Upload
casey-bisson
View
53
Download
0
Tags:
Embed Size (px)
Citation preview
Powering modern applicationsYour favorite code
Container-native infrastructure
Your favorite platforms
Our data center or yoursJoyent Public Cloud Joyent Container Service. We run our customer’s mission critical applications on container native infrastructure.
Private DataCenter SmartDataCenter is an on-premise, container run-time environment used by some of the world’s most recognizable companies.
Our data center or yoursJoyent Public Cloud Joyent Container Service. We run our customer’s mission critical applications on container native infrastructure.
Private DataCenter SmartDataCenter is an on-premise, container run-time environment used by some of the world’s most recognizable companies.
…and open source too!Fork me, pull me: https://github.com/joyent/sdc
Node.js enterprise support
Best Practices
PerformanceAnalysis
Core FileAnalysis
Debugging Support
Critical IncidentSupport
⚠
As the corporate steward of Node.js and one of the largest-scale production users, Joyent is uniquely equipped to deliver the highest level of enterprise support for this dynamic runtime.
The best place to run Docker
Portability From laptop to any public or private cloud
Great for DevOps Tools for management, deployment & scale
Productivity Faster code, test and deploy
Docker + Joyent
Docker Joyent
Images• Application centric • Sharable, re-usable, versioned • Growing tool ecosystem
• Machine centric • Limited tool ecosystem
Infrastructure
• Laptop-centric • Known, complicated security • Networking challenges • Hampered by base OS limitations
• Data center-centric • Proven security • Fantastic networking • Optimized for containers at scale
Docker on a laptop is easy• Single host simplifies container communication
• Networking focused on localhost access
• Development focus often ignores security risks
• Management costs are hidden in development time
• Performance expectations limited by development context, traded for convenience
Docker security is hard
–Travis CI’s Sven Fuchs
–Docker's Jérôme Petazzoni
Proprietary & Confidential Information © 2015 Joyent, Inc ‹#›.
:5432
:7711
:80
:443
:81
:80 :3306:80
:11311
:81
:85
Docker networking is hardNetwork implementation is host-centric, requiring port mapping, and port collision avoidance, making it difficult to connect containers on different hosts
10.0.9.25 10.0.9.2 10.0.9.77
Proprietary & Confidential Information © 2015 Joyent, Inc ‹#›.
Docker host proliferation sucksTraditional Docker cloud deployments require managing multiple containers and hosts (hardware or VMs)
Proprietary & Confidential Information © 2015 Joyent, Inc ‹#›.
The future is nowFor me, the next step in containerization is treating the datacenter, with all its containers, like one giant computer or server. Many applications today are really just distributed systems: Applications aren’t necessarily confined to just one container. We might have an application that consists of ten containers running together. We could have 1,000 applications running across 10,000 containers. Or we might have a single big data job that involves multiple, interdependent applications.
– Andreessen Horowitz’s Peter Levine
“
”a16z.com/2015/01/22/containers/
Linux + SmartOS
Linux SmartOS
Binary footprint
• Huge community of apps • Many apps are Linux-first or only • Problems are easy to Google
• Most of the same apps • Some apps have quirks • Problems are not easy to Google
Container optimization
• Known vulnerabilities • Poor filesystem • Limited networking support • Not built for containers
• Nearly ten years in production without incident
• Container-optimized filesystem: ZFS • Really sweet networking: Crossbow • Built for containers
LX branded zones
• The internet • Native Linux binaries • Linux syscall translation • SmartOS Kernel
Deploy that app
Nginx
PostgreSQL
Node
audiofprint
Nginx
PostgreSQL
Node
audiofprint
VM: 2 vCPU / 7.5GB RAM
VM-native Container-Native
Now scale it
PostgreSQLPostgreSQL
Nginx Node
audiofprint
Nginx Node
audiofprint
VM: 2 vCPU / 7.5GB RAMVM: 2 vCPU / 7.5GB RAM
VM: 2 vCPU / 7.5GB RAMVM: 2 vCPU / 7.5GB RAM
VM-native Container-Native
Nginx
PostgreSQL
Node audiofprint
Nginx
PostgreSQL
Node audiofprint
What’s that bill?
VM-native 4 VMs
8 containers
$0.560/hour $403.20/month
Container-native 0 VMs
8 containers
$0.315/hour $226.66/month
The best place to run containers. Making Ops simple and scalable.
SecurityManagement Networking IntrospectionPerformance Utilization
Introducing
Proprietary & Confidential Information © 2015 Joyent, Inc ‹#›.
Docker + Triton advantagesProduction grade security • Uncomplicated, proven secure environment for Docker
containers
High-speed, sophisticated networking • Wire-speed, user-defined VxLAN SDN overlay • Unique IP for each Docker container eliminates port
mapping and collisions • Virtualized on the server, no additional hardware required
Simplified management and debugging • Focus on containers, rather than infrastructure, with
single, elastic Docker host
Bare metal performance at cloud scale • OS-virtualized performance in secure containers • High density container packing enables unmatched
utilization • Elastic resource usage allows bursting workloads and
vertical scaling without reboots
SecurityManagement Networking IntrospectionPerformance Utilization
+
Remember Joyent for…• Proven container security
Run containers securely on bare metal in multi-tenant environments
• Bare metal container performance Eliminate the hardware hypervisor tax
• Simplified container networking Each container has its own IP(s) in a user-defined network (SDN)
• Simplified host management Eliminates Docker host proliferation
• Hybrid: your data center or ours Private cloud, public cloud, hybrid cloud, and open source