18. @bridgetkromhout #msdevbe
“Kubernetes is an open-source
platform designed to automate
deploying, scaling, and operating
application containers."
Initial release: 7 June 2014
19. @bridgetkromhout #msdevbe
Deploy k8s clusters, pods, and services!
Find modules: https://registry.terraform.io/
Providers include Azure & Azure Stack, as
well as other clouds.
21. @bridgetkromhout #msdevbe
•allows serverless resources to join a
Kubernetes cluster
•serverless cloud container services
appear as virtual nodes via Virtual
Kubelet providers
•enables capacity on demand,
without delays or pre-provisioning
virtual-kubelet.io
22. @bridgetkromhout #msdevbeopenappmodel.io
A team-centric standard for
building cloud native apps.
Open Application Model
Developers
Define application
components Application operators
Create and configure
application components Infrastructure operators
Declare, install, maintain
platform services
Rudr: OAM for k8s
27. @bridgetkromhout #msdevbe
kubeval: find invalid deployments
$ helm kubeval stable/nginx-ingress --set
controller.replicaCount=two
[…]
The file nginx-ingress/templates/controller-
deployment.yaml contains an invalid Deployment
---> spec.replicas: Invalid type. Expected:
[integer,null], given: string
The file nginx-ingress/templates/default-backend-
deployment.yaml contains a valid Deployment
[…]
Error: plugin "kubeval" exited with error
28. @bridgetkromhout #msdevbe
Run scriptable, automated tasks in the cloud — as part of
your Kubernetes cluster
Simple, powerful pipes
Each project gets a brigade.js
config file, which is where you
can write dynamic, interwoven
pipelines and tasks for your
Kubernetes cluster
Runs inside your cluster
By running Brigade as a
service inside your Kubernetes
cluster, you can harness the
power of millions of available
Docker images
brigade.sh
29. @bridgetkromhout #msdevbe
Spec for packaging distributed apps
CNAB: package distributed apps
CNABs facilitate the bundling,
installing and managing of
container-native apps — and
their coupled services
Cloud Native Application Bundle
cnab.io
30. @bridgetkromhout #msdevbe
Duffle
Install and manage distributed app bundles
Duffle: install & manage
distributed app bundles
Simple CLI to interact with
CNAB, for use with your
clouds and services of choice
duffle.sh
31. @bridgetkromhout #msdevbe
A friendlier cloud installer
Install your app and its baggage
Bundle up not just the app,
but everything it needs to run
in the cloud
Build bundles smarter, not harder
Use mixins for common tools
and clouds, and depend on
existing bundles.
Surprise! It does package
management too
Package and version your
bundle, then distribute it for
others to use.
porter.sh
32. @bridgetkromhout #msdevbe
- View & manage Kubernetes clusters
- Build & run containers from Dockerfiles
- Intellisense for Kubernetes & Helm resources
- Works anywhere (Azure, Minikube, KIND, AWS, GCP, etc)
33. @bridgetkromhout #msdevbe
cloud native trail map
containerization
CI/CD
orchestration & application definition
observability & analysis
service proxy, discovery, & mesh
networking & policy
…and more at landscape.cncf.io
35. @bridgetkromhout #msdevbe
cloud native trail map
containerization
CI/CD
orchestration & application definition
observability & analysis
service proxy, discovery, & mesh
networking & policy
…and more at landscape.cncf.io
36. @bridgetkromhout #msdevbe
Service Mesh Interface
A Kubernetes interface that provides traffic
routing, traffic telemetry, and traffic policy
Apps Tooling Ecosystem
Standardized
Standard interface for
service mesh on Kubernetes
Simplified
Basic feature set to address
most common scenarios
Extensible
Support for new features as
they become widely available
…and more
Service Mesh Interface
smi-spec.io
46. @bridgetkromhout #msdevbe
conftest
openpolicyagent.org
Open Policy Agent
https://garethr.dev/2019/06/introducing-conftest/
Policy-based control
specified declaratively &
enforced automatically
Write policy in OPA native
query language Rego
test locally against structured configuration data (uses Rego)
(enforced server-side: PodSecurityPolicy, Gatekeeper, etc)
47. @bridgetkromhout #msdevbe
$ helm conftest stable/nginx-ingress
FAIL - nginx-ingress-controller in the Deployment
release-name-nginx-ingress-controller does not have
a memory limit set
FAIL - nginx-ingress-controller in the Deployment
release-name-nginx-ingress-controller does not have
a CPU limit set
[…]
Error: plugin "conftest" exited with error
conftest: fail if non-compliant with policy
51. To learn more…
@bridgetkromhout #msdevbe
Cloud Native Tooling
deislabs.io
Container Training
container.training
What is Kubernetes?
aka.ms/k8slearning
VS Code extension for k8s
azure.github.io/vscode-kubernetes-tools
52. @bridgetkromhout #msdevbe
Thanks!
Cloud Native Tooling
deislabs.io
Container Training
container.training
What is Kubernetes?
aka.ms/k8slearning
VS Code extension for k8s
azure.github.io/vscode-kubernetes-tools