Joonathan Mägi, profile picture
Uploaded byJoonathan Mägi
PPTX, PDF770 views

From 0 to 60 with kubernetes and istio

The document provides an overview of using Kubernetes and Istio for managing containerized applications, emphasizing that Kubernetes is production-ready and Istio complements it by enhancing microservice management. It details the steps for launching a Kubernetes cluster on AWS using kops, including necessary permissions and commands for configuration, installation, and validation. It also touches on deploying applications on the Istio-enabled cluster, traffic management, and monitoring tools like Grafana and Jaeger, encouraging further exploration of Kubernetes and Istio resources.

Embed presentation

Downloaded 34 times
FROM 0 TO 60 WITH KUBERNETES AND ISTIO J o o n a t h a n M ä g i
KUBERNETES & ISTIO  It’s not scary to get started  Kubernetes is production ready  Istio builds on Envoy but many components are early in their life and require testing for your use case  Not only for “microservices”  Complementary to Kubernetes
KUBERNETES  End to end system to automate management of containerized applications  Portable  Open source, started at Google, now governed by CNCF  Supports range of container tools, including Docker
KUBERNETES BUILDING BLOCKS  Pods  ReplicationControllers  Services  Labels  Ingress
WHERE CAN YOU RUN K8S  Minikube  Docker for Mac & Windows (beta signup)  Google Kubernetes Engine (previously known as Container Engine or GKE)  Azure Container Service (AKS)  Kubernetes Operations (kops)  kubeadm
KOPS  De facto way to provision Kubernetes on AWS  Fully automated installation  Self-healing  High-Availability support  Not only for setup but also for maintenance, upgrades, cluster cleanups
INSTALL KOPS AND AWS CLI Install kubectl: brew update && brew install kubernetes-cli Install kops: brew update && brew install kops Install AWS CLI Tools: brew update && brew install awscli
LAUNCHING A KUBERNETES CLUSTER HOSTED ON AWS You need an AWS user with the following simplified permissions for: AmazonEC2FullAccess AmazonRoute53FullAccess AmazonS3FullAccess IAMFullAccess AmazonVPCFullAccess
LAUNCHING A KUBERNETES CLUSTER HOSTED ON AWS S3 bucket for cluster state storage: aws s3api create-bucket --bucket kubernetes-example-co-uk-state-store-2 --region eu-central-1 --create-bucket-configuration LocationConstraint=eu-central-1 aws s3api put-bucket-versioning --bucket kubernetes-example-co-uk-state-store-2 --versioning-configuration Status=Enabled
LAUNCHING A KUBERNETES CLUSTER HOSTED ON AWS Prepare your local environment: export NAME=presentationcluster.kubernetes-example.co.uk export KOPS_STATE_STORE=s3://kubernetes-example-co-uk-state-store-2 You don’t have to use environmental variables here. You can always define the values using the --name and --state flags.
LAUNCHING A KUBERNETES CLUSTER HOSTED ON AWS Let’s create a cluster configuration: kops create cluster --zones "eu-central-1a,eu-central-1b,eu-central-1c" --master-zones "eu-central-1a,eu-central-1b,eu-central-1c" --master-count 3 --node-count 4 --topology private --networking kopeio-vxlan --bastion --name presentationcluster.kubernetes-example.co.uk --state s3://kubernetes-example-co-uk-state-store-2
LAUNCHING A KUBERNETES CLUSTER HOSTED ON AWS Let’s build the cluster: kops update cluster --name presentationcluster.kubernetes-example.co.uk --yes This will take a while. Once it finishes you'll have to wait while the started instances finish downloading and setting up Kubernetes components and reach a "ready" state.
LAUNCHING A KUBERNETES CLUSTER HOSTED ON AWS Let’s take a look at the cluster we just built: kubectl get nodes kops validate cluster kubectl get pods --namespace kube-system
ISTIO  Platform to connect, manage, and secure microservices  Addresses many of the challenges as we transition towards a distributed microservice architecture  Wide protocol support from TCP to higher level HTTP, gRPC, Websocket, Redis etc.  Tackles traffic management, observability, identity and security  Brings resilience and fault-injection features to the table  Builds on proven Envoy proxy from Lyft
INSTALL ISTIO Let’s get Istio installed: curl -L https://git.io/getLatestIstio | sh - cd istio-0.2.12 export PATH=$PWD/bin:$PATH # deploy istio kubectl apply -f install/kubernetes/istio.yaml # validate the installation kubectl get svc -n istio-system kubectl get pods -n istio-system
ISTIO ADDONS # let’s install some Isito addons kubectl apply -f install/kubernetes/addons/prometheus.yaml kubectl apply -f install/kubernetes/addons/grafana.yaml kubectl apply -f install/kubernetes/addons/servicegraph.yaml kubectl apply -n istio-system -f https://raw.githubusercontent.com/jaegertracing/jaeger- kubernetes/master/all-in-one/jaeger-all-in-one-template.yml
APPLICATION DEPLOYMENT Deploying our first application on our Istio enabled Kubernetes cluster: kubectl apply -f <(istioctl kube-inject -f samples/bookinfo/kube/bookinfo.yaml)
APPLICATION ON ISTIO
APPLICATION DEPLOYMENT kubectl get services kubectl get pods # let’s see how to access our deployed application (/productpage) kubectl get ingress -o wide http://books.kubernetes-example.co.uk/productpage
INTELLIGENT ROUTING # route all traffic to review v1 istioctl create -f route-rule-all-v1.yaml # route for test user “joonathan” to v3 istioctl create -f route-rule-reviews-test-v3.yaml istioctl get routerule reviews-test-v3 -o yaml # route everyones traffic to v3 istioctl replace -f route-rule-reviews-v3.yaml
GRAFANA # let’s look at some metrics in grafana coming in kubectl -n istio-system port-forward $(kubectl -n istio-system get pod -l app=grafana -o jsonpath='{.items[0].metadata.name}') 3000:3000 http://localhost:3000/dashboard/db/istio-dashboard
DOTVIZ # how are our services connected? kubectl -n istio-system port-forward $(kubectl -n istio-system get pod -l app=servicegraph -o jsonpath='{.items[0].metadata.name}') 8088:8088 http://localhost:8088/dotviz
JAEGER # distributed tracing using Jaeger kubectl port-forward -n istio-system $(kubectl get pod -n istio-system -l app=jaeger -o jsonpath='{.items[0].metadata.name}') 16686:16686 http://localhost:16686
NEXT STEPS… We covered only a small subset of what Kubernetes and Istio have to offer. Continue learning at kubernetes.io and istio.io. Come and solve interesting microservices challenges with me at MOVE Guides.
THANKS! http://moveguides.com/careers

More Related Content

PDF
Devops - Microservice and Kubernetes
byNodeXperts
 
PDF
Istio presentation jhug
byGeorgios Andrianakis
 
PPTX
Bitbucket Pipelines - Powered by Kubernetes
byNathan Burrell
 
PDF
Microservices, Kubernetes and Istio - A Great Fit!
byAnimesh Singh
 
PDF
Istio By Example (extended version)
byJosef Adersberger
 
PDF
Azure Kubernetes Service - benefits and challenges
byWojciech Barczyński
 
PDF
Kubernetes on AWS
byGrant Ellis
 
PPTX
Open service broker API with Azure Kubernetes Services
byJorge Arteiro
 
Devops - Microservice and Kubernetes
byNodeXperts
 
Istio presentation jhug
byGeorgios Andrianakis
 
Bitbucket Pipelines - Powered by Kubernetes
byNathan Burrell
 
Microservices, Kubernetes and Istio - A Great Fit!
byAnimesh Singh
 
Istio By Example (extended version)
byJosef Adersberger
 
Azure Kubernetes Service - benefits and challenges
byWojciech Barczyński
 
Kubernetes on AWS
byGrant Ellis
 
Open service broker API with Azure Kubernetes Services
byJorge Arteiro
 

What's hot

PDF
Best Practices with Azure Kubernetes Services
byQAware GmbH
 
PDF
Andrea Tosatto - Kubernetes Beyond - Codemotion Milan 2017
byCodemotion
 
PDF
M.Montalbano/M.Colombo Speroni/S.Sala - Combining React and Websocket to buil...
byCodemotion
 
PPTX
Kubernetes 101
byJupil Hwang
 
PDF
Virtualized Containers - How Good is it - Ananth - Siemens - CC18
byCodeOps Technologies LLP
 
PDF
Cloud Native Microservices with Spring Cloud
byConor Svensson
 
PPTX
AKS Azure Kubernetes Services - Azure Nights melbourne feb 2018
byJorge Arteiro
 
PPTX
Introduction to Kubernetes
byrajdeep
 
PPTX
Kubernetes and Istio
byKetan Gote
 
PDF
DevJam 2019 - OpenNMS Integration API
byRonny Trommer
 
PDF
Kubescape single pane of glass
byLibbySchulze1
 
PDF
Kubernetes One-Click Deployment: Hands-on Workshop (Munich)
byQAware GmbH
 
PPTX
Kubernetes security
bySaiyam Pathak
 
PPTX
Multi host container networking
byWeaveworks
 
PDF
KubeCon 2018 - Running VM Workloads Side by Side with Container Workloads
byloodse
 
PPTX
GlobalAzureBootCamp 2018
bygirish goudar
 
PPTX
Serverless on Kubernetes
bySebastien Goasguen
 
PDF
Securing Containers - Sathyajit Bhat - Adobe - Container Conference 18
byCodeOps Technologies LLP
 
PDF
Kubernetes Networking 101
byKublr
 
PPTX
Securing and Automating Kubernetes with Kyverno
bySaim Safder
 
Best Practices with Azure Kubernetes Services
byQAware GmbH
 
Andrea Tosatto - Kubernetes Beyond - Codemotion Milan 2017
byCodemotion
 
M.Montalbano/M.Colombo Speroni/S.Sala - Combining React and Websocket to buil...
byCodemotion
 
Kubernetes 101
byJupil Hwang
 
Virtualized Containers - How Good is it - Ananth - Siemens - CC18
byCodeOps Technologies LLP
 
Cloud Native Microservices with Spring Cloud
byConor Svensson
 
AKS Azure Kubernetes Services - Azure Nights melbourne feb 2018
byJorge Arteiro
 
Introduction to Kubernetes
byrajdeep
 
Kubernetes and Istio
byKetan Gote
 
DevJam 2019 - OpenNMS Integration API
byRonny Trommer
 
Kubescape single pane of glass
byLibbySchulze1
 
Kubernetes One-Click Deployment: Hands-on Workshop (Munich)
byQAware GmbH
 
Kubernetes security
bySaiyam Pathak
 
Multi host container networking
byWeaveworks
 
KubeCon 2018 - Running VM Workloads Side by Side with Container Workloads
byloodse
 
GlobalAzureBootCamp 2018
bygirish goudar
 
Serverless on Kubernetes
bySebastien Goasguen
 
Securing Containers - Sathyajit Bhat - Adobe - Container Conference 18
byCodeOps Technologies LLP
 
Kubernetes Networking 101
byKublr
 
Securing and Automating Kubernetes with Kyverno
bySaim Safder
 

Similar to From 0 to 60 with kubernetes and istio

PPTX
Kubernetes Manchester - 6th December 2018
byDavid Stockton
 
PDF
OSS Japan 2019 service mesh bridging Kubernetes and legacy
bySteve Wong
 
PDF
DevOpsDays Houston 2019 - Dan Kirkpatrick - My Kubernetes Tool Chain: Open-So...
byDevOpsDays Houston
 
PDF
Deploying Kubernetes in the Enterprise (IBM #Think2019 #7678 Tech Talk)
byMichael Elder
 
PDF
Introduction to istio
byAndrea Monacchi
 
PPTX
Kubernetes Internals
byShimi Bandiel
 
PDF
Kubernetes - Starting with 1.2
byWilliam Stewart
 
PDF
Kubernetes for Java Developers
byAnthony Dahanne
 
PDF
Istio Playground
byQAware GmbH
 
PDF
Get you Java application ready for Kubernetes !
byAnthony Dahanne
 
PDF
Lessons learned migrating 100+ services to Kubernetes
byJose Galarza
 
PDF
Kubernetes for the PHP developer
byPaul Czarkowski
 
PDF
A DevOps guide to Kubernetes
byPaul Czarkowski
 
PDF
Kubernetes for java developers - Tutorial at Oracle Code One 2018
byAnthony Dahanne
 
PDF
Build Your Own CaaS (Container as a Service)
byHungWei Chiu
 
PPTX
K8s in 3h - Kubernetes Fundamentals Training
byPiotr Perzyna
 
PPTX
Setup Kubernetes Cluster On AWS Using KOPS
bySivaprakash
 
PDF
Using kubernetes to lose your fear of using containers
byjosfuecas
 
PPTX
Kubernetes Services are sooo Yesterday!
byCloudOps2005
 
PDF
Introduction to EKS (AWS User Group Slovakia)
byVladimir Simek
 
Kubernetes Manchester - 6th December 2018
byDavid Stockton
 
OSS Japan 2019 service mesh bridging Kubernetes and legacy
bySteve Wong
 
DevOpsDays Houston 2019 - Dan Kirkpatrick - My Kubernetes Tool Chain: Open-So...
byDevOpsDays Houston
 
Deploying Kubernetes in the Enterprise (IBM #Think2019 #7678 Tech Talk)
byMichael Elder
 
Introduction to istio
byAndrea Monacchi
 
Kubernetes Internals
byShimi Bandiel
 
Kubernetes - Starting with 1.2
byWilliam Stewart
 
Kubernetes for Java Developers
byAnthony Dahanne
 
Istio Playground
byQAware GmbH
 
Get you Java application ready for Kubernetes !
byAnthony Dahanne
 
Lessons learned migrating 100+ services to Kubernetes
byJose Galarza
 
Kubernetes for the PHP developer
byPaul Czarkowski
 
A DevOps guide to Kubernetes
byPaul Czarkowski
 
Kubernetes for java developers - Tutorial at Oracle Code One 2018
byAnthony Dahanne
 
Build Your Own CaaS (Container as a Service)
byHungWei Chiu
 
K8s in 3h - Kubernetes Fundamentals Training
byPiotr Perzyna
 
Setup Kubernetes Cluster On AWS Using KOPS
bySivaprakash
 
Using kubernetes to lose your fear of using containers
byjosfuecas
 
Kubernetes Services are sooo Yesterday!
byCloudOps2005
 
Introduction to EKS (AWS User Group Slovakia)
byVladimir Simek
 

Recently uploaded

PDF
8 LLM Surveys https://tinyurl.com/bdz8e6fp
byBob Marcus
 
PDF
DIGITAL FORENSICS - Notes for Everything.pdf
bypankajkumavatbeit
 
PDF
AI and Computer Architecture: 200 Years Together
byDmitry Zinoviev
 
PDF
Zero Trust & Defense-in-Depth: The Future of Critical Infrastructure Security
byYasir Naveed Riaz
 
PDF
Safeguarding AI-Based Financial Infrastructure
byYasir Naveed Riaz
 
PDF
Guided Substation Engineering with CoMPAS: Simplifying IEC 61850
byDanBrown980551
 
PDF
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
PDF
Generative AI in UiPath: Mastering the Generative Extractor for Intelligent D...
byDianaGray10
 
PDF
Empowering Productivity with Clever Prompts and Intelligent Agents
byUni Systems S.M.S.A.
 
PDF
Security Technologys: Access Control, Firewall, VPN
byShielaLasala
 
PPTX
RISE with SAP for Automotive - S4 HANA Value.pptx
byAmira Jemi
 
PDF
Incident Response Planning with a Foundation Model
byKim Hammar
 
PDF
Ransomware_Resilience_Strategic_Playbook.pdf
byAfonso Henrique Rodrigues Alves
 
PDF
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
PDF
Generative AI in 2026: Hype, Bubble, Winter or The Real Deal?
byDr. Tathagat Varma
 
PDF
Usage Control for Process Discovery through a Trusted Execution Environment
byValerioGoretti
 
PDF
Innovative AI Solutions for Business Growth.pdf
byVox Works
 
PDF
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
PDF
The Ultimate Guide to Problem Management Dashboards for IT Teams.pdf
byomnex systems
 
PDF
Igniting the Future: Copilot trends, agentic transformation and product roadm...
byUni Systems S.M.S.A.
 
8 LLM Surveys https://tinyurl.com/bdz8e6fp
byBob Marcus
 
DIGITAL FORENSICS - Notes for Everything.pdf
bypankajkumavatbeit
 
AI and Computer Architecture: 200 Years Together
byDmitry Zinoviev
 
Zero Trust & Defense-in-Depth: The Future of Critical Infrastructure Security
byYasir Naveed Riaz
 
Safeguarding AI-Based Financial Infrastructure
byYasir Naveed Riaz
 
Guided Substation Engineering with CoMPAS: Simplifying IEC 61850
byDanBrown980551
 
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
Generative AI in UiPath: Mastering the Generative Extractor for Intelligent D...
byDianaGray10
 
Empowering Productivity with Clever Prompts and Intelligent Agents
byUni Systems S.M.S.A.
 
Security Technologys: Access Control, Firewall, VPN
byShielaLasala
 
RISE with SAP for Automotive - S4 HANA Value.pptx
byAmira Jemi
 
Incident Response Planning with a Foundation Model
byKim Hammar
 
Ransomware_Resilience_Strategic_Playbook.pdf
byAfonso Henrique Rodrigues Alves
 
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
Generative AI in 2026: Hype, Bubble, Winter or The Real Deal?
byDr. Tathagat Varma
 
Usage Control for Process Discovery through a Trusted Execution Environment
byValerioGoretti
 
Innovative AI Solutions for Business Growth.pdf
byVox Works
 
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
The Ultimate Guide to Problem Management Dashboards for IT Teams.pdf
byomnex systems
 
Igniting the Future: Copilot trends, agentic transformation and product roadm...
byUni Systems S.M.S.A.
 

From 0 to 60 with kubernetes and istio

  • 1.
    FROM 0 TO60 WITH KUBERNETES AND ISTIO J o o n a t h a n M ä g i
  • 2.
    KUBERNETES & ISTIO It’s not scary to get started  Kubernetes is production ready  Istio builds on Envoy but many components are early in their life and require testing for your use case  Not only for “microservices”  Complementary to Kubernetes
  • 3.
    KUBERNETES  End toend system to automate management of containerized applications  Portable  Open source, started at Google, now governed by CNCF  Supports range of container tools, including Docker
  • 4.
    KUBERNETES BUILDING BLOCKS Pods  ReplicationControllers  Services  Labels  Ingress
  • 5.
    WHERE CAN YOURUN K8S  Minikube  Docker for Mac & Windows (beta signup)  Google Kubernetes Engine (previously known as Container Engine or GKE)  Azure Container Service (AKS)  Kubernetes Operations (kops)  kubeadm
  • 6.
    KOPS  De factoway to provision Kubernetes on AWS  Fully automated installation  Self-healing  High-Availability support  Not only for setup but also for maintenance, upgrades, cluster cleanups
  • 7.
    INSTALL KOPS ANDAWS CLI Install kubectl: brew update && brew install kubernetes-cli Install kops: brew update && brew install kops Install AWS CLI Tools: brew update && brew install awscli
  • 8.
    LAUNCHING A KUBERNETES CLUSTERHOSTED ON AWS You need an AWS user with the following simplified permissions for: AmazonEC2FullAccess AmazonRoute53FullAccess AmazonS3FullAccess IAMFullAccess AmazonVPCFullAccess
  • 9.
    LAUNCHING A KUBERNETES CLUSTERHOSTED ON AWS S3 bucket for cluster state storage: aws s3api create-bucket --bucket kubernetes-example-co-uk-state-store-2 --region eu-central-1 --create-bucket-configuration LocationConstraint=eu-central-1 aws s3api put-bucket-versioning --bucket kubernetes-example-co-uk-state-store-2 --versioning-configuration Status=Enabled
  • 10.
    LAUNCHING A KUBERNETES CLUSTERHOSTED ON AWS Prepare your local environment: export NAME=presentationcluster.kubernetes-example.co.uk export KOPS_STATE_STORE=s3://kubernetes-example-co-uk-state-store-2 You don’t have to use environmental variables here. You can always define the values using the --name and --state flags.
  • 11.
    LAUNCHING A KUBERNETES CLUSTERHOSTED ON AWS Let’s create a cluster configuration: kops create cluster --zones "eu-central-1a,eu-central-1b,eu-central-1c" --master-zones "eu-central-1a,eu-central-1b,eu-central-1c" --master-count 3 --node-count 4 --topology private --networking kopeio-vxlan --bastion --name presentationcluster.kubernetes-example.co.uk --state s3://kubernetes-example-co-uk-state-store-2
  • 12.
    LAUNCHING A KUBERNETES CLUSTERHOSTED ON AWS Let’s build the cluster: kops update cluster --name presentationcluster.kubernetes-example.co.uk --yes This will take a while. Once it finishes you'll have to wait while the started instances finish downloading and setting up Kubernetes components and reach a "ready" state.
  • 13.
    LAUNCHING A KUBERNETES CLUSTERHOSTED ON AWS Let’s take a look at the cluster we just built: kubectl get nodes kops validate cluster kubectl get pods --namespace kube-system
  • 14.
    ISTIO  Platform toconnect, manage, and secure microservices  Addresses many of the challenges as we transition towards a distributed microservice architecture  Wide protocol support from TCP to higher level HTTP, gRPC, Websocket, Redis etc.  Tackles traffic management, observability, identity and security  Brings resilience and fault-injection features to the table  Builds on proven Envoy proxy from Lyft
  • 15.
    INSTALL ISTIO Let’s getIstio installed: curl -L https://git.io/getLatestIstio | sh - cd istio-0.2.12 export PATH=$PWD/bin:$PATH # deploy istio kubectl apply -f install/kubernetes/istio.yaml # validate the installation kubectl get svc -n istio-system kubectl get pods -n istio-system
  • 16.
    ISTIO ADDONS # let’sinstall some Isito addons kubectl apply -f install/kubernetes/addons/prometheus.yaml kubectl apply -f install/kubernetes/addons/grafana.yaml kubectl apply -f install/kubernetes/addons/servicegraph.yaml kubectl apply -n istio-system -f https://raw.githubusercontent.com/jaegertracing/jaeger- kubernetes/master/all-in-one/jaeger-all-in-one-template.yml
  • 17.
    APPLICATION DEPLOYMENT Deploying ourfirst application on our Istio enabled Kubernetes cluster: kubectl apply -f <(istioctl kube-inject -f samples/bookinfo/kube/bookinfo.yaml)
  • 18.
  • 19.
    APPLICATION DEPLOYMENT kubectl getservices kubectl get pods # let’s see how to access our deployed application (/productpage) kubectl get ingress -o wide http://books.kubernetes-example.co.uk/productpage
  • 20.
    INTELLIGENT ROUTING # routeall traffic to review v1 istioctl create -f route-rule-all-v1.yaml # route for test user “joonathan” to v3 istioctl create -f route-rule-reviews-test-v3.yaml istioctl get routerule reviews-test-v3 -o yaml # route everyones traffic to v3 istioctl replace -f route-rule-reviews-v3.yaml
  • 21.
    GRAFANA # let’s lookat some metrics in grafana coming in kubectl -n istio-system port-forward $(kubectl -n istio-system get pod -l app=grafana -o jsonpath='{.items[0].metadata.name}') 3000:3000 http://localhost:3000/dashboard/db/istio-dashboard
  • 22.
    DOTVIZ # how areour services connected? kubectl -n istio-system port-forward $(kubectl -n istio-system get pod -l app=servicegraph -o jsonpath='{.items[0].metadata.name}') 8088:8088 http://localhost:8088/dotviz
  • 23.
    JAEGER # distributed tracingusing Jaeger kubectl port-forward -n istio-system $(kubectl get pod -n istio-system -l app=jaeger -o jsonpath='{.items[0].metadata.name}') 16686:16686 http://localhost:16686
  • 24.
    NEXT STEPS… We coveredonly a small subset of what Kubernetes and Istio have to offer. Continue learning at kubernetes.io and istio.io. Come and solve interesting microservices challenges with me at MOVE Guides.
  • 25.

Editor's Notes

  • #4 Kubernetes or "K8s" is an open-source system for automating deployment, scaling and management of containerized applications that was originally designed by Google and donated to the Cloud Native Computing Foundation. It aims to provide a "platform for automating deployment, scaling, and operations of application containers across clusters of hosts". It supports a range of container tools, including Docker. Portable: public, private, hybrid, multi-cloud Extensible: modular, pluggable, hookable, composable Self-healing: auto-placement, auto-restart, auto-replication, auto-scaling
  • #5 A pod is a group of one or more containers, with shared storage/network, and a specification for how to run the containers. A pod’s contents are always co-located and co-scheduled, and run in a shared context. A ReplicationController ensures that a specified number of pod replicas are running at any one time. In other words it makes sure that a pod or set of pods is always up and available. Kubernetes Service is an abstraction which defines a logical set of Pods and a policy by which to access them. The set of Pods targeted by a Service are usually determined by a Label Selector. Kubernetes uses labels as "nametags" to identify things. And it can query based on these labels. Labels are open-ended: You can use them to indicate roles, stability, or other important attributes. Ingress is an object that manages external access to the services in a cluster. Ingress can provide load balancing, SSL termination and name-based virtual hosting.
  • #7 kops helps you create, destroy, upgrade and maintain production-grade, highly available Kubernetes clusters from the command line. AWS (Amazon Web Services) is currently officially supported. All instances created by kops will be built within Auto Scaling Groups, which means each instance will be automatically monitored and rebuilt by AWS if it suffers any failure.
  • #8 For all platforms see specific documentation for installation: kops: https://github.com/kubernetes/kops/blob/master/docs/install.md kubectl: https://kubernetes.io/docs/tasks/tools/install-kubectl/ AWS cli: http://docs.aws.amazon.com/cli/latest/userguide/installing.html
  • #10 Enabling versioning allows to go back to previous version of cluster definition files in cases of overwrites etc.
  • #12 All instances created by kops will be built within Auto Scaling Groups, which makes the instances automatically monitored and rebuilt by AWS in cases of failures. To see the created definitions you can use `kops edit` commands: kops edit cluster --name ${NAME} kops edit ig --name ${NAME} nodes
  • #15 Traffic Management. Control the flow of traffic and API calls between services, make calls more reliable, and make the network more robust in the face of adverse conditions. Observability. Gain understanding of the dependencies between services and the nature and flow of traffic between them, providing the ability to quickly identify issues. Policy Enforcement. Apply organizational policy to the interaction between services, ensure access policies are enforced and resources are fairly distributed among consumers. Policy changes are made by configuring the mesh, not by changing application code. Service Identity and Security. Provide services in the mesh with a verifiable identity and provide the ability to protect service traffic as it flows over networks of varying degrees of trustability.
  • #19 Envoy proxies have been injected to all the pods and all traffic is being routed via these.
  • #22 http://localhost:8088/dotviz