Distributed System with Kubernetes

Distributed System with Kubernetes

A talk on Evolving Kubernetes at Google DevFest 2018, Mumbai. Explaining distributed systems with Kubernetes along with understanding the service discovery with a n-tier application deployment demo.

Twitter Link: https://twitter.com/GCDC_Mumbai/status/1050393339433050114

D81d268aa39c5ceece3fc86fd29cf349?s=128

Mohan Pawar

October 13, 2018
Tweet

Transcript

  1. Mohan Pawar, Continuum @mohan08p Location Building Distributed Systems with Kubernetes

  2. 2 Agenda 1. What is Distributed System ? 2. Dev

    and DevOps Experience 3. Container Evolution 4. Container Orchestration 5. K8s Architecture
  3. What is Distributed System ? “A collection of independent computers

    that appear to its users as one computer.” - Andrew Tannenbaum
  4. Three Characteristics • The computers operate concurrently • The computers

    fail independently • The computer do not share a global clock
  5. 5

  6. 6

  7. 7

  8. The Dev people managing infrastructure just want a PaaS. The

    only requirement is: It has to be build by them
  9. 9 Source: What is kubernetes?

  10. 10

  11. Containers are future deployment units.

  12. We must treat the data center itself as one massive

    warehouse-scale computer
  13. Kubernetes is a framework for building distributed platforms.

  14. 14

  15. Microservices Architecture • Modular • Easy to deploy • Scale

    Independently The Twelve-Factor App
  16. 16

  17. What is Orchestration ? “The planning or coordination of the

    elements of a situation to produce a desired effect, especially surreptitiously.”
  18. 18

  19. 19

  20. Kubernetes Key Concepts Pod: Smallest Unit of Deployment in Kubernetes

    Replication Controller(Replica Set): A loop that drives the current state to desired state Service: A set of running pods that work together Volumes: Pod level storage and configuration
  21. Service Discovery 1. ClusterIP (internal) -- the default type means

    that this Service is only visible inside of the cluster 2. NodePort gives each node in the cluster an externally accessible IP and 3. LoadBalancer adds a load balancer from the cloud provider which forwards traffic from the service to Nodes within it.
  22. 22

  23. Create Deploy Simulate End Chart Data Source Info Demo Time

    • Using Kubernetes Engine to Deploy Apps with Regional Persistent Disks
  24. Kubernetes ease the Canary and Blue-Green deployments

  25. Istio • Policy - Create a policy between the application.

    • Observability - Observer the behaviour • Security - per application instance • Reliability - consistent performance according to specification “Kubernetes changed how we deploy applications, Istio is going to change how we connect, manage and secure them.”
  26. Kubernetes Best Practices • Building smaller containers. • Organizing many

    projects with Namespace • Health checking with Readiness and Liveness Probe • Mapping external services • Upgrade a cluster with zero downtime Source: Kubernetes Best Practices
  27. Security Checklist for K8s • Scan all your docker images

    for vulnerability testing • Use RBAC over ABAC and assign optimum privileges to respective teams. • Configure a Security Context for a Pod running your service. • All the service endpoints should be protected. • The datastore like etcd must be secured. • Secret keys, encryption keys should be rotated over a period of time. • Only admin should have access to `kubectl` • Continuous Monitoring, log aggregation and analysis, etc.
  28. Kubernetes Roadmap • Kubernetes ease the deployment and management of

    containerized application and services. • Containers, Micro-services, Kubernetes are long way to go. • Leverage the serverless technology to use resources for smaller period of time. • It will be great to see kubernetes into ML domain, IoT devices, blockchain technology or even self-driving cars running kubernetes.
  29. Location Q/A

  30. Location Thank you! /in/mohan08p @mohan08p