Slide 1

Slide 1 text

Kubernetes für Entwickler und Architekten Thorsten Hans @ThorstenHans Consultant

Slide 2

Slide 2 text

Focus: Cloud Native & Infrastructure as Code Consultant @ Thinktecture AG thorsten.hans@thinktecture.com thorsten.hans@gmail.com thinktecture.com thorsten-hans.com @ThorstenHans Thorsten Hans

Slide 3

Slide 3 text

Talking Points Intro Running Applications Adopting Platform Capabilities Exposing Applications to the public

Slide 4

Slide 4 text

Open-Source Container Orchestrator § Initially founded by Google / now maintained by CNCF § Successor of Google’s Borg § Original Codename Seven1 § Greek for pilot or helmsman of a ship § Written in go 1 - https://en.wikipedia.org/wiki/Seven_of_Nine Kubernetes

Slide 5

Slide 5 text

What is Kubernetes § Container Orchestrator § Runs Containers § Takes care about Networking / Isolation of workloads § Abstracts hardware from developers § Cloud-Agnostic § Container Lifecycle Management § Deployment, Rolling Upgrades, Scaling, Load-Balancing Kubernetes

Slide 6

Slide 6 text

Kubernetes Master Kubernetes Node Pool 1 Kubernetes Worker Node Kubernetes Worker Node Birds-View Kubernetes Architecture

Slide 7

Slide 7 text

Kubernetes Master Kubernetes Node Pool 1 Kubernetes Worker Node Kubernetes Worker Node Birds-View Kubernetes Architecture Kubernetes Node Pool 2 Kubernetes Worker Node Kubernetes Worker Node

Slide 8

Slide 8 text

Kubernetes Master Kubernetes Node Pool 1 Kubernetes Worker Node Kubernetes Worker Node Birds-View Kubernetes Architecture Kubernetes Node Pool 2 Kubernetes Worker Node Kubernetes Worker Node

Slide 9

Slide 9 text

Kubernetes Master Kubernetes Node Pool 1 Kubernetes Worker Node Kubernetes Worker Node Birds-View Kubernetes Architecture Kubernetes Node Pool 2 Kubernetes Worker Node Kubernetes Worker Node Azure Container Instances

Slide 10

Slide 10 text

Hosting Opportunities § Public cloud offerings § Azure § Amazon AWS § Google Compute Cloud § Digital Ocean § On-Premisses datacenter § Locally § Kind, microk8s, minikube, … Kubernetes Cluster

Slide 11

Slide 11 text

Creating a Kubernetes Cluster in Azure / locally - Create a new Kubernetes Cluster in Azure using Azure CLI - Create a new Kubernetes Cluster locally using Kind - Install Kubectl locally Demo

Slide 12

Slide 12 text

Talking Points Intro Running Applications Adopting Platform Capabilities Exposing Applications to the public

Slide 13

Slide 13 text

Kubernetes Core Capabilities § Pod is the smallest unit of work in Kubernetes § 1 Pod can contain multiple Docker Containers § All containers of a Pod run on the same host § More complex and powerful variations are ReplicaSets and Deployments Running Applications

Slide 14

Slide 14 text

Running Applications in Kubernetes - Pod Spec - Deployment Spec - General kubectl operations Demo

Slide 15

Slide 15 text

Talking Points Intro Running Applications Adopting Platform Capabilities Exposing Applications to the public

Slide 16

Slide 16 text

ConfigMaps and Secrets § Inject configuration values into your application containers § For sensitive values consider using Kubernetes Secrets § Simple Key-Value storage principles § Kuberentes Secrets are just encoded Adopting Platform Capabilities

Slide 17

Slide 17 text

Ressource Requests and Limits § Specify minimal requirements per container § Specify maximum resource utilization per container § Mandatory for each piece of the overall application, deployed to a Kubernetes cluster Adopting Platform Capabilities

Slide 18

Slide 18 text

Readiness and Liveness Probes § Let Kubernetes monitor and heal your applications § Probes support different approaches to verify application health § HTTP § TCP § Process Execution Adopting Platform Capabilities

Slide 19

Slide 19 text

Adopting Platform Capabilities - Create Secrets and ConfigMaps - Use Secrets and ConfigMaps - Add support for Health Probes - Define Resource Requests and Limits Demo

Slide 20

Slide 20 text

Talking Points Intro Running Applications Adopting Platform Capabilities Exposing Applications to the public

Slide 21

Slide 21 text

Ingress § Ingress Controllers route requests from the internet § NGINX Ingress is an open-source Ingress Controller § Ingress declarations specify routing § Ingress Controller routes traffic Exposing Applications to the public

Slide 22

Slide 22 text

CertManager § Use CertManager to provide SSL certificates § Flexible, cluster-wide certificate management solution § Issues certificates to services § Support for § ACME (Let's Encrypt) § HashiCorp Vault § Venafi § self signed and internal certificate authorities. Exposing Applications to the public

Slide 23

Slide 23 text

Exposing Applications to the public - Install NGINX Ingress - Install CertManager - Create Ingress definitions - Request SSL certificate from Let’s Encrypt Demo