中科院專題 Workshop for Kubernetes

Transcript

1. Kyle Bai ⽩白凱仁 <[email protected]> 容器環境與應⽤用案例例

2. @k2r2bai • Overview of Kubernetes • An application for Kubernetes

   • Scale and rolling upgrade application • Monitoring application • Logging application Agenda Today I would like to talk about

3. Overview of Kubernetes

4. @k2r2bai kernel libs app app app app • No isolation.

   • No namespace. • Share common library. • High coupling for the application or OS. Bare Metal

5. @k2r2bai • Fully isolated and hence more secure. • Manage

   multiple VMs are not inefficient. • High coupling for the application or OS. • Limited performance • Startup time in minutes. Virtual Machines app libs kernel libs app app kernel app libs libs kernel kernel OS Virtualization

6. @k2r2bai • Process-level isolation, possibly less secure. • High coupling

   for the kernel. • Native performance. • Startup time in milliseconds. • Lightweight Containers(OS-Level Virtualization) Application Virtualization libs app kernel libs app libs app libs app

7. @k2r2bai Kubernetes • Container orchestration • Self-healing • Horizontal scaling

   • Service discovery and Load balancing • Automated rollouts and rollbacks • Secrets and configuration management • Storage orchestration “Kubernetes is becoming the Linux of the cloud” Jim Zemlin, Linux Foundation

8. @k2r2bai Kubernetes Architecture UI CLI API Users Master Nodes etcd

   scheduler controllers apiserver kubelet kube-proxy add-ons container runtime

9. @k2r2bai Kubernetes System Layers Nucleus: API and Execution Application Layer:

   Deployment and Routing Governance Layer: Automation and Policy Enforcement Interface Layer: Client Libraries and Tools Ecosystem Container Runtime Network Plugin Volume Plugin Image Registry Cloud Provider Identity Provider Device Plugin

10. @k2r2bai Governance Layer: Automation and Policy Enforcement (APIs optional and

    pluggable) Application Layer: Deployment and Routing (APIs required and pluggable) Nucleus: API and Execution (APIs required and not pluggable) CronJob batch/ v2alpha1 Job batch/v1 Deployment apps/v1 DaemonSet apps/v1 Pod core/v1 ReplicaSet apps/v1 StatefulSet apps/v1 ReplicationController core/v1 Endpoints core/v1 Ingress extensions/v1beta1 Service core/v1 ConfigMap core/v1 Secret core/v1 PersistentVolumeClaim core/v1 StorageClass storage/v1 ControllerRevision apps/v1 Event core/v1 LimitRange core/v1 ValidatingWebHookConfiguration admissionregistration/v1alpha1 HorizontalPodAutoscaler autoscaling/v1 APIService apiregistration/v1beta1 PodDisruptionBudget policy/v1beta1 PodPreset settings/v1alpha1 PodSecurityPolicy extensions/v1beta1 CertificateSigningRequest certificates/v1beta1 ClusterRole rbac/v1beta1 ClusterRoleBinding rbac/v1beta1 LocalSubjectAccessReview authorization/v1 Namespace core/v1 Node core/v1 PersistentVolume core/v1 ResourceQuota core/v1 Role rbac/v1beta1 RoleBinding rbac/v1beta1 SelfSubjectAccessReview authorization/v1 ServiceAccount core/v1 SubjectAccessReview authorization/v1 NetworkPolicy networking/v1 ComponentStatus core/v1 PriorityClass scheduling/v1alpha1 ClusterServiceBroker servicecatalog/v1beta1 ClusterServiceClass servicecatalog/v1beta1 ClusterServicePlan servicecatalog/v1beta1 ServiceInstance servicecatalog/v1beta1 ServiceBinding servicecatalog/v1beta1 MutatingWebHookConfiguration admissionregistration/v1alpha1 SelfSubjectRulesReview authorization/v1 TokenReview authentication/v1 CustomResourceDefinition apiextensions/v1beta1

11. @k2r2bai

12. @k2r2bai Interacting with Kubernetes • We will interact with our

    Kubernetes cluster through the Kubernetes API. • The Kubernetes API is (mostly) RESTful. • It allows us to create, read, update, delete resources. • We also can interact with Kubernetes through CLI tool or the client libraries.

13. An application for Kubernetes

14. @k2r2bai What's this application? • It’s a voting application. •

    A simple distributed application running across multiple Kubernetes containers. • Each application is written by different programming language. Java

15. @k2r2bai Voting App in the microservices era Voting App is

    made of 5 services: • Voting: A front-end web app written in Python which lets you vote between two options • Redis: To queue which collects new votes. • Worker: A Java worker which consumes votes and stores them in. • Database: A Postgres database backed by a container volume. • Result: A Node.js webapp which shows the results of the voting in real time. These 5 services are visible in the application's Kubernetes YAML file.

16. @k2r2bai How to containerize an application? • Use Docker to

    build an image from a Dockerfile. • Deploy an image to Kubernetes as a container.

17. @k2r2bai How to deploy an application in Kubernetes? • Using

    YAML for Kubernetes definitions. • Define you expect for deploying your application. • Kubernetes provides many kinds of resource for implementing container deployment, service exposing, ..., etc.

18. Scale and rolling upgrade application

19. @k2r2bai L4 Load balancing your application • A Kubernetes Service

    is an abstraction which defines a logical set of Pods and a policy by which to access them - sometimes called a micro-service. • Use IPTable(Random) or IPVS(Algorithms) for implementing load balancer. Service Client Proxy

20. @k2r2bai L7 Load balancing your application • An API object

    that manages external access to the services in a cluster, typically HTTP. • Ingress can provide load balancing, SSL termination and name-based virtual hosting. • Use NGINX as a backend for implementing load balancer.

21. @k2r2bai Scale your application • Kubernetes can use API to

    scale you application. • Support for RC/RS/Deployment. Scale API

22. @k2r2bai Autoscale your application by HPA • The Horizontal Pod

    Autoscaler automatically scales the number of applications in a replication controller, deployment or replica set based on observed CPU utilization. • Support for using CLI to create HPA. • kubectl autoscale deployment php-apache --cpu- percent=50 --min=1 --max=10

23. @k2r2bai Rolling Updates Deployment - replicas: 3 - selector: -

    app: my-app - version: v1 Service - app: my-app Live-update an application $ kubectl set image deployment \ my-app my-app= :v2 —record

24. @k2r2bai Deployment - replicas: 3 - selector: - app: my-app

    - version: v1 Deployment - replicas: 0 - selector: - app: my-app - version: v2 Service - app: my-app

25. @k2r2bai Deployment - replicas: 3 - selector: - app: my-app

    - version: v1 Deployment - replicas: 1 - selector: - app: my-app - version: v2 Service - app: my-app

26. @k2r2bai Deployment - replicas: 2 - selector: - app: my-app

    - version: v1 Deployment - replicas: 1 - selector: - app: my-app - version: v2 Service - app: my-app

27. @k2r2bai Deployment - replicas: 2 - selector: - app: my-app

    - version: v1 Deployment - replicas: 2 - selector: - app: my-app - version: v2 Service - app: my-app

28. @k2r2bai Deployment - replicas: 1 - selector: - app: my-app

    - version: v1 Deployment - replicas: 2 - selector: - app: my-app - version: v2 Service - app: my-app

29. @k2r2bai Deployment - replicas: 1 - selector: - app: my-app

    - version: v1 Deployment - replicas: 3 - selector: - app: my-app - version: v2 Service - app: my-app

30. @k2r2bai Deployment - replicas: 0 - selector: - app: my-app

    - version: v1 Deployment - replicas: 3 - selector: - app: my-app - version: v2 Service - app: my-app

31. Monitoring Kubernetes

32. @k2r2bai Monitoring: Prometheus + Grafana

33. @k2r2bai

34. Logging Kubernetes

35. @k2r2bai Logging: Elasticsearch + Fluentd + Kibana

36. @k2r2bai

37. @k2r2bai KAIREN OUT!! THANK YOU!!!