What Should I Know About

M i ke M e t r a l | P r o d u c t A r c h i t e c t | @ m i ke m e t r a l
Oct ob er 27 , 2 01 5

Lets Play A Game

 Facts About Me

Mi ke Me tr a l

Product Architect

Been @ Rackspace for ~3.5 Years

Focusing on Containers for last 1.5 Years

Things You May Not Know

I enjoy coding in Go

I play Golf

My favorite editor is vim

Endorsements and/or Skills

Python

Cloud Computing

Bash

Reddit
3

Containers

 Facts About Me

Co nta i ne r s

Aid in faster dev iteration

4-6x more app instances per server than

using VMs with traditional hypervisors

Operate at near bare metal speeds

Things You May Not Know

Not just to enable a PaaS

Many legacy / enterprise apps are skipping

VMs & going straight to containers

Containers share the same kernel

Endorsements and/or Skills

Very lightweight

Makes app isolation easier

Plays well across various cloud platforms

5

Container Runtimes

 Facts About Me

Do c ke r

Popularized containers by abstracting LXC

Pluggable architecture

Great way to package & distribute apps

Things You May Not Know

Docker engine is the only abstraction

necessary to enable cross platform
portability

Docker Hub has 100k+ apps

Runs on all modern Linux distros AND

supports Windows 7.1 + too!

Endorsements and/or Skills

https://www.docker.com

Extremely fast boot up

Embraced by many tech giants as standard

for container foundation
7

 Facts About Me

Co r e O S r kt

Implementation of new AppC spec to run

containers

Aimed at enterprise primitives such as

security & image auditing

Things You May Not Know

Brings its own container image format, ACI

Still under heavy development & unstable

Aimed at being a true container building

block

Endorsements and/or Skills

https://coreos.com/rkt/docs/latest

Embraces security via joint effort with

Intels Clear Containers

Kubernetes supports rkt

Many early implementations of AppC are

popping up

OpenStack Container Solutions

 Facts About Me

O pe nSta c k Do c ke r Dr i v e r

Hypervisor driver for Nova Compute to

instantiate Docker containers

Glance is my Docker image registry

Things You May Not Know

Im a StackForge project

Im essentially a tiny HTTP client that

controls Dockers via its API

Endorsements and/or Skills

Works well & easily with DevStack

https://wiki.openstack.org/wiki/Docker

10

 Facts About Me

O pe nSta c k s Ma g num

Containers Service for OpenStack

Uses Heat to deploy Swarm, Kubernetes &

Mesos

Things You May Not Know

Provides extra abstraction layer via Bay &

its own API

Deployments can be done in a multi-tenant

fashion

Endorsements and/or Skills

Googles involvement in OpenStack lends

Magnum to be a sweet spot for
collaboration

https://wiki.openstack.org/wiki/Magnum

11

 Facts About Me

The simplest way to deploy a POC

Kubernetes cluster using a Heat template
in 5-10 min.

Utilizes CoreOS as microOS

Co r e kube

Things You May Not Know

https://github.com/metral/corekube

Runs on many RAX envs & pure OpenStack

Utilizes etcd & fleet APIs for deployment to

CoreOS nodes & flannel for K8s
networking

Supports SkyDNS for K8s Service

registration & discovery

Written in Go

Endorsements and/or Skills

Requires no addl services or installations

to use, just native OpenStack & Heat
12

Container Orchestration Engines

(COE)

13

 Facts About Me

Serves as clustering & scheduling tool to

make a pool of Docker hosts appear as a
single, virtual Docker host

Aimed to provide common interface for

many COE

Do c ke r Sw a r m

Things You May Not Know

https://www.docker.com/docker-swarm

With a Swarm cluster up, Swarm

resembles the familiar Docker usage

Not battle hardened: no container fail over,

no HA for swarm processes & plugin
support w/ other COE is incomplete

No real foundation for enabling

microservices & their requirements

Endorsements and/or Skills

Perfect for smaller env: <50 hosts

14

 Facts About Me

Me s o s / DCO S + Ma r a tho n

Mesos is a dist. sys kernel & cluster manager

DCOS is enterprise pkg of Mesos

Mesospheres Marathon is an init/control

plane for Docker containers

Things You May Not Know

https://mesos.apache.org/
https://mesosphere.com/product/
https://mesosphere.github.io/marathon/

Marathon can run on Mesos or DCOS

Kubernetes is similar to Marathon & can run

alongside it or in lieu of

Mesos & OpenStack have some overlap

Endorsements and/or Skills

Twitter, Airbnb & Apple use Mesos

Verizon deploy DC services w/ Mesosphere

Airbnb, eBay, PayPal & Yelp use Marathon

Mesos is for large envs: 100s1000s

15

 Facts About Me

Go o g l e s Kube r ne te s

Fully featured, large-scale container

management system modeled after Borg

Supported on OpenStack, RAX, AWS, GCE,

Azure, RedHat etc.

Things You May Not Know

The Pod is a perfect atomic unit for an app

Equipped to support add-ons for:

monitoring, elastic search, UI, DNS

Many other COEs & ecosystem tools

looking to integrate with Kubernetes

Endorsements and/or Skills

http://kubernetes.io

Ideal for large envs: 100s 1000s (TBD)

Community advocacy: ~20k commits |

~600 contrib | avg. 250-300 commits/wk

Being used in prod by Box, eBay, RedHat

16

Specialized Systems /One-Offs

17

 Facts About Me

Eng i ne Ya r d s De i s

PaaS offering that faciliates app

deployment & management

Built on Docker & CoreOS (etcd, fleet, OS)

Structurally abides the Heroku 12-factor

methodology

Things You May Not Know

http://deis.io

Private Heroku

Lacks persistent storage & state aware

support for apps

Leverages Heroku Buildpacks

Can be deployed anywhere incl. on-prem &

in the cloud

V2 is set to be running on top of K8

Endorsements and/or Skills

Used by some small-medium biz

18

 Facts About Me

P r i me Di r e c ti v e s Fl ynn

PaaS offering aimed at solving the

stateful problems
Where Deis is aimed to have feature
parity with Heroku, Flynn is more about
the dev lifecycle & its problems
Less prescriptive than Deis in terms of
tech used
Things You May Not Know

https://flynn.io

Private Heroku (not limited to 12-factor)

Leverages Heroku Buildpacks

Provides appliance for auto provisioning,

HA / fail-over abilities for Postgres9.4

Endorsements and/or Skills

Coinbase, Shopify & CenturyLink utilize

Flynn

19

 Facts About Me

Fl o c ke r

Data volume & multi-host container

manager

Handling state within containers & mobility

of storage volumes across hosts

Backend of shared or local storage fabric

Frontend network proxy for container

linking & routing requests to respective
host running active container

Things You May Not Know

Now available as Docker plugin

Supports AWS EBS, OpenStack Cinder

EMC is enchancing Flocker to work with

XtremIO & ScaleIO drivers

https://clusterhq.com/flocker/introduction

Endorsements and/or Skills

Flocker is officially at v1.0

20

MicroOS

21

 Facts About Me

Co r e O S

Minimal Linux OS aimed at being the distro

for massive linux server deployments

Provides subset of linux bins & abstracts

userland apps to run in Docker containers

Things You May Not Know

Fork of ChromeOS

Its flagship projects etcd & fleet were born

out of necessity

Acquired Quay.io for both public &

enterprise container registry

Endorsements and/or Skills

CoreOS, etcd, fleet & flannel are widely

being adopted by: Kubernetes, Deis,
Rackspace etc.

CoreOS is available on all major cloud

platforms, incl. OpenStack

https://coreos.com

22

 Facts About Me

Re dHa t s P ro j e c t Ato mi c

Minimal Linux OS aimed at hosting &

managing containers

Security is more of a focus using SELinux

by default

Things You May Not Know

Base of Atomic is similar to Fedora 20

Started about 6 months after CoreOS

Best suited for RedHats projects such as

OpenShift

Includes Kubernetes support

Endorsements and/or Skills

http://www.projectatomic.io

Atomic itself is avail as opensource but

Enterprise Platform is in EA

Atomic is integral to OpenShift

23

 Facts About Me

Ra nc he r L a bs Ra nc he r O S

Very tiny Linux OS aimed at hosting &

managing containers

Core components incl. cross-host

networking, load balancing, storage mgmt,
service discovery & native Docker (run,
compose, registry & machine)

Things You May Not Know

Docker daemon runs as PID 1 is

responsible for all system services which
are themselves in containers

User containers run in separate Docker

daemon

Updates to OS are as simple as rolling out

new Docker containers

http://rancher.com/rancher-os

Endorsements and/or Skills

Still very early offering Beta Platform

24

h t t p s : / / w w w . m i n d m e i s t e r. c o m / 3 8 9 6 717 2 2 / d o c k e r ecosy stem#

25

Reeling Things In For OpenStack

26

 Be aware of the shift in app dev &

W ha t Sho ul d O pe nSta c k Do ?

accommodate for containers

Infrastructure management is still needed
Knowing where & when to decouple
responsibilities is important

27

There is a lot of noise out there

Pick the right tool for the job

28

https://github.com/metral/whitepapers
Follow me on Twitter: @mikemetral

Thank you
O N E FA N AT I C A L P L A C E | S A N A N T O N I O , T X 7 8 2 1 8
US S ALES : 1- 800- 961- 2888

R AC K S PAC E LT D .

U S S U P P O R T: 1 - 8 0 0 - 9 6 1 - 4 4 5 4

W W W . R A C K S PA C E . C O M

R AC K S PAC E AND F ANAT I C AL S U PPO R T AR E S ER VI C E MAR K S O F R AC K S PAC E U S , I NC . R EG I S T ER ED I N T H E U NI T ED S T AT ES AND O T H ER C O U NT R I ES .

W W W . R A C K S P A C E. C O M