Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Kubernetes-Workshop für Anwendungsentwickler und -architekten

6848c06ef647ab606c668cc5264c0fc9?s=47 Thorsten Hans
September 24, 2021

Kubernetes-Workshop für Anwendungsentwickler und -architekten

Als Softwareentwickler:in oder -architekt:in möchten Sie Kubernetes kennenlernen, um Ihre Anwendungen effizient, robust und zukunftssicher zu betreiben? Dann besuchen Sie den Workshop von Thorsten Hans. Im Rahmen seines Workshops werden Sie die Konzepte des beliebten Containerorchestrators kennenlernen und anhand praktischer Aufgaben erste Schritte mit verteilten, containerbasierten Anwendungen meistern.

Dieser Workshop basiert auf Kubernetes selbst, daher ist es nicht relevant, ob Sie Kubernetes On-premises oder On-demand (mit Azure, AWS oder GCP) betreiben. Sie werden das Kubernetes Interface kubectl verwenden, um fundamentale Kubernetes-Building-Blocks wie Pods, Services, ConfigMaps, Secrets, Deployments und weitere prominente Vertreter aus dem Cloud-native-Umfeld zu erstellen und praktisch einzusetzen.

Am Ende des Workshops werden Sie viel Wissen rund um Container und Kubernetes gesammelt haben, wodurch Sie in der Praxis einen Betrieb in Kubernetes schneller realisieren und bestehende Anwendungen nach Kubernetes portieren können.

6848c06ef647ab606c668cc5264c0fc9?s=128

Thorsten Hans

September 24, 2021
Tweet

Transcript

  1. Kubernetes für Entwickler und Architekten Thorsten Hans @ThorstenHans Consultant

  2. Focus: Cloud Native & Infrastructure as Code Consultant @ Thinktecture

    AG thorsten.hans@thinktecture.com thorsten.hans@gmail.com thinktecture.com thorsten-hans.com @ThorstenHans Thorsten Hans
  3. Talking Points Intro Running Applications Adopting Platform Capabilities Exposing Applications

    to the public
  4. Open-Source Container Orchestrator § Initially founded by Google / now

    maintained by CNCF § Successor of Google’s Borg § Original Codename Seven1 § Greek for pilot or helmsman of a ship § Written in go 1 - https://en.wikipedia.org/wiki/Seven_of_Nine Kubernetes
  5. What is Kubernetes § Container Orchestrator § Runs Containers §

    Takes care about Networking / Isolation of workloads § Abstracts hardware from developers § Cloud-Agnostic § Container Lifecycle Management § Deployment, Rolling Upgrades, Scaling, Load-Balancing Kubernetes
  6. Kubernetes Master Kubernetes Node Pool 1 Kubernetes Worker Node Kubernetes

    Worker Node Birds-View Kubernetes Architecture
  7. Azure Kubernetes Service NGINX Ingress Controller Docs Deployment Docs Deployment

    Docs Deployment Backend API Deployment Backend API Deployment Backend API Deployment Frontend Deployment Frontend Deployment Frontend Deployment Azure Load Balancer Azure Static IP Azure DNS Zone Internet https://lightning.thinktecture-demos.com https://lightning-docs.thinktecture-demos.com https://lightning.thinktecture-demos.com/* https://lightning.thinktecture- demos.com/api/* https://lightning-docs.thinktecture- demos.com/* cert-manager Let’s encrypt Request SSL cert Assign SSL certs
  8. Azure Key Vault Azure Kubernetes Service Secrets Store CSI driver

    Service Principal Auth Azure Container Registry Azure Functions Azure Storage Account Azure Cosmos DB Azure Redis Cache SignalR Backplane CRUD Patient Data Access Binary Data Provide sensitive data
  9. Azure Kubernetes Service Docs Deployment Docs Deployment Azure Redis Cluster

    Backend API Replication 2 Backend API Replication 1 Backend API Replication 3 SSL encrypted
  10. Kubernetes Master Kubernetes Node Pool 1 Kubernetes Worker Node Kubernetes

    Worker Node Birds-View Kubernetes Architecture Kubernetes Node Pool 2 Kubernetes Worker Node Kubernetes Worker Node
  11. Kubernetes Master Kubernetes Node Pool 1 Kubernetes Worker Node Kubernetes

    Worker Node Birds-View Kubernetes Architecture Kubernetes Node Pool 2 Kubernetes Worker Node Kubernetes Worker Node
  12. Kubernetes Master Kubernetes Node Pool 1 Kubernetes Worker Node Kubernetes

    Worker Node Birds-View Kubernetes Architecture Kubernetes Node Pool 2 Kubernetes Worker Node Kubernetes Worker Node Azure Container Instances
  13. Hosting Opportunities § Public cloud offerings § Azure § Amazon

    AWS § Google Compute Cloud § Digital Ocean § On-Premisses datacenter § Locally § Kind, microk8s, minikube, … Kubernetes Cluster
  14. Creating a Kubernetes Cluster in Azure / locally - Create

    a new Kubernetes Cluster in Azure using Azure CLI - Create a new Kubernetes Cluster locally using Kind - Install Kubectl locally Demo
  15. Talking Points Intro Running Applications Adopting Platform Capabilities Exposing Applications

    to the public
  16. Kubernetes Core Capabilities § Pod is the smallest unit of

    work in Kubernetes § 1 Pod can contain multiple Docker Containers § All containers of a Pod run on the same host § More complex and powerful variations are ReplicaSets and Deployments Running Applications
  17. Running Applications in Kubernetes - Pod Spec - Deployment Spec

    - General kubectl operations Demo
  18. Talking Points Intro Running Applications Adopting Platform Capabilities Exposing Applications

    to the public
  19. ConfigMaps and Secrets § Inject configuration values into your application

    containers § For sensitive values consider using Kubernetes Secrets § Simple Key-Value storage principles § Kuberentes Secrets are just encoded Adopting Platform Capabilities
  20. Ressource Requests and Limits § Specify minimal requirements per container

    § Specify maximum resource utilization per container § Mandatory for each piece of the overall application, deployed to a Kubernetes cluster Adopting Platform Capabilities
  21. Readiness and Liveness Probes § Let Kubernetes monitor and heal

    your applications § Probes support different approaches to verify application health § HTTP § TCP § Process Execution Adopting Platform Capabilities
  22. Adopting Platform Capabilities - Create Secrets and ConfigMaps - Use

    Secrets and ConfigMaps - Add support for Health Probes - Define Resource Requests and Limits Demo
  23. Talking Points Intro Running Applications Adopting Platform Capabilities Exposing Applications

    to the public
  24. Ingress § Ingress Controllers route requests from the internet §

    NGINX Ingress is an open-source Ingress Controller § Ingress declarations specify routing § Ingress Controller routes traffic Exposing Applications to the public
  25. CertManager § Use CertManager to provide SSL certificates § Flexible,

    cluster-wide certificate management solution § Issues certificates to services § Support for § ACME (Let's Encrypt) § HashiCorp Vault § Venafi § self signed and internal certificate authorities. Exposing Applications to the public
  26. Exposing Applications to the public - Install NGINX Ingress -

    Install CertManager - Create Ingress definitions - Request SSL certificate from Let’s Encrypt Demo