2016
In the beginning…(2012)
The Go Landscape2012
Apcera PlatformThe Instance Manager
Instance ManagerState Machine Apocalypse
● Started out simple, but naive about the future● Few small libraries…● … but all integration logic was central
● 8 states● 53 function handlers
Existing Weight
● Ubuntu base OS● CAPS deployment● .deb packaging● Operational tooling
System Skew is a Problem
● Deploys non-atomic● Different lifecycle per host● Operational access
A New ModelKurma
● Minimize host dependencies● Everything is a container● Simple notions that could be easily extended● Simple, well defined APIs
What is Kurma made of?
Existing● Go + C
● App Container (AppC)
● Apcera’s existing instrumentation
Coming soon● Go + C
● AppC
● libcontainer based
● CNI for networking
What is Kurma made of?
Existing● Go + C
● App Container (AppC)
● Apcera’s existing instrumentation
Coming soon● Go + C
● AppC
● libcontainer based
● CNI for networking
Delivery
kurmad● Existing host
● Download and run
● Immediately benefit
● Depends on host kernel and libc
kurmaOS● Minimalist distro
● Services as containers
● A/B partition model
● Console is just a container
Delivery
kurmad● Existing host
● Download and run
● Immediately benefit
● Depends on host kernel and libc
kurmaOS● Minimalist distro
● Services as containers
● A/B partition model
● Console is just a container
KurmaProcess Model
KurmaStager Process
KurmaUser Processes
StagerPluggable Process Orchestration
● Responsible for instrumenting the pod● Packaged as a signed, trusted ACI image● Gets own mount and network namespace
Stager API
● Simplest unit of work: an executable● Setup via image ‘Exec’ setting● Other calls through expected executables
– /opt/stager/run
– /opt/stager/status
– /opt/stager/logs
– ...
KurmaReusable Unit
KurmaReusable Unit for Extensibility
Networking API
● ACI image● Passes along JSON configuration● Executes commands to setup networking on
other containers– /opt/network/add <ns> <container-id>
– /opt/network/del <ns> <container-id>
KurmaReusable Unit for Extensibility
/opt/stager/run cni /opt/network/add ...
KurmaExtensibility Through Reuse
KurmaExtensibility Through Reuse
KurmaExtending Boundries with Semantics
KurmaRemote API
Kubernetes + Kurma
Why?
● Kurma usage outside Apcera● Increased platform flexibility● Integrating with broader community
Kubelet
● Has existing Runtime interface● Rich interface for engine communication● Kubelet is a bit of a leaky abstraction● Workarounds for Dockerisms
Testing
● Mystical● Documentation gaps● Excellent Github/PR integration
Codebase
● Godep pains● “hack” directory?● Documentation gaps● Interface movement
Runtime.ConvertPodStatusToAPIPodStatus()
Kurmanetes
● Maturing Kurma based on Kubernetes needs– Pods
– Networking
– Image management
● Runtime abstraction nearly complete
Kurmanetes
● Done– Pod management
– Image retrieval and management
● Remaining– Landing Kurma’s pod/stager branch
– cAdvisor integration
– Integration testing
– Work towards improving the abstraction leaks
Questions?
Resources
Kurmakurma.io
github.com/apcera/kurma
@krobertson
We’re hiring for the Kurma team.