build production ready container platform based on magnum
play

Build Production Ready Container Platform Based on Magnum and - PowerPoint PPT Presentation

Jan 27, 2023 •283 likes •525 views

Build Production Ready Container Platform Based on Magnum and Kubernetes Bo Wang bo.wang@easystack.cn HouMing Wang houming.wang@easystack.cn Magnum weakness Features for production ready container platform Private docker

  1. Build Production Ready Container Platform Based on Magnum and Kubernetes Bo Wang bo.wang@easystack.cn 
 HouMing Wang houming.wang@easystack.cn

  2. Magnum weakness Features for production ready container platform Private docker image registry CI/CD Tools Contents Service discovery Monitor and Alarm Log collection and search How to integrate features into Magnum Cluster initialization Mapping keystone user to Harbor

  3. Magnum in M release

  4. Magnum after N release remove container operations, act as container infrastructure management service

  5. Fuctions of Magnum clustertemplate CREATE/DELETE/UPDATE cluster CREATE/DELETE/UPDATE cluster ca SIGN/ROTATE quota CREATE/DELETE/UPDATE it’s really not enough to meet customers’ requirements.

  6. Use Case ---- CI/CD Test Zone push commit deploy trigger push image Production Zone product deploy launch

  7. Private image registry Why private image registry security: proprietary code or confidential information, vulnerability analysis network issue: slow-speed network; Great Firewall internal private cloud: no access to internet Functions of Harbor private/public projects images isolation among projects user authentication

  8. CI/CD tools Why continuous integration and continuous deployment tools Build faster, Test more, Fail less CI/CD tools help to reduce risk and delivery reliable software in short iterations. CI/CD has become one of the most common use cases of Docker early adopters. Functions of Jenkins dynamic generate pod slave pipleline commit trigger timed task lots plugins ...

  9. Internal DNS example: service_A -----> service_B, without dns you must do it in following order create service_A get the clusterIP create service_B with the clusterIP as parameter Why kube-dns cluster ip is dynamic, service name is permanent

  10. Service Discovery access service inside with internal DNS Node 1 Node 2 iptables iptables endpoint_2 clusterIP endpoint_1 service_B kube_dns pod_A_1 pod_B_1 pod_B_2 pod_A_2 clusterIP

  11. Internal DNS Kubernetes DNS pod holds 3 containers: kubedns, dnsmasq and healthz. The kubedns process watches the Kubernetes master for changes in Services and Endpoints, and maintains in-memory lookup structures to service DNS requests. The dnsmasq container adds DNS caching to improve performance. The healthz container provides a single health check endpoint while performing dual healthchecks (for dnsmasq and kubedns). The DNS pod is exposed as a Kubernetes Service with a static IP. Once assigned the kubelet passes DNS configured using the --cluster-dns=10.0.0.10 flag to each container.

  12. Service Discovery access Loadbalancer service outside VIP:port CLoud LB NodePort NodePort NodePort Node 1 Node 2 Node 3 nodeIp:port iptables iptables iptables clusterIP:port podIP:port app1_a app1_b app1_c

  13. Ingress Controller access service outside with ingress controller service_url:port Node 1 Node 2 Node 3 service_url: port Ingress Controller Ingress Controller Ingress Controller podIP:port app1_a app1_b app1_c

  14. Ingress Ingress ressource pointing to that service: Service my-wordpress-svc with 2 pods ingress is kubernetes resource which map url path to service:port

  15. Ingress Controller ingress controller is a reverse proxy, forward url to endpoint Watch the Kubernetes API for any Ingress ressource change Update the configuration of the controller (create/update/delete endpoint, SSL certificate) Reload the configuration Ingress Controller will detect ingress resources, fetch all the endpoints of the service do not occupy ports on nodes support TLS access to service configurable loadbalance strategy

  16. Ingress Controller nginx configuration

  17. Monitor and Alarm node1 Cadvisor node exporter metrics alarm event node2 Cadvisor Promethues altermanager node exporter altera Cadvisor node exporter node3

  18. Monitor and Alarm cadvisor collect containers running info node-exporter collect nodes running info Promethues extract info from each node metrics: node cpu usage node memory usage node filesystem usage node network I/O rates container cpu usage container memory usage container network I/O rates

  19. EFK node1 fluentd node2 elasticsearch kibana fluentd fluentd node3

  20. Cluster Architecture VM cluster deploy private network public network Kube-DNS harbor admin Ingress controller Master Promethues Slave keystone user EFK Jenkins Master slave slave keystone user

  21. Cluster initialization Share one harbor wiht multiple clusters to share public projects with all users Use heat to create nova instance and do configure to run harbor For each cluster: Jenkins master runs as service. Jenkins salve run as pod dynamically to create/delete kube-dns runs as service with three containers running in backend ingress controller runs as rc with one(more) replicas with default-backend-service node-exporter runs as daemon set on each node Promethues runs as serverice fluentd runs as daemon set on each node elasticsearch runs as service kibana runs as service

  22. Mapping keystone user to harbor Dashboard keystone user Harbor Magnum-api One keystone project ----> harbor user create user/project One keystone project ----> harbor project get images push image

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

MOTIVATION Refine MBE into a truly production-ready tool to produce epi-based devices at low cost

MOTIVATION Refine MBE into a truly production-ready tool to produce epi-based devices at low cost

MBE, Production Ready? Sensor-Based MBE For PHEMT Growth Dr. Yung-Chung Kao IntelliEPI , President/CEO Intelligent Epitaxy Technology, Inc. Dallas, Texas OUTLINE Motivation and Overview Current Near Production MBE Status How

132 views • 9 slides
A Series Of Unfortunate Container Events Netflixs container platform lessons learned About the

A Series Of Unfortunate Container Events Netflixs container platform lessons learned About the

A Series Of Unfortunate Container Events Netflixs container platform lessons learned About the speakers and team Follow along - @sargun @tomaszbak_ca @fabiokung @aspyker @amit_joshee @anwleung 2 Netflixs container management platform

808 views • 44 slides
Summary To learn how to set up a container-based platform, called Docker, for use in all class

Summary To learn how to set up a container-based platform, called Docker, for use in all class

1 Due: Today, 11:59 pm CMPSC 300 Bioinformatics Fall 2019 Lab 1: Installing Software and a Written Reflection Summary To learn how to set up a container-based platform, called Docker, for use in all class activities, labs and practicals. To

580 views • 8 slides
EVALUATING OPENSTACK CONTAINERS AS A SERVICE MAGNUM FOR PRODUCTION Rosario Di Somma WHY

EVALUATING OPENSTACK CONTAINERS AS A SERVICE MAGNUM FOR PRODUCTION Rosario Di Somma WHY

EVALUATING OPENSTACK CONTAINERS AS A SERVICE MAGNUM FOR PRODUCTION Rosario Di Somma WHY CONTAINERS? Rapid application deployment Portability across machines Version control and component reuse Sharing Lightweight footprint

623 views • 12 slides
Magnum Project on Boarding, OpenStack Summit Vancouver Spyros Trigazis @strigazi, Ricardo Rocha

Magnum Project on Boarding, OpenStack Summit Vancouver Spyros Trigazis @strigazi, Ricardo Rocha

May 2018 Magnum Project on Boarding, OpenStack Summit Vancouver Spyros Trigazis @strigazi, Ricardo Rocha @ahcorporto What is Magnum? OpenStack API service for creation of container clusters Single-tenant clusters Credential

320 views • 19 slides
Advanced Techniques for Building Container Images Adrian Mouat @adrianmouat

Advanced Techniques for Building Container Images Adrian Mouat @adrianmouat

Advanced Techniques for Building Container Images Adrian Mouat @adrianmouat info@container-solutions.com www.container-solutions.com Photo by Kevin Wood Docker Build, Ship, Run Build overshadowed by orchestration Recent focus

1.01k views • 44 slides
Manage K8S Cluster inside K8S (Lingxian Kong) Cluster in OpenStack Magnum Nov 5, 2019

Manage K8S Cluster inside K8S (Lingxian Kong) Cluster in OpenStack Magnum Nov 5, 2019

Manage K8S Cluster inside K8S (Lingxian Kong) Cluster in OpenStack Magnum Nov 5, 2019 1 OpenStack based public cloud in New Zealand with 3 regions Help our customers to build and run private cloud Open source The first

445 views • 20 slides
You build it, you run it Matthias Rampke, SoundCloud You build it, you run it Operating

You build it, you run it Matthias Rampke, SoundCloud You build it, you run it Operating

You build it, you run it Matthias Rampke, SoundCloud You build it, you run it Operating SoundCloud's microservice architecture GOTO Berlin 2016 Intro: me Who I am and where I work Engineer in Production Engineering (platform, monitoring,

583 views • 32 slides
Ruby VMs Jason Seifer, RailsEnvy.com 1 2 3 MRI 4 5 DeFacto Standard 6 Production

Ruby VMs Jason Seifer, RailsEnvy.com 1 2 3 MRI 4 5 DeFacto Standard 6 Production

Ruby VMs Jason Seifer, RailsEnvy.com 1 2 3 MRI 4 5 DeFacto Standard 6 Production Ready? 7 YES 8 YARV 9 Production Ready? 10 No. 11 MacRuby 12 Production Ready? 13 No. 14 XRuby 15 Production Ready? 16 No. 17 18

1.02k views • 46 slides
Container-based virtualization Process-level Extensively used in Lightweight virtualization

Container-based virtualization Process-level Extensively used in Lightweight virtualization

C NTR Lightweight OS Containers Jrg Thalheim, Pramod Bhatotia Pedro Fonseca Baris Kasikci USENIX ATC 2018 Container-based virtualization Process-level Extensively used in Lightweight virtualization production isolation Namespaces

250 views • 22 slides
Build Your Serverless Container Cloud with OpenStack and Kubernetes Kevin Zhao Senior Software

Build Your Serverless Container Cloud with OpenStack and Kubernetes Kevin Zhao Senior Software

22.05.2018 Build Your Serverless Container Cloud with OpenStack and Kubernetes Kevin Zhao Senior Software Engineer on Arm. OpenStack Zun Core Reviewer kevin.zhao@arm.com Agenda What is Serverless Container Cloud Demo Zun and Container

750 views • 35 slides
OPENSTACK + KUBERNETES + HYPERCONTAINER The Container Platform for NFV ABOUT ME Harry Zhang

OPENSTACK + KUBERNETES + HYPERCONTAINER The Container Platform for NFV ABOUT ME Harry Zhang

OPENSTACK + KUBERNETES + HYPERCONTAINER The Container Platform for NFV ABOUT ME Harry Zhang ID: @resouer Coder, Author, Speaker Member of Hyper Feature Maintainer & Project Manager of Kubernetes sig-scheduling,

3.57k views • 46 slides
Food Production within a Container by Recycling Urine and Organic Waste Dominik Quantius*, Daniel

Food Production within a Container by Recycling Urine and Organic Waste Dominik Quantius*, Daniel

www.DLR.de Chart 1 > D. Quantius > Food Production within a Container by Recycling Urine and Organic Waste 64. IAC, Beijing, China > 2013 Food Production within a Container by Recycling Urine and Organic Waste Dominik

800 views • 37 slides
DISASTER RELIEF CENTER 2x Accommodation Container 2x Sanitary Container 1x

DISASTER RELIEF CENTER 2x Accommodation Container 2x Sanitary Container 1x

DISASTER RELIEF CENTER 2x Accommodation Container 2x Sanitary Container 1x Galley Container 1x Medical Container 1x Feed Water Container 1x Water Treatment Container 2x Generator Container 1x

569 views • 8 slides
Is NEPA Ready for the Knowledge-Based Economy? Thursday, May 31, 2018 Pennsylvania Downtown

Is NEPA Ready for the Knowledge-Based Economy? Thursday, May 31, 2018 Pennsylvania Downtown

Is NEPA Ready for the Knowledge-Based Economy? Thursday, May 31, 2018 Pennsylvania Downtown Center Our mission is to build and support the capacity of local non-profit organizations, municipalities and individuals to enhance the overall

834 views • 48 slides
Benefits of Eclipse Che When Developing Multi-Container Apps How to use existing production k8s

Benefits of Eclipse Che When Developing Multi-Container Apps How to use existing production k8s

Benefits of Eclipse Che When Developing Multi-Container Apps How to use existing production k8s environment in enterprise development Eugene Ivantsov Senior Software Maintenance Engineer Red Hat AGENDA: This presentation covers:

501 views • 14 slides
OpenStack and Magnum Kubernetes as a Service for everyone Flavio Castelli Michal Jura

OpenStack and Magnum Kubernetes as a Service for everyone Flavio Castelli Michal Jura

OpenStack and Magnum Kubernetes as a Service for everyone Flavio Castelli Michal Jura Engineering Manager (Containers) Linux Cloud/HA Developer fcastelli@suse.com mjura@suse.com New challenges New age of internet and mobile applications.

322 views • 21 slides
Analysis of Multibody Systems Based on Group Equations G. Bernab , J. C. Cano , J.

Analysis of Multibody Systems Based on Group Equations G. Bernab , J. C. Cano , J.

International Conference on Computational Science (ICCS 2017) Exploiting Hybrid Parallelism in the Kinematic Analysis of Multibody Systems Based on Group Equations G. Bernab , J. C. Cano , J. Cuenca , A. Flores , D. Gimnez

419 views • 38 slides
Y L N O W T I R O F LAKE ATITLAN LAKE ATITLAN G U A T E M A L A Y L N O W

Y L N O W T I R O F LAKE ATITLAN LAKE ATITLAN G U A T E M A L A Y L N O W

Y L N O W T I R O F LAKE ATITLAN LAKE ATITLAN G U A T E M A L A Y L N O W T I R O F VIVAMOS MEJOR ASSOCIATION VIVAMOS MEJOR ASSOCIATION G U A T E M A L A MISION Y L N O We are a non- -profit

621 views • 37 slides
What is a volcano? A point on the earths crust where magma forces its way to the surface

What is a volcano? A point on the earths crust where magma forces its way to the surface

What is a volcano? A point on the earths crust where magma forces its way to the surface Ash and gases may also escape Where do they occur? On subduction zones On constructive plate boundaries On hot spots What types of

932 views • 25 slides
OpenStack Magnum Hands-on By Saulius Alisauskas and Bryan Havenstein Prerequisites &

OpenStack Magnum Hands-on By Saulius Alisauskas and Bryan Havenstein Prerequisites &

OpenStack Magnum Hands-on By Saulius Alisauskas and Bryan Havenstein Prerequisites & Expectations 8GB RAM minimum Expectations This will be very slow due to 2 layers of virtualization Things might fail (timeouts)

308 views • 16 slides
R OBERT , H ENRI , G EORGE AND C HIM WERE FOUNDING FATHERS THOSE AGENTS OF CHANGE A RTISTS

R OBERT , H ENRI , G EORGE AND C HIM WERE FOUNDING FATHERS THOSE AGENTS OF CHANGE A RTISTS

LLED 361-926 C OFFEEHAUS P RESENTATION TANJA MACEK Photography 11/12: Researching online text and images on Magnum Photos and the history of photojournalism, and translating that information into a series of three haikus THEIR WORLD WAS AT WAR

299 views • 5 slides
NINE ENERGY SERVICE INVESTOR PRESENTATION Q3 2018 1 DISCLAIMER Forward-Looking Statements

NINE ENERGY SERVICE INVESTOR PRESENTATION Q3 2018 1 DISCLAIMER Forward-Looking Statements

NINE ENERGY SERVICE INVESTOR PRESENTATION Q3 2018 1 DISCLAIMER Forward-Looking Statements & Non-GAAP Financial Measures Certain statements in this presentation are forward-looking statements that are subject to a number of risks and

585 views • 27 slides
Upper Darby School District | Phase 2 History of the Project RFP for Branding Campaign Issued -

Upper Darby School District | Phase 2 History of the Project RFP for Branding Campaign Issued -

Upper Darby School District | Phase 2 History of the Project RFP for Branding Campaign Issued - November 2017 Administrative Recommendation to the Board - December 2017 Proposal from Magnum Marketing Inc. Approved by Board - January 2018 Phase

1.29k views • 51 slides

More recommend