Post on 21-Jul-2015
Containerized Cloud Compu0ng Sivaram Shunmugam
Manager, Infrastructure Practice
siva@redhat.com
THE PROBLEM
APPLICATION DELIVERY VIA CONTAINERS
WHAT ARE LINUX CONTAINERS?
• Software packaging concept that typically includes an application and all of its runtime dependencies. l Easy to deploy and portable
across host systems l Isolates applications on a
host operating system l In Red Hat Enterprise Linux,
this is done through: l Control Groups (cgroups) l kernel namespaces l SELinux, sVirt, iptables l Docker
HOST OS
SERVER
CONTAINER
LIBS
APP
“Everything at Google, from Search to Gmail, is packaged and run in a Linux container.”1
- Eric Brewer, VP of Infrastructure,
SOME OF THE MOST ADVANCED
INFRASTRUCTURES RUN ON CONTAINERS
1 Source: http://googlecloudplatform.blogspot.com/2014/06/an-update-on-container-support-on-google-cloud-platform.html
TOP 5 MISCONCEPTIONS ABOUT CONTAINERS
• Containers are new. • Containers equal virtualization. • Containers are universally portable. • Containers are secure by default. • Containers are not enterprise-ready. • (give example of application example)
1
2
3
4
5
TRADITIONAL OS VS. CONTAINERS
• Traditional OS • Containers
HARDWARE
HOST OS
HARDWARE
HOST OS
CONTAINER
LIBS
APP A
LIBS A LIBS B LIBS LIBS
APP A APP B CONTAINER
LIBS
APP B
APP DELIVERY VIA CONTAINERS...
NOT AS EASY AS BUILD, DEPLOY, RUN.
“While docker enthusiasts claim you can ‘run any app anywhere’ this is unfortunately not true in many cases. Many userland tools are coupled to kernel features, kernel modules, distro specific kernel configurations, etc... Over the years we have built a complex web of interdependence between kernelspace, userspace, compile-time configurations and runtime configurations; it will take years to untangle this mess.”
-- Avishai Ish-Shalom co-founder and CTO
Fewbytes
Source: http://www.fewbytes.com/docker-selinux-and-the-myth-of-kernel-indipendence/
ESTABLISHING OPEN STANDARDS
ESTABLISHING STANDARDS AROUND...
REGISTRY / CONTAINER DISCOVERY
CONTAINER FORMAT WITH
DOCKER
ISOLATION WITH LINUX
CONTAINERS
ORCHESTRATION WITH
KUBERNETES
Red Hat works with the open source community to drive standards for containerization.
CONTAINER PORTABILITY ACROSS PHYSICAL, VIRTUAL, PRIVATE CLOUD, PUBLIC CLOUD
7
TRUST
SECURING HOSTS AND CONTAINERS RED HAT CONTAINER CERTIFICATION
CERTIFIED ECOSYSTEM l Trusted source for the host and the containers l Enterprise life cycle for container content
l Proven portability l Container Development Kit
HOST OS
HARDWARE
CONTAINER
LIBS
APP
CONTAINER
LIBS
APP
SIMPLIFYING CONTAINER ADOPTION
FOR PARTNERS
RED HAT CONNECT for technology
partners
LEARN
RED HAT CONTAINER DEVELOPMENT
KIT (CDK)
BUILD
DISTRIBUTE
RED HAT CONTAINER REGISTRY
CERTIFY
RED HAT CONTAINER
CERTIFICATION PROGRAM
INTEGRATED APPLICATION DELIVERY
PLATFORM
MONOLITHIC TO MICROSERVICES
MONOLITHIC/LAYERED MICROSERVICES
MORE THAN THE CONTAINER
OPENSHIFT
MORE THAN THE CONTAINER
SINGLE APP DELIVERY PLATFORM VIA CONTAINERS develop, deploy, operate
OPENSHIFT by Red Hat
RED HAT ENTERPRISE LINUX 7
RED HAT ENTERPRISE LINUX ATOMIC HOST
DEPLOYMENT MULTIPLE DEPLOYMENT TARGETS
on Red Hat certified hardware, hypervisors and CCPs
OPENSHIFT
MORE THAN THE CONTAINER
SINGLE APP DELIVERY PLATFORM VIA CONTAINERS develop, deploy, operate
OPENSHIFT by Red Hat
RED HAT ENTERPRISE LINUX 7
RED HAT ENTERPRISE LINUX ATOMIC HOST
DEPLOYMENT MULTIPLE DEPLOYMENT TARGETS
on Red Hat certified hardware, hypervisors and CCPs
ORCHESTRATION of containers and microservices
OPENSHIFT
MORE THAN THE CONTAINER
SINGLE APP DELIVERY PLATFORM VIA CONTAINERS develop, deploy, operate
OPENSHIFT by Red Hat
RED HAT ENTERPRISE LINUX 7
RED HAT ENTERPRISE LINUX ATOMIC HOST
MANY CONTAINER SOURCES (trusted and untrusted)
PUBLIC REGISTRIES
such as Docker Hub
PRIVATE REGISTRIES on premise
CERTIFIED IMAGES Red Hat Customer Portal
DEPLOYMENT MULTIPLE DEPLOYMENT TARGETS
on Red Hat certified hardware, hypervisors and CCPs
ORCHESTRATION of containers and microservices
OPENSHIFT
CERTIFIED ISV APPS
MORE THAN THE CONTAINER
SINGLE APP DELIVERY PLATFORM VIA CONTAINERS develop, deploy, operate
OPENSHIFT by Red Hat
RED HAT ENTERPRISE LINUX 7
RED HAT ENTERPRISE LINUX ATOMIC HOST
MANY CONTAINER SOURCES (trusted and untrusted)
PUBLIC REGISTRIES
such as Docker Hub
PRIVATE REGISTRIES on premise
CERTIFIED IMAGES Red Hat Customer Portal
DEPLOYMENT MULTIPLE DEPLOYMENT TARGETS
on Red Hat certified hardware, hypervisors and CCPs
DEVELOPMENT
ORCHESTRATION of containers and microservices
OPENSHIFT
CERTIFIED ISV APPS
RED HAT PARTNER SOLUTIONS
RED HAT SATELLITE
RED HAT CLOUDFORMS
MORE THAN THE CONTAINER
SINGLE APP DELIVERY PLATFORM VIA CONTAINERS develop, deploy, operate
OPENSHIFT by Red Hat
RED HAT ENTERPRISE LINUX 7
RED HAT ENTERPRISE LINUX ATOMIC HOST
MANY CONTAINER SOURCES (trusted and untrusted)
PUBLIC REGISTRIES
such as Docker Hub
PRIVATE REGISTRIES on premise
CERTIFIED IMAGES Red Hat Customer Portal
DEPLOYMENT
MANAGEMENT
MULTIPLE DEPLOYMENT TARGETS on Red Hat certified hardware, hypervisors and CCPs
DEVELOPMENT
ORCHESTRATION of containers and microservices
ATOMIC APPLICATION ARCHITECTURE
OPENSHIFT
CERTIFIED ISV APPS
RED HAT ENTERPRISE LINUX
ATOMIC HOST
RED HAT ENTERPRISE LINUX ATOMIC HOST
IT IS RED HAT ENTERPRISE LINUX OPTIMIZED FOR CONTAINERS
Minimized host environment tuned for running Linux containers while maintaining compatibility with Red Hat Enterprise Linux.
Inherits the complete hardware ecosystem, military-grade security, stability and reliability for which Red Hat Enterprise Linux is known.
MINIMIZED FOOTPRINT
SIMPLIFIED MAINTENANCE
ORCHESTRATION AT SCALE
Atomic updating and rollback means it’s easy to deploy, update, and rollback using imaged-based technology.
Build composite applications by orchestrating multiple containers as microservices on a single host instance.
RUN RHEL 6 APPLICATIONS ON RHEL 7
l Deploy containerized RHEL 6 applications to RHEL 7 without porting or changing source code
l Make use of innovations in Red Hat Enterprise Linux 7 without compromising the reliability and security of existing Red Hat Enterprise Linux 6 apps
l Available as part of your Red Hat Enterprise Linux subscription
RED HAT ENTEPRISE LINUX 6
HARDWARE OR VIRTUAL MACHINE
RHEL 6 APP
CONTAINER
RHEL 6 PLATFORM IMAGE
RHEL 6 APP
RHEL 6 APP
RED HAT ENTEPRISE LINUX 7
HARDWARE OR VIRTUAL MACHINE
RHEL 6 APP
RHEL 6
LIBS
APP
HOW CUSTOMERS USE CONTAINERS
HORIZONTAL SCALE-OUT CLOUD WITH ATOMIC
UPDATING
RED HAT ENTERPRISE LINUX ATOMIC HOST ON VIRTUAL
MACHINES
HIGH THROUGHPUT, CLOUD-BURST FOR
CAPACITY
RED HAT ENTERPRISE LINUX ON BARE METAL
HIGHLY PERFORMANT DURING PEAK DEMAND
RETRIEVE/REDEPLOY
CONTAINERIZED APP STACKS FOR EACH
PROJECT
Actual Customer usecase
CONSULTING INDUSTRY
RED HAT SOFTWARE Red Hat® Enterprise Linux® 7
“At Booz Allen Hamilton, we view Red Hat Enterprise Linux 7 as a foundational component for modern cloud infrastructure. We are pleased to see Red Hat positioning Red Hat Enterprise Linux 7 for
the future of cloud consumption such as DevOps and PaaS, particularly with the integration of
Docker and Linux container elements.” MUNJEET SINGH, PRINCIPAL, DIGITAL PLATFORM INFRASTRUCTURE,
BOOZ ALLEN HAMILTON
l Headquarters: Tyson’s Corner, Virginia, USA
l Booz Allen Hamilton is one of the oldest management consulting firms in the world. Its core business is the provision of management, technology and security services, primarily to civilian government agencies and as a security and defense contractor to defense and intelligence agencies, as well as civil and commercial services.
CUSTOMER SINCE
2010
CONTAINERS FOR THE ENTERPRISE
CONTAINERS YOU CAN TRUST
PROVEN CONTAINER PORTABILITY
INTEGRATED APPLICATION DELIVERY PLATFORM