Académique Documents
Professionnel Documents
Culture Documents
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. 2-2
Agenda
Copyright
Copyright © 2017 Oracle © 2018,
and/or its affiliates. All Oracle and/or
rights reserved its affiliates. All rights reserved. 2-4
Oracle Strategy for Container Based Infrastructure
Deliver a container based capabilities that are complete, integrated and open
• Orchestration/Scheduling, CI/CD, Management/Operations, Analytics/Introspection
• With application development platform for serverless and microservices
Based on community driven open source technology
• Investing in open source communities and foundations (Kubernetes, Docker, CNCF) via
engineering resources, code contributions & sponsorship
Differentiated on quality of service and operational excellence
• Full, transparent management
• Deployed to Oracle Cloud Infrastructure
• Enterprise grade security, HA and governance
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. 2-5
Oracle & Open Source and Community for Containers
Oracle’s participation in open source community
• Active Participation – Cloud Native Compute
Unforked
Foundation and Kubernetes fn Open Source
• No forked code – straight from the source
• Continue precedence of Java, MySQL, Linux
Lead by example Active
• Oracle software on Docker Store Community
Participation
• Kubernetes engineering in CNCF
Innovate in open source
• Utilities like K8S installer, smith, railcar, crashcart Innovation in
Sponsor & contribute to key conferences Open Source
smith crashcart railcar
• DockerCon, Kubecon, CoreOS Fest, others
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. 2-6
Container Native Application Development Capabilities
Build, Deploy, Operate Container Based Applications
OCI Container Engine for Kubernetes (OKE) Fully Managed Standard Kubernetes Service
Oracle Cloud Infrastructure Registry (OCIR) Docker Compliant Container Image Registry
Fn Project
Open Source Serverless Functions Framework
Copyright
Copyright © 2018, Oracle and/or its©affiliates.
2018, All Oracle and/or its
rights reserved. affiliates. All rights reserved. 2-7
Oracle Cloud Infrastructure and Kubernetes
Roll Your Own, Pre-Built Installer, Managed Service
IaaS CaaS
Key Highlights
• Highly available Kubernetes cluster configured in
your OCI tenancy and compartment
• Creates VCN, subnets, LBs and instances for
control plane
• Specify number and shape of nodes for your cluster
• Scale your cluster as needed
Available on Oracle Github!
Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | 9
Kubernetes Challenges
Cluster Management
VM based Clusters and Nodes
HA - Masters/etcd
Encryption for Data in across multiple ADs
Transit (SSL) and at Rest Bare Metal Clusters and Nodes
Container Engine
Dashboard
Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | Confidential – Oracle Restricted 11
Detail: OCI Container Engine for Kubernetes and Registry
An Open, Fully-Managed Kubernetes Platform & Private Registry
Build
CI/CD
system Test
of choice
- ie Test
Jenkins, Test
OCI Registry OCI Container Engine for
Wercker,
Kubernetes
etc. Push
VCN
AD 1 AD 2 AD 3
LB
Exposed
Kubernetes Service PV K8S Cluster
VM
Node Pool
• End-to-end container Lifecycle • One Click Clusters • Full Bare Metal Performance
Management Combine Kubernetes with VM and
Simplify cluster setup
Build, test, deploy, operate BM shapes for raw performance
• Full REST API and CLI
• Registry Integration • HA Managed Control Plane
Create and scale clusters through
Full Docker v2 compatible registry full REST API • Multi-AD/Zone Support
for private images
• Built In Cluster Add-Ons Deploy resilient Kubernetes apps
• Standard Kubernetes
Kubernetes Dashboard, DNS & • Node Pools & Self-Healing
Deploy standard & open upstream Helm Clusters
Kubernetes versions for
compatibility • Open Standards Create and scale clusters of
different shapes; maintain cluster
• OCI Aware Integrated Plugins Docker Based Runtime size in face of node failures
Worker Node SSH Access
Persistent Storage • Team Based Access Controls
Load Balancing Control team access and
permissions to clusters
• Must have compute Instance Quota (Required) – to launch k8s worker nodes
in an AD or across ADs for HA
• Block Volume Quota – Only required if you want to create k8s persistent
volumes
• Load Balancer Quota – Only required if you want to distribute traffic between
worker nodes
• To use registry service, user is either a part of the admin group or part of a group to which
a policy grants the appropriate permissions
• allow group acme-viewers to inspect repos in tenancy - Ability to
see a list of all repositories in Oracle Cloud Infrastructure Registry belonging to the
tenancy
• allow group acme-managers to manage repos in tenancy - Ability to
perform any operation on any repository in Oracle Cloud Infrastructure Registry that
belongs to the tenancy (Pull an image, push an image, create/delete repos etc.)
• Note: repos are tenancy-level resources, policies controlling access to them need to
go into the root compartment (i.e., the tenancy).
• User needs to have an OCI username and auth token before being able to push/pull an
image.
Region Region
• You use Docker CLI to push/pull images to repos in OCI Code Name
• Create a Auth Token for User and copy it phx Phoenix
• Login into OCIR iad Ashburn
• docker login <region-code>.ocir.io fra Frankfurt
– <tenancy_name>/<username> lhr London
– Auth-token
• Find images in your local repository to be pushed to OCIR and tag it appropriately in the format
• <region-code>.ocir.io/<tenancy-name>/<repos-name>/<image-name>:<tag>
• docker tag 9f1191b287da iad.ocir.io/jamalarif/testing/tomcat:1.2
• Push your tagged image to OCIR
• docker push iad.ocir.io/jamalarif/testing/tomcat
• Similarly images can be pulled using docker pull
• docker pull <region-code>.ocir.io/<tenancy-name>/<repos-name>/<image-name>:<tag>
• docker pull iad.ocir.io/jamalarif/testing/tomcat:1.2
Oracle Cloud
Infrastructure
Use OKE, consume IaaS, i.e. Use OCIR, consume IaaS, i.e.
Compute, Storage, LB etc. Object Storage, Network
OCI - Container
Engine for Kubernetes OCI - Registry
Copyright
Copyright©©
2017,
2017,
Oracle
Oracle
and/or
and/or
itsits
affiliates.
affiliates.
AllAll
rights
rights
reserved.
reserved.|
Questions