Kubernetes, Azure & Dotnet - What's it all about?

Transcript

1. Shahid Iqbal | Freelance consultant @shahiddev Kubernetes, Azure & .NET

   What’s it all about?

2. @shahiddev Very brief intro Freelance hands-on consultant working on .NET,

   Azure & Kubernetes Developer/Architect in .NET for +10yrs based in the UK Microsoft MVP Co-organiser of the MK.net meetup in the UK @shahiddev on Twitter https://www.linkedin.com/in/shahiddev/ https://sessionize.com/shahid-iqbal https://blog.headforcloud.com

3. @shahiddev Agenda Kubernetes overview Creating clusters and deploying apps Demos

   Managed Kubernetes providers Demos Hybrid clusters Planning for Kubernetes

4. @shahiddev Key takeaways A good understanding of the Kubernetes architecture

   and key concepts Confidence to create clusters and deploy applications Launching pad to go away and learn more Caveat: Not a Docker tutorial – won’t go into details of creating containers

5. @shahiddev What is Kubernetes?

6. @shahiddev Quick tangent! K8s K ubernete s

7. @shahiddev Why do I need it? Application per VM/physical host

8. @shahiddev Why do I need it? Multiple applications per VM/physical

   host

9. @shahiddev Why do I need it?

10. @shahiddev Where to run Kubernetes? On premise Cloud IaaS AKS

    GKE Managed providers

11. @shahiddev Cost

12. @shahiddev Cost Commercial offerings

13. @shahiddev Cost Consulting companies Commercial offerings

14. @shahiddev Kubernetes features Container orchestration Horizontal scaling Rolling deployments and

    rollbacks Self healing Service discovery and load balancing Batch execution (jobs) …

15. @shahiddev Kubernetes components Networking – CNI/CNM ReplicaSets Ingress (L7 LB)

    Monitoring Readiness/health-checking Config maps Storage (PV/PVC) Daemonsets Statefulsets Namespaces RBAC Helm Pod Autoscaling Secrets

16. @shahiddev Control plane Node(s) Worker Node Worker Node Worker Node

    API High-level architecture Management/Control plane UI/CLI Windows nodes GA! (K8s 1.14)

17. @shahiddev Anatomy of a control plane node etcd API Server

    Scheduler Controller manager Cloud Controller manager Kubectl UI

18. @shahiddev Anatomy of a worker node Kubelet Kube-proxy supervisord fluentd

    Pod Pod Pod Pod Container runtime

19. @shahiddev Pods Localhost Node Pod Pod • Containers within a

    pod that share resources • Can communicate over localhost • Are deployed/scaled as a unit

20. @shahiddev Developing locally

21. @shahiddev DEMO RUNNING K8S LOCALLY

22. @shahiddev Kubernetes Manifest files YAML or JSON files Defines application

    structure/resources Desired state Containers = application Manifest = “infrastructure/configuration as code” Should be in source control

23. @shahiddev Deploying applications

24. @shahiddev Kubernetes Configuration files “kubectl run - -image=<img> - -port=<port>

    - -dry-run –o yaml > myfile.yaml” http://bit.ly/k8s-yaml

25. @shahiddev Accessing applications Node 1 Node 2 Node 3 Service

    (172.176.24.76) app:hw 10.0.1.5 app:hw 10.0.1.8 app:hw 10.0.1.12 app:app2 10.0.1.6 Client cluster app:app2 10.0.1.7

26. @shahiddev Accessing applications Node 1 Node 2 Service (172.176.24.76) app:hw

    10.0.1.5 app:hw 10.0.1.8 app:hw 10.0.1.14 app:app2 10.0.1.6 Client cluster app:app2 10.0.1.7

27. @shahiddev Accessing applications Node 1 Node 2 Node 3 Service

    (172.176.24.76) (where label=app:hw) app:hw 10.0.1.5 app:hw 10.0.1.8 app:hw 10.0.1.12 app:app2 10.0.1.6 app:app2 10.0.1.7

28. @shahiddev Service types LoadBalancer Expose service publicly (relies on hosting

    infrastructure) ClusterIP Assign it an internal cluster IP only – not public NodePort Port on each node which can route to service ExternalName Maps to a CNAME record (i.e. external service)

29. @shahiddev Ingress Allows for routing using a single entry point

    into the cluster Routing to different applications based on rules Single SSL termination point (depending on SSL cert type) May be preferable vs multiple LoadBalancer services Implemented by variety of providers – ngnix, haproxy etc More advanced control -> Service Mesh

30. @shahiddev Host name based routing using Ingress Node 1 Node

    2 Node 3 app1 svc app:app1 app:app1 app:app2 cluster app:app2 Load Balancer app2 svc Ingress controller Public IP app1.mydomain.com Host: app1.mydomain.com

31. @shahiddev Host name based routing using Ingress Node 1 Node

    2 Node 3 app1 svc app:app1 app:app1 app:app2 cluster app:app2 Load Balancer app2 svc Ingress controller Public IP app2.mydomain.com Host: app2.mydomain.com

32. @shahiddev Host based routing Ingress file

33. @shahiddev Helm De facto application package manager for Kubernetes “Apt-get/chocolatey

    of Kubernetes” Parameterise settings and re-use settings Packages == Charts Kubeapps Hub – repository of public charts for common apps/services Package your applications as Helm charts

34. @shahiddev Quick feature tour HEALTH, READINESS, DEPLOYMENTS

35. @shahiddev Health checks HTTP TCP Exec Pod

36. @shahiddev Readiness checks HTTP TCP Sockets Pod

37. @shahiddev Rolling updates Zero downtime rolling updates Blue/Green updates Rollback

    *Rolling updates with complex data/schema changes still challenging.

38. @shahiddev Speed of rollout vs service capacity Max unavailable number

    of old pods taken offline during update Max surge number of new pods created alongside existing pods during update *(number or %)

39. @shahiddev Rolling updates v1 v1 v1 v2 Max unavailable: 0

    Max surge: 1 v2 v2 Service

40. @shahiddev Blue/Green deployment v1 v1 v1 v2 Max unavailable: 0

    Max surge: 100% v2 v2 Service

41. @shahiddev Managed Kubernetes Providers Azure Kubernetes Service • Control plane

    is handled by provider • Removes significant overhead of running K8s cluster • Free control plane node(s) – except EKS Google Kubernetes Engine

42. @shahiddev Azure Kubernetes Service - AKS Management nodes not visible

    (and not charged) Lose flexibility to run feature flags/startup params Supports multiple K8s versions with option to upgrade clusters Integration into existing Vnets RBAC using Azure AD* Cluster autoscaling* Nodes are auto-patched (but not restarted) Windows node pools (private preview) *preview features

43. @shahiddev Azure Kubernetes Service - AKS //create resource group az

    group create -n hfck8sRG -l westeurope //create cluster az aks create -n hfck8s -g hfck8sRG / -k 1.12.6 //k8s version / -c 3 //node count

44. @shahiddev DEMO AKS & DEPLOYING

45. @shahiddev Microsoft support for Kubernetes Contribute to K8s project Acquisition

    of Deis Brendan Burns - K8s co-founder works there More tooling for .NET developers coming Helm, Draft, Brigade, Azure Dev Spaces

46. @shahiddev Single platform for all .NET apps Hybrid clusters (linux

    + windows worker nodes) “Legacy” full .NET framework apps & .NET core apps on single platform Single CI/CD approach Simplify evolving architecture to microservices by removing complexity around “plumbing”

47. @shahiddev Single CI/CD approach CI Build containers

48. @shahiddev Unified platform for evolving architecture Node 1 Node 2

    Node 3 myapp svc app:myapp app:myapp app:orders cluster Load Balancer orders svc Ingress controller Public IP myapp.com path: myapp.com Node 4 app:orders

49. @shahiddev Unified platform for evolving architecture Node 1 Node 2

    Node 3 myapp svc app:myapp app:myapp app:orders cluster Load Balancer orders svc Ingress controller Public IP myapp.com/orders path: myapp.com/orders Node 4 app:orders

50. @shahiddev Hybrid clusters Windows nodes in private preview on AKS

    Expect public preview soon AKS-Engine on Azure can create hybrid clusters (not managed)

51. @shahiddev Planning for Kubernetes Don’t get sucked into the K8s

    hype Focus on basics Develop 12-factor style apps (logging/readiness/health-checks) Clear plan for architecture/microservices Writing/migrating to .NET core CI/CD pipelines Containerise “legacy” .NET applications into Windows Containers Don’t forget container and cluster security Consider GitOps – beware of “pet” clusters

52. @shahiddev What alternatives are there?

53. @shahiddev Summary Kubernetes is mature and feature rich container orchestration

    platform Many large organisations are betting on it as their platform of the future Windows support is gaining traction Microsoft is heavily invested in it Tooling/support for .NET developers will make the adoption even easier

54. @shahiddev Where can I go to learn more? http://www.katacoda.com https://kubernetes.io/docs/home

    Kubernetes up & running By Kelsey Hightower, Brendan Burns, Jo Beda

55. Shahid Iqbal | Freelance consultant @shahiddev Thank You! Slides: http://bit.ly/k8s-azure-dotnet

    @shahiddev on Twitter https://www.linkedin.com/in/shahiddev/ https://blog.headforcloud.com