Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Deploying your first Micro-Service Application to Kubernetes

Deploying your first Micro-Service Application to Kubernetes

Kubernetes is a very powerful container orchestration platform that is quickly gaining traction and gives you lots of benefits in deploying, running and scaling your microservice web application. But it has also a steep learning curve. In this workshop you will deploy and scale your first application which consists of multiple Micro-Services to Kubernetes and learn how you can use Persistent Storage. If you want to not just watch, but also program along yourself, have Git, Docker and the Kubernetes CLI kubectl as well as a IDE or Text Editor of your choice installed on your system.

8e82eb7e128a14a16d642ae55227339b?s=128

Bastian Hofmann

February 21, 2019
Tweet

Transcript

  1. @BastianHofmann Deploying your first Micro-Service Application to Kubernetes Bastian Hofmann

  2. None
  3. Agenda for today

  4. Kubernetes Basics

  5. Deploying an application

  6. Load Balancing

  7. Persistent Storage

  8. Configuration Management

  9. Environment Management

  10. Service Discovery

  11. Service Meshes

  12. Monitoring

  13. Debugging

  14. Logging

  15. (Auto) Scaling

  16. None
  17. Container orchestration platform

  18. Deploy, run and scale your services in isolated containers

  19. Why containers?

  20. Services run in isolation

  21. Everything needed to run a service in one image

  22. Make things …

  23. Easier to deploy

  24. Easier to upgrade system dependencies

  25. Easier to develop

  26. Easier to scale

  27. Better resource usage

  28. #safeThePlanet

  29. No vendor lock in

  30. Standardized APIs

  31. Runs on

  32. Your laptop

  33. None
  34. Bare metal

  35. Cloud Providers

  36. And if you don't want to install and maintain Kubernetes

    yourself
  37. Managed Kubernetes

  38. None
  39. Benefits of Managed Solutions

  40. Easy upgrades

  41. Easy scaling

  42. Features

  43. Load Balancing

  44. Distributed Persistent Storage

  45. Some do offer

  46. Backups

  47. Hyperscaling

  48. Premium support

  49. Carefree Usage & pro-active monitoring

  50. You can focus on what's important

  51. Let’s define some core concepts and terminology first

  52. Kubernetes Cluster

  53. • A docker image built from a Dockerfile that contains

    everything a service needs to run Image
  54. • A container runs a docker image. • Only 1

    process can run inside of a container Container
  55. • A group of 1 or more containers • Same

    port space • Ports are not accessible from outside of the pod Pod
  56. • Defines and manages how many instances of a pod

    should run Replica Set
  57. • Manages updates and rollbacks of replica sets Deployment

  58. • Makes a port of a pod accessible to other

    pods Service
  59. • Makes a service accessible to the outside of Kubernetes

    Ingress
  60. • A physical server • Containers get distributed automatically Node

  61. • Configuration that can be mounted inside of a container

    ConfigMap
  62. • Volumes can be mounted into a container to access

    a ConfigMap, Secret or a folder on the host Volumes
  63. • Dedicated environment to deploy services in Namespaces

  64. DaemonSets, CronJobs, StatefulSets, ...

  65. Everything is a resource

  66. You interact with Kubernetes by creating, receiving, updating and deleting

    resources
  67. Kubernetes has controllers to listen on these interactions and get

    the cluster in the desired state
  68. kind: Deployment apiVersion: extensions/v1beta1 metadata: name: symfony-demo spec: template: spec:

    containers: - name: symfony-demo image: symfony-demo:1.1.0 ports: - containerPort: 80
  69. $ kubectl apply -f deployment.yaml

  70. $ kubectl get deployments NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE

    symfony-demo 1 1 1 1 21h
  71. $ kubectl get deployment symfony-demo -o yaml apiVersion: extensions/v1beta1 kind:

    Deployment metadata: annotations: ... spec: ... template: ... spec: containers: - name: symfony-demo image: symfony-demo:1.1.0
  72. $ kubectl delete deployment symfony-demo

  73. The Kubernetes API can be extended with additional Resources and

    Controllers
  74. CustomResourceDefinitions

  75. Certificate, Backup, Restore, MySQLCluster, Function, ...

  76. To interact with Kubernetes

  77. kubectl

  78. $ kubectl get pods

  79. NAME READY STATUS RESTARTS AGE kubernetes-dashboard-5b5bf59977-t9xb9 1/1 Running 2 9d

    nginx-ingress-controller-5549f5597c-97kcw 0/1 Running 2 9d nginx-ingress-default-backend-564d9d9477-tmnnr 1/1 Running 4 9d mysql-556c9b5bcb-5jdrt 1/1 Running 1 8d symfony-demo-5b75f5fc6-c7wr9 1/1 Running 0 8d symfony-demo-5b75f5fc6-jg8n4 1/1 Running 23 8d
  80. REST API

  81. $ kubectl proxy --port=8080 $ curl http://localhost:8080/api/v1/namespaces/default/ pods { "kind":

    "PodList", "apiVersion": "v1", "metadata": { "selfLink": "/api/v1/namespaces/default/pods", "resourceVersion": "336834" }, "items": [ { "metadata": { "name": "kubernetes-dashboard-5b5bf59977-t9xb9",
  82. kubernetes-dashboard

  83. None
  84. Helm The package manager for Kubernetes

  85. $ helm install stable/wordpress

  86. Let's start deploying

  87. We will use:

  88. SysEleven MetaKube

  89. We will all use the same cluster

  90. Please create and then do everything in your own Namespace

  91. Please create and then do everything in your own Namespace

  92. Demo code and instructions: https:/ /github.com/bashofmann/ phpuk19-k8s-workshop

  93. # 01 Deploying a simple Web Application

  94. What did just happen?

  95. None
  96. Deployment created

  97. Sees new Deployment And creates new ReplicaSet with 0 replicas

  98. Scales new ReplicaSet up

  99. Sees new ReplicaSet and Creates Pod for ReplicaSet

  100. Sees new unscheduled Pod and Schedules it to Node

  101. Sees it is supposed to start a Pod And starts

    its Containers
  102. Service created

  103. Sees the new Service And configures IP Table Rules and

    DNS entries
  104. Sees the new Service has the Type LoadBalancer and creates

    An External LB at the Cloud Provider
  105. How is traffic routed to the Pod

  106. The Service loadbalances incoming traffic to all available Pods

  107. Every Service has a virtual IP

  108. Round Robin with IP Tables rules

  109. OpenStack LoadBalancer

  110. # 02 Using an Ingress with TLS

  111. The ingress controller (nginx) listens on Ingress Resources and configures

    itself to route incoming traffic to the correct running pods
  112. Cert-manager listens on Ingresses and if they want TLS, requests

    a certificate from LetsEncrypt
  113. $ helm install stable/nginx-ingress $ kubectl apply -f https://raw.githubusercontent.com/ jetstack/cert-manager/release-0.6/deploy/manifests/00-

    crds.yaml $ helm install stable/cert-manager
  114. How is traffic routed to the Pod

  115. OpenStack LoadBalancer

  116. # 03 Application Configuration

  117. Configuration should not be part of a Docker Image

  118. So that you can use the same Docker Image in

    multiple environments
  119. Kubernetes comes with Key-Value Store Resources

  120. ConfigMaps

  121. Secrets

  122. Can be mounted inside of containers

  123. Environment Variables

  124. Volumes

  125. # 04 Helm Package Manager

  126. Helm

  127. None
  128. Allows to install applications

  129. So called "charts"

  130. Writing your own charts if fairly easy

  131. Charts can depend on other charts

  132. Multiple deployments of one chart possible

  133. Different namespaces

  134. Different release names

  135. Configuration over values

  136. None
  137. $ helm install stable/wordpress --namespace bastian --name my-wordpress --values dev.yaml

    --values bastian.yaml
  138. # 05 Service Discovery

  139. Kubernetes has an internal DNS for service discovery

  140. Every Service has a DNS entry

  141. service-name[.namespace]

  142. # 06 Databases and Persistent Storage

  143. You define a Persistent Volume or Storage Class, e.g. NFS,

  144. Depends on your Kubernetes Setup

  145. Each pod can specify a Persistent Volume Claim

  146. apiVersion: v1 kind: PersistentVolumeClaim metadata: name: postgresql-pv-claim labels: name: postgresql

    spec: storageClassName: generic accessModes: - ReadWriteOnce resources: requests: storage: 10Gi
  147. And then mount the Claim into a Volume in a

    container
  148. apiVersion: extensions/v1beta1 kind: Deployment metadata: name: postgresql spec: template: spec:

    containers: … volumes: - name: postgresql-data persistentVolumeClaim: claimName: postgresql-pv-claim
  149. https:/ /kubernetes.io/docs/concepts/ storage/persistent-volumes/

  150. # 07 Service Meshes

  151. What are Service Meshes?

  152. None
  153. They provide

  154. Metrics and Traces

  155. Transparent End-To-End Encryption

  156. Advanced Routing

  157. Istio

  158. LinkerD

  159. $ linkerd install | kubectl apply -f -

  160. # 08 Monitoring

  161. Prometheus

  162. $ helm install stable/prometheus

  163. Automatically scrapes all Services/Pods with a Prometheus Scraping Annotation

  164. # 09 Logging

  165. Applications just log to stdout & stderr

  166. Kubernetes writes logs of containers to the Node's Filesystem

  167. Fluentd runs as a DaemonSet on every Node

  168. Mounts the local Host Path of the Logs

  169. Tails on Logs and enriches it with Meta Information

  170. Sends it to ElasticSearch

  171. Kibana as a nice Dashboard

  172. $ helm install stable/elasticsearch $ helm install stable/fluentd-elasticsearch --set elasticsearch.host=elasticsearch-

    client,elasticsearch.port=9200 $ helm install stable/kibana # with some configuration
  173. # 10 Debugging

  174. Not all services have an ingress

  175. Accessing Kubernetes from the outside

  176. web quote-svc hello-svc

  177. Getting a shell in a running container

  178. $ kubectl exec $POD_NAME -i -t -- /bin/bash

  179. Port forwarding through kubectl

  180. $ kubectl port-forward pod/$POD_NAME 8080:80

  181. $ kubectl port-forward service/$SERVICE_NAME 8080:80

  182. Still, if you make a code change you have to

    commit, push, build, deploy
  183. Takes some time

  184. What about step debugging?

  185. Of course you can run everything locally

  186. But you develop only on one service

  187. There may be lots of services

  188. You don't want to expose all services publicly

  189. Port-forwarding all services is also work

  190. Telepresence

  191. None
  192. Creates a two-way proxy between the Kubernetes cluster and you

  193. $ telepresence T: Starting proxy with method 'vpn-tcp'... @fhgbvx65xg|bash-3.2$ curl

    http://quote-svc/quote | jq '.' [ { "ID": 503, "title": "stefan sagmeister", "content": "<p>...</p>\n", "link": "https://quotesondesign.com/stefan- sagmeister-2/" } ]
  194. Swap a running deployment in the cluster with a local

    process
  195. ... or a locally running docker container

  196. $ telepresence --swap-deployment quote-svc --namespace dev-flow-demo --expose 3000 --run npm

    run debug T: Starting proxy with method 'vpn-tcp',... T: Forwarding remote port 3000 to local port 3000.... > quote-svc@1.0.0 debug /Users/bhofmann/forge_test/quote- svc > nodemon --inspect quote-svc.js [nodemon] watching: *.* [nodemon] starting `node --inspect quote-svc.js` Debugger listening on ws://127.0.0.1:9229/83aa27ac- d879-4b50-a228-440354cca791 quote svc listening on port 3000!
  197. # 11 (Auto) Scaling

  198. Manual Scaling

  199. kubectl scale --replicas=3 deployment/my-app

  200. AutoScaling

  201. Pods

  202. Nodes

  203. Summary

  204. Powerful

  205. Helpful

  206. Better resource usage

  207. Great tools because of standardized APIs

  208. Fast paced development

  209. Keep up to date

  210. Documentation

  211. https:/ /kubernetes.io/docs/

  212. KubeCons

  213. https:/ /www.youtube.com/channel/ UCvqbFHwN-nwalWPjPUKpvTA

  214. http:/ /speakerdeck.com/ u/bastianhofmann

  215. Please provide feedback

  216. mail@bastianhofmann.de https:/ /twitter.com/BastianHofmann