All you need to know to deploy applications on Kubernetes
•Download as PPTX, PDF•
0 likes•125 views
The minimal information that you need to know to
![Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-
NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/
All you need is YAML
apiVersion: v1
kind: Service
metadata:
labels:
k8s-app: springone
name: springone
spec:
ports:
- port: 80
targetPort: 8080
selector:
k8s-app: springone
type: LoadBalancer
---
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
name: springone
spec:
minAvailable: 2
selector:
matchLabels:
k8s-app: springone
---
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
description: Great demo
labels:
k8s-app: springone
name: springone
namespace: default
spec:
progressDeadlineSeconds: 600
...
replicas: 3
selector:
matchLabels:
k8s-app: springone
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
labels:
k8s-app: springone
name: springone
spec:
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: k8s-app
operator: In
values:
- springone
topologyKey: "kubernetes.io/hostname"
volumes:
- name: shared-data
emptyDir: {}
- name: config-volume
configMap:
name: springone
items:
- key: application.properties
path: application.properties
...
initContainers:
- name: run-migration
image: s1pdemo/springmusicmigration:v2
command: ["/bin/run_migration.sh"]
containers:
- image: s1pdemo/tweet_loader:21fab0554
name: poller
volumeMounts:
- name: shared-data
mountPath: /tweet-info
- image: s1pdemo/springmusic:v2
imagePullPolicy: Always
name: springone
env:
- name: SOMETHING
value: value
securityContext:
privileged: false
volumeMounts:
- name: shared-data
mountPath: /data/tweets
- name: config-volume
configMap:
name: springone
items:
- key: application.properties
path: application.properties
readinessProbe:
httpGet:
path: /actuator/health
port: 8080
initialDelaySeconds: 10
periodSeconds: 3
successThreshold: 2
...
livenessProbe:
httpGet:
path: /actuator/health
port: 8080
initialDelaySeconds: 45
periodSeconds: 3
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
terminationGracePeriodSeconds:
30
---
apiVersion: v1
data:
application.properties:
spring.music=springonedemoCONFIGVALUE
kind: ConfigMap
metadata:
name: springone](data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7)
Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Similar to All you need to know to deploy applications on Kubernetes
Similar to All you need to know to deploy applications on Kubernetes (20)
Recently uploaded
Recently uploaded (20)
All you need to know to deploy applications on Kubernetes
- 1. All You Need to Know to Deploy Applications on Kubernetes Eric Johnson, Google - @erjohnso Oleksandr Slynko, Pivotal - @alex_sly
- 2. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons Attribution- NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ All you need is YAML apiVersion: v1 kind: Service metadata: labels: k8s-app: springone name: springone spec: ports: - port: 80 targetPort: 8080 selector: k8s-app: springone type: LoadBalancer --- apiVersion: policy/v1beta1 kind: PodDisruptionBudget metadata: name: springone spec: minAvailable: 2 selector: matchLabels: k8s-app: springone --- apiVersion: apps/v1 kind: Deployment metadata: annotations: description: Great demo labels: k8s-app: springone name: springone namespace: default spec: progressDeadlineSeconds: 600 ... replicas: 3 selector: matchLabels: k8s-app: springone strategy: rollingUpdate: maxSurge: 25% maxUnavailable: 25% type: RollingUpdate template: metadata: labels: k8s-app: springone name: springone spec: affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: k8s-app operator: In values: - springone topologyKey: "kubernetes.io/hostname" volumes: - name: shared-data emptyDir: {} - name: config-volume configMap: name: springone items: - key: application.properties path: application.properties ... initContainers: - name: run-migration image: s1pdemo/springmusicmigration:v2 command: ["/bin/run_migration.sh"] containers: - image: s1pdemo/tweet_loader:21fab0554 name: poller volumeMounts: - name: shared-data mountPath: /tweet-info - image: s1pdemo/springmusic:v2 imagePullPolicy: Always name: springone env: - name: SOMETHING value: value securityContext: privileged: false volumeMounts: - name: shared-data mountPath: /data/tweets - name: config-volume configMap: name: springone items: - key: application.properties path: application.properties readinessProbe: httpGet: path: /actuator/health port: 8080 initialDelaySeconds: 10 periodSeconds: 3 successThreshold: 2 ... livenessProbe: httpGet: path: /actuator/health port: 8080 initialDelaySeconds: 45 periodSeconds: 3 dnsPolicy: ClusterFirst restartPolicy: Always schedulerName: default-scheduler securityContext: {} terminationGracePeriodSeconds: 30 --- apiVersion: v1 data: application.properties: spring.music=springonedemoCONFIGVALUE kind: ConfigMap metadata: name: springone
- 3. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons Attribution- NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ The fine print... We're making a few assumptions, so here are a few prerequisites. (e.g. not covered) ● Containers ● Image repositories ● Version control ● Build and test ● Security ● Monitoring and logging ● ...and more
- 4. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons Attribution- NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ What we'll actually cover... ● How to deploy an application? ● How to access it? ● How to keep it running?
- 5. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons Attribution- NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ The app: Spring Music https://github.com/cloudfoundry-samples/spring-music ● Spring Boot ● Database? ● ...andy mods?
- 6. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons Attribution- NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Plan ● How to deploy application? ● How to access it? ● How to keep it running?
- 7. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons Attribution- NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ The image apiVersion: v1 kind: Service metadata: labels: k8s-app: springone name: springone spec: ports: - port: 80 targetPort: 8080 selector: k8s-app: springone type: LoadBalancer --- apiVersion: policy/v1beta1 kind: PodDisruptionBudget metadata: name: springone spec: minAvailable: 2 selector: matchLabels: k8s-app: springone --- apiVersion: apps/v1 kind: Deployment metadata: annotations: description: Great demo labels: k8s-app: springone name: springone namespace: default spec: progressDeadlineSeconds: 600 ... replicas: 3 selector: matchLabels: k8s-app: springone strategy: rollingUpdate: maxSurge: 25% maxUnavailable: 25% type: RollingUpdate template: metadata: labels: k8s-app: springone name: springone spec: affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: k8s-app operator: In values: - springone topologyKey: "kubernetes.io/hostname" volumes: - name: shared-data emptyDir: {} - name: config-volume configMap: name: springone items: - key: application.properties path: application.properties ... initContainers: - name: run-migration image: s1pdemo/springmusicmigration:v2 command: ["/bin/run_migration.sh"] containers: - image: s1pdemo/tweet_loader:21fab0554 name: poller volumeMounts: - name: shared-data mountPath: /tweet-info - image: s1pdemo/springmusic:v2 imagePullPolicy: Always name: springone env: - name: SOMETHING value: value securityContext: privileged: false volumeMounts: - name: shared-data mountPath: /data/tweets - name: config-volume configMap: name: springone items: - key: application.properties path: application.properties readinessProbe: httpGet: path: /actuator/health port: 8080 initialDelaySeconds: 10 periodSeconds: 3 successThreshold: 2 ... livenessProbe: httpGet: path: /actuator/health port: 8080 initialDelaySeconds: 45 periodSeconds: 3 dnsPolicy: ClusterFirst restartPolicy: Always schedulerName: default-scheduler securityContext: {} terminationGracePeriodSeconds: 30 --- apiVersion: v1 data: application.properties: spring.music=springonedemoCONFIGVALUE kind: ConfigMap metadata: name: springone image: s1pdemo/springmusic:v2 ● Spring Music image ● Versioned ● Runnable (local dev)
- 8. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons Attribution- NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ The container apiVersion: v1 kind: Service metadata: labels: k8s-app: springone name: springone spec: ports: - port: 80 targetPort: 8080 selector: k8s-app: springone type: LoadBalancer --- apiVersion: policy/v1beta1 kind: PodDisruptionBudget metadata: name: springone spec: minAvailable: 2 selector: matchLabels: k8s-app: springone --- apiVersion: apps/v1 kind: Deployment metadata: annotations: description: Great demo labels: k8s-app: springone name: springone namespace: default spec: progressDeadlineSeconds: 600 ... replicas: 3 selector: matchLabels: k8s-app: springone strategy: rollingUpdate: maxSurge: 25% maxUnavailable: 25% type: RollingUpdate template: metadata: labels: k8s-app: springone name: springone spec: affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: k8s-app operator: In values: - springone topologyKey: "kubernetes.io/hostname" volumes: - name: shared-data emptyDir: {} - name: config-volume configMap: name: springone items: - key: application.properties path: application.properties ... initContainers: - name: run-migration image: s1pdemo/springmusicmigration:v2 command: ["/bin/run_migration.sh"] containers: - image: s1pdemo/tweet_loader:21fab0554 name: poller volumeMounts: - name: shared-data mountPath: /tweet-info - image: s1pdemo/springmusic:v2 imagePullPolicy: Always name: springone env: - name: SOMETHING value: value securityContext: privileged: false volumeMounts: - name: shared-data mountPath: /data/tweets - name: config-volume configMap: name: springone items: - key: application.properties path: application.properties readinessProbe: httpGet: path: /actuator/health port: 8080 initialDelaySeconds: 10 periodSeconds: 3 successThreshold: 2 ... livenessProbe: httpGet: path: /actuator/health port: 8080 initialDelaySeconds: 45 periodSeconds: 3 dnsPolicy: ClusterFirst restartPolicy: Always schedulerName: default-scheduler securityContext: {} terminationGracePeriodSeconds: 30 --- apiVersion: v1 data: application.properties: spring.music=springonedemoCONFIGVALUE kind: ConfigMap metadata: name: springone - image: s1pdemo/springmusic:v2 imagePullPolicy: Always name: springone ● Single running process
- 9. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons Attribution- NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Configuration (environment variables) apiVersion: v1 kind: Service metadata: labels: k8s-app: springone name: springone spec: ports: - port: 80 targetPort: 8080 selector: k8s-app: springone type: LoadBalancer --- apiVersion: policy/v1beta1 kind: PodDisruptionBudget metadata: name: springone spec: minAvailable: 2 selector: matchLabels: k8s-app: springone --- apiVersion: apps/v1 kind: Deployment metadata: annotations: description: Great demo labels: k8s-app: springone name: springone namespace: default spec: progressDeadlineSeconds: 600 ... replicas: 3 selector: matchLabels: k8s-app: springone strategy: rollingUpdate: maxSurge: 25% maxUnavailable: 25% type: RollingUpdate template: metadata: labels: k8s-app: springone name: springone spec: affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: k8s-app operator: In values: - springone topologyKey: "kubernetes.io/hostname" volumes: - name: shared-data emptyDir: {} - name: config-volume configMap: name: springone items: - key: application.properties path: application.properties ... initContainers: - name: run-migration image: s1pdemo/springmusicmigration:v2 command: ["/bin/run_migration.sh"] containers: - image: s1pdemo/tweet_loader:21fab0554 name: poller volumeMounts: - name: shared-data mountPath: /tweet-info - image: s1pdemo/springmusic:v2 imagePullPolicy: Always name: springone env: - name: SOMETHING value: value securityContext: privileged: false volumeMounts: - name: shared-data mountPath: /data/tweets - name: config-volume configMap: name: springone items: - key: application.properties path: application.properties readinessProbe: httpGet: path: /actuator/health port: 8080 initialDelaySeconds: 10 periodSeconds: 3 successThreshold: 2 ... livenessProbe: httpGet: path: /actuator/health port: 8080 initialDelaySeconds: 45 periodSeconds: 3 dnsPolicy: ClusterFirst restartPolicy: Always schedulerName: default-scheduler securityContext: {} terminationGracePeriodSeconds: 30 --- apiVersion: v1 data: application.properties: spring.music=springonedemoCONFIGVALUE kind: ConfigMap metadata: name: springone env: - name: SOMETHING value: value
- 10. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons Attribution- NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Configuration (files) apiVersion: v1 kind: Service metadata: labels: k8s-app: springone name: springone spec: ports: - port: 80 targetPort: 8080 selector: k8s-app: springone type: LoadBalancer --- apiVersion: policy/v1beta1 kind: PodDisruptionBudget metadata: name: springone spec: minAvailable: 2 selector: matchLabels: k8s-app: springone --- apiVersion: apps/v1 kind: Deployment metadata: annotations: description: Great demo labels: k8s-app: springone name: springone namespace: default spec: progressDeadlineSeconds: 600 ... replicas: 3 selector: matchLabels: k8s-app: springone strategy: rollingUpdate: maxSurge: 25% maxUnavailable: 25% type: RollingUpdate template: metadata: labels: k8s-app: springone name: springone spec: affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: k8s-app operator: In values: - springone topologyKey: "kubernetes.io/hostname" volumes: - name: shared-data emptyDir: {} - name: config-volume configMap: name: springone items: - key: application.properties path: application.properties ... initContainers: - name: run-migration image: s1pdemo/springmusicmigration:v2 command: ["/bin/run_migration.sh"] containers: - image: s1pdemo/tweet_loader:21fab0554 name: poller volumeMounts: - name: shared-data mountPath: /tweet-info - image: s1pdemo/springmusic:v2 imagePullPolicy: Always name: springone env: - name: SOMETHING value: value securityContext: privileged: false volumeMounts: - name: shared-data mountPath: /data/tweets - name: config-volume configMap: name: springone items: - key: application.properties path: application.properties readinessProbe: httpGet: path: /actuator/health port: 8080 initialDelaySeconds: 10 periodSeconds: 3 successThreshold: 2 ... livenessProbe: httpGet: path: /actuator/health port: 8080 initialDelaySeconds: 45 periodSeconds: 3 dnsPolicy: ClusterFirst restartPolicy: Always schedulerName: default-scheduler securityContext: {} terminationGracePeriodSeconds: 30 --- apiVersion: v1 data: application.properties: spring.music=springonedemoCONFIGVALUE kind: ConfigMap metadata: name: springone apiVersion: v1 data: application.properties: spring.music=springonedemoCONFIGVALUE kind: ConfigMap metadata: name: springone - name: config-volume configMap: name: springone items: - key: application.properties path: application.properties
- 11. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons Attribution- NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Pod apiVersion: v1 kind: Service metadata: labels: k8s-app: springone name: springone spec: ports: - port: 80 targetPort: 8080 selector: k8s-app: springone type: LoadBalancer --- apiVersion: policy/v1beta1 kind: PodDisruptionBudget metadata: name: springone spec: minAvailable: 2 selector: matchLabels: k8s-app: springone --- apiVersion: apps/v1 kind: Deployment metadata: annotations: description: Great demo labels: k8s-app: springone name: springone namespace: default spec: progressDeadlineSeconds: 600 ... replicas: 3 selector: matchLabels: k8s-app: springone strategy: rollingUpdate: maxSurge: 25% maxUnavailable: 25% type: RollingUpdate template: metadata: labels: k8s-app: springone name: springone spec: affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: k8s-app operator: In values: - springone topologyKey: "kubernetes.io/hostname" volumes: - name: shared-data emptyDir: {} - name: config-volume configMap: name: springone items: - key: application.properties path: application.properties ... initContainers: - name: run-migration image: s1pdemo/springmusicmigration:v2 command: ["/bin/run_migration.sh"] containers: - image: s1pdemo/tweet_loader:21fab0554 name: poller volumeMounts: - name: shared-data mountPath: /tweet-info - image: s1pdemo/springmusic:v2 imagePullPolicy: Always name: springone env: - name: SOMETHING value: value securityContext: privileged: false volumeMounts: - name: shared-data mountPath: /data/tweets - name: config-volume configMap: name: springone items: - key: application.properties path: application.properties readinessProbe: httpGet: path: /actuator/health port: 8080 initialDelaySeconds: 10 periodSeconds: 3 successThreshold: 2 ... livenessProbe: httpGet: path: /actuator/health port: 8080 initialDelaySeconds: 45 periodSeconds: 3 dnsPolicy: ClusterFirst restartPolicy: Always schedulerName: default-scheduler securityContext: {} terminationGracePeriodSeconds: 30 --- apiVersion: v1 data: application.properties: spring.music=springonedemoCONFIGVALUE kind: ConfigMap metadata: name: springone - image: s1pdemo/tweet_loader:21fab0554 name: poller volumeMounts: - name: shared-data mountPath: /tweet-info - image: s1pdemo/springmusic:v2 ... volumeMounts: - name: shared-data mountPath: /data/tweets - name: config-volume configMap: ● Set of containers ● Communicate using files
- 12. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons Attribution- NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Pod apiVersion: v1 kind: Service metadata: labels: k8s-app: springone name: springone spec: ports: - port: 80 targetPort: 8080 selector: k8s-app: springone type: LoadBalancer --- apiVersion: policy/v1beta1 kind: PodDisruptionBudget metadata: name: springone spec: minAvailable: 2 selector: matchLabels: k8s-app: springone --- apiVersion: apps/v1 kind: Deployment metadata: annotations: description: Great demo labels: k8s-app: springone name: springone namespace: default spec: progressDeadlineSeconds: 600 ... replicas: 3 selector: matchLabels: k8s-app: springone strategy: rollingUpdate: maxSurge: 25% maxUnavailable: 25% type: RollingUpdate template: metadata: labels: k8s-app: springone name: springone spec: affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: k8s-app operator: In values: - springone topologyKey: "kubernetes.io/hostname" volumes: - name: shared-data emptyDir: {} - name: config-volume configMap: name: springone items: - key: application.properties path: application.properties ... initContainers: - name: run-migration image: s1pdemo/springmusicmigration:v2 command: ["/bin/run_migration.sh"] containers: - image: s1pdemo/tweet_loader:21fab0554 name: poller volumeMounts: - name: shared-data mountPath: /tweet-info - image: s1pdemo/springmusic:v2 imagePullPolicy: Always name: springone env: - name: SOMETHING value: value securityContext: privileged: false volumeMounts: - name: shared-data mountPath: /data/tweets - name: config-volume configMap: name: springone items: - key: application.properties path: application.properties readinessProbe: httpGet: path: /actuator/health port: 8080 initialDelaySeconds: 10 periodSeconds: 3 successThreshold: 2 ... livenessProbe: httpGet: path: /actuator/health port: 8080 initialDelaySeconds: 45 periodSeconds: 3 dnsPolicy: ClusterFirst restartPolicy: Always schedulerName: default-scheduler securityContext: {} terminationGracePeriodSeconds: 30 --- apiVersion: v1 data: application.properties: spring.music=springonedemoCONFIGVALUE kind: ConfigMap metadata: name: springone initContainers: - name: run-migration image: s1pdemo/springmusicmigration:v2 command: ["/bin/run_migration.sh"] ● Run some command before starting each pod
- 13. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons Attribution- NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Don’t use pods directly
- 14. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons Attribution- NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ ReplicaSet ● Make sure N pods are running at the same time
- 15. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons Attribution- NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Deployment apiVersion: v1 kind: Service metadata: labels: k8s-app: springone name: springone spec: ports: - port: 80 targetPort: 8080 selector: k8s-app: springone type: LoadBalancer --- apiVersion: policy/v1beta1 kind: PodDisruptionBudget metadata: name: springone spec: minAvailable: 2 selector: matchLabels: k8s-app: springone --- apiVersion: apps/v1 kind: Deployment metadata: annotations: description: Great demo labels: k8s-app: springone name: springone namespace: default spec: progressDeadlineSeconds: 600 ... replicas: 3 selector: matchLabels: k8s-app: springone strategy: rollingUpdate: maxSurge: 25% maxUnavailable: 25% type: RollingUpdate template: metadata: labels: k8s-app: springone name: springone spec: affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: k8s-app operator: In values: - springone topologyKey: "kubernetes.io/hostname" volumes: - name: shared-data emptyDir: {} - name: config-volume configMap: name: springone items: - key: application.properties path: application.properties ... initContainers: - name: run-migration image: s1pdemo/springmusicmigration:v2 command: ["/bin/run_migration.sh"] containers: - image: s1pdemo/tweet_loader:21fab0554 name: poller volumeMounts: - name: shared-data mountPath: /tweet-info - image: s1pdemo/springmusic:v2 imagePullPolicy: Always name: springone env: - name: SOMETHING value: value securityContext: privileged: false volumeMounts: - name: shared-data mountPath: /data/tweets - name: config-volume configMap: name: springone items: - key: application.properties path: application.properties readinessProbe: httpGet: path: /actuator/health port: 8080 initialDelaySeconds: 10 periodSeconds: 3 successThreshold: 2 ... livenessProbe: httpGet: path: /actuator/health port: 8080 initialDelaySeconds: 45 periodSeconds: 3 dnsPolicy: ClusterFirst restartPolicy: Always schedulerName: default-scheduler securityContext: {} terminationGracePeriodSeconds: 30 --- apiVersion: v1 data: application.properties: spring.music=springonedemoCONFIGVALUE kind: ConfigMap metadata: name: springone
- 16. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons Attribution- NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ StatefulSet ● Applications with state (disks) ● Applications can only start/upgrade sequentially
- 17. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons Attribution- NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Plan ● How to deploy application? ● How to access it? ● How to keep it running?
- 18. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons Attribution- NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Service apiVersion: v1 kind: Service metadata: labels: k8s-app: springone name: springone spec: ports: - port: 80 targetPort: 8080 selector: k8s-app: springone type: LoadBalancer --- apiVersion: policy/v1beta1 kind: PodDisruptionBudget metadata: name: springone spec: minAvailable: 2 selector: matchLabels: k8s-app: springone --- apiVersion: apps/v1 kind: Deployment metadata: annotations: description: Great demo labels: k8s-app: springone name: springone namespace: default spec: progressDeadlineSeconds: 600 ... replicas: 3 selector: matchLabels: k8s-app: springone strategy: rollingUpdate: maxSurge: 25% maxUnavailable: 25% type: RollingUpdate template: metadata: labels: k8s-app: springone name: springone spec: affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: k8s-app operator: In values: - springone topologyKey: "kubernetes.io/hostname" volumes: - name: shared-data emptyDir: {} - name: config-volume configMap: name: springone items: - key: application.properties path: application.properties ... initContainers: - name: run-migration image: s1pdemo/springmusicmigration:v2 command: ["/bin/run_migration.sh"] containers: - image: s1pdemo/tweet_loader:21fab0554 name: poller volumeMounts: - name: shared-data mountPath: /tweet-info - image: s1pdemo/springmusic:v2 imagePullPolicy: Always name: springone env: - name: SOMETHING value: value securityContext: privileged: false volumeMounts: - name: shared-data mountPath: /data/tweets - name: config-volume configMap: name: springone items: - key: application.properties path: application.properties readinessProbe: httpGet: path: /actuator/health port: 8080 initialDelaySeconds: 10 periodSeconds: 3 successThreshold: 2 ... livenessProbe: httpGet: path: /actuator/health port: 8080 initialDelaySeconds: 45 periodSeconds: 3 dnsPolicy: ClusterFirst restartPolicy: Always schedulerName: default-scheduler securityContext: {} terminationGracePeriodSeconds: 30 --- apiVersion: v1 data: application.properties: spring.music=springonedemoCONFIGVALUE kind: ConfigMap metadata: name: springone apiVersion: v1 kind: Service metadata: labels: k8s-app: springone name: springone spec: ports: - port: 80 targetPort: 8080 selector: k8s-app: springone type: LoadBalancer ● Internal - will have static ips inside the cluster ● External - NodePort or Load Balancer
- 19. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons Attribution- NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Readiness probe apiVersion: v1 kind: Service metadata: labels: k8s-app: springone name: springone spec: ports: - port: 80 targetPort: 8080 selector: k8s-app: springone type: LoadBalancer --- apiVersion: policy/v1beta1 kind: PodDisruptionBudget metadata: name: springone spec: minAvailable: 2 selector: matchLabels: k8s-app: springone --- apiVersion: apps/v1 kind: Deployment metadata: annotations: description: Great demo labels: k8s-app: springone name: springone namespace: default spec: progressDeadlineSeconds: 600 ... replicas: 3 selector: matchLabels: k8s-app: springone strategy: rollingUpdate: maxSurge: 25% maxUnavailable: 25% type: RollingUpdate template: metadata: labels: k8s-app: springone name: springone spec: affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: k8s-app operator: In values: - springone topologyKey: "kubernetes.io/hostname" volumes: - name: shared-data emptyDir: {} - name: config-volume configMap: name: springone items: - key: application.properties path: application.properties ... initContainers: - name: run-migration image: s1pdemo/springmusicmigration:v2 command: ["/bin/run_migration.sh"] containers: - image: s1pdemo/tweet_loader:21fab0554 name: poller volumeMounts: - name: shared-data mountPath: /tweet-info - image: s1pdemo/springmusic:v2 imagePullPolicy: Always name: springone env: - name: SOMETHING value: value securityContext: privileged: false volumeMounts: - name: shared-data mountPath: /data/tweets - name: config-volume configMap: name: springone items: - key: application.properties path: application.properties readinessProbe: httpGet: path: /actuator/health port: 8080 initialDelaySeconds: 10 periodSeconds: 3 successThreshold: 2 ... livenessProbe: httpGet: path: /actuator/health port: 8080 initialDelaySeconds: 45 periodSeconds: 3 dnsPolicy: ClusterFirst restartPolicy: Always schedulerName: default-scheduler securityContext: {} terminationGracePeriodSeconds: 30 --- apiVersion: v1 data: application.properties: spring.music=springonedemoCONFIGVALUE kind: ConfigMap metadata: name: springone readinessProbe: httpGet: path: /actuator/health port: 8080 initialDelaySeconds: 10 periodSeconds: 3 successThreshold: 2
- 20. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons Attribution- NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Plan ● How to deploy application? ● How to access it? ● How to keep it running?
- 21. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons Attribution- NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Replicas apiVersion: v1 kind: Service metadata: labels: k8s-app: springone name: springone spec: ports: - port: 80 targetPort: 8080 selector: k8s-app: springone type: LoadBalancer --- apiVersion: policy/v1beta1 kind: PodDisruptionBudget metadata: name: springone spec: minAvailable: 2 selector: matchLabels: k8s-app: springone --- apiVersion: apps/v1 kind: Deployment metadata: annotations: description: Great demo labels: k8s-app: springone name: springone namespace: default spec: progressDeadlineSeconds: 600 ... replicas: 3 selector: matchLabels: k8s-app: springone strategy: rollingUpdate: maxSurge: 25% maxUnavailable: 25% type: RollingUpdate template: metadata: labels: k8s-app: springone name: springone spec: affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: k8s-app operator: In values: - springone topologyKey: "kubernetes.io/hostname" volumes: - name: shared-data emptyDir: {} - name: config-volume configMap: name: springone items: - key: application.properties path: application.properties ... initContainers: - name: run-migration image: s1pdemo/springmusicmigration:v2 command: ["/bin/run_migration.sh"] containers: - image: s1pdemo/tweet_loader:21fab0554 name: poller volumeMounts: - name: shared-data mountPath: /tweet-info - image: s1pdemo/springmusic:v2 imagePullPolicy: Always name: springone env: - name: SOMETHING value: value securityContext: privileged: false volumeMounts: - name: shared-data mountPath: /data/tweets - name: config-volume configMap: name: springone items: - key: application.properties path: application.properties readinessProbe: httpGet: path: /actuator/health port: 8080 initialDelaySeconds: 10 periodSeconds: 3 successThreshold: 2 ... livenessProbe: httpGet: path: /actuator/health port: 8080 initialDelaySeconds: 45 periodSeconds: 3 dnsPolicy: ClusterFirst restartPolicy: Always schedulerName: default-scheduler securityContext: {} terminationGracePeriodSeconds: 30 --- apiVersion: v1 data: application.properties: spring.music=springonedemoCONFIGVALUE kind: ConfigMap metadata: name: springone replicas: 3
- 22. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons Attribution- NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Replicate across cluster apiVersion: v1 kind: Service metadata: labels: k8s-app: springone name: springone spec: ports: - port: 80 targetPort: 8080 selector: k8s-app: springone type: LoadBalancer --- apiVersion: policy/v1beta1 kind: PodDisruptionBudget metadata: name: springone spec: minAvailable: 2 selector: matchLabels: k8s-app: springone --- apiVersion: apps/v1 kind: Deployment metadata: annotations: description: Great demo labels: k8s-app: springone name: springone namespace: default spec: progressDeadlineSeconds: 600 ... replicas: 3 selector: matchLabels: k8s-app: springone strategy: rollingUpdate: maxSurge: 25% maxUnavailable: 25% type: RollingUpdate template: metadata: labels: k8s-app: springone name: springone spec: affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: k8s-app operator: In values: - springone topologyKey: "kubernetes.io/hostname" volumes: - name: shared-data emptyDir: {} - name: config-volume configMap: name: springone items: - key: application.properties path: application.properties ... initContainers: - name: run-migration image: s1pdemo/springmusicmigration:v2 command: ["/bin/run_migration.sh"] containers: - image: s1pdemo/tweet_loader:21fab0554 name: poller volumeMounts: - name: shared-data mountPath: /tweet-info - image: s1pdemo/springmusic:v2 imagePullPolicy: Always name: springone env: - name: SOMETHING value: value securityContext: privileged: false volumeMounts: - name: shared-data mountPath: /data/tweets - name: config-volume configMap: name: springone items: - key: application.properties path: application.properties readinessProbe: httpGet: path: /actuator/health port: 8080 initialDelaySeconds: 10 periodSeconds: 3 successThreshold: 2 ... livenessProbe: httpGet: path: /actuator/health port: 8080 initialDelaySeconds: 45 periodSeconds: 3 dnsPolicy: ClusterFirst restartPolicy: Always schedulerName: default-scheduler securityContext: {} terminationGracePeriodSeconds: 30 --- apiVersion: v1 data: application.properties: spring.music=springonedemoCONFIGVALUE kind: ConfigMap metadata: name: springone affinity: podAntiAffinity: requiredDuringScheduling IgnoredDuringExecution: - labelSelector: matchExpressions: - key: k8s-app operator: In values: - springone topologyKey: "kubernetes.io/hostname"
- 23. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons Attribution- NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Survive upgrades apiVersion: v1 kind: Service metadata: labels: k8s-app: springone name: springone spec: ports: - port: 80 targetPort: 8080 selector: k8s-app: springone type: LoadBalancer --- apiVersion: policy/v1beta1 kind: PodDisruptionBudget metadata: name: springone spec: minAvailable: 2 selector: matchLabels: k8s-app: springone --- apiVersion: apps/v1 kind: Deployment metadata: annotations: description: Great demo labels: k8s-app: springone name: springone namespace: default spec: progressDeadlineSeconds: 600 ... replicas: 3 selector: matchLabels: k8s-app: springone strategy: rollingUpdate: maxSurge: 25% maxUnavailable: 25% type: RollingUpdate template: metadata: labels: k8s-app: springone name: springone spec: affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: k8s-app operator: In values: - springone topologyKey: "kubernetes.io/hostname" volumes: - name: shared-data emptyDir: {} - name: config-volume configMap: name: springone items: - key: application.properties path: application.properties ... initContainers: - name: run-migration image: s1pdemo/springmusicmigration:v2 command: ["/bin/run_migration.sh"] containers: - image: s1pdemo/tweet_loader:21fab0554 name: poller volumeMounts: - name: shared-data mountPath: /tweet-info - image: s1pdemo/springmusic:v2 imagePullPolicy: Always name: springone env: - name: SOMETHING value: value securityContext: privileged: false volumeMounts: - name: shared-data mountPath: /data/tweets - name: config-volume configMap: name: springone items: - key: application.properties path: application.properties readinessProbe: httpGet: path: /actuator/health port: 8080 initialDelaySeconds: 10 periodSeconds: 3 successThreshold: 2 ... livenessProbe: httpGet: path: /actuator/health port: 8080 initialDelaySeconds: 45 periodSeconds: 3 dnsPolicy: ClusterFirst restartPolicy: Always schedulerName: default-scheduler securityContext: {} terminationGracePeriodSeconds: 30 --- apiVersion: v1 data: application.properties: spring.music=springonedemoCONFIGVALUE kind: ConfigMap metadata: name: springone apiVersion: policy/v1beta1 kind: PodDisruptionBudget metadata: name: springone spec: minAvailable: 2 selector: matchLabels: k8s-app: springone ● How many pods can be unavailable at any time
- 24. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons Attribution- NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Graceful shutdown Handle SIGTERM signal Pre-stop hook
- 25. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons Attribution- NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Kill unresponsive application apiVersion: v1 kind: Service metadata: labels: k8s-app: springone name: springone spec: ports: - port: 80 targetPort: 8080 selector: k8s-app: springone type: LoadBalancer --- apiVersion: policy/v1beta1 kind: PodDisruptionBudget metadata: name: springone spec: minAvailable: 2 selector: matchLabels: k8s-app: springone --- apiVersion: apps/v1 kind: Deployment metadata: annotations: description: Great demo labels: k8s-app: springone name: springone namespace: default spec: progressDeadlineSeconds: 600 ... replicas: 3 selector: matchLabels: k8s-app: springone strategy: rollingUpdate: maxSurge: 25% maxUnavailable: 25% type: RollingUpdate template: metadata: labels: k8s-app: springone name: springone spec: affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: k8s-app operator: In values: - springone topologyKey: "kubernetes.io/hostname" volumes: - name: shared-data emptyDir: {} - name: config-volume configMap: name: springone items: - key: application.properties path: application.properties ... initContainers: - name: run-migration image: s1pdemo/springmusicmigration:v2 command: ["/bin/run_migration.sh"] containers: - image: s1pdemo/tweet_loader:21fab0554 name: poller volumeMounts: - name: shared-data mountPath: /tweet-info - image: s1pdemo/springmusic:v2 imagePullPolicy: Always name: springone env: - name: SOMETHING value: value securityContext: privileged: false volumeMounts: - name: shared-data mountPath: /data/tweets - name: config-volume configMap: name: springone items: - key: application.properties path: application.properties readinessProbe: httpGet: path: /actuator/health port: 8080 initialDelaySeconds: 10 periodSeconds: 3 successThreshold: 2 ... livenessProbe: httpGet: path: /actuator/health port: 8080 initialDelaySeconds: 45 periodSeconds: 3 dnsPolicy: ClusterFirst restartPolicy: Always schedulerName: default-scheduler securityContext: {} terminationGracePeriodSeconds: 30 --- apiVersion: v1 data: application.properties: spring.music=springonedemoCONFIGVALUE kind: ConfigMap metadata: name: springone livenessProbe: httpGet: path: /actuator/health port: 8080 initialDelaySeconds: 45 periodSeconds: 3
- 26. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons Attribution- NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Further reading Secrets Horizontal Pod Autoscaler Pod Security Policies Resource Limits Pod Priority Class Cluster DNS Ingress Controllers
- 27. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons Attribution- NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Recap ● How to deploy application? ○ Deployments, Stateful Sets ● How to access it? ○ Service ● How to keep it running? ○ Replicas, Affinity Groups, Graceful shutdown, Liveness Probe
- 28. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons Attribution- NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Thank you! Want to try this out for yourself? ● Create a Kubernetes cluster ○ Create a GKE cluster: https://cloud.google.com/kubernetes-engine/ ■ Gets started for free: https://cloud.google.com/free/ ○ Create a CFCR cluster - check the next talk ○ Or create a PKS cluster - https://pivotal.io/pks ● Big YAML: https://bit.ly/k8s-manifest ● Slides: https://bit.ly/all-you-need-is-yaml
Editor's Notes
- Link to talk: https://springoneplatform.io/2018/sessions/all-you-need-to-know-to-deploy-applications-on-kubernetes [E & A] - intros [E] Ok, let's get started. We're going to show you All you need to know to deploy apps on k8s. We spent a lot of time thinking about how to make this as straightforward as possible. So, here you go...
- [E] All you need is YAML! If you're having trouble reading it, please move closer to the front. Since this is really all you need, we'll give you about 20 minutes to read through it and then take questions. [E] Ok... bad joke! While this is a comprehensive example of the YAML needed to deploy an app to k8s, we'll explain this in more detail. [E] Oh, and we're not really going to cover "ALL you need to know..."
- [E] There's a few things we're going to assume you have some knowledge of and other best practices for deploying and operating k8s. For a common starting point, let's assume we have an application in mind and know the basics of packing it as an image and storing the image in a repository. And while we're not going to go into details here, we're going to assume you have access to a Kubernetes cluster. For our talk, we'll be using Google Kubernetes Engine already pre-provisioned for us.
- [E] The talk will really focus on these necessary aspects of an app on k8s. How to deploy, access, and make sure it's available.
- [E] Since this is a Spring conference, we thought a good app to use would be the Spring Music sample app. If you're not already familiar with it, this is an excellent way to get started with Spring Boot (and if you're so inclined, deploying it to Cloud Foundry). But in this case, we'll deploy to K8s.
- [E] Alright, let's get started. Alex, let's go back and look at that wall of YAML and highlight what you need to know with respect to deployment.
- [A] First, we need image used for the application, it should be runnable, and versioned. There are multiple guides for how to building docker images. We'll pull this image when we deploy and when later when scaling up. Runnable for local developement And we'll be using a Spring app for the demo
- When you have the image, you now build the container You'll need name, location, and policy. When we scale up, the imagePulPolicy means to pull the latest image. This is why nicknames/versions are important. The version name can be anything you like but should not be mutable (any changes to your app should result in a new name/version.
- [A] There are two ways to configure. You can use environment variables (map of name/value). The other way is to use volumes for example a confgmap where the configuration is stored within k8s. For example, you can store your spring boot app properties in the config map. [E] Oh, I didn't you could do two ways. Which is the preferred way, or what you recommend? [A] It depends!!! But, one nice feature of using configmap with spring cloud library is that it checks for configmap changes and recreate your container when you change something.
- [A] There are two ways to configure. You can use environment variables (map of name/value). The other way is to use volumes for example a confgmap where the configuration is stored within k8s. For example, you can store your spring boot app properties in the config map. [E] Oh, I didn't you could do two ways. Which is the preferred way, or what you recommend? [A] It depends!!! But, one nice feature of using configmap with spring cloud library is that it checks for configmap changes and recreate your container when you change something.
- A container is a minimal runnable process - but for K8s the minimal entity "pods". It allows group multiple containers in a pod and including shared storage. All those containers will be started together. You should consider separating functionality of your app into separate pods. For example, keep your database pods separate from your application pods. This will allow you to more easily scale your application and/or database independently.
- [E] But how would you handle something like a database migration? [A] You can use initContaiers for something like that. If you need to perform operations on the database, or configuration changes, then initContainers allow you to execute commands before the pod is created. For deletion you can use some hooks, but lets not jump ahead ( slide about graceful shutdown
- [A] But don't use pods directly for deploying an application [E] Why is that Alex? [A] Pods are connected to a single node, if a node goes down, the pod (as a primitive) won't be rescheduled by k8s. Another good reason is scaling up/down. Also, pod is immutable. If you want to change something, you have to delete old pod and create a new one.
- Kubernetes has abstraction to keep specific amount of pods up and running. But it does not include updates. So for green-blue deployments it has a special object called Deployment
- Deployment specifies all the definitions that required to run the application and helps with upgrades, it also allows to rollback to previous working version . [E] How does deploy? [A] Under the cover deployment creates a replicaset. For each change, it creates a new replicaset and gradually create new pods and delete old ones. By default it ensures that at most 25% extra pods created and at least 75% of desired amount of pods are available at any given time. [E] What is the order the deletion happen? [A] There is no order. If you need some order for your application, you should use stateful set
- AS the name suggests, stateful sets help with the applications that have state. For example that use disk, or that have to be started in specific order.
- ???
- [E] why do you need to create internal service? [A] I told you that pods are immutable. So every time you change something – pod is recreated. That means that every time you change something – pod IP address is going to change. Services have their own network and have the same ip address all the time which will be resolved to different pods. External lserice exposes port on the node which then points to the service ip address. Load balancer points that exposed port. So each service just adds something down the way. [E] So when I have a service and new pod is created, it starts to receive traffic from the service? [A] Yes, when pod is ready, it starts getting traffic. And there is a way to show that pod is ready.
- [A] Obviously, to make your application highly available you need several replicas. As I mentioned before, pods can be terminated at any moment. [E] Will 3 replicas be deployed on separate VMs?
- [A] Kubernetes by default tries to schedule pods on different nodes, but there is no guarantee. [E] Why there so many options? (????) [A] It is very configurable and supports multiple use-cases. First affinity and antiAffinity, so deploy pods when condition match or not deploy. This long key says require this condition to match before scheduling. There is also preferred. Next - label selector. It can have labels that are not set by your application. You can have additional replicas that do not receive traffic and deploy them on the nodes that do not have main service. As you can see pod anti affinity is an option, there is also affinity option that requires pods to be on some condition match. Topology key allows to choose where to deploy application by hostname, availability zone or instance type. [E] So should I always use requiredDuringScheduling? [A] Not really. It guarantees that pods will be scheduled on different virtual machines. But it also won’t let you scale above the amount of VMs. [E] But if I have multiple pods on the same node, they will all be unavailable during the upgrade (???) [A] It can be fixed with Pod Disruption budget
- [A] Pod disruption allows you to specify how many pods could unavailable at any given moment or how many should be available This can help,during upgrade or rollout of Kubernetes deployment. Especially when stopping the pod takes time. [E] I thought that upgrade just destroys the container [A] No, the developer can actually control the deletion.
- [A] And should control to provide graceful shutdown. There are three steps to stop each pod. First, pod is marked that it is deleting. After that the pod is removed from service backend, and pre-stop hook is executed. After it finishes or grace period expires, each container gets SIGTERM signal. If the application is not closed after grace period it is killed. [E] Spring handles SIGTERM signal, so it possible to add shutdown hook to finish processing. (Transition t the next slide ??? )
- [A] This are the nice-to-haves. It worth checking them after you have can start your application in K8s.