Upload
others
View
13
Download
0
Embed Size (px)
Citation preview
Martijn Baecke, Robbie Jerrom
CNA1699BE
#vmworld #CNA1699BE
Running Docker on your Existing Infrastructure with vSphere Integrated Containers
VMworld 2017 Content: Not fo
r publication or distri
bution
Robbie@robbiej
Martijn@baecke
#CNA1699BE CONFIDENTIAL 2
VMworld 2017 Content: Not fo
r publication or distri
bution
• This presentation may contain product features that are currently under development.
• This overview of new technology represents no commitment from VMware to deliver these features in any generally available product.
• Features are subject to change, and must not be included in contracts, purchase orders, or sales agreements of any kind.
• Technical feasibility and market demand will affect final delivery.
• Pricing and packaging for any new technologies or features discussed or presented have not been determined.
Disclaimer
#CNA1699BE CONFIDENTIAL 3
VMworld 2017 Content: Not fo
r publication or distri
bution
Agenda
1 Why are containers relevant?
2 What is Docker?
3 Containers on SDDC – Use Cases
4 Developer Self-Service
5 Live Demo
6 Q&A
#CNA1699BE CONFIDENTIAL 4
VMworld 2017 Content: Not fo
r publication or distri
bution
Not Too Long Ago Life Was Easy…
Apps!
Access to
virtual machine
for coding!
Users Developers
#CNA1699BE CONFIDENTIAL 5
VMworld 2017 Content: Not fo
r publication or distri
bution
Digital Transformation Drives Change…
Apps!
Access to
virtual machine
for coding!
Users Developers
Apps! Apps! More
Apps! Apps!
New features!
Apps! NOW!
APIs! DevOps!
Containers!
Control the
infrastructure!
#CNA1699BE CONFIDENTIAL 6
VMworld 2017 Content: Not fo
r publication or distri
bution
Developers’ Pyramid of Needs
Performance
Scalability
Availability
Security
Manageability
Functional Differentiation
What the developer today care about – i.e. functional differentiation
What the platform should provide to applications - i.e. the things that deliver service level
#CNA1699BE CONFIDENTIAL 7
VMworld 2017 Content: Not fo
r publication or distri
bution
DevOps
Digital Transformation
Business Applications Infrastructure
#CNA1699BE CONFIDENTIAL 8
VMworld 2017 Content: Not fo
r publication or distri
bution
App
DataAnalysis
The Speed of This Makes a Competitive Advantage
#CNA1699BE CONFIDENTIAL 9
VMworld 2017 Content: Not fo
r publication or distri
bution
The Perfect Storm : Confluence of Four Forces
#CNA1699BE CONFIDENTIAL 10
VMworld 2017 Content: Not fo
r publication or distri
bution
Docker 101 : The Basics
#CNA1699BE CONFIDENTIAL 11
VMworld 2017 Content: Not fo
r publication or distri
bution
Docker Adoption
#CNA1699BE CONFIDENTIAL 12
VMworld 2017 Content: Not fo
r publication or distri
bution
What is Docker?
~# docker build my_app
~# docker push my_app
~#
“Docker is an open-source project that automates the deployment of applications inside software containers”
#CNA1699BE CONFIDENTIAL 13
VMworld 2017 Content: Not fo
r publication or distri
bution
Why Developers Love Docker?!
LightPortable FastPortable Lightweight Fast
… Standard Format That Integrates with Developer Tooling
#CNA1699BE CONFIDENTIAL 14
VMworld 2017 Content: Not fo
r publication or distri
bution
Docker Architecture
Docker Toolbox
docker (cli)
docker-machine
Linux
docker (engine)
c c c c
Docker Hub(Registry)
docker
images
#CNA1699BE CONFIDENTIAL 15
VMworld 2017 Content: Not fo
r publication or distri
bution
From Nothing to Running App in 3 Commands
Docker Toolbox
docker (cli)
docker-machine
Linux
docker (engine)
n
g
i
n
x
Docker Hub
docker
images
nginxnginx
docker-machine env default
docker pull nginx
docker run -d -p 8000:80 nginx
1
1
2
3
2
3
#CNA1699BE CONFIDENTIAL 16
VMworld 2017 Content: Not fo
r publication or distri
bution
But What Does Ops Need?
Security & Isolation
RichSLAsData
GovernanceGuaranteedResources
ManagementTooling
#CNA1699BE CONFIDENTIAL 17
VMworld 2017 Content: Not fo
r publication or distri
bution
OS
Hardware
Virtual Machine
Container
Solution for Dev Problem
Solution for Ops Problem
vSphere
Virtual Machine the Foundation for Containers
Best of both worlds
• Isolated & Secure• Flexibility• Manageable• Separation of duties
App
#CNA1699BE CONFIDENTIAL 18
VMworld 2017 Content: Not fo
r publication or distri
bution
#CNA1699BE CONFIDENTIAL 19
VMworld 2017 Content: Not fo
r publication or distri
bution
+
#CNA1699BE CONFIDENTIAL 20
VMworld 2017 Content: Not fo
r publication or distri
bution
NSX ESXi vSAN
Virtual Container Hosts Docker Container Hosts
Provisioning / Scheduling
Physical Infrastructure
Secu
rity
/ M
icro
-segm
ent
ation
Reg
istr
y
Secu
rity
Ma
nagem
ent C
Docker Engine
Linux Kernel
C C
Linux Kernel
C
Linux Kernel
C
Linux Kernel
C
vSphere Integrated Containers
• Docker API Compliant• Containers run as VMs• Application repackaging use case
• Self Service Docker Hosts• Simple micro services development and deployment
#CNA1699BE CONFIDENTIAL 21
VMworld 2017 Content: Not fo
r publication or distri
bution
Consumers & Providers in IT
Physical Infrastructure
VirtualInfrastructure
IaaS
PlatformServices
ApplicationDevelopers
Consumer
Provider
Docker Endpoint
Virtual Container Host Net
| Sec | Ops Visibility
#CNA1699BE CONFIDENTIAL 22
VMworld 2017 Content: Not fo
r publication or distri
bution
Docker compatible interface
Container management portal
Enterprise-class container registry
Familiarity of vSphere
No new tooling or technologies
Full enterprise-grade power of
Software-Defined Data Center
vSphere Integrated Containers – Enabling the Best of Both Worlds
vSphere Integrated Containers
#CNA1699BE CONFIDENTIAL 23
VMworld 2017 Content: Not fo
r publication or distri
bution
VCH
Container Endpoint
vSphere Integrated Containers – Operating Model
ESXi ESXi ESXi ESXi ESXi
VSAN
vCenter Server
NSX
C-VM
Container VM
nginx process
Linux Kernel
vic-machine-linux createdocker run –d –p 80:80 nginx
ESXi ESXiESXi
vSphere Cluster
C-VM
VM VM
VM VM
24
VMworld 2017 Content: Not fo
r publication or distri
bution
Containers on SDDCUse Cases
VMworld 2017 Content: Not fo
r publication or distri
bution
Containers on SDDC: Use Cases
• Modernize traditional apps• No refactoring
• Develop new 12-factor apps• App refactoring
Application Repackaging Cloud Native
• Enable developer agility• Self-service portal
Developer Sandbox
#CNA1699BE CONFIDENTIAL 26
VMworld 2017 Content: Not fo
r publication or distri
bution
Use Case Example:Developer Sandbox
Use Case Description:
• Ticketless development environment with IT governance and control
VMware Value Proposition:
• Enable developer agility on vSphere
• Efficient utilization via resource pools
• Simplified container framework deployment
• Enterprise-class registry (AD/LDAP, replication, content trust, scanning)
• Unified enterprise tooling with logging, monitoring
Customer Benefits:
• Enable developer agility
• Faster application time to market
• Docker and Kubernetes
27
VMworld 2017 Content: Not fo
r publication or distri
bution
Developer Sandbox – Real-world Example
• Developer self-service with VI Admin governance
– Developer consumes resources via Docker API/CLI
• Provides developers with self-service for applications not yet in the enterprise service catalog
– Rapid prototyping
• Run a full-fledged docker engine as a ContainerVM using vSphere Integrated Containers and the Docker API/CLI
– DCH are packaged in a docker image and can be instantiated on VIC like any other container
– DCH provides command-line options to enable/disable features of the docker engine
– All DCH packages are based on PhotonOS
• Source, dockerfiles and documentation available at github.com/vmware/vic-product
Docker Container Host
VIC Engine
C
Docker Engine
Linux Kernel
C C
docker run –p 12375:2375 –d vmware/dch-photon
#CNA1699BE CONFIDENTIAL 28
VMworld 2017 Content: Not fo
r publication or distri
bution
Live DemoEnd-user (developer) workflow
VMworld 2017 Content: Not fo
r publication or distri
bution
VMworld 2017 Content: Not fo
r publication or distri
bution
#CNA1699BE CONFIDENTIAL 31
Questions?
VMworld 2017 Content: Not fo
r publication or distri
bution
VMworld 2017 Content: Not fo
r publication or distri
bution