Evolving Kubernetes

Transcript

1. Evolving Kubernetes Mohan Pawar Google Cloud Next Extended, Mumbai |

   15th Sept 2018

2. Everything is Containers: The evolution has begin with Containers #GoogleNext18

   #NextExtended

3. Private Public PaaS IaaS #GoogleNext18 #NextExtended

4. We must treat the data center itself as one massive

   warehouse-scale computer #GoogleNext18 #NextExtended

5. Kubernetes is a framework for building distributed platforms. #GoogleNext18 #NextExtended

6. Docker accelerates the innovation #GoogleNext18 #NextExtended

7. Containers are Future Deployment Units. #GoogleNext18 #NextExtended

8. Microservices Architecture • Modular • Easy to deploy • Scale

   Independently The Twelve-Factor App #GoogleNext18 #NextExtended

9. What is Orchestration? #GoogleNext18 #NextExtended

10. What is Orchestration? “The planning or coordination of the elements

    of a situation to produce a desired effect, especially surreptitiously.” #GoogleNext18 #NextExtended

11. The Dev people managing infrastructure just want a PaaS. The

    only requirement is: It has to be build by them #GoogleNext18 #NextExtended
12. None

13. #GoogleNext18 #NextExtended

14. Kubernetes Key Concept Pod: Smallest Unit of Deployment in Kubernetes

    Replication Controller(Replica Set): A loop that drives the current state to desired state Service: A set of running pods that work together Volumes: Pod level storage and configuration #GoogleNext18 #NextExtended

15. Service Discovery • Persistent Endpoint for the pods • Internal

    or External IPs • Enables loose coupling b/w micro-services #GoogleNext18 #NextExtended

16. Service Types 1. ClusterIP (internal) -- the default type means

    that this Service is only visible inside of the cluster 2. NodePort gives each node in the cluster an externally accessible IP and 3. LoadBalancer adds a load balancer from the cloud provider which forwards traffic from the service to Nodes within it. #GoogleNext18 #NextExtended

17. #GoogleNext18 #NextExtended

18. #GoogleNext18 #NextExtended

19. #GoogleNext18 #NextExtended

20. #GoogleNext18 #NextExtended

21. #GoogleNext18 #NextExtended

22. Ingress/Egress

23. Demo Time • Deploying Simple RSVP Application #GoogleNext18 #NextExtended

24. Evolving Stack... Connect, Manage and Secure Services End application Packaging

    e.g. tarball Better cluster Deployment #GoogleNext18 #NextExtended

25. An open platform to connect, manage and secure microservices #GoogleNext18

    #NextExtended

26. Istio • Policy - Create a policy between the application.

    • Observability - Observer the behaviour • Security - per application instance • Reliability - consistent performance according to specification “Kubernetes changed how we deploy applications, Istio is going to change how we connect, manage and secure them.”

27. Kubernetes Best Practices • Building smaller containers. • Organizing many

    projects with Namespace • Health checking with Readiness and Liveness Probe • Mapping external services • Upgrade a cluster with zero downtime

28. Security Checklist for K8s • Scan all your docker images

    for vulnerability testing • Use RBAC over ABAC and assign optimum privileges to respective teams. • Configure a Security Context for a Pod running your service. • All the service endpoints should be protected. • The datastore like etcd must be secured. • Secret keys, encryption keys should be rotated over a period of time. • Only admin should have access to `kubectl` • Continuous Monitoring, log aggregation and analysis, etc.

29. Future of K8s • Kubernetes ease the deployment and management

    of containerized application and services. • Containers, Micro-services, Kubernetes are long way to go. • Leverage the serverless technology to use resources for smaller period of time. • It will be great to see kubernetes into ML domain, IoT devices, blockchain technology or even self-driving cars running using kubernetes.

30. Q/A #GoogleNext18 #NextExtended

31. Thank you /in/mohan08p @mohan08p Follow us @GCDC_Mumbai Ask any further

    questions. #GoogleNext18 #NextExtended