Upgrade to Pro — share decks privately, control downloads, hide ads and more …

【第2回】はじめてのRancherシリーズ「Hosted Rancher編」

cheng
June 05, 2020
Technology
0
300

【第2回】はじめてのRancherシリーズ「Hosted Rancher編」

一般提供が開始されたHosted Rancherにフォーカスを当ててご紹介します。
Hosted Rancherとは、AWS上にホストされたマネージド型Rancher Management Serverです。利用者はManagement Serverの管理工数を削減することが可能となり、Kubernetesの導入と運用に大きなメリットを享受できます。
Hosted Rancherは有償のサービスとなります。詳細はhttps://www.rancher.co.jp/contact/までお問い合わせください

cheng

June 05, 2020
Tweet

More Decks by cheng

See All by cheng
OSSでセキュリティをCI/CDパイプラインに透過的に取込む方法
qiang1981cn
0
130
Rancher v2.6.5 Update情報
qiang1981cn
0
300
NeuVector(Container Security) online meetup 06/30
qiang1981cn
0
220
Harvester 2022/01, オンラインミートアップ
qiang1981cn
0
160
Japan International Kubernetes Day
qiang1981cn
0
50
2021/01/20(水) はじめてのRancherオンラインミートアップ
qiang1981cn
0
270
"Rancherハンズオン with v2.5" ワークショップ 2020/12
qiang1981cn
0
310
Rancher Day 2020 - Rancher Update(racher v2.5))
qiang1981cn
0
46
Rancher Update 2020/10,Rancher v2.5の最新情報
qiang1981cn
0
250

Other Decks in Technology

See All in Technology
エンジニア候補者向け資料2024.04.24.pdf
macloud
0
3.3k
推しは推せるときに推せ! プロダクトにフィードバックしていこう
nakasho
0
300
Google Cloud の AI を支える裏側のインフラを垣間見る!
maroon1st
0
340
GrafanaMeetup_AmazonManagedGrafanaのアクセス制御機能とマルチテナント環境下でのアクセス制御について
daitak
0
140
アクセス制御にまつわる改善 / Improving access control
itkq
0
530
ワールドカフェI /チューターを改良する / World Café I and Improving the Tutors
ks91
PRO
0
120
Kernel MemoryでAzure OpenAI Serviceとお手軽データソース連携
mitsuzono
1
240
本当のAWS基礎
toru_kubota
0
510
複雑な構成要素を持つUIとの向き合い方 〜新・支出グラフでの実例〜 / B43 TECH TALK
nakamuuu
0
140
Cloud Native Java with Spring Boot (CNCF Aarhus, April 2024)
thomasvitale
1
170
20240418_Google ColabにLLMが搭載されたようなのでPython x データ分析の勉強方法を考えてみる
doradora09
0
130
リテール金融(キャッシュレス・ネット銀行・ネット証券)の競争環境と経済圏
8maki
0
920

Featured

See All Featured
Web Components: a chance to create the future
zenorocha
305
41k
Infographics Made Easy
chrislema
238
18k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
501
140k
The Straight Up "How To Draw Better" Workshop
denniskardys
227
130k
Statistics for Hackers
jakevdp
789
220k
Web development in the modern age
philhawksworth
202
10k
Fontdeck: Realign not Redesign
paulrobertlloyd
76
4.9k
Facilitating Awesome Meetings
lara
42
5.6k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
14
1.5k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
155
14k
Rebuilding a faster, lazier Slack
samanthasiow
73
8.2k
For a Future-Friendly Web
brad_frost
172
9k

Transcript

  1. © Copyright 2020 Rancher Labs. All Rights Reserved. Confidential 1

    © Copyright 2020 Rancher Labs. All Rights Reserved. 1 Hosted Rancher 2020/06/05 CHENG Field Engineer

  2. About me Jianqiang Cheng(ͪΜ) Field Engineer at Rancher Labs. [email protected]

    slack.rancher.jp ▪Favorite technologies: Rancher, Kubernetes, AWS, Jenkins. ▪Certifications:

  3. © Copyright 2020 Rancher Labs. All Rights Reserved. Confidential 3

    3 Agenda • Why Rancher? • Why Hosted Rancher? • Demo

  4. © Copyright 2020 Rancher Labs. All Rights Reserved. Confidential 4

    Rancher – Kubernetes Management Platform

  5. © Copyright 2020 Rancher Labs. All Rights Reserved. Confidential 5

    Container Image Application Code Application Dependencies Container Image

  6. © Copyright 2020 Rancher Labs. All Rights Reserved. Confidential 6

    Container Image Container Image Container Container Container

  7. © Copyright 2020 Rancher Labs. All Rights Reserved. Confidential 7

    Containers are great……..but Managing a couple – no problem

  8. © Copyright 2020 Rancher Labs. All Rights Reserved. Confidential 8

    Containers are great……..but How about managing many? How do we address: Networking, Security, Scheduling, Automation, etc?

  9. © Copyright 2020 Rancher Labs. All Rights Reserved. Confidential 9

    DEV DATA CENTER CLOUD BRANCH EDGE ü Common API & Packaging ü Health Checks/HA ü Load Balancing ü Overlay Networking ü Network Security Policies ü Backup and Recovery ü Autoscaling ü Service Discovery ü Networking ü RBAC & Access Control © Copyright 2020 Rancher Labs. All Rights Reserved. 9 Kubernetes

  10. © Copyright 2020 Rancher Labs. All Rights Reserved. Confidential 10

    Kubernetesを正しく管理出来なければ、 オーバーヘッドとリスクを発生させる可能性 集中的な管理と 可視化が出来ない 一貫した セキュリティポリシーが 適用出来ていない 管理がサイロ化 されていることがある よくあるKubernetesクラスタの実情は、 © Copyright 2020 Rancher Labs. All Rights Reserved. 10

  11. © Copyright 2020 Rancher Labs. All Rights Reserved. Confidential 11

    Rancherは幅広いプラットフォームに対応 Hybrid Cloud、Multi Cloud一元管理を実現 Infrastructure ITOps DevOps - Provisioning - Auth/RBAC - Policy - Security - Capacity © Copyright 2020 Rancher Labs. All Rights Reserved. 11 - User Interface - Service Catalog - CI/CD - Monitoring - Logging - Alerting クラスタ一元管理 セルフサービス クラスタ環境の利用 Amazon EKS Azure AKS Google GKE Cloud Datacenter Dev Branch Edge Windows Linux

  12. © Copyright 2020 Rancher Labs. All Rights Reserved. Confidential 12

    Kubernetes KubernetesΤίγεςϜ͕ɺ๲େͳ΋ͷͰ͢ - https://landscape.cncf.io (These are just the Storage projects)

  13. © Copyright 2020 Rancher Labs. All Rights Reserved. Confidential 13

    RancherがKubernetesにもたらすもの 13 Network & Storage Registry App Catalog Monitoring Kubernetes Container Runtime CI/CD Service Mesh Logging Security RBAC & PSP Authentication What Rancher takes an SLA on Manage all this? … or this? Rancher Certified Integrations Cloud Datacenter Dev Branch Edge Google GKE Azure AKS Amazon EKS

  14. © Copyright 2020 Rancher Labs. All Rights Reserved. Confidential 14

    UseCase – Alpaca Japan

  15. © Copyright 2020 Rancher Labs. All Rights Reserved. Confidential 15

    Alpaca Japanのインフラ 引用:https://speakerdeck.com/taishin/rancherday2019-alpacajapan

  16. © Copyright 2020 Rancher Labs. All Rights Reserved. Confidential 16

    Rancherによる課題解決 引用:https://speakerdeck.com/taishin/rancherday2019-alpacajapan

  17. © Copyright 2020 Rancher Labs. All Rights Reserved. Confidential 17

    Rancherによる課題解決 引用:https://speakerdeck.com/taishin/rancherday2019-alpacajapan

  18. © Copyright 2020 Rancher Labs. All Rights Reserved. Confidential 18

    Rancherによる課題解決 引用:https://speakerdeck.com/taishin/rancherday2019-alpacajapan

  19. © Copyright 2020 Rancher Labs. All Rights Reserved. Confidential 19

    Rancherによる課題解決 引用:https://speakerdeck.com/taishin/rancherday2019-alpacajapan

  20. © Copyright 2020 Rancher Labs. All Rights Reserved. Confidential 20

    Hosted Rancher

  21. © Copyright 2020 Rancher Labs. All Rights Reserved. Confidential 21

    nRancherの構築と運用の手間を省きたい n運用管理メンバーが足りない n環境関連の問合せを減らしたい Customer Pain Points nRancherの構築運用のベストプラクティスが知らない nRancherバージョンアップの作業に不安を感じる nノンコア業務のRancher運用を他社に任せたい

  22. © Copyright 2020 Rancher Labs. All Rights Reserved. Confidential 22

    Typical Rancher Deployment Rancher HA Deployment etcd etcd etcd Endpoint URL On-premises infrastructure Cloud infrastructure Imported Clusters EKS AKS GKE Vanity URL Endpoint Hosted Rancher HA Deployment

  23. © Copyright 2020 Rancher Labs. All Rights Reserved. Confidential 23

    Rancher recommended set up model Rancher Management Server Cluster - prod All-in-one nodes (cp/etcd/worker) Node Node Node Node Node Node Node Node Node Node Node Managed Kubernetes Cluster 1 – prod Node Node Node Node Node Node Node Node Node Managed Kubernetes Cluster 2 – prod Node Control Plane etcd Worker Worker Node Node Node Node Node Node Node Cluster 3- Hosted K8S - prod Control Plane etcd Node Worker Cloud Hosted (GKE, EKS, AKS) Environment The Rancher Management Server cluster manages all downstream k8s. The k8s required to run Rancher are not counted in the down stream Rancher host count. No cost. Rancher hosts are the downstream Kubernetes compute nodes managed by the Rancher Management Server cluster. Control Plane etcd Worker

  24. © Copyright 2020 Rancher Labs. All Rights Reserved. Confidential 24

    How Hosted Rancher works RDS ALB ASG VPC Downstream cluster (on-prem datacenter) Downstream clusters (cloud-hosted) Customer on-prem datacenter RKE Etcd Nodes RKE Control Plane Nodes Control Plane MS AD or LDAP Route 53 DNS API/UI over HTTPS/TLS (443) Customer RKE Worker Nodes RKE Worker Nodes RKE Worker Nodes Worker Nodes RKE Worker Nodes vSphere Nodes VPC Peering or VPN Splunk Elasticsearch etc Websocket over HTTPS/TLS (443)

  25. © Copyright 2020 Rancher Labs. All Rights Reserved. Confidential 25

    Hosted RancherͷϝϦοτ Add-on to Platinum subscription ‘White glove’ DevOps service with 99.9% SLA Remote monitoring and log management by Rancher’s experts Hosted Rancher control plane, available 24/7/365 Stress-free upgrades, security patches & backups Maintain full visibility & control of downstream clusters 24/7/365の稼働 99.9%の可用性 Rancher管理者権限の付与 Rancher定期メンテナンス不要 Rancher運用監視不要 サポートの追加オプションとして提供

  26. © Copyright 2020 Rancher Labs. All Rights Reserved. Confidential 26

    • Amazon Web Services (AWS) • Packer & Terraform • Ubuntu Server 18.04.3 LTS • K8s -> K3s • Docker -> Containerd • etcd -> MySQL using RDS • Prometheus Monitoring & Alerting (via Rancher) • Longhorn (for metrics persistent storage) • Latest stable Rancher Tech Stack

  27. © Copyright 2020 Rancher Labs. All Rights Reserved. Confidential 27

    Demo

  28. © Copyright 2020 Rancher Labs. All Rights Reserved. Confidential 28

    RancherがKubernetesにもたらすもの 28 Network & Storage Registry App Catalog Monitoring Kubernetes Container Runtime CI/CD Service Mesh Logging Security RBAC & PSP Authentication What Rancher takes an SLA on Manage all this? … or this? Rancher Certified Integrations Cloud Datacenter Dev Branch Edge Google GKE Azure AKS Amazon EKS

  29. © Copyright 2020 Rancher Labs. All Rights Reserved. Confidential 31

    5IBOLT ͋Γ͕ͱ͏͍͟͝·͢ɻ