Kubernetes 101

Transcript

1. Google Container Engine (Kubernetes 101) Google NEXT Extended 2017 Singapore

   @vincentdesmet

2. @vincentdesmet DevOps - honestbee.sg

3. Applications evolve Reference: http://docker.com Loosely Coupled Services Many Small Servers

   ~2000 Today Monolithic Big Servers Slow changing Rapidly updated

4. Containers / VMs Infrastructure Container Runtime Interface Bins / Libs

   Host OS Infrastructure Hypervisor AppA Bins / Libs AppA Guest OS Bins/Libs AppB Guest OS Bins/Libs AppB

5. Docker containers Reference: http://docker.com • Packages up software binaries and

   dependencies • Isolates software from each other • Container is a standard format • Easily portable across environment • Allows ecosystem to develop around its standard Container

6. Docker Concepts Docker Image The basis of a Docker container

   Docker Container The standard unit in which the application service resides Docker Engine Creates, ships and runs Docker containers deployable on physical or virtual host locally, in a datacenter or cloud service provider Docker Registry On-premises registry for image storing and collaboration

7. Docker Tools: BUILD, SHIP, RUN

8. KUBERNETES "κυβερνήτης" (kubernetes) is Greek for "pilot" or "helmsman of

   ship"

9. WHAT IS KUBERNETES? •Container orchestrator •Runs and manages containers •Supports

   multiple cloud & bare-metal environments •100% Open Source written in Go •Built on decades of experience of running containers at Google •First project hosted by CNCF (Accepted on Mar. 11 2016) Container packaged Dynamically scheduled (Micro) Service oriented

10. PODS & VOLUMES Container Foo Container Bar Namespaces: - Net

    - IPC - … volumes

11. PODS & VOLUMES volumes

12. LABELS app : my-app role : master track: stable

13. LABELS app : my-app role : master track: stable app

    : my-app role : worker track: stable app : my-app role : worker track: canary app : my-app role : master track: canary

14. SELECTORS app : my-app app : my-app role : master

    track: stable app : my-app role : worker track: stable app : my-app role : worker track: canary app : my-app role : master track: canary

15. SELECTORS app : my-app role : worker app : my-app

    role : master track: stable app : my-app role : worker track: stable app : my-app role : worker track: canary app : my-app role : master track: canary

16. SELECTORS app : my-app track: canary app : my-app role

    : master track: stable app : my-app role : worker track: stable app : my-app role : worker track: canary app : my-app role : master track: canary

17. CONTROL LOOPS Desired state Actual state pods: - foo -

    bar pods: - foo

18. CONTROL LOOPS Desired state Actual state pods: - foo -

    bar pods: - foo create “bar” Create

19. CONTROL LOOPS Desired state Actual state pods: - foo -

    bar pods: - foo - bar

20. REPLICA SETS + Replica Set: - replicas: 1 - selector:

    - app: my-app - version: 1.0 - Desired State: - Pod Specification - Replica Count - Label Selector

21. REPLICA SETS + Replica Set: - replicas: 2 - selector:

    - app: my-app - version: 1.0

22. REPLICA SETS + Replica Set: - replicas: 4 - selector:

    - app: my-app - version: 1.0

23. SERVICES Service: - nodePort: 30128 - selector: - app: my-app

    - version: 1.0 - de-couple discovery from application - Define how to access pods - Act as a proxy (Virtual IP - stable for DNS) Think of: - Dynamic Routing Table

24. CANARIES + Replica Set: - replicas: 2 - selector: -

    app: my-app - version: 1.0 Service: - nodePort: 30128 - selector: - app: my-app + Replica Set: - replicas: 1 - selector: - app: my-app - version: canary Think of: - Partially live the new version

25. DEPLOYMENTS Service: - nodePort: 30128 - selector: - app: my-app

    + Replica Set: - replicas: 2 - selector: - app: my-app - version: 1.0 + - Manage updates with Deployment resources

26. UPDATES Service: - nodePort: 30128 - selector: - app: my-app

    + Replica Set: - replicas: 4 - selector: - app: my-app - version: 1.0 + Deployment: - strategy: - rollingUpdate

27. UPDATES Service: - nodePort: 30128 - selector: - app: my-app

    + + Replica Set: - replicas: 1 - selector: - app: my-app - version: 2.0 Replica Set: - replicas: 4 - selector: - app: my-app - version: 1.0 + Deployment: - strategy: - rollingUpdate

28. UPDATES Service: - nodePort: 30128 - selector: - app: my-app

    + + Replica Set: - replicas: 1 - selector: - app: my-app - version: 2.0 Replica Set: - replicas: 3 - selector: - app: my-app - version: 1.0 + Deployment: - strategy: - rollingUpdate

29. UPDATES Service: - nodePort: 30128 - selector: - app: my-app

    + + Replica Set: - replicas: 2 - selector: - app: my-app - version: 2.0 Replica Set: - replicas: 3 - selector: - app: my-app - version: 1.0 + Deployment: - strategy: - rollingUpdate

30. UPDATES Service: - nodePort: 30128 - selector: - app: my-app

    + + Replica Set: - replicas: 2 - selector: - app: my-app - version: 2.0 Replica Set: - replicas: 2 - selector: - app: my-app - version: 1.0 + Deployment: - strategy: - rollingUpdate

31. UPDATES Service: - nodePort: 30128 - selector: - app: my-app

    + + Replica Set: - replicas: 3 - selector: - app: my-app - version: 2.0 Replica Set: - replicas: 2 - selector: - app: my-app - version: 1.0 + Deployment: - strategy: - rollingUpdate

32. UPDATES Service: - nodePort: 30128 - selector: - app: my-app

    + + Replica Set: - replicas: 3 - selector: - app: my-app - version: 2.0 Replica Set: - replicas: 1 - selector: - app: my-app - version: 1.0 + Deployment: - strategy: - rollingUpdate

33. UPDATES Service: - nodePort: 30128 - selector: - app: my-app

    + Replica Set: - replicas: 4 - selector: - app: my-app - version: 2.0 Replica Set: - replicas: 1 - selector: - app: my-app - version: 1.0 + + Deployment: - strategy: - rollingUpdate

34. UPDATES Service: - nodePort: 30128 - selector: - app: my-app

    + Replica Set: - replicas: 4 - selector: - app: my-app - Version: 2.0 Replica Set: - replicas: 0 - selector: - app: my-app - version: 1.0 + + Deployment: - strategy: - rollingUpdate

35. UPDATES Service: - nodePort: 30128 - selector: - app: my-app

    + Replica Set: - replicas: 4 - selector: - app: my-app - Version: 2.0 + Deployment: - strategy: - rollingUpdate

36. CONFIGMAPS Service: - nodePort: 30128 - selector: - app: my-app

    + + Deployment: - strategy: - rollingUpdate ConfigMap: - sample.yaml: | env: production cache: true max_threads: 8

37. SECRETS Service: - nodePort: 30128 - selector: - app: my-app

    + + Deployment: - strategy: - rollingUpdate Secret: - sample.yaml: | key: *** db_user: *** db_pw: ***

38. Demo Minikube

39. Getting Started - Free trial cluster - cloud.google.com/container-engine (single node)

    locally - github.com/kubernetes/minikube - Join www.meetup.com/GCPUGSG/

40. Honestbee We are Hiring DevOps!

41. Thank you!

42. Recap - Multiple resource types - Deployments - Services -

    ConfigMaps - Secrets - … - Serializable Manifests: Infrastructure as code

43. Overview Concepts: - Containers - Pods - Volumes - Labels

    & Label Queries - Control Loops & Controllers - Deployment - ReplicaSet - Service

44. Shipping, Deploying & Service Discovery

45. Helm: Package Manager - Collaboration with Google, Bitnami, Deis and

    others - Deis/Helm -> Kubernetes/Helm - Architecture: - Client: Helm - Server: Tiller - This talk: - Focused on writing charts

46. Helm core values - Aim for the Apt/Yum/Homebrew UX -

    Ensure collaboration - Reproducible releases - Shareable Packages

47. Chart, Repositories, Releases - Chart: “Package”, “Bundle” - Repository: Package

    Repository Evolving towards a registry (CoreOS) - Release: Installed Chart (same chart can be installed multiple times)

48. Basic Architecture Client - Server

49. Usage

50. Review using helm - Install charts (creates a release) -

    helm install - List releases - helm ls - - Bootstrap charts - helm create

51. More features - Upgrade Releases - helm upgrade <release> -

    Search Charts - helm search - KubeApps.com (Monocular - https://github.com/helm/monocular) - Manage Chart dependencies - requirements.yaml - helm dep up - Helm Plugins - Keybase: helm keybase sign/verify - GitHub: helm github push

52. More info Kubecon talk