Mohan Pawar, Continuum @mohan08p Location Building Distributed Systems with Kubernetes 

2 Agenda 1. What is Distributed System ? 2. Dev and DevOps Experience 3. Container Evolution 4. Container Orchestration 5. K8s Architecture 

What is Distributed System ? “A collection of independent computers that appear to its users as one computer.” - Andrew Tannenbaum 

Three Characteristics ● The computers operate concurrently ● The computers fail independently ● The computer do not share a global clock 

5 

6 

7 

The Dev people managing infrastructure just want a PaaS. The only requirement is: It has to be build by them 

9 Source: What is kubernetes? 

10 

Containers are future deployment units. 

We must treat the data center itself as one massive warehouse-scale computer 

Kubernetes is a framework for building distributed platforms. 

14 

Microservices Architecture ● Modular ● Easy to deploy ● Scale Independently The Twelve-Factor App 

16 

What is Orchestration ? “The planning or coordination of the elements of a situation to produce a desired effect, especially surreptitiously.” 

18 

19 

Kubernetes Key Concepts Pod: Smallest Unit of Deployment in Kubernetes Replication Controller(Replica Set): A loop that drives the current state to desired state Service: A set of running pods that work together Volumes: Pod level storage and configuration 

Service Discovery 1. ClusterIP (internal) -- the default type means that this Service is only visible inside of the cluster 2. NodePort gives each node in the cluster an externally accessible IP and 3. LoadBalancer adds a load balancer from the cloud provider which forwards traffic from the service to Nodes within it. 

22 

Create Deploy Simulate End Chart Data Source Info Demo Time ● Using Kubernetes Engine to Deploy Apps with Regional Persistent Disks 

Kubernetes ease the Canary and Blue-Green deployments 

Istio ● Policy - Create a policy between the application. ● Observability - Observer the behaviour ● Security - per application instance ● Reliability - consistent performance according to specification “Kubernetes changed how we deploy applications, Istio is going to change how we connect, manage and secure them.” 

Kubernetes Best Practices ● Building smaller containers. ● Organizing many projects with Namespace ● Health checking with Readiness and Liveness Probe ● Mapping external services ● Upgrade a cluster with zero downtime Source: Kubernetes Best Practices 

Security Checklist for K8s ● Scan all your docker images for vulnerability testing ● Use RBAC over ABAC and assign optimum privileges to respective teams. ● Configure a Security Context for a Pod running your service. ● All the service endpoints should be protected. ● The datastore like etcd must be secured. ● Secret keys, encryption keys should be rotated over a period of time. ● Only admin should have access to `kubectl` ● Continuous Monitoring, log aggregation and analysis, etc. 

Kubernetes Roadmap ● Kubernetes ease the deployment and management of containerized application and services. ● Containers, Micro-services, Kubernetes are long way to go. ● Leverage the serverless technology to use resources for smaller period of time. ● It will be great to see kubernetes into ML domain, IoT devices, blockchain technology or even self-driving cars running kubernetes. 

Location Q/A 

Location Thank you! /in/mohan08p @mohan08p