MesosCon Qian Zhang (IBM China), Jie Yu (Mesosphere) OCI Support in Mesos Mesosphere, Inc. All Rights Reserved. 1

Similar documents
2016 Mesosphere, Inc. All Rights Reserved.

OCI Runtime Tools for Container Standardization

Secrets Management in Mesos

MESOS A State-Of-The-Art Container Orchestrator Mesosphere, Inc. All Rights Reserved. 1

Secrets Management in Mesos. Vinod Kone Greg Mann

Intel Clear Containers. Amy Leeland Program Manager Clear Linux, Clear Containers And Ciao

Container Networking and Openstack. Fernando Sanchez Fawad Khaliq March, 2016

APACHE COTTON. MySQL on Mesos. Yan Xu xujyan

How Container Runtimes matter in Kubernetes?

The speed of containers, the security of VMs

CS-580K/480K Advanced Topics in Cloud Computing. Container III

CONTINUOUS DELIVERY WITH MESOS, DC/OS AND JENKINS

Container Pods with Docker Compose in Apache Mesos

Supporting GPUs in Docker Containers on Apache Mesos

The speed of containers, the security of VMs. KataContainers.io

Unified Kubernetes CRI runtimes based on Kata Containers. Xu Wang hyper.sh

The Open Container Initiative Establishing standards for an open ecosystem

How to build and run OCI containers

Deployment Patterns using Docker and Chef

AGILE DEVELOPMENT AND PAAS USING THE MESOSPHERE DCOS

rkt and Kubernetes What's new (and coming) with Container Runtimes and Orchestration

System Requirements ENTERPRISE

CONTINUOUS DELIVERY WITH DC/OS AND JENKINS

CNI, CRI, and OCI - Oh My!

Container mechanics in Linux and rkt FOSDEM 2016

e2 factory the emlix Embedded Build Framework

Kata Containers The way to run virtualized containers. Sebastien Boeuf, Linux Software Engineer Intel Corporation

Who is Docker and how he can help us? Heino Talvik

Code: Slides:

CNA1699BU Running Docker on your Existing Infrastructure with vsphere Integrated Containers Martijn Baecke Patrick Daigle VMworld 2017 Content: Not fo

Cloud I - Introduction

VMworld 2017 Content: Not for publication #CNA1699BE CONFIDENTIAL 2

Versioning with git. Moritz August Git/Bash/Python-Course for MPE. Moritz August Versioning with Git

IBM EXAM - C IBM FileNet Business Process Manager V5.1. Buy Full Product.

Cloud Foundry Diego: The New Cloud Runtime. Heterogeneous Container Scheduling, Docker & More

Using DC/OS for Continuous Delivery

A New Model for Image Distribution

Container-based virtualization: Docker

THE STATE OF CONTAINERS

Important DevOps Technologies (3+2+3days) for Deployment

Container Security and new container technologies. Dan

Be a Microservices Hero ContainerCon 15

Best Practices for WebSphere Application Server Product Updates

ANDROID SYLLABUS. Advanced Android

Think Small to Scale Big

Harbor Registry. VMware VMware Inc. All rights reserved.

HAProxy configuration

Marathon & Metronome Mesosphere, Inc. All Rights Reserved. 1

Improve the container image compatibility on Arm

Launching StarlingX. The Journey to Drive Compute to the Edge Pilot Project Supported by the OpenStack

Microsoft Cloud Workshop. Containers and DevOps Hackathon Learner Guide

TECHNICAL BRIEF. Scheduling and Orchestration of Heterogeneous Docker-Based IT Landscapes. January 2017 Version 2.0 For Public Use

利用 Mesos 打造高延展性 Container 環境. Frank, Microsoft MTC

Docker und IBM Digital Experience in Docker Container

Android App Development

Distributed Computing Framework Based on Software Containers for Heterogeneous Embedded Devices

Docker and Security. September 28, 2017 VASCAN Michael Irwin

UPGRADING A MESOS CLUSTER

NVMe over Fabrics (NVMe-oF) For Containers

ovirt and Docker Integration

Declarative Modeling for Cloud Deployments

ViryaOS RFC: Secure Containers for Embedded and IoT. A proposal for a new Xen Project sub-project

@joerg_schad Nightmares of a Container Orchestration System

DEPLOYMENT MADE EASY!

An introduction to Docker

USER GUIDE. Snow Inventory Agent for Unix. Version 5. Release date Document date SNOWSOFTWARE.COM

Simple custom Linux distributions with LinuxKit. Justin Cormack

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

USER GUIDE. Snow Inventory Agent for Unix. Version 5. Release date Document date SNOWSOFTWARE.COM

getting started with your solstice dashboard demo

Docker DCA EXAM. m/ Product: Demo. For More Information: Docker Certified Associate

VMware s (Open Source) Way of Container. Dr. Udo Seidel

Docker All The Things

TEN LAYERS OF CONTAINER SECURITY. Kirsten Newcomer Security Strategist

TileServer GL Documentation

Dockerized Tizen Platform

Docker for People. A brief and fairly painless introduction to Docker. Friday, November 17 th 11:00-11:45

Introduction to Containers

Application Centric Microservices Ken Owens, CTO Cisco Intercloud Services. Redhat Summit 2015

This document provides instructions for upgrading a DC/OS cluster.

Developing and Testing Java Microservices on Docker. Todd Fasullo Dir. Engineering

Docker LibNetwork Plugins. Explorer s Tale

Kubernetes: Integration vs Native Solution

VNS3 3.5 Container System Add-Ons

Platform SDK Deployment Guide. Platform SDK 8.1.2

The Packer Book. James Turnbull. April 20, Version: v1.1.2 (067741e) Website: The Packer Book

Engineering Robust Server Software

Travis Cardwell Technical Meeting

Convergence of VM and containers orchestration using KubeVirt. Chunfu Wen

Replacing Docker With Podman. By Dan

Fishing with Open Source Tools for SNIA Swordfish Don Deel NetApp, Inc.

Logging, Monitoring, and Alerting

Container Orchestration on Amazon Web Services. Arun

State of Containers. Convergence of Big Data, AI and HPC

ForeScout Extended Module for IBM BigFix

Exam Questions P

THE ROUTE TO ROOTLESS

Secure Foundations: Why RHEL isn t just another Linux distribution

ForeScout Extended Module for IBM BigFix

Tableau Server on Linux 2018 Update

Transcription:

MesosCon 2017 - Qian Zhang (IBM China), Jie Yu (Mesosphere) OCI Support in Mesos 2016 Mesosphere, Inc. All Rights Reserved. 1

Qian Zhang Software Engineer Jie Yu Software Engineer zhq527725@gmail.com jie@mesosphere.io 2016 Mesosphere, Inc. All Rights Reserved. 2

Agenda Brief introduction to OCI OCI store in Mesos OCI runtime isolator in Mesos 2016 Mesosphere, Inc. All Rights Reserved. 3

What is OCI (Open Container Initiative) Launched on June 22, 2015 by Docker, CoreOS and other leaders in the container industry, 43 members now. A lightweight, open governance project formed under the Linux Foundation. Focus on creating open industry standards around container formats and runtime. https://www.opencontainers.org https://github.com/opencontainers 2016 Mesosphere, Inc. All Rights Reserved. 4

OCI Specs Runtime spec Specify the configuration, execution environment, and lifecycle of a container. Define a filesystem bundle which contains all the information needed to load and run a container by a container runtime. config.json - platform - env - user - hostname - root... + rootfs / bin/ etc/ home/ opt/... Container Runtime Container Filesystem Bundle 2016 Mesosphere, Inc. All Rights Reserved. 5

OCI Specs Image spec Define an OCI image. More details in the next a few pages High level workflow for an OCI runtime (Similar UX with docker run ) Download an OCI Image Unpack the image into an OCI runtime filesystem bundle Run the OCI runtime bundle as a container. In Mesos, our focus is OCI image spec rather than runtime spec because: We d like to support any OCI compliant images no matter which tools are used to create the images. OCI runtime spec config are pretty low level, it doesn't make sense to directly expose to the end user. 2016 Mesosphere, Inc. All Rights Reserved. 6

OCI Image Spec Contents Image Manifest Image Configuration Image Layer Image Index Description A JSON document pointing to a configuration and set of layers for a single container image for a specific architecture and operating system. A JSON document describing the configuration of the image. A changeset that describes a container's filesystem, one or more layers are applied on top of each other to create a complete filesystem for container. A JSON document pointing to specific image manifests for one or more platforms. 2016 Mesosphere, Inc. All Rights Reserved. 7

OCI Image Spec 2016 Mesosphere, Inc. All Rights Reserved. 8

OCI Image Layout $ tree nginx/ nginx/ blobs/ sha256/ 1258c3edee850f5f4b1aa35f7daf... 961dd3f5d83608982f3294cf921f... a80b5f000ec0152b73d6d5d3lk2... b05436c68d6ab7af7016dcd3plo... ff3d52d8f55fb0b74ea0a2413snc... index.json oci-layout Image index Image manifest Image layers Image configuration 2016 Mesosphere, Inc. All Rights Reserved. 9

OCI Store in Mesos 2016 Mesosphere, Inc. All Rights Reserved. 10

OCI Store in Mesos Introduced two new agent flags --oci_default_locator { "type": "PREFIX", "prefix": { "value": "/tmp/oci/images" } } Locator is the solution that we abstract the way to discover OCI images, currently we support file:// and http://, will support more in future. --oci_store_dir /var/lib/mesos/store/oci configs/ layers/ default/ overlay/ manifests/ staging/ storedimages 2016 Mesosphere, Inc. All Rights Reserved. 11

OCI Store in Mesos Overall workflow to fetch an OCI image Fetch the index.json file based on image name and tag. Parse index.json to get the ID of the image manifest matching the current platform. Fetch the image manifest. Parse the image manifest to get the IDs of image configuration and image layers Fetch the image configuration. Fetch the image layers. 2016 Mesosphere, Inc. All Rights Reserved. 12

OCI Runtime Isolator in Mesos We decided to extend the existing docker/runtime isolator to handle both Docker image and OCI image. docker/runtime isolator is responsible for merging runtime configuration specified by user and Docker/OCI image configuration. Environment variable Command Working directory User 2016 Mesosphere, Inc. All Rights Reserved. 13

Demo Time!!

Questions? @qianzhangxa @jieyu

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback