12 factors Kubernetes

Transcript

1. 1 Pyxida © 2018 - Reproduction interdite sans autorisation préalable

   Bordeaux 33000 > France > www.pyxida.io 12 factors Kubernetes Meetup CNCF Bordeaux #2 Etienne Coutaud 11 Décembre 2018

2. 2 Pyxida © 2018 - Reproduction interdite sans autorisation préalable

   Consultant CaaS @Pyxida Certified Kubernetes Administrator (CKA) https://github.com/etiennecoutaud @etiennecoutaud 2 $ whoami

3. 3 Pyxida © 2018 - Reproduction interdite sans autorisation préalable

   Bordeaux 33000 > France > www.pyxida.io 01 1 Pod = 1 or n containers

4. 4 Pyxida © 2018 - Reproduction interdite sans autorisation préalable

   Pods multi containers Designs Patterns cache shard n Sidecar Ambassador Adapter Extend pod function Represent (proxy) Expose and normalize App Log Streaming App Cache Proxy App Monitoring adapter Logs Log aggregator cache shard 1 Monitoring service cache shard 1

5. 5 Pyxida © 2018 - Reproduction interdite sans autorisation préalable

   Bordeaux 33000 > France > www.pyxida.io 02 Labels everywhere

6. 6 Pyxida © 2018 - Reproduction interdite sans autorisation préalable

   Labeling for technical and management reasons LabelSelector Label LabelSelector Label Label app=php app=java app=php env=prod type=db app=node env=dev version=1.1

7. 7 Pyxida © 2018 - Reproduction interdite sans autorisation préalable

   Bordeaux 33000 > France > www.pyxida.io 03 Infrastructure as code Code versionning

8. 8 Pyxida © 2018 - Reproduction interdite sans autorisation préalable

   Infrastructure as code is code docker pipeline kubernetes pipeline App code (Dockerfile) infrastructure code (*.yml) Image docker Ressource k8s Ressource k8s Ressource k8s Registry cluster k8s build push push apply

9. 9 Pyxida © 2018 - Reproduction interdite sans autorisation préalable

   Bordeaux 33000 > France > www.pyxida.io 04 Use Service to expose

10. 10 Pyxida © 2018 - Reproduction interdite sans autorisation préalable

    One service for each use case 10 ClusterIP NodePort LoadBalancer Headless (ClusterIP=None) External

11. 11 Pyxida © 2018 - Reproduction interdite sans autorisation préalable

    Bordeaux 33000 > France > www.pyxida.io 05 Use Configmaps and Secrets to manage configuration

12. 12 Pyxida © 2018 - Reproduction interdite sans autorisation préalable

    Configuration as a service Namespace Kubernetes cluster wide configuration configmap.yml secret.yml App configuration configmap.yml secret.yml Devs Admins

13. 13 Pyxida © 2018 - Reproduction interdite sans autorisation préalable

    Bordeaux 33000 > France > www.pyxida.io 06 Limits and request for resources management

14. 14 Pyxida © 2018 - Reproduction interdite sans autorisation préalable

    Improve scheduling and protect against fork bomb 250Mo 1 RAM CPU Limits 1GO 2 Request 1 RAM CPU 1,5GO 2

15. 15 Pyxida © 2018 - Reproduction interdite sans autorisation préalable

    Bordeaux 33000 > France > www.pyxida.io 07 Pods lifecycle

16. 16 Pyxida © 2018 - Reproduction interdite sans autorisation préalable

    Use deployment to manage pods deployment.yml replicaSet description Pods description $ kubectl apply -f deployment.yml Manage rolling update Manage replicas deployment description

17. 17 Pyxida © 2018 - Reproduction interdite sans autorisation préalable

    Bordeaux 33000 > France > www.pyxida.io 08 Probes to monitor your pods

18. 18 Pyxida © 2018 - Reproduction interdite sans autorisation préalable

    Become resilient LivenessProbe ReadinessProbe OK OK KO KO KO OK Set up probes Pod is destroy and restart Pods go out of load balancing pool

19. 19 Pyxida © 2018 - Reproduction interdite sans autorisation préalable

    Bordeaux 33000 > France > www.pyxida.io 09 Latest is not a version

20. 20 Pyxida © 2018 - Reproduction interdite sans autorisation préalable

    Build once run everywhere Feature Branch DEV RE7 PPROD PROD myapp myapp myapp myapp myapp 34u67gfx6 dev re7 pprod latest merge/promote promote promote tag/promote v1.0

21. 21 Pyxida © 2018 - Reproduction interdite sans autorisation préalable

    Bordeaux 33000 > France > www.pyxida.io 10 Pods are stateless (if they dont’ need to be statefull)

22. 22 Pyxida © 2018 - Reproduction interdite sans autorisation préalable

    What happens if my pod is stateful ? State horizontal scaling State State State round robin

23. 23 Pyxida © 2018 - Reproduction interdite sans autorisation préalable

    Bordeaux 33000 > France > www.pyxida.io 11 Volumes are mount on a distributed storage system

24. 24 Pyxida © 2018 - Reproduction interdite sans autorisation préalable

    Kubernetes stateful way architecture 500Mo Distributed storage 1Go 1Go 5Go 10Go 10Go 50Go 3Go 20Go

25. 25 Pyxida © 2018 - Reproduction interdite sans autorisation préalable

    Bordeaux 33000 > France > www.pyxida.io 12 Mind your code 12 factors app compliant

26. 26 Pyxida © 2018 - Reproduction interdite sans autorisation préalable

    12 good practices by Heroku Main factors : • Use version control system to manage your code • Expose an healthcheck URL in your app • Thinks your app stateless • Use variables environment to configure your app • Log on stdout/stderr • Manage graceful shutdown/start

27. 27 Pyxida © 2018 - Reproduction interdite sans autorisation préalable

    Bordeaux 33000 > France > www.pyxida.io Take Away ! • Embrace Kubernetes paradigm • Don’t bring infrastructure complexity into your code • Think your application “cloud ready” for better management • Don’t install Kubernetes, Prefer Managed Services if you can • “Think Big, Start Small” • Use Kubernetes community

28. 28 Pyxida © 2018 - Reproduction interdite sans autorisation préalable

    www.pyxida.io Bordeaux 33000 > France > www.pyxida.io