Orchestrated Container Solutions with Intel® Technologies
Das Kamhout explains how to create orchestrated containers for modernized infrastructures that enable greater efficiency, security and performance. Transcript starts: Today I’m going to talk to you about how Intel® architecture can help you modernize your applications and services using orchestrated containers with high efficiency, performance, and security. A significant portion of cloud service ...providers today are looking to deploy, or are already deploying containers to either create new differentiated services for new revenue streams or to have a modern approach for application delivery, which allows them to have new fast app delivery as well as app automation. There are still quite a few challenges in how we basically manage and deploy a container infrastructure, from how you choose the right infrastructure, whether it’s a new network layout, a new storage backend, or even just the type of system to choose. And if you’re running untrusted code on bare metal, security segmentation is a key concern. For a Cloud Service Provider deciding what kind what type of Container platform solution they are going to deploy, I would advise that you first look at what are you optimizing for - density, power, performance or total cost of ownership. Generally, we are seeing that very performant cores are optimum for container workloads, and a very flat network with low latency is key for data center scale. The second is around orchestration. Google who basically drove the container orchestration environment has a very intelligent system called Borg that basically decides where all the workloads go inside the data centers. Now there are quite a few solutions out on the industry from Kubernetes, Docker Swarm or Mesos that are helping you manage your container orchestration at scale. The third is around security. If you intend to run on a bare metal operating system with untrusted code, you want to be able to use some sort of security segmentation. Intel® Virtualization Technology (Intel® VT) which is used in virtual machines today can be used also with containers, and you can do that with investigating and piloting our Clear Container work. Using AVX (vector extension features), we have been able to significantly improve the speed of numerous programming languages, as well we have IA profiling tools that help you help optimize your containers running on Intel® architecture. We have also contributed to Kubernetes, one of the key containers orchestration solutions, with a technology called Intel® Resource Director Technology (Intel® RDT). This allows you to pinpoint noisy neighbors running on the platform and ensure that your high priority jobs get all the performance that they need at runtime. Our Intel® Cloud Integrity Technology (Intel® CIT) uses Intel® Trusted Execution Technology (Intel® TXT) to establish trust from the hardware up. This allows you to ensure that the entire solution stack is attested. One of the key challenges of running and deploying containers is security segmentation. We believe that you can use Intel® Virtualization Technology (Intel® VT) to establish that segmentation using our reference example, Clear Containers. With Clear Containers, you are able to utilize the isolation capabilities of virtual machines whilst still having the application agility of containers. Each container is basically separated by a security and visibility layer enabling a much more secure approach to running Containers. And Intel® Clear Containers can significantly reduce memory consumption as well as start-up time, making them comparable to traditional containers. With Intel® Xeon® Scalable processors, Clear Containers boot many times faster than a standard VM implementation. Intel is a technical leader in this space – we have been involved with Linux* containers since 2006 and as the leading Linux* Kernel maintainer, we are driving the technology forward. We have a significant number of passionate developers and architects working to contribute on these projects, ensuring you get the best performance and the lowest total cost of ownership running on Intel® technologies. We are looking into the future of Containers. At Intel, we’re focused on the orchestration layer to ensure that application developers and infrastructure operators can get all the value out of Intel® technology to achieve the lowest total cost of ownership and the highest performance without even thinking about it. If you would like to find out more about modernizing your infrastructure, please visit intel.com/CSP.