Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Kubernetes Workshop @ BASTA 2020

Thorsten Hans
September 25, 2020

Kubernetes Workshop @ BASTA 2020

Ausfallsichere und skalierbare Anwendungen zu betreiben und dabei ohne Ausfallzeiten neue Versionen Ihrer Software bereitzustellen, klingt auch heute noch für viele Lösungsanbieter nach einem schönen Traum. Mit Kubernetes und insbesondere den verwalteten Angeboten wie Azure Kubernetes Service (AKS) ist dieser Traum für Viele in greifbare Nähe gerückt. In diesem Tagesworkshop erklärt Thorsten Hans die Eigenschaften, Bestandteile und Möglichkeiten, die Kubernetes als Anwendungsplattform bietet. Nach dem Einstieg und den ersten Schritten mit Kubernetes werden Sie lernen, wie existierende Anwendungsbestandteile im Container-Orchestrator bereitgestellt und effektiv betrieben werden können. Essenzielle Themen, wie beispielsweise automatische Skalierung, der Umgang mit sensitiven Konfigurationsdaten, oder die Verwendung von externen, persistenten Datenspeichern, werden anhand von Beispielen aus der Praxis erläutert und können von Ihnen selbst erprobt werden.

Thorsten Hans

September 25, 2020
Tweet

More Decks by Thorsten Hans

Other Decks in Technology

Transcript

  1. Open-Source Container Orchestrator § Initially founded by Google / now

    maintained by CNCF § Successor of Google’s Borg § Original Codename Seven1 § Greek for pilot or helmsman of a ship § Written in go 1 - https://en.wikipedia.org/wiki/Seven_of_Nine Kubernetes
  2. What is Kubernetes § Container Orchestrator § Runs Containers §

    Takes care about Networking / Isolation of workloads § Abstracts hardware from developers § Cloud-Agnostic § Container Lifecycle Management § Deployment, Rolling Upgrades, Scaling, Load-Balancing Kubernetes
  3. Kubernetes Master Kubernetes Node Pool 1 Kubernetes Worker Node Kubernetes

    Worker Node Birds-View Kubernetes Architecture Kubernetes Node Pool 2 Kubernetes Worker Node Kubernetes Worker Node
  4. Kubernetes Master Kubernetes Node Pool 1 Kubernetes Worker Node Kubernetes

    Worker Node Birds-View Kubernetes Architecture Kubernetes Node Pool 2 Kubernetes Worker Node Kubernetes Worker Node
  5. Kubernetes Master Kubernetes Node Pool 1 Kubernetes Worker Node Kubernetes

    Worker Node Birds-View Kubernetes Architecture Kubernetes Node Pool 2 Kubernetes Worker Node Kubernetes Worker Node Azure Container Instances
  6. Hosting Opportunities § Public cloud offerings § Azure § Amazon

    AWS § Google Compute Cloud § Digital Ocean § On-Premisses datacenter § Locally § Kind, microk8s, minikube, … Kubernetes Cluster
  7. Creating a Kubernetes Cluster in Azure / locally - Create

    a new Kubernetes Cluster in Azure using Azure CLI - Create a new Kubernetes Cluster locally using Kind - Install Kubectl locally Demo
  8. Kubernetes Core Capabilities § Pod is the smallest unit of

    work in Kubernetes § 1 Pod can contain multiple Docker Containers § All containers of a Pod run on the same host § More complex and powerful variations are ReplicaSets and Deployments Running Applications
  9. ConfigMaps and Secrets § Inject configuration values into your application

    containers § For sensitive values consider using Kubernetes Secrets § Simple Key-Value storage principles § Kuberentes Secrets are just encoded Adopting Platform Capabilities
  10. Ressource Requests and Limits § Specify minimal requirements per container

    § Specify maximum resource utilization per container § Mandatory for each piece of the overall application, deployed to a Kubernetes cluster Adopting Platform Capabilities
  11. Readiness and Liveness Probes § Let Kubernetes monitor and heal

    your applications § Probes support different approaches to verify application health § HTTP § TCP § Process Execution Adopting Platform Capabilities
  12. Adopting Platform Capabilities - Create Secrets and ConfigMaps - Use

    Secrets and ConfigMaps - Add support for Health Probes - Define Resource Requests and Limits Demo
  13. Ingress § Ingress Controllers route requests from the internet §

    NGINX Ingress is an open-source Ingress Controller § Ingress declarations specify routing § Ingress Controller routes traffic Exposing Applications to the public
  14. CertManager § Use CertManager to provide SSL certificates § Flexible,

    cluster-wide certificate management solution § Issues certificates to services § Support for § ACME (Let's Encrypt) § HashiCorp Vault § Venafi § self signed and internal certificate authorities. Exposing Applications to the public
  15. Exposing Applications to the public - Install NGINX Ingress -

    Install CertManager - Create Ingress definitions - Request SSL certificate from Let’s Encrypt Demo