Chapter 2: Container Orchestration


With container images, we confine the application code, its runtime, and all of its dependencies in a pre-defined format. And, with container runtimes like runC, containerd, or rkt we can use those pre-packaged images, to create one or more containers. All of these runtimes are good at running containers on a single host. But, in practice, we would like to have a fault-tolerant and scalable solution, which can be achieved by creating a single controller/management unit, after connecting multiple nodes together. This controller/management unit is generally referred to as a container orchestrator. What are Containers?

  • portable, isolated virtual environments for applications to run without interference from other running applications.

  • encapsulate microservices and their dependencies but do not run them directly. Containers run container images.

What are Microservices?

  • lightweight applications with specific dependencies, libraries and environmental requirements

What is a Container image?

  • bundles the application along with its runtime and dependencies, and a container is deployed from the container image

What is Container Orchestration?

  • Container orchestrators are tools which group systems together to form clusters where containers' deployment and management is automated at scale while meeting the requirements of:

    • Fault-tolerance

    • On-demand scalability

    • Optimal resource usage

    • Auto-discovery to automatically discover and communicate with each other

    • Accessibility from the outside world

    • Seamless updates/rollbacks without any downtime.

  • e.g. Amazon Elastic Container Service, Azure Container Instances, Azure Service Fabric, Kubernetes, Marathon, Nomad, Docker Swarm

Explain the reasons for doing container orchestration.

  • so you don't have to manually maintain containers

  • Most container orchestrators can:

    • Group hosts together while creating a cluster

    • Schedule containers to run on hosts in the cluster based on resources availability

    • Enable containers in a cluster to communicate with each other regardless of the host they are deployed to in the cluster

    • Bind containers and storage resources

    • Group sets of similar containers and bind them to load-balancing constructs to simplify access to containerized applications by creating a level of abstraction between the containers and the user

    • Manage and optimize resource usage

    • Allow for implementation of policies to secure access to applications running inside containers.

Discuss different container orchestration options.

  • container orchestrators can be deployed on the infrastructure of our choice - on bare metal, Virtual Machines, on-premise, or the public cloud. Kubernetes can be deployed on a workstation, with or without a local hypervisor such as Oracle VirtualBox, inside a company's data center, in the cloud on AWS Elastic Compute Cloud (EC2) instances, Google Compute Engine (GCE) VMs, DigitalOcean Droplets, OpenStack, etc

  • turnkey solutions which allow Kubernetes clusters to be installed, with only a few commands, on top of cloud Infrastructures-as-a-Service, such as GCE, AWS EC2, Docker Enterprise, IBM Cloud, Rancher, VMware, Pivotal, and multi-cloud solutions through IBM Cloud Private and StackPointCloud.

Discuss different container orchestration deployment options.

Last updated