What Even is Cloud Native? (PHPNE, April 2018)

Transcript

1. @rawkode What Even is Cloud Native?

2. @rawkode David McKay Software Consultant ➔ User Group Organiser ◆

   Cloud Native Glasgow ◆ Docker Glasgow ◆ DevOps Glasgow ◆ Pair Programming Glasgow ◆ MongoDB Glasgow ➔ Developer ◆ Ballerina ◆ Crystal ◆ Elixir ◆ Go ◆ PHP ◆ Python ◆ Pony

3. @rawkode Cloud Native Klaʊd Neɪtɪv adjective: cloud-native, superlative adjective: cloud-nativest

   ???

4. @rawkode Cloud Klaʊd

5. @rawkode Cloud Klaʊd

6. @rawkode Cloud Klaʊd * To all the OCD types out

   there, I’m sorry

7. @rawkode Cloud Native Computing Foundation (CNCF)

8. @rawkode Cloud Native Computing Foundation (CNCF) 1. Containerized Each part

   (applications, processes, etc) is packaged in its own container. This facilitates reproducibility, transparency, and resource isolation 2. Dynamically Orchestrated Containers are actively scheduled and managed to optimize resource utilization 3. Microservices Oriented Applications are segmented into microservices. This significantly increases the overall agility and maintainability of applications.

9. @rawkode Containerized “Each part (applications, processes, etc) is packaged in

   its own container. This facilitates reproducibility, transparency, and resource isolation”

10. @rawkode Containerized: Reproducibility

11. @rawkode Containerized: Resource Isolation

12. @rawkode Containerized: Transparency

13. @rawkode Containerized: Transparency FROM alpine:3.5 RUN apk update && apk

    add php ENTRYPOINT [ “php” ] CMD [“-v”]

14. @rawkode Dynamically Orchestrated Containers are actively scheduled and managed to

    optimize resource utilization

15. @rawkode Dynamically Orchestrated

16. @rawkode --memory=4M --memory-reservation=4M --cpus=1.5 --cpu-period=100000 --cpu-quota=50000

17. @rawkode spec.containers[].resources.limits.cpu spec.containers[].resources.limits.memory spec.containers[].resources.requests.cpu spec.containers[].resources.requests.memory

18. @rawkode Microservices Oriented Applications are segmented into microservices. This significantly

    increases the overall agility and maintainability of applications.

19. @rawkode // npm: is-even:1.0.0 if (i % 2 == 0)

    { return true; } return false;

20. @rawkode // npm: is-even:1.0.0 var isOdd = require('is-odd'); module.exports =

    function isEven(i) { return !isOdd(i); };

21. @rawkode // is-odd:2.0.0 var isNumber = require('is-number'); module.exports = function

    isOdd(i) { if (!isNumber(i)) { throw new TypeError('is-odd expects a number.'); } if (Number(i) !== Math.floor(i)) { throw new RangeError('is-odd expects an integer.'); } return !!(~~i & 1); };

22. @rawkode Microservices Oriented

23. @rawkode I’m sold. What do I need?

24. @rawkode Cloud Native Computing Foundation (CNCF) ★ Kubernetes ★ Prometheus

    ★ OpenTracing ★ Fluentd ★ Linkerd ★ gRPC ★ CoreDNS ★ containerd ★ rkt ★ CNI ★ Envoy ★ Jaeger

25. @rawkode Kubernetes Orchestration

26. @rawkode Kubernetes Orchestration ➔ ConfigMaps ➔ Secrets ➔ Pods ➔

    Deployments ➔ StatefulSets

27. @rawkode apiVersion: v1 kind: ConfigMap metadata: name: my-configmap data: api_domain:

    "example.com"

28. @rawkode apiVersion: extensions/v1beta1 kind: Deployment spec: replicas: 3 template: spec:

    containers: - name: my-container image: rawkode/my-container:sha256

29. @rawkode kind: Service apiVersion: v1 spec: selector: name: my-deployment type:

    NodePort ports: - protocol: TCP port: 80

30. @rawkode Helm Standardise Your Deployments

31. @rawkode APP_SECRET=67d829bf61dc5f87a73fd814e2c9f629 framework: secret: %APP_SECRET%

32. @rawkode APP_SECRET=secret framework: secret: secret

33. @rawkode Terraform Can Provision K8s Primitives

34. @rawkode resource "random_string" "rpc-secret" { length = 32 special =

    true }

35. @rawkode resource "kubernetes_secret" "service-vault" { data { rpc-secret = "${random_string.rpc-secret.result}"

    } }

36. @rawkode Fluentd Logging

37. @rawkode Fluentd Logging Written in C & Ruby

38. @rawkode Fluentd Logging 13k events per second ~ 40MB RAM

    Footprint

39. @rawkode Fluent Bit Logging

40. @rawkode Fluent Bit Logging Written in C > 13k events

    per second ~ 450KIB RAM Footprint

41. @rawkode Fluentd/Bit Logging Plugins: ➔ AWS ➔ GCP ➔ MySQL

    / PostgreSQL ➔ Elasticsearch ➔ Docker ➔ Kubernetes ➔ Twitter ➔ Kafka

42. @rawkode Fluentd/Bit Docker Logging { “log-driver": "fluentd", "log-opts": { "fluentd-address":

    “...” } }

43. @rawkode Fluentd/Bit Kubernetes Logging # DaemonSet image: quay.io /fluent /fluentd-kubernetes-daemonset

44. @rawkode Prometheus Monitoring

45. @rawkode Prometheus Monitoring Written in Go

46. @rawkode Prometheus Monitoring Provides Dashboards & Works with Grafana

47. @rawkode Prometheus Monitoring Export Everything! ➔ Elasticsearch ➔ Consul ➔

    MongoDB ➔ RabbitMQ ➔ Kafka ➔ Apache ➔ Nginx ➔ Fluentd ➔ …

48. @rawkode Prometheus Monitoring Scraping Magic with Kubernetes ➔ /metrics my_metric{label=a}

    1 my_metric{label=b} 6

49. @rawkode Prometheus Monitoring Manual Instrumentation $counter = newCounter([ 'namespace' =>

    'myApp', 'subsystem' => 'Prod', 'name' => 'httpRequests', ]); $counter->increment( ['url' => '/login', 'status_code' => 200 ], 1);

50. @rawkode Prometheus Monitoring Manual Instrumentation $counter = newCounter([ 'namespace' =>

    'myApp', 'subsystem' => 'Prod', 'name' => 'httpRequests', ]); $counter->increment( ['url' => '/login', 'status_code' => 200 ], 1);

51. @rawkode Prometheus Monitoring Manual Instrumentation $counter = newCounter([ 'namespace' =>

    'myApp', 'subsystem' => 'Prod', 'name' => 'httpRequests', ]); $counter->increment( ['url' => '/login', 'status_code' => 200 ], 1);

52. @rawkode OpenTracing Tracing

53. @rawkode OpenTracing Tracing A vendor-neutral open standard for distributed tracing

54. @rawkode OpenTracing Tracing Libraries available in 9 languages: Go, JavaScript,

    Java, Python, Ruby, PHP, Objective-C, C++, C#

55. @rawkode OpenTracing Tracing Why?

56. @rawkode

57. @rawkode From Monolith to Cloud Native The 12 6-Step Programme

58. @rawkode 1. Automation DevOps isn’t just a buzzword ➔ Environment

    Parity ➔ Continuous Integration ➔ Automated Tests ➔ Automated Deployment

59. @rawkode Trust

60. @rawkode 2. 12-Factor Build Once. Deploy Anywhere. ➔ Version Control

    ➔ Explicit Dependencies ➔ JIT Configuration ➔ Build. Release. Run. ➔ Disposability

61. @rawkode Scalability Horizontally

62. @rawkode 3. Adopt Containers Repeatable Deployments

63. @rawkode Idempotence

64. @rawkode 4. Logging Understanding what is going wrong Centralised Logging

    ➔ ssh prod ☹ ➔ Log to a central place ➔ Cross-sections ➔ Exception Tracking

65. @rawkode Intelligence

66. @rawkode 5. Monitoring Predicting when something will go wrong Be

    the first to know when a service is down

67. @rawkode 5. Monitoring Predicting when something will go wrong Understand

    your limits / Scale accordingly

68. @rawkode 5. Monitoring Predicting when something will go wrong Don’t

    DDOS Yourself

69. @rawkode Intuition

70. @rawkode 6. Micro-services Just don’t ask me to quantify “micro”

    ➔ Don’t refactor, replace ➔ Simplified testing ➔ Fast CI/Deploy ➔ Simple on-boarding

71. @rawkode Simplicity

72. @rawkode From Monolith to Micro-services ★ Scaleable Horizontally ★ Idempotence

    ★ Intelligence ★ Intuition ★ Trust ★ Simplicity

73. @rawkode

74. @rawkode Service Mesh (istio edition) Connect, Manage & Secure your

    services ➔ Load Balancing ➔ Canaries ➔ Circuit Breakers ➔ Handling Timeouts and Retries ➔ Fault Injection ➔ mTLS

75. @rawkode Service Mesh (istio edition) Load Balancing source: name: user-service

    labels: version: v3 destination: name: email-service labels: version: v1 loadBalancing: name: ROUND_ROBIN

76. @rawkode Service Mesh (istio edition) Load Balancing Canaries destination: name:

    user-service route: - labels: version: v2 weight: 25 - labels: version: v1 weight: 75

77. @rawkode Service Mesh (istio edition) Circuit Breakers circuitBreaker: simpleCb: maxConnections:

    100

78. @rawkode Service Mesh (istio edition) Timeouts & Retries httpReqTimeout: simpleTimeout:

    timeout: 10s httpReqRetries: simpleRetry: attempts: 3

79. @rawkode Service Mesh (istio edition) Fault Injection httpFault: delay: percent:

    10 fixedDelay: 5s abort: percent: 2 httpStatus: 400

80. @rawkode But wait, there’s more!

81. @rawkode OpenTracing Automatic Tracing of gRPC & HTTP requests

82. @rawkode mTLS Automatic mTLS between service requests

83. @rawkode When will I know I’m there?

84. @rawkode

85. @rawkode You are now Cloud Native