QUAN T R j - Q U A N L Y
CONTAINER HOA VCfl DIEN TOAN DAM MAY:
GIAI PHAP XU THE TRONG PHAT TRIEN VA TRIEN KHAI
IfNG DUNG DOANH NGHIEP
• PHAM NGQC DUY - N G U Y I N TRUNG QUAN
T6M TAT:
Trong ky nguydn c6ng nghidp 4.0, cac t6' chiJc va doanh nghiep d tat ca cac linh vifc d^u can phiii ii'ng dung manh me cdc giSi phdp cdng nghe thong tin (CNTT) tidn tien d^ xay difng vS tri^n khai cdc he thS'ng mgt cdch nhanh chdng va hieu qua. Viec iJng dung nen ting cong nghe container hda ket hdp vdi cdc dich vu dien todn mSy la mot trong nhffng giai phdp xu hiTdng hi^n nay, dac biet trong trien khai u'ng dung cho doanh nghiep. Nhom cdc bai vid't v^ chu de
"container hda" se trinh bay tdng quan ve cdng nghe container cung dich vu ddm may, xu hifdng dp dung giai phdp container cua cdc to ehd'c hien nay, dong thdi difa ra nhu'ng ldi the'vd thdch thitc cdc doanh nghiep co the gap phai khi trien khai, van hanh he tho'ng vdi container, BJii bdo niy cung cS'p cdi nhin sau hdn ve vS'n de tai sao va bdng each nao cdc doanh nghidp iJng dung nen tdng container.
Tif khoa: Container, container hda, dng dung doanh nghiep, dien todn ddm may.
l.Gidithi^u
Khdi nidm container hoa va co lap tid'n trinh da c6 lii hdng thdp ky tru'dc, nhifng sif xua't hien cua mS nguon md Docker Engine vao nam 2013 - mgt tieu chudn cong nghiep mdi cho cdc container, vdi nhiing c6ng cu phdt tnen ddn gian. ciing each (iep c|n ddng gdi phd' thong - da day nhanh viec ap d^ng cong nghe nay. Cong ty nghien cu'u Gartner dtfdodn hdn 50% so'congty se siJdung cdng nghe coniainer vao nam 2020 va ket qua ttf cugc khao sdt do IBM thifc hidn cho tha'y \iee dp dung da
<*ienra nhanh hon, vdi 59% congty dp dung da cai thien chat lufdng dng dung va giam 16i.
2. Tong quan cong nghe container hda 2.1. Container vd container hoa (Containerization)
Container la mpt ddn vi phan mdm thifc thi.
trong do, ma ehifdng trinh (code) cua dng dung du'de dong gdi eung vdi cdc ihU vidn (libraries), cac gdi phu thuge (dependencies) iheo each pho thong, dd' no cd the chay d bated dau, tif mdy tinh de ban. he thd'ng CNTT truyen tho'ng eho den tren dam may. De thifc hien \iee nay, cdc coniainer tan dung mgt dang do hoa he dieu hanh (OS-level virtualizalion) (vie't tdt OS - operating system).
Trong dd. nhu'ng tinh nang eua OS (trong tru'dng
TAP Cll CONE mm
hdp Linux kernel la namespace \a cgroup) ddde tan dung vifa deed lap cde de'n trinh (process i vifa de kiem sodiiai ngu\en nhd CPU. bg nhd. Iinj mJ ma nhdng iien trinh dd cd quyen truv cap. Cae contamer cd kich thu'dc nho (lightweight), nhanh va cd tinh di dgng vl khdng giong nhdmgt may ao (VM - Virtual Machine), eontainer khdng phai ehda them guest OS trong moi instance, thay vao dd ehi can tan dung nhu'ng tinh nang va tai nguyen eua host OS. Cdc container xua't hien lan dau lien each da> hang thap ky, nhu'ng da so' nhdng nha phdt inen hidn nay deu nhd nam 201.^ nhd la sif khdi dau ciia ky nguyen container hien dai. vdi si/
ra ma'l cua Docker.
Phan mdm dng dung can phaidUdc thie't ke'va ddng gdi theo each dac biet de tan dung ldi the' eua container, qua trinh dd thddng dddc ggi la Coniainer hda (containerization). Container da [rd thanh mdt xu hddng chinh trong phat irie'n phan mem, nhu'mpt giai phdp cdng nghe thay the' difde so sdnh vdi ao hda (\irtualization).
Container hda lidn quan de'n viee ddng gdi ma chddng trinh host OS eung ta't ea (va chi) nhifng ihdeun thid't de'phan memed the'hoat dong dong nha't va nha'l qudn tren ba't cd moi trifdng, ed sd ha tang nao. Cdng nghe nay nhanh chdng di/de hoan thien, dem lai nhdng ldi ich ddng kd'eho cde dpi phdt trien va van hanh, cung nhd cho cdsd ha tang ndi chung. Container hda cho phep cae nha phdl Irid'n tao ra va trid'n khai cdc dng dung nhanh hdn. an loan hdn. Vdi nhdng phu'dng phdp truyen Iho'ng. mii ngudn dddc phdi tnen trong mdi iru'dng dien loan cu the. khi dddc chuye'n sang nipE mdl trddng mdi EhUdng se phdt sinh loi.
Container hda xda bd va'n de na\ bang each ddng gdi ma ngudn dng dung, cac thd vien cd lien quan. eac gdi phu thupc can thid't (de chu'dng trinh ed the hoat dpng) lai vdi nhau. .Mdt gdi phan mdm du\ nha't do - hay "container - ddde trdu tu'dng hda so vdi host OS \ a do dd nd hoat dgng dde lap va cd tinh di dgng. tde la cd the' chay tren bat ky ndn tang hay ddm may ndo ma khdng gap
\an de gi. Container hda cho phep nhdng dng dung "dddc \ ic'l mot lan va chay d bdi ed dau".
Kha nang di ddng nay rat quan trpng do'i vdi quy trinh phdl trien \a khd nang tddng thich vdi nha cung edp.
2.2. If ng dung dUtfc container hoa Cdc contamer ddng gdi dng dung nhd mpt gdi phan mem thde thi du> nha't. Cac dng dung eontainer difdc cd lap. chung khong dddc gdi k6m mot ban OS (nhd ma\ ao). Thay vao dd, mpt container rundme engine (nhd Docker) dddc eai dat tren host OS \a trd thanh Idp tnmg gian giup edc container chia se chung mgt OS vdi nhau trdn eflng mpt he thd'ng may tinh (Xem Hlnh 1). Nhdng idp khac. (nhd bin va lib) cung ed the' dddc chia se gida cdc container. Dieu nily giup loai bo chi phi van hanh them mpt OS vdi moi dng dung vd khie'n cho cdc container ed dung lddng nhd hdn, td'c dg khdi dgng nhanh hdn. dem lai hidu sua't may chii eao hdn. Vide cd lap eac dng dung eung lam giam kha nang ma dgc xua't hien trong mgt container (vo'n cd the gay anh hifdng tdi nhu'ng container khde, xam nhap he tho'ng mdy chu). Sif trifu tddng hda trddc host OS khie'n ede dng dung container hda cd tinh di dgng vil cd th^ chay nha't qudn tren mpi nen tang hay ddm mdy. Cac container cd the de dilng dddc di tru tif mgt may cd OS nay sang mdy cd OS khde va chay on dinh trdn cdc cd sd ha tang ao hoa hoae tren nhdng may chu bare-melal truydn thd'ng, on-premises (tai cho) hodc on-eioud (tren dam may). Co the tha'y tai sao cdc doanh nghiep dang nhanh ehdng dp dung container hda nhd mgt each lie'p can du viet de' phdt trien vd quan ly dng dung. Container hda eho phep cac nhom phdt trien va trien khai dng dung nhanh hdn vd an loan hdn, cho du dng dung dd la dang ddn khd'i (monolith) - mot dng dung phan mem ddn tang, hay mpt vi dieh vu (microservice) dang md-dun. Cdc dng dung nen dam may mdi cd the ddde xay ddng td dau nhd nhdng vi dieh vu dddc container hda, bdng cdch chia nho mgt dng dung phdc tap thanh mpl tap nhdng dieh vu ehuyen bidt dd quan Iy vdi kich thddc nhd hdn. Cdc dng dung hien tai cd Ih^
dddc ddng gdi lai vao trong cdc container su" dung tai nguyen dien todn hidu qua hdn.
2.3. Lai ich cua container
Ngoai nhe, td'e dd va linh di dpng, container hoa cung ea'p nhdng ldi ieh ddng kd' cho dgi ngu phat trien: (1) Tinh linh hoat: Ma nguon md Docker Engine da khdi dau cho mpt tieu chuan edng nghiep ve container, vdi nhdng cong cu phdt trien va mdl cdch tid'p can ddng gdi pho thong. He 192 So 1 -Thong 1/2020
QUANTR!-QUANLY
sinh thdi coniainer da chuyen djch sang nhu'ng engine difdc quan ly bdi OCI (Open Container Initiative). Nha phat trien phan mem cd thd' de'p IUC SlJ dung cdc cong cu va quy trinh agile hay DevOps cho viec phdt trien va tang cddng dng dgng nhanh chdng. (2) Cdch ly loi: Mdt dng diing caiiainer hda dddc co lap va van hanh dgc lap vdi nhffng container khac. Loi cua mgt container nay thong gay anh hddng tdi sd hoaldgng lien tuc cua bat ky mot container nao khde. Cdc nhdm phdt trien c(5 th^ xdc dinh va khde phue bat ky va'n de kv thual trong mgt container ma khdng gay ra thdi gian gidn doan dd'i vdi nhdng eontainer khde. (3) Tinh hi^u qua; Phan mem hoat dgng trong moi irUdng coniainer hda chia se OS kernel cua mdy linh, cac Idp ifng dung bdn trong mot eontainer cd lhe dif^c chia se vdi cae eontainer. Do do.
container vo'n cd dung lifdng nhd hdn so vdi mgt ma\ aovd ydu cau it thdi gian khdi ddng hdn. cho ph^p nhieu eontainer hdn hoat dong tren eiing kha ring dien todn so vdi mgt may do. Dieu nay cung ihiic day hieu sua't mdy chu cao hdn, giam chi phi mdy chii va gia'y phep bdn quyen. (4) Dd quan ly:
Mol n4n tang dieu pho'i coniainer (container orchestradon) tif dgng hda vide eai dat, co gian, \a quSnIy cdc dich vu, khd'i cdng vide difde container h6a. Cdc nen tang dieu pho'i eontainer c6 the de dSng quan ly cde tae vu nhif eo gian dng dijng container hda, tung ra nhifng phien ban mdi cua iJng dung, cung ca'p gidm sat, ghi nhat ky vh gd ldi, cQng nhd mdt so'chdc nang khac. (5) Tinh bao mat:
Vi^c CO ldp cdc dng dung container vd'n da ngan chin stf xam nhap cua ma doc anh hddng tdi nhdng coniainer khae va he tho'ng host. Them vao do. cdc i]u)en han bao mat cd the difdc dinh nghTa de id ilOng chdn nhdng thanh phan khdng mong mud'n kh6i viec tmy cap vao eontainer hay gidi han sd trao doi vdi nhifng tai nguydn khdng can thid't.
2.4. Bdo inqt trong container
Cac dng dung dddc container hda vo'n ed dp Momat VI ehung cd the ehay nhd nhu'ng tie'n trinh cfi 15p vd hoat dpng dge ldp vdi cdc container
^hac. Thtfc sif ddde cdch ly, dieu na\ cd the' ngdn chJn ba't ky ma dpc nao anh tddng tdi nhdng container khde hodc xdm nhap he thd'ng host. Tuy nhien. cdc Idp dng dung trong mdt container ihiftng difdc chia se vdi cac container khde. Ve
mat hieu sua't tai nguyen. day la mdt diem cdng, nhdng nd cung md ra ngu\ cd ean thiep va \ i pham bao mat cho cdc container. Dieu tifdng tif eung se xay ra dd'i vdi OS ddng chung. bdi nhieu container cd the lidn ke't vdi cdng host OS. Nhii'ng moi de doa bao mat dd'i vdi mpi OS pho thdng cd the anh hddng ddn ta'l ca eae container lien quan, va ngddc lai. mgt lo hd'ng eontainer cd khd nang xam pham tdi host OS. Lam ihd' nao nhffng dng dung va thanh phan md ngudn md du'de ddng gdi bdn trong mot eontainer cd the'cai thien bao mat? Cde nhd cung cap cdng nghe container, vi du nhd Docker, tich eifc giai quyd't nhffng thdch thdc ve bao mat container. Coniainer hda ed each lie'p can seeure-by-default. rdng bao mat nen la ihd von ed ngay trong nen tang, ehd khong phai la mgt gidi phdp dddc trien khai va ea'u hmh them vao. Ngoai ra. container engine hd ird ta't ca nhffng thupc tinh cd lap mae dinh vdn cd trong host OS. Cde nhd nghien cdu dang lam \iec de' lang ctfdng bao mat container hdn nffa \a hang loat ede giai phap bao mat sdn ed dd' tif dpng phat hien va dng phd vdi nhdng mo'i de doa eho doanh nghidp; de' gidm sat va thde thi nhffng dieu khoan nhdm dap dng cdc tieu chua'n va ehinh sdch bao mat; dd' dam bao an loan ludng dif lieu qua cdc dng dung va endpoint.
2.5. Container orchestrator vd container platform
2.5.1. Container orchesircdor
Khi eae eong i\' bat dau dp dung cong nghe container (thddng la mot phan cua kid'n true hidn dai cloud-native) td sU ddn gian cua cae eontainer ridng le ban dau. bdt ddu nay sinh va'n de vdi sd phdc tap eua viec quan ly hang tram (tham ehi hang nghin) container tren mpt he thd'ng phan tdn.
De' giai quye't thdch thdc ndy, viec dieu pho'i container (Container orchestration) da xua't hien nhd mot edch quan ly khd'i lu'dng ldn container trong suot vong ddi cua chung, bao gom: (1) Cap phdt; (2) Dd phong; (3) Theo ddi trang thai; (4i Phan bo tai ngu>en: (5) Co gian va can bang tai:
(6) Di chuyen gida edc host vat ly.
Trong khi nhieu nen lang dieu phd'i container (vi du nhd Apache Mesos. Nomad, va Docker Swarm) dddc tao ra de giup giai quyd't nhffng thdeh thffc nay. Kubernetes- mgt dudn md ngudn md dddc Google gidi ihieu vao nam 2014 - da
TAP Cll m t Timmc
nhanh chdng trd thanh nen tang dieu phdi container pho' bie'n nha't. va nd la mgt phan quan trong cua nganh cdng nghiep dddc tieu ehuan hda. Khi cdc container tid'p tuc dat dddc dpng life phat trien. trd thanh each thdc pho' bien de ddng gdi va eha\ cdc dng dung, he sinh thdi container - gom cdc cdng eu va dif an dffdc thie't kc de' lam vffng cha'c va md rpng cic tnfdng hdp sd dung eontainer - tiep tuc phdt trid'n. Ngoai Kubernetes.
hai trong so' cde dff an pho bie'n nha't irong he sinh thdi container ta Istio \a Knalive. Khi nhffng nha phdl trie'n sd dung cdc container dd' \a_\ dffng va ehay eae kic'n trtic vi dieh vu.cdc mo'iquan tdm \d quan ly vu'dt ra khdi nhdng van de ve vdng ddi cua cdc container rieng bidt. dd cdn la vide mgt so Iffdng ldn cdc dich \u nho (thffdng ddde eoi la 'ser\ ICC mesh") kel noi vdi nhau. Islio du'de tao ra dd' giup cac nha phdl tnen dd ddng quan l> nhffng thdch thi'fc lidn quan tdi khdm phd. Idu tddng, gidni ,sdl. bao mal.... Kie'n true serverless tid'p tue phat trie'n rpng rai. ddc biet la Irong cpng ddng eloud-native. Gid tri Idn nhd't ciia Knati\e la kha nang cung cap eae dieh vu coniainer nhff la cac serverless function. Thay \1 hoat dpng mgi luc va dap ffng khi can thie't (nhff mot mdy chu thong ihu'dng van lam), mot serverless function ed the' chuyd'n ve 0 (scale lo zero). nghTa la nd khdng eha\ trff khi ddde ggi tdi. Md hinh na\ cd thd del kiem mgt lifdng Idn sffe manh dien todn khi dp dung cho hang chue nghin container.
2.5.2. Container platform
Cdc container rat hffa hen vi loai bd sir phu ihugc giffa cde ffng dung va ed sd ha tang, nhdng chiing \.Tn ehi la mdt cong nghe. Gid'ng nhu' mot hypervisor can them mgi Idp quan ly dd' ird nen hffu ich cho to' ehffe doanh nghiep. eae eontainer can mgt nen tang de'diifesd dat hieu qua dquy mo ldn. Neil tang container (Container platform) la mot nen tang de' \a\' ddng, bao mat va qudn ly cdc dng dung dffdc container hda trong mot tru'dng doanh nghiep. Nd khong ehi la cdc container vdi sff dieu phdi \3 kha nang cdp phdt, mot ndn tang container cd the hd trd phan phd'i phan mem an loan, quan lv vong ddi ffng dung, ttf dgng hda va quan tri No md ra ed hgi de thdc hidn sff chuyen doi (transformation) cho cdc to chde Mdt nen tang coniainer nen difde ihie't ke de ho trd \ iee dd'i mdi
(innovation). Quan trgng khdng kem. nd can ho trd cde dng dung truyen tho'ng hien cd. Ngoai ra. nd phai eung cd'p cdc chinh sdch to chffc ve bdo mat.
kiem soat thay doi. quan ly vdng ddi.... Dffdi day Id mpt so yeu cau cho mgt nen tang container: (1) Quan ly image difdc ttch tidp, cho phep ngffdi diing quan ly eae image va ngi dung ben trong dd mdl each an toan. (2) Quan tri \'di cac dieu khid'n truy cap difa theo vai trd nhdm hd trd nhieu-ngffdi- thud, va mot quy trinh eho viec chuye'n cdc dng dung tff vide phdl trie'n. kie'm thff eho den sdn xua't.
(3) Td dong hda. cho phep cdc nha quan tri ed thd' thid't lap cdc chinh sdch mot Ian. sau dd ehung cd the hoat ddng ma khdng can can thiep hay ehu ddng quan ly. (4) Quan ly vong ddi. dffde tich hdp vdo trong phdt trien phan mem, cde cdng cdng cu vd lie'n tnnh CI/CD, tff luc phat trie'n dng dung eho tdi giai doan ke'i thuc. (5) Bao mat phan ldp cho ffng dung vdi vide ky so image dd' ddm bao bao mat trong sudt vdng ddi ffng dung. (6) Khd ndngco gian, dd dang ke't noi nen tang eontainer vdi cdc cdng cu kinh doanh khac, bao gom cac giai phdp Iffu trff va kd't noi mang dddc ifu tien, cdc cong cu ghi nhat ky va gidm sdt. (7) Ho trd va ede djch vu doanh nghidp vdi kha ndng tff va'n nh^m giup giai quye't nhffng thach thffc dem nang ve ede quy trinh phffe tap. sd dieu pho'i, sd tich hdp va luong cdng viec. (8) Chdng nhan de' dam bao kha nang tffdng tac vdi cde he sinh vd eae ndn tang trung tam dff lidu khac.
Ve cdc ldi ieh cua mdt nen tang container, ngodi dd'i mdi va chuye'n do'i. mot nen ldng container cd nhffng ldi ichcd the nhm tha'y ,sau: (1) Hoal ddng thd'ng nhat: Khi ta't ca mpi thff dffdc tidu chua'n hda va tuan theo cimg mot md hinh hoat dpng, se dd dang hdn cho cac dpi CNTT dd' khai thdc cdc ITnh vffc cong nghe mdi, ddng thdi cho cdc cong ty cd the' thich ffng va ndm bat cac dich vu mdi. (2) Tan dung cdc nhom va quy trinh sdn eo: Dieu nay quay trd vd st; tieu ehuan hda.
Vdi mpt nen tang thdng thddng. cde tid'n trinh cd kha nang lap lai. Se dd dang va nhanh chdng hdn de thd nghiem hoae thffc hidn cac thay do'i co tinh lap lai. (3) Ung phd vdi cde rui ro va md'i de dpa:
Slf linh hoat va iidu chuan hda dffdc cung cap bdi mpl nen tang container khid'n viee dp dung bao mat nhd't qudn dd dang hdn. bao vd td chffc khdi
194 So 1 -Thong 1/2020
qUANTR!-QUANLY
cicmd'idedpa. (4) Tang kha nang sffdung trung umdff li?u gap 3 lan: Ngay ca vdi do hda, da so' ming tam dff lieu van hanh cao nha't d mffc 20%.
Container hda tang sff sff dung ten mffe 50-60%
ling cdch Ioaibd cdc OS ddthiJa va hdp nha't cde dich Ml hdn nffa. (5) Giam cdc ehi phi van hdnh CNTT: Quan ly vong ddi va tieu chua'n hda cd sd ha ling khie'n \ iec vd ldi he tho'ng, cap nhat ffng (Jung vd iham chi quay lui phue hoi nhanh hdn.
2.5.3. Cdc giai dogn Ung ditng coniainer trong 10 cMc doanh nghiep
KI di khi Docker ddpc thanh ldp vao nam 20I.V cdc cong ly da dp dung coniainer theo mpl s^cdch khde nhau. Ban dau, cdc nha phat trid'n da tin dung container de' phdt irie'n npi bg. Sau dd.
cai: d'ng dung nay khie'n container difdc dda vao
•.Jn xud't. Hidn nay, cdc Id' chffc lan dung cdc container de' hien dai hda cdc ffng dung truyen thong cila hg vd sff dung ehung trdn khdp cdc ffng dung. Trien khai container theo cdch naodd'thanh cong, hay khi nao thi ap dung mot ndn tang container, ta't ea phu thupc viio mffc do anh hu'dng canciSdo'i vdi to'chffc.
a. Giai doan 1 - Chi trien khai mgt container engine: Cdc to' chffc mdi bdt dau thd nghidm edng ngh? container. Nd chi dffdc trid'n khai bdi mot hay hai ngifdi dung, hodc cd thd' dffdc sff dung cho mOl t^ng diing duy nha't trong mot moi trddng phdt trien \a thff nghiem. Can xay difng. eung eo' cdc kien thffe vc container hda eho mdt nhdm nong c6't. Dieu nay ra't hffu ieh. nhffng khong dem lai gia trj ngay lap tffc cho to' ehde va khong hd trd tnfdng h0p md rgng kinh doanh.
b. Giai doan 2 - Dieu pho'i cdc eontainer:
Khdch hang dang ehay mgt hoae nhieu cum vdi ac ffng dung dffdc eontainer hda. Chung thddng
<lifcfcquan ly bdi mgt nhdm CNTT duy nha't hd trd tngl ddn vi hoae hoan canh sff dung cu the'. Sd dieu phdi khie'n cho viec vd ldi va bao tri dd dang fidn, Irie'n khai eac ffng dung difdc eontainer hda nhanh hdn. nhifng moi trifdng nay chi phu hdp vdi 1IQ1 nhdm ngffdi diJng hoae ffng dung. Dieu ma sif dieu phdi khdng giai quye't ddde la cae nhu cau
•ren khdp loan bg to' chffc doanh nghiep. Kd't qua 'a. nhffng tdi ich cua vide eontainer hda chi ddpc cam nhan bdi nhffng ngffdi trffc tid'p sffdung nd.
c. Giai doan 3 - Nen tang eontainer vdi cae quy
trinh du'de tieh hdp: C^c td chffc da tieu chuan hda ve container hda \a tieh hdp cdc container vdi nhffng quy trinh \a ludng cdng viec hidn cd. Hg thffdng thid't ke' lai edc quy tnnh dd' hd trd coniainer td't hdn. Cde edngty trong giai doan na>
nhin tha'y sff tie't kidm chi phi ddng ke' va ed the"
van ehuyen phan mdm thddng xuyen hdn, dieu na\ bdt dau thay ddi van hda va hanh vi trong mgl td chffc.
d. Giai doan 4 - Sd ddi mdi dffde Idng tde: Cae td chdccd nen tang container hoan loan phdt irie'n dffdc tich hdp vdo con ngffdi, quy trinh va cdng cu cua td chffc. Hp cd tam l\ "du lidn eho eontainer"
va nhan ra nhffng Idi the'cua viec tieu chua'n hda xung quanh cde container. Cdc td chffc d giai doan nay cd the' dd dang thich ffng vdi cong nghd mdi, tan dung edc nhdm va quy trinh boat dpng hien cd.
giam chi phi dau vao. Cac cdng nghd mdi dffde bao mat td dpng difa tren cdc chinh sdch cua cdng ty vdi sff Iff dpng hda \a qudn tri lieh hdp, giam thdi gian dda ra thi trddng va cung ca'p eho cdc td chffc mpl idi the'canh iranh.
3. Md'i quan hd giiFa container va cac nen tang cdng ngh^ quan trgng hi^n nay
3.1. Ao hoa vd container hoa
Cdch dd hid'u nha't ve mot eontainer td hieu nd khde vdi mpt may do truyen thdng nhff the' nao.
Trong ao hda tru\en thdng, eho dii la on-premises hay iren mgt dam may. mgt hypervisor (trinh ao hda) dffde sddung de ao hda phan cffng vat ly. M6i may ao sau dd chffa mgi guest OS, mot ban sao ao cua phan cffng ma OS can dd' chay, eung vdi mdl dng dung ^a edc ihff vidn. gdi phu thupe lien quan de'n dng dung. Thay \i ao hda phan cffng cd ban, cdc container ao hda OS (dien hinh Id Linux) de moi container ridng le chi chda dng dung vd cdc thff vien. gdi phu thugc cua nd. Sff vang mat cua guest OS la li do tai sao container ra't nhe va do dd, chung nhanh va cd kha nang di dgng. Hlnh 1 eung cd'p sd so sdnh 3 md hlnh cd sd ha tang truyen thdng. ao hda va container hda. Se de diing va hffu ieh hdn khi hid'u cdc eontainer la die'm mdi nhat trong sff tie'p ndi cua vide tff dgng hda va trffu iffdng hda ed sd ha tang CNTT. Ao hda toai bd sff can thie'l cua todn bp mpt mdy chu cho mpt ffng dung. Container hda loai bd sff can thid't cua toan bo mgt OS eho moi dng dung. (Hlnh I).
TAPCliedNGTItftfllG
Hinh 1: So sanh mo hinh kien triic truyen thong, ao hoa va containet hoa
dng dung {Application) bin/lib (binaries / libraries)
May ao i ' May ao [ • May ao | (VMI 1 ! (VM) ] ! (VMI I 1 U^ngdungji} |iyngdung|i j | U^ngdung|j 1 bin/lib |; i { bin/iJb |;! { bin/lib {j
1 Cc^ntainer j i Conttjiner [ j Contismer j I|u'ngdung|; l|u'ngdung|j i|u'ngdung|j j Guest Osjl 1 1 Guest OS || • | Guest OS |l
1 Hypervisor |
ll bin/iib II ll bin/iib || || bin/lib (|
1 Container Engine |
1 Hf dieu hanh (OS) | j Host OS I He dieu hanh {
Phan cuTng/may chu vat iy Truyen thong
Phan cirng/may chu vat ly Ao hoa (Virtualization)
Phan curng Container hoa (Containerization)
Cac container thffdng dffdc so sdnh vdi cdc mdy do vi ca hai eong nghe deu cho phep cdc hidu sua't ve tinh lodn tang dang ke bdng cdch cho phep nhieu loai phan mem dddc ehay trong mgt moi trddng ddn nha't. Tu) nhidn. cdng nghd container cung ea'p nhffng ldi ich dang ke' va vffdt trpi so vdi edng nghd ao hda. vd nhanh ehdng trd thdnh cong nghe dffde cde chuydn gia CNTT ffa chupng. Kha nang di dpng. tinh linh hoat, ed lap ldi. dd dang quan ly. va bao mat la nhffng ldi ihd' cua viec sff dung cong nghd eontainer hda.
3.2. Cdc trUdng hup sd dung (use case) ciia container
Cde container dang ngay eang trd ndn ndi bat, dac biet Id irdn cdc moi trddng dam may. Nhieu td chffc dang coi container nhff mpt sif thay the' cho cdc may ao trong ndn tang didn todn da nang. cho cdc ffng dung va cdng viec cuahg. Trong pham vi rpng Idn dd. cd nhffng trffdng hdp quan trgng ma eontainer dddc dac bidt sff dung:
a. Cae vi dich vu (microservice): Cdc eontainer nhd va nhe. dieu nay khie'n eho chung phu hdp vdi cac kidn true \i djch vu. ndi ma cdc dng dung dffdc
\a> ddng bdi nhieu dich vu nhd hdn. dddc ghep nd'i Idng va cd thd' trie'n khai dgc lap.
b. DevOps: Sff kd'l hdp cae \i dieh vy nhff mot kid'n true va container nhd mpt nen tang ta mol thid't tap phd bie'n cho nhieu nhdm theo DevOps de \a> dffng. \ an chuyd'n va thffc thi phan mem.
»,. Ddm may lai (hybrid cloud), da dam mav
(mutli-cloud): VI cae container cd the chay nha'l qudn d bat cff dau, td on-premises cho dd'n ddm may, chung la mdt kid'n true can ban ra't t>? iffdng eho eac kich ban dam may lai va da-ddm-mSy, ndi ma ede td chffc van hanh he thd'ng tren mgt tap hdn hdp nhieu dam may cdng cpng ke't hdp vdi trung tam dff lieu ciia neng hp.
d. Hien dai hda ffng dung (application modernization) va di tru (migration): Mdt trong nhdng cdch tie'p can pho bie'n de hien dai hda dng dung ta bd't dau bang viec eontainer hda ffng dung dd chung cd the dffdc di tru ten ddm may.
3.3. Microservice (vi dich vu) va cdc dng dung Cloud-native
3.3.1. Microservice
Kid'n true vi dich vu (microservice) la mdt cdch dd'p can ve kid'n true, trong dd mgt ffng dung duy nha't dddc tao thanh bdi nhieu thanh phan (hay edc dieh vu) nho hdn cd the' trien khai dgc lap vd dffdc ghep ndi khong chat. Thdng Ihddng cdc dich vu nay: cd stack rieng cua chdng, bao ham cd sd dff lieu va md hlnh dd lidu; truyen thong vdi nhau thdng qua sd ke't hdp eac REST API, truyen phdt Slf kidn, cdc thong diep tning gian; dffdc td chdc bdi kha nang kinh doanh, vdi nhffng dffdng phan tach edc dich vu. Trong khi phdn Idn nhffng cugc thao tuan ve vi dich vu thirdng xoay quanh cdc dinh nghia va dac diem kien tnJc, gid trj eua vi dich vu ed the dffde hieu ddn gian hdn thong qua cdc ldi ich kinh doanh va td chffc nhd la • f |) Ma ngudn cd 196 So I -Thang 1/2020
QUANT8!-qUANLY
lhi- difdc cap nhat de dang hdn. (2) Cdc nhdm cd lhi- r-il dung cac stack khde nhau cho nhffng thanh nban khde nhau. (3) Cac dianh phan co the dffdc md rpng ra toan bdcdc dng dung khi mgt tinh nang duy nhal phai ddi mdt vdi qud nhieu tai.
Vi dich vu hien dang ngdy cang phd bid'n, it nha't li ddi vdi cdc nha dieu hanh, nhffng ngffdi ddng dau d^inciing nhffcdc nha phat trien. Day la mpt trong nhifng dac diem bd't diffdng cu a vi dich vu, bdi vi sff quan tdm den kie'n true thffdng danh cho nhffng ky Slf thifc Slf. Ly do cho dieu nay la bdi vi dich vu phin dnh tdi hdn cdch ma nhieu nha tanh dao doanh nghidp mudn ca'u UTJC, cung nhff dieu hanh cdc nhom vd nhffng quy trinh phat irie'n cua hg. Ndt cich khde, vi dich vu la mgl mo hlnh kie'n true, tao dieu ki^n tdt hdn cho mpt md hlnh dieu hanh mong mudn. Hai so sdnh dffdc dda ra thddng xuyen nha't vdi kien inic vi dich vu la kie'n true nguyen khdi (monolithic) vd kid'n true hddng dieh vu (SOA - Ncr\ice-oriented architecture).
3.3.2. Cloud-native
Cloud-nalive, mot phan de cap de'n ndi ma ffng di)ng cff U'U, va chd ye'u la cdch ma ffng diing dd du'cfc xdy dffng vd trien khai: (1) Mgl dng dung cloud-native bao gdm edc thanh phan rieng bidl, cd Ihd" ldi sff dung ddde ggi la cdc vi dich vu, chung dffdc thie't kd de tich hdp vao ba't ky mdi trtfffngddm may nao. (2) Cdc vi dich vu hoat dpng nhtf CIC khd'i xay dffng vd thddng dffde ddng gdi trong cdc container. (3) Cdc vi dich vu hoat dpng cung nhau nhff mgt kho'i ehung lao thanh mot dng dung, nhffng moi vi djch vu cd the dffde md rgng, lien tuc cdi de'n va tdi thdc hien nhanh ehdng mot dch ddc lap. didng qua cdc tie'n trinh td dong hda v^ dieu phdl. (4) Tinh iinh hoat eua mdi vi dieh vu bo sung them tinh linh hoat va sff eai thien tidn tue cOa cac ffng dung eloud-native.
Cac dng dung cloud-native dda tren kid'n true M dich vu. Cdch tid'p can vdi kid'n true dde dao niy nhSm phdl u-id'n phan mem tap trung vao vide taora nhffng dich \ii rieng bidt ddn chffc nang.
Cdc dich vu ddn chdc nang nay - hay vi dieh vu - ciS the dffdc trien khai. nang ca'p. cai tid'n va doc 'ap Iff dgng hda vdi ba't ky vi dich vu nao khde. Sif
% lap ndy cho phep cdc cap nhat dffdc ihffdng
^u\en. thu'c hien lap Iai ma khdng lam gidn doan Irai nghiem ffng dung cua ngddi dimg. Cdc nha
phdt trien thffdng chay \i dich vu ben trong cdc container. Container ddng gdi phan mem va ta'tca nhffng gdi phu thugc ciia nd de mpt ffng dung cd the' chay trong mgi mdi trddng. Cdc container ra't nhe va nhanh cho viec Irie'n khai. ddng thdi ldng effdngnhffngldi the'vdn cdciia cdc VI dich \u.
3.3.3. Vai iro cua container ddi vdi vi dicb vu.
cloud-native va dien todn ddm may
Cdc cdng t\ phan mem Idn nhd dang ndm bat vi djch vu nhd mgl cdch tie'p can vffdt trpi nhdm phdl trien va quan l\' dng dung, thddng dffdc so sdnh vdi mo hlnh nguyen kho'i [rdde ddy (vd'n kd't hdp mpt ffng dung phan mem vdi giao didn ngffdi dung, dddc lien kd't vdi cd sd dd lieu ed ban thdnh mpt khd'i ddn nhd'l tren mdt nen lang mdy chu ddn nha't). Vdi vi dich \u. mgt ffng dung phffc tap sd ddde ehia thanh nhffng djch vu nhd hdn, chuyen bidt hdn, mdi dich vu cd mgt cd sd dff lieu ridng vd logic kinh doanh ridng. Vi dich vu giao tid'p vdi nhau trdn cdc giao didn thdng thffdng (nhff cac API), hay giao didn REST (nhd HTTP). Sffdung vi dieh vu, cde nhdm phdt tridn cd the tap irung vao cap nhat nhffng khu vde cu the cua ffng dung ma khdng gay anh hddng de'n toan bg ffng dung, dan tdi vide phat irie'n, kie'm Ihff va trie'n khai nhanh hdn. Cac khdi niem ddng sau vi dich vu va container hda \ e can ban tddng tff nhau, vi ca hai deu la nhdng thdc tidn phan mdm, ve cd bdn lie'n hanh bid'n ddi dng dung thanh lap cdc dich vii hay thanh phan nho hdn. ed the' di dpng, co gidn, de dang quan ly va hieu qua. Hdn nda, cdc vi dich vu va container hda boat dgng tdt hdn khi dffdc sff dung kd't hdp cung nhau. Cdc container cung ca'p sd ddng gdi hang nhe cho ba't ky dng dung nao, du cho dd la mpt dng dung ddn khd'i truyen ihd'ng hay mot vidich vu dang md-dun. Mot vi dich vtJ, dddc phdt trie'n trong mpt container, se nhan dddc ta'tca nhffng ieh tdi vd'n ed container hda. nhff tinh di dpng trong qud trinh phdt trid'n. kha nang khdng bi gidi han vdi mot nha eung ca'p (vendor lock-in), cung nhd phdt trie'n linh hoat, cd lap Idi. hieu sua't may chu. tff dgng hda cdi dat. co gian va quan ly.
cdc tdp bao mat..
Cdc giao lid'p hien dang nhanh chdng chuye'n sang ddm may. ndi ngffdi dijng cd lhe phdt trie'n dng dung nhanh chdng va hidu qua. Cdc ffng dung \a dff lieu dang ddm may cd the dffdc truy
TAP Cll CONB TltffllG
cap tff bat cff thid't bi cd kd't nd'i Intemet nao. cho phep cdc thanh \icn nhdm ed the Idm viec iff \a.
hay khi dang di ehuyen. Cac nhd cung cap dich vu ddm may (CSP - cloud ser\'iee provider) quan ty cdc edsd ha tdngcdban, tid't kiem cho td chffc chi phi ve may chu va thie't bi khde, va eung cung cap cdc sao tffu mang mgt cdeh tddong eho dp tin cay cao hdn. Cd sd ha tang dam may co gian theo yeu cau va cd the dieu chinh Id dong cdc tai nguydn dien todn. kich thddc vd cd sd ha tang khi edc ydu cau tai cong viec thay ddi. Tren hd't. CSP thffdng xuyen cap nhat cdc dich vu. cho phep ngffdi dung tidp tue tru\ cap vao cong nghd lien tie'n mdi nha't.
Cac coniainer, vi dich vu va didn loan dam may hoal dong cung nhau dd' dffa \ idc phat trie'n va phan phdi ffng dung Idn edc cap do mdi vdn khdng the thifc hidn vdi nhffng phddng phdp va mdi trffdng truyen iho'ng. Cdc cdch lid'p can ihd' he mdi nay tang them sff linh hoat, hidu qua. tinh tin eay va bao mat cho vong ddi phdt trien phan mem, ta't ca deu ddn de'n vide cung ca'p cdc ffng dung nhanh hdn va tang effdng hdn eho thi trffdng va ngddi dung cuo'i.
3.4. Container dUdi-dgng dich-vu (CaaS) va di^n todn ddm mdy
Container dddi-dang dich-vu (CaaS Container as a service) ta mot mo hlnh dien todn dam may (Hlnh 2). cho phep ngffdi dimg tai tdn.
td chffc, khdi dgng. dffng. co gian va quan Iy cde container, eum (cluster). Nd cho phep cdc lie'n trinh nay. bang each sd dung do hda dang eontainer (hay eontainer hda). mot giao dien lap trinh ffng dung (API - application programming interface), hoae mol giao didn cdng thong tin/
trang web. CaaS giup ngddi ddng xay dffng cdc dng dung dffdc container hda cd tinh bao mat eao.
kha nang co gian thdng qua irung tdm dff lieu on- premises hoae ddm may. Cac container \a cac eum ddde sff dung nhff mpt dieh vu vdi mo hlnh nay va dddc trid'n khai tren ddm ma\ hoae tren irung tam dd tidu on-premises. La mpt md hlnh vdi ffng dung rgng rdi. CaaS giup cdc nha phdt trie'n hdply hdaquv innh \ay ddng mgt coniainer va trid'n khai cdc dng dung vdi quy mo day du.
.Md hlnh nav dem Iai ldi ich eho cac ddn vi CNTT.
cung cap mdt djch vu cho phep trie'n khai
eontainer cd quyen kicm soat mdi trffdng vdi tinh bdo mat cao. Md hinh CaaS giup cdc doanh nghiep ddn gidn hda vice quan t\' container trong eac cd sd ha tang dffdc-dinh-nghla bdi-phdn- mem eua hp. Tddng tff nhffcdc dich \u didn todn ddm may khac. ngffdi dung co the Iffa chgn va chl phai tra cho nhffng tai nguyen CaaS ma hg mudn.
Mpt VI du ve tai nguyen CaaS la cdc instance dien loan, kha nang lap tich va can bSng tai. Vdi sd phat men va md rgng cua cdc dich vu dien todn dam may, CaaS dddc coi Id mdt tap con cua Cd-sd-ha-tang dffdi-dang dich-vu laaS (Infrastructure as a service) va nam giffa laaS vdi Nen-tang dffdi-dang dich-vu PaaS (Platform as a service) (Hinh 2). Trong CaaS, container dffi;fc coi nhff la loai tai nguyen cdban, trdi ngffdc vdi cae mdy do va cac he thd'ng phan cffng bare-metal thffdng dffde sff dung trong cdc moi trffdng laaS.
Mgt dac tinh thid't yd'u cua CaaS la iff dpng hda dieu pho'i eac chffc nang CNTT quan trpng.
Google Kubernetes va Docker Swarm la 2 vi du ve cdc nen tang dieu pho'i CaaS. IBM, Amazon Web Services (AWS) va Google la mdt vai vi du vd eac nha cung ca'p CaaS tren ddm may cong cpng (public cloud).
Cac khach hang doanh nghiep, tff ta't ca cdc nganh cdng nghidp, dang nhan Iha'y nhffng ldi ich Clia CaaS va cong nghd coniainer. Sff dung eac eontainer dem de'n hidu qua cao hdn va eung cd'p cho cde khdch hang kha nang trien khai nhanh ehdng edc giai phdp ddi mdi cho vide hidn dai hda ffng dting vd phat trien cloud-native vdi vi dich vu. Container lida giup cde khdch hang phdt hanh phan mem nhanh hdn va thdc day tinh di dpng giffa cde mdi trffdng ddm may tai va da dam may, ddng thdi giam cdc chi phi cd sd ha tang, giay phep ban quyen va chi phi van hanh. Cdc khdch hang doanh nghidp khi can tang cffdng hoat dpng kinh doanh ciia hg bang each sff dung cdc container se phai tffa chgn giffa 2 tuy chon:
(I) Mpt nen tang CaaS va trien khai hoae trdn mot ddm may cong cpng hoae mgt nen tang cd sd ha tang tai eho. (2) Mot dich vu container dffdc quan ty sdn, cung ca'p bdi Google. Amazon hay Microsoft Azure (ba nha cung cap ddm may ehinh). Td khi CNCF (Cloud Native Compming Foundation) hinh thanh dddi sd hdp tde cua
198 Sdl -Thdng 1/2020
QUAN TRj-QUANLY
HM) 2. Cac mo hinh kien true djch vu dien todn vu dam may hien nay Cloud computing
c c
twS
FMKtion
tuMkm ( O M b H *
.i:^
\ ConUiner
1 "
1 v m u H n U o n
«^„
Cloud
CaaS
FunEtlan
Appncallon
Oitabase
Middleware
C o n t a i n e r
OS
Virtualliatlon
^^
PaaS
Function
A p p l l c a t b n
Dalabate
J d " . , ^
C o n t a i n e r
OS
V I n u i U i i l l o n
Hardtvara
FaaS
Function
ApplkaHon
D . « ^
RiHitima M[ddl«wara
C o n t a i n e r
OS
V l r t u i H a l l a n
Hardwaia
SaaS
F u n c t f *
AppncaHon
omo^
RuntJmB M l d d l a w a r o
C o n t a i n e r
OS
V b t u a l l n d o n
Hard w a r *
Cloud-nalive
,
' Custom sr I Sell-monaoed
Google va Linux Foundation ddng thdi dda ra chiftlng trinh Kuberneies Certification, CNCF dam bdo rdng la't ca cdc nha eung ca'p deu duy tri Ilnh di ddng vd linh tffdng hdp gida cdc nen tang.
Tnfde khi khach hang doanh nghiep tffa chgn giffa mgt nen tang container dffdc quan ty sdn hay trien khai lai chd. hg can trd ldi nhffng eau hdi sau: (1) Container eua hp cd ydu cau trien khai tai cho hay hodc cd the'dffdc trien khai trdn dam may cong cOng. (2) Bp phdn CNTT cua doanh nghidp t'o cac k\ ndng can thid'i de thid't ke'. trie'n khai \a quan irj mdl moi trffdng Kubernetes khong? Can dio lao mdi hodc giff tai dffdc nhffng \a'n de gi"*
(3) Nen lang ddm may edng cdng nao can dd' Irien khai eac container? (Vi du nhd Google,
\WS hodc Azure). (4) Viec sff dung mdt bang Jieu khidn Kubernetes chia se va nhieu-ngddi- thue cd nhffng van de phdt smh hay khdng? Nd'u doanh nghiep van dang trong qua trinh trai nghidm xdi cdc container, thi cdc dich vu coniainer dffdc quan ly sdn ed the la Ida ehon tdt nhat. Cac dieh vu eontainer dddc quan ty la diem woi dau ly tffdng. khdng yeu cau quan ty eum.
^-'apphat tai nguyen, hay can trien khai mgt nen 'ang loi thie'u. Mpl ldi ich ldn eua cdc dich \ii coniainer dddc quan ly .san la chung ra'i luydi vdi
cho vide kiem ihff \idc tridn khai container ban dau, sau dd dieu chinh sd phdt trien vd van hanh edc lie'n trinh. Cdn ne'u doanh nghiep da sdn sang va dang d trong giai doan trien khai coniainer trdn Kubernetes hay .^WS. hodc trdn mot nen tang till chd. doanh nghidp cd the chpn la'y giai phdp CaaS cda ridng minh. Vide cd CaaS cua ndng minh eo the cung cd'p cho doanh nghidp mgt nen tang cd nhidu tinh nang hdn, cd cdc framework va dieh vu can thie't cho mot he thdng d ca'p do san xudt.
4. Kd't luan
Trong bdi bdo nay. tac gid da trinh bay ldng quan ve container va cdng nghd container hda, cde Idl ich cua \idc dp dung ndn tang container.
cung nhff md'i quan he giffa eontainer vd cac cong nghe tan tid'n hien nay nhd ao hda, kid'n tnic vi dieh vu vd cae dich vu dien todn ddm may. Bai
\ie't tap trung vao vide cung ca'p cdi nhin sau hdn ve va'n de tai sao \J bang cdch nao ede doanh nghiep Iai ffng dung nen lang container, dae bidt trong phat trien ffng dung doanh nghiep. Trong bai vid't d so'bdo sau. tac gia se tdng hdp va phan tieh ke't qua mot so' khdo sal ve hidn trang va xu hffdng eua viec dp dung ndn tang container irong cdc td chdc doanh nghiep •
TAP H i CONG THKONG
T\ILI|:LTHAMKR\O;
/. IBM Cloud Education. IBM Claud Learn Hub~. IBM. Iruy cdp ngoy 20/11/2019.
hups://\\-\\-w.ibm.com/clciud/leam/.
2. RedHat, 'Understanding Limn containers-, RedHcit. truy cdp ngdy 20/11/2019.
hiips://\\w\v.redbat.com/en/topics/cemiainer.s.
3. Google Cloud'Containers at Google\ Google, iruy cap ngdy 3/02/2020, https://cloud.gemgle.coiiUcontaiiier.-i/
4. Docker. 'Wbat is a Container?". Docker Inc.. truy cap ngdy 20/11/2019.
https://\vww.dockei. conUres ourcesAvhat-container.
5. Kuberneies. -Understanding Linitx containers-. The LiniLv Foundaticm, truy ccip ngdy 20/11/2019.
luips://kubemeles.io/vUdocs/liome/.
Ngay nhan bai: 26/11/2019
Nga> phan bien danh gia va sffa chiia; 6/12/2019 Ngay chS'p nhan dang bai: 16/12/2019 Thong tin tacgia:
ThS. PHAM NGQC DUV NGUYEN TRUNG QUAN
Khoa Cdng ngh? thdng tin, Trffdng Dai hpc Hang hai Vi?t Nam
CONTAINERIZATION WITH CLOUD COMPUTING:
A TRENDING SOLUTION FOR ENTERPRISE APPLICATION DEVELOPMENT AND DEPLOYMENT
• Master. PHAM NGOC DUY
• NGU YEN TRUNG QUAN Faculty of Information Technology,
Vietnam Maritime University ABSTRACT:
In the Industry 4.0 era, advanced informadon technology solutions should be applied intensively by organizations and enterprises in all areas in order to establish and implement systems effectively and quickly. The combination of containerization and cloud computing is one of trending solutions, especially in enterprise application deployment. The series of articles on
"containerizadon" topic generally presents the overall of coniainer technology and related cloud computing services, recent trends of container-based application solution in organizations, advantages as welt as challenges that enterprises have to face m the process of system deployment and operation by using container platform. This article focuses on providing insights into uhy and how the industry in general and enterprises in particular are adopting container- based applications.
Keywords: Container, Contamenzalion. application for enterprises, cloud computing.
200 S d l - T h a n g 1/2020
