Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Best Practices to Spring to Kubernetes Easier and Faster

452 views

Published on

SpringOne Platform 2019
Title: Best Practices to Spring to Kubernetes Easier and Faster
Speaker: Ray Tsang, Developer Advocate, Google
Youtube: https://youtu.be/YTPUNesUIbI

Published in: Software
  • Be the first to comment

Best Practices to Spring to Kubernetes Easier and Faster

  1. 1. Kubernetes Faster and Easier
  2. 2. 2@saturnism @gcpcloud Ray Tsang Developer Advocate Google Cloud Platform Java Champion Spring Cloud GCP spring.io/projects/spring-cloud-gcp gcplab.me/spring @saturnism | saturnism.me
  3. 3. 3@saturnism @gcpcloud Ray Tsang Traveler Photographer flickr.com/saturnism
  4. 4. 4@saturnism @gcpcloud https://www.youtube.com/watch?v=Bcs-inRnLDc
  5. 5. 5@saturnism @gcpcloud 5 Your App
  6. 6. 6@saturnism @gcpcloud Don't start with Kubernetes
  7. 7. 7@saturnism @gcpcloud It all starts with your application Twelve-Factor App 12factor.net
  8. 8. 8@saturnism @gcpcloud Test, Test, Test Local Mock, Wiremock, Contract TestContainers
  9. 9. 9@saturnism @gcpcloud 9 Containers
  10. 10. 10@saturnism @gcpcloud Power → Responsibility Runtime Environments may be Your Responsibility Now!
  11. 11. 11@saturnism @gcpcloud Choose a JDK Container Aware OpenJDK 8u192 or above
  12. 12. 12@saturnism @gcpcloud OOMKilled Cloud Foundry Buildpack Memory Calculator https://github.com/cloudfoundry/java-buildpack-memory-calculator
  13. 13. 13@saturnism @gcpcloud Native Memory Tracking -XX:NativeMemoryTracking=summary -XX:+PrintNMTStatistics (Doesn't work when set via JAVA_TOOL_OPTIONS - must be part of the argument)
  14. 14. 14@saturnism @gcpcloud Container Best Practices saturnism.me/talk/docker-tips-and-tricks/ What's in that image? Don't run as root Multi-stage build Create small image Fat JAR to Thin JAR Layering Build cache Pin versions Reduce layer size ...
  15. 15. 15@saturnism @gcpcloud Just Jib It
  16. 16. 16@saturnism @gcpcloud Don't write to container filesystem! Those logs!
  17. 17. 17@saturnism @gcpcloud Configuration via external sources Environmental variable Command line arguments
  18. 18. 18@saturnism @gcpcloud 18 Finally, Kubernetes!
  19. 19. 19@saturnism @gcpcloud Local Kubernetes Linux - consider k3s, k3d, kind, … Mac - Docker for Desktop, Minikube
  20. 20. 20@saturnism @gcpcloud Keep Base Deployment Simple kubectl create deployment myservice --image=... --dry-run -oyaml > k8s/deployment.yaml kubectl create svc clusterip myservice --tcp=8080:8080 --dry-run -oyaml/service.yaml
  21. 21. 21@saturnism @gcpcloud Continuous Development skaffold
  22. 22. 22@saturnism @gcpcloud Resource Limits If you don't' set it, your app may use all the memory... Set it at namespace level, or for individual deployments
  23. 23. 23@saturnism @gcpcloud Environments Kustomize
  24. 24. 24@saturnism @gcpcloud Liveness Probe Readiness Probe Signals Lifecycle Hooks
  25. 25. 25@saturnism @gcpcloud Liveness Probe → Restarts Readiness Probe → Remove from Service Signals → Shutdown or Killed Lifecycle Hooks → PreStart, PreStop
  26. 26. 26@saturnism @gcpcloud When to use? Failure Means... Practices Example Liveness Probe If application is alive. Application will be restarted, and that a restart will help recover. Runs on serving port of the application, e.g., 8080. Don't check dependency. E.g., don't check dependent database connection, etc. A simple /alive URL that returns 200. Readiness Probe Ready to serve requests. Take the pod instance out of load balancer. Flip to ready when application has done all the initializations (cache preloaded). Upon SIGTERM, flip readiness to false. See Graceful Shutdown. /actuator/health on the management port.
  27. 27. 27@saturnism @gcpcloud Anatomy of a Graceful Shutdown 1. Receive SIGTERM or PreStop Lifecycle Hook 2. Fail Readiness Probe 3. Receive requests until Kubernetes detects readiness probe failure 4. Kubernetes removes pod endpoint from Service 5. Finish serving in-flight requests 6. Shutdown
  28. 28. 28@saturnism @gcpcloud Production is HARD Pod Security Policy / Pod Security Context Expect your app to not work in production environment with hardened security Try this early and fix issues
  29. 29. 29@saturnism @gcpcloud 29 Thanks! spring.io/projects/spring-cloud-gcp cloud.google.com/java Come to the Google Cloud Platform Booth! @saturnism | saturnism.me

×