The road to Kubernetes

Transcript

1. DevOps with Kubernetes Craig Box Cloud Advocate Deploying and managing

   microservices

2. Deploying Software

3. None

4. One application, many users

5. None
6. None
7. None

8. DevOps Operators Developers

9. DevOps Procure Deploy Secure Monitor Schedule Isolate Control access Update

   Roll back Remediate Troubleshoot Scale Write code

10. "As a developer, I considered Operations skills akin to superpowers.

    Writing code that worked on my laptop was easy — getting it to work across a cluster of machines was orders of magnitudes harder." Cindy Sridharan, imgix “ “

11. Your laptop

12. Production

13. • A set of tasks • Relating to one or

    more applications • Continuously delivered • On one machine? • On many machines? • On one remote provider/cloud? • On many clouds? Operations

14. Operators Developers DevOps Operators Developers Contract

15. • Size teams correctly • Scale independently • Decouple applications

    too • "Breaking up the monolith" Hardware Specialisation Network SRE Storage SRE Cluster SRE App SRE Developers

16. Number of running containers Core Ops Team Enabled Google to

    grow our fleet over 10x faster than we grew our ops team
17. None

18. Container-centric infrastructure for deploying and managing applications. What is Kubernetes?

    “ “

19. What is a container? An application bundle A process group

    with some restrictions VM: Starting an OS Booting phone: ~60 seconds Changeable data: mixed with image Container: Starting a process Tap an app: ~0.2 seconds Changeable data: stored elsewhere

20. Containers Docker rkt OCI

21. Service Controller Pod Kubernetes components A loop that drives current

    state towards desired state Example: ReplicaSet A small group of tightly coupled containers Example: Static site generator & web server A set of running pods that work together Example: Load-balanced backends

22. Description of what you want to run You don't say

    where you want it to run: Kubernetes figures that out for you Manifests apiVersion: v1 kind: Pod metadata: name: redis-django labels: app: webapp spec: containers: - name: key-value-store image: redis ports: - containerPort: 6379 - name: frontend image: django ports: - containerPort: 8000

23. • Scheduling • Lifecycle and health • Scaling • Naming

    and discovery • Load balancing • Storage volumes • Logging and monitoring • Debugging and introspection • Identity and authorization • Piranha proof infrastructure Kubernetes provides

24. The new contracts for distributed systems Developer "Operating system" "Hardware"

    Contract Contract

25. A simple, fast, and fully-managed way to run containerized applications,

    from test to production. Developers

26. Developer time is at a premium. Kubernetes ease of deployment

    accelerates everything. Developers go from commit to deploy in production in less than 10 minutes allowing us to deploy 30-50 times a day Tyler Davis, DevOps “ ”

27. A standardized platform for reliable and scalable clusters without operational

    overhead. Operators

28. The industry-leading open source infrastructure platform, enabling interoperability, removing vendor

    lock-in, and providing cost savings. CTOs

29. Consistency everywhere On-Premise Cloud Hybrid

30. While Kubernetes did nudge us in the direction of GCP,

    we’re more cloud agnostic than ever because Kubernetes can live anywhere. Bas Moeys, co-founder & Head of Technology “ ”
31. None

32. Cloud Native

33. None
34. None

35. Container packaged Predictable deployment Efficient resource isolation Dynamically scheduled Higher

    QoS and efficiency Lower ops cost Microservices oriented Domain driven Independently upgradeable Cloud Native
36. None

37. Community composition Before 1.0 GA Between 1.0 - 1.5

38. Community composition Welcome!

39. None
40. None
41. None

42. "The dial tone of the Internet"

43. Let Google be your SRE

44. None

45. Fully managed Kubernetes

46. Google manages your control plane Container Engine Kubernetes Master API

    Server Controller Manager Scheduler etcd • Backups • Monitoring • Restarts • Resizing for larger clusters • 99.5% SLA

47. ...and system components on your nodes Container Engine Kubernetes Master

    API Server Controller Manager Scheduler etcd Container Engine Kubernetes Nodes Logging Monitoring Ingress backend Runtimes

48. Node management features Node upgrade: • Update Kubernetes version •

    Update node OS Node repair: • Automatically repair broken nodes Container Engine Kubernetes Nodes Logging Monitoring Ingress backend Runtimes
49. None

50. Full audit trail List operations Describe an operation to get

    more details $ gcloud container operations list NAME TYPE .. STATUS operation-15-0a UPGRADE_MASTER .. DONE operation-11-78 AUTO_UPGRADE_NODES .. DONE $ gcloud container operations describe <op> name: operation-15-0a operationType: UPGRADE_MASTER selfLink: ... status: DONE targetLink: ... zone: us-west1-b
51. None

52. A sneak peek

53. The shift to a modern distributed architecture has left enterprises

    unable to monitor, manage or secure their services in a consistent way.

54. What is a service mesh? A network for services, not

    bytes • Visibility • Resiliency & Efficiency • Traffic Control • Security • Policy Enforcement

55. HTTP/1.1, HTTP/2, gRPC, TCP with or without TLS HTTP/1.1, HTTP/2,

    gRPC, TCP with or without TLS Internet A service mesh
56. None

57. The Istio service mesh • A complete framework for connecting,

    securing, managing and monitoring services • Secure and monitor traffic for microservices and legacy services • An open platform with key contributions from Google, IBM, Lyft and others • Multi-environment and multi-platform

58. • Connect Resiliency, discovery, load balancing • Manage Traffic control,

    policy enforcement • Monitor Metrics, Logging, Tracing • Secure End-to-end Authentication and Authorization The Istio service mesh

59. • kubernetes.io • cloud.google.com/container-engine • istio.io Learn more

60. Thank you @craigbox #gdgspb