Infrastructure as Code So far.. .. Server-based systems (IaaS) - - PowerPoint PPT Presentation

Infrastructure as Code

So far.. ..

 Server-based systems (IaaS)

 Low-level infrastructure exposed  Manage dozens of custom containers and VMs needed to run your site  Flexible, but high management costs

 Manual creation and deployment of nodes time-consuming  Networking setup and load balancing complex/error-prone

 Serverless systems (storage, databases, platforms, containers,

functions)

 Write a program, deploy it on auto-scaling platform  Infrastructure completely abstracted out  No management costs, but not flexible

 Coarse control over how and when to scale infrastructure  Restrictions on platform environment

Portland State University CS 430P/530 Internet, Web & Cloud Systems

Infrastructure frastructure as s Code

 Obtain benefits of serverless

 Automation and low management costs

 While also retain the benefits of low-level server access

 Performance optimization, resource allocation flexibility, and resource

cost

 How?

 Use code to create, configure, deploy, and manage VMs and containers  "Create-your-own" PaaS!

 Recall SDNs

 Programmatic configuration of routes, virtual networks, traffic

engineering policies

 IAC is the SDN analogy for virtual machines and containers

Portland State University CS 430P/530 Internet, Web & Cloud Systems

Infrastructure frastructure as s Code

 Two pieces

 Configuration management (setting up images)  Deployment management (run-time orchestration/monitoring of

instances)

Portland State University CS 430P/530 Internet, Web & Cloud Systems

IAC C for Virtual tual ma machines hines

 Configuration management

 Initially Vagrant

 Manual individual control

 Imperative scripting approaches (run commands on VMs all at once)

 Ansible (playbooks)  Chef (recipes)  Scripts attached to VM image templates

 Declarative approaches (Puppet)  Both (SaltStack)

 Deployment management (orchestration)

 Create, deploy, and monitor VMs over multiple cloud providers

(Terraform)

 Or single provider

 AWS Cloud Formation  Google Cloud Deployment Manager (Used in CDN lab and Thunder CTF)

Portland State University CS 430P/530 Internet, Web & Cloud Systems

IAC C for Container tainers

 Configuration management

 Setup and configure collections of containers (Docker)

 Deployment management (orchestration)

 Automatically configure, deploy, and monitor clusters of containers, as

well as keep them running

 This class…

Portland State University CS 430P/530 Internet, Web & Cloud Systems

Container tainer orchestration estration

 Two pieces

 A declarative, programmatic way of specifying containers and their run-

time configuration

 A daemon (orchestration controller) that monitors and maintains

specification at run-time

Portland State University CS 430P/530 Internet, Web & Cloud Systems

Ex Example ple

 Specification

 Scaling and replication (run N copies or autoscale based on metric)

 “Run 10 versions of a container at all times”  "Keep adding containers until load < 0.5"

 Configuring network connectivity and load balancing (rather than having

to specify IP addresses)

 Daemon

 Launches replicas  Performs run-time health monitoring and handles machine failures

Portland State University CS 430P/530 Internet, Web & Cloud Systems

Ex Example: ple: Go Google gle Bo Borg g (2003) 3)

 Ops tool to automate cluster management

 https://research.google.com/pubs/pub43438.html

 Declarative language specifies what to run and how to run it  Borg controller monitors and maintains specification when nodes go

down

 Allows developer to focus on application logic, not machine

management

 Obviates the need to ssh into ANY machines

 Re-implemented and spun out as an open-source project called…

Portland State University CS 430P/530 Internet, Web & Cloud Systems

Google Kubernetes Engine AWS Elastic Container Service for Kubernetes Azure Kubernetes Service

Kubernetes

Kub ubern ernetes es (2014) 4)

 Container orchestration system  Reimplementation of Google’s “Borg” in Go

 "Cloud Deployment Manager" or "Cloud Formation" but for containers

not VMs.

 Open-source, managed by Cloud Native Computing Foundation

 White-board level specification of computing infrastructure

 Custom PaaS via specification  Traditional PaaS opinionated (must fit your application into their model)  Logical system view decoupled from cloud provider

Portland State University CS 430P/530 Internet, Web & Cloud Systems

Kub ubern ernetes es (2014) 4)

 Automated and reproducible deployment

 Self-healing  Auto-scaling  Portable

 Can use for on premises, cloud, or multi-cloud deployments (configurations run the

same)

Portland State University CS 430P/530 Internet, Web & Cloud Systems

 Manages all Google services (Mail, Search, Maps etc)  Used by Uber, Bloomberg, Lyft, New

York Times, eBay

Portland State University CS 430P/530 Internet, Web & Cloud Systems

Portland State University CS 430P/530 Internet, Web & Cloud Systems

Portland State University CS 430P/530 Internet, Web & Cloud Systems

Rais ises es th the e level el of abst stract raction ion

 Infrastructure abstracted away as with serverless

"The cloud now is way too focused about the infrastructure, the machines, the disks, and that is not the path to productivity…It would be nice if we could pretend they don't exist at all and Kubernetes is absolutely a step in that direction" "The new cloud is about services and APIs and has nothing to do with infrastructure. (The infrastructure) is there, (Google) will manage it, we will make it secure, but as a developer, you shouldn't need to know." Eric Brewer (4/24/2018)

Portland State University CS 430P/530 Internet, Web & Cloud Systems

Ex Example ple

 Run 10,000 copies of a site

inside a data center…

 Painful!

Portland State University CS 430P/530 Internet, Web & Cloud Systems

Aut utoma mation tion via a sp spec ecif ification ication

Portland State University CS 430P/530 Internet, Web & Cloud Systems

Portland State University CS 430P/530 Internet, Web & Cloud Systems

Kub ubern ernetes es concepts ncepts

 Nodes = machine running container

 e.g. a Compute Engine instance

 Pods

 One or more related containers sharing storage, configuration on a

node

 Web front end and its logging facility run on separate containers, but

in a single pod

 Services

 Defines a way to access pods externally via an IP address and port

 Controller

 Service that monitors pods to ensure the desired number of replicas

are always running

Portland State University CS 430P/530 Internet, Web & Cloud Systems

Portland State University CS 430P/530 Internet, Web & Cloud Systems

Kub ubern ernetes es

 The Illustrated Children’s guide (8:20)

https://www.youtube.com/watch?v=4ht22ReBjno

 Cartoon introduction

https://cloud.google.com/kubernetes- engine/kubernetes-comic/

 Kubecraft (1:50)

https://www.youtube.com/watch?v=A4qwsSEldHE

Portland State University CS 430P/530 Internet, Web & Cloud Systems

De Deplo ploying ying Kub uberne ernetes es

 kubectl command to interact with master controller

 Specification in

YAML

Portland State University CS 430P/530 Internet, Web & Cloud Systems

Case se st stud udy

Portland State University CS 430P/530 Internet, Web & Cloud Systems

Case se st stud udy: y: Pokem emon

• n Go

Go

 Published by Niantic (augmented reality startup company)

 Created as a spin-off of Google Earth's toy app Ingress  Single, shared, virtual world overlaid upon real world  World state consistent across all users  But, has an n2 scaling problem!

 Built on Google Cloud Platform

 Initially on App Engine  Provisioned for launch numbers based on prior launches of other top-

tier mobile games multiplied by 5

 Released July 5, 2016

Portland State University CS 430P/530 Internet, Web & Cloud Systems

 But then,

 Provisioned number for global use met in just two countries  Within 1 week, 50x more users than expected

 8.7 billion km walked in first 6 months (past Pluto or 200k times around Earth)

 Scaled seamlessly* with no change to software

 Built on Java (server)  C#, C++, Objective C, Unity (client)  Cloud Datastore (Distributed NoSQL)  Shifted to Kubernetes for better control over scaling components

Portland State University CS 430P/530 Internet, Web & Cloud Systems

Case se st stud udy: y: Home me De Depot pot

 Single monolithic site with single monolithic database  Site split into microservices and migrated to containers for developer

efficiency

 Store finder service  Promotions service  Product information service

 Removes centralized bottleneck in managing site

 Individual DevOps teams develop individual microservice/containers

 Containers and microservices orchestrated using Kubernetes

Portland State University CS 430P/530 Internet, Web & Cloud Systems

Other migrations…

Portland State University CS 430P/530 Internet, Web & Cloud Systems

Go Google gle Kub ubern ernetes es En Engi gine ne (GK GKE) E)

 Hosted Kubernetes for running controller on GCP (formerly called

Container Engine)

Portland State University CS 430P/530 Internet, Web & Cloud Systems

Kub ubern ernetes++ es++

 Deployment manager for multi-cloud clusters (Terraform)  Tools to manage mixtures of private and public cloud infrastructure  Keys/secrets management for clusters  Applying updates to software  Versioning support for rolling back updates  Templating  Package management (Helm)

Portland State University CS 430P/530 Internet, Web & Cloud Systems

https://www.slideshare.net/mbutcher/kubernetes- helm-boulder-kubernetes-meetup-june-2016

IAC Kubernetes Labs