NL

ECMWF adopts new application platform

Andrew Brady

 

ECMWF is starting to provide some of its web and data services based on applications deployed on a new IT platform. For the migration of ECMWF’s data centre to Bologna, we are transforming several applications to run as Docker containers on Kubernetes‑managed platforms. This article explains what Docker/Kubernetes are, why they are increasingly being used at ECMWF, and what this means to users.

Reasons for the change

Developing IT‑based applications historically means having to know a lot about the technical environment. Software code can be developed and run perfectly in a limited environment (like a laptop, desktop or workstation) but it can then be hard to transition, maintain and run in other environments. The traditional approach is to develop services and applications based on common shared code/libraries which are deployed onto dedicated infrastructure to ensure that the applications get the IT environment and resources they need to run. This approach is not sustainable as services grow and does not scale in terms of infrastructure or effort. Looking for alternatives, ECMWF web application analysts became aware of two new technologies: Docker and Kubernetes.

What are Docker and Kubernetes?

Docker is a generic environment for running software without having to know details about the infrastructure. Docker uses operating system virtualisation to enable development and delivery of software applications consistently in runnable packages called containers. Kubernetes is a tool for managing Docker applications that are running on clusters of infrastructure. Kubernetes solves the problem of scaling and operating services composed of containers. General market adoption of Docker and Kubernetes, for application development, has been substantial, supporting accelerated development, rapid release of updates to production and efficient scaling. They are key technologies for development. ECMWF has aligned itself with these technologies, realising that they are beneficial for our services.

What does it mean for users?

ECMWF is currently using Docker and/or Kubernetes successfully to provide several services, including Atlassian, EFAS-IS, GloFAS, the RMDCN website, FTP, the Data Services Costing Application, Accounts and Nexus. There are other services in the pipeline for deployment on Kubernetes in Bologna, including the www.ecmwf.int website, ecCharts, and webapi.

The key improvements users of these services should see as ECMWF adopts Docker and Kubernetes are:

  • improved turnaround time for fixes/updates/improvements
  • more robust services as applications are even more comprehensively tested during their development.

As illustrated in the diagram, the use of Docker/Kubernetes also improves our workflows as development can be undertaken in relative independence. In addition, the transition of applications to production is facilitated as application containers do not need to be changed for operations.

%3Cstrong%3E%20Example%20of%20Continuous%20Integration%20workflow.%20%3C/strong%3E%20The%20workflow%20shown%20here%20enables%20the%20developer%20to%20make%20code%20changes%20safely%20in%20isolation%20and%20test%20their%20work%20on%20their%20desktop.%20When%20they%20are%20satisfied,%20they%20commit%20changes,%20and%20this%20triggers%20the%20workflow%20that%20generates%20a%20Docker%20container%20and,%20if%20successful,%20deploys%20it%20automatically.%20This%20then%20becomes%20available%20as%20a%20generally%20accessible%20test%20service.%20If%20the%20testers%20are%20satisfied,%20service%20operations%20manually%20trigger%20the%20update%20to%20production,%20possibly%20in%20a%20scheduled%20session.%20The%20entire%20workflow%20is%20traceable%20from%20source%20code%20change%20to%20deployment%20to%20production.
Example of Continuous Integration workflow. The workflow shown here enables the developer to make code changes safely in isolation and test their work on their desktop. When they are satisfied, they commit changes, and this triggers the workflow that generates a Docker container and, if successful, deploys it automatically. This then becomes available as a generally accessible test service. If the testers are satisfied, service operations manually trigger the update to production, possibly in a scheduled session. The entire workflow is traceable from source code change to deployment to production.

The current setup

Our current Kubernetes Cluster consists of virtual machines (VMs) from our VMWARE VSPHERE and Network Attached Storage for data persistence. The infrastructure can be scaled transparently by adding new VMs and/or bigger VMs using Kubernetes to orchestrate containers across VMs. In production, the cluster also provides many operations-ready functions by default and using it significantly reduces the effort needed to implement commodity application components, such as web servers, application servers or databases.

It is important to realise that Docker and Kubernetes are not the only technologies used. To efficiently and robustly deploy applications, we have implemented Continuous Integration/Continuous Deployment (CI/CD) tooling. We use Atlassian Bitbucket, Harbor, Nexus and Atlassian BAMBOO. With these tools, we have a pipeline system that enables rapid and robust development, with a light touch, through to operations. We have also integrated automated functionality to test and ensure the quality of code and the security of underlying platforms.

If you are interested in learning more, please feel free to get in touch with Andrew Brady (andrew.brady@ecmwf.int).