CONTAINERS AND MICROSERVICES WITH CONTRAIL

Similar documents
Contrail Networking: Evolve your cloud with Containers

CONTRAIL SECURITY. Contrail Cloud Networking & Security

Kubernetes made easy with Docker EE. Patrick van der Bleek Sr. Solutions Engineer NEMEA

K8s(Kubernetes) and SDN for Multi-access Edge Computing deployment

ANIKET DAPTARI & RANJINI RAJENDRAN CONTRAIL TEAM

S Implementing DevOps and Hybrid Cloud

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

OpenShift 3 Technical Architecture. Clayton Coleman, Dan McPherson Lead Engineers

K8s(Kubernetes) and SDN for Multi-access Edge Computing deployment

WHITE PAPER. RedHat OpenShift Container Platform. Benefits: Abstract. 1.1 Introduction

Kubernetes: Twelve KeyFeatures

Kubernetes 101. Doug Davis, STSM September, 2017

개발자와운영자를위한 DevOps 플랫폼 OpenShift Container Platform. Hyunsoo Senior Solution Architect 07.Feb.2017

Running MarkLogic in Containers (Both Docker and Kubernetes)

Application Centric Microservices Ken Owens, CTO Cisco Intercloud Services. Redhat Summit 2015

TEN LAYERS OF CONTAINER SECURITY

Red Hat Roadmap for Containers and DevOps

Container in Production : Openshift 구축사례로 이해하는 PaaS. Jongjin Lim Specialist Solution Architect, AppDev

Accelerate at DevOps Speed With Openshift v3. Alessandro Vozza & Samuel Terburg Red Hat

Przyspiesz tworzenie aplikacji przy pomocy Openshift Container Platform. Jarosław Stakuń Senior Solution Architect/Red Hat CEE

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Kubernetes - Networking. Konstantinos Tsakalozos

Amir Zipory Senior Solutions Architect, Redhat Israel, Greece & Cyprus

Cloud & container monitoring , Lars Michelsen Check_MK Conference #4

Project Calico v3.2. Overview. Architecture and Key Components. Project Calico provides network security for containers and virtual machine workloads.

Cisco Container Platform

Launching StarlingX. The Journey to Drive Compute to the Edge Pilot Project Supported by the OpenStack

Overview of Container Management

More Containers, More Problems

Project Calico v3.1. Overview. Architecture and Key Components

Red Hat OpenShift Roadmap Q4 CY16 and H1 CY17 Releases. Lutz Lange Solution

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

DPDK Summit 2016 OpenContrail vrouter / DPDK Architecture. Raja Sivaramakrishnan, Distinguished Engineer Aniket Daptari, Sr.

How Container Runtimes matter in Kubernetes?

Microservices. Chaos Kontrolle mit Kubernetes. Robert Kubis - Developer Advocate,

Implementing Container Application Platforms with Cisco ACI

Secure Kubernetes Container Workloads

Kuberiter White Paper. Kubernetes. Cloud Provider Comparison Chart. Lawrence Manickam Kuberiter Inc

What s New in Red Hat OpenShift Container Platform 3.4. Torben Jäger Red Hat Solution Architect

Exploring Cloud Security, Operational Visibility & Elastic Datacenters. Kiran Mohandas Consulting Engineer

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

OPENSHIFT FOR OPERATIONS. Jamie Cloud Guy - US Public Sector at Red Hat

Kubernetes on Openstack

EASILY DEPLOY AND SCALE KUBERNETES WITH RANCHER

OpenShift on Public & Private Clouds: AWS, Azure, Google, OpenStack

TEN LAYERS OF CONTAINER SECURITY

An Introduction to Kubernetes

TEN LAYERS OF CONTAINER SECURITY. Kirsten Newcomer Security Strategist

ACCELERATE APPLICATION DELIVERY WITH OPENSHIFT. Siamak Sadeghianfar Sr Technical Marketing Manager, April 2016

Red Hat Atomic Details Dockah, Dockah, Dockah! Containerization as a shift of paradigm for the GNU/Linux OS

UP! TO DOCKER PAAS. Ming

Kuber-what?! Learn about Kubernetes

Docker and Oracle Everything You Wanted To Know

Contrail Cloud Platform Architecture

Contrail Cloud Platform Architecture

VMWARE PIVOTAL CONTAINER SERVICE

Docker All The Things

Important DevOps Technologies (3+2+3days) for Deployment

Kubernetes. An open platform for container orchestration. Johannes M. Scheuermann. Karlsruhe,

Building NFV Solutions with OpenStack and Cisco ACI

OpenShift Roadmap Enterprise Kubernetes for Developers. Clayton Coleman, Architect, OpenShift

A REFERENCE ARCHITECTURE FOR DEPLOYING WSO2 MIDDLEWARE ON KUBERNETES

OPENSTACK Building Block for Cloud. Ng Hwee Ming Principal Technologist (Telco) APAC Office of Technology

Virtual Infrastructure: VMs and Containers

Securing Microservice Interactions in Openstack and Kubernetes

Go Faster: Containers, Platforms and the Path to Better Software Development (Including Live Demo)

SAMPLE CHAPTER. Marko Lukša MANNING

Baremetal with Apache CloudStack

DevOps CICD PopUp. Software Defined Application Delivery Fabric. Frey Khademi. Systems Engineering DACH. Avi Networks

Industry-leading Application PaaS Platform

Continuous delivery while migrating to Kubernetes

A Greybeard's Worst Nightmare

Kubernetes introduction. Container orchestration

One year of Deploying Applications for Docker, CoreOS, Kubernetes and Co.

Using Network Virtualization in DevOps environments Yves Fauser, 22. March 2016 (Technical Product Manager VMware NSBU)

Taming your heterogeneous cloud with Red Hat OpenShift Container Platform.

Deployment Patterns using Docker and Chef

How to build scalable, reliable and stable Kubernetes cluster atop OpenStack.

Containers Infrastructure for Advanced Management. Federico Simoncelli Associate Manager, Red Hat October 2016

NTT Com Press Conference March 1, 2016 #enterprisecloud

The speed of containers, the security of VMs. KataContainers.io

Buenos Aires 31 de Octubre de 2018

Full Scalable Media Cloud Solution with Kubernetes Orchestration. Zhenyu Wang, Xin(Owen)Zhang

Contrail Release Release Notes

NET1821BU THE FUTURE OF NETWORKING AND SECURITY WITH NSX-T Bruce Davie CTO, APJ 2

Build Cloud like Rackspace with OpenStack Ansible

Running RHV integrated with Cisco ACI. JuanLage Principal Engineer - Cisco May 2018

Xen and CloudStack. Ewan Mellor. Director, Engineering, Open-source Cloud Platforms Citrix Systems

This document (including, without limitation, any product roadmap or statement of direction data) illustrates the planned testing, release and

Docker and HPE Accelerate Digital Transformation to Enable Hybrid IT. Steven Follis Solutions Engineer Docker Inc.

Modelos de Negócio na Era das Clouds. André Rodrigues, Cloud Systems Engineer

VMWARE ENTERPRISE PKS

Red Hat Containers Roadmap. Red Hat A panel of product directors

Cloud Native Java with Kubernetes

Intent Driven Network Operations with AppFormix Advanced Analytics Platform. Joseph Li

agenda PAE Docker Docker PAE

Bringing Security and Multitenancy. Lei (Harry) Zhang

I keep hearing about DevOps What is it?

Cloud Native Security. OpenShift Commons Briefing

Building a Kubernetes on Bare-Metal Cluster to Serve Wikipedia. Alexandros Kosiaris Giuseppe Lavagetto

Transcription:

CONTAINERS AND MICROSERVICES WITH CONTRAIL Scott Sneddon Sree Sarva DP Ayyadevara Sr. Director Sr. Director Director Cloud and SDN Contrail Solutions Product Line Management

This statement of direction sets forth Juniper Networks current intention and is subject to change at any time without notice. No purchases are contingent upon Juniper Networks delivering any feature or functionality depicted in this presentation. This presentation contains proprietary roadmap information and should not be discussed or shared without a signed non-disclosure agreement (NDA).

AGENDA Background and Evolution of Technology and Ecosystem Fundamentals of Containers - what and why Microservices and Container Orchestration Contrail Networking for Containers 3

CONTAINERS

THE RISE OF CONTAINERS & MICROSERVICES Containers: Standardized frame for all services. Simplified a painful integration process in a heterogeneous infrastructure world. Docker - revolution in how developers build and deploy applications w/containers. APIs: The rapid adoption of APIs has created a standardized format for communications. Scalable cloud infrastructure: Private or public, delivers the resources needed on demand to scale, and operate services effectively. Cloud is the new computer! https://www.sequoiacap.com/article/build-us-microservices/

WHAT ARE CONTAINERS? App A App B App C Binaries / Libraries Binaries / Libraries Binaries / Libraries Virtual network interfaces / addresses (maybe host NAT d) Files and optional (shared) mounts from the host filesystem Processes isolated from the host and (optionally) other containers Share the same underlying Kernel Container Engine Host OS Infrastructure Control Groups (cgroups): Virtualize by sharing and limiting access: CPU, Memory, Disk I/O, N/w I/O Namespaces: Virtualize by isolating: User IDs Process IDs & tree Filesystem mounts Network interfaces Security: SELinux policy and enforcement control over all resources AppArmor to restrict a program s abilities Linux capabilities etc.

VIRTUAL MACHINES VS CONTAINERS App A App B App C Binaries / Libraries Binaries / Libraries Binaries / Libraries App A App B App C Guest OS Guest OS Guest OS Binaries / Libraries Binaries / Libraries Binaries / Libraries Container Engine Host OS + Hypervisor Host OS Infrastructure Infrastructure

THE PROMISE OF DOCKER Build Once, Run Anywhere

DOCKER LAYERS

DOCKER NETWORKING Host Host Container Container Container Container eth0 eth0 eth0 eth0 Bridge eth0 Bridged (docker0) Bridged MacVLAN L2 eth0 Host mode L3 mode

DOCKER NETWORKING Docker provides: Default networking Mac-vlan VXLAN Overlay multi-host networking ;) Plugins https://blog.docker.com/2015/04/docker-networking-takes-a-step-in-the-right-direction-2/

MICROSERVICES

MICROSERVICE CONCEPT (2006) (2016)

MICROSERVICE CONCEPT containers are the perfect vehicle for microservices containers orchestration platforms are suited to handle the deployment and scaling of these microservices

CONTAINERS & MICROSERVICES ORCHESTRATION

KUBERNETES The name? Greek for pilot or helmsman of a ship http://www.publicartarchive.org/work/helmsman The project? Open Source project originally designed by Google (Project Borg) and donated to the CNCF Open-source platform for automating deployment, scaling, and operations of application containers across clusters of hosts, providing container-centric infrastructure Desired state / Intent-based system Tell Kubernetes what you want and it will take care of everything else

WHAT IS KUBERNETES? Application Focus Deploy / scale / rolling updates / control resources Portable Run everywhere (public/private cloud, bare metal, VMs, laptop) Self-Healing Auto-restart, auto-rescheduling, auto-scaling, auto-replication Bridge the Dev/Ops gap Taking advantage of application containerization and micro services CI/CD environments Mechanisms to tie the infrastructure and the applications running on it

KUBERNETES ARCHITECTURE N a m e s p a c e - B N a m e s p a c e - A Master Node #2 Service (VIP, Port) Service S1 Service (VIP, Port) Service S2 Master Node #1 API Server Application 1 (Load balancing across multiple PODs) Repl. Ctrl Application 2 (Load balancing across multiple PODs) kube-apiserver Controller / Replication Mgr kube-controller-manager Scheduler POD 2 C1 C2 POD 1 (POD1-IP) C1 C2 Containers C1 C2 Containers POD 6 C1 C2 POD 5 C1 C2 Containers C1 C2 Containers kube-scheduler Data Store (etcd) Data Store (etcd) Containers Containers Kubelet Minion / Node Kubelet Minion / Node Master

OPENSHIFT Red Hat s Container Application Platform (PaaS) Self Service Templates Web Console Multi-language Automation Build Deploy Collaboration DevOps Security NameSpaces RBAC Scaleable Integrated Loadbalancer Open Source Enterprise Grade Authentication Web Console Central Logging source: www.redhat.com

20 CONTRAIL NETWORKING FOR CONTAINERS

Distributed Policy Enforcement Centralized Policy Definition CONTRAIL ARCHITECTURE ORCHESTRATOR Logical View Network / Storage orchestration CONTRAIL CONTROLLER (Config, Control, Analytics, Svr Mgmt) Compute orchestration BGP Virtual Network Blue FW Virtual Network Red OVSDB BGP XMPP TOR Physical IP Fabric (no changes) (Windows, Linux.) on BMS vrouter Host O/S Gateway Internet / WAN or Legacy Env.

CONTAINERIZED CONTRAIL

CONTRAIL ARCHITECTURE WITH KUBERNETES

I N C R E A S I N G L E V E L S O F I S O L A T I O N CONTRAIL WITH KUBERNETES CONTRAIL VALUE PROP User-Defined Isolation Custom Isolation Namespace Isolation Default Cluster Network Mode Define Networks and Security Policies in Contrail Use Network/Security Policy per namespace and/or pods using annotations Virtual Network per namespace solation per namespace All Pods and Services are reachable What do the users / app team get? Distributed LB Security / Isolation / multitenancy External / Public access from within cluster (SNAT) and vice versa (using floating IP) Exposing cluster to Enterprise network outside the cluster

KUBERNETES TO CONTRAIL OBJECT MAPPING Namespace Single project OR Shared project Pod Virtual Machine Service ECMP Loadbalancer Ingress Haproxy Loadbalancer for URL Network Policy Security Groups

K8s API Server CONTRAIL WITH KUBERNETES ON BAREMETAL K8s Master K8s Node1 Kube Manager Controller Analytics Analytics-DB Agent K8s Kubelet CNI POD POD K8s Node2 Agent K8s Kubelet CNI POD POD vrouter vrouter

Agent K8s API Server Agent Kube Manager K8s Kubelet CNI POD POD POD K8s Kubelet CNI POD CONTRAIL WITH KUBERNETES ON OPENSTACK Openstack + Contrail Controller Openstack Compute 1 Openstack Compute 2 K8s Master K8s Node1 K8s Node2 Nova API Glance Keystone. Controller Analytics Analytics-DB Green VM vrouter vrouter

CONTRAIL WITH OPENSHIFT OpenShift Enterprise Kubernetes User Experience Enterprise Management & Integration Container Development Container orchestration Build IDM(LDAP,SSO) Web-Console JBOSS xpaas images Eclipse & Jenkins integrations Router (Now Ingress in K8S) OpenShift SDN for Isolation Logging & Metrics Deploy Docker Atomic Container runtime environment Minimal OS Run Host Contrail SDN augments OpenShift SDN

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback