In this short demo-driven meetup, we'll help you get a handle on what's changing and how it will impact your DevOps practice. We'll cover:
- What are the operational limitations of containers in production?
- How do you get visibility inside containers without super-human effort?
- How do you look into kubernetes performance, and not just container performance?
- A live install of Sysdig Cloud on a running environment
5. Information presented is confidentialInformation presented is confidential
Monitoring containers is different
Microservices and containers break
legacy monitoring and analytics tools
Sysdig is the first and only solution that can
natively monitor any infrastructure and app,
including container-based ones
6. Information presented is confidentialInformation presented is confidential
Monitoring containers is different
Legacy monitoring approaches cannot
see inside containers
Running monitoring agents inside
containers is not a viable solution
Yesterday’s monitoring tools don’t
understand microservices
architectures & container orchestration
7. Information presented is confidentialInformation presented is confidential
Host OS
Container orchestration & tooling
Network & infrastructure
Container
Core
App
Sysdig ContainerVision
Unique system instrumentation
Container Container
Infr.
App
8. Information presented is confidentialInformation presented is confidential
Sysdig ContainerVision
Kernel
Docker
Container
1
Container
2
Container
3
App App
rkt LXC
9. Information presented is confidentialInformation presented is confidential
Kernel
Sysdig ContainerVision
Docker
Container
1
Container
2
Container
3
App App
rkt LXC
Kernel module
Instrumentation
10. Information presented is confidentialInformation presented is confidential
Sysdig ContainerVision
Kernel
Docker
Container
1
Container
2
Container
3
App App
rkt LXC
Sysdig
Docker
collection &
analysis
11. Information presented is confidentialInformation presented is confidential
New instrumentation = Better visibility
Infrastructure based
monitoring & alerting
Typical infrastructure
monitoring products
12. Information presented is confidentialInformation presented is confidential
New instrumentation = Better visibility
Application- intelligent
Monitoring & alerting
Trace-driven troubleshooting
Service-oriented
performance management
13. Information presented is confidentialInformation presented is confidential
Service-oriented
performance management
Monitor applications & logical services (not hosts!)
Service 1 Service 2 Service 3
Computing node
Computing node Computing node
Computing node Computing node
Computing node
14. Information presented is confidentialInformation presented is confidential
Service-oriented
performance management
Monitor applications & logical services (not hosts!)
Service 1 Service 2 Service 3
What’s the response time of my Cassandra service that’s currently
distributed over three data centers? What are the slowest queries?”
“
15. Information presented is confidentialInformation presented is confidential
Service-oriented
performance management
Deep, real-time understanding of orchestration metadata
16. Information presented is confidentialInformation presented is confidential
Kubernetes Integration
1. How are my servers running
kubernetes master/minions doing?
2. Graph kubernetes-specific metrics
from the API
3. (The dream) monitor your services
deployed with kubernetes
a) Use kubernetes API metadata to aggregate
data across replication controllers, pods
b) See inside containers to track application
performance… aggregate information from
inside all relevant containers
Back to integrations slide
17. Information presented is confidentialInformation presented is confidential
How Sysdig-Kubernetes
integration works
master
1. Sysdig monitoring each container & app
2. Sysdig agent on master auto-discovers and polls
API
3. Metadata collected every few seconds
4. Now Sysdig Cloud can dynamically aggregate
metrics across namespaces, replication controllers,
pods or any labels
workers
18. Information presented is confidentialInformation presented is confidential
Application Intelligent
Monitoring & Alerting
Automatic Discovery
App discovery without plug-ins
Templates
Pre-built templates by application & service
Zero-config custom metrics
StatsD & JMX – no agents inside containers
Anomaly detection
Outlier & deviation based comparisons
Developers spun up a new service based on apache and mongo last night without letting
us know. We deployed sysdig, so we still see it all, without any config.”
“
19. Information presented is confidentialInformation presented is confidential
v
Application Intelligent
Monitoring & Alerting
We automatically discover your apps
Thousands of relevant metrics without a single plug-in or YAML config
20. Information presented is confidentialInformation presented is confidential
Trace-driven troubleshooting
“
Dashboards
Correlate
events
Trace file with
every system call
System Call
PID CPU USER TH VIRT RES FILE NET
303 1.5 root 3 280K 57K 0 236.00
35 0.5 root 5 37K 0 2K 0.00
Replay the state of my system
last night, when the Auth
service alerts fired, 5 minutes
before our app went down.
Show all the system calls from
the containers we destroyed.”
22. Information presented is confidentialInformation presented is confidential
What we’re going to show you
Small environment, with & without orchestration
1. How to deploy a sysdig agent
(yes, we will actually show you instrumentation!)
2. Service-oriented performance metrics and analytics
3. A deep troubleshooting example
4. Basic monitoring – creating a dashboard, set an alert
23. Information presented is confidentialInformation presented is confidential
Product Offerings
Sysdig Cloud
Sysdig On-Premise
Sysdig Open Source
– Hosted offering
– $20/mo/host – discounted for large server volume
– Monthly or annual
– Run the Sysdig backend in your private cloud or AWS domain
– Annual only
– Minimum commitment required
– CLI-based troubleshooting tool
– Used on a single host
– Community support
24. Information presented is confidentialInformation presented is confidential
Summary
Deep
container
visibility
Service oriented
performance
management
Application intelligent
monitoring & alerting
Trace driven
troubleshooting
Start a free trial today
and see Sysdig running in your own environment!
25. Information presented is confidentialInformation presented is confidential
Thanks (that’s the end)
Notas do Editor
<hi thanks for joining…>
I’ll start with a really quick introduction and then I’d love to learn a little bit more about you and your environment, and why you’re interested in Sysdig Cloud.
But to first set the stage… Sysdig Cloud. There are a million other monitoring tools out there – why does the world need another? Well with Sysdig Cloud, we set out to create the
first and onlycomprehensive, container-nativemonitoring solution
Ground up
Clean sheet of paper
Container native
Talk about the three problems.
Containers designed to be black boxes to enable code portability. Great for devleopment and deployment, but really difficult for operations.
But you can’t just deploy agents inside containers like you do on hosts or VMs. Containers designed to isolate processes; adding agents breaks isolation and portability.
One level up, containers are the building blocks for microservices… and legacy monitoring tools do not understand dynamic microservice architectures.
So what to do? Well decided to start with a clean slate, technically speaking. We don’t come from the world of VMs, so we built something new, from the ground up, for this new world. We call it Container Vision.
With this patent pending technology, we’ve developed a way to see INSIDE containers form the OUTSIDE. So now all you have to do is add our container to your environment, and we will automatically detect your apps, connect to them, and start pulling all those application level metrics you’re used to getting in the VM world.
It’s the best of both worlds, with none of the drawbacks. And on top of that we’re adding support for all your container orchestration tech.
This is why we call it “Container Native” monitoring – does this make sense?
Oh, and just as an added bonus we can see deep down into your system and your network too – that’s powered by open source sysdig
So let’s go deeper and see how this works.
Imagine this simple environment, a host running some containers and some non-containerized apps
They’re all communicating with the OS kernel in order to get their job done.
Sysdig instruments the kernel using a kernel probe, and from this single point of instrumentation can see every system call that every container or process makes.
This technology is also at the core of our opensource product, and we’ve worked closely with the linux foundation in the creation of it.
Once the kernel is instrumented, we forward all information to the sysdig container.
From there we send it off to our SaaS service on on-premise software, depending on how you’re using the product.
The entire kernel instrumentation is a simple non-blocking process that has really low resource utilization.
Ok ?’s
Basically works on any form of linux
Working closely with customers who are interested in windows – but no product yet
So what does container vision give you?
Simply put, it gives you better data
With legacy infrastructure tools, you get a basic view into low level resource issues like CPU, memory, disk. That’s ok, but really we want to be able to start thinking about how your apps, micro-services, and containers are performing.
So sysdig gives you these forms of data:
Service-oriented performance management – see the performance of services across many containers, hosts, or clouds
Application-intelligent monitoring – less work to understand and monitor your infrastructure
Trace-driven troubleshooting – go much deeper to track down the issue behind the spike on a graph
I’m going to explain each of these in more detail
In the old world, a host typically was tied to a particular app. So it was easy to relate the two.
In a dynamic world where scale-out microservices automatically spin up containers, that’s not the case. A service may be made up of containers on multiple hosts, in multiple clouds. How do you get a view of how the service at large is performing?
Sysdig does exactly that – leveraging information (metadata) from the system, we can let you see the service, not the underlying infrastructure.
As an example (read cassandra quote on slide) – no mention of hosts, CPU, etc… just focus on what the user experience is.
We’re highly differentiated when it comes to integration with orchestration systems.
As you’ll see we do really powerful things with this…
We basically can become the brain that understands the entire state of your system in real time using deep integration with the metadata of orchestration systems and underlying clouds
We understand what resources are coming and going
And map them to your service architecture.
Pre-built dashboard templates
No plug-ins to configure – sysdig automatically figures out what apps are running
Automatic capture of statsd & JMX
Alerts built on baselines & outlier detection
What does your environment use?
Something that’s not here? We’re continually creating more.
Troubleshooting is not just a chart
Troubleshoot all the way down to individual system calls.
Deep integration with open source sysdig
Trigger system captures to take place when an alert is fired