Application Container Design

Transcript

1. INNOQ / Application Container Design mit Kubernetes INNOQ Technology Night

   Zürich Application Container Design mit Kubernetes

2. https://innoq.com/ Berlin ・ Düsseldorf ・ Frankfurt ・ München ・ Zürich

   2

3. Berlin ・ Düsseldorf ・ Frankfurt ・ München ・ Zürich Christopher

   Schmidt Senior Consultant @fakod • Kubernetes • Container • Architecture • Training • Consulting 3

4. INNOQ / Application Container Design mit Kubernetes From DDD to

   Production Architecture ❏ SCS ❏ µServices DDD ❏ Contexts ❏ Ctx Mapping 4

5. INNOQ / Application Container Design mit Kubernetes Recap Microservices ❏

   easy to replace ❏ one team, one µService ❏ small in size ❏ messaging enabled ❏ bounded by contexts ❏ independently deployable ❏ implemented using different technologies 5

6. INNOQ / Application Container Design mit Kubernetes Recap SCS Systems

   as complete units of DB, Logic, UI Isolated, independent, autonomous System System 6

7. INNOQ / Application Container Design mit Kubernetes From DDD to

   Production ? Production ❏ Container ❏ Platform Architecture ❏ SCS ❏ µServices DDD ❏ Contexts ❏ Ctx Mapping 7

8. INNOQ / Application Container Design mit Kubernetes Kubernetes Capabilities Node

   1 Node 2 Node 3 Node 10000 Master Master Master 110 110 110 110 ... 8

9. INNOQ / Application Container Design mit Kubernetes My Application Spring

   Boot Provide production-ready features such as ❏ metrics, ❏ health checks ❏ configuration Stand-alone application Embed Tomcat, Jetty Automatically configures Spring Jobs Spring MVC 9

10. INNOQ / Application Container Design mit Kubernetes Finally: My Application

    Spring Boot can do everything anyway DB solves any persistence issues 10

11. INNOQ / Application Container Design mit Kubernetes Kubernetes and Application

    Node 1 Node 2 Node 3 Node 10000 Master Master Master ... 11

12. INNOQ / Application Container Design mit Kubernetes Application Container Design

    Production ❏ Container ❏ Platform Architecture ❏ SCS ❏ µServices DDD ❏ Contexts ❏ Ctx Mapping Application Container Design ? 12

13. INNOQ / Application Container Design mit Kubernetes there is no

    software architecture without production view 13

14. INNOQ / Application Container Design mit Kubernetes 4+1 architectural view

    model Logical view: • functionality provided to end-users • UML Diagrams Process view: • dynamic aspects • processes and how they communicate Physical view: • topology of software components on the physical layer • network connections Development view: • programmer's perspective • software management 14

15. INNOQ / Application Container Design mit Kubernetes Kubernetes Revolution? 15

16. INNOQ / Application Container Design mit Kubernetes Resource Abstraction &

    Container Isolation machine 3 machine 3 Ressourcen Abstraction machine 1 machine 2 machine 3 Application A Application B Application C Service Endpoints Group of Container Configurations Network … YAML / JSON / HTTP 16

17. INNOQ / Application Container Design mit Kubernetes Deployment Replica Set

    POD Resource Abstraction C C C C C C C C C C C C Ing Deployment Replica Set POD Kubernetes Flat Container level management C C C Srv Srv 17

18. INNOQ / Application Container Design mit Kubernetes The Pod Ressource?

    Pod Container Container Container “Logical Host” • containers are tightly coupled • co-located and co-scheduled • run in a shared context • shared storage (volumes) • has its own IP 18

19. INNOQ / Application Container Design mit Kubernetes Are there Pattern

    for Container? 19

20. INNOQ / Application Container Design mit Kubernetes What are Container

    Pattern? ❏ Is valid for container as it is for OOP ❏ Provide general reusable solutions to a common problem ❏ Simplifies reuse of images ❏ Can help to modularize on container level ❏ Separation of Concerns ❏ Isolation 20

21. INNOQ / Application Container Design mit Kubernetes Single Node, Container

    Pattern 21

22. INNOQ / Application Container Design mit Kubernetes Pod Sidekick /

    Sidecar Proxy / Adapter Main App Container 1 2 3 Pod / Logical Host Container Communication Link 22

23. INNOQ / Application Container Design mit Kubernetes Sidekick / Sidecar

    Can be used to abstract communication or infrastructure details • Protocol switch • Authorization • Encryption • Circuit Breaker Pattern • Traffic limiting • . . . 23

24. INNOQ / Application Container Design mit Kubernetes Pod Adapter Pattern

    Monitoring Adapter Main App Container Complex Centralized Monitoring System Simple interface 24

25. INNOQ / Application Container Design mit Kubernetes Adapter Pattern apiVersion:

    v1 kind: Pod metadata: name: the-application spec: containers: - name: my-server image: innoq/web-server:latest - name: mon-adapter image: innoq/monitoring-adapter:v1.0.3 • separation of concerns • testability • reuse • flexibility dependency injection 25

26. INNOQ / Application Container Design mit Kubernetes Multi Node, Container

    Pattern 26

27. INNOQ / Application Container Design mit Kubernetes Application Pod Application

    Pod Work Queue Pattern User Supplied Container Work Execution Framework Container Work Coordination Container Application Pod User Supplied Container Work Execution Framework Container Implementation 27

28. INNOQ / Application Container Design mit Kubernetes Scatter / Gather

    (Messaging Pattern) Root Framework Container query():response merge([]response) User Supplied Container Merge Execution Framework Container User Supplied Container Query Execution Framework Container User Supplied Container Query Execution Framework Container User Supplied Container Query Execution Framework Container 28

29. INNOQ / Application Container Design mit Kubernetes All this are

    Pattern, that run distributed on a cluster of nearly infinite machines 29

30. INNOQ / Application Container Design mit Kubernetes Modularize in Container

    by... ➔ Architecture / Business Logic ➔ Implements NFRs at runtime ➔ Has a Framework characteristics 30

31. INNOQ / Application Container Design mit Kubernetes Further Modularization? 31

32. INNOQ / Application Container Design mit Kubernetes FaaS 32

33. INNOQ / Application Container Design mit Kubernetes Use Functions... ➔

    Event trigger ➔ Business logic that can be decomposed into simple functions ➔ Simple tasks ➔ Workflow of tasks 33

34. INNOQ / Application Container Design mit Kubernetes Use Functions… advantages:

    ➔ No Build System ➔ No Dockerfiles ➔ No Deployment Descriptors ➔ No Server ➔ No Cluster Sizing ➔ No Workload Scaling 34

35. INNOQ / Application Container Design mit Kubernetes Kubernetes FaaS Frameworks

    • OpenFaaS • Kubeless • Fission • Knative • . . . 35

36. INNOQ / Application Container Design mit Kubernetes Operator Pattern 36

37. INNOQ / Application Container Design mit Kubernetes Why is is

    difficult to Operate things? Day 1 is quite simple (could be done by e.g. HELM) Day 2 operations: • Up- and downscaling (complex) • Backup and restore • Version bump • Resilience, Encryption, Identities etc. ➡ Operators 37

38. INNOQ / Application Container Design mit Kubernetes Operator • Operating-a-tool

    knowledge baked into code • Is a running Container in K8s (POD) • Talks to the K8s API as you do it with kubectl • Uses the API extensibility of K8s 38

39. INNOQ / Application Container Design mit Kubernetes etcd-X cluster Operator

    example ETCD etcd Operator etcd Manages Cluster CR: etcd-X Kubernetes API etcd apiVersion: etcd.database.coreos.com/v1beta2 kind: EtcdCluster metadata: name: etcd-X spec: size: 3 etcd 39

40. INNOQ / Application Container Design mit Kubernetes Operator example Kafka

    (Strimzi) Creates / deploys • Kafka cluster of broker nodes • ZooKeeper cluster of replicated ZooKeeper instances • Kafka Connect cluster for external data connections • Kafka MirrorMaker cluster to mirror the Kafka cluster in a secondary cluster • Kafka Exporter to extract Kafka metrics data for monitoring • Kafka Bridge to make HTTP-based requests to the Kafka cluster 40

41. INNOQ / Application Container Design mit Kubernetes Operator example Kafka

    (Strimzi) Manages... • Topics • Users • Connections • Security (Encryption, Authentication etc.) • . . . 41

42. INNOQ / Application Container Design mit Kubernetes Example Kafka Cluster

    apiVersion: kafka.strimzi.io/v1beta1 kind: Kafka metadata: name: my-cluster spec: kafka: replicas: 3 version: 0.16.1 jvmOptions: -Xmx: 8192m listeners: tls: authentication: type: tls external: type: route authentication: type: tls authorization: type: simple config: auto.create.topics.enable : "false" offsets.topic.replication.factor : 3 transaction.state.log.replication.factor : 3 transaction.state.log.min.isr : 2 storage: type: persistent-claim size: 10000Gi 42

43. INNOQ / Application Container Design mit Kubernetes Operator example vendor

    API complexity 43 K8s P P P P Vendor A SQL MSG Vendor B MSG Vendor C Search O

44. INNOQ / Application Container Design mit Kubernetes Usual App characteristic

    and Day 2 issues? • Distributed Computing • Shared Nothing Architecture • Network between Services • Encryption • Identity • Resiliency • Observability • Releasing Things 44

45. INNOQ / Application Container Design mit Kubernetes Service Mesh A

    Service Mesh is a decentralized infrastructure level in which functions for observability, routing, resilience and secure communication between microservices are implemented. 45

46. INNOQ / Application Container Design mit Kubernetes Basic Pattern Application

    Pod Proxy Main App Container Application Pod Proxy Main App Container Control Plane Tracing Monitoring 46

47. INNOQ / Application Container Design mit Kubernetes Service Mesh Features

    traffic management and shifting ❏ separates traffic from replicas ❏ fault injection ❏ rate limiting security ❏ mTLS between services ❏ service identity policies visualization 47

48. INNOQ / Application Container Design mit Kubernetes Options for Kubernetes

    Istio ❏ most buzz around ❏ huge Linkerd 2 ❏ smarter (not so feature rich as istio) stock solution with ❏ Cilium ❏ nginx ingress 48

49. INNOQ / Application Container Design mit Kubernetes Recap 49

50. INNOQ / Application Container Design mit Kubernetes Recap Container Pattern

    • Increases reuse, flexibility and testability • Better resource usage • YAMLs can wire functionality together Operators • Complex operation made simpler and transferable • Tool vendors regain control • Think of K8s as cloud operating system 50

51. INNOQ / Application Container Design mit Kubernetes Recap Service Mesh

    • Use of dynamically configurable proxies with all its associated possibilities • Security and missing-feature evaluation will eventually lead to a service mesh • Is a monster 51

52. INNOQ / Application Container Design mit Kubernetes thx 52