Minimum Viable
Kubernetes
Noah Kantrowitz - coderanger.net - March 10, 2023
SCaLE Kubernetes Community Day 2023 1
Slide 2
Slide 2 text
NOAH KANTROWITZ
» He/him
» coderanger.net | cloudisland.nz/@coderanger
» Kubernetes (ContribEx) and Python (webmaster@)
» SRE/Platform for Geomagical Labs, part of IKEA
» We do CV/AR for the home
SCaLE Kubernetes Community Day 2023 2
Slide 3
Slide 3 text
WHAT IS KUBERNETES?
“An open-source system for automating deployment,
scaling, and management of containerized applications.”
SCaLE Kubernetes Community Day 2023 3
Slide 4
Slide 4 text
YES
BUT ACTUALLY NO
SCaLE Kubernetes Community Day 2023 4
Slide 5
Slide 5 text
KUBERNETES AS AN API
» POSIX - 1988 - Unix-like OS functions
» CFEngine - 1993 - Desired state configuration
» Puppet/Chef/Salt/Ansible - 2005-2012 - More!
» Terraform - 2014 - Same but for infra
» Kubernetes - 2014 - All of the above
SCaLE Kubernetes Community Day 2023 5
Slide 6
Slide 6 text
GET /apis/v1/namespaces/default/pods
SCaLE Kubernetes Community Day 2023 6
Slide 7
Slide 7 text
MODULARITY
» Tool A cares about load balancers
» Tool B also cares about load balancers
» A and B don't have to know about each other
SCaLE Kubernetes Community Day 2023 7
Slide 8
Slide 8 text
SHOULD I USE IT?
SCaLE Kubernetes Community Day 2023 8
Slide 9
Slide 9 text
SHOULD I USE IT?
“Only for big and/or complex systems with lots of
microservices and lots of developers and [insert more
marketing buzzwords here].”
SCaLE Kubernetes Community Day 2023 9
Slide 10
Slide 10 text
SHOULD I USE IT?
“Only for big and/or complex systems with lots of
microservices and lots of developers and [insert more
marketing buzzwords here].”
Yes! (Probably!)
SCaLE Kubernetes Community Day 2023 10
Slide 11
Slide 11 text
WHY NOT ...?
» Docker? Not convergent itself
SCaLE Kubernetes Community Day 2023 11
Slide 12
Slide 12 text
WHY NOT ...?
» Docker? Not convergent itself
» Docker Compose? Tricky for remote use, not extensible
SCaLE Kubernetes Community Day 2023 12
Slide 13
Slide 13 text
WHY NOT ...?
» Docker? Not convergent itself
» Docker Compose? Tricky for remote use, not extensible
» Ansible/Terraform? Intermittent convergence
SCaLE Kubernetes Community Day 2023 13
Slide 14
Slide 14 text
WHY NOT ...?
» Docker? Not convergent itself
» Docker Compose? Tricky for remote use, not extensible
» Ansible/Terraform? Intermittent convergence
» ECS/Fargate/Cloud Run? Expensive, vendor lock-in
SCaLE Kubernetes Community Day 2023 14
Slide 15
Slide 15 text
WHY NOT ...?
» Docker? Not convergent itself
» Docker Compose? Tricky for remote use, not extensible
» Ansible/Terraform? Intermittent convergence
» ECS/Fargate/Cloud Run? Expensive, vendor lock-in
» Lambda/FaaS? More lock-in and limited architecture
SCaLE Kubernetes Community Day 2023 15
Slide 16
Slide 16 text
REALLY?
» Room to grow is important
» Prototypes are forever, we all know this
» PaaS and FaaS platforms are high-quality but limited
SCaLE Kubernetes Community Day 2023 16
Slide 17
Slide 17 text
DRAMATIS PERSONA
» Small team, definitely single pizza
» New monolith web app or 2-3 services
» MVP or a small standalone product
» No ops team, probably just one "full stack" team
» Cost sensitive but not shoestring
SCaLE Kubernetes Community Day 2023 17
Slide 18
Slide 18 text
WHY SHOULD I?
» Start small but grow with your project
» Huge ecosystem of tools
» Modular design means you swap components later
» High-level APIs let you code only what you care about
» Avoid the future lift-and-shift
SCaLE Kubernetes Community Day 2023 18
Slide 19
Slide 19 text
BUT HOW CAN I?
“Isn't Kubernetes really hard?”
SCaLE Kubernetes Community Day 2023 19
Slide 20
Slide 20 text
BUT HOW CAN I?
“Isn't Kubernetes really hard?”
It doesn't have to be!
SCaLE Kubernetes Community Day 2023 20
Slide 21
Slide 21 text
TL;DW USE K3S
» Friendly fork of Kubernetes, mini all-in-one installer
» Curlbash for systemd or k3d for existing Docker
» Defaults to SQLite for easy single-node
» But supports Postgres and MySQL too
» That VPS server you were going to use? Install k3s first
SCaLE Kubernetes Community Day 2023 21
Slide 22
Slide 22 text
HOSTED OPTIONS?
SCaLE Kubernetes Community Day 2023 22
Slide 23
Slide 23 text
90% IS IGNORABLE
» You need Deployments, Pods
» And Services, Ingresses
» No really, that's it
SCaLE Kubernetes Community Day 2023 23
Slide 24
Slide 24 text
HOW TO GET STARTED
» Do it however you would without Kubernetes
» But on Kubernetes
» Does the thing have Docker install instructions? Done
» Is there a community Docker Hub image? Use it
» Find a guide with apt-get install something?
Copy that into a Dockerfile and roll with it
SCaLE Kubernetes Community Day 2023 24
Slide 25
Slide 25 text
ASIDE: DOING THINGS POORLY
IT'S OKAY!
SCaLE Kubernetes Community Day 2023 25
Slide 26
Slide 26 text
THE TRIFECTA
» Workloads - running stuff
» Networking - connecting stuff
» Storage - keeping stuff
SCaLE Kubernetes Community Day 2023 26
Slide 27
Slide 27 text
WORKLOADS
» Running stuff on your servers!
» Pod == a running container somewhere
» Yes Pods have a million more options but simple for
now
» Deployments == run N copies of a Pod
» N is frequently 1, that's okay
SCaLE Kubernetes Community Day 2023 27
Slide 28
Slide 28 text
WORKLOADS
» StatefulSets? DaemonSets? Jobs? Later!
» CronJobs? Maybe, if you need them
» apt-get install cron works too!
SCaLE Kubernetes Community Day 2023 28
Slide 29
Slide 29 text
KUBECTL RUN
» YAML Engineering?
» kubectl run redis --image=redis
» --port 1234 - expose a port
» --env "FOO=bar" - set environment variables
» --replicas 5 - run multiple copies
SCaLE Kubernetes Community Day 2023 29
Slide 30
Slide 30 text
MINIMUM VIABLE MANIFESTS
apiVersion: apps/v1
kind: Deployment
metadata:
name: myapp
SCaLE Kubernetes Community Day 2023 30
Slide 31
Slide 31 text
MINIMUM VIABLE MANIFESTS
spec:
selector:
matchLabels:
app: myapp
template:
metadata:
labels:
app: myapp
SCaLE Kubernetes Community Day 2023 31
NETWORKS!
» Inside vs Outside
» Inside -> Inside - easy, flat network, just need DNS
» Inside -> Outside - outgoing traffic, default allow
» Outside -> Inside - the spicy one
SCaLE Kubernetes Community Day 2023 34
Slide 35
Slide 35 text
INTERNAL NETWORK
» Flat network, don't ask how
» Do you care what a CNI is? NOPE!
» Everything is open but dynamic IPs
» Need DNS to help things find each other
SCaLE Kubernetes Community Day 2023 35
Slide 36
Slide 36 text
SERVICES
apiVersion: v1
kind: Service
metadata:
name: myapp
spec:
selector:
app: myapp
ports:
- port: 8000
SCaLE Kubernetes Community Day 2023 36
Slide 37
Slide 37 text
POKING HOLES
» Ingress - HTTP(S), you already have it
» Load Balancer - any TCP/UDP port, cloud vs. on-prem
» Node Port - works anywhere, weird, avoid
SCaLE Kubernetes Community Day 2023 37
GETTING THE IP
$ kubectl describe ingress myapp
Name: myapp
Address: 40.155.110.208
...
SCaLE Kubernetes Community Day 2023 39
Slide 40
Slide 40 text
SERVICE MESH?
SCaLE Kubernetes Community Day 2023 40
Slide 41
Slide 41 text
DATA DATA EVERYWHERE
BUT NOT A DROP TO DRINK
SCaLE Kubernetes Community Day 2023 41
Slide 42
Slide 42 text
STORAGE OPTIONS
» Don't - hosted databases, object storage
» Host files - store things in a folder, like we used to
» Cloud volumes - what the vendor wants you to use
SCaLE Kubernetes Community Day 2023 42
Slide 43
Slide 43 text
HOST PATH
containers:
- name: postgres
image: postgres
volumeMounts:
- path: /var/lib/postgresql/data
name: data
volumes:
- name: data
hostPath:
path: /pgdata
SCaLE Kubernetes Community Day 2023 43
Slide 44
Slide 44 text
MORE SERVERS, MORE PROBLEMS
containers:
- name: postgres
image: postgres
nodeName: mynode1
$ kubectl get nodes
SCaLE Kubernetes Community Day 2023 44
USING A CLAIM
containers:
- name: postgres
image: postgres
volumeMounts:
- path: /var/lib/postgresql/data
name: data
volumes:
- name: data
persistentVolumeClaim:
claimName: myapp-storage
SCaLE Kubernetes Community Day 2023 46
Slide 47
Slide 47 text
CLOUD VOLUMES
» CSI - container storage interface
» There's a lot of cloud and storage vendors
» Take the problem and push it somewhere else
» Vendors can own their plugin
» Cloud controllers?
SCaLE Kubernetes Community Day 2023 47
Slide 48
Slide 48 text
NON-CLOUD CLOUD
» Longhorn
» Rook? (Ceph)
» OpenEBS?
» Lots more
SCaLE Kubernetes Community Day 2023 48
Slide 49
Slide 49 text
KUBECTL ROUND 2: FIGHT
» kubectl apply - the important one
» kubectl get - list things
» kubectl describe - show details
» kubectl delete - what it sounds like
SCaLE Kubernetes Community Day 2023 49
Slide 50
Slide 50 text
kubectl apply -f
SCaLE Kubernetes Community Day 2023 50
Slide 51
Slide 51 text
KUBECTL []
» kubectl get pods - list all pods
» kubectl get service myapp - list a single service
» kubectl describe service myapp - details on one
» kubectl delete pod myapp-5d5d5fc579-6kl82
» kubectl delete -f myapp.yaml
SCaLE Kubernetes Community Day 2023 51
Slide 52
Slide 52 text
WHAT I'VE LEFT OUT
A lot!
SCaLE Kubernetes Community Day 2023 52
Slide 53
Slide 53 text
THE USUAL SUSPECTS
» Multi-server availability (Pod anti-affinities)
» Secrets management (Secrets, sealed-secrets)
» Access control (RBAC)
» Monitoring and alertings (Prometheus and Grafana)
SCaLE Kubernetes Community Day 2023 53
Slide 54
Slide 54 text
WHAT ABOUT THE FANCY FEATURES?
SCaLE Kubernetes Community Day 2023 54
Slide 55
Slide 55 text
START SMALL
GROW AS NEEDED
SWAP COMPONENTS
NEVER STOP LEARNING
SCaLE Kubernetes Community Day 2023 55
Slide 56
Slide 56 text
I'M HIRING - ML OPS
MORE INFO AT GEOMAGICAL.COM
SCaLE Kubernetes Community Day 2023 56
Slide 57
Slide 57 text
THANK YOU
QUESTIONS?
SCaLE Kubernetes Community Day 2023 57
Slide 58
Slide 58 text
» Intro
» What is Kubernetes
» Is it all just hype? No
» Systems as APIs
» POSIX
» Salt/Ansible/Chef/Puppet
» Kubernetes
SCaLE Kubernetes Community Day 2023 58