Containers are dramatically changing the way companies build and deploy software. Container benefits like faster, more agile development come at a cost, however: monitoring your production infrastructure becomes a completely new challenge.
In this short demo-driven meetup, we'll help you get a handle on what's changing and how it will impact your DevOps practice. We'll cover:
- What are the operational limitations of containers in production?
- How do you get visibility inside containers without super-human effort?
- How do you look into microservice performance, and not just container performance?
We'll leave time for Q&A as well. Looking forward to seeing you there!
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
The Dark Art of Container Monitoring
1. Information presented is confidential
Monitoring & Troubleshooting in a
Container Centric World
Chris Crane
VP of Product, Sysdig
2. Information presented is confidential
About Sysdig
The first and only comprehensive,
container-native monitoring
solution.
Open source tool: sysdig
Commercial solution: Sysdig Cloud
3. Information presented is confidential
Containers Are Taking the World by
Storm
Containers Enterprise Adoption
Using or Investigating Containers Not Using nor Investigating Containers
Source: The Current State of Container Usage,
ClusterHQ & DevOps.com, June 2015
93
7
4. Information presented is confidential
… For Good Reason
Containers enable
the modern software paradigm
Lightweight VMs
Enabling
CI/CD + DevOps
Building block for
Microservices
5. Information presented is confidential
Containers Are Great...
• Lightweight & Efficient
• Dynamic
• Reproducible & Portable
6. Information presented is confidential
Containers Are Great...
…but seeing inside
containers is
HARD.
7. Information presented is confidential
Visibility in a Container World
• Infrastructures are exponentially more:
– Scaled
– Dynamic
– Complex
• New container-native technologies
• Containers are black boxes
8. Information presented is confidential
Catch 22
How can I continue to
innovate and evolve my
application infrastructure
without sacrificing
visibility!?
10. Information presented is confidential
Container-Native
Performance Management
1. 100% visibility with no instrumentation
and no extra burden
2. Deep awareness of container-native
technologies
3. Microservice oriented output and user
experience
11. Information presented is confidential
Container-Native
Performance Management
1. 100% visibility with no instrumentation
and no extra burden
2. Deep awareness of container-native
technologies
3. Microservice oriented output and user
experience
12. Information presented is confidential
Traditional VM Monitoring
Core
App
Infr.
App
Virtual Machine
Network & Infrastructure
Agent
• Full visibility of
applications and
infrastructure
• Lightweight agent
• All good…
13. Information presented is confidential
Container Visibility Options
1. Agents inside every container
2. Agents outside containers
3. Monitoring as a Microservice
14. Information presented is confidential
Agent In Every Container
Container
App
Agent
Container
App
Agent
Container
App
Agent
Container Orchestration and Tooling
Host OS
Network & Infrastructure
• Full visibility, but…
• Undermines key benefits of
containers:
– Light weight
– Portability
– Reproducibility
15. Information presented is confidential
Agent In Every Container
Container
App
Agent
Container
App
Agent
Container
App
Agent
Container Orchestration and Tooling
Host OS
Network & Infrastructure
• Full visibility, but…
• Undermines key benefits of
containers:
– Light weight
– Portability
– Reproducibility
16. Information presented is confidential
Agent In Its Own Container
Container Container
Container
Agent
Container Orchestration and Tooling
Host OS
Network & Infrastructure
• Respects containers, but…
• Containers are black boxes
• Unsustainable setup +
maintenance issues
• Significant scalability issues
17. Information presented is confidential
Agent In Its Own Container
Container Container
Container
Agent
Container Orchestration and Tooling
Host OS
Network & Infrastructure
• Respects containers, but…
• Containers are black boxes
• Unsustainable setup +
maintenance issues
• Significant scalability issues
18. Information presented is confidential
Container-Native Monitoring
What if we started from scratch and
re-architected monitoring
from the ground up for
containerized environments?
19. Information presented is confidential
Monitoring as a Microservice
Container Container
Core
App
Infr.
App
Monitoring
Container
Container Orchestration and Tooling
Host OS
Network & Infrastructure
20. Information presented is confidential
Why Monitoring as a Microservice?
• Aligns with container +
microservice principles
• Full visibility
• Support for ecosystem
• Highly scalable + dynamic
• Zero setup / zero config
Container Container
Core
App
Infr.
App
Monitoring
Container
Container Orchestration and Tooling
Host OS
Network & Infrastructure
21. Information presented is confidential
Sysdig Container-Native
Architecture
1. Instrument host
operating system
3. Ingest in Monitoring
Container
4. (Optionally) save
to trace file
2. Capture process +
container activity
22. Information presented is confidential
Sysdig Products
haproxy nginx
mongo sysdig
sysdig
(command line tool)
- Open Source
- Single machine
- Troubleshooting-focused
Sysdig Cloud
(SaaS and OnPrem)
- Commercial Solution
- Distributed
- Monitoring/alerting/troubleshooting
24. Information presented is confidential
Get Started With Sysdig!
Chris Crane
chris@sysdig.com / @chriscrane
info@sysdig.com / @sysdig
Sysdig
Open source system and container visibility
www.sysdig.org
Sysdig Cloud
Container-native monitoring and alerting platform
www.sysdig.com
Mention this online meet-up for 20% off!
Editor's Notes
Sysdig
Agenda: our thoughts on container monitoring, quick demo of our unique approach
Even if only using for steps 1&2, still getting a lot of value
Value is based on core technology
There’s a catch
We think the answer is CPM. What do I mean by this?
Talk to customers and partners… three key requirements.
3: container native UI, also microservices
I want to focus on the first one today, because this is the first step. If you can’t see inside your container, nothing else matters. Everything else about CPM is built on this.
How do you translate this visibility to containers?
3 ways
No one is doing this
Black boxes example: Docker stats API – containers are self reporting. No idea what’s going on inside them. Similar to hypervisor level visibility. You need the agent on the VM.
Setup: hard to point plugins to containers
Scalability: legacy systems weren’t built for container scale – 100x nodes with 100x meta data – through one agent
Many monitoring tools out there advertising support for Docker and this is what they do – there is definitely some value here.
But this is not good enough
Doesn’t even match VM visibility, much less improve on it
There is a better way.
What if, instead of starting with VM monitoring…
best of both worlds
see INSIDE containers form the OUTSIDE
everything you’re used to getting in the VM world
This is what you need to look for any monitoring architecture
Probably pretty clear where this is going… here at Sysdig we believe we’ve developed the only true CPM solution. And that is based on our core technology.
I want to talk about Sysdig and how we approach this problem.
On top of this core technology, we’ve built two products
While I’m switching to the demo, let’s do another quick survey.