Archive

Archive for August, 2014

Linux containers, Docker, Flocker vs. server virtualization

August 31, 2014 1 comment
Analogy to Linux containers

Analogy to Linux containers

In the past if your goal was to isolate applications (from a memory, disk I/O, network I/O resource and security perspective) on a physical server you had one choice – run your application over a guest OS over a hypervisor.  Each VM had a unique guest OS on top of which you had binaries/libraries and on top of these your applications.  The flip side of this solution is that if you ran 50 applications on a physical server you needed 50 VMs over the hypervisor with 50 instances of guest OS.   Fortunately for developers, Linux containers had a recent resurgence and offer you another alternative.  If you are an application developer and want to package your source code in Linux containers with the goal of being able to run it on any bare metal server or on any cloud provider, Docker (a startup with less than 50 employees) offers you a way to make a Linux container easy to create and manage.

Benefits of Docker container technology:

  • No need for many different guest operating systems on the same server. Instead you run a Docker engine over a Linux kernel (v3.8 or higher) on a 64-bit server and run your apps on binaries/libraries running over the Docker engine. This allows you to do away with the relatively expensive VMware licensing per server.
  • Lower performance penalty than with traditional hypervisors (Red Hat KVM, Citrix Xen or VMware ESXi).

This is ideally suited for apps that are stateless and do not write data to a file system.  At a high level, Docker containers make it easy to package and deploy applications over Linux.  Think of a container as a virtual sandbox which relies on the Linux OS on the host server without the need for a guest OS.  When an application moves from a container in host A to a container in host B the only requirement is that both hosts must have the same version of the Linux kernel.

You may ask, how do containers differ from virtual machines?  Containers and virtual machines (VM) both isolate workloads on a shared host.  Some would argue that containers don’t provide the levels of security one could have with using a VM.  VMs also allow you to run a Windows app on a Linux kernel something which is not possible with Docker containers.  Container technology is actively used by Google so much so that Google  released  Kubernetes into the open source community to help manage containers.

Rather than follow the model of the taxi industry which bitterly attacked ride sharing startup Uber, VMware is taking the high ground and embracing Linux containers and its proponent Docker – perhaps recalling Nietzsche’s words “That which does not kill us makes us stronger.”

You may wonder  – why aren’t enterprises embracing containers and Docker?  One issue with Linux containers is that if your application in the container needs access to data, the database hosting that data has to be housed elsewhere.  This means the enterprise has to manage two silos – the container itself and the database for the container.  This problem could be solved by giving every application running in a container its very own data volume where the database could be housed.  ClusterHQ,  an innovative startup offers  “Flocker” – a free and open source volume and container manager for Docker which aims to make data volumes in Direct Attached Storage (DAS) portable.  ClusterHQ’s future roadmap includes continuous replication, container migration and Distributed Resource Scheduler (DRS) like services – which sound eerily similar to the capabilities offered by VMware vMotion or DRS – causing VMware to put the brakes on an all-out embrace of the Docker ecosystem.  Perhaps VMware strategists recalled Billy Livesay’s song “Love can go only so far”

Another startup Altiscale is looking into the problem of how to run Hadoop applications within Docker containers.  In view of all this we can be sure of one thing, Linux containers and Docker are here to stay and its just a question of when (not if) enteprises begin adopting this new way of achieving multi-tenancy on a physical server.

Network as a Service (NaaS) in the cloud

August 17, 2014 Leave a comment

Network as a Service

First there was IT as a service (IaaS), then Software as a Service (SaaS), then Platform as a Service (PaaS) and now Network as a Service (NaaS)?   A startup called CloudFlare is offering a next-gen Content Delivery Network (CDN) which accelerates 235,000 websites  but more specifically offers networking-as-a-service in the cloud using open source networking hardware and software from startup Pluribus Networks which replaced existing Juniper EX-series switches.  Pluribus offers its own network switch running a distributed network hypervisor on its own hardware (featuring Intel Xeon processors and Broadcom switch chips) or on a Supermicro MicroBlade platform.  Pluribus aims for the Top of Rack (ToR) use-case where many servers need to be networked together in a corporate datacenter.    However with Facebook open-sourcing “Wedge” (Linux based software stack in a ToR switch comprising 16 x 40GbE ports, merchant 40 Gb switching ASIC in a 1U rack space – and with no proprietary software) there is bound to be a move towards white-box switches from large datacenters like that of Facebook or Google down to smaller corporate datacenters.  The fact that Cisco and Juniper vehemently claim that Wedge is no threat to them reminds me of the quote from Shakespeare’s Hamlet: “The lady doth protest too much, methinks”.shakespeare JPEG

It is difficult to pigeonhole CloudFlare into any one bucket – as they offer a next gen CDN, handle 5% of the internet’s traffic using equipment located in 25 data centers worldwide, offer routing, switching, load balancing, firewall services, DDOS mitigation, performance acceleration – all as a cloud service.  Just as Amazon Web Services (AWS) made compute services in the cloud a concept we accept unquestioningly today, I think the time is right for Network as a Service.  Customers of CloudFlare include Reddit (which is sometimes described as a market-place of ideas impervious to marketers), eHarmony,  Franklin Mint and the site metallica.com.

Why do I think startups like CloudFlare will make a lasting impression on the internet?  For one it fascinated me to learn that CloudFlare got its datacenter in Seoul up and running without a single employee setting foot in Seoul.  A 6 page how-to-guide walked the equipment suppliers into what they needed to do to get the datacenter up and running to support the CDN and security services that CloudFlare offers its customer.  This gives new meaning to the term “remote controlled datacenter”.  The future is all about plug-and-play, low-touch and remote control.  The old world of buying high end hardware routers & switches, deploying them in a corporate data center, worrying about heat, floor-space and cooling  will all seem archaic some years from now.  CloudFlare will be one of the many innovators in this emerging area of Network as a Service and enterprise IT budgets will reap the resulting gains.

Categories: NFV, SDN, Shakespeare