Tweet
Tweet

Slide 1

Slide 1 text

Kubernetes & service mesh Huynh Quang Thao Trusting Social

Slide 2

Slide 2 text

What is the Kubernetes

Slide 3

Slide 3 text

Traditional to Modern

Slide 4

Slide 4 text

Traditional to Modern

Slide 5

Slide 5 text

Containers are great • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable •Isolation. •Immutability •EfBicient resource utilization. •Lightweight •Portable

Slide 6

Slide 6 text

Containers are great but… • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable •Isolation. •Immutability •EfBicient resource utilization. •Lightweight •Portable But … •Dozens, even thousands of containers over time. •How to manage/deploy/connected/updated ? •Integrate and orchestrate these modular parts •Provide communication across a cluster •Make them fault tolerant

Slide 7

Slide 7 text

Docker orchestration • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable

Slide 8

Slide 8 text

Kubernetes comes to help • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable • Desire state management. • Resilience. • Automate roll-out and roll-back. • Elastic. • Cloud-agnostic. • EfBicient resource management. • Abstract infrastructure layer. •

Slide 9

Slide 9 text

Core Components

Slide 10

Slide 10 text

Pod • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container • The smallest and simplest unit in the k8s object model

Slide 11

Slide 11 text

Pod • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container • The smallest and simplest unit in the k8s object model • Each pod will have a unique internal IP address. 10.1.1.1

Slide 12

Slide 12 text

Pod • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container • The smallest and simplest unit in the k8s object model • Each pod will have a unique internal IP address. • There are many containers in one single pod. 10.1.1.1 Container

Slide 13

Slide 13 text

Pod • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container • The smallest and simplest unit in the k8s object model • Each pod will have a unique internal IP address. • There are many containers in one single pod. • Containers in pods share network namespace, volume 10.1.1.1 Container 3000 3306 10.1.1.1:3000 10.1.1.1:3306

Slide 14

Slide 14 text

Pod • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container • The smallest and simplest unit in the k8s object model • Each pod will have a unique internal IP address. • There are many containers in one single pod. • Containers in pods share network namespace, volume 10.1.1.1 Container 3000 3000

Slide 15

Slide 15 text

Pod • The smallest and simplest unit in the k8s object model • Each pod will have a unique internal IP address. • There are many containers in one single pod. • Containers in pods share network namespace, volume • Pods are logical hosts and behave much like VMs • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306

Slide 16

Slide 16 text

Pod • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 • There are many pods in the system.

Slide 17

Slide 17 text

Pod • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 • There are many pods in the system. • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.3 Container 8000 5432 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.4 Container 8000 5432

Slide 18

Slide 18 text

Pod • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 • There are many pods in the system. • Containers in the same pod are guaranteed schedule together • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.3 Container 8000 5432 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.4 Container 8000 5432

Slide 19

Slide 19 text

Pod • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3306 5432 • There are many pods in the system. • Containers in the same pod are guaranteed schedule together ==> The smallest and simplest unit in the k8s object model • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.3 Container 3000 8000 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.4 Container 8000 5432

Slide 20

Slide 20 text

Node • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 • There are many pods in the system.

Slide 21

Slide 21 text

Node • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 • There are many pods in the system. • Many pods will be inside one node.

Slide 22

Slide 22 text

Node • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 • There are many pods in the system. • Many pods will be inside one node. • A node maybe a physical VM or physical machine. Compute Engine Droplet EC2 17.5.7.8

Slide 23

Slide 23 text

• Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.3 Container 8000 5432 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.4 Container 8000 5432 • Might be same type of pods in the same node

Slide 24

Slide 24 text

• Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.3 Container 8000 5432 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.4 Container 8000 5432 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.3 Container 8000 5432 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.4 Container 8000 5432 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 • Might be same type of pods in the same node • Different types of pods in the same node

Slide 25

Slide 25 text

Node • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.3 Container 8000 5432 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.4 Container 8000 5432 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.4 Container 8000 5432 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 Depends on: • node’s resource availability • pod’s resource requirements (explain later)

Slide 26

Slide 26 text

Replica Set replicas: 3 template: • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.3 Container 3000 3306

Slide 27

Slide 27 text

Replica Set replicas: 3 template: • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.3 Container 3000 3306

Slide 28

Slide 28 text

Replica Set replicas: 3 template: • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.3 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.4 Container 3000 3306

Slide 29

Slide 29 text

Deployment replicas: 2 template: Manages Replica Set state transitions Deployment replicas: 2 template: • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306

Slide 30

Slide 30 text

Deployment replicas: 3 template: Deployment • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 replicas: 3 template: • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 replicas: 2 template: Declarative over Imperative

Slide 31

Slide 31 text

Deployment replicas: 2 template: Manages Replica Set state transitions Deployment replicas: 3 template: replicas: 2 template: • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 replicas: 2 template:

Slide 32

Slide 32 text

Deployment replicas: 2 template: Update can be: • rolling update • recreate Deployment replicas: 2 template: • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.3 Container 8000 5432 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.4 Container 5432 replicas: 2 template: replicas: 3 template:

Slide 33

Slide 33 text

Deployment replicas: 2 template: Manages Replica Set state transitions Deployment replicas: 3 template: replicas: 2 template: • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 Rollback replicas: 2 template:

Slide 34

Slide 34 text

Pod ... again • Each pod has its own IP address • Pods are expected to be stateless • New Pod will have the new IP Node: 8GB RAM Node: 8GB RAM 4GB RAM 5 GB RAM 2 GB RAM Node: 8GB RAM Node: 8GB RAM 4GB RAM 5 GB RAM 2 GB RAM 5 GB RAM

Slide 35

Slide 35 text

Service Login Service 10.10.2.3 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.3 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.4 Container 8000 5432 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 • Each service is assigned unique IP which is unchanged • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306

Slide 36

Slide 36 text

Service Login Service 10.10.2.3 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.3 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.4 Container 8000 5432 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 app=credit version=v1 app=fraud version=v1 app=fraud version=v1 • Each service is assigned unique IP which is unchanged • Each pod is assigned some labels • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 app=fraud version=v1

Slide 37

Slide 37 text

Service Login Service 10.10.2.3 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.3 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.4 Container 8000 5432 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 app=credit version=v1 app=fraud version=v1 app=fraud version=v1 match label app=fraud • Each service is assigned unique IP which is unchanged • Each pod is assigned some labels • Service rules using label matching • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 app=fraud version=v1

Slide 38

Slide 38 text

Service Login Service 10.10.2.3 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.3 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.4 Container 8000 5432 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 app=credit version=v1 app=fraud version=v1 app=fraud version=v1 match label app=fraud • Each service is assigned unique IP which is unchanged • Each pod is assigned some labels • Service rules using label matching • Randomly select a single pod that matches the rule • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 app=fraud version=v1

Slide 39

Slide 39 text

Service Login Service 10.10.2.3 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.3 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.4 Container 8000 5432 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 app=credit version=v1 app=fraud version=v1 app=fraud version=v1 match label app=fraud • Each service is assigned unique IP which is unchanged • Each pod is assigned some labels • Service rules using label matching • Randomly select a single pod that matches the rule • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 app=fraud version=v1

Slide 40

Slide 40 text

General pictures label matching label matching label matching service Deployment label a label b ReplicaSet label a label b Pods label a label b Services label a label b

Slide 41

Slide 41 text

DaemonSets • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 116.109.65.208 116.109.65.210 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.4 Container 8000 5432

Slide 42

Slide 42 text

DaemonSets • Ensure nodes run a copy of a Pod • Example: • a log collector • a resource monitor • Kube proxy • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.4 Container 8000 5432 116.109.65.208 116.109.65.210 Container 10.1.1.3 9600 Container 10.1.1.5 9600

Slide 43

Slide 43 text

StatefulSets 116.109.65.208 116.109.65.210 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.4 Container 8000 5432 Name=web-abc • Every pod has a unique name web-abc.default.svc.cluster.local.

Slide 44

Slide 44 text

StatefulSets 116.109.65.208 116.109.65.210 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.5 Container 8000 5432 Name=web-xyz • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.4 Container 8000 5432 Name=web-abc • Every pod has a unique name • And change every time redeploy • KaBka needs a stable hostname when deploying a cluster. web-xyz.default.svc.cluster.local.

Slide 45

Slide 45 text

StatefulSets 116.109.65.208 116.109.65.210 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.5 Container 8000 5432 Name=web-xyz • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.4 Container 8000 5432 Name=web-abc • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 ID=1 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 ID=2 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.3 Container 3000 3306 ID=3 • Every pod has a unique name • And change every time redeploy • KaBka needs a stable hostname when deploying a cluster. StafulSets: • Keeps unique IDs in replicas

Slide 46

Slide 46 text

StatefulSets 116.109.65.208 116.109.65.210 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.5 Container 8000 5432 Name=web-xyz • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.4 Container 8000 5432 Name=web-abc • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 ID=1 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 ID=2 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.3 Container 3000 3306 ID=3 • Every pod has a unique name • And change every time redeploy • KaBka needs a stable hostname when deploying a cluster. StafulSets: • Keeps unique IDs in replicas • db-01.foo.default.svc.cluster.local. Name=db-01 Name=db-02 Name=db-03

Slide 47

Slide 47 text

StatefulSets 116.109.65.208 116.109.65.210 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.5 Container 8000 5432 Name=web-xyz • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.4 Container 8000 5432 Name=web-abc • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 ID=1 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 ID=2 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.3 Container 3000 3306 ID=3 • Every pod has a unique name • And change every time redeploy • KaBka needs a stable hostname when deploying a cluster. StafulSets: • Keeps unique IDs in replicas • db-01.foo.default.svc.cluster.local. • deployed in sequential order and terminated in reverse ordinal order. (optional) • KaBka, MySQL, Redis, ZooKeeper ... : need unique, persistent identities and stable hostnames. Name=db-01 Name=db-02 Name=db-03

Slide 48

Slide 48 text

Jobs • Perform a single completable task. • Useful for ad hoc tasks, where it’s crucial that the task finishes properly. • There are 2 types: batch job and cron job.

Slide 49

Slide 49 text

General pictures label matching label matching label matching service Deployment label a label b ReplicaSet label a label b DaemonSet label a label b StatefulSet label a label b Job label a label b Pods label a label b Services label a label b

Slide 50

Slide 50 text

Data - ConBigMap - Secret key1=value1 name=prod-env key2=value2 key3=value3 • Configmap is a map containing key/value pairs • The values ranging from short literals to full config files.

Slide 51

Slide 51 text

Data - ConBigMap - Secret key1=value1 name=prod-env key2=value2 key3=value3 key1=B64(v1) name=db-passwd key2=B64(v2) key3=B64(v3) • Configmap is a map containing key/value pairs • The values ranging from short literals to full config files. • Secret: similar to ConfigMap • let you store and manage sensitive information, such as passwords, OAuth tokens, and ssh keys • Currently no encryption. just encoding.

Slide 52

Slide 52 text

Data - Volume • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.3 Container 3000 3306 /data /output /logs Volume • Using volume to store / share data between containers

Slide 53

Slide 53 text

Data - Volume • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.3 Container 3000 3306 /data /output /logs Volume • Using volume to store / share data between containers • Volume can be built from secret / configmap

Slide 54

Slide 54 text

Data - Volume • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.3 Container 3000 3306 /data /output /logs Volume Persistent Volume Claim 30GB Persistent Volume GCEPersistentDisk 50GB Persistent Volume AzureDisk 20GB Persistent Volume CephFS 20GB • Using volume to store / share data between containers • Volume can be built from secret / configmap • Or from the persistent disk

Slide 55

Slide 55 text

General pictures label matching label matching label matching service Deployment label a label b ReplicaSet label a label b DaemonSet label a label b StatefulSet label a label b Job label a label b Pods label a label b Con]igMap Secret PersistentVolume name Services label a label b

Slide 56

Slide 56 text

Namespace • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.4 Container 8000 5432

Slide 57

Slide 57 text

Namespace • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.4 Container 8000 5432

Slide 58

Slide 58 text

Namespace • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.4 Container 8000 5432 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.4 Container 8000 5432 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 • Isolation. • Immutability • Efficient resource Container Container 3000 3306 • Isolation. • Immutability • Efficient resource Container Container 8000 5432 Staging testing production

Slide 59

Slide 59 text

Namespace • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.4 Container 8000 5432 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.4 Container 8000 5432 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 Container 3000 3306 • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.2 Container 3000 3306 • Isolation. • Immutability • Efficient resource Container Container 3000 3306 • Isolation. • Immutability • Efficient resource Container Container 8000 5432 namespace=Staging namespace=testing namespace=production • Namespace is a virtual cluster or a logical cluster • organized projects (telco / avay) • organize environment (testing/ staging) • Some important namespaces: default / kube-system

Slide 60

Slide 60 text

General pictures label matching label matching label matching service Deployment label a label b ReplicaSet label a label b DaemonSet label a label b StatefulSet label a label b Job label a label b namespace: telco-staging Pods label a label b Con]igMap Secret PersistentVolume name Services label a label b

Slide 61

Slide 61 text

Ingress • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable • How to expose multiple service? • Service is L4 proxy. • SSL? node_ip:port/url -> internal_service_ip:node_port/url

Slide 62

Slide 62 text

Ingress • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable • How to expose multiple service? • Service is L4 proxy. • SSL? Ingress • name-based virtual hosting • Load-balancing • SSL terminating • L7 proxy

Slide 63

Slide 63 text

General pictures label matching label matching label matching service Deployment label a label b ReplicaSet label a label b DaemonSet label a label b StatefulSet label a label b Job label a label b namespace: telco-staging Pods label a label b Con]igMap Secret PersistentVolume name Ingress Services label a label b example.com/login

Slide 64

Slide 64 text

bring everything together

Slide 65

Slide 65 text

Kubernetes for developers

Slide 66

Slide 66 text

Pod template • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable • 1 Descriptor conforms to version v1 of Kubernetes API • 2 You’re describing a pod. • 3 The name of the pod • 4 Container image to create the container from • 5 Name of the container • 6 The port the app is listening on

Slide 67

Slide 67 text

Organize Pod with label • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable

Slide 68

Slide 68 text

Readiness probes • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable readiness probes to know when a Container is ready to start accepting traffic. 3 mechanisms: • HTTP GET probe. • TCP socket probe. • Exec probe.

Slide 69

Slide 69 text

Readiness probes • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable

Slide 70

Slide 70 text

Liveness probes • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable liveness probes to know when to restart the container. 3 mechanisms: • HTTP GET probe. • TCP socket probe. • Exec probe.

Slide 71

Slide 71 text

Liveness probes • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable

Slide 72

Slide 72 text

Pod Lifecycle • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable

Slide 73

Slide 73 text

Lifecycle • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable

Slide 74

Slide 74 text

Init containers • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable init containers, which are run before the app containers are started. Init containers are exactly like regular containers, except: • Init containers always run to completion. • Each init container must complete successfully before the next one starts. Init containers can contain utilities or custom code for setup that are not present in an app image. (e.g.: sed, awk, python ...) --> The application image builder and deployer roles can work independently without the need to jointly build a single app image.

Slide 75

Slide 75 text

init containers • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable

Slide 76

Slide 76 text

init containers • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable

Slide 77

Slide 77 text

Resources • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Compute resources are measurable quantities that can be requested, allocated, and consumed

Slide 78

Slide 78 text

Resources • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable

Slide 79

Slide 79 text

Service 4 types: • ClusterIP: exposes the service on a cluster-internal IP. • NodePort: exposes service on each Node's IP at the static port. ClusterIP will automatically create. • LoadBalancer: expose the service externally using a cloud provider’s load balancer. • ExternalName: Maps the Service to the contents of the externalName field (e.g. foo.bar.example.com) 116.109.65.208 service 10.1.1.1 Container 31452 8888:3306 3306 116.109.65.208:31452/login NodePort

Slide 80

Slide 80 text

ConBigMap Configmap is a map containing key/value pairs with the values ranging from short literals to full config files.

Slide 81

Slide 81 text

Secret • let you store and manage sensitive information, such as passwords, OAuth tokens, and ssh keys • Currently no encryption. just encoding.

Slide 82

Slide 82 text

Basic command lines kubectl kubectl get pods kubectl get pods fraud-score-service-d45h3dh09 kubectl get services kubectl delete services fraud-score-service action: get / delete / edit / describe resource_type: pods / deployment / service / ingress / sercret / conBigmaps / .... https://kubernetes.io/docs/reference/kubectl/cheatsheet/ Important ]lags: [-A] All namespace [--show-labels] include the labels [-l ] selector. e.g: -l='app=web,version=1' [-f] Bile name. [-o] output format. can be yaml, json or wide (view more information)

Slide 83

Slide 83 text

Repository https://github.com/tsocial/telco_integration/pull/24 Contains: • All resources yaml • All scripts to generate config files / deploy to the k8s cluster. • Some configurations to enable the log infrastructure / service mesh Implement Kubernetes infrastructure PR

Slide 84

Slide 84 text

Repository • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable

Slide 85

Slide 85 text

Development environment

Slide 86

Slide 86 text

minikube Pros: • Cheap • Easy to get start Cons: • Very different from real production environment. • Local machine

Slide 87

Slide 87 text

Cloud • DigitalOcean • Google Cloud • Amazon Pros: easy to manage. Cons: prices ?

Slide 88

Slide 88 text

Manual - kubeadm • Network driver ? • High availability ? • Making sure .... k8s is running ?

Slide 89

Slide 89 text

k3s • Kubernetes for IOT

Slide 90

Slide 90 text

Deploying app to k8s

Slide 91

Slide 91 text

Basic steps • Dockerize. • Write deployment/service. • Define configmap or variable env. • Resource usage. • Liveness/Ready probe.

Slide 92

Slide 92 text

Basic steps • Dockerize. • Write deployment/service. • Define configmap or variable env. • Resource usage. • Liveness/Ready probe. • How to structure application into pods? Multiple container in 1 pod or multiple pod? • How to integrate with other service? • Does it need to communicate with outside? • Does it need stateful?

Slide 93

Slide 93 text

Basic steps kubectl apply -f resource.yaml API Server 10.1.1.1 resource.yaml fraud_score: image: docker-registry.trustingsocial.com/telco_platform/fraud_score_service:${FRAUD_SCORE_TAG} env_file: .test.env

Slide 94

Slide 94 text

Basic steps kubectl apply -f resource.yaml API Server 10.1.1.1 resource.yaml fraud_score: image: docker-registry.trustingsocial.com/telco_platform/fraud_score_service:${FRAUD_SCORE_TAG} env_file: .test.env fraud_score: image: docker-registry.trustingsocial.com/telco_platform/fraud_score_service:master.fa38ac4

Slide 95

Slide 95 text

Helm Pros: • Package manager for Kubernetes • Life cycle management: create / install / Upgrade / rollback / delete / status / versioning • Helm Charts help you define, install, and upgrade even the most complex Kubernetes application. • Helm repository https://github.com/helm/charts/tree/master/stable Helm 3 Helm 2

Slide 96

Slide 96 text

Helm Pros: • Package manager for Kubernetes • Life cycle management: create / install / Upgrade / rollback / delete / status / versioning • Helm Charts help you define, install, and upgrade even the most complex Kubernetes application. • Helm repository https://github.com/helm/charts/tree/master/stable Cons: • Easy to use, but hard to write / debug • Yaml format is not compatible with k8s resource format. Helm 3 Helm 2

Slide 97

Slide 97 text

Kustomization • Customization of kubernetes YAML configurations + kustomize build ${directory} > output.yaml

Slide 98

Slide 98 text

Advance

Slide 99

Slide 99 text

The architecture • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable

Slide 100

Slide 100 text

The API Server • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable API server is the central component used by all other components and by clients, such as kubectl. It provides a CRUD (Create, Read, Update, Delete) interface for querying and modifying the cluster state over a RESTful API. It stores that state in etcd.

Slide 101

Slide 101 text

The API Server • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable

Slide 102

Slide 102 text

The Scheduler • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable • Filtering the list of all nodes to obtain a list of acceptable nodes the pod can be scheduled to • Prioritizing the acceptable nodes and choosing the best one. • If multiple nodes have the highest score, round-robin is used to ensure pods are deployed across all of them evenly.

Slide 103

Slide 103 text

The controller manager • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable • ReplicaSet, DaemonSet, and Job controllers. • Deployment controller. • StatefulSet controller. • Node controller. • Service controller. • Others Controllers do many different things, but they all watch the API server for changes to resources (Deployments, Services, and so on) and perform operations for each change, whether it’s a creation of a new object or an update or deletion of an existing object.

Slide 104

Slide 104 text

kubelet • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable

Slide 105

Slide 105 text

kube proxy • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable • The iptables proxy mode doesn’t load balance—it selects pods randomly. • When only a few clients use a service, they may not be spread evenly across pods. kube-proxy makes sure connections to the service IP and port end up at one of the pods backing that service

Slide 106

Slide 106 text

How they cooperate • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable

Slide 107

Slide 107 text

Horizontal Pod Autoscaler • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable

Slide 108

Slide 108 text

Cluster Autoscaler • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable

Slide 109

Slide 109 text

Auto scale interact together • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable

Slide 110

Slide 110 text

Kubernetes networking • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable • all Pods can communicate with all other Pods without using network address translation (NAT). • all Nodes can communicate with all Pods without NAT. • the IP that a Pod sees itself as is the same IP that others see it as. 1. Container-to-Container networking 2. Pod-to-Pod networking 3. Pod-to-Service networking 4. Internet-to-Service networking https://sookocheff.com/post/kubernetes/understanding-kubernetes-networking-model/ Problems

Slide 111

Slide 111 text

Pod-to-Pod same node • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable

Slide 112

Slide 112 text

Pod-to-Pod different nodes • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable

Slide 113

Slide 113 text

micro-service challenges

Slide 114

Slide 114 text

Microservices • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable • Technology Heterogeneity • Resilience • Scaling • Ease of deployment • Optimizing for Replaceability Benefits:

Slide 115

Slide 115 text

Microservices • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable The network should be transparent to applications. When network and application problems do occur it should be easy to determine the source of the problem. This sounds great! But it turns out it’s really, really hard.

Slide 116

Slide 116 text

But the network is hard • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable • Communication between services • Load Balance • Discovery Service • Observability • Distributed tracing • Logs • Monitoring • Fault Tolerance • Circuit breaker • Retry mechanism

Slide 117

Slide 117 text

Communication between services • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Client side load balancer Server side load balancer yet another highly available system component that you need to set up and manage couples the client with the service registry. make application speciBic load balancing decisions (e.g.hashing consistently) eliminates the need to implement discovery logic

Slide 118

Slide 118 text

Client Libraries: The First Service Meshes? • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable • The restriction use of multiple language- specific frameworks and/or application servers to run them. • Complexity when upgrade version library. • Forward compatibility and Backward compatibility

Slide 119

Slide 119 text

Observability • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable • Logging • Metrics • Tracing https://www.slideshare.net/hqt/observability-and-its-application How well do you really understand what’s going on in these environments?

Slide 120

Slide 120 text

Network failure • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable With our services communicating with numerous external resources, failures can be caused by: • Networking issues • System overload • Resource starvation (e.g. out of memory) • Bad deployment/conBiguration •

Slide 121

Slide 121 text

Service Mesh

Slide 122

Slide 122 text

Service Mesh • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable In software architecture, a service mesh is a dedicated infrastructure layer for facilitating service-to-service communications between microservices, often using a sidecar proxy. (Wikipedia)

Slide 123

Slide 123 text

Service Mesh • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable In software architecture, a service mesh is a dedicated infrastructure layer for facilitating service-to-service communications between microservices, often using a sidecar proxy. (Wikipedia) • Service engineer focus only on service business. • Don’t restrict to any language/framework.

Slide 124

Slide 124 text

Control plane vs Data plane • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Data Plane: • Touches every packet/request in the system. Control Plane: • Does not touch any packet/request in the system.

Slide 125

Slide 125 text

Control plane vs Data plane • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Data Plane: • Touches every packet/request in the system. • Service discovery • Health checking • Routing. • Observability. • Authentication/authorization. • Load balancing Control Plane: • Does not touch any packet/request in the system. • Provide policy. • Provide configuration. • Unifies telemetry collection.

Slide 126

Slide 126 text

istio

Slide 127

Slide 127 text

Envoy Proxy • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable

Slide 128

Slide 128 text

Envoy Proxy • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Out of process architecture: Let’s do a lot of really hard stuff in one place • Modern C++11 code base: Fast and productive. • L3/L4 Bilter architecture: A TCP proxy at its core. HTTP; MongoDB; Redis; TCP rate limiter • HTTP L7 Bilter architecture. • HTTP/2 and GRPC proxy. • Service discovery and active health checking. • Advanced load balancing: Retry, timeouts, circuit breaking, rate limiting, shadowing, etc • Observability: stats, logging, and tracing. • Edge proxy: routing and TLS. • ...

Slide 129

Slide 129 text

Envoy How ? • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 3000 17.5.7.8 IPTables Service (1) 10.1.1.1:3000 (2) 10.1.1.1:3000

Slide 130

Slide 130 text

Envoy How ? • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 3000 17.5.7.8 IPTables Service Envoy 15001 protocol source destination rule tcp anywhere :8888 :8888 tcp anywhere :8080 :8080 tcp anywhere anywhere redirect port 15001

Slide 131

Slide 131 text

Envoy How ? • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Container 10.1.1.1 3000 17.5.7.8 IPTables Service Envoy 15001 protocol source destination rule tcp anywhere :8888 :8888 tcp anywhere :8080 :8080 tcp anywhere anywhere redirect port 15001 (1) 10.1.1.1:3000 (2) 10.1.1.1:15001 (3) 10.1.1.1:3000

Slide 132

Slide 132 text

Envoy - Observability • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Having all SoA trafBic transit through Envoy gives us a single place where we can: • Produce consistent statistics for every hop • Create and propagate a stable request ID • Consistent logging • Distributed tracing

Slide 133

Slide 133 text

Envoy - Advanced load balancer • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable • Different service discovery types • Zone aware least request load balancing. • Dynamic stats: Per zone, canary speciBic stats, etc. • Circuit breaking: Max connections, requests, and retries. • Rate limiting: Integration with global rate limit service. • Shadowing: Fork trafBic to a test cluster. • Retries: HTTP router has built in retry capability with different policies. • Timeouts: Both “outer” (including all retries) and “inner” (per try) timeouts. • Outlier detection: Consecutive 5xx • Deploy control: Blue/green, canary, etc

Slide 134

Slide 134 text

istio • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable • Data plane: Envoy proxy as Sidecar • Control plane: • Pilot • Galley • Citadel • Mixer

Slide 135

Slide 135 text

istio • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable • Data plane: Envoy proxy as Sidecar • Control plane: • Pilot • Galley • Citadel • Mixer Functionality: • Fine-grained control traffic • A pluggable policy layer like rate limits, access control, quotas. • Automatic metrics, logs, traces. • Secure service-to-service

Slide 136

Slide 136 text

istio - trafBic management

Slide 137

Slide 137 text

TrafBic splitting • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable

Slide 138

Slide 138 text

TrafBic mirroring • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable

Slide 139

Slide 139 text

istio - resilience

Slide 140

Slide 140 text

Load balancing strategy • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable • Client side load balancing • Do not need reverse proxy -> remove single point of failure.

Slide 141

Slide 141 text

retry and timeout • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable

Slide 142

Slide 142 text

fault injection • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable

Slide 143

Slide 143 text

circuit breaker • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable

Slide 144

Slide 144 text

Observability

Slide 145

Slide 145 text

Metrics • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable

Slide 146

Slide 146 text

Logs • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable

Slide 147

Slide 147 text

Traces • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable • Envoy proxy is responsible for generating the initial trace headers and doing so in an OpenTelemetry–compatible way • Your application requires a thin-client library to collect and propagate a small set of HTTP headers: • x-request-id • x-b3-traceid • x-b3-spanid • x-b3-parentspanid • x-b3-sampled • x-b3-flags • x-ot-span-context

Slide 148

Slide 148 text

Traces • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable Life is not always easy ... Need the cooperation from the application

Slide 149

Slide 149 text

Visualization • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable

Slide 150

Slide 150 text

Apply istio to the existing infrastructure

Slide 151

Slide 151 text

step-by-step • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable • Step 1: Install istio to the Kubernetes system • Step 2: Add label istio=enabled to the namespace.

Slide 152

Slide 152 text

istio Binish installation • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable

Slide 153

Slide 153 text

Result • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable After Before

Slide 154

Slide 154 text

Result • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable • Network interface might change Before After

Slide 155

Slide 155 text

References • Isolation. • Immutability • Efficient resource utilization. • Lightweight • Portable • https://sookocheff.com/post/kubernetes/understanding-kubernetes-networking-model/ • https://kubernetes.io/docs/home/ • https://www.slideshare.net/lestrrat/kubernetes-in-30-minutes-20170310 • https://blog.getambassador.io/kubernetes-ingress-nodeport-load-balancers-and-ingress- controllers-6e29f1c44f2d • https://jimmysong.io/posts/envoy-sidecar-injection-in-istio-service-mesh-deep-dive/ • https://medium.com/flant-com/comparing-ingress-controllers-for-kubernetes-9b397483b46b • https://github.com/hjacobs/kubernetes-failure-stories • Kubernetes with swap partition: https://github.com/kubernetes/kubernetes/issues/53533 • https://github.com/ramitsurana/awesome-kubernetes Credit to: Huy Vo, engineer manager, @Axon.

Slide 156

Slide 156 text

Q&A