Simple custom Linux distributions with LinuxKit. Justin Cormack

Similar documents
Making Immutable Infrastructure simpler with LinuxKit. Justin Cormack

The Modern Operating System in Justin Cormack

The speed of containers, the security of VMs. KataContainers.io

[Docker] Containerization

The speed of containers, the security of VMs

How CloudEndure Disaster Recovery Works

What is Cloud Computing? Cloud computing is the dynamic delivery of IT resources and capabilities as a Service over the Internet.

Container-Native Storage

How CloudEndure Works

Virtualization. ...or how adding another layer of abstraction is changing the world. CIS 399: Unix Skills University of Pennsylvania.

RED HAT GLUSTER TECHSESSION CONTAINER NATIVE STORAGE OPENSHIFT + RHGS. MARCEL HERGAARDEN SR. SOLUTION ARCHITECT, RED HAT BENELUX April 2017

Introduction to Virtualization and Containers Phil Hopkins

ViryaOS RFC: Secure Containers for Embedded and IoT. A proposal for a new Xen Project sub-project

How Container Runtimes matter in Kubernetes?

Cloud & container monitoring , Lars Michelsen Check_MK Conference #4

ISLET: Jon Schipp, AIDE jonschipp.com. An Attempt to Improve Linux-based Software Training

Docker for HPC? Yes, Singularity! Josef Hrabal

How CloudEndure Disaster Recovery Works

Unikernels? Thomas [Twitter]

Setup Lab. A quick guide to infrastructure tools for EPL371

Welcome to Linux Foundation E-Learning Training

Running Databases in Containers.

LINUX Virtualization. Running other code under LINUX

Onboarding VMs to Cisco Metacloud

Cloud I - Introduction

Microservices. Chaos Kontrolle mit Kubernetes. Robert Kubis - Developer Advocate,

Virtualization Overview NSRC

VMware s (Open Source) Way of Container. Dr. Udo Seidel

Docker und IBM Digital Experience in Docker Container

How CloudEndure Works

Important DevOps Technologies (3+2+3days) for Deployment

Multi-Arch Layered Image Build System

Welcome to Linux Foundation E-Learning Training

Be smart. Think open source.

Spring 2017 :: CSE 506. Introduction to. Virtual Machines. Nima Honarmand

Red Hat Container Development Kit 3.0 Installation Guide

Intel Clear Containers. Amy Leeland Program Manager Clear Linux, Clear Containers And Ciao

Windows Azure Services - At Different Levels

Leveraging Docker and CoreOS to provide always available Cassandra at Instaclustr

Advanced Continuous Delivery Strategies for Containerized Applications Using DC/OS

DEEP DIVE: OPENSTACK COMPUTE

Allowing Users to Run Services at the OLCF with Kubernetes

Table of Contents 1.1. Overview. Containers, Docker, Registries vsphere Integrated Containers Engine

Flip the Switch to Container-based Clouds

SaaSaMe Transport Workload Snapshot Export for. Alibaba Cloud

HP SDN Document Portfolio Introduction

CS-580K/480K Advanced Topics in Cloud Computing. Container III

FIVE REASONS YOU SHOULD RUN CONTAINERS ON BARE METAL, NOT VMS

Table of Contents 1.1. Introduction. Overview of vsphere Integrated Containers 1.2

Introduction to Containers

RecoverAssist Information for Beta Testers

Build Cloud like Rackspace with OpenStack Ansible

Docker and Security. September 28, 2017 VASCAN Michael Irwin

Building Kubernetes cloud: real world deployment examples, challenges and approaches. Alena Prokharchyk, Rancher Labs

Con$nuous Deployment with Docker Andrew Aslinger. Oct

Getting Started with Hadoop

Welcome to Linux Foundation E-Learning Training

Logging, Monitoring, and Alerting

Welcome to Linux Foundation E-Learning Training

Guillimin HPC Users Meeting

Introduction to Virtualization. From NDG In partnership with VMware IT Academy

Welcome to Linux Foundation E-Learning Training

Welcome to SUSE Expert Days 2017 Service Delivery with DevOps

CONTAINERS AND MICROSERVICES WITH CONTRAIL

ovirt Node June 9, 2012 Mike Burns ovirt Node 1

Virtual Scanner Appliance User Guide. March 7, 2018

Docker Live Hacking: From Raspberry Pi to Kubernetes

Introduction to virtualisation, hardware, cloud, containers, unikernels, microkernels. and everything else

Rok: Decentralized storage for the cloud native world

Container Orchestration on Amazon Web Services. Arun

Travis Cardwell Technical Meeting

When (and how) to move applications from VMware to Cisco Metacloud

@briandorsey #kubernetes #GOTOber

Continuous Integration and Delivery with Spinnaker

Red Hat Container Development Kit 3.0 Release Notes and Known Issues

Pavel Anni Oracle Solaris 11 Feature Map. Slide 2

Define Your Future with SUSE

Transparent Service Migration to the Cloud Clone existing VMs to CloudStack/OpenStack templates without user downtime. CloudOpen Seattle 2015

Advanced Cloud Infrastructures

VMWARE PIVOTAL CONTAINER SERVICE

Docker 101 Workshop. Eric Smalling - Solution Architect, Docker

SQL Server inside a docker container. Christophe LAPORTE SQL Server MVP/MCM SQL Saturday 735 Helsinki 2018

Citrix CloudPlatform (powered by Apache CloudStack) Version 4.5 Concepts Guide

Software containers are likely to become a very important tool over the

Lecture 09: VMs and VCS head in the clouds

Continuous integration & continuous delivery. COSC345 Software Engineering

CompTIA Linux+ Guide to Linux Certification Fourth Edition. Chapter 2 Linux Installation and Usage

Backup Edition Comparison OVERVIEW

STATUS OF PLANS TO USE CONTAINERS IN THE WORLDWIDE LHC COMPUTING GRID

CS 470 Spring Virtualization and Cloud Computing. Mike Lam, Professor. Content taken from the following:

SUSE Linux Enterprise 15. #MultimodalOS

diskimage-builder: Building Linux Images for Cloud / Virtualization / Container

Last class: OS and Architecture. OS and Computer Architecture

The Long Road from Capistrano to Kubernetes

Last class: OS and Architecture. Chapter 3: Operating-System Structures. OS and Computer Architecture. Common System Components

Mac Os X Snow Leopard Virtualbox Image And Linux Host

Containerizing GPU Applications with Docker for Scaling to the Cloud

ovirt Node November 1, 2011 Mike Burns Alan Pevec Perry Myers ovirt Node 1

Docker containers and/or/vs virtualization Overview. Tomasz Jordan Kruk, Ph.D. Warsaw University of Technology

Kubernetes 101. Doug Davis, STSM September, 2017

Transcription:

Simple custom Linux distributions with LinuxKit Justin Cormack

Who am I? Engineer at Docker in Cambridge, UK. @justincormack 3

Tools for building custom Linux

Tools for building custom Linux Existing tools are very complicated designed for embedded systems very opinionated hard to customise slow to build and test 5

LinuxKit

LinuxKit 7 fast to build and test simple configuration totally customisable runs in many different environments not very opinionated uses containers for packaging suitable for embedded, mainframes, supercomputers

Started in 2015 Originally built for Docker for Mac Needed a simple embedded, maintainable, invisible Linux first commit: "not required: self update: treated as immutable" This project became LinuxKit, open sourced last year 8

LinuxKit is a config management tool 9 defines your system configuration essentially just lists files uses containers to simplify this tooling to make bootable images built for automation

LinuxKit 10 not a Linux distro! it is a kit, with enough pieces to get you started everything can easily be replaced if required components specified as containers containers run by containerd, small container runtime designed to be built and tested in a CI pipeline build times just a minute or so test locally then ship to production minimal so boots fast small so secure and does not need updating so much Apache licensed

Packages 11 Packages are containers Containers are therefore the unit of defining the system A larger chunk that traditional systems Some less sharing Easier testability as it is a complete system Good service isolation VM isolation can be added Signing at the container level

Immutable

Sysadmins everywhere As a system administrator, one of the scariest things I ever encounter is a server that s been running for ages. If you absolutely know a system has been created via automation and never changed since the moment of creation, most of the problems disappear. Chad Fowler,Trash Your Servers and Burn Your Code, 2013 13

Netflix In the cloud, we know exactly what we want a server to be, and if we want to change that we simply terminate it and launch a new server with a new AMI. Netflix Building with Legos, 2011 14

Updates

Reprovision to update https://www.oreilly.com/ideas/an-introduction-to-immutable-infrastructure 16

State

immutability is a name 18 naming is hard it does not mean there is no change! state in traditional Unix is not very well isolated enforce split between code (immutable) and application data (mutable)

Immutable does not mean stateless! functional programming is the analogy 19 no mutable global state state change is explicit state changes only made by specific parts of the code aim is understandability state is managed and controlled, and in chosen locations LinuxKit has an immutable root filesystem, add writable drives for data controlled state mutation, not scattered all over persistent state changes are for data, not code or configuration

Manage your data independently Independent data lifecycle from code network storage cloud storage filesystem snapshotting (Dotmesh integration) replication 20

LinuxKit architecture

LinuxKit startup init runc onboot 1 onboot 2 sequential startup eg network configuration, disks containerd service a services start up in parallel after initialization service b service c 22 same design as pods in Kubernetes

Configure this from a yaml file 23

note root filesystem is immutable can run from ISO, initramfs, squashfs,... onboot stage is very flexible, can mount service containers from network or other arrangements if required. no package manager no possibility to update at runtime replace with a new image to update software for dynamic services can use Docker or Kubernetes on top removes all complexity of install, update, reboot 24

Practicalities

Simple tooling for lots of use cases Tooling can build most kinds of image needed to boot VMs or bare metal 26 ISO for EFI or BIOS raw disk images AWS AMIs GCP disk format QCOW2 for qemu and KVM VHD VMDK raw kernel and initramfs Raspberry Pi3 image

Simple tooling for lots of use cases Simple build, push, run workflow for many common use cases 27 AWS GCP Azure OpenStack VMware Vcenter Packet.net ipxe Hyperkit for MacOS Hyper-V for Windows KVM for Linux VMware Fusion Virtualbox

Simple tooling for lots of use cases Generally (example Google Cloud) linuxkit build file.yml linuxkit push gcp filename linuxkit run gcp filename Some platforms have additional options. You should always use other tooling to run in production, linuxkit run is a development tool. 28

Total control of how code runs 29 Yaml config specifies the OCI configuration specify exactly users, capabilities, namespaces images can have their configuration in labels to simplify config modularity at the function and application level runs exactly what you need

Demo

Roadmap reworking build to not require Docker easier to run in CI, eg in a container will not require root access Go code for building disk images a lot of work to do here, but really useful more detailed application blueprints a lot of work in linuxkit/kubernetes ongoing now remove remaining shell scripting from configuration! most gone already some shelling out rather than native code still more users and use cases! 31

Summary

Summary manage the configuration of a distributed system use a simpler, immutable OS, just focus on the overall system try our tools, they are simple but fun fast tooling is way better! build for automation, not for interactive use "time to do some crazy bullshit with operating systems" Adam Jacob 33

THANK YOU

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback