DOCSLIB.ORG

Best Practices Building Resilient Systems</U>

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Best Practices Building Resilient Systems</U> <u>Best Practices Building Resilient Systems</u> Pablo Jensen, CTO Who is Pablo Jensen? . Danish – but born in Argentina where they didn’t had Paul on their whitelist of names so my parents had to call me Pablo . Computer Science degree from Copenhagen University – and MBA from Henley . Several years in Thomson Reuters in Scandinavia, London and Switzerland . Joined Sportradar as CTO in 2013 when the business had 500 employees with 150 in IT – now 2.000 employees and 400 in IT . Industrial advisor for EQT . Running, wine, car’s, Brøndby IF Who is Sportradar? Operating at the intersection of sports, media and entertainment. Global leader in live sports data solutions for digital sport entertainment . 8,000+ staff and contractors globally . 30+ global offices . Deep coverage of more than 40 sports and 600,000 live events per year . 9.000 data points updated every second . 1 second delay from live stadium event to when data is out at our customers . Platform handling 200,000 requests a second, serving users with up to 4gbit/s in total traffic . 9.000 requests/second in average . 800+ Clients and Partners Serving More Than 800 Global Customers Betting Sports Media Integrity Rights Holders Sportradar in a Nutshell Data Collection Data Processing DATA ANALYTICS Data Monitoring Data Marketing Digital Sports Solutions Sports Media: Live Score Sports Media: AV & OTT Sports Media: Widgets & Cards Betting: Life Cycle of Odds Betting: Live Odds Betting: Virtual Games Betting: Integrity Data Feeds & Development Services MDP – Mobile eSports Service Live Odds Development Platform What can go possibly wrong?? What can go possibly wrong?? Top incident reasons 1. 3rd Party Provider issue Physical Footprint 2. Limit exceed (table, storage, traffic) 3. Coding error Technology 4. Not following agreed procedures Process Prepare for that there always will be something wrong Web: IT Organisation HTML5/CSS3, React, Javascript, API driven, Nginx, NodeJS, Varnish, Tomcat, Jetty Tech Stack Mobile: IOS, Android 400+ employees in 10+ IT locations: Backend: • 40+ Dedicated teams Java, PHP, Scala, JRuby, Go, C++, Memcache, Redis, MySql, Cassandra, MongoDB • 300+ Developers • 35 Tech Leads Sys Admin • 40+ System Administrators Ganeti, OpenStack, Zabbix, Puppet, Mcollective, Debian Linux, AWS, Ceph, • 40+ Project Managers Kubernetes • 30+ QA • 20+ Mobile Developers Source code system GIT (GitLab) Open Source scanning WhiteSource Build management: Jenkins, GitLab CI BI & Analytics: S3, ORC, NiFi, RedShift, Athena, Spark, Qlik Communication Tools Slack, Outlook, own build tools for Incident and Maintenance Management but looking at migrating to 3rd party services (StatusPage.io) Web: IT Organisation HTML5/CSS3, React, Javascript, API driven, Nginx, NodeJS, Varnish, Tomcat, Jetty Tech Stack Mobile: IOS, Android 400+ employees in 10+ IT locations: Best practices for buildingBackend resiliency: • 40+ Dedicated teams Java, PHP, Scala, JRuby, Go, C++, Memcache, Redis, MySql, Cassandra, MongoDB • 300+ Developers • 35 Tech Leads Strict defined tech stackSys – Adminnew technologies are • 40+ System Administrators Ganeti, OpenStack, Zabbix, Puppet, Mcollective, Debian Linux, Amazon Web Services, • 40+ Project Managers architecture driven, notKubernetes developer driven • 30+ QA • 20+ Mobile Developers Key technical IT gate pointsSource tocode be system followed GIT (GitLab) • Fitness for DevelopmentOpen Source scanning • Fitness for Launch WhiteSource • “30% Rule” Build management: • Secure DevelopmentJenkins, Guidelines GitLab CI • Maintenance Procedure • Incident Procedure BI & Analytics: • On Duty Procedure S3, ORC, NiFi, RedShift, Athena, Spark, Qlik Sportradar Hosting Locations Own regional based data center locations in Europe AWS/Amazon hosting locations used by Sportradar Sportradar Hosting Locations Physical Footprint Best practices for building resiliency Identical physical regional located core data centers running live-live treated as single redundant data center. Multiple options for client access: • Strategic located POP’s • Direct connect • Open Internet Conceptual Cluster Physical Cluster Data Center A Data Center B Own regional basedA dataB center locationsC in Europe A B C A B C AWS/Amazon hosting locations used by Sportradar Sportradar’s Global Data Production Operations setup is physical redundant so we can Sportradar Production with more than 900 employees globally shift operations between locations Key facts Germany US • Worldwide accepted data quality unmatched in combination of speed and accuracy Estonia • Redundant production setup • Key positions manned with branch expertise Philippines from all business segments • State of the art data entry tools, developed in- Austria house, enhanced based on needs of operations • Operations approved and well-rehearsed, Uruguay permanently reviewed and improved/adjusted • >900 operators across 7 locations • >6,000 scouts globally Sportradar’s Global Data Production Operations setup is physical redundant so we can Sportradar Production with more than 900 employees globally shift operations between locations PhysicalKey facts Footprint Germany US Best practices for building resiliency • Worldwide accepted data quality unmatched in combination of speed and accuracy Estonia Identical production locations • Redundant production setup • Key positions manned with branch expertise Tasks can move from one locationPhilippines to another from all business segments • State of the art data entry tools, developed in- Austria house, enhanced based on needs of operations • Operations approved and well-rehearsed, Uruguay permanently reviewed and improved/adjusted • >900 operators across 7 locations • >6,000 scouts globally Providers All service elements; eg. ISP, CDN, DDOS Protection, cloud hosting, physical hosting, DNS, physical production locations, POPs, fixed line connections are understood and categorized with full risk understanding and acceptance. Providers Physical Footprint All service elements;Best practices eg. for ISP, building CDN, resiliency DDOS Protection, cloud hosting, physicalUnderstand hosting, and accept: DNS, physical production locations, • Service elements that are ‘multi-vendor POPs, fixed line connections are understood and categorized • Service elements that are ‘multi-regional’ with full risk understanding and acceptance. • Service elements that are ‘single’ served Separate technology stacks Closed extranet environment for Business Area A Open internet environment for Business Area B US Asia EU EU Client Client Client Client Client Client Client Client DDOS Amazon AWS City A POP City B POP Amazon AWS Protection DC Closed Stack DC Open Stack Own hardware, firewall, routers Own hardware, firewall, routers Leased/fixed line Open Internet during normal operation Gateway for clients from Open Internet during DDOS mitigation open internet Separate technology stacks Closed extranet environment for Business Area A Open internet environment for Business Area B US Asia EU EU Client Client Client Client Client Client Client TechnologyClient Best practices for building resiliency Amazon AWS City A POP City B POP Amazon AWS Prolexic Business areas served via separate technology stacks; one stack can have issues without impacting other stacks DC Closed StackTechnology stacks are hosted on independent DC Open Stack Own hardware, firewall,redundant routers services Own hardware, firewall, routers Leased/fixed line Open Internet during normal operation Gateway for B2B clients Open Internet during DDOS attack from open internet Architecture Deployment Model One of our Backend Core Systems • Running on 3 dedicated physical servers in 3 different physical locations 3 availability zones • Composed of many sub-systems - each running as an independent cluster Separate cluster per sub system • Java services either stateless or stateful while keeping data in a distributed mem-grid • Clustered active-active setup of RabbitMQ, Zookeeper, HAProxy, Mongo replica sets, Cassandra Active/Active • Master-slave active-passive setup of MySQL, MySQL Fabric and Redis instances Active/Passive • Mongo point-in-time incremental backup, MySQL/Redis/ZK daily backups • Recovery mechanisms (e.g. a subsystem is able to recover its state based on reference data) Recovery • Async service design (message passing, streaming) Async Design • Circuit-breakers, request throttling, fail-fast approach (Hystrix) • Decoupling of operational and archive/warehouse databases Decoupling • Decoupling and different types of disk volumes, reduce I/O contention (e.g. Mongo, MySQL, Backup, VMs) • Lots of attention to low-latency implementation and design Architecture Deployment Model One of our backend Core Systems • Running on 3 dedicated physical servers in 3 different physical locations 3 availability zones Technology • Composed of many sub-systems - each running as an independent cluster Separate cluster per sub system • Java services either statelessBest or stateful practiceswhile for keeping building data inresiliency a distributed mem-grid • Clustered active-active setup of RabbitMQ, Zookeeper, HAProxy, Mongo replica sets, Cassandra Active/Active • Master-slave active-passive setupClear oftechnical MySQL, MySQL guidelines Fabric for and development Redis instances teams; Active/Passive • Mongo point-in-time incrementalno need backup, to invent MySQL/ theRedis wheel/ZK dailyall the backups time • Recovery mechanisms (e.g. a subsystem is able to recover its state based on reference data) Recovery Test, test, test • Async service design (message passing,
Load more

Recommended publications
  • Homework #5 Answer Key
    CS312 Homework #5 Answer Key March 9, 2016 Questions 1. Load balancers are designed to help with vertical scaling. (a) True (b) False 2. Layer 7 load balancers allow you to use both connection tracking and inspection of packets including modification of packets. (a) True (b) False 3. Linux containers do not require hypervisors (a) True (b) False 1 4. The RUN command can be used more than once in a Dockerfile. (a) True (b) False 5. The PID Namespace allows users to see processes from other containers (a) True (b) False 6. Paravirtualization uses cpu supported virtualization. (a) True (b) False 7. Which software load balancer primarily acts as an HTTP accelerator and a static cache server? (a) HAProxy (b) Apache (c) nginx (d) Varnish 8. Which of the following is not true about Linux Containers? (a) Operating system level virtualization (b) Provides little overhead (c) Fully emulates an operating system (d) Allows limits to resources with cgroups 9. Which service describes a virtual computing platform? (a) IaaS (b) PaaS (c) SaaS (d) VaaS 2 10. Describe the potential problems of using Round Robin DNS. • Depending on the implementation of the client resolver, this can be somewhat random or not. • Some resolvers always use alphabetical ordering. • DNS Caching and Time-To-Live (TTL) issues. • If the site goes down, you have to update DNS to reroute traffic which can cause problems. 11. Which scheduling algorithm is generally preferred if the web application uses sessions? Source Connection 12. Which HAProxy configuration section allows you to define a complete proxy? listen 13.
    [Show full text]
  • Kubernetes Security Guide Contents
    Kubernetes Security Guide Contents Intro 4 CHAPTER 1 Securing your container images and CI/CD pipeline 6 Image scanning 6 What is image scanning 7 Docker image scanning open source tools 7 Open source Docker scanning tool: Anchore Engine 8 Securing your CI/CD pipeline 9 Image scanning in CI/CD 10 CHAPTER 2 Securing Kubernetes Control Plane 14 Kubelet security 14 Access to the kubelet API 15 Kubelet access to Kubernetes API 16 RBAC example, accessing the kubelet API with curl 16 Kubernetes API audit and security log 17 Audit log policies configuration 19 Extending the Kubernetes API using security admission controllers 20 Securing Kubernetes etcd 23 PKI-based authentication for etcd 23 etcd peer-to-peer TLS 23 Kubernetes API to etcd cluster TLS 24 Using a trusted Docker registry 24 Kubernetes trusted image collections: Banning non trusted registry 26 Kubernetes TLS certificates rotation and expiration 26 Kubernetes kubelet TLS certificate rotation 27 Kubernetes serviceAccount token rotation 28 Kubernetes user TLS certificate rotation 29 Securing Kubernetes hosts 29 Kubernetes 2 Security Guide Using a minimal host OS 30 Update system patches 30 Node recycling 30 Running CIS benchmark security tests 31 CHAPTER 3 Understanding Kubernetes RBAC 32 Kubernetes role-based access control (RBAC) 32 RBAC configuration: API server flags 34 How to create Kubernetes users and serviceAccounts 34 How to create a Kubernetes serviceAccount step by step 35 How to create a Kubernetes user step by step 37 Using an external user directory 40 CHAPTER 4 Security
    [Show full text]
  • Running Legacy VM's Along with Containers in Kubernetes!
    Running Legacy VM’s along with containers in Kubernetes Delusion or Reality? Kunal Kushwaha NTT Open Source Software Center Copyright©2019 NTT Corp. All Rights Reserved. About me • Work @ NTT Open Source Software Center • Collaborator (Core developer) for libpod (podman) • Contributor KubeVirt, buildkit and other related projects • Docker Community Leader @ Tokyo Chapter Copyright©2019 NTT Corp. All Rights Reserved. 2 Growth of Containers in Companies Adoption of containers in production has significantly increased Credits: CNCF website Copyright©2019 NTT Corp. All Rights Reserved. 3 Growth of Container Orchestration usage Adoption of container orchestrator like Kubernetes have also increased significantly on public as well private clouds. Credits: CNCF website Copyright©2019 NTT Corp. All Rights Reserved. 4 Infrastructure landscape app-2 app-2 app-M app-1 app-2 app-N app-1 app-1 app-N VM VM VM kernel VM Platform VM Platform Existing Products New Products • The application infrastructure is fragmented as most of old application still running on traditional infrastructure. • Fragmentation means more work & increase in cost Copyright©2019 NTT Corp. All Rights Reserved. 5 What keeps applications away from Containers • Lack of knowledge / Too complex to migrate in containers. • Dependency on custom kernel parameters. • Application designed for a custom kernel. • Application towards the end of life. Companies prefer to re-write application, rather than directly migrating them to containers. https://dzone.com/guides/containers-orchestration-and-beyond Copyright©2019 NTT Corp. All Rights Reserved. 6 Ideal World app-2 app-2 app-M app-1 app-2 app-N app-1 app-1 app-N VM VM VM kernel VM Platform • Applications in VM and containers can be managed with same control plane • Management/ Governance Policies like RBAC, Network etc.
    [Show full text]
  • Ovirt and Docker Integration
    oVirt and Docker Integration October 2014 Federico Simoncelli Principal Software Engineer – Red Hat oVirt and Docker Integration, Oct 2014 1 Agenda ● Deploying an Application (Old-Fashion and Docker) ● Ecosystem: Kubernetes and Project Atomic ● Current Status of Integration ● oVirt Docker User-Interface Plugin ● “Dockerized” oVirt Engine ● Docker on Virtualization ● Possible Future Integration ● Managing Containers as VMs ● Future Multi-Purpose Data Center oVirt and Docker Integration, Oct 2014 2 Deploying an Application (Old-Fashion) ● Deploying an instance of Etherpad # yum search etherpad Warning: No matches found for: etherpad No matches found $ unzip etherpad-lite-1.4.1.zip $ cd etherpad-lite-1.4.1 $ vim README.md ... ## GNU/Linux and other UNIX-like systems You'll need gzip, git, curl, libssl develop libraries, python and gcc. *For Debian/Ubuntu*: `apt-get install gzip git-core curl python libssl-dev pkg- config build-essential` *For Fedora/CentOS*: `yum install gzip git-core curl python openssl-devel && yum groupinstall "Development Tools"` *For FreeBSD*: `portinstall node, npm, git (optional)` Additionally, you'll need [node.js](http://nodejs.org) installed, Ideally the latest stable version, be careful of installing nodejs from apt. ... oVirt and Docker Integration, Oct 2014 3 Installing Dependencies (Old-Fashion) ● 134 new packages required $ yum install gzip git-core curl python openssl-devel Transaction Summary ================================================================================ Install 2 Packages (+14 Dependent
    [Show full text]
  • Using Ganeti for Running Highly Available Virtual Services
    Using Ganeti for running highly available virtual services 2016-04-21, HEPiX Spring 2016, Zeuthen Overview ● What is Ganeti ● What is it good for ● How does it work ● NDGF usage 2 What is Ganeti ● A software stack for managing virtual machines – Like VMware or OpenStack or libvirt or ... – Supporting Xen or KVM hypervisors – Handles ● Storage: volume creation and assignment ● OS installation and customization ● Networking ● Startup, shutdown, live migration, failover of instances – Written in Python and Haskell – Aimed for ease of use and fast and simple error recovery after physical failures on commodity hardware 3 What is Ganeti ● Mainly developed by Google for their own use – Handles VMs for corporate network (office servers, remote desktops etc), not production services (what non-employees see) ● Outside Google – Debian – NDGF-T1 – Lufthansa – Etc ● Maintained by Google with significant external contributions 4 What is Ganeti good at ● Running highly available services on a small set of hardware – DRBD or external reliable block devices (CEPH, Enterprise storage) – Live migrations in case of impending hardware failure ● Or reboot into new kernel security upgrade on the hardnode – Failover handled automatically in case of sudden hardware failure – No external dependencies beyond networking ● Well, if you use external storage... ● But no extra servers or services needed – Typical reasonable cluster size, 3 – 50 hardnodes ● Multiple clusters integrate well though in admin tools 5 How does Ganeti work ● gnt-cluster init ... – Creates a cluster of ganeti nodes – We'll assume DRBD for storage, as at NDGF – One member is a master node ● Others can take over with master-failover if they can get quorum A B C D E 6 How does Ganeti work ● gnt-instance add – Creates VMs, with OS install scripts (image, debootstrap, pxe) – Each VM has a secondary location (DRBD mirror, sync) A B C D E 7 How does Ganeti work ● gnt-instance migrate – No noticable service impact from live migration, <1s network pause ● Unless something is broken..
    [Show full text]
  • Container and Kernel-Based Virtual Machine (KVM) Virtualization for Network Function Virtualization (NFV)
    Container and Kernel-Based Virtual Machine (KVM) Virtualization for Network Function Virtualization (NFV) White Paper August 2015 Order Number: 332860-001US YouLegal Lines andmay Disclaimers not use or facilitate the use of this document in connection with any infringement or other legal analysis concerning Intel products described herein. You agree to grant Intel a non-exclusive, royalty-free license to any patent claim thereafter drafted which includes subject matter disclosed herein. No license (express or implied, by estoppel or otherwise) to any intellectual property rights is granted by this document. All information provided here is subject to change without notice. Contact your Intel representative to obtain the latest Intel product specifications and roadmaps. The products described may contain design defects or errors known as errata which may cause the product to deviate from published specifications. Current characterized errata are available on request. Copies of documents which have an order number and are referenced in this document may be obtained by calling 1-800-548-4725 or by visiting: http://www.intel.com/ design/literature.htm. Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Learn more at http:// www.intel.com/ or from the OEM or retailer. Results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance. For more complete information about performance and benchmark results, visit www.intel.com/benchmarks. Tests document performance of components on a particular test, in specific systems.
    [Show full text]
  • Kubernetes As an Availability Manager for Microservice Based Applications Leila Abdollahi Vayghan
    Kubernetes as an Availability Manager for Microservice Based Applications Leila Abdollahi Vayghan A Thesis in the Department of Computer Science and Software Engineering Presented in Partial Fulfillment of the Requirements for the Degree of Master of Computer Science at Concordia University Montreal, Quebec, Canada August 2019 © Leila Abdollahi Vayghan, 2019 CONCORDIA UNIVERSITY SCHOOL OF GRADUATE STUDIES This is to certify that the thesis prepared By: Leila Abdollahi Vayghan Entitled: Kubernetes as an Availability Manager for Microservice Based Applications and submitted in partial fulfillment of the requirements for the degree of Master in Computer Science complies with the regulations of the University and meets the accepted standards with respect to originality and quality. Signed by the final examining committee: ________________________________________________ Chair Dr. P. Rigby ________________________________________________ Internal Examiner Dr. D. Goswami ________________________________________________ Internal Examiner Dr. J. Rilling ________________________________________________ Co-Supervisor Dr. F. Khendek ________________________________________________ Co-Supervisor Dr. M. Toeroe Approved by: ___________________________________ Dr. L. Narayanan, Chair Department of Computer Science and Software Engineering _______________ 2019___ __________________________________ Dr. Amir Asif, Dean, Faculty of Engineering and Computer Science ii ABSTRACT Kubernetes as an Availability Manager for Microservice Based Applications Leila
    [Show full text]
  • Immutable Infrastructure, Containers, & the Future of Microservices
    Immutable infrastructure, containers, & the future of microservices Adam Miller Senior Software Engineer, Red Hat 2015-07-25 What we'll cover in this session ● Define “microservices” ● Define “containers” in the context of Linux systems ● Container Implementations in Linux ● What Immutable Infrastructure is – Example of what Immutable Infrastructure deployment workflow looks like ● Red Hat Enterprise Linux Atomic Host – How RHEL Atomic enables and enhances these concepts ● Kubernetes – Orchestrating the Immutable Infrastructure ● OpenShift – Enabling the development and container building pipeline Microservices Microservices are not entirely new. ● The vocabulary term is “new-ish” (2012 – James Lewis and Martin Fowler) ● The idea is very old – Microkernels have existed since the 1980s – Could argue that system admins have been doing this with shell scripts and pipes for years ● Applying this concept to services higher in Monolithic Kernel Microkernel the stack is a newer trend based Operating System based Operating System – Application Heavily influenced by popular technologies System Call such as web microframeworks and containers. user mode VFS IPC, File System Application UNIX Device File IPC Server Driver Server Scheduler, Virtual Memory kernel mode Device Drivers, Dispatcher, ... Basic IPC, Virtual Memory, Scheduling Hardware Hardware What are Microservices? ● Services, “the UNIX Way” – Do one thing, do it well. – Decouple tightly coupled services, make the architecture more modular. ● Loosely coupled services using programming language agnostic APIs for communication – Example: REST APIs The mythical cloud The mythical cloud Micro services Containers What are containers? ● Operating-system-level Virtualization – We (the greater Linux community) like to call them “containers” ● OK, so what is Operating-system-level Virtualization? – The multitenant isolation of multiple user Traditional OS Containers space instances or namespaces.
    [Show full text]
  • Kubernetes As an Availability Manager for Microservice Applications
    Kubernetes as an Availability Manager for Microservice Applications Leila Abdollahi Vayghan Mohamed Aymen Saied Maria Toeroe Ferhat Khendek Engineering and Computer Engineering and Computer Ericsson Inc. Engineering and Computer Science Science Montreal, Canada Science Concordia University Concordia University [email protected] Concordia University Montreal, Canada Montreal, Canada Montreal, Canada [email protected] [email protected] [email protected] Abstract— The move towards the microservice based services that can be deployed and scaled independently by fully architecture is well underway. In this architectural style, small and automated deployment machinery, with minimum centralized loosely coupled modules are developed, deployed, and scaled management [2]. Microservices are built around separate independently to compose cloud-native applications. However, for business functionalities. Each microservice runs in its own carrier-grade service providers to migrate to the microservices process and communicates through lightweight mechanisms, architectural style, availability remains a concern. Kubernetes is often using APIs [3]. Microservices address the drawbacks of an open source platform that defines a set of building blocks which monolithic applications. They are small and can restart faster at collectively provide mechanisms for deploying, maintaining, the time of upgrade or failure recovery. Microservices are scaling, and healing containerized microservices. Thus, loosely coupled, and failure of one microservice will not affect Kubernetes hides the complexity of microservice orchestration while managing their availability. In a preliminary work we other microservices of the system. The fine granularity of this evaluated Kubernetes, using its default configuration, from the architectural style makes the scaling more flexible and more availability perspective in a private cloud settings.
    [Show full text]
  • Docker and Kubernetes: Changing the Opentext Documentum Deployment Model
    White paper Docker and Kubernetes: Changing the OpenText Documentum deployment model Containerization with Docker and Kubernetes’ cloud-first technology is not only a game changer for effectively managing on-premises ™ ™ OpenText Documentum solutions, it also paves the way for deploying EIM solutions in the cloud. Contents New deployment models 3 Customer case study—Part I 3 What is containerization? 4 What are Docker containers? 4 Docker container advantages 5 Available containers 6 What is Kubernetes? 6 Kubernetes advantages 6 Customer case study—Part II 7 EIM in the cloud 7 What is the cloud? 7 Cloud EIM 8 Customer case study—Part III 9 ™ OpenText Managed Services 9 Summary 9 Docker and Kubernetes: Changing the OpenText Documentum deployment model 2/10 New deployment models ™ ™ OpenText Documentum administrators can face two challenges: 1. Effectively managing complex Documentum deployments. Highly customized, mission-critical applications consume disproportionate administrative cycles, budgets and resources to install, upgrade, maintain and enhance. Upgrading these applications requires significant investments in change management. As a result, applications are often not upgraded in a timely fashion and do not leverage the latest technology. 2. Developing a cloud strategy for Enterprise Information Management (EIM) applications. Corporate IT is under intense pressure to produce an enterprise cloud strategy. Leveraging cloud technology for Enterprise Information Management (EIM) applications can be a big win, as long as it does not impact adoption, productivity and governance. Containerization enables new deployment models to help organizations meet these challenges, effectively managing on-premises solutions and paving the way for deploying EIM solutions in the cloud. Customer case study—Part I This real-world customer case study illustrates how containerization can benefit existing Documentum customers.
    [Show full text]
  • Managed Conversion of Guests to Ovirt
    Managed Conversion of Guests to oVirt Arik Hadas Senior Software Engineer Red Hat 21/8/15 KVM Forum, August 2015 Agenda ● Motivation ● Architecture ● Demonstration ● Implementation ● Future work KVM Forum, August 2015 Many ways to run Virtual Machines ● There are many virtualization tools ● Different hypervisors – KVM, E !"E Xi, Xen, VirtualBo$, .%% ● Different management systems – oVirt, virt'manager, v phere, Ganeti, .%% KVM Forum, August 2015 “I don't want to lose my VMs” ● Virtualization technologies are used for a long time ● +o standardization ● ,eople are tied up to the technologies they currently use ● Conversion tools are neede). KVM Forum, August 2015 virt-v2v ● ,art of virt tools – /pen source virtualization management tools ● Foreign hypervisor -0 KVM ● Standalone conversion tool KVM Forum, August 2015 Conversion to oVirt using virt-v2v ● Converts disk formats ● Enables VirtIO drivers (If needed) – Network, torage ● Fixes boot'loader ● ,roduces full oVirt-compatible OVF ● Outputs the VM in oVirt's export domain KVM Forum, August 2015 Drawbacks ● Slow ● Tedious ● Error-prone ● 5equires separate installation ● Do not support conversion of OVA 7les ● Error handlin& KVM Forum, August 2015 Our goal Improve the conversion process to oVirt – Faster – Tools are availa1le – Graphical user interface ● To con7&ure ● To monitor/cancel – Ro1ust – Support conversion of OVA files KVM Forum, August 2015 Design principles ● 8se virt-v9v capabilities – For &uest-level operations ● oVirt mana&es the conversion – -on7&ure conversion properties
    [Show full text]
  • LXC, Docker, and the Future of Software Delivery
    LXC, Docker, and the future of software delivery Linuxcon – New Orleans, 2013 Jérôme Petazzoni, dotCloud Inc. Best practices in development and deployment, with Docker and Containers February 2014—Docker 0.8.1 Introduction to Docker - Patel Jitendra Cluster Management with Kubernetes Please open the gears tab below for the speaker notes Satnam Singh [email protected] Work of the Google Kubernetes team and many open source contributors University of Edinburgh, 5 June 2015 Kubernetes An Introduction The promise of cloud computing Cloud software deployment is soul destroying Typically a cloud cluster node is a VM running a specific version of Linux. User applications comprise components each of which may have different and conflicting requirements from libraries, runtimes and kernel features. Applications are coupled to the version of the host operating system: bad. Evolution of the application components is coupled to (and in tension with) the evolution of the host operating system: bad. Also need to deal with node failures, spinning up and turning down replicas to deal with varying load, updating components with disruption … You thought you were a programmer but you are now a sys-admin. Why Linux Containers? What are we trying to solve? The Matrix From Hell Many payloads ● backend services (API) ● databases ● distributed stores ● webapps Many payloads ● Go ● Java ● Node.js ● PHP ● Python ● Ruby ● … Many targets ● your local development environment ● your coworkers' developement environment ● your Q&A team's test environment ● some random
    [Show full text]