Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Getting started with Kubernetes

Bastian Hofmann
March 14, 2019
Programming
3
130

Getting started with Kubernetes

Kubernetes is a very powerful container orchestration platform that is quickly gaining traction and gives you lots of benefits in deploying, running and scaling your microservice web application. But it has also a steep learning curve.
In this talk I will introduce you to Kubernetes, and show you, based on a practical example, how to continuously deploy a web application into it.

Bastian Hofmann

March 14, 2019
Tweet

More Decks by Bastian Hofmann

See All by Bastian Hofmann
Monitoring in Kubernetes with Prometheus and Grafana
bastianhofmann
0
260
Creating a fast Kubernetes Development Workflow
bastianhofmann
0
85
Highly available cross-region deployments with Kubernetes
bastianhofmann
1
120
From source to Kubernetes in 30 minutes
bastianhofmann
0
120
Introduction to Kubernetes
bastianhofmann
1
140
CI/CD with Kubernetes
bastianhofmann
0
140
Creating a fast Kubernetes Development Workflow
bastianhofmann
1
240
Deploying your first Micro-Service application to Kubernetes
bastianhofmann
2
160
Creating a fast Kubernetes Development Workflow
bastianhofmann
0
160

Other Decks in Programming

See All in Programming
Front-end application development, Symfony-style(s)
dunglas
2
1.9k
Code Reviews
bkuhlmann
4
880
Designing for tomorrow's programming workflows
honnibal
PRO
2
110
スクラムガイドのスプリントレトロスペクティブを改めて読みかえしてみた / Re-reading the Sprint Retrospective Section in the Scrum Guide
mackey0225
3
330
Hanami and htmx
bkuhlmann
0
190
StreamlitとTerraformでデータカタログを作った話
gussan0223
0
300
雑に思考を整理する技術と効能
konifar
55
25k
FigmaとPHPで作る1ミリたりとも表示崩れしない最強の帳票印刷ソリューション
ttskch
39
18k
VSCodeでのDatabricks開発もお勧めしたい/I would also recommend Databricks development with VSCode.
kazumain
0
240
Git Lint
bkuhlmann
4
740
Semantic search with Django and pgvector
pauloxnet
0
240
単体テストを書かない技術 #phpcon_odawara
o0h
PRO
25
7.8k

Featured

See All Featured
Code Reviewing Like a Champion
maltzj
513
39k
The World Runs on Bad Software
bkeepers
PRO
61
6.7k
GraphQLの誤解/rethinking-graphql
sonatard
50
9.2k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
12
1.5k
WebSockets: Embracing the real-time Web
robhawkes
59
7k
Atom: Resistance is Futile
akmur
258
25k
Designing the Hi-DPI Web
ddemaree
276
33k
The MySQL Ecosystem @ GitHub 2015
samlambert
242
12k
What’s in a name? Adding method to the madness
productmarketing
PRO
15
2.6k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
240
1.2M
Intergalactic Javascript Robots from Outer Space
tanoku
266
26k
Optimizing for Happiness
mojombo
370
69k

Transcript

  1. @BastianHofmann Getting started with Kubernetes Bastian Hofmann

  2. None

  3. Container orchestration platform

  4. Deploy, run and scale your services in isolated containers

  5. Very Powerful

  6. Large community

  7. Lot’s of large company backers

  8. No vendor lock in

  9. Standardized APIs

  10. Runs on

  11. Your laptop

  12. None

  13. Bare metal

  14. Cloud Providers

  15. AWS

  16. Azure

  17. Google Cloud Platform

  18. And if you don't want to install and maintain Kubernetes

    yourself

  19. Managed Kubernetes

  20. None

  21. Easy setup

  22. Easy upgrades

  23. Easy scaling

  24. Features

  25. Load Balancing

  26. Distributed Persistent Storage

  27. Some do offer

  28. Backups

  29. Hyperscaling

  30. Premium support

  31. Carefree Usage & pro-active monitoring

  32. But this talk is about how to use Kubernetes

  33. Learning curve

  34. This talk is supposed to get you started

  35. I’m going to explain the basics

  36. And then you will see lots of live demos

  37. But first

  38. Why containers?

  39. Services run in isolation

  40. Everything needed to run a service in one image

  41. Decouple Ops and Dev

  42. Make things …

  43. Easier to deploy

  44. Easier to upgrade system dependencies

  45. Easier to develop

  46. Easier to scale

  47. Better resource usage

  48. #safeThePlanet

  49. None

  50. FROM php:7.2-apache WORKDIR /var/www/html RUN apt-get update -y && \

    apt-get install -y --no-install-recommends curl \ rm -rf /var/lib/apt/lists/* ENV TMP_DIR /tmp COPY . /var/www/html/ EXPOSE 80 ENTRYPOINT [“apache2”, “-DFOREGROUND”]

  51. docker build -t gitlab.syseleven.de/syseleven/symfony- demo:2.0.0 .

  52. docker run -p 8080:80 syseleven/symfony-demo:2.0.0 docker push syseleven/symfony-demo:2.0.0

  53. Kubernetes helps you to run and deploy containers

  54. Let’s define some core concepts and terminology first

  55. Kubernetes Cluster

  56. • A docker image built from a Dockerfile that contains

    everything a service needs to run Image

  57. • A container runs a docker image. • Only 1

    process can run inside of a container Container

  58. • A group of 1 or more containers • Same

    port space • Ports are not accessible from outside of the pod Pod

  59. • Defines and manages how many instances of a pod

    should run Replica Set

  60. • Manages updates and rollbacks of replica sets Deployment

  61. • Makes a port of a pod accessible to other

    pods Service

  62. • Makes a service accessible to the outside of Kubernetes

    Ingress

  63. • A physical server • Containers get distributed automatically Node

  64. • Configuration that can be mounted inside of a container

    ConfigMap

  65. • Volumes can be mounted into a container to access

    a ConfigMap, Secret or a folder on the host Volumes

  66. • Dedicated environment to deploy services in Namespaces

  67. Everything is a resource

  68. You interact with Kubernetes by creating, receiving, updating and deleting

    resources

  69. Kubernetes has controllers to listen on these interactions and get

    the cluster in the desired state

  70. kind: Deployment apiVersion: extensions/v1beta1 metadata: name: symfony-demo spec: template: spec:

    containers: - name: symfony-demo image: symfony-demo:1.1.0 ports: - containerPort: 80

  71. $ kubectl apply -f deployment.yaml

  72. $ kubectl get deployments NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE

    symfony-demo 1 1 1 1 21h

  73. $ kubectl get deployment symfony-demo -o yaml apiVersion: extensions/v1beta1 kind:

    Deployment metadata: annotations: ... spec: ... template: ... spec: containers: - name: symfony-demo image: symfony-demo:1.1.0

  74. $ kubectl delete deployment symfony-demo

  75. Tooling

  76. kubectl

  77. $ kubectl get pods

  78. NAME READY STATUS RESTARTS AGE kubernetes-dashboard-5b5bf59977-t9xb9 1/1 Running 2 9d

    nginx-ingress-controller-5549f5597c-97kcw 0/1 Running 2 9d nginx-ingress-default-backend-564d9d9477-tmnnr 1/1 Running 4 9d mysql-556c9b5bcb-5jdrt 1/1 Running 1 8d symfony-demo-5b75f5fc6-c7wr9 1/1 Running 0 8d symfony-demo-5b75f5fc6-jg8n4 1/1 Running 23 8d

  79. REST API

  80. $ kubectl proxy --port=8080 $ curl http://localhost:8080/api/v1/namespaces/default/ pods { "kind":

    "PodList", "apiVersion": "v1", "metadata": { "selfLink": "/api/v1/namespaces/default/pods", "resourceVersion": "336834" }, "items": [ { "metadata": { "name": "kubernetes-dashboard-5b5bf59977-t9xb9",

  81. kubernetes-dashboard

  82. None

  83. Helm The package manager for Kubernetes

  84. $ helm install stable/wordpress

  85. Demo

  86. Demo code and instructions: https:/ /github.com/bashofmann/ phpuk19-k8s-workshop

  87. # 01 Deploying a simple Web Application

  88. What did just happen?

  89. None

  90. Deployment created

  91. Sees new Deployment And creates new ReplicaSet with 1 desired

    replica

  92. Sees new ReplicaSet and Creates Pod for ReplicaSet

  93. Sees new unscheduled Pod and Schedules it to Node

  94. Sees it is supposed to start a Pod And starts

    its Containers

  95. Service created

  96. Sees the new Service And configures IP Table Rules and

    DNS entries

  97. Sees the new Service has the Type LoadBalancer and creates

    An External LB at the Cloud Provider

  98. How is traffic routed to the Pod

  99. The Service loadbalances incoming traffic to all available Pods

  100. Every Service has a virtual IP

  101. Round Robin with IP Tables rules

  102. OpenStack LoadBalancer

  103. # 02 Using an Ingress with TLS

  104. The ingress controller (nginx) listens on Ingress Resources and configures

    itself to route incoming traffic based on the host header to the correct running pods

  105. Cert-manager listens on Ingresses and if they want TLS, requests

    a certificate from LetsEncrypt

  106. $ helm install stable/nginx-ingress $ kubectl apply -f https://raw.githubusercontent.com/ jetstack/cert-manager/release-0.6/deploy/manifests/00-

    crds.yaml $ helm install stable/cert-manager

  107. How is traffic routed to the Pod

  108. OpenStack LoadBalancer

  109. # 03 Application Configuration

  110. Configuration should not be part of a Docker Image

  111. So that you can use the same Docker Image in

    multiple environments

  112. Kubernetes comes with Key-Value Store Resources

  113. ConfigMaps

  114. Secrets

  115. Can be mounted inside of containers

  116. Environment Variables

  117. Volumes

  118. # 04 Helm Package Manager

  119. Helm

  120. None

  121. Allows to install applications

  122. So called "charts"

  123. Writing your own charts if fairly easy

  124. Charts can depend on other charts

  125. Multiple deployments of one chart possible

  126. Different namespaces

  127. Different release names

  128. Configuration over values

  129. None

  130. $ helm install stable/wordpress --namespace bastian --name my-wordpress --values dev.yaml

    --values bastian.yaml

  131. # 05 Service Discovery

  132. Kubernetes has an internal DNS for service discovery

  133. Every Service has a DNS entry

  134. service-name[.namespace]

  135. # 06 Databases and Persistent Storage

  136. You define a Persistent Volume or Storage Class, e.g. NFS,

  137. Depends on your Kubernetes Setup

  138. You can specify a Persistent Volume Claim

  139. apiVersion: v1 kind: PersistentVolumeClaim metadata: name: postgresql-pv-claim labels: name: postgresql

    spec: storageClassName: generic accessModes: - ReadWriteOnce resources: requests: storage: 10Gi

  140. And then mount the Claim into a Volume in a

    container

  141. apiVersion: extensions/v1beta1 kind: Deployment metadata: name: postgresql spec: template: spec:

    containers: … volumes: - name: postgresql-data persistentVolumeClaim: claimName: postgresql-pv-claim

  142. https:/ /kubernetes.io/docs/concepts/ storage/persistent-volumes/

  143. # 07 Service Meshes

  144. What are Service Meshes?

  145. None

  146. They provide

  147. Metrics and Traces

  148. Transparent End-To-End Encryption

  149. Advanced Routing

  150. Istio

  151. LinkerD

  152. $ linkerd install | kubectl apply -f -

  153. Summary

  154. Powerful

  155. Helpful

  156. Fast paced development

  157. Keep up to date

  158. Documentation

  159. https:/ /kubernetes.io/docs/

  160. KubeCons

  161. https:/ /www.youtube.com/channel/ UCvqbFHwN-nwalWPjPUKpvTA

  162. http:/ /speakerdeck.com/ u/bastianhofmann

  163. [email protected] https:/ /twitter.com/BastianHofmann

  164. Backup Slides

  165. # 08 Monitoring

  166. Prometheus

  167. $ helm install stable/prometheus

  168. Automatically scrapes all Services/Pods with a Prometheus Scraping Annotation

  169. # 09 Logging

  170. Applications just log to stdout & stderr

  171. Kubernetes writes logs of containers to the Node's Filesystem

  172. Fluentd runs as a DaemonSet on every Node

  173. Mounts the local Host Path of the Logs

  174. Tails on Logs and enriches it with Meta Information

  175. Sends it to ElasticSearch

  176. Kibana as a nice Dashboard

  177. $ helm install stable/elasticsearch $ helm install stable/fluentd-elasticsearch --set elasticsearch.host=elasticsearch-

    client,elasticsearch.port=9200 $ helm install stable/kibana # with some configuration

  178. # 10 Debugging

  179. Not all services have an ingress

  180. Accessing Kubernetes from the outside

  181. web quote-svc hello-svc

  182. Getting a shell in a running container

  183. $ kubectl exec $POD_NAME -i -t -- /bin/bash

  184. Port forwarding through kubectl

  185. $ kubectl port-forward pod/$POD_NAME 8080:80

  186. $ kubectl port-forward service/$SERVICE_NAME 8080:80

  187. Still, if you make a code change you have to

    commit, push, build, deploy

  188. Takes some time

  189. What about step debugging?

  190. Of course you can run everything locally

  191. But you develop only on one service

  192. There may be lots of services

  193. You don't want to expose all services publicly

  194. Port-forwarding all services is also work

  195. Telepresence

  196. None

  197. Creates a two-way proxy between the Kubernetes cluster and you

  198. $ telepresence T: Starting proxy with method 'vpn-tcp'... @fhgbvx65xg|bash-3.2$ curl

    http://quote-svc/quote | jq '.' [ { "ID": 503, "title": "stefan sagmeister", "content": "<p>...</p>\n", "link": "https://quotesondesign.com/stefan- sagmeister-2/" } ]

  199. Swap a running deployment in the cluster with a local

    process

  200. ... or a locally running docker container

  201. $ telepresence --swap-deployment quote-svc --namespace dev-flow-demo --expose 3000 --run npm

    run debug T: Starting proxy with method 'vpn-tcp',... T: Forwarding remote port 3000 to local port 3000.... > [email protected] debug /Users/bhofmann/forge_test/quote- svc > nodemon --inspect quote-svc.js [nodemon] watching: *.* [nodemon] starting `node --inspect quote-svc.js` Debugger listening on ws://127.0.0.1:9229/83aa27ac- d879-4b50-a228-440354cca791 quote svc listening on port 3000!

  202. # 11 (Auto) Scaling

  203. Manual Scaling

  204. kubectl scale --replicas=3 deployment/my-app

  205. AutoScaling

  206. Pods

  207. Nodes