Containerized  Cloud  Compu0ng  Sivaram Shunmugam

Manager, Infrastructure Practice

siva@redhat.com

THE  PROBLEM  

APPLICATION  DELIVERY  VIA  CONTAINERS  

WHAT  ARE  LINUX  CONTAINERS?  

• Software packaging concept that typically includes an application and all of its runtime dependencies. l  Easy to deploy and portable

across host systems l  Isolates applications on a

host operating system l  In Red Hat Enterprise Linux,

this is done through: l  Control Groups (cgroups) l  kernel namespaces l  SELinux, sVirt, iptables l  Docker

HOST OS

SERVER

CONTAINER

LIBS

APP

“Everything at Google, from Search to Gmail, is packaged and run in a Linux container.”1

- Eric Brewer, VP of Infrastructure,

Google

SOME  OF  THE  MOST  ADVANCED  

INFRASTRUCTURES  RUN  ON  CONTAINERS  

1 Source: http://googlecloudplatform.blogspot.com/2014/06/an-update-on-container-support-on-google-cloud-platform.html

TOP  5  MISCONCEPTIONS  ABOUT  CONTAINERS  

• Containers are new. • Containers equal virtualization. • Containers are universally portable. • Containers are secure by default. • Containers are not enterprise-ready. • (give example of application example)

1

2

3

4

5

TRADITIONAL  OS  VS.  CONTAINERS  

• Traditional OS • Containers

HARDWARE

HOST OS

HARDWARE

HOST OS

CONTAINER

LIBS

APP A

LIBS A LIBS B LIBS LIBS

APP A APP B CONTAINER

LIBS

APP B

APP  DELIVERY  VIA  CONTAINERS...    

NOT  AS  EASY  AS  BUILD,  DEPLOY,  RUN.  

“While docker enthusiasts claim you can ‘run any app anywhere’ this is unfortunately not true in many cases. Many userland tools are coupled to kernel features, kernel modules, distro specific kernel configurations, etc... Over the years we have built a complex web of interdependence between kernelspace, userspace, compile-time configurations and runtime configurations; it will take years to untangle this mess.”

-- Avishai Ish-Shalom co-founder and CTO

Fewbytes

Source: http://www.fewbytes.com/docker-selinux-and-the-myth-of-kernel-indipendence/

ESTABLISHING OPEN STANDARDS

ESTABLISHING STANDARDS AROUND...

REGISTRY / CONTAINER DISCOVERY

CONTAINER FORMAT WITH

DOCKER

ISOLATION WITH LINUX

CONTAINERS

ORCHESTRATION WITH

KUBERNETES

Red Hat works with the open source community to drive standards for containerization.

CONTAINER  PORTABILITY  ACROSS  PHYSICAL,  VIRTUAL,  PRIVATE  CLOUD,  PUBLIC  CLOUD  

7

TRUST

SECURING  HOSTS  AND  CONTAINERS  RED  HAT  CONTAINER  CERTIFICATION  

CERTIFIED ECOSYSTEM l  Trusted source for the host and the containers l  Enterprise life cycle for container content

l  Proven portability l  Container Development Kit

HOST OS

HARDWARE

CONTAINER

LIBS

APP

CONTAINER

LIBS

APP

SIMPLIFYING  CONTAINER  ADOPTION  

FOR  PARTNERS  

RED HAT CONNECT for technology

partners

LEARN

RED HAT CONTAINER DEVELOPMENT

KIT (CDK)

BUILD

DISTRIBUTE

RED HAT CONTAINER REGISTRY

CERTIFY

RED HAT CONTAINER

CERTIFICATION PROGRAM

INTEGRATED APPLICATION DELIVERY

PLATFORM

MONOLITHIC  TO  MICROSERVICES  

MONOLITHIC/LAYERED MICROSERVICES

MORE  THAN  THE  CONTAINER  

   

OPENSHIFT

MORE  THAN  THE  CONTAINER  

   

SINGLE APP DELIVERY PLATFORM VIA CONTAINERS develop, deploy, operate

OPENSHIFT by Red Hat

RED HAT ENTERPRISE LINUX 7

RED HAT ENTERPRISE LINUX ATOMIC HOST

DEPLOYMENT MULTIPLE DEPLOYMENT TARGETS

on Red Hat certified hardware, hypervisors and CCPs

OPENSHIFT

MORE  THAN  THE  CONTAINER  

   

SINGLE APP DELIVERY PLATFORM VIA CONTAINERS develop, deploy, operate

OPENSHIFT by Red Hat

RED HAT ENTERPRISE LINUX 7

RED HAT ENTERPRISE LINUX ATOMIC HOST

DEPLOYMENT MULTIPLE DEPLOYMENT TARGETS

on Red Hat certified hardware, hypervisors and CCPs

ORCHESTRATION of containers and microservices

OPENSHIFT

MORE  THAN  THE  CONTAINER  

   

SINGLE APP DELIVERY PLATFORM VIA CONTAINERS develop, deploy, operate

OPENSHIFT by Red Hat

RED HAT ENTERPRISE LINUX 7

RED HAT ENTERPRISE LINUX ATOMIC HOST

MANY CONTAINER SOURCES (trusted and untrusted)

PUBLIC REGISTRIES

such as Docker Hub

PRIVATE REGISTRIES on premise

CERTIFIED IMAGES Red Hat Customer Portal

DEPLOYMENT MULTIPLE DEPLOYMENT TARGETS

on Red Hat certified hardware, hypervisors and CCPs

ORCHESTRATION of containers and microservices

OPENSHIFT

CERTIFIED ISV APPS

MORE  THAN  THE  CONTAINER  

   

SINGLE APP DELIVERY PLATFORM VIA CONTAINERS develop, deploy, operate

OPENSHIFT by Red Hat

RED HAT ENTERPRISE LINUX 7

RED HAT ENTERPRISE LINUX ATOMIC HOST

MANY CONTAINER SOURCES (trusted and untrusted)

PUBLIC REGISTRIES

such as Docker Hub

PRIVATE REGISTRIES on premise

CERTIFIED IMAGES Red Hat Customer Portal

DEPLOYMENT MULTIPLE DEPLOYMENT TARGETS

on Red Hat certified hardware, hypervisors and CCPs

DEVELOPMENT

ORCHESTRATION of containers and microservices

OPENSHIFT

CERTIFIED ISV APPS

RED HAT PARTNER SOLUTIONS

RED HAT SATELLITE

RED HAT CLOUDFORMS

MORE  THAN  THE  CONTAINER  

   

SINGLE APP DELIVERY PLATFORM VIA CONTAINERS develop, deploy, operate

OPENSHIFT by Red Hat

RED HAT ENTERPRISE LINUX 7

RED HAT ENTERPRISE LINUX ATOMIC HOST

MANY CONTAINER SOURCES (trusted and untrusted)

PUBLIC REGISTRIES

such as Docker Hub

PRIVATE REGISTRIES on premise

CERTIFIED IMAGES Red Hat Customer Portal

DEPLOYMENT

MANAGEMENT

MULTIPLE DEPLOYMENT TARGETS on Red Hat certified hardware, hypervisors and CCPs

DEVELOPMENT

ORCHESTRATION of containers and microservices

ATOMIC APPLICATION ARCHITECTURE

OPENSHIFT

CERTIFIED ISV APPS

RED HAT ENTERPRISE LINUX

ATOMIC HOST

RED  HAT  ENTERPRISE  LINUX  ATOMIC  HOST  

IT IS RED HAT ENTERPRISE LINUX OPTIMIZED FOR CONTAINERS

Minimized host environment tuned for running Linux containers while maintaining compatibility with Red Hat Enterprise Linux.

Inherits the complete hardware ecosystem, military-grade security, stability and reliability for which Red Hat Enterprise Linux is known.

MINIMIZED FOOTPRINT

SIMPLIFIED MAINTENANCE

ORCHESTRATION AT SCALE

Atomic updating and rollback means it’s easy to deploy, update, and rollback using imaged-based technology.

Build composite applications by orchestrating multiple containers as microservices on a single host instance.

RUN  RHEL  6  APPLICATIONS  ON  RHEL  7  

l  Deploy containerized RHEL 6 applications to RHEL 7 without porting or changing source code

l  Make use of innovations in Red Hat Enterprise Linux 7 without compromising the reliability and security of existing Red Hat Enterprise Linux 6 apps

l  Available as part of your Red Hat Enterprise Linux subscription

RED HAT ENTEPRISE LINUX 6

HARDWARE OR VIRTUAL MACHINE

RHEL 6 APP

CONTAINER

RHEL 6 PLATFORM IMAGE

RHEL 6 APP

RHEL 6 APP

RED HAT ENTEPRISE LINUX 7

HARDWARE OR VIRTUAL MACHINE

RHEL 6 APP

RHEL 6

LIBS

APP

HOW CUSTOMERS USE CONTAINERS

HORIZONTAL SCALE-OUT CLOUD WITH ATOMIC

UPDATING

RED HAT ENTERPRISE LINUX ATOMIC HOST ON VIRTUAL

MACHINES

HIGH THROUGHPUT, CLOUD-BURST FOR

CAPACITY

RED HAT ENTERPRISE LINUX ON BARE METAL

HIGHLY PERFORMANT DURING PEAK DEMAND

RETRIEVE/REDEPLOY

CONTAINERIZED APP STACKS FOR EACH

PROJECT

Actual Customer usecase

CONSULTING  INDUSTRY  

RED  HAT  SOFTWARE        Red  Hat®    Enterprise  Linux®  7  

“At Booz Allen Hamilton, we view Red Hat Enterprise Linux 7 as a foundational component for modern cloud infrastructure. We are pleased to see Red Hat positioning Red Hat Enterprise Linux 7 for

the future of cloud consumption such as DevOps and PaaS, particularly with the integration of

Docker and Linux container elements.” MUNJEET SINGH, PRINCIPAL, DIGITAL PLATFORM INFRASTRUCTURE,

BOOZ ALLEN HAMILTON

l  Headquarters: Tyson’s Corner, Virginia, USA

l  Booz Allen Hamilton is one of the oldest management consulting firms in the world. Its core business is the provision of management, technology and security services, primarily to civilian government agencies and as a security and defense contractor to defense and intelligence agencies, as well as civil and commercial services.

CUSTOMER SINCE

2010

CONTAINERS  FOR  THE  ENTERPRISE  

CONTAINERS YOU CAN TRUST

PROVEN CONTAINER PORTABILITY

INTEGRATED APPLICATION DELIVERY PLATFORM