Upgrade to Pro — share decks privately, control downloads, hide ads and more …

What Even is Cloud Native? (PHPNE, April 2018)

What Even is Cloud Native? (PHPNE, April 2018)

What Even is Cloud Native? (ScotlandPHP 2017) by David McKay

Published November 7, 2017 in Technology

The Cloud Native Computing Foundation, the organisation currently governing Kubernetes, Prometheus, OpenTracing, and more; describe the three goals of "Cloud Native" applications as:

Containerized
Each part (applications, processes, etc) is packaged in its own container. This facilitates reproducibility, transparency, and resource isolation.

Dynamically orchestrated
Containers are actively scheduled and managed to optimize resource utilization.

Microservices oriented
Applications are segmented into microservices. This significantly increases the overall agility and maintainability of applications.
In this talk, I will guide you towards taking your application cloud native, utilising the software available to us today, from the CNCF, and others, covering containers, tracing, logging and service discovery ... as well as the dreaded: "What actually is a micro-service?"

69172dc4e4cc3e4cdd234c40adf395fa?s=128

David McKay

April 17, 2018
Tweet

Transcript

  1. @rawkode What Even is Cloud Native?

  2. @rawkode David McKay Software Consultant ➔ User Group Organiser ◆

    Cloud Native Glasgow ◆ Docker Glasgow ◆ DevOps Glasgow ◆ Pair Programming Glasgow ◆ MongoDB Glasgow ➔ Developer ◆ Ballerina ◆ Crystal ◆ Elixir ◆ Go ◆ PHP ◆ Python ◆ Pony
  3. @rawkode Cloud Native Klaʊd Neɪtɪv adjective: cloud-native, superlative adjective: cloud-nativest

    ???
  4. @rawkode Cloud Klaʊd

  5. @rawkode Cloud Klaʊd

  6. @rawkode Cloud Klaʊd * To all the OCD types out

    there, I’m sorry
  7. @rawkode Cloud Native Computing Foundation (CNCF)

  8. @rawkode Cloud Native Computing Foundation (CNCF) 1. Containerized Each part

    (applications, processes, etc) is packaged in its own container. This facilitates reproducibility, transparency, and resource isolation 2. Dynamically Orchestrated Containers are actively scheduled and managed to optimize resource utilization 3. Microservices Oriented Applications are segmented into microservices. This significantly increases the overall agility and maintainability of applications.
  9. @rawkode Containerized “Each part (applications, processes, etc) is packaged in

    its own container. This facilitates reproducibility, transparency, and resource isolation”
  10. @rawkode Containerized: Reproducibility

  11. @rawkode Containerized: Resource Isolation

  12. @rawkode Containerized: Transparency

  13. @rawkode Containerized: Transparency FROM alpine:3.5 RUN apk update && apk

    add php ENTRYPOINT [ “php” ] CMD [“-v”]
  14. @rawkode Dynamically Orchestrated Containers are actively scheduled and managed to

    optimize resource utilization
  15. @rawkode Dynamically Orchestrated

  16. @rawkode --memory=4M --memory-reservation=4M --cpus=1.5 --cpu-period=100000 --cpu-quota=50000

  17. @rawkode spec.containers[].resources.limits.cpu spec.containers[].resources.limits.memory spec.containers[].resources.requests.cpu spec.containers[].resources.requests.memory

  18. @rawkode Microservices Oriented Applications are segmented into microservices. This significantly

    increases the overall agility and maintainability of applications.
  19. @rawkode // npm: is-even:1.0.0 if (i % 2 == 0)

    { return true; } return false;
  20. @rawkode // npm: is-even:1.0.0 var isOdd = require('is-odd'); module.exports =

    function isEven(i) { return !isOdd(i); };
  21. @rawkode // is-odd:2.0.0 var isNumber = require('is-number'); module.exports = function

    isOdd(i) { if (!isNumber(i)) { throw new TypeError('is-odd expects a number.'); } if (Number(i) !== Math.floor(i)) { throw new RangeError('is-odd expects an integer.'); } return !!(~~i & 1); };
  22. @rawkode Microservices Oriented

  23. @rawkode I’m sold. What do I need?

  24. @rawkode Cloud Native Computing Foundation (CNCF) ★ Kubernetes ★ Prometheus

    ★ OpenTracing ★ Fluentd ★ Linkerd ★ gRPC ★ CoreDNS ★ containerd ★ rkt ★ CNI ★ Envoy ★ Jaeger
  25. @rawkode Kubernetes Orchestration

  26. @rawkode Kubernetes Orchestration ➔ ConfigMaps ➔ Secrets ➔ Pods ➔

    Deployments ➔ StatefulSets
  27. @rawkode apiVersion: v1 kind: ConfigMap metadata: name: my-configmap data: api_domain:

    "example.com"
  28. @rawkode apiVersion: extensions/v1beta1 kind: Deployment spec: replicas: 3 template: spec:

    containers: - name: my-container image: rawkode/my-container:sha256
  29. @rawkode kind: Service apiVersion: v1 spec: selector: name: my-deployment type:

    NodePort ports: - protocol: TCP port: 80
  30. @rawkode Helm Standardise Your Deployments

  31. @rawkode APP_SECRET=67d829bf61dc5f87a73fd814e2c9f629 framework: secret: %APP_SECRET%

  32. @rawkode APP_SECRET=secret framework: secret: secret

  33. @rawkode Terraform Can Provision K8s Primitives

  34. @rawkode resource "random_string" "rpc-secret" { length = 32 special =

    true }
  35. @rawkode resource "kubernetes_secret" "service-vault" { data { rpc-secret = "${random_string.rpc-secret.result}"

    } }
  36. @rawkode Fluentd Logging

  37. @rawkode Fluentd Logging Written in C & Ruby

  38. @rawkode Fluentd Logging 13k events per second ~ 40MB RAM

    Footprint
  39. @rawkode Fluent Bit Logging

  40. @rawkode Fluent Bit Logging Written in C > 13k events

    per second ~ 450KIB RAM Footprint
  41. @rawkode Fluentd/Bit Logging Plugins: ➔ AWS ➔ GCP ➔ MySQL

    / PostgreSQL ➔ Elasticsearch ➔ Docker ➔ Kubernetes ➔ Twitter ➔ Kafka
  42. @rawkode Fluentd/Bit Docker Logging { “log-driver": "fluentd", "log-opts": { "fluentd-address":

    “...” } }
  43. @rawkode Fluentd/Bit Kubernetes Logging # DaemonSet image: quay.io /fluent /fluentd-kubernetes-daemonset

  44. @rawkode Prometheus Monitoring

  45. @rawkode Prometheus Monitoring Written in Go

  46. @rawkode Prometheus Monitoring Provides Dashboards & Works with Grafana

  47. @rawkode Prometheus Monitoring Export Everything! ➔ Elasticsearch ➔ Consul ➔

    MongoDB ➔ RabbitMQ ➔ Kafka ➔ Apache ➔ Nginx ➔ Fluentd ➔ …
  48. @rawkode Prometheus Monitoring Scraping Magic with Kubernetes ➔ /metrics my_metric{label=a}

    1 my_metric{label=b} 6
  49. @rawkode Prometheus Monitoring Manual Instrumentation $counter = newCounter([ 'namespace' =>

    'myApp', 'subsystem' => 'Prod', 'name' => 'httpRequests', ]); $counter->increment( ['url' => '/login', 'status_code' => 200 ], 1);
  50. @rawkode Prometheus Monitoring Manual Instrumentation $counter = newCounter([ 'namespace' =>

    'myApp', 'subsystem' => 'Prod', 'name' => 'httpRequests', ]); $counter->increment( ['url' => '/login', 'status_code' => 200 ], 1);
  51. @rawkode Prometheus Monitoring Manual Instrumentation $counter = newCounter([ 'namespace' =>

    'myApp', 'subsystem' => 'Prod', 'name' => 'httpRequests', ]); $counter->increment( ['url' => '/login', 'status_code' => 200 ], 1);
  52. @rawkode OpenTracing Tracing

  53. @rawkode OpenTracing Tracing A vendor-neutral open standard for distributed tracing

  54. @rawkode OpenTracing Tracing Libraries available in 9 languages: Go, JavaScript,

    Java, Python, Ruby, PHP, Objective-C, C++, C#
  55. @rawkode OpenTracing Tracing Why?

  56. @rawkode

  57. @rawkode From Monolith to Cloud Native The 12 6-Step Programme

  58. @rawkode 1. Automation DevOps isn’t just a buzzword ➔ Environment

    Parity ➔ Continuous Integration ➔ Automated Tests ➔ Automated Deployment
  59. @rawkode Trust

  60. @rawkode 2. 12-Factor Build Once. Deploy Anywhere. ➔ Version Control

    ➔ Explicit Dependencies ➔ JIT Configuration ➔ Build. Release. Run. ➔ Disposability
  61. @rawkode Scalability Horizontally

  62. @rawkode 3. Adopt Containers Repeatable Deployments

  63. @rawkode Idempotence

  64. @rawkode 4. Logging Understanding what is going wrong Centralised Logging

    ➔ ssh prod ☹ ➔ Log to a central place ➔ Cross-sections ➔ Exception Tracking
  65. @rawkode Intelligence

  66. @rawkode 5. Monitoring Predicting when something will go wrong Be

    the first to know when a service is down
  67. @rawkode 5. Monitoring Predicting when something will go wrong Understand

    your limits / Scale accordingly
  68. @rawkode 5. Monitoring Predicting when something will go wrong Don’t

    DDOS Yourself
  69. @rawkode Intuition

  70. @rawkode 6. Micro-services Just don’t ask me to quantify “micro”

    ➔ Don’t refactor, replace ➔ Simplified testing ➔ Fast CI/Deploy ➔ Simple on-boarding
  71. @rawkode Simplicity

  72. @rawkode From Monolith to Micro-services ★ Scaleable Horizontally ★ Idempotence

    ★ Intelligence ★ Intuition ★ Trust ★ Simplicity
  73. @rawkode

  74. @rawkode Service Mesh (istio edition) Connect, Manage & Secure your

    services ➔ Load Balancing ➔ Canaries ➔ Circuit Breakers ➔ Handling Timeouts and Retries ➔ Fault Injection ➔ mTLS
  75. @rawkode Service Mesh (istio edition) Load Balancing source: name: user-service

    labels: version: v3 destination: name: email-service labels: version: v1 loadBalancing: name: ROUND_ROBIN
  76. @rawkode Service Mesh (istio edition) Load Balancing Canaries destination: name:

    user-service route: - labels: version: v2 weight: 25 - labels: version: v1 weight: 75
  77. @rawkode Service Mesh (istio edition) Circuit Breakers circuitBreaker: simpleCb: maxConnections:

    100
  78. @rawkode Service Mesh (istio edition) Timeouts & Retries httpReqTimeout: simpleTimeout:

    timeout: 10s httpReqRetries: simpleRetry: attempts: 3
  79. @rawkode Service Mesh (istio edition) Fault Injection httpFault: delay: percent:

    10 fixedDelay: 5s abort: percent: 2 httpStatus: 400
  80. @rawkode But wait, there’s more!

  81. @rawkode OpenTracing Automatic Tracing of gRPC & HTTP requests

  82. @rawkode mTLS Automatic mTLS between service requests

  83. @rawkode When will I know I’m there?

  84. @rawkode

  85. @rawkode You are now Cloud Native