
Part 1: https://mapr.com/blog/making-data-actionable-at-scale-part-1-of-3

MapR Academy
Free Online Training: learn.mapr.com

New O’Reilly Book!
by Ted Dunning
and Ellen Friedman
Just released at Strata New York,
September 2018
GRAB YOUR FREE COPY HERE!
or download the e-book here:
https://mapr.com/ebook/ai-and-analytics-in-
production/

THANK YOU!
#MapR
#Kubernetes4Data

Containers and Kubernetes without limits

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Containers and Kubernetes without limits

Similar to Containers and Kubernetes without limits (20)

Recently uploaded

Recently uploaded (20)

Containers and Kubernetes without limits