SlideShare a Scribd company logo

Understanding the container landscape and it associated projects

Download as PPTX, PDF
Anthony Chow
Anthony Chow

The document discusses containers and container technologies. It provides an overview of the history and key components of containers like Docker, including namespaces, control groups, AUFS, Docker images, registries, networking solutions, security concerns and orchestration tools. It also discusses how OpenStack projects are embracing containers to provide container orchestration platforms and run OpenStack services as containers to make them more scalable and efficient. The document encourages learning more about containers to stay relevant in today's technologies.

1 of 25
Downloaded 32 times
Anthony Chow Twitter: @vCloudernBeer Blog: http://cloudn1n3.blogspot.com/ April 25, 2016 OpenStack Austin Summit vBrownBag TechTalk
Understanding the container landscape and it associated projects
 Blog posts  Books  Ecosystem announcements  Webinar  Conferences  Local Meetups  Your boss wants to deploy container related technologies.  You want to get into this technology for more $$$$ or a “better” job.
Understanding the container landscape and it associated projects
Understanding the container landscape and it associated projects
Understanding the container landscape and it associated projects
Understanding the container landscape and it associated projects
 FreeBSD Jails (back in 2000)  Imctfy (Google’s version of container)  LXC (technology that Docker build upon)  Docker: “Build Ship Run”
 Namespaces  Current view of PID, network, IPC, MNT and UTS  Linux namespaces provides isolations for each container. Applications or process inside a container do not have access outside of the namespaces that the container is in.  Control groups/cgroups  Kernel function used to control access rights.  While namespaces provides access isolation, the control groups limits the hardware resources that the container can access. One example of control groups is to limit the memory available for the container for say 256 MBs.  AUFS  This is how containers are made to be light weighted. Linux kernel first mounts the root system read-only and then change to read-write. With the union mount, instead of changing from read-only to read-write, a read-write file system is layered on top of the read-only based Filesystem. Union mean to layer read-write with read-only layers.
 Docker Client  Accept commands from the user and communicate with the server/daemon  Docker Server/Daemon  Building the Docker container from the images that are stored in the Docker Registry  Docker container  Base unit where the application runs on  Similar to a Virtual Machine  Default base moving from Ubuntu to Alpine for smaller footprint  Dockerfile  a configuration file with build instructions for Docker images  Docker image  Building block of container  Docker Registry  Location where the Docker images are stored  Public registry – access by everyone  Private registry – access by specific team or organization.
 Docker Hub  Quay Container Registry  Amazon Container Registry  Google Container Registry
 Container image format  Docker – appC  CoreOS – Rocker (rkt)
 CoreOS  RacherOS  Ubuntu Snappy  Red Hat Atomic  VMware photon  Microsoft Nano Server
 Open Container Initiative  OCI Runtime Specification  OCI Image Format Specification
 Microservices  Container runs in groups and on distributed hosts as service  Containers “come and go”  Not practical to hardcode port number.  Distributed key-value store  Common tool for service discovery  Zookeeper  Etcd  Consul
 Containers needs network traffic isolation for multi-tenants  Number of addressable end-point drastically increases  Immutable infrastructure – container is created and destroyed on different hosts constantly  Networking solutions for containers  Libnetwork (since rev 1.9)  Weave  Flannel (CoreOS)  IPvlan
 A new security requirements created by container based infrastructure.  Docker container used to run as “root”  Common form of security solutions for containers:  Discretionary Access Control (DAS)  Seccomp  SELinux (Mandatory Access Control – MAC)  Microsegmentation solution from VMware and Cisco
 Stateless container  Stateful container  Persistent Storage  Default: data reside inside the container  Docker Volume Driver (rev 1.8)  Convoy: a Docker storage driver  Flocker: container data volume manager
 “To deploy container is one thing, architect a container solution is not so simple?  Common container orchestration tools:  Docker Swarm  Kubernetes  Apache Mesos  Redhat Atomic  CoreOS Fleet
 Provides an Docker container orchestration platform using OpenStack as a infrastructure  Key concept: Container Orchestration Engine  Docker Swarm  Kubernetes  Apache Mesos  Able to interface with Docker client and Kubernetes client
 “provides production-ready containers and deployment tools for operating OpenStack clouds that are scalable, fast, reliable, and upgradable using community best practices.” – OpenStack Wiki  running OpenStack service as a container
 “bring containers and Docker networking specifically to use and leverage solutions and services in Neutron” – superuser.openstack.org  Kuryr is Czech for "courier."
 “a distributed control plane implementation of Neutron” – superuser.openstack.org  Dragonflow is going to support use cases of nested containers inside a VM without the need to introduce another layer of overlay abstraction. We are going to support various different modes to deploy this and have full integration with project Kuryr.
 Container technology is here to stay along with virtual machines  More and more OpenStack project is embracing this container technology to solve different problems.  We need to stay relevant and keep up with the container technology.  Get a clearer picture of the container landscape.
Have a joyful and fruitful conference @vCloudernBeer
Ad

Recommended

Docker Architecture
Docker ArchitectureDocker Architecture
Docker Architecture
Mohammadreza Amini
 
Docker architecture(version modified)
Docker architecture(version modified)Docker architecture(version modified)
Docker architecture(version modified)
Mohammadreza Amini
 
Docker architecture (version modified)
Docker architecture (version modified)Docker architecture (version modified)
Docker architecture (version modified)
Amir Arsalan
 
Containerized Delivery on the Microsoft Stack
Containerized Delivery on the Microsoft StackContainerized Delivery on the Microsoft Stack
Containerized Delivery on the Microsoft Stack
Cornell Knulst
 
Quick Trip with Docker
Quick Trip with DockerQuick Trip with Docker
Quick Trip with Docker
Venkata Naga Ravi
 
Docker architecture-05
Docker architecture-05Docker architecture-05
Docker architecture-05
Mohammadreza Amini
 
Release Management with Docker - Dutch Microsoft ALM Group
Release Management with Docker - Dutch Microsoft ALM GroupRelease Management with Docker - Dutch Microsoft ALM Group
Release Management with Docker - Dutch Microsoft ALM Group
Cornell Knulst
 
Docker - the what why and hows
Docker - the what why and howsDocker - the what why and hows
Docker - the what why and hows
Souvik Maji
 
Containerization & Docker - Under the Hood
Containerization & Docker - Under the HoodContainerization & Docker - Under the Hood
Containerization & Docker - Under the Hood
Imesha Sudasingha
 
Docker 101 for "The Core of Microservice Architecture"
Docker 101 for "The Core of Microservice Architecture"Docker 101 for "The Core of Microservice Architecture"
Docker 101 for "The Core of Microservice Architecture"
enyert
 
Performance comparison between Linux Containers and Virtual Machines
Performance comparison between Linux Containers and Virtual MachinesPerformance comparison between Linux Containers and Virtual Machines
Performance comparison between Linux Containers and Virtual Machines
Soheila Dehghanzadeh
 
Docker training
Docker trainingDocker training
Docker training
Kiran Kumar
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes Basics
Antonin Stoklasek
 
Revolutionizing the cloud with container virtualization
Revolutionizing the cloud with container virtualizationRevolutionizing the cloud with container virtualization
Revolutionizing the cloud with container virtualization
WSO2
 
Docker Container Introduction
Docker Container IntroductionDocker Container Introduction
Docker Container Introduction
Innfinision Cloud and BigData Solutions
 
Microservices, Containers and Docker
Microservices, Containers and DockerMicroservices, Containers and Docker
Microservices, Containers and Docker
Ioannis Papapanagiotou
 
Docker Global Hack Day #3
Docker Global Hack Day #3 Docker Global Hack Day #3
Docker Global Hack Day #3
Docker, Inc.
 
LXD: The hypervisor that isn't
LXD: The hypervisor that isn'tLXD: The hypervisor that isn't
LXD: The hypervisor that isn't
tych0
 
Containers in the Cloud
Containers in the CloudContainers in the Cloud
Containers in the Cloud
James Darrell Pratt
 
Rebuild presentation during Docker's Birthday party
Rebuild presentation during Docker's Birthday partyRebuild presentation during Docker's Birthday party
Rebuild presentation during Docker's Birthday party
Yan Vugenfirer
 
Container security
Container securityContainer security
Container security
Anthony Chow
 
Docker introduction for Carbon IT
Docker introduction for Carbon ITDocker introduction for Carbon IT
Docker introduction for Carbon IT
yannick grenzinger
 
LXC NSAttach
LXC NSAttachLXC NSAttach
LXC NSAttach
Darshan Parmar
 
Docker, Innovation Accelerator
Docker, Innovation AcceleratorDocker, Innovation Accelerator
Docker, Innovation Accelerator
Docker, Inc.
 
Linux containers
Linux containersLinux containers
Linux containers
indikadias
 
Docker container a-brief_introduction_2016-01-30
Docker container a-brief_introduction_2016-01-30Docker container a-brief_introduction_2016-01-30
Docker container a-brief_introduction_2016-01-30
Khelender Sasan
 
Securing OpenStack and Beyond with Ansible
Securing OpenStack and Beyond with AnsibleSecuring OpenStack and Beyond with Ansible
Securing OpenStack and Beyond with Ansible
Major Hayden
 
Docker basics
Docker basicsDocker basics
Docker basics
Claudio Montoya
 
Containerize! Between Docker and Jube.
Containerize! Between Docker and Jube.Containerize! Between Docker and Jube.
Containerize! Between Docker and Jube.
Henryk Konsek
 
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
Patrick Chanezon
 
Ad

More Related Content

What's hot (20)

Containerization & Docker - Under the Hood
Containerization & Docker - Under the HoodContainerization & Docker - Under the Hood
Containerization & Docker - Under the Hood
Imesha Sudasingha
 
Docker 101 for "The Core of Microservice Architecture"
Docker 101 for "The Core of Microservice Architecture"Docker 101 for "The Core of Microservice Architecture"
Docker 101 for "The Core of Microservice Architecture"
enyert
 
Performance comparison between Linux Containers and Virtual Machines
Performance comparison between Linux Containers and Virtual MachinesPerformance comparison between Linux Containers and Virtual Machines
Performance comparison between Linux Containers and Virtual Machines
Soheila Dehghanzadeh
 
Docker training
Docker trainingDocker training
Docker training
Kiran Kumar
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes Basics
Antonin Stoklasek
 
Revolutionizing the cloud with container virtualization
Revolutionizing the cloud with container virtualizationRevolutionizing the cloud with container virtualization
Revolutionizing the cloud with container virtualization
WSO2
 
Docker Container Introduction
Docker Container IntroductionDocker Container Introduction
Docker Container Introduction
Innfinision Cloud and BigData Solutions
 
Microservices, Containers and Docker
Microservices, Containers and DockerMicroservices, Containers and Docker
Microservices, Containers and Docker
Ioannis Papapanagiotou
 
Docker Global Hack Day #3
Docker Global Hack Day #3 Docker Global Hack Day #3
Docker Global Hack Day #3
Docker, Inc.
 
LXD: The hypervisor that isn't
LXD: The hypervisor that isn'tLXD: The hypervisor that isn't
LXD: The hypervisor that isn't
tych0
 
Containers in the Cloud
Containers in the CloudContainers in the Cloud
Containers in the Cloud
James Darrell Pratt
 
Rebuild presentation during Docker's Birthday party
Rebuild presentation during Docker's Birthday partyRebuild presentation during Docker's Birthday party
Rebuild presentation during Docker's Birthday party
Yan Vugenfirer
 
Container security
Container securityContainer security
Container security
Anthony Chow
 
Docker introduction for Carbon IT
Docker introduction for Carbon ITDocker introduction for Carbon IT
Docker introduction for Carbon IT
yannick grenzinger
 
LXC NSAttach
LXC NSAttachLXC NSAttach
LXC NSAttach
Darshan Parmar
 
Docker, Innovation Accelerator
Docker, Innovation AcceleratorDocker, Innovation Accelerator
Docker, Innovation Accelerator
Docker, Inc.
 
Linux containers
Linux containersLinux containers
Linux containers
indikadias
 
Docker container a-brief_introduction_2016-01-30
Docker container a-brief_introduction_2016-01-30Docker container a-brief_introduction_2016-01-30
Docker container a-brief_introduction_2016-01-30
Khelender Sasan
 
Securing OpenStack and Beyond with Ansible
Securing OpenStack and Beyond with AnsibleSecuring OpenStack and Beyond with Ansible
Securing OpenStack and Beyond with Ansible
Major Hayden
 
Docker basics
Docker basicsDocker basics
Docker basics
Claudio Montoya
 
Containerization & Docker - Under the Hood
Containerization & Docker - Under the HoodContainerization & Docker - Under the Hood
Containerization & Docker - Under the Hood
Imesha Sudasingha
 
Docker 101 for "The Core of Microservice Architecture"
Docker 101 for "The Core of Microservice Architecture"Docker 101 for "The Core of Microservice Architecture"
Docker 101 for "The Core of Microservice Architecture"
enyert
 
Performance comparison between Linux Containers and Virtual Machines
Performance comparison between Linux Containers and Virtual MachinesPerformance comparison between Linux Containers and Virtual Machines
Performance comparison between Linux Containers and Virtual Machines
Soheila Dehghanzadeh
 
Docker training
Docker trainingDocker training
Docker training
Kiran Kumar
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes Basics
Antonin Stoklasek
 
Revolutionizing the cloud with container virtualization
Revolutionizing the cloud with container virtualizationRevolutionizing the cloud with container virtualization
Revolutionizing the cloud with container virtualization
WSO2
 
Docker Container Introduction
Docker Container IntroductionDocker Container Introduction
Docker Container Introduction
Innfinision Cloud and BigData Solutions
 
Microservices, Containers and Docker
Microservices, Containers and DockerMicroservices, Containers and Docker
Microservices, Containers and Docker
Ioannis Papapanagiotou
 
Docker Global Hack Day #3
Docker Global Hack Day #3 Docker Global Hack Day #3
Docker Global Hack Day #3
Docker, Inc.
 
LXD: The hypervisor that isn't
LXD: The hypervisor that isn'tLXD: The hypervisor that isn't
LXD: The hypervisor that isn't
tych0
 
Containers in the Cloud
Containers in the CloudContainers in the Cloud
Containers in the Cloud
James Darrell Pratt
 
Rebuild presentation during Docker's Birthday party
Rebuild presentation during Docker's Birthday partyRebuild presentation during Docker's Birthday party
Rebuild presentation during Docker's Birthday party
Yan Vugenfirer
 
Container security
Container securityContainer security
Container security
Anthony Chow
 
Docker introduction for Carbon IT
Docker introduction for Carbon ITDocker introduction for Carbon IT
Docker introduction for Carbon IT
yannick grenzinger
 
LXC NSAttach
LXC NSAttachLXC NSAttach
LXC NSAttach
Darshan Parmar
 
Docker, Innovation Accelerator
Docker, Innovation AcceleratorDocker, Innovation Accelerator
Docker, Innovation Accelerator
Docker, Inc.
 
Linux containers
Linux containersLinux containers
Linux containers
indikadias
 
Docker container a-brief_introduction_2016-01-30
Docker container a-brief_introduction_2016-01-30Docker container a-brief_introduction_2016-01-30
Docker container a-brief_introduction_2016-01-30
Khelender Sasan
 
Securing OpenStack and Beyond with Ansible
Securing OpenStack and Beyond with AnsibleSecuring OpenStack and Beyond with Ansible
Securing OpenStack and Beyond with Ansible
Major Hayden
 
Docker basics
Docker basicsDocker basics
Docker basics
Claudio Montoya
 

Similar to Understanding the container landscape and it associated projects (20)

Containerize! Between Docker and Jube.
Containerize! Between Docker and Jube.Containerize! Between Docker and Jube.
Containerize! Between Docker and Jube.
Henryk Konsek
 
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
Patrick Chanezon
 
Evolution of containers to kubernetes
Evolution of containers to kubernetesEvolution of containers to kubernetes
Evolution of containers to kubernetes
Krishna-Kumar
 
SW Docker Security
SW Docker SecuritySW Docker Security
SW Docker Security
Stephane Woillez
 
Docker
Docker Docker
Docker
Mindstorm Studios
 
Docker Online Training
Docker Online TrainingDocker Online Training
Docker Online Training
navyatejavisualpath
 
Hack the whale
Hack the whaleHack the whale
Hack the whale
Marco Ferrigno
 
Reviwe(docker)
Reviwe(docker)Reviwe(docker)
Reviwe(docker)
Mohammadreza Amini
 
HLayer / Docker and its ecosystem
HLayer / Docker and its ecosystemHLayer / Docker and its ecosystem
HLayer / Docker and its ecosystem
Aymen EL Amri
 
paper
paperpaper
paper
Ankit Mishra
 
Docker
DockerDocker
Docker
Neeraj Wadhwa
 
Docker Ecosystem on Azure
Docker Ecosystem on AzureDocker Ecosystem on Azure
Docker Ecosystem on Azure
Patrick Chanezon
 
Docker.pptx
Docker.pptxDocker.pptx
Docker.pptx
balaji257
 
Weave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 RecapWeave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 Recap
Patrick Chanezon
 
Docker Dojo
Docker DojoDocker Dojo
Docker Dojo
Hugo González Labrador
 
Containers and Cloud: From LXC to Docker to Kubernetes
Containers and Cloud: From LXC to Docker to KubernetesContainers and Cloud: From LXC to Docker to Kubernetes
Containers and Cloud: From LXC to Docker to Kubernetes
Shreyas MM
 
Dockercon EU 2015 Recap
Dockercon EU 2015 RecapDockercon EU 2015 Recap
Dockercon EU 2015 Recap
Lee Calcote
 
Docker - Portable Deployment
Docker - Portable DeploymentDocker - Portable Deployment
Docker - Portable Deployment
javaonfly
 
Backend Master | 3.4.2 Deploy - Docker Introduction
Backend Master | 3.4.2 Deploy - Docker IntroductionBackend Master | 3.4.2 Deploy - Docker Introduction
Backend Master | 3.4.2 Deploy - Docker Introduction
Kyunghun Jeon
 
Docker
DockerDocker
Docker
A.K.M. Ahsrafuzzaman
 
Containerize! Between Docker and Jube.
Containerize! Between Docker and Jube.Containerize! Between Docker and Jube.
Containerize! Between Docker and Jube.
Henryk Konsek
 
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
Building Distributed Systems without Docker, Using Docker Plumbing Projects -...
Patrick Chanezon
 
Evolution of containers to kubernetes
Evolution of containers to kubernetesEvolution of containers to kubernetes
Evolution of containers to kubernetes
Krishna-Kumar
 
SW Docker Security
SW Docker SecuritySW Docker Security
SW Docker Security
Stephane Woillez
 
Docker
Docker Docker
Docker
Mindstorm Studios
 
Docker Online Training
Docker Online TrainingDocker Online Training
Docker Online Training
navyatejavisualpath
 
Hack the whale
Hack the whaleHack the whale
Hack the whale
Marco Ferrigno
 
Reviwe(docker)
Reviwe(docker)Reviwe(docker)
Reviwe(docker)
Mohammadreza Amini
 
HLayer / Docker and its ecosystem
HLayer / Docker and its ecosystemHLayer / Docker and its ecosystem
HLayer / Docker and its ecosystem
Aymen EL Amri
 
paper
paperpaper
paper
Ankit Mishra
 
Docker
DockerDocker
Docker
Neeraj Wadhwa
 
Docker Ecosystem on Azure
Docker Ecosystem on AzureDocker Ecosystem on Azure
Docker Ecosystem on Azure
Patrick Chanezon
 
Docker.pptx
Docker.pptxDocker.pptx
Docker.pptx
balaji257
 
Weave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 RecapWeave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 Recap
Patrick Chanezon
 
Docker Dojo
Docker DojoDocker Dojo
Docker Dojo
Hugo González Labrador
 
Containers and Cloud: From LXC to Docker to Kubernetes
Containers and Cloud: From LXC to Docker to KubernetesContainers and Cloud: From LXC to Docker to Kubernetes
Containers and Cloud: From LXC to Docker to Kubernetes
Shreyas MM
 
Dockercon EU 2015 Recap
Dockercon EU 2015 RecapDockercon EU 2015 Recap
Dockercon EU 2015 Recap
Lee Calcote
 
Docker - Portable Deployment
Docker - Portable DeploymentDocker - Portable Deployment
Docker - Portable Deployment
javaonfly
 
Backend Master | 3.4.2 Deploy - Docker Introduction
Backend Master | 3.4.2 Deploy - Docker IntroductionBackend Master | 3.4.2 Deploy - Docker Introduction
Backend Master | 3.4.2 Deploy - Docker Introduction
Kyunghun Jeon
 
Docker
DockerDocker
Docker
A.K.M. Ahsrafuzzaman
 
Ad

More from Anthony Chow (13)

Build your own Blockchain with the right tool for your application
Build your own Blockchain with the right tool for your applicationBuild your own Blockchain with the right tool for your application
Build your own Blockchain with the right tool for your application
Anthony Chow
 
Container security
Container securityContainer security
Container security
Anthony Chow
 
MQTT security
MQTT securityMQTT security
MQTT security
Anthony Chow
 
Understanding gRPC Authentication Methods
Understanding gRPC Authentication MethodsUnderstanding gRPC Authentication Methods
Understanding gRPC Authentication Methods
Anthony Chow
 
Api security with o auth2
Api security with o auth2Api security with o auth2
Api security with o auth2
Anthony Chow
 
Container security
Container securityContainer security
Container security
Anthony Chow
 
V brownbag sept-14-2016
V brownbag sept-14-2016V brownbag sept-14-2016
V brownbag sept-14-2016
Anthony Chow
 
Getting over the barrier and start contributing to OpenStack
Getting over the barrier and start contributing to OpenStackGetting over the barrier and start contributing to OpenStack
Getting over the barrier and start contributing to OpenStack
Anthony Chow
 
Introduction to go
Introduction to goIntroduction to go
Introduction to go
Anthony Chow
 
Micro segmentation – a perfect fit for microservices
Micro segmentation – a perfect fit for microservicesMicro segmentation – a perfect fit for microservices
Micro segmentation – a perfect fit for microservices
Anthony Chow
 
An overview of OpenStack for the VMware community
An overview of OpenStack for the VMware communityAn overview of OpenStack for the VMware community
An overview of OpenStack for the VMware community
Anthony Chow
 
VXLAN in the contemporary data center
VXLAN in the contemporary data centerVXLAN in the contemporary data center
VXLAN in the contemporary data center
Anthony Chow
 
What a Beginner Should Know About OpenStack
What a Beginner Should Know About OpenStackWhat a Beginner Should Know About OpenStack
What a Beginner Should Know About OpenStack
Anthony Chow
 
Build your own Blockchain with the right tool for your application
Build your own Blockchain with the right tool for your applicationBuild your own Blockchain with the right tool for your application
Build your own Blockchain with the right tool for your application
Anthony Chow
 
Container security
Container securityContainer security
Container security
Anthony Chow
 
MQTT security
MQTT securityMQTT security
MQTT security
Anthony Chow
 
Understanding gRPC Authentication Methods
Understanding gRPC Authentication MethodsUnderstanding gRPC Authentication Methods
Understanding gRPC Authentication Methods
Anthony Chow
 
Api security with o auth2
Api security with o auth2Api security with o auth2
Api security with o auth2
Anthony Chow
 
Container security
Container securityContainer security
Container security
Anthony Chow
 
V brownbag sept-14-2016
V brownbag sept-14-2016V brownbag sept-14-2016
V brownbag sept-14-2016
Anthony Chow
 
Getting over the barrier and start contributing to OpenStack
Getting over the barrier and start contributing to OpenStackGetting over the barrier and start contributing to OpenStack
Getting over the barrier and start contributing to OpenStack
Anthony Chow
 
Introduction to go
Introduction to goIntroduction to go
Introduction to go
Anthony Chow
 
Micro segmentation – a perfect fit for microservices
Micro segmentation – a perfect fit for microservicesMicro segmentation – a perfect fit for microservices
Micro segmentation – a perfect fit for microservices
Anthony Chow
 
An overview of OpenStack for the VMware community
An overview of OpenStack for the VMware communityAn overview of OpenStack for the VMware community
An overview of OpenStack for the VMware community
Anthony Chow
 
VXLAN in the contemporary data center
VXLAN in the contemporary data centerVXLAN in the contemporary data center
VXLAN in the contemporary data center
Anthony Chow
 
What a Beginner Should Know About OpenStack
What a Beginner Should Know About OpenStackWhat a Beginner Should Know About OpenStack
What a Beginner Should Know About OpenStack
Anthony Chow
 
Ad

Recently uploaded (20)

Procurement Insights Cost To Value Guide.pptx
Procurement Insights Cost To Value Guide.pptxProcurement Insights Cost To Value Guide.pptx
Procurement Insights Cost To Value Guide.pptx
Jon Hansen
 
TrsLabs - Fintech Product & Business Consulting
TrsLabs - Fintech Product & Business ConsultingTrsLabs - Fintech Product & Business Consulting
TrsLabs - Fintech Product & Business Consulting
Trs Labs
 
Semantic Cultivators : The Critical Future Role to Enable AI
Semantic Cultivators : The Critical Future Role to Enable AISemantic Cultivators : The Critical Future Role to Enable AI
Semantic Cultivators : The Critical Future Role to Enable AI
artmondano
 
Generative Artificial Intelligence (GenAI) in Business
Generative Artificial Intelligence (GenAI) in BusinessGenerative Artificial Intelligence (GenAI) in Business
Generative Artificial Intelligence (GenAI) in Business
Dr. Tathagat Varma
 
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
organizerofv
 
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptxIncreasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Anoop Ashok
 
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Aqusag Technologies
 
Complete Guide to Advanced Logistics Management Software in Riyadh.pdf
Complete Guide to Advanced Logistics Management Software in Riyadh.pdfComplete Guide to Advanced Logistics Management Software in Riyadh.pdf
Complete Guide to Advanced Logistics Management Software in Riyadh.pdf
Software Company
 
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul
 
How Can I use the AI Hype in my Business Context?
How Can I use the AI Hype in my Business Context?How Can I use the AI Hype in my Business Context?
How Can I use the AI Hype in my Business Context?
Daniel Lehner
 
Mobile App Development Company in Saudi Arabia
Mobile App Development Company in Saudi ArabiaMobile App Development Company in Saudi Arabia
Mobile App Development Company in Saudi Arabia
Steve Jonas
 
ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes Partner Innovation Updates for May 2025ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes
 
Greenhouse_Monitoring_Presentation.pptx.
Greenhouse_Monitoring_Presentation.pptx.Greenhouse_Monitoring_Presentation.pptx.
Greenhouse_Monitoring_Presentation.pptx.
hpbmnnxrvb
 
HCL Nomad Web – Best Practices and Managing Multiuser Environments
HCL Nomad Web – Best Practices and Managing Multiuser EnvironmentsHCL Nomad Web – Best Practices and Managing Multiuser Environments
HCL Nomad Web – Best Practices and Managing Multiuser Environments
panagenda
 
HCL Nomad Web – Best Practices und Verwaltung von Multiuser-Umgebungen
HCL Nomad Web – Best Practices und Verwaltung von Multiuser-UmgebungenHCL Nomad Web – Best Practices und Verwaltung von Multiuser-Umgebungen
HCL Nomad Web – Best Practices und Verwaltung von Multiuser-Umgebungen
panagenda
 
Quantum Computing Quick Research Guide by Arthur Morgan
Quantum Computing Quick Research Guide by Arthur MorganQuantum Computing Quick Research Guide by Arthur Morgan
Quantum Computing Quick Research Guide by Arthur Morgan
Arthur Morgan
 
Electronic_Mail_Attacks-1-35.pdf by xploit
Electronic_Mail_Attacks-1-35.pdf by xploitElectronic_Mail_Attacks-1-35.pdf by xploit
Electronic_Mail_Attacks-1-35.pdf by xploit
niftliyevhuseyn
 
Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...
Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...
Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...
BookNet Canada
 
UiPath Community Berlin: Orchestrator API, Swagger, and Test Manager API
UiPath Community Berlin: Orchestrator API, Swagger, and Test Manager APIUiPath Community Berlin: Orchestrator API, Swagger, and Test Manager API
UiPath Community Berlin: Orchestrator API, Swagger, and Test Manager API
UiPathCommunity
 
What is Model Context Protocol(MCP) - The new technology for communication bw...
What is Model Context Protocol(MCP) - The new technology for communication bw...What is Model Context Protocol(MCP) - The new technology for communication bw...
What is Model Context Protocol(MCP) - The new technology for communication bw...
Vishnu Singh Chundawat
 
Procurement Insights Cost To Value Guide.pptx
Procurement Insights Cost To Value Guide.pptxProcurement Insights Cost To Value Guide.pptx
Procurement Insights Cost To Value Guide.pptx
Jon Hansen
 
TrsLabs - Fintech Product & Business Consulting
TrsLabs - Fintech Product & Business ConsultingTrsLabs - Fintech Product & Business Consulting
TrsLabs - Fintech Product & Business Consulting
Trs Labs
 
Semantic Cultivators : The Critical Future Role to Enable AI
Semantic Cultivators : The Critical Future Role to Enable AISemantic Cultivators : The Critical Future Role to Enable AI
Semantic Cultivators : The Critical Future Role to Enable AI
artmondano
 
Generative Artificial Intelligence (GenAI) in Business
Generative Artificial Intelligence (GenAI) in BusinessGenerative Artificial Intelligence (GenAI) in Business
Generative Artificial Intelligence (GenAI) in Business
Dr. Tathagat Varma
 
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
organizerofv
 
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptxIncreasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Anoop Ashok
 
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Aqusag Technologies
 
Complete Guide to Advanced Logistics Management Software in Riyadh.pdf
Complete Guide to Advanced Logistics Management Software in Riyadh.pdfComplete Guide to Advanced Logistics Management Software in Riyadh.pdf
Complete Guide to Advanced Logistics Management Software in Riyadh.pdf
Software Company
 
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul
 
How Can I use the AI Hype in my Business Context?
How Can I use the AI Hype in my Business Context?How Can I use the AI Hype in my Business Context?
How Can I use the AI Hype in my Business Context?
Daniel Lehner
 
Mobile App Development Company in Saudi Arabia
Mobile App Development Company in Saudi ArabiaMobile App Development Company in Saudi Arabia
Mobile App Development Company in Saudi Arabia
Steve Jonas
 
ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes Partner Innovation Updates for May 2025ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes
 
Greenhouse_Monitoring_Presentation.pptx.
Greenhouse_Monitoring_Presentation.pptx.Greenhouse_Monitoring_Presentation.pptx.
Greenhouse_Monitoring_Presentation.pptx.
hpbmnnxrvb
 
HCL Nomad Web – Best Practices and Managing Multiuser Environments
HCL Nomad Web – Best Practices and Managing Multiuser EnvironmentsHCL Nomad Web – Best Practices and Managing Multiuser Environments
HCL Nomad Web – Best Practices and Managing Multiuser Environments
panagenda
 
HCL Nomad Web – Best Practices und Verwaltung von Multiuser-Umgebungen
HCL Nomad Web – Best Practices und Verwaltung von Multiuser-UmgebungenHCL Nomad Web – Best Practices und Verwaltung von Multiuser-Umgebungen
HCL Nomad Web – Best Practices und Verwaltung von Multiuser-Umgebungen
panagenda
 
Quantum Computing Quick Research Guide by Arthur Morgan
Quantum Computing Quick Research Guide by Arthur MorganQuantum Computing Quick Research Guide by Arthur Morgan
Quantum Computing Quick Research Guide by Arthur Morgan
Arthur Morgan
 
Electronic_Mail_Attacks-1-35.pdf by xploit
Electronic_Mail_Attacks-1-35.pdf by xploitElectronic_Mail_Attacks-1-35.pdf by xploit
Electronic_Mail_Attacks-1-35.pdf by xploit
niftliyevhuseyn
 
Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...
Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...
Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...
BookNet Canada
 
UiPath Community Berlin: Orchestrator API, Swagger, and Test Manager API
UiPath Community Berlin: Orchestrator API, Swagger, and Test Manager APIUiPath Community Berlin: Orchestrator API, Swagger, and Test Manager API
UiPath Community Berlin: Orchestrator API, Swagger, and Test Manager API
UiPathCommunity
 
What is Model Context Protocol(MCP) - The new technology for communication bw...
What is Model Context Protocol(MCP) - The new technology for communication bw...What is Model Context Protocol(MCP) - The new technology for communication bw...
What is Model Context Protocol(MCP) - The new technology for communication bw...
Vishnu Singh Chundawat
 

Understanding the container landscape and it associated projects

  • 1. Anthony Chow Twitter: @vCloudernBeer Blog: http://cloudn1n3.blogspot.com/ April 25, 2016 OpenStack Austin Summit vBrownBag TechTalk
  • 3.  Blog posts  Books  Ecosystem announcements  Webinar  Conferences  Local Meetups  Your boss wants to deploy container related technologies.  You want to get into this technology for more $$$$ or a “better” job.
  • 8.  FreeBSD Jails (back in 2000)  Imctfy (Google’s version of container)  LXC (technology that Docker build upon)  Docker: “Build Ship Run”
  • 9.  Namespaces  Current view of PID, network, IPC, MNT and UTS  Linux namespaces provides isolations for each container. Applications or process inside a container do not have access outside of the namespaces that the container is in.  Control groups/cgroups  Kernel function used to control access rights.  While namespaces provides access isolation, the control groups limits the hardware resources that the container can access. One example of control groups is to limit the memory available for the container for say 256 MBs.  AUFS  This is how containers are made to be light weighted. Linux kernel first mounts the root system read-only and then change to read-write. With the union mount, instead of changing from read-only to read-write, a read-write file system is layered on top of the read-only based Filesystem. Union mean to layer read-write with read-only layers.
  • 10.  Docker Client  Accept commands from the user and communicate with the server/daemon  Docker Server/Daemon  Building the Docker container from the images that are stored in the Docker Registry  Docker container  Base unit where the application runs on  Similar to a Virtual Machine  Default base moving from Ubuntu to Alpine for smaller footprint  Dockerfile  a configuration file with build instructions for Docker images  Docker image  Building block of container  Docker Registry  Location where the Docker images are stored  Public registry – access by everyone  Private registry – access by specific team or organization.
  • 11.  Docker Hub  Quay Container Registry  Amazon Container Registry  Google Container Registry
  • 12.  Container image format  Docker – appC  CoreOS – Rocker (rkt)
  • 13.  CoreOS  RacherOS  Ubuntu Snappy  Red Hat Atomic  VMware photon  Microsoft Nano Server
  • 14.  Open Container Initiative  OCI Runtime Specification  OCI Image Format Specification
  • 15.  Microservices  Container runs in groups and on distributed hosts as service  Containers “come and go”  Not practical to hardcode port number.  Distributed key-value store  Common tool for service discovery  Zookeeper  Etcd  Consul
  • 16.  Containers needs network traffic isolation for multi-tenants  Number of addressable end-point drastically increases  Immutable infrastructure – container is created and destroyed on different hosts constantly  Networking solutions for containers  Libnetwork (since rev 1.9)  Weave  Flannel (CoreOS)  IPvlan
  • 17.  A new security requirements created by container based infrastructure.  Docker container used to run as “root”  Common form of security solutions for containers:  Discretionary Access Control (DAS)  Seccomp  SELinux (Mandatory Access Control – MAC)  Microsegmentation solution from VMware and Cisco
  • 18.  Stateless container  Stateful container  Persistent Storage  Default: data reside inside the container  Docker Volume Driver (rev 1.8)  Convoy: a Docker storage driver  Flocker: container data volume manager
  • 19.  “To deploy container is one thing, architect a container solution is not so simple?  Common container orchestration tools:  Docker Swarm  Kubernetes  Apache Mesos  Redhat Atomic  CoreOS Fleet
  • 20.  Provides an Docker container orchestration platform using OpenStack as a infrastructure  Key concept: Container Orchestration Engine  Docker Swarm  Kubernetes  Apache Mesos  Able to interface with Docker client and Kubernetes client
  • 21.  “provides production-ready containers and deployment tools for operating OpenStack clouds that are scalable, fast, reliable, and upgradable using community best practices.” – OpenStack Wiki  running OpenStack service as a container
  • 22.  “bring containers and Docker networking specifically to use and leverage solutions and services in Neutron” – superuser.openstack.org  Kuryr is Czech for "courier."
  • 23.  “a distributed control plane implementation of Neutron” – superuser.openstack.org  Dragonflow is going to support use cases of nested containers inside a VM without the need to introduce another layer of overlay abstraction. We are going to support various different modes to deploy this and have full integration with project Kuryr.
  • 24.  Container technology is here to stay along with virtual machines  More and more OpenStack project is embracing this container technology to solve different problems.  We need to stay relevant and keep up with the container technology.  Get a clearer picture of the container landscape.
  • 25. Have a joyful and fruitful conference @vCloudernBeer