Repository files navigation

InfraKit is a toolkit for infrastructure orchestration.With an emphasis on immutable infrastructure, it breaks down infrastructure automation and management processes into small, pluggable components.These components work together to actively ensure the infrastructure state matches the user's specifications.InfraKit therefore provides infrastructure support for higher-level container orchestration systems and can make your infrastructure self-managing and self-healing.

To get started, try thetutorial, or check out the video below:

In this video, InfraKit was used to build a custom linux operating system (based onlinuxkit).We then deployed a cluster of virtual machine instances on a local Mac laptop using the Mac Xhyve hypervisor (HyperKit). A clusterof 3 servers booted up in seconds. Later, after the custom OS image has been updated with a new public key, InfraKit detects thechange and orchestrates a rolling update of the nodes.We then deploy the same OS image to a bare-metal ARM server running onPacket.net, where the server usescustom ipxe boot directly from the localhost. It demonstrates some of the key concepts and components in InfraKit and shows howInfraKit can be used to implement an integrated workflow from custom OS image creation to cluster deployment and Day N management.The entire demo is published as aplaybook, and you can create your own playbooks too.

InfraKit is designed to automate setup and management of infrastructure in support of distributed systems and higher-levelcontainer orchestration systems. Some of the use cases we are working on include:

• Bootstrap / installation of container orchestration systems like Docker Swarm and Kubernetes
• Cluster autoscaler that can work across a variety of platforms from public clouds (like AWS autoscaling groups) tobare-metal hosts.
• GPU cluster provisioning
• Integration with LinuxKit for building and deploying immutable infrastructure from declarative specifications of the entire stack:from infrastructure resources to os / kernel and applications.
• Day-N management and automation of infrastructure - from provisioning to rolling updates and capacity scaling.

InfraKit has a modular architecture with a set of interfaces which define the interactions of these 'plugin objects'.Plugins are active daemons that cooperate with one another to ensure the infrastructure state matches your specifications.

InfraKit makes extensive use ofPlugins to manage arbitrary systems in diverse environments, which can be composedto meet different needs. See theplugins documentation for more technical details.

Here is a list of plugins:

Have a Plugin you'd like to share? Submit a Pull Request to add yourself to the list!

Make sure you check out the project following a convention for building Go projects. For example,

# Install Go - https://golang.org/dl/# Assuming your go compiler is in /usr/local/goexport PATH=/usr/local/go/bin:$PATH# Your dev environmentmkdir -p~/goexport GOPATH=!$export PATH=$GOPATH/bin:$PATHmkdir -p~/go/src/github.com/dockercd!$git clone git@github.com:docker/infrakit.gitcd infrakit

We recommended go version 1.9 or greater for all platforms.

Also install a few build tools:

make get-tools

$ make ci

$ make binaries

Executables will be placed in the./build directory. There is only one executableinfrakit which canbe used as CLI and as server, based on the CLI verbs and flags.

InfraKit uses JSON for configuration because it is composable and a widely accepted format for manyinfrastructure SDKs and tools. Since the system is highly component-driven, our JSON format followssimple patterns to support the composition of components.

A common pattern for a JSON object looks like this:

{"SomeKey":"ValueForTheKey","Properties": {   }}

There is only oneProperties field in this JSON and its value is a JSON object. The opaqueJSON value forProperties is decoded via the GoSpec struct defined within the package of the plugin --for example --vanilla.Spec.

The JSON above is avalue, but the type of the value belongs outside the structure. For example, thedefault GroupSpec is composed of an Instance plugin, a Flavor plugin, and anAllocation:

{"ID":"name-of-the-group","Properties": {"Allocation": {    },"Instance": {"Plugin":"name-of-the-instance-plugin","Properties": {      }    },"Flavor": {"Plugin":"name-of-the-flavor-plugin","Properties": {      }    }  }}

The group's Spec hasInstance andFlavor fields which are used to indicate the type, and the value of thefields follow the pattern of<some_key> andProperties as shown above.

TheAllocation determines how the Group is managed. Allocation has two properties:

• Size: an integer for the number of instances to maintain in the Group
• LogicalIDs: a list of string identifiers, one will be associated with each Instance

Exactly one of these fields must be set, which defines whether the Group is treated as 'cattle' (Size) or 'pets'(LogicalIDs). It is up to the Instance and Flavor plugins to determine how to useLogicalID values.

As an example, if you wanted to manage a Group of NGINX servers, you couldwrite a custom Group plugin for ultimate customization. The most concise configuration looks something like this:

{"ID":"nginx","Plugin":"my-nginx-group-plugin","Properties": {"port":8080  }}

However, you would likely prefer to use the default Group plugin and implement a Flavor plugin to focus onapplication-specific behavior. This gives you immediate support for any infrastructure that has an Instance plugin.Your resulting configuration might look something like this:

{"ID":"nginx","Plugin":"group","Properties": {"Allocation": {"Size":10    },"Instance": {"Plugin":"aws","Properties": {"region":"us-west-2","ami":"ami-123456"      }    },"Flavor": {"Plugin":"nginx","Properties": {"port":8080      }    }  }}

Once the configuration is ready, you will tell a Group plugin to

• watch it
• update it
• destroy it

Watching the group as specified in the configuration means that the Group plugin will createthe instances if they don't already exist. New instances will be created if for any reasonexisting instances have disappeared such that the state doesn't match your specifications.

Updating the group tells the Group plugin that your configuration may have changed. It willthen determine the changes necessary to ensure the state of the infrastructure matches the newspecification.

Additional documentation can be foundhere.

The maintainers take security seriously. If you discover a security issue,please bring it to their attention right away!

PleaseDO NOT file a public issue, instead send your report privately tosecurity@docker.com.

Security reports are greatly appreciated and we will publicly thank you for it.We also like to send gifts—if you're into Docker schwag, make sure to letus know. We currently do not offer a paid security bounty program, but are notruling it out in the future.

InfraKit is currently focused on supporting setup and management of base infrastructure, such as a clusterorchestrator. The image below illustrates an architecture we are working towards supporting - a Docker cluster in Swarmmode.

This configuration co-locatesInfraKit with Swarm manager nodes and offers high availability ofInfraKit itself andSwarm managers (using attached storage).InfraKit is shown managing two groups - managers and workers that will becontinuously monitored, and may be modified with rolling updates.

Countless configurations are possible withInfraKit, but we believe achieving support for this configuration willenable a large number of real-world use cases.

Copyright © 2016 Docker, Inc. All rights reserved. Released under the Apache 2.0license. SeeLICENSE for the full license text.