A walkthrough of the recently released update to ShapeBlue’s CloudStack Container Service (CCS). This update brings CCS bang up-to-date by running the latest version of Kubernetes (v1.11.3) on the latest version of Container Linux. CCS also now makes use of CloudStack’s new CA framework to automatically secure the Kubernetes environments it creates.
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
Paul Angus - CloudStack Container Service
1. The Cloud Specialists
CloudStack Container
Service
ShapeBlue.com • @ShapeBlue
Paul Angus, VP Technology • @CloudyAngus
paul.angus@shapeblue.com
A n u p d a t e t o
2. The Cloud Specialists
ShapeBlue.com @ShapeBlue
“ShapeBlue are expert builders of public
& private clouds. They are the leading
independent global CloudStack services
company”
A b o u t S h a p e B l u e
3. C l i c k t o e d i t
The Cloud Specialists
ShapeBlue.com @ShapeBlue
Paul Angus – VP Technology
• Global authority on CloudStack & cloud infrastructure design.
• 15+ years C-Level experience.
• Apache CloudStack project committer & PMC member
• Specialising in deployment of CloudStack
and surrounding infrastructure especially the user story
• USP, Georgian Ministry of Justice, Orange, TomTom,
PaddyPower, Ascenty, BSkyB, SAP, British Telecom
A b o u t m e
4. C l i c k t o e d i t
The Cloud Specialists
ShapeBlue.com @ShapeBlue
S h a p e B l u e c u s t o m e r s
5. C l i c k t o e d i t
The Cloud Specialists
ShapeBlue.com @ShapeBlue
S h a p e B l u e c u s t o m e r s
6. C l i c k t o e d i t
The Cloud Specialists
ShapeBlue.com @ShapeBlue
S h a p e B l u e c u s t o m e r s
8. C l i c k t o e d i t
The Cloud Specialists
ShapeBlue.com @ShapeBlue
• Introduction
• CCS Components
• Demonstration
• Roadmap
• Summary
A g e n d a
9. C l i c k t o e d i t
The Cloud Specialists
ShapeBlue.com @ShapeBlue
A B r i e f ( L o n g ) H i s t o r y o f C o n t a i n e r s
10. C l i c k t o e d i t
The Cloud Specialists
ShapeBlue.com @ShapeBlue
2017: Kubernetes Grows Up
• In 2017 the open-source project demonstrated great strides towards
becoming a more mature technology and the de-facto container technology
• At DockerCon in Copenhagen, Docker announced they will support the
Kubernetes container orchestrator.
• Azure and AWS fell in line, with AKS (Azure Kubernetes Service) and EKS, a
Kubernetes service to rival proprietary ECS.
• The first project adopted by the CNCF and commands a growing list of third-
party system integration service providers.
• ShapeBlue launch CloudStack Container Service 1.0 based on Kubernetes
A B r i e f ( L o n g ) H i s t o r y
11. C l i c k t o e d i t
The Cloud Specialists
ShapeBlue.com @ShapeBlue
• Massive growth in cloud native applications
continues
• Containers are a key component of cloud native
applications
• Application level software delivery
• Lightweight (higher density)
• Faster start-up time
• Less ‘knowledge overhead’
• Multi-tenancy is an afterthought
• IaaS is a VM based business
W h y T h e C o n t a i n e r S e r v i c e ?
12. C l i c k t o e d i t
The Cloud Specialists
ShapeBlue.com @ShapeBlue
• Based on the model offered by Google and Amazon
• CaaS offering within existing IaaS environments
• No disruption to user experience or business
• Users deploy and orchestrate containers within their
IaaS infrastructure
• Users pay for the underlying VM’s / infra.
• Built on established technologies
• Apache CloudStack
• Kubernetes
• CoreOS (Container Linux)
W h a t i s i t ?
13. C l i c k t o e d i t
The Cloud Specialists
ShapeBlue.com @ShapeBlue
• We are not dictating ‘THE’ CloudStack container
solution.
• The architecture of the open sourced framework
will allow other container platforms to use it.
• The framework doesn’t even have to be used to
run containers - could be DaaS.
W h a t i t ’s n o t
15. C l i c k t o e d i t
The Cloud Specialists
ShapeBlue.com @ShapeBlue
1. ‘Application Clusters’ framework adds the concept of a group or
cluster of VMs into CloudStack and enables the creation and
management of those VMs as a group at the API level.
2. Deploy Kubernetes onto a group of VMs, configure them as a
Kubernetes cluster and query the Kubernetes API to obtain and
return state information.
3. Automated deployment of Kubernetes Dashboard and basic services
4. Certificate Service to create CA for secure connection to dashboard
5. UI to simplify interaction with the clusters once created.
C C S c o m p o n e n t s
16. C l i c k t o e d i t
The Cloud Specialists
ShapeBlue.com @ShapeBlue
New APIs
• createApplicationCluster
name: name of the application cluster
description: description of application cluster
type: service type - Kubernetes, CloudFoundry, Mesos etc
zoneid:
role: the name for this type of VM (within the Cluster Type i.e master or worker)
priority: used for starting order, lower numbers will be started sooner.
serviceofferingid: template: the template to use for VMs of this role
count: size of the cluster or number of VMs of this role to be provisioned
accountname: account for which application cluster shall be created
domainid:
networkid:
C C S c o m p o n e n t s
17. C l i c k t o e d i t
The Cloud Specialists
ShapeBlue.com @ShapeBlue
New APIs
• deleteApplicationCluster
• startApplicationCluster
• stopApplicationCluster
• increaseRoleCount
(role: the name for the type of node to be added)
• decreaseRoleCount
• listApplicationClusters
• listClusterNodes
C C S c o m p o n e n t s
18. C l i c k t o e d i t
The Cloud Specialists
ShapeBlue.com @ShapeBlue
Certificate Service
• Mgmt server(s) act as a Certificate Authority (CA)
• Mgmt server(s) can create client & server certificates
• Used to secure communications to the Kubernetes Master node
• Creates/manages a two way trust between Management Server and;
• KVM host agents
• Secondary Storage VMs
• Console Proxy VMs
C C S c o m p o n e n t s
19. C l i c k t o e d i t
The Cloud Specialists
ShapeBlue.com @ShapeBlue
Plugin functionality for CloudStack
• Orchestrates the deployment of Kubernetes within
those VMs to manage the containers
• Creates secure access to the
Kubernetes API endpoint and dashboard
• Allows pass-through access to VMs
• Acts as a control plane only
20. C l i c k t o e d i t
The Cloud Specialists
@ShapeBlueShapeBlue.com
C C S c o m p o n e n t s
21. C l i c k t o e d i t
The Cloud Specialists
@ShapeBlueShapeBlue.com
C C S c o m p o n e n t s
23. C l i c k t o e d i t
The Cloud Specialists
ShapeBlue.com @ShapeBlue
• Create service account
• Create repo file
• sudo yum install cloudstack-ccs
[root@ref-trl-844-k-M7-pangus-mgmt1 ~]# ccs-template-install -m KVM
API url:http://10.2.2.91:8080/client/api/
API Key:
Secret:
Installing ShapeBlue CloudStack Container Service template across all zones.
Template for ShapeBlue CloudStack Container Service is still not available in zone:ref-trl-844-k-M7-
pangus. Status of the template is 51% Downloaded
Template for ShapeBlue CloudStack Container Service is still not available in zone:ref-trl-844-k-M7-
pangus. Status of the template is 99% Downloaded
Template for ShapeBlue CloudStack Container Service is still not available in zone:ref-trl-844-k-M7-
pangus. Status of the template is Installing Template
Template for ShapeBlue CloudStack Container Service is successfully installed in all zones.
I n s t a l l a t i o n
25. C l i c k t o e d i t
The Cloud Specialists
ShapeBlue.com @ShapeBlue
Creating container clusters using CloudStack
Container Service
• Creating the cluster
• Viewing metrics
• Understanding the VMs
• Accessing the Kubernetes dashboard
• Deploying a cloud native application
D e m o
26. C l i c k t o e d i t
The Cloud Specialists
ShapeBlue.com @ShapeBlue
27. C l i c k t o e d i t
The Cloud Specialists
ShapeBlue.com @ShapeBlue
• Created a Container Cluster
• Viewed the auto-deployed dashboard
• Deployed two HA containerised applications
• Created firewall and load-balancing rules to expose
those applications
• Accessed those applications
S u m m a r y
28. C l i c k t o e d i t
The Cloud Specialists
ShapeBlue.com @ShapeBlue
• Already in production for both private and public use
cases.
• Current evolution is for Apache Cloudstack 4.11 (as an
independent plugin)
• ‘Kubernetes Plugin’ opensource and available on Github
(https://github.com/shapeblue/ccs)
• Ongoing evolution in conjunction with current user-base
W h e r e a r e we n o w
29. C l i c k t o e d i t
The Cloud Specialists
ShapeBlue.com @ShapeBlue
• Support for shared networks
• Support resizing/auto-scaling/auto-healing of clusters
• Upgrade of Kubernetes version
• Intelligent independent sizing of master node
• Optional HA for master nodes.
• Use of distributed etcd data store
• Optional use of anti-affinity groups
• Support for CloudStack volumes in Kubernetes for data persistency
• Support for baremetal deployments.
F e a t u r e r o a d m a p
31. The Cloud Specialists
CloudStack Container
Service
ShapeBlue.com • @ShapeBlue
Paul Angus, VP Technology • @CloudyAngus
paul.angus@shapeblue.com
A n i n t r o d u c t i o n t o
Notas do Editor
1979: Unix V7The chroot system call was introduced, changing the root directory of a process and its children to a new location in the filesystem. This advance was the beginning process isolation.2000: FreeBSD JailsFreeBSD jails to achieve clear-cut separation between its services and those of its customers for security and ease of administration. FreeBSD Jails also gave the ability to assign an IP address for each system and configuration.2001: Linux VServerLinux VServer is a jail mechanism Introduced in 2001, this operating system virtualization that is implemented by patching the Linux kernel.2004: Solaris ContainersIn 2004, the first public beta of Solaris Containers was released that combines system resource controls and boundary separation provided by zones, which were able to leverage features like snapshots and cloning from ZFS.2005: Open VZ (Open Virtuzzo)This is an operating system-level virtualization technology for LinuopenVZ history of containersx which uses a patched Linux kernel for virtualization, isolation, resource management and checkpointing. The code was not released as part of the official Linux kernel.2006: Process ContainersProcess Containers (launched by Google in 2006) was designed for limiting, accounting and isolating resource usage (CPU, memory, disk I/O, network) of a collection of processes. It was renamed Control Groups (cgroups) a year later and eventually merged to Linux kernel 2.6.24.2008: LXCLXC (LinuX Containers) was the first, most complete implementation of Linux container manager. It was implemented in 2008 using cgroups and Linux namespaces, and it works on a single Linux kernel without requiring any patches. 2011: WardenCloudFoundry started Warden in 2011, using LXC in the early stages and later replacing it with its own cloud foundry implementation. Warden can isolate environments on any operating system, running as a daemon and providing an API for container management. 2013: LMCTFYLet Me Contain That For You (LMCTFY) kicked off in 2013 as an open-source version of Google's container stack, providing Linux application containers. Applications can be made ?container aware,? creating and managing their own subcontainers. Active deployment in LMCTFY stopped in 2015 after Google started contributing core LMCTFY concepts to libcontainer, which is now part of the Open Container Foundation.2013: Docker
Show ‘just normal UI’
Have a cluster running for speed
Start new cluster and explain settings
Show network creation
Explain cluster ‘details’
Show background container apps