From source to Kubernetes in 30 minutes

Transcript

1. @BastianHofmann From source to Kubernetes In 30 Minutes Bastian Hofmann

   mail@bastianhofmann.de

2. CI/CD

3. None
4. None
5. None

6. Container orchestration platform

7. Deploy, run and scale your services in isolated containers

8. Your application is bundled in an image

9. The image contains everything the application needs to run

10. The image is started in an isolated container

11. No vendor lock in

12. Standardized APIs

13. Your laptop

14. Bare metal

15. Cloud Providers

16. And if you don't want to install and maintain Kubernetes

    yourself

17. Managed Kubernetes

18. None

19. So we have code, how do we get this into

    Kubernetes?

20. Angular demo application

21. Demo

22. We have to

23. Build a docker image

24. Contains everything that the service needs to run

25. Make the build as fast as possible

26. Make the image as small as possible

27. Demo

28. Tell Kubernetes to

29. Start containers

30. In Kubernetes

31. • A group of 1 or more containers • Same

    port space • Within a Pod: communication over localhost • Every container has their own filesystem • Every Pod has it's own IP • All Pods can talk with each other • IPs change all the time Pod

32. Deployment

33. LoadBalancer

34. Everything in Kubernetes is a resource (document) defined in YAML

35. Demo

36. Also all those YAML files are not nice

37. Helm

38. Also we need

39. DNS

40. TLS

41. Monitoring

42. CI/CD pipeline

43. Make use of Kubernetes "magic"

44. Demo

45. Magic recap

46. LoadBalancers

47. Automatically creates a highly available LoadBalancer with a public IP

    address

48. Ingress controller

49. The ingress controller (nginx) listens on routing rules in Ingress

    Resources and configures itself to route incoming traffic to the correct running and healthy pods

50. cert-manager

51. Cert-manager listens on Ingress Resources and if they need TLS,

    requests a certificate from LetsEncrypt

52. external-dns

53. External-DNS listens on Ingress Resources and creates DNS entries

54. Sealed Secrets

55. Secrets are stored encrypted in Git and decrypted inside of

    the cluster

56. Prometheus

57. Kubernetes and Node metrics are automatically included

58. Kubernetes and Node alerts are automatically included

59. Kubernetes and Node dashboards are automatically included

60. Scraping targets can be automatically discovered

61. Service Meshes

62. None

63. Recommendation: Start playing around with Kubernetes

64. Alternatives

65. Flux

66. None

67. Knative

68. Kubernetes-based platform to deploy and manage modern serverless workloads

69. Tekton CD

70. CI that runs completely within Kubernetes with Kubernetes Custom Resources

71. Resources

72. https:/ /gitlab.com/bashofmann/ angular-test-app

73. https:/ /gitlab.com/bashofmann/ angular-test-app-finished

74. https:/ /github.com/syseleven/ golem-workshop

75. mail@bastianhofmann.de https:/ /twitter.com/BastianHofmann http:/ /speakerdeck.com/u/bastianhofmann