Container Pods with Docker Compose in Apache Mesos

Similar documents
MESOS A State-Of-The-Art Container Orchestrator Mesosphere, Inc. All Rights Reserved. 1

CS-580K/480K Advanced Topics in Cloud Computing. Container III

Using DC/OS for Continuous Delivery

Container Orchestration on Amazon Web Services. Arun

Kubernetes The Path to Cloud Native

Convergence of VM and containers orchestration using KubeVirt. Chunfu Wen

High Performance Containers. Convergence of Hyperscale, Big Data and Big Compute

Jupyter and Spark on Mesos: Best Practices. June 21 st, 2017

Supporting GPUs in Docker Containers on Apache Mesos

Scale your Docker containers with Mesos

POWERING THE INTERNET WITH APACHE MESOS

Issues Fixed in DC/OS

An Introduction to Kubernetes

[Docker] Containerization

利用 Mesos 打造高延展性 Container 環境. Frank, Microsoft MTC

Seagull: A distributed, fault tolerant, concurrent task runner. Sagar Patwardhan

Cloud I - Introduction

Cloud & container monitoring , Lars Michelsen Check_MK Conference #4

How Container Runtimes matter in Kubernetes?

The Path to GPU as a Service in Kubernetes Renaud Gaubert Lead Kubernetes Engineer

CONTINUOUS DELIVERY WITH DC/OS AND JENKINS

Mesosphere and the Enterprise: Run Your Applications on Apache Mesos. Steve Wong Open Source Engineer {code} by Dell

YOUR APPLICATION S JOURNEY TO THE CLOUD. What s the best way to get cloud native capabilities for your existing applications?

State of Containers. Convergence of Big Data, AI and HPC

Note: Isolation guarantees among subnets depend on your firewall policies.

An introduction to Docker

The Emergence of the Datacenter Developer. Tobi Knaup, Co-Founder & CTO at

Run containerized applications from pre-existing images stored in a centralized registry

Securing Containers on the High Seas. Jack OWASP Belgium September 2018

Secure Kubernetes Container Workloads

TEN LAYERS OF CONTAINER SECURITY

ovirt and Docker Integration

Docker und IBM Digital Experience in Docker Container

Replacing Docker With Podman. By Dan

Why Kubernetes Matters

MesosCon Qian Zhang (IBM China), Jie Yu (Mesosphere) OCI Support in Mesos Mesosphere, Inc. All Rights Reserved. 1

AGILE DEVELOPMENT AND PAAS USING THE MESOSPHERE DCOS

MySQL As A Service. Operationalizing 19 Years of Infrastructure at GoDaddy

Kubernetes: Integration vs Native Solution

Containerizing GPU Applications with Docker for Scaling to the Cloud

Kubernetes 1.9 Features and Future

1.0. Vinod Kone Anand Mazumdar

@joerg_schad Nightmares of a Container Orchestration System

Docker DCA EXAM. m/ Product: Demo. For More Information: Docker Certified Associate

Important DevOps Technologies (3+2+3days) for Deployment

Allowing Users to Run Services at the OLCF with Kubernetes

Deployment Patterns using Docker and Chef

Container Security and new container technologies. Dan

The speed of containers, the security of VMs. KataContainers.io

Application Centric Microservices Ken Owens, CTO Cisco Intercloud Services. Redhat Summit 2015

RUNNING VIRTUAL MACHINES ON KUBERNETES. Roman Mohr & Fabian Deutsch, Red Hat, KVM Forum, 2017

APACHE COTTON. MySQL on Mesos. Yan Xu xujyan

Running MarkLogic in Containers (Both Docker and Kubernetes)

Sunil Shah SECURE, FLEXIBLE CONTINUOUS DELIVERY PIPELINES WITH GITLAB AND DC/OS Mesosphere, Inc. All Rights Reserved.

Launching StarlingX. The Journey to Drive Compute to the Edge Pilot Project Supported by the OpenStack

FIVE REASONS YOU SHOULD RUN CONTAINERS ON BARE METAL, NOT VMS

Kubernetes Integration with Virtuozzo Storage

The new Docker networking put into action to spin up a SLURM cluster

CONTINUOUS DELIVERY WITH MESOS, DC/OS AND JENKINS

WHITE PAPER. RedHat OpenShift Container Platform. Benefits: Abstract. 1.1 Introduction

Amir Zipory Senior Solutions Architect, Redhat Israel, Greece & Cyprus

Lessons Learned: Deploying Microservices Software Product in Customer Environments Mark Galpin, Solution Architect, JFrog, Inc.

How to build and run OCI containers

TEN LAYERS OF CONTAINER SECURITY. Kirsten Newcomer Security Strategist

CNI, CRI, and OCI - Oh My!

STATUS OF PLANS TO USE CONTAINERS IN THE WORLDWIDE LHC COMPUTING GRID

Project Kuryr. Antoni Segura Puimedon (apuimedo) Gal Sagie (gsagie)

Networking & Security for Mesos

SAMPLE CHAPTER IN ACTION. Roger Ignazio. FOREWORD BY Florian Leibert MANNING

CONTAINERS AND MICROSERVICES WITH CONTRAIL

Building/Running Distributed Systems with Apache Mesos

GoDocker. A batch scheduling system with Docker containers

DevOps Technologies. for Deployment

Implementing the Twelve-Factor App Methodology for Developing Cloud- Native Applications

Marathon & Metronome Mesosphere, Inc. All Rights Reserved. 1

Scheduling Computational and Storage Resources on the NRP

Distributed CI: Scaling Jenkins on Mesos and Marathon. Roger Ignazio Puppet Labs, Inc. MesosCon 2015 Seattle, WA

Docker and Oracle Everything You Wanted To Know

Cisco ACI Multi-Site Fundamentals Guide

Network Function Virtualization over Open DC/OS Yung-Han Chen

White Paper. Why Remake Storage For Modern Data Centers

Linux Containers Roadmap Red Hat Enterprise Linux 7 RC. Bhavna Sarathy Senior Technology Product Manager, Red Hat

WHITEPAPER. Embracing Containers & Microservices for future-proof application modernization

Docker Security. Mika Vatanen

EASILY DEPLOY AND SCALE KUBERNETES WITH RANCHER

TECHNICAL BRIEF. Scheduling and Orchestration of Heterogeneous Docker-Based IT Landscapes. January 2017 Version 2.0 For Public Use

Kubernetes Integration Guide

Create an application with local persistent volumes

TEN LAYERS OF CONTAINER SECURITY

RDMA Container Support. Liran Liss Mellanox Technologies

Red Hat Atomic Details Dockah, Dockah, Dockah! Containerization as a shift of paradigm for the GNU/Linux OS

Redesigning Apache Flink s Distributed Architecture. Till

MANAGING MESOS, DOCKER, AND CHRONOS WITH PUPPET

An Overview of the Architecture of Juno: CHPC s New JupyterHub Service By Luan Truong, CHPC, University of Utah

Performance Monitoring and Management of Microservices on Docker Ecosystem

Container-based virtualization: Docker

Parallels Virtuozzo Containers

Overview of Container Management

Getting Started With Serverless: Key Use Cases & Design Patterns

Docker Universal Control Plane Deploy and Manage On-Premises, Your Dockerized Distributed Applications

Transcription:

Container Pods with Docker Compose in Apache Mesos 1

Summary Goals: 1. Treating Apache Mesos and docker as first class citizens, the platform needs to seamlessly run and scale docker container pods in Mesos with a standardized pod spec file. 2. Developers can develop and run the pod locally using a spec file and then use the same spec file to launch it in a QA/Production cluster. Solution: Docker Compose Mesos Executor (https://github.com/paypal/dce-go)

What are Pods? Pods represent a collection of containers treated as a single unit for scheduling and deployment. Pods are treated as single scaling unit. Containers in Pods will generally share one or more namespaces: network, pid, ipc etc Containers in Pods should have a common cgroup to be kept under check as a unit to not steal resources from other pods in the host. Colocation using constraints!= Pod

Why are Pods needed? Migrating legacy workloads running in a single node. Lift and shift. Gives time to extract common services duplicated in each pod into a system service when relevant. Pods helps to create a modular application by composing different services. Side-car, Adapter, Ambassador are common patterns Pods helps eliminate pre and post deployment steps. Helps model transient short tasks (short lived containers)

Docker Compose Compose is a elegant tool for defining and running multiple docker containers. Cherished tool in the community over the years for local development. Version 2.X preserves strictly all the local features. In this version, it interacts with a single docker engine, mostly running locally. Version 3.X introduces compose for docker swarm and deprecates certain features of 2.X. For now, they remain as 2 separate version tracks.

Pods Modelled in Docker Compose Pods are containers bundled together locally. So, relies on version 2.x compose version. Pods represented by compose can preserve all the first class docker volume and network plugins. Pods can have flexibility on collapsing namespaces in any combination between the containers. Containers in Pods can have strict ordering guarantees by using conditional constructs of depends_on. Pods can refer to externally created volumes and networks. Multiple files can be merged to construct the right pod definition for an environment. Ex: base, qa, prod compose files. Easy to spawn multiple pods of same application with different versions in same local environment without conflicts.

Mesos Architecture

Mesos Key Abstractions Framework Offer (Resources) Task/Executor Master Resources Task/Executor Agent Task Executor Task Executor Task

Docker Compose Executor in Mesos Mesos Agent Mesos Containerizer Launcher Cgroups MEM Isolator Cgroups CPU Isolator Docker Compose Executor Task (Docker Container Pod spawned as Child Cgroup of Parent Cgroup) Mesos Parent Cgroup Container

Cgroup Hierarchy Each container in pod has a child cgroup under the parent mesos task cgroup. Meets Pod criteria of containers in pod sharing a cgroup. Cgroups CFS hard limits (bandwidth controls) and memory limits assigned to the parent cgroups will cover all containers in pods. Individual containers will not be limited unless specified but cannot go over parent. Make sure to enable memory hierarchy with use_hierarchy flag.

DCE-GO features Implements mesos executor callbacks to maintain the lifecycle of a pod. Massages compose file to add cgroup parent, mesos labels and edit certain sections to resolve any naming conflict etc Collapses network namespace by default. Provides pod monitor to not only kill entire pod on unexpected container exit but also when a container becomes unhealthy as per docker healthchecks. Supports running multiple compose files. Mesos Module provided to prevent pod leaks in rare case of executor crashes. Provides plugins. Last but not the least any existing Mesos Frameworks like Aurora, Marathon etc can use DCE directly without making ANY framework changes.

PLUGINS 12

What are Plugins? Plugins provides a way to easily extend inner workings of DCE. Plugins can be used to customize DCE without having to understand exactly how DCE is implemented internally. Plugins make it easy to experiment with new features. Plugin mechanism helps you easily enable and disable features. Plugins essentially provide hooks before and after launch/kill task mesos callbacks to implement custom behavior. Plugins can be chained with ordering.

Default Plugin DCE-GO comes with default General Plugin. This Plugin updates compose files so that multiple pods are able to launch on a host. It largely covers following: Decorate various compose sections to resolve all the conflicts. Label each container with specific taskid and executorid. This information is used to clean up pod. Adding pod to parent mesos task cgroup. Creating infrastructure container in pod for allowing to collapse network namespace for containers in a pod.

Mesos Hook Module for Compose Pods Mesos Modules help extend inner functionality using shared libs. Can run in Master and/or Agent. Mesos Modules should be built against the mesos version running in cluster. Different classification of Modules: Allocator, Isolator, Hooks etc Hooks Modules tie into events and their context. DCE-GO leverages executor removal event hook in an agent. Implements ComposePodCleanupHook Module. That hook ensures pods are cleaned up on any unexpected executor crash.

Current Ecosystem around Pods 1. Docker swarm (as of 1.2.6) does not support local pods. Docker compose deploy takes a compose definition and schedules the containers across swarm cluster and connects them via overlay network. Using constraints not the same. Most likely to be supported in future. 2. K8 has excellent support for pods but does not treat docker as first class. Different volume and network specs CRI mostly going to hook to containerd directly. Skip docker engine. Pod spec different than compose spec and docker commands do not work (equivalent command provided). Image is the only common thing. 3. Mesos added in 1.1 pod support via experimental Task Groups and Nested Container. Not docker specific and pod can represent any collection of tasks. Frameworks needs to make changes to support this. Task Groups spec obviously separate from compose spec. Universal Containerizer and set of isolators defining a container runtime separate from docker. However, Mesos continues to remain extremely flexible!

DCE-GO DEMO 17

Links and References DCE-GO project (https://github.com/paypal/dce-go) Deprecates (https://github.com/mesos/docker-compose-executor) Mesos Architecture and Key Abstractions diagrams(https://www.slideshare.net/infoq/mesos-a-stateoftheartcontainer-orchestrator)

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback