Policy-based Container Networking | The Dark Art of Container Monitoring

Schedule:

6:00 to 6:30 Networking and Food/Drinks sponsored by New Relic and Cisco

6:30 to 7:15 The Dark Art of Container Monitoring

In this presentation, Gianluca Borello will cover the current state of the art for container monitoring and visibility, including real use-cases and pros / cons of each. He will then focus on advanced container visibility techniques, such as:

• visualizing a container’s network activity

• understanding detailed resource usage (CPU, memory and disk I/O) of containers or processes running inside containers

• following process and user activity inside containers

• collect logs from multiple containers

The presentation will include live interaction with container environments and will focus on bringing practical value to the audience.

About Gianluca Borello

Gianluca works at Sysdig, where he wears many hats. He's a core developer of the sysdig troubleshooting tool, and spends his days dealing with backend development, performance analysis and cloud infrastructures management. Prior to Sysdig, he worked at Riverbed and CACE Technologies, the company behind Wireshark. He's passionate about Linux, open source technologies and distributed systems at scale. He holds a MS in Computer Engineering from Politecnico di Torino, Italy.

7:30 to 8:15 Project Contiv - Policy based Container Networking

Infrastructure is created and maintained to run applications, therefore networking should offer its best to fulfill applications’ needs. Distributed applications require connectivity, characterization, and guarantees for the best intended outcome. On other hand operationalizing applications, requires security, governance and compliance.

Contiv Networking is an open source container networking effort, that realizes the networking based on the specified policy intent. In this talk we describe simple constructs that can allow implementing policies at scale. We also demonstrate one implementation for policy realization using OVS (openvswitch.org) and conclude with some findings on the scale, and performance.

About Vipin Jain:

Vipin Jain is a distinguished engineer at Cisco Systems. He has worked on a variety of networking technologies, authored IETF drafts/RFCs, and built networking and server products that are ubiquitously deployed. Specifically, he has been involved in designing networking ASICs, architecting networking software and solutions, and work on SDN solutions.

About Sukhesh Halemane:

Sukhesh is a Principal Engineer at Cisco Systems. He brings a mix of perspectives from enterprise applications, networking and virtualization. He has worked on enterprise web applications and designed highly distributed backend systems. He is a veteran of networking industry where he spent 10+ years architecting several highly successful networking products and worked on virtualization and server technologies.