Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Introduction to Kubernetes

Bastian Hofmann
May 11, 2018
Programming
7
770

Introduction to Kubernetes

Kubernetes is a very powerful container orchestration platform that is quickly gaining traction and gives you lots of benefits in deploying, running and scaling your microservice web application. But it has also a steep learning curve. In this talk I will introduce you to Kubernetes, why you would want to use it and all the tooling around Kubernetes with the help of practical examples.

Bastian Hofmann

May 11, 2018
Tweet

More Decks by Bastian Hofmann

See All by Bastian Hofmann
Monitoring in Kubernetes with Prometheus and Grafana
bastianhofmann
0
210
Creating a fast Kubernetes Development Workflow
bastianhofmann
0
74
Highly available cross-region deployments with Kubernetes
bastianhofmann
1
100
From source to Kubernetes in 30 minutes
bastianhofmann
0
100
Introduction to Kubernetes
bastianhofmann
1
140
CI/CD with Kubernetes
bastianhofmann
0
120
Creating a fast Kubernetes Development Workflow
bastianhofmann
1
220
Deploying your first Micro-Service application to Kubernetes
bastianhofmann
2
140
Creating a fast Kubernetes Development Workflow
bastianhofmann
0
140

Other Decks in Programming

See All in Programming
Mastering Compose: The Key to Unlocking the Potential of Android App
dicoding
0
370
Spring と AWS サービスを活用して実現する安全なデプロイメント / How to launch safely using Spring and AWS services
kanamasa
4
220
Cloudflare 概論 Cloudflare Meetup Kick Off! #CloudflareUG
maroon1st
0
610
Run Your Firebase for Web App Locally Using Firebase Emulator Suite
dicoding
0
370
CodeCrafters にチャレンジして PHP で Redis を作ってみる
gennei
3
330
Prompt Engineering 勉強会 / 2023.03.21 GPT-4 Prompt 報告会
smiyawaki0820
17
8.3k
Symfony ImportMaps: Manage Your JavaScript Dependencies Without Node
dunglas
1
670
日常業務のカイゼンで図る開発チームへの貢献 - YAPC::Kyoto 2023
koluku
4
590
Les tests dans une application Symfony
alexandresalome
1
650
タクシーアプリ『GO』にLive Activitiesを入れてみた / MoT TechTalk #17
mot_techtalk
0
120
#phperkaigi 名著「パーフェクトPHP」のPart3に出てきたフレームワークを令和5年に書き直したらどんな感じですかね?
o0h
PRO
1
870
kotlin-resultを用いて鉄道志向なエラーハンドリングを試みる
blackbracken
1
170

Featured

See All Featured
How to Ace a Technical Interview
jacobian
270
22k
Practical Orchestrator
shlominoach
178
9k
Why Our Code Smells
bkeepers
PRO
326
55k
What's new in Ruby 2.0
geeforr
336
30k
Faster Mobile Websites
deanohume
296
29k
Reflections from 52 weeks, 52 projects
jeffersonlam
340
18k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
22
1.8k
Done Done
chrislema
178
15k
Building Your Own Lightsaber
phodgson
96
4.9k
We Have a Design System, Now What?
morganepeng
37
6k
Designing the Hi-DPI Web
ddemaree
273
33k
Imperfection Machines: The Place of Print at Facebook
scottboms
255
12k

Transcript

  1. @BastianHofmann
    Introduction to Kubernetes
    Bastian Hofmann

    View Slide

  2. View Slide

  3. Container orchestration platform

    View Slide

  4. Deploy, run and scale your services
    in isolated containers

    View Slide

  5. Very Powerful

    View Slide

  6. Large community

    View Slide

  7. Lot’s of large company backers

    View Slide

  8. No vendor lock in

    View Slide

  9. Runs on

    View Slide

  10. AWS

    View Slide

  11. Azure

    View Slide

  12. Google Cloud Platform

    View Slide

  13. Bare metal

    View Slide

  14. Your laptop

    View Slide

  15. Minikube

    View Slide

  16. Included in Docker Desktop Clients

    View Slide

  17. SysEleven

    View Slide

  18. Learning curve

    View Slide

  19. This talk is supposed to get you
    started

    View Slide

  20. I’m going to explain the basics

    View Slide

  21. I’ll start with deploying a simple PHP
    Web App

    View Slide

  22. and cover some internals

    View Slide

  23. But first

    View Slide

  24. Why containers?

    View Slide

  25. Services run in isolation

    View Slide

  26. Everything needed to run a service in
    one image

    View Slide

  27. Decouple
    Ops and Dev

    View Slide

  28. Make things …

    View Slide

  29. Easier to deploy

    View Slide

  30. Easier to upgrade system
    dependencies

    View Slide

  31. Easier to scale

    View Slide

  32. Easier to develop

    View Slide

  33. Better performance than
    Virtual Machines

    View Slide

  34. View Slide

  35. FROM php:7.2-apache
    WORKDIR /var/www/html
    RUN apt-get update -y && \
    apt-get install -y --no-install-recommends curl \
    rm -rf /var/lib/apt/lists/*
    ENV TMP_DIR /tmp
    COPY . /var/www/html/
    EXPOSE 80
    ENTRYPOINT [“apache2”, “-DFOREGROUND”]

    View Slide

  36. docker build -t symfony-demo:2.0.0 .

    View Slide

  37. docker run -p 8080:80 symfony-demo:2.0.0

    View Slide

  38. Kubernetes helps you running
    containers

    View Slide

  39. OK, sold

    View Slide

  40. Let’s define some core concepts first

    View Slide

  41. Kubernetes Cluster

    View Slide

  42. • A docker image built from
    a Dockerfile that contains
    everything a service needs
    to run
    Image

    View Slide

  43. • A container runs a docker
    image.
    • Only 1 process can run
    inside of a container
    Container

    View Slide

  44. • A group of 1 or more
    containers
    • Same port space
    • Ports are not accessible
    from outside of the pod
    Pod

    View Slide

  45. • Defines and manages how
    many instances of a pod
    should run
    Replica Set

    View Slide

  46. • Manages updates and
    rollbacks of replica sets
    Deployment

    View Slide

  47. • Makes a port of a pod
    accessible to other pods
    Service

    View Slide

  48. • Makes a service
    accessible to the outside
    of Kubernetes
    Ingress

    View Slide

  49. • A physical server
    • Containers get distributed
    automatically
    Node

    View Slide

  50. • Configuration that can be
    mounted inside of a
    container
    ConfigMap

    View Slide

  51. • Volumes can be mounted
    into a container to access
    a ConfigMap, Secret or a
    folder on the host
    Volumes

    View Slide

  52. • Dedicated environment to
    deploy services in
    Namespaces

    View Slide

  53. Example

    View Slide

  54. PHP-FPM
    NGINX
    LINKERD
    STATSD
    MEM

    CACHED
    MONGO

    ROUTER
    PHP Application POD

    View Slide

  55. PHP-FPM
    NGINX
    LINKERD
    STATSD
    MEM

    CACHED
    MONGO

    ROUTER
    PHP Application POD
    ReplicaSet: 2 instances
    PHP-FPM
    NGINX
    LINKERD
    STATSD
    MEM

    CACHED
    MONGO

    ROUTER
    PHP Application POD

    View Slide

  56. PHP-FPM
    NGINX
    LINKERD
    STATSD
    MEM

    CACHED
    MONGO

    ROUTER
    ReplicaSet: 2 instances
    PHP-FPM
    NGINX
    LINKERD
    STATSD
    MEM

    CACHED
    MONGO

    ROUTER
    CONFIG
    WEB :80
    PHP Application POD PHP Application POD

    View Slide

  57. PHP-FPM
    NGINX
    LINKERD
    STATSD
    MEM

    CACHED
    MONGO

    ROUTER
    ReplicaSet: 2 instances
    PHP-FPM
    NGINX
    LINKERD
    STATSD
    MEM

    CACHED
    MONGO

    ROUTER
    CONFIG
    WEB :80
    https://php-app.k8s.foo.com:443/
    PHP Application POD PHP Application POD

    View Slide

  58. To interact with Kubernetes

    View Slide

  59. Tooling

    View Slide

  60. kubectl

    View Slide

  61. $ kubectl get pods

    View Slide

  62. NAME READY
    STATUS RESTARTS AGE
    kubernetes-dashboard-5b5bf59977-t9xb9 1/1
    Running 2 9d
    nginx-ingress-controller-5549f5597c-97kcw 0/1
    Running 2 9d
    nginx-ingress-default-backend-564d9d9477-tmnnr 1/1
    Running 4 9d
    mysql-556c9b5bcb-5jdrt 1/1
    Running 1 8d
    symfony-demo-5b75f5fc6-c7wr9 1/1
    Running 0 8d
    symfony-demo-5b75f5fc6-jg8n4 1/1
    Running 23 8d

    View Slide

  63. REST API

    View Slide

  64. $ kubectl proxy --port=8080
    $ curl http://localhost:8080/api/v1/namespaces/default/
    pods
    {
    "kind": "PodList",
    "apiVersion": "v1",
    "metadata": {
    "selfLink": "/api/v1/namespaces/default/pods",
    "resourceVersion": "336834"
    },
    "items": [
    {
    "metadata": {
    "name": "kubernetes-dashboard-5b5bf59977-t9xb9",

    View Slide

  65. kubernetes-dashboard

    View Slide

  66. View Slide

  67. Helm
    The package manager for
    Kubernetes

    View Slide

  68. $ helm install stable/wordpress

    View Slide

  69. Practical example

    View Slide

  70. Preparations

    View Slide

  71. Install Docker Client

    View Slide

  72. View Slide

  73. Install helm

    View Slide

  74. $ brew install kubernetes-helm

    View Slide

  75. $ helm init

    View Slide

  76. Install
    kubernetes-dashboard

    View Slide

  77. $ helm install stable/kubernetes-dashboard -f kubernetes-
    dashboard.yaml

    View Slide

  78. Install
    nginx-ingress-controller

    View Slide

  79. $ helm install stable/nginx-ingress -f ingress-
    controller.yaml

    View Slide

  80. Let’s deploy the symfony demo app

    View Slide

  81. https:/
    /github.com/symfony/demo

    View Slide

  82. First the Dockerfile

    View Slide

  83. PHP

    View Slide

  84. Copy our code

    View Slide

  85. Build the project

    View Slide

  86. Composer install

    View Slide

  87. yarn install

    View Slide

  88. yarn run build

    View Slide

  89. Build the image

    View Slide

  90. docker build -t symfony-demo:2.0.0 .

    View Slide

  91. Demo

    View Slide

  92. Now we have to tell Kubernetes
    what to do with the image

    View Slide

  93. Resources are defined in YAML or
    JSON

    View Slide

  94. Deployment

    View Slide

  95. kind: Deployment
    apiVersion: extensions/v1beta1
    metadata:
    name: symfony-demo
    spec:
    template:
    metadata:
    labels:
    app: symfony-demo
    spec:
    containers:
    - name: symfony-demo
    image: symfony-demo:1.0.0
    ports:

    View Slide

  96. containers:
    - name: symfony-demo
    image: symfony-demo:1.0.0
    ports:
    - containerPort: 80
    livenessProbe:
    httpGet:
    path: /
    port: 80
    timeoutSeconds: 1
    initialDelaySeconds: 10
    readinessProbe:
    httpGet:
    path: /

    View Slide

  97. Many more options configurable

    View Slide

  98. Many more options
    • Setting environment variables
    • Mounting volumes
    • Requesting resources
    • Defining upgrade strategies
    • Defining command
    • Configure networking
    • Configure the scheduler
    • Listen on lifecycle events
    • Configure system capabilities for the container
    • …

    View Slide

  99. Service

    View Slide

  100. kind: Service
    apiVersion: v1
    metadata:
    name: symfony-demo
    spec:
    ports:
    -
    name: http
    port: 80
    targetPort: 80
    protocol: TCP
    selector:
    app: symfony-demo

    View Slide

  101. Ingress

    View Slide

  102. kind: Ingress
    apiVersion: extensions/v1beta1
    metadata:
    name: symfony-demo
    spec:
    rules:
    - host: symfony-demo.local.k8s
    http:
    paths:
    - path: /
    backend:
    serviceName: symfony-demo
    servicePort: 80

    View Slide

  103. Creating everything

    View Slide

  104. kubectl apply -f deployment/webapp.yaml

    View Slide

  105. View Slide

  106. Rolling Deployments

    View Slide

  107. kind: Deployment
    apiVersion: extensions/v1beta1
    metadata:
    name: symfony-demo
    spec:
    template:
    spec:
    containers:
    - name: symfony-demo
    image: symfony-demo:1.1.0
    ports:
    - containerPort: 80

    View Slide

  108. kubectl apply -f deployment/webapp.yaml

    View Slide

  109. Demo

    View Slide

  110. These are the basics

    View Slide

  111. There are other types of deploying
    things into Kubernetes

    View Slide

  112. CronJobs

    View Slide

  113. Regularly repeating jobs

    View Slide

  114. apiVersion: batch/v1beta1
    kind: CronJob
    metadata:
    name: cron-job
    spec:
    schedule: "*/1 * * * *"
    jobTemplate:
    spec:
    template:
    spec:
    containers:
    - name: cron-job
    image: your-cron-job
    restartPolicy: OnFailure

    View Slide

  115. How does Kubernetes work
    internally

    View Slide

  116. Service Discovery

    View Slide

  117. Within a pod

    View Slide

  118. Shared port namespace

    View Slide

  119. Separate file systems

    View Slide

  120. Separate process spaces

    View Slide

  121. Network wise everything behaves
    like localhost

    View Slide

  122. Between pods

    View Slide

  123. You have to expose ports with
    services

    View Slide

  124. kind: Service
    apiVersion: v1
    metadata:
    name: symfony-demo
    spec:
    ports:
    -
    name: http
    port: 80
    targetPort: 80
    protocol: TCP
    selector:
    app: symfony-demo

    View Slide

  125. Every service has a virtual IP address

    View Slide

  126. $ kubectl get service symfony-demo
    NAME TYPE CLUSTER-IP PORT(S) AGE
    symfony-demo ClusterIP 10.106.119.24 80/TCP 6d

    View Slide

  127. Discoverable in other containers by

    View Slide

  128. Environment Variables

    View Slide

  129. SYMFONY_DEMO_SERVICE_HOST=10.106.119.24
    SYMFONY_DEMO_SERVICE_PORT=80

    View Slide

  130. DNS

    View Slide

  131. $ nslookup symfony-demo
    Server: 10.0.0.10
    Address 1: 10.0.0.10
    Name: symfony-demo
    Address 1: 10.106.119.24

    View Slide

  132. $ curl http://symfony-demo

    View Slide

  133. Alternatively

    View Slide

  134. Service Mesh

    View Slide

  135. LinkerD
    https:/
    /linkerd.io/

    View Slide

  136. Istio
    https:/
    /istio.io/

    View Slide

  137. Conduit
    https:/
    /conduit.io/

    View Slide

  138. PHP-FPM
    NGINX
    LINKERD
    STATSD
    MEM

    CACHED
    MONGO

    ROUTER
    PHP Application POD

    View Slide

  139. PHP-FPM
    NGINX
    LINKERD
    STATSD
    MEM

    CACHED
    MONGO

    ROUTER
    PHP Application POD
    NodeJS LINKERD
    NodeJS Service POD
    NodeJS LINKERD
    NodeJS Service POD

    View Slide

  140. PHP-FPM
    NGINX
    LINKERD
    STATSD
    MEM

    CACHED
    MONGO

    ROUTER
    PHP Application POD
    NodeJS LINKERD
    NodeJS Service POD
    NodeJS LINKERD
    NodeJS Service POD

    View Slide

  141. PHP-FPM
    NGINX
    LINKERD
    STATSD
    MEM

    CACHED
    MONGO

    ROUTER
    PHP Application POD
    NodeJS LINKERD
    NodeJS Service POD
    NodeJS LINKERD
    NodeJS Service POD

    View Slide

  142. PHP-FPM
    NGINX
    LINKERD
    STATSD
    MEM

    CACHED
    MONGO

    ROUTER
    PHP Application POD
    NodeJS LINKERD
    NodeJS Service POD
    NodeJS LINKERD
    NodeJS Service POD

    View Slide

  143. Benefits

    View Slide

  144. Advanced routing

    View Slide

  145. Prefer service in current namespace,
    fall back to default namespace

    View Slide

  146. Canary deployments

    View Slide

  147. A/B Testing

    View Slide

  148. Advanced monitoring

    View Slide

  149. View Slide

  150. Profiling

    View Slide

  151. Zipkin

    View Slide

  152. View Slide

  153. What about data?

    View Slide

  154. Storage

    View Slide

  155. Volumes

    View Slide

  156. https:/
    /kubernetes.io/docs/concepts/
    storage/volumes/

    View Slide

  157. apiVersion: v1
    kind: Pod
    metadata:
    name: test-pd
    spec:
    containers:
    - image: k8s.gcr.io/test-webserver
    name: test-container
    volumeMounts:
    - mountPath: /cache
    name: cache-volume
    volumes:
    - name: cache-volume
    emptyDir: {}

    View Slide

  158. Persistent Storage

    View Slide

  159. You define a Persistent Volume or
    Storage Class, e.g. NFS, …

    View Slide

  160. Depends on your Kubernetes Setup

    View Slide

  161. Each pod can specify a Persistent
    Volume Claim

    View Slide

  162. apiVersion: v1
    kind: PersistentVolumeClaim
    metadata:
    name: postgresql-pv-claim
    labels:
    name: postgresql
    spec:
    storageClassName: generic
    accessModes:
    - ReadWriteOnce
    resources:
    requests:
    storage: 10Gi

    View Slide

  163. And then mount the Claim into a
    Volume in a container

    View Slide

  164. apiVersion: extensions/v1beta1
    kind: Deployment
    metadata:
    name: postgresql
    spec:
    template:
    spec:
    containers:

    volumes:
    - name: postgresql-data
    persistentVolumeClaim:
    claimName: postgresql-pv-claim

    View Slide

  165. https:/
    /kubernetes.io/docs/concepts/
    storage/persistent-volumes/

    View Slide

  166. Configuration

    View Slide

  167. Should not be included in the docker
    image

    View Slide

  168. ConfigMap

    View Slide

  169. Key/Value Store

    View Slide

  170. kind: ConfigMap
    apiVersion: v1
    metadata:
    name: special-config
    data:
    special-key: value
    bool-value: true

    View Slide

  171. Can be accessed in a pod through
    environment variables

    View Slide

  172. spec:
    containers:
    - name: test-container
    image: k8s.gcr.io/busybox
    command: [ "/bin/sh", "-c", "env" ]
    env:
    - name: SPECIAL_KEY
    valueFrom:
    configMapKeyRef:
    name: special-config
    key: special-key

    View Slide

  173. spec:
    containers:
    - name: test-container
    image: k8s.gcr.io/busybox
    command: [ "/bin/sh", "-c", "env" ]
    envFrom:
    - configMapRef:
    name: special-config

    View Slide

  174. Can be accessed through volumes

    View Slide

  175. spec:
    containers:
    - name: test-container
    image: k8s.gcr.io/busybox
    command: [ "/bin/sh", "-c", "ls /etc/config/" ]
    volumeMounts:
    - name: config-volume
    mountPath: /etc/config
    volumes:
    - name: config-volume
    configMap:
    name: special-config

    View Slide

  176. https:/
    /kubernetes.io/docs/tasks/
    configure-pod-container/configure-pod-
    configmap/

    View Slide

  177. Secret

    View Slide

  178. Storage for sensitive information

    View Slide

  179. https:/
    /kubernetes.io/docs/concepts/
    configuration/secret

    View Slide

  180. Scaling

    View Slide

  181. Manual Scaling

    View Slide

  182. kubectl scale --replicas=3 deployment/my-app

    View Slide

  183. AutoScaling

    View Slide

  184. https:/
    /kubernetes.io/docs/user-guide/
    horizontal-pod-autoscaling/

    View Slide

  185. Summary

    View Slide

  186. Powerful

    View Slide

  187. Helpful

    View Slide

  188. Fast paced development

    View Slide

  189. https:/
    /gravitational.com/blog/
    kubernetes-release-cycle/

    View Slide

  190. Keep up to date

    View Slide

  191. Documentation

    View Slide

  192. https:/
    /kubernetes.io/docs/

    View Slide

  193. KubeCons

    View Slide

  194. https:/
    /www.youtube.com/channel/
    UCvqbFHwN-nwalWPjPUKpvTA

    View Slide

  195. http:/
    /speakerdeck.com/
    u/bastianhofmann

    View Slide

  196. [email protected]
    https:/
    /twitter.com/BastianHofmann

    View Slide

  197. Backup Slides

    View Slide

  198. Figuring out what’s going on inside
    Kubernetes

    View Slide

  199. Monitoring

    View Slide

  200. Heapster

    View Slide

  201. https:/
    /github.com/kubernetes/heapster

    View Slide

  202. Takes metrics from Kubernetes and
    stores them in a monitoring solution

    View Slide

  203. InfluxDB

    View Slide

  204. Prometheus

    View Slide

  205. Grafana for displaying the data

    View Slide

  206. View Slide

  207. View Slide

  208. https:/
    /blog.kublr.com/how-to-utilize-the-
    heapster-influxdb-grafana-stack-in-
    kubernetes-for-monitoring-
    pods-4a553f4d36c9

    View Slide

  209. Logging

    View Slide

  210. kubectl logs

    View Slide

  211. $ kubectl logs symfony-demo-5b75f5fc6-
    c7wr9

    View Slide

  212. Log to
    stdout & stderr

    View Slide

  213. Automatically written to disk

    View Slide

  214. DaemonSet Log collector

    View Slide

  215. • Logstash
    • Fluentd
    • Filebeat

    View Slide

  216. Central log management

    View Slide

  217. View Slide

  218. https:/
    /www.elastic.co/blog/shipping-
    kubernetes-logs-to-elasticsearch-with-
    filebeat

    View Slide