Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Kubernetes the easy way: Orchestration concepts

Josh Wood
September 28, 2017

Kubernetes the easy way: Orchestration concepts

SFB DevOps Masters, San Francisco, CA: https://www.meetup.com/SFB-DevOps-Masters/events/243022706/

Josh Wood

September 28, 2017
Tweet

More Decks by Josh Wood

Other Decks in Technology

Transcript

  1. We’re hiring in all departments! Email: [email protected] Positions: coreos.com/ careers

    90+ Projects on GitHub, 1,000+ Contributors OPEN SOURCE CoreOS.com - @coreoslinux - github/coreos Secure solutions, support plans, training + more ENTERPRISE [email protected] - tectonic.com - quay.io CoreOS runs the world’s containers
  2. • Kubernetes is at the heart of Tectonic • CoreOS

    is a leading contributor to the Kubernetes project • Tectonic adds auto-updates, integration with auth systems like LDAP, SAML, and other enterprise checkboxes Tectonic makes Kubernetes ready for business Kubernetes: a unifying API
  3. By making installation uniform across on-premises bare metal and major

    cloud providers, Tectonic makes hybrid cloud strategies accessible By making the interface to run applications on infrastructure providers uniform, Kubernetes lets teams leverage skills and build artifacts on multiple targets Kubernetes: a unifying API
  4. Where applications run should be an economic decision instead of

    a lock-in by technical limitations or dependencies Kubernetes: a unifying API
  5. Borg and Omega: internal Google orchestrators Billions of containers, for

    more than a decade Kubernetes: Open source project encompassing that experience plus CoreOS, RedHat, AWS, Azure and others through the CNCF, a curator of the best OSS tools and standards History
  6. Schedule workloads - manage microservice proliferation Automate deployment and lifecycle:

    Replication, Automation Keep a service running through software and node failure Rolling application updates Declared desired state => cluster state Kubernetes: Key concepts
  7. • Implements core control loops • Regulates the state of

    the system • Watches the shared state of the cluster through the apiserver and makes changes attempting to move the current state towards the declared desired state • Provides the cluster API - what kubectl talks to Kubernetes Control Plane
  8. • Primary node agent on each cluster member • Kubelet

    takes a set of Pod specs provided through various mechanisms* and ensures that the containers described in those specs are running and healthy Kubernetes Worker Plane: kubelet
  9. Kubernetes abstractions - Pod Pod • A pod is a

    group of one or more containers • Co-located and co-scheduled, execute in a shared context • Containers within a pod share a network namespace (IP address and port space), and can find each other via localhost • Can communicate with each other using standard IPC (like SystemV semaphores or POSIX shared memory), Volumes or Persistent Volumes
  10. Deployments: Automating replication A Deployment simply apiVersion: extensions/v1beta1 kind: Deployment

    metadata: name: my-nginx spec: replicas: 6 template: metadata: labels: run: my-nginx spec: containers: - name: my-nginx image: nginx ports: - containerPort: 80 $ kubectl create -f ./nginx.yaml deployment "my-nginx" created The number of replicas specified in Deployment 15
  11. By default, Services have IP address only routable within the

    cluster Ingress is a collection of rules that allow inbound connections to reach cluster services Type=LoadBalancer Automatic on AWS, Azure, other cloud providers Ingress: Exposing services
  12. Ingress, like the Service underlying it, selects destination of route

    based on rules and labels, e.g., app=nginx An Ingress Controller is responsible for routing this traffic by configuring an LB, edge router, or other frontend (ex: nginx Ingress controller in Tectonic) Ingress: Decoupling service endpoints
  13. $ kubectl run nginx --image=nginx --replicas=3 --expose --port=80 --type=LoadBalancer $

    kubectl get deployments … $ kubectl create -f application.yaml Kubectl once, kubectl anywhere
  14. • Realizes Kubernetes as a hybrid enabler by unifying cluster

    install method across providers: AWS, Azure, bare metal, and others • Adds graphical management Console, leverages Kubernetes to make app management identical on any provider • Monitoring/alerting, Authentication integration make it deployable, supportable for business Tectonic: Enterprise Kubernetes
  15. 34 Features • Horizontal Scaling • Self-healing • Service Discovery

    & Load Balancing • Secrets and configuration management • Automated application rollouts and rollback • Automatic binpacking • Storage orchestration • Batch execution • Automated updates of Kubernetes • Automated updates of Container Linux • Management Console • Dex integration • AWS installer • Bare Metal Installer • Secure setup • More • More • more Kubernetes Tectonic Auto Scaling x x Self Healing x x Service Disco & Load Balancing x x Secrets & Config Management x x Automated app rollouts & rollback x x Security - RBAC x x Storage orchestration x x Networking x x Multi-platform, full stack installer x Management Console x No downtime, automated updates: Kubernetes & Container Linux x High Availability (Self Hosted, etc) x Security - Dex/LDAP Integration x Monitoring - Prometheus preconfigured x How is different than Kubernetes? Tectonic is an enterprise distribution of Kubernetes Tectonic delivers pure upstream Kubernetes along with key features that make it “supportable”
  16. Thank you! Josh Wood @joshixisjosh9 | [email protected] | coreos.com We’re

    hiring in all departments! Email: [email protected] Positions: coreos.com/ careers