Cloud 66 joined the Intel® Cloud Builders to work closely with Intel® to bring their amazing technology in the reach of our customers. Of course with the Cloud 66 “EasyOps for Dev” promise.
Intel® Cloud Builders brings together industry leading solutions providers to deliver a choice of optimised software-defined infrastructure solutions. The collaboration helps lower technical barriers and accelerates innovation for Cloud 66 customers.
Docker runtimes
At Cloud 66 we are running Docker in production for our customers since the beginning of the container era. Lots of things changed in the last four years. We got much better security models with Docker, schedulers and the swappable network- and container-runtime drivers.
You are in control to change your (micro) service oriented architecture to another runtime models. Intel releases his own runtime, Intel® Clear Container, which is compatible with the OCI Runtime Specification. The OCI Runtime Specification is part of the open container initiative.
Let’s talk about how we can leverage this technology with Cloud 66.
Clear Containers leveraging the isolation of virtual machine technology along with the deployment benefits of containers.
Key ingredients in the Clear Container model are:
- A fast and lightweight hypervisor. QEMU has been optimised to reduce memory footprint and improve startup performance.
- Optimisations in the kernel.
- Optimisations in systemd.
- Utilisation of the DAX “direct access” feature of the 4.0 kernel.
This enables the page cache and VM subsystems to be bypassed entirely, allowing for faster filesystem accesses (no copies!) and lower per-container memory usage. Optimisation of core userspace for minimal memory consumption.
Combined, these features improve the resource utilisation efficiency significantly. The launch times are so fast that a typical user would hardly be able to see the difference. Clear Containers offer enhanced security with speeds vastly superior to traditional VM technologies.
Requirements
If you are ready to deploy a Docker stack with Cloud 66 using Intel® Clear Container technology you need to know on which hardware you can deploy. Your target hardware should support Intel® VT technology. You can use VM’s provided by our supported Cloud providers, but the real power shines when you deploy your infrastructure on bare metal.
Luckily we integrate with Packet which provides Intel® hardware as a service. If you want to bring your own server, we have the option to deploy Intel® Clear Container technology using our feature called Registered Servers.
Let create a new Docker stack first.
Give our new Docker stack a name and add some services. In this case some pre-build images.
Next step is to setup the deployment to use Intel® Clear Container. Select configuration and edit the Deploy hooks.
We create a snippet to install Intel® Clear Container on every docker node you add to your cluster. The deploy hook looks like this:
production: after_docker: # Hook point - snippet: cloud66/clearcontainers # Hook type target: docker # Hook fields apply_during: build_only execute: true
Let us deploy our Stack in a production environment.
We must select the target cloud or deploy it on our own servers, using registered servers.
We choice Packet!
And we select a type 1 for testing our Clear Containers.
After we hit deploy, Cloud 66 will do all the heavy lifting. Provising the nodes, install Docker, Clear Containers and all the nice features Cloud 66 has to over.
You can check the server log and you see after Cloud 66 installed Docker the deploy hook install Intel® Clear Container. Whoop Whoop.
And the running container:
If you SSH to your server and run the command ps aux you can see that every container is no isolated by Intel® Clear Container technology. Every process is isolated using /usr/bin/qemu-lite-system-x86_64.
Using Intel Clear Containers with Cloud 66 gives your container infrastructure wings. With a simple deploy hook in your deployment you can use Intel Clear Containers right out of the box. Be the first to try it.
Final Note: Using Intel Clear Containers with Cloud 66 is still in beta stage, test your setup first in a staging environment before migrating to production.
Have fun!
Originally published at blog.cloud66.com on April 20, 2017.
