From 0 to 60 with Kubernetes and Istio

Transcript

1. FROM 0 TO 60 WITH KUBERNETES AND ISTIO J o

   o n a t h a n M ä g i

2. KUBERNETES & ISTIO § It’s not scary to get started

   § Kubernetes is production ready § Istio builds on Envoy but many components are early in their life and require testing for your use case § Not only for “microservices” § Complementary to Kubernetes

3. KUBERNETES § End to end system to automate management of

   containerized applications § Portable § Open source, started at Google, now governed by CNCF § Supports range of container tools, including Docker

4. KUBERNETES BUILDING BLOCKS § Pods § ReplicationControllers § Services §

   Labels § Ingress

5. WHERE CAN YOU RUN K8S § Minikube § Docker for

   Mac & Windows (beta signup) § Google Kubernetes Engine (previously known as Container Engine or GKE) § Azure Container Service (AKS) § Kubernetes Operations (kops) § kubeadm

6. KOPS § De facto way to provision Kubernetes on AWS

   § Fully automated installation § Self-healing § High-Availability support § Not only for setup but also for maintenance, upgrades, cluster cleanups

7. INSTALL KOPS AND AWS CLI Install kubectl: brew update &&

   brew install kubernetes-cli Install kops: brew update && brew install kops Install AWS CLI Tools: brew update && brew install awscli

8. LAUNCHING A KUBERNETES CLUSTER HOSTED ON AWS You need an

   AWS user with the following simplified permissions for: AmazonEC2FullAccess AmazonRoute53FullAccess AmazonS3FullAccess IAMFullAccess AmazonVPCFullAccess

9. LAUNCHING A KUBERNETES CLUSTER HOSTED ON AWS S3 bucket for

   cluster state storage: aws s3api create-bucket \ --bucket kubernetes-example-co-uk-state-store-2 \ --region eu-central-1 \ --create-bucket-configuration LocationConstraint=eu-central-1 aws s3api put-bucket-versioning \ --bucket kubernetes-example-co-uk-state-store-2 \ --versioning-configuration Status=Enabled

10. LAUNCHING A KUBERNETES CLUSTER HOSTED ON AWS Prepare your local

    environment: export NAME=presentationcluster.kubernetes-example.co.uk export KOPS_STATE_STORE=s3://kubernetes-example-co-uk-state-store-2 You don’t have to use environmental variables here. You can always define the values using the --name and --state flags.

11. LAUNCHING A KUBERNETES CLUSTER HOSTED ON AWS Let’s create a

    cluster configuration: kops create cluster \ --zones "eu-central-1a,eu-central-1b,eu-central-1c" \ --master-zones "eu-central-1a,eu-central-1b,eu-central-1c" \ --master-count 3 \ --node-count 4 \ --topology private \ --networking kopeio-vxlan \ --bastion \ --name presentationcluster.kubernetes-example.co.uk \ --state s3://kubernetes-example-co-uk-state-store-2

12. LAUNCHING A KUBERNETES CLUSTER HOSTED ON AWS Let’s build the

    cluster: kops update cluster \ --name presentationcluster.kubernetes-example.co.uk \ --yes This will take a while. Once it finishes you'll have to wait while the started instances finish downloading and setting up Kubernetes components and reach a "ready" state.

13. LAUNCHING A KUBERNETES CLUSTER HOSTED ON AWS Let’s take a

    look at the cluster we just built: kubectl get nodes kops validate cluster kubectl get pods --namespace kube-system

14. ISTIO § Platform to connect, manage, and secure microservices §

    Addresses many of the challenges as we transition towards a distributed microservice architecture § Wide protocol support from TCP to higher level HTTP, gRPC, Websocket, Redis etc. § Tackles traffic management, observability, identity and security § Brings resilience and fault-injection features to the table § Builds on proven Envoy proxy from Lyft

15. INSTALL ISTIO Let’s get Istio installed: curl -L https://git.io/getLatestIstio |

    sh - cd istio-0.2.12 export PATH=$PWD/bin:$PATH # deploy istio kubectl apply -f install/kubernetes/istio.yaml # validate the installation kubectl get svc -n istio-system kubectl get pods -n istio-system

16. ISTIO ADDONS # let’s install some Isito addons kubectl apply

    -f install/kubernetes/addons/prometheus.yaml kubectl apply -f install/kubernetes/addons/grafana.yaml kubectl apply -f install/kubernetes/addons/servicegraph.yaml kubectl apply -n istio-system -f https://raw.githubusercontent.com/jaegertracing/jaeger- kubernetes/master/all-in-one/jaeger-all-in-one-template.yml

17. APPLICATION DEPLOYMENT Deploying our first application on our Istio enabled

    Kubernetes cluster: kubectl apply -f <(istioctl kube-inject -f samples/bookinfo/kube/bookinfo.yaml)

18. APPLICATION ON ISTIO

19. APPLICATION DEPLOYMENT kubectl get services kubectl get pods # let’s

    see how to access our deployed application (/productpage) kubectl get ingress -o wide http://books.kubernetes-example.co.uk/productpage

20. INTELLIGENT ROUTING # route all traffic to review v1 istioctl

    create -f route-rule-all-v1.yaml # route for test user “joonathan” to v3 istioctl create -f route-rule-reviews-test-v3.yaml istioctl get routerule reviews-test-v3 -o yaml # route everyones traffic to v3 istioctl replace -f route-rule-reviews-v3.yaml

21. GRAFANA # let’s look at some metrics in grafana coming

    in kubectl -n istio-system port-forward $(kubectl -n istio-system get pod -l app=grafana -o jsonpath='{.items[0].metadata.name}') 3000:3000 http://localhost:3000/dashboard/db/istio-dashboard

22. DOTVIZ # how are our services connected? kubectl -n istio-system

    port-forward $(kubectl -n istio-system get pod -l app=servicegraph -o jsonpath='{.items[0].metadata.name}') 8088:8088 http://localhost:8088/dotviz

23. JAEGER # distributed tracing using Jaeger kubectl port-forward -n istio-system

    $(kubectl get pod -n istio-system -l app=jaeger -o jsonpath='{.items[0].metadata.name}') 16686:16686 http://localhost:16686

24. NEXT STEPS… We covered only a small subset of what

    Kubernetes and Istio have to offer. Continue learning at kubernetes.io and istio.io. Come and solve interesting microservices challenges with me at MOVE Guides.

25. THANKS! http://moveguides.com/careers