Minimum Viable Kubernetes

Minimum Viable Kubernetes Noah Kantrowitz - coderanger.net - March 10,
2023 SCaLE Kubernetes Community Day 2023 1

NOAH KANTROWITZ » He/him » coderanger.net | cloudisland.nz/@coderanger » Kubernetes
(ContribEx) and Python (webmaster@) » SRE/Platform for Geomagical Labs, part of IKEA » We do CV/AR for the home SCaLE Kubernetes Community Day 2023 2

WHAT IS KUBERNETES? “An open-source system for automating deployment, scaling,
and management of containerized applications.” SCaLE Kubernetes Community Day 2023 3

YES BUT ACTUALLY NO SCaLE Kubernetes Community Day 2023 4

KUBERNETES AS AN API » POSIX - 1988 - Unix-like
OS functions » CFEngine - 1993 - Desired state configuration » Puppet/Chef/Salt/Ansible - 2005-2012 - More! » Terraform - 2014 - Same but for infra » Kubernetes - 2014 - All of the above SCaLE Kubernetes Community Day 2023 5

GET /apis/v1/namespaces/default/pods SCaLE Kubernetes Community Day 2023 6

MODULARITY » Tool A cares about load balancers » Tool
B also cares about load balancers » A and B don't have to know about each other SCaLE Kubernetes Community Day 2023 7

SHOULD I USE IT? SCaLE Kubernetes Community Day 2023 8

SHOULD I USE IT? “Only for big and/or complex systems
with lots of microservices and lots of developers and [insert more marketing buzzwords here].” SCaLE Kubernetes Community Day 2023 9

SHOULD I USE IT? “Only for big and/or complex systems
with lots of microservices and lots of developers and [insert more marketing buzzwords here].” Yes! (Probably!) SCaLE Kubernetes Community Day 2023 10

WHY NOT ...? » Docker? Not convergent itself SCaLE Kubernetes
Community Day 2023 11

WHY NOT ...? » Docker? Not convergent itself » Docker
Compose? Tricky for remote use, not extensible SCaLE Kubernetes Community Day 2023 12

Compose? Tricky for remote use, not extensible » Ansible/Terraform? Intermittent convergence SCaLE Kubernetes Community Day 2023 13

Compose? Tricky for remote use, not extensible » Ansible/Terraform? Intermittent convergence » ECS/Fargate/Cloud Run? Expensive, vendor lock-in SCaLE Kubernetes Community Day 2023 14

Compose? Tricky for remote use, not extensible » Ansible/Terraform? Intermittent convergence » ECS/Fargate/Cloud Run? Expensive, vendor lock-in » Lambda/FaaS? More lock-in and limited architecture SCaLE Kubernetes Community Day 2023 15

REALLY? » Room to grow is important » Prototypes are
forever, we all know this » PaaS and FaaS platforms are high-quality but limited SCaLE Kubernetes Community Day 2023 16

DRAMATIS PERSONA » Small team, definitely single pizza » New
monolith web app or 2-3 services » MVP or a small standalone product » No ops team, probably just one "full stack" team » Cost sensitive but not shoestring SCaLE Kubernetes Community Day 2023 17

WHY SHOULD I? » Start small but grow with your
project » Huge ecosystem of tools » Modular design means you swap components later » High-level APIs let you code only what you care about » Avoid the future lift-and-shift SCaLE Kubernetes Community Day 2023 18

BUT HOW CAN I? “Isn't Kubernetes really hard?” SCaLE Kubernetes
Community Day 2023 19

BUT HOW CAN I? “Isn't Kubernetes really hard?” It doesn't
have to be! SCaLE Kubernetes Community Day 2023 20

TL;DW USE K3S » Friendly fork of Kubernetes, mini all-in-one
installer » Curlbash for systemd or k3d for existing Docker » Defaults to SQLite for easy single-node » But supports Postgres and MySQL too » That VPS server you were going to use? Install k3s first SCaLE Kubernetes Community Day 2023 21

HOSTED OPTIONS? SCaLE Kubernetes Community Day 2023 22

90% IS IGNORABLE » You need Deployments, Pods » And
Services, Ingresses » No really, that's it SCaLE Kubernetes Community Day 2023 23

HOW TO GET STARTED » Do it however you would
without Kubernetes » But on Kubernetes » Does the thing have Docker install instructions? Done » Is there a community Docker Hub image? Use it » Find a guide with apt-get install something? Copy that into a Dockerfile and roll with it SCaLE Kubernetes Community Day 2023 24

ASIDE: DOING THINGS POORLY IT'S OKAY! SCaLE Kubernetes Community Day
2023 25

THE TRIFECTA » Workloads - running stuff » Networking -
connecting stuff » Storage - keeping stuff SCaLE Kubernetes Community Day 2023 26

WORKLOADS » Running stuff on your servers! » Pod ==
a running container somewhere » Yes Pods have a million more options but simple for now » Deployments == run N copies of a Pod » N is frequently 1, that's okay SCaLE Kubernetes Community Day 2023 27

WORKLOADS » StatefulSets? DaemonSets? Jobs? Later! » CronJobs? Maybe, if
you need them » apt-get install cron works too! SCaLE Kubernetes Community Day 2023 28

KUBECTL RUN » YAML Engineering? » kubectl run redis --image=redis
» --port 1234 - expose a port » --env "FOO=bar" - set environment variables » --replicas 5 - run multiple copies SCaLE Kubernetes Community Day 2023 29

MINIMUM VIABLE MANIFESTS apiVersion: apps/v1 kind: Deployment metadata: name: myapp
SCaLE Kubernetes Community Day 2023 30

MINIMUM VIABLE MANIFESTS spec: selector: matchLabels: app: myapp template: metadata:
labels: app: myapp SCaLE Kubernetes Community Day 2023 31

MINIMUM VIABLE MANIFESTS apiVersion: apps/v1 kind: Deployment metadata: name: myapp
spec: selector: matchLabels: app: myapp template: metadata: labels: app: myapp spec: containers: - name: myapp image: mycompany/myapp:v1.2.3 SCaLE Kubernetes Community Day 2023 32

MINIMUM +1 containers: - name: myapp image: mycompany/myapp:v1.2.3 command: ["python",
"main.py"] env: - name: PASSWORD value: secret SCaLE Kubernetes Community Day 2023 33

NETWORKS! » Inside vs Outside » Inside -> Inside -
easy, flat network, just need DNS » Inside -> Outside - outgoing traffic, default allow » Outside -> Inside - the spicy one SCaLE Kubernetes Community Day 2023 34

INTERNAL NETWORK » Flat network, don't ask how » Do
you care what a CNI is? NOPE! » Everything is open but dynamic IPs » Need DNS to help things find each other SCaLE Kubernetes Community Day 2023 35

SERVICES apiVersion: v1 kind: Service metadata: name: myapp spec: selector:
app: myapp ports: - port: 8000 SCaLE Kubernetes Community Day 2023 36

POKING HOLES » Ingress - HTTP(S), you already have it
» Load Balancer - any TCP/UDP port, cloud vs. on-prem » Node Port - works anywhere, weird, avoid SCaLE Kubernetes Community Day 2023 37

INGRESS apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: myapp spec: rules:
- host: example.com http: paths: - path: / pathType: Preﬁx backend: service: name: myapp port: number: 8000 SCaLE Kubernetes Community Day 2023 38

GETTING THE IP $ kubectl describe ingress myapp Name: myapp
Address: 40.155.110.208 ... SCaLE Kubernetes Community Day 2023 39

SERVICE MESH? SCaLE Kubernetes Community Day 2023 40

DATA DATA EVERYWHERE BUT NOT A DROP TO DRINK SCaLE
Kubernetes Community Day 2023 41

STORAGE OPTIONS » Don't - hosted databases, object storage »
Host files - store things in a folder, like we used to » Cloud volumes - what the vendor wants you to use SCaLE Kubernetes Community Day 2023 42

HOST PATH containers: - name: postgres image: postgres volumeMounts: -
path: /var/lib/postgresql/data name: data volumes: - name: data hostPath: path: /pgdata SCaLE Kubernetes Community Day 2023 43

MORE SERVERS, MORE PROBLEMS containers: - name: postgres image: postgres
nodeName: mynode1 $ kubectl get nodes SCaLE Kubernetes Community Day 2023 44

PERSISTENT VOLUMES apiVersion: v1 kind: PersistentVolumeClaim metadata: name: myapp-storage spec:
accessModes: - ReadWriteOnce storageClassName: local-path resources: requests: storage: 50Gi SCaLE Kubernetes Community Day 2023 45

USING A CLAIM containers: - name: postgres image: postgres volumeMounts:
- path: /var/lib/postgresql/data name: data volumes: - name: data persistentVolumeClaim: claimName: myapp-storage SCaLE Kubernetes Community Day 2023 46

CLOUD VOLUMES » CSI - container storage interface » There's
a lot of cloud and storage vendors » Take the problem and push it somewhere else » Vendors can own their plugin » Cloud controllers? SCaLE Kubernetes Community Day 2023 47

NON-CLOUD CLOUD » Longhorn » Rook? (Ceph) » OpenEBS? »
Lots more SCaLE Kubernetes Community Day 2023 48

KUBECTL ROUND 2: FIGHT » kubectl apply - the important
one » kubectl get <type> - list things » kubectl describe <type> - show details » kubectl delete <type> - what it sounds like SCaLE Kubernetes Community Day 2023 49

kubectl apply -f SCaLE Kubernetes Community Day 2023 50

KUBECTL <VERB> <TYPE> [<NAME>] » kubectl get pods - list
all pods » kubectl get service myapp - list a single service » kubectl describe service myapp - details on one » kubectl delete pod myapp-5d5d5fc579-6kl82 » kubectl delete -f myapp.yaml SCaLE Kubernetes Community Day 2023 51

WHAT I'VE LEFT OUT A lot! SCaLE Kubernetes Community Day
2023 52

THE USUAL SUSPECTS » Multi-server availability (Pod anti-affinities) » Secrets
management (Secrets, sealed-secrets) » Access control (RBAC) » Monitoring and alertings (Prometheus and Grafana) SCaLE Kubernetes Community Day 2023 53

WHAT ABOUT THE FANCY FEATURES? SCaLE Kubernetes Community Day 2023
54

START SMALL GROW AS NEEDED SWAP COMPONENTS NEVER STOP LEARNING
SCaLE Kubernetes Community Day 2023 55

I'M HIRING - ML OPS MORE INFO AT GEOMAGICAL.COM SCaLE
Kubernetes Community Day 2023 56

THANK YOU QUESTIONS? SCaLE Kubernetes Community Day 2023 57

» Intro » What is Kubernetes » Is it all
just hype? No » Systems as APIs » POSIX » Salt/Ansible/Chef/Puppet » Kubernetes SCaLE Kubernetes Community Day 2023 58

Minimum Viable Kubernetes

Minimum Viable Kubernetes

More Decks by Noah Kantrowitz

Other Decks in Technology

Featured

Transcript