kubernetes
play

Kubernetes Introduction WOJCIECH BARCZYSKI (hiring) Senior - PowerPoint PPT Presentation

Dec 20, 2022 •112 likes •781 views

Kubernetes Introduction WOJCIECH BARCZYSKI (hiring) Senior Software Engineer Lead of Warsaw Team - SMACC System Engineer background Interests: working software Hobby: teaching software engineering BACKGROUND A top AI FinTech

  1. Kubernetes Introduction

  2. WOJCIECH BARCZYŃSKI (hiring) Senior Software Engineer Lead of Warsaw Team - SMACC System Engineer background Interests: working software Hobby: teaching software engineering

  3. BACKGROUND A top AI FinTech ➡ microservices and k8s Before renew tech stack of a top Indonesian mobile ecommerce 3.5y with Openstack, 1000+ nodes, 21 data centers I do not like INFRA :D

  4. KUBERNETES Kubernetes - greek for helmsman Run and Manages containers Inspired by Google's Borg Integrated with AWS, GCP, Azure Becoming an integration platform for large ecosystem Manages Applications not Machines!

  5. GOALS Utilized resources nearly 100% Get to applications/services mindset Enforce loosely couple software - 12factor apps, Amazon-API approach Best practises included, e.g., name service, metadata discovery, ...

  6. CURRENT WINNER « Amazon joined Kubernetes on 10.08.2017 »

  7. WHY KUBERNETES? Data Center as a Black Box Batteries for your (12factor) apps

  8. WHY KUBERNETES? Give you complete control over your application with simple yaml config files Use labels to auto-wire your app to monitoring, logging, and alarming Let you to, almost forget, about the infrastructure

  9. Batteries Load Balancing Name Service Discovery Metadata and Annotation support Decoupled interface and implementation Labeled based matching

  10. DATA CENTER AS A BLACK BOX

  11. KUBERNETES Ingress Controller Docker Image App Kubernetes k8s config: Service Deployment Node Node Node Node make docker_push; kubectl create -f app-srv-dpl.yaml

  12. SCALE UP! SCALE DOWN! Ingress Controller App App Kubernetes scale 3x App Node Node Node Node kubectl --replicas=3 -f app-srv-dpl.yaml

  13. INGRESS CONTROLLER api.smacc.io/v1/users ➡ service: users-v1 api.smacc.io/v2/users ➡ service: users-v2 api.smacc.io/accounts ➡ service: accounts smacc.io ➡ service: website

  14. INGRESS CONTROLLER INTERNET PRIVATE NETWORK ORCHESTRATOR (DOCKER, SWARM, MESOS...) A P I . D O M A I N . C O M API DATA / W E B M O C . N I A M O D WEB ADMIN LISTEN M O C . N I A BACKOFFICE 1 M O D . E C I F F O K C A B BACKOFFICE 2 BACKOFFICE 3 API

  15. ROLLING UPDATES! Ingress Controller App App Kubernetes Docker App Image v2 Node Node Node Node kubectl set image deployment/app app=app:v2.0.0

  16. ROLLING UPDATES! Ingress Controller App Kubernetes Docker App Image v2 Node Node Node Node

  17. ROLLING UPDATES! Ingress Controller App App Kubernetes Docker App Image v2 Node Node Node Node

  18. ROLLING UPDATES! Ingress Controller App App Kubernetes Docker App Image v2 Node Node Node Node

  19. LOAD BALANCING Load Balancer <<Requests>> Port Port Port Port 30000 30000 30000 30000 Service App App App B Kubernetes Kubernetes Kubernetes Kubernetes Worker Worker Worker Worker Node Node Node Node

  20. RESISTANCE! Ingress Controller App App Kubernetes App Node Node Node Node

  21. RESISTANCE! Ingress Controller App App Kubernetes App Node Node Node

  22. RESISTANCE! When the node dies in flames When other apps (with higher guaranteed quotas) eats all memory When you need to drain nodes before upgrade You can easily scale up, create machine and join it to cluster (easier with kops or on GCE)

  23. FEDERATION Global LoadBalancer App App App On-premise Amazon Google Poland eu-west-1 asia-southeast1

  24. MUCH MORE Plug-and-play integrations: integration with AWS, Google Cloud Platform, and Azure multiple drivers for network, storage,... you can run on minikube

  25. MUCH MORE Kubernetes administrated with kubernetes: everything run in pods e.g., you deploy your log collectors for k8s as pods: http://wbarczynski.pl/centralized-logging-for-kubernetes-with-fluentd-and- elasticsearch/

  26. BASIC CONCEPTS Name Purpose Service Interface Service Name, port, labels, annotations Deployment Factory How many pods with which docker images, labels Pod Implementation 1+ docker images running in 1 pod

  27. BASIC CONCEPTS config / secret ➡ config and files ingress-controller ➡ url pattern ➡ service

  28. SERVICE service.yaml: apiVersion: v1 kind: Service metadata: name: api-status spec: ports: - port: 80 protocol: TCP selector: app: api-status

  29. SERVICE # create the service and deployment kubectl create -f api-status-srv.yaml kubectl create -f api-status-dpl.yaml # get to a running docker (in a pod) kubectl -it exec app-999-8zh1p /bin/bash # check whether name service works curl http://api-status/health OK

  30. BASIC CONCEPTS Service Name Service Service Port Labels Pods << Creates >> << Creates >> Deployment Deployment

  31. deployment.yaml apiVersion: apps/v1beta1 kind: Deployment metadata: name: api-status-nginx app: api-status spec: replicas: 1 template: metadata: labels: name: api-status-nginx app: api-status spec: containers: - name: nginx image: nginx

  32. CONFIG env variables in deployment: env: - name: SEARCH_ENGINE_USER value: mighty_mouse

  33. CONFIG feed envs from configmaps: env: - name: SEARCH_ENGINE_USER valueFrom: configMapKeyRef: name: my-config key: search.user

  34. CONFIG you can ship files using configmaps/secrets kubectl create configmap my-config-file --from-file=config.json

  35. CONFIG You can also run your own: HashiCorp Consul or etcd HashiCorp Vault

  36. METADATA AND ANNOTATIONS Auto-wiring Precise discovery Reporting Labeling targets for security scans Labeling critical services for oncall (see alertmanager)

  37. MONITORING WITH KUBERNETES You deploy a memcached Exposed its prometheus metrics on metrics/ How to ship metrics?

  38. ANNOTATIONS! memcached-0-deployment.yaml --- apiVersion: v1 kind: Service metadata: name: memcached-0 labels: app: memcached kubernetes.io/name: "memcached" role: shard-0 tier: backend annotations: prometheus.io/scrape: "true" prometheus.io/scheme: "http" prometheus.io/path: "metrics" prometheus.io/port: "9150" https://github.com/skarab7/kubernetes-memcached

  39. INGRESS CONTROLLER WITH TRAEFIK?

  40. ANNOTATIONS! Use traefik instead of built-in reverse proxy apiVersion: extensions/v1beta1 kind: Ingress metadata: name: api-status namespace: production annotations: kubernetes.io/ingress.class: traefik spec: rules: - host: api.example.com http: paths: - path: /status backend: serviceName: api-status

  41. LABELS! Monitoring rule that uses labels: ALERT ProductionAppServiceInstanceDown IF up { environment = "production", app =~ ".+"} == 0 FOR 4m ANNOTATIONS { summary = "Instance of {{$labels.app}} is down", description = " Instance {{$labels.instance}} of app {{$labels.app}} has been down for more than 4 minutes" } AlertManager

  42. LABELS! Call sb if the label is severity=page : group_by: [cluster] # If an alert isn't caught by a route, send it to the pager. receiver: team-pager routes: - match: severity: page receiver: team-pager receivers: - name: team-pager opsgenie_configs: - api_key: $API_KEY teams: example_team AlertManager

  43. THERE IS SO MUCH MORE resource quotas events in Kubernetes readiness probes liveness probes volumes stateful namespaces ...

  44. KUBERENTES Awesome command-line Resilient platform simple YAML files to setup your service, service discovery included annotations and metadata discovery included

  45. 0.1 ➡ 1.0 Your component needs to get much more smarter.

  46. SERVICE SELF-CONSCIOUSNESS Your endpoint: metrics/ alertrules/ - [WIP] health/ or healthz/ info/

  47. DEEP LOOK INSIDE when I am ready to serve requests when I need to restart myself what to do when dependent services are down ...

  48. DEEP LOOK INSIDE Am I really stateless? Caching? fail-fast, start fast

  49. RELATIONS WITH OTHERS master-worker relationships waiting for other resources / services

  50. 12FACTOR APPS find services by name or URI move the important config to environment variables

  51. LOGGING logstash json format make configurable with ENV variable EFK or ELK

  52. WHAT WITH YOUR DATABASES Keep it in a separated (k8s) cluster The best, go with DaaS With Stateful , you can run your db in k8s Long discussion...

  53. MIGRATION OF ENV Staging, production, canary, green/blue ...: If you have $$$, have a separated k8s cluster If not, use Namespaces

  54. APPS IN NEW WORLD 12 factor apps (Heroku, 2012) much much smarter much faster much more predictable much harder to develop :D Forging experience into code [WIP]: https://github.com/microdevs

  55. THANK YOU

  56. (hiring) Wojciech Barczyński (wojciech.barczynski@smacc.io)

  57. Backup slides

  58. 6 + 1 STEPS The big 1 - making your app smarter

  59. 1. CLEAN UP Single script for repo - Makefile [1] Resurrect the README [1] With zsh or bash auto-completion plugin in your terminal.

  60. 2. GET BACK ALL THE KNOWLEDGE Puppet, Chef, ... ➡ Dockerfile Check the instances ➡ Dockerfile, README.rst Nagios, ... ➡ README.rst, checks/

  61. 3. INTRODUCE RUN_LOCAL make run_local A nice section on how to run in README.rst Use: docker-compose The most crucial point.

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Airflow on Kubernetes: Containerizing your Workflows By Michael Hewitt Agenda Kubernetes

Airflow on Kubernetes: Containerizing your Workflows By Michael Hewitt Agenda Kubernetes

Airflow on Kubernetes: Containerizing your Workflows By Michael Hewitt Agenda Kubernetes Overview 1 Airflows integration with Kubernetes 2 Deployment of Airflow on Kubernetes 3 Kubernetes Pod Operator and its benefits 4 DAG Development

2.79k views • 14 slides
Continuous Kubernetes Security @sublimino and @controlplaneio Im: - Andy - Dev-like -

Continuous Kubernetes Security @sublimino and @controlplaneio Im: - Andy - Dev-like -

Continuous Kubernetes Security @sublimino and @controlplaneio Im: - Andy - Dev-like - Sec-ish - Ops-y Is this Kubernetes cluster secure? EPIC FAIL GIF How secure is Kubernetes? What this Kubernetes talk is about Common Pwns

1.18k views • 113 slides
Kubernetes Matthias Haeussler Mirna Alaisami Overview Overview Kubernetes is an open-source

Kubernetes Matthias Haeussler Mirna Alaisami Overview Overview Kubernetes is an open-source

Kubernetes Matthias Haeussler Mirna Alaisami Overview Overview Kubernetes is an open-source platform designed to automate deploying , scaling , and operating application containers . Kubernetes v1.0 was released in 2015. It utilizes

916 views • 52 slides
K8s or Die! You must do Kubernetes. Or should you? If so when, where, why? How?! Marco Ceppi

K8s or Die! You must do Kubernetes. Or should you? If so when, where, why? How?! Marco Ceppi

K8s or Die! You must do Kubernetes. Or should you? If so when, where, why? How?! Marco Ceppi @marcoceppi Ryan Beisner @ryanbeisner Why Kubernetes Computing in the modern age Virtual Process Machines Containers Traditional Container

516 views • 24 slides
From Laptop to the World With Kubernetes @saturnism @googlecloud #kubernetes Ray Tsang

From Laptop to the World With Kubernetes @saturnism @googlecloud #kubernetes Ray Tsang

From Laptop to the World With Kubernetes @saturnism @googlecloud #kubernetes Ray Tsang Developer Advocate Google Cloud Platform @saturnism | +RayTsang @saturnism @googlecloud #kubernetes Ray Tsang Developer Architect Traveler

1.29k views • 65 slides
Contributing to kubernetes Who am I? Senior Software Engineer at Gojek Organizer at Kubernetes

Contributing to kubernetes Who am I? Senior Software Engineer at Gojek Organizer at Kubernetes

Contributing to kubernetes Who am I? Senior Software Engineer at Gojek Organizer at Kubernetes &amp; Cloud Native Meetups in Jakarta and Bandung https://www.meetup.com/jakarta-kubernetes/ https://www.meetup.com/Microservice-JKT/ You can find

709 views • 47 slides
Developing Kubernetes Services at Airbnb Scale @MELANIECEBULA What is kubernetes?

Developing Kubernetes Services at Airbnb Scale @MELANIECEBULA What is kubernetes?

@MELANIECEBULA / MARCH 2019 / CON LONDON Developing Kubernetes Services at Airbnb Scale @MELANIECEBULA What is kubernetes? @MELANIECEBULA Who am I? A BRIEF HISTORY @MELANIECEBULA Why Microservices? 4000000 3000000 2000000 MONOLITH

1.74k views • 111 slides
Kubernetes Networking and Istio Apurva Bhandari $whoami SRE / DevOps Docker &amp; Kubernetes

Kubernetes Networking and Istio Apurva Bhandari $whoami SRE / DevOps Docker &amp; Kubernetes

Kubernetes Networking and Istio Apurva Bhandari $whoami SRE / DevOps Docker &amp; Kubernetes Enthusiast Speaker at Meetups Email: apurvbhandari@gmail.com LinkedIn: https://www.linkedin.com/in/apurvabhandari-linux GitHub:

2.16k views • 28 slides
Kubernetes APIs Under the Hood @pwittrock Who Am I? Phillip Wittrock (@pwittrock) Software

Kubernetes APIs Under the Hood @pwittrock Who Am I? Phillip Wittrock (@pwittrock) Software

Kubernetes APIs Under the Hood @pwittrock Who Am I? Phillip Wittrock (@pwittrock) Software Engineer at Google working on GKE and OSS Kubernetes My mission is to make using Kubernetes simple and enjoyable You might have come across me

1.12k views • 27 slides
Stateful workloads on kubernetes with ceph Agenda CaaS Kubernetes

Stateful workloads on kubernetes with ceph Agenda CaaS Kubernetes

Stateful workloads on kubernetes with ceph Agenda CaaS Kubernetes Ceph Storage Operation NVRAMOS 2019 10/28/2019 Cloud Service Model On Premises IaaS CaaS PaaS SaaS Applications Applications

660 views • 36 slides
Kubernetes Administration from Zero to (junior) Hero Lszl Budai Component Soft Ltd.

Kubernetes Administration from Zero to (junior) Hero Lszl Budai Component Soft Ltd.

Kubernetes Administration from Zero to (junior) Hero Lszl Budai Component Soft Ltd. Agenda 1.Introduction 2.Accessing the kubernetes API 3.Kubernetes workloads 4.Accessing applications 5.Volumes and persistent storage 2 (c) 2018

1.17k views • 57 slides
OpenStack on Kubernetes: Make OpenStack and Kubernetes Fail-Safe Seungkyu Ahn (ahnsk@sk.com)

OpenStack on Kubernetes: Make OpenStack and Kubernetes Fail-Safe Seungkyu Ahn (ahnsk@sk.com)

OpenStack on Kubernetes: Make OpenStack and Kubernetes Fail-Safe Seungkyu Ahn (ahnsk@sk.com) Jaesuk Ahn (jay.ahn@sk.com) Open System Lab Network IT Convergence R&amp;D Center SK Telecom Wil Reichert (wil@solinea.com) Solinea What will

1.26k views • 46 slides
Lessons learnt building Kubernetes controllers David Cheney - Heptio gday Craig McLuckie

Lessons learnt building Kubernetes controllers David Cheney - Heptio gday Craig McLuckie

Lessons learnt building Kubernetes controllers David Cheney - Heptio gday Craig McLuckie and Joe Beda 2/3rds of a pod Connaissez-vous Kubernetes? Kubernetes is an open-source system for automating deployment, scaling, and

747 views • 63 slides
Kubernetes on ARM64 Kubernetes on ARM64 Raspberry PI 4 Kubernetes cloud for a Raspberry PI 4

Kubernetes on ARM64 Kubernetes on ARM64 Raspberry PI 4 Kubernetes cloud for a Raspberry PI 4

Kubernetes on ARM64 Kubernetes on ARM64 Raspberry PI 4 Kubernetes cloud for a Raspberry PI 4 Kubernetes cloud for a few Euros! few Euros! Jean-Frederic Clere Jean-Frederic Clere @jfclere @jfclere Fosdem 2020 Feb. 1-2, 2020 TM Who am I?

529 views • 26 slides
Lecture 3: Kubernetes AC295 AC295 Advanced Practical Data Science Pavlos Protopapas Outline

Lecture 3: Kubernetes AC295 AC295 Advanced Practical Data Science Pavlos Protopapas Outline

Lecture 3: Kubernetes AC295 AC295 Advanced Practical Data Science Pavlos Protopapas Outline 1: Communications 2: Recap 3: Introduction to Kubernetes 4: Creating and Running Containers | Review 5: Anatomy of a Kubernetes Cluster 6:

820 views • 38 slides
Data Management in Kubernetes Using Kanister T om Manville | April 25th, 2018 2 3 4 yes* 5

Data Management in Kubernetes Using Kanister T om Manville | April 25th, 2018 2 3 4 yes* 5

Data Management in Kubernetes Using Kanister T om Manville | April 25th, 2018 2 3 4 yes* 5 Database Operations in Kubernetes kanister.io 6 Agenda Background DB in a container DB in Kubernetes Kanister Use

767 views • 42 slides
KVM without QEMU Gabriel Laskar &lt;gabriel@lse.epita.fr&gt; Agenda What is kvm ? What we

KVM without QEMU Gabriel Laskar &lt;gabriel@lse.epita.fr&gt; Agenda What is kvm ? What we

KVM without QEMU Gabriel Laskar &lt;gabriel@lse.epita.fr&gt; Agenda What is kvm ? What we want to achieve ? kvm api overview how to start in 32-bit virtio device machine description state of the tool What is KVM ?

528 views • 21 slides
Fault Tolerance of the I nput/ Output Ports in Massively Def ective Multicore Processor Chips

Fault Tolerance of the I nput/ Output Ports in Massively Def ective Multicore Processor Chips

The 38th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Second Workshop on D Dependable and Secure Nanocomputing Friday June 27, 2008 Anchorage, AK, USA Fault Tolerance of the I nput/ Output Ports in Massively

561 views • 8 slides
Virtio 1 - why do it? And - are we there yet? 2015 Michael S. Tsirkin Red Hat Uses material

Virtio 1 - why do it? And - are we there yet? 2015 Michael S. Tsirkin Red Hat Uses material

Virtio 1 - why do it? And - are we there yet? 2015 Michael S. Tsirkin Red Hat Uses material from https://lwn.net/Kernel/LDD3/ Gcompris, tuxpaint 1 Distributed under the Creative commons license. Lots of work ... main-title 300 250

1.02k views • 63 slides
ECE 550D Fundamentals of Computer Systems and Engineering Fall 2016 Input/Output (IO) Tyler

ECE 550D Fundamentals of Computer Systems and Engineering Fall 2016 Input/Output (IO) Tyler

ECE 550D Fundamentals of Computer Systems and Engineering Fall 2016 Input/Output (IO) Tyler Bletsch Duke University Slides are derived from work by Andrew Hilton (Duke) IO: Interacting with the outside world Input and Output Devices App

508 views • 38 slides
WHY Capital One Date : March 22 and 23, 2019 Number of records breached : 106

WHY Capital One Date : March 22 and 23, 2019 Number of records breached : 106

WHY Capital One Date : March 22 and 23, 2019 Number of records breached : 106 million Information exposed : Names, addresses, ZIP codes, phone numbers, email addresses, birthdates and self-reported income. Customer credit

1.05k views • 84 slides
Embedded Systems Programming Linux Kernel Modules (Module 4) Yann-Hang Lee Arizona State

Embedded Systems Programming Linux Kernel Modules (Module 4) Yann-Hang Lee Arizona State

Embedded Systems Programming Linux Kernel Modules (Module 4) Yann-Hang Lee Arizona State University yhlee@asu.edu (480) 727-7507 Summer 2014 Real-time Systems Lab, Computer Science and Engineering, ASU What is kernel The basic

349 views • 12 slides
IO 1 Today IO TA Evaluations 2 Key Points CPU interface and interaction with IO

IO 1 Today IO TA Evaluations 2 Key Points CPU interface and interaction with IO

IO 1 Today IO TA Evaluations 2 Key Points CPU interface and interaction with IO devices The basic structure of the IO system (north bridge, south bridge, etc.) The key advantages of high speed serial lines. The benefits

268 views • 15 slides
1 CPU Scheduler Preemptive Scheduling Also referred to as Short Term Preemptive

1 CPU Scheduler Preemptive Scheduling Also referred to as Short Term Preemptive

Contents CMSC 421 Spring 2004 Section 0202 Basic Concepts Scheduling Criteria Scheduling Algorithms Multiple-Processor Scheduling Real-Time Scheduling Algorithm Evaluation Part II: Process Management Chapter 6 CPU

399 views • 10 slides

More recommend