3. Low-level IaaS
● Raw VMs, network, and disk
● Completely general, but hard to use and too low level
● E.g. users must patch the OS
High-level PaaS
● Highly-abstracted developer experience
● May be opinionated, language or domain specific
Composable services based on Istio Containers
5. Kubernetes: higher level of abstraction
Think about
● Composition of services
● Load balancing
● Names of services
● State management
● Monitoring and Logging
● Upgrading
Don’t worry about
● OS details
● Packages — no
conflicts
● Machine sizes (much)
● Mixing languages
● Port conflicts
6. Usage
S.O. posts,
blogs, meetups
Awareness Use cases
Tools, libraries,
extensions
Users Developers
Vendors
SolutionsGaps 32 Kubernetes
distributions and
platforms
59k+
GitHub stars
5,000+
projects based
on Kubernetes
132k+
Meetup
members
worldwide
9. The new cloud
Containers decouple applications from OS images
Services are the unit of deployment and upgrades
...and a good basis for high-velocity teams
Mix languages and frameworks easily
Decouple operations from development
● Keep operational details out of your source
code
Almost fully general, but much more productive
● VMs, OS details are there but mostly hidden
…and based on Open Source
INFRASTRUCTURE
This open design gives developers and
ops teams the widest possible range
of deployments
10. Users can implement services in
VM
Bare Metal
VM VM
Goal: Make it easy to create and consume services across clouds
and on premises
(Hybrid and multi-cloud)
Part of this is Open Service Broker, but the real key is Istio...
12. Envoy
HTTP/1.1, HTTP/2,
gRPC, TCP
HTTP/1.1, HTTP/2, gRPC,
TCP with or without TLS
Internet
svcA
Envoy
Pod
Envoy
Ingress Envoy
(ingress controller
in K8S)
Service A
svcB
Envoy
Service B
Egress Envoy
External
Services
Istio: Interposition on services
● Can mix services from CF & Kubernetes
● Services don’t need to know implementation
● Authenticate services to each other
Open-source version of many internal systems
13. Basic data path:
● Option mutual authentication
mTLS, SPIFFE
● Health checking
● Simple load balancing
Control path (start of request):
● Access control (using identity + other)
● Quota and rate limiting
● Service telemetry: monitoring, billing,
logging
● Fancy load balancing
Decoupled operations: none of these are in the source
code
Istio as an operations layer
15. “Pilot”
Controller that configures all Envoys
Enables uniform policies
E.g. new ACLs, change logging
Detects new pods and services
Reconfigures Envoy proxies
Also instantiates services found in OSB
Separate Istio Auth service manages keys Envoy Envoy Envoy Envoy
RulesAPI
Kubernetes
Mesos
CloudFoundr
y
...
Platform Adapter
Abstract Model
Envoy API
Service discovery
& traffic rules
Pilot
18. Two key ideas:
1. Open source enables consistency across
environments
○ Kubernetes, Istio, Tensorflow
2. Services are the unit of partitioning
○ Private data managed by on-prem services
○ Consume cloud services from anywhere
Some customers already do this with Apigee
Istio simplifies cross-environment
service management
20. A broad, collaborative,
new definition of “cloud”
● Higher level of abstraction, containers and services
● Open source
● Multi-language, multi-framework
● Enabling general-purpose complex applications
● Higher velocity
● Decoupling development from operations
● Simplifying hybrid and multi-cloud deployments
**paris update - changed 200 to 400+ meetup groups; cool data point - 132k+ members globally. Also changed - 20 to 25k github stars for k/k if you want all repos it’s 59k**
We put in that time because we found that engagement with our community yields numerous benefits
Engagement with users provides rapid feedback that drives improvements to Kubernetes
We also help those users succeed in using Kubernetes
Both of which create advocates who blog and tweet about the project, talk at meetups, and grow awareness that drives more usage
In turn, more users and more use cases attract more developers
Who build tools and other projects to make K8s easier to use, such as
package managers, mobile apps, chatbots, PaaS, and FaaS
And we see that empowerment to improve the project increases their commitment to it
Users and developers also attract vendors to fill the remaining gaps in the ecosystem
We help them to integrate with K8s
There are now dozens of products based on K8s or that have K8s support, including
Kubernetes distributions and networking, storage, and monitoring products
These products enable Kubernetes in more environments, which again facilitates more usage
This virtuous cycle has made K8s one of the most popular projects on github
This growth has been fueled by growth in contributors
From less than a dozen to around 150 active monthly contributors
And over 1500 unique all-time contributors.
We have contributors in most time zones
Including from countries such as Brazil, China, India, Germany and many others.
Chances are that in any time zone you travel to … you will find a contributor community for Kubernetes.
Target 10 Min
Target 7 Min
Target 2 Min
Target 0.5 Min
Coming in 2018 we’re planning on providing GCP credits for PCF (PAS or PKS) customers. They’ll be able to use PCF on GCP for up to 60 days along with any other GCP products. Stay tuned for more details.