Set Sail with Kubernetes

Transcript

1. Set Sail with Kubernetes

2. $kubectl auth whoami Hart Hoover I work at Cisco, by

   way of Isovalent, makers of Cilium and Tetragon Formerly CoreOS, Heptio/VMware, Rackspace, Kong #GirlDad who loves tacos and coffee, perhaps too much https://harthoover.com

3. Agenda • WTF is Kubernetes? • Pods • More Pods

   • Config Data • Gateways • I want to run it • Services

4. History Lesson dotCloud joins YCombinator 2010 dotCloud ➡ Docker, Inc

   in 2013 EC2 just started supporting custom kernels Linux 3.0 was not out yet Terraform did not exist Go 1.0 had not been released “Config Management” was mostly Bash OpsCode wasn’t Chef, Inc. Netflix Engineering was blogging about building AMIs

5. History Lesson 2013

6. History Lesson Google open-sourced Kubernetes on June 6, 2014 Docker

   Swarm was released Oct 2014 CNCF was founded in 2015, Kubernetes was its first project
7. None
8. None

9. WTF is Kubernetes?

10. WTF is Kubernetes? Kubernetes is a Greek word that means

    “helmsman” or “pilot” Kubernetes is an open source container orchestration engine for automating deployment, scaling, and management of containerized applications.

11. WTF does Kubernetes Do? Abstracts underlying hardware of nodes and

    provides a uniform interface for container (and now VM!) workloads to be both deployed and consume the shared pool of resources.

12. WTF does Kubernetes Do? Kubernetes… Autoscales workloads Manages Deployments Runs

    Stateful and Stateless Apps Has built-in Service Discovery Supports third party applications

13. Constantly resolves state between what is actual and what is

    desired WTF does Kubernetes Do?

14. WTF does Kubernetes Look Like? etcd (Data Store) API Server

    Scheduler Controller Manager You (kubectl) Node1 Network Plugin Kubelet Container Runtime OS Node2 Network Plugin Kubelet Container Runtime OS NodeN Network Plugin Kubelet Container Runtime OS Controllers Nodes Kube-Proxy Kube-Proxy Kube-Proxy

15. WTF does Kubernetes Look Like? etcd (Data Store) API Server

    Scheduler Controller Manager Controllers

16. WTF does Kubernetes Look Like? Node1 Network Plugin Kubelet Container

    Runtime OS Node2 Network Plugin Kubelet Container Runtime OS NodeN Network Plugin Kubelet Container Runtime OS Nodes Kube-Proxy Kube-Proxy Kube-Proxy

17. WTF does Kubernetes Look Like? Node1 Kubelet Node2 Kubelet NodeN

    Kubelet Nodes Kube-Proxy Kube-Proxy Kube-Proxy

18. WTF does Kubernetes Look Like? etcd (Data Store) API Server

    Scheduler Controller Manager You (kubectl) Node1 Network Plugin Kubelet Container Runtime OS Node2 Network Plugin Kubelet Container Runtime OS NodeN Network Plugin Kubelet Container Runtime OS Controllers Nodes Kube-Proxy Kube-Proxy Kube-Proxy

19. Pods

20. None

21. Pods apiVersion: v1 kind: Pod metadata: name: nginx spec: containers:

    - name: nginx image: nginx:1.14.2 ports: - containerPort: 80

22. Pod Templates apiVersion: batch/v1 kind: Job metadata: name: hello spec:

    template: # This is the pod template spec: containers: - name: hello image: busybox:1.28 command: ['sh', '-c', 'echo "Hello, Kubernetes!" && sleep 3600'] restartPolicy: OnFailure # The pod template ends here

23. Sidecars Main container initContainer Main container proxy Main container debug

24. More Pods

25. Deployments and ReplicaSets apiVersion: apps/v1 kind: Deployment metadata: name: nginx-deployment

    labels: app: nginx spec: replicas: 3 selector: matchLabels: app: nginx template: metadata: labels: app: nginx spec: containers: - name: nginx image: nginx:1.14.2 ports: - containerPort: 80

26. Deployments and ReplicaSets apiVersion: apps/v1 kind: Deployment metadata: name: nginx-deployment

    labels: app: nginx spec: replicas: 3 selector: matchLabels: app: nginx template: metadata: labels: app: nginx spec: containers: - name: nginx image: nginx:1.14.2 ports: - containerPort: 80

27. Deployments and ReplicaSets apiVersion: apps/v1 kind: Deployment metadata: name: nginx-deployment

    labels: app: nginx spec: replicas: 3 selector: matchLabels: app: nginx template: metadata: labels: app: nginx spec: containers: - name: nginx image: nginx:1.14.2 ports: - containerPort: 80

28. Deployments and ReplicaSets apiVersion: apps/v1 kind: Deployment metadata: name: nginx-deployment

    labels: app: nginx spec: replicas: 3 selector: matchLabels: app: nginx template: metadata: labels: app: nginx spec: containers: - name: nginx image: nginx:1.14.2 ports: - containerPort: 80

29. Deployments and ReplicaSets replicas: 3 image: image:v1

30. Deployments and ReplicaSets replicas: 3 image: image:v1

31. Deployments and ReplicaSets image:v1 replicas: 3 image: image:v1

32. Deployments and ReplicaSets image:v1 replicas: 3 image: image:v2

33. Deployments and ReplicaSets image:v1 image:v2 replicas: 3 image: image:v2

34. Deployments and ReplicaSets replicas: 3 image: image:v2 image:v2

35. DaemonSets apiVersion: apps/v1 kind: DaemonSet metadata: name: fluentd spec: selector:

    matchLabels: name: fluentd template: metadata: labels: name: fluentd spec: containers: - name: fluentd-elasticsearch image: quay.io/fluentd_elasticsearch/fluentd:latest

36. DaemonSets apiVersion: apps/v1 kind: DaemonSet metadata: name: fluentd spec: selector:

    matchLabels: name: fluentd template: metadata: labels: name: fluentd spec: containers: - name: fluentd-elasticsearch image: quay.io/fluentd_elasticsearch/fluentd:latest

37. DaemonSets apiVersion: apps/v1 kind: DaemonSet metadata: name: fluentd spec: selector:

    matchLabels: name: fluentd template: metadata: labels: name: fluentd spec: containers: - name: fluentd-elasticsearch image: quay.io/fluentd_elasticsearch/fluentd:latest

38. Config Data

39. ConfigMaps and Secrets apiVersion: v1 kind: ConfigMap metadata: name: game-demo

    data: player_initial_lives: "3" ui_properties_file_name: "user-interface.properties"

40. ConfigMaps and Secrets apiVersion: v1 kind: Secret metadata: name: dotfile-secret

    data: .secret-file: dmFsdWUtMg0KDQo=

41. Using a ConfigMap apiVersion: v1 kind: Pod metadata: name: configmap-demo-pod

    spec: containers: - name: demo image: alpine command: ["sleep", "3600"] env: - name: PLAYER_INITIAL_LIVES valueFrom: configMapKeyRef: name: game-demo key: player_initial_lives - name: UI_PROPERTIES_FILE_NAME valueFrom: configMapKeyRef: name: game-demo key: ui_properties_file_name

42. Services

43. Pods apiVersion: v1 kind: Pod metadata: name: nginx spec: containers:

    - name: nginx image: nginx:1.14.2 ports: - containerPort: 80

44. Services apiVersion: v1 kind: Service metadata: name: my-service spec: selector:

    app.kubernetes.io/name: nginx ports: - protocol: TCP port: 80 targetPort: 80

45. Services apiVersion: v1 kind: Service metadata: name: my-service spec: selector:

    app.kubernetes.io/name: nginx ports: - protocol: TCP port: 80 targetPort: 80

46. Services apiVersion: v1 kind: Service metadata: name: my-service spec: selector:

    app.kubernetes.io/name: nginx ports: - protocol: TCP port: 80 targetPort: 80

47. Services apiVersion: v1 kind: Service metadata: name: my-service spec: selector:

    app.kubernetes.io/name: nginx ports: - protocol: TCP port: 80 targetPort: 80

48. Main Types of Services • ClusterIP (default) • NodePort •

    LoadBalancer

49. Blue/Green Deployments labels: app: myapp env: blue selector: app: myapp

    env: blue v1

50. Blue/Green Deployments labels: app: myapp env: blue labels: app: myapp

    env: green selector: app: myapp env: blue v1 v2

51. Blue/Green Deployments labels: app: myapp env: blue labels: app: myapp

    env: green selector: app: myapp env: green v1 v2

52. Blue/Green Deployments labels: app: myapp env: blue labels: app: myapp

    env: green selector: app: myapp env: green v3 v2

53. Canary labels: app: myapp selector: app: myapp v1 Deployments

54. Canary labels: app: myapp labels: app: myapp type: canary selector:

    app: myapp v1 v2 Deployments

55. Canary labels: app: myapp labels: app: myapp type: canary selector:

    app: myapp v2 v2 Deployments

56. Canary labels: app: myapp selector: app: myapp v2 Deployments

57. Gateways

58. An API and standardization for traffic management and routing in

    a Kubernetes cluster Gateway API

59. Client Gateway GatewayClass Cluster HTTPRoute HTTPRoute domain.com /products /reviews What

    kind?

60. apiVersion: gateway.networking.k8s.io/v1 kind: Gateway metadata: name: prod-web spec: gatewayClassName: cilium

    listeners: - protocol: HTTP port: 80 name: prod-web-gw allowedRoutes: namespaces: from: Same Simple Gateway API Objects apiVersion: gateway.networking.k8s.io/v1 kind: HTTPRoute metadata: name: route spec: parentRefs: - name: prod-web rules: - backendRefs: - name: foo-svc port: 8080

61. https://gateway-api.sigs.k8s.io/

62. I want to run it

63. • https://docs.docker.com/desktop/ 💰 • https://podman-desktop.io/ • https://minikube.sigs.k8s.io/ • https://kind.sigs.k8s.io/ •

    Cloud Options: EKS, GKE, AKS, etc 💰 I want to run it

64. https://github.com/kelseyhightower/kubernetes-the-hard-way I want to learn the internals

65. https://github.com/kubernetes/community I want to contribute

66. DEMO

67. None

68. Thank you