GCPUG - Kubernetes and Container Engine

GCPUG - Kubernetes and Container Engine

A1af6e45dfb6e6cb9a64834484adf788?s=128

Sandeep Parikh

March 02, 2016
Tweet

Transcript

  1. Kubernetes & Container Engine Sandeep Parikh Solutions Architect @crcsmnky

  2. 2 Google Cloud Platform Container Challenges “If we run our

    containers on VMs, I don’t want to manage anything” “How do I get my containers to talk to one another?” “Where should I run my containers? “How do we ensure our containers are running smoothly?”
  3. None
  4. Google launches over 2 billion containers each week

  5. Kubernetes is based on years of experience running containers at

    scale
  6. 6 Google Cloud Platform • Run and manage a cluster

    of containers as a single system • Orchestrate containers by scheduling on to cluster nodes • Ensure state and group into units for management and discovery • Open source and developed in the open • Driven by the community http://cncf.io • Deployable everywhere Kubernetes
  7. 7 CNCF

  8. Confidential & Proprietary Google Cloud Platform 8 Building Blocks

  9. 9 Google Cloud Platform cluster

  10. 10 Google Cloud Platform cluster virtual machines that Kubernetes manages

  11. 11 Google Cloud Platform cluster node master node node

  12. 12 Google Cloud Platform cluster node master node node node

    node node node node node node node node node node node node node node node node node cluster
  13. 13 Google Cloud Platform pod

  14. 14 Google Cloud Platform pod group of containers sharing storage

    and network pod
  15. 15 Google Cloud Platform pod.yaml apiVersion: v1 kind: Pod metadata:

    name: nginx spec: containers: - name: nginx image: nginx ports: - containerPort: 80 pod.yaml
  16. 16 Google Cloud Platform pod.yaml node master node node pod.yaml

  17. 17 Google Cloud Platform pod.yaml node master node node pod.yaml

  18. 18 Google Cloud Platform pod.yaml node master node node pod.yaml

  19. 19 Google Cloud Platform replication controller

  20. 20 Google Cloud Platform replication controller ensure N pods are

    running replication controller
  21. 21 Google Cloud Platform rc.yaml kind: ReplicationController apiVersion: v1 metadata:

    name: frontend spec: replicas: 4 selector: role: www template: metadata: name: www labels: role: www spec: containers: - name: nginx image: nginx ports: - containerPort: 80 rc.yaml
  22. 22 Google Cloud Platform rc.yaml kind: ReplicationController apiVersion: v1 metadata:

    name: frontend spec: replicas: 4 selector: role: www template: metadata: name: www labels: role: www spec: containers: - name: nginx image: nginx ports: - containerPort: 80 rc.yaml
  23. 23 Google Cloud Platform rc.yaml kind: ReplicationController apiVersion: v1 metadata:

    name: frontend spec: replicas: 4 selector: role: www template: metadata: name: www labels: role: www spec: containers: - name: nginx image: nginx ports: - containerPort: 80 rc.yaml
  24. 24 Google Cloud Platform rc.yaml kind: ReplicationController apiVersion: v1 metadata:

    name: frontend spec: replicas: 4 selector: role: www template: metadata: name: www labels: role: www spec: containers: - name: nginx image: nginx ports: - containerPort: 80 rc.yaml
  25. 25 Google Cloud Platform rc.yaml node master node node rc.yaml

  26. 26 Google Cloud Platform rc.yaml node master node node rc.yaml

  27. 27 Google Cloud Platform node master node node rc.yaml rc.yaml

  28. Confidential & Proprietary Google Cloud Platform 28 How do we

    connect to the pods?
  29. 29 Google Cloud Platform service service

  30. 30 Google Cloud Platform service abstraction to communicate with pods

    service
  31. 31 Google Cloud Platform service master service service

  32. 32 Google Cloud Platform service master service service

  33. 33 Google Cloud Platform service master service service service

  34. 34 Google Cloud Platform service master service public load balancer

    service service
  35. 35 Google Cloud Platform svc.yaml kind: Service apiVersion: v1 metadata:

    name: www-frontend spec: ports: - name: http port: 80 targetPort: 80 protocol: TCP selector: role: www type: LoadBalancer svc.yaml
  36. 36 Google Cloud Platform svc.yaml kind: Service apiVersion: v1 metadata:

    name: www-frontend spec: ports: - name: http port: 80 targetPort: 80 protocol: TCP selector: role: www type: LoadBalancer svc.yaml
  37. 37 Google Cloud Platform svc.yaml kind: Service apiVersion: v1 metadata:

    name: www-frontend spec: ports: - name: http port: 80 targetPort: 80 protocol: TCP selector: role: www type: LoadBalancer svc.yaml
  38. Confidential & Proprietary Google Cloud Platform 38 Container Engine

  39. 39 Google Cloud Platform Google Container Engine Hosted Kubernetes with

    managed resources Run clusters on a bundle of Google Compute Engine resources: Instances, Disks, Networking, Load Balancer Built-in support for centralized logging and container health checking Private container registry at gcr.io
  40. Confidential & Proprietary Google Cloud Platform 40 What’s New

  41. 41 Google Cloud Platform New in Kubernetes 1.1 • Ingress

    (L7) • iptables kube-proxy • ConfigMaps • Deployments • Jobs • DaemonSets • Graceful Termination • Horizontal Pod Autoscaling • Cluster Node Scaling
  42. 42 Google Cloud Platform Ingress Services are assumed L3/L4 Lots

    of apps want HTTP/HTTPS Ingress maps incoming traffic to backend services • by HTTP host headers • by HTTP URL paths HAProxy, NGINX, AWS and GCE implementations in progress Now with SSL! Status: BETA in Kubernetes v1.2 URL Map Client
  43. 43 Google Cloud Platform iptables kube-proxy

  44. 44 Google Cloud Platform ConfigMaps Problem: how to manage app

    configuration • ...without making overly-brittle container images 12-factor says config comes from the environment • Kubernetes is the environment Manage config via the Kubernetes API Inject config as a virtual volume into your Pods • late-binding, live-updated (atomic) • also available as env vars Status: GA in Kubernetes v1.2 node API Pod Config Map
  45. 45 Google Cloud Platform Deployments Rolling update is too imperative

    Deployment manages RC changes for you • stable object name • updates are done server-side rather than client • kubectl edit or kubectl apply is all you need Aggregates stats Can have multiple updates in flight Status: BETA in Kubernetes v1.2 ...
  46. 46 Google Cloud Platform Jobs Run-to-completion, as opposed to run-forever

    • Express parallelism vs. required completions • Workflow: restart on failure • Build/test: don’t restart on failure Aggregates success/failure counts Built for batch and big-data work Status: GA in Kubernetes v1.2 ...
  47. 47 Google Cloud Platform Daemon Sets Problem: how to run

    a Pod on every node • or a subset of nodes Similar to ReplicationController • principle: do one thing, don’t overload “Which nodes?” is a selector Use familiar tools and patterns Status: BETA in Kubernetes v1.2 Pod
  48. 48 Google Cloud Platform Graceful Termination Give pods time to

    clean up • finish in-flight operations • log state • flush to disk • 30 seconds by default Catch SIGTERM, cleanup, exit ASAP Pod status “Terminating” Declarative: ‘DELETE’ manifests as an object field in the API
  49. 49 Google Cloud Platform HorizontalPodAutoScalers Automatically scale ReplicationControllers to a

    target utilization • CPU utilization for now • Probably more later Operates within user-defined min/max bounds Set it and forget it Status: GA in Kubernetes v1.2 ... Stats
  50. 50 Google Cloud Platform Cluster Scaling Add nodes when needed

    • e.g. CPU usage too high • nodes self-register with API server Remove nodes when not needed • e.g. CPU usage too low Status: Works on GCE, need other implementations ...
  51. Confidential & Proprietary Google Cloud Platform 51 Coming Soon

  52. 52 Google Cloud Platform Coming Soon • Cron (scheduled jobs)

    • Custom metrics • “Apply” a config (even more declarative) • Interactive containers • Bandwidth shaping • Third-party API objects • Scalability: 1000 nodes, 100+ pods/node • Performance • Machine-generated Go clients (less deps!) • Volume usage stats • Multi-zone (AZ) support • Multi-scheduler support • Node affinity and anti-affinity • Multi-cluster federation • API federation • More volume types • Private Docker registry • External DNS integration • Volume classes and auto-provisioning • Node fencing • DiY Cloud Provider plugins • More container runtimes (e.g. Hyper) • Better auth{n,z} • Network policy (micro-segmentation) • Big data integrations • Device scheduling (e.g. GPUs)
  53. 53 Google Cloud Platform Kubernetes Status and Plans Open sourced

    in June, 2014 • v1.0 in July, 2015 • v1.1 in November, 2015 • v1.2 ... soon! Google Container Engine (GKE) • hosted Kubernetes - don’t think about cluster setup PaaSes: • RedHat OpenShift, Deis, Stratos Distros: • CoreOS Tectonic, Mirantis Murano (OpenStack),RedHat Atomic, Mesos Hitting a ~3 month release cadence
  54. Thanks!