![Page 2: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/2.jpg)
1. Define problems2. Define vision of the solution3. How CoreOS is building solutions4. How you can get started
Agenda
![Page 3: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/3.jpg)
a server
It all started with...
![Page 4: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/4.jpg)
many servers
Then we got...
![Page 5: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/5.jpg)
VMs on our servers
Then we got...
![Page 6: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/6.jpg)
APIs around hosted VMs (cloud)
Then we got...
![Page 7: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/7.jpg)
even more servers
Which led to...
![Page 8: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/8.jpg)
The cloud made booting servers really easy.
Also… Moore’s law is still a thing.
Too Many Servers!
![Page 9: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/9.jpg)
Patching………………………..is hardDependency management........is hardManaging access ……………...is hardManaging workloads ………....is hardApp Lifecycle management .. ..is hardIdentifying security issues ......is hard
More Servers, More Problems
![Page 10: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/10.jpg)
More Servers == More Sysadmins
Servers
Sysadmins
1000
500
0
![Page 11: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/11.jpg)
1000
500
0
More Servers, More Problems
Servers
Sysadmins
![Page 12: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/12.jpg)
… before the rest of us did.
They solved many of these problems internally,and published some great papers.
Google needed more servers
![Page 13: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/13.jpg)
We started building it
CoreOS, Google, and the community...
are building the open-source version.
![Page 14: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/14.jpg)
#GIFEE
![Page 15: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/15.jpg)
Google’sInfrastructureForEveryoneElse
What is #GIFEE?
![Page 16: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/16.jpg)
"Fundamentally, it's what happens when you ask a software engineer to design an operations function."
--Ben Treynor SlossVice President, Google Engineering
founder of Google SRE
Google’s Infrastructure
![Page 17: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/17.jpg)
![Page 18: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/18.jpg)
Servers are not your pets
Servers are the new CPU Cores
Clusters are the new servers
What is #GIFEE?
![Page 19: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/19.jpg)
Evolution of Servers
![Page 20: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/20.jpg)
Clusters
Server Cluster
![Page 21: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/21.jpg)
Clusters
Process App
![Page 22: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/22.jpg)
Operating System Custom Linux
Distributed Consensus Chubby
Cluster Manager Borg
Monitoring BorgMon
RPC framework Stubby
Auth private
![Page 23: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/23.jpg)
Operating System Custom Linux CoreOS Linux
Distributed Consensus Chubby etcd
Cluster Manager Borg Kubernetes
Monitoring BorgMon Prometheus
RPC framework Stubby gRPC
Auth private Dex
Open Source
![Page 24: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/24.jpg)
“cluster operating system”
![Page 25: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/25.jpg)
Orchestration
State
Scheduler: Gets work to the servers
OS for Clusters
![Page 26: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/26.jpg)
Software manages servers
Software manages workloads
Declare what you want, it will become so
What is #GIFEE?
![Page 27: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/27.jpg)
workerkubelet
workerkubelet
workerkubelet
workerkubelet
workerkubelet
workerkubelet
workerkubelet
API +
scheduler
![Page 28: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/28.jpg)
workerkubelet
API +
scheduler
![Page 29: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/29.jpg)
API +
Scheduler+
worker
works on 1 node too
![Page 30: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/30.jpg)
Primary component of the Cluster OS
Fits our vision
Started by Google with over 10 yrs experience running Borg
![Page 31: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/31.jpg)
Centralized administration & orchestration
No more SSH
Yes, that even means your favorite config mgmt tool
What is #GIFEE?
![Page 32: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/32.jpg)
What is #GIFEE?
$ scp myapp host:/opt$ ssh host systemd-run /opt/myapp Don’t say HOW
![Page 33: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/33.jpg)
What is #GIFEE?
$ kubectl run myapp--image=quay.io/sym3tri/hello--replicas=1
$ kubectl get podsPOD IPmyapp-97wt8 10.2.29.3
say WHAT
![Page 34: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/34.jpg)
What is #GIFEE?
$ kubectl scale rc myapp--replicas=4
$ kubectl get podsPOD IPmyapp-97wt8 10.2.29.3myapp-f839d 10.2.29.4myapp-98b35 10.2.29.5myapp-e40ee 10.2.29.8
say WHATagain
![Page 35: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/35.jpg)
What is #GIFEE?
$ kubectl run myapp--image=quay.io/sym3tri/hello--replicas=1
$ kubectl get podsPOD IPmyapp-97wt8 10.2.29.3
say WHAT one more time
![Page 36: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/36.jpg)
![Page 37: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/37.jpg)
RC web-prod
select(env=prod,app=web)count=1
Pod
env=prodapp=web
![Page 38: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/38.jpg)
RC web-prod
select(env=prod,app=web)count=4
Pod
env=prodapp=web
Pod
env=prodapp=web
Pod
env=prodapp=web
Pod
env=prodapp=web
![Page 39: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/39.jpg)
automated != automatic
![Page 40: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/40.jpg)
Dependencies are isolated per app
Apps automatically migrate throughout the cluster
What is #GIFEE?
![Page 41: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/41.jpg)
All apps are “12-factor”
Configuration/Secret management
What is #GIFEE?
prodconfig
stagingconfig
![Page 42: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/42.jpg)
Consistent Deployment API
Deploy canary builds and experiments
Rolling Updates
What is #GIFEE?
![Page 43: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/43.jpg)
Load BalancedService
appv1
appv1
appv1
appv1
![Page 44: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/44.jpg)
Load BalancedService
appv1
appv1
appv1
appv1
appv2
![Page 45: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/45.jpg)
Load BalancedService
appv1
appv1
appv1
appv1
appv2
![Page 46: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/46.jpg)
Load BalancedService
appv1
appv1
appv1
appv1
appv2
![Page 47: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/47.jpg)
Load BalancedService
appv1
appv1
appv1
appv2
appv2
![Page 48: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/48.jpg)
Load BalancedService
appv1
appv1
appv2
appv2
appv2
![Page 49: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/49.jpg)
Load BalancedService
appv2
appv2
appv2
appv2
![Page 50: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/50.jpg)
C TeamB Team A Team
What is #GIFEE?
Mixed workloads (staging + prod)
Logically partitioned resources
![Page 51: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/51.jpg)
Trusted & Secure from the bottom up*
Only trusted code is executed
What is #GIFEE?
Cluster OS
Container Runtime
OS
Firmware & TPM
![Page 52: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/52.jpg)
Every {human,machine,process} is…authenticated & authorized
All communication is encrypted
What is #GIFEE?
workerkubelet
API +
scheduler
![Page 53: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/53.jpg)
Failure is expected and handled for…
- Services / Apps- Machines- Storage- Clusters- Regions
What is #GIFEE?
![Page 54: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/54.jpg)
Logging
Monitoring / Alerting
What is #GIFEE?
![Page 55: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/55.jpg)
Compatibility with existing tools
Work with other projects (Docker, Calico, Prometheus)
Incorporates lessons learned
#GIFEE vs Google Infra?
![Page 56: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/56.jpg)
Build for scale
Manage your apps, not servers
High Availability
New paradigm of infra/development
Why?
![Page 57: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/57.jpg)
We believe:
As #GIFEE becomes ubiquitous, the Internet becomes more secure overall
#GIFEE and Security
![Page 58: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/58.jpg)
Secure the Internet
CoreOS Mission
![Page 59: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/59.jpg)
Journey to #GIFEE
![Page 60: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/60.jpg)
Leverage prior work + standards
- Raft- Omaha Protocol- OIDC
Getting Started
![Page 61: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/61.jpg)
Start from the bottom
The Operating System
Securing The Internet
![Page 62: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/62.jpg)
Minimal Server OS + Automatic Updates
Requires:- Distributed consensus- Containers- Cluster computing
Securing The Internet
![Page 63: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/63.jpg)
In this new world we containerize all the things…
Containerize
![Page 64: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/64.jpg)
but…
Containerize
![Page 65: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/65.jpg)
“Every solution breeds new problems”
-Arthur Bloch
1つの問題解決 → 別の問題発生
More Containers, More Problems
![Page 66: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/66.jpg)
Problem #1- Secure & controlled
container distribution
More Containers, More Problems
![Page 67: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/67.jpg)
Problem #1- Secure & controlled
container distribution
More Containers, More Problems
Solution
![Page 68: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/68.jpg)
More Containers, More Problems
Problem #2- Docker security model- Docker coupling of
components
![Page 69: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/69.jpg)
More Containers, More Problems
Problem #2- Docker security model- Docker coupling of
components
Solution
![Page 70: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/70.jpg)
More Containers, More Problems
systemd
app
systemd
app
docker run redis
docker engine daemon
![Page 71: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/71.jpg)
Implementation:
Side Note: Spec vs Implementation
![Page 72: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/72.jpg)
Side Note: Spec vs Implementation
Specification:
https://en.wikipedia.org/wiki/ISO_668
![Page 73: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/73.jpg)
More Containers, More Problems
Problem #3- User Authentication
![Page 74: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/74.jpg)
More Containers, More Problems
Problem #3- User Authentication
Solution - Dex
![Page 75: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/75.jpg)
More Containers, More Problems
Problem #4- Really big containers
![Page 76: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/76.jpg)
More Containers, More Problems
Problem #4- Really big containers
Solution- Go- Buildroot- acbuild for ACIs
![Page 77: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/77.jpg)
github.com/brianredbeard/minimal_containers
NOOOOOOOOO!!!
Your container is 500MB !?
![Page 78: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/78.jpg)
Problems #5-11- Co-locating Containers- Intelligent Scheduling- Port Management- Segmenting workloads- Configuration Management- Secrets Management- Inconsistent Deployments
More Containers, More Problems
![Page 79: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/79.jpg)
Problems #5-11- Co-locating Containers- Intelligent Scheduling- Port Management- Segmenting workloads- Configuration Management- Secrets Management- Inconsistent Deployments
More Containers, More Problems
Solution
![Page 80: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/80.jpg)
More Containers, More Problems
Problem #12 Networking- Too many types of SDNs- IP per POD
![Page 81: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/81.jpg)
More Containers, More Problems
Problem #12 Networking- Too many types of SDNs- IP per POD
Solution- CNI
![Page 82: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/82.jpg)
More Containers, More Problems
Problem #13- Metrics- Monitoring- Alerting
![Page 83: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/83.jpg)
More Containers, More Problems
Problem #13- Metrics- Monitoring- Alerting
Solution- Prometheus
![Page 84: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/84.jpg)
More Containers, More Problems
Problem #14- Vulnerabilities inside
containers
![Page 85: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/85.jpg)
More Containers, More Problems
Problem #14- Vulnerabilities inside
containers
Solution
![Page 86: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/86.jpg)
![Page 87: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/87.jpg)
More Containers, More Problems
Problem #15- Visualize & configure
clusters
![Page 88: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/88.jpg)
More Containers, More Problems
Problem #15- Visualize & configure
clusters
Solution- Tectonic Console
![Page 89: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/89.jpg)
![Page 90: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/90.jpg)
More Containers, More Problems
Problem #16- Running on Bare Metal
![Page 91: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/91.jpg)
More Containers, More Problems
Problem #16- Running on Bare Metal
Solution- Ignition- coreos-baremetal- Tectonic baremetal
installer
![Page 92: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/92.jpg)
More Containers, More Problems
Problem #17- Inability to verify node
trust
![Page 93: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/93.jpg)
More Containers, More Problems
Solution- Distributed Trusted
Computing (DTC)
Problem #17- Inability to verify node
trust
![Page 94: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/94.jpg)
More Containers, More Problems
Problem #18- Persistent storage
![Page 95: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/95.jpg)
More Containers, More Problems
Solution- Torus
Problem #18- Persistent storage
![Page 96: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/96.jpg)
Kubernetes is the kernel, Tectonic is the distro.
tectonic.com @tectonic
![Page 97: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/97.jpg)
off-the-shelf #GIFEE
![Page 98: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/98.jpg)
Kubernetes Contributions
OIDC Authentication
RBAC Authorization
TLS Bootstrapping
rktnetes
2x Scheduler Performance
etcd 3 support
coreos-kubernetes
Bootstrap/Upgrade Simplification
![Page 99: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/99.jpg)
Future
More Management Tools
Expand platform support
Prometheus Enhancements
Federated Clusters
![Page 100: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/100.jpg)
Summary
Open-Source is key
Security is key
Updates are key
Containers
Orchestration
Automatic systems
![Page 102: More Containers, More Problemsevents.static.linuxfound.org/sites/events/files/slides/More Containers More...Then we got... APIs around hosted VMs (cloud) Then we got... even more servers](https://reader034.vdocument.in/reader034/viewer/2022050407/5f8454664ee3813ca26e0a30/html5/thumbnails/102.jpg)
We’re hiring in all departments! Email: [email protected] Positions: coreos.com/ careers
90+ Projects on GitHub, 1,000+ Contributors
OPEN SOURCE
CoreOS.com - @coreoslinux - github/coreos
Secure solutions, support plans, training + more
ENTERPRISE
[email protected] - tectonic.com - quay.io
CoreOS is Running the World’s Containers