Networking & Security for Mesos

Size: px
Start display at page:

Download "Networking & Security for Mesos"

Transcription

1 Sponsored by Networking & Security for Mesos AN IP FOR EVERY CONTAINER AND MORE! Christopher Liljenstolpe February 24, 2016

2 The #1 Challenge for Cloud? Recent data breaches due to hacking or poor security Cloud-native app architectures are driving x growth in workloads in an era of heightened security threats

3 Enterprise security is still in the middle ages

4 Medieval security architecture

5 Oh, hey! I just love these things! Crunchy on the outside and a chewy center!

6 Fast forward to the present

7 Increased complexity

8 Resource Fungibility

9 Tear down the walls?

10 The opportunity?

11 The opportunity?

12 The Dynamic, Distributed Firewall eth eth eth Routing eth0 Network eth0 Fabric Routing eth eth eth

13 The Dynamic, Distributed Firewall: Worked Example Workload A 2001:db8::1 1. to 2001:db8::2 port 80 allow 2. to 2001:db8::3 port 80 allow 3. from <qarobots> any port 443 allow 4. default deny Workload B 2001:db8::2 Felix 1. from 2001:db8::1 port 80 allow 2. default deny A: loadbal; QA Pub B: webapp C: webapp loadbal: allow 80 to webapp webapp: allow 80 fm loadbal QA: allow 443 fm <qarobots> Pub: allow 443 fm any Workload C 2001:db8::3 Felix 1. from 2001:db8::1 port 80 allow 2. default deny

14 Mesos / HAProxy introduce another problem Host [ ] A service [ ] another [ ] Application [ ] IP: :8080 IP: :80

15 The Solution

16 Project Calico & Mesos Logical Architecture Mesos Agent Mesos Agent Mesos Master Mesos Agent Workload (container or VM) Workload (container or VM) Workload (container or VM) Security Policy Host Kernel Policy Enforcement Policy Enforcement Policy Enforcement Routes & Addresses Efficient Packet Forwarding (IP per workload, direct integration with cloud fabric)

17 Net-modules Work Flow Actual Architecture Framework Master Agent Plug- in (Calico) Launch task (NetworkInfo) Launch task (NetworkInfo) Update task state Task update (NetworkInfo) Cleanup module Task update (NetworkInfo) Get IP Isolate (IP, policy) Isolator module IPAM Network virtualizer Mesos module Network plug- in

18 Demonstration of basic network isolation Mesos cluster with 2 agents Launching 4 probe tasks Each probe listens to port 9000 Each probe tries to reach all other probes We want all 4 to launch successfully (no port conflicts) We want to isolate them into two groups of 2 probes

19 Demonstration (video)

20 Where are we at today? Net-modules supported with Mesos containerizer since Mesos 0.26 IP per container IP Address Management (IPAM) DNS-based service discovery (Mesos-DNS) Network isolation Try it out Includes step-by-step instructions to repeat the demo

21 Restrictions / Wish List Other frameworks (only Marathon supported today) Community work ongoing to integrate Spark, Chronos,... Docker daemon support via same net-modules mechanism Docker daemon includes a different networking model, via the libnetwork API, but it is not well integrated with Mesos Tighter integration of fine-grained policy control Today, fine-grained policy is side loaded via calicoctl One-step install via DCOS Support for Container Network Interface (CNI) model (as used by Kubernetes)

22 Summary

Note: Isolation guarantees among subnets depend on your firewall policies.

Note: Isolation guarantees among subnets depend on your firewall policies. Virtual Networks DC/OS supports Container Networking Interface (CNI)-compatible virtual networking solutions, including Calico and Contrail. DC/OS also provides a native virtual networking solution called

More information

2016 Mesosphere, Inc. All Rights Reserved.

2016 Mesosphere, Inc. All Rights Reserved. MesosCon 2016 - Qian Zhang (IBM China), Avinash Sridharan, Jie Yu (Mesosphere) Container Network Interface (CNI) for Mesos: The `network/cni` isolator. 1 Qian Zhang Software Engineer zhangqxa@cn.ibm.com

More information

Cloud Native Networking

Cloud Native Networking Webinar Series Cloud Native Networking January 12, 2017 Your Presenters Christopher Liljenstolpe CTO, Tigera / Founder, Project Calico Bryan Boreham Director of Engineering, WeaveWorks 2 Networking in

More information

SCALING LIKE TWITTER WITH APACHE MESOS

SCALING LIKE TWITTER WITH APACHE MESOS Philip Norman & Sunil Shah SCALING LIKE TWITTER WITH APACHE MESOS 1 MODERN INFRASTRUCTURE Dan the Datacenter Operator Alice the Application Developer Doesn t sleep very well Loves automation Wants to control

More information

Scale your Docker containers with Mesos

Scale your Docker containers with Mesos Scale your Docker containers with Mesos Timothy Chen tim@mesosphere.io About me: - Distributed Systems Architect @ Mesosphere - Lead Containerization engineering - Apache Mesos, Drill PMC / Committer

More information

MESOS A State-Of-The-Art Container Orchestrator Mesosphere, Inc. All Rights Reserved. 1

MESOS A State-Of-The-Art Container Orchestrator Mesosphere, Inc. All Rights Reserved. 1 MESOS A State-Of-The-Art Container Orchestrator 2016 Mesosphere, Inc. All Rights Reserved. 1 About me Jie Yu (@jie_yu) Tech Lead at Mesosphere Mesos PMC member and committer Formerly worked at Twitter

More information

Project Calico v3.1. Overview. Architecture and Key Components

Project Calico v3.1. Overview. Architecture and Key Components Project Calico v3.1 Overview Benefits Simplicity. Traditional Software Defined Networks (SDNs) are complex, making them hard to deploy and troubleshoot. Calico removes that complexity, with a simplified

More information

POWERING THE INTERNET WITH APACHE MESOS

POWERING THE INTERNET WITH APACHE MESOS Neil Conway, Niklas Nielsen, Greg Mann & Sunil Shah POWERING THE INTERNET WITH APACHE MESOS 1 MESOS: ORIGINS 2 THE BIRTH OF MESOS TWITTER TECH TALK APACHE INCUBATION The grad students working on Mesos

More information

利用 Mesos 打造高延展性 Container 環境. Frank, Microsoft MTC

利用 Mesos 打造高延展性 Container 環境. Frank, Microsoft MTC 利用 Mesos 打造高延展性 Container 環境 Frank, Microsoft MTC About Me Developer @ Yahoo! DevOps @ HTC Technical Architect @ MSFT Agenda About Docker Manage containers Apache Mesos Mesosphere DC/OS application = application

More information

Mesosphere and Percona Server for MongoDB. Peter Schwaller, Senior Director Server Eng. (Percona) Taco Scargo, Senior Solution Engineer (Mesosphere)

Mesosphere and Percona Server for MongoDB. Peter Schwaller, Senior Director Server Eng. (Percona) Taco Scargo, Senior Solution Engineer (Mesosphere) Mesosphere and Percona Server for MongoDB Peter Schwaller, Senior Director Server Eng. (Percona) Taco Scargo, Senior Solution Engineer (Mesosphere) Mesosphere DC/OS MICROSERVICES, CONTAINERS, & DEV TOOLS

More information

Orchestration Ownage: Exploiting Container-Centric Datacenter Platforms

Orchestration Ownage: Exploiting Container-Centric Datacenter Platforms SESSION ID: CSV-R03 Orchestration Ownage: Exploiting Container-Centric Datacenter Platforms Bryce Kunz Senior Threat Specialist Adobe Mike Mellor Director, Information Security Adobe Intro Mike Mellor

More information

AGILE DEVELOPMENT AND PAAS USING THE MESOSPHERE DCOS

AGILE DEVELOPMENT AND PAAS USING THE MESOSPHERE DCOS Sunil Shah AGILE DEVELOPMENT AND PAAS USING THE MESOSPHERE DCOS 1 THE DATACENTER OPERATING SYSTEM (DCOS) 2 DCOS INTRODUCTION The Mesosphere Datacenter Operating System (DCOS) is a distributed operating

More information

Mesosphere and Percona Server for MongoDB. Jeff Sandstrom, Product Manager (Percona) Ravi Yadav, Tech. Partnerships Lead (Mesosphere)

Mesosphere and Percona Server for MongoDB. Jeff Sandstrom, Product Manager (Percona) Ravi Yadav, Tech. Partnerships Lead (Mesosphere) Mesosphere and Percona Server for MongoDB Jeff Sandstrom, Product Manager (Percona) Ravi Yadav, Tech. Partnerships Lead (Mesosphere) Mesosphere DC/OS MICROSERVICES, CONTAINERS, & DEV TOOLS DATA SERVICES,

More information

Container Orchestration on Amazon Web Services. Arun

Container Orchestration on Amazon Web Services. Arun Container Orchestration on Amazon Web Services Arun Gupta, @arungupta Docker Workflow Development using Docker Docker Community Edition Docker for Mac/Windows/Linux Monthly edge and quarterly stable

More information

Project Calico v3.2. Overview. Architecture and Key Components. Project Calico provides network security for containers and virtual machine workloads.

Project Calico v3.2. Overview. Architecture and Key Components. Project Calico provides network security for containers and virtual machine workloads. Project Calico v3.2 Overview Benefits Simplicity. Traditional Software Defined Networks (SDNs) are complex, making them hard to deploy and troubleshoot. Calico removes that complexity, with a simplified

More information

Deploying Applications on DC/OS

Deploying Applications on DC/OS Mesosphere Datacenter Operating System Deploying Applications on DC/OS Keith McClellan - Technical Lead, Federal Programs keith.mcclellan@mesosphere.com V6 THE FUTURE IS ALREADY HERE IT S JUST NOT EVENLY

More information

Defining Security for an AWS EKS deployment

Defining Security for an AWS EKS deployment Defining Security for an AWS EKS deployment Cloud-Native Security www.aporeto.com Defining Security for a Kubernetes Deployment Kubernetes is an open-source orchestrator for automating deployment, scaling,

More information

Big Data Security. Facing the challenge

Big Data Security. Facing the challenge Big Data Security Facing the challenge Experience the presentation xlic.es/v/e98605 About me Father of a 5 year old child Technical leader in Architecture and Security team at Stratio Sailing skipper 3

More information

Container Networking and Openstack. Fernando Sanchez Fawad Khaliq March, 2016

Container Networking and Openstack. Fernando Sanchez Fawad Khaliq March, 2016 Container Networking and Openstack Fernando Sanchez - @fernandosanchez Fawad Khaliq - @fawadkhaliq March, 2016 Agenda Containers, Orchestration and Networking Containers: runtimes Container Orchestration

More information

Kubernetes made easy with Docker EE. Patrick van der Bleek Sr. Solutions Engineer NEMEA

Kubernetes made easy with Docker EE. Patrick van der Bleek Sr. Solutions Engineer NEMEA Kubernetes made easy with Docker EE Patrick van der Bleek Sr. Solutions Engineer NEMEA Docker Enterprise Edition is More than Containers + Orchestration... DOCKER ENTERPRISE EDITION Kubernetes integration

More information

Building/Running Distributed Systems with Apache Mesos

Building/Running Distributed Systems with Apache Mesos Building/Running Distributed Systems with Apache Mesos Philly ETE April 8, 2015 Benjamin Hindman @benh $ whoami 2007-2012 2009-2010 - 2014 my other computer is a datacenter my other computer is a datacenter

More information

Kubernetes networking in the telco space

Kubernetes networking in the telco space Kubernetes networking in the telco space LFN Developer Forum Gergely Csatari (using the materials of Robert Springer, and Peter Megyesi with the help of Levente Kale, Laszo Janosi and Gergo Huszty) 26-03-2018

More information

Buenos Aires 31 de Octubre de 2018

Buenos Aires 31 de Octubre de 2018 Buenos Aires 31 de Octubre de 2018 VMware NSX Data Center & Containers in the Dell EMC Ecosystem Gonzalo Atienza Sr Systems Engineer, Network & Security Business Unit, VMware Containers are Here to stay!

More information

Secure Kubernetes Container Workloads

Secure Kubernetes Container Workloads Secure Kubernetes Container Workloads with Production-Grade Networking Cynthia Thomas Irena Berezovsky Tim Hockin CIA IT operations have top secret apps for their agents, most of which require isolation

More information

Using DC/OS for Continuous Delivery

Using DC/OS for Continuous Delivery Using DC/OS for Continuous Delivery DevPulseCon 2017 Elizabeth K. Joseph, @pleia2 Mesosphere 1 Elizabeth K. Joseph, Developer Advocate, Mesosphere 15+ years working in open source communities 10+ years

More information

Mesosphere and the Enterprise: Run Your Applications on Apache Mesos. Steve Wong Open Source Engineer {code} by Dell

Mesosphere and the Enterprise: Run Your Applications on Apache Mesos. Steve Wong Open Source Engineer {code} by Dell Mesosphere and the Enterprise: Run Your Applications on Apache Mesos Steve Wong Open Source Engineer {code} by Dell EMC @cantbewong Open source at Dell EMC {code} by Dell EMC is a group of passionate open

More information

Cloud & container monitoring , Lars Michelsen Check_MK Conference #4

Cloud & container monitoring , Lars Michelsen Check_MK Conference #4 Cloud & container monitoring 04.05.2018, Lars Michelsen Some cloud definitions Applications Data Runtime Middleware O/S Virtualization Servers Storage Networking Software-as-a-Service (SaaS) Applications

More information

A Whirlwind Tour of Apache Mesos

A Whirlwind Tour of Apache Mesos A Whirlwind Tour of Apache Mesos About Herdy Senior Software Engineer at Citadel Technology Solutions (Singapore) The eternal student Find me on the internet: _hhandoko hhandoko hhandoko https://au.linkedin.com/in/herdyhandoko

More information

EASILY DEPLOY AND SCALE KUBERNETES WITH RANCHER

EASILY DEPLOY AND SCALE KUBERNETES WITH RANCHER EASILY DEPLOY AND SCALE KUBERNETES WITH RANCHER 2 WHY KUBERNETES? Kubernetes is an open-source container orchestrator for deploying and managing containerized applications. Building on 15 years of experience

More information

Project Kuryr. Antoni Segura Puimedon (apuimedo) Gal Sagie (gsagie)

Project Kuryr. Antoni Segura Puimedon (apuimedo) Gal Sagie (gsagie) Project Kuryr Antoni Segura Puimedon (apuimedo) Gal Sagie (gsagie) What are the problems? Reinventing networking abstractions Changing and vendor specific solutions Flannel Weave SocketPlane Overlay2 for

More information

Zero to Microservices in 5 minutes using Docker Containers. Mathew Lodge Weaveworks

Zero to Microservices in 5 minutes using Docker Containers. Mathew Lodge Weaveworks Zero to Microservices in 5 minutes using Docker Containers Mathew Lodge (@mathewlodge) Weaveworks (@weaveworks) https://www.weave.works/ 2 Going faster with software delivery is now a business issue Software

More information

Opendaylight: Enabling 5G through Cloud Native Telco Architecture Edgar Lombara Lumina Networks Inc.

Opendaylight: Enabling 5G through Cloud Native Telco Architecture Edgar Lombara Lumina Networks Inc. Bay Area Opendaylight: Enabling 5G through Cloud Native Telco Architecture Edgar Lombara Lumina Networks Inc. Agenda Key drivers for 5G 5G and Cloud native Edge Cloud Core Cloud Microservices building

More information

Overview of Container Management

Overview of Container Management Overview of Container Management Wyn Van Devanter @wynv Vic Kumar Agenda Why Container Management? What is Container Management? Clusters, Cloud Architecture & Containers Container Orchestration Tool Overview

More information

How to Put Your AF Server into a Container

How to Put Your AF Server into a Container How to Put Your AF Server into a Container Eugene Lee Technology Enablement Engineer 1 Technology Challenges 2 Cloud Native bring different expectations 3 We are becoming more impatient Deploy Code Release

More information

Torc. Applications, Microservices, VNFs controlled by Top-of-Rack Controller AT&T Foundry, where ideas are made. Marcel Neuhausler.

Torc. Applications, Microservices, VNFs controlled by Top-of-Rack Controller AT&T Foundry, where ideas are made. Marcel Neuhausler. Torc Applications, Microservices, VNFs controlled by Top-of-Rack Controller AT&T Foundry, where ideas are made Julius Mueller Marcel Neuhausler Senior Member of Technical Staff Principal Software Engineer

More information

CONTINUOUS DELIVERY WITH DC/OS AND JENKINS

CONTINUOUS DELIVERY WITH DC/OS AND JENKINS SOFTWARE ARCHITECTURE NOVEMBER 15, 2016 CONTINUOUS DELIVERY WITH DC/OS AND JENKINS AGENDA Presentation Introduction to Apache Mesos and DC/OS Components that make up modern infrastructure Running Jenkins

More information

Growth of Docker hub pulls

Growth of Docker hub pulls millions 6000 Growth of Docker hub pulls 5000 5000 4000 3000 2000 2000 1000 300 800 1200 0 May-15 Jun-15 Jul-15 Aug-15 Sep-15 2016 A Highly Complex Ecosystem Security challenges of container opera3ons

More information

Kuryr & Fuxi. OpenStack networking and storage for Docker Swarm containers. Hongbin Lu Antoni Segura Puimedon

Kuryr & Fuxi. OpenStack networking and storage for Docker Swarm containers. Hongbin Lu Antoni Segura Puimedon Kuryr & Fuxi OpenStack networking and storage for Docker Swarm containers Hongbin Lu Antoni Segura Puimedon A bit of background Kuryr-libnetwork Fuxi Started during Liberty Brings Neutron Networking to

More information

Using Network Virtualization in DevOps environments Yves Fauser, 22. March 2016 (Technical Product Manager VMware NSBU)

Using Network Virtualization in DevOps environments Yves Fauser, 22. March 2016 (Technical Product Manager VMware NSBU) Using Network Virtualization in DevOps environments Yves Fauser, 22. March 2016 (Technical Product Manager VMware NSBU) 2014 VMware Inc. All rights reserved. Who is standing in front of you? Yves Fauser

More information

Introduction to Mesos and the Datacenter Operating System

Introduction to Mesos and the Datacenter Operating System Introduction to Mesos and the Datacenter Operating System Artem Harutyunyan (artem@mesosphere.io) 2016 Mesosphere, Inc. All Rights Reserved. INTRO $ whoami ARTEM HARUTYUNYAN ALICE Offline (2004-2010) AliEn

More information

Wolfram Richter Red Hat. OpenShift Container Netzwerk aus Sicht der Workload

Wolfram Richter Red Hat. OpenShift Container Netzwerk aus Sicht der Workload Wolfram Richter Red Hat OpenShift Container Netzwerk aus Sicht der Workload Why this session? OpenShift is great for web applications, but we want to do X will this work? X { Analytics, Non-HTTP, High-

More information

CONTAINERIZED SPARK ON KUBERNETES. William Benton Red Hat,

CONTAINERIZED SPARK ON KUBERNETES. William Benton Red Hat, CONTAINERIZED SPARK ON KUBERNETES William Benton Red Hat, Inc. @willb willb@redhat.com BACKGROUND BACKGROUND BACKGROUND BACKGROUND BACKGROUND BACKGROUND BACKGROUND BACKGROUND WHAT OUR SPARK CLUSTER LOOKED

More information

CONTINUOUS DELIVERY WITH MESOS, DC/OS AND JENKINS

CONTINUOUS DELIVERY WITH MESOS, DC/OS AND JENKINS APACHE MESOS NYC MEETUP SEPTEMBER 22, 2016 CONTINUOUS DELIVERY WITH MESOS, DC/OS AND JENKINS WHO WE ARE ROGER IGNAZIO SUNIL SHAH Tech Lead at Mesosphere @rogerignazio Product Manager at Mesosphere @ssk2

More information

CONTAINERS AND MICROSERVICES WITH CONTRAIL

CONTAINERS AND MICROSERVICES WITH CONTRAIL CONTAINERS AND MICROSERVICES WITH CONTRAIL Scott Sneddon Sree Sarva DP Ayyadevara Sr. Director Sr. Director Director Cloud and SDN Contrail Solutions Product Line Management This statement of direction

More information

Exploring Cloud Security, Operational Visibility & Elastic Datacenters. Kiran Mohandas Consulting Engineer

Exploring Cloud Security, Operational Visibility & Elastic Datacenters. Kiran Mohandas Consulting Engineer Exploring Cloud Security, Operational Visibility & Elastic Datacenters Kiran Mohandas Consulting Engineer The Ideal Goal of Network Access Policies People (Developers, Net Ops, CISO, ) V I S I O N Provide

More information

Building a Data-Friendly Platform for a Data- Driven Future

Building a Data-Friendly Platform for a Data- Driven Future Building a Data-Friendly Platform for a Data- Driven Future Benjamin Hindman - @benh 2016 Mesosphere, Inc. All Rights Reserved. INTRO $ whoami BENJAMIN HINDMAN Co-founder and Chief Architect of Mesosphere,

More information

Lessons Learned: Deploying Microservices Software Product in Customer Environments Mark Galpin, Solution Architect, JFrog, Inc.

Lessons Learned: Deploying Microservices Software Product in Customer Environments Mark Galpin, Solution Architect, JFrog, Inc. Lessons Learned: Deploying Microservices Software Product in Customer Environments Mark Galpin, Solution Architect, JFrog, Inc. Who s speaking? Mark Galpin Solution Architect @jfrog magalpin Microservices

More information

Docker Networking Deep Dive online meetup

Docker Networking Deep Dive online meetup Docker Networking Deep Dive online meetup 08/24/2016 @MadhuVenugopal Agenda What is libnetwork CNM 1.12 Features Multihost networking Secured Control plane & Data plane Service Discovery Native Loadbalacing

More information

Advanced Continuous Delivery Strategies for Containerized Applications Using DC/OS

Advanced Continuous Delivery Strategies for Containerized Applications Using DC/OS Advanced Continuous Delivery Strategies for Containerized Applications Using DC/OS ContainerCon @ Open Source Summit North America 2017 Elizabeth K. Joseph @pleia2 1 Elizabeth K. Joseph, Developer Advocate

More information

Dockercon 2017 Networking Workshop

Dockercon 2017 Networking Workshop Dockercon 2017 Networking Workshop Mark Church, Technical Account Manager @ Docker Lorenzo Fontana, Docker Captain Nico Kabar, Solutions Architect @ Docker Agenda 1. Container Network Model 2. Docker Networking

More information

Virtual Infrastructure: VMs and Containers

Virtual Infrastructure: VMs and Containers Virtual Infrastructure: VMs and Containers Andy Bavier and Gopinath Taget ONF CORD Build Nov. 7-9, 2017 An Operator Led Consortium CORD platform evolution Cutting edge innovate Initial CORD prototype (ONS

More information

Service Discovery using Avi Vantage as IPAM and DNS

Service Discovery using Avi Vantage as IPAM and DNS Page 1 of 10 Service Discovery using Avi Vantage as IPAM and DNS Provider view online This article walks through the configuration of Avi Vantage's native IPAM and DNS solution for providing service discovery.

More information

Hacking and Hardening Kubernetes

Hacking and Hardening Kubernetes SESSION ID: HT-W02 Hacking and Hardening Kubernetes Jay Beale CTO InGuardians, Inc @jaybeale and @inguardians Adam Crompton Senior Security Analyst InGuardians, Inc. @3nc0d3r and @inguardians Table of

More information

@joerg_schad Nightmares of a Container Orchestration System

@joerg_schad Nightmares of a Container Orchestration System @joerg_schad Nightmares of a Container Orchestration System 2017 Mesosphere, Inc. All Rights Reserved. 1 Jörg Schad Distributed Systems Engineer @joerg_schad Jan Repnak Support Engineer/ Solution Architect

More information

CNA1699BU Running Docker on your Existing Infrastructure with vsphere Integrated Containers Martijn Baecke Patrick Daigle VMworld 2017 Content: Not fo

CNA1699BU Running Docker on your Existing Infrastructure with vsphere Integrated Containers Martijn Baecke Patrick Daigle VMworld 2017 Content: Not fo CNA1699BU Running Docker on your Existing Infrastructure with vsphere Integrated Containers VMworld 2017 Content: Not for publication #VMworld #CNA1699BU CNA1699BU Running Docker on your Existing Infrastructure

More information

FROM MONOLITH TO DOCKER DISTRIBUTED APPLICATIONS

FROM MONOLITH TO DOCKER DISTRIBUTED APPLICATIONS FROM MONOLITH TO DOCKER DISTRIBUTED APPLICATIONS Carlos Sanchez @csanchez Watch online at carlossg.github.io/presentations ABOUT ME Senior So ware Engineer @ CloudBees Author of Jenkins Kubernetes plugin

More information

Simplify Container Networking With ican. Huawei Cloud Network Lab

Simplify Container Networking With ican. Huawei Cloud Network Lab Simplify Container Networking With ican Huawei Cloud Network Lab Container Network Defined By Application 2 What we face today Automation Deployment and Orchestration: Automate deploy resource for application

More information

What Building Multiple Scalable DC/OS Deployments Taught Me about Running Stateful Services on DC/OS

What Building Multiple Scalable DC/OS Deployments Taught Me about Running Stateful Services on DC/OS What Building Multiple Scalable DC/OS Deployments Taught Me about Running Stateful Services on DC/OS Nathan Shimek - VP of Client Solutions at New Context Dinesh Israin Senior Software Engineer at Portworx

More information

Issues Fixed in DC/OS

Issues Fixed in DC/OS Release Notes for 1.10.4 These are the release notes for DC/OS 1.10.4. DOWNLOAD DC/OS OPEN SOURCE Issues Fixed in DC/OS 1.10.4 CORE-1375 - Docker executor does not hang due to lost messages. DOCS-2169

More information

VMworld 2017 Content: Not for publication #CNA1699BE CONFIDENTIAL 2

VMworld 2017 Content: Not for publication #CNA1699BE CONFIDENTIAL 2 CNA1699BE Running Docker on your Existing Infrastructure with vsphere Integrated Containers VMworld 2017 Content: Not for publication Martijn Baecke, Robbie Jerrom #vmworld #CNA1699BE VMworld 2017 Robbie

More information

WHITE PAPER. RedHat OpenShift Container Platform. Benefits: Abstract. 1.1 Introduction

WHITE PAPER. RedHat OpenShift Container Platform. Benefits: Abstract. 1.1 Introduction WHITE PAPER RedHat OpenShift Container Platform Abstract Benefits: Applications are designed around smaller independent components called microservices. Elastic resources: Scale up or down quickly and

More information

Cloud Native Security. OpenShift Commons Briefing

Cloud Native Security. OpenShift Commons Briefing Cloud Native Security OpenShift Commons Briefing Amir Sharif Co-Founder amir@aporeto.com Cloud Native Applications Challenge Security Change Frequency x 10x 100x 1,000x Legacy (Pets) Servers VMs Cloud

More information

Containerizing GPU Applications with Docker for Scaling to the Cloud

Containerizing GPU Applications with Docker for Scaling to the Cloud Containerizing GPU Applications with Docker for Scaling to the Cloud SUBBU RAMA FUTURE OF PACKAGING APPLICATIONS Turns Discrete Computing Resources into a Virtual Supercomputer GPU Mem Mem GPU GPU Mem

More information

Securing Microservice Interactions in Openstack and Kubernetes

Securing Microservice Interactions in Openstack and Kubernetes Securing Microservice Interactions in Openstack and Kubernetes Yoshio Turner & Jayanth Gummaraju Co- Founders @ Banyan https://www.banyanops.com Banyan Founded in the middle of 2015 In San Francisco, CA

More information

Networking Approaches in. a Container World. Flavio Castelli Engineering Manager

Networking Approaches in. a Container World. Flavio Castelli Engineering Manager Networking Approaches in a Container World Flavio Castelli Engineering Manager fcastelli@suse.com Rossella Sblendido Engineering Manager rsblendido@suse.com Disclaimer There a many container engines, I

More information

Advantages of using DC/OS Azure infrastructure and the implementation architecture Bill of materials used to construct DC/OS and the ACS clusters

Advantages of using DC/OS Azure infrastructure and the implementation architecture Bill of materials used to construct DC/OS and the ACS clusters Reference implementation: The Azure Container Service DC/OS is a distributed operating system powered by Apache Mesos that treats collections of CPUs, RAM, networking and so on as a distributed kernel

More information

Windows Server Windows Server Windows Server 2008

Windows Server Windows Server Windows Server 2008 2003 2008 2012 Hardware Innovation X86 Symmetric Multi-Processor (SMP) s Affordable servers for the masses Software Innovation Window 2003 SQL 2005 Exchange 2003 Hardware Innovation X64 s Multi-Core s

More information

Life of a Packet. KubeCon Europe Michael Rubin TL/TLM in GKE/Kubernetes github.com/matchstick. logo. Google Cloud Platform

Life of a Packet. KubeCon Europe Michael Rubin TL/TLM in GKE/Kubernetes github.com/matchstick. logo. Google Cloud Platform logo Life of a Packet KubeCon Europe 2017 Michael Rubin TL/TLM in GKE/Kubernetes github.com/matchstick Google Cloud Platform Kubernetes is about clusters Because of that, networking

More information

Deploy an external load balancer with

Deploy an external load balancer with Deploying an Internally and Externally Load Balanced App with Marathon-LB In this tutorial, Marathon-LB is used as an internal and external load balancer. The external load balancer is used to route external

More information

Dan Williams Networking Services, Red Hat

Dan Williams Networking Services, Red Hat Networking Containers with Kubernetes and OpenShift Dan Williams Networking Services, Red Hat Kubernetes Components Web UI Pod apiserver etcd Container 1 Container 2 scheduler controller Command-line interface

More information

Contrail Networking: Evolve your cloud with Containers

Contrail Networking: Evolve your cloud with Containers Contrail Networking: Evolve your cloud with Containers INSIDE Containers and Microservices Transformation of the Cloud Building a Network for Containers Juniper Networks Contrail Solution BUILD MORE THAN

More information

Launching StarlingX. The Journey to Drive Compute to the Edge Pilot Project Supported by the OpenStack

Launching StarlingX. The Journey to Drive Compute to the Edge Pilot Project Supported by the OpenStack Launching StarlingX The Journey to Drive Compute to the Edge Pilot Project Supported by the OpenStack Foundation Ian Jolliffe, WIND RIVER SYSTEMS Director Engineering @ian_jolliffe Project Overview An

More information

Network Function Virtualization over Open DC/OS Yung-Han Chen

Network Function Virtualization over Open DC/OS Yung-Han Chen Network Function Virtualization over Open DC/OS Yung-Han Chen 2016.05.18 1 Outlines Network Function Virtualization (NFV) Framework Container-based Open Source Solutions for NFV Use Cases 2 NFV Architectural

More information

YOUR APPLICATION S JOURNEY TO THE CLOUD. What s the best way to get cloud native capabilities for your existing applications?

YOUR APPLICATION S JOURNEY TO THE CLOUD. What s the best way to get cloud native capabilities for your existing applications? YOUR APPLICATION S JOURNEY TO THE CLOUD What s the best way to get cloud native capabilities for your existing applications? Introduction Moving applications to cloud is a priority for many IT organizations.

More information

2018 Cisco and/or its affiliates. All rights reserved.

2018 Cisco and/or its affiliates. All rights reserved. Beyond Data Center A Journey to self-driving Data Center with Analytics, Intelligent and Assurance Mohamad Imaduddin Systems Engineer Cisco Oct 2018 App is the new Business Developer is the new Customer

More information

S Implementing DevOps and Hybrid Cloud

S Implementing DevOps and Hybrid Cloud S- Implementing DevOps and Hybrid Cloud Srihari Angaluri Lenovo Data Center Group Red Hat Summit // Outline DevOps and Containers Architectural Considerations Lenovo Cloud Technology Center Implementing

More information

Running MarkLogic in Containers (Both Docker and Kubernetes)

Running MarkLogic in Containers (Both Docker and Kubernetes) Running MarkLogic in Containers (Both Docker and Kubernetes) Emma Liu Product Manager, MarkLogic Vitaly Korolev Staff QA Engineer, MarkLogic @vitaly_korolev 4 June 2018 MARKLOGIC CORPORATION Source: http://turnoff.us/image/en/tech-adoption.png

More information

Deploy Like A Boss Oliver Nicholas

Deploy Like A Boss Oliver Nicholas Deploy Like A Boss Oliver Nicholas DEPLOY LIKE A BOSS THE JOURNEY FROM 2 SERVERS TO 20,000 THE DEPLOYMENT PIPELINE MARCH 1, 2015 3 UBER TECHNOLOGIES, INC BUSINESS METRICS 311 Cities 57 Countries 1,000,000+

More information

Container Pods with Docker Compose in Apache Mesos

Container Pods with Docker Compose in Apache Mesos Container Pods with Docker Compose in Apache Mesos 1 Summary Goals: 1. Treating Apache Mesos and docker as first class citizens, the platform needs to seamlessly run and scale docker container pods in

More information

Kubernetes: Integration vs Native Solution

Kubernetes: Integration vs Native Solution Kubernetes: Integration vs Native Solution Table of Contents 22 Table of Contents 01 Introduction...3 02 DC/OS...4 03 Docker Enterprise...7 04 Rancher...10 05 Azure...13 06 Conclusion...15 3 01 Introduction

More information

Supporting GPUs in Docker Containers on Apache Mesos

Supporting GPUs in Docker Containers on Apache Mesos Supporting GPUs in Docker Containers on Apache Mesos MesosCon Europe - 2016 Kevin Klues Senior Software Engineer Mesosphere Yubo Li Staff Researcher IBM Research China Kevin Klues Yubo Li Kevin Klues is

More information

CLOUD INFRASTRUCTURE ARCHITECTURE DESIGN

CLOUD INFRASTRUCTURE ARCHITECTURE DESIGN CLOUD INFRASTRUCTURE ARCHITECTURE DESIGN Dan Radez OpenStack Red Hat Brad Ascar CloudForms Red Hat Agenda Red Hat OpenStack Platform Installation OpenStack Architecture Highly Available OpenStack Red Hat

More information

Comparison of Service Description and Composition for Complex 3-tier Cloud-based Services

Comparison of Service Description and Composition for Complex 3-tier Cloud-based Services Date: 2017. 08. 28 Place: Dalian, China Comparison of Service Description and Composition for Complex 3-tier Cloud-based Services Asia Pacific Advanced Network (APAN) Cloud Working Group Meeting 2017 Moonjoong

More information

Nevin Dong 董乃文 Principle Technical Evangelist Microsoft Cooperation

Nevin Dong 董乃文 Principle Technical Evangelist Microsoft Cooperation Nevin Dong 董乃文 Principle Technical Evangelist Microsoft Cooperation Microservices Autonomous API Gateway Events Service Discovery Circuit Breakers Commands Aggregates Bounded Context Event Bus Domain Events

More information

Implementing Container Application Platforms with Cisco ACI

Implementing Container Application Platforms with Cisco ACI BRKDCN-2627 Implementing Container Application Platforms with Cisco ACI Andres Vega Product Manager, Engineering Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session

More information

Sunil Shah SECURE, FLEXIBLE CONTINUOUS DELIVERY PIPELINES WITH GITLAB AND DC/OS Mesosphere, Inc. All Rights Reserved.

Sunil Shah SECURE, FLEXIBLE CONTINUOUS DELIVERY PIPELINES WITH GITLAB AND DC/OS Mesosphere, Inc. All Rights Reserved. Sunil Shah SECURE, FLEXIBLE CONTINUOUS DELIVERY PIPELINES WITH GITLAB AND DC/OS 1 Introduction MOBILE, SOCIAL & CLOUD ARE RAISING CUSTOMER EXPECTATIONS We need a way to deliver software so fast that our

More information

How to Keep UP Through Digital Transformation with Next-Generation App Development

How to Keep UP Through Digital Transformation with Next-Generation App Development How to Keep UP Through Digital Transformation with Next-Generation App Development Peter Sjoberg Jon Olby A Look Back, A Look Forward Dedicated, data structure dependent, inefficient, virtualized Infrastructure

More information

Dataplane Networking journey in Containers

Dataplane Networking journey in Containers Dataplane Networking journey in Gary Loughnane gary.loughnane@intel.com Kuralamudhan Ramakrishnan kuralamudhan.ramakrishnan@intel.com DPDK Summit Userspace - Dublin- 2017 Discussion topics Container Deployment

More information

DaoliNet A Simple and Smart Networking Technology for Docker Applications

DaoliNet A Simple and Smart Networking Technology for Docker Applications DaoliNet A Simple and Smart Networking Technology for Docker Applications DaoliNet An Open Source Project www.daolinet.org May, 2016 Docker is Awesome! A Linux Container Engine Build, Ship and Run Any

More information

Kontejneri u Azureu uz pomoć Kubernetesa što i kako? Tomislav Tipurić Partner Technology Strategist Microsoft

Kontejneri u Azureu uz pomoć Kubernetesa što i kako? Tomislav Tipurić Partner Technology Strategist Microsoft Kontejneri u Azureu uz pomoć Kubernetesa što i kako? Tomislav Tipurić Partner Technology Strategist Microsoft Source: Softpedia Credits: James Niccolai A decade ago no one could have seen this coming.

More information

Layer-4 to Layer-7 Services

Layer-4 to Layer-7 Services Overview, page 1 Tenant Edge-Firewall, page 1 LBaaS, page 2 FWaaS, page 4 Firewall Configuration, page 6 Overview Layer-4 through Layer-7 services support(s) end-to-end communication between a source and

More information

Baremetal with Apache CloudStack

Baremetal with Apache CloudStack Baremetal with Apache CloudStack ApacheCon Europe 2016 Jaydeep Marfatia Cloud, IOT and Analytics Me Director of Product Management Cloud Products Accelerite Background Project lead for open source project

More information

CONTRAIL SECURITY. Contrail Cloud Networking & Security

CONTRAIL SECURITY. Contrail Cloud Networking & Security CONTRAIL SECURITY Aniket Daptari Sr. Product Manager Contrail Cloud Networking & Security Scott Sneddon Senior Director Cloud and SDN This statement of direction sets forth Juniper Networks current intention

More information

Containerization Dockers / Mesospere. Arno Keller HPE

Containerization Dockers / Mesospere. Arno Keller HPE Containerization Dockers / Mesospere Arno Keller HPE What is the Container technology Hypervisor vs. Containers (Huis vs artement) A container doesn't "boot" an OS instead it loads the application and

More information

Oracle Container Natve Applicaton Development Platorm. Edgars Ruņģis Cloud Soluton Architect

Oracle Container Natve Applicaton Development Platorm. Edgars Ruņģis Cloud Soluton Architect Oracle Container Natve Applicaton Development Platorm Edgars Ruņģis Cloud Soluton Architect Buzzwords You Might Hear Isto Java Kubernetes DevOps CI/CD Microservices CD Container Natve DevOps CI Isto Pipelines

More information

Welcome to Docker Birthday # Docker Birthday events (list available at Docker.Party) RSVPs 600 mentors Big thanks to our global partners:

Welcome to Docker Birthday # Docker Birthday events (list available at Docker.Party) RSVPs 600 mentors Big thanks to our global partners: Docker Birthday #3 Welcome to Docker Birthday #3 2 120 Docker Birthday events (list available at Docker.Party) 7000+ RSVPs 600 mentors Big thanks to our global partners: Travel Planet 24 e-food.gr The

More information

The four forces of Cloud Native

The four forces of Cloud Native 1 Aplicaciones Nativas En La Nube The four forces of Cloud Native Iñaki Borrero- Advisory vspecialist MEDI, Dell EMC @DellEMCForum 2 Containers Devops Confluence of 4 forces Agile 3 3 Microservices 4 4

More information

Kubernetes - Networking. Konstantinos Tsakalozos

Kubernetes - Networking. Konstantinos Tsakalozos Kubernetes - Networking Konstantinos Tsakalozos Kubernetes From the greek word κυβερνήτης originally designed by Google and donated to the Cloud Native Computing Foundation. Presented at "Large-scale cluster

More information

@unterstein #bedcon. Operating microservices with Apache Mesos and DC/OS

@unterstein #bedcon. Operating microservices with Apache Mesos and DC/OS @unterstein @dcos @bedcon #bedcon Operating microservices with Apache Mesos and DC/OS 1 Johannes Unterstein Software Engineer @Mesosphere @unterstein @unterstein.mesosphere 2017 Mesosphere, Inc. All Rights

More information

Why Kubernetes Matters

Why Kubernetes Matters WHITE PAPER Why Kubernetes Matters We are on the cusp of a new era of software: instead of bolting on operations as an afterthought to the software development process, Kubernetes promises to bring development

More information