SlideShare a Scribd company logo

Fabio rapposelli pks-vmug

Download as PPTX, PDF
VMUG IT
VMUG IT

VMware & Pivotal’s Pivotal Container Service (PKS) is a container management platform that provides a Kubernetes container orchestration service. PKS runs Kubernetes clusters on vSphere and VMware Cloud Foundation. It provides high availability, security and multi-tenancy capabilities. PKS integrates deeply with NSX for network and security services.

Technology
1 of 52
VMware & Pivotal’s Pivotal Container Service (PKS)
whoami • Fabio Rapposelli • Staff Engineer 2 a VMware • https://github.com/frapposelli
Agenda 3 1 Containers, CaaS, & PaaS 101 2 Why PKS 3 PKS Technical Overview 4 Packaging & Support CONFIDENTIAL
Containers 101 4 Container Host (VM) Developer Dev Host (VM) UBUNTU JAVA TC SERVER {APP} KERNEL CONTAINERCONTAINER Portable Container Image `docker run –d myimage` CONTAINER • Reliable Packaging • Server/VM Density • Fast Time To Launch • Built for CI/CD CONFIDENTIAL
Kubernetes 101 (CaaS) 5 K8s Cluster Worker `kubectl apply –f myapp.yml` Worker kube-proxy Master & ETCD kube-proxy Service: nodeport | ingress | LB POD POD Load Balancer URL Request: myapp.foo.com/k8siscool Docker Registry Developer Containers @ Scale Master & ETCD Master & ETCD CONFIDENTIAL
Pivotal Cloud Foundry 101 (PaaS) 6 war Availability Zone 1 Availability Zone 2 Availability Zone 3 Staging Root FS Build Pack war `cf push` Drop let A I A I myapp.foo.com *.foo.com = NSX Edge Vip NSX Edge PCF Routing PCF Routing PCF Routing LB Pool Members “Here is my source code Run it on the cloud for me I do not care how” URL Request: myapp.foo.com Developer CONFIDENTIAL
Agenda 7 1 Containers, CaaS, & PaaS 101 2 Why PKS 3 PKS Technical Overview 4 Packaging & Support CONFIDENTIAL
75% Of Applications will be “Built”, not “Bought” by 2020 Source: Gartner
9 Code Analysis Testing Commit Code Changes Staging Production Zero Downtime Upgrades AUTOMATED PIPELINE SPEED Releasing smaller things more often will reduce complexity and improve time-to-market QUALITY We embed testing early in the lifecycle to surface problems sooner, avoiding last minute issues and helping us be more responsive to change AGILITY Let’s push updates on a regular basis without ANY downtime to improve customer experience and shorten time-to-market AUTOMATION Let’s integrate tools and automate processes from testing, to builds & deployment CI/CD CI/CD CI/CD CI/CD CI/CD SOFTWARE DEVELOPMENT LIFECYCLE Agile methods help drive Digital Transformation Problem to Solve, Faster Time To Value … Drive Business Value into Production Faster and Safer CONFIDENTIAL
Multiple Use Cases Dictate Multiple Workloads and Approaches 10 Container Instance (CI) Container Service (CaaS) Application Platform (PaaS) IaaS CONFIDENTIAL CONTAINERS BATCHES DATA SERVICES MICROSERVICESMONOLITHIC APPLICATIONS The Goal: Pick the Right Approach for the Workload CONFIDENTIAL
IaaS Choosing the Right Tool for the Job 11 Developer Provides Tool Provides Container Service Container Orchestration Container Scheduling Primitives for Routing, Logs & Metrics CONTAINER IMAGES, TEMPLATES, DEPLOYMENTS Application Platform APPLICATION CODE Container Service Container Image & build L7 Network & Routing Logs, Metrics, Monitoring Services Marketplace Team, Quotas & Usage Container Instance CONTAINER IMAGE Container Runtime Primitives for Network and Storage Container Instance CONFIDENTIAL CONFIDENTIAL
IaaS Choosing the Right Tool for the Job 12 Developer Provides Tool Provides Container Service Container Orchestration Container Scheduling Primitives for Routing, Logs & Metrics CONTAINER IMAGES, TEMPLATES, DEPLOYMENTS Application Platform APPLICATION CODE Container Service Container Image & build L7 Network & Routing Logs, Metrics, Monitoring Services Marketplace Team, Quotas & Usage Container Instance CONTAINER IMAGE Container Runtime Primitives for Network and Storage Container Instance CONFIDENTIAL Application Specificty Higher flexibility, lower automation, more DIY CONFIDENTIAL
IaaS Choosing the Right Tool for the Job 13 Abstraction Container Service CONTAINER IMAGES, TEMPLATES, DEPLOYMENTS Application Platform APPLICATION CODE Container Instance CONTAINER IMAGE CONFIDENTIAL Pivotal Container Service Pivotal Cloud Foundry Elastic Runtime BOSH vSphere Integrated Containers CONFIDENTIAL
Agenda 14 1 Containers, CaaS, & PaaS 101 2 Why PKS 3 PKS Technical Overview 4 Packaging & Support CONFIDENTIAL
Purpose-built container service to operationalize Kubernetes for the multi-cloud enterprises and service providers Fully Supported Kubernetes Runs on vSphere and VMC Unified VM + Containers on SDDC Deep Integration with NSX Hardened, Production-grade HA, Security, Multi-tenancy, Tools VMware and Pivotal Collaborate to Deliver VMware Pivotal Container Service (VMware PKS)
Fault-tolerance for masters, workers, and etcd nodes Auto-scaling of masters, workers, and etcd nodes Routine health checks and self- healing of cluster LCM includes rolling upgrades to ensure workload uptime & application of CVEs ScalingHigh Availability Health Checks & Healing Lifecycle Management VMware PKS – Solving Day-2 Operational Challenges
17 BOSH VMware GCP Azure Openstack AWS Container Infrastructure for Cloud-Native Apps Rapidly deliver and operationalize next generation apps Container Registry Kubernetes on BOSH (Kubo) NSX-T GCP Service Broker masteretcd workermasteretcd worker PKS Controller
Who is PKS built for? 18 IT Operator – PRE (Platform Reliability Engineering) – Deploy, Scale, Operate Platform – Innovation of Business Capability as Cloud native Apps – Develop, Deploy, Scale, Monitor Apps – Physical Infrastructure is Operated – Network & Security Control Policy is defined • Platform Reliability Engineers – Platform is Reliable – Capacity Is planned for – Platform is Secured & Controlled – Platform is Auditable – Application Dev/Ops owners are Agile • Application Dev/Ops owner – Automate Everything – Agile * Role Shift – It is common to see the VI Admins (IT Ops), becoming the Platform Reliability Engineer Cloud Native Applications at scale can & should be kept running by a 2 Pizza Team mentality (DevOps in Action) Application Dev/Ops Owner Platform Reliability Engineer CONFIDENTIAL
19 BOSH VMware GCP Azure Openstack AWS Container Registry Kubernetes on BOSH (Kubo) NSX-T GCP Service Broker masteretcd workermasteretcd worker PKS Controller PKS Technical Overview
BOSH Day 1 CONFIDENTIAL 20
PKS BOSH K8S-1 Work er Worker K8S-2 BOSH Agent BOSH Agent K8s-api Team A K8s-api KUBO BOSH Release (tgz) DAY 2 Ops - Auto/Manual Rebuild - Auto/Manual Repair - Manual Scale - Patch & Upgrade - Control & Audit OPS Events NAMESPACE_1: TEAM A NAMESPACE_2: TEAM B Team C Team B NAMESPACE_1: DEFAULT DAY 1 Ops DEPLOY OperateK8s+RunApps/Containers UI & API Worker Application Dev/Ops Owner Application Dev/Ops Owner Application Dev/Ops Owner Work er MASTER WorkerMASTER ETCD WorkerMASTER ETCD MASTER MASTER ETCD Platform Reliability Engineer Self Service K8s BOSH Day 2 1.7 -> 1.8 1.7 -> 1.8 PKS Controller CONFIDENTIAL 21
22 BOSH VMware GCP Azure Openstack AWS Container Registry Kubernetes on BOSH (Kubo) NSX-T GCP Service Broker masteretcd workermasteretcd worker PKS Controller PKS Technical Overview
23 Need Harbor screenshot • user management & access control • role-based access control • AD/LDAP integration • Security vulnerability scanning (Clair) • content trust - image signing • policy based image replication • audit and logs • Restful API • open-source under Apache 2 license Harbor – Enterprise Grade Private Registry CONFIDENTIAL
24 Harbor – Content Trust, When Enabled Un-signed Images Can’t Be Pulled CONFIDENTIAL
25CONFIDENTIAL Harbor – Image Vulnerability Scanning Details (Clair)
Harbor – Use Cases PKS Stemcell CVE in Root File System of Container CVE Exec Layer: TC Server CVE on the Container Host OS Vulnerability in Code{} Restage Applications CVE FOUND !!! BOSH CVE & Update Patching • Patch OS Level via Stemcells • Harbor Scans Images for Vulnerability (Clair) • Address CVE in minutes/hours versus days/weeks Application Dev/Ops Owner Platform Reliability Engineer OS CVE FOUND !!! Patched Stemcell Patched Stemcell Patched Worker(s) CONFIDENTIAL 26
27 BOSH VMware GCP Azure Openstack AWS Container Registry Kubernetes on BOSH (Kubo) NSX-T GCP Service Broker masteretcd workermasteretcd worker PKS Controller PKS Technical Overview
WorkerWorkerWorker K8s Master K8s Master Kubernetes Components • K8s Cluster Consists of Master(s) and Nodes • K8s Master Components – API Server – Scheduler – Controller Manager – Dashboard • K8s Node Components – Kubelet – Kube-Proxy – Containers Runtime (Docker for PKS 1.0) 28 Controller Manager K8s API Server Key-Value Store dashboard Scheduler K8s Nodes kubelet c runtime Kube-proxy > _ Kubectl CLI K8s Master(s) POD POD Application Dev/Ops Owner CONFIDENTIAL
K8s POD Kubernetes Pod – Networking Basics Special ‘Pause’ container (‘owns’ the IP stack) 10.24.0.0/16 10.24.0.2 nginx tcp/80 mgmt tcp/22 logging udp/514 IPC External IP Traffic • A Pod is a group of one or more co-located containers that share an IP address, PID namespace and/or Data Volumes 29CONFIDENTIAL
30 NSX-T & PKS Sample Topology CONFIDENTIAL
NSX-T & PKS Components NSX Container Plugin (NCP) • NCP is a software component provided by VMware in form of a container image, e.g. to be run as a K8s Pod. • NCP is build in a modular way, so that individual adapters can be added for different CaaS and PaaS systems 31CONFIDENTIAL
PKS & NSX-V • PKS supported with NSX-V or without NSX • Flannel overlay. • 1 Flat SDN Overlay per Cluster • 1 Large CIDR “10.200.0.0/16” • Each worker node routes a subnet for Pods across • Example: 10.200.1.0/24 • No integrated North South Load Balancing • No Integrated Security Policy 32 K8s Cluster K8s Cluster Namespace 1 Namespace 2 Namespace 3 VXLAN Network Namespace 1 Namespace 2 Namespace 3 • NSX-T • Multiple Logical Switches (L2 Domain) per Namespace • Routable as NAT or No-NAT • Integrated Load Balancing (NSX-T 2.1) • Integrated Security Policy CONFIDENTIAL
PKS w/ NSX-T & NSX-V • NSX-V and NSX-T Can coexist. • Dedicated Clusters for NSX-T Managed Hosts • Can Share a common vCenter backplane 33 NSX-T Managed Common vCenter w/ NSX-v managed Hosts CONFIDENTIAL
NSX-T & PKS Operational Tools 34 NSX-T Traceflow NSX-T Operational Tools • Traceflow • Port Mirroring • Port Connection Tool • Spoofguard • Syslog • Port Counters • IPFIX CONFIDENTIAL
35 BOSH VMware GCP Azure Openstack AWS Container Registry Kubernetes on BOSH (Kubo) NSX-T GCP Service Broker masteretcd workermasteretcd worker PKS Controller PKS Technical Overview
GCP Service Broker K8s Cluster WorkerWorker kube-proxy Master & ETCD kube-proxy Service: nodeport | ingress | LB POD PODMaster & ETCD Master & ETCD Application Dev/Ops Owner Broker: GCP SVC Catalog Controller Broker: X Broker: X K8s Secrets: `kubectl cs pubsub –n my_pubsub` • Self Service consumption of GCP services. • Operator controlled via plan & subscriptions • Service bindings (credentials & connection urls) stored as K8s Secrets
CONFIDENTIAL 37 Analytics Automation SecurityOperations MonitoringLogging Physical Infrastructure Container Registry vSphere vSAN Kubernetes on BOSH (Kubo) NSX-T BOSH GCP Service Broker masteretcd workermasteretcd worker PKS Technical Overview w/ VMware Integrations PKS Controller
Project Hatchway : https://github.com/vmware/vsphere-storage-for-kubernetes ESXi vCenter vSphere Storage for Kubernetes 38 ESXi K8s Worker (Container Host) Datastore1dataVol.vmdk K8s kubelet # vi vsphere.conf POD Tools, Libs, SW Redis DB K8s API ESXi <Add Flags & Restart Ctrlr, API, Kubelets> --cloud-provider=vsphere --cloud-config=vsphere.conf # systemctl restart kubelet.service kind: PersistentVolume spec: capacity: [storage: 16Gi] storageClassName: slow K8s Volume PersistentVolumeClaim K8s vSphere Cloud provider Container CONFIDENTIAL
CONFIDENTIAL 39 Analytics Automation SecurityOperations MonitoringLogging Physical Infrastructure Container Registry vSphere vSAN Kubernetes on BOSH (Kubo) NSX-T BOSH GCP Service Broker masteretcd workermasteretcd worker PKS Technical Overview w/ VMware Integrations PKS Controller
PKS Telemetry – On vSphere Who needs what? 40 Infra K8s Containers Apps Application Dev/Ops Owner Platform Reliability Engineer vRLI vRops Wavefront CONFIDENTIAL
Monitoring & Logging 41 METRICS LOGS Metrics & Logs emit from many Sources: • IaaS (vSphere) • PKS K8s Platform • Applications • NSX • Physical & Logical Platform Reliability Engineer MUST leverage ALL of them PKS Control IaaS CONFIDENTIAL
Deamon Set Deamon Set vRLI Logging w/ PKS POD vRLI POD vRLI • App Logging • System Logging – OS & Processes not run in Containers App Logging • Per App Only Sidecar • App Logging @ Pod level POD Daemon Set (PODs) vRLI POD LOGGER DOCKERDDOCKERD vRLI DaemonSet • App Logging @ Cluster level • Cluster Logging Dockerd • App Logging @ Cluster level • Cluster Logging • Not handled in K8s API SyslogD Platform Reliability Engineer Application Dev/Ops Owner & CONFIDENTIAL 42
Wavefront & PKS K8s Monitoring Integration w/ Wavefront by VMware Wavefront Integration can be deployed as containers within the K8s Cluster – Proxy – Heapster • Comprehensive Dashboards – SaaS • APM for the Developer • Cluster KPIs for the Operator • Integrated with PKS Image source: https://www.wavefront.com/surf-container-wave-join-wavefront-container-world-santa-clara/ Platform Reliability Engineer Application Dev/Ops Owner CONFIDENTIAL 43
44 vRops & PKS (Operations & Monitoring) vRealize Operations & K8s • Operator KPIs • Single Pane for SDDC & K8s clusters monitoring • vRLI Integrated • Alert on K8s KPIs • Entity Relationship • Capacity Planning • Integrated with PKS Platform Reliability Engineer CONFIDENTIAL
CATALOG Entitlements, Approvals, Policies CD PIPELINE Developers, CI/CD LOB Users MANAGEMENT&OPERATIONS PRIVATE CLOUD OR DATA CENTER PUBLIC CLOUD BRANCH/EDGE COMPUTE APP FRAMEWORKS PAAS FAAS GLOBALLY CONSISTENT INFRASTRUCTURE AS CODE IAAS ORCHESTRATION BLUEPRINT CLOUD APIs CLOUD APIs Consume native K8s services from PKS 1 BLUEPRINTS & ITERATIVE DEVELOPMENT Compose applications using simplified YAML iteratively & Deploy to K8s 2 INTEGRATED CATALOG AND PIPELINE Catalog for self-service provisioning of PKS K8s & applications pipelines for CI/CD 3 vRA & PKS (Automation) Application Dev/Ops Owner Platform Reliability Engineer CONFIDENTIAL 45
vRNI & PKS (Security & Analytics) – Post 1.1 Platform Reliability Engineer vRealize Network Insight & K8s • Plan Security Policy based on knowledge of actual traffic patterns • Continuously monitor & audit network security compliance • Complete Network Visibility and Troubleshooting • Accelerate micro-segmentation deployment CONFIDENTIAL 46
Agenda 47 1 Containers, CaaS, & PaaS 101 2 Why PKS 3 PKS Technical Overview 4 Packaging & Support CONFIDENTIAL
48 BOSH VMware GCP Azure Openstack AWS Container Registry Kubernetes on BOSH (Kubo) NSX-T GCP Service Broker masteretcd workermasteretcd worker PKS Controller PKS Technical Overview
Packaging Ops Manager (OVA) Deployed PKS Deployed As an Opsman Tile • Simplified Overview PKS Tile Uploaded, Configured, & Deployed Config Opsman to deploy BOSH pks create cluster A pks create cluster B
Global Support Services Available through VMware, Pivotal, and Dell EMC Product GA ~ Late Dec 2017 Go To Market and Support
@cloudnativeapps #vmwcna #vmwpks vmware.github.io Thank You! VMware Pivotal Container Services (PKS) blogs.vmware.com/cloudnative 52CONFIDENTIAL

Recommended

Building Developer Pipelines with PKS, Harbor, Clair, and Concourse
Building Developer Pipelines with PKS, Harbor, Clair, and ConcourseBuilding Developer Pipelines with PKS, Harbor, Clair, and Concourse
Building Developer Pipelines with PKS, Harbor, Clair, and Concourse
VMware Tanzu
 
Basics of Kubernetes on BOSH: Run Production-grade Kubernetes on the SDDC
Basics of Kubernetes on BOSH: Run Production-grade Kubernetes on the SDDCBasics of Kubernetes on BOSH: Run Production-grade Kubernetes on the SDDC
Basics of Kubernetes on BOSH: Run Production-grade Kubernetes on the SDDC
Matt McNeeney
 
Pivotal Container Service (PKS) at SF Cloud Foundry Meetup
Pivotal Container Service (PKS) at SF Cloud Foundry MeetupPivotal Container Service (PKS) at SF Cloud Foundry Meetup
Pivotal Container Service (PKS) at SF Cloud Foundry Meetup
cornelia davis
 
Pivotal Container Service Overview
Pivotal Container Service Overview Pivotal Container Service Overview
Pivotal Container Service Overview
VMware Tanzu
 
Hitting the Enterprise Sweet Spot—A Real-World View of PKS Deployment and Suc...
Hitting the Enterprise Sweet Spot—A Real-World View of PKS Deployment and Suc...Hitting the Enterprise Sweet Spot—A Real-World View of PKS Deployment and Suc...
Hitting the Enterprise Sweet Spot—A Real-World View of PKS Deployment and Suc...
VMware Tanzu
 
Enterprise pks overview
Enterprise pks overview Enterprise pks overview
Enterprise pks overview
Boskey Savla
 
Kube Your Enthusiasm - Paul Czarkowski
Kube Your Enthusiasm - Paul CzarkowskiKube Your Enthusiasm - Paul Czarkowski
Kube Your Enthusiasm - Paul Czarkowski
VMware Tanzu
 
Cloud-Native Operations with Kubernetes and CI/CD
Cloud-Native Operations with Kubernetes and CI/CDCloud-Native Operations with Kubernetes and CI/CD
Cloud-Native Operations with Kubernetes and CI/CD
VMware Tanzu
 

Recommended

Building Developer Pipelines with PKS, Harbor, Clair, and Concourse
Building Developer Pipelines with PKS, Harbor, Clair, and ConcourseBuilding Developer Pipelines with PKS, Harbor, Clair, and Concourse
Building Developer Pipelines with PKS, Harbor, Clair, and Concourse
VMware Tanzu
 
Basics of Kubernetes on BOSH: Run Production-grade Kubernetes on the SDDC
Basics of Kubernetes on BOSH: Run Production-grade Kubernetes on the SDDCBasics of Kubernetes on BOSH: Run Production-grade Kubernetes on the SDDC
Basics of Kubernetes on BOSH: Run Production-grade Kubernetes on the SDDC
Matt McNeeney
 
Pivotal Container Service (PKS) at SF Cloud Foundry Meetup
Pivotal Container Service (PKS) at SF Cloud Foundry MeetupPivotal Container Service (PKS) at SF Cloud Foundry Meetup
Pivotal Container Service (PKS) at SF Cloud Foundry Meetup
cornelia davis
 
Pivotal Container Service Overview
Pivotal Container Service Overview Pivotal Container Service Overview
Pivotal Container Service Overview
VMware Tanzu
 
Hitting the Enterprise Sweet Spot—A Real-World View of PKS Deployment and Suc...
Hitting the Enterprise Sweet Spot—A Real-World View of PKS Deployment and Suc...Hitting the Enterprise Sweet Spot—A Real-World View of PKS Deployment and Suc...
Hitting the Enterprise Sweet Spot—A Real-World View of PKS Deployment and Suc...
VMware Tanzu
 
Enterprise pks overview
Enterprise pks overview Enterprise pks overview
Enterprise pks overview
Boskey Savla
 
Kube Your Enthusiasm - Paul Czarkowski
Kube Your Enthusiasm - Paul CzarkowskiKube Your Enthusiasm - Paul Czarkowski
Kube Your Enthusiasm - Paul Czarkowski
VMware Tanzu
 
Cloud-Native Operations with Kubernetes and CI/CD
Cloud-Native Operations with Kubernetes and CI/CDCloud-Native Operations with Kubernetes and CI/CD
Cloud-Native Operations with Kubernetes and CI/CD
VMware Tanzu
 
PKS: The What and How of Enterprise-Grade Kubernetes
PKS: The What and How of Enterprise-Grade KubernetesPKS: The What and How of Enterprise-Grade Kubernetes
PKS: The What and How of Enterprise-Grade Kubernetes
VMware Tanzu
 
12 Factor App
12 Factor App12 Factor App
12 Factor App
Erkan Erol
 
Application Modernization with PKS / Kubernetes
Application Modernization with PKS / KubernetesApplication Modernization with PKS / Kubernetes
Application Modernization with PKS / Kubernetes
Paul Czarkowski
 
Run Stateful Apps on Kubernetes with VMware PKS - Highlight WebLogic Server
Run Stateful Apps on Kubernetes with VMware PKS - Highlight WebLogic Server Run Stateful Apps on Kubernetes with VMware PKS - Highlight WebLogic Server
Run Stateful Apps on Kubernetes with VMware PKS - Highlight WebLogic Server
Simone Morellato
 
Zero-downtime deployment of Micro-services with Kubernetes
Zero-downtime deployment of Micro-services with KubernetesZero-downtime deployment of Micro-services with Kubernetes
Zero-downtime deployment of Micro-services with Kubernetes
Wojciech Barczyński
 
Devops lifecycle with Kabanero Appsody, Codewind, Tekton
Devops lifecycle with Kabanero Appsody, Codewind, TektonDevops lifecycle with Kabanero Appsody, Codewind, Tekton
Devops lifecycle with Kabanero Appsody, Codewind, Tekton
Winton Winton
 
Tectonic Summit 2016: Brandon Philips, CTO of CoreOS, Keynote
Tectonic Summit 2016: Brandon Philips, CTO of CoreOS, KeynoteTectonic Summit 2016: Brandon Philips, CTO of CoreOS, Keynote
Tectonic Summit 2016: Brandon Philips, CTO of CoreOS, Keynote
CoreOS
 
OSDC 2018 | Highly Available Cloud Foundry on Kubernetes by Cornelius Schumacher
OSDC 2018 | Highly Available Cloud Foundry on Kubernetes by Cornelius SchumacherOSDC 2018 | Highly Available Cloud Foundry on Kubernetes by Cornelius Schumacher
OSDC 2018 | Highly Available Cloud Foundry on Kubernetes by Cornelius Schumacher
NETWAYS
 
Anthos Application Modernization Platform
Anthos Application Modernization PlatformAnthos Application Modernization Platform
Anthos Application Modernization Platform
GDG Cloud Bengaluru
 
Kubernetes day 2 Operations
Kubernetes day 2 OperationsKubernetes day 2 Operations
Kubernetes day 2 Operations
Paul Czarkowski
 
Kubernetes 1.21 release
Kubernetes 1.21 releaseKubernetes 1.21 release
Kubernetes 1.21 release
LibbySchulze
 
Kubecon US 2019: Kubernetes Multitenancy WG Deep Dive
Kubecon US 2019: Kubernetes Multitenancy WG Deep DiveKubecon US 2019: Kubernetes Multitenancy WG Deep Dive
Kubecon US 2019: Kubernetes Multitenancy WG Deep Dive
Sanjeev Rampal
 
Successful Patterns for running platforms
Successful Patterns for running platformsSuccessful Patterns for running platforms
Successful Patterns for running platforms
Paul Czarkowski
 
Openstack days sv building highly available services using kubernetes (preso)
Openstack days sv building highly available services using kubernetes (preso)Openstack days sv building highly available services using kubernetes (preso)
Openstack days sv building highly available services using kubernetes (preso)
Allan Naim
 
Kubernetes and the 12 factor cloud apps
Kubernetes and the 12 factor cloud appsKubernetes and the 12 factor cloud apps
Kubernetes and the 12 factor cloud apps
Ana-Maria Mihalceanu
 
DCEU 18: Designing a Global Centralized Container Platform for a Multi-Cluste...
DCEU 18: Designing a Global Centralized Container Platform for a Multi-Cluste...DCEU 18: Designing a Global Centralized Container Platform for a Multi-Cluste...
DCEU 18: Designing a Global Centralized Container Platform for a Multi-Cluste...
Docker, Inc.
 
Kubernetes: one cluster or many
Kubernetes: one cluster or many Kubernetes: one cluster or many
Kubernetes: one cluster or many
cornelia davis
 
Introduction to openshift
Introduction to openshiftIntroduction to openshift
Introduction to openshift
MamathaBusi
 
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKSMigrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Weaveworks
 
Webinar: End-to-End CI/CD with GitLab and DC/OS
Webinar: End-to-End CI/CD with GitLab and DC/OSWebinar: End-to-End CI/CD with GitLab and DC/OS
Webinar: End-to-End CI/CD with GitLab and DC/OS
Mesosphere Inc.
 
01 - VMUGIT - Lecce 2018 - Fabio Rapposelli, VMware
01 - VMUGIT - Lecce 2018 - Fabio Rapposelli, VMware01 - VMUGIT - Lecce 2018 - Fabio Rapposelli, VMware
01 - VMUGIT - Lecce 2018 - Fabio Rapposelli, VMware
VMUG IT
 
Kubermatic.pdf
Kubermatic.pdfKubermatic.pdf
Kubermatic.pdf
LibbySchulze
 

More Related Content

What's hot

PKS: The What and How of Enterprise-Grade Kubernetes
PKS: The What and How of Enterprise-Grade KubernetesPKS: The What and How of Enterprise-Grade Kubernetes
PKS: The What and How of Enterprise-Grade Kubernetes
VMware Tanzu
 
12 Factor App
12 Factor App12 Factor App
12 Factor App
Erkan Erol
 
Application Modernization with PKS / Kubernetes
Application Modernization with PKS / KubernetesApplication Modernization with PKS / Kubernetes
Application Modernization with PKS / Kubernetes
Paul Czarkowski
 
Run Stateful Apps on Kubernetes with VMware PKS - Highlight WebLogic Server
Run Stateful Apps on Kubernetes with VMware PKS - Highlight WebLogic Server Run Stateful Apps on Kubernetes with VMware PKS - Highlight WebLogic Server
Run Stateful Apps on Kubernetes with VMware PKS - Highlight WebLogic Server
Simone Morellato
 
Zero-downtime deployment of Micro-services with Kubernetes
Zero-downtime deployment of Micro-services with KubernetesZero-downtime deployment of Micro-services with Kubernetes
Zero-downtime deployment of Micro-services with Kubernetes
Wojciech Barczyński
 
Devops lifecycle with Kabanero Appsody, Codewind, Tekton
Devops lifecycle with Kabanero Appsody, Codewind, TektonDevops lifecycle with Kabanero Appsody, Codewind, Tekton
Devops lifecycle with Kabanero Appsody, Codewind, Tekton
Winton Winton
 
Tectonic Summit 2016: Brandon Philips, CTO of CoreOS, Keynote
Tectonic Summit 2016: Brandon Philips, CTO of CoreOS, KeynoteTectonic Summit 2016: Brandon Philips, CTO of CoreOS, Keynote
Tectonic Summit 2016: Brandon Philips, CTO of CoreOS, Keynote
CoreOS
 
OSDC 2018 | Highly Available Cloud Foundry on Kubernetes by Cornelius Schumacher
OSDC 2018 | Highly Available Cloud Foundry on Kubernetes by Cornelius SchumacherOSDC 2018 | Highly Available Cloud Foundry on Kubernetes by Cornelius Schumacher
OSDC 2018 | Highly Available Cloud Foundry on Kubernetes by Cornelius Schumacher
NETWAYS
 
Anthos Application Modernization Platform
Anthos Application Modernization PlatformAnthos Application Modernization Platform
Anthos Application Modernization Platform
GDG Cloud Bengaluru
 
Kubernetes day 2 Operations
Kubernetes day 2 OperationsKubernetes day 2 Operations
Kubernetes day 2 Operations
Paul Czarkowski
 
Kubernetes 1.21 release
Kubernetes 1.21 releaseKubernetes 1.21 release
Kubernetes 1.21 release
LibbySchulze
 
Kubecon US 2019: Kubernetes Multitenancy WG Deep Dive
Kubecon US 2019: Kubernetes Multitenancy WG Deep DiveKubecon US 2019: Kubernetes Multitenancy WG Deep Dive
Kubecon US 2019: Kubernetes Multitenancy WG Deep Dive
Sanjeev Rampal
 
Successful Patterns for running platforms
Successful Patterns for running platformsSuccessful Patterns for running platforms
Successful Patterns for running platforms
Paul Czarkowski
 
Openstack days sv building highly available services using kubernetes (preso)
Openstack days sv building highly available services using kubernetes (preso)Openstack days sv building highly available services using kubernetes (preso)
Openstack days sv building highly available services using kubernetes (preso)
Allan Naim
 
Kubernetes and the 12 factor cloud apps
Kubernetes and the 12 factor cloud appsKubernetes and the 12 factor cloud apps
Kubernetes and the 12 factor cloud apps
Ana-Maria Mihalceanu
 
DCEU 18: Designing a Global Centralized Container Platform for a Multi-Cluste...
DCEU 18: Designing a Global Centralized Container Platform for a Multi-Cluste...DCEU 18: Designing a Global Centralized Container Platform for a Multi-Cluste...
DCEU 18: Designing a Global Centralized Container Platform for a Multi-Cluste...
Docker, Inc.
 
Kubernetes: one cluster or many
Kubernetes: one cluster or many Kubernetes: one cluster or many
Kubernetes: one cluster or many
cornelia davis
 
Introduction to openshift
Introduction to openshiftIntroduction to openshift
Introduction to openshift
MamathaBusi
 
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKSMigrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Weaveworks
 
Webinar: End-to-End CI/CD with GitLab and DC/OS
Webinar: End-to-End CI/CD with GitLab and DC/OSWebinar: End-to-End CI/CD with GitLab and DC/OS
Webinar: End-to-End CI/CD with GitLab and DC/OS
Mesosphere Inc.
 

What's hot (20)

PKS: The What and How of Enterprise-Grade Kubernetes
PKS: The What and How of Enterprise-Grade KubernetesPKS: The What and How of Enterprise-Grade Kubernetes
PKS: The What and How of Enterprise-Grade Kubernetes
 
12 Factor App
12 Factor App12 Factor App
12 Factor App
 
Application Modernization with PKS / Kubernetes
Application Modernization with PKS / KubernetesApplication Modernization with PKS / Kubernetes
Application Modernization with PKS / Kubernetes
 
Run Stateful Apps on Kubernetes with VMware PKS - Highlight WebLogic Server
Run Stateful Apps on Kubernetes with VMware PKS - Highlight WebLogic Server Run Stateful Apps on Kubernetes with VMware PKS - Highlight WebLogic Server
Run Stateful Apps on Kubernetes with VMware PKS - Highlight WebLogic Server
 
Zero-downtime deployment of Micro-services with Kubernetes
Zero-downtime deployment of Micro-services with KubernetesZero-downtime deployment of Micro-services with Kubernetes
Zero-downtime deployment of Micro-services with Kubernetes
 
Devops lifecycle with Kabanero Appsody, Codewind, Tekton
Devops lifecycle with Kabanero Appsody, Codewind, TektonDevops lifecycle with Kabanero Appsody, Codewind, Tekton
Devops lifecycle with Kabanero Appsody, Codewind, Tekton
 
Tectonic Summit 2016: Brandon Philips, CTO of CoreOS, Keynote
Tectonic Summit 2016: Brandon Philips, CTO of CoreOS, KeynoteTectonic Summit 2016: Brandon Philips, CTO of CoreOS, Keynote
Tectonic Summit 2016: Brandon Philips, CTO of CoreOS, Keynote
 
OSDC 2018 | Highly Available Cloud Foundry on Kubernetes by Cornelius Schumacher
OSDC 2018 | Highly Available Cloud Foundry on Kubernetes by Cornelius SchumacherOSDC 2018 | Highly Available Cloud Foundry on Kubernetes by Cornelius Schumacher
OSDC 2018 | Highly Available Cloud Foundry on Kubernetes by Cornelius Schumacher
 
Anthos Application Modernization Platform
Anthos Application Modernization PlatformAnthos Application Modernization Platform
Anthos Application Modernization Platform
 
Kubernetes day 2 Operations
Kubernetes day 2 OperationsKubernetes day 2 Operations
Kubernetes day 2 Operations
 
Kubernetes 1.21 release
Kubernetes 1.21 releaseKubernetes 1.21 release
Kubernetes 1.21 release
 
Kubecon US 2019: Kubernetes Multitenancy WG Deep Dive
Kubecon US 2019: Kubernetes Multitenancy WG Deep DiveKubecon US 2019: Kubernetes Multitenancy WG Deep Dive
Kubecon US 2019: Kubernetes Multitenancy WG Deep Dive
 
Successful Patterns for running platforms
Successful Patterns for running platformsSuccessful Patterns for running platforms
Successful Patterns for running platforms
 
Openstack days sv building highly available services using kubernetes (preso)
Openstack days sv building highly available services using kubernetes (preso)Openstack days sv building highly available services using kubernetes (preso)
Openstack days sv building highly available services using kubernetes (preso)
 
Kubernetes and the 12 factor cloud apps
Kubernetes and the 12 factor cloud appsKubernetes and the 12 factor cloud apps
Kubernetes and the 12 factor cloud apps
 
DCEU 18: Designing a Global Centralized Container Platform for a Multi-Cluste...
DCEU 18: Designing a Global Centralized Container Platform for a Multi-Cluste...DCEU 18: Designing a Global Centralized Container Platform for a Multi-Cluste...
DCEU 18: Designing a Global Centralized Container Platform for a Multi-Cluste...
 
Kubernetes: one cluster or many
Kubernetes: one cluster or many Kubernetes: one cluster or many
Kubernetes: one cluster or many
 
Introduction to openshift
Introduction to openshiftIntroduction to openshift
Introduction to openshift
 
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKSMigrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS
 
Webinar: End-to-End CI/CD with GitLab and DC/OS
Webinar: End-to-End CI/CD with GitLab and DC/OSWebinar: End-to-End CI/CD with GitLab and DC/OS
Webinar: End-to-End CI/CD with GitLab and DC/OS
 

Similar to Fabio rapposelli pks-vmug

01 - VMUGIT - Lecce 2018 - Fabio Rapposelli, VMware
01 - VMUGIT - Lecce 2018 - Fabio Rapposelli, VMware01 - VMUGIT - Lecce 2018 - Fabio Rapposelli, VMware
01 - VMUGIT - Lecce 2018 - Fabio Rapposelli, VMware
VMUG IT
 
Kubermatic.pdf
Kubermatic.pdfKubermatic.pdf
Kubermatic.pdf
LibbySchulze
 
Kubermatic CNCF Webinar - start.kubermatic.pdf
Kubermatic CNCF Webinar - start.kubermatic.pdfKubermatic CNCF Webinar - start.kubermatic.pdf
Kubermatic CNCF Webinar - start.kubermatic.pdf
LibbySchulze
 
Demystifying Application Connectivity with Kubernetes in the Docker Platform
Demystifying Application Connectivity with Kubernetes in the Docker PlatformDemystifying Application Connectivity with Kubernetes in the Docker Platform
Demystifying Application Connectivity with Kubernetes in the Docker Platform
Nicola Kabar
 
Demystifying container connectivity with kubernetes in docker
Demystifying container connectivity with kubernetes in dockerDemystifying container connectivity with kubernetes in docker
Demystifying container connectivity with kubernetes in docker
Docker, Inc.
 
The App Developer's Kubernetes Toolbox
The App Developer's Kubernetes ToolboxThe App Developer's Kubernetes Toolbox
The App Developer's Kubernetes Toolbox
Nebulaworks
 
OSDC 2018 | Three years running containers with Kubernetes in Production by T...
OSDC 2018 | Three years running containers with Kubernetes in Production by T...OSDC 2018 | Three years running containers with Kubernetes in Production by T...
OSDC 2018 | Three years running containers with Kubernetes in Production by T...
NETWAYS
 
Kubernetes extensibility
Kubernetes extensibilityKubernetes extensibility
Kubernetes extensibility
Docker, Inc.
 
Red Hat and kubernetes: awesome stuff coming your way
Red Hat and kubernetes: awesome stuff coming your wayRed Hat and kubernetes: awesome stuff coming your way
Red Hat and kubernetes: awesome stuff coming your way
Johannes Brännström
 
Kubernetes One-Click Deployment: Hands-on Workshop (Mainz)
Kubernetes One-Click Deployment: Hands-on Workshop (Mainz)Kubernetes One-Click Deployment: Hands-on Workshop (Mainz)
Kubernetes One-Click Deployment: Hands-on Workshop (Mainz)
QAware GmbH
 
Container orchestration k8s azure kubernetes services
Container orchestration k8s azure kubernetes servicesContainer orchestration k8s azure kubernetes services
Container orchestration k8s azure kubernetes services
Rajesh Kolla
 
Moby KubeCon 2017
Moby KubeCon 2017Moby KubeCon 2017
Moby KubeCon 2017
Patrick Chanezon
 
Centralizing Kubernetes and Container Operations
Centralizing Kubernetes and Container OperationsCentralizing Kubernetes and Container Operations
Centralizing Kubernetes and Container Operations
Kublr
 
Cloud-native .NET Microservices mit Kubernetes
Cloud-native .NET Microservices mit KubernetesCloud-native .NET Microservices mit Kubernetes
Cloud-native .NET Microservices mit Kubernetes
QAware GmbH
 
OSO Confluent GitOps Demo
OSO Confluent GitOps DemoOSO Confluent GitOps Demo
OSO Confluent GitOps Demo
Sion Smith
 
20171122 aws usergrp_coretech-spn-cicd-aws-v01
20171122 aws usergrp_coretech-spn-cicd-aws-v0120171122 aws usergrp_coretech-spn-cicd-aws-v01
20171122 aws usergrp_coretech-spn-cicd-aws-v01
Scott Miao
 
Spring Cloud Services with Pivotal Cloud Foundry- Gokhan Goksu
Spring Cloud Services with Pivotal Cloud Foundry- Gokhan GoksuSpring Cloud Services with Pivotal Cloud Foundry- Gokhan Goksu
Spring Cloud Services with Pivotal Cloud Foundry- Gokhan Goksu
VMware Tanzu
 
Kubernetes for java developers - Tutorial at Oracle Code One 2018
Kubernetes for java developers - Tutorial at Oracle Code One 2018Kubernetes for java developers - Tutorial at Oracle Code One 2018
Kubernetes for java developers - Tutorial at Oracle Code One 2018
Anthony Dahanne
 
CNCF Meetup - OpenShift Overview
CNCF Meetup - OpenShift OverviewCNCF Meetup - OpenShift Overview
CNCF Meetup - OpenShift Overview
Sumit Shatwara
 
Kubernetes Storage Webinar.pptx
Kubernetes Storage Webinar.pptxKubernetes Storage Webinar.pptx
Kubernetes Storage Webinar.pptx
Enrico Rampazzo
 

Similar to Fabio rapposelli pks-vmug (20)

01 - VMUGIT - Lecce 2018 - Fabio Rapposelli, VMware
01 - VMUGIT - Lecce 2018 - Fabio Rapposelli, VMware01 - VMUGIT - Lecce 2018 - Fabio Rapposelli, VMware
01 - VMUGIT - Lecce 2018 - Fabio Rapposelli, VMware
 
Kubermatic.pdf
Kubermatic.pdfKubermatic.pdf
Kubermatic.pdf
 
Kubermatic CNCF Webinar - start.kubermatic.pdf
Kubermatic CNCF Webinar - start.kubermatic.pdfKubermatic CNCF Webinar - start.kubermatic.pdf
Kubermatic CNCF Webinar - start.kubermatic.pdf
 
Demystifying Application Connectivity with Kubernetes in the Docker Platform
Demystifying Application Connectivity with Kubernetes in the Docker PlatformDemystifying Application Connectivity with Kubernetes in the Docker Platform
Demystifying Application Connectivity with Kubernetes in the Docker Platform
 
Demystifying container connectivity with kubernetes in docker
Demystifying container connectivity with kubernetes in dockerDemystifying container connectivity with kubernetes in docker
Demystifying container connectivity with kubernetes in docker
 
The App Developer's Kubernetes Toolbox
The App Developer's Kubernetes ToolboxThe App Developer's Kubernetes Toolbox
The App Developer's Kubernetes Toolbox
 
OSDC 2018 | Three years running containers with Kubernetes in Production by T...
OSDC 2018 | Three years running containers with Kubernetes in Production by T...OSDC 2018 | Three years running containers with Kubernetes in Production by T...
OSDC 2018 | Three years running containers with Kubernetes in Production by T...
 
Kubernetes extensibility
Kubernetes extensibilityKubernetes extensibility
Kubernetes extensibility
 
Red Hat and kubernetes: awesome stuff coming your way
Red Hat and kubernetes: awesome stuff coming your wayRed Hat and kubernetes: awesome stuff coming your way
Red Hat and kubernetes: awesome stuff coming your way
 
Kubernetes One-Click Deployment: Hands-on Workshop (Mainz)
Kubernetes One-Click Deployment: Hands-on Workshop (Mainz)Kubernetes One-Click Deployment: Hands-on Workshop (Mainz)
Kubernetes One-Click Deployment: Hands-on Workshop (Mainz)
 
Container orchestration k8s azure kubernetes services
Container orchestration k8s azure kubernetes servicesContainer orchestration k8s azure kubernetes services
Container orchestration k8s azure kubernetes services
 
Moby KubeCon 2017
Moby KubeCon 2017Moby KubeCon 2017
Moby KubeCon 2017
 
Centralizing Kubernetes and Container Operations
Centralizing Kubernetes and Container OperationsCentralizing Kubernetes and Container Operations
Centralizing Kubernetes and Container Operations
 
Cloud-native .NET Microservices mit Kubernetes
Cloud-native .NET Microservices mit KubernetesCloud-native .NET Microservices mit Kubernetes
Cloud-native .NET Microservices mit Kubernetes
 
OSO Confluent GitOps Demo
OSO Confluent GitOps DemoOSO Confluent GitOps Demo
OSO Confluent GitOps Demo
 
20171122 aws usergrp_coretech-spn-cicd-aws-v01
20171122 aws usergrp_coretech-spn-cicd-aws-v0120171122 aws usergrp_coretech-spn-cicd-aws-v01
20171122 aws usergrp_coretech-spn-cicd-aws-v01
 
Spring Cloud Services with Pivotal Cloud Foundry- Gokhan Goksu
Spring Cloud Services with Pivotal Cloud Foundry- Gokhan GoksuSpring Cloud Services with Pivotal Cloud Foundry- Gokhan Goksu
Spring Cloud Services with Pivotal Cloud Foundry- Gokhan Goksu
 
Kubernetes for java developers - Tutorial at Oracle Code One 2018
Kubernetes for java developers - Tutorial at Oracle Code One 2018Kubernetes for java developers - Tutorial at Oracle Code One 2018
Kubernetes for java developers - Tutorial at Oracle Code One 2018
 
CNCF Meetup - OpenShift Overview
CNCF Meetup - OpenShift OverviewCNCF Meetup - OpenShift Overview
CNCF Meetup - OpenShift Overview
 
Kubernetes Storage Webinar.pptx
Kubernetes Storage Webinar.pptxKubernetes Storage Webinar.pptx
Kubernetes Storage Webinar.pptx
 

More from VMUG IT

04 vmugit aprile_2018_raff_poltronieri
04 vmugit aprile_2018_raff_poltronieri04 vmugit aprile_2018_raff_poltronieri
04 vmugit aprile_2018_raff_poltronieri
VMUG IT
 
03 vmugit aprile_2018_veeam
03 vmugit aprile_2018_veeam03 vmugit aprile_2018_veeam
03 vmugit aprile_2018_veeam
VMUG IT
 
02 vmugit aprile_2018_il_restodelcarlino
02 vmugit aprile_2018_il_restodelcarlino02 vmugit aprile_2018_il_restodelcarlino
02 vmugit aprile_2018_il_restodelcarlino
VMUG IT
 
01 vmugit aprile_2018_bologna_benvenuto
01 vmugit aprile_2018_bologna_benvenuto01 vmugit aprile_2018_bologna_benvenuto
01 vmugit aprile_2018_bologna_benvenuto
VMUG IT
 
07 vmugit aprile_2018_massimiliano_moschini
07 vmugit aprile_2018_massimiliano_moschini07 vmugit aprile_2018_massimiliano_moschini
07 vmugit aprile_2018_massimiliano_moschini
VMUG IT
 
06 vmugit aprile_2018_alessandro_tinivelli
06 vmugit aprile_2018_alessandro_tinivelli06 vmugit aprile_2018_alessandro_tinivelli
06 vmugit aprile_2018_alessandro_tinivelli
VMUG IT
 
05 vmugit aprile_2018_7_layers
05 vmugit aprile_2018_7_layers05 vmugit aprile_2018_7_layers
05 vmugit aprile_2018_7_layers
VMUG IT
 
07 - VMUGIT - Lecce 2018 - Antonio Gentile, Fortinet
07 - VMUGIT - Lecce 2018 - Antonio Gentile, Fortinet07 - VMUGIT - Lecce 2018 - Antonio Gentile, Fortinet
07 - VMUGIT - Lecce 2018 - Antonio Gentile, Fortinet
VMUG IT
 
06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware
06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware
06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware
VMUG IT
 
05 - VMUGIT - Lecce 2018 - Raff Poltronieri, CloudItalia
05 - VMUGIT - Lecce 2018 - Raff Poltronieri, CloudItalia05 - VMUGIT - Lecce 2018 - Raff Poltronieri, CloudItalia
05 - VMUGIT - Lecce 2018 - Raff Poltronieri, CloudItalia
VMUG IT
 
04 - VMUGIT - Lecce 2018 - Giampiero Petrosi, Rubrik
04 - VMUGIT - Lecce 2018 - Giampiero Petrosi, Rubrik04 - VMUGIT - Lecce 2018 - Giampiero Petrosi, Rubrik
04 - VMUGIT - Lecce 2018 - Giampiero Petrosi, Rubrik
VMUG IT
 
03 - VMUGIT - Lecce 2018 - Massimiliano Mortillaro, Tech Unplugged
03 - VMUGIT - Lecce 2018 - Massimiliano Mortillaro, Tech Unplugged03 - VMUGIT - Lecce 2018 - Massimiliano Mortillaro, Tech Unplugged
03 - VMUGIT - Lecce 2018 - Massimiliano Mortillaro, Tech Unplugged
VMUG IT
 
02 - VMUGIT - Lecce 2018 - Enrico Signoretti, OpenIO
02 - VMUGIT - Lecce 2018 - Enrico Signoretti, OpenIO02 - VMUGIT - Lecce 2018 - Enrico Signoretti, OpenIO
02 - VMUGIT - Lecce 2018 - Enrico Signoretti, OpenIO
VMUG IT
 
00 - VMUGIT - Lecce 2018 - Intro
00 - VMUGIT - Lecce 2018 - Intro00 - VMUGIT - Lecce 2018 - Intro
00 - VMUGIT - Lecce 2018 - Intro
VMUG IT
 
Luca dell'oca - italian vmug usercon 2017
Luca dell'oca - italian vmug usercon 2017 Luca dell'oca - italian vmug usercon 2017
Luca dell'oca - italian vmug usercon 2017
VMUG IT
 
Luc Dekens - Italian vmug usercon
Luc Dekens - Italian vmug usercon Luc Dekens - Italian vmug usercon
Luc Dekens - Italian vmug usercon
VMUG IT
 
Gianni Resti
Gianni Resti Gianni Resti
Gianni Resti
VMUG IT
 
Frank Denneman keynote
Frank Denneman keynoteFrank Denneman keynote
Frank Denneman keynote
VMUG IT
 
Vmug 2017 Guido Frabotti
Vmug 2017 Guido FrabottiVmug 2017 Guido Frabotti
Vmug 2017 Guido Frabotti
VMUG IT
 
Claudio Panerai - Achab
Claudio Panerai - Achab Claudio Panerai - Achab
Claudio Panerai - Achab
VMUG IT
 

More from VMUG IT (20)

04 vmugit aprile_2018_raff_poltronieri
04 vmugit aprile_2018_raff_poltronieri04 vmugit aprile_2018_raff_poltronieri
04 vmugit aprile_2018_raff_poltronieri
 
03 vmugit aprile_2018_veeam
03 vmugit aprile_2018_veeam03 vmugit aprile_2018_veeam
03 vmugit aprile_2018_veeam
 
02 vmugit aprile_2018_il_restodelcarlino
02 vmugit aprile_2018_il_restodelcarlino02 vmugit aprile_2018_il_restodelcarlino
02 vmugit aprile_2018_il_restodelcarlino
 
01 vmugit aprile_2018_bologna_benvenuto
01 vmugit aprile_2018_bologna_benvenuto01 vmugit aprile_2018_bologna_benvenuto
01 vmugit aprile_2018_bologna_benvenuto
 
07 vmugit aprile_2018_massimiliano_moschini
07 vmugit aprile_2018_massimiliano_moschini07 vmugit aprile_2018_massimiliano_moschini
07 vmugit aprile_2018_massimiliano_moschini
 
06 vmugit aprile_2018_alessandro_tinivelli
06 vmugit aprile_2018_alessandro_tinivelli06 vmugit aprile_2018_alessandro_tinivelli
06 vmugit aprile_2018_alessandro_tinivelli
 
05 vmugit aprile_2018_7_layers
05 vmugit aprile_2018_7_layers05 vmugit aprile_2018_7_layers
05 vmugit aprile_2018_7_layers
 
07 - VMUGIT - Lecce 2018 - Antonio Gentile, Fortinet
07 - VMUGIT - Lecce 2018 - Antonio Gentile, Fortinet07 - VMUGIT - Lecce 2018 - Antonio Gentile, Fortinet
07 - VMUGIT - Lecce 2018 - Antonio Gentile, Fortinet
 
06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware
06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware
06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware
 
05 - VMUGIT - Lecce 2018 - Raff Poltronieri, CloudItalia
05 - VMUGIT - Lecce 2018 - Raff Poltronieri, CloudItalia05 - VMUGIT - Lecce 2018 - Raff Poltronieri, CloudItalia
05 - VMUGIT - Lecce 2018 - Raff Poltronieri, CloudItalia
 
04 - VMUGIT - Lecce 2018 - Giampiero Petrosi, Rubrik
04 - VMUGIT - Lecce 2018 - Giampiero Petrosi, Rubrik04 - VMUGIT - Lecce 2018 - Giampiero Petrosi, Rubrik
04 - VMUGIT - Lecce 2018 - Giampiero Petrosi, Rubrik
 
03 - VMUGIT - Lecce 2018 - Massimiliano Mortillaro, Tech Unplugged
03 - VMUGIT - Lecce 2018 - Massimiliano Mortillaro, Tech Unplugged03 - VMUGIT - Lecce 2018 - Massimiliano Mortillaro, Tech Unplugged
03 - VMUGIT - Lecce 2018 - Massimiliano Mortillaro, Tech Unplugged
 
02 - VMUGIT - Lecce 2018 - Enrico Signoretti, OpenIO
02 - VMUGIT - Lecce 2018 - Enrico Signoretti, OpenIO02 - VMUGIT - Lecce 2018 - Enrico Signoretti, OpenIO
02 - VMUGIT - Lecce 2018 - Enrico Signoretti, OpenIO
 
00 - VMUGIT - Lecce 2018 - Intro
00 - VMUGIT - Lecce 2018 - Intro00 - VMUGIT - Lecce 2018 - Intro
00 - VMUGIT - Lecce 2018 - Intro
 
Luca dell'oca - italian vmug usercon 2017
Luca dell'oca - italian vmug usercon 2017 Luca dell'oca - italian vmug usercon 2017
Luca dell'oca - italian vmug usercon 2017
 
Luc Dekens - Italian vmug usercon
Luc Dekens - Italian vmug usercon Luc Dekens - Italian vmug usercon
Luc Dekens - Italian vmug usercon
 
Gianni Resti
Gianni Resti Gianni Resti
Gianni Resti
 
Frank Denneman keynote
Frank Denneman keynoteFrank Denneman keynote
Frank Denneman keynote
 
Vmug 2017 Guido Frabotti
Vmug 2017 Guido FrabottiVmug 2017 Guido Frabotti
Vmug 2017 Guido Frabotti
 
Claudio Panerai - Achab
Claudio Panerai - Achab Claudio Panerai - Achab
Claudio Panerai - Achab
 

Recently uploaded

Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...
Zilliz
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Neo4j
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
名前 です男
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
danishmna97
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Matthew Sinclair
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
innovationoecd
 
Data structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdfData structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdf
TIPNGVN2
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
SOFTTECHHUB
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Speck&Tech
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
shyamraj55
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
Edge AI and Vision Alliance
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
Neo4j
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Aggregage
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
KAMESHS29
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
Aftab Hussain
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Neo4j
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Kumud Singh
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
 

Recently uploaded (20)

Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
 
Data structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdfData structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdf
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
 

Fabio rapposelli pks-vmug

  • 1. VMware & Pivotal’s Pivotal Container Service (PKS)
  • 2. whoami • Fabio Rapposelli • Staff Engineer 2 a VMware • https://github.com/frapposelli
  • 3. Agenda 3 1 Containers, CaaS, & PaaS 101 2 Why PKS 3 PKS Technical Overview 4 Packaging & Support CONFIDENTIAL
  • 4. Containers 101 4 Container Host (VM) Developer Dev Host (VM) UBUNTU JAVA TC SERVER {APP} KERNEL CONTAINERCONTAINER Portable Container Image `docker run –d myimage` CONTAINER • Reliable Packaging • Server/VM Density • Fast Time To Launch • Built for CI/CD CONFIDENTIAL
  • 5. Kubernetes 101 (CaaS) 5 K8s Cluster Worker `kubectl apply –f myapp.yml` Worker kube-proxy Master & ETCD kube-proxy Service: nodeport | ingress | LB POD POD Load Balancer URL Request: myapp.foo.com/k8siscool Docker Registry Developer Containers @ Scale Master & ETCD Master & ETCD CONFIDENTIAL
  • 6. Pivotal Cloud Foundry 101 (PaaS) 6 war Availability Zone 1 Availability Zone 2 Availability Zone 3 Staging Root FS Build Pack war `cf push` Drop let A I A I myapp.foo.com *.foo.com = NSX Edge Vip NSX Edge PCF Routing PCF Routing PCF Routing LB Pool Members “Here is my source code Run it on the cloud for me I do not care how” URL Request: myapp.foo.com Developer CONFIDENTIAL
  • 7. Agenda 7 1 Containers, CaaS, & PaaS 101 2 Why PKS 3 PKS Technical Overview 4 Packaging & Support CONFIDENTIAL
  • 8. 75% Of Applications will be “Built”, not “Bought” by 2020 Source: Gartner
  • 9. 9 Code Analysis Testing Commit Code Changes Staging Production Zero Downtime Upgrades AUTOMATED PIPELINE SPEED Releasing smaller things more often will reduce complexity and improve time-to-market QUALITY We embed testing early in the lifecycle to surface problems sooner, avoiding last minute issues and helping us be more responsive to change AGILITY Let’s push updates on a regular basis without ANY downtime to improve customer experience and shorten time-to-market AUTOMATION Let’s integrate tools and automate processes from testing, to builds & deployment CI/CD CI/CD CI/CD CI/CD CI/CD SOFTWARE DEVELOPMENT LIFECYCLE Agile methods help drive Digital Transformation Problem to Solve, Faster Time To Value … Drive Business Value into Production Faster and Safer CONFIDENTIAL
  • 10. Multiple Use Cases Dictate Multiple Workloads and Approaches 10 Container Instance (CI) Container Service (CaaS) Application Platform (PaaS) IaaS CONFIDENTIAL CONTAINERS BATCHES DATA SERVICES MICROSERVICESMONOLITHIC APPLICATIONS The Goal: Pick the Right Approach for the Workload CONFIDENTIAL
  • 11. IaaS Choosing the Right Tool for the Job 11 Developer Provides Tool Provides Container Service Container Orchestration Container Scheduling Primitives for Routing, Logs & Metrics CONTAINER IMAGES, TEMPLATES, DEPLOYMENTS Application Platform APPLICATION CODE Container Service Container Image & build L7 Network & Routing Logs, Metrics, Monitoring Services Marketplace Team, Quotas & Usage Container Instance CONTAINER IMAGE Container Runtime Primitives for Network and Storage Container Instance CONFIDENTIAL CONFIDENTIAL
  • 12. IaaS Choosing the Right Tool for the Job 12 Developer Provides Tool Provides Container Service Container Orchestration Container Scheduling Primitives for Routing, Logs & Metrics CONTAINER IMAGES, TEMPLATES, DEPLOYMENTS Application Platform APPLICATION CODE Container Service Container Image & build L7 Network & Routing Logs, Metrics, Monitoring Services Marketplace Team, Quotas & Usage Container Instance CONTAINER IMAGE Container Runtime Primitives for Network and Storage Container Instance CONFIDENTIAL Application Specificty Higher flexibility, lower automation, more DIY CONFIDENTIAL
  • 13. IaaS Choosing the Right Tool for the Job 13 Abstraction Container Service CONTAINER IMAGES, TEMPLATES, DEPLOYMENTS Application Platform APPLICATION CODE Container Instance CONTAINER IMAGE CONFIDENTIAL Pivotal Container Service Pivotal Cloud Foundry Elastic Runtime BOSH vSphere Integrated Containers CONFIDENTIAL
  • 14. Agenda 14 1 Containers, CaaS, & PaaS 101 2 Why PKS 3 PKS Technical Overview 4 Packaging & Support CONFIDENTIAL
  • 15. Purpose-built container service to operationalize Kubernetes for the multi-cloud enterprises and service providers Fully Supported Kubernetes Runs on vSphere and VMC Unified VM + Containers on SDDC Deep Integration with NSX Hardened, Production-grade HA, Security, Multi-tenancy, Tools VMware and Pivotal Collaborate to Deliver VMware Pivotal Container Service (VMware PKS)
  • 16. Fault-tolerance for masters, workers, and etcd nodes Auto-scaling of masters, workers, and etcd nodes Routine health checks and self- healing of cluster LCM includes rolling upgrades to ensure workload uptime & application of CVEs ScalingHigh Availability Health Checks & Healing Lifecycle Management VMware PKS – Solving Day-2 Operational Challenges
  • 17. 17 BOSH VMware GCP Azure Openstack AWS Container Infrastructure for Cloud-Native Apps Rapidly deliver and operationalize next generation apps Container Registry Kubernetes on BOSH (Kubo) NSX-T GCP Service Broker masteretcd workermasteretcd worker PKS Controller
  • 18. Who is PKS built for? 18 IT Operator – PRE (Platform Reliability Engineering) – Deploy, Scale, Operate Platform – Innovation of Business Capability as Cloud native Apps – Develop, Deploy, Scale, Monitor Apps – Physical Infrastructure is Operated – Network & Security Control Policy is defined • Platform Reliability Engineers – Platform is Reliable – Capacity Is planned for – Platform is Secured & Controlled – Platform is Auditable – Application Dev/Ops owners are Agile • Application Dev/Ops owner – Automate Everything – Agile * Role Shift – It is common to see the VI Admins (IT Ops), becoming the Platform Reliability Engineer Cloud Native Applications at scale can & should be kept running by a 2 Pizza Team mentality (DevOps in Action) Application Dev/Ops Owner Platform Reliability Engineer CONFIDENTIAL
  • 19. 19 BOSH VMware GCP Azure Openstack AWS Container Registry Kubernetes on BOSH (Kubo) NSX-T GCP Service Broker masteretcd workermasteretcd worker PKS Controller PKS Technical Overview
  • 21. PKS BOSH K8S-1 Work er Worker K8S-2 BOSH Agent BOSH Agent K8s-api Team A K8s-api KUBO BOSH Release (tgz) DAY 2 Ops - Auto/Manual Rebuild - Auto/Manual Repair - Manual Scale - Patch & Upgrade - Control & Audit OPS Events NAMESPACE_1: TEAM A NAMESPACE_2: TEAM B Team C Team B NAMESPACE_1: DEFAULT DAY 1 Ops DEPLOY OperateK8s+RunApps/Containers UI & API Worker Application Dev/Ops Owner Application Dev/Ops Owner Application Dev/Ops Owner Work er MASTER WorkerMASTER ETCD WorkerMASTER ETCD MASTER MASTER ETCD Platform Reliability Engineer Self Service K8s BOSH Day 2 1.7 -> 1.8 1.7 -> 1.8 PKS Controller CONFIDENTIAL 21
  • 22. 22 BOSH VMware GCP Azure Openstack AWS Container Registry Kubernetes on BOSH (Kubo) NSX-T GCP Service Broker masteretcd workermasteretcd worker PKS Controller PKS Technical Overview
  • 23. 23 Need Harbor screenshot • user management & access control • role-based access control • AD/LDAP integration • Security vulnerability scanning (Clair) • content trust - image signing • policy based image replication • audit and logs • Restful API • open-source under Apache 2 license Harbor – Enterprise Grade Private Registry CONFIDENTIAL
  • 24. 24 Harbor – Content Trust, When Enabled Un-signed Images Can’t Be Pulled CONFIDENTIAL
  • 25. 25CONFIDENTIAL Harbor – Image Vulnerability Scanning Details (Clair)
  • 26. Harbor – Use Cases PKS Stemcell CVE in Root File System of Container CVE Exec Layer: TC Server CVE on the Container Host OS Vulnerability in Code{} Restage Applications CVE FOUND !!! BOSH CVE & Update Patching • Patch OS Level via Stemcells • Harbor Scans Images for Vulnerability (Clair) • Address CVE in minutes/hours versus days/weeks Application Dev/Ops Owner Platform Reliability Engineer OS CVE FOUND !!! Patched Stemcell Patched Stemcell Patched Worker(s) CONFIDENTIAL 26
  • 27. 27 BOSH VMware GCP Azure Openstack AWS Container Registry Kubernetes on BOSH (Kubo) NSX-T GCP Service Broker masteretcd workermasteretcd worker PKS Controller PKS Technical Overview
  • 28. WorkerWorkerWorker K8s Master K8s Master Kubernetes Components • K8s Cluster Consists of Master(s) and Nodes • K8s Master Components – API Server – Scheduler – Controller Manager – Dashboard • K8s Node Components – Kubelet – Kube-Proxy – Containers Runtime (Docker for PKS 1.0) 28 Controller Manager K8s API Server Key-Value Store dashboard Scheduler K8s Nodes kubelet c runtime Kube-proxy > _ Kubectl CLI K8s Master(s) POD POD Application Dev/Ops Owner CONFIDENTIAL
  • 29. K8s POD Kubernetes Pod – Networking Basics Special ‘Pause’ container (‘owns’ the IP stack) 10.24.0.0/16 10.24.0.2 nginx tcp/80 mgmt tcp/22 logging udp/514 IPC External IP Traffic • A Pod is a group of one or more co-located containers that share an IP address, PID namespace and/or Data Volumes 29CONFIDENTIAL
  • 30. 30 NSX-T & PKS Sample Topology CONFIDENTIAL
  • 31. NSX-T & PKS Components NSX Container Plugin (NCP) • NCP is a software component provided by VMware in form of a container image, e.g. to be run as a K8s Pod. • NCP is build in a modular way, so that individual adapters can be added for different CaaS and PaaS systems 31CONFIDENTIAL
  • 32. PKS & NSX-V • PKS supported with NSX-V or without NSX • Flannel overlay. • 1 Flat SDN Overlay per Cluster • 1 Large CIDR “10.200.0.0/16” • Each worker node routes a subnet for Pods across • Example: 10.200.1.0/24 • No integrated North South Load Balancing • No Integrated Security Policy 32 K8s Cluster K8s Cluster Namespace 1 Namespace 2 Namespace 3 VXLAN Network Namespace 1 Namespace 2 Namespace 3 • NSX-T • Multiple Logical Switches (L2 Domain) per Namespace • Routable as NAT or No-NAT • Integrated Load Balancing (NSX-T 2.1) • Integrated Security Policy CONFIDENTIAL
  • 33. PKS w/ NSX-T & NSX-V • NSX-V and NSX-T Can coexist. • Dedicated Clusters for NSX-T Managed Hosts • Can Share a common vCenter backplane 33 NSX-T Managed Common vCenter w/ NSX-v managed Hosts CONFIDENTIAL
  • 34. NSX-T & PKS Operational Tools 34 NSX-T Traceflow NSX-T Operational Tools • Traceflow • Port Mirroring • Port Connection Tool • Spoofguard • Syslog • Port Counters • IPFIX CONFIDENTIAL
  • 35. 35 BOSH VMware GCP Azure Openstack AWS Container Registry Kubernetes on BOSH (Kubo) NSX-T GCP Service Broker masteretcd workermasteretcd worker PKS Controller PKS Technical Overview
  • 36. GCP Service Broker K8s Cluster WorkerWorker kube-proxy Master & ETCD kube-proxy Service: nodeport | ingress | LB POD PODMaster & ETCD Master & ETCD Application Dev/Ops Owner Broker: GCP SVC Catalog Controller Broker: X Broker: X K8s Secrets: `kubectl cs pubsub –n my_pubsub` • Self Service consumption of GCP services. • Operator controlled via plan & subscriptions • Service bindings (credentials & connection urls) stored as K8s Secrets
  • 37. CONFIDENTIAL 37 Analytics Automation SecurityOperations MonitoringLogging Physical Infrastructure Container Registry vSphere vSAN Kubernetes on BOSH (Kubo) NSX-T BOSH GCP Service Broker masteretcd workermasteretcd worker PKS Technical Overview w/ VMware Integrations PKS Controller
  • 38. Project Hatchway : https://github.com/vmware/vsphere-storage-for-kubernetes ESXi vCenter vSphere Storage for Kubernetes 38 ESXi K8s Worker (Container Host) Datastore1dataVol.vmdk K8s kubelet # vi vsphere.conf POD Tools, Libs, SW Redis DB K8s API ESXi <Add Flags & Restart Ctrlr, API, Kubelets> --cloud-provider=vsphere --cloud-config=vsphere.conf # systemctl restart kubelet.service kind: PersistentVolume spec: capacity: [storage: 16Gi] storageClassName: slow K8s Volume PersistentVolumeClaim K8s vSphere Cloud provider Container CONFIDENTIAL
  • 39. CONFIDENTIAL 39 Analytics Automation SecurityOperations MonitoringLogging Physical Infrastructure Container Registry vSphere vSAN Kubernetes on BOSH (Kubo) NSX-T BOSH GCP Service Broker masteretcd workermasteretcd worker PKS Technical Overview w/ VMware Integrations PKS Controller
  • 40. PKS Telemetry – On vSphere Who needs what? 40 Infra K8s Containers Apps Application Dev/Ops Owner Platform Reliability Engineer vRLI vRops Wavefront CONFIDENTIAL
  • 41. Monitoring & Logging 41 METRICS LOGS Metrics & Logs emit from many Sources: • IaaS (vSphere) • PKS K8s Platform • Applications • NSX • Physical & Logical Platform Reliability Engineer MUST leverage ALL of them PKS Control IaaS CONFIDENTIAL
  • 42. Deamon Set Deamon Set vRLI Logging w/ PKS POD vRLI POD vRLI • App Logging • System Logging – OS & Processes not run in Containers App Logging • Per App Only Sidecar • App Logging @ Pod level POD Daemon Set (PODs) vRLI POD LOGGER DOCKERDDOCKERD vRLI DaemonSet • App Logging @ Cluster level • Cluster Logging Dockerd • App Logging @ Cluster level • Cluster Logging • Not handled in K8s API SyslogD Platform Reliability Engineer Application Dev/Ops Owner & CONFIDENTIAL 42
  • 43. Wavefront & PKS K8s Monitoring Integration w/ Wavefront by VMware Wavefront Integration can be deployed as containers within the K8s Cluster – Proxy – Heapster • Comprehensive Dashboards – SaaS • APM for the Developer • Cluster KPIs for the Operator • Integrated with PKS Image source: https://www.wavefront.com/surf-container-wave-join-wavefront-container-world-santa-clara/ Platform Reliability Engineer Application Dev/Ops Owner CONFIDENTIAL 43
  • 44. 44 vRops & PKS (Operations & Monitoring) vRealize Operations & K8s • Operator KPIs • Single Pane for SDDC & K8s clusters monitoring • vRLI Integrated • Alert on K8s KPIs • Entity Relationship • Capacity Planning • Integrated with PKS Platform Reliability Engineer CONFIDENTIAL
  • 45. CATALOG Entitlements, Approvals, Policies CD PIPELINE Developers, CI/CD LOB Users MANAGEMENT&OPERATIONS PRIVATE CLOUD OR DATA CENTER PUBLIC CLOUD BRANCH/EDGE COMPUTE APP FRAMEWORKS PAAS FAAS GLOBALLY CONSISTENT INFRASTRUCTURE AS CODE IAAS ORCHESTRATION BLUEPRINT CLOUD APIs CLOUD APIs Consume native K8s services from PKS 1 BLUEPRINTS & ITERATIVE DEVELOPMENT Compose applications using simplified YAML iteratively & Deploy to K8s 2 INTEGRATED CATALOG AND PIPELINE Catalog for self-service provisioning of PKS K8s & applications pipelines for CI/CD 3 vRA & PKS (Automation) Application Dev/Ops Owner Platform Reliability Engineer CONFIDENTIAL 45
  • 46. vRNI & PKS (Security & Analytics) – Post 1.1 Platform Reliability Engineer vRealize Network Insight & K8s • Plan Security Policy based on knowledge of actual traffic patterns • Continuously monitor & audit network security compliance • Complete Network Visibility and Troubleshooting • Accelerate micro-segmentation deployment CONFIDENTIAL 46
  • 47. Agenda 47 1 Containers, CaaS, & PaaS 101 2 Why PKS 3 PKS Technical Overview 4 Packaging & Support CONFIDENTIAL
  • 48. 48 BOSH VMware GCP Azure Openstack AWS Container Registry Kubernetes on BOSH (Kubo) NSX-T GCP Service Broker masteretcd workermasteretcd worker PKS Controller PKS Technical Overview
  • 49. Packaging Ops Manager (OVA) Deployed PKS Deployed As an Opsman Tile • Simplified Overview PKS Tile Uploaded, Configured, & Deployed Config Opsman to deploy BOSH pks create cluster A pks create cluster B
  • 50. Global Support Services Available through VMware, Pivotal, and Dell EMC Product GA ~ Late Dec 2017 Go To Market and Support
  • 51.
  • 52. @cloudnativeapps #vmwcna #vmwpks vmware.github.io Thank You! VMware Pivotal Container Services (PKS) blogs.vmware.com/cloudnative 52CONFIDENTIAL

Editor's Notes

  1. Walk Thru of a Container 101 Describe benefits of containers and establish common understanding for K8s discussion.
  2. With announcements today about PKS lets look a little at how K8S is different from PCF From the Developer point of view: I check my code in just like if I were pushing to PCF But in addition to application artifacts, the pipeline is going to build an image for me … In this visual we have a K8S cluster already running docker as the backend container engine, so our CI/CD pipeline will build a docker image for us and post it to a registry, in this case VMware Harbor Afterwhich, the pipeline will instantiate a K8S deployment to run our docker image based application as a set of pods in a replica set in case a worker note goes offline. The developer can than create a ‘service’ that gives worker nodes (or any external node) running the kube-proxy service the ability to route to where those pods are and access the apps/microservices running in them. Ingress routing from external is similar to that of CF with an external DNS map being required to forward requests to 1 or more worker nodes running kube-proxy One of the key differences is that Kubernetes isn’t opinionated on how the container image should be built, this give more flex to the developers but in some cases can make things more difficult for operators as we’ll see later on in the presentation Agility is why developers want it 
  3. Lets walk thru what makes PCF so Powerful …. From the Developer point of view: I write my code {} I check it into a repository A CI/CD pipeline then builds & tests my code, then outputs an ‘artifact’. In this visual, we will use a java app, so it’s a war. The pipeline then ‘pushes’ the artifact to PCF to stage From here its all up to the platform …. Staging occurs, where an image called a ‘droplet’ is built by combining a (1) a read only root filesystem , (2) a buildpack that is a tarball that contains the exec components like tc server for example to run a java app, (3) and the app artifact After staging, the app can now be run. For example if we say that we want 2 instances of the application, PCF will launch 2 containers using the same droplet image we just compiled and schedule them across CF Availability Zones. This gives us the ability to keep our app up if an AZ were to go offline. PCF also creates a route map for our application so when a request is forwarded to it, the request can be routed to the correct containers. PCF calls these containers Application Instances or AIs Developers also benefit from a rich set of buildpacks in the platform support many application dev frameworks. Even .net apps with Windows Container hosts are supported by PCF. Agility is why developers want it 
  4. Application Purchases Will Increasingly Be "Build," Not "Buy" Gartner predicts that by 2020, 75 percent of application purchases supporting digital business will be "build," not "buy." Gartner's research shows that many organizations already favor a new kind of "build" that does not include out-of-the-box solutions, but instead is a combination of application components that are differentiated, innovative and not standard software or software with professional services (for customization and integration requirements), or solutions that are increasingly sourced from startups, disrupters or specialized local providers.  http://www.gartner.com/newsroom/id/3119717
  5. Adopting Agile processes is a key driver to help a business digitally transform. Software truly is eating the world. The key for these business is changing not only the way apps are coded, for example cloud native/12 factor) but also the processes by which they are built and operationalized Speed: Compose apps as micro services to allow more scalable and rapid development. Work for smaller releases to reduce sprints Automation: Automate everything. It reduces risk and increases speed Quality: Test Driven coding, tests should be part of the pipeline, if a fault is found, tests go back into the pipeline. Agility: Release often, design apps and pipelines to allow for frequent pushes.
  6. By making the first task on any software effort “delivery” - deploy the code somewhere, even if it doesn’t do anything. And then keep doing that every time you change anything…
  7. In the ‘New Stack” required for an agile world , the Developer and the Operator need to act as 1, or at least a 1 pizza team (or 2 pizza if they are hungry). Sort of like the acronym Devops  This means that just like the Developer needs everything API Driven & self service from the platform, the Platform Operator also needs everything API driven & self service from his infrastructure. The Devops team cant lob stuff over the fence, they own it!!!!
  8. API server: Target for all operations to the data model. External API clients like the K8s CLI client, the dashboard Web-Service, as well as all external and internal components interact with the API server by ’watching’ and ‘setting’ resources Scheduler: Monitors Container (Pod) resources on the API Server, and assigns Worker Nodes to run the Pods based on filters Controller Manager: Embeds the core control loops shipped with Kubernetes. In Kubernetes, a controller is a control loop that watches the shared state of the cluster through the apiserver and makes changes attempting to move the current state towards the desired state Etcd: Is used as the distributed key-value store of Kubernetes Watching: In etcd and Kubernetes everything is centered around ‘watching’ resources. Every resource can be watched in K8s on etcd through the API Server Kubelet: The Kubelet agent on the Nodes is watching for ‘PodSpecs’ to determine what it is supposed to run Kubelet: Instructs Container runtimes to run containers through the container runtime API interface Docker: Is the most used container runtime in K8s. However K8s is ‘runtime agnostic’, and the goal is to support any runtime through a standard interface (CRI-O) Rkt: Besides Docker, Rkt by CoreOS is the most visible alternative, and CoreOS drives a lot of standards like CNI and CRI-O Kube-Proxy: Is a daemon watching the K8s ‘services’ on the API Server and implements east/west load-balancing on the nodes using NAT in IPTables
  9. POD: A pod (as in a pod of whales or pea pod) is a group of one or more containers Networking: Containers within a pod share an IP address and port space, and can find each other via localhost. They can also communicate with each other using standard inter-process communications like SystemV semaphores or POSIX shared memory Pause Container: A service container named ‘pause’ is created by Kubelet. Its sole purpose is to own the network stack (linux network namespace) and build the ‘low level network plumbing’ External Connectivity: Only the pause container is started with an IP interface Storage: Containers in a Pod also share the same data volumes Motivation: Pods are a model of the pattern of multiple cooperating processes which form a cohesive unit of service
  10. (click) Configure a vSphere Cloud Provider Manifest. Provide key info …. like vCenter Creds & default datastores (click) Restart all core K8s components & add new flags to enable vSphere Cloud Provider (API, K8s Ctrlr, & Kubelets (click) Create a K8s Persistent volume kubectl cmd applys the yaml via the K8s API… The Kubelet picks up the work and uses the configured Storage provider The Persistent Volume is created on the Datastore (can even optionally pass vSAN Storage Classes for SBPM) (click) The vmdk is represented as a K8 PersistentVolume A running POD can now make a PersistentVolumeClaim and mount the volume https://vmware.github.io/vsphere-storage-for-kubernetes
  11. A PCF deployment will emit various logs & metrics from various sources.
  12. How do we modernize IT and Applications across multiple clouds and multiple platforms: 1. Make the cloud easy: Create /Deploy/ OOTB content / integrations for a private cloud A.) Easy deploy(LCM) B.) Quick TTV(OOTB dashboard, sizing, workflows, Integrations) infoblox, snow, puppet, teraform, OOTB content C.) SaaS services 2. Simplify dev consumption: Unified consumption model across all clouds A.) Globally consistent IaaS (API) B.) Blueprints and Iterative dev C.) Integrated catalog of services and pipeline 3. Consistent, unified ops: Unified Ops for all apps across platforms A.) Closed loop workload scheduling (Automatically place and re-balance VMs) B.) Realtime full-stack troubleshooting and monitoring (wavefront) (extra slide) C.) App intelligence (bringing together infra and apps, NI, apps, infra metrics) (possible extra slide)
  13. MG: Add Opsman experience here