1 Pyxida © 2018 - Reproduction interdite sans autorisation préalable Bordeaux 33000 > France > www.pyxida.io 12 factors Kubernetes Meetup CNCF Bordeaux #2 Etienne Coutaud 11 Décembre 2018

2 Pyxida © 2018 - Reproduction interdite sans autorisation préalable Consultant CaaS @Pyxida Certified Kubernetes Administrator (CKA) https://github.com/etiennecoutaud @etiennecoutaud 2 $ whoami

3 Pyxida © 2018 - Reproduction interdite sans autorisation préalable Bordeaux 33000 > France > www.pyxida.io 01 1 Pod = 1 or n containers

4 Pyxida © 2018 - Reproduction interdite sans autorisation préalable Pods multi containers Designs Patterns cache shard n Sidecar Ambassador Adapter Extend pod function Represent (proxy) Expose and normalize App Log Streaming App Cache Proxy App Monitoring adapter Logs Log aggregator cache shard 1 Monitoring service cache shard 1

5 Pyxida © 2018 - Reproduction interdite sans autorisation préalable Bordeaux 33000 > France > www.pyxida.io 02 Labels everywhere

6 Pyxida © 2018 - Reproduction interdite sans autorisation préalable Labeling for technical and management reasons LabelSelector Label LabelSelector Label Label app=php app=java app=php env=prod type=db app=node env=dev version=1.1

7 Pyxida © 2018 - Reproduction interdite sans autorisation préalable Bordeaux 33000 > France > www.pyxida.io 03 Infrastructure as code Code versionning

8 Pyxida © 2018 - Reproduction interdite sans autorisation préalable Infrastructure as code is code docker pipeline kubernetes pipeline App code (Dockerfile) infrastructure code (*.yml) Image docker Ressource k8s Ressource k8s Ressource k8s Registry cluster k8s build push push apply

9 Pyxida © 2018 - Reproduction interdite sans autorisation préalable Bordeaux 33000 > France > www.pyxida.io 04 Use Service to expose

10 Pyxida © 2018 - Reproduction interdite sans autorisation préalable One service for each use case 10 ClusterIP NodePort LoadBalancer Headless (ClusterIP=None) External

11 Pyxida © 2018 - Reproduction interdite sans autorisation préalable Bordeaux 33000 > France > www.pyxida.io 05 Use Configmaps and Secrets to manage configuration

12 Pyxida © 2018 - Reproduction interdite sans autorisation préalable Configuration as a service Namespace Kubernetes cluster wide configuration configmap.yml secret.yml App configuration configmap.yml secret.yml Devs Admins

13 Pyxida © 2018 - Reproduction interdite sans autorisation préalable Bordeaux 33000 > France > www.pyxida.io 06 Limits and request for resources management

14 Pyxida © 2018 - Reproduction interdite sans autorisation préalable Improve scheduling and protect against fork bomb 250Mo 1 RAM CPU Limits 1GO 2 Request 1 RAM CPU 1,5GO 2

15 Pyxida © 2018 - Reproduction interdite sans autorisation préalable Bordeaux 33000 > France > www.pyxida.io 07 Pods lifecycle

16 Pyxida © 2018 - Reproduction interdite sans autorisation préalable Use deployment to manage pods deployment.yml replicaSet description Pods description $ kubectl apply -f deployment.yml Manage rolling update Manage replicas deployment description

17 Pyxida © 2018 - Reproduction interdite sans autorisation préalable Bordeaux 33000 > France > www.pyxida.io 08 Probes to monitor your pods

18 Pyxida © 2018 - Reproduction interdite sans autorisation préalable Become resilient LivenessProbe ReadinessProbe OK OK KO KO KO OK Set up probes Pod is destroy and restart Pods go out of load balancing pool

19 Pyxida © 2018 - Reproduction interdite sans autorisation préalable Bordeaux 33000 > France > www.pyxida.io 09 Latest is not a version

20 Pyxida © 2018 - Reproduction interdite sans autorisation préalable Build once run everywhere Feature Branch DEV RE7 PPROD PROD myapp myapp myapp myapp myapp 34u67gfx6 dev re7 pprod latest merge/promote promote promote tag/promote v1.0

21 Pyxida © 2018 - Reproduction interdite sans autorisation préalable Bordeaux 33000 > France > www.pyxida.io 10 Pods are stateless (if they dont’ need to be statefull)

22 Pyxida © 2018 - Reproduction interdite sans autorisation préalable What happens if my pod is stateful ? State horizontal scaling State State State round robin

23 Pyxida © 2018 - Reproduction interdite sans autorisation préalable Bordeaux 33000 > France > www.pyxida.io 11 Volumes are mount on a distributed storage system

24 Pyxida © 2018 - Reproduction interdite sans autorisation préalable Kubernetes stateful way architecture 500Mo Distributed storage 1Go 1Go 5Go 10Go 10Go 50Go 3Go 20Go

25 Pyxida © 2018 - Reproduction interdite sans autorisation préalable Bordeaux 33000 > France > www.pyxida.io 12 Mind your code 12 factors app compliant

26 Pyxida © 2018 - Reproduction interdite sans autorisation préalable 12 good practices by Heroku Main factors : ● Use version control system to manage your code ● Expose an healthcheck URL in your app ● Thinks your app stateless ● Use variables environment to configure your app ● Log on stdout/stderr ● Manage graceful shutdown/start

27 Pyxida © 2018 - Reproduction interdite sans autorisation préalable Bordeaux 33000 > France > www.pyxida.io Take Away ! ● Embrace Kubernetes paradigm ● Don’t bring infrastructure complexity into your code ● Think your application “cloud ready” for better management ● Don’t install Kubernetes, Prefer Managed Services if you can ● “Think Big, Start Small” ● Use Kubernetes community

28 Pyxida © 2018 - Reproduction interdite sans autorisation préalable www.pyxida.io Bordeaux 33000 > France > www.pyxida.io