Masaya Aoyama CyberAgent adtech studio Cloud Native࣌୅ʹ͓͚Δ Docker / Kubernetes ʹΑΔ։ൃ Developers Summit 2019 at 02/14 ࢿྉ: http://bit.ly/devsumi 2019 k8s MasayaAoyama @amsy810 Masaya Aoyama CyberAgent adtech studio Cloud Native࣌୅ʹ͓͚Δ Docker / Kubernetes ʹΑΔ։ൃ Developers Summit 2019 at 02/14 MasayaAoyama @amsy810

$58'B@-9C Kubernetes )" ;: Japan Container Days v18.04 Keynote ,(! .+=4 AWS Dev Day TokyoIBM Think Japan CKA #138CKAD #2 Masaya Aoyama (@amsy810) Infrastructure Engineer Co-chair - Cloud Native Days Tokyo B0 Japan Container DaysC Organizer - Cloud Native Meetup Tokyo Organizer - Kubernetes Meetup Tokyo Organizer - KubeCon /1 3! Contribute to OpenStack and Kubernetes 2% KaaS *< / ?7 K8s A>

Kubernetes

Instagramable Kubernetes K

Agenda • Cloud Native and Kubernetes • Microservice and Service Mesh • Container and Docker • Kubernetes Overview • What is doing Kubernetes • Kubernetes is Framework and Distributed System • CI/CD with Kubernetes/Docker • Future of Kubernetes

Cloud Native and Kubernetes What is Kubernetes? What is Cloud Naitve?

CNCF and The Linux Foundation • KubernetesThe Linux Foundation CNCF •

Cloud Native Cloud native technologies empower organizations to build and run scalable applications in modern, dynamic environments such as public, private, and hybrid clouds. Containers, service meshes, microservices, immutable infrastructure, and declarative APIs exemplify this approach. These techniques enable loosely coupled systems that are resilient, manageable, and observable. Combined with robust automation, they allow engineers to make high-impact changes frequently and predictably with minimal toil. The Cloud Native Computing Foundation seeks to drive adoption of this paradigm by fostering and sustaining an ecosystem of open source, vendor-neutral projects. We democratize state-of-the-art patterns to make these innovations accessible for everyone. CNCF Cloud Native Defenition v1.0, CNCF, 2018-11-28 (https://github.com/cncf/toc/blob/master/DEFINITION.md)

Cloud Native8 Cloud native technologies empower organizations to build and run scalable applications in modern, dynamic environments such as public, private, and hybrid clouds. Containers, service meshes, microservices, immutable infrastructure, and declarative APIs exemplify this approach. These techniques enable loosely coupled systems that are resilient, manageable, and observable. Combined with robust automation, they allow engineers to make high-impact changes frequently and predictably with minimal toil. The Cloud Native Computing Foundation seeks to drive adoption of this paradigm by fostering and sustaining an ecosystem of open source, vendor-neutral projects. We democratize state-of-the-art patterns to make these innovations accessible for everyone. CNCF Cloud Native Defenition v1.0, CNCF, 2018-11-28 (https://github.com/cncf/toc/blob/master/DEFINITION.md) • .0 • & • /- • 4* • +3 71 )%5 ($6 "!'2 Open Scalable#,

Kubernetes is key product for Cloud Native Computing Cloud Native Ecosystem

No content

Cloud Native

Microservice and Service Mesh Benefit of Microservice and Service Mesh • • • • •

Microservice Architecture ProductPage Reviews Details Ratings HTTP/gRPC HTTP/gRPC HTTP/gRPC Bookinfo Application, Istio, 2018-11-28 (https://istio.io/docs/examples/bookinfo/)

%' )#!D@X_71T gRPC, REST N%' )#!cS 2 )#!@X_7UJ<f "$'9A : CT/*"$'1T f^=eO4; 6YBbK-^ 2`aG7%' )#!bK,+?M CT\-E[L !)&(9A G7CT!)&( .IV d8,+F0 G7CTd8Z 53 R] H> )#!PQW Benefit of Microservice Golang Java Scala gRPC REST

%' )#!D@X_71T gRPC, REST N%' )#!cS 2 )#!@X_7UJ<f "$'9A : CT/*"$'1T f^=eO4; 6YBbK-^ 2`aG7%' )#!bK,+?M CT\-E[L !)&(9A G7CT!)&( .IV d8,+F0 G7CTd8Z 53 R] H> )#!PQW Developer Benefit of Microservice

%' )#!D@X_71T gRPC, REST N%' )#!cS 2 )#!@X_7UJ<f "$'9A : CT/*"$'1T f^=eO4; 6YBbK-^ 2`aG7%' )#!bK,+?M CT\-E[L !)&(9A G7CT!)&( .IV d8,+F0 G7CTd8Z 53 R] H> )#!PQW Benefit of Microservice

%' )#!D@X_71T gRPC, REST N%' )#!cS 2 )#!@X_7UJ<f "$'9A : CT/*"$'1T f^=eO4; 6YBbK-^ 2`aG7%' )#!bK,+?M CT\-E[L !)&(9A G7CT!)&( .IV d8,+F0 G7CTd8Z 53 R] H> )#!PQW Benefit of Microservice

%' )#!D@X_71T gRPC, REST N%' )#!cS 2 )#!@X_7UJ<f "$'9A : CT/*"$'1T f^=eO4; 6YBbK-^ 2`aG7%' )#!bK,+?M CT\-E[L !)&(9A G7CT!)&( .IV d8,+F0 G7CTd8Z 53 R] H> )#!PQW Benefit of Microservice

500+ microservices The Case of Chaos, Bruce Wong, 2014-12-19, (https://www.slideshare.net/BruceWong3/the-case-for-chaos) The History of the Service Mesh, The New Stack, 2018-2-13, (https://thenewstack.io/history-service-mesh/)

500+ microservices The Case of Chaos, Bruce Wong, 2014-12-19, (https://www.slideshare.net/BruceWong3/the-case-for-chaos) The History of the Service Mesh, The New Stack, 2018-2-13, (https://thenewstack.io/history-service-mesh/) Can we get Observability?

Service Mesh Architecture (generally) • Microservice • Microservice with Service Mesh Proxy App a Proxy App b Proxy App c App a App b App c

Service Mesh • Microservice Proxy App a Proxy App b Proxy App c

Service Mesh • Traffic Shifting (ex, Canary release) Proxy App a Proxy App b1 Proxy App b2 99 % 1 %

Service Mesh • Circuit Break • Fault Injection • Rate Limit • Retry • mTLS Proxy App a Proxy App b Proxy App c #%!$ &) , *'( +")

Microservice / Service Mesh Microservice.H:LB7&=, 2O16()FPN0Q Service Mesh #@ … • Microservice M )I;5C 9J K!$3/> 8*(/> • AE+ • 4"% • D? • )I; • -< G'(

Micro Service VM …

Container / Docker Benefit of Container / Docker • • •

Container System Container • KVMXen • init Application Container • •

Docker • Docker4%Application Container .71-+8$! • #DevOps/# 2: /3 6)*5 • 0, Moby" &9 # containerd ('

Dockerfile Docker Image FROM centos:7 RUN yum -y install epel-release RUN yum -y install nginx COPY nginx.conf /etc/nginx/ ENTRYPOINT ["nginx", "-g", "daemon off;"] Build Once, Run Anywhere Docker Image Dockerfile

$ docker build . -t sample-image Sending build context to Docker daemon 252.9kB Step 1/5 : FROM centos:7 ---> 75835a67d134 75835a67d134 sample-image

$ docker build . -t sample-image Sending build context to Docker daemon 252.9kB Step 1/5 : FROM centos:7 ---> 75835a67d134 Step 2/5 : RUN yum -y install epel-release ---> Running in 9db248fc7b9a ... Removing intermediate container 9db248fc7b9a ---> 2fe5a7f8c007 75835a67d134 2fe5a7f8c007 sample-image

$ docker build . -t sample-image Sending build context to Docker daemon 252.9kB Step 1/5 : FROM centos:7 ---> 75835a67d134 Step 2/5 : RUN yum -y install epel-release ---> Running in 9db248fc7b9a ... Removing intermediate container 9db248fc7b9a ---> 2fe5a7f8c007 Step 3/5 : RUN yum -y install nginx ---> Running in 0547bd920b0a ... Removing intermediate container 0547bd920b0a ---> 843b47a96c5e 75835a67d134 2fe5a7f8c007 843b47a96c5e sample-image

$ docker build . -t sample-image Sending build context to Docker daemon 252.9kB Step 1/5 : FROM centos:7 ---> 75835a67d134 Step 2/5 : RUN yum -y install epel-release ---> Running in 9db248fc7b9a ... Removing intermediate container 9db248fc7b9a ---> 2fe5a7f8c007 Step 3/5 : RUN yum -y install nginx ---> Running in 0547bd920b0a ... Removing intermediate container 0547bd920b0a ---> 843b47a96c5e Step 4/5 : COPY nginx.conf /etc/nginx/ ---> fe63b2d4c95d 75835a67d134 2fe5a7f8c007 843b47a96c5e fe63b2d4c95d sample-image

$ docker build . -t sample-image Sending build context to Docker daemon 252.9kB Step 1/5 : FROM centos:7 ---> 75835a67d134 Step 2/5 : RUN yum -y install epel-release ---> Running in 9db248fc7b9a ... Removing intermediate container 9db248fc7b9a ---> 2fe5a7f8c007 Step 3/5 : RUN yum -y install nginx ---> Running in 0547bd920b0a ... Removing intermediate container 0547bd920b0a ---> 843b47a96c5e Step 4/5 : COPY nginx.conf /etc/nginx/ ---> fe63b2d4c95d Step 5/5 : ENTRYPOINT ["nginx", "-g", "daemon off;"] ---> Running in 876ee4d29339 Removing intermediate container 876ee4d29339 ---> b5068171c053 75835a67d134 2fe5a7f8c007 843b47a96c5e fe63b2d4c95d b5068171c053 sample-image

Docker • • Read Write • Read Only

5: ENTRYPOINT [”/usr/sbin/nginx", "-g", "daemon off;"] 5: ENTRYPOINT [”nginx", "-g", "daemon off;"]

Ref: https://docs.docker.com/develop/develop-images/dockerfile_best-practices/ Ref: https://12factor.net/ B*=C Part of Docker Container Best Practice • @(1 • "3< $1BImmutable InfrastructureC • A;8, / 4:8,+" !'9 • #0> !& • 59)?.%8,-2 / 7 • 6 • etc

Container / Docker VM0… • #(+. • 7':8 • ##, • /6 %9;=">=!< • Immutable Infrastructure *1 • 35) • -$& • 42

Kubernetes Overview Promote Cloud Native • • • • •

Docker Swarm mode Container Orchestration Engine

Container Orchestration Engine (4/0 • 3*Docker2/ • # $ # • $ # / $ $ # • "$ # $ • #-.15 • 6&+!$ # • $ • "$# # • $,')%2/

Container Orchestration Engine CYOP • XE Docker*" SO • 1 $ ,2.1 • 2.1 / 2"2.1 • 02.1)!2" • 1 $ KLRZ • ^>F /(&2.1 • 2'!%. • 02#%-11 • !2J?D; SO Container Orchestration Engine CYOP • QT9 + • B34 • SO • 8[M • :NW67_U IA \H@] 54 =

CNCFStandardization 01. " (!) OCI v1.0 02. # CRI 03. # CSI 04. # CNI

Kubernetes Docker Kubernetes • CRI • docker • cri-o • containerd OCI • runC • gVisor • Kata Containers • Nabla Containers • Firecracker # )! '( $"&%

What is doing Kubernetes? Declarative Code & APIs Self-Healing Automation & Immutable Infrastructure

Kubernetes Design Principles, Kubernetes Community, 2017-11-04 (https://github.com/kubernetes/community/blob/master/contributors/design-proposals/architecture/principles.md) 02 03 01 Self Healing ) #" Automation & Immutable Infrastructure Immutable Infrastructure& # Declarative Code & API Manifests$" %'API !( Infrastructure as Code

Declarative Code and APIs Developer Register YAML Manifest Kubernetes Cluster Manifests API Infrastructure as Code $ kubectl apply –f manifest.yaml

Pod

Load Balancer

ReplicaSet Self-Healing • ReplicaSet Replica • = Node Node

ReplicaSet Rolling Update (Automation) • #%"$ /) • $!% % • Immutable Infrastructure • #%"$ .& Load Balancer Developer (, '* Deployment+-

ReplicaSet Rolling Update (Automation) • • • Immutable Infrastructure • Load Balancer

ReplicaSet Rolling Update (Automation) • • • Immutable Infrastructure • Load Balancer

ReplicaSet Rolling Update (Automation) • • • Immutable Infrastructure • Load Balancer

Key points • KubernetesGoogle=/A3. + #(&$,'Borg%,OSS1 → ;*,),"25<>1 ?01846 • 7@1 $!*,9-YAML: → Infrastructure EngineerBOpsC. Server-side Engineer BDevC.

Kubernetes is Framework and Distributed System Custom Resource Definition

Kubernetes Developer

Kubernetes Developer !!! ! !

Kubernetes Developer !$ % % %%% 1. " 2. # 3. → Control Loop

… Developer -1 0+) &' ) ! ) 1. +*# .( 2. +*#,"*# %/ 3. , $ → Control Loop

ReplicaSet *2+ Developer 18 Pod (36 #4 $Pod '9 Pod '9 1. / .&5- 2. / .&0%.&,7 3. " ! 0 ) → Control Loop

Custom Resource Definition Developer 1. 2. 3. → Control Loop

Custom Resource Definition Developer

Custom Resource Definition Developer Kubernetes Pod Queue

Kubernetes is more extensible C A D C DBC B DA C A C A A F A D2 F C C BB & A BB C A C A C DBC A & A C 2 A CB A A A & B A AD B &B C D C C DC C C 2 Kubernetes Boring Kubernetes

Kubernetes is more extensible B C B CAB A C 2 B B AA & AA 2F B B B D CAB & D 2 B 2BA D 2 & A C A2 &A B C B B 2F CB B B

CI/CD with Kubernetes / Docker How to build a CI/CD Pipelines?

GitOps Overview CI CD Kubernetes D Developer GitOps, Weaveworks, 2018-11-28 (https://www.weave.works/technologies/gitops/)

GitOps – PR CD Kubernetes

GitOps - Staging (staging) CI CD Staging D Developer staging branch master branch (production) Production

GitOps - Production (staging) CI CD D Developer staging branch master branch (production) Staging Production

GitOps (staging) CI CD Developer staging branch master branch (production) Staging T Production R R S !$%& # " $ E E R R S ""%& !%&

Future of Kubernetes Kubernetes is becoming de-facto standard in the future?

KubeCon + CloudNativeCon KubeCon + CloudNativeCon Barcelona 2019 Call for Proposals (CFP) Is Open, CNCF, 2018-11-28 (https://www.cncf.io/blog/2018/11/16/kubecon-barcelona-2019-call-for-proposals-cfp-is-open/)

Google Kubernetes Engine Managed Kubernetes Serivce Azure Kubernetes Service 2014-11 2017-02 2017-11 Amazon Elastic Container Service for Kubernetes

Kubernetes for Enterprise • Monzo Bank • Kubernetes + Linkerd (Service Mesh) Building a Modern Bank Backend, Monzo Bank Ltd, 2018-11-28 (https://monzo.com/blog/2016/09/19/building-a-modern-bank-backend/)

CNCFStandardization 01. " (!) OCI v1.0 02. # CRI 03. # CSI 04. # CNI

CNCF Community Presentation, CNCF, 2018 (https://github.com/cncf/presentations)

Kubernetes

3 I H uNs P /D 6 IBK c a io sy P 0 C 1 DD 3 I H W3 I HS M 3 I H & 72 uNs C ID 9 CD H uNs 0BH K L 4 uNs / B 8I uNs /D HI uNs 5 I I uNs uNs N snN s h l o y f fl y s N snr N tk ye & hs c N uNsu ghd v o y /2 /0 fl N s 8 KB 5 HA 3 I H dNkyl 3 I H b

https://bit.ly/cndt2019cfp Cloud Native Days Tokyo : Japan Container Days @amsy810 CFP

Thank you for your attention follow me: @amsy810