Introduction to Kubernetes / Schlank und fit dank Kubernetes!

Transcript

1. Schlank und fit dank Kubernetes! Daniel Bornkessel & Christopher Schmidt

   München OOP 2018, 8.2.2018

2. About us 2 Daniel Bornkessel / @kesselborn • Senior Consultant

   at INNOQ / Dad • Focus on DevOps & Continuous Delivery • Experience with several cluster management solutions (homegrown, Marathon / Mesos, ECS, Kubernetes) Fit und Schlank dank Kubernetes Quelle / Max Mustermann

3. About us 3 Christopher Schmidt / @fakod • Senior Consultant

   at INNOQ • Several lead architecture roles • Focus on cloud migration concepts and Kubernetes Fit und Schlank dank Kubernetes Quelle / Max Mustermann

4. Agenda 4 • Introduction to cluster management solutions • Kubernetes'

   architecture and components • Demos: Kubernetes in action • Advanced Kubernetes Fit und Schlank dank Kubernetes Quelle / Max Mustermann

5. 5 Introduction Schlank und fit dank Kubernetes

6. Kubernetes — executive summary X • Kubernetes is an open-source

   system for automating deployment, scaling, and management of containerized applications • Marketing claim: • Planet Scale • Never Outgrow • Run Anywhere • Often abbreviated to K8s Fit und Schlank dank Kubernetes Quelle / Max Mustermann

7. Kubernetes — brief history 6 • Designed by Google, later

   donated to Cloud Native Computing Foundation • Heavily influenced by Google's internal Borg system • Code name: Project Seven • Initial release: 7 June 2014 / 15 December 2015 (first stable version) Fit und Schlank dank Kubernetes Quelle / Max Mustermann

8. Kubernetes — usage and providers 7 • Base for OpenShift

   (Red Hat), Tectonic (CoreOS), IBM Cloud Container Service (IBM) • Supported as a managed service by Azure, Google Compute Engine, Amazon (EKS: Preview only) and specialized service providers (e.g. giantswarm.io) • Installable on premises • Locally usable with minikube or Docker Native (Invite-only Beta) Fit und Schlank dank Kubernetes Quelle / Max Mustermann

9. 8 Cluster management solutions Schlank und fit dank Kubernetes

10. X Use a cluster management solution when you have one

    cluster and deploy ... • … many different services • … different services from different teams • … different products that need to be isolated from each other • … different programming language and frameworks Fit und Schlank dank Kubernetes Quelle / Max Mustermann Cluster management solutions — use cases

11. Cluster management solutions 9 Classical approach Fit und Schlank dank

    Kubernetes Quelle / Max Mustermann Host 1 App 1 App 1 App 1 Host 2 App 1 Host 3 App 2 Host 4 App 2 Host 5 App 3 Host 6 App 3 App 3

12. Cluster management solutions 10 Auto placement Fit und Schlank dank

    Kubernetes Quelle / Max Mustermann Cluster Host 1 App 1 App 1 App 2 Host 2 App 1 Host 3 App 2 Host 4 App 2 Host 5 App 3 Host 6 App 1 App 3

13. Cluster management solutions 11 Fit und Schlank dank Kubernetes Quelle

    / Max Mustermann Cluster Host 1 App 1 App 1 App 2 Host 2 App 1 Host 3 App 2 Host 4 App 2 Host 5 App 3 Host 6 App 1 App 3 Auto restarting restart app automatically when it crashes

14. Cluster management solutions 12 Self healing Fit und Schlank dank

    Kubernetes Quelle / Max Mustermann Cluster Host 1 App 1 App 1 App 2 Host 2 App 1 Host 3 App 2 Host 4 App 2 Host 5 App 3 Host 6 App 1 App 3 App 1 keep number of App 1 instances stable by spawning a new instance automatically

15. Cluster Host 6 Host 5 Host 1 App 1 App

    1 App 2 Host 2 App 1 Host 3 App 2 Host 4 App 2 App 1 App 3 App 3 Cluster management solutions 13 Isolation Fit und Schlank dank Kubernetes Quelle / Max Mustermann

16. Cluster Host 6 Host 5 Host 1 App 1 App

    1 App 2 Host 2 App 1 Host 3 App 2 Host 4 App 2 App 1 App 3 App 3 Cluster management solutions 14 Publishing apps Fit und Schlank dank Kubernetes Quelle / Max Mustermann App 4 http://www.foo.com http://www.bar.com http://www.baz.com

17. Cluster management solutions 15 Auto scaling Fit und Schlank dank

    Kubernetes Quelle / Max Mustermann Cluster Host 1 App 1 App 1 App 2 Host 2 App 1 Host 3 App 2 Host 4 App 2 Host 5 App 3 Host 6 App 1 App 3 App 1 Increase number of App 1 instances if necessary

18. Cluster management solutions — use cases 16 • Auto placement

    • Auto restarting • Self healing • Isolation • Publishing apps • Auto scaling Fit und Schlank dank Kubernetes Quelle / Max Mustermann

19. 17 Kubernetes Components Schlank und fit dank Kubernetes

20. Container 18 • Apps and services must be provided as

    containers • Standard container format: docker • Experimental: rkt Fit und Schlank dank Kubernetes Quelle / Max Mustermann

21. Pod 19 • A pod consists of one or more

    containers • Containers in a pod share network • Containers in a pod can share volumes • Each pod receives its own cluster-wide and cluster internal IP address Fit und Schlank dank Kubernetes Quelle / Max Mustermann

22. Pod C Pod 20 One container only Multiple containers /

    shared network Fit und Schlank dank Kubernetes Quelle / Max Mustermann Pod C C localhost

23. Pod C Pod 21 Multiple containers / shared volume Multiple

    containers / init container(s) Fit und Schlank dank Kubernetes Quelle / Max Mustermann Pod C 1 C

24. Pod 22 Real world example from a current project: Fit

    und Schlank dank Kubernetes Quelle / Max Mustermann Pod init ssl auth app

25. Pod 23 App -> Pod Fit und Schlank dank Kubernetes

    Quelle / Max Mustermann Cluster Host 1 Pod 1 Pod 1 Pod 2 Host 2 Pod 1 Host 3 Pod 2 Host 4 Pod 2 Host 5 Pod 3 Host 6 Pod 1 Pod 3

26. Pod 24 Host -> Node Fit und Schlank dank Kubernetes

    Quelle / Max Mustermann Cluster Node 1 Pod 1 Pod 1 Pod 2 Node 2 Pod 1 Node 3 Pod 2 Node 4 Pod 2 Node 5 Pod 3 Node 6 Pod 1 Pod 3

27. Cluster management solutions — use cases 25 • Auto placement

    • Auto restarting • Self healing • Isolation • Publishing apps • Auto scaling Fit und Schlank dank Kubernetes Quelle / Max Mustermann (pod) (pod)

28. Deployment 26 • Declares a state of Pods • Is

    used for scaling up N instances of the same pod • Is used to deploy old or new revisions of a pod • Embeds replica sets Fit und Schlank dank Kubernetes Quelle / Max Mustermann

29. Deployment 27 Fit und Schlank dank Kubernetes Quelle / Max

    Mustermann Deployment Pod Pod Pod Pod Replicas: 4 … Pod: …

30. Deployment 28 Fit und Schlank dank Kubernetes Quelle / Max

    Mustermann Node Node Node Pod Pod Pod Pod Deployment Replicas: 4 … Pod: …

31. Node Deployment 29 Fit und Schlank dank Kubernetes Quelle /

    Max Mustermann Deployment Node Node Pod Pod Pod Pod Pod replica set handles self healing Replicas: 4 … Pod: …

32. Cluster management solutions — use cases 30 • Auto placement

    • Auto restarting • Self healing • Isolation • Publishing apps • Auto scaling Fit und Schlank dank Kubernetes Quelle / Max Mustermann (pod) (pod) (replica set / deployment)

33. Service 31 • Is an abstraction which defines a logical

    set of pods and a policy by which to access them • Usually represents a micro-service Fit und Schlank dank Kubernetes Quelle / Max Mustermann

34. Service 32 Type: ClusterIP • Groups multiple pods to one

    service • Gets a dedicated, cluster wide IP • Gets a dedicated, cluster wide DNS name • Maps one or more pod-ports to service ports (i.e. pod-port 8080 to service-port 80) Fit und Schlank dank Kubernetes Quelle / Max Mustermann

35. Service 33 Type: ClusterIP Fit und Schlank dank Kubernetes Quelle

    / Max Mustermann Cluster Node 1 Pod 2 Node 2 Node 3 Pod 2 Node 4 Pod 2 Node 5 Pod 3 Node 6 Pod 3 Pod 1 Pod 1 Pod 1 Pod 1

36. Service 34 Type: ClusterIP Fit und Schlank dank Kubernetes Quelle

    / Max Mustermann Cluster Node 1 Pod 2 Node 2 Node 3 Pod 2 Node 4 Pod 2 Node 5 Pod 3 Node 6 Pod 3 Pod 1 Pod 1 Pod 1 Pod 1 service1 100.71.23.42

37. Service 35 Type: ClusterIP Fit und Schlank dank Kubernetes Quelle

    / Max Mustermann Cluster Node 1 Node 2 Node 3 Node 4 Node 5 Pod 3 Node 6 Pod 3 Pod 1 Pod 1 Pod 1 Pod 1 Pod 2 Pod 2 Pod 2 service2 100.71.23.43

38. Service 36 Type: ClusterIP Fit und Schlank dank Kubernetes Quelle

    / Max Mustermann Cluster Node 1 Node 2 Node 3 Node 4 Node 5 Node 6 Pod 1 Pod 1 Pod 1 Pod 1 Pod 2 Pod 2 Pod 2 service3 100.71.23.44 Pod 3 Pod 3

39. Service 37 Type: ClusterIP Fit und Schlank dank Kubernetes Quelle

    / Max Mustermann Cluster Node 1 Node 2 Node 3 Node 4 Node 5 Node 6 Pod 1 Pod 1 Pod 1 Pod 1 service1 100.71.23.42 Pod 2 Pod 2 Pod 2 service3 100.71.23.44 service2 100.71.23.43 Pod 3 Pod 3

40. Service 38 Type: ClusterIP Fit und Schlank dank Kubernetes Quelle

    / Max Mustermann Cluster Node 1 Node 2 Node 3 Node 4 Node 5 Node 6 Pod 1 Pod 1 Pod 1 Pod 1 service1 100.71.23.42 Pod 2 Pod 2 Pod 2 service3 100.71.23.44 service2 100.71.23.43 Pod 3 Pod 3 curl http://service1 curl http://100.71.23.42

41. Service Type: ExternalName / ExternalIP Fit und Schlank dank Kubernetes

    Quelle / Max Mustermann Cluster Node 1 Pod 2 Node 2 Node 3 Pod 2 Node 4 Pod 2 Node 5 Pod 3 Node 6 Pod 3 Pod 1 Pod 1 Pod 1 Pod 1 DNS 1 2 MySQL 3 mysql -h db1 178.16.59.233 myexampledb.a1b2c3d4wxyz.us-west-2.rds.amazonaws.com

42. Service — other types 40 Fit und Schlank dank Kubernetes

    Quelle / Max Mustermann • NodePort • LoadBalancer

43. Service 41 Type: NodePort • Like a ClusterIP, additionally it

    maps pod-ports to the same port on each cluster node Fit und Schlank dank Kubernetes Quelle / Max Mustermann

44. Service 42 Type: NodePort Fit und Schlank dank Kubernetes Quelle

    / Max Mustermann Cluster 8080 Node 1 Node 2 Node 3 Node 4 Node 5 Node 6 Pod 1 Pod 1 Pod 1 Pod 1 Pod 2 Pod 2 Pod 2 NodePort: 8080 Pod 3 Pod 3 8080 8080 8080 8080 8080

45. Service 43 Type: LoadBalancer • Creates a ClusterIP, a NodePort

    and a public port to make an app accessible to the public Fit und Schlank dank Kubernetes Quelle / Max Mustermann

46. Service 44 Type: LoadBalancer Fit und Schlank dank Kubernetes Quelle

    / Max Mustermann Cluster Node 1 Node 2 Node 3 Node 4 Node 5 Node 6 Pod 1 Pod 1 Pod 1 Pod 1 Pod 2 Pod 2 Pod 2 Pod 3 Pod 3 178.16.59.233:80

47. Service 45 Type: LoadBalancer Fit und Schlank dank Kubernetes Quelle

    / Max Mustermann Cluster Node 1 Node 2 Node 3 Node 4 Node 5 Node 6 Pod 1 Pod 1 Pod 1 Pod 1 Pod 2 Pod 2 Pod 2 Pod 3 Pod 3 178.16.59.233:80 http://178.16.59.233 IE6

48. Service 46 Type: ExternalName / ExternalIP • Like a service,

    but instead of pointing to pods it just resolves to an external IP (A Record) or an external DNS name (CNAME) Fit und Schlank dank Kubernetes Quelle / Max Mustermann

49. Daemon Set 47 • Runs an instance of a pod

    on every node in the cluster • Can be used to run pods that collect logs (logstash, fluentd), monitor nodes (prometheus node exporter, collectd, etc.) or implement a storage daemon (glusterd, ceph) Fit und Schlank dank Kubernetes Quelle / Max Mustermann

50. Daemon Set 48 Fit und Schlank dank Kubernetes Quelle /

    Max Mustermann Cluster Node 1 Pod 2 Node 2 Node 3 DS 1 Node 4 DS 1 Node 5 DS 1 Node 6 DS 1 DS 1 Pod 1 DS 1 Pod 1

51. Ingress Controller 49 • Creates a LoadBalancer service that points

    to a pod, which runs a reverse proxy (nginx, haproxy, Apache, traefik) • IngressRules describe which DNS and/or path should point to which service • The ingress controller speaks directly to pods — it doesn’t use services in order to avoid an additional hop, timing and several other issues (e.g. session stickiness) Fit und Schlank dank Kubernetes Quelle / Max Mustermann

52. Ingress Controller 50 Fit und Schlank dank Kubernetes Quelle /

    Max Mustermann Cluster Node 1 Node 2 Node 3 Node 4 Node 5 Node 6 Pod 1 Pod 1 Pod 1 Pod 1 Pod 2 Pod 2 Pod 3 Pod 3 http://example.com http://example.com/account http://foo.com ingress controller

53. Cluster management solutions — use cases 51 • Auto placement

    • Auto restarting • Self healing • Isolation • Publishing apps • Auto scaling Fit und Schlank dank Kubernetes Quelle / Max Mustermann (pod) (pod) (replica set / deployment) (namespace) (ingress controller)

54. Namespace 52 • Is a virtual cluster that shares a

    physical cluster with other namespaces • Scopes Kubernetes objects like pods, services, etc. • Can have role based access control rules • Can be isolated to other namespaces on the network level • Is bound to Kubernetes objects, not nodes Fit und Schlank dank Kubernetes Quelle / Max Mustermann

55. Namespace 53 Fit und Schlank dank Kubernetes Quelle / Max

    Mustermann Cluster Node 1 Node 2 Node 3 Node 4 Node 5 Node 6 Pod 3 Pod 3 Pod 1 Pod 1 Pod 1 Pod 1 Pod 2 Pod 2 Pod 2 namespace: oop namespace: default

56. Cluster management solutions — use cases 54 • Auto placement

    • Auto restarting • Self healing • Isolation • Publishing apps • Auto scaling Fit und Schlank dank Kubernetes Quelle / Max Mustermann (pod) (pod) (replica set / deployment) (namespace) (ingress controller)

57. More ... 55 • Job: runs a command on 1

    … n pods and finishes, if a specified number of them succeeds successfully • CronJob: runs a job (repeatedly) at a specific time • StatefulSet: like a deployment but starts one container after another — each pod receives its own DNS name (useful for something like consul / etcd / zookeeper) Fit und Schlank dank Kubernetes Quelle / Max Mustermann

58. 56 Kubernetes Architecture Schlank und fit dank Kubernetes

59. Kubernetes architecture 57 Fit und Schlank dank Kubernetes Quelle /

    Max Mustermann Cluster Node 1 Pod 2 Node 2 Node 3 Pod 2 Node 4 Pod 2 Node 5 Pod 3 Master Nodes etcd db Pod 1 Pod 1 Pod 1 scheduler K8s API

60. Kubernetes architecture 58 Fit und Schlank dank Kubernetes Quelle /

    Max Mustermann Cluster Node 1 Pod 2 Node 2 Node 3 Pod 2 Node 4 Pod 2 Node 5 Pod 3 Master Nodes etcd db Pod 1 Pod 1 Pod 1 scheduler K8s API network kube proxy docker & kubelet

61. Kubernetes architecture 59 Fit und Schlank dank Kubernetes Quelle /

    Max Mustermann Cluster Node 1 Pod 2 Node 2 Node 3 Pod 2 Node 4 Pod 2 Node 5 Pod 3 Master Nodes etcd db Pod 1 Pod 1 Pod 1 scheduler K8s API network kube proxy docker & kubelet

62. Kubernetes architecture 60 Fit und Schlank dank Kubernetes Quelle /

    Max Mustermann Cluster Node 1 Pod 2 Node 2 Node 3 Pod 2 Node 4 Pod 2 Node 5 Pod 3 Master Nodes etcd db Pod 1 Pod 1 Pod 1 docker & kubelet $ kubectl get pods scheduler K8s API network kube proxy docker & kubelet

63. Kubernetes architecture 61 Fit und Schlank dank Kubernetes Quelle /

    Max Mustermann Cluster Node 1 Pod 2 Node 2 Node 3 Pod 2 Node 4 Pod 2 Node 5 Pod 3 Master Nodes etcd db Pod 1 Pod 1 Pod 1 docker & kubelet $ kubectl get pods scheduler K8s API network kube proxy docker & kubelet

64. 62 Kubernetes API Schlank und fit dank Kubernetes

65. Kubernetes API — Object 63 • Persistent entity in the

    Kubernetes system • Record of intent • Created, modified and deleted through the Kubernetes API • Object spec: the desired state of the objects • Object status: describes the current, actual state of the object (running, failed, pending, ...) • Usually described through a yaml or json file Fit und Schlank dank Kubernetes Quelle / Max Mustermann

66. Kubernetes API — Pod 64 Fit und Schlank dank Kubernetes

    Quelle / Max Mustermann Pod C apiVersion: v1 kind: Pod metadata: name: app1-pod spec: containers: - image: kesselborn/http-fs:oop1 name: app1 ports: - containerPort: 8080 protocol: TCP 8080 8080

67. Kubernetes API — Pod 65 Fit und Schlank dank Kubernetes

    Quelle / Max Mustermann Pod C apiVersion: v1 kind: Pod metadata: name: app1-pod spec: containers: - image: kesselborn/http-fs:oop1 name: app1 ports: - containerPort: 8080 protocol: TCP 8080 8080 kubectl apply -f app1-pod.yaml create via cli tool:

68. Demo 66 Schlank und fit dank Kubernetes Video: http://j.mp/oop2018-k8s-api-pod

69. Kubernetes API — Pod X PPT Master 16:9 / Edition

    2018

70. Kubernetes API — Deployment 67 Fit und Schlank dank Kubernetes

    Quelle / Max Mustermann Node Node Node Pod Pod Pod Pod Replicas: 4 … Pod: … Deployment

71. 68 Fit und Schlank dank Kubernetes Quelle / Max Mustermann

    apiVersion: extensions/v1beta1
 kind: Deployment
 metadata:
 labels:
 app: app1
 name: app1
 spec:
 replicas: 4
 selector:
 matchLabels:
 app: app1
 template:
 metadata:
 labels:
 app: app1
 spec:
 containers:
 - image: kesselborn/http-fs:oop1
 name: app1
 ports:
 - containerPort: 8080
 protocol: TCP Kubernetes API — Deployment Node Node Node Pod Pod Pod Pod Replicas: 4 ... Deployment Replicas: 4 … Pod: …

72. 69 Fit und Schlank dank Kubernetes Quelle / Max Mustermann

    apiVersion: extensions/v1beta1
 kind: Deployment
 metadata:
 labels:
 app: app1
 name: app1
 spec:
 replicas: 4
 selector:
 matchLabels:
 app: app1
 template:
 metadata:
 labels:
 app: app1
 spec:
 containers:
 - image: kesselborn/http-fs:oop1
 name: app1
 ports:
 - containerPort: 80
 protocol: TCP Kubernetes API — Deployment Node Node Node Pod Pod Pod Pod Replicas: 4 ... Deployment Replicas: 4 … Pod: …

73. Demo 70 Schlank und fit dank Kubernetes Video: http://j.mp/oop2018-k8s-api-deployment

74. X Fit und Schlank dank Kubernetes Quelle / Max Mustermann

    Kubernetes API — Deployment

75. Kubernetes API — ClusterIP Service 71 Fit und Schlank dank

    Kubernetes Quelle / Max Mustermann Cluster Node 1 Pod 2 Node 2 Node 3 Pod 2 Node 4 Pod 2 Node 5 Pod 3 Node 6 Pod 3 Pod 1 Pod 1 Pod 1 Pod 1 service1:80 100.71.23.42:80 8080 apiVersion: v1 kind: Service metadata: labels: app: service1 name: service1 spec: ports: - name: standard port: 80 protocol: TCP targetPort: 8080 selector: app: app1 type: ClusterIP

76. Kubernetes API — ClusterIP Service 72 Fit und Schlank dank

    Kubernetes Quelle / Max Mustermann Cluster Node 1 Pod 2 Node 2 Node 3 Pod 2 Node 4 Pod 2 Node 5 Pod 3 Node 6 Pod 3 Pod 1 Pod 1 Pod 1 Pod 1 service1:80 100.71.23.42:80 8080 apiVersion: v1 kind: Service metadata: labels: app: service1 name: service1 spec: ports: - name: standard port: 80 protocol: TCP targetPort: 8080 selector: app: app1 type: ClusterIP

77. Kubernetes API — ClusterIP Service 73 Fit und Schlank dank

    Kubernetes Quelle / Max Mustermann Cluster Node 1 Pod 2 Node 2 Node 3 Pod 2 Node 4 Pod 2 Node 5 Pod 3 Node 6 Pod 3 Pod 1 Pod 1 Pod 1 Pod 1 service1:80 100.71.23.42:80 8080 apiVersion: v1 kind: Service metadata: labels: app: service1 name: service1 spec: ports: - name: standard port: 80 protocol: TCP targetPort: 8080 selector: app: app1 type: ClusterIP

78. Kubernetes API — ClusterIP Service Fit und Schlank dank Kubernetes

    apiVersion: v1 kind: Service metadata: labels: app: service1 name: service1 spec: ports: - name: standard port: 80 protocol: TCP targetPort: 8080 selector: app: app1 type: ClusterIP apiVersion: extensions/v1beta1
 kind: Deployment
 metadata:
 labels:
 app: app1
 name: app1
 spec:
 replicas: 4
 selector:
 matchLabels:
 app: app1
 template:
 metadata:
 labels:
 app: app1
 spec:
 containers:
 - image: kesselborn/http-fs:oop1
 name: app1
 ports:
 - containerPort: 80
 protocol: TCP

79. Kubernetes API — ClusterIP Service 75 Fit und Schlank dank

    Kubernetes Quelle / Max Mustermann Cluster Node 1 Pod 2 Node 2 Node 3 Pod 2 Node 4 Pod 2 Node 5 Pod 3 Node 6 Pod 3 Pod 1 Pod 1 Pod 1 Pod 1 service1:80 100.71.23.42:80 8080 apiVersion: v1 kind: Service metadata: labels: app: service1 name: service1 spec: ports: - name: standard port: 80 protocol: TCP targetPort: 8080 selector: app: app1 type: ClusterIP

80. Demo 76 Schlank und fit dank Kubernetes Video: http://j.mp/oop2018-k8s-api-service

81. Kubernetes API — Service X PPT Master 16:9 / Edition

    2018

82. Kubernetes API — Ingress rules 77 Fit und Schlank dank

    Kubernetes Quelle / Max Mustermann Cluster Node 1 Node 2 Node 3 Node 4 Node 5 Node 6 Pod 1 Pod 1 Pod 1 Pod 1 Pod 2 Pod 2 Pod 3 Pod 3 service1 100.71.23.42 service3 100.71.23.44 service2 100.71.23.43

83. Kubernetes API — Ingress rules 78 Fit und Schlank dank

    Kubernetes Quelle / Max Mustermann Cluster Node 1 Node 2 Node 3 Node 4 Node 5 Node 6 Pod 1 Pod 1 Pod 1 Pod 1 Pod 2 Pod 2 Pod 3 Pod 3 ingress controller http://example.com http://example.com/account http://foo.com service1 100.71.23.42 service3 100.71.23.44 service2 100.71.23.43

84. Kubernetes API — Ingress rules 79 Fit und Schlank dank

    Kubernetes Quelle / Max Mustermann Cluster Node 1 Node 2 Node 3 Node 4 Node 5 Node 6 Pod 1 Pod 1 Pod 1 Pod 1 Pod 2 Pod 2 Pod 3 Pod 3 http://example.com http://example.com/account http://foo.com service1 100.71.23.42 service3 100.71.23.44 service2 100.71.23.43 ingress controller apiVersion: extensions/v2beta1 kind: Ingress metadata: name: app1-ingress spec: rules: - host: example.com http: paths: - path: / backend: serviceName: service1 servicePort: 80

85. Kubernetes API — Ingress rules 80 Fit und Schlank dank

    Kubernetes Quelle / Max Mustermann Cluster Node 1 Node 2 Node 3 Node 4 Node 5 Node 6 Pod 1 Pod 1 Pod 1 Pod 1 Pod 2 Pod 2 Pod 3 Pod 3 http://example.com http://example.com/account http://foo.com service1 100.71.23.42 service3 100.71.23.44 service2 100.71.23.43 ingress controller apiVersion: extensions/v2beta1 kind: Ingress metadata: name: app2-ingress annotations: ingress.kubernetes.io/rewrite-target: / spec: rules: - host: example.com http: paths: - path: /account backend: serviceName: service2 servicePort: 80

86. Kubernetes API — Ingress rules 81 Fit und Schlank dank

    Kubernetes Quelle / Max Mustermann Cluster Node 1 Node 2 Node 3 Node 4 Node 5 Node 6 Pod 1 Pod 1 Pod 1 Pod 1 Pod 2 Pod 2 Pod 3 Pod 3 http://example.com http://example.com/account http://foo.com service1 100.71.23.42 service3 100.71.23.44 service2 100.71.23.43 ingress controller apiVersion: extensions/v2beta1 kind: Ingress metadata: name: app3-ingress spec: rules: - host: foo.com http: paths: - path: / backend: serviceName: service3 servicePort: 80

87. Demo 82 Schlank und fit dank Kubernetes Video: http://j.mp/oop2018-k8s-api-ingress

88. 83 Helm Schlank und fit dank Kubernetes

89. Helm 84 • Package management for Kubernetes: update, rollback, create,

    version, share, and publish applications • Ready to use Kubernetes-applications (but always check the sources — like … for real, do it) • Handy for deployment*: persistent history and easy rollback for free • Part of Cloud Native Computing Foundation • Includes the possibility to template Kubernetes config files (e.g. for handling different clusters with the same configs) Fit und Schlank dank Kubernetes Quelle / Max Mustermann *the guy standing next to me does not approve

90. Helm 85 Fit und Schlank dank Kubernetes Quelle / Max

    Mustermann $ # … install helm locally $ helm init $ helm search gitlab
 NAME VERSION DESCRIPTION 
 gitlab/gitlab 0.1.9 GitLab. Collaboration and source control
 gitlab/gitlab-omnibus 0.1.36 GitLab Omnibus all-in-one bundle 
 gitlab/gitlab-runner 0.1.13 GitLab Runner 
 gitlab/kubernetes-gitlab-demo 0.1.29 GitLab running on Kubernetes suitable for demos 
 stable/gitlab-ce 0.2.1 GitLab Community Edition 
 stable/gitlab-ee 0.2.1 GitLab Enterprise Edition 
 gitlab/auto-deploy-app 0.2.4 GitLab's Auto-deploy Helm Chart # install a working gitlab with all the bells and whistles $ helm install gitlab/gitlab-omnibus

91. 86 Kubernetes setup & maintenance Schlank und fit dank Kubernetes

92. Kubernetes setup & maintenance — kops 87 • “kubectl for

    clusters” • Automates the provisioning of Kubernetes clusters in AWS and GCE • Deploys Highly Available (HA) Kubernetes Masters • YAML Manifest Based API Configuration • Templating and dry-run modes for creating Manifests • Easily upgrade your Kubernetes cluster to the latest K8s version (rolling update) Fit und Schlank dank Kubernetes Quelle / Max Mustermann

93. 88 Advanced Kubernetes Schlank und fit dank Kubernetes

94. 89 Operator pattern Schlank und fit dank Kubernetes

95. Operator 90 • Are YAMLs too static? • Does Helm

    help scaling? • Is it easy to • deploy • scale • … a cluster of e.g. Elasticsearch / Postgresql / etcd . . .? Fit und Schlank dank Kubernetes Quelle / Max Mustermann

96. Operator 91 ... is an application-specific POD that extends the

    Kubernetes API to • create • configure • manage instances of complex stateful applications It builds upon the basic Kubernetes resources and controller concepts Fit und Schlank dank Kubernetes Quelle / Max Mustermann

97. Operator / Controller 92 Fit und Schlank dank Kubernetes Quelle

    / Max Mustermann Kubernetes API Operator POD Managed Object Managed Object Create Configure Manage

98. Example: etcd Operator 93 Fit und Schlank dank Kubernetes Quelle

    / Max Mustermann etcd Operator POD Kubernetes API etcd etcd Create Configure Manage etcd cluster X etcd X CRD

99. Demo 94 Schlank und fit dank Kubernetes

100. func newDebugger(client *kubernetes.Clientset) *Debugger { debugger := &Debugger{} podInformer :=

     cache.NewSharedIndexInformer( &cache.ListWatch{ ListFunc: func(options api.ListOptions) (runtime.Object, error) { return client.Core().Pods(v1.NamespaceAll).List(options) }, WatchFunc: func(options api.ListOptions) (watch.Interface, error) { return client.Core().Pods(v1.NamespaceAll).Watch(options) }, }, &v1.Pod{}, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, ) podInformer.AddEventHandler(cache.ResourceEventHandlerFuncs{ AddFunc: debugger.podAdd, UpdateFunc: debugger.podUpdate, DeleteFunc: debugger.podDelete, }) debugger.podInformer = podInformer return debugger } 95 Listener Demo Code Fit und Schlank dank Kubernetes

101. 96 Cloud Native Storage Schlank und fit dank Kubernetes

102. Cloud Native Storage 97 • Same shares on every node

     • Handles replicas • Persists to local disk • Parallel file system • Dynamic provisioning • Distributed file locks • Permission and ACL support • NFS, S3, ...access Fit und Schlank dank Kubernetes Quelle / Max Mustermann Node 1 Node 2 Node 3 FS Volume Volume App 1 App 2 local local local

103. Persistence Provisioning 98 provides an API for users and administrators

     that abstracts details of how storage is provided from how it is consumed. • A StorageClass provides a way to describe the “classes” of offered storage • A Provisioner determines what volume plugin is used for provisioning PVs Fit und Schlank dank Kubernetes Quelle / Max Mustermann Storage Class Persistent Volume Claim • amount of storage requested • certain access modes • StorageClass requests Pod use claim as volume User Provisioner create PV

104. Rook 99 Fit und Schlank dank Kubernetes Quelle / Max

     Mustermann

105. Demo 100 Schlank und fit dank Kubernetes

106. 101 Network Policies Schlank und fit dank Kubernetes

107. Network Policies 102 is a specification of how pods are

     allowed to communicate with each other • By default, pods are non-isolated • NP resources use labels to select pods • NP define rules which specify what traffic is allowed to the selected pods Fit und Schlank dank Kubernetes Quelle / Max Mustermann

108. Service labels 103 Fit und Schlank dank Kubernetes Quelle /

     Max Mustermann Project A Project B Team A Project C FE BE DB scs: store FE BE DB scs: cart FE BE DB scs: checkout Namespaces

109. Role labels 104 Fit und Schlank dank Kubernetes Quelle /

     Max Mustermann Project A Project B Team A Project C FE FE FE role: fe Namespaces BE BE BE role: be DB DB DB role: data

110. Network policies 105 Fit und Schlank dank Kubernetes Quelle /

     Max Mustermann Project A Project B Team A Project C FE BE DB ingress from SCS: Store ingress from FE BE DB ingress from SCS: Checkout ingress from Namespaces namespace isolated

111. Network policy resource 106 • Only ingress available, therefore ...

     • podSelector defines the “destination pods” 
 for the policy • List of whitelist ingress rules • Each rule allows traffic which matches both 
 the from and ports sections Fit und Schlank dank Kubernetes Quelle / Max Mustermann apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: test-network- policy spec: podSelector: matchLabels: role: db ingress: - from: - namespaceSelector: matchLabels: project: myproject - podSelector: matchLabels: role: frontend ports: - protocol: TCP port: 6379

112. 107 Service Mesh Schlank und fit dank Kubernetes

113. Cloud Native Journey 108 Applications adopting the principles of Microservices

     packaged and delivered as Containers orchestrated by Platforms running on top of Cloud infrastructure Fit und Schlank dank Kubernetes Quelle / Max Mustermann

114. Cloud Native Journey 109 1. Any operations should be Application

     Oriented
 2. Platform should automate routine tasks
 (placement, healthchecks, healing, scaling, …)
 3. XFR/NFR should be moved to the platform
 (discovery, jobs, log aggregation, metrics collection, …)
 4. Allow developers to code the business domain Fit und Schlank dank Kubernetes Quelle / Max Mustermann

115. Service mesh 110 We have... • Round Robin load balancer

     (service) • API gateway (ingress) But... • XFRs to the platform? • Resilience Pattern (like Circuit breaker) • Encrypted communication (TLS) Fit und Schlank dank Kubernetes Quelle / Max Mustermann

116. Service mesh 111 But … (continued) • Website AB testing?

     (f.e. mobile test only) • Monitoring? • Testing? • . . . Fit und Schlank dank Kubernetes Quelle / Max Mustermann

117. Sidekick pattern 112 Fit und Schlank dank Kubernetes Quelle /

     Max Mustermann Pod Sidekick Main App Container 1 2 3 kubectl apply -f <(istioctl kube-inject -f bookinfo.yaml)

118. Istio 113 Fit und Schlank dank Kubernetes Quelle / Max

     Mustermann

119. Istio 114 Example Fit und Schlank dank Kubernetes Quelle /

     Max Mustermann

120. Demo Istio 115 • Book Info Example • Dot Viz

     (Service call graph) • Grafana Dashboard • Jaeger Tracing • Request Routing (different route for Jason) • Fault injection (delaying services) • Traffic Shifting (f.e. for AB Testing) Fit und Schlank dank Kubernetes Quelle / Max Mustermann

121. DotViz 116 Fit und Schlank dank Kubernetes Quelle / Max

     Mustermann

122. 117 Application Container Design Schlank und fit dank Kubernetes

123. What are Container Patterns? 118 • Abstract away the low-level

     details • Is valid for container as it is for OOP • Reveal general reusable solutions to a commonly occurring problem • Simplifies reuse of images • Can help to modularize on container level • Separation of Concerns • Isolation Fit und Schlank dank Kubernetes Quelle / Max Mustermann

124. What are Container Patterns? 119 • Perfectly fit to abstractions

     like Logical Hosts or Services 
 (Container Manager) Fit und Schlank dank Kubernetes Quelle / Max Mustermann

125. Front end with Elastic Search 120 Example Fit und Schlank

     dank Kubernetes Quelle / Max Mustermann SCS Frontend & Business Logic Elasticsearch Cluster m essages Git for HTML

126. Front end with Elastic Search 121 Example Fit und Schlank

     dank Kubernetes Quelle / Max Mustermann SCS Pod Elasticsearch Cluster Git for HTML FE Ingress Service m essages ?

127. Front end with Elastic Search 122 Example Fit und Schlank

     dank Kubernetes Quelle / Max Mustermann SCS Pod Elasticsearch Cluster Git for HTML FE Ingress Pod Msg Rcv m essages Service ?

128. Front end with Elastic Search 123 Example Fit und Schlank

     dank Kubernetes Quelle / Max Mustermann SCS Pod Elasticsearch Cluster Git for HTML FE Ingress Pod Msg Rcv m essages Service ? Vol Git pull

129. Front end with Elastic Search 124 Example Fit und Schlank

     dank Kubernetes Quelle / Max Mustermann SCS Pod Elasticsearch Cluster Git for HTML Git pull FE / Proxy BL Ingress Pod m essages Service Msg Rcv Vol ?

130. Front end with Elastic Search 125 Example Fit und Schlank

     dank Kubernetes Quelle / Max Mustermann SCS CronJob Elasticsearch Cluster Git for HTML Ingress Pod Msg Rcv m essages Pod BL Service ? Git pull Vol FE / Proxy

131. Front end with Elastic Search 126 Example Fit und Schlank

     dank Kubernetes Quelle / Max Mustermann SCS CronJob Elasticsearch Cluster Git for HTML Vol Ingress Pod messages Pod BL Service Pod Pod Redis Pod Job Msg proc ? Msg Rcv Git pull FE / Proxy

132. Front end with Elastic Search 127 Example Fit und Schlank

     dank Kubernetes Quelle / Max Mustermann SCS CronJob Git for HTML Vol Ingress Pod Pod Service Pod Pod Job Volume Volume Volume ES Operator Git pull Msg Rcv FE / Proxy BL Msg proc Data Node Data Node ES Client Pod Redis ES Master Data Node messages

133. Keynote 16:9-Vorlagen Lorem ipsum dolor sit amet EDITION 2018
 DIE

     FIRMA . EXPERIENCE DESIGN München OOP 2018, 8.2.2018 Thanks! Questions? meet us at the INNOQ booth … … or ping us on twitter: @kesselborn | @fakod