Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Zero downtime-java-deployments-with-docker-and-kubernetes

5,374 views

Published on

JavaOne 2015 presentation by Paul Bakker & Arjan Schaaf on deploying java applications without downtime using Docker and Kubernetes

Published in: Software

Zero downtime-java-deployments-with-docker-and-kubernetes

  1. 1. Zero downtime Java deployments with Docker & Kubernetes @pbakker @arjanschaaf
  2. 2. Why care about containers Don’t worry about environment setup Easy to replicate to dev/test/prod More compact than VMs
  3. 3. Why care about Kubernetes Docker is about containers on a single host How to deploy on a cluster? What about failover of nodes? How to network between nodes?
  4. 4. Automated, production ready Kubernetes cluster in steps8
  5. 5. Step Understanding Kubernetes 0 Terminology, and concepts to build upon
  6. 6. Nodes, Pods, Controllers Docker container Docker container Docker container Docker container Pods Node Docker container Docker container Docker container Docker container Pods Node Docker container Docker container Docker container Replication Controller Master schedules schedules
  7. 7. Deployment 101 Push your Docker image Create a new replication controller JSON file kubectl create -f mycontroller.json Replication Controller creates Pods
  8. 8. mycontroller.json "spec":{ "replicas":3, "selector":{ "name":"frontend" }, "template":{ "metadata":{ "labels":{ "name":"frontend" } }, "spec":{ "containers":[ { "name":"php-redis", "image":"kubernetes/example-guestbook-php-redis:v2", "ports":[ { "containerPort":80 } ] } ] } }
  9. 9. Scaling kubectl scale —replicas=10 myreplication-controller
  10. 10. Updating my app Create a new Replication Controller JSON file kubectl create -f my-new-rc.json Scale down and delete old RC
  11. 11. Step Automated deployment (simplistic) 1 This kubectl stuff doesn’t really feel like automation…
  12. 12. The simplest Automated deployment Don’t use kubectl, use the API! Build server creates Replication Controller using REST Build server destroys old cluster using REST
  13. 13. Docker container Docker container Docker container Docker container Node Docker registry Build Server Docker container Docker container Docker container Docker container Node push Create RCDocker container Docker container Docker container Replication Controller Master schedules schedules API
  14. 14. Curl example curl -X POST http://k8-master:8080/api/v1/namespaces/default/replicationcontrollers -d '{ #Pod definition }’
  15. 15. What about downtime? Not quite there yet
  16. 16. Step Load balancing 2 Our containers are running, but how do we access them!?
  17. 17. Pods come and go Pods have dynamic IP addresses First try - Kubernetes Services A service is a proxy to your Pods Fixed IP P O D S E
 R
 V
 I
 C E
  18. 18. Docker container Docker container Docker container Docker container Pods Node Docker container Docker container Docker container Docker container Pods Node MyService HTTP Virtual IP Virtual IP Fixed IP
  19. 19. What about SSL offloading? … better load balancing? … redirects, rewrites, etc? … and that “fixed” IP can’t be reached!? Services - Not quite right
  20. 20. Services are for communication within the k8 network (inter Pod communication) Services - A Hammer and screws…
  21. 21. Docker container Docker container Docker container Docker container Pods Node Docker container Docker container Docker container Docker container Pods Node HAProxy HTTPS Virtual IP Virtual IP Fixed IP Custom load balancer confd etcd HTTP HTTP
  22. 22. Proxy Registrator Kubernetes API confd etcd Proxy Registrator Watch update backend configurations watch changes HAProxy update config file
  23. 23. Choosing a load balancer Vulcand uses etcd for all its config Can use Nginx / HAProxy with templating confd
  24. 24. So you’re telling me… —link doesn’t work!? And now you’re telling me… —I can’t see my Pods!?
  25. 25. Step Software Defined Network 3 Each Pod gets its own IP Access Pods from outside k8 on the flannel network
  26. 26. Docker container Docker container Docker container Docker container Node Docker container Docker container Docker container Docker container Pods Node HAProxy HTTPS Virtual IP Virtual IP Fixed IP Pods HTTP HTTP Kubernetes networkpublic addressable network segment
  27. 27. Docker container Docker container Docker container Docker container Node Docker container Docker container Docker container Docker container Pods Node HAProxy HTTPS Virtual IP Virtual IP Fixed IP Pods HTTP HTTP Flannel networkpublic addressable network segment
  28. 28. Flannel: easy to setup & fast (on CoreOS) Weave: userspace implementation is slow, loads of features Project Calico: promising integration with Kubernetes Docker libnetwork: batteries included but swappable SDN - loads of options
  29. 29. Step Blue / Green deployment 4 Auto deploy is great, but downtime not so much
  30. 30. Step 4 - Blue / Green Scale up new cluster Wait until healthy Switch backend in Load Balancer Dispose old cluster
  31. 31. How do we know a Pod is healthy? Its RUNNING status is not sufficient… Is the app fully started?
  32. 32. Introduce App level health checks Docker container Docker container Docker container Docker container Node Docker container Docker container Docker container Docker container Pods Node Deployer GET /health GET /health Pods Deploy Server
  33. 33. Running a Deployer Blue/Green deployment requires lots of coordination Our build server can’t access the Pods … how do we health check?
  34. 34. Kubernets API etcd Deployer Build Server Start deployment Kubernets API Kubernets API Kubernets APIPods GET /health Create RC Switch Load Balancer Backend
  35. 35. Kubernets API HAProxy etcd Deployer Build Server Start deployment Kubernets API Kubernets API Kubernets APIPods GET /health Create RC Proxy Registrator Watch Create backends Read config confd Watch Switch Load Balancer Backend
  36. 36. Deployment descriptor { "useHealthCheck": true, "newVersion": "${bamboo.deploy.version}", "appName": "todo", "replicas": 2, "frontend": "rti-todo.amdatu.com", “podspec": { …. } }
  37. 37. "podspec": { "containers": [{ "image": “amdatu/mycontainer", "name": "todo", "ports": [{ "containerPort": 8080 }], "env": [ { "name": "version", "value": "${bamboo.deploy.version}" } ]}] }
  38. 38. Deployment demo Demo
  39. 39. Step Canary deployment 5
  40. 40. Canary deployments Different strategy for the Deployer Add Replication Controller But don’t change the running cluster
  41. 41. K8 NodeK8 NodeK8 NodeK8 NodeProd pod Canary Main Replication Controller K8 NodeK8 NodeK8 NodeK8 NodeCanary pod Canary Replication Controller HAProxy
  42. 42. Step Persistent data 6 How to deploy Mongo/MySQL/ElasticSearch in Kubernetes?
  43. 43. You don’t
  44. 44. Kubernetes is great for… Stateless containers Running lots of containers together Moving containers around
  45. 45. Datastores scaling mechanics Reactive scaling makes less sense Cluster should be tuned Scaling is expensive
  46. 46. Infra server(s) K8 Master K8 NodeK8 NodeK8 NodeK8 NodeK8 NodeHAProxy Deployer Mongo Cluster ElasticSearch Cluster … Cluster Cluster topology
  47. 47. Step Logging 7 kubectl logs mypod?
  48. 48. Logging Centralised application logging is key in a dynamic environment Assume you can’t access a pod ElasticSearch / LogStash / Kibana or Graylog are very useful for this
  49. 49. Logging Docker container Docker container Docker container Docker container Docker container Docker container Docker container Docker container LogStash ElasticSearch Graylog
  50. 50. Logging example OSGi app OSGi LogService SLF4J Kafka Graylog Graylog Dashboard Developer
  51. 51. Step Configuration 8 Passing config to containers
  52. 52. Use environment variables dbName=todo-app host=${mongo} myconfig.cfg "podspec": { "env": [ { "name": "mongo", "value": "10.100.2.4" }, Deployment descriptor Approach 1
  53. 53. Use etcd etcd=[etcdnode]:2379 myconfig.cfg /apps/config/demo-app etcd Approach 2 [ { "name": "mongo", "value": "10.100.2.4" } ]
  54. 54. What to learn from all this? Docker and Kubernetes are awesome They are building blocks, not solutions Use the API!
  55. 55. And if you don’t want to do all this yourself…. Fully managed Kubernetes based clusters Logging and Monitoring Automated deployments
  56. 56. Thank you! Blog: http://paulbakker.io | https://arjanschaaf.github.io Twitter: @pbakker | @arjanschaaf Mail: paul.bakker@luminis.eu | arjan.schaaf@luminis.eu

×