Formation Conteneurs
Total Page:16
File Type:pdf, Size:1020Kb
FORMATION CONTENEURS 1 ABOUT THESE TRAINING MATERIALS 2 . 1 TRAINING MATERIALS WRITTEN BY PARTICULE ex Osones/Alterway Cloud Native experts Devops experts Our training offers: https://particule.io/en/trainings/ Sources: https://github.com/particuleio/formations/ HTML/PDF: https://particule.io/formations/ 2 . 2 COPYRIGHT License: Creative Commons BY-SA 4.0 Copyright © 2014-2019 alter way Cloud Consulting Copyright © 2020 particule. Since 2020, all commits are the property of their owners 2 . 3 GOALS OF THE TRAINING: CLOUD Understand concepts and benefits of cloud Know the vocabulary related to cloud Overview of cloud market players and focus on AWS and OpenStack Know how to take advantage of IaaS Be able to decide what is cloud compatible or not Adapt its system administration and development methods to a cloud environment 2 . 4 CLOUD, OVERVIEW 3 . 1 FORMAL DEFINITION 3 . 2 SPECIFICATIONS Provide one or more service(s)... Self service Through the network Sharing resources Fast elasticity Metering Inspired by the NIST definition https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800- 145.pdf 3 . 3 SELF SERVICE User goes directly to the service No humain intermediary Immediate responses Services catalog for their discovery 3 . 4 THROUGH THE NETWORK User uses the service through the network The service provider is remote to the consumer Network = internet or not Usage of standard network protocols (typically: HTTP) 3 . 5 SHARING RESSOURCES A cloud provided services to multiple users/organizations (multi-tenant) Tenant or project: logical isolation of resources Resources are available in large quantities (considered unlimited) Resources usage is not visible Accurate location of resources is not visible 3 . 6 FAST ELASTICITY Provisionning and deletion of resources almost instantaneous Enables scaling Ability to automate these scaling actions Virtually no limit to this elasticity 3 . 7 METERING Usage of cloud resources is monitored by the provider The provider can do capacity planning and billing from these informations User is therefore billed depending on accurate usage of resources User can take advantage of these informations 3 . 8 MODELS service models: IaaS, PaaS, SaaS deployment models: public, private, hybrid 3 . 9 IAAS Infrastructure as a Service Infrastructure: Compute Storage Network Target users: administrators (system, storage, network) 3 . 10 PAAS Platform as a Service Two concepts: Environment to develop/deploy an application (language/framework specific - example: Python/Django) Higher level resources than infrastructure, example: DBMS Target users: application developers 3 . 11 SAAS Software as a Service Target users: end users Not to be confused with the economic definition of SaaS 3 . 12 SOMETHING AS A SERVICE? Load balancing as a Service (Infra) Database as a Service (Platform) MyApplication as a Service (Software) etc. 3 . 13 SERVICE MODELS IN ONE DIAGRAM IaaS - PaaS - SaaS (source: Wikipedia) 3 . 14 PUBLIC OR PRIVATE CLOUD? Who is it for? Public: everyone, available on internet Private: to an organization, available on its network 3 . 15 HYBRID CLOUD Usage of multiple public and/or private clouds Attractive concept but implementation is hard a priori Some use cases fit perfectly Continuous integration (CI) Incentives: Avoid lock-in Cloud bursting 3 . 16 VIRTUALIZATION INSTANT Let's make it clear. Virtualization is a technology that can implement the compute function A cloud providing compute resources can use virtualization But it can also use: Bare-metal Containers 3 . 17 APIS ARE KEY Reminder: API stands for Application Programming Interface In the software sense: Interface for a program to use a library In the cloud sense: Interface for a program to use a service (XaaS) Programming interface (through the network, often HTTP) Explicit boundary between the provider and the user Defines how the user interacts with the cloud to manage their resources Manages: CRUD (Create, Read, Update, Delete) 3 . 18 API REST One ressource == one URI (Uniform Resource Identifier) Usage of HTTP verbs to define operations (CRUD) GET POST PUT DELETE Usage of HTTP return codes Resources are represented in the HTTP responses' body 3 . 19 REST - EXAMPLES GET http://endpoint/volumes/ GET http://endpoint/volumes/?size=10 POST http://endpoint/volumes/ DELETE http://endpoint/volumes/xyz 3 . 20 REAL EXAMPLE GET /v2.0/networks/d32019d3-bc6e-4319-9c1d-6722fc136a22 { "network":{ "status":"ACTIVE", "subnets":[ "54d6f61d-db07-451c-9ab3-b9609b6b6f0b" ], "name":"private-network", "provider:physical_network":null, "admin_state_up":true, "tenant_id":"4fd44f30292945e481c7b8a0c8908869", "provider:network_type":"local", "router:external":true, "shared":true, "id":"d32019d3-bc6e-4319-9c1d-6722fc136a22", "provider:segmentation_id":null } } 3 . 21 WHY CLOUD? ECONOMICAL POINT OF VIEW Consider IT resources as service provider resources Shift the "investment" budget (Capex) to the "operation" budget (Opex) Cut costs by sharing resources, and maybe with economies of scale Reduce delivery times Match costs to the real usage of resources 3 . 22 WHY CLOUD? TECHNICAL POINT OF VIEW Abstract from the lower layers (server, network, OS, storage) Get rid of the technical administration of resources and services (DB, firewalls, load-balancing, etc.) Design infrastructures which can scale on the fly Act on resources through lines of code and manage infrastructures "as code" 3 . 23 MARKET 3 . 24 AMAZON WEB SERVICES (AWS), LEADER AWS logo Started in 2006 At first: "e-commerce" web services for developers Then: other services for developers And finally: infrastructure resources Recently, SaaS 3 . 25 PUBLIC IAAS ALTERNATIVES TO AWS Google Cloud Platform Microsoft Azure Rackspace DreamHost DigitalOcean In France: Cloudwatt (Orange Business Services) Numergy (SFR) OVH Ikoula Scaleway Outscale 3 . 26 PRIVATE IAAS OpenStack CloudStack Eucalyptus OpenNebula 3 . 27 OPENSTACK IN A FEW WORDS OpenStack logo Was born in 2010 OpenStack Foundation since 2012 Written in Python and distributed under Apache 2.0 license Large support from the industry and various contributions 3 . 28 PUBLIC PAAS EXAMPLES Amazon Elastic Beanstalk (https://aws.amazon.com/fr/elasticbeanstalk) Google App Engine (https://cloud.google.com/appengine) Heroku (https://www.heroku.com) 3 . 29 PRIVATE PAAS SOLUTIONS Cloud Foundry, Foundation (https://www.cloudfoundry.org) OpenShift, Red Hat (https://www.openshift.org) Solum, OpenStack (https://wiki.openstack.org/wiki/Solum) 3 . 30 INFRASTRUCTURE AS A SERVICE CONCEPTS 3 . 31 BASICS Infrastructure: Compute Storage Network 3 . 32 COMPUTE RESOURCES Instance Image Flavor Keypair (SSH) 3 . 33 INSTANCE Dedicated to compute Short typical lifetime, to be considered ephemeral Should not store persistent data Non persistent root disk Based on an image 3 . 34 CLOUD IMAGE Disk image containing an already installed OS Infinitely instanciable Can talk to the metadata API 3 . 35 METADATA API http://169.254.169.254 Available from the instance Provides informations about the instance Exposes userdata The cloud-init tool helps take advantage of this API 3 . 36 FLAVOR Instance type in AWS Defines an instance model regarding CPU, RAM, disk (root), ephemeral disk The ephemeral disk has, like the root disk, the advantage of often being local and thus fast 3 . 37 KEYPAIR SSH public key + private key Cloud manages and stores the public key This public key is used to give SSH access to the instances 3 . 38 NETWORK RESOURCES 1/2 L2 network Network port L3 network Router Floating IP Security group 3 . 39 NETWORK RESOURCES 2/2 Load Balancing as a Service VPN as a Service Firewall as a Service 3 . 40 STORAGE RESOURCES Cloud provides two kinds of storage Block Object 3 . 41 BLOCK STORAGE Volumes that can be attached to an instance Access to raw devices such as /dev/vdb Ability to use any kind of file system Ability to use LVM, encryption, etc. Compatible with all existing applications Requires provisioning space by defining volume size 3 . 42 SHARED STORAGE? Block storage is not a shared storage solution like NFS NFS is at a higher layer: file system A volume is a priori connected to a single host 3 . 43 "BOOT FROM VOLUME" Starting an instance with its root disk on a volume Root disk data persistence Gets similar to classical server 3 . 44 OBJECT STORAGE API: CRUD on data Push and retrieve objects in/from a container/bucket No data hierachy, no directories, no file system Read/write access through APIs only No provisioning necessary Application must be designed to take advantage of object storage 3 . 45 ORCHESTRATION Orchestrate creation and management of resources in the cloud Architecture definition in a template Resources created from a template make a stack There are also orchestration tools (rather than services) 3 . 46 USAGE BEST PRACTICES 3 . 47 WHY BEST PRACTICES? Two differents possible views: Don't change anything Risk not meeting expectations Limit usage to test & dev use case Adapt to new cloud compliant practices to take advantage of it 3 . 48 HIGH AVAILABILITY (HA) Cloud control plane (APIs) is HA Managed resources might not be 3 . 49 PET VS CATTLE How to consider instances? Pet Cattle 3 . 50 INFRASTRUCTURE AS CODE With code Provision infrastructure resources Configure said resources, instances in particular The job is changing: Infrastructure Developer 3 . 51 SCALING Scale out rather than Scale up Scale out: horizontal scaling Scale up: vertical scaling Auto-scaling Managed by the cloud Managed by an external component 3 . 52 CLOUD READY APPLICATIONS Store their