Container Management Tools

Deploying applications has always been a headache for developers. Oldfags who managed to code in the days of Windows COM probably remember “DLL Hell” - a real nightmare for developers and system administrators. But although years have passed, the daily growing flow of new technologies often creates confusion and uncertainty.

In almost all cases of software development, the development environment is significantly different from the environment in which the application will actually work. The fact that different computers will be configured differently is obvious and predictable, but the different behavior of the application on these computers is unacceptable.

Given the difficulties described, container technologies have actually become a revolution in deployment, and developments such as Docker have led to an explosive growth in popularity. What do containers do? Allowed to deploy the software along with all the necessary dependencies and in the configuration necessary for the successful operation of the application in the user runtime environment. Thus, container images allow a “packaged”, ultimate runtime environment to be almost identical to the design environment, while avoiding costly emulation of the operating system.
')
The result is a very lightweight package, often starting only a few processes specific to the application. Such a package is easy to distribute, deploy and run on different instances. To sum up the above, the containers guarantee the same behavior of the application in different software environments.

This article is a brief overview of several important container management tools. If you plan to work with container technologies, you need to at least get acquainted with this set of applications.

This is not a detailed review, nor does it provide a comparison or evaluation. Treat it as a starting point in exploring container management tools. Below is a small list and a brief overview, hoping to help you choose the tools for further deeper exploration.

Docker

Docker is one of the most popular platforms. It is possible that Docker is the reason for the recent rise in the popularity of container technology (the technology itself is not so new, and has existed for more than 10 years).

Docker provides functionality for deploying and running container applications. Containers are somewhat reminiscent of virtual machines, but implemented at a higher level than the OS and with less isolation. Instead of packaging the entire operating system with all the necessary software, the containers only package the application and its direct dependencies. This is the basic concept implemented by Docker.

The Docker format is similar to a regular package, except that the package is standalone, and multiple copies can be run on the same host (or on different hosts). This approach maximizes resource utilization, improves performance and reduces application size. At the same time, Docker provides a high degree of isolation, limiting the problems of the application inside the container itself, without harming the machine.

Kubernetes

Docker is great for working with containers on a single host and provides all the necessary functionality for this purpose. But in today's realities of distributed services, an important task is the management of resources and workloads on servers and in complex infrastructures.

One such tool is Google Kubernetes. This unusual Greek word translates as "governor" or "commander". As the name suggests, Kubernetes undertakes the hard work of orchestrating (organizing) containers on many nodes, offering a large selection of useful functions.

Service Discovery

Recently, the ecosystem of container applications has grown along with the growing popularity of the architectural style of Microservices. The idea of ​​the Microservices Architecture is to divide a heavy monolithic application into small (semi) autonomous services that are interconnected in a distributed system. And since the number of services in such a system increases many times, there is no point in manually assigning and accounting for ports that applications “listen” on. It is more reasonable after the deployment of the container to assign the port automatically. And although this approach solves the problem of conflict between the ports, it also makes it impossible to search for the necessary service and provide it to other services.

The solution to this problem is Service Discovery technology. Service Discovery works as follows: at the time services are started, the distributed keys / values ​​are registered in the registry with an IP address and a port number where other services can easily find and call the necessary service.

Scheduler (Sheduler)

Another important function provided by Kubernetes is planning. The scheduler assumes the task of launching containerized applications, taking into account the available resources, current tasks and requests. In other words, the scheduler performs scaling, reassigning tasks to different hosts, and moving workloads between capacities in case of problems.
Thanks to many useful features and a large community, the popularity of Kubernetes has been growing rapidly lately.

CoreOS

CoreOS is a Linux-based operating system that comes bundled with the functionality necessary to deploy and launch container applications. Despite the relatively small load balancing capabilities, CoreOS is suitable for both single-server and cluster computing environments.

CoreOS looks like a serious competitor for other popular Linux distributions due to its built-in ability to work with containers and adapt to work with public cloud applications.

CoreOS began by using Docker as an additional level of abstraction — and as a standardized format for containers, but later released and maintains its own container engine, Rocket (rkt - keep reading).

Although CoreOS is open source software, a commercial version of the system called Tectonic is also available. Tectonic is “freemium,” its major advantage is the presence of the Kubernetes distribution for container orchestration.

Etcd

Developed by CoreOS, Etcd is an open source, lightweight, distributed key / value repository. Etcd provides applications with a robust data storage tool in a server cluster and allows them to respond accordingly to changes in values. It is used by Kubernetes as a central repository, where all cluster nodes can read / write configuration data, as well as to discover services (Service Discovery) and to control leader selection (Leader Election).

rkt

rkt is a container management platform for Linux clusters. Based on the design of your own OS and on the experience of interaction with Docker, CoreOS has developed a tool for creating, verifying and running container applications with isolation.

rkt, as an alternative to Docker, was released almost a year later and has since gained popularity. You can consider rkt as an improvement to Docker for at least two reasons:

- has more security, as it uses signature verification and default privilege sharing;

- provides portability: in addition to the ability to run Docker images, rkt is designed to launch App Container Images (ACI) images in the format specified in the open App Container Specification (appc).

Mesos

Apache Mesos is a kernel for distributed computing systems, built on the same principles as the Linux kernel, but with a different level of abstraction. Its main goal is to consolidate the computational resources of several physical or virtual machines with a high level of isolation and make them available to the central management service as if it were one large pool of resources. In a nutshell, Mesos allows you to use a cluster of servers as a single computing power.

By placing an agent that measures and reports on the availability of resources on each machine, Mesos can plan and organize the execution of tasks, as well as conduct checks on their performance. Thus, tasks are performed in parallel on several servers, whose available resources are treated as a single pool (the so-called Mesos Frameworks).

Consul

Consul is a distributed system that includes many operations, but Service Discovery and the provision of key / value storage are central to it.

As a service discovery tool, Consul allows applications to register as clients providing services, such as an API. Other systems can then contact Consul directly to search for available services. The built-in health check check provides the ability to take action when a threat occurs, for example, refusing to accept traffic from sites that fail the test.

As a key / value store, Consul provides applications with the ability to save configuration data by node and respond to changes to this data, as well as etcd. Consul, in addition, provides native support for multiple data centers, a more comprehensive health check system based on the gossip pool, its own service search pool and a web interface for monitoring services.

Google Container Engine

Google Container Engine (GKE) is a cluster manager and orchestration system for Docker containers. The open source system created by Google’s Kubernetes campaign can be used to:

• create, resize, and debug container clusters
• auto scaling applications
• creating and managing pods

Compared to Kubernetes, Google Container Engine provides an additional set of services for developers and system administrators. For example, load balancing, metric tracking and logging are provided by the GKE system.

AWS ECS

The analogue of Google's GKE, manufactured by Amazon, is EC2 container service (ECS). Like most of these services, ECS supports Docker and allows you to run containerized applications on Amazon's EC2 instances.

Like GKE, ECS is an actively managed service with many convenient features, including container deployment, scheduling, automatic scaling, load balancing, resource monitoring at the cluster level, and seamless interaction with the rest of the AWS stack. Although ECS works only on VPC (Amazon Virtual Private Cloud), the service itself is provided free of charge, so you only have to pay for using Amazon resources at the regular rate.

As advertising. These are not just virtual servers! This is a VPS (KVM) with dedicated drives, which can be no worse than dedicated servers, and in most cases - better! We made VPS (KVM) with dedicated drives in the Netherlands and the USA (configurations from VPS (KVM) - E5-2650v4 (6 Cores) / 10GB DDR4 / 240GB SSD or 4TB HDD / 1Gbps 10TB available at a uniquely low price - from $ 29 / month , options are available with RAID1 and RAID10) , do not miss the chance to place an order for a new type of virtual server, where all resources belong to you, as on a dedicated one, and the price is much lower, with a much more productive hardware!

How to build the infrastructure of the building. class c using servers Dell R730xd E5-2650 v4 worth 9000 euros for a penny? Dell R730xd 2 times cheaper? Only we have 2 x Intel Dodeca-Core Xeon E5-2650v4 128GB DDR4 6x480GB SSD 1Gbps 100 TV from $ 249 in the Netherlands and the USA!