Kubernetes For Sysadmins

Maciej Strzelecki • DevOps Engineer @ Schibsted Tech Polska •
Trainer @ infoShare Academy • Independent Consultant

Mutable Infrastructure vs Immutable Infrastructure “Configuration management tools such as
Chef, Puppet, Ansible, and SaltStack typically default to a mutable infrastructure paradigm.”

Configuration Drift

Container-Centric Infrastructure

Pods • abstraction that represents a group of one or
more application containers • Shared storage, as Volumes • Networking, as a unique cluster IP address • Information about how to run each container, such as the container image version or specific ports to use

Services and Labels • Service routes traffic across a set
of Pods • Labels are key/value pairs attached to objects • Services match a set of Pods using labels and selectors

Scheduling Decide where my container should run • nodeSelector •
Node affinity • Inter-pod affinity and anti-affinity

Lifecycle and health Keep my containers running despite failures •
Container hooks • Init Containers • Liveness and Readiness Probes

Scaling Make sets of containers bigger or smaller • Deployments
• Horizontal Pod Autoscaler

Naming and discovery Find where my containers are now •
Labels and Selectors • Services

Load balancing Distribute traffic across a set of containers •
Services • External Load Balancer • Ingress

Storage volumes Provide data to containers • Volumes • Persistent
Volumes • Persistent Volume Claims • Storage Classes

Logging and monitoring Track what’s happening with my containers

Debugging and introspection Enter or attach to containers • Events
• Exec • Proxies • Port forwarding

Identity and authorization Control who can do things to my
containers • Namespaces • RBAC • Network Policies

“Container Wars Are Over: Kubernetes Has Won!”

How to Configure Autoscaling on Docker Swarm? “Not available today.
Swarm uses Docker-Compose to scale statically. CPU/QPS monitoring is needed to do auto scaling. Swarm doesn't have that yet.”

“Docker-Swarm, Kubernetes, Mesos & Core-OS Fleet” “I think that Mesos
and Kubernetes are largely aimed at solving similar problems of running clustered applications, they have different histories and different approaches to solving the problem. Mesos focuses its energy on very generic scheduling and plugging in multiple different schedulers.”

Minikube Run Kubernetes locally Minikube is a tool that makes
it easy to run Kubernetes locally. Minikube runs a single-node Kubernetes cluster inside a VM on your laptop for users looking to try out Kubernetes or develop with it day-to-day.

macOS brew cask install minikube

Linux curl -Lo minikube https://storage.googleapis.com/minikube/releases/latest/mini kube-linux-amd64 && chmod +x minikube
&& sudo mv minikube /usr/local/bin/

Hosted Solutions • Google Container Kubernetes Engine (GKE) • Azure
Container Service (AKS) • Amazon Elastic Container Service for Kubernetes (EKS)

Kubernetes The Hard Way Bootstrap Kubernetes the hard way on
Google Cloud Platform. No scripts. Kubernetes The Hard Way is optimized for learning, which means taking the long route to ensure you understand each task required to bootstrap a Kubernetes cluster.

Note to Self • Monitor and log everything (especially count
of restarted Pods) • Managed versions are OK to start, but sooner or later you’ll need some tweaks or customizations • Limit resources of each application from the beginning • Watch out for Java apps and heap size • Design readiness and liveness probes carefully, don’t check external dependencies • Take service mesh for consideration (Istio, Linkerd etc.) or at least configure tracing (included in NGINX Ingress Controller) • Use tools from K8s ecosystem (Helm, Draft) • Minikube on local development environment isn’t a problem, Docker-way of development is

“Serverless, not infrastructureless”

Questions?

[email protected]

Kubernetes For Sysadmins

Kubernetes For Sysadmins

Maciej Strzelecki

More Decks by Maciej Strzelecki

Other Decks in Technology

Featured

Transcript