CoreOS: an introduction

About MeCTO/CO-FOUNDERsystems engineer

@brandonphilipsgithub.com/philips

What is CoreOS?

Why build CoreOS?

reduce API contracts

minimal

kernelsystemdetcdsshdocker

pythonjavanginxmysqlopenssl

app

dis

tro

dist

ro d

istr

o di

stro

dis

tro

dist

ro d

istr

o di

stro

pythonjavanginxmysqlopenssl

app

dis

tro

dist

ro d

istr

o di

stro

dis

tro

dist

ro d

istr

o di

stro


pythonopenssl-A app1

dis

tro

dist

ro d

istr

o di

stro

dis

tro

dist

ro d

istr

o di

stro

javaopenssl-B app2

javaopenssl-B app3


CoreOS

pythonopenssl-A app1

dis

tro

dist

ro d

istr

o di

stro

dis

tro

dist

ro d

istr

o di

stro

javaopenssl-B app2

javaopenssl-B app3

CoreOS

container

dis

tro

dist

ro d

istr

o di

stro

dis

tro

dist

ro d

istr

o di

stro

container

container

manual updates

automatic updates

atomic with rollback

auto updates

run and isolate apps

containers

pid nsisolated pid 1

user nsisolated uid 0

network nsisolated netdev

mount nsisolated /

cgroupsmanage resources

cgroupscount resources

cgroupslimit resources

docker engine

machines and clusters

configuration

get into the cluster

machine conf

#cloud-config

users: - name: core coreos-ssh-import-github: philips

coreos: etcd: discovery: https://discovery.etcd.io/ba09c units: - name: etcd.service command: start - name: fleet.service command: start

what is running

cluster conf

skydns, discoverd, confd

services

what should run

cluster conf

locksmith

coordination

fleet, kubernetes

scheduling

/etcdistributed

open source softwarehighly available and reliablesequentially consistentwatchableexposed via HTTPruntime reconfigurable

-X GETGet Wait

-X PUTPut Create CAS

-X DELETEDelete CAD

Available

Unavailable

Available

Leader

Follower

Leader

Follower

Available

Leader

Follower

Temporarily Unavailable

Leader

Follower

Available

Sequential ConsistencyIndex Time

1

1

1

2

GET A @ index 2 -> blocking

GET A @ index 2 -> 2

2

1

1

1

2

GET A @ index 2 -> 2

2

2

etcd guarantees that a get at index X will always return the

same result.

Avoid thinking in terms of real time because with network latency the result is always out-of-date.

Watchable ChangesHTTP Long-poll

1 2 3

> GET asdf?waitIndex=4&wait=true HTTP/1.1> Accept: */*>< HTTP/1.1 200 OK< Content-Type: application/json< X-Etcd-Index: 3< X-Raft-Index: 97< X-Raft-Term: 0<BLOCK

1 2 3 4

> GET asdf?waitIndex=4&wait=true HTTP/1.1> Accept: */*>< HTTP/1.1 200 OK< Content-Type: application/json< X-Etcd-Index: 3< X-Raft-Index: 97< X-Raft-Term: 0<{"action":"set","node":{"key":"/asdf","value":"foobar","modifiedIndex":4,"createdIndex":4}}

1 2 3 4

> GET asdf?waitIndex=4&wait=true HTTP/1.1> Accept: */*>< HTTP/1.1 200 OK< Content-Type: application/json< X-Etcd-Index: 4< X-Raft-Index: 516< X-Raft-Term: 0<{"action":"set","node":{"key":"/asdf","value":"foobar","modifiedIndex":4,"createdIndex":4}}

getting work to servers

scheduling

You

Scheduler API

Scheduler

Machine(s)

$ cat foo.service[Service]ExecStart=/usr/bin/sleep 500

$ fleetctl start foo.serviceJob foo.service launched on e1cd2bcd.../172.17.8.101

while true { todo = diff(desState, curState) schedule(todo)}

Talk tomorrow!fleet: systemd for clusters2:30pm Mississippi

Why use CoreOS?

is it ready?stable released

lots of work todo

the future

CoreOS: an introduction

Documents

Transcript of CoreOS: an introduction