Nulecule: Packaging, Distributing and Deploying Multi-Container Applications the Cloud Way

ContainerCon North America 2016

Charlie DrageContainer Tools /

Project Atomic @ Red Hat

cdrage @http://projectatomic.io

Wait, what’s Project Atomic?

Lightweight OS designed with the sole purpose of deploying containerized applications

Container tools such as the Atomic CLI to deploy your applications

GUI tools such as the Cockpit Project to help manage

What’s the current problem?

Multiple standards in multi-container deployment orchestrators (Kubernetes, OpenShift, Docker Compose, Mesos, Nomad, Dokku, Flynn, etc..)

Even though…

We’re slowly converging to a single standard in the container front (single image and runtime spec) via the OCI (Open Container Initiative)

e.g. rkt + docker

https://www.opencontainers.org/

Nulecule && Atomic App

A simple way of deploying multi-container applications to provider-agnostic environments

Nulecule = specification

Atomic App = implementation

"Well, it all starts when a nulecule comes out of its nest...” - Homer

Issues with container distribution / orchestrationAs awesome as container orchestration tools are, (imo) they’ve got a high learning curve.

What distribution, parameterization methods?

How do I deploy a Kubernetes example as simple as `docker run -p 80:80 nginx`?

Containers galore

Over 941 different MariaDB containers on Docker Hub

So many varieties and yet only one that people should use

* Last checked August 3rd 2016

How we helpCreating a multi-container application for say, ex. Ops to deploy

Building a single image for deployment

Deploy and undeploy from multiple providers

Distributing parameterized apps

Composability to multiple orchestration providers

Atomic App is packaged into a single deployment container

Multi-container applications

ComposabilityImport and use an official container into your application

*Similar to “Docker Compose”

MetadataMost environment variables require some sort of change

Metadata and various orchestrators

Metadata: No common way to distribute metadata from ops to devs and vice-versa. Unable to provide environment variables at deployment time (have to specify in an .env file)

Orchestrators: Multiple deployment tools and file formats

Creating your first Nulecule file

It’s super easy! “Hello world”

Includes: specification, composability, distribution, parametrization, orchestrator agnostic

---specversion: 0.0.2id: helloapache-app

metadata: name: Hello Apache App appversion: 0.0.1 description: Atomic app for deploying a really basic Apache HTTP server location: docker.io/projectatomic/helloapache

params: - name: provider description: The specified default provider. default: kubernetes

graph: - name: helloapache-app params: - name: image description: The webserver image default: centos/httpd - name: hostport description: The host TCP port as the external endpoint default: 80 artifacts: docker: - file://artifacts/docker/hello-apache-pod_run kubernetes: - file://artifacts/kubernetes/hello-apache-pod.json marathon: - file://artifacts/marathon/helloapache.json

Another spec?

Let’s build an Etherpad example with MariaDB

Identifier and Specification

VersionGive the ID that will be used for import into different applications as well as the

current spec version

--- specversion: "0.0.2"id: etherpad-app

MetadataIncluded metadata available for

scraping

metadata: name: etherpad-app appversion: 0.0.1 description: Etherpad demo location: docker.io/user/etherpad-app

ParamsGlobal parameters

params: - name: provider description: Default provider default: kubernetes

GraphThe “bread and butter” of the Nulecule file format. Define application components and

dependencies.

graph: - name: mariadb-centos7-atomicapp ... - name: etherpad-app ...

Graph SourceImport an already pre-made

Nulecule application

graph: - name: mariadb-centos7-atomicapp source: docker://user/mariadb-atomicapp ...

Graph ParamsProvide the correct values at

deployment time

graph: ... - name: etherpad-app params: - name: image description: Container image default: centos/etherpad - name: hostport description: Host TCP Port default: 9001 - name: db_user description: Database User - name: db_pass description: Database Password - name: db_name description: Database Name - name: db_host description: Database hostname/IP default: mariadb - name: db_port description: Database service port default: 3306

Answers fileGraph parameters can be

pre-defined prior to deployment instead of “answered”

[general]provider = kubernetes

[etherpad-app]db_user = foodb_host = bar...

Graph ArtifactsMetadata templates for different orchestrators

graph: ... - name: etherpad-app params: ... artifacts: docker: ... kubernetes: - file://artifacts/kubernetes/etherpad-rc.yaml - file://artifacts/kubernetes/etherpad-svc.yaml openshift: - inherit: - kubernetes

Graph Params in kubernetes/etherpad-rc.yaml

Dollar sign variable replacement in each artifact

file

---apiVersion: v1kind: ReplicationControllermetadata: name: etherpad labels: name: etherpadspec: replicas: 1 selector: name: etherpad template: metadata: labels: name: etherpad spec: containers: - name: etherpad image: $image ports: - name: etherpad-server containerPort: $hostport env: - name: DB_HOST value: $db_host - name: DB_DBID value: $db_name - name: DB_PASS value: $db_pass - name: DB_PORT value: $db_port - name: DB_USER value: $db_user

Atomic AppReference implementation of Nulecule

Installer, manager, container builder, single command deployment

Create a Nulecule application in one

containerFROM projectatomic/atomicapp:0.6.1

MAINTAINER Red Hat, Inc. <container-tools@redhat.com>

LABEL io.projectatomic.nulecule.providers="kubernetes" \ io.projectatomic.nulecule.specversion="0.0.2"

ADD /Nulecule /Dockerfile README.md /application-entity/ADD /artifacts /application-entity/artifacts

Build your app on top of our Atomic App base image

DEMO

Learn more atProject: http://projectatomic.io

Github: http://github.com/projectatomic/nuleculehttp://github.com/projectatomic/atomicapp

IRC: #nulecule @ freenode

Mailing list: container-tools@redhat.com

Charlie Drage, @cdrage, cdrage@redhat.com