This document provides an agenda and instructions for a hands-on introduction to Kubernetes tutorial. The tutorial will cover Kubernetes basics like pods, services, deployments and replica sets. It includes steps for setting up a local Kubernetes environment using Minikube and demonstrates features like rolling updates, rollbacks and self-healing. Attendees will learn how to develop container-based applications locally with Kubernetes and deploy changes to preview them before promoting to production.
Author: Oleg Chunikhin, www.eastbanctech.com
Kubernetes is a portable open source system for managing and orchestrating containerized cluster applications. Kubernetes solves a number of DevOps related problems out of the box in a simple and unified way – rolling updates and update rollback, canary deployment and other complicated deployment scenarios, scaling, load balancing, service discovery, logging, monitoring, persistent storage management, and much more. You will learn how in less than 30 minutes a reliable self-healing production-ready Kubernetes cluster may be deployed on AWS and used to host and operate multiple environments and applications.
Kubernetes for Beginners: An Introductory GuideBytemark
An introduction to Kubernetes for beginners. Includes the definition, architecture, benefits and misconceptions of Kubernetes. Written in plain English, ideal for both developers and non-developers who are new to Kubernetes.
Find out more about Kubernetes at Bytemark here: https://www.bytemark.co.uk/managed-kubernetes/
** Kubernetes Certification Training: https://www.edureka.co/kubernetes-certification **
This Edureka tutorial on "Kubernetes Architecture" will give you an introduction to popular DevOps tool - Kubernetes, and will deep dive into Kubernetes Architecture and its working. The following topics are covered in this training session:
1. What is Kubernetes
2. Features of Kubernetes
3. Kubernetes Architecture and Its Components
4. Components of Master Node and Worker Node
5. ETCD
6. Network Setup Requirements
DevOps Tutorial Blog Series: https://goo.gl/P0zAfF
A Comprehensive Introduction to Kubernetes. This slide deck serves as the lecture portion of a full-day Workshop covering the architecture, concepts and components of Kubernetes. For the interactive portion, please see the tutorials here:
https://github.com/mrbobbytables/k8s-intro-tutorials
Author: Oleg Chunikhin, www.eastbanctech.com
Kubernetes is a portable open source system for managing and orchestrating containerized cluster applications. Kubernetes solves a number of DevOps related problems out of the box in a simple and unified way – rolling updates and update rollback, canary deployment and other complicated deployment scenarios, scaling, load balancing, service discovery, logging, monitoring, persistent storage management, and much more. You will learn how in less than 30 minutes a reliable self-healing production-ready Kubernetes cluster may be deployed on AWS and used to host and operate multiple environments and applications.
Kubernetes for Beginners: An Introductory GuideBytemark
An introduction to Kubernetes for beginners. Includes the definition, architecture, benefits and misconceptions of Kubernetes. Written in plain English, ideal for both developers and non-developers who are new to Kubernetes.
Find out more about Kubernetes at Bytemark here: https://www.bytemark.co.uk/managed-kubernetes/
** Kubernetes Certification Training: https://www.edureka.co/kubernetes-certification **
This Edureka tutorial on "Kubernetes Architecture" will give you an introduction to popular DevOps tool - Kubernetes, and will deep dive into Kubernetes Architecture and its working. The following topics are covered in this training session:
1. What is Kubernetes
2. Features of Kubernetes
3. Kubernetes Architecture and Its Components
4. Components of Master Node and Worker Node
5. ETCD
6. Network Setup Requirements
DevOps Tutorial Blog Series: https://goo.gl/P0zAfF
A Comprehensive Introduction to Kubernetes. This slide deck serves as the lecture portion of a full-day Workshop covering the architecture, concepts and components of Kubernetes. For the interactive portion, please see the tutorials here:
https://github.com/mrbobbytables/k8s-intro-tutorials
Join us to learn the concepts and terminology of Kubernetes such as Nodes, Labels, Pods, Replication Controllers, Services. After taking a closer look at the Kubernetes master and the nodes, we will walk you through the process of building, deploying, and scaling microservices applications. Each attendee gets $100 credit to start using Google Container Engine. The source code is available at https://github.com/janakiramm/kubernetes-101
A basic introductory slide set on Kubernetes: What does Kubernetes do, what does Kubernetes not do, which terms are used (Containers, Pods, Services, Replica Sets, Deployments, etc...) and how basic interaction with a Kubernetes cluster is done.
Kubernetes Concepts And Architecture Powerpoint Presentation SlidesSlideTeam
Get these visually appealing Kubernetes Concepts And Architecture PowerPoint Presentation Slides to discuss the process of operating containerized applications. You can display the need for containers by the company with the help of an open-source architecture PPT slideshow. The architecture of containers can be demonstrated with the help of a visually appealing PPT slideshow. The reasons for opting for Kubernetes by an organization can be explained to your teammates with the help of containers PowerPoint infographics. Highlight the roadmap for installing Kubernetes in the organization by using content-ready PPT slides. Take the assistance of visually appealing PPT templates to depict the major advantages of Kubernetes such as improving productivity, the stability of application run, and many more. After that, display 30 60 90 days plan to implement Kubernetes in the organization. Display the key components of Kubernetes with the help of a diagram using this professionally designed cluster architecture PPT layouts. Describe the functionality of each components of Kubernetes. Hence, download Kubernetes architecture PPT slides to easily and efficiently manage the clusters. https://bit.ly/34DWa7x
This presentation covers how app deployment model evolved from bare metal servers to Kubernetes World.
In addition to theoretical information, you will find free KATACODA workshops url to perform practices to understand the details of the each topics.
History and Basics of containers, LXC, Docker and Kubernetes. This presentation is given to Engineering colleage students at VIT DevFest 2018. Beginner to Intermediate level.
Unique course notes for the Certified Kubernetes Administrator (CKA) for each section of the exam. Designed to be engaging and used as a reference in the future for kubernetes concepts.
Traditional virtualization technologies have been used by cloud infrastructure providers for many years in providing isolated environments for hosting applications. These technologies make use of full-blown operating system images for creating virtual machines (VMs). According to this architecture, each VM needs its own guest operating system to run application processes. More recently, with the introduction of the Docker project, the Linux Container (LXC) virtualization technology became popular and attracted the attention. Unlike VMs, containers do not need a dedicated guest operating system for providing OS-level isolation, rather they can provide the same level of isolation on top of a single operating system instance.
An enterprise application may need to run a server cluster to handle high request volumes. Running an entire server cluster on Docker containers, on a single Docker host could introduce the risk of single point of failure. Google started a project called Kubernetes to solve this problem. Kubernetes provides a cluster of Docker hosts for managing Docker containers in a clustered environment. It provides an API on top of Docker API for managing docker containers on multiple Docker hosts with many more features.
Kubernetes is designed to be an extensible system. But what is the vision for Kubernetes Extensibility? Do you know the difference between webhooks and cloud providers, or between CRI, CSI, and CNI? In this talk we will explore what extension points exist, how they have evolved, and how to use them to make the system do new and interesting things. We’ll give our vision for how they will probably evolve in the future, and talk about the sorts of things we expect the broader Kubernetes ecosystem to build with them.
Join us to learn the concepts and terminology of Kubernetes such as Nodes, Labels, Pods, Replication Controllers, Services. After taking a closer look at the Kubernetes master and the nodes, we will walk you through the process of building, deploying, and scaling microservices applications. Each attendee gets $100 credit to start using Google Container Engine. The source code is available at https://github.com/janakiramm/kubernetes-101
A basic introductory slide set on Kubernetes: What does Kubernetes do, what does Kubernetes not do, which terms are used (Containers, Pods, Services, Replica Sets, Deployments, etc...) and how basic interaction with a Kubernetes cluster is done.
Kubernetes Concepts And Architecture Powerpoint Presentation SlidesSlideTeam
Get these visually appealing Kubernetes Concepts And Architecture PowerPoint Presentation Slides to discuss the process of operating containerized applications. You can display the need for containers by the company with the help of an open-source architecture PPT slideshow. The architecture of containers can be demonstrated with the help of a visually appealing PPT slideshow. The reasons for opting for Kubernetes by an organization can be explained to your teammates with the help of containers PowerPoint infographics. Highlight the roadmap for installing Kubernetes in the organization by using content-ready PPT slides. Take the assistance of visually appealing PPT templates to depict the major advantages of Kubernetes such as improving productivity, the stability of application run, and many more. After that, display 30 60 90 days plan to implement Kubernetes in the organization. Display the key components of Kubernetes with the help of a diagram using this professionally designed cluster architecture PPT layouts. Describe the functionality of each components of Kubernetes. Hence, download Kubernetes architecture PPT slides to easily and efficiently manage the clusters. https://bit.ly/34DWa7x
This presentation covers how app deployment model evolved from bare metal servers to Kubernetes World.
In addition to theoretical information, you will find free KATACODA workshops url to perform practices to understand the details of the each topics.
History and Basics of containers, LXC, Docker and Kubernetes. This presentation is given to Engineering colleage students at VIT DevFest 2018. Beginner to Intermediate level.
Unique course notes for the Certified Kubernetes Administrator (CKA) for each section of the exam. Designed to be engaging and used as a reference in the future for kubernetes concepts.
Traditional virtualization technologies have been used by cloud infrastructure providers for many years in providing isolated environments for hosting applications. These technologies make use of full-blown operating system images for creating virtual machines (VMs). According to this architecture, each VM needs its own guest operating system to run application processes. More recently, with the introduction of the Docker project, the Linux Container (LXC) virtualization technology became popular and attracted the attention. Unlike VMs, containers do not need a dedicated guest operating system for providing OS-level isolation, rather they can provide the same level of isolation on top of a single operating system instance.
An enterprise application may need to run a server cluster to handle high request volumes. Running an entire server cluster on Docker containers, on a single Docker host could introduce the risk of single point of failure. Google started a project called Kubernetes to solve this problem. Kubernetes provides a cluster of Docker hosts for managing Docker containers in a clustered environment. It provides an API on top of Docker API for managing docker containers on multiple Docker hosts with many more features.
Kubernetes is designed to be an extensible system. But what is the vision for Kubernetes Extensibility? Do you know the difference between webhooks and cloud providers, or between CRI, CSI, and CNI? In this talk we will explore what extension points exist, how they have evolved, and how to use them to make the system do new and interesting things. We’ll give our vision for how they will probably evolve in the future, and talk about the sorts of things we expect the broader Kubernetes ecosystem to build with them.
Containers are everywhere these days. Many of us are containerizing our applications to take advantage of the ease of a single artifact, but what can we do to make deploying these containers to a fleet of servers easier? Kubernetes is arguably the most popular container orchestration system to date. Kubernetes was born out of a decade of research at Google and has seen success; by itself as a fantastic way to orchestrate containers across multiple machines and as a component in other platforms.
This talk will begin with the anatomy and setup of a Kubernetes cluster. We'll demonstrate (live) taking a container containing a simple web service and launch our application into a small Kubernetes cluster. Next we'll perform a rolling update to deploy a new container version with zero downtime. Also, we'll check out some cool debugging features Kubernetes provides over the course of our demo.
A brief study on Kubernetes and its componentsRamit Surana
Kubernetes is an open source orchestration system for Docker containers. It handles scheduling onto nodes in a compute cluster and actively manages workloads to ensure that their state matches the users declared intentions. Using the concepts of "labels" and "pods", it groups the containers which make up an application into logical units for easy management and discovery.
Build Your Own CaaS (Container as a Service)HungWei Chiu
In this slide, I introduce the kubernetes and show an example what is CaaS and what it can provides.
Besides, I also introduce how to setup a continuous integration and continuous deployment for the CaaS platform.
An Introduction to Kubernetes and Continuous Delivery FundamentalsAll Things Open
Presented at All Things Open RTP Meetup
Presented by Brad Topol
Title: An Introduction to Kubernetes and Continuous Delivery Fundamentals
Abstract: Kubernetes is a cloud infrastructure that has emerged as the de facto standard platform for managing, orchestrating, and provisioning container-based cloud native computing applications. Cloud native computing applications are built from a collection of smaller services and take advantage of the speed of development and scalability cloud computing environments provide. In this talk, we provide an overview of the fundamentals of Kubernetes. We begin with a short introduction to the concept of containers and describe the Kubernetes architecture. We then present several core features provided by Kubernetes such as Pods, ReplicaSets, Deployments, Service objects, and autoscaling capabilities. We conclude with a discussion of Kubernetes continuous delivery fundamentals and tools, including how to do small batch changes, source control, and developer access to production-like environments.
Dev opsec dockerimage_patch_n_lifecyclemanagement_kanedafromparis
Lors de cette présentation, nous allons dans un premier temps rappeler la spécificité de docker par rapport à une VM (PID, cgroups, etc) parler du système de layer et de la différence entre images et instances puis nous présenterons succinctement kubernetes.
Ensuite, nous présenterons un processus « standard » de propagation d’une version CI/CD (développement, préproduction, production) à travers les tags docker.
Enfin, nous parlerons des différents composants constituant une application docker (base-image, tooling, librairie, code).
Une fois cette introduction réalisée, nous parlerons du cycle de vie d’une application à travers ses phases de développement, BAU pour mettre en avant que les failles de sécurité en période de développement sont rapidement corrigées par de nouvelles releases, mais pas nécessairement en BAU où les releases sont plus rares. Nous parlerons des diverses solutions (jfrog Xray, clair, …) pour le suivie des automatique des CVE et l’automatisation des mises à jour. Enfin, nous ferons un bref retour d’expérience pour parler des difficultés rencontrées et des propositions d’organisation mises en oeuvre.
Cette présentation bien qu’illustrée par des implémentations techniques est principalement organisationnelle.
Salvatore Incandela, Fabio Marinelli - Using Spinnaker to Create a Developmen...Codemotion
Out of the box Kubernetes is an Operations platform which is great for flexibility but creates friction for deploying simple applications. Along comes Spinnaker which allows you to easily create custom workflows for testing, building, and deploying your application on Kubernetes. Salvatore Incandela and Fabio Marinelli will give an introduction to Containers and Kubernetes and the default development/deployment workflows that it enables. They will then show you how you can use Spinnaker to simplify and streamline your workflow and help provide a full #gitops style CI/CD.
Oscon 2017: Build your own container-based system with the Moby projectPatrick Chanezon
Build your own container-based system
with the Moby project
Docker Community Edition—an open source product that lets you build, ship, and run containers—is an assembly of modular components built from an upstream open source project called Moby. Moby provides a “Lego set” of dozens of components, the framework for assembling them into specialized container-based systems, and a place for all container enthusiasts to experiment and exchange ideas.
Patrick Chanezon and Mindy Preston explain how you can leverage the Moby project to assemble your own specialized container-based system, whether for IoT, cloud, or bare-metal scenarios. Patrick and Mindy explore Moby’s framework, components, and tooling, focusing on two components: LinuxKit, a toolkit to build container-based Linux subsystems that are secure, lean, and portable, and InfraKit, a toolkit for creating and managing declarative, self-healing infrastructure. Along the way, they demo how to use Moby, LinuxKit, InfraKit, and other components to quickly assemble full-blown container-based systems for several use cases and deploy them on various infrastructures.
OSS Japan 2019 service mesh bridging Kubernetes and legacySteve Wong
how to join legacy VMs and bare metal machines to a Kubernetes service mesh so that VMs can consume Kubernetes services AND publish services used by Kubernetes hosted applications
Kube Overview and Kube Conformance Certification OpenSource101 RaleighBrad Topol
This is my Introduction to Kubernetes and Overview of the Kubernetes Conformance Certification Program talk presented at OpenSource101 Raleigh on Feb 17, 2018
- Archeology: before and without Kubernetes
- Deployment: kube-up, DCOS, GKE
- Core Architecture: the apiserver, the kubelet and the scheduler
- Compute Model: the pod, the service and the controller
The slide deck was used during the Azure user group meet up on 16th August 2018. It is part of Hands on Lab for learning Azure Kubernetes Service. The talk demonstrated usage of Minikube to test Kubernetes manifest files using a single node cluster. The features covered as part of hands on demo included Namespaces, Pods, Deployment, Service, StatefulSets.
Kubernetes Cluster API - managing the infrastructure of multi clusters (k8s ...Tobias Schneck
Thanks to tools like kubeadm, Terraform or Ansible setting up a Kubernetes cluster on a dedicated environment is getting reachable, but what’s about setting up a bunch of cluster in multiple clouds in automatic way? This is still a challenge. Also if you want to do same in your own datacenter. In this talk we will take a look to the approach to orchestrate and manage a whole set of k8s cluster by the Cluster API project of kubernetes (a subproject of sig-cluster-lifecycle). The main idea behind it is to use the Kubernetes API itself to manage multiple clusters with there master and worker nodes in same way you would manage your PODs - define the needed resources and the responsible controller will take care for providing it.
After an overview about the concepts of cluster API, I will show what’s needed to implement a cluster API conform machine class/deployment. There I will see that adding your own provider isn’t that hard as you may aspect. At the end of the day it just requires a simple interface to implement. The corresponding kubermatic controllers we implemented at Loodse are available as open source, so its possible to play around with it. A live demo will show how easy it is to spin up and maintain multiple Kubernetes cluster at different public and on-premise cloud providers over one managing cluster. A final wrap up will summarize the current state of the Cluster API project and the advantages of managing clusters as cattles instead of pets.
Similar to Hands-On Introduction to Kubernetes at LISA17 (20)
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
4. Intro Survey / Who are you?
1. Are you doing anything with containers today?
2. Do you have any experience using Kubernetes?
3. Do you consider yourself to be basically proficient with the
kubectl cli tool?
4. Can you name five basic primitives or resource types?
5. Can you name five architectural components provided by
Kubernetes?
5. LISA17 S1 Training Prep
Bring a laptop with the following items pre-installed:
1.
2.
3.
4.
kubectl
minikube
docker
git
6. Install kubectl
Installation on linux/amd64:
Installation on macOS:
For other platforms, consult the o icial
To verify kubectl availability, try running:
curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s
curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s
kubectl setup guide
kubectl help
7. Install minikube
Installation on linux/amd64:
Installation on macOS:
For other platforms, see the
Optionally, customize your cluster's memory or cpu allocation:
to verify minikube availability:
curl -Lo minikube https://storage.googleapis.com/minikube/releases/latest/min
curl -Lo minikube https://storage.googleapis.com/minikube/releases/latest/min
minikube release notes
minikube config set memory 4096
minikube config set cpus 2
minikube version
8. Minikube Basics
minikube provides an easy way to run Kubernetes locally:
When you are done, halt the VM to free up system resources:
Need a fresh start? Delete your VM instance with:
minikube start
minikube stop
minikube delete
9. Minikube troubleshooting
If your minikube environment does not boot correctly:
1. Minikube requires an OS virtualization back-end
2. Most OSes include some support for virtualization
3. You can use the flag to select a specific virt
provider
Check the project for more information about
Still stuck? Consider signing up for OpenShi Starter or GKE:
bit.ly/k8s-gcloud
--vm-driver
minikube start --vm-driver=virtualbox
README supported
virtualization plugins
10. Install docker
Download and install a binary from
Or, use a package manager to install:
To verify docker availability:
To , run:
the docker store
brew install docker
docker version
reference minikube's docker daemon from your host
eval $(minikube docker-env)
11. Install git
Install git using the instructions here:
To verify git availability, run:
https://git-scm.com/book/en/v2/Getting-Started-Installing-Git
git version
12. Ready?
Verify that your local Kubernetes environment is ready by running:
The output should include your kubectl version info, and the
release version of the kubernetes API server (when available)
kubectl version
16. Kubernetes is...
1. An open source platform for running container-based distributed
solutions, featuring a modular, HA systems architecture
2. The best way to actively manage distributed solutions at scale,
based on years of industry expertise (Google-scale experience)
3. An extensible distributed-solutions modeling language with a
huge community following
4. A multi-vendor e ort to eliminate cloud lock-in through the
adoption of "cloud native" solutions (capable of runnning on any
infrastructure)
17. Kubernetes provides…
An API
API object primitives include the following attributes:
*mostly true
kind
apiVersion
metadata
spec
status
19. Node
A node is a host machine (physical or virtual) where containerized
processes run.
Node activity is managed via one or more Master instances.
20. Try using kubectl to list resources by type:
Request the same info, but output the results as structured yaml:
Fetch an individual resource by type/id, output as json:
View human-readable API output:
kubectl get nodes
kubectl get nodes -o yaml
kubectl get node/minikube -o json
kubectl describe node/minikube
21. Observations:
Designed to exist on multiple machines (distributed
system)
high availability of nodes
platform scale out
The API ambidextriously supports both json and yaml
22. Pod
A group of one or more co-located containers. Pods represent your
minimum increment of scale.
"Pods Scale together, and they Fail together"
@theSteve0
23. List resources by type:
Create a new resource based on a json object specification:
List resources by type:
Fetch a resource by type and id, output the results as yaml:
Notice any changes?
kubectl get pods
curl https://raw.githubusercontent.com/ryanj/metrics-k8s/master/pod.json
kubectl create -f https://raw.githubusercontent.com/ryanj/metrics-k8s/master/
kubectl get pods
kubectl get pod metrics-k8s -o yaml
24. Observations:
pods are scheduled to be run on nodes
asyncronous fulfilment of requests
declarative specifications
automatic health checks, lifecycle management for containers
(processes)
25. Service
Services (svc) establish a single endpoint for a collection of
replicated pods, distributing inbound tra ic based on label
selectors
In our K8s modeling language they represent a load balancer. Their
implementation o en varies per cloud provider
26. Contacting your App
Expose the pod by creating a new service (or "loadbalancer"):
Contact your newly-exposed pod using the associated service id:
Schedule a pod to be deleted:
Contact the related service. What happens?:
Delete the service:
kubectl expose pod/metrics-k8s --port 2015 --type=NodePort
minikube service metrics-k8s
kubectl delete pod metrics-k8s
minikube service metrics-k8s
kubectl delete service metrics-k8s
29. Create a specification for your deployment:
View the generated deployment spec file:
Bug?:You may need to edit this file, adding "---" (on it's own line)
between resource 1 and resource 2 for a workaround.
Can you think of another way to fix this issue? json compatible?
kubectl run metrics-k8s --image=quay.io/ryanj/metrics-k8s
--expose --port=2015 --service-overrides='{ "spec": { "type": "NodePort" } }'
--dry-run -o yaml > deployment.yaml
cat deployment.yaml
30. Create a new resource based on your yaml specification:
List resources by type:
Connect to your new deployment via the associated service id:
kubectl create -f deployment.yaml
kubectl get po,svc
minikube service metrics-k8s
31. Replication
Scale up the metrics-k8s deployment to 3 replicas:
List pods:
kubectl scale deploy/metrics-k8s --replicas=3
kubectl get po
32. Edit deploy/metrics-k8s, setting spec.replicas to 5:
Save and quit. What happens?
kubectl edit deploy/metrics-k8s -o json
kubectl get pods
33. AutoRecovery
Watch for changes to pod resources:
In another terminal, delete several pods by id:
What happend? How many pods remain?
kubectl get pods --watch
kubectl delete pod $(kubectl get pods | grep ^metrics-k8s | cut -f1 -s -d' '
kubectl get pods
36. Watch deployments (leave this running until the 'cleanup' section):
View the current state of your deployment:
kubectl get deploy --watch
minikube service metrics-k8s
37. Rollouts
Update your deployment's image spec to rollout a new release:
Reload your browser to view the state of your deployment
kubectl set image deploy/metrics-k8s metrics-k8s=quay.io/ryanj/metrics-k8s:v1
kubectl get rs,deploy
38. Rollbacks
View the list of previous rollouts:
Rollback to the previous state:
Reload your browser to view the state of your deployment
kubectl rollout history deploy/metrics-k8s
kubectl rollout undo deployment metrics-k8s
39. Cleanup
Cleanup old resources if you don't plan to use them:
Close any remaining --watch listeners
kubectl delete service,deployment metrics-k8s
40. Observations:
The API allows for watch operations (in addition to get, set, list)
ReplicaSets provide lifecycle management for pod resources
Deployments create ReplicaSets to manage pod replication per
rollout (per change in podspec: image:tag, environment vars)
43. Kubernetes is designed ...
1. for managing distributed solutions at scale, based on years of
industry expertise (Google-scale experience)
2. for high availabilty of the control plane and user workloads
(when using pod replication), avoiding most single points of
failure
3. with a modular control plane architecture, allowing many peices
to be replaced without disrupting workload availability
4. to persist all of it's internal platform state within an etcd
database
49. API outage simulation
Example borrowed from
:
Brandon Philips' "Fire Drills" from OSCON
2016
https://github.com/philips/2016-OSCON-containers-at-scale-with-
Kubernetes#fire-drills
50. Create a pod and a service. Verify that the service is responding.
ssh into minikube, kill the control plane:
Use kubectl to list pods:
The API server is down!
Reload your service. Are your pods still available?
kubectl run metrics-k8s --image=quay.io/ryanj/metrics-k8s
--expose --port=2015 --service-overrides='{ "spec": { "type": "NodePort" } }'
minikube service metrics-k8s
minikube ssh
ps aux | grep "localkube"
sudo killall localkube
logout
kubectl get pods
The connection to the server mycluster.example.com was refused - did you spec
51. Kubelet
Runs on each node, listens to the API for new items with a matching
NodeName
53. Bypass the Scheduler
Create two pods:
View events:
Did both pods get scheduled? run?
kubectl create -f https://raw.githubusercontent.com/ryanj/metrics-k8s/master/
kubectl create -f https://gist.githubusercontent.com/ryanj/893e0ac5b3887674f8
kubectl get events
58. K8s Controllers
Controllers work to regulate the declarative nature of the platform
state, reconsiling imbalances via a basic control loop
Kubernetes allows you to introduce your own custom controllers!
https://kubernetes.io/docs/admin/kube-controller-manager/
63. Kubernetes provides portable abstractions for working with
distributed solitions:
1. standardized packaging (containers, volumes,
pods)
2. load balancing (services)
3. scaling automation (replica sets)
Need any of these for local development?
64. Why run K8s locally?
As web development is increasingly being carried out using
container-based microservices:
1. ability to o er reproducible development environments
reduce onboarding time for new devs
2. minimize deltas between dev and prod environments
fewer surprises when promoting code leads to faster velocity
3. decentralize your release pipeline, allow CI test suites to be run
locally
provide functional / systems-integration feedback earlier in
the dev lifecycle
4. potenial for fully o line development
<expanding brain meme>
65. Local Development Checklist:
1. - show someone new how to run the :latest
release
2. - review changes and iterate on a solution
3. - build and deploy
4. - git push
onboarding
preview changes
test changes
promote changes
67. Onboarding - Yesterday's Jam
1. git clone https://github.com/ryanj/metrics-
k8s
2. cd metrics-k8s
3. npm install
4. npm start
68. Onboarding - Add K8s
Generate kubernetes deployment and service specifications,
both named metrics-review:
kubectl run metrics-review --image=quay.io/ryanj/metrics-k8s
--expose --port=2015 --service-overrides='{ "spec": { "type": "NodePort" } }'
--dry-run -o yaml > metrics-review.yaml
69. Onboarding - deploy :latest
Test your generated spec:
Minikube users will be able to open the resulting service in their
browser by running:
kubectl create -f metrics-review.yaml
minikube service metrics-review
71. Preview - local files
First, share your local clone of metrics-k8s with minikube:
minikube mount $(pwd):/var/www/html
72. Preview - hostPath
Next, produce a new deployment spec that includes (minimal)
support for live development workflows:
1. cp metrics-review.yaml metrics-
dev.yaml
2. replace metrics-review with metrics-dev
(global)
3. Add a hostPort volume to access your local repo:
spec:
containers:
- image: quay.io/ryanj/metrics-k8s
name: metrics-dev
ports:
- containerPort: 2015
resources: {}
+ volumeMounts:
+ - mountPath: /var/www/html
+ name: metrics-src
+ volumes:
+ - name: metrics-src
+ hostPath:
73. Preview
The resulting file should look just like the included
file from the metrics-k8s git repo.
Try launching it with:
metrics-
dev.yaml
kubectl create -f metrics-dev.yaml
74. Preview
Verify that any changes written to your local repo become
immediately visible when reloading your browser window:
1. view your latest
2. make a change to
index.html
3. reload your browser
minikube service metrics-dev
76. Test - Rollout
1. Verify that
2. Run a build
3. Update metrics-review.yaml, setting the container
image to:
4. Apply the changes locally:
5. Check your latest before promoting:
your docker-env is configured for minikube
docker build . -t yourname/metrics-k8s:v1
yourname/metrics-k8s:v1
kubectl apply -f metrics-review.yaml
minikube service metrics-review
80. Resources
1. Training materials to-go:
2. Home:
3. Docs:
4. Community:
5. eBook:
6. eBook:
7. eBook:
8. eBook:
bit.ly/k8s-workshops
kubernetes.io
K8s documentation
K8s Special Interest Groups (SIGs)
Kubernetes: Scheduling the Future at Cloud Scale
Docker Security: Using Containers Safely in
Production
Microservices vs. Service-Oriented Architecture
OpenShi for Developers
81. Exit Survey
1. Have you ever developed using containers?
2. Do you have any experience using Kubernetes?
3. Do you consider yourself to be basically proficient with the
kubectl cli tool?
4. Can you name five basic primitives or resource types?
5. Can you name five pieces of k8s architecture?
6. Are you prepared to onboard a new web dev?
82. Congratulations!
on completing the
[S1] Hands-on Intro to Kubernetes
tutorial at #LISA17 in SF
Please remember to complete your tutorial evaluation!
bit.ly/lisa17-k8s