2017 JFokus - Managing Cloud Native Applications with Kubernetes - End to End

@saturnism @googlecloud @kubernetesio @jfokus Managing Cloud Native Application with Kubernetes
End-to-End

@saturnism @googlecloud @kubernetesio @jfokus Time Topics 09:00 - 10:30 Containers,
Orchestration Scheduling, Kubernetes 10:30 - 11:00 Break. YAY! 11:00 - 12:30 Kubernetes Federation CI/CD

@saturnism @googlecloud @kubernetesio @jfokus Ray Tsang Developer Advocate Google Cloud
Platform @saturnism | +RayTsang

@saturnism @googlecloud @kubernetesio @jfokus Ray Tsang Developer Architect Traveler Photographer
flickr.com/saturnism

@saturnism @googlecloud @kubernetesio @jfokus

@saturnism @googlecloud @kubernetesio @jfokus Cloud Native? != Running in the
Cloud

@saturnism @googlecloud @kubernetesio @jfokus Cloud Native? Innovate fast Iterate fast
Focus on core business differentiators

@saturnism @googlecloud @kubernetesio @jfokus Cloud Native? Infrastructure - elastic, automated
Environment - consistent, agile Application - scalable, resilient, service oriented Deployment - continuous Everything - measurable

@saturnism @googlecloud @kubernetesio @jfokus Cloud Native? Infrastructure - elastic, automated
Environment - consistent, agile Application - scalable, resilient, service oriented Deployment - continuous Everything - measurable DevOps Machines as Cattles Containerization Orchestration Microservices CI/CD Orchestration Trace, Monitoring Metrics

@saturnism @googlecloud @kubernetesio @jfokus Hello World Service - Greet Guestbook
Service - Create Guestbook Service - Retrieve

@saturnism @googlecloud @kubernetesio @jfokus Guestbook UI Hello World Service Redis
session replication greeting MySQL Guestbook Service CRUD

@saturnism @googlecloud @kubernetesio @jfokus Package & Deployment application.ear app.war helloworld-service.jar
guestbook-service.jar apache-xyz.jar application.war /... helloworld-service.jar guestbook-service.jar apache-xyz.jar

@saturnism @googlecloud @kubernetesio @jfokus Machine app.war / app.ear Application Server
Kernel Shell / CLI / Tools

@saturnism @googlecloud @kubernetesio @jfokus Machine app.war / app.ear Application Server
Kernel Shell / CLI / Tools Machine app.war / app.ear Application Server Kernel Shell / CLI / Tools Machine app.war / app.ear Application Server Kernel Shell / CLI / Tools

@saturnism @googlecloud @kubernetesio @jfokus Let’s see write some code

@saturnism @googlecloud @kubernetesio @jfokus Microservices helloworld-service.jar guestbook-service.jar app.jar

@saturnism @googlecloud @kubernetesio @jfokus Deployment? Just run it! java -jar
helloworld-service.jar java -jar guestbook-service.jar java -jar app.jar

@saturnism @googlecloud @kubernetesio @jfokus So many services Deploy, Manage, Bin
Pack, Ports, Discovery, Isolation… How?

@saturnism @googlecloud @kubernetesio @jfokus Challenges Which host machine(s) should each
service run on? Avoid port conflicts? How does the application code find the Guest Book service? How do we keep all of these service running? What happens if a host machine has trouble? Are the services healthy? How do we scale when load changes? Run this in another environment? QA, dev, another cloud, your servers?

@saturnism @googlecloud @kubernetesio @jfokus Containers To the Rescue!

@saturnism @googlecloud @kubernetesio @jfokus Old Way: Shared machines kernel libs
app app app No isolation No namespacing Common libs Highly coupled apps and OS app

@saturnism @googlecloud @kubernetesio @jfokus Old Way: Virtual machines Some isolation
Expensive and inefficient Still highly coupled to the guest OS Hard to manage app libs kernel libs app app kernel app libs libs kernel kernel

@saturnism @googlecloud @kubernetesio @jfokus New Way: Containers libs app kernel
libs app libs app libs app

@saturnism @googlecloud @kubernetesio @jfokus Containerize Option #1 Dockerfile

@saturnism @googlecloud @kubernetesio @jfokus Containerize Option #2 spotify/docker-maven-plugin mvn docker:build
or, spotify/dockerfile-maven-plugin or, fabric8 maven plugin

@saturnism @googlecloud @kubernetesio @jfokus Containerize Option #3 Docker Hub /
GitHub saturnism/spring-boot

@saturnism @googlecloud @kubernetesio @jfokus Static Binary! Runs anywhere

@saturnism @googlecloud @kubernetesio @jfokus More on Containers Container Basics

@saturnism @googlecloud @kubernetesio @jfokus Let’s run the container! docker run
-ti -p 8080:8080 helloworld-service

@saturnism @googlecloud @kubernetesio @jfokus Docker Compose docker-compose up

@saturnism @googlecloud @kubernetesio @jfokus Versioning container image docker tag spring-boot-demo
spring-boot-demo:1.0

@saturnism @googlecloud @kubernetesio @jfokus Versioning container image docker build -t
spring-boot-demo:${BUILDNO}

@saturnism @googlecloud @kubernetesio @jfokus Don’t Log to Container Filesystem! Log
to a volume… docker -v /tmp/log:/log Or Send it elsewhere! STDOUT is captured by Docker / Kubernetes

@saturnism @googlecloud @kubernetesio @jfokus Clean up disk spaces Every image,
layer, and, even containers litters docker rm $(docker ps -a -q) docker rmi $(docker images -q --filter dangling=true)

@saturnism @googlecloud @kubernetesio @jfokus Combine RUN commands apt-get update &&
apt-get install xyz && apt-get clean Saves you space.

@saturnism @googlecloud @kubernetesio @jfokus Consider Slim JARs Base Layer -
java:8 (not frequently updated) Next Layer - Dependency JARs (not frequently updated) Last Layer - Application JAR (frequently updated) Use dockerfile-maven-plugin, copy-dependencies or slimfast

@saturnism @googlecloud @kubernetesio @jfokus Run with --rm docker run -ti
--rm saturnism/spring-boot-helloworld-service:1.0

@saturnism @googlecloud @kubernetesio @jfokus Everything at Google runs in containers
Launch over 2 billion containers per week.

@saturnism @googlecloud @kubernetesio @jfokus Control Plane Apps Software Engineers

@saturnism @googlecloud @kubernetesio @jfokus job hello_world = { runtime =
{ cell = 'ic' } // Cell (cluster) to run in binary = '.../hello_world_webserver' // Program to run args = { port = '%port%' } // Command line parameters requirements = { // Resource requirements ram = 100M disk = 100M cpu = 0.1 } replicas = 5 // Number of tasks } 10000

@saturnism @googlecloud @kubernetesio @jfokus web browsers BorgMaster link shard UI
shard BorgMaster link shard UI shard BorgMaster link shard UI shard BorgMaster link shard UI shard Scheduler borgcfg web browsers scheduler Borglet Borglet Borglet Borglet Config file BorgMaster link shard UI shard persistent store (Paxos) Binary What just happened?

@saturnism @googlecloud @kubernetesio @jfokus Hello world! Hello world! Hello world!
Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Image by Connie Zhou Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world! Hello world!

@saturnism @googlecloud @kubernetesio @jfokus Containers Orchestration

@saturnism @googlecloud #kubernetes #devoxx

@saturnism @googlecloud #kubernetes #devoxx Kubernetes Greek for “Helmsman”; also the
root of the words “governor” and “cybernetic” • Infrastructure for containers • Schedules, runs, and manages containers on virtual and physical machines • Platform for automating deployment, scaling, and operations • Inspired and informed by Google’s experiences and internal systems • 100% Open source, written in Go

@saturnism @googlecloud @kubernetesio @jfokus web browsers Scheduler kubectl web browsers
scheduler Kubelet Kubelet Kubelet Kubelet Config file Kubernetes Master Container Image Developer View What just happened?

@saturnism @googlecloud @kubernetesio @jfokus Developer View spec: containers: - name:
myservice image: myservice resources: limits: memory: "128Mi" cpu: "0.1" ports: - containerPort: 3306 protocol: TCP replicas: 1 10000

@saturnism @googlecloud @kubernetesio @jfokus Cluster of Machines as One

@saturnism @googlecloud @kubernetesio @jfokus Live Demo

@saturnism @googlecloud #kubernetes #devoxx

@saturnism @googlecloud @kubernetesio @jfokus Hello World Service - Greet Guestbook
Service - Create Guestbook Service - Retrieve

@saturnism @googlecloud @kubernetesio @jfokus Guestbook UI Hello World Service Redis
session replication greeting MySQL Guestbook Service CRUD

@saturnism @googlecloud @kubernetesio @jfokus Staging vs. production Use Namespaces -
deploy in the same infrastructure

@saturnism @googlecloud @kubernetesio @jfokus Canary Use service, and replication controllers
to canary new versions

@saturnism @googlecloud @kubernetesio @jfokus Rollback Super simple with versioned containers

@saturnism @googlecloud @kubernetesio @jfokus Persistent Volumes

@saturnism @googlecloud @kubernetesio @jfokus Rolling upgrade Similar to canary, but
slowly let the new version take over

@saturnism @googlecloud @kubernetesio @jfokus Health Checks

@saturnism @googlecloud @kubernetesio @jfokus Configuration Map

@saturnism @googlecloud @kubernetesio @jfokus Secrets

@saturnism @googlecloud @kubernetesio @jfokus Namespace

@saturnism @googlecloud @kubernetesio @jfokus Service discovery Read service IP addresses
via environmental variables

@saturnism @googlecloud @kubernetesio @jfokus Service discovery Kubernetes API or… DNS
Lookups! ping redis

@saturnism @googlecloud @kubernetesio @jfokus Before Stateful Set - Stateless Cattles
Deployment Replicas → 1 Pod frontend Pod - cb-axk3u type = Couchbase version = 1.0 Pod CB-Disk Volume Mount

@saturnism @googlecloud @kubernetesio @jfokus Before Pet Set - Stateless Cattles
Deployment Replicas → 2 Pod frontend Pod - cb-axk3u type = Couchbase version = 1.0 Pod CB-Disk Pod frontend Pod - cb-a94kd type = Couchbase version = 1.0 Volume Mount

@saturnism @googlecloud @kubernetesio @jfokus Stateful Set Stateful Set Replicas →
1 Pod frontend Pod - cb-0 type = Couchbase version = 1.0 cb-0 Volume Mount Automatic Provisioning

2 Pod frontend Pod - cb-0 type = Couchbase version = 1.0 Pod Pod frontend Pod - cb-1 type = Couchbase version = 1.0 cb-0 Volume Mount cb-1 Volume Mount

@saturnism @googlecloud @kubernetesio @jfokus Wait a second, how about the
disks? volumeClaimTemplates: - metadata: name: www annotations: volume.alpha.kubernetes.io/storage-class: anything spec: accessModes: [ "ReadWriteOnce" ] resources: requests: storage: 1Gi

2 Pod frontend Pod - cb-0 type = Couchbase version = 1.0 Pod Pod frontend Pod - cb-1 type = Couchbase version = 1.0 cb-0 Volume Mount Automatic Provisioning cb-1 Volume Mount

@saturnism @googlecloud @kubernetesio @jfokus Next Step? Data Centers as One!

@saturnism @googlecloud @kubernetesio @jfokus UI CLI API Control Plane Servers
Admin containers containers containers containers containers containers containers containers containers containers containers containers containers containers containers Cluster / Data Center / Availability Zone

@saturnism @googlecloud @kubernetesio @jfokus UI CLI API API Kubernetes on
Kubernetes on Kubernetes on Premise Federation

@saturnism @googlecloud @kubernetesio @jfokus Higher Availability Easy Application Migration Avoid
Vendor Lock-in Capacity Overflow Cross-cluster Load Balancer Your users Cluster 1 Cluster 2 Cluster 3 Use Cases

@saturnism @googlecloud @kubernetesio @jfokus Provider 1 Zone A Zone B
Provider 2 Zone C Provider 1 Zone D Challenges

@saturnism @googlecloud @kubernetesio @jfokus Geographically aware DNS gets clients to
the "closest" healthy cluster. Standard Kubernetes service load balancing within each cluster. Can be extended to divert traffic away from "healthy-but-saturated" clusters. Cross-cluster Load Balancing

@saturnism @googlecloud @kubernetesio @jfokus Location affinity Strictly coupled pods/applications •
High bandwidth requirements • Low latency requirements • High fidelity requirements • Cannot easily span clusters Loosely coupled • Opposite of above • Relatively easily distributed across clusters Preferentially coupled • Strongly coupled but can be migrated piecemeal.

@saturnism @googlecloud @kubernetesio @jfokus Location affinity continued... Negative Affinity •
Don't run my replicas in the same failure domain (host/rack/zone) Topology • Same host • Same rack • Same zone • Same metro region • Same sub-continent Absolute affinity

@saturnism @googlecloud @kubernetesio @jfokus What can we federate? As of
Kubernetes 1.5 Namespace Deployment Replica Set Secret ConfigMap Service Ingress

@saturnism @googlecloud @kubernetesio @jfokus Federation Control Plane Cluster 2 us-central1-b
Cluster 1 us-east1-b Cluster 3 europe-west1-b Cluster 4 asia-east1-b API API API API Cluster 2 - us-central1-b Federation API Server Federation Controller Federation Key/value store (etcd) Federation API contexts: - context: cluster: federation-cluster user: federation-cluster

@saturnism @googlecloud @kubernetesio @jfokus Adding a Cluster Kubernetes Cluster (Asia)
Federation Control Plane kubectl --context=federation-cluster create -f clusters/gcp-asia-east1.yaml apiVersion: federation/v1beta1 kind: Cluster metadata: name: gce-asia-east1 spec: serverAddressByClientCIDRs: - clientCIDR: "0.0.0.0/0" serverAddress: "https://..." secretRef: name: gce-asia-east1 API kubeconfig

@saturnism @googlecloud @kubernetesio @jfokus Cluster Federation Kubernetes Cluster 1 (Google
Cloud) Kubernetes Cluster 2 (On-Prem) Kubernetes Cluster 3 (Another Cloud) Federation Control Plane kubectl

Cloud) Kubernetes Cluster 2 (On-Prem) Kubernetes Cluster 3 (Another Cloud) Federation Control Plane kubectl create -f nginx-service.yaml nginx Service nginx Service nginx Service

Cloud) Kubernetes Cluster 2 (On-Prem) Kubernetes Cluster 3 (Another Cloud) Federation Control Plane kubectl create -f nginx-service.yaml nginx Service nginx Service nginx Service DNS

@saturnism @googlecloud @kubernetesio @jfokus Kubernetes Cluster 1 (Google Cloud) Kubernetes
Cluster 2 (On-Prem) Kubernetes Cluster 3 (Another Cloud) svc app Clusters 1 and 3 DNS nslookup app.default.federation.svc.federation.com svc app

@saturnism @googlecloud @kubernetesio @jfokus Ecosystem

@saturnism @googlecloud @kubernetesio @jfokus minikube

@saturnism @googlecloud @kubernetesio @jfokus kompose

@saturnism @googlecloud @kubernetesio @jfokus kubeadm

@saturnism @googlecloud @kubernetesio @jfokus kops

@saturnism @googlecloud @kubernetesio @jfokus helm

@saturnism @googlecloud @kubernetesio @jfokus kubefed

@saturnism @googlecloud @kubernetesio @jfokus Resources Spring Boot: https://github.com/saturnism/spring-boot-docker Federation: https://github.com/saturnism/buttonmasher
Visualizer: https://github.com/saturnism/gcp-live-k8s-visualizer Hands-on Lab: http://bit.ly/k8s-lab Raspberry Pi Cluster: http://bit.ly/k8s-rpi Google Container Engine: https://cloud.google.com/container-engine/

@saturnism @googlecloud @kubernetesio @jfokus Thanks! Images by Connie Zhou http://kubernetes.io
http://bit.ly/1QLg5E1

2017 JFokus - Managing Cloud Native Application...

2017 JFokus - Managing Cloud Native Applications with Kubernetes - End to End

More Decks by Ray Tsang

Other Decks in Technology

Featured

Transcript