slides/0002-containers/index.html

<!doctype html>
<html>
	<head>
		<meta charset="utf-8">
		<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">

		<title>reveal.js</title>

		<link rel="stylesheet" href="dist/reset.css">
		<link rel="stylesheet" href="dist/reveal.css">
		<link rel="stylesheet" href="dist/theme/beige.css" id="theme">

		<!-- Theme used for syntax highlighted code -->
		<link rel="stylesheet" href="plugin/highlight/monokai.css" id="highlight-theme">
	</head>
	<body>
		<div class="reveal">
			<div class="slides">

				<section>
          <section data-markdown data-separator="---" data-separator-notes="^Note:">
            <textarea data-template>
              <u>Containers</u>
              <br/>
              <br/>
              Ameya Shenoy
              <br/>
              <a href="https://github.com/codingcoffee" target="_blank">@codingcoffee</a>
              Note:
              Feel free to heckle.
              Interupt me. Ask questions in the middle, makes this fun, I like it.
              Or you can wait till the end, but interactive is good

              I'll be talking about containers, their basic underlying working, their functionality how eYantra can benefit it
            </textarea>
          </section>
        </section>

				<section>
          <section data-markdown data-separator="---" data-separator-notes="^Note:">
            <textarea data-template>

              What is a container?

              Note:
              - feels like a VM
                - we can SSH into it
              - but its not a VM
              - cgroups and namespaces
                - been around since 2008, as c-groups in linux, this paved the path for containers later on
                - cgroups are used to control CPU and Memory
                - namespaces

              ---

              <img data-src="./images/cgroups.jpg"></img>

              ---

              <img data-src="./images/vm_vs_container.jpg"></img>
              <br/>
              VM Vs Container

              Note:
              - VM: dedicated resource
                Container: shared resources
              - No inconcistency issues
              - Demo container
                - cp -r /usr/bin/ .
                - cp -r /usr/lib/ .
                - cp -r /usr/lib64/ .
                - touch sample.txt
                - pwd
              - I dont think setting up a VM is that easy!
              - examples of container runtimes: firejail, lxc, docker

              ---

              Limitations of VM
                - versioning
                - replication
                - upgrades

              Note:
              - originally traditional servers, perfect replication not possible, multiple variables
                - os, os version, os deps and versions, application deps and versions
              - probelems
                - versioning: i setup test env today, and setup production tomorrow, there may be inconcistency in the OS level deps, which may cause incompatibility
                - upgrade:
                  - keeping all deps updated is important to avoid security vulns, but it comes at a cost of inconcistency
                  - security upgrades and patching needs to be done across all VMs, in docker only on host OS
                - replication: b/w qa and prod env, local dev, works on my machine, doesnt work in prod, dev work on mac books, prod is centos

              ---

              Containers
                - filesystem isolation
                - process isolation
                - device isolation
                - network isolation
                - scaling

              Note:
              - now containres, package entire app, incluing the OS level deps, makes it easy to deploy and have concistency in the environemnts

              - now:
                - isolation
                  - fs: file:///home/cc firefox demo, iso apps scannnig directories they are not supposed to, like chrome
                  - process: app 1 isnt aware about app b running
                    - d run -it --rm --name nginx nginx:alpine
                    - d exec -it nginx sh
                  - device: GPU
                    - lxc exec steam -- sudo --login --user ubuntu bash
                      - nvidia-smi
                    - lxc exec matlab -- sudo --login --user ubuntu bash
                      - nvidia-smi
                  - network:
                    - d run -it --rm python:3.9.4-alpine3.13 sh
                    - d run -it --rm --network none python:3.9.4-alpine3.13 sh
                    - ping 1.1.1.1
                - scaling: better utilization of resources, resource allocation and sharing

              ---

              Kubernetes
                - 0 downtime upgrade <a href="https://nginx-blue-green.codingcoffee.me/" target="_blank">demo</a>
                - maintains state
                - scaling

              Note:
              - Production-Grade Container Orchestration Platform
              - Orchestration takes away a lot of operations workload from engg
              - SSL termination
              - Think of k8s as a knowledge base of all the best practicies for deployment of applications built at scale by Google

            </textarea>
          </section>
        </section>

				<section>
          <section data-markdown data-separator="---" data-separator-notes="^Note:">
            <textarea data-template>
              Refs
                - <a href="https://ieeexplore.ieee.org/abstract/document/7036275" target="_blank">To Docker or Not to Docker: A Security Perspective</a>
                - <a href="https://arxiv.org/abs/1501.02967" target="_blank">Analysis of Docker Security</a>
                - <a href="https://www.seltzer.com/margo/teaching/CS508.19/papers/merkel14.pdf" target="_blank">Lightweight Linux Containers for Consistent Development and Deployment</a>

              Note:
              - A few papers which I read, but I'd rather you practically use this stuff
            </textarea>
          </section>
        </section>

				<section>
          <section data-markdown data-separator="---" data-separator-notes="^Note:">
            <textarea data-template>
              Thanks for listening!
              <br/>
              <br/>
              <br/>
              <div style="text-align: left">
                <small>
                  <a href="https://gitea.codingcoffee.me/codingcoffee/slides" target="_blank">codingcoffee/slides</a>
                </small>
              </div>
              <div style="text-align: right">
                <a href="https://codingcoffee.dev/" target="_blank">Ameya Shenoy</a>
              </div>
            </textarea>
          </section>
        </section>
			</div>
		</div>

		<script src="dist/reveal.js"></script>
		<script src="plugin/notes/notes.js"></script>
		<script src="plugin/markdown/markdown.js"></script>
		<script src="plugin/highlight/highlight.js"></script>
		<script>
			// More info about initialization & config:
			// - https://revealjs.com/initialization/
			// - https://revealjs.com/config/
			Reveal.initialize({
				hash: true,
        slideNumber: 'c/t',
        // showNotes: true,

				// Learn about plugins: https://revealjs.com/plugins/
				plugins: [ RevealMarkdown, RevealHighlight, RevealNotes ]
			});
		</script>
	</body>
</html>
feat: conatienr presentation Signed-off-by: Ameya Shenoy <shenoy.ameya@gmail.com> 2021-08-10 07:00:18 +00:00			`<!doctype html>`
			`<html>`
			`<head>`
			`<meta charset="utf-8">`
			`<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">`

			`<title>reveal.js</title>`

			`<link rel="stylesheet" href="dist/reset.css">`
			`<link rel="stylesheet" href="dist/reveal.css">`
			`<link rel="stylesheet" href="dist/theme/beige.css" id="theme">`

			`<!-- Theme used for syntax highlighted code -->`
			`<link rel="stylesheet" href="plugin/highlight/monokai.css" id="highlight-theme">`
			`</head>`
			`<body>`
			`<div class="reveal">`
			`<div class="slides">`

			`<section>`
			`<section data-markdown data-separator="---" data-separator-notes="^Note:">`
			`<textarea data-template>`
			`<u>Containers</u>`
			`<br/>`
			`<br/>`
			`Ameya Shenoy`
			`<br/>`
			`<a href="https://github.com/codingcoffee" target="_blank">@codingcoffee</a>`
			`Note:`
			`Feel free to heckle.`
			`Interupt me. Ask questions in the middle, makes this fun, I like it.`
			`Or you can wait till the end, but interactive is good`
chore: update presentation Signed-off-by: Ameya Shenoy <shenoy.ameya@gmail.com> 2021-08-17 07:43:01 +00:00
			`I'll be talking about containers, their basic underlying working, their functionality how eYantra can benefit it`
feat: conatienr presentation Signed-off-by: Ameya Shenoy <shenoy.ameya@gmail.com> 2021-08-10 07:00:18 +00:00			`</textarea>`
			`</section>`
			`</section>`

			`<section>`
			`<section data-markdown data-separator="---" data-separator-notes="^Note:">`
			`<textarea data-template>`
chore: update presentation Signed-off-by: Ameya Shenoy <shenoy.ameya@gmail.com> 2021-08-17 07:43:01 +00:00
			`What is a container?`

			`Note:`
			`- feels like a VM`
			`- we can SSH into it`
			`- but its not a VM`
			`- cgroups and namespaces`
			`- been around since 2008, as c-groups in linux, this paved the path for containers later on`
			`- cgroups are used to control CPU and Memory`
			`- namespaces`

			`---`

			`<img data-src="./images/cgroups.jpg"></img>`

			`---`

feat: conatienr presentation Signed-off-by: Ameya Shenoy <shenoy.ameya@gmail.com> 2021-08-10 07:00:18 +00:00			`<img data-src="./images/vm_vs_container.jpg"></img>`
			`<br/>`
			`VM Vs Container`
chore: update presentation Signed-off-by: Ameya Shenoy <shenoy.ameya@gmail.com> 2021-08-17 07:43:01 +00:00
feat: conatienr presentation Signed-off-by: Ameya Shenoy <shenoy.ameya@gmail.com> 2021-08-10 07:00:18 +00:00			`Note:`
chore: update presentation Signed-off-by: Ameya Shenoy <shenoy.ameya@gmail.com> 2021-08-17 07:43:01 +00:00			`- VM: dedicated resource`
			`Container: shared resources`
			`- No inconcistency issues`
			`- Demo container`
			`- cp -r /usr/bin/ .`
			`- cp -r /usr/lib/ .`
			`- cp -r /usr/lib64/ .`
			`- touch sample.txt`
			`- pwd`
			`- I dont think setting up a VM is that easy!`
			`- examples of container runtimes: firejail, lxc, docker`
feat: conatienr presentation Signed-off-by: Ameya Shenoy <shenoy.ameya@gmail.com> 2021-08-10 07:00:18 +00:00
			`---`

			`Limitations of VM`
			`- versioning`
			`- replication`
chore: update presentation Signed-off-by: Ameya Shenoy <shenoy.ameya@gmail.com> 2021-08-17 07:43:01 +00:00			`- upgrades`
feat: conatienr presentation Signed-off-by: Ameya Shenoy <shenoy.ameya@gmail.com> 2021-08-10 07:00:18 +00:00
			`Note:`
			`- originally traditional servers, perfect replication not possible, multiple variables`
			`- os, os version, os deps and versions, application deps and versions`
			`- probelems`
			`- versioning: i setup test env today, and setup production tomorrow, there may be inconcistency in the OS level deps, which may cause incompatibility`
chore: update presentation Signed-off-by: Ameya Shenoy <shenoy.ameya@gmail.com> 2021-08-17 07:43:01 +00:00			`- upgrade:`
			`- keeping all deps updated is important to avoid security vulns, but it comes at a cost of inconcistency`
			`- security upgrades and patching needs to be done across all VMs, in docker only on host OS`
feat: conatienr presentation Signed-off-by: Ameya Shenoy <shenoy.ameya@gmail.com> 2021-08-10 07:00:18 +00:00			`- replication: b/w qa and prod env, local dev, works on my machine, doesnt work in prod, dev work on mac books, prod is centos`

			`---`

			`Containers`
			`- filesystem isolation`
			`- process isolation`
			`- device isolation`
			`- network isolation`
			`- scaling`

			`Note:`
			`- now containres, package entire app, incluing the OS level deps, makes it easy to deploy and have concistency in the environemnts`

			`- now:`
			`- isolation`
			`- fs: file:///home/cc firefox demo, iso apps scannnig directories they are not supposed to, like chrome`
			`- process: app 1 isnt aware about app b running`
			`- d run -it --rm --name nginx nginx:alpine`
			`- d exec -it nginx sh`
			`- device: GPU`
			`- lxc exec steam -- sudo --login --user ubuntu bash`
			`- nvidia-smi`
			`- lxc exec matlab -- sudo --login --user ubuntu bash`
			`- nvidia-smi`
			`- network:`
			`- d run -it --rm python:3.9.4-alpine3.13 sh`
			`- d run -it --rm --network none python:3.9.4-alpine3.13 sh`
chore: update presentation Signed-off-by: Ameya Shenoy <shenoy.ameya@gmail.com> 2021-08-17 07:43:01 +00:00			`- ping 1.1.1.1`
feat: conatienr presentation Signed-off-by: Ameya Shenoy <shenoy.ameya@gmail.com> 2021-08-10 07:00:18 +00:00			`- scaling: better utilization of resources, resource allocation and sharing`

			`---`

			`Kubernetes`
			`- 0 downtime upgrade <a href="https://nginx-blue-green.codingcoffee.me/" target="_blank">demo</a>`
			`- maintains state`
			`- scaling`

			`Note:`
			`- Production-Grade Container Orchestration Platform`
chore: update presentation Signed-off-by: Ameya Shenoy <shenoy.ameya@gmail.com> 2021-08-17 07:43:01 +00:00			`- Orchestration takes away a lot of operations workload from engg`
feat: conatienr presentation Signed-off-by: Ameya Shenoy <shenoy.ameya@gmail.com> 2021-08-10 07:00:18 +00:00			`- SSL termination`
chore: update presentation Signed-off-by: Ameya Shenoy <shenoy.ameya@gmail.com> 2021-08-17 07:43:01 +00:00			`- Think of k8s as a knowledge base of all the best practicies for deployment of applications built at scale by Google`
feat: conatienr presentation Signed-off-by: Ameya Shenoy <shenoy.ameya@gmail.com> 2021-08-10 07:00:18 +00:00
			`</textarea>`
			`</section>`
			`</section>`

			`<section>`
			`<section data-markdown data-separator="---" data-separator-notes="^Note:">`
			`<textarea data-template>`
			`Refs`
			`- <a href="https://ieeexplore.ieee.org/abstract/document/7036275" target="_blank">To Docker or Not to Docker: A Security Perspective</a>`
			`- <a href="https://arxiv.org/abs/1501.02967" target="_blank">Analysis of Docker Security</a>`
			`- <a href="https://www.seltzer.com/margo/teaching/CS508.19/papers/merkel14.pdf" target="_blank">Lightweight Linux Containers for Consistent Development and Deployment</a>`

			`Note:`
			`- A few papers which I read, but I'd rather you practically use this stuff`
			`</textarea>`
			`</section>`
			`</section>`

			`<section>`
			`<section data-markdown data-separator="---" data-separator-notes="^Note:">`
			`<textarea data-template>`
			`Thanks for listening!`
			`<br/>`
			`<br/>`
			`<br/>`
			`<div style="text-align: left">`
			`<small>`
			`<a href="https://gitea.codingcoffee.me/codingcoffee/slides" target="_blank">codingcoffee/slides</a>`
			`</small>`
			`</div>`
			`<div style="text-align: right">`
			`<a href="https://codingcoffee.dev/" target="_blank">Ameya Shenoy</a>`
			`</div>`
			`</textarea>`
			`</section>`
			`</section>`
			`</div>`
			`</div>`

			`<script src="dist/reveal.js"></script>`
			`<script src="plugin/notes/notes.js"></script>`
			`<script src="plugin/markdown/markdown.js"></script>`
			`<script src="plugin/highlight/highlight.js"></script>`
			`<script>`
			`// More info about initialization & config:`
			`// - https://revealjs.com/initialization/`
			`// - https://revealjs.com/config/`
			`Reveal.initialize({`
			`hash: true,`
			`slideNumber: 'c/t',`
			`// showNotes: true,`

			`// Learn about plugins: https://revealjs.com/plugins/`
			`plugins: [ RevealMarkdown, RevealHighlight, RevealNotes ]`
			`});`
			`</script>`
			`</body>`
			`</html>`