Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Delivering Stateful applications on Kubernetes with Operators

Keith Resar
May 22, 2019
0
120

Delivering Stateful applications on Kubernetes with Operators

While Kubernetes has owned the stateless application space for years, the introduction of the operator pattern extends its reign to stateful applications as well.

Learn what the operator pattern is and how it's implemented within Kubernetes. Explore how Operators define application-aware Kubernetes objects that scale, recover from failure, manage version upgrades, and support backup/restore processes. Lastly, explore the frameworks available for creating your own operators and examine all the data vendors who are already offering their applications via operator

Keith Resar

May 22, 2019
Tweet

More Decks by Keith Resar

See All by Keith Resar
Real-Time Data Transformation by Example
keithresar
0
20
Exactly-Once Semantics and Transactions in Kafka
keithresar
0
63
Implementing Strangler pattern for microservices migrations
keithresar
0
210
Event streaming fundamentals with Apache Kafka
keithresar
1
310
Stream processing with ksqlDB and Apache Kafka
keithresar
1
260
How Nagios is leveraging Ansible Network Automation
keithresar
1
60
Automating Satellite Installation and Configuration With the Ansible Foreman Modules
keithresar
1
540
Writing your first Ansible operator for OpenShift
keithresar
1
150
Intro to CI/CD in GitLab and Anatomy of a Pipeline
keithresar
1
270

Featured

See All Featured
Practical Orchestrator
shlominoach
182
9.7k
ParisWeb 2013: Learning to Love: Crash Course in Emotional UX Design
dotmariusz
104
6.6k
The Pragmatic Product Professional
lauravandoore
25
5.8k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
116
18k
Designing on Purpose - Digital PM Summit 2013
jponch
110
6.5k
Embracing the Ebb and Flow
colly
80
4.1k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
221
21k
Optimising Largest Contentful Paint
csswizardry
8
2.4k
Building Your Own Lightsaber
phodgson
99
5.7k
Debugging Ruby Performance
tmm1
70
11k
Scaling GitHub
holman
457
140k
Why Our Code Smells
bkeepers
PRO
331
56k

Transcript

  1. @KeithResar STATEFUL APPLICATIONS USING KUBERNETES _OPERATORS_

  2. None

  3. @KeithResar Operators are _application aware Kubernetes objects._ Active throughout the

    application’s lifecycle, they manage instantiation, ongoing state, and destruction.
  4. None

  5. @KeithResar FROM VISION TO _PROBLEM_

  6. @KeithResar _problem:_ _turnkey management of stateless application_

  7. None

  8. @KeithResar _problem:_ _turnkey management of stateless application_ _solution:_ _kubernetes (we

    just saw this)_ _S2I, Helm_

  9. @KeithResar

  10. None

  11. @KeithResar _problem:_ _I’m a vendor or I create stateful apps,

    _kubernetes doesn’t know anything about me_

  12. @KeithResar etcd is a _distributed key value store_ that provides

    a reliable way to store data across a cluster of machines. Stand-in for your app

  13. @KeithResar Create and Destroy • Resize • Failover Rolling upgrade

    • Backup and Restore Stand-in for your app

  14. @KeithResar _problem:_ _I’m a vendor or I create stateful apps,

    _kubernetes doesn’t know anything about me_
  15. None
  16. None
  17. None
  18. None

  19. @KeithResar --- apiVersion: v1 kind: Service metadata: name: simpleapp spec:

    ports: - name: 8080-tcp port: 8080 protocol: TCP targetPort: 8080 selector: deploymentconfig: simpleapp sessionAffinity: None type: ClusterIP defining a _service_ resource service resources are a built in object type.

  20. @KeithResar --- apiVersion: etcd.database.coreos.com/v1beta2 kind: EtcdCluster metadata: name: example-etcd-cluster spec:

    size: 3 version: "3.2.13" defining an _EtcdCluster_ resource Our custom resource looks pretty similar.
  21. None

  22. @KeithResar _problem:_ _I’m a vendor or I create stateful apps,

    _kubernetes doesn’t know anything about me_ _solution:_ _create custom resource definitions (CRD)_
  23. None

  24. @KeithResar EVERY PROBLEM BRINGS A _SOLUTION_

  25. @KeithResar DS AS API Server Cluster Workload Compare desired state

    with actual state Reconcile process converges to desired state

  26. @KeithResar DS AS API Server 01010001 01010010 10101011 01011001 0101001

    01010001 01010010 10101011 01011001 0101001 Cluster Workload 01010001 01010010 10101011 01011001 0101001 1x simpleapp 2x simpleapp 01010001 01010010 10101011 01011001 0101001

  27. @KeithResar DS AS API Server Cluster Workload Native K8s objects

    like... Pods Services Deployments etc.

  28. @KeithResar AS DS _* operator_ watch reconcile action _________ _______________________

    ______ _____________________________

  29. @KeithResar AS DS _Ansible operator_ watch reconcile ansible-runner _________ _______________________

    ______ _____________________________ Ansible playbook or role This is the only component you need to worry about!

  30. @KeithResar kubernetes layer application layer

  31. @KeithResar kubernetes layer ETCD pod ETCD pod Phase I Manage

    native K8s objects application layer

  32. @KeithResar application layer kubernetes layer ETCD pod ETCD pod Phase

    II Manage application objects 01001 etcd data 01001 etcd data
  33. None

  34. @KeithResar A GIFT OF THE _DEMO_ TO YOU

  35. @KeithResar Demo Operator for data service _SimpleDB,_ that manages instantiation

    and version upgrades. RBAC CRD CR DC

  36. @KeithResar Create service account, role, and role binding. Our operator

    uses these to monitor events and reconcile desired and actual states. RBAC CRD CR DC

  37. @KeithResar AS DS _Ansible operator_ watch reconcile ansible-runner _________ _______________________

    ______ _____________________________

  38. @KeithResar Define the custom resource SimpleDB. This extends what Kubernetes

    accepts, but doesn’t actually change any behavior. RBAC CRD CR DC

  39. @KeithResar Define and deploy the Ansible Operator container which executes

    an ansible-runner process. RBAC CRD CR DC

  40. @KeithResar AS DS _Ansible operator_ watch reconcile ansible-runner _________ _______________________

    ______ _____________________________

  41. @KeithResar RBAC CRD CR DC # Dockerfile FROM quay.io/water-hole/ansible-operator USER

    root RUN yum -y install MySQL-python && \ pip --no-cache-dir install dnspython COPY roles/ ${HOME}/roles/ COPY playbook.yaml ${HOME}/playbook.yaml COPY watches.yaml ${HOME}/watches.yaml

  42. @KeithResar AS DS _Ansible operator_ watch reconcile ansible-runner _________ _______________________

    ______ _____________________________

  43. @KeithResar RBAC CRD CR DC # Dockerfile FROM quay.io/water-hole/ansible-operator USER

    root RUN yum -y install MySQL-python && \ pip --no-cache-dir install dnspython COPY roles/ ${HOME}/roles/ COPY playbook.yaml ${HOME}/playbook.yaml COPY watches.yaml ${HOME}/watches.yaml

  44. @KeithResar RBAC CRD CR DC # roles/SimpleDB/tasks/main.yml ---

  45. @KeithResar RBAC CRD CR DC # roles/SimpleDB/tasks/main.yml --- # …

    (skip setting some variables)

  46. @KeithResar RBAC CRD CR DC # roles/SimpleDB/tasks/main.yml --- # …

    (skip setting some variables) # If no service defined then run our install playbook # This is idempotent so we could run it regardless - include_tasks: mariadb_install.yml when: mysql_ip == "NXDOMAIN"

  47. @KeithResar RBAC CRD CR DC # roles/SimpleDB/tasks/main.yml --- # …

    (skip setting some variables) # If no service defined then run our install playbook # This is idempotent so we could run it regardless - include_tasks: mariadb_install.yml when: mysql_ip == "NXDOMAIN" # Run our upgrade path if we need to change versions - include_tasks: mariadb_upgrade.yml when: version != version_query.json.version

  48. @KeithResar AS DS _Ansible operator_ watch reconcile ansible-runner _________ _______________________

    ______ _____________________________

  49. @KeithResar Instantiate our custom resource object. The operator is listening

    for any SimpleDB events in our namespace. RBAC CRD CR DC

  50. @KeithResar RBAC CRD CR DC --- apiVersion: example.com/v1alpha1 kind: SimpleDB

    metadata: name: simpledb spec: # Add fields here version: 1

  51. @KeithResar AS DS _Ansible operator_ watch reconcile ansible-runner _________ _______________________

    ______ _____________________________ Ansible playbook or role This is the only component you need to worry about!
  52. None

  53. @KeithResar GO FARTHER WITH THESE _RESOURCES_ • OperatorHub • Introducing

    the operator framework • water-hole’s ansible-operator repo • ansible-operator-demo repo • Awesome operators in the wild

  54. @KeithResar THANKS