SlideShare a Scribd company logo

Build cloud native solution using open source

Nitesh Jadhav
Nitesh Jadhav

The document discusses open source software, specifically focusing on technologies like Docker and Kubernetes, highlighting their advantages over traditional virtual machines in terms of speed, resource efficiency, and deployment simplicity. It also examines various components within the Kubernetes ecosystem, including monitoring tools like Prometheus and Grafana, and container orchestration methods. The document emphasizes the evolving role of these technologies in modern IT infrastructure and DevOps practices.

Technology
1 of 29
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
THE FUTURE IS OPEN Nitesh Jadhav GlobalConsultant– Cloud & DC Transformation nitesh1901@gmail.com
Open source is a type of licensing agreement that allows users to freely modify a work, use said work in new ways, integrate the work into a larger project or derive a new work based on the original. Why Open Source is Important? Lets explore how Open Source Software’s and Tools are helping to build our Modern IT Infrastructure as a Code
CNCF World of Open Source
Open Source Software’s considered here • SoftwareFeatures- • Kubernetes V1.14.0 • ETCD V3.3.4 A distributedkey value store • ContainerRuntime Docker • NetworkProvider Flannel A network fabricfor containers, designedfor Kubernetes • OperatingSystem Ubuntu18.04 LTS,Ubuntu16.04LTS,CentOS7or CentOS6 • Prometheus An open-source monitoringsolution for metrics and alerting • Grafana An open-source applicationfor visualizing large-scalemeasurement data. • Ingress An API object thatmanages external access to the services in a cluster. • KubernetesDashboard Web-based Kubernetesuser interface • Helm A Kubernetes packagemanager • Bacula For containerBackupand Restore
Difference between Traditional IT Vs Infra as a Code (Container) Docker is OS independent and can run on all platforms.Uses very less resources comparablyto the VMs. Since the size of the Docker containeris in MBsthey always boot up swiftly! Therefore Docker is well ahead of the Virtual Machines,have a quick look at how Docker wins the challenge of Docker vs VirtualMachines.
Container (Docker) vs Virtual Machine (VM): The Differences
Container (Docker) vs Virtual Machine (VM): The Differences Features / Functions Container Virtual Machines (VMs) Boot-Time Boots in a few seconds. It takes a few minutes for VMs to boot. Runs on Dockers make use of the execution engine. VMs make use of the hypervisor. Memory Efficiency No space is needed to virtualize, hence less memory. Requires entire OS to be loaded before startingthe surface, so less efficient. Isolation Prone to adversities as no provisions for isolationsystems. Interference possibilityis minimum because of the efficient isolationmechanism. Deployment Deployingis easyas only a single image, containerized can be used across all platforms. Deployment is comparatively lengthyas separate instances are responsible for execution. Performance Limited performance Native performance 1) OperatingSystem:Virtual machine has its guest OS above the hostOS, which makes virtual machines heavy. While in Docker, multiple containersshare the host OS, and thatis why they are lightweight. 2) Security:VirtualMachine does not share OS, and there is strongisolation in the host kernel. Hence, they are more secure as compared to containers.Docker has a lot of security risks and vulnerabilities because containersshare the host kernel. 3) Performance:Containersare lightweightand consume fewer resourceswhile VM is heavy and consumes more resources,so containersgive better performance than VM. 4) Portability:Containersare easily portable because they do not have separateoperatingsystems.While virtual machines have separateOS, so portinga virtual machine is very difficult.
How Does Docker Work? Stepsinvolvedin deployinga Web Application 1. Packagea sample web applicationinto a Docker image. 2. Upload the Docker image to Container Registry. 3. Create a Kubernetes cluster. 4. Deploy the sample app to the cluster. 5. Manageautoscalingfor the deployment. 6. Expose the sample app to the internet. 7. Deploy a new version of the sample app.
Pros and Cons of Container/Docker Pros Of Container •Containerscan be as small as 10MBand you can easily limit their memory and CPU usage. So, they are lightweight. •Since they are small in size, they can boot up faster and can be quickly scaled too. •Containersare exemplary when it comes to Continous Integrationand Continous Deployment(CI/CD) implementation. Cons Of Container •Since the containersrun on host OS, it has a dependency on the host underlying host OperatingSystem. •Containerscannot all by themselves cannotprovide security at a commendable level. •When the containeris deleted if the data inside the containeris lost. You will have to add Data Volumes in order to store the data. Popular Container Providers: •Docker •Rocket– rkt •Linux containers– LXC •CRI-O •containerd
How Does Container Orchestration Work? DifferentContainerOrchestrationTools Tools to manage, scale, and maintaincontainerized applicationsare called orchestrators,and the most common examples of these are • Kubernetes • DockerSwarm and • Apache Mesos.
Kubernetes Architecture Components 1) One or more master and multiple nodes. One of mastersused to provide high-availability. 2) The Masternode communicateswith Worker nodes using Kube API-server to kubelet communication. 3) In the Worker node, there can be one or more pods and pods can containone or more containers. 4) Containerscan be deployed using the image also can be deployed externally by the user.
Kubernetes HA Cluster Achieving scalability and availability Kubernetes cluster to both scale to accommodate increasing workloads and to be fault-tolerant (datacenter outages, machine failures, network partitions). Production cluster setup Choose deploymenttools: You can deploy a controlplane using tools such as kubeadm, kops,and kubespray. Managecertificates: Securecommunicationsbetween control plane services are implemented using certificates. Configureload balancer for apiserver: Configurea load balancer to distributeexternal API requests to the apiserver service instances running on different nodes. See Create an External Load Balancer for details. Separateand backup etcd service: The etcd stores cluster configuration data, backing up the etcd databaseshould be doneregularly to ensure that you can repair that databaseif needed.
Kubernetes HA Cluster External etcd topology An HA cluster with external etcd is a topology where the distributed data storage cluster provided by etcd is external to the cluster formed by the nodes that run control plane components. A minimum of three hosts for control plane nodes and three hosts for etcd nodes are required for an HA cluster with this topology. This topology decouples thecontrol plane and etcd member. It thereforeprovides an HA setup where losing a controlplane instance or an etcd member has less impact and does not affect the cluster redundancy as much as the stacked HA topology.
Kubernetes with HA on Azure Cloud
Architecture of Prometheus Monitoring & Management Tool • The main Prometheus server - scrapesand storestime series data • client libraries -- instrumentingapplicationcode • push gateway-- for supporting short-lived jobs • special-purpose exportersfor services like HAProxy,StatsD,Graphite,etc. • alertmanager - to handle alerts • PromQL, a flexible query languageto leverage this dimensionality • Targetsare discovered via service discovery or staticconfiguration • Multiple modes of graphingand dashboarding support • Time series collectionhappens via a pull model over HTTP • No reliance on distributedstorage;single server nodes are autonomous The Prometheus ecosystem Components and Features:
Prometheus – Pros and Cons Prometheus scrapes metrics from instrumentedjobs, either directly or via an intermediary push gateway for short- lived jobs. It stores all scraped sampleslocally andruns rules over this data to either aggregate and record new time series from existing dataor generate alerts. Grafana or other API consumers can be used to visualize the collecteddata. When does it fit? Prometheus works well for recording any purely numeric time series. It fits both machine-centricmonitoring as well as monitoringof highly dynamic service-orientedarchitectures. In a world of microservices, its support for multi-dimensional data collectionand querying is a particular strength. Prometheus is designed for reliability, to be the system you go to during an outage to allow you to quickly diagnose problems. Each Prometheus server is standalone, not depending on network storage or other remote services. You can rely on it when other parts of your infrastructure are broken, and you do not need to setup extensiveinfrastructureto use it. When does it not fit? Prometheus values reliability. You can always view what statisticsare available about your system, even under failure conditions. If you need 100% accuracy,such as for per-request billing, Prometheus is not a good choice as the collecteddata will likely not be detailed and complete enough. In such a case you would be best off using some other system to collect and analyze the data for billing, and Prometheusfor the rest of your monitoring.
Grafana with Prometheus Importing pre-built dashboards from Grafana.com Grafana.com maintains a collection of shared dashboards whichcan be downloaded andused with standalone instancesof Grafana. Use the Grafana.com "Filter" option to browse dashboards for the "Prometheus"data source only. Creating a Prometheus data source To create a Prometheus data sourcein Grafana: 1.Click on the "cogwheel" in the sidebar to open the Configuration menu. 2.Click on "Data Sources". 3.Click on "Add data source". 4.Select "Prometheus" as the type. 5.Set the appropriatePrometheus server URL (for example, http://localhost:9090/) 6.Adjust other data source settings as desired (for example, choosing the right Access method). 7.Click "Save& Test" to save the new data source.
Voluntary and Involuntary Disruptions Involuntary disruptions: • a hardware failure of the physicalmachine backing the node • cluster administratordeletes VM (instance) by mistake • cloud provider or hypervisor failure makes VM disappear • a kernel panic • the node disappearsfrom the clusterdue to clusternetwork partition • eviction of a pod due to the node being out-of-resources. Voluntarydisruptions: • deleting the deployment or other controller thatmanages the pod • updating a deployment's pod templatecausing a restart • directly deleting a pod (e.g. by accident) • Draining a node for repair or upgrade. • Draining a node from a cluster to scale the cluster down (learn about Cluster Autoscaling). • Removing a pod from a node to permit something else to fit on that node. These actions might be taken directly by the cluster administrator, or by automation run by the cluster administrator, or by your cluster hosting provider.
DevOps Platform JFrog Platform,providinga seamless and unified DevOps experience acrossall JFrog products.The JFrog Platformunifies the user experience and management of all the JFrogservices into a single pane of glass. https://youtu.be/r8nscXdb7y4
How does JFROG Artifactory Work? The JFrogArtifactoryservicecontainsthefollowingmicroservices: • Artifactory - The applicationserver • Router - The central hub for communication between all the microservices,and cross-product. • Access - The authentication serverand service registry.Used to manage Users, Groups,Permissions and Access Tokens for all products in the JPD • Event - The events distributionmechanism for JFrog products.Distributes Webhookevents to external systems. • Frontend - The applicationuser interface (UIfor the entire JPD) • Metadata - The Components metadataserver.Serves the Packages screen in the JPD UI. • Replicator - The replicationengine (available with an Enterprise+ license) Additionalexternal JFrogservicesare: • Xray • Mission Control • Distribution • Pipelines Outsidethe JPD: • Load Balancer - Communicate with Artifactoryand Artifactory's Router service (as demonstratedin the diagram above). • Browser / JFrog CLI / Other Clients
JFROG - Supported Partner Integration JFrog Product(s) Partner Integration/ Deployment Type JFrog Subscription Artifactory These platformdeployments will deployJFrog Artifactory as the entry point ofthe JFrog Platform. Amazon AWS Container Marketplace Pro/Enterprise Microsoft Azure ARM Template Enterprise Rancher CatalogHelm Chart Enterprise Red Hat Certified UBI docker Image Pro/Enterprise Red Hat OpenShift Certified OpenShift Operator Enterprise Artifactory and Xray These platformdeployments havethe option to installArtifactoryand additional products. Amazon AWS CloudFormation Templates Pro/Enterprise Google GCP GKE Kubernetes App Enterprise Red Hat Ansible Ansible Collection Pro/Enterprise
CEPH STORAGE CLUSTER Ceph provides an infinitely scalable Ceph Storage Cluster based upon RADOS, which you can read about in RADOS - A Scalable, Reliable Storage Service for Petabyte-scale Storage Clusters. A Ceph Storage Cluster consists of multiple types of daemons: • Ceph Monitor • Ceph OSD Daemon • Ceph Manager • Ceph Metadata Server • A Ceph Monitor maintains a master copy of the cluster map. A cluster of Ceph monitors ensures high availability should a monitor daemon fail. Storage cluster clients retrieve a copy of the cluster map from the Ceph Monitor. • A Ceph OSD Daemon checks its own state and the state of other OSDs and reports back to monitors. • A Ceph Manager acts as an endpoint for monitoring, orchestration, and plug-in modules. • A Ceph Metadata Server (MDS) manages file metadata when CephFS is used to provide file services.
Ceph Storage Network Architecture
Advanced Kubernetes Cluster Network Diagram Fully managed Kubernetes-as-a-Service.Getit to work easily, quickly from Kube Clusters https://www.kubeclusters.com full-management service allows you to apply Kubernetesin the productionenvironment quickly without worrying about the overhead of its management and maintenance,reducing your time-to-market.
Enterprise Backup Architecture of Bacula Enterprise Backup Solution of Bacula supportsVarious OS, Hypervisors, Kubernetes, Docker and Key Applications
Bacula Backup for Docker DockerBackup The backup of a single Docker container consists of the following simple steps: 1. Save current container state to new image (container commit – snapshot). 2. Execute Docker utility and save data. 3. Remove saved snapshot to free not needed resources. DockerRestore The Docker backup module provides two targets for restore operations: • Restore to Docker service; • Restore to a local directory as archive files.
Flannel Virtual Network for Containers flannel is a virtual networking layer designed specifically for containers. Each hostwithin the network runs an agent called flanneld,which is responsible for: • Managinga unique subnet on each host • DistributingIP addresses to each containeron its host • Mapping routesfrom one containerto another, even if on different hosts Each flanneld agentprovides this informationto a centralizedetcdstoreso other agentson hosts can route packets to other containerswithin the flannelnetwork.
Help for ApplicationPackaging on Kubernetes Kubernetes Helm, by making application deployment easy, standardized and reusable, improves developer productivity, reduces deployment complexity, enhances operational readiness, and speeds up the adoption of cloud native apps.
THANK YOU Nitesh Jadhav GlobalConsultant– Cloud & DC Transformation nitesh1901@gmail.com
Ad

Recommended

VisiQuate: Azure cloud migration case study
VisiQuate: Azure cloud migration case study
Leonid Nekhymchuk
 
Migrate to Microsoft Azure with Confidence
Migrate to Microsoft Azure with Confidence
David J Rosenthal
 
#PCMVision: VMware NSX - Transforming Security
#PCMVision: VMware NSX - Transforming Security
PCM
 
How to Get Cloud Architecture and Design Right the First Time
How to Get Cloud Architecture and Design Right the First Time
David Linthicum
 
Google Cloud Dataproc - Easier, faster, more cost-effective Spark and Hadoop
Google Cloud Dataproc - Easier, faster, more cost-effective Spark and Hadoop
huguk
 
App-First & Cloud-Native: How InterMiles Boosted CX with AWS & Infostretch
App-First & Cloud-Native: How InterMiles Boosted CX with AWS & Infostretch
Infostretch
 
Cloud-Native Patterns and the Benefits of MySQL as a Platform Managed Service
Cloud-Native Patterns and the Benefits of MySQL as a Platform Managed Service
VMware Tanzu
 
Automating the Enterprise with CloudForms & Ansible
Automating the Enterprise with CloudForms & Ansible
Jerome Marc
 
Service Mesh: Two Big Words But Do You Need It?
Service Mesh: Two Big Words But Do You Need It?
DevOps.com
 
Why companies are moving Infor applications to cloud
Why companies are moving Infor applications to cloud
Velocity Technology Solutions
 
SAP on Azure - Deck
SAP on Azure - Deck
Chris Genazzio
 
Legacy application modernization with microsoft azure
Legacy application modernization with microsoft azure
OptiSol Business Solutions
 
Using Pivotal Cloud Foundry with Google’s BigQuery and Cloud Vision API
Using Pivotal Cloud Foundry with Google’s BigQuery and Cloud Vision API
VMware Tanzu
 
Cloud Transformation
Cloud Transformation
Hexaware Technologies
 
Oracle Cloud Computing Strategy
Oracle Cloud Computing Strategy
Rex Wang
 
Azure App Modernization
Azure App Modernization
Phi Huynh
 
Distribute Your App and Engage Your Community with a Helm Repository
Distribute Your App and Engage Your Community with a Helm Repository
VMware Tanzu
 
Integration in the Cloud
Integration in the Cloud
Rob Davies
 
AWS Tech Talks: Armazenamento Híbrido na Nuvem
AWS Tech Talks: Armazenamento Híbrido na Nuvem
Amazon Web Services LATAM
 
Azure intelligent edge solutions overview
Azure intelligent edge solutions overview
Cenk Ersoy
 
Migrating Traditional Apps from On-Premises to the Hybrid Cloud
Migrating Traditional Apps from On-Premises to the Hybrid Cloud
Rackspace
 
CoreLogic Innovation Fueled By Cloud Foundry (Cloud Foundry Summit 2014)
CoreLogic Innovation Fueled By Cloud Foundry (Cloud Foundry Summit 2014)
VMware Tanzu
 
Big data journey to the cloud 5.30.18 asher bartch
Big data journey to the cloud 5.30.18 asher bartch
Cloudera, Inc.
 
Migrate to Azure with Confidence - Inovar Consulting
Migrate to Azure with Confidence - Inovar Consulting
Inovar Tech
 
SAP on Azure Technical Pitch Deck
SAP on Azure Technical Pitch Deck
Nicholas Vossburg
 
Azure Stack Overview (Dec/2018)
Azure Stack Overview (Dec/2018)
Cenk Ersoy
 
Ravello – the Easiest Way to Cloud
Ravello – the Easiest Way to Cloud
MarketingArrowECS_CZ
 
Applications in the Cloud - Architecture, Operations, and more
Applications in the Cloud - Architecture, Operations, and more
John Treadway
 
DEVOPS UNIT 4 docker and services commands
DEVOPS UNIT 4 docker and services commands
billuandtanya
 
Docker & aPaaS: Enterprise Innovation and Trends for 2015
Docker & aPaaS: Enterprise Innovation and Trends for 2015
WaveMaker, Inc.
 

More Related Content

What's hot (20)

Service Mesh: Two Big Words But Do You Need It?
Service Mesh: Two Big Words But Do You Need It?
DevOps.com
 
Why companies are moving Infor applications to cloud
Why companies are moving Infor applications to cloud
Velocity Technology Solutions
 
SAP on Azure - Deck
SAP on Azure - Deck
Chris Genazzio
 
Legacy application modernization with microsoft azure
Legacy application modernization with microsoft azure
OptiSol Business Solutions
 
Using Pivotal Cloud Foundry with Google’s BigQuery and Cloud Vision API
Using Pivotal Cloud Foundry with Google’s BigQuery and Cloud Vision API
VMware Tanzu
 
Cloud Transformation
Cloud Transformation
Hexaware Technologies
 
Oracle Cloud Computing Strategy
Oracle Cloud Computing Strategy
Rex Wang
 
Azure App Modernization
Azure App Modernization
Phi Huynh
 
Distribute Your App and Engage Your Community with a Helm Repository
Distribute Your App and Engage Your Community with a Helm Repository
VMware Tanzu
 
Integration in the Cloud
Integration in the Cloud
Rob Davies
 
AWS Tech Talks: Armazenamento Híbrido na Nuvem
AWS Tech Talks: Armazenamento Híbrido na Nuvem
Amazon Web Services LATAM
 
Azure intelligent edge solutions overview
Azure intelligent edge solutions overview
Cenk Ersoy
 
Migrating Traditional Apps from On-Premises to the Hybrid Cloud
Migrating Traditional Apps from On-Premises to the Hybrid Cloud
Rackspace
 
CoreLogic Innovation Fueled By Cloud Foundry (Cloud Foundry Summit 2014)
CoreLogic Innovation Fueled By Cloud Foundry (Cloud Foundry Summit 2014)
VMware Tanzu
 
Big data journey to the cloud 5.30.18 asher bartch
Big data journey to the cloud 5.30.18 asher bartch
Cloudera, Inc.
 
Migrate to Azure with Confidence - Inovar Consulting
Migrate to Azure with Confidence - Inovar Consulting
Inovar Tech
 
SAP on Azure Technical Pitch Deck
SAP on Azure Technical Pitch Deck
Nicholas Vossburg
 
Azure Stack Overview (Dec/2018)
Azure Stack Overview (Dec/2018)
Cenk Ersoy
 
Ravello – the Easiest Way to Cloud
Ravello – the Easiest Way to Cloud
MarketingArrowECS_CZ
 
Applications in the Cloud - Architecture, Operations, and more
Applications in the Cloud - Architecture, Operations, and more
John Treadway
 
Service Mesh: Two Big Words But Do You Need It?
Service Mesh: Two Big Words But Do You Need It?
DevOps.com
 
Why companies are moving Infor applications to cloud
Why companies are moving Infor applications to cloud
Velocity Technology Solutions
 
SAP on Azure - Deck
SAP on Azure - Deck
Chris Genazzio
 
Legacy application modernization with microsoft azure
Legacy application modernization with microsoft azure
OptiSol Business Solutions
 
Using Pivotal Cloud Foundry with Google’s BigQuery and Cloud Vision API
Using Pivotal Cloud Foundry with Google’s BigQuery and Cloud Vision API
VMware Tanzu
 
Cloud Transformation
Cloud Transformation
Hexaware Technologies
 
Oracle Cloud Computing Strategy
Oracle Cloud Computing Strategy
Rex Wang
 
Azure App Modernization
Azure App Modernization
Phi Huynh
 
Distribute Your App and Engage Your Community with a Helm Repository
Distribute Your App and Engage Your Community with a Helm Repository
VMware Tanzu
 
Integration in the Cloud
Integration in the Cloud
Rob Davies
 
AWS Tech Talks: Armazenamento Híbrido na Nuvem
AWS Tech Talks: Armazenamento Híbrido na Nuvem
Amazon Web Services LATAM
 
Azure intelligent edge solutions overview
Azure intelligent edge solutions overview
Cenk Ersoy
 
Migrating Traditional Apps from On-Premises to the Hybrid Cloud
Migrating Traditional Apps from On-Premises to the Hybrid Cloud
Rackspace
 
CoreLogic Innovation Fueled By Cloud Foundry (Cloud Foundry Summit 2014)
CoreLogic Innovation Fueled By Cloud Foundry (Cloud Foundry Summit 2014)
VMware Tanzu
 
Big data journey to the cloud 5.30.18 asher bartch
Big data journey to the cloud 5.30.18 asher bartch
Cloudera, Inc.
 
Migrate to Azure with Confidence - Inovar Consulting
Migrate to Azure with Confidence - Inovar Consulting
Inovar Tech
 
SAP on Azure Technical Pitch Deck
SAP on Azure Technical Pitch Deck
Nicholas Vossburg
 
Azure Stack Overview (Dec/2018)
Azure Stack Overview (Dec/2018)
Cenk Ersoy
 
Ravello – the Easiest Way to Cloud
Ravello – the Easiest Way to Cloud
MarketingArrowECS_CZ
 
Applications in the Cloud - Architecture, Operations, and more
Applications in the Cloud - Architecture, Operations, and more
John Treadway
 

Similar to Build cloud native solution using open source (20)

DEVOPS UNIT 4 docker and services commands
DEVOPS UNIT 4 docker and services commands
billuandtanya
 
Docker & aPaaS: Enterprise Innovation and Trends for 2015
Docker & aPaaS: Enterprise Innovation and Trends for 2015
WaveMaker, Inc.
 
56k.cloud training
56k.cloud training
Brian Christner
 
Docker - A high level introduction to dockers and containers
Docker - A high level introduction to dockers and containers
Dr Ganesh Iyer
 
Lectre # 11 (VS&S). virtualization .pptx
Lectre # 11 (VS&S). virtualization .pptx
farheengul004
 
Docker Application to Scientific Computing
Docker Application to Scientific Computing
Peter Bryzgalov
 
Containerization
Containerization
Suryadeep Chatterjee
 
Docker in Production at the Aurora Team
Docker in Production at the Aurora Team
Haufe-Lexware GmbH & Co KG
 
HPC Cloud Burst Using Docker
HPC Cloud Burst Using Docker
IRJET Journal
 
Docker-v3.pdf
Docker-v3.pdf
Bruno Cornec
 
Powering Microservices with Docker
Powering Microservices with Docker
Cognizant
 
Deploy prometheus on kubernetes
Deploy prometheus on kubernetes
Cloud Technology Experts
 
Containers Orchestration using kubernates.pptx
Containers Orchestration using kubernates.pptx
rani marri
 
8 - OpenShift - A look at a container platform: what's in the box
8 - OpenShift - A look at a container platform: what's in the box
Kangaroot
 
Continuous Integration with Docker on AWS
Continuous Integration with Docker on AWS
Andrew Heifetz
 
Monitoring hybrid container environments
Monitoring hybrid container environments
Samuel Vandamme
 
week8_watermark.pdfhowcanitbe minimum 40 i
week8_watermark.pdfhowcanitbe minimum 40 i
sec22ci043
 
Week 8 lecture material
Week 8 lecture material
Ankit Gupta
 
Docker dev ops for cd meetup 12-14
Docker dev ops for cd meetup 12-14
Simon Storm
 
The challenge of application distribution - Introduction to Docker (2014 dec ...
The challenge of application distribution - Introduction to Docker (2014 dec ...
Sébastien Portebois
 
DEVOPS UNIT 4 docker and services commands
DEVOPS UNIT 4 docker and services commands
billuandtanya
 
Docker & aPaaS: Enterprise Innovation and Trends for 2015
Docker & aPaaS: Enterprise Innovation and Trends for 2015
WaveMaker, Inc.
 
56k.cloud training
56k.cloud training
Brian Christner
 
Docker - A high level introduction to dockers and containers
Docker - A high level introduction to dockers and containers
Dr Ganesh Iyer
 
Lectre # 11 (VS&S). virtualization .pptx
Lectre # 11 (VS&S). virtualization .pptx
farheengul004
 
Docker Application to Scientific Computing
Docker Application to Scientific Computing
Peter Bryzgalov
 
Containerization
Containerization
Suryadeep Chatterjee
 
Docker in Production at the Aurora Team
Docker in Production at the Aurora Team
Haufe-Lexware GmbH & Co KG
 
HPC Cloud Burst Using Docker
HPC Cloud Burst Using Docker
IRJET Journal
 
Docker-v3.pdf
Docker-v3.pdf
Bruno Cornec
 
Powering Microservices with Docker
Powering Microservices with Docker
Cognizant
 
Deploy prometheus on kubernetes
Deploy prometheus on kubernetes
Cloud Technology Experts
 
Containers Orchestration using kubernates.pptx
Containers Orchestration using kubernates.pptx
rani marri
 
8 - OpenShift - A look at a container platform: what's in the box
8 - OpenShift - A look at a container platform: what's in the box
Kangaroot
 
Continuous Integration with Docker on AWS
Continuous Integration with Docker on AWS
Andrew Heifetz
 
Monitoring hybrid container environments
Monitoring hybrid container environments
Samuel Vandamme
 
week8_watermark.pdfhowcanitbe minimum 40 i
week8_watermark.pdfhowcanitbe minimum 40 i
sec22ci043
 
Week 8 lecture material
Week 8 lecture material
Ankit Gupta
 
Docker dev ops for cd meetup 12-14
Docker dev ops for cd meetup 12-14
Simon Storm
 
The challenge of application distribution - Introduction to Docker (2014 dec ...
The challenge of application distribution - Introduction to Docker (2014 dec ...
Sébastien Portebois
 
Ad

Recently uploaded (20)

AI Agents and FME: A How-to Guide on Generating Synthetic Metadata
AI Agents and FME: A How-to Guide on Generating Synthetic Metadata
Safe Software
 
Connecting Data and Intelligence: The Role of FME in Machine Learning
Connecting Data and Intelligence: The Role of FME in Machine Learning
Safe Software
 
Mastering AI Workflows with FME by Mark Döring
Mastering AI Workflows with FME by Mark Döring
Safe Software
 
Salesforce Summer '25 Release Frenchgathering.pptx.pdf
Salesforce Summer '25 Release Frenchgathering.pptx.pdf
yosra Saidani
 
AI vs Human Writing: Can You Tell the Difference?
AI vs Human Writing: Can You Tell the Difference?
Shashi Sathyanarayana, Ph.D
 
"Database isolation: how we deal with hundreds of direct connections to the d...
"Database isolation: how we deal with hundreds of direct connections to the d...
Fwdays
 
" How to survive with 1 billion vectors and not sell a kidney: our low-cost c...
" How to survive with 1 billion vectors and not sell a kidney: our low-cost c...
Fwdays
 
Coordinated Disclosure for ML - What's Different and What's the Same.pdf
Coordinated Disclosure for ML - What's Different and What's the Same.pdf
Priyanka Aash
 
OpenPOWER Foundation & Open-Source Core Innovations
OpenPOWER Foundation & Open-Source Core Innovations
IBM
 
MuleSoft for AgentForce : Topic Center and API Catalog
MuleSoft for AgentForce : Topic Center and API Catalog
shyamraj55
 
UserCon Belgium: Honey, VMware increased my bill
UserCon Belgium: Honey, VMware increased my bill
stijn40
 
OpenACC and Open Hackathons Monthly Highlights June 2025
OpenACC and Open Hackathons Monthly Highlights June 2025
OpenACC
 
Tech-ASan: Two-stage check for Address Sanitizer - Yixuan Cao.pdf
Tech-ASan: Two-stage check for Address Sanitizer - Yixuan Cao.pdf
caoyixuan2019
 
GenAI Opportunities and Challenges - Where 370 Enterprises Are Focusing Now.pdf
GenAI Opportunities and Challenges - Where 370 Enterprises Are Focusing Now.pdf
Priyanka Aash
 
Cyber Defense Matrix Workshop - RSA Conference
Cyber Defense Matrix Workshop - RSA Conference
Priyanka Aash
 
Wenn alles versagt - IBM Tape schützt, was zählt! Und besonders mit dem neust...
Wenn alles versagt - IBM Tape schützt, was zählt! Und besonders mit dem neust...
Josef Weingand
 
Raman Bhaumik - Passionate Tech Enthusiast
Raman Bhaumik - Passionate Tech Enthusiast
Raman Bhaumik
 
10 Key Challenges for AI within the EU Data Protection Framework.pdf
10 Key Challenges for AI within the EU Data Protection Framework.pdf
Priyanka Aash
 
Python Conference Singapore - 19 Jun 2025
Python Conference Singapore - 19 Jun 2025
ninefyi
 
WebdriverIO & JavaScript: The Perfect Duo for Web Automation
WebdriverIO & JavaScript: The Perfect Duo for Web Automation
digitaljignect
 
AI Agents and FME: A How-to Guide on Generating Synthetic Metadata
AI Agents and FME: A How-to Guide on Generating Synthetic Metadata
Safe Software
 
Connecting Data and Intelligence: The Role of FME in Machine Learning
Connecting Data and Intelligence: The Role of FME in Machine Learning
Safe Software
 
Mastering AI Workflows with FME by Mark Döring
Mastering AI Workflows with FME by Mark Döring
Safe Software
 
Salesforce Summer '25 Release Frenchgathering.pptx.pdf
Salesforce Summer '25 Release Frenchgathering.pptx.pdf
yosra Saidani
 
AI vs Human Writing: Can You Tell the Difference?
AI vs Human Writing: Can You Tell the Difference?
Shashi Sathyanarayana, Ph.D
 
"Database isolation: how we deal with hundreds of direct connections to the d...
"Database isolation: how we deal with hundreds of direct connections to the d...
Fwdays
 
" How to survive with 1 billion vectors and not sell a kidney: our low-cost c...
" How to survive with 1 billion vectors and not sell a kidney: our low-cost c...
Fwdays
 
Coordinated Disclosure for ML - What's Different and What's the Same.pdf
Coordinated Disclosure for ML - What's Different and What's the Same.pdf
Priyanka Aash
 
OpenPOWER Foundation & Open-Source Core Innovations
OpenPOWER Foundation & Open-Source Core Innovations
IBM
 
MuleSoft for AgentForce : Topic Center and API Catalog
MuleSoft for AgentForce : Topic Center and API Catalog
shyamraj55
 
UserCon Belgium: Honey, VMware increased my bill
UserCon Belgium: Honey, VMware increased my bill
stijn40
 
OpenACC and Open Hackathons Monthly Highlights June 2025
OpenACC and Open Hackathons Monthly Highlights June 2025
OpenACC
 
Tech-ASan: Two-stage check for Address Sanitizer - Yixuan Cao.pdf
Tech-ASan: Two-stage check for Address Sanitizer - Yixuan Cao.pdf
caoyixuan2019
 
GenAI Opportunities and Challenges - Where 370 Enterprises Are Focusing Now.pdf
GenAI Opportunities and Challenges - Where 370 Enterprises Are Focusing Now.pdf
Priyanka Aash
 
Cyber Defense Matrix Workshop - RSA Conference
Cyber Defense Matrix Workshop - RSA Conference
Priyanka Aash
 
Wenn alles versagt - IBM Tape schützt, was zählt! Und besonders mit dem neust...
Wenn alles versagt - IBM Tape schützt, was zählt! Und besonders mit dem neust...
Josef Weingand
 
Raman Bhaumik - Passionate Tech Enthusiast
Raman Bhaumik - Passionate Tech Enthusiast
Raman Bhaumik
 
10 Key Challenges for AI within the EU Data Protection Framework.pdf
10 Key Challenges for AI within the EU Data Protection Framework.pdf
Priyanka Aash
 
Python Conference Singapore - 19 Jun 2025
Python Conference Singapore - 19 Jun 2025
ninefyi
 
WebdriverIO & JavaScript: The Perfect Duo for Web Automation
WebdriverIO & JavaScript: The Perfect Duo for Web Automation
digitaljignect
 
Ad

Build cloud native solution using open source

  • 1. THE FUTURE IS OPEN Nitesh Jadhav GlobalConsultant– Cloud & DC Transformation [email protected]
  • 2. Open source is a type of licensing agreement that allows users to freely modify a work, use said work in new ways, integrate the work into a larger project or derive a new work based on the original. Why Open Source is Important? Lets explore how Open Source Software’s and Tools are helping to build our Modern IT Infrastructure as a Code
  • 3. CNCF World of Open Source
  • 4. Open Source Software’s considered here • SoftwareFeatures- • Kubernetes V1.14.0 • ETCD V3.3.4 A distributedkey value store • ContainerRuntime Docker • NetworkProvider Flannel A network fabricfor containers, designedfor Kubernetes • OperatingSystem Ubuntu18.04 LTS,Ubuntu16.04LTS,CentOS7or CentOS6 • Prometheus An open-source monitoringsolution for metrics and alerting • Grafana An open-source applicationfor visualizing large-scalemeasurement data. • Ingress An API object thatmanages external access to the services in a cluster. • KubernetesDashboard Web-based Kubernetesuser interface • Helm A Kubernetes packagemanager • Bacula For containerBackupand Restore
  • 5. Difference between Traditional IT Vs Infra as a Code (Container) Docker is OS independent and can run on all platforms.Uses very less resources comparablyto the VMs. Since the size of the Docker containeris in MBsthey always boot up swiftly! Therefore Docker is well ahead of the Virtual Machines,have a quick look at how Docker wins the challenge of Docker vs VirtualMachines.
  • 6. Container (Docker) vs Virtual Machine (VM): The Differences
  • 7. Container (Docker) vs Virtual Machine (VM): The Differences Features / Functions Container Virtual Machines (VMs) Boot-Time Boots in a few seconds. It takes a few minutes for VMs to boot. Runs on Dockers make use of the execution engine. VMs make use of the hypervisor. Memory Efficiency No space is needed to virtualize, hence less memory. Requires entire OS to be loaded before startingthe surface, so less efficient. Isolation Prone to adversities as no provisions for isolationsystems. Interference possibilityis minimum because of the efficient isolationmechanism. Deployment Deployingis easyas only a single image, containerized can be used across all platforms. Deployment is comparatively lengthyas separate instances are responsible for execution. Performance Limited performance Native performance 1) OperatingSystem:Virtual machine has its guest OS above the hostOS, which makes virtual machines heavy. While in Docker, multiple containersshare the host OS, and thatis why they are lightweight. 2) Security:VirtualMachine does not share OS, and there is strongisolation in the host kernel. Hence, they are more secure as compared to containers.Docker has a lot of security risks and vulnerabilities because containersshare the host kernel. 3) Performance:Containersare lightweightand consume fewer resourceswhile VM is heavy and consumes more resources,so containersgive better performance than VM. 4) Portability:Containersare easily portable because they do not have separateoperatingsystems.While virtual machines have separateOS, so portinga virtual machine is very difficult.
  • 8. How Does Docker Work? Stepsinvolvedin deployinga Web Application 1. Packagea sample web applicationinto a Docker image. 2. Upload the Docker image to Container Registry. 3. Create a Kubernetes cluster. 4. Deploy the sample app to the cluster. 5. Manageautoscalingfor the deployment. 6. Expose the sample app to the internet. 7. Deploy a new version of the sample app.
  • 9. Pros and Cons of Container/Docker Pros Of Container •Containerscan be as small as 10MBand you can easily limit their memory and CPU usage. So, they are lightweight. •Since they are small in size, they can boot up faster and can be quickly scaled too. •Containersare exemplary when it comes to Continous Integrationand Continous Deployment(CI/CD) implementation. Cons Of Container •Since the containersrun on host OS, it has a dependency on the host underlying host OperatingSystem. •Containerscannot all by themselves cannotprovide security at a commendable level. •When the containeris deleted if the data inside the containeris lost. You will have to add Data Volumes in order to store the data. Popular Container Providers: •Docker •Rocket– rkt •Linux containers– LXC •CRI-O •containerd
  • 10. How Does Container Orchestration Work? DifferentContainerOrchestrationTools Tools to manage, scale, and maintaincontainerized applicationsare called orchestrators,and the most common examples of these are • Kubernetes • DockerSwarm and • Apache Mesos.
  • 11. Kubernetes Architecture Components 1) One or more master and multiple nodes. One of mastersused to provide high-availability. 2) The Masternode communicateswith Worker nodes using Kube API-server to kubelet communication. 3) In the Worker node, there can be one or more pods and pods can containone or more containers. 4) Containerscan be deployed using the image also can be deployed externally by the user.
  • 12. Kubernetes HA Cluster Achieving scalability and availability Kubernetes cluster to both scale to accommodate increasing workloads and to be fault-tolerant (datacenter outages, machine failures, network partitions). Production cluster setup Choose deploymenttools: You can deploy a controlplane using tools such as kubeadm, kops,and kubespray. Managecertificates: Securecommunicationsbetween control plane services are implemented using certificates. Configureload balancer for apiserver: Configurea load balancer to distributeexternal API requests to the apiserver service instances running on different nodes. See Create an External Load Balancer for details. Separateand backup etcd service: The etcd stores cluster configuration data, backing up the etcd databaseshould be doneregularly to ensure that you can repair that databaseif needed.
  • 13. Kubernetes HA Cluster External etcd topology An HA cluster with external etcd is a topology where the distributed data storage cluster provided by etcd is external to the cluster formed by the nodes that run control plane components. A minimum of three hosts for control plane nodes and three hosts for etcd nodes are required for an HA cluster with this topology. This topology decouples thecontrol plane and etcd member. It thereforeprovides an HA setup where losing a controlplane instance or an etcd member has less impact and does not affect the cluster redundancy as much as the stacked HA topology.
  • 14. Kubernetes with HA on Azure Cloud
  • 15. Architecture of Prometheus Monitoring & Management Tool • The main Prometheus server - scrapesand storestime series data • client libraries -- instrumentingapplicationcode • push gateway-- for supporting short-lived jobs • special-purpose exportersfor services like HAProxy,StatsD,Graphite,etc. • alertmanager - to handle alerts • PromQL, a flexible query languageto leverage this dimensionality • Targetsare discovered via service discovery or staticconfiguration • Multiple modes of graphingand dashboarding support • Time series collectionhappens via a pull model over HTTP • No reliance on distributedstorage;single server nodes are autonomous The Prometheus ecosystem Components and Features:
  • 16. Prometheus – Pros and Cons Prometheus scrapes metrics from instrumentedjobs, either directly or via an intermediary push gateway for short- lived jobs. It stores all scraped sampleslocally andruns rules over this data to either aggregate and record new time series from existing dataor generate alerts. Grafana or other API consumers can be used to visualize the collecteddata. When does it fit? Prometheus works well for recording any purely numeric time series. It fits both machine-centricmonitoring as well as monitoringof highly dynamic service-orientedarchitectures. In a world of microservices, its support for multi-dimensional data collectionand querying is a particular strength. Prometheus is designed for reliability, to be the system you go to during an outage to allow you to quickly diagnose problems. Each Prometheus server is standalone, not depending on network storage or other remote services. You can rely on it when other parts of your infrastructure are broken, and you do not need to setup extensiveinfrastructureto use it. When does it not fit? Prometheus values reliability. You can always view what statisticsare available about your system, even under failure conditions. If you need 100% accuracy,such as for per-request billing, Prometheus is not a good choice as the collecteddata will likely not be detailed and complete enough. In such a case you would be best off using some other system to collect and analyze the data for billing, and Prometheusfor the rest of your monitoring.
  • 17. Grafana with Prometheus Importing pre-built dashboards from Grafana.com Grafana.com maintains a collection of shared dashboards whichcan be downloaded andused with standalone instancesof Grafana. Use the Grafana.com "Filter" option to browse dashboards for the "Prometheus"data source only. Creating a Prometheus data source To create a Prometheus data sourcein Grafana: 1.Click on the "cogwheel" in the sidebar to open the Configuration menu. 2.Click on "Data Sources". 3.Click on "Add data source". 4.Select "Prometheus" as the type. 5.Set the appropriatePrometheus server URL (for example, http://localhost:9090/) 6.Adjust other data source settings as desired (for example, choosing the right Access method). 7.Click "Save& Test" to save the new data source.
  • 18. Voluntary and Involuntary Disruptions Involuntary disruptions: • a hardware failure of the physicalmachine backing the node • cluster administratordeletes VM (instance) by mistake • cloud provider or hypervisor failure makes VM disappear • a kernel panic • the node disappearsfrom the clusterdue to clusternetwork partition • eviction of a pod due to the node being out-of-resources. Voluntarydisruptions: • deleting the deployment or other controller thatmanages the pod • updating a deployment's pod templatecausing a restart • directly deleting a pod (e.g. by accident) • Draining a node for repair or upgrade. • Draining a node from a cluster to scale the cluster down (learn about Cluster Autoscaling). • Removing a pod from a node to permit something else to fit on that node. These actions might be taken directly by the cluster administrator, or by automation run by the cluster administrator, or by your cluster hosting provider.
  • 19. DevOps Platform JFrog Platform,providinga seamless and unified DevOps experience acrossall JFrog products.The JFrog Platformunifies the user experience and management of all the JFrogservices into a single pane of glass. https://youtu.be/r8nscXdb7y4
  • 20. How does JFROG Artifactory Work? The JFrogArtifactoryservicecontainsthefollowingmicroservices: • Artifactory - The applicationserver • Router - The central hub for communication between all the microservices,and cross-product. • Access - The authentication serverand service registry.Used to manage Users, Groups,Permissions and Access Tokens for all products in the JPD • Event - The events distributionmechanism for JFrog products.Distributes Webhookevents to external systems. • Frontend - The applicationuser interface (UIfor the entire JPD) • Metadata - The Components metadataserver.Serves the Packages screen in the JPD UI. • Replicator - The replicationengine (available with an Enterprise+ license) Additionalexternal JFrogservicesare: • Xray • Mission Control • Distribution • Pipelines Outsidethe JPD: • Load Balancer - Communicate with Artifactoryand Artifactory's Router service (as demonstratedin the diagram above). • Browser / JFrog CLI / Other Clients
  • 21. JFROG - Supported Partner Integration JFrog Product(s) Partner Integration/ Deployment Type JFrog Subscription Artifactory These platformdeployments will deployJFrog Artifactory as the entry point ofthe JFrog Platform. Amazon AWS Container Marketplace Pro/Enterprise Microsoft Azure ARM Template Enterprise Rancher CatalogHelm Chart Enterprise Red Hat Certified UBI docker Image Pro/Enterprise Red Hat OpenShift Certified OpenShift Operator Enterprise Artifactory and Xray These platformdeployments havethe option to installArtifactoryand additional products. Amazon AWS CloudFormation Templates Pro/Enterprise Google GCP GKE Kubernetes App Enterprise Red Hat Ansible Ansible Collection Pro/Enterprise
  • 22. CEPH STORAGE CLUSTER Ceph provides an infinitely scalable Ceph Storage Cluster based upon RADOS, which you can read about in RADOS - A Scalable, Reliable Storage Service for Petabyte-scale Storage Clusters. A Ceph Storage Cluster consists of multiple types of daemons: • Ceph Monitor • Ceph OSD Daemon • Ceph Manager • Ceph Metadata Server • A Ceph Monitor maintains a master copy of the cluster map. A cluster of Ceph monitors ensures high availability should a monitor daemon fail. Storage cluster clients retrieve a copy of the cluster map from the Ceph Monitor. • A Ceph OSD Daemon checks its own state and the state of other OSDs and reports back to monitors. • A Ceph Manager acts as an endpoint for monitoring, orchestration, and plug-in modules. • A Ceph Metadata Server (MDS) manages file metadata when CephFS is used to provide file services.
  • 23. Ceph Storage Network Architecture
  • 24. Advanced Kubernetes Cluster Network Diagram Fully managed Kubernetes-as-a-Service.Getit to work easily, quickly from Kube Clusters https://www.kubeclusters.com full-management service allows you to apply Kubernetesin the productionenvironment quickly without worrying about the overhead of its management and maintenance,reducing your time-to-market.
  • 25. Enterprise Backup Architecture of Bacula Enterprise Backup Solution of Bacula supportsVarious OS, Hypervisors, Kubernetes, Docker and Key Applications
  • 26. Bacula Backup for Docker DockerBackup The backup of a single Docker container consists of the following simple steps: 1. Save current container state to new image (container commit – snapshot). 2. Execute Docker utility and save data. 3. Remove saved snapshot to free not needed resources. DockerRestore The Docker backup module provides two targets for restore operations: • Restore to Docker service; • Restore to a local directory as archive files.
  • 27. Flannel Virtual Network for Containers flannel is a virtual networking layer designed specifically for containers. Each hostwithin the network runs an agent called flanneld,which is responsible for: • Managinga unique subnet on each host • DistributingIP addresses to each containeron its host • Mapping routesfrom one containerto another, even if on different hosts Each flanneld agentprovides this informationto a centralizedetcdstoreso other agentson hosts can route packets to other containerswithin the flannelnetwork.
  • 28. Help for ApplicationPackaging on Kubernetes Kubernetes Helm, by making application deployment easy, standardized and reusable, improves developer productivity, reduces deployment complexity, enhances operational readiness, and speeds up the adoption of cloud native apps.