Liz Fong-Jones (方禮真) Profile picture
Oct 2, 2018 29 tweets 12 min read Read on X
I'm excited to see @alicegoldfuss's talk on container operations for the first time! #VelocityConf
@alicegoldfuss She's telling us about the idyllic picture painted by advertisements (for instance, for cars) with the fancy 0-60 numbers... vs. the tiny small words "laboratory setting" or "test track". #VelocityConf
That's how @alicegoldfuss feels about container talks. Presenter comes out and says "BAM, I will revolutionize your infrastructure? What's that? Run more than one container? No problem! [with shipping container images overlaid on cars]" #VelocityConf
"Is this why sysadmins are so mad?" @alicegoldfuss wants to see more "Docker WTFs" and fewer "Docker 101s". We need to be able to make better decisions about containers. And she calls herself "Edward DevOpsHands" #VelocityConf
She ran containers in prod since 2015 since Docker 0.6, paving the road behind them; and now she's on the k8s platform team at GitHub.

So to recap, what *is* a container? #VelocityConf
We have a host, which is a box, and an OS, which is a box, and a container daemon, which is a box, and on top of that you have containers WHICH ARE SMALLER BOXES.

But it's COMPLETELY LIES. -- @alicegoldfuss #VelocityConf
But to your kernel, they're all just running processes. python processes, ruby processes, and then the dockerd and kubelet. They're not hidden in boxes, they're processes like any others, born from tarballs, anchored to namespaces, controlled by cgroups. #VelocityConf
Containers are just a bunch of native linux features stapled together. There is no such singular concept in the kernel.

Namespaces determine what a process can see. cgroups determine what a process can use.

"I thought it was whales..." #VelocityConf
Four lessons to give us a better sense of whether containers are right for us:
(1) Containers have strengths when used for the right purposes -- for scaling stateless applications and making them portable and more easily revised/deployed. Data in, data out. #VelocityConf
(2) Disaster recovery. Avoids that developer's laptop that runs a critical piece of our infrastructure every day at 3am. We deploy our apps in the same way to the same places, making environments reproducible.

We can by default redeploy/restart even others' apps. #VelocityConf
(3) Development environments. We can run dev built applications in the same way as our production applications, and tear down cleanly afterwards.

And we don't have to repro on our laptop. #VelocityConf
Lesson number 2: containers have weaknesses:

Stateful apps [ed: like hairspray]. Databases, for instance. If you're not having billions of requests per second, you probably don't need to containerize databases.

You *can* get stability/recovery/provisioning BUT... #VelocityConf
It's cheaper to do that with a cloud provider doing that work with the right tooling for you! Even if it's more money to the cloud provider, it's cheaper than your development time to do things right.

Are you *sure* you want to do that in-house? #VelocityConf
There are some ways to handle this, such as using network-mounted storage backing containerized databases, but then you get network bound.

Or you can save the data locally, but then you get no benefits except sounding good on resume. #VelocityConf
"Seriously, consider going to the cloud for your databases. It will save you time and hardship. You didn't really want that HN blogpost anyways." --@alicegoldfuss #VelocityConf
Lesson 3: It's never "just" containers. Lots of decisions to make. How will you build your tarballs? You don't have to use docker in prod. Orchestration matters too. Managing clusters, SLOs, and automating your networking and access controls. #VelocityConf
Here are all your choices for k8s networking: calico, flannel, cilium, linkerd, istio, envoy...

and how many of them will survive the next few years? and will your engineers be able to submit bugs and patches? #VelocityConf
but now you have to integrate with your infrastructure. for instance, deployment. Do you need to build new integration and tooling? which will you fix first if they both break?

How are you going to monitor? provision? and *debug* the extra abstraction. #VelocityConf
You need processes for gradually rolling out the new platform to users; it'll take a year to get a container platform off the ground with just one service running on it.

and you'll be coping with a hybrid/chimera for a while. set your expectations accordingly. #VelocityConf
Lesson number 4 (final lesson) -- even if you're going to disregard the rest of Alice's advice and do "Kubernetes in the App Store.":

Containers need headcount. hypothetical "Why not just give it to ops?" #VelocityConf
Deploying containers is like building a new datacenter with a completely new software stack requiring a completely new team, not just adding one more jenkins to your pile of jenkins. #VelocityConf
Make sure you hire the right people -- ops specialists who know the skeletons, deployment folks who understand the landscape, tooling/glue writers, and monitoring/metrics specialists. Kernel engineers who can debug interactions. Networking specialists. #VelocityConf
Get people who understand infosec and build it in from the start. And developer advocates or internal sponsors who can get people to adopt. #VelocityConf
and you need, last, but not least, a product & project manager. When something fails, you need the breathing room and heatshielding.

You can pull these from other teams, but BACKFILL THEM or @alicegoldfuss will get mad at you for trying to be sneaky. She sees all. #VelocityConf
You need a team, not necessarily one person for each role, but 6-8 people in total ideally, and 4+ people at minimum. Oncall of less than 4 people is untenable and will cause your platform to plummet into the sea.

And give them space to experiment and succeed. #VelocityConf
[ed: this talk is so good and I wish I could also capture all of @alicegoldfuss's quips including about the LKML, but instead I just got the best concrete points]

Recap: benefits/drawbacks of containers, don't use them for stateful, use cloud providers instead #VelocityConf
And invest sufficiently in the team if you're building a container platform.

There's no one right answer to "should I run containers in prod?" If you have stateless services, a large platform, and lots of resources, go for it. #VelocityConf
If your databases have nicknames, you have a monolith, and a small team with no org support... don't. Unless you want to spite Alice.

Don't do it for the blog post. "it would be rad..." DON'T DO IT, yells @alicegoldfuss. #VelocityConf
"Containers are just a tool", says @alicegoldfuss. "They're a little tricky, but if you have a good team, you'll get there in the end." --@alicegoldfuss [fin and raucous applause] #VelocityConf

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Liz Fong-Jones (方禮真)

Liz Fong-Jones (方禮真) Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @lizthegrey

Oct 3, 2018
Final talk I'll be getting to at #VelocityConf before I dash to Toronto: @IanColdwater on improving container security on k8s.
@IanColdwater She focuses on hardening her employer's cloud container infrastructure, including doing work on k8s.

She also was an ethical hacker before she went into DevOps and DevSecOps. #VelocityConf
She travels around doing competitive hacking with CTFs. It's important to think like an attacker rather than assuming good intents and nice user personas that use our features in the way the devs intended things to be used. #VelocityConf
Read 36 tweets
Oct 3, 2018
My colleague @sethvargo on microservice security at #VelocityConf: traditionally we've thought of traditional security as all-or-nothing -- that you put the biggest possible padlock on your perimeter, and you have a secure zone and untrusted zone.
@sethvargo We know that monoliths don't actually work, so we're moving towards microservices. But how does this change your security model?

You might have a loadbalancer that has software-defined rules. And you have a variety of compartmentalized networks. #VelocityConf
You might also be communicating with managed services such as Cloud SQL that are outside of your security perimeter.

You no longer have one resource, firewall, loadbalancer, and security team. You have many. Including "Chris." #VelocityConf
Read 19 tweets
Oct 3, 2018
Leading off the k8s track today is @krisnova on migrating monoliths to k8s! #VelocityConf
@krisnova [ed: p.s. her ponies and rainbows dress is A+++]

She starts by providing a resources link: j.hept.io/velocity-nyc-2…

The problems we're solving:
(1) why are monoliths harder to migrate?
(2) Should you?
(3) How do I start?
(4) Best practices #VelocityConf
.@krisnova is a Gaypher (gay gopher), is a k8s maintainer, and is involved in two k8s SIGs (cluster lifecycle & aws, but she likes all the clouds. depending upon the day). And she did SRE before becoming a Dev Advocate! #VelocityConf
Read 29 tweets
Oct 3, 2018
Final keynote block: @lxt of Mozilla on practical ethics and user data. #VelocityConf
@lxt And also ethics of experimentation!

"just collect data and figure out later how you'll use it" doesn't work any more. #VelocityConf
We used to be optimistic before we ruined everything.

Mozilla also used to not collect data, and only had data on number of downloads, but its market share went down because they weren't measuring user satisfaction and actual usage. #VelocityConf
Read 25 tweets
Oct 3, 2018
Next up is @mrb_bk on why marketing matters. #VelocityConf
@mrb_bk Hypothesis: marketing >> code in terms of software adoption. [ed: and this is why I became a developer advocate!] #VelocityConf
You need to consider community early when developing a product.

Always ask, "Why do people matter?" "Why does adoption matter?" #VelocityConf
Read 17 tweets
Oct 3, 2018
Next up is @rogerm on O'Reilly's insights into trends with Radar. #VelocityConf
@rogerm They look at changes in search terms year on year; the two largest increases are k8s and blockchain. #VelocityConf
People are becoming less interested in broader topics and more interested in specific technologies e.g. pytorch. #VelocityConf
Read 5 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

:(