Net core, mssql, container und kubernetesThomas Fricke
This document discusses Google Cloud Platform and related technologies like .NET Core, SQL Server, containers, and Kubernetes. It provides an agenda for a user group meeting that will cover containers, Kubernetes, CoreOS, creating and running a .NET application in a Docker container, container registries, setting up a local Kubernetes cluster, and using pods and services. There is also information about Endocode, a company that provides software solutions and open source projects using technologies like these.
Monitoring, Logging and Tracing on KubernetesMartin Etmajer
The document discusses monitoring, logging and tracing tools for Kubernetes including Heapster, Grafana, Fluentd, Elastic Stack, Jolokia and OpenTracing. It provides examples of deploying Heapster with InfluxDB and Grafana for metrics collection, Fluentd to ingest container logs into Elasticsearch, and using Jolokia and OpenTracing for remote access to JMX metrics and distributed tracing functionality.
Kubernetes Architecture and Introduction – Paris Kubernetes MeetupStefan Schimanski
The document provides an overview of Kubernetes architecture and introduces how to deploy Kubernetes clusters on different platforms like Mesosphere's DCOS, Google Container Engine, and Mesos/Docker. It discusses the core components of Kubernetes including the API server, scheduler, controller manager and kubelet. It also demonstrates how to interact with Kubernetes using kubectl and view cluster state.
Traditional virtualization technologies have been used by cloud infrastructure providers for many years in providing isolated environments for hosting applications. These technologies make use of full-blown operating system images for creating virtual machines (VMs). According to this architecture, each VM needs its own guest operating system to run application processes. More recently, with the introduction of the Docker project, the Linux Container (LXC) virtualization technology became popular and attracted the attention. Unlike VMs, containers do not need a dedicated guest operating system for providing OS-level isolation, rather they can provide the same level of isolation on top of a single operating system instance.
An enterprise application may need to run a server cluster to handle high request volumes. Running an entire server cluster on Docker containers, on a single Docker host could introduce the risk of single point of failure. Google started a project called Kubernetes to solve this problem. Kubernetes provides a cluster of Docker hosts for managing Docker containers in a clustered environment. It provides an API on top of Docker API for managing docker containers on multiple Docker hosts with many more features.
This document provides an overview of Docker including:
- Docker allows building applications once and deploying them anywhere reliably through containers that provide resource isolation.
- Key Docker components include images, resource isolation using cgroups and namespaces, filesystem isolation using layers, and networking capabilities.
- Under the hood, Docker utilizes cgroups for resource accounting, namespaces for isolation, security features like capabilities and AppArmor, and UnionFS for the layered filesystem.
- The Docker codebase includes components for the daemon, API, image and container management, networking, and integration testing. Commonly used packages include libcontainer for namespaces and cgroups and packages for security, mounting, and networking.
Docker orchestration using core os and ansible - Ansible IL 2015Leonid Mirsky
The last couple of years have seen an increasing interest in Docker and related technologies. One of these technologies is CoreOS, a new operating system built from the ground up for running Docker containers at scale.
In this talk we will learn about CoreOS main concepts and tools. We will get our hands dirty as we work together toward a goal of running a CoreOS cluster on AWS (using Ansible) and running docker containers on it.
The talk will conclude with a discussion on the place of Ansible (and configuration management tools in general) in the "next-generation" stack.
Build Your Own CaaS (Container as a Service)HungWei Chiu
In this slide, I introduce the kubernetes and show an example what is CaaS and what it can provides.
Besides, I also introduce how to setup a continuous integration and continuous deployment for the CaaS platform.
This document discusses Docker, including:
1. Docker is a platform for running and managing Linux containers that provides operating-system-level virtualization without the overhead of traditional virtual machines.
2. Key Docker concepts include images (immutable templates for containers), containers (running instances of images that have mutable state), and layers (the building blocks of images).
3. Publishing Docker images to registries allows them to be shared and reused across different systems. Volumes and networking allow containers to share filesystems and communicate.
Net core, mssql, container und kubernetesThomas Fricke
This document discusses Google Cloud Platform and related technologies like .NET Core, SQL Server, containers, and Kubernetes. It provides an agenda for a user group meeting that will cover containers, Kubernetes, CoreOS, creating and running a .NET application in a Docker container, container registries, setting up a local Kubernetes cluster, and using pods and services. There is also information about Endocode, a company that provides software solutions and open source projects using technologies like these.
Monitoring, Logging and Tracing on KubernetesMartin Etmajer
The document discusses monitoring, logging and tracing tools for Kubernetes including Heapster, Grafana, Fluentd, Elastic Stack, Jolokia and OpenTracing. It provides examples of deploying Heapster with InfluxDB and Grafana for metrics collection, Fluentd to ingest container logs into Elasticsearch, and using Jolokia and OpenTracing for remote access to JMX metrics and distributed tracing functionality.
Kubernetes Architecture and Introduction – Paris Kubernetes MeetupStefan Schimanski
The document provides an overview of Kubernetes architecture and introduces how to deploy Kubernetes clusters on different platforms like Mesosphere's DCOS, Google Container Engine, and Mesos/Docker. It discusses the core components of Kubernetes including the API server, scheduler, controller manager and kubelet. It also demonstrates how to interact with Kubernetes using kubectl and view cluster state.
Traditional virtualization technologies have been used by cloud infrastructure providers for many years in providing isolated environments for hosting applications. These technologies make use of full-blown operating system images for creating virtual machines (VMs). According to this architecture, each VM needs its own guest operating system to run application processes. More recently, with the introduction of the Docker project, the Linux Container (LXC) virtualization technology became popular and attracted the attention. Unlike VMs, containers do not need a dedicated guest operating system for providing OS-level isolation, rather they can provide the same level of isolation on top of a single operating system instance.
An enterprise application may need to run a server cluster to handle high request volumes. Running an entire server cluster on Docker containers, on a single Docker host could introduce the risk of single point of failure. Google started a project called Kubernetes to solve this problem. Kubernetes provides a cluster of Docker hosts for managing Docker containers in a clustered environment. It provides an API on top of Docker API for managing docker containers on multiple Docker hosts with many more features.
This document provides an overview of Docker including:
- Docker allows building applications once and deploying them anywhere reliably through containers that provide resource isolation.
- Key Docker components include images, resource isolation using cgroups and namespaces, filesystem isolation using layers, and networking capabilities.
- Under the hood, Docker utilizes cgroups for resource accounting, namespaces for isolation, security features like capabilities and AppArmor, and UnionFS for the layered filesystem.
- The Docker codebase includes components for the daemon, API, image and container management, networking, and integration testing. Commonly used packages include libcontainer for namespaces and cgroups and packages for security, mounting, and networking.
Docker orchestration using core os and ansible - Ansible IL 2015Leonid Mirsky
The last couple of years have seen an increasing interest in Docker and related technologies. One of these technologies is CoreOS, a new operating system built from the ground up for running Docker containers at scale.
In this talk we will learn about CoreOS main concepts and tools. We will get our hands dirty as we work together toward a goal of running a CoreOS cluster on AWS (using Ansible) and running docker containers on it.
The talk will conclude with a discussion on the place of Ansible (and configuration management tools in general) in the "next-generation" stack.
Build Your Own CaaS (Container as a Service)HungWei Chiu
In this slide, I introduce the kubernetes and show an example what is CaaS and what it can provides.
Besides, I also introduce how to setup a continuous integration and continuous deployment for the CaaS platform.
This document discusses Docker, including:
1. Docker is a platform for running and managing Linux containers that provides operating-system-level virtualization without the overhead of traditional virtual machines.
2. Key Docker concepts include images (immutable templates for containers), containers (running instances of images that have mutable state), and layers (the building blocks of images).
3. Publishing Docker images to registries allows them to be shared and reused across different systems. Volumes and networking allow containers to share filesystems and communicate.
In this talk, Michal Crosby will present on runC and Containerd, the internals and how they work together to start and manage containers in Docker. Afterwards, Arnaud Porterie will touch on about what was shipped in 1.11 and how it will enable some of the things we are working on for 1.12.
Intro- Docker Native for OSX and WindowsThomas Chacko
The document discusses Docker on various operating systems including Linux, Windows, and Mac OS X. It provides an overview of using Docker Toolbox versus installing Docker natively. When using Docker natively, it installs the Docker client, engine, compose and other tools directly onto the operating system leveraging native virtualization capabilities for improved performance compared to Docker Toolbox. However, the native versions are currently in beta with some limitations like only allowing one Linux virtual machine on Windows Hyper-V.
This document discusses container orchestration and provides an overview of different container orchestration technologies including Mesos, Kubernetes, CoreOS Fleet, and Docker libswarm. It explains the benefits of containers and orchestration, and covers concepts like schedulers, service discovery, monitoring, and clustering.
Scaling Docker Containers using Kubernetes and Azure Container ServiceBen Hall
This document discusses scaling Docker containers using Kubernetes and Azure Container Service. It begins with an introduction to containers and Docker, including how containers improve dependency and configuration management. It then demonstrates building and deploying containerized applications using Docker and discusses how to optimize Docker images. Finally, it introduces Kubernetes as a tool for orchestrating containers at scale and provides an example of deploying a containerized application on Kubernetes in Azure.
Kubernetes Basics provides an overview of Kubernetes concepts and components. It discusses pods vs deployments, scaling deployments, rolling updates, stateful vs stateless applications, daemon sets, secrets, configmaps, services, ingress, storage classes, network policies, and Kubernetes CLI commands. Hands-on examples are given for running commands, exposing services, deleting resources, executing commands in pods, viewing logs, and getting resource information. YAML files are shown for defining deployments, services, and ingress. Skills discussed include using configmaps as environment variables, sidecar deployments, init containers, labels and node selectors, private registries, taints and tolerations, resource management, and readiness and liveness probes.
This document provides a high-level overview of Kubernetes in under 30 minutes. It begins with basic concepts like nodes, pods, replica sets, deployments, and services. It then covers additional concepts like secrets, config maps, ingress, daemon sets, pet sets/stateful sets and services. The document aims to explain the main components of Kubernetes and how they work together at a high level to deploy and manage container-based applications.
KubeCon EU 2016: A Practical Guide to Container SchedulingKubeAcademy
Containers are at the forefront of a new wave of technology innovation but the methods for scheduling and managing them are still new to most developers. In this talk we'll look at the kind of problems that container scheduling solves and at how maximising efficiency and maiximising QoS don't have to be exclusive goals. We'll take a behind the scenes look at the Kubernetes scheduler: How does it prioritize? What about node selection and external dependencies? How do you schedule based on your own specific needs? How does it scale and what’s in it both for developers already using containers and for those that aren't? We’ll use a combination of slides, code, demos to answer all these questions and hopefully all of yours.
Sched Link: http://sched.co/6BZa
Deploy at scale with CoreOS Kubernetes and Apache StratosChris Haddad
Platform-as-a-Service (PaaS) streamlines DevOps and allows developers to focus on application development. The PaaS handles provisioning, scaling, high availability, and tenancy.
Integration with the Docker platform, CoreOS Linux distribution, and Kubernetes container management system bring more scalability and flexibility to a PaaS. This session will include installing and deploying sample applications using Docker,CoreOS and Kubernetes, and a walkthrough on how it can be extended to support new application containers.
This document discusses Project Atomic and multi-container application packaging. It introduces Atomic Host, an optimized operating system for containers; Nulecule, a specification for describing multi-container applications; and Atomic App, a tool for installing applications defined by Nulecule specifications. Key components of Atomic Host like rpm-ostree and Cockpit are also summarized. The document encourages getting involved in the open source projects and provides references for learning more.
Using linuxKit to build custom rancherOS systems Moby Project
This document discusses modernizing RancherOS, a micro Linux distribution. It describes replacing System Docker with runC and Containerd to reduce size and improve performance. Through iterative changes like removing unused files, generating container specs, and customizing services, the initrd size was reduced from 245MB to 190MB and boot time from 30 seconds to 12 seconds. The final version can boot and serve HTTP requests within 7 seconds while maintaining compatibility with RancherOS.
This document provides an overview of Docker and Kubernetes concepts and demonstrates how to create and run Docker containers and Kubernetes pods and deployments. It begins with an introduction to virtual machines and containers before demonstrating how to build a Docker image and container. It then introduces Kubernetes concepts like masters, nodes, pods and deployments. The document walks through running example containers and pods using commands like docker run, kubectl run, kubectl get and kubectl delete. It also shows how to create pods and deployments from configuration files and set resource limits.
runC: The little engine that could (run Docker containers) by Docker Captain ...Docker, Inc.
With the announcement of the OCI by Solomon Hykes at last summer's DockerCon, a Docker-contributed reference implementation of the OCI spec, called runC, was born. While some of you may have tried runC or have a history of poking at the OS layer integration library to Linux namespaces, cgroups and the like (known as libcontainer), many of you may not know what runC offers. In this talk Phil Estes, Docker engine maintainer who has also contributed to libcontainer and runC, will show what's possible using runC as a lightweight and fast runtime environment to experiment with lower-level features of the container runtime. Phil will introduce a conversion tool called "riddler", which can inspect and convert container configurations from Docker into the proper OCI configuration bundle for easy conversion between the two environments. He'll also demonstrate how to make custom configurations for trying out security features like user namespaces and seccomp profiles.
Kubernetes is an open-source system for managing containerized applications across multiple hosts. It groups related containers into pods that are scheduled together on the same host. Key components include the master node for managing the cluster, minion nodes for hosting pods, and kubelet software for running pods and managing containers. Pods allow tight coupling of related containers, while labels provide loose organization of cooperating pods.
Kubernetes can orchestrate and manage container workloads through components like Pods, Deployments, DaemonSets, and StatefulSets. It schedules containers across a cluster based on resource needs and availability. Services enable discovery and network access to Pods, while ConfigMaps and Secrets allow injecting configuration and credentials into applications.
Containers provide isolation between processes using cgroups and namespaces to limit resource utilization and isolate processes. Containers run within a single operating system kernel and share the kernel with other containers, using fewer resources than virtual machines which run entire guest operating systems. Docker is the most common container platform and uses containerization to package applications and their dependencies into portable containers that can be run on any Linux server.
A small introduction to get started on Kubernetes as a user. This explains the main concepts like pod, deployment and services and gives some hints to help you use kubectl command.
These slides were presented in Grenoble Docker meetup in November 2017.
Containerd Internals: Building a Core Container RuntimePhil Estes
Containerd Internals: Building a Core Container Runtime discusses the architecture and internals of Containerd. It provides a brief history of Containerd and explains its goals of providing a clean API, full OCI support, and decoupled components. It describes Containerd's components like runtimes, storage, and snapshots. It then explains the processes of pulling an image, starting a container, and getting Prometheus metrics.
This document discusses Docker internals and components. It covers:
1. Docker provides build once, configure once capabilities to deploy applications everywhere reliably, consistently, efficiently and cheaply.
2. Docker components include the Docker daemon, libcontainer, cgroups, namespaces, AUFS/BTRFS/dm-thinp, and the kernel-userspace interface.
3. Docker uses filesystem isolation through layering, copy-on-write, caching and differencing using union filesystems like AUFS to provide efficient sharing of files between containers.
Continuous delivery of microservices with kubernetes - Quintor 27-2-2017Arjen Wassink
Kubernetes is an open-source system for automating deployment, scaling, and management of containerized applications. It groups containers that make up an application into logical units for easy management and discovery. Kubernetes can deploy containerized applications as microservices and provide mechanisms to update them without downtime using techniques like rolling updates. It also provides tools for service discovery, load balancing, storage orchestration, auto-scaling, self-healing, and more.
This document discusses Kubernetes usage at VMware SAAS. It covers dynamic provisioning of applications on Kubernetes, monitoring tools used like DataDog and Log Insight, and best practices for upgrading Kubernetes clusters. Key points include using stateless applications where possible, service discovery using Kubernetes services, dynamic provisioning using an onboarding service, and performing rolling upgrades for stateful applications to minimize downtime.
In this talk, Michal Crosby will present on runC and Containerd, the internals and how they work together to start and manage containers in Docker. Afterwards, Arnaud Porterie will touch on about what was shipped in 1.11 and how it will enable some of the things we are working on for 1.12.
Intro- Docker Native for OSX and WindowsThomas Chacko
The document discusses Docker on various operating systems including Linux, Windows, and Mac OS X. It provides an overview of using Docker Toolbox versus installing Docker natively. When using Docker natively, it installs the Docker client, engine, compose and other tools directly onto the operating system leveraging native virtualization capabilities for improved performance compared to Docker Toolbox. However, the native versions are currently in beta with some limitations like only allowing one Linux virtual machine on Windows Hyper-V.
This document discusses container orchestration and provides an overview of different container orchestration technologies including Mesos, Kubernetes, CoreOS Fleet, and Docker libswarm. It explains the benefits of containers and orchestration, and covers concepts like schedulers, service discovery, monitoring, and clustering.
Scaling Docker Containers using Kubernetes and Azure Container ServiceBen Hall
This document discusses scaling Docker containers using Kubernetes and Azure Container Service. It begins with an introduction to containers and Docker, including how containers improve dependency and configuration management. It then demonstrates building and deploying containerized applications using Docker and discusses how to optimize Docker images. Finally, it introduces Kubernetes as a tool for orchestrating containers at scale and provides an example of deploying a containerized application on Kubernetes in Azure.
Kubernetes Basics provides an overview of Kubernetes concepts and components. It discusses pods vs deployments, scaling deployments, rolling updates, stateful vs stateless applications, daemon sets, secrets, configmaps, services, ingress, storage classes, network policies, and Kubernetes CLI commands. Hands-on examples are given for running commands, exposing services, deleting resources, executing commands in pods, viewing logs, and getting resource information. YAML files are shown for defining deployments, services, and ingress. Skills discussed include using configmaps as environment variables, sidecar deployments, init containers, labels and node selectors, private registries, taints and tolerations, resource management, and readiness and liveness probes.
This document provides a high-level overview of Kubernetes in under 30 minutes. It begins with basic concepts like nodes, pods, replica sets, deployments, and services. It then covers additional concepts like secrets, config maps, ingress, daemon sets, pet sets/stateful sets and services. The document aims to explain the main components of Kubernetes and how they work together at a high level to deploy and manage container-based applications.
KubeCon EU 2016: A Practical Guide to Container SchedulingKubeAcademy
Containers are at the forefront of a new wave of technology innovation but the methods for scheduling and managing them are still new to most developers. In this talk we'll look at the kind of problems that container scheduling solves and at how maximising efficiency and maiximising QoS don't have to be exclusive goals. We'll take a behind the scenes look at the Kubernetes scheduler: How does it prioritize? What about node selection and external dependencies? How do you schedule based on your own specific needs? How does it scale and what’s in it both for developers already using containers and for those that aren't? We’ll use a combination of slides, code, demos to answer all these questions and hopefully all of yours.
Sched Link: http://sched.co/6BZa
Deploy at scale with CoreOS Kubernetes and Apache StratosChris Haddad
Platform-as-a-Service (PaaS) streamlines DevOps and allows developers to focus on application development. The PaaS handles provisioning, scaling, high availability, and tenancy.
Integration with the Docker platform, CoreOS Linux distribution, and Kubernetes container management system bring more scalability and flexibility to a PaaS. This session will include installing and deploying sample applications using Docker,CoreOS and Kubernetes, and a walkthrough on how it can be extended to support new application containers.
This document discusses Project Atomic and multi-container application packaging. It introduces Atomic Host, an optimized operating system for containers; Nulecule, a specification for describing multi-container applications; and Atomic App, a tool for installing applications defined by Nulecule specifications. Key components of Atomic Host like rpm-ostree and Cockpit are also summarized. The document encourages getting involved in the open source projects and provides references for learning more.
Using linuxKit to build custom rancherOS systems Moby Project
This document discusses modernizing RancherOS, a micro Linux distribution. It describes replacing System Docker with runC and Containerd to reduce size and improve performance. Through iterative changes like removing unused files, generating container specs, and customizing services, the initrd size was reduced from 245MB to 190MB and boot time from 30 seconds to 12 seconds. The final version can boot and serve HTTP requests within 7 seconds while maintaining compatibility with RancherOS.
This document provides an overview of Docker and Kubernetes concepts and demonstrates how to create and run Docker containers and Kubernetes pods and deployments. It begins with an introduction to virtual machines and containers before demonstrating how to build a Docker image and container. It then introduces Kubernetes concepts like masters, nodes, pods and deployments. The document walks through running example containers and pods using commands like docker run, kubectl run, kubectl get and kubectl delete. It also shows how to create pods and deployments from configuration files and set resource limits.
runC: The little engine that could (run Docker containers) by Docker Captain ...Docker, Inc.
With the announcement of the OCI by Solomon Hykes at last summer's DockerCon, a Docker-contributed reference implementation of the OCI spec, called runC, was born. While some of you may have tried runC or have a history of poking at the OS layer integration library to Linux namespaces, cgroups and the like (known as libcontainer), many of you may not know what runC offers. In this talk Phil Estes, Docker engine maintainer who has also contributed to libcontainer and runC, will show what's possible using runC as a lightweight and fast runtime environment to experiment with lower-level features of the container runtime. Phil will introduce a conversion tool called "riddler", which can inspect and convert container configurations from Docker into the proper OCI configuration bundle for easy conversion between the two environments. He'll also demonstrate how to make custom configurations for trying out security features like user namespaces and seccomp profiles.
Kubernetes is an open-source system for managing containerized applications across multiple hosts. It groups related containers into pods that are scheduled together on the same host. Key components include the master node for managing the cluster, minion nodes for hosting pods, and kubelet software for running pods and managing containers. Pods allow tight coupling of related containers, while labels provide loose organization of cooperating pods.
Kubernetes can orchestrate and manage container workloads through components like Pods, Deployments, DaemonSets, and StatefulSets. It schedules containers across a cluster based on resource needs and availability. Services enable discovery and network access to Pods, while ConfigMaps and Secrets allow injecting configuration and credentials into applications.
Containers provide isolation between processes using cgroups and namespaces to limit resource utilization and isolate processes. Containers run within a single operating system kernel and share the kernel with other containers, using fewer resources than virtual machines which run entire guest operating systems. Docker is the most common container platform and uses containerization to package applications and their dependencies into portable containers that can be run on any Linux server.
A small introduction to get started on Kubernetes as a user. This explains the main concepts like pod, deployment and services and gives some hints to help you use kubectl command.
These slides were presented in Grenoble Docker meetup in November 2017.
Containerd Internals: Building a Core Container RuntimePhil Estes
Containerd Internals: Building a Core Container Runtime discusses the architecture and internals of Containerd. It provides a brief history of Containerd and explains its goals of providing a clean API, full OCI support, and decoupled components. It describes Containerd's components like runtimes, storage, and snapshots. It then explains the processes of pulling an image, starting a container, and getting Prometheus metrics.
This document discusses Docker internals and components. It covers:
1. Docker provides build once, configure once capabilities to deploy applications everywhere reliably, consistently, efficiently and cheaply.
2. Docker components include the Docker daemon, libcontainer, cgroups, namespaces, AUFS/BTRFS/dm-thinp, and the kernel-userspace interface.
3. Docker uses filesystem isolation through layering, copy-on-write, caching and differencing using union filesystems like AUFS to provide efficient sharing of files between containers.
Continuous delivery of microservices with kubernetes - Quintor 27-2-2017Arjen Wassink
Kubernetes is an open-source system for automating deployment, scaling, and management of containerized applications. It groups containers that make up an application into logical units for easy management and discovery. Kubernetes can deploy containerized applications as microservices and provide mechanisms to update them without downtime using techniques like rolling updates. It also provides tools for service discovery, load balancing, storage orchestration, auto-scaling, self-healing, and more.
This document discusses Kubernetes usage at VMware SAAS. It covers dynamic provisioning of applications on Kubernetes, monitoring tools used like DataDog and Log Insight, and best practices for upgrading Kubernetes clusters. Key points include using stateless applications where possible, service discovery using Kubernetes services, dynamic provisioning using an onboarding service, and performing rolling upgrades for stateful applications to minimize downtime.
Docker allows building portable software that can run anywhere by packaging an application and its dependencies in a standardized unit called a container. Kubernetes is an open-source system for automating deployment, scaling, and management of containerized applications. It groups containers that make up an application into logical units for easy management and discovery. Kubernetes can replicate containers, provide load balancing, coordinate updates between containers, and ensure availability. Defining applications as Kubernetes resources allows them to be deployed and updated easily across a cluster.
More tips and tricks for running containers like a pro - Rancher Online MEetu...Shannon Williams
This document outlines the agenda for a Rancher meetup on tips and tricks for running containers like a pro. The agenda includes presentations on integrated secrets management, autoscaling with Rancher webhooks, using Traefik for load balancing, and the Kubernetes dashboard and Helm. It also provides information on the latest Rancher releases.
This document provides an overview of container management and Kubernetes concepts. It discusses delivery and deployment methods like classic deployment, containers, virtualization, and container orchestration. It then covers Kubernetes components like etcd, the control plane, and nodes. It outlines cluster administration tasks and best practices for cluster usage. Finally, it provides examples of Kubernetes resource types like pods, replica sets, and deployments.
This document provides an introduction to Kubernetes, including definitions of key concepts like pods, services, labels, replica sets, deployments, and horizontal pod autoscaling. It explains how Kubernetes abstracts and virtualizes resources to run and manage containers across a cluster. Examples and diagrams illustrate concepts like pod networking and canary deployments. The document recommends resources for learning more about Kubernetes and getting started, including Google Cloud Platform and a demo of Kubernetes capabilities.
Kubernetes on AWS allows users to deploy and manage Kubernetes clusters on the AWS cloud infrastructure. It provides tools to create clusters across multiple AWS availability zones for high availability. Users can define Kubernetes objects like pods, services, deployments etc using kubectl and utilize AWS services like EBS volumes for persistent storage. The presentation demonstrated setting up a Kubernetes cluster on AWS using kube-up.sh along with examples of using EBS volumes in pods through persistent volume claims. It also showed monitoring and managing applications running on the Kubernetes cluster deployed on AWS.
Idea to Production - with Gitlab and KubernetesSimon Dittlmann
Setting up a continuous delivery pipeline form scratch with gitlab.com and Kubernetes (Google Container Service GKE) on Google Cloud Platform.
The entire source code is available at https://github.com/Pindar/gcloud-k8s-express-app
Blog post https://www.itnotes.de/gitlab/kubernetes/k8s/gke/gcloud/2017/03/05/idea-to-production-with-gitlab-and-kubernetes/
Stateful set in kubernetes implementation & usecases Krishna-Kumar
This document summarizes a presentation on StatefulSets in Kubernetes. It discusses why StatefulSets are useful for running stateful applications in containers, the differences between stateful and stateless applications, how volumes are used in StatefulSets, examples of running single-instance and multi-instance stateful applications like Zookeeper, and the current status and future roadmap of StatefulSets in Kubernetes.
Smuggling Multi-Cloud Support into Cloud-native Applications using Elastic Co...Nane Kratzke
Elastic container platforms (like Kubernetes, Docker Swarm, Apache Mesos) fit very well with existing cloud-native application architecture approaches. So it is more than astonishing, that these already existing and open source available elastic platforms are not considered more consequently for multi-cloud approaches. Elastic container platforms provide inherent multi-cloud support that can be easily accessed. We present a solution proposal of a control process which is able to scale (and migrate as a side effect) elastic container platforms across different public and private cloud-service providers. This control loop can be used in an execution phase of self-adaptive auto-scaling MAPE loops (monitoring, analysis, planning, execution). Additionally, we present several lessons learned from our prototype implementation which might be of general interest for researchers and practitioners. For instance, to describe only the intended state of an elastic platform and let a single control process take care to reach this intended state is far less complex than to define plenty of specific and necessary multi-cloud aware workflows to deploy, migrate, terminate, scale up and scale down elastic platforms or applications.
Kubernetes on AWS at Europe's Leading Online Fashion PlatformHenning Jacobs
Henning Jacobs is a Kubernetes on AWS Hacker at Zalando Tech. His talk briefly covers our learnings in Zalando Tech while running Kubernetes on AWS in production.
Topics include:
- Cluster provisioning,
- AWS integration,
- Ingress,
- Cluster autoscaling,
- OAuth/IAM and
- Operations/monitoring.
https://www.meetup.com/Zalando-Tech-Events-Berlin/events/238212872/
Security best practices for kubernetes deploymentMichael Cherny
This document provides best practices for securing a Kubernetes deployment. It recommends integrating security into the CI/CD pipeline by only using vetted code for builds, scanning images for vulnerabilities, and using private registries to store and push only approved images. It also suggests limiting direct access to Kubernetes nodes, implementing fine-grained role-based access control and quotas, securely managing secrets, implementing network segmentation and "least privilege" controls. Finally, it stresses the importance of logging all activity and integrating logs with monitoring systems for visibility.
Kubernetes & Puppet is a presentation about using Puppet configuration management to provide and manage software in Kubernetes clusters. Puppet defines the desired configuration state and enforces it across different operating systems and devices, including Windows servers, Ubuntu servers, Cisco switches, and Kubernetes clusters. The presentation also discusses using Puppet to manage containers and how that is similar to managing software in production environments.
The document discusses the Kubernetes API server and its RESTful HTTP API. It describes the API endpoints for accessing different Kubernetes resources, how API groups and versions are organized, how API requests are routed and processed, how Kubernetes objects are converted between different versions, and how storage and code generation are used.
Checking in your deployment configuration as code
Helm is a tool that streamlines the creation, deployment and management of your Kubernetes-native applications. In this talk, we take a look at how Helm enables you to manage your deployment configurations as code, and demonstrate how it can be used to power your continuous delivery (CI/CD) pipeline.
Kubernetes as Orchestrator for A10 Lightning ControllerAkshay Mathur
The document discusses using Kubernetes as an orchestrator for A10 Lightning Controller. Some key points:
1) Kubernetes allows for automatic recovery of pods on failure, easy rolling upgrades of code, and automated scaling of microservices.
2) Using Kubernetes allows the controller to be deployed on-premise and scaled across multiple VMs, with automated launching and scaling. Installation is also now independent of the underlying infrastructure.
3) The journey involved moving from a manual deployment to a Kubernetes deployment, which simplified overlay networking, environment variable passing, and simplified adding/replacing nodes.
The document discusses Docker and Linux containers. It begins with an overview of traditional server virtualization compared to containers. Containers provide isolation at the process level using kernel namespaces for resources like filesystem, network, users and CPUs. Docker uses device mapper thin provisioning to manage disk images for container filesystems and the networking and cgroups APIs to isolate other resources.
Unraveling Docker Security: Lessons From a Production CloudSalman Baset
Unraveling Docker Security: Lessons From a Production Cloud
This document discusses Docker security issues in a multi-tenant cloud deployment model where containers from different tenants run on the same host machine. It outlines threats like containers attacking other containers or the host, and describes Docker features for isolation like namespaces, cgroups, capabilities, AppArmor, and restricting the Docker API. Putting these protections together can help provide security, but inherent issues remain with shared kernel access and some features needing further implementation.
Tokyo OpenStack Summit 2015: Unraveling Docker SecurityPhil Estes
A Docker security talk that Salman Baset and Phil Estes presented at the Tokyo OpenStack Summit on October 29th, 2015. In this talk we provided an overview of the security constraints available to Docker cloud operators and users and then walked through a "lessons learned" from experiences operating IBM's public Bluemix container cloud based on Docker container technology.
From Monolith to Docker Distributed ApplicationsCarlos Sanchez
Docker is revolutionizing the way people think about applications and deployments. It provides a simple way to run and distribute Linux containers for a variety of use cases, from lightweight virtual machines to complex distributed microservice architectures. But migrating an existing Java application to a distributed microservice architecture is no easy task, requiring a shift in the software development, networking, and storage to accommodate the new architecture. This presentation provides insights into the experience of the speaker and his colleagues in creating a Jenkins platform based on distributed Docker containers running on Apache Mesos and Marathon and applicable to all types of applications, especially Java- and JVM-based ones.
How Secure Is Your Container? ContainerCon Berlin 2016Phil Estes
A conference talk at ContainerCon Europe in Berlin, Germany, given on October 5th, 2016. This is a slightly modified version of my talk first used at Docker London in July 2016.
This document provides an introduction to Docker and containerization. It covers:
1. The differences between virtual machines and containers, and the container lifecycle.
2. An overview of the Docker ecosystem tools.
3. Instructions for installing and using the Docker Engine and Docker CLI to build, run, and manage containers.
4. A demonstration of using Docker Hub to build and store container images.
5. An introduction to Docker networking and volumes.
6. A demonstration of using Docker Compose to define and run multi-container applications.
7. Suggestions for further learning resources about Docker.
This document outlines the curriculum for an introduction to containerization presentation. It includes slides and hands-on exercises on installing Docker, building Docker images, running containers, viewing processes inside containers, and experimenting with resource isolation using cgroups and namespaces. Attendees will build a Docker image for a sample Flask application, run the container, view logs and processes, and push the image to Docker Hub. The presentation covers definitions of key containerization concepts and the benefits of using containers.
Presentation on the Linux namespaces and system calls used to provide container isolation with Docker. Presented in March 2015 at http://www.meetup.com/Docker-Phoenix/ in Tempe, Arizona.
This document provides an overview of Docker concepts and tools for beginners. It covers:
1. The differences between virtual machines and containers, and the container lifecycle.
2. Tools in the Docker ecosystem such as Docker Engine, Docker CLI, Docker Hub, Docker Compose, and networking/volume commands.
3. Examples of using Docker Engine, Docker Hub for images, networking, volumes and deploying images to Azure PaaS.
4. How to use Docker Compose to define and run multi-container applications.
This document provides an overview of Docker concepts and tools for beginners. It covers:
1. The differences between virtual machines and containers, and the container lifecycle.
2. Tools in the Docker ecosystem such as Docker Engine, Docker CLI, Docker Hub, Docker Compose, and networking/volume commands.
3. Examples of using Docker Engine, Docker Hub for images, networking, volumes and deploying images to Azure PaaS.
4. How to use Docker Compose to define and run multi-container applications.
This document summarizes a presentation on container security given by Phil Estes. It identifies several threat vectors for containers including risks from individual containers, interactions between containers, external attacks, and application security issues. It then outlines various security tools and features in Docker like cgroups, Linux Security Modules, capabilities, seccomp, and user namespaces that can help mitigate these threats. Finally, it discusses some future directions for improving container security through more secure defaults, image signing, and network security enhancements.
A presentation focused on the latest Storage API from Docker and integrating with an EMC {code} project called Rexray to provide container storage from EBS volumes.
This document summarizes Docker security features as of release 1.12. It discusses key security modules like namespaces, cgroups, capabilities, seccomp, AppArmor/SELinux that provide access control and isolation in Docker containers. It also covers multi-tenant security, image signing, TLS for daemon access, and best practices like using official images and regular updates.
Summary of the lessons we learned with Docker (Dockerfile, storage, distributed networking) during the first iteration of the AdamCloud project (Fall 2014).
The AdamCloud project (part I) was presented here:
http://www.slideshare.net/davidonlaptop/bdm29-adamcloud-planification
This document provides an agenda for a one-day Docker introduction workshop. It includes an introduction to Docker tools and concepts like containers vs VMs, the Docker ecosystem and tools, Linux and Docker command line usage, Docker Engine, Docker Hub, Docker images, networking and volumes. It also covers deploying Docker images to Azure PaaS, Docker Compose, building ARM images on x86 machines, and a TensorFlow demo. The workshop aims to provide attendees with foundational Docker knowledge and hands-on experience through examples and exercises.
Bjørn Nordlund discusses how Docker allows building and sharing infrastructure as easily as code. Docker uses containers based on Linux kernel features like namespaces and cgroups to package applications securely and independently from the underlying infrastructure. Docker provides a simple interface to create, start, stop, move, and share application containers. This allows more efficient utilization of server resources and easier deployment of applications.
Dockerizing Symfony2 application. Why Docker is so cool And what is Docker? And what are Containers? How they works? What are the ecosystem of Docker? And how to dockerize your web application (can be based on Symfony2 framework)?
This document discusses Docker, an open source project that automates the deployment of applications inside software containers. It begins by describing common problems in application deployment and how virtual machines address some issues but introduce overhead. It then summarizes the history and rapid growth of Docker since its launch in 2013. The rest of the document dives into technical aspects of Docker like how images and containers work, comparisons to virtual machines, security considerations, the Docker workflow, and how Docker relates to DevOps and continuous delivery practices.
Similar to Endocode Kubernetes Meetup: Architecture Patterns for Microservices in Kubernetes (20)
Measures in SQL (SIGMOD 2024, Santiago, Chile)Julian Hyde
SQL has attained widespread adoption, but Business Intelligence tools still use their own higher level languages based upon a multidimensional paradigm. Composable calculations are what is missing from SQL, and we propose a new kind of column, called a measure, that attaches a calculation to a table. Like regular tables, tables with measures are composable and closed when used in queries.
SQL-with-measures has the power, conciseness and reusability of multidimensional languages but retains SQL semantics. Measure invocations can be expanded in place to simple, clear SQL.
To define the evaluation semantics for measures, we introduce context-sensitive expressions (a way to evaluate multidimensional expressions that is consistent with existing SQL semantics), a concept called evaluation context, and several operations for setting and modifying the evaluation context.
A talk at SIGMOD, June 9–15, 2024, Santiago, Chile
Authors: Julian Hyde (Google) and John Fremlin (Google)
https://doi.org/10.1145/3626246.3653374
Unveiling the Advantages of Agile Software Development.pdfbrainerhub1
Learn about Agile Software Development's advantages. Simplify your workflow to spur quicker innovation. Jump right in! We have also discussed the advantages.
E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian CompaniesQuickdice ERP
Explore the seamless transition to e-invoicing with this comprehensive guide tailored for Saudi Arabian businesses. Navigate the process effortlessly with step-by-step instructions designed to streamline implementation and enhance efficiency.
Microservice Teams - How the cloud changes the way we workSven Peters
A lot of technical challenges and complexity come with building a cloud-native and distributed architecture. The way we develop backend software has fundamentally changed in the last ten years. Managing a microservices architecture demands a lot of us to ensure observability and operational resiliency. But did you also change the way you run your development teams?
Sven will talk about Atlassian’s journey from a monolith to a multi-tenanted architecture and how it affected the way the engineering teams work. You will learn how we shifted to service ownership, moved to more autonomous teams (and its challenges), and established platform and enablement teams.
What is Master Data Management by PiLog Groupaymanquadri279
PiLog Group's Master Data Record Manager (MDRM) is a sophisticated enterprise solution designed to ensure data accuracy, consistency, and governance across various business functions. MDRM integrates advanced data management technologies to cleanse, classify, and standardize master data, thereby enhancing data quality and operational efficiency.
WhatsApp offers simple, reliable, and private messaging and calling services for free worldwide. With end-to-end encryption, your personal messages and calls are secure, ensuring only you and the recipient can access them. Enjoy voice and video calls to stay connected with loved ones or colleagues. Express yourself using stickers, GIFs, or by sharing moments on Status. WhatsApp Business enables global customer outreach, facilitating sales growth and relationship building through showcasing products and services. Stay connected effortlessly with group chats for planning outings with friends or staying updated on family conversations.
Zoom is a comprehensive platform designed to connect individuals and teams efficiently. With its user-friendly interface and powerful features, Zoom has become a go-to solution for virtual communication and collaboration. It offers a range of tools, including virtual meetings, team chat, VoIP phone systems, online whiteboards, and AI companions, to streamline workflows and enhance productivity.
OpenMetadata Community Meeting - 5th June 2024OpenMetadata
The OpenMetadata Community Meeting was held on June 5th, 2024. In this meeting, we discussed about the data quality capabilities that are integrated with the Incident Manager, providing a complete solution to handle your data observability needs. Watch the end-to-end demo of the data quality features.
* How to run your own data quality framework
* What is the performance impact of running data quality frameworks
* How to run the test cases in your own ETL pipelines
* How the Incident Manager is integrated
* Get notified with alerts when test cases fail
Watch the meeting recording here - https://www.youtube.com/watch?v=UbNOje0kf6E
Hand Rolled Applicative User ValidationCode KataPhilip Schwarz
Could you use a simple piece of Scala validation code (granted, a very simplistic one too!) that you can rewrite, now and again, to refresh your basic understanding of Applicative operators <*>, <*, *>?
The goal is not to write perfect code showcasing validation, but rather, to provide a small, rough-and ready exercise to reinforce your muscle-memory.
Despite its grandiose-sounding title, this deck consists of just three slides showing the Scala 3 code to be rewritten whenever the details of the operators begin to fade away.
The code is my rough and ready translation of a Haskell user-validation program found in a book called Finding Success (and Failure) in Haskell - Fall in love with applicative functors.
Software Engineering, Software Consulting, Tech Lead, Spring Boot, Spring Cloud, Spring Core, Spring JDBC, Spring Transaction, Spring MVC, OpenShift Cloud Platform, Kafka, REST, SOAP, LLD & HLD.
Atelier - Innover avec l’IA Générative et les graphes de connaissancesNeo4j
Atelier - Innover avec l’IA Générative et les graphes de connaissances
Allez au-delà du battage médiatique autour de l’IA et découvrez des techniques pratiques pour utiliser l’IA de manière responsable à travers les données de votre organisation. Explorez comment utiliser les graphes de connaissances pour augmenter la précision, la transparence et la capacité d’explication dans les systèmes d’IA générative. Vous partirez avec une expérience pratique combinant les relations entre les données et les LLM pour apporter du contexte spécifique à votre domaine et améliorer votre raisonnement.
Amenez votre ordinateur portable et nous vous guiderons sur la mise en place de votre propre pile d’IA générative, en vous fournissant des exemples pratiques et codés pour démarrer en quelques minutes.
Neo4j - Product Vision and Knowledge Graphs - GraphSummit ParisNeo4j
Dr. Jesús Barrasa, Head of Solutions Architecture for EMEA, Neo4j
Découvrez les dernières innovations de Neo4j, et notamment les dernières intégrations cloud et les améliorations produits qui font de Neo4j un choix essentiel pour les développeurs qui créent des applications avec des données interconnectées et de l’IA générative.
Transform Your Communication with Cloud-Based IVR SolutionsTheSMSPoint
Discover the power of Cloud-Based IVR Solutions to streamline communication processes. Embrace scalability and cost-efficiency while enhancing customer experiences with features like automated call routing and voice recognition. Accessible from anywhere, these solutions integrate seamlessly with existing systems, providing real-time analytics for continuous improvement. Revolutionize your communication strategy today with Cloud-Based IVR Solutions. Learn more at: https://thesmspoint.com/channel/cloud-telephony
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
UI5con 2024 - Boost Your Development Experience with UI5 Tooling ExtensionsPeter Muessig
The UI5 tooling is the development and build tooling of UI5. It is built in a modular and extensible way so that it can be easily extended by your needs. This session will showcase various tooling extensions which can boost your development experience by far so that you can really work offline, transpile your code in your project to use even newer versions of EcmaScript (than 2022 which is supported right now by the UI5 tooling), consume any npm package of your choice in your project, using different kind of proxies, and even stitching UI5 projects during development together to mimic your target environment.
Flutter is a popular open source, cross-platform framework developed by Google. In this webinar we'll explore Flutter and its architecture, delve into the Flutter Embedder and Flutter’s Dart language, discover how to leverage Flutter for embedded device development, learn about Automotive Grade Linux (AGL) and its consortium and understand the rationale behind AGL's choice of Flutter for next-gen IVI systems. Don’t miss this opportunity to discover whether Flutter is right for your project.
6. WHAT ARE CONTAINERS
Way of isolating and restricting Linux processes
● Isolation
○ namespaces
● Restriction
○ cgroups
○ capabilities
○ seccomp
7. CGROUPS: CONTROL GROUPS
● cpuset
● cpu
● cpuacct
● memory
● devices
● freezer
● net_cls
● ns
● blkio
these are directories with fine grained sub folders
8. NAMESPACES
Namespace Constant Isolates
Cgroup CLONE_NEWCGROUP Cgroup root directory
IPC CLONE_NEWIPC System V IPC, POSIX message queues
Network CLONE_NEWNET Network devices, stacks, ports, etc.
Mount CLONE_NEWNS Mount points
PID CLONE_NEWPID Process IDs
User CLONE_NEWUSER User and group IDs
UTS CLONE_NEWUTS Hostname and NIS domain name
9. CAPABILITIES
CAP_AUDIT_CONTROL, CAP_AUDIT_READ, CAP_AUDIT_WRITE, CAP_BLOCK_SUSPEND,
CAP_CHOWN,CAP_DAC_OVERRIDE, CAP_DAC_READ_SEARCH, CAP_FOWNER, CAP_FSETID,
CAP_IPC_LOCK, CAP_IPC_OWNER, CAP_KILL, CAP_LEASE, CAP_LINUX_IMMUTABLE,
CAP_MAC_ADMIN,CAP_MAC_OVERRIDE, CAP_MKNOD, CAP_NET_ADMIN,
CAP_NET_BIND_SERVICE, CAP_NET_BROADCAST, CAP_NET_RAW, CAP_SETGID,
CAP_SETFCAP, CAP_SETPCAP, CAP_SETUID, CAP_SYS_ADMIN, CAP_SYS_BOOT,
CAP_SYS_CHROOT, CAP_SYS_MODULE, CAP_SYS_NICE, CAP_SYS_PACCT, CAP_SYS_PTRACE,
CAP_SYS_RAWIO, CAP_SYS_RESOURCE, CAP_SYS_TIME, CAP_SYS_TTY_CONFIG,
CAP_SYSLOG, CAP_WAKE_ALARM, CAP_INIT_EFF_SET
These are a lot! Use profiles to group them together!
15. Locomotive Pattern
By Nate Beal (originally posted to Flickr as Griffith, IN) [CC BY 2.0 (http://creativecommons.org/licenses/by/2.0)], via Wikimedia Commons
25. Greek for “Helmsman”; also the root of the
words “governor” and “cybernetic”
● Runs and manages containers
● Inspired and informed by Google’s
experiences and internal systems
● Supports multiple cloud and bare-metal
environments
● Supports multiple container runtimes
● 100% Open source, written in Go
Manage applications, not machines
KUBERNETES
30. SUMMARY
● Lot of useful standard patterns
○ sidecar
○ scatter gather
○ locomotive, tractor
● Powerful Linux container patterns
○ separation of control and transport
○ wormhole
○ here be dragons
● Orchestration Patterns
○ Helm charts
○ upcoming: Service Broker
31. CONCLUSION
● Concepts before Coding
● Reshaping applications
○ Legacy
○ Compromises are necessary
○ Containment for Technical Debt
● Paradigm Shift
● Microservice Mindset