Improve this article..
Container orchestration is the process of deploying containers on a compute cluster consisting of multiple nodes. Orchestration tools extend lifecycle management capabilities to complex, multi-container workloads deployed on a cluster of machines. By abstracting the host infrastructure, container orchestration tools allow the users deploying to entire cluster as a single deployment target.
The rise of lightweight and flexible containers, have given rise to new application architectures and fundamentally changed how applications are deployed and visualised today. The containerisation approach is to package the different services that constitute an application into separate compute containers, and to deploy those containers across a cluster of physical or virtual machines. With the rise of containerisation the need container orchestration all but obvious. As a definition,
Container orchestration is a process that automates the deployment, management, scaling, networking, and availability of container-based applications.
What's the process of Container Orchestration?
The process of deploying containers to multiple virtual machines or physical machines within a cluster to implement an application can be optimized through automation. This becomes more and more valuable as the number of containers and hosts grow. Container Orchestration envisions a number of features, some of which are mentioned below:
- Provisioning hosts
- Instantiating a set of containers
- Rescheduling failed containers
- Linking containers together through agreed interfaces
- Exposing services to machines outside of the cluster
- Scaling out or down the cluster by adding or removing containers
Where does container orchestration fit within the system stack?
- Service Management: Labels, groups, namespaces, dependencies, load balancing, readiness checks.
- Scheduling: Allocation, replication, resurrection, rescheduling, rolling deployment, upgrades, downgrades.
- Resource Management: Memory, CPU, GPU, volumes, ports, IPs.
What are some Container Orchestration tools available?
- Docker Swarm: Provides native clustering functionality for Docker containers, which turns a group of Docker engines into a single, virtual Docker engine.
- Google Container Engine: Google Container Engine, built on Kubernetes, lets you run Docker containers on the Google Cloud.
- Kubernetes: An orchestration system for Docker containers. It handles scheduling and manages workloads based on user-defined parameters.
- Mesosphere Marathon: Marathon is a container orchestration framework for Apache Mesos that is designed to launch long-running applications.
- Amazon ECS: The ECS supports Docker containers and lets you run applications on a managed cluster of Amazon EC2 instances.
- Azure Container Service (ACS): ACS lets you create a cluster of virtual machines that act as container hosts along with master machines that are used to manage your application containers.
- Cloud Foundry’s Diego: Container management system that combines a scheduler, runner, and health manager.
- CoreOS Fleet: Container management tool that lets you deploy Docker containers on hosts in a cluster as well as distribute services across a cluster.
Which container orchestration tool should I use?
It's been said that Kubernetes has been widely adopted, particularly for stateless, composable workloads. Marathon is designed for long-running apps. Marathon can handle persistent containers. Those offered by Google, Amazon and Microsoft may result in vendor lock-in: it may be difficult to move your app to another provider at a later point. If you wish to build your own Platform-as-a-Service (PaaS), take a look at Cloud Foundry.
What are some security considerations when working with container orchestration tools?
While many of the concerns when using containers are common to bare metal deployments, containers provide an opportunity to improve levels of security if used properly. Because containers are so lightweight and easy to use, it's easy to deploy them for very specific purposes, and the container technology helps ensure that only the minimum required capabilities are exposed.
Are there alternatives to managing containers without using an orchestration platform?
While orchestration platforms (Docket Swarm, Kubernetes) are easier to use, there are other alternatives that may suit some teams. Those with programming background could use shell scripting to customize to their requirements. The same can be said of those who use configuration management tools for deployment. On the other end of the scale, teams can simply subscribe to a Containers-as-a-Service (CaaS) for minimal maintenance. For example, Google Container Engine (GKE) abstracts away and manages Kubernetes master nodes for you.
What is Docker Swarm?
Swarm is Docker's own container orchestration tool. It uses the standard Docker API and networking, making it easy to drop into an environment where you're already working with Docker containers.
- Managers: Distribute tasks across the cluster, with one manager orchestrating the worker nodes that make up the swarm.
- Workers: Run Docker containers assigned to them by a manager.
- Services: An interface to a particular set of Docker containers running across the swarm.
- Tasks: The individual Docker containers running the image, plus commands, needed by a particular service.
- Key-value store: Tools such as etcd, Consul, or Zookeeper storing the swarm's state and providing service discoverability.
What is Kubernetes?
Kubernetes was launched based on Google's experience of running workloads at huge scale in production. It's not an open sourcing of Borg, their internal container orchestration system, but draws on lessons Google learned from running Borg. Here's what makes up a Kubernetes cluster:
- Master: By default, a single master handles API calls, assigns workloads and maintains configuration state.
- Minions: The servers that run workloads and anything else that's not on the master.
- Pods: Units of compute power, made up of one or a handful of containers deployed on the same host, that together perform a task, have a single IP address and flat networking within the pods.
- Services: Front end and load balancer for pods, providing a floating IP for access to the pods that power the service, meaning that changes can happen at the pod level while maintaining a stable interface.
- Replication controllers: Responsible for maintaining X replicas of the required pods.
- Labels: Key-value tags (e.g. "Name") that you and the system use to identify pods, replication controllers, and services.
What is Apache Mesos?
Apache Mesos is an open source cluster manager that simplifies the complexity of running tasks on a shared pool of servers. Originally designed to support high-performance computing workloads, it consists of:
- Master daemon: The mesos-master service runs on a master node and manages slave daemons.
- Slave daemon: The mesos-slave service runs on each slave node to run tasks that belong to a framework.
- Framework: An application definition consisting of a scheduler that registers with the master to receive resource offers, along with one or more executors to launch tasks on the slaves.
- Offer: The list of a slave node’s resources. Each slave node sends offers to the master, and the master provides offers to registered application frameworks.
- Task: The unit of work scheduled by a framework to be executed on a slave node.
- Apache ZooKeeper: The software used to coordinate the collection of master nodes.
- AWSforBusiness. 2017. "What is container orchestration?" AWSforBusiness, October 24. Accessed 2018-07-05.
- Ankerholz, Amber. 2016. "8 Container Orchestration Tools to Know." Linux.com, April 12. Accessed 2018-07-04.
- Gill, Navdeep Singh. 2018. "DevOps Tools, CI/CD, Testing and Latest Trends." Blog, XenonStack, February 01. Accessed 2018-07-05.
- Hecht, Lawrence. 2016. "TNS Research: The Present State of Container Orchestration." The New Stack, June 13. Accessed 2018-07-05.
- Isenberg, Karl. 2016. "Container Orchestration Wars." SlideShare, June 22. Accessed 2018-07-05.
- Lloyd, Caleb. 2017. "Kubernetes in the Cloud: AWS vs. GCP vs. Azure." Codefresh, July 21. Accessed 2018-07-05.
- MSV, Janakiram. 2016. "From Containers to Container Orchestration." The New Stack, May 11. Accessed 2018-07-04.
- MongoDB. 2018. "Containers and Orchestration Explained." MongoDB, July 04. Accessed 2018-07-04.
- Mónica, Diogo. 2017. "Least Privilege Container Orchestration." Docker Blog, October 11. Accessed 2018-07-05.
- Pott, Trevor. 2018. "Container orchestration top trumps: Let's just pretend you don't use Kubernetes already." The Register, March 13. Accessed 2018-07-05.
- Revell, Matthew. 2016. "Introduction to Container Orchestration." DZone, August 01. Accessed 2018-07-04.
- Yegulalp, Serdar. 2018. "What is Kubernetes? Container orchestration explained." InfoWorld, April 04. Accessed 2018-07-04.