containers wrapp
play

Containers @ Wrapp Powered by AWS EC2 Container Service Jude DSouza - PowerPoint PPT Presentation

Dec 17, 2022 •613 likes •855 views

Containers @ Wrapp Powered by AWS EC2 Container Service Jude DSouza Solutions Architect @ Wrapp Phone: +46 767085740 Email: jude@wrapp.com About Me q Jude DSouza Stockholm, Sweden Karachi, Pakistan jude@wrapp.com q MS

  1. Containers @ Wrapp Powered by AWS EC2 Container Service Jude D’Souza Solutions Architect @ Wrapp Phone: +46 767085740 Email: jude@wrapp.com

  2. About Me … q Jude D’Souza – Stockholm, Sweden ß Karachi, Pakistan jude@wrapp.com q MS – Distributed Systems KTH Royal Institute of Technology, Stockholm, Sweden q Solutions Architect @ Wrapp www.wrapp.com q Passion for building large scale distributed systems

  3. About Wrapp … Wrapp delivers personal offers and rewards based on where you shop, dine and the brands you follow. q Microservice Architecture q Infrastructure q 13 ECS Clusters q 50+ Instances q 90+ Services q Technology Stack q Operating System - Ubuntu q Consul, Registrator, AWS(EC2, ECS, Lambda), Docker, HAProxy q Monitoring – Sensu, Riemann q Logs - Logentries and Sumo q Languages - Go, Python, Java

  4. Agenda Architecture before ECS • – Service Orchestration – Service Discovery – Service Deployments – Service Availability & Scalability – Container Registry Transition towards ECS • – Microservice Architecture @ Wrapp Why ECS? • Next Challenges • QA •

  5. ü Service Orchestration Service Deployments Service Availability & Scalability How we did it … Before ECS (1/3) Container Registry Service Orchestration Via runlist configs q On instance boot: Determine autoscaling group q Pull runlist for autoscaling group q Run containers specified in config q Add these to supervisor q PULL RUNLIST CONFIGS Sample Runlist configuration file misc ops api Autoscaling group Autoscaling group Autoscaling group misc ops api

  6. ü Service Orchestration ü Service Deployments Service Availability & Scalability How we did it … Before ECS (2/3) Container Registry Service Deployments Find instances where service is running (via serf) q SSH into these instances q Do rolling deploy (Terminate container, Launch container q with new version) ops misc api Autoscaling group Autoscaling group Autoscaling group misc ops api Sample serf data for services - misc-i-abc 10.0.0.1 rewards/http/9090 - misc-i-def 10.0.1.1 rewards/http/9090 - misc-i-ghi 10.0.2.1 rewards/http/9090 - .... SERF CLUSTER - ....

  7. ü Service Orchestration ü Service Deployments ü Service Availability & Scalability How we did it … Before ECS (3/3) ü Container Registry Service Availability ops misc api q Supervisord Autoscaling group Autoscaling group Autoscaling group Service Scalability q Service itself can't scale misc ops api q Scale only by scaling autoscaling group misc SERF CLUSTER Container Registry Hosting our own container registry q Backed by s3 q

  8. Transition to ECS Service Orchestration q Runlists q Supervisor Service Orchestration Service Deployments Service Deployments Service Availability q Supervisor Service Scalability (with lambda) Service Availability AWS Container Registry q Supervisor Service Scalability + Service stats (cpu + memory) q EC2 Autoscaling + Service monitoring Container Registry + Service Provisioning q Self-hosting Service Discovery q Consul Service Discovery q Registrator q Serf q HAProxy q HAProxy

  9. Wrapp Microservice Architecture DNS api.wrapp.com Elastic Load Balancer PUBLIC SUBNET PRIVATE SUBNET api api api Microservices ZONE A ZONE B ZONE C

  10. Opsweb – Tooling around controlling our Infrastructure Cluster Overview

  11. Opsweb – Tooling around controlling our Infrastructure Services Overview

  12. Opsweb – Tooling around controlling our Infrastructure Instances Overview

  13. Service Scalability (Concept from Amazon) Trigger Lambda function from SNS Topic CloudWatch Alarm SNS Topic AWS Lambda +1 DesiredCount in Service Trigger CloudWatch alarm misc from ECS Metrics (CPU/ Autoscaling group Memory) EC2 Container Service misc ECS Instances Scaling Amazon ECS Services Automatically Using Amazon CloudWatch and AWS Lambda: https://aws.amazon.com/blogs/compute/scaling-amazon-ecs-services-automatically-using-amazon-cloudwatch-and-aws-lambda/

  14. Service (CPU/ Memory) Provisioning Memory allocation by Service ü Allocate CPU Units by Service ü Efficient Resource utilization (Container placement) ü eventbus notifications api rewards auth emails Typical ECS Instance

  15. Container Logging Containers launched via ECS Logspout q Rsyslog q logspout Log router for Docker LogEntries q rsyslog Forwards logs to logentries Typical ECS Instance Logentries: https://logentries.com Logspout: https://github.com/gliderlabs/logspout

  16. Why ECS? Our Experience q ü Supports built-in service discovery, loadbalancing and routing Generally good service (ECS is oK) q Great support q ü Fleet - Container Orchestration We don’t need to host these services q ourselves on AWS Always improving to make their services q ü Docker Swarm: Supports orchestrating containers better and better ü Weave Flux: Supports built-in service discovery, loadbalancing and routing

  17. Service Discovery @ Wrapp (1/2) Key/value store HA Consul Cluster Service catalog Consul server-a Consul Consul server-b server-c Consul Agent Consul Agent Consul Agent Registrator Registrator Registrator users users api auth 8082 8082 8080 8081 10.0.0.1 10.0.0.2 10.0.0.3

  18. Service Discovery @ Wrapp (2/2) HA Consul Cluster >> curl users/v1/users/1 { "name": "jude" Consul server-a "gender": "male" } Consul Consul server-b server-c frontend users-in DNS Hack Consul bind users:80 HAProxy (192.168.x.x) Template mode http default_backend users backend users Consul Agent server Server-a 10.0.0.1:8080 … server Server-c 10.0.0.3:8080 … #### Registrator frontend auth-in bind auth:80 mode http default_backend auth auth users backend auth 8082 8083 server Server-a 10.0.0.1:8081 … 10.0.0.3 server Server-c 10.0.0.3:8081 …

  19. Next Challenges (1/2) – Short comings perceived … Built-in (like kube-proxy, weave-proxy) ? SINGLE ELB FOR MULTIPLE SERVICES APPROACH Service Discovery q Service Routing q Elastic Load Balancer Service Load balancing q 8080 8081 8082 Approach 1: ELB Per service? Costly - 90+ services, 70+ ELBs q Approach 2: Single ELB for all services? ECS Boto3: create_service() Service Routing works ü Service Load balancing works ü No health check per service q No way to return HTTP 503 q (but possible via haproxy http check option) Route53: ELB.dns = elb-services frontend users-in Benefits: bind users:80 Removes tools like Consul and Registrator q mode http default_backend users backend users server users elb-services:8080 … #### >> curl users/ping

  20. Next Challenges (2/2) – Short comings perceived … Cron scheduling Ø q Setup ecs tasks to run on cron schedule ECS Event stream Ø q Actionables on certain events (when deploy completes) ECS Container Logging Ø Optionally Integrate ECS Cluster with EC2 Autoscaling Group Ø

  21. Summary q The Wrapp Architecture before ECS q Transition to ECS q Service Discovery @ Wrapp with Consul, Registrator and HAProxy q Our perceived shortcomings from ECS q Built-in Service Discovery q Cron scheduling on Tasks q Event stream

  22. Questions ? Contact: Jude D’Souza Email: jude@wrapp.com Phone: +46767085740 Twitter: Wrapp Tech @wrapp_tech

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Unprivileged Containers Jess Frazelle, @jessfraz How do containers help security? Containers are

Unprivileged Containers Jess Frazelle, @jessfraz How do containers help security? Containers are

Unprivileged Containers Jess Frazelle, @jessfraz How do containers help security? Containers are not going to be the answer to preventing your application from being compromised, but they can limit the damage from a compromise. How do

823 views • 25 slides
Improving Trust in Containers Matthew Garrett @mjg59 | mjg59@coreos.com | coreos.com

Improving Trust in Containers Matthew Garrett @mjg59 | mjg59@coreos.com | coreos.com

Improving Trust in Containers Matthew Garrett @mjg59 | mjg59@coreos.com | coreos.com Containers are great Containers are resource efficient Containers make deployment easy Containers can be monitored easily Containers are secure But are

508 views • 38 slides
Everything you need to know about Containers Security Track Containers Jos Manuel Ortega

Everything you need to know about Containers Security Track Containers Jos Manuel Ortega

Everything you need to know about Containers Security Track Containers Jos Manuel Ortega @jmortegac Agenda Introduction to containers security Linux Containers(LXC) Docker Security Security pipeline && Container

807 views • 57 slides
SUSE Containers as a Service Platform 53 53 Why Do You Want to Invest in Containers? 54 54

SUSE Containers as a Service Platform 53 53 Why Do You Want to Invest in Containers? 54 54

SUSE Containers as a Service Platform 53 53 Why Do You Want to Invest in Containers? 54 54 What are Containers? A package/image that can be deployed anywhere (thats running a Linux Kernel) Developers create a layered image of their

996 views • 53 slides
Herd of Containers Sad DIF Database Engineer Herd of Containers: PostgreSQL in containers at

Herd of Containers Sad DIF Database Engineer Herd of Containers: PostgreSQL in containers at

Herd of Containers Sad DIF Database Engineer Herd of Containers: PostgreSQL in containers at BlaBlaCar pgDay Paris, Mar 15, 2018 BlaBlaCar Overview Todays agenda PostgreSQL usage at BlaBlaCar Switching to a new implementation

844 views • 40 slides
Stratied Negation Negation wrapp ed inside a recursion mak es no sense. Ev

Stratied Negation Negation wrapp ed inside a recursion mak es no sense. Ev

Stratied Negation Negation wrapp ed inside a recursion mak es no sense. Ev en when negation and recursion are separated, there can b e am biguit y ab out what the rules mean, and some one meaning m

412 views • 15 slides
Persistent storage for Containers Anil Degwekar What are we talking about? Containers have

Persistent storage for Containers Anil Degwekar What are we talking about? Containers have

Persistent storage for Containers Anil Degwekar What are we talking about? Containers have become popular replacing many Physical / Virtual Machine use cases But: The persistent storage problem for containers is still not fully solved

1.01k views • 17 slides
Containers in the Enterprise Avoiding the Kobayashi Maru Agenda Containers Bring Change

Containers in the Enterprise Avoiding the Kobayashi Maru Agenda Containers Bring Change

Containers in the Enterprise Avoiding the Kobayashi Maru Agenda Containers Bring Change An Approach Required Software Processes Cultural Changes Additional Concerns Lessons Learned Why This Talk? Containers are

678 views • 49 slides
John Wrapp Waste Disposition Manager March 10, 2016 Safely Delivering DOEs Vision for the 1

John Wrapp Waste Disposition Manager March 10, 2016 Safely Delivering DOEs Vision for the 1

Safely Delivering DOEs Vision for the East Tennessee Technology Park Mission The Disposition of Former No Path To Disposal Wastes A ETTP 2016 Update John Wrapp Waste Disposition Manager March 10, 2016 Safely Delivering DOEs

271 views • 9 slides
Exploding the Linux Container Host Presenter: Ben Corrie (@bensdoings) Containers vs VMs

Exploding the Linux Container Host Presenter: Ben Corrie (@bensdoings) Containers vs VMs

Exploding the Linux Container Host Presenter: Ben Corrie (@bensdoings) Containers vs VMs Google Wisdom: VMs and Containers are similar but different Try running containers in VMs for security Containers are best for scale-out

314 views • 17 slides
our container journey @beshippable shippable.com our container journey containers can

our container journey @beshippable shippable.com our container journey containers can

our container journey @beshippable shippable.com our container journey containers can make us way more efficient containers can save us money on hosting containers sound interesting company founded in 2013

848 views • 30 slides
The proposed containers are "Flat-pack" type. Disassembled and reduced as

The proposed containers are "Flat-pack" type. Disassembled and reduced as

CON-IMEX CONTAINERS 2009 AKAR Logistics 70 Beecham Court Owings Mills, MD 21117 USA Sophia Akar Tel: + 410-961-7232 / + 410-961-0327 Fax: + 410-356-8267 sophia@akarlogistics.com 1 / 20 GENERAL The proposed containers are

313 views • 20 slides
Fairport Containers Supporting the Charity Retail Sector www.fairportcontainers.co.uk

Fairport Containers Supporting the Charity Retail Sector www.fairportcontainers.co.uk

Fairport Containers Supporting the Charity Retail Sector www.fairportcontainers.co.uk Introductions David Porter Fairport Containers Director Steve Collinson Managing Director Fairport Containers Ltd Tam Unsworth Recycling Banks

552 views • 28 slides
Singularity - Containers for Scientific Computing ZID Workshop Michael Fink Universitt

Singularity - Containers for Scientific Computing ZID Workshop Michael Fink Universitt

Singularity - Containers for Scientific Computing ZID Workshop Michael Fink Universitt Innsbruck Innsbruck Nov 2018 Overview Preliminaries Why containers Understanding Containers vs. Virtual Machines Comparison of

482 views • 37 slides
Alm dos Containers na Nuvem QConSP - Containers & Devops 26 April 2017 Guilherme Rezende

Alm dos Containers na Nuvem QConSP - Containers & Devops 26 April 2017 Guilherme Rezende

Alm dos Containers na Nuvem QConSP - Containers & Devops 26 April 2017 Guilherme Rezende Globo.com About me Software Engineer at Globo.com/Tsuru @guilhermebr (GitHub) in/guilhermebr (LinkedIn) @gbrezende (Twitter) Agenda Cloud Native

636 views • 45 slides
100% Containers Powered Carpooling Maxime Fouilleul Database Reliability Engineer BlaBlaCar -

100% Containers Powered Carpooling Maxime Fouilleul Database Reliability Engineer BlaBlaCar -

100% Containers Powered Carpooling Maxime Fouilleul Database Reliability Engineer BlaBlaCar - Facts & Figures Infrastructure Ecosystem - 100% containers powered carpooling Todays agenda Stateful Services into containers - MariaDB as

463 views • 45 slides
CDCI Online Analysis System V. Savchenko for CDCI, ISDC ASTERICS European Data Provider Forum

CDCI Online Analysis System V. Savchenko for CDCI, ISDC ASTERICS European Data Provider Forum

CDCI Online Analysis System V. Savchenko for CDCI, ISDC ASTERICS European Data Provider Forum and Training Event Heidelberg 27-28/06/2018 Among experiments supported by CDCI are INTEGRAL Gaia POLAR CHEOPS 2 2002-2029 Sub-MeV Gamma-Ray

453 views • 12 slides
Roll your own Service Discovery Simon Pasquier @SimonHiker Prometheus Service Discovery Avoid

Roll your own Service Discovery Simon Pasquier @SimonHiker Prometheus Service Discovery Avoid

Roll your own Service Discovery Simon Pasquier @SimonHiker Prometheus Service Discovery Avoid static configuration files No reloading Always up-to-date Currently supported Files DNS Consul Kubernetes Marathon

819 views • 14 slides
P ss r

P ss r

P ss r r r rssst rst

119 views • 8 slides
Motilal Oswal Financial Services Ltd Additional Slides | Q1 FY17 Earnings Update Efforts into

Motilal Oswal Financial Services Ltd Additional Slides | Q1 FY17 Earnings Update Efforts into

Motilal Oswal Financial Services Ltd Additional Slides | Q1 FY17 Earnings Update Efforts into building competencies & capabilities leading to tangible business results BSE: 532892 NSE: MOTILALOFS Bloomberg: MOFS:IN Reuters:

156 views • 4 slides
Generalized Labels for the Flexi-Grid in

Generalized Labels for the Flexi-Grid in

Generalized Labels for the Flexi-Grid in Lambda-Switch-Capable (LSC) Label Switching Routers A. Farrel, Old Dog Consul3ng D. King, Old Dog

559 views • 6 slides
INCREMENTALISM An Industrial Strategy For Adopting Modern Automation BACKGROUND MONOCULTURE

INCREMENTALISM An Industrial Strategy For Adopting Modern Automation BACKGROUND MONOCULTURE

INCREMENTALISM An Industrial Strategy For Adopting Modern Automation BACKGROUND MONOCULTURE RDBMS ARE RAD TROUBLEMAKER OPERATOR AND ENGINEER BACKGROUND MONOCULTURE RDBMS ARE RAD TROUBLEMAKER OPERATOR AND ENGINEER Industrial Techno

1.78k views • 154 slides
Internet Traffic Monitoring Tools and Analysis Presenta5on for

Internet Traffic Monitoring Tools and Analysis Presenta5on for

Internet Traffic Monitoring Tools and Analysis Presenta5on for Terena Javier Aracil Javier.aracil@uam.es Nov 15, 2013 Goals of this mee5ng We have been

228 views • 6 slides
Western Union Fourth Quarter 2011 Earnings Webcast & Conference Call February 7, 2012 Mike

Western Union Fourth Quarter 2011 Earnings Webcast & Conference Call February 7, 2012 Mike

Western Union Fourth Quarter 2011 Earnings Webcast & Conference Call February 7, 2012 Mike Salop Senior Vice President, Investor Relations Safe Harbor This presentation contains certain statements that are forward-looking within the

513 views • 37 slides

More recommend