Andrew Spyker@aspyker

Netflix Cloud Platform and OSS, ZeroToDocker, and containers

IntroductionThe Netflix Cloud PlatformZero to Docker overviewZero to Docker demoA look forward at operationalizing containers

Agenda

About me, road to Netflix● Working for IBM on Java/Middleware performance

○ Cloud & mobile deemed Enterprise Java benchmarks non-interesting○ Monolithic DB’s, resiliency and code updates not required

● Acme Air (Benchmark) FTW!○ Showed web/cloud scale

■ 4B+ per day mobile requests end to end, hundreds of nodes■ But, wasn’t operable

○ Rewrote using NetflixOSS libraries & services■ Now operable, with same levels of scale■ Also enabled Microservices and CI/CD■ Won Netflix Cloud Prize

About me, road to Netflix● Now that NetflixOSS was understood

○ Ported libraries & services to IBM middleware and cloud■ POC’s for Open Stack, Docker, Mesos, Kubernetes

○ Started to onboard and operate IBM SaaS businesses■ Most interestingly … IBM Watson

● 2014 - “Should I work on transforming horses into cloud unicorns or should I build the next cloud unicorn?”

● Joined Netflix in the cloud platform team○ Focusing on performance/scalability○ Also helping with architecture, containers, open source

@aspyker

ispyker.blogspot.

com

Elastic, Web and Hyper Scale Doing this

Not doing that

………

…

…

…

••••••••

…

Testing is only way to prove HA● Chaos Monkey

○ Kill instances in production - runs regularly● Chaos Gorilla

○ Kills availability zones (single datacenter)○ Also testing for split brain important

● Chaos Kong○ Kill entire region and shift traffic globally○ Run frequently but with prior scheduling

… …

➔ ➔

……

…

…

Cool, how do I get started?● Build the github code● Guess at the configuration

○ Good luck!○ Most NetflixOSS services designed for scale, not single server

● Read the github wiki● Ask questions on the Google groups● Took me weeks the first time

“½ of the problem with Netflix Open Source is the packaging” - James Govenor (Remonk)

ZeroToDocker to the Rescue!github.com/Netflix-Skunkworks/ZeroToDocker

Zero To Docker is a project to help accelerate the evaluation of NetflixOSS. The Docker images created are not intended to be used in production as is. The Docker images created are to allow for easier evaluation of the various NetflixOSS technologies, similar to many other published open source Docker images. Netflix continues to run our cloud deployments on virtual machines leveraging the deep IaaS support of Amazon EC2.

Demo time - What am I showing?

Mac OS X

Virtual Box

Ubuntu 14.04

single kernel

Con

tain

er #

1Fi

lesy

stem

+

proc

ess

Eur

eka

Con

tain

er

Zuul

Con

tain

er

Ano

ther

C

onta

iner

...

● Docker running instances○ Single kernel○ Contained processes

● A Microservices app and surrounding NetflixOSS services (Eureka/Zuul)

● Asgard management console

● Zookeeper and Exhibitor

What is available?From https://hub.docker.com/u/netflixoss/

● asgard● eureka● edda● sketchy● security monkey● exhibitor

● sample karyon application

● zuul● atlas● genie

How can I get these images?● You could build them

yourself from github

● Or you could get them pre-built from Dockerhub○ Trusted builds○ Built by Docker from

NetflixOSS built binaries

What have we learned from Z2D?● Easy for people to abuse containers

○ Monolithic VM replacements, sometimes worse● Build ecosystem is immature

○ Dockerhub is a good start○ Lacks features of full CI/CD system

● Features great for dev, poor for repeated deployment○ Layers build up, but can be reduced○ Localized bridge network

● It’s hard to go back to VM’s after using containers○ Seconds hard to replace with minutes

Why not production ready?● Demo was on single node (laptop)● Docker alone does not get you production deployment,

doesn’t handle○ Multi-host Networking○ Security groups and roles○ Log aggregation○ Storage management○ Job scheduling and auto scaling/recovery

● Many competing ecosystems growing to cover these