OK, so I have all these Containers What now? Image by Connie Zhou - - PowerPoint PPT Presentation

ok so i have all these containers what now
SMART_READER_LITE
LIVE PREVIEW

OK, so I have all these Containers What now? Image by Connie Zhou - - PowerPoint PPT Presentation

Mar 31, 2023 218 likes •756 views

OK, so I have all these Containers What now? Image by Connie Zhou Developer View job hello_world = { runtime = { cell = 'ic' } // Cell (cluster) to run in binary = '.../hello_world_webserver' // Program to run args = { port =

slide-1
SLIDE 1

OK, so I have all these Containers What now?

slide-2
SLIDE 2

Image by Connie Zhou

slide-3
SLIDE 3

#kubernetes @tekgrrl

job hello_world = { runtime = { cell = 'ic' } // Cell (cluster) to run in binary = '.../hello_world_webserver' // Program to run args = { port = '%port%' } // Command line parameters requirements = { // Resource requirements ram = 100M disk = 100M cpu = 0.1 } replicas = 5 // Number of tasks }

10000

Developer View

slide-4
SLIDE 4

#kubernetes @tekgrrl

Developer View

slide-5
SLIDE 5

#kubernetes @tekgrrl

web browsers BorgMaster link shard UI shard BorgMaster link shard UI shard BorgMaster link shard UI shard BorgMaster link shard UI shard Scheduler borgcfg web browsers scheduler Borglet Borglet Borglet Borglet Config file BorgMaster link shard UI shard

persistent store (Paxos)

Binary

Developer View

What just happened?

slide-6
SLIDE 6

Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world!

Image by Connie Zhou

Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world!

slide-7
SLIDE 7

#kubernetes @tekgrrl

php MySQL

memcached

php php

PHP

Guestbook App

Client

slide-8
SLIDE 8

Containers

slide-9
SLIDE 9

#kubernetes @tekgrrl

Old Way: Shared Machines

No isolation No namespacing Common libs Highly coupled apps and OS

kernel libs app app app app

slide-10
SLIDE 10

#kubernetes @tekgrrl

Old Way: Virtual Machines

Some isolation Inefficient Still highly coupled to the guest OS Hard to manage

app libs kernel libs app app kernel app libs libs kernel kernel

slide-11
SLIDE 11

#kubernetes @tekgrrl

New Way: Containers

libs app kernel libs app libs app libs app

slide-12
SLIDE 12

#kubernetes @tekgrrl

Container Images

  • An image is a stack of Read-Only file

system layers.

  • Usual process:

○ build ○ push to repository ○ pull to execution host ○ start container from image

Debian App PHP & Apache Libs

slide-13
SLIDE 13

#kubernetes @tekgrrl

Image Layers

Read / Write Read / Write Debian App PHP & Apache Libs Read / Write

  • A container is a process

○ started with kernel restrictions ○ a stack of shared Read-Only file system layers ○ plus a process specific Read- Write layer

  • Every new container gets a new

Read-Write later. All containers from the same image start from exactly the same state!

slide-14
SLIDE 14

#kubernetes @tekgrrl

Mounting Host Directories

  • It's possible to mount host

directories into a container's filesystem.

  • These are mutable and do outlive

the container.

  • They're only available on that host.

Debian App PHP & Apache Libs Read / Write host dir

slide-15
SLIDE 15

#kubernetes @tekgrrl

Docker Example

Server Debian Docker Engine MySQL Memcached libs libs libs libs App PHP & Apache

slide-16
SLIDE 16

Why containers?

  • Performance
  • Repeatability
  • Quality of service
  • Accounting
  • Portability

A fundamentally different way of managing applications

Images by Connie Zhou

slide-17
SLIDE 17

#kubernetes @tekgrrl

containers are awesome let's use lots of them!

slide-18
SLIDE 18

Demo

slide-19
SLIDE 19

Kubernetes

slide-20
SLIDE 20

Greek for “Helmsman”; also the root of the word “Governor”

  • Orchestrator for Docker containers
  • Supports multi-cloud environments
  • Inspired and informed by Google’s

experiences and internal systems

  • Open source, written in Go

Manage applications, not machines

Kubernetes

slide-21
SLIDE 21

#kubernetes @tekgrrl

Concepts Intro

Container Pod Volume Replication Controller Service Node Label

slide-22
SLIDE 22

@tekgrrl #kubernetes #gotoldn

web browsers

y

Kubelet Kubelet Kubelet Kubelet Kubernetes Master

Replication Controller Scheduler API Server Kube-UI

Container Registry kubectl Proxy <Your App> web browsers

Developer View (Kubernetes)

slide-23
SLIDE 23

Cluster Options

From Laptop to high-availability multi-node cluster Hosted or self managed On-Premise or Cloud Bare Metal or Virtual Machines Many options, See Matrix for details Kubernetes Cluster Matrix: http://bit.ly/1MmhpMW

slide-24
SLIDE 24

So what do we run on the nodes? Containers?

slide-25
SLIDE 25

Demo

slide-26
SLIDE 26

#kubernetes @tekgrrl

The atom of scheduling for containers Application specific “logical host” Ephemeral

  • can die and be replaced

Single container pods can be created directly from a container image

Pod

Web Server Volume

Consumers

Pods

slide-27
SLIDE 27

Can be used to group containers & shared volumes Containers are tightly coupled Shared namespace

  • Shared network IP and port namespace

Ephemeral

  • Containers in pods live and die together

Think in terms of services that you usually run on the same machine

Pods

Pod

Git Synchronizer Node.js App Container

Volume

Consumers Github

slide-28
SLIDE 28

Bound to the Pod that encloses it Look like Directories to Containers What and where they are determined by Volume Type Many Volume options

Volume

Pod

  • EmptyDir

○ Lives with the pod

slide-29
SLIDE 29

Bound to the Pod that encloses it Look like Directories to Containers What and where they are determined by Volume Type Many Volume options

Volume

Pod

  • EmptyDir
  • HostPath

○ Maps to directory on host ○ Use with caution

/<rootdir> | |__/etc |--/usr |--/var | |--/log

slide-30
SLIDE 30

Bound to the Pod that encloses it Look like Directories to Containers What and where they are determined by Volume Type Many Volume options

Volume

Pod

  • EmptyDir
  • HostPath
  • nfs (and similar services)

NFS

slide-31
SLIDE 31

Bound to the Pod that encloses it Look like Directories to Containers What and where they are determined by Volume Type Many Volume options

Volume

Pod

  • EmptyDir
  • HostPath
  • nfs (and similar services)
  • Cloud Provider Block Storage
slide-32
SLIDE 32

#kubernetes @tekgrrl

Dashboard

show: type = FE

Pod Pod frontend Pod frontend Pod Pod Dashboard

show: version = v2

type = FE version = v2 type = FE version = v2

  • Metadata with semantic meaning
  • Membership identifier
  • The only Grouping Mechanism

Behavior Benefits

➔ Allow for intent of many users (e.g. dashboards) ➔ Build higher level systems … ➔ Queryable by Selectors

Labels ← These are important

slide-33
SLIDE 33

#kubernetes @tekgrrl

Developer View (Replication Controller)

selector:

name: frontend … spec: containers:

  • name: php-guestbook

image: php-guestbook:europython resources: limits: memory: "128Mi" cpu: "500m" ports:

  • containerPort: 80

protocol: TCP replicas: 1 10000

slide-34
SLIDE 34

#kubernetes @tekgrrl

Replication Controller Pod Pod frontend Pod frontend Pod Pod Replication Controller #pods = 1 version = v2

show: version = v2

version= v1 version = v1 version = v2

Replication Controller #pods = 2 version = v1

show: version = v2

Behavior Benefits

  • Keeps Pods running
  • Gives direct control of Pod #s
  • Grouped by Label Selector

➔ Recreates Pods, maintains desired state ➔ Fine-grained control for scaling ➔ Standard grouping semantics

Replication Controllers

slide-35
SLIDE 35

#kubernetes @tekgrrl

Replication Controller

Replication Controller

  • Name = “nifty-rc”
  • Selector = {“App”: “Nifty”}
  • PodTemplate = { ... }
  • NumReplicas = 4

API Server

3

Start 1 more

OK

4

How many? How many?

Canonical example of control loops Have one job: ensure N copies of a pod

  • if too few, start new ones
  • if too many, kill some
  • group == selector

Replicated pods are fungible

  • No implied order or identity

Replication Controllers

slide-36
SLIDE 36

#kubernetes @tekgrrl

Container Liveness

Process Level: Kubelet checks with Docker that Container is running App Level: User defined health checks:

  • HTTP Health checks (Kubelet calls

a Web Hook)

  • Container Exec (Kubelet runs

command in container)

  • TCP Socket (Kubelet attempts to
  • pen a socket to the container)
slide-37
SLIDE 37

#kubernetes @tekgrrl

Portal (VIP)

Client

Pod Container Pod Container Pod Container Container

A logical grouping of pods that perform the same function

  • group == selector

Choice of pod is random but supports session affinity (ClientIP) Gets a stable virtual IP and port

  • also a DNS name

Hide complexity - ideal for non-native apps

Services

slide-38
SLIDE 38

#kubernetes @tekgrrl

Service Label selectors: version = 1.0 type = Frontend Service Label selector: type = FE Replication Controller Pod Pod frontend Pod

version= v1 version = v1

Replication Controller version = v1 #pods = 2

show: version = v2

type = FE type = FE

VIP

Canary Example

Replication Controller Replication Controller version = v2 #pods = 1

show: version = v2

Pod frontend Pod

version = v2 type = FE

slide-39
SLIDE 39

#kubernetes @tekgrrl

php MySQL php php

python

memcache d

Mapping to Kubernetes

Client

slide-40
SLIDE 40

#kubernetes @tekgrrl

Database

I still have questions about state!

In a cluster of ephemeral containers

Application state must exist outside of the container

slide-41
SLIDE 41

#kubernetes @tekgrrl

Outside the Cluster

App Pod App Pod App Pod App Pod App Pod App Pod App Pod App Pod App Pod e.g.: MySQL managed by DBAs or managed cloud services

Database

slide-42
SLIDE 42

#kubernetes @tekgrrl

Adapt to run in the Cluster

Database

App Pod App Pod App Pod App Pod App Pod App Pod App Pod App Pod App Pod e.g.: MySQL runs in a pod and mounts a filesystem provided by the cluster

slide-43
SLIDE 43

#kubernetes @tekgrrl

Cluster Native

App Pod App Pod App Pod App Pod App Pod App Pod App Pod App Pod App Pod ex: run Cassandra or Riak inside the cluster

slide-44
SLIDE 44

Demo

slide-45
SLIDE 45

Container Engine

slide-46
SLIDE 46

Google Container Engine (Beta)

Managed Kubernetes (Kubernetes v1) Manages Kubernetes master uptime Manages Updates Cluster Resize via Managed Instance Groups Centralised Logging Google Cloud VPN support

slide-47
SLIDE 47

Kubernetes 1.0 as of mid July

  • Formerly announced at OSCON this week

Open sourced in June, 2014

  • won the BlackDuck “rookie of the year” award

Google launched Google Container Engine (GKE)

  • hosted Kubernetes
  • https://cloud.google.com/container-engine/

Roadmap:

  • https://github.com/GoogleCloudPlatform/kubernetes/milestones

Kubernetes Status

slide-48
SLIDE 48

Demo - Visualization

slide-49
SLIDE 49

#kubernetes @tekgrrl

Node3

Kubelet Proxy Pod Container Container Container Container Pod Container Container Container Container

Node3

Kubelet Proxy Pod Container Container Container Container Pod Container Container Container Container

Node1

Kubelet Proxy Pod Container Container Pod

$ kubectl proxy --www=k8s-visualizer/

Visualizing Kubernetes

Master APIs Scheduling REST (pods, services, controllers) AuthN Scheduler Replication Controller

Container

slide-50
SLIDE 50

Open Container Initiative

why argue about the width of train tracks, when you can worry about laying track and building the best possible engines?

slide-51
SLIDE 51

#kubernetes @tekgrrl

Kubernetes is Open Source

We want your help!

http://kubernetes.io https://github.com/GoogleCloudPlatform/kubernetes irc.freenode.net #google-containers @kubernetesio

slide-52
SLIDE 52

#kubernetes @tekgrrl

Tweet questions to: @tekgrrl

Questions