Find out from Rob Stroud, CPO of XebiaLabs and former DevOps Analyst at Forrester Research, where containers fall short and how to bridge the gap between the promise of containers and the realities of complex enterprise application delivery.

1. DevOps Shangri-La:
Mystical Claims of Paradise
Presented by Robert Stroud

2. 2
Robert Stroud
Chief Product Officer
@RobertEStroud
Meet Your Presenter

3. 3
The Path to Container Shangri-La is Mystical

4. 4
Containers
A container is a portable package that
contains an application, its dependencies,
its libraries, and the configuration files
needed to run it. Containers are:
▪ Lightweight
▪ Transportable
▪ Scalable
▪ Platform for microservices

5. 5
What is a container?
VM VM VM
Applications
Kernel
Container Container Container
Traditional virtual machines
Hardware virtualization
Containers
Operating system virtualization

6. 6
I hear the term “Docker” everywhere…
▪ A “new paradigm” whereby all applications should be delivered
as versioned containers by development teams
− New version of the app = new version of the (set of) containers
− Often also assuming that apps will be built as microservices
▪ The expanding ecosystem of container tools
that enable:
− Multi-container frameworks
− Container runtime platforms
− Container delivery pipeline tools

7. 7
Container Terminology
Container
runtime
Container
orchestration
platform
Container
management
platform
A container runs in a runtime directly on hardware (“bare metal”) or on top of
an operating system.
Examples: Docker, Rkt, Apache Mesos
Container orchestration allows you to deploy and manage multiple containers
running on a container runtime.
Examples: Kubernetes, OpenShift, Marathon, Pivotal Container Service, DC/OS
Container management includes container orchestration plus other enterprise-
friendly features such as scheduling, storage, networking, and access control.
Example: Rancher

8. 8
Container Platforms

9. 9
Microservices
▪ A microservice architecture is one in which a business application/
service is built by composing multiple small, independent elements
▪ “Moving to microservices” generally means not just architecting new
applications in this way, but also converting existing (monolithic)
applications to a microservice architecture by “splitting off” more and
more functionality of the monolith into separate applications

10. 10
Kubernetes
▪ Kubernetes is an open-source container-orchestration system for
automating deployment, scaling and management of containerized
applications
▪ Originally designed by Google, is now maintained by the Cloud Native
Computing Foundation
Source: Wikipedia

11. 11
Containers in the cloud?
Google Container
Engine
Azure Container
Instances

12. 12
What should we expect on the path?

13. 13
Where are we going?

14. 14
Containers Offer Unique Capabilities
 Fast iteration
 Defined state separation
 Resource controls
 Immutability
 Rapid deployment

15. 15
Container Overview
 Dependencies: Every application has its own
dependencies
 Virtualization: Container engine is a lightweight
virtualization mechanism which isolates these
dependencies per each application by packaging
them into virtual containers
 Shared Host OS: Processes in containers are
isolated from other containers in user space, but
share the kernel with the host and other
containers
 Flexible: Differences in underlying OS and
infrastructure are abstracted away, streamlining
‘deploy anywhere’ approach.
 Fast: Containers can be created almost instantly,
enabling rapid scale-up and scale-down in
response to changes in demand
Container
App B
Bins/Libraries

16. 16
How do they differ from virtual machines?
 Dependencies: Each virtualized app
includes the app itself, required binaries
and libraries and a guest OS, which may
consist of multiple GB of data
 Independent OS: Each VM can have a
different OS from other VMs, along with
a different OS to the host itself
 Flexible: VMs can be migrated to other
hosts to balance resource usage and for
host maintenance, without downtime
 Secure: High levels of resource and
security isolation for key virtualized
workloads
Guest OS
Virtual Machine
App B
Bins/Libraries

17. 17
Containers Inside Virtual Machines
 Containers in VMs: By combining containers
with VMs, users can deploy multiple, different
VM operating systems, and inside, deploy
multiple containers within those guest OSs
− By combining containers with VMs, fewer
VMs would be required to support a larger
number of apps
− Fewer VMs would result in a reduction in
storage consumption
− Each VM would support multiple isolated
apps, increasing overall density
 Flexible: Running containers inside VMs enables
features such as live migration for optimal
resource utilization and host maintenance
Guest OS
w/ Container Support
App A
Bins/
Libraries
App B
Bins/
Libraries
Container
Virtual Machine

18. 18
Docker Components
Infrastructure
Source: http://www.docker.com/
“Developer” Workflows Registry Services Management

19. 19
Docker is easy…
Source: https://www.quora.com/How-does-one-open-a-command-line-inside-of-a-docker-container

20. 20
Technology is Simply One Component

21. 21
Misconceptions About Cloud and Containers
 The one-container myth: Everything I need to run my software is in the
container, so I don’t need to worry about configuration or security
 The one-command myth: I can deploy a container with a single
command or with a simple script, so I don’t need sophisticated
deployment automation or release orchestration
 The one-vendor myth: I’m paying a cloud vendor, so their deployment
tools are sufficient for my needs

22. 22
Container Myths Busted
 The one-container myth: You will be deploying and managing more and
more containers, requiring you to define more configuration and manage
more scope
 The one-command myth: A single-command deployment might work on
one laptop, but real-world deployments are bigger and more complex, and
you’ll end up writing and maintaining scripts
 The one-vendor myth: Cloud vendors don’t specialize in release
orchestration or deployment automation tools, and they won’t help you
avoid platform or vendor lock-in

23. 23
Container Challenges
 Will the scripts that we’re writing now work for all of our applications?
 How can we be sure that the containers we’re deploying are properly configured
and totally secure?
 How do we orchestrate releases and manage dependencies between containers?
 If a container deployment fails, how can we roll back?
 What about hybrid applications that will run on legacy platforms and in the
cloud?
 What about coordinating teams, scheduling releases, getting sign-offs, collecting
compliance and audit data...?
 What if we have to change cloud vendors?

24. 24
Where do you start?

25. 25
Containers Change the Way You Work
▪ Development and delivery teams – artifacts
will change
▪ Operations, runtime environment (including
networking, monitoring, etc.) for containers
▪ Security, as they will need to develop new
security policies for containers
▪ Auditing, ephemeral, rapidly changing,
scaling…
▪ Chain of custody

26. 26
What does not change?
▪ Your delivery process does not magically become less complicated:
many different tests, sign-offs, etc. are still required
▪ Your cross-cutting concerns do not change: security/access control,
auditability, etc.
▪ Your existing applications and runtimes will still be around for a long
time, even if you get started with Docker and microservices tomorrow

27. 27
Operations automates
deployment and
monitors apps from
repository
Developers build, test
and update apps in
containers
Containers are Central to DevOps Process
Developers push
containers to central
repository
Operations collaborates
with developers to
provide metrics and
insights

28. 28
Containers Transition Faster – Automation is Foundational

29. 29
Automating Deployment Financial Services
 Increased deployment cadence from
4 per year to 20+ per day
 Over 9,600 successful deployments in
7 months
 Improved access & process controls
for segregation of duties and
auditable software delivery

30. 30
Digital DevOps Transformation
 Increased deployment cadence from
4 per year to 500 per month
 Reduced 300 Jenkins jobs to 30
 Committed to 99.99% uptime of the
release pipeline for even faster
delivery to Production

31. 31

32. 32
Scaling Containers With XebiaLabs
Built-in compliance, security, audit trail
Configuration, dependency, and complex process
management across containers and microservices
Visibility and reporting across many applications
and technologies
Enforcement of release and deployment
compliance processes
“as code” push and deploy
Model-based automation and management for
highly efficient container deployment
XebiaLabs DevOps Platform for Cloud and ContainersDeploy thousands of containers
in a repeatable and secure way
Deliver Containers and
Microservices with complete ”Chain
of Custody”
Standardize hybrid deployments
(“containers to mainframes”)
Migrate applications to containers
efficiently (lift + shift)

33. 33
Thank You!
 Built-in compliance, security, audit trail
 Configuration, dependency, and complex
process management across containers and
microservices
 Visibility and reporting across many applications
and technologies
 Enforcement of release and deployment
compliance processes
 “As code” push and deploy
 Model-based automation and management for
highly efficient container deployment
XebiaLabs DevOps Platform for Cloud and Containers
Deploy thousands of containers
in a repeatable and secure way
Deliver Containers and
Microservices with complete “Chain
of Custody”
Standardize hybrid deployments
(“containers to mainframes”)
Migrate applications to containers
efficiently (lift + shift)