4. Linux Kernel 4.2
Linux “Container” Host
Linux Kernel 4.2
Management & User-space Tools
(Libraries, Additional Software, & Docs)
Configuration | Application SW
App
Process 1
App
Process 2
App
Process n
Container 1
Standard Linux Host
Docker
Engine
Photon OS
Tools,
Libs, SW
Container image built w/Dockerfile
Container n
Tools,
Libs, SW
#docker run containerimage
Why Use Containers?
4
5. Challenges with Containers
5
CONTAINERS IN
DEVELOPMENT
CONTAINERS IN
PRODUCTION
THE
“LEARNING
CLIFF”
Load Balancing
Security
High Availability
Application Updates
Scaling up/down
Repeatable Deployments
Replication
Scheduling
Containers
Containers
6. Movement from Monolithic to Microservice Architecture
6
Developer pushes to git repository
GitHub Webhook
Triggers Jenkins
Jenkins copies GitHub Repo
• Dockerfile
• App code
• Test code
Jenkins has Docker build
an image based on the
Dockerfile
Jenkins Deploys the container
with the application code
and desired tests are executed
8. What is Kubernetes (K8s)
8
• Kubernetes, is an open-source platform for managing, automating deployment, scaling, and
operating containerized applications across a cluster of worker nodes.
Capabilities:
• Deploy your applications quickly and
predictably
• Scale your applications on the fly
• Seamlessly roll out new features
• Optimize use of your hardware by using only
the resources you need
Role:
• K8s sits in the Container as a Service (CaaS)
or Container orchestration layer
9. K8s introduces a lot new concepts
9
• 10,000 ft. View
K8s Cluster 1
Worker node 1
Worker node 2
Worker node 3
MastervCenter
Pod 1 Pod 2
Pod 3 Pod 4
Pod 5 Pod 6
ESXi 1
ESXi 2
ESXi 3
VM 1 VM 2
VM 3 VM 4
VM 5 VM 6
• Cluster
• Master
• Workers (nodes)
• Pods
• Cluster
• vCenter
• ESXi (Hosts)
• VMs
11. K8s Cluster
• Consists of a master and a group of
worker nodes
• Namespaces
– Mechanism to partition resources into
logically named groups
11
K8s Cluster 1
Worker node 1
Worker node 2
Worker node 3
Master
12. K8s Master
• API Server
• Scheduler
• Dashboard (UI)
• Controller Manager
– Replication Controller
12
K8s Cluster 1
Worker node 1
Worker node 3
Master Worker node 2
Master
Dashboard (UI)
API Server
Scheduler
Controller
Manager
13. K8s Worker Node
• Kubelet
– Is an agent on the Nodes is watching
for ‘PodSpecs’ to determine what it is
supposed to run
• Kube-Proxy
– Is a daemon watching the K8s
‘services’ on the API Server and
implements east/west load-balancing
on the nodes using NAT in IPTables
• Container Runtime
– Docker
– Rkt
13
K8s Cluster 1
Worker node 1
Worker node 2
Worker node 3
Master
Worker node 1
Kubelet Kube-Proxy
Container
Runtime
14. K8s etcd
• Used as the distributed key-value store of Kubernetes
• Stores configuration data that can be used by each of
the nodes in the cluster
• Can be distributed across multiple nodes
• Used for service discovery
• Represents the state of the cluster that each
component can reference to configure or reconfigure
themselves
14
Key-Value
Store
16. Pods
• A pod (as in a pod of whales or pea pod) is a
group of one or more containers
• Containers within a pod share an IP address
and port space, and can find each other via
localhost
• Containers in a Pod also share the same data
volumes
• Pods are considered to be ephemeral
16
Pod 1
Container 1
Tools,
Libs, SW
Container 2
Tools,
Libs, SW
Pod 2
Container 1
Tools,
Libs, SW
Container 2
Tools,
Libs, SW
17. Labels
• A Label is a key/value pair attached to
Pods and convey user-defined
attributes.
• You can then use label selectors to
select Pods with particular Labels and
apply Services or Replication
Controllers to them.
• Labels can be attached to objects at
creation time and subsequently added
and modified at any time
17
Pod 1
Container 1
Tools,
Libs, SW
Container 2
Tools,
Libs, SW
Pod 2
Container 1
Tools,
Libs, SW
Container 2
Tools,
Libs, SW
Labels:
tier=frontend,
app=myapp
Labels:
tier=backend,
app=myapp
18. Persistent Volume Claim
Pool of Persistent Volumes
VSAN VMFS NFS
Cloud
Admin
Developer
• Provisioning
• Registers PVs in a
Pool
• Reclamation
• Request Volume Claim
• Releasing Volume
Claim
Developer Owned
Kubernetes Cluster
AdministratorOwned
Worker
Claim Pod
18
19. Services
• Services Types
– ClusterIP
– NodePort
– Loadbalancer
• Service Discovery
– DNS
– Environmental variables
19
Worker Node
Service
Pod 1 Pod 2 Pod N
Node IP:
192.168.10.10
IP: 10.2.3.14
DNS: service1.cluster.local
Port: 9443
NodePort: 31233
Protocol: TCP
Port: 9443
21. StatefulSet
• The way of launching ordered replica’s of
Pods.
• Enables running pods in “clustered mode”
– Master/Slave applications
• Valuable for applications that require:
– Stable and unique network identifiers
– Stable persistent storage
– Ordered deployment and scaling
• Headless service required
• Examples
– Zookeeper, Cassandra, etcd, MySQL, etc
21
Pod 1 Pod 2 Pod 3
Pod 1 Pod 2 Pod 3
Creates Pods in sequence
Deletes Pods in reverse sequence
22. K8s Cluster 1
DaemonSet1.yaml
DaemonSet
• Runs a copy of a Pod on every
node in the cluster
• Newly created nodes automatically
get the DaemonSet Pod(s)
• When a node is removed a
DaemonSet doesn’t get
rescheduled
22
Worker1
Pod1
Worker2
Pod2
Worker3
Pod3
MasterAPI
K
K
K
Application-centric management
Raises the lvel of abstraction from running an OS
Continuous development, integration, and deployment
Loosely coupled, distributed, elastic, micro-services
Cloud and OS portability
Efficient resource utilization
No patching
No Upgrades
Immutable infrastructure
The first being everything in IT has an abbreviation or acronym k8s
The first being everything in IT has an abbreviation or acronym k8s
If Pods are ephemeral and their IP address might change if they get restarted how can I reliability reference my backend container from a frontend container?
Pods are ephemeral and will be removed/rescheduled continuously.
Abstraction layer above sets of objects so that you don’t have to trace specific objects as they restart
Provides single endpoint for the underlying set of objects (Pod Replicas)
A logical, internal load balancer for a set of related pods (an application)
A single IP address and DNS name to refer to the set of pods