SlideShare a Scribd company logo

Kubernetes Journey at Intuit: Building a Modern SaaS Platform

Ravi Hari
Ravi Hari

The document discusses Intuit's journey to building a modern software-as-a-service (SaaS) platform using Kubernetes. It outlines the goals of increasing release cycle time, release frequency, and recoverability. It then describes challenges around multi-tenancy, common functionality, resilience, monitoring, and costs. Intuit developed the Keiko project to help solve these challenges, which includes tools like an addon manager, instance manager, upgrade manager, and active monitor. The solutions have helped Intuit improve velocity, operability, and security when developing and running microservices on Kubernetes.

Presentations & Public Speaking
1 of 36
December 14, 2019 Intuit Kubernetes Journey - Ravi & Laks
● Why we built Modern Saas Platform? ● What is it? ● How we built it? Agenda
Intuit Confidential and Proprietary 3 Measured value Expected Improvement Recoverability X 10X faster Release cycle time (days) (PR to deploy) Y 1.4Y faster Release frequency (days) Z 3Z faster Goals
Intuit Confidential and Proprietary 4 Monolith vs Microservice
Intuit Confidential and Proprietary 5 Service Onboarding Prior to M-SaaS I want to develop new micro service ● Create Service on Service Portal ● Get an Cloud Account - ● Create all the basic resources in AWS ● If you have Web server do this... ● Monitoring Alerting Logs….. ● : ● Take care of AWS SG, EC2, Auto scaling, R53, Ingress, Egress ● Create ○ Git Repo ○ Pipeline ○ Set up CD … ○ ……. Takes few weeks to set up and run the service Steep learning curve Multiple AWS Accounts Take care of security patches periodically
Intuit Confidential and Proprietary 6 Monolith vs Microservice
Intuit Confidential and Proprietary 7 Service Onboarding Today…. with M-SaaS VELOCITY OPERABILITY SECURITY I want to develop new micro service AppD Microservice 15 minutes
Gitops Flow
Intuit Confidential and Proprietary 9 The Modern SaaS Platform @ Intuit
Intuit Confidential and Proprietary 10 Journey so far … Services on MSaaS
Intuit Confidential and Proprietary 11 alb-ingress kube-dns fluentd metrics prometheus autoscaler Addons User namespace 1 User namespace 2 User namespace 3 User namespace n Applications kube-apiserver kube-proxy K8s Control Plane kube-scheduler kube-controlleretcd Each Kubernetes cluster today ...
Intuit Confidential and Proprietary 12 Master Nodes alb-ingress kiam eventrouter metrics kube-dns autoscaler Addons kube-apiserver kube-proxy K8s Control Plane kube-scheduler kube-controlleretcd Each Kubernetes cluster today ...
Intuit Confidential and Proprietary 13 The Challenges
Intuit Confidential and Proprietary 14 Multi-tenancy - What does each tenant mean? - Namespace? - Kubernetes objects with the same label? - Some CRD? We decided to go with Kubernetes Namespaces
Intuit Confidential and Proprietary 15 More Multi-tenancy issues - Noisy neighbour - Customized setup - Tenant specific AMIs - Tenant specific instance types - Cost accounting
Intuit Confidential and Proprietary 16 - Common functionality needed by all apps on a cluster: DNS, Logs, Metrics etc., - Multi Tenancy - Noisy neighbour, Instance Types - Resiliency and Hardening - Deep Monitoring - Cost Efficiency The Challanges
Intuit Confidential and Proprietary 17 Addons - Common functionality needed by all apps on a cluster - DNS, log forwarding, metrics, identity, etc. - Integrate with other AWS services such as ALB.
Intuit Confidential and Proprietary 18 Resilience and hardening ... - Pods stuck in terminating state ... - EC2 instance networking broken … - Bunch of 502s during upgrade...
Intuit Confidential and Proprietary 19 Deep monitoring - Not enough to simply check if components are “up” - Deep monitoring - Actually exercise the functionality - Periodically - Preferably automatic remediation
Intuit Confidential and Proprietary 20 Cost efficiency - How do we reduce costs?
Intuit Confidential and Proprietary 21 The Solutions
Intuit Confidential and Proprietary 22 Keiko “Keiko provides a set of independent open-source tools for orchestration and management of multi-tenant, reliable, secure and efficient Kubernetes clusters at scale.” github.com/keikoproj Instance manager Kube forensics Upgrade manager Active monitor Addon manager Governor Minion manager
Intuit Confidential and Proprietary 23 Keiko Orchestration Instance-manager Upgrade-manager Reliability Governor Cost Eff Minion Manager Addon Manager Security Kube-Forensics Monitoring Active-monitor
Intuit Confidential and Proprietary 24 Addon-Manager Addons are critical components within a Kubernetes cluster that provide basic services needed by applications like DNS, Ingress, Metrics, Logging, etc. Addon Manager provides a CRD for lifecycle management of such addons using Argo Workflows.
Intuit Confidential and Proprietary 25 Addon-Manager
Intuit Confidential and Proprietary 26 Multi-tenancy solutions - Instance Group per Namespace - Customized labels - Centralized upgrades We decided to go with ...
Intuit Confidential and Proprietary 27 Instance-manager - Declaratively provision and manage ASGs (nodes) - Number and type of nodes - Labels and taints - Subnets and security groups $ kubectl create -f /tmp/hello_world.yaml instancegroup.instancemgr.keikoproj.io/hello-world created $ kubectl get igs NAME STATE MIN MAX GROUP NAME PROVISIONER STRATEGY AGE hello-world Ready 2 3 shri-east-2-instance-manager-hello-world-NodeGroup-16Y8ZA1ZJW8JK eks-cf crd 3m nodes Ready 2 3 shri-east-2-instance-manager-nodes-NodeGroup-1K1T3YSXCCCK9 eks-cf crd 1d
Intuit Confidential and Proprietary 28 Upgrade-manager - Upgrade Manager provides RollingUpgrade, a Kubernetes native mechanism for doing rolling-updates of instances in an AutoScaling group using a CRD and a controller.
Intuit Confidential and Proprietary 29 Governor Governor improves the stability of large Kubernetes clusters by proactively terminating failed but stuck pods and misbehaving nodes.
Intuit Confidential and Proprietary 30 Active-monitor Active-Monitor is a Kubernetes custom resource controller which uses Argo Workflows for deep cluster monitoring.
Intuit Confidential and Proprietary 31 Minion-manager Minion-manager enables the intelligent use of Spot Instances in Kubernetes clusters on AWS. This is done by factoring in on-demand prices, spot-instance prices and current state of the AutoScalingGroups.
Intuit Confidential and Proprietary 32 Kube-forensics Kube-forensics allows a cluster administrator to dump the current state of a running pod and all its containers so that security professionals can perform offline forensic analysis.
Intuit Confidential and Proprietary 33 Keiko github.com/keikoproj Instance manager Kube forensics Upgrade manager Active monitor Addon manager Governor Minion manager github.com/keikoproj github.com/argoproj twitter.com/keikoproj
Intuit Confidential and Proprietary 34 Coming up ... - Kubernetes control plane using EKS - Multi-cluster Service Mesh using Istio - OpenTelemetry - GitOps for AWS resources - Experimentation platform - And more ...
Intuit Confidential and Proprietary 35 There’s a lot happening ... <We are hiring /> Ravi_Hari@intuit.com https://www.linkedin.com/in/ravi-hari-46896a15/ laks@intuit.com https://www.linkedin.com/in/laks1/
36

Recommended

ACDKOCHI19 - Turbocharge Developer productivity with platform build on K8S an...
ACDKOCHI19 - Turbocharge Developer productivity with platform build on K8S an...ACDKOCHI19 - Turbocharge Developer productivity with platform build on K8S an...
ACDKOCHI19 - Turbocharge Developer productivity with platform build on K8S an...AWS User Group Kochi
 
Cinder Status Openstack Shanghai
Cinder Status Openstack ShanghaiCinder Status Openstack Shanghai
Cinder Status Openstack ShanghaiOpenCity Community
 
OpenStack Cinder
OpenStack CinderOpenStack Cinder
OpenStack CinderRenuka Apte
 
OpenStack Cinder Best Practices - Meet Up
OpenStack Cinder Best Practices - Meet UpOpenStack Cinder Best Practices - Meet Up
OpenStack Cinder Best Practices - Meet UpAaron Delp
 
OpenStack Tokyo Meeup - Gluster Storage Day
OpenStack Tokyo Meeup - Gluster Storage DayOpenStack Tokyo Meeup - Gluster Storage Day
OpenStack Tokyo Meeup - Gluster Storage DayDan Radez
 
OpenStack Storage Overview
OpenStack Storage OverviewOpenStack Storage Overview
OpenStack Storage OverviewBharat Kumar Kobagana
 
Laying OpenStack Cinder Block Services
Laying OpenStack Cinder Block ServicesLaying OpenStack Cinder Block Services
Laying OpenStack Cinder Block ServicesKenneth Hui
 
Acd19 kubertes cluster at scale on aws at intuit
Acd19 kubertes cluster at scale on aws at intuitAcd19 kubertes cluster at scale on aws at intuit
Acd19 kubertes cluster at scale on aws at intuitJohn Varghese
 

Recommended

ACDKOCHI19 - Turbocharge Developer productivity with platform build on K8S an...
ACDKOCHI19 - Turbocharge Developer productivity with platform build on K8S an...ACDKOCHI19 - Turbocharge Developer productivity with platform build on K8S an...
ACDKOCHI19 - Turbocharge Developer productivity with platform build on K8S an...AWS User Group Kochi
 
Cinder Status Openstack Shanghai
Cinder Status Openstack ShanghaiCinder Status Openstack Shanghai
Cinder Status Openstack ShanghaiOpenCity Community
 
OpenStack Cinder
OpenStack CinderOpenStack Cinder
OpenStack CinderRenuka Apte
 
OpenStack Cinder Best Practices - Meet Up
OpenStack Cinder Best Practices - Meet UpOpenStack Cinder Best Practices - Meet Up
OpenStack Cinder Best Practices - Meet UpAaron Delp
 
OpenStack Tokyo Meeup - Gluster Storage Day
OpenStack Tokyo Meeup - Gluster Storage DayOpenStack Tokyo Meeup - Gluster Storage Day
OpenStack Tokyo Meeup - Gluster Storage DayDan Radez
 
OpenStack Storage Overview
OpenStack Storage OverviewOpenStack Storage Overview
OpenStack Storage OverviewBharat Kumar Kobagana
 
Laying OpenStack Cinder Block Services
Laying OpenStack Cinder Block ServicesLaying OpenStack Cinder Block Services
Laying OpenStack Cinder Block ServicesKenneth Hui
 
Acd19 kubertes cluster at scale on aws at intuit
Acd19 kubertes cluster at scale on aws at intuitAcd19 kubertes cluster at scale on aws at intuit
Acd19 kubertes cluster at scale on aws at intuitJohn Varghese
 
Storage as a service and OpenStack Cinder
Storage as a service and OpenStack CinderStorage as a service and OpenStack Cinder
Storage as a service and OpenStack Cinderopenstackindia
 
Filesystem as a service in OpenStack
Filesystem as a service in OpenStackFilesystem as a service in OpenStack
Filesystem as a service in OpenStackopenstackindia
 
Using Cinder Block Storage
Using Cinder Block StorageUsing Cinder Block Storage
Using Cinder Block StorageRed_Hat_Storage
 
reInvent 2021 Recap and k9s review
reInvent 2021 Recap and k9s reviewreInvent 2021 Recap and k9s review
reInvent 2021 Recap and k9s reviewFaheem Memon
 
Istio (service mesh) why and how
Istio (service mesh) why and howIstio (service mesh) why and how
Istio (service mesh) why and howMilan Das
 
Deep Dive into Openstack Storage, Sean Cohen, Red Hat
Deep Dive into Openstack Storage, Sean Cohen, Red HatDeep Dive into Openstack Storage, Sean Cohen, Red Hat
Deep Dive into Openstack Storage, Sean Cohen, Red HatCloud Native Day Tel Aviv
 
Kubernetes day 2_jozef_halgas_pf
Kubernetes day 2_jozef_halgas_pfKubernetes day 2_jozef_halgas_pf
Kubernetes day 2_jozef_halgas_pfJuraj Hantak
 
OpenStack Cinder Overview - Havana Release
OpenStack Cinder Overview - Havana ReleaseOpenStack Cinder Overview - Havana Release
OpenStack Cinder Overview - Havana ReleaseAvishay Traeger
 
Open stack solidfire-mavenspire-meetup
Open stack solidfire-mavenspire-meetupOpen stack solidfire-mavenspire-meetup
Open stack solidfire-mavenspire-meetupGene Dubensky
 
Zun project update (boston summit)
Zun project update (boston summit)Zun project update (boston summit)
Zun project update (boston summit)hongbin034
 
Elasticsearch on Kubernetes
Elasticsearch on KubernetesElasticsearch on Kubernetes
Elasticsearch on KubernetesJoerg Henning
 
Storage as a service OpenStack
Storage as a service OpenStackStorage as a service OpenStack
Storage as a service OpenStackopenstackindia
 
OpenStack Contribution Workflow
OpenStack Contribution WorkflowOpenStack Contribution Workflow
OpenStack Contribution WorkflowSean McGinnis
 
Zun presentation (OpenStack Barcelona summit)
Zun presentation (OpenStack Barcelona summit)Zun presentation (OpenStack Barcelona summit)
Zun presentation (OpenStack Barcelona summit)hongbin034
 
How to make cloud native platform by kubernetes
How to make cloud native platform by kubernetesHow to make cloud native platform by kubernetes
How to make cloud native platform by kubernetes어형 이
 
DevOps in AWS with Kubernetes
DevOps in AWS with KubernetesDevOps in AWS with Kubernetes
DevOps in AWS with KubernetesOleg Chunikhin
 
Kubernetes dealing with storage and persistence
Kubernetes dealing with storage and persistenceKubernetes dealing with storage and persistence
Kubernetes dealing with storage and persistenceJanakiram MSV
 
K8s cluster autoscaler
K8s cluster autoscaler K8s cluster autoscaler
K8s cluster autoscaler k8s study
 
Introduction to OpenStack Cinder
Introduction to OpenStack CinderIntroduction to OpenStack Cinder
Introduction to OpenStack CinderSean McGinnis
 
Intro into Rook and Ceph on Kubernetes
Intro into Rook and Ceph on KubernetesIntro into Rook and Ceph on Kubernetes
Intro into Rook and Ceph on KubernetesKublr
 
Mattia Gandolfi - Improving utilization and portability with Containers and C...
Mattia Gandolfi - Improving utilization and portability with Containers and C...Mattia Gandolfi - Improving utilization and portability with Containers and C...
Mattia Gandolfi - Improving utilization and portability with Containers and C...Codemotion
 
PuppetConf 2017: Kubernetes in the Cloud w/ Puppet + Google Container Engine-...
PuppetConf 2017: Kubernetes in the Cloud w/ Puppet + Google Container Engine-...PuppetConf 2017: Kubernetes in the Cloud w/ Puppet + Google Container Engine-...
PuppetConf 2017: Kubernetes in the Cloud w/ Puppet + Google Container Engine-...Puppet
 

More Related Content

What's hot

Storage as a service and OpenStack Cinder
Storage as a service and OpenStack CinderStorage as a service and OpenStack Cinder
Storage as a service and OpenStack Cinderopenstackindia
 
Filesystem as a service in OpenStack
Filesystem as a service in OpenStackFilesystem as a service in OpenStack
Filesystem as a service in OpenStackopenstackindia
 
Using Cinder Block Storage
Using Cinder Block StorageUsing Cinder Block Storage
Using Cinder Block StorageRed_Hat_Storage
 
reInvent 2021 Recap and k9s review
reInvent 2021 Recap and k9s reviewreInvent 2021 Recap and k9s review
reInvent 2021 Recap and k9s reviewFaheem Memon
 
Istio (service mesh) why and how
Istio (service mesh) why and howIstio (service mesh) why and how
Istio (service mesh) why and howMilan Das
 
Deep Dive into Openstack Storage, Sean Cohen, Red Hat
Deep Dive into Openstack Storage, Sean Cohen, Red HatDeep Dive into Openstack Storage, Sean Cohen, Red Hat
Deep Dive into Openstack Storage, Sean Cohen, Red HatCloud Native Day Tel Aviv
 
Kubernetes day 2_jozef_halgas_pf
Kubernetes day 2_jozef_halgas_pfKubernetes day 2_jozef_halgas_pf
Kubernetes day 2_jozef_halgas_pfJuraj Hantak
 
OpenStack Cinder Overview - Havana Release
OpenStack Cinder Overview - Havana ReleaseOpenStack Cinder Overview - Havana Release
OpenStack Cinder Overview - Havana ReleaseAvishay Traeger
 
Open stack solidfire-mavenspire-meetup
Open stack solidfire-mavenspire-meetupOpen stack solidfire-mavenspire-meetup
Open stack solidfire-mavenspire-meetupGene Dubensky
 
Zun project update (boston summit)
Zun project update (boston summit)Zun project update (boston summit)
Zun project update (boston summit)hongbin034
 
Elasticsearch on Kubernetes
Elasticsearch on KubernetesElasticsearch on Kubernetes
Elasticsearch on KubernetesJoerg Henning
 
Storage as a service OpenStack
Storage as a service OpenStackStorage as a service OpenStack
Storage as a service OpenStackopenstackindia
 
OpenStack Contribution Workflow
OpenStack Contribution WorkflowOpenStack Contribution Workflow
OpenStack Contribution WorkflowSean McGinnis
 
Zun presentation (OpenStack Barcelona summit)
Zun presentation (OpenStack Barcelona summit)Zun presentation (OpenStack Barcelona summit)
Zun presentation (OpenStack Barcelona summit)hongbin034
 
How to make cloud native platform by kubernetes
How to make cloud native platform by kubernetesHow to make cloud native platform by kubernetes
How to make cloud native platform by kubernetes어형 이
 
DevOps in AWS with Kubernetes
DevOps in AWS with KubernetesDevOps in AWS with Kubernetes
DevOps in AWS with KubernetesOleg Chunikhin
 
Kubernetes dealing with storage and persistence
Kubernetes dealing with storage and persistenceKubernetes dealing with storage and persistence
Kubernetes dealing with storage and persistenceJanakiram MSV
 
K8s cluster autoscaler
K8s cluster autoscaler K8s cluster autoscaler
K8s cluster autoscaler k8s study
 
Introduction to OpenStack Cinder
Introduction to OpenStack CinderIntroduction to OpenStack Cinder
Introduction to OpenStack CinderSean McGinnis
 
Intro into Rook and Ceph on Kubernetes
Intro into Rook and Ceph on KubernetesIntro into Rook and Ceph on Kubernetes
Intro into Rook and Ceph on KubernetesKublr
 

What's hot (20)

Storage as a service and OpenStack Cinder
Storage as a service and OpenStack CinderStorage as a service and OpenStack Cinder
Storage as a service and OpenStack Cinder
 
Filesystem as a service in OpenStack
Filesystem as a service in OpenStackFilesystem as a service in OpenStack
Filesystem as a service in OpenStack
 
Using Cinder Block Storage
Using Cinder Block StorageUsing Cinder Block Storage
Using Cinder Block Storage
 
reInvent 2021 Recap and k9s review
reInvent 2021 Recap and k9s reviewreInvent 2021 Recap and k9s review
reInvent 2021 Recap and k9s review
 
Istio (service mesh) why and how
Istio (service mesh) why and howIstio (service mesh) why and how
Istio (service mesh) why and how
 
Deep Dive into Openstack Storage, Sean Cohen, Red Hat
Deep Dive into Openstack Storage, Sean Cohen, Red HatDeep Dive into Openstack Storage, Sean Cohen, Red Hat
Deep Dive into Openstack Storage, Sean Cohen, Red Hat
 
Kubernetes day 2_jozef_halgas_pf
Kubernetes day 2_jozef_halgas_pfKubernetes day 2_jozef_halgas_pf
Kubernetes day 2_jozef_halgas_pf
 
OpenStack Cinder Overview - Havana Release
OpenStack Cinder Overview - Havana ReleaseOpenStack Cinder Overview - Havana Release
OpenStack Cinder Overview - Havana Release
 
Open stack solidfire-mavenspire-meetup
Open stack solidfire-mavenspire-meetupOpen stack solidfire-mavenspire-meetup
Open stack solidfire-mavenspire-meetup
 
Zun project update (boston summit)
Zun project update (boston summit)Zun project update (boston summit)
Zun project update (boston summit)
 
Elasticsearch on Kubernetes
Elasticsearch on KubernetesElasticsearch on Kubernetes
Elasticsearch on Kubernetes
 
Storage as a service OpenStack
Storage as a service OpenStackStorage as a service OpenStack
Storage as a service OpenStack
 
OpenStack Contribution Workflow
OpenStack Contribution WorkflowOpenStack Contribution Workflow
OpenStack Contribution Workflow
 
Zun presentation (OpenStack Barcelona summit)
Zun presentation (OpenStack Barcelona summit)Zun presentation (OpenStack Barcelona summit)
Zun presentation (OpenStack Barcelona summit)
 
How to make cloud native platform by kubernetes
How to make cloud native platform by kubernetesHow to make cloud native platform by kubernetes
How to make cloud native platform by kubernetes
 
DevOps in AWS with Kubernetes
DevOps in AWS with KubernetesDevOps in AWS with Kubernetes
DevOps in AWS with Kubernetes
 
Kubernetes dealing with storage and persistence
Kubernetes dealing with storage and persistenceKubernetes dealing with storage and persistence
Kubernetes dealing with storage and persistence
 
K8s cluster autoscaler
K8s cluster autoscaler K8s cluster autoscaler
K8s cluster autoscaler
 
Introduction to OpenStack Cinder
Introduction to OpenStack CinderIntroduction to OpenStack Cinder
Introduction to OpenStack Cinder
 
Intro into Rook and Ceph on Kubernetes
Intro into Rook and Ceph on KubernetesIntro into Rook and Ceph on Kubernetes
Intro into Rook and Ceph on Kubernetes
 

Similar to Kubernetes Journey at Intuit: Building a Modern SaaS Platform

Mattia Gandolfi - Improving utilization and portability with Containers and C...
Mattia Gandolfi - Improving utilization and portability with Containers and C...Mattia Gandolfi - Improving utilization and portability with Containers and C...
Mattia Gandolfi - Improving utilization and portability with Containers and C...Codemotion
 
PuppetConf 2017: Kubernetes in the Cloud w/ Puppet + Google Container Engine-...
PuppetConf 2017: Kubernetes in the Cloud w/ Puppet + Google Container Engine-...PuppetConf 2017: Kubernetes in the Cloud w/ Puppet + Google Container Engine-...
PuppetConf 2017: Kubernetes in the Cloud w/ Puppet + Google Container Engine-...Puppet
 
Scylla on Kubernetes: Introducing the Scylla Operator
Scylla on Kubernetes: Introducing the Scylla OperatorScylla on Kubernetes: Introducing the Scylla Operator
Scylla on Kubernetes: Introducing the Scylla OperatorScyllaDB
 
Intro to Kubernetes & GitOps Workshop
Intro to Kubernetes & GitOps WorkshopIntro to Kubernetes & GitOps Workshop
Intro to Kubernetes & GitOps WorkshopWeaveworks
 
OSDC 2018 | Three years running containers with Kubernetes in Production by T...
OSDC 2018 | Three years running containers with Kubernetes in Production by T...OSDC 2018 | Three years running containers with Kubernetes in Production by T...
OSDC 2018 | Three years running containers with Kubernetes in Production by T...NETWAYS
 
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud - An...
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud - An...Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud - An...
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud - An...VMware Tanzu
 
Kubernetes extensibility: crd & operators
Kubernetes extensibility: crd & operators Kubernetes extensibility: crd & operators
Kubernetes extensibility: crd & operators Giacomo Tirabassi
 
Kubernetes extensibility: CRDs & Operators
Kubernetes extensibility: CRDs & OperatorsKubernetes extensibility: CRDs & Operators
Kubernetes extensibility: CRDs & OperatorsSIGHUP
 
1. CNCF kubernetes meetup - Ondrej Sika
1. CNCF kubernetes meetup - Ondrej Sika1. CNCF kubernetes meetup - Ondrej Sika
1. CNCF kubernetes meetup - Ondrej SikaJuraj Hantak
 
QConSF18 - Disenchantment: Netflix Titus, its Feisty Team, and Daemons
QConSF18 - Disenchantment: Netflix Titus, its Feisty Team, and DaemonsQConSF18 - Disenchantment: Netflix Titus, its Feisty Team, and Daemons
QConSF18 - Disenchantment: Netflix Titus, its Feisty Team, and Daemonsaspyker
 
Delivering-Off-The-Shelf Software with Kubernetes- November 12, 2020
Delivering-Off-The-Shelf Software with Kubernetes- November 12, 2020Delivering-Off-The-Shelf Software with Kubernetes- November 12, 2020
Delivering-Off-The-Shelf Software with Kubernetes- November 12, 2020VMware Tanzu
 
AWS reinvent 2019 recap - Riyadh - Containers and Serverless - Paul Maddox
AWS reinvent 2019 recap - Riyadh - Containers and Serverless - Paul MaddoxAWS reinvent 2019 recap - Riyadh - Containers and Serverless - Paul Maddox
AWS reinvent 2019 recap - Riyadh - Containers and Serverless - Paul MaddoxAWS Riyadh User Group
 
Netflix Container Scheduling and Execution - QCon New York 2016
Netflix Container Scheduling and Execution - QCon New York 2016Netflix Container Scheduling and Execution - QCon New York 2016
Netflix Container Scheduling and Execution - QCon New York 2016aspyker
 
Scheduling a fuller house - Talk at QCon NY 2016
Scheduling a fuller house - Talk at QCon NY 2016Scheduling a fuller house - Talk at QCon NY 2016
Scheduling a fuller house - Talk at QCon NY 2016Sharma Podila
 
Pivotal Container Service Overview
Pivotal Container Service Overview Pivotal Container Service Overview
Pivotal Container Service Overview VMware Tanzu
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetesRishabh Indoria
 
Hardening Kubernetes Cluster
Hardening Kubernetes ClusterHardening Kubernetes Cluster
Hardening Kubernetes ClusterKnoldus Inc.
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetesHelder Klemp
 
Kubernetes Administration from Zero to Hero.pdf
Kubernetes Administration from Zero to Hero.pdfKubernetes Administration from Zero to Hero.pdf
Kubernetes Administration from Zero to Hero.pdfArzooGupta16
 
Deploying PostgreSQL on Kubernetes
Deploying PostgreSQL on KubernetesDeploying PostgreSQL on Kubernetes
Deploying PostgreSQL on KubernetesJimmy Angelakos
 

Similar to Kubernetes Journey at Intuit: Building a Modern SaaS Platform (20)

Mattia Gandolfi - Improving utilization and portability with Containers and C...
Mattia Gandolfi - Improving utilization and portability with Containers and C...Mattia Gandolfi - Improving utilization and portability with Containers and C...
Mattia Gandolfi - Improving utilization and portability with Containers and C...
 
PuppetConf 2017: Kubernetes in the Cloud w/ Puppet + Google Container Engine-...
PuppetConf 2017: Kubernetes in the Cloud w/ Puppet + Google Container Engine-...PuppetConf 2017: Kubernetes in the Cloud w/ Puppet + Google Container Engine-...
PuppetConf 2017: Kubernetes in the Cloud w/ Puppet + Google Container Engine-...
 
Scylla on Kubernetes: Introducing the Scylla Operator
Scylla on Kubernetes: Introducing the Scylla OperatorScylla on Kubernetes: Introducing the Scylla Operator
Scylla on Kubernetes: Introducing the Scylla Operator
 
Intro to Kubernetes & GitOps Workshop
Intro to Kubernetes & GitOps WorkshopIntro to Kubernetes & GitOps Workshop
Intro to Kubernetes & GitOps Workshop
 
OSDC 2018 | Three years running containers with Kubernetes in Production by T...
OSDC 2018 | Three years running containers with Kubernetes in Production by T...OSDC 2018 | Three years running containers with Kubernetes in Production by T...
OSDC 2018 | Three years running containers with Kubernetes in Production by T...
 
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud - An...
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud - An...Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud - An...
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud - An...
 
Kubernetes extensibility: crd & operators
Kubernetes extensibility: crd & operators Kubernetes extensibility: crd & operators
Kubernetes extensibility: crd & operators
 
Kubernetes extensibility: CRDs & Operators
Kubernetes extensibility: CRDs & OperatorsKubernetes extensibility: CRDs & Operators
Kubernetes extensibility: CRDs & Operators
 
1. CNCF kubernetes meetup - Ondrej Sika
1. CNCF kubernetes meetup - Ondrej Sika1. CNCF kubernetes meetup - Ondrej Sika
1. CNCF kubernetes meetup - Ondrej Sika
 
QConSF18 - Disenchantment: Netflix Titus, its Feisty Team, and Daemons
QConSF18 - Disenchantment: Netflix Titus, its Feisty Team, and DaemonsQConSF18 - Disenchantment: Netflix Titus, its Feisty Team, and Daemons
QConSF18 - Disenchantment: Netflix Titus, its Feisty Team, and Daemons
 
Delivering-Off-The-Shelf Software with Kubernetes- November 12, 2020
Delivering-Off-The-Shelf Software with Kubernetes- November 12, 2020Delivering-Off-The-Shelf Software with Kubernetes- November 12, 2020
Delivering-Off-The-Shelf Software with Kubernetes- November 12, 2020
 
AWS reinvent 2019 recap - Riyadh - Containers and Serverless - Paul Maddox
AWS reinvent 2019 recap - Riyadh - Containers and Serverless - Paul MaddoxAWS reinvent 2019 recap - Riyadh - Containers and Serverless - Paul Maddox
AWS reinvent 2019 recap - Riyadh - Containers and Serverless - Paul Maddox
 
Netflix Container Scheduling and Execution - QCon New York 2016
Netflix Container Scheduling and Execution - QCon New York 2016Netflix Container Scheduling and Execution - QCon New York 2016
Netflix Container Scheduling and Execution - QCon New York 2016
 
Scheduling a fuller house - Talk at QCon NY 2016
Scheduling a fuller house - Talk at QCon NY 2016Scheduling a fuller house - Talk at QCon NY 2016
Scheduling a fuller house - Talk at QCon NY 2016
 
Pivotal Container Service Overview
Pivotal Container Service Overview Pivotal Container Service Overview
Pivotal Container Service Overview
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
 
Hardening Kubernetes Cluster
Hardening Kubernetes ClusterHardening Kubernetes Cluster
Hardening Kubernetes Cluster
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
 
Kubernetes Administration from Zero to Hero.pdf
Kubernetes Administration from Zero to Hero.pdfKubernetes Administration from Zero to Hero.pdf
Kubernetes Administration from Zero to Hero.pdf
 
Deploying PostgreSQL on Kubernetes
Deploying PostgreSQL on KubernetesDeploying PostgreSQL on Kubernetes
Deploying PostgreSQL on Kubernetes
 

Recently uploaded

Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779Delhi Call girls
 
George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024eCommerce Institute
 
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...NETWAYS
 
call girls in delhi malviya nagar @9811711561@
call girls in delhi malviya nagar @9811711561@call girls in delhi malviya nagar @9811711561@
call girls in delhi malviya nagar @9811711561@vikas rana
 
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...NETWAYS
 
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...Hasting Chen
 
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )Pooja Nehwal
 
Genesis part 2 Isaiah Scudder 04-24-2024.pptx
Genesis part 2 Isaiah Scudder 04-24-2024.pptxGenesis part 2 Isaiah Scudder 04-24-2024.pptx
Genesis part 2 Isaiah Scudder 04-24-2024.pptxFamilyWorshipCenterD
 
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...Krijn Poppe
 
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...Kayode Fayemi
 
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...NETWAYS
 
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara ServicesVVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara ServicesPooja Nehwal
 
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...NETWAYS
 
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝soniya singh
 
Microsoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AIMicrosoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AITatiana Gurgel
 
Motivation and Theory Maslow and Murray pdf
Motivation and Theory Maslow and Murray pdfMotivation and Theory Maslow and Murray pdf
Motivation and Theory Maslow and Murray pdfakankshagupta7348026
 
LANDMARKS AND MONUMENTS IN NIGERIA.pptx
LANDMARKS AND MONUMENTS IN NIGERIA.pptxLANDMARKS AND MONUMENTS IN NIGERIA.pptx
LANDMARKS AND MONUMENTS IN NIGERIA.pptxBasil Achie
 
Philippine History cavite Mutiny Report.ppt
Philippine History cavite Mutiny Report.pptPhilippine History cavite Mutiny Report.ppt
Philippine History cavite Mutiny Report.pptssuser319dad
 
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStr
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStrSaaStr Workshop Wednesday w: Jason Lemkin, SaaStr
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStrsaastr
 
Call Girls in Rohini Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Rohini Delhi 💯Call Us 🔝8264348440🔝Call Girls in Rohini Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Rohini Delhi 💯Call Us 🔝8264348440🔝soniya singh
 

Recently uploaded (20)

Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
 
George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024
 
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
 
call girls in delhi malviya nagar @9811711561@
call girls in delhi malviya nagar @9811711561@call girls in delhi malviya nagar @9811711561@
call girls in delhi malviya nagar @9811711561@
 
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...
Open Source Camp Kubernetes 2024 | Running WebAssembly on Kubernetes by Alex ...
 
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
 
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
 
Genesis part 2 Isaiah Scudder 04-24-2024.pptx
Genesis part 2 Isaiah Scudder 04-24-2024.pptxGenesis part 2 Isaiah Scudder 04-24-2024.pptx
Genesis part 2 Isaiah Scudder 04-24-2024.pptx
 
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
 
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
Governance and Nation-Building in Nigeria: Some Reflections on Options for Po...
 
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
 
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara ServicesVVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
 
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
Open Source Camp Kubernetes 2024 | Monitoring Kubernetes With Icinga by Eric ...
 
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
Call Girls in Sarojini Nagar Market Delhi 💯 Call Us 🔝8264348440🔝
 
Microsoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AIMicrosoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AI
 
Motivation and Theory Maslow and Murray pdf
Motivation and Theory Maslow and Murray pdfMotivation and Theory Maslow and Murray pdf
Motivation and Theory Maslow and Murray pdf
 
LANDMARKS AND MONUMENTS IN NIGERIA.pptx
LANDMARKS AND MONUMENTS IN NIGERIA.pptxLANDMARKS AND MONUMENTS IN NIGERIA.pptx
LANDMARKS AND MONUMENTS IN NIGERIA.pptx
 
Philippine History cavite Mutiny Report.ppt
Philippine History cavite Mutiny Report.pptPhilippine History cavite Mutiny Report.ppt
Philippine History cavite Mutiny Report.ppt
 
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStr
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStrSaaStr Workshop Wednesday w: Jason Lemkin, SaaStr
SaaStr Workshop Wednesday w: Jason Lemkin, SaaStr
 
Call Girls in Rohini Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Rohini Delhi 💯Call Us 🔝8264348440🔝Call Girls in Rohini Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Rohini Delhi 💯Call Us 🔝8264348440🔝
 

Kubernetes Journey at Intuit: Building a Modern SaaS Platform

  • 1. December 14, 2019 Intuit Kubernetes Journey - Ravi & Laks
  • 2. ● Why we built Modern Saas Platform? ● What is it? ● How we built it? Agenda
  • 3. Intuit Confidential and Proprietary 3 Measured value Expected Improvement Recoverability X 10X faster Release cycle time (days) (PR to deploy) Y 1.4Y faster Release frequency (days) Z 3Z faster Goals
  • 4. Intuit Confidential and Proprietary 4 Monolith vs Microservice
  • 5. Intuit Confidential and Proprietary 5 Service Onboarding Prior to M-SaaS I want to develop new micro service ● Create Service on Service Portal ● Get an Cloud Account - ● Create all the basic resources in AWS ● If you have Web server do this... ● Monitoring Alerting Logs….. ● : ● Take care of AWS SG, EC2, Auto scaling, R53, Ingress, Egress ● Create ○ Git Repo ○ Pipeline ○ Set up CD … ○ ……. Takes few weeks to set up and run the service Steep learning curve Multiple AWS Accounts Take care of security patches periodically
  • 6. Intuit Confidential and Proprietary 6 Monolith vs Microservice
  • 7. Intuit Confidential and Proprietary 7 Service Onboarding Today…. with M-SaaS VELOCITY OPERABILITY SECURITY I want to develop new micro service AppD Microservice 15 minutes
  • 9. Intuit Confidential and Proprietary 9 The Modern SaaS Platform @ Intuit
  • 10. Intuit Confidential and Proprietary 10 Journey so far … Services on MSaaS
  • 11. Intuit Confidential and Proprietary 11 alb-ingress kube-dns fluentd metrics prometheus autoscaler Addons User namespace 1 User namespace 2 User namespace 3 User namespace n Applications kube-apiserver kube-proxy K8s Control Plane kube-scheduler kube-controlleretcd Each Kubernetes cluster today ...
  • 12. Intuit Confidential and Proprietary 12 Master Nodes alb-ingress kiam eventrouter metrics kube-dns autoscaler Addons kube-apiserver kube-proxy K8s Control Plane kube-scheduler kube-controlleretcd Each Kubernetes cluster today ...
  • 13. Intuit Confidential and Proprietary 13 The Challenges
  • 14. Intuit Confidential and Proprietary 14 Multi-tenancy - What does each tenant mean? - Namespace? - Kubernetes objects with the same label? - Some CRD? We decided to go with Kubernetes Namespaces
  • 15. Intuit Confidential and Proprietary 15 More Multi-tenancy issues - Noisy neighbour - Customized setup - Tenant specific AMIs - Tenant specific instance types - Cost accounting
  • 16. Intuit Confidential and Proprietary 16 - Common functionality needed by all apps on a cluster: DNS, Logs, Metrics etc., - Multi Tenancy - Noisy neighbour, Instance Types - Resiliency and Hardening - Deep Monitoring - Cost Efficiency The Challanges
  • 17. Intuit Confidential and Proprietary 17 Addons - Common functionality needed by all apps on a cluster - DNS, log forwarding, metrics, identity, etc. - Integrate with other AWS services such as ALB.
  • 18. Intuit Confidential and Proprietary 18 Resilience and hardening ... - Pods stuck in terminating state ... - EC2 instance networking broken … - Bunch of 502s during upgrade...
  • 19. Intuit Confidential and Proprietary 19 Deep monitoring - Not enough to simply check if components are “up” - Deep monitoring - Actually exercise the functionality - Periodically - Preferably automatic remediation
  • 20. Intuit Confidential and Proprietary 20 Cost efficiency - How do we reduce costs?
  • 21. Intuit Confidential and Proprietary 21 The Solutions
  • 22. Intuit Confidential and Proprietary 22 Keiko “Keiko provides a set of independent open-source tools for orchestration and management of multi-tenant, reliable, secure and efficient Kubernetes clusters at scale.” github.com/keikoproj Instance manager Kube forensics Upgrade manager Active monitor Addon manager Governor Minion manager
  • 23. Intuit Confidential and Proprietary 23 Keiko Orchestration Instance-manager Upgrade-manager Reliability Governor Cost Eff Minion Manager Addon Manager Security Kube-Forensics Monitoring Active-monitor
  • 24. Intuit Confidential and Proprietary 24 Addon-Manager Addons are critical components within a Kubernetes cluster that provide basic services needed by applications like DNS, Ingress, Metrics, Logging, etc. Addon Manager provides a CRD for lifecycle management of such addons using Argo Workflows.
  • 25. Intuit Confidential and Proprietary 25 Addon-Manager
  • 26. Intuit Confidential and Proprietary 26 Multi-tenancy solutions - Instance Group per Namespace - Customized labels - Centralized upgrades We decided to go with ...
  • 27. Intuit Confidential and Proprietary 27 Instance-manager - Declaratively provision and manage ASGs (nodes) - Number and type of nodes - Labels and taints - Subnets and security groups $ kubectl create -f /tmp/hello_world.yaml instancegroup.instancemgr.keikoproj.io/hello-world created $ kubectl get igs NAME STATE MIN MAX GROUP NAME PROVISIONER STRATEGY AGE hello-world Ready 2 3 shri-east-2-instance-manager-hello-world-NodeGroup-16Y8ZA1ZJW8JK eks-cf crd 3m nodes Ready 2 3 shri-east-2-instance-manager-nodes-NodeGroup-1K1T3YSXCCCK9 eks-cf crd 1d
  • 28. Intuit Confidential and Proprietary 28 Upgrade-manager - Upgrade Manager provides RollingUpgrade, a Kubernetes native mechanism for doing rolling-updates of instances in an AutoScaling group using a CRD and a controller.
  • 29. Intuit Confidential and Proprietary 29 Governor Governor improves the stability of large Kubernetes clusters by proactively terminating failed but stuck pods and misbehaving nodes.
  • 30. Intuit Confidential and Proprietary 30 Active-monitor Active-Monitor is a Kubernetes custom resource controller which uses Argo Workflows for deep cluster monitoring.
  • 31. Intuit Confidential and Proprietary 31 Minion-manager Minion-manager enables the intelligent use of Spot Instances in Kubernetes clusters on AWS. This is done by factoring in on-demand prices, spot-instance prices and current state of the AutoScalingGroups.
  • 32. Intuit Confidential and Proprietary 32 Kube-forensics Kube-forensics allows a cluster administrator to dump the current state of a running pod and all its containers so that security professionals can perform offline forensic analysis.
  • 33. Intuit Confidential and Proprietary 33 Keiko github.com/keikoproj Instance manager Kube forensics Upgrade manager Active monitor Addon manager Governor Minion manager github.com/keikoproj github.com/argoproj twitter.com/keikoproj
  • 34. Intuit Confidential and Proprietary 34 Coming up ... - Kubernetes control plane using EKS - Multi-cluster Service Mesh using Istio - OpenTelemetry - GitOps for AWS resources - Experimentation platform - And more ...
  • 35. Intuit Confidential and Proprietary 35 There’s a lot happening ... <We are hiring /> Ravi_Hari@intuit.com https://www.linkedin.com/in/ravi-hari-46896a15/ laks@intuit.com https://www.linkedin.com/in/laks1/
  • 36. 36