Date post: | 24-Jan-2018 |
Category: |
Software |
Upload: | sergii-kryshtop |
View: | 146 times |
Download: | 1 times |
1CONFIDENTIAL
CONTAINERS IN MICROSOFT AZURE
Sergii Kryshtop, Software Engineering Manager, EPAM Ukraine
APRIL 13, 2017
2CONFIDENTIAL
ABOUT THE SPEAKER
Sergii has 12+ years of experience in software development (6+ years with EPAM).
He works with Microsoft Technology Stack and Azure cloud platform being
focused on software architecture and design, cloud services, software
engineering practices, delivery management and resource management.
During his carrier, Sergii has worked with both green field and legacy systems,
with both small teams working in one room and big ones involving 30 people from
three distant geo locations.
Sergii is passionate about technology, since it enables engineers to make
people’s life easier and better. He is also fond of management, since it helps
development teams transform the intangible ideas and lines of code into tangible
products, which altogether brings real value for business and people.
SERGII KRYSHTOP
EPAM Systems, Software Engineering
Manager
3CONFIDENTIAL
AGENDA
Containers: Main Benefits1
Build Docker image in Azure2
Publish Docker image in Azure 3
Run Docker container in Azure4
Alternatives to Docker containers in Azure5
5CONFIDENTIAL
CONTAINERS ARE LIGHTWEIGHT
SERVER
HOST OS
GUEST OS
HYPERVISOR (TYPE 2)
LIBRARIES
APP A
GUEST OS
LIBRARIES
APP B
VM
SERVER
HOST OS
LIBRARIES
APP A
LIBRARIES
APP B
CONTAINERS
• Containers are isolated but share OS
• Increase the compute density and
memory utilization
DOCKER ENGINE
7CONFIDENTIAL
• Containers are industry leaders in the time to start new instance
• Container spin time for new instance takes seconds
• Provisioning and starting new Virtual Machines takes from 5 to 20 minutes
SCALABLE BY DESIGN
8CONFIDENTIAL
• One micro service application = one container
• Granular fast scalability
• Similar experience on workstation and production
• Hybrid environments: deploy to cloud and on-premise
WHY CONTAINERS ARE GOOD FOR MICROSERVICES
CONTAINERS + MICROSERVICES
10CONFIDENTIAL
DOCKER PLATFORM
Docker Image Docker Container
Docker Engine
Registry Service (Docker Hub or Docker Trusted Registry)Cloud or server based storage and distribution service for images
12CONFIDENTIAL
• Available Docker Integration Build Task
• Docker Registry Credentials Management
• Docker Build command
• Docker Push command
• Docker Run command
• Run Docker commands
• Docker Compose support
• Requires private VSTS agent with Docker tools
VISUAL STUDIO TEAM SERVICES: BUILD
14CONFIDENTIAL
HOSTING DOCKER REGISTRY IN AZURE
Docker Hub with Microsoft Azure storage driver Uses Microsoft Azure Blob Storage for object storage.
Azure Container Registry Service Managed private Docker registry in Azure
Docker Registry on VMThe Registry is a stateless, highly scalable server side application that
stores and lets you distribute Docker images.
15CONFIDENTIAL
DOCKER HUB WITH MICROSOFT AZURE STORAGE DRIVER
dotnet builddocker build
Target VM
Git
Microsoft Azure Docker Hub
git pull
docker pushdocker pull
docker run
CI/CD server
Registry Storage
Read/Write Images
pull image
Docker Registry
16CONFIDENTIAL
• Store and manage container images across all types of Azure deployments
• Maintain Windows and Linux container images in a single Docker registry
• Use familiar, open-source Docker command line interface (CLI) tools
• Simplify registry access management with Azure Active Directory
• Pricing: Blob storage pricing model. No addition price for the Registry service
AZURE CONTAINER REGISTRY SERVICE
17CONFIDENTIAL
AZURE CONTAINER REGISTRY SERVICE
DOCKER REGISTRY API
AZURE STORAGE ACCOUNT (LRS)
PRIVATE CONTAINER (NAME OF REGISTRY)
BLOCK BLOBS
19CONFIDENTIAL
• Application Deployment, including rollouts and rollbacks
• Horizontal Scaling
• Self-healing
• Discovery and load balancing
• Configuration management
• Monitoring
CONTAINER ORCHESTRATION
CONTAINER ORCHESTRATION = CLOUD PLATFORM
20CONFIDENTIAL
CONTAINER ORCHESTRATION BASELINE ARCHITECTURE
Master
Master
App 1 App 2
App 3
App 1 App 2
Worker Node Worker Node
OrchestrationOrchestration
Orchestration
Services
Admin UI / CLI
Load Balancing
Application Users
21CONFIDENTIAL
• Optimized provisioning of open-source container
orchestration tools
– Kubernetes
– DC/OS
– Docker Swarm
• Full automation of all orchestration platform
components
• Compatible with standard open-source
orchestration API
• ACS is a free service that clusters Virtual Machines
(VMs) into a container
• Hybrid deployment for applications
AZURE CONTAINER SERVICE (ACS)
27CONFIDENTIAL
• Get more DTU density for given cost
• Databases runs in isolation
• Scale up/down database manually or using autoscale
SQL DATABASE ELASTIC POOL
SQL ELASTIC DATABASE POOL
eDTU POOL
29CONFIDENTIAL
• The most popular service for running Web and
API applications (including microservices)
• DevOps friendly
• Scale out within several minutes
• Supported languages: .NET, Java, Node.js, PHP,
and Python
• Monitoring and Integration with Application
Insight
• Docker image support is in preview
APP SERVICE / APP SERVICE PLAN
PROS
App Service Plan
VM1
Web App 1
IIS Site Web Site
Web App 2
IIS Site Web Job
VM2
Web App 1
IIS Site Web Site
Web App 2
IIS Site Web Job
AUTOSCALING
LOAD BALANCING
30CONFIDENTIAL
• No real isolation for each application. Applications runs in IIS Application Pool Process
• Scaling is focused on scaling VMs, but not the applications
• No control on per-application restrictions on consuming resources
• Internal load balancer only in Premium service App Service Environment
APP SERVICE / APP SERVICE PLAN
CONS
32CONFIDENTIAL
• Fully managed platform and programming model for microservices
• Proven platform used by Azure and other Microsoft services
• Run in Azure, on-premise or other clouds
• Introduce additional Actor programming model
• Java, Docker and Windows containers are in roadmap. Linux support Is in Preview
AZURE SERVICE FABRIC (ASF)
PROS
CONS
• Vendor lock on Platform and model
• On-premise support were released in 2016
• Need to develop expertise
34CONFIDENTIAL
• Development of Microservices Accelerators and Reference Architectures
– Java-based microservice reference architecture is ready
– .NET-based microservice reference architecture is in progress
• Azure Service Fabric
• .NET Core and Docker
• Learning from our production experience from different business units
– KB page to find all relevant materials on the topic
– YAMER group for contribution
EPAM EXPERIENCE
35CONFIDENTIAL
• Docker and Linux are the first-class citizens in Azure
• Microsoft wrap all Docker and Docker orchestration components with easy-to-use
services which allows to build full CI and CD solution in short time
• If you build microservices on Microsoft stack and not interested in Docker and open-
source orchestration, than Azure Service Fabric might be a good option to go
WRAP UP