Professional Documents
Culture Documents
PI Cloud
PI Cloud
Aymen Hachicha
Mohamed Bouaziz
Malek Gana
Fatma Mrabet
2. Les Exigences :
● Haute Disponibilité
● Automatisation
● Virtualisation
● Orchestration
● Informatique utilitaire
3.
Les Solutions
Définition
contraintes
(Par rapport au document)
techniques
- Nuage V2
- VMware
- Parallels
Desktop
- Boîte
virtuelle
Oracle VM
- Station de
travail
VMware
- QEMU
- PC virtuel
Windows
- Microsoft
Hyper-V
- Virtualisation
RedHat
- Veertu pour
Mac
- KVM
Conteneurisation - Flexibilité - Docker.
- Fiabilité - Google
Kubernetes
Engine.
- Amazon
ECS.
- LXC.
- Container
Linux par
CoreOS.
- Microsoft
Azure.
- Google
Cloud
Platform
- Apache
Mesos.
- Infrastructures - OpenNebula
efficaces et durables.
- Apache
Mesos
- Jenkins
- TeamCity
- DeployBot
- GitLab
Automation :
✅ ✅ ❌ ✅
Automation
An open-source software
Orchestration :
✅ ✅ ✅
Kubernetes Openshift Docker Swarm
Virtualization :
KVM VMware Hyper-v
Containerization:
Docker AWS Google Amazon LXC Cont.core M.Azure A.Meso G.Cloud
Fargate K8s ECS Os s platorm
✅ ❌ ❌ ✅ ✅ ✅ ✅ ❌
engine
Open source ❌
Easy to set up ❌ ❌ ❌ ✅ ✅ ❌ ✅ ✅ ✅
Fits well with
✅ ✅ ✅ ✅ ✅ ❌ ✅ ✅ ✅
✅ ✅ ✅ ✅ ✅ ✅ ✅ ✅ ✅
CI/CD
Scaling up or
❌ ✅ ✅ ✅ ✅ ❌ ✅ ❌ ❌
down
Intuitive GUI
Easy ❌ ✅ ✅ ❌ ✅ ❌ ✅ ❌ ❌
✅ ❌ ❌ ✅ ✅ ❌ ✅ ✅
configuration
Cost ❌
Ansible:
• Created in 2012 by AnsibleWorks, acquired by RedHat in 2015.
• Developed in Python
• Operating systems: Linux, Unix, Mac OS, and Windows
• License: open source
• Commercial version: Ansible Tower.
• Architecture: agentless
• Language: Json, YAML
• Ansible Tower (formerly 'AWX') is a web-based solution that makes Ansible even more
easy to use for IT teams of all kinds
Pros:
● Simple/Easy-to-Learn
● Written in Python
● Agentless
● YAML-Based Playbooks
● Ansible Galaxy
Cons:
● UI is Lacking
● No Notion of State
● Nascent Windows Support
● Minimal Enterprise Support Experience
● A Newer Offering
source :https://www.upguard.com/blog/top-5-best-and-worst-attributes-of-ansible
● Architecture
Inventory :
• A list of managed nodes, also called “host file”.
• The most used formats are INI and YAML
Modules:
• Units of code (already existing) that Ansible executes:
• List of modules available on:
https://docs.ansible.com/ansible/2.9/modules/list_of_cloud_modules.html
Playbooks:
Written in YAML
• Not a script or a programming language, rather a model of
configuration or a process.
• Each playbook is composed of one or a list of Play
• The objective of a Play is the mapping between a group of hosts and a
set of roles using tasks
• A task is a call for an ansible module
• A list of example playbooks is made available to users
Roles
Les rôles permettent de charger automatiquement fichiers de configurations,
tasks, et des handlers basés sur une structure bien définie.
• Role Directory Structure:
• Chaque répertoire doit contenir un fichier main.yml
Liens utiles:
Documentation Ansible : https://docs.ansible.com/
• Installation Ansible:
https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.htm
l
What is Kubernetes ?
Kubernetes is an automation platform for application deployment, scaling, and management
of individual containers within multiple clusters.
Why kubernetes ?
It has all the capabilities to approach the critical concerns of any given microservice
architecture successfully.
Features of Kubernetes :
● Automated rollouts and rollbacks
● Service discovery and load balancing
● Storage orchestration
● Self healing
● Secret and configuration management
● Automatic bin packing
● Batch execution
● Horizontal scaling
● IPV4/IPV6 dual-stack
● Designed for extensibility
● It has self-healing abilities. It’s important to know that although by default, K8s do
come with self-healing abilities, but only for pods. But, a Kubernetes solution provider
may have further integration of self-healing layers to ensure application reliability.
● K8s draw underlying computing resources and allow developers to deploy workloads
to the entire cluster and not just a particular server.
● For a swift load-balancing, K8s provides individual IP addresses for every pod and a
single DNS name for a set of pods.
● Making way across Kubernetes’, because of its constant innovation and too many
additions, the landscape could be confusing for new users. The transition to
Kubernetes can become slow, complicated, and challenging to manage.
● Adapting to a new system with so many integrations and new technologies could be
overwhelming for some deployment processes.
● Kubernetes requires experience and extensive training for its debugging and
troubleshooting in due time.
● The benefits of K8s are in abundance, but reaching that level might consume a lot of
time, effort, and resources. Teams need to re-plan out their time to invest and
familiarize themselves with new processes and workflow.
KVM:
KVM converts Linux into a type-1 (bare-metal) hypervisor. All hypervisors need some
operating system-level components—such as a memory man
ager, process scheduler, input/output (I/O) stack, device drivers, security manager, a
network stack, and more—to run VMs.
KVM has all these components because it’s part of the Linux kernel. Every VM is
implemented as a regular Linux process, scheduled by the standard Linux scheduler,
with dedicated virtual hardware like a network card, graphics adapter, CPU(s), memory,
and disks.
Advantages of KVM:
● As the KVM system derives itself from Linux, it is quite a matured system.
to be used.
● Disadvantages :
KVM features:
● Security
● Storage
● Hardware support
● Memory management
● Live migration
● Performance and scalability
● Scheduling and resource control
● Lower latency and higher prioritization
Managing KVM
Why KVM ?
KVM scales better, orchestration better, performs better and supports a wider range
of hardware and, also, you can implement at ZERO cost and with a very powerful
web interface for management, from very little to very big company.
Solution Of the Managing infrastructure : Openstack
Architecture :
WHAT IS OPENSTACK?
OpenStack is a cloud operating system that controls large pools of compute, storage, and
networking resources throughout a datacenter, all managed and provisioned through APIs with
common authentication mechanisms.
A dashboard is also available, giving administrators control while empowering their users to
provision resources through a web interface.
OpenStack competes most directly with other open source cloud platforms,
including Eucalyptus and Apache CloudStack. Some also see it as an
alternative to public cloud platforms such as Amazon Web Services or
Microsoft Azure, and some smaller public cloud providers use OpenStack
as the native cloud platform.
Compute
NOVA
Compute Service
ZUN
Containers Service
Hardware Lifecycle
IRONIC
Bare Metal Provisioning Service
CYBORG
Lifecycle management of accelerators
²Storage
SWIFT
Object store
CINDER
Block Storage
MANILA
Shared filesystems
Networking
NEUTRON
Networking
OCTAVIA
Load balancer
DESIGNATE
DNS service
Shared Services
KEYSTONE
Identity service
PLACEMENT
Placement service
GLANCE
Image service
BARBICAN
Key management
Orchestration
HEAT
Orchestration
SENLIN
Clustering service
MISTRAL
Workflow service
ZAQAR
Messaging Service
BLAZAR
Resource reservation service
AODH
Alarming Service
Workload Provisioning
MAGNUM
Container Orchestration Engine Provisioning
SAHARA
Big Data Processing Framework Provisioning
TROVE
Database as a Service
Application Lifecycle
MASAKARI
Instances High Availability Service
MURANO
Application Catalog
SOLUM
Software Development Lifecycle Automation
FREEZER
Backup, Restore, and Disaster Recovery
API Proxies
EC2API
EC2 API proxy
Web frontends
HORIZON
Dashboard
SKYLINE
Next generation dashboard (emerging technology)
Docker is an open platform for developing, shipping, and running applications. Docker enables
you to separate your applications from your infrastructure so you can deliver software quickly.
● Security: Docker makes sure that applications that are running on containers are
completely segregated and isolated from each other, from a security point of view, by
granting us complete control over traffic flow and management.
● Simplicity and Faster Configurations; The way Docker simplifies the matters is one of
the key benefits of it. It gives flexibility to users to take their own configuration, put
that into the code, and further deploy it without any problems.
● CI Efficiency: With the help of a Docker, we can build a container image and can
further use that same image over every step of the deployment process.
● It does not provide any solution for data backup and recovery
FEATURES:
● Increase productivity
● Application Isolation
● Swarm
● Routing Mesh
● Services
● Security Management
ARCHITECTURE;
The Docker daemon (dockerd) listens for Docker API requests and manages Docker
objects such as images, containers, networks, and volumes. A daemon can also
communicate with other daemons to manage Docker services.
A Docker registry stores Docker images. Docker Hub is a public registry that anyone can use,
and Docker is configured to look for images on Docker Hub by default. You can even run your
own private registry.
An image is a read-only template with instructions for creating a Docker container.
A container is a runnable instance of an image. You can create, start, stop, move, or delete a
container using the Docker API or CLI.