Scribd
Upload
8 views

Roach Intro Kubernetes

Uploaded by

Wr R
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
8 views

Roach Intro Kubernetes

Uploaded by

Wr R
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 38

Kuber-what?!

Learn about
Kubernetes

Ashley Roach, Principal Engineer Evangelist


[email protected]
@aroach
Agenda
• Objectives
• A brief primer on containers
• The problems with running containers at scale
• Orchestration systems
• Kubernetes background
• Pods, Deployments, Services, Ingress
• Cisco tie-ins

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
What are containers?

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Virtual Machine vs. Container

App 1 App 2

App 1 App 2
Bins/Libs Bins/Libs

Bins/Libs Bins/Libs
Guest OS Guest OS
Docker Engine

Hypervisor / Host OS Host OS

Server Server

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
“Container”
Technical: Changing how we deploy code into reality.

app1
Manual
RPM
DEB
app2 app1 app2
Puppet
app3 app3 app3 app1 app1 app 2 app2

/usr /etc /bin /usr /etc /bin


/usr /etc /bin
Baked
container Container 1 / Container 2 /
images.

Server One.
/
Server One.

app1 app1 app 2 app2

/usr /etc /bin /usr /etc /bin

Manual
RPM
DEB
/ /
Puppet
(Treat as servers) VM one VM two
OR Bake Images
(AMI / Packer) Hypervisor
Server One.

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Goes away on restart

FROM ubuntu:15.04
COPY . /app
RUN make /app
CMD python /app/app.py

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Why use an orchestrator

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Application Anatomy
Login Service Photo Upload

Web Server

Like Service Comment Service

Application Server

Profile Service Logging Service

Database

Photo Processing Friend Requests

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Pets vs Cattle

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Redesign Image Sharing App
Web front End iOS App Android App

API Service

Team 1 Team 2 Team n

Microservice 1 Microservice 2 … Microservice


n

DB1 DB2 … DBn

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Advantages of Microservices

• Autonomous
• Microservice can be upgraded independent of other systems
• Microservice can iterate as quickly as it needs

• Polyglot application stacks (Technology Heterogenity)


• Other microservices are black boxes to other services
• Service can be used by other projects in the organization

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Using docker CLI is all well and good as a developer..
But you’re probably not going to manage production like this…

Container Container Container


Docker Engine Docker Engine Docker Engine
Linux Kernel Linux Kernel Linux Kernel
Host / VM 1 Host / VM 2 Host / VM 3
$ssh host1
host1# docker run container
$ssh host2
host2# docker run container
$ssh host3
host3# docker run container

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Container orchestration is a must.
Once you’ve built your containers and pushed them. Container Orchestrators manage running
containers across a pool of resources for you

Load Balancing

Container Container Container


Health Checks Log Aggregation / Access
Kubernetes Developer API

$kubectl scale deployment <name> --replicas=3

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
What are other orchestrators?
• Docker Swarm / EE
• Apache Marathon
• Rancher (seem to be moving towards k8s)

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
What is kubernetes?

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Borg

• GIFE
• 2015 paper from Google:
https://research.google.com/pubs/pub43438.html
• Engineers who worked on Borg now work on Kubernetes:
http://blog.kubernetes.io/2015/04/borg-predecessor-to-
kubernetes.html
• Lessons Learned:
• Multi-Job services could not be managed as a single entity
• One IP address per Machine

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
What is Kubernetes?
• Container Orchestration
• Keeping your containers up, scaling them, routing traffic to them
• Kubernetes != Docker though K8S uses Docker (or CoreOS rkt)

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Installation options
• MiniKube (local workstation)
• Installers (on-prem, hybrid, custom)
• Kops (part of core kubernetes.io github)
• Kubespray (Ansible + Terraform)
• Etc, etc…

• Cloud
• Google Container Engine (GKE J)
• Azure Container Service
• Amazon EKS
• Etc…

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Sidebar: K8S the hard way
• Step-by-step tutorial of how to assemble a kubernetes cluster

• https://github.com/kelseyhightower/kubernetes-the-hard-way

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Source: http://x-team.com/2016/07/introduction-kubernetes-architecture/
Deploying Containers
• Kubectl & ~/.kube/config
• Minikube CLI
• The Real Way™: CI system

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Simple Architecture

Kubernetes Registry

CI/CD

Persistence

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Kubernetes Components

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Kubernetes main Features

Pods Deployments Services Ingress

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Pods

• Group of one or more containers, shared storage, and options for


how to run the containers
• Share IP address and port space
• Atomic unit of management

Source: http://kubernetes.io/docs/user-guide/pods/

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Deployments

• Rolling upgrades
• Declare intent: How many replicas should be running of a given
pod?
• Namespace
• Labels
• Ports that should be exposed

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Services

• Abstraction for the mortality of Pods


• Provide single stable name and address for a set of pods inside the
cluster (aka service discovery).

Source: http://kubernetes.io/docs/user-guide/services/

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Ingress

• Abstraction for services


• An Ingress is a set of rules for directing inbound traffic to a service.
• An Ingress Controller is a service that listens for the creation of new
services and does reverse proxy (nginx, traefik, f5 loadbalancer)

See: http://kubernetes.io/docs/user-guide/ingress/

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
K8S templates: deployment
# k8s/dev/api-deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: rest-api-swagger
spec:
replicas: 2
template:
metadata:
labels:
app: rest-api-swagger
spec:
containers:
- name: rest-api-swagger
image: ciscodevnet/rest-api-swagger:latest
ports:
- containerPort: 10010

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
K8S templates: service
# k8s/services/api-service-lb.yaml
kind: Service
apiVersion: v1
metadata:
name: rest-api-swagger
spec:
type: LoadBalancer # or NodePort, etc.
ports:
- name: http
port: 8080
targetPort: 10010
protocol: TCP
selector:
app: rest-api-swagger

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Manual kubectl deployment

$ kubectl apply -f k8s/dev/api-deployment.yaml


$ kubectl apply -f k8s/services/api-service-lb.yaml
$ kubectl describe deployment
$ kubectl describe service rest-api-swagger
$ kubectl delete -f k8s/dev/api-deployment.yaml
$ kubectl delete -f k8s/services/api-service-lb.yaml

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Drone CI kubectl deployment
deploy:
k8s:
image: containers.ex.com/devnet/drone-kubectl
apiserver: https://your-gke-api-endpoint #kubectl cluster-info
token: $$K8S_TOKEN
commands:
- 'kubectl apply -f k8s/services/*.yaml’
- 'kubectl apply -f k8s/dev/*.yaml --record’
- 'kubectl describe service ${SERVICE_NAME}’
when:
branch: master

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco tie-ins
• Google-Cisco Partnership
• Soon to be released Cisco Container Platform allows simple management of
multiple kubernetes clusters aimed at enterprise hybrid cloud.
• On-premises, Cisco’s hyper-converged platform, Cisco HyperFlex, will
provide a cloud-ready solution for Kubernetes and containers, and
management tools to enforce security and consumption policies.
• Developers will be able to create new applications in the cloud or on-
premises consistently using the same tools, runtime and production
environment.
• And more…

• Contiv
• Container Networking Interface plugin
• Ties into ACI for policy-based controls

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Connect with me
Ashley Roach
[email protected]
• @aroach
• http://github.com/aroach
• http://linkedin.com/in/ashleyroach
Cisco DEVNET
• @CiscoDevNet
• http://github.com/CiscoDevNet

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public

You might also like