Real-time Container Monitoring Best Practices

A presentation at DevOps.com webinar in January 2022 in by Daniel "phrawzty" Maher

Slide 1

Slide 1

Real-time Container Monitoring Best Practices Presented by AWS & Datadog

Slide 2

Slide 2

Today’s Speakers Daniel Maher Developer Advocate Datadog Igor Alekseev Data & Analytics Partner AWS

Slide 3

Slide 3

Agenda – Introduction & Session Overview – Containers at AWS – Real-world Containers Best Practices & Use Cases – What’s Next? – Audience Q&A

Slide 4

Slide 4

Poll Question What container runtime are you currently using? – Docker – Containerd – CRI-O – Other

Slide 5

Slide 5

Containers at AWS More options and power than ever before © 2022, Amazon Web Services, Inc. or its Affiliates.

Slide 6

Slide 6

What customers ask for Build applications, not infrastructure © 2022 Amazon Web Services, Inc. or its Affiliates. Manage infrastructure to their requirements Scale quickly and seamlessly Security and isolation by design

Slide 7

Slide 7

What are our customers building? © 2022, Amazon Web Services, Inc. or its Affiliates.

Slide 8

Slide 8

Applications Shared services platform Enterprise app migration Machine learning Mobile & web applications CI/CD .NET Classic Windows apps Autonomous vehicle Back-end web services IaaS Linux apps Recommendation engines IoT Management, security, & governance Third-party applications Fraud detection Data processing Logging & monitoring © 2020, 2022, Amazon Web Services, Inc. or its Affiliates. Chatbots

Slide 9

Slide 9

How are customers building? © 2022, Amazon Web Services, Inc. or its Affiliates.

Slide 10

Slide 10

Compute operational models Least AWS Lambda Serverless functions AWS manages Customer manages Data source integrations Application code Physical hardware, software, networking, and facilities Provisioning Application code What you manage Container orchestration, provisioning AWS Fargate Cluster scaling Data source integrations Serverless containers Physical hardware, host OS/kernel, networking, and facilities Security config and updates Network config Management tasks Application code Amazon ECS/EKS Container-management -as-a-service Container orchestration control plane Physical hardware software, networking, and facilities Data source integrations Work clusters Security config and updates, network config, firewall, management tasks Application code Amazon EC2 Infrastructure-as-a-Service Most © 2022 Amazon Web Services, Inc. or its Affiliates. Physical hardware software, networking, and facilities Data source integrations Scaling Security config and updates Network config Management tasks Provisioning, managing scaling and patching of servers

Slide 11

Slide 11

Poll Question Are you using or have aspirations to have aspirations to use AWS serverless technologies such as Fargate or Lambda? - Yes - No - Not yet, but we are planning to implement © 2022 Amazon Web Services, Inc. or its Affiliates.

Slide 12

Slide 12

The containers stack on AWS CONTAINERS CONTAINER SERVICE MANAGED KUBERNETES STORE & RETRIEVE DOCKER IMAGES COMPUTE AUTO SCALING HYBRID ARCHITECTURE AWS-SERVICES ON-PREMISES ACCESS CONTROL DATA INTEGRATION APPLICATION LIFECYCLE MANAGEMENT ASSESSMENT & REPORTING INTEGRATED DEVICES & EDGE SYSTEMS AUTHORING CONFIGURATION COMPLIANCE INTEGRATED IDENTITY & ACCESS BUILD & TEST DATA PROTECTION INTEGRATED NETWORKING CONTAINERS DDOS PROTECTION INTEGRATED RESOURCE & DEPLOYMENT MANAGEMENT DEVOPS RESOURCE MANAGEMENT IDENTITY MANAGEMENT VMWARE CLOUD ON AWS ONE CLICK APP DEVELOPMENT KEY MANAGEMENT & STORAGE PATCHING MONITORING & LODGING PIPELINE ORCHESTRATION RESOURCE MANAGEMENT RESOURCE TEMPLATES THREAT DETECTION TRIGGERS BATCH JOBS EVENT-DRIVEN SERVERLESS COMPUTING INFRASTRUCTURE INSTANCE TYPES AVAILABILITY ZONES MANAGED REPOSITORY FOR SERVERLESS APPS CUSTOM HARDWARE RUN & MANAGE WEB APPS DATA CENTER INFRASTRUCTURE SERVERLESS COMPUTE POINT OF PRESENCE ISOLATED COMPUTE ENVIRONMENTS (FOR NITRO ENCLAVES) ANALYSE & DEBUG WEB APPLICATION FIREWALL MANAGED VIRTUAL PRIVATE SERVERS VIRTUAL SERVERS GLOBAL NETWORK BACKBONE THREAT DETECTION & INVESTIGATION FOR AMAZON DETECTIVE AUTOMATED SECURITY POSTURE CHECKS FOR AWS SECURITY HUB DEVELOPMENT FRAMEWORK REGIONS STORAGE APPLICATION DELIVERY ARCHIVE STORAGE DEDICATED NETWORK CONNECTION BACKUP & RESTORE DOMAIN NAMING SERVICE BLOCK STORAGE LOAD BALANCING DATA TRANSFER MONITOR APIS EDGE PROCESSING & COMPUTING MONITOR MICROSERVICES FILE STORAGE NETWORK TOPOLOGY HIGH PERFORMANCE FILE SYSTEM NETWORKING HUG HYBRID CLOUD STORAGE PRIVATE CONNECTION TO APPS OBJECT STORAGE SCALE VPS & ACCOUNT CONNECTIONS WINDOWS FILE SYSTEM © SERVICE 2022 Amazon Web Services, Inc. or its Affiliates. DISCOVERY VIRTUAL PRIVATE CLOUD MOBILE API GATEWAY POWER INFRASTRUCTURE IDENTITY MANAGEMENT & GOVERNANCE NETWORKING & CONTENT DELIVERY DEV TOOLS SECURITY, IDENTITY, & COMPLIANCE MOBILE ANALYTICS MOBILE APP TESTING ACTIVITY & API USAGE TRACKING SINGLE INTEGRATED CONSOLE CHATBOT SYNC CONFIGURATION TRACKING TARGETED PUSH NOTIFICATIONS GOVERNANCE INVENTORY TRACKING LICENSE MANAGER MANAGE POLICIES MANAGE RESOURCES MONITORING PROVISIONING RESOURCE TEMPLATES SECURITY RECOMMENDATIONS SERVER MANAGEMENT SERVICE CATALOG SYSTEM MANAGER APPLICATION INTEGRATION EMAIL MESSAGE BROKER QUEUING & NOTIFICATIONS SEARCH TRANSCODING WORKFLOW

Slide 13

Slide 13

AWS has the richest container portfolio anywhere APPLICATION NETWORKING Service discovery and service mesh MANAGEMENT Deployment, scheduling, scaling, and management of containerized applications HOSTING Where the containers run IMAGE REGISTRY Container image repository © 2022, Amazon Web Services, Inc. or its Affiliates. AWS Cloud Map AWS App Mesh Amazon Elastic Container Service (Amazon ECS) Amazon Elastic Kubernetes Service (Amazon EKS) Amazon Elastic Compute Cloud (Amazon EC2) AWS Fargate Amazon Elastic Container Registry (Amazon ECR) Red Hat OpenShift Service for AWS (ROSA)

Slide 14

Slide 14

Container technology © 2022, Amazon Web Services, Inc. or its Affiliates.

Slide 15

Slide 15

Management: Amazon EKS, Amazon ECS and now ROSA ECS EKS ROSA Powerful simplicity Open flexibility Opinionated platform © 2022, Amazon Web Services, Inc. or its Affiliates.

Slide 16

Slide 16

Powerful simplicity AWS-opinionated way to run containers at scale Reduce decisions without sacrificing scale or features ECS © 2022, Amazon Web Services, Inc. or its Affiliates. Reduce time to build, deploy, and migrate applications

Slide 17

Slide 17

Open flexibility Gain agility and efficiency with AWS-optimized Kubernetes, and standardize operations everywhere Secure, highly available, with observability across all Kubernetes deployments EKS © 2022, Amazon Web Services, Inc. or its Affiliates. Build with choice of solutions from the broader community around Kubernetes

Slide 18

Slide 18

Opinionated container platform Leverage integrated tools and services for developers and operators Transfer OpenShift skills and processes from on-prem environments ROSA © 2022, Amazon Web Services, Inc. or its Affiliates. Simplify management, support and billing of OpenShift environments

Slide 19

Slide 19

Customers usually mix and match Team GitHub Jenkins ECR Flux CloudWatch ALB, NLB, NGINX, Traefik AWS App Mesh EKS Fargate © 2022, Amazon Web Services, Inc. or its Affiliates. OR ECS EC2 CloudFormation Application User

Slide 20

Slide 20

AWS App Runner Fully managed service for web applications AWS App Runner Web application Serverless Platform Backend server provides a highly abstracted and simple managed experience for running web applications and API hosting services © 2022 Amazon Web Services, Inc. or its Affiliates. • https://www.datadoghq.com/blog/aws-app-runner-monitoring

Slide 21

Slide 21

Run your containers anywhere based on your workload needs Serverless EC2 options AWS Fargate Amazon EC2 Spot instance © 2022 Amazon Web Services, Inc. or its Affiliates. Edge and 5G AWS Local Zones AWS Wavelength On-premises AWS Outposts ECS EKS Anywhere Anywhere

Slide 22

Slide 22

Containers are worth looking at

Slide 23

Slide 23

Containers monitoring is not magic

Slide 24

Slide 24

Kubernetes is sort of magic though…

Slide 25

Slide 25

10 Trends in Real World Containers https://datadoghq.com/container-report/

Slide 26

Slide 26

EKS had a 20% increase in adoption among AWS orgs

Slide 27

Slide 27

Stateful workloads, containers, and you

Slide 28

Slide 28

Images: the hot top ten!

Slide 29

Slide 29

Images: the hot top ten (DJ k8s remix!)

Slide 30

Slide 30

Docker is champ, but new challengers are rising…

Slide 31

Slide 31

How it started vs. how it’s going

Slide 32

Slide 32

It’s Speculation Time! – Edge computing (containers on the edge) – Increased importance of orchestration / mesh technology – Docker for dev, containerd (or other) for prod? – Moving towards higher levels of abstraction – Containers as a packaging and dependency mechanism

Slide 33

Slide 33

Q&A

Slide 34

Slide 34

Thank You