Join Our Party: The Cloud Native Adventure Brigade (Kubernetes Belgium 2019)

@bridgetkromhout #msdevbe
Join Our Party!
the Cloud Native
Adventure Brigade

lives:
Minneapolis,
Minnesota
works:
Microsoft
podcasts:
Arrested
DevOps
organizes:
devopsdays
Bridget Kromhout

10 years of #devopsdays
2010 20112009 2012 2013 2014 2015 2016 2017 2018 2019

landscape.cncf.io

complexity
intensiﬁes
(blame
chaos
kittens)

cloud native trail map
containerization
CI/CD
orchestration & application deﬁnition
observability & analysis
service proxy, discovery, & mesh
networking & policy
…and more at landscape.cncf.io

once upon a time…

containers family album

consistent development repeatable deployment
containers solve problems

containers solve problemsdon’t
all

Image credit: James Ernest
microservices murder mystery

@bridgetkromhout
An event-driven, portable runtime for building
microservices on cloud and edge.
#msdevbedapr.io

GitHub & Azure Pipelines for CI/CD
Image credit:
Ashley McNamara

“Kubernetes is an open-source
platform designed to automate
deploying, scaling, and operating
application containers."
Initial release: 7 June 2014

Deploy k8s clusters, pods, and services!
Find modules: https://registry.terraform.io/
Providers include Azure & Azure Stack, as
well as other clouds.

aka.ms/k8slearning
Azure Kubernetes Service (AKS)

•allows serverless resources to join a
Kubernetes cluster

•serverless cloud container services
appear as virtual nodes via Virtual
Kubelet providers

•enables capacity on demand,
without delays or pre-provisioning

virtual-kubelet.io

@bridgetkromhout #msdevbeopenappmodel.io
A team-centric standard for
building cloud native apps.
Open Application Model
Developers
Define application
components Application operators
Create and configure
application components Infrastructure operators
Declare, install, maintain
platform services
Rudr: OAM for k8s

@bridgetkromhout #msdevbehelm.sh

Find, share, and use software built for k8s
Manage complexity Easy updates
Simple sharing Rollbacks
helm.sh

invalid k8s resources
$ helm install stable/nginx-ingress --set
controller.replicaCount=two
Error: release estranged-arachnid failed:
Deployment in version "v1beta1" cannot be handled
as a Deployment: v1beta1.Deployment.Spec:
v1beta1.DeploymentSpec.Replicas: readUint32:
unexpected character: , error found in #10 byte
of ...|eplicas":"two","revi|..., bigger
context ...|default"},"spec":{"minReadySeconds":
0,"replicas":"two","revisionHistoryLimit":
10,"strategy":{},"temp|...

$ helm plugin install https://
github.com/instrumenta/helm-kubeval
kubeval: install as Helm plugin
@garethr - kubeval.instrumenta.dev

kubeval: ﬁnd invalid deployments
$ helm kubeval stable/nginx-ingress --set
controller.replicaCount=two
[…]
The file nginx-ingress/templates/controller-
deployment.yaml contains an invalid Deployment
---> spec.replicas: Invalid type. Expected:
[integer,null], given: string
The file nginx-ingress/templates/default-backend-
deployment.yaml contains a valid Deployment
[…]
Error: plugin "kubeval" exited with error

Run scriptable, automated tasks in the cloud — as part of
your Kubernetes cluster
Simple, powerful pipes
Each project gets a brigade.js
config file, which is where you
can write dynamic, interwoven
pipelines and tasks for your
Kubernetes cluster
Runs inside your cluster
By running Brigade as a
service inside your Kubernetes
cluster, you can harness the
power of millions of available
Docker images
brigade.sh

Spec for packaging distributed apps
CNAB: package distributed apps
CNABs facilitate the bundling,
installing and managing of
container-native apps — and
their coupled services
Cloud Native Application Bundle
cnab.io

Duffle
Install and manage distributed app bundles
Duffle: install & manage
distributed app bundles
Simple CLI to interact with
CNAB, for use with your
clouds and services of choice
duffle.sh

A friendlier cloud installer
Install your app and its baggage
Bundle up not just the app,
but everything it needs to run
in the cloud
Build bundles smarter, not harder
Use mixins for common tools
and clouds, and depend on
existing bundles.
Surprise! It does package
management too
Package and version your
bundle, then distribute it for
others to use.
porter.sh

- View & manage Kubernetes clusters

- Build & run containers from Dockerﬁles

- Intellisense for Kubernetes & Helm resources

- Works anywhere (Azure, Minikube, KIND, AWS, GCP, etc)

Service Mesh Interface
A Kubernetes interface that provides traffic
routing, traffic telemetry, and traffic policy
Apps Tooling Ecosystem
Standardized
Standard interface for  
service mesh on Kubernetes
Simplified
Basic feature set to address
most common scenarios
Extensible
Support for new features as
they become widely available
…and more
Service Mesh Interface
smi-spec.io

demo: trafﬁc split with Istio

openpolicyagent.org
Policy-based control
specified declaratively &
enforced automatically
Update without recompiling
or redeploying
Integrate as a sidecar, host-
level daemon, or library.
Open Policy Agent
Improve consistency,
security, compliance

demo: gatekeeper

conftest
openpolicyagent.org
Open Policy Agent
https://garethr.dev/2019/06/introducing-conftest/
Policy-based control
specified declaratively &
enforced automatically
Write policy in OPA native
query language Rego
test locally against structured conﬁguration data (uses Rego)
(enforced server-side: PodSecurityPolicy, Gatekeeper, etc)

$ helm conftest stable/nginx-ingress
FAIL - nginx-ingress-controller in the Deployment
release-name-nginx-ingress-controller does not have
a memory limit set
FAIL - nginx-ingress-controller in the Deployment
release-name-nginx-ingress-controller does not have
a CPU limit set
[…]
Error: plugin "conftest" exited with error
conftest: fail if non-compliant with policy

conftest: succeed when explicitly setting limits
$ helm conftest stable/nginx-ingress/ —set
controller.resources.limits.cpu=100m,controller
.resources.limits.memory=64Mi
$

open source
needs you!
Join the Adventure!
phippy.io

To learn more…
Cloud Native Tooling
deislabs.io
Container Training
container.training
What is Kubernetes?
aka.ms/k8slearning
VS Code extension for k8s
azure.github.io/vscode-kubernetes-tools

Thanks!
Cloud Native Tooling
deislabs.io
Container Training
container.training
What is Kubernetes?
aka.ms/k8slearning
VS Code extension for k8s
azure.github.io/vscode-kubernetes-tools

Join Our Party: The Cloud Native Adventure Brigade (Kubernetes Belgium 2019)

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Join Our Party: The Cloud Native Adventure Brigade (Kubernetes Belgium 2019)

Similar to Join Our Party: The Cloud Native Adventure Brigade (Kubernetes Belgium 2019) (20)

More from bridgetkromhout

More from bridgetkromhout (20)

Recently uploaded

Recently uploaded (20)

Join Our Party: The Cloud Native Adventure Brigade (Kubernetes Belgium 2019)