Status and Roadmap of the CernVM-FS Graphdriver Plugin for Docker - - PowerPoint PPT Presentation

Status and Roadmap of the CernVM-FS Graphdriver Plugin for Docker

CERN, SFT Group Meeting Nikola Hardi nhardi@cern.ch October 16, 2017

Supervisors:

Jakob Blomer : jblomer@cern.ch Gerardo Ganis: gerardo.ganis@cern.ch

Nikola Hardi nhardi@cern.ch Status and Roadmap of the CernVM-FS Graphdriver Plugin for Docker October 16, 2017 1 / 19

Project Overview

Project Overview

Nikola Hardi nhardi@cern.ch Status and Roadmap of the CernVM-FS Graphdriver Plugin for Docker October 16, 2017 2 / 19

Project Overview

Recognizing the problem (1/2)

Joint Blog Post Mesosphere & CERN (03/2016)

Network traffic gets congested as gigabytes worth of Docker downloads are moving across the pipe [. . . ]. Companies [. . . ] such as Twitter have already experienced this phenomenon.

Red Hat, “Containers for Grownups” (02/2016)

10 things to avoid in docker containers: . . . 3) Don’t create large images.

Medallia (10/2015, CERN KT Screening)

The problem today with Docker is that distribution of software is a mess, it is a “bottleneck” in our system.

Jakob Blomer, CernVM-FS as a Distribution Engine for Application Containers, 24/05/2016 Nikola Hardi nhardi@cern.ch Status and Roadmap of the CernVM-FS Graphdriver Plugin for Docker October 16, 2017 3 / 19

Project Overview

Recognizing the problem (2/2)

Docker “App Store” Docker Software pull & push “apps” KT-Funded Project CernVM File System Improved Docker Software file-based transfer

Jakob Blomer, CernVM-FS as a Distribution Engine for Application Containers, 24/05/2016 Nikola Hardi nhardi@cern.ch Status and Roadmap of the CernVM-FS Graphdriver Plugin for Docker October 16, 2017 4 / 19

Project Overview

The CernVM-FS graphdriver plugin for Docker

Docker client Docker daemon Graphdriver plugin This is a container! Docker registry CernVM-FS server Minio S3 Host machine Remote server HTTP CernVM-FS S3

$ docker plugin install cvmfs/overlay2-graphdriver

Restart Dockerd with −−experimental −s cvmfs/overlay2-graphdriver

$ docker run cvmfs/thin ubuntu echo ’’Good bye EP-SFT!‘‘

Nikola Hardi nhardi@cern.ch Status and Roadmap of the CernVM-FS Graphdriver Plugin for Docker October 16, 2017 5 / 19

Project Overview

How it works

Regular Docker Image Scratch layer Local read-only layer Thin image descriptor CernVM-FS provided read-only layer Thin Image CernVM-FS graphdriver

Nikola Hardi nhardi@cern.ch Status and Roadmap of the CernVM-FS Graphdriver Plugin for Docker October 16, 2017 6 / 19

Project Overview

Results

Ubuntu OwnCloud R 10 100 5 50 25 200 Just 3 MB!

Transferred Data [MB]

Ubuntu OwnCloud R 10 20 30 40 Constant startup time!

Startup Time [s]

Nikola Hardi nhardi@cern.ch Status and Roadmap of the CernVM-FS Graphdriver Plugin for Docker October 16, 2017 7 / 19

Status Update

Status Update

Nikola Hardi nhardi@cern.ch Status and Roadmap of the CernVM-FS Graphdriver Plugin for Docker October 16, 2017 8 / 19

Status Update

The software components

The plugin container, consisting of two derived graphdriver plugins The docker2cvmfs utility for creating thin images The layer upload and publishing utilities (Minio S3 + web hook) co-located with a CernVM-FS release manager.

Nikola Hardi nhardi@cern.ch Status and Roadmap of the CernVM-FS Graphdriver Plugin for Docker October 16, 2017 9 / 19

Status Update

From prototype to pre-production

1 Support for both relevant union file systems (aufs, overlay2) 2 Standardized terminology: thin image, image descriptor and layers 3 Integration test suite 4 Usability improvements 5 Many bug fixes from real-world tests 6 Reproducible builds 7 Packaging and versioning of the different components Nikola Hardi nhardi@cern.ch Status and Roadmap of the CernVM-FS Graphdriver Plugin for Docker October 16, 2017 10 / 19

Prospective Collaborations Applications

Prospective Collaborations Applications

Nikola Hardi nhardi@cern.ch Status and Roadmap of the CernVM-FS Graphdriver Plugin for Docker October 16, 2017 11 / 19

Prospective Collaborations Applications

Prospective Collaborations Applications

At CERN: CernVM-FS build jobs EP-SFT Jenkins CERN IT OpenStack team (The Batch Services team) Outside of the HEP: Nexenio The Docker team (BuildKit and containerd maintainer) ” Except the hard drives that need to store all those fat images [...] and the network latency that comes with it. ” ” Astonishing results: Running the application with thin image: instantaneous. ” No evident network traffic when using the CernVM-FS graphdriver plugin.

Nikola Hardi nhardi@cern.ch Status and Roadmap of the CernVM-FS Graphdriver Plugin for Docker October 16, 2017 12 / 19

Prospective Collaborations Applications

Results of the cloud-benchmark-suite (1/2)

The cluster startup time reduced from 5 min to less than 5 s.

Nikola Hardi nhardi@cern.ch Status and Roadmap of the CernVM-FS Graphdriver Plugin for Docker October 16, 2017 13 / 19

Prospective Collaborations Applications

Results of the cloud-benchmark-suite (2/2)

Nikola Hardi nhardi@cern.ch Status and Roadmap of the CernVM-FS Graphdriver Plugin for Docker October 16, 2017 14 / 19

Prospective Collaborations Applications

Publications and Dissemination

Published an RFC at Docker Github issues page in November Presented the project at the ACAT 2017 in August Presentation and demo by CERN IT at the Dockercon Europe

(starting today in Copenhagen!)

Master thesis - starting in November (next week)

Nikola Hardi nhardi@cern.ch Status and Roadmap of the CernVM-FS Graphdriver Plugin for Docker October 16, 2017 15 / 19

Roadmap and Summary

Roadmap and Summary

Nikola Hardi nhardi@cern.ch Status and Roadmap of the CernVM-FS Graphdriver Plugin for Docker October 16, 2017 16 / 19

Roadmap and Summary

From pre-production to release

1

Merging integration tests with existing CernVM-FS CI routines

2

Extending S3+webhook ensemble into a ”CernVM-FS portals” system.

E.g. the ability to send ”packages” (e.g. RPMs, tarballs with user software, docker layers etc.) via S3 to a CernVM-FS release manager for automatic publishing.

3

Easier setup for the server side: cvmfs server portal.

4

The docker2cvmfs tool push command.

5

Local only commits on thin images.

6

Automatically create thin images on demand.

7

Improve handling of special files in CernVM-FS.

8

Server side garbage collection

Nikola Hardi nhardi@cern.ch Status and Roadmap of the CernVM-FS Graphdriver Plugin for Docker October 16, 2017 17 / 19

Roadmap and Summary

Summary

The plugin works and solves a real problem. First users have started testing the plugin with encouraging results. The plugin is already fully functional but usability can be improved. One of the first Docker v2 plugins and especially graphdriver plugins. Works on Centos 7.4 and CernVM . Requirements:

Docker 1.13+ (January 2017) and OverlayFS or AUFS support in kernel.

Nikola Hardi nhardi@cern.ch Status and Roadmap of the CernVM-FS Graphdriver Plugin for Docker October 16, 2017 18 / 19

Thank you and Goodbye

Thank you and Goodbye!

Thank you @EP-SFT for an amazing year I had!

Nikola Hardi nhardi@cern.ch Status and Roadmap of the CernVM-FS Graphdriver Plugin for Docker October 16, 2017 19 / 19