$30 off During Our Annual Pro Sale. View Details »

What Even is Cloud Native? (PHPNE, April 2018)

What Even is Cloud Native? (PHPNE, April 2018)

What Even is Cloud Native? (ScotlandPHP 2017) by David McKay

Published November 7, 2017 in Technology

The Cloud Native Computing Foundation, the organisation currently governing Kubernetes, Prometheus, OpenTracing, and more; describe the three goals of "Cloud Native" applications as:

Containerized
Each part (applications, processes, etc) is packaged in its own container. This facilitates reproducibility, transparency, and resource isolation.

Dynamically orchestrated
Containers are actively scheduled and managed to optimize resource utilization.

Microservices oriented
Applications are segmented into microservices. This significantly increases the overall agility and maintainability of applications.
In this talk, I will guide you towards taking your application cloud native, utilising the software available to us today, from the CNCF, and others, covering containers, tracing, logging and service discovery ... as well as the dreaded: "What actually is a micro-service?"

David McKay

April 17, 2018
Tweet

More Decks by David McKay

Other Decks in Technology

Transcript

  1. @rawkode
    What Even is Cloud Native?

    View Slide

  2. @rawkode
    David McKay
    Software
    Consultant
    ➔ User Group Organiser
    ◆ Cloud Native Glasgow
    ◆ Docker Glasgow
    ◆ DevOps Glasgow
    ◆ Pair Programming Glasgow
    ◆ MongoDB Glasgow
    ➔ Developer
    ◆ Ballerina
    ◆ Crystal
    ◆ Elixir
    ◆ Go
    ◆ PHP
    ◆ Python
    ◆ Pony

    View Slide

  3. @rawkode
    Cloud Native
    Klaʊd Neɪtɪv
    adjective: cloud-native, superlative adjective: cloud-nativest
    ???

    View Slide

  4. @rawkode
    Cloud
    Klaʊd

    View Slide

  5. @rawkode
    Cloud
    Klaʊd

    View Slide

  6. @rawkode
    Cloud
    Klaʊd
    * To all the OCD types out there, I’m sorry

    View Slide

  7. @rawkode
    Cloud Native Computing Foundation
    (CNCF)

    View Slide

  8. @rawkode
    Cloud Native Computing Foundation (CNCF)
    1. Containerized
    Each part (applications, processes, etc) is packaged in its own container. This facilitates
    reproducibility, transparency, and resource isolation
    2. Dynamically Orchestrated
    Containers are actively scheduled and managed to optimize resource utilization
    3. Microservices Oriented
    Applications are segmented into microservices. This significantly increases the overall agility
    and maintainability of applications.

    View Slide

  9. @rawkode
    Containerized
    “Each part (applications, processes, etc) is packaged in its own container. This
    facilitates reproducibility, transparency, and resource isolation”

    View Slide

  10. @rawkode
    Containerized: Reproducibility

    View Slide

  11. @rawkode
    Containerized: Resource Isolation

    View Slide

  12. @rawkode
    Containerized: Transparency

    View Slide

  13. @rawkode
    Containerized: Transparency
    FROM alpine:3.5
    RUN apk update && apk add php
    ENTRYPOINT [ “php” ]
    CMD [“-v”]

    View Slide

  14. @rawkode
    Dynamically Orchestrated
    Containers are actively scheduled and managed to optimize resource utilization

    View Slide

  15. @rawkode
    Dynamically Orchestrated

    View Slide

  16. @rawkode
    --memory=4M
    --memory-reservation=4M
    --cpus=1.5
    --cpu-period=100000 --cpu-quota=50000

    View Slide

  17. @rawkode
    spec.containers[].resources.limits.cpu
    spec.containers[].resources.limits.memory
    spec.containers[].resources.requests.cpu
    spec.containers[].resources.requests.memory

    View Slide

  18. @rawkode
    Microservices Oriented
    Applications are segmented into microservices. This significantly increases the
    overall agility and maintainability of applications.

    View Slide

  19. @rawkode
    // npm: is-even:1.0.0
    if (i % 2 == 0) {
    return true;
    }
    return false;

    View Slide

  20. @rawkode
    // npm: is-even:1.0.0
    var isOdd = require('is-odd');
    module.exports = function isEven(i) {
    return !isOdd(i);
    };

    View Slide

  21. @rawkode
    // is-odd:2.0.0
    var isNumber = require('is-number');
    module.exports = function isOdd(i) {
    if (!isNumber(i)) {
    throw new TypeError('is-odd expects a number.');
    }
    if (Number(i) !== Math.floor(i)) {
    throw new RangeError('is-odd expects an integer.');
    }
    return !!(~~i & 1);
    };

    View Slide

  22. @rawkode
    Microservices Oriented

    View Slide

  23. @rawkode
    I’m sold. What do I need?

    View Slide

  24. @rawkode
    Cloud Native Computing Foundation (CNCF)
    ★ Kubernetes
    ★ Prometheus
    ★ OpenTracing
    ★ Fluentd
    ★ Linkerd
    ★ gRPC
    ★ CoreDNS
    ★ containerd
    ★ rkt
    ★ CNI
    ★ Envoy
    ★ Jaeger

    View Slide

  25. @rawkode
    Kubernetes
    Orchestration

    View Slide

  26. @rawkode
    Kubernetes
    Orchestration
    ➔ ConfigMaps
    ➔ Secrets
    ➔ Pods
    ➔ Deployments
    ➔ StatefulSets

    View Slide

  27. @rawkode
    apiVersion: v1
    kind: ConfigMap
    metadata:
    name: my-configmap
    data:
    api_domain: "example.com"

    View Slide

  28. @rawkode
    apiVersion: extensions/v1beta1
    kind: Deployment
    spec:
    replicas: 3
    template:
    spec:
    containers:
    - name: my-container
    image: rawkode/my-container:sha256

    View Slide

  29. @rawkode
    kind: Service
    apiVersion: v1
    spec:
    selector:
    name: my-deployment
    type: NodePort
    ports:
    - protocol: TCP
    port: 80

    View Slide

  30. @rawkode
    Helm
    Standardise Your Deployments

    View Slide

  31. @rawkode
    APP_SECRET=67d829bf61dc5f87a73fd814e2c9f629
    framework:
    secret: %APP_SECRET%

    View Slide

  32. @rawkode
    APP_SECRET=secret
    framework:
    secret: secret

    View Slide

  33. @rawkode
    Terraform
    Can Provision K8s Primitives

    View Slide

  34. @rawkode
    resource "random_string" "rpc-secret" {
    length = 32
    special = true
    }

    View Slide

  35. @rawkode
    resource "kubernetes_secret" "service-vault" {
    data {
    rpc-secret = "${random_string.rpc-secret.result}"
    }
    }

    View Slide

  36. @rawkode
    Fluentd
    Logging

    View Slide

  37. @rawkode
    Fluentd
    Logging
    Written in
    C & Ruby

    View Slide

  38. @rawkode
    Fluentd
    Logging
    13k events per second
    ~ 40MB RAM Footprint

    View Slide

  39. @rawkode
    Fluent Bit
    Logging

    View Slide

  40. @rawkode
    Fluent Bit
    Logging
    Written in
    C
    > 13k events per second
    ~ 450KIB RAM Footprint

    View Slide

  41. @rawkode
    Fluentd/Bit
    Logging
    Plugins:
    ➔ AWS
    ➔ GCP
    ➔ MySQL / PostgreSQL
    ➔ Elasticsearch
    ➔ Docker
    ➔ Kubernetes
    ➔ Twitter
    ➔ Kafka

    View Slide

  42. @rawkode
    Fluentd/Bit
    Docker Logging
    { “log-driver": "fluentd",
    "log-opts": {
    "fluentd-address": “...”
    }
    }

    View Slide

  43. @rawkode
    Fluentd/Bit
    Kubernetes Logging
    # DaemonSet
    image:
    quay.io
    /fluent
    /fluentd-kubernetes-daemonset

    View Slide

  44. @rawkode
    Prometheus
    Monitoring

    View Slide

  45. @rawkode
    Prometheus
    Monitoring
    Written in
    Go

    View Slide

  46. @rawkode
    Prometheus
    Monitoring
    Provides Dashboards
    &
    Works with Grafana

    View Slide

  47. @rawkode
    Prometheus
    Monitoring
    Export Everything!
    ➔ Elasticsearch
    ➔ Consul
    ➔ MongoDB
    ➔ RabbitMQ
    ➔ Kafka
    ➔ Apache
    ➔ Nginx
    ➔ Fluentd
    ➔ …

    View Slide

  48. @rawkode
    Prometheus
    Monitoring
    Scraping
    Magic with Kubernetes
    ➔ /metrics
    my_metric{label=a} 1
    my_metric{label=b} 6

    View Slide

  49. @rawkode
    Prometheus
    Monitoring
    Manual Instrumentation
    $counter = newCounter([
    'namespace' => 'myApp',
    'subsystem' => 'Prod',
    'name' => 'httpRequests',
    ]);
    $counter->increment(
    ['url' => '/login',
    'status_code' => 200
    ], 1);

    View Slide

  50. @rawkode
    Prometheus
    Monitoring
    Manual Instrumentation
    $counter = newCounter([
    'namespace' => 'myApp',
    'subsystem' => 'Prod',
    'name' => 'httpRequests',
    ]);
    $counter->increment(
    ['url' => '/login',
    'status_code' => 200
    ], 1);

    View Slide

  51. @rawkode
    Prometheus
    Monitoring
    Manual Instrumentation
    $counter = newCounter([
    'namespace' => 'myApp',
    'subsystem' => 'Prod',
    'name' => 'httpRequests',
    ]);
    $counter->increment(
    ['url' => '/login',
    'status_code' => 200
    ], 1);

    View Slide

  52. @rawkode
    OpenTracing
    Tracing

    View Slide

  53. @rawkode
    OpenTracing
    Tracing
    A vendor-neutral open standard
    for distributed tracing

    View Slide

  54. @rawkode
    OpenTracing
    Tracing
    Libraries available in 9
    languages:
    Go, JavaScript, Java, Python,
    Ruby, PHP, Objective-C, C++, C#

    View Slide

  55. @rawkode
    OpenTracing
    Tracing
    Why?

    View Slide

  56. @rawkode

    View Slide

  57. @rawkode
    From Monolith to Cloud Native
    The 12 6-Step Programme

    View Slide

  58. @rawkode
    1. Automation
    DevOps isn’t just a buzzword
    ➔ Environment Parity
    ➔ Continuous Integration
    ➔ Automated Tests
    ➔ Automated Deployment

    View Slide

  59. @rawkode
    Trust

    View Slide

  60. @rawkode
    2. 12-Factor
    Build Once. Deploy Anywhere.
    ➔ Version Control
    ➔ Explicit Dependencies
    ➔ JIT Configuration
    ➔ Build. Release. Run.
    ➔ Disposability

    View Slide

  61. @rawkode
    Scalability
    Horizontally

    View Slide

  62. @rawkode
    3. Adopt Containers
    Repeatable Deployments

    View Slide

  63. @rawkode
    Idempotence

    View Slide

  64. @rawkode
    4. Logging
    Understanding what is going
    wrong
    Centralised Logging
    ➔ ssh prod ☹
    ➔ Log to a central place
    ➔ Cross-sections
    ➔ Exception Tracking

    View Slide

  65. @rawkode
    Intelligence

    View Slide

  66. @rawkode
    5. Monitoring
    Predicting when something will go
    wrong
    Be the first to know when a
    service is down

    View Slide

  67. @rawkode
    5. Monitoring
    Predicting when something will go
    wrong
    Understand your limits
    /
    Scale accordingly

    View Slide

  68. @rawkode
    5. Monitoring
    Predicting when something will go
    wrong
    Don’t DDOS Yourself

    View Slide

  69. @rawkode
    Intuition

    View Slide

  70. @rawkode
    6. Micro-services
    Just don’t ask me to quantify
    “micro”
    ➔ Don’t refactor, replace
    ➔ Simplified testing
    ➔ Fast CI/Deploy
    ➔ Simple on-boarding

    View Slide

  71. @rawkode
    Simplicity

    View Slide

  72. @rawkode
    From Monolith to
    Micro-services
    ★ Scaleable
    Horizontally
    ★ Idempotence
    ★ Intelligence
    ★ Intuition
    ★ Trust
    ★ Simplicity

    View Slide

  73. @rawkode

    View Slide

  74. @rawkode
    Service Mesh
    (istio edition)
    Connect, Manage & Secure your
    services
    ➔ Load Balancing
    ➔ Canaries
    ➔ Circuit Breakers
    ➔ Handling Timeouts and Retries
    ➔ Fault Injection
    ➔ mTLS

    View Slide

  75. @rawkode
    Service Mesh
    (istio edition)
    Load Balancing
    source:
    name: user-service
    labels:
    version: v3
    destination:
    name: email-service
    labels:
    version: v1
    loadBalancing:
    name: ROUND_ROBIN

    View Slide

  76. @rawkode
    Service Mesh
    (istio edition)
    Load Balancing
    Canaries
    destination:
    name: user-service
    route:
    - labels:
    version: v2
    weight: 25
    - labels:
    version: v1
    weight: 75

    View Slide

  77. @rawkode
    Service Mesh
    (istio edition)
    Circuit Breakers
    circuitBreaker:
    simpleCb:
    maxConnections: 100

    View Slide

  78. @rawkode
    Service Mesh
    (istio edition)
    Timeouts
    &
    Retries
    httpReqTimeout:
    simpleTimeout:
    timeout: 10s
    httpReqRetries:
    simpleRetry:
    attempts: 3

    View Slide

  79. @rawkode
    Service Mesh
    (istio edition)
    Fault Injection
    httpFault:
    delay:
    percent: 10
    fixedDelay: 5s
    abort:
    percent: 2
    httpStatus: 400

    View Slide

  80. @rawkode
    But wait, there’s more!

    View Slide

  81. @rawkode
    OpenTracing
    Automatic Tracing of gRPC & HTTP
    requests

    View Slide

  82. @rawkode
    mTLS
    Automatic mTLS between service
    requests

    View Slide

  83. @rawkode
    When will I know I’m there?

    View Slide

  84. @rawkode

    View Slide

  85. @rawkode
    You are now Cloud Native

    View Slide