Azure Serbia UG - Introduction to Kubernetes using AKS

Transcript

1. @pascalnaber Introduction to Kubernetes using AKS Pascal Naber

2. None
3. None

4. Think ahead. Act now. WHY I LIKE Containers

5. Think ahead. Act now. They are FAST

6. Think ahead. Act now. They are PORTABLE

7. Think ahead. Act now. They are ISOLATED

8. Moving to production Scaling, load balancing, fault tolerance

9. Scaling, Load balancing & Fault tolerance Server Frontend Backend

10. Scaling, Load balancing & Fault tolerance Server Server Server Container

    orchestration

11. Server Scaling, Load balancing & Fault tolerance Server Server Container

    orchestration

12. Container orchestrators Cluster High Availability Hyper-Scale Hybrid Operations High Density

    Rolling Upgrades Stateful services Low Latency Fast startup & shutdown Container Orchestration & lifecycle management Replication & Failover Load balancing Self-healing Automated Rollback Health Monitoring Placement Constraints Microservices Service Fabric

13. Google Trend

14. Orchestrators cluster Node (Worker) Node (Worker) Master

15. Kubernetes Kubernetes cluster Node (Minion) Node (Minion) Master

16. Master Node Kubernetes architecture Master API Server Scheduler Controller Manager

    Node etcd kubelet kube-proxy Pod Pod Pod Kubectl (CLI) Dashboard (UI) REST client (Code)

17. History of Kubernetes June 2014 First commit September 2014 July

    2015 March 2018 Announced Kubernetes v1 CNCF 1st Graduate

18. Kubernetes k8s OOS Extensible Large, rapidly growing ecosystem Facilitates declarative

    configuration and automation Κυβερνήτης -- Greek: meaning helmsman or pilot 1 2 3 4 5 6 7 8

19. Hosting of Kubernetes Local Minikube Docker for Windows Docker for

    Mac Raspberry Pi Private datacenter Public Cloud GKE (26-8-2015) EKS (5-6-2018) ACS (19-4-2016) AKS (13-6-2018)

20. Azure Kubernetes Service (AKS) master master master worker worker worker

    AKS 100% managed by Microsoft IaaS managed by Microsoft € 0 € … (VM pricing)

21. NodePool: Windows | k8s 1.16.7 Standard_DS2_v3 NodePool: Linux | k8s

    1.16.7 Standard_DS2_v2 NodePool: Linux | k8s 1.16.7 Standard_NC6 (GPU optimized) NodePool: Linux | k8s 1.15.7 Standard_DS2_v2 Nodepools

22. Availability zones Availability Set (99.5%) Availability Zones (99.99%) Availability Zone

    1 Availability Zone 2 Availability Zone 3 Azure region €0.009 per GB inbound & outbound traffic

23. Missing pieces? Deploy to Production

24. Install AKS ARM Ansible Terraform Portal

25. Install AKS using CLI ## Create resourcegroup az group create

    --name communitylive --location westeurope ## Create Kubernetes cluster az aks create -g aksdemo -n communitylive --enable-managed-identity ## Create Kubernetes cluster az aks create --resource-group communitylive --name aksdemo --enable-managed-identity --kubernetes-version 1.16.7 --node-vm-size Standard_DS2_v2 --node-count 3 --enable-addons monitoring --max-pods $AKS_MAX_PODS_PER_NODE --ssh-key-value "C:\repos\pascal\ssh\public.pub" --load-balancer-sku standard --network-plugin azure --vm-set-type VirtualMachineScaleSets --vnet-subnet-id $AKSSUBNETID --docker-bridge-address $AKS_NETWORKING_DOCKER_BRIDGE_ADDRESS --dns-service-ip $AKS_NETWORKING_DNS_SERVICE_IP --service-cidr $AKS_NETWORKING_SERVICE_CIDR --aad-server-app-id $AADSERVERAPPID --aad-server-app-secret $AADSERVERAPPSECRET --aad-client-app-id $AADCLIENTAPPID --aad-tenant-id $TENANTID

26. Azure resources for AKS azureserbia Upgrade Scale

27. Azure resources for AKS MC_ azureserbia_aksdemo_westeurope azureserbia

28. Think ahead. Act now. ## download & install kubectl az

    aks install-cli ## download credentials az aks get-credentials --resource-group communitylive --name aksdemo Post Install steps

29. Deployment flow Create Docker Images Apply K8s deployments Push Docker

    Images to registry 1 2 3

30. Kubernetes concepts

31. Pod Group of 1 or more containers Shared Storage Shared

    Network Same IP-address Shared port-range Pod 10.0.0.1 Storage Pod 10.0.0.2 Storage Port 80 Port 8080 Port 80

32. leaderboard-api.yaml Pod Pod Pod Replica Set Deployment Label: backend Selector

    Label: backend Label: backend Label: backend Label: backend Selector Label: backend C:> kubectl apply –f leaderboard-api.yaml

33. C:> kubectl apply –f update.yaml Zero-downtime deployment Can be rolled

    back Rolling updates

34. Environment variables & Secrets

35. C:> kubectl apply –f secret.yaml ## Create Secret to access

    Azure Container Registry kubectl create secret docker-registry clouddemoimages --docker-server=https://clouddemo.azurecr.io --docker-username=clouddemo --docker-password=kD98ddl$= [email protected] Secrets: Base64 encoded values Environment variables & Secrets

36. Health checks livenessProbe Indicates whether the Container is running Restart

    in case of failure Container: https://www.app-metrics.io/ HealthChecks library https://github.com/dotnet-architecture/HealthChecks readinessProbe Indicates whether the Container is ready to service requests No traffic is routed to the Pod C:> kubectl apply –f leaderboard-api.yaml Microsoft.AspNetCore.Diagnostics.HealthChecks

37. Kubernetes – Self healing Every n seconds check Restarts container

    During rolling update deployment Stop deployment During container startup No traffic Default endpoint Health endpoint (/health) Health endpoints returns != 200?

38. Resource Management requests: Minimum required resources limits: Capped resource usage

    100m = 0.1 cpu 500m = 0.5 cpu 64Mi = 64 MB memory 128Mi = 128 MB memory C:> kubectl apply –f leaderboard-api.yaml

39. Azure Kubernetes Service (AKS) - Scaling worker worker worker worker

    replicas replicas 5 4 Pod Autoscaler 4-20 > 60% CPU Cluster Autoscaler

40. How to access the Pods? From inside and outside the

    cluster

41. Node 1 Pod Label: backend 10.0.0.2 Pod Label: backend 10.0.0.3

    Node 0 Pod Label: backend 10.0.0.1 Node 2 Pod Label: backend 10.0.0.4 Pod Label: backend 10.0.0.5 Pods are mortal

42. Service Service Type: ClusterIP Selector Label: backend Node 1 Pod

    Label: backend 10.0.0.2 Node 0 Pod Label: backend 10.0.0.1 Node 2 Pod Label: backend 10.0.0.4 Pod Label: backend 10.0.0.5 192.168.0.1

43. Service Service Type: LoadBalancer Selector Label: backend Node 1 Pod

    Label: backend 10.0.0.2 Node 0 Pod Label: backend 10.0.0.1 Node 2 Pod Label: backend 10.0.0.4 Pod Label: backend 10.0.0.5 Public ip address: 37.17.208.21 192.168.0.2

44. Frontend Backend Pod Pod Pod Pod Pod Pod Pod Pod

    Service Type: ClusterIP Service Type: LoadBalancer Public ip address: 37.17.208.21 C:> kubectl apply –f leaderboard-service.yaml C:> kubectl apply –f gamingwebapp.yaml 192.168.0.2 192.168.0.1

45. Too many ip-addresses. Now what? I want to access all

    my services through the same ip-address

46. Ingress Pod 10.0.0.1 Pod 10.0.0.2 Pod 10.0.0.3 Service Type: ClusterIP

    Pod 10.0.0.4 Pod 10.0.0.5 Pod 10.0.0.6 Service Type: ClusterIP Pod 10.0.0.7 Pod 10.0.0.8 Pod 10.0.0.9 Service Type: ClusterIP Service Type: LoadBalancer Public ip address: 37.17.208.21 Pod quay.io/kubernetes-ingress-controller/ nginx-ingress-controller:0.15.0 Selector Label: ingresscontroller Label: ingresscontroller Ingress host: gaming. community.cf serviceName: gamingwebapp Ingress host: erp. community.cf serviceName: erpsvc Ingress host: www. community.cf/crm serviceName: crmsvc nginx.conf gaming. matrixproject.cf service: gamingwebapp erp. matrixproject.cf service: erpsvc matrixproject.cf/crm Service: crmsvc Automatically generated Label: erp Label: frontend Label: crm

47. Deployment Replica set Pod Label Rolling update Health check Environment

    variables Secret Resource management Horizontal Pod Autoscaler Namespace Service Ingress Annotation Persistent Volume Cron Job Deamon Set Job Stateful Set Config Map

48. = Kubeflow Azure Dev Spaces Ecosystem Cert manager +

49. Helm Helm is a tool for managing packages of pre-configured

    Kubernetes resources https://github.com/kubernetes/helm Linkerd Logstash Magento Mariadb Mongodb Mssql-linux Mysql Neo4j Newrelic Openvpn Postgresql Presto Prometheus Rabbitmq Redis Selenium Sonarqube Spinnaker Sysdig Tensorflow Traefik Wordpress Artifactory Cert-manager Consul Cassandra Couchdb Datadog Docker-registry Drupal Elasticsearch Ethereum fluentd Gitlab Grafana Hadoop Heapster Jenkins Joomla Kafka Kibana Kong Kubeless Lamp

50. Think ahead. Act now. Kubernetes Ecosystem

51. Think ahead. Act now. Azure Kubernetes Service (AKS) master master

    master worker worker worker AKS 100% managed by Microsoft IaaS managed by Microsoft

52. Starts in seconds No VM Management Billed per second Linux

    and Windows containers Azure Container Instances (ACI) Azure Azure Container Instances (ACI) Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod

53. AKS + ACI AKS 100% managed by Microsoft 100% managed

    by Microsoft worker master master master

54. The future of infrastructure is happening now

55. Wrap up Docker Install applications to a container instead of

    a server Ship containers everywhere Kubernetes in the cloud Deploy your containerized workloads on Kubernetes Brings a clean separation between Dev and Ops Provides scaling, rolling updates, high availability

56. P4l Naber Coding Azure Architect Xpirit Netherlands @pascalnaber http://pascalnaber.wordpress.com https://github.com/pascalnaber/azureserbia