containers at scale
play

Containers At Scale At Google, the Google Cloud Platform and Beyond - PowerPoint PPT Presentation

Jan 23, 2023 •382 likes •574 views

Containers At Scale At Google, the Google Cloud Platform and Beyond Joe Beda jbeda@google.com @jbeda google.com/+JoeBeda Senior Staff Software Engineer, Google Cloud Platform GlueCon - May 22, 2014 Google and Containers Everything

  1. Containers At Scale At Google, the Google Cloud Platform and Beyond Joe Beda – jbeda@google.com – @jbeda – google.com/+JoeBeda Senior Staff Software Engineer, Google Cloud Platform GlueCon - May 22, 2014

  2. Google and Containers Everything at Google runs in a container. Internal usage: • Resource isolation and predictability • Quality of Services • batch vs. latency sensitive serving • Overcommitment (not for GCE) • Resource Accounting We start over 2 billion containers per week. Image: "Container" glynlowe CC-BY-2.0 https://www.flickr.com/photos/glynlowe/10921733615

  3. Google and Containers Released Using CGroups Namespaces Limited Released Isolation LMCTFY 2004 2006 2013 2014

  4. Let Me Contain That For You github.com/google/lmctfy • Replacement for LXC • Integrating with Docker (https://github.com/dotcloud/docker/pull/4891) • Separates policy from enforcement; buffers users from cgroups APIs • Programmable API and CLI

  5. The Managed Container Stack at Google Managed Base OS Cluster Scheduler Node Container Manager • Common services: log rotation, watchdog restarting Containers: System Scheduled • System container for shared daemons. Statically defined. Container Containers • Dynamically scheduled containers Node Container Manager Cluster Scheduler • Schedules work (tasks) onto nodes • Work specified based on intents Managed Base OS • Surfaces data about running tasks, restarts, etc.

  6. Declarative Over Imperative Imperative: "Start this container on that server" Declarative: "Run 100 copies of this container with a target of <= 2 tasks down at any time" Pros: • Repeatable • "Set it and forget it" • Eventually consistent • Easily updatable Con: • Tracing action/reaction can be difficult. "I made a change, is it done?" Image: "Space Needle under construction, 1961" seattlemunicipalarchives CC-BY-2.0 http://www.flickr. com/photos/seattlemunicipalarchives/6847114249

  7. Packaging Containers Google: • Host bind mounts • Binary and deps built together • Interfaces to Container Manager: Standard locations for logs, API Docker Image and environment: • More hermetic. Entire chroot is explicitly included. • Less guaranteed file structure. • Leverages OS distributions and package managers. Image: "Untitled" 802 CC-BY-2.0 http://www.flickr.com/photos/802/1510186897

  8. Containers on the Google Cloud Platform Warning What follows is an early look at how we are integrating containers into the Google Cloud Platform. Google confidential │ Do not Images by Connie Zhou distribute

  9. ! W Container Node Reference Architecture E N Container Start/Kill Open Source Manifest Node Docker Container Monitor manifest.yaml Manager

  10. ! W Container Manifest E N Declarative description of a set of containers and required resources A YAML File "Scheduling unit": must be scheduled on a single node • Unit for sharing data, IPC, cpu/disk/ram limits, networking • Share fate. If the host machine goes down, all containers go down together.

  11. ! W Container Manifest Example E N Container Manifest version: v1beta1 containers: - name: data-loader image: my-org/data-loader Data Loader Data Server volumeMounts: - name: data path: /mnt/data - name: server image: my-org/data-server ports: - name: www containerPort: 80 volumeMounts: - name: data Disk path: /mnt/data Volume volumes: - name: data

  12. ! W Reference Node Container Manager E N Consumes a manifest and makes it happen. Layers on top of Docker. github.com/GoogleCloudPlatform/container-agent Now: • Starts containers when run start up • Keeps containers running in face of failures Soon: • Dynamic update manifests • Expose metrics, logs, history

  13. ! W Container VMs in Google Compute Engine E N Container VM Container Start/Kill Open Source Manifest Node Docker Container Monitor manifest.yaml Manager

  14. ! W Container VMs in Google Compute Engine E N Cloud VMs optimized for Containers Easiest way to use Container Manifests is on the Google Cloud Platform: • Image preinstalled with: Docker, Node Container Manager • Loads Container Manifest at start time • [Soon] Integrate with UI, logging • [Soon] Basic building block for dynamic systems Also used by Managed VM driven by Google App Engine.

  15. ! W Using Container VMs E N my-containers.yaml version: v1beta1 containers: - name: my-container image: my-org/my-server bash $ gcloud compute instances create my-container \ --image=project/google-containers/global/images/container-vm-v20140522 --metadata-from-file google-container-manifest=my-containers.yaml

  16. Next Steps Launch a container VM: developers.google.com/compute/docs/containers Talk to Googlers: Here at GlueCon DockerCon June 9-10, Google I/O June 25-26 Send us comments/ideas: Discussion group: groups.google.com/forum/#! forum/google-containers IRC: #google-containers on irc.freenode.net Stack Overflow: Use "google-compute-engine" and "docker" tags

  17. Resources LMCTFY: Feb 2014 SF Production Eng Meetup: http://goo.gl/6nbZsX Linux Plumbers Conference 2013: http://goo.gl/xqmDTp Omega Cluster Management: Eurosys 2013 Paper: http://goo.gl/egBvgH Nov 2011 Slides: http://goo.gl/tJkvSv The Google Build system: DevOps talk from Cloud Platform Live 2014: http://goo.gl/jmzqwQ MPM Package Management: Presentation from USENIX UCMS'13: http://goo.gl/aP9Rf6

  18. Thanks! Joe Beda jbeda@google.com google.com/+JoeBeda @jbeda Google confidential │ Do not Images by Connie Zhou distribute

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Unprivileged GPU containers on a LXD cluster GPU-enabled system containers at scale Stphane

Unprivileged GPU containers on a LXD cluster GPU-enabled system containers at scale Stphane

Unprivileged GPU containers on a LXD cluster GPU-enabled system containers at scale Stphane Graber Christian Brauner LXD project leader LXD maintainer @stgraber @brau_ner https://stgraber.org https://brauner.io

394 views • 12 slides
Exploding the Linux Container Host Presenter: Ben Corrie (@bensdoings) Containers vs VMs

Exploding the Linux Container Host Presenter: Ben Corrie (@bensdoings) Containers vs VMs

Exploding the Linux Container Host Presenter: Ben Corrie (@bensdoings) Containers vs VMs Google Wisdom: VMs and Containers are similar but different Try running containers in VMs for security Containers are best for scale-out

314 views • 17 slides
Unprivileged Containers Jess Frazelle, @jessfraz How do containers help security? Containers are

Unprivileged Containers Jess Frazelle, @jessfraz How do containers help security? Containers are

Unprivileged Containers Jess Frazelle, @jessfraz How do containers help security? Containers are not going to be the answer to preventing your application from being compromised, but they can limit the damage from a compromise. How do

823 views • 25 slides
Cloud Native and Container Technology Landscape Chris Aniszczyk (@cra) Rise of Containers and

Cloud Native and Container Technology Landscape Chris Aniszczyk (@cra) Rise of Containers and

Cloud Native and Container Technology Landscape Chris Aniszczyk (@cra) Rise of Containers and Cloud Native Computing! Google running 2B+ containers per week! Internet scale companies are running containers too: Facebook, Twitter,

1.8k views • 49 slides
Improving Trust in Containers Matthew Garrett @mjg59 | mjg59@coreos.com | coreos.com

Improving Trust in Containers Matthew Garrett @mjg59 | mjg59@coreos.com | coreos.com

Improving Trust in Containers Matthew Garrett @mjg59 | mjg59@coreos.com | coreos.com Containers are great Containers are resource efficient Containers make deployment easy Containers can be monitored easily Containers are secure But are

508 views • 38 slides
Everything you need to know about Containers Security Track Containers Jos Manuel Ortega

Everything you need to know about Containers Security Track Containers Jos Manuel Ortega

Everything you need to know about Containers Security Track Containers Jos Manuel Ortega @jmortegac Agenda Introduction to containers security Linux Containers(LXC) Docker Security Security pipeline &amp;&amp; Container

807 views • 57 slides
SUSE Containers as a Service Platform 53 53 Why Do You Want to Invest in Containers? 54 54

SUSE Containers as a Service Platform 53 53 Why Do You Want to Invest in Containers? 54 54

SUSE Containers as a Service Platform 53 53 Why Do You Want to Invest in Containers? 54 54 What are Containers? A package/image that can be deployed anywhere (thats running a Linux Kernel) Developers create a layered image of their

996 views • 53 slides
Herd of Containers Sad DIF Database Engineer Herd of Containers: PostgreSQL in containers at

Herd of Containers Sad DIF Database Engineer Herd of Containers: PostgreSQL in containers at

Herd of Containers Sad DIF Database Engineer Herd of Containers: PostgreSQL in containers at BlaBlaCar pgDay Paris, Mar 15, 2018 BlaBlaCar Overview Todays agenda PostgreSQL usage at BlaBlaCar Switching to a new implementation

844 views • 40 slides
Large scale libc++ deployment Evgenii Stepanov, Google Ivan Krasin, Google Containers of

Large scale libc++ deployment Evgenii Stepanov, Google Ivan Krasin, Google Containers of

Large scale libc++ deployment Evgenii Stepanov, Google Ivan Krasin, Google Containers of incomplete types class A { std::deque&lt;A&gt; d; }; class B { std::set&lt;B&gt;::iterator p; } Super-popular patterns. Some algorithms are much harder

408 views • 11 slides
Persistent storage for Containers Anil Degwekar What are we talking about? Containers have

Persistent storage for Containers Anil Degwekar What are we talking about? Containers have

Persistent storage for Containers Anil Degwekar What are we talking about? Containers have become popular replacing many Physical / Virtual Machine use cases But: The persistent storage problem for containers is still not fully solved

1.01k views • 17 slides
Containers in the Enterprise Avoiding the Kobayashi Maru Agenda Containers Bring Change

Containers in the Enterprise Avoiding the Kobayashi Maru Agenda Containers Bring Change

Containers in the Enterprise Avoiding the Kobayashi Maru Agenda Containers Bring Change An Approach Required Software Processes Cultural Changes Additional Concerns Lessons Learned Why This Talk? Containers are

678 views • 49 slides
our container journey @beshippable shippable.com our container journey containers can

our container journey @beshippable shippable.com our container journey containers can

our container journey @beshippable shippable.com our container journey containers can make us way more efficient containers can save us money on hosting containers sound interesting company founded in 2013

848 views • 30 slides
The proposed containers are &quot;Flat-pack&quot; type. Disassembled and reduced as

The proposed containers are &quot;Flat-pack&quot; type. Disassembled and reduced as

CON-IMEX CONTAINERS 2009 AKAR Logistics 70 Beecham Court Owings Mills, MD 21117 USA Sophia Akar Tel: + 410-961-7232 / + 410-961-0327 Fax: + 410-356-8267 sophia@akarlogistics.com 1 / 20 GENERAL The proposed containers are

313 views • 20 slides
Fairport Containers Supporting the Charity Retail Sector www.fairportcontainers.co.uk

Fairport Containers Supporting the Charity Retail Sector www.fairportcontainers.co.uk

Fairport Containers Supporting the Charity Retail Sector www.fairportcontainers.co.uk Introductions David Porter Fairport Containers Director Steve Collinson Managing Director Fairport Containers Ltd Tam Unsworth Recycling Banks

552 views • 28 slides
Singularity - Containers for Scientific Computing ZID Workshop Michael Fink Universitt

Singularity - Containers for Scientific Computing ZID Workshop Michael Fink Universitt

Singularity - Containers for Scientific Computing ZID Workshop Michael Fink Universitt Innsbruck Innsbruck Nov 2018 Overview Preliminaries Why containers Understanding Containers vs. Virtual Machines Comparison of

482 views • 37 slides
Alm dos Containers na Nuvem QConSP - Containers &amp; Devops 26 April 2017 Guilherme Rezende

Alm dos Containers na Nuvem QConSP - Containers &amp; Devops 26 April 2017 Guilherme Rezende

Alm dos Containers na Nuvem QConSP - Containers &amp; Devops 26 April 2017 Guilherme Rezende Globo.com About me Software Engineer at Globo.com/Tsuru @guilhermebr (GitHub) in/guilhermebr (LinkedIn) @gbrezende (Twitter) Agenda Cloud Native

636 views • 45 slides
Towards Characterizing Cities with Social Media Images Daniela Opitz Universidad del Desarrollo

Towards Characterizing Cities with Social Media Images Daniela Opitz Universidad del Desarrollo

Towards Characterizing Cities with Social Media Images Daniela Opitz Universidad del Desarrollo Eduardo Graells-Garrido Barcelona Supercomputing Center Universidad del Desarrollo Ignacio Prez-Messina Universidad del Desarrollo I(mages)

397 views • 20 slides
Event Recognition by Learning Amir Habibian Qualcomm Research, Amsterdam 27 Feb 2017 1 What is

Event Recognition by Learning Amir Habibian Qualcomm Research, Amsterdam 27 Feb 2017 1 What is

Event Recognition by Learning Amir Habibian Qualcomm Research, Amsterdam 27 Feb 2017 1 What is an event? Interaction of people and objects under a certain scene Event Object People Examples Actio Scene n Personal events: marriage

636 views • 44 slides
Southeast Community College Operationalize 2 year public institution Resources

Southeast Community College Operationalize 2 year public institution Resources

4/20/2012 Creating a Dynamic Professional Development Conference within Your Institution Dennis Headrick PhD, VP of Instruction Carolyn Butler MS, Coordinator, Professional Development Southeast Community College Lincoln, Nebraska

313 views • 5 slides
Interwoven Generations: Our Shared Calling Balancing the need for pastoral care, varying

Interwoven Generations: Our Shared Calling Balancing the need for pastoral care, varying

Interwoven Generations: Our Shared Calling Balancing the need for pastoral care, varying abilities, being intentionally intergenerational, and missionally focused 1 In our connections with all generations POAMN recognizes a new resolve to break

660 views • 39 slides
Minemu The world's fastest taint tracker Attack detection aimed at production environments. Erik

Minemu The world's fastest taint tracker Attack detection aimed at production environments. Erik

Minemu The world's fastest taint tracker Attack detection aimed at production environments. Erik Bosman, Asia Slowinska, and Herbert Bos Challenge! ftp://ftp.minemu.org runs Proftpd vulnerable to CVE-2010-4221 First exploiter gets a present!

669 views • 40 slides
q f al y't ni XI IE EI Hn Gi ai x ex p E fo Uj f l t't y't X l T f n y e X n t Y e l

q f al y't ni XI IE EI Hn Gi ai x ex p E fo Uj f l t't y't X l T f n y e X n t Y e l

Fields Random CRE Conditional Learning Eet feature X y f function for feature K PG xlw E wnfnlyt.lt X exp PCylx.io Eg Phi Hw Eyexp wnfnlyI 4I xt Box E PCynlxn.io LL w n z IEI.IE wnfnl4tih i.Xt 2 log xn EE tfnGiiii ua xi 7 2

298 views • 4 slides
7 th International Confluence Competition Takahito Aoto Makoto Hamana Nao Hirokawa Aart

7 th International Confluence Competition Takahito Aoto Makoto Hamana Nao Hirokawa Aart

7 th International Confluence Competition Takahito Aoto Makoto Hamana Nao Hirokawa Aart Middeldorp Julian Nagele Naoki Nishida Kiraku Shintani Harald Zankl CoCo 2018 tools try to show confluence and related properties of rewrite systems

296 views • 12 slides
SUSY@ILC Abdelhak DJOUADI (LPT Orsay/Next Southampton) 1. Probing SUSY 2. Precision SUSY

SUSY@ILC Abdelhak DJOUADI (LPT Orsay/Next Southampton) 1. Probing SUSY 2. Precision SUSY

SUSY@ILC Abdelhak DJOUADI (LPT Orsay/Next Southampton) 1. Probing SUSY 2. Precision SUSY measurements at the ILC 3. Determining the SUSY Lagrangian 4. Summary From the physics chapter of the ILC Reference Design Report: Physics at the

444 views • 23 slides

More recommend