Focus on:  Hide Contributions
Back to Conference View
Login

Containers in Controls Workshop

America/New_York
Marriott at The Brooklyn Bridge

Marriott at The Brooklyn Bridge

333 Adams Street Brooklyn, New York 11201 USA
Description

In industry, containers and container orchestration solutions have dramatically changed the way system administrators deploy and manage applications. Developers are gradually switching from delivering monolithic applications to micro-services.

Indeed, using containerisation solutions such as Docker has many advantages: applications run in an isolated way, decoupled from the operating system and its libraries; runtime dependencies including access to persistent storage are clearly declared.

Container orchestration, as provided by Kubernetes or OpenShift, allows for an even higher level of abstraction: for an application to run on a computing infrastructure, only a declarative statement containing runtime parameters is required. These parameters include the number of instances or the maximum amount of volatile memory to be allocated. Thus, complexity is hidden and scalability can be easily achieved.

However, switching to containers has some drawbacks: firstly, it requires an initial investment in the computing infrastructure, training and new disaster recovery procedures. Secondly, additional software layers create operational risks, and potential security threats. Finally, as the ecosystem is new, frequent incremental changes need to be applied on the infrastructure itself, which may be problematic in the context of accelerator controls.

This workshop aims to share knowledge and experience on these technologies. We will explore what are the use cases in laboratories and large experiments, how to make the best of them, and their limits.


Registration

Registration and accommodation are handled through the ICALEPCS 2019 website.

Please register here:  https://icalepcs2019.bnl.gov/ before submitting your abstract on this Indico page.

Contact (Swiss time zone)
    • 08:30 08:50
      Getting to know each other 20m
    • 08:50 09:40
      Defining containerisation and hands-on Docker / Docker-compose 50m
      Speaker: Remi Voirin (CERN)
      2019___10___1_ICALEPCS_Main_Presentation.pdf
    • 09:40 10:00
      Container security discussion 20m

      How to address container-related security issues in controls systems?

    • 10:00 10:30
      Coffee Break 30m
    • 10:30 10:55
      Sirius Diagnostics Container Deployment for EPICS IOC 25m

      Sirius beam diagnostics group is responsible for specifying, designing and developing EPICS IOCs for most of the diagnostics in the Booster, Storage Ring and Transport Lines for Sirius Synchrotron Light Source. In order to ease maintenance, robustness, repeatability and dependency isolation a set of guidelines and recipes were developed for standardizing the IOC deployment. It is based on two main components: containerization, which isolates the IOC in a well-known environment, and a remote boot strategy for our diagnostics servers, which ensures all hosts boot in the same base operating system image. In this presentation, the containerization guidelines and usage, as well as the remote boot strategy along with its constituent parts will be discussed.

      Speaker: Lucas Russo
      containers_workshop_ica_2019.pdf
    • 10:55 12:00
      Storage and deployment in CERN controls: status and plans + group work on application storage and deployment 1h 5m

      Presentation of current release and deployment techniques of software in CERN controls, and changes that we want to introduce.
      Group work around storage of container images and how they reshape the way we deploy software.

      Speaker: Remi Voirin (CERN)
      2019___10___2_ICALEPCS_App_storage_and_deployment_in_CERN_controls.pdf
    • 12:00 13:30
      Lunch Break 1h 30m
    • 13:30 14:00
      Containers in the ESS integrated control system 30m

      Containers have rapidly evolved into the de-facto standard for deploying software infrastructure for the integrated control system at ESS. This short presentation gives an overview of the current status of containerization, shares some positive and negative experiences and indicates some areas for future exploration.

      Speaker: Karl Vestin
      Containers in the ESS integrated control system.pdf
      Containers in the ESS integrated control system.pptx
    • 14:00 15:30
      Introduction to container orchestration and hands-on minikube + group work on container orchestration 1h 30m

      General presentation of container orchestration and practical hands-on session with minikube, a small distribution of the Kubernetes control plane.
      Using the six thinking hats methodology, we will explore possible use of container orchestration within controls systems.

      Speaker: Remi Voirin (CERN)
      2019___10___3_ICALEPCS_Container_Orchestration.pdf
    • 15:30 16:00
      Coffee Break 30m
    • 16:00 16:25
      Current status of service management at SuperKEKB 25m

      We manage tens of server computers to provide various services for accelerator
      control at SuperKEKB. Most of the services are managed with init system such as systemd or SysVinit.
      We also use procServ to manage services. ProcServ is a command to run an application as a daemon into
      the background with telnet access to stdin and stdout. The services are manually migrated when we have
      a system trouble or a server replacement, however, preparing for execution environment imposes a burden
      on us. Therefore, we require effective service management system. I will report the current service
      management and expectation for container technology.

      Speaker: Shinya Sasaki
      sasaki_superkekb.pdf
    • 16:25 16:45
      Quiz 20m
      Speaker: Remi Voirin (CERN)
      2019___10___4_ICALEPCS_Quiz.pdf
    • 16:45 17:00
      General Q&A and wrap-up 15m
Powered by Indico v3.3.7-pre