Admiral Calcote, also known as Lee Calcote (@lcalcote) or the Ginger Geek to his friends, gave a presentation titled, “Characterizing and Contrasting Container Orchestrators,” at the 2016 All Day DevOps conference.
Okay, he isn’t really an admiral—nor does anyone call him that—but he used the title “admiral” to describe what container orchestrators do, relating it to an admiral directing a fleet of container ships. You could also say that they are like the conductor of an orchestra, directing the individuals to work together as a group toward a common goal while each musician is still able to play their own instrument.
Lee is the head of Technology Strategy at SolarWinds, and for his talk, he discussed four open-source container orchestrators: Nomad, Swarm, Kubernetes and Mesos-Marathon.
He emphasized the obvious: There is no one perfect solution. Each organization is different, so for each solution, he looked at:
- Genesis and purpose
- Support and momentum
- Host and service discovery
- Scheduling
- Modularity and extensibility
- Updates and maintenance
- Health monitoring
- Networking and load balancing
- Secrets management
- High availability and scale
Lee noted that while there are many core capabilities, any orchestrator must have cluster management and scheduling.
He then dove deeper into the four solutions. Below are summaries (the full talk is chock full of information and is online here):
Nomad
- Designed for both long-lived and short-lived batch processing workloads
- Cluster manager with declarative job specifications
- Ensures constraints are satisfied and resource utilization is optimized by efficient task packing
- Supports all major OSs and workloads
- Written in Go and with a Unix philosophy
- Host discovery: Gossip protocol – Serf is used; servers advertise full set of Nomad servers to clients; creating federated clusters is simple
- Service discovery: Integrates with Consul
- Scheduling: two distinct phases – feasibility checking and ranking; optimistically concurrent; three scheduler types when creating jobs
- Uses task drivers to execute a task and provide resource isolation, but it does not support pluggable task drivers
- Built for managing multiple clusters/cluster federation
Docker Swarm 1.12
- Simple and easy to set up
- Architecture is not as complex as Kubernetes and Mesos
- Written in Go – lightweight, modular and extensible
- Strong community support
- Host discovery: used in the formation of clusters by the Manager to discover Nodes (hosts); pull model – worker checks in with the Manager
- Service discovery: Embedded DNS and round-robin load balancing
- Scheduler is pluggable and is a combination of strategies and filters/constraints
- Ability to remove “batteries”
- Rolling updates are supported
- Managers may be deployed in a highly available configuration, but does not support multiple failure isolation regions or federation
Kubernetes
- An opinionated framework for building distributed systems
- Written in Go and is lightweight, modular and extensible
- Led by Google, Red Hat and others
- Young – about 2 years old
- Robust documentation and community
- Scheduling is handled by kube-scheduler
- Pluggable architecture and an extensible platform
- Choice of database for service discovery or network driver and container runtime
- Supports rolling back deployments, automating deployments and rolling updating applications
- Inherent load balancing
- Uses Pods, an atomic unit of scheduling. Each pod has its own IP address, no NAT required and intra-pod communication via localhost
Mesos-Marathon
- Mesos is a distributed systems kernel
- Mesos has been around the longest (since 2009)
- Mesos is written in C++
- Marathon is a framework that runs on top of Mesos
- Mesos is used by Twitter, AirBnB, eBay, Apple, Cisco, and Yodle
- Marathon is used by Verizon and Samsung
- Mesos-DNS generates an SRV record for each Mesos task
- Marathon ensures that all dynamically assigned ports are unique
Wrapping up, Lee provided the following overview comparing the different container orchestration solutions.
Lee packed a tremendous amount of information into his talk. If you use containers, his talk is worth your time and is available online here. If you missed any of the other 30-minute long presentations from All Day DevOps, they are easy to find and available free of charge here. Finally, be sure to register you and the rest of your team for the 2017 All Day DevOps conference here. This year’s event will offer 96 practitioner-led sessions (no vendor pitches allowed). It’s all free and online Oct. 24.