44
현재 이미지를 표시할 없습니다. Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Container Cloud Service From Virtualization to Container 김태완 ([email protected]) Cloud Team 2017.02.01

Oracle Container Cloud Service & Docker Overview

Embed Size (px)

Citation preview

현재 이미지를 표시할 수 없습니다.

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

Container Cloud ServiceFrom Virtualization to Container

김태완 ([email protected])

Cloud Team2017.02.01

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

OracleContainerCloudService

Public 2

OraclePublicCloud- Compute

ManagementTool&Dashboard

DockerEngine

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.| 3

OracleContainerCloudServiceOraclePublicCloud에서컨테이너관리방안제공

Cloud&ContainerNative

EnterpriseOperationsReady

Built-InCollaboration

• 더커호환

• 원클릭스텍배포

• 레지스트리통합

• CI/CD파이프라인구성

• 운영대쉬보드제공

• 컨테이너상태점검기능

• 서비스스케일조절기능

• 오케스트레이션과스케줄링정책제공

• 리소스풀관리 – DEV,TEST,PROD

• Quickstart,BestPractive제공

• 통합 RESTAPI제공

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

완전한 UI지원

● 이미지 생성● 리소스 풀 정의● 레지스트리 제공

● 새로운 서비스 생성● 애플리케이션 스택 관리● 원클릭 스택 배포

● 배포 관리● 서비스 Scale-out 관리● 서비스 디스커버리 지원

● 서비스 상태 체크● 통합된 대쉬보드 제공● 인스턴스 모니터링 및 Audit

기능 제공

구성관리 애플리케이션배포

컨테이너오케스트레이션

운영관리

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

OracleContainerCS- UI

Public 5

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

Packaging/Pricing

OracleConfidential– Internal 6

ComputeCS(1ocpu) ContainerCS(1ocpu)NonMetered(month) $ 75 $75

Metered(hour) $0.1 $0.133

OCCS최소 사양: 2 ocpu• 1ocpu:managernode,1ocpu :workernode

:Workernode

:Managernode

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

FromVirtualizationtoContainer

Public 7

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

TheTop20repliesbyprogrammerswhentheirprogramsdonotwork• 20."That'sweird..."

• 19."It'sneverdonethatbefore."

• 18."Itworkedyesterday."

• 17."Howisthatpossible?"

• 16."Itmustbeahardwareproblem."

• 15."Whatdidyoutypeinwrongtogetittocrash?"

• 14."Thereissomethingfunkyinyourdata."

• 13."Ihaven'ttouchedthatmoduleinweeks!"

• 12."Youmusthavethewrongversion."

• 11."It'sjustsomeunluckycoincidence."

• 10."Ican'ttesteverything!"

• 9."THIScan'tbethesourceofTHAT."

• 8."Itworks,butithasn'tbeentested."

• 7."Somebodymusthavechangedmycode."

• 6."Didyoucheckforavirusonyoursystem?"

• 5."Eventhoughitdoesn'twork,howdoesitfeel?

• 4."Youcan'tusethatversiononyoursystem."

• 3."Whydoyouwanttodoitthatway?"

• 2."Wherewereyouwhentheprogramblewup?"

• 1."Itworksonmymachine."

Public 8

http://www.thenetworkadministrator.com/top20.htm

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

프로그램 오류 시 개발자의 반응: 순위 20..• 20.희안하네…

• 19.한번도이런적없었는데…

• 18.어제는잘됐는데…

• 17.이럴리없는데..

• 16.하드웨어문제입니다.

• 15.무슨짓을하셨길래..얘가이래요?

• 14.입력을잘못하셨네요

• 13.최근에전이모듈건드린적없습니다.

• 12.구버전이네요…

• 11.간혹이럴수있어요..

• 10.모든것을테스트할수는없습니다.

• 9.이문제가저것때문이라고는볼수없습니다.

• 8.잘될거에요..테스트해보지는않았지만

• 7.누가내코드건드렸나?

• 6.백신까셨어요?

• 5.안되는건알아요.어떠셔요?

• 4.그버전쓰시면안되요

• 3.왜그렇게돌려요?

• 2.프로그램이이렇게될때어디에있었나요?

• 1.제컴퓨터에서는잘동작합니다.

Public 9

http://www.thenetworkadministrator.com/top20.htm

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

프로그램 오류 시 개발자의 반응: 순위 20..• 20.희안하네…

• 19.한번도 이런적 없었는데…

• 18.어제는 잘 됐는데…

• 17.이럴리 없는데..

• 16.하드웨어문제입니다.

• 15.무슨짓을하셨길래..얘가이래요?

• 14.입력을잘못하셨네요

• 13.최근에 전 이모듈 건드린적 없습니다.

• 12.구버전이네요…

• 11.간혹 이럴 수 있어요..

• 10.모든것을테스트할수는없습니다.

• 9.이 문제가 저것 때문이라고는 볼 수 없습니다.

• 8.잘될거에요..테스트해보지는않았지만

• 7.누가 내 코드 건드렸나?

• 6.백신까셨어요?

• 5.안되는건알아요.어떠셔요?

• 4.그 버전 쓰시면 안되요

• 3.왜그렇게돌려요?

• 2.프로그램이이렇게될때어디에있었나요?

• 1.제 컴퓨터에서는 잘 동작 합니다.

Public 10

http://www.thenetworkadministrator.com/top20.htm

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

프로그램 오류 시 개발자의 반응: 순위 20..20.희안하네…18.어제는 잘 됐는데…13.최근에 전 이모듈 건드린적 없습니다.12.구버전 이네요…11.간혹 이럴 수 있어요..7.누가 내 코드 건드렸나?4.그 버전 쓰시면 안되요

1.제 컴퓨터에서는 잘 동작 합니다.

Public 11

http://www.thenetworkadministrator.com/top20.htm

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

프로그램 오류 시 개발자의 반응: 순위 20..• 20.희안하네…• 18.어제는 잘 됐는데…• 13.최근에 전 이모듈 건드린적 없습니다.• 12.구버전 이네요…• 11.간혹 이럴 수 있어요..• 7.누가 내 코드 건드렸나?• 4.그 버전 쓰시면 안되요

•1.제 컴퓨터에서는 잘 동작 합니다.

Public 12

소프트웨어의존성 관리 이슈

Library Other Softwares

Environment Variable

Third-Party module

Operating System

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

HellinDependency

Public 13

OS

Java

WEBLOGIC

webapp webapp

WebServerOracleDatabase

Cache

MessageQueue

Mail

MySQL….

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

PhysicalPartitioning

Public 14

OS

Java

WEBLOGIC

webapp webapp

WebServer

OracleDatabase

CacheMessageQueue

….

Hardware-Partitioning#1

OS

Hardware-Partitioning#2

OS

Hardware-Partitioning#3

OS

Hardware-Partitioning#4

OS

Hardware-Partitioning#5

Hardware

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

DependencyManagementofSoftwares

IsolationBetweenSoftwares

Public 15

Hardware OS

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

SoftwareDefined….

SoftwareDefinedInfrastructure

Public 16

- Virtualization-Hardware HostOS GuestOS

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

Cloud- Virtualization

Public 17

- IsolationUnit:OS

- GuestOS 규모: MaxCoresX1.5

- LoadingTime:6~8 min

- DistributionFramework

- Chef

- Puppet

- Ansible

- ProvisioningSoftwares:10min

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

Cloud– Virtualization

Public 18

장점 단점 or 개선안

- VM관리편의성증대

- Backup

- Failover

- Migration

- Recovery

- 완전한소프트웨어격리

- 배포프레임웍을이용한자동화

- VM시작시간단축

- Second단위

- 소프트웨어배포시간단축

- DevOps소프트웨어와연계강화

- OS이미지사이즈축소

- VM의불필요한부하제거

- 리눅스패지키매니저제공

- apt-get,yum

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

LinuxBootSequence

Public 19

애프리케이션시작 시간 단축

WithVM(OSType)?

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

Isolation&부팅시간단축

Forisolationofsoftware

ShouldOSberequired?

Public 20

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

IsolationTechnology

Public 21

기존 Isolation기술의 문제점: 어렵다

IsolationTechnology

- From1979

- Jail

- Zones

- LXC

- LinuxContainer

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

Docker등장 (fromgoogle,2013)

Public 22

사용하기 쉽고 마치 리눅스와 거의 유사한 환경을 제공하는 Container기술

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

PackageManager지원: apt-get,yum

의존성관리:이미지상속

이미지빌드가용이

Docker의등장: LXC+PackageManager+Library참조

빠른실행시간 < 1~3 seconds

DevOps툴지원: CI/CD파이프라인

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

TerminologyofDocker

24

DockerImage

DockerContainer

Dockerfile

DockerRegistry

DockerEngine

DockerHostServer

DockerHostServerDeveloperComputer

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

DockerImage구성요소

Public 25

• MinimizedOS (!=OperatingSystem)• PackageManager

• apt-get• yum• rpm

• Filesystem• LibraryManagement

• Software• 1개의 단일 소프트웨어 권장• Example

• Weblogic• Tomcat• OracleDB• Coherence

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

DockerImagesbyOracle

Public 26

https://github.com/oracle/docker-images

Dockerfile oforacleDB

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

제품생산에서선적까지

Public 27

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

Dockerization:Step1-개발

Public 28

Software개발 Sourcecode저장

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

Dockerization:Step2-이미지생성

Public 29

FROM ubuntu:16.04MAINTAINER TaewanKim<[email protected]>

RUN apt-getinstall-ycurlapt-utils git makebuild-essential&& pipinstall--upgradepip

ENV TFPYhttps://storage.googleapis.com/tensorflow/linux/cpu/tensorflow-0.12.0.whlRUN pipinstall--upgrade${TFPY3}RUN pipinstallnumpy && pipinstallmatplotlib &&pipinstalljupyter

COPY start-notebook.sh /usr/local/binRUN chmod 755/usr/local/bin/start-notebook.sh \&&chown -Rtaewan /usr/local/bin/start-notebook.sh

EXPOSE 8888ENTRYPOINT ["/bin/bash","start-notebook.sh"]

Dockerfile

>docker build -ttwjupyter:1.0.

ubuntu:16.04apt-getinstallTensorflowapt-getjupytershell

DockerImage

Developer’sComputer

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

Dockerization:Step3 -이미지등록

Public 30

>docker push taewanme/twjupyter:1.0ubuntu:16.04apt-getinstallTensorflowapt-getjupytershell

DockerImage

http://hub.docker.com

Developer’sComputer

DockerImage업로드

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

Dockerization:Step4-이미지다운로드

Public 31

>docker pulltaewanme/twjupyter:1.0ubuntu:16.04apt-getinstallTensorflowapt-getjupytershell

http://hub.docker.com

DockerHostServerDockerImage다운로드

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

Dockerization:Step5-컨테이너실행

Public 32

>docker run -idt taewanme/twjupyter:1.0�/bin/bash

ubuntu:16.04apt-getinstallTensorflowapt-getjupytershell

DockerHostServer

DockerHostServer’sFileSystem

DockerEngine

twjupyterContainer

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

Dockerization Flow

Public 33

개발 git버전관리

기본 이미지선택 이미지 빌드

이미지 등록at

docker registry이미지 다운로드 (@DockerHost)

컨테이너 로딩 (@Dokcer Host)

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

DockerCommanddocker pull

DockerCommanddocker run

TerminologyofDocker

Public 34

BaseImage Dockerfile DockerImage DockerRegistry

DockerEngine DockerContainer

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

DockerAutomation

Public 35

개발 git버전관리 이미지 빌드

이미지 등록at

docker registry이미지 재적재

컨테이너 리로딩

dev&commit webhook

이미지 빌드&

이미지 등록

webhook

docker registry docker engine

이미지 다운로드&

컨테이너 재시작

ContinuousIntegration&ContinuousDelivery

pullingcode pullingimage

ByAutomation

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

2016 – DockerBook

Public 36

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

2017 – DockerBook

Public 37

Network Clustering Orchestration Monitoring Structure Securing

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

Docker Management

Public 38

ContainerProcess장애

Docker호스트 장애

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

DockerClustering

Public 39

Swarm

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

OracleContainerCSArchitecture

OracleConfidential– Internal

NormalDocker환경 OCCS환경

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

OracleContainerCS의작업흐름

OracleConfidential– Internal 41

로컬개발

AppCode,Tests,DockerFile CertifiedBase

Docker Images

DockerAppImageRegistry

Test Staging Production

Docker Management&Control

DevCS ContainerCS

DockerRegistry-더커앱이미지저장-사용자사설레지스트리혹은공개리제스트리

DeveloperCS- 도메인중심의디자인- 버전관리툴로 GIT통합- 허스슨엔진,젠킨스플러그인지원- 코드리뷰및위키기능지원- OracleContainerCS사용시무료

ContainerCS- 더커엔진- 스택엔진기반툴- 강력한서비스디스커버리지원

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

오라클클라우드의 Container서비스

ContainerCSComputeCS ApplicationContainerCS

DIYContainerManagement

OracleManagedContainerService

Docker-basedCloudPolyglotPlatform

IaaS CaaS PaaS

42

Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|

Summary:OracleCloudforCloudNative

Public 43

PhysicalInfrastructure

VirtualInfrastructure

MinimalOS

ContainerEngine

ServiceDiscovery

Orchestration:Scheduling&ClusterManagement

Workflow/Management

Code

Tools

Infrastructure

Whatever…

DeveloperCS

ContainerCS

[email protected]