SlideShare a Scribd company logo

Kubernetes at Reddit: An Origin Story - KubeCon NA 2018

G
Gregory Taylor

This session takes the audience through the motivations, the story, and the results of rebasing our infrastructure on Kubernetes. Today, Kubernetes forms the core of our internal Infrastructure "product", which is a paint-by-numbers experience that engineers of all backgrounds make use of. Presented at KubeCon North America in 2018

Software
1 of 38
Download to read offline
Kubernetes at Reddit: An Origin Story Greg Taylor – EM, Reddit Infrastructure /u/gctaylor
What is Reddit?
Something for everyone 5th/20th Alexa Rank (US/World) 400M+ Monthly active users 140K+ Communities 12M+ Posts per month 2B+ Votes per month
Example: /r/kubernetes
Get on with it!
Welcome to early 2016
2016 - The Infrastructure Team ● Provisioned and configured all infrastructure ● Operated most of our systems ● Responded to most incidents
Mid-2016 and onward: The Great Embiggening
Determining the path forward
Service-oriented Architecture (SOA)
Growing pains: Infra team as a bottleneck ● Problem: Eng teams too dependent on Infra team ○ Service provisioning ○ Ongoing operation ○ Debugging and performance work ● Short-term “solution”: Train and deputize infrastructure-oriented teams ○ Allows for more self-sufficiency ○ Only possible for some teams!
One size fits all some Not all teams want to operate the full stack for their service Don’t make me infrastructure! My toaster runs Docker
What do the engineering teams REALLY want?
Service ownership A service owner is empowered and expected to: ● Develop their service from start to finish ● Deploy their service early and often ● Operate their service
Enter: InfraRedd
A service owner should be able to develop, deploy, and operate their service. Regardless of engineering background
Develop: Consistency in services Regardless of language/toolset, the “shape” of each service should be consistent: ● RPC protocol ● Secrets fetching ● Metrics ● Tracing ● Log output format Baseplate: https://baseplate.readthedocs.io
Develop: Service creation Auto-generate starter material: Service sources ● Python/Go/Node service stub ● Dockerfile ● CI configs Helm Charts ● Friends don’t let friends write YAML!
Develop: “Local” development Development is facilitated by Skaffold. Major considerations: ● Accessible to those without deep Kubernetes experience ● As similar to production as possible ● Re-use our standard Charts + images ● Must not exhaust standard dev laptop’s resources
A service owner should be able to develop, deploy, and operate their service. Regardless of engineering background
Deploy: Tests, builds, deploys ● CI runs through Drone a. Tests b. Artifact builds ● Spinnaker handles our deploys a. Standardized pipeline templates b. Renders Helm Charts c. Applies rendered YAML d. Uses V2 Kubernetes provider
Deploy: Standard staging/production flow Staging and production deploy flow: 1. Developer pushes to canonical repo 2. Tests and builds run in CI 3. One of two flows are offered: a. CI triggers a deploy b. Eng manually triggers a deploy
A service owner should be able to develop, deploy, and operate their service. Regardless of engineering background
Operate: Explicitly defined expectations Service owners ● Learn some Kubernetes basics ● Deploy and operate own services Infrastructure team ● Keep the Kubernetes clusters running ● Provision AWS resources, caches, DBs ● Support and advise Product Users
Operate: Paint-by-numbers Enabling service ownership for all backgrounds: ● Take the guesswork out ● Document all the things ● You want to do X? Here’s a guide for that ● Must be supported by training!
● Service owners auth via OpenID Connect ● RBAC policies are group-based ● Namespace per service ● Service owners have full access to their namespace(s) Operate: Service owner permissions
Operate: Guardrails Things that prevent or minimize damage ● Resource limits and Network Policies ○ Built into Kubernetes ● Throttling and circuit breaking ○ Envoy + Istio ● Object and Image policies ○ Open Policy Agent ● Finely scoped RBAC ○ Open Policy Agent
Operate: Oh no! Something exploded! Service owner: 1. Paged for service incident 2. Diagnoses + resolves issue 3. Can summon Infra if needed Infrastructure team: 1. Paged for cluster issues 2. Those never happen. Yep.
Observability by default: ● Metrics ○ Wavefront ● Alerting ○ PagerDuty ● Tracing ○ Zipkin ● Exception/error tracking ○ Sentry ● Central logging and analysis Operate: Observe, Diagnose, Resolve
Operate: Recap Service owners have: ● Explicitly defined responsibilities ● Enough access to own their services ● Guardrails to prevent+limit damage ● Tools needed to respond to and diagnose issues
What does all of this buy us?
A service owner should be is able to develop, deploy, and operate their service. Regardless of engineering background
Infra team: From Operators to Enablers
Kubernetes at Reddit 7 Kubernetes clusters ~30% Of our Engineering teams ~20 Production services 10-20 Deploys a day New services on Kubernetes by default in Q1!
Closing Remarks
reddit.com/jobs
Presenter Info + Resources ● Greg Taylor - Reddit Infrastructure ● /u/gctaylor ● @gctaylor ● github.com/gtaylor ● reddit.com/r/kubernetes ● redditblog.com/topic/technology

Recommended

Develop, deploy, and operate services at reddit scale oscon 2018
Develop, deploy, and operate services at reddit scale oscon 2018Develop, deploy, and operate services at reddit scale oscon 2018
Develop, deploy, and operate services at reddit scale oscon 2018
Gregory Taylor
 
Helm at reddit: from local dev, staging, to production
Helm at reddit: from local dev, staging, to productionHelm at reddit: from local dev, staging, to production
Helm at reddit: from local dev, staging, to production
Gregory Taylor
 
OpenStack and DevOps - DevOps Meetup
OpenStack and DevOps - DevOps MeetupOpenStack and DevOps - DevOps Meetup
OpenStack and DevOps - DevOps Meetup
Opsta
 
Is a ORCHESTRATION a new milestone?
Is a ORCHESTRATION a new milestone?Is a ORCHESTRATION a new milestone?
Is a ORCHESTRATION a new milestone?
Piotr Perzyna
 
GitLab for CI/CD process
GitLab for CI/CD processGitLab for CI/CD process
GitLab for CI/CD process
HYS Enterprise
 
Accelerate your business and reduce cost with OpenStack
Accelerate your business and reduce cost with OpenStackAccelerate your business and reduce cost with OpenStack
Accelerate your business and reduce cost with OpenStack
Opsta
 
How to Become DevOps
How to Become DevOpsHow to Become DevOps
How to Become DevOps
Opsta
 
Get started with gitops and flux
Get started with gitops and fluxGet started with gitops and flux
Get started with gitops and flux
LibbySchulze1
 

Recommended

Develop, deploy, and operate services at reddit scale oscon 2018
Develop, deploy, and operate services at reddit scale oscon 2018Develop, deploy, and operate services at reddit scale oscon 2018
Develop, deploy, and operate services at reddit scale oscon 2018
Gregory Taylor
 
Helm at reddit: from local dev, staging, to production
Helm at reddit: from local dev, staging, to productionHelm at reddit: from local dev, staging, to production
Helm at reddit: from local dev, staging, to production
Gregory Taylor
 
OpenStack and DevOps - DevOps Meetup
OpenStack and DevOps - DevOps MeetupOpenStack and DevOps - DevOps Meetup
OpenStack and DevOps - DevOps Meetup
Opsta
 
Is a ORCHESTRATION a new milestone?
Is a ORCHESTRATION a new milestone?Is a ORCHESTRATION a new milestone?
Is a ORCHESTRATION a new milestone?
Piotr Perzyna
 
GitLab for CI/CD process
GitLab for CI/CD processGitLab for CI/CD process
GitLab for CI/CD process
HYS Enterprise
 
Accelerate your business and reduce cost with OpenStack
Accelerate your business and reduce cost with OpenStackAccelerate your business and reduce cost with OpenStack
Accelerate your business and reduce cost with OpenStack
Opsta
 
How to Become DevOps
How to Become DevOpsHow to Become DevOps
How to Become DevOps
Opsta
 
Get started with gitops and flux
Get started with gitops and fluxGet started with gitops and flux
Get started with gitops and flux
LibbySchulze1
 
DevOps: Coding Defines Monitoring
DevOps: Coding Defines MonitoringDevOps: Coding Defines Monitoring
DevOps: Coding Defines Monitoring
Opsta
 
DevOps: The Future of Software Development
DevOps: The Future of Software DevelopmentDevOps: The Future of Software Development
DevOps: The Future of Software Development
Opsta
 
Meetup 23 - 03 - Application Delivery on K8S with GitOps
Meetup 23 - 03 - Application Delivery on K8S with GitOpsMeetup 23 - 03 - Application Delivery on K8S with GitOps
Meetup 23 - 03 - Application Delivery on K8S with GitOps
Vietnam Open Infrastructure User Group
 
Integracia security do ci cd pipelines
Integracia security do ci cd pipelinesIntegracia security do ci cd pipelines
Integracia security do ci cd pipelines
Juraj Hantak
 
Container world 2019 Canary Release
Container world 2019 Canary ReleaseContainer world 2019 Canary Release
Container world 2019 Canary Release
Billy Yuen
 
Kubernetes: Increasing velocity without sacrificing quality
Kubernetes: Increasing velocity without sacrificing qualityKubernetes: Increasing velocity without sacrificing quality
Kubernetes: Increasing velocity without sacrificing quality
Adam Schepis
 
CI:CD in Lightspeed with kubernetes and argo cd
CI:CD in Lightspeed with kubernetes and argo cdCI:CD in Lightspeed with kubernetes and argo cd
CI:CD in Lightspeed with kubernetes and argo cd
Billy Yuen
 
Cloud Native Islamabad - Getting Closer to Continuous Delivery with Knative
Cloud Native Islamabad - Getting Closer to Continuous Delivery with KnativeCloud Native Islamabad - Getting Closer to Continuous Delivery with Knative
Cloud Native Islamabad - Getting Closer to Continuous Delivery with Knative
Mauricio (Salaboy) Salatino
 
Deployment Strategies
Deployment StrategiesDeployment Strategies
Deployment Strategies
Piotr Perzyna
 
Cloud Native Java in Kubernetes
Cloud Native Java in KubernetesCloud Native Java in Kubernetes
Cloud Native Java in Kubernetes
Mauricio (Salaboy) Salatino
 
The Automated Monolith
The Automated MonolithThe Automated Monolith
The Automated Monolith
Haufe-Lexware GmbH & Co KG
 
What's New in GitLab and Software Development Trends
What's New in GitLab and Software Development TrendsWhat's New in GitLab and Software Development Trends
What's New in GitLab and Software Development Trends
Noa Harel
 
The Power of GitOps with Flux & GitOps Toolkit
The Power of GitOps with Flux & GitOps ToolkitThe Power of GitOps with Flux & GitOps Toolkit
The Power of GitOps with Flux & GitOps Toolkit
Weaveworks
 
What's New for GitLab CI/CD February 2020
What's New for GitLab CI/CD February 2020What's New for GitLab CI/CD February 2020
What's New for GitLab CI/CD February 2020
Noa Harel
 
GitOps w/argocd
GitOps w/argocdGitOps w/argocd
GitOps w/argocd
Jean-Philippe Bélanger
 
GitOps with Gitkube
GitOps with GitkubeGitOps with Gitkube
GitOps with Gitkube
Tirumarai Selvan
 
Case Study: Migration to GitLab (from Bitbucket) at AppsFlyer
Case Study: Migration to GitLab (from Bitbucket) at AppsFlyerCase Study: Migration to GitLab (from Bitbucket) at AppsFlyer
Case Study: Migration to GitLab (from Bitbucket) at AppsFlyer
Noa Harel
 
Enhance Your Kubernetes CI/CD Pipelines With GitLab & Open Source
Enhance Your Kubernetes CI/CD Pipelines With GitLab & Open SourceEnhance Your Kubernetes CI/CD Pipelines With GitLab & Open Source
Enhance Your Kubernetes CI/CD Pipelines With GitLab & Open Source
Nico Meisenzahl
 
Netflix Architecture and Open Source
Netflix Architecture and Open SourceNetflix Architecture and Open Source
Netflix Architecture and Open Source
All Things Open
 
Real World CI/CD with Kubernetes
Real World CI/CD with KubernetesReal World CI/CD with Kubernetes
Real World CI/CD with Kubernetes
Opsta
 
Netflix Open Source: Building a Distributed and Automated Open Source Program
Netflix Open Source: Building a Distributed and Automated Open Source ProgramNetflix Open Source: Building a Distributed and Automated Open Source Program
Netflix Open Source: Building a Distributed and Automated Open Source Program
aspyker
 
Building a Distributed & Automated Open Source Program at Netflix
Building a Distributed & Automated Open Source Program at NetflixBuilding a Distributed & Automated Open Source Program at Netflix
Building a Distributed & Automated Open Source Program at Netflix
All Things Open
 

More Related Content

What's hot

DevOps: Coding Defines Monitoring
DevOps: Coding Defines MonitoringDevOps: Coding Defines Monitoring
DevOps: Coding Defines Monitoring
Opsta
 
DevOps: The Future of Software Development
DevOps: The Future of Software DevelopmentDevOps: The Future of Software Development
DevOps: The Future of Software Development
Opsta
 
Meetup 23 - 03 - Application Delivery on K8S with GitOps
Meetup 23 - 03 - Application Delivery on K8S with GitOpsMeetup 23 - 03 - Application Delivery on K8S with GitOps
Meetup 23 - 03 - Application Delivery on K8S with GitOps
Vietnam Open Infrastructure User Group
 
Integracia security do ci cd pipelines
Integracia security do ci cd pipelinesIntegracia security do ci cd pipelines
Integracia security do ci cd pipelines
Juraj Hantak
 
Container world 2019 Canary Release
Container world 2019 Canary ReleaseContainer world 2019 Canary Release
Container world 2019 Canary Release
Billy Yuen
 
Kubernetes: Increasing velocity without sacrificing quality
Kubernetes: Increasing velocity without sacrificing qualityKubernetes: Increasing velocity without sacrificing quality
Kubernetes: Increasing velocity without sacrificing quality
Adam Schepis
 
CI:CD in Lightspeed with kubernetes and argo cd
CI:CD in Lightspeed with kubernetes and argo cdCI:CD in Lightspeed with kubernetes and argo cd
CI:CD in Lightspeed with kubernetes and argo cd
Billy Yuen
 
Cloud Native Islamabad - Getting Closer to Continuous Delivery with Knative
Cloud Native Islamabad - Getting Closer to Continuous Delivery with KnativeCloud Native Islamabad - Getting Closer to Continuous Delivery with Knative
Cloud Native Islamabad - Getting Closer to Continuous Delivery with Knative
Mauricio (Salaboy) Salatino
 
Deployment Strategies
Deployment StrategiesDeployment Strategies
Deployment Strategies
Piotr Perzyna
 
Cloud Native Java in Kubernetes
Cloud Native Java in KubernetesCloud Native Java in Kubernetes
Cloud Native Java in Kubernetes
Mauricio (Salaboy) Salatino
 
The Automated Monolith
The Automated MonolithThe Automated Monolith
The Automated Monolith
Haufe-Lexware GmbH & Co KG
 
What's New in GitLab and Software Development Trends
What's New in GitLab and Software Development TrendsWhat's New in GitLab and Software Development Trends
What's New in GitLab and Software Development Trends
Noa Harel
 
The Power of GitOps with Flux & GitOps Toolkit
The Power of GitOps with Flux & GitOps ToolkitThe Power of GitOps with Flux & GitOps Toolkit
The Power of GitOps with Flux & GitOps Toolkit
Weaveworks
 
What's New for GitLab CI/CD February 2020
What's New for GitLab CI/CD February 2020What's New for GitLab CI/CD February 2020
What's New for GitLab CI/CD February 2020
Noa Harel
 
GitOps w/argocd
GitOps w/argocdGitOps w/argocd
GitOps w/argocd
Jean-Philippe Bélanger
 
GitOps with Gitkube
GitOps with GitkubeGitOps with Gitkube
GitOps with Gitkube
Tirumarai Selvan
 
Case Study: Migration to GitLab (from Bitbucket) at AppsFlyer
Case Study: Migration to GitLab (from Bitbucket) at AppsFlyerCase Study: Migration to GitLab (from Bitbucket) at AppsFlyer
Case Study: Migration to GitLab (from Bitbucket) at AppsFlyer
Noa Harel
 
Enhance Your Kubernetes CI/CD Pipelines With GitLab & Open Source
Enhance Your Kubernetes CI/CD Pipelines With GitLab & Open SourceEnhance Your Kubernetes CI/CD Pipelines With GitLab & Open Source
Enhance Your Kubernetes CI/CD Pipelines With GitLab & Open Source
Nico Meisenzahl
 
Netflix Architecture and Open Source
Netflix Architecture and Open SourceNetflix Architecture and Open Source
Netflix Architecture and Open Source
All Things Open
 
Real World CI/CD with Kubernetes
Real World CI/CD with KubernetesReal World CI/CD with Kubernetes
Real World CI/CD with Kubernetes
Opsta
 

What's hot (20)

DevOps: Coding Defines Monitoring
DevOps: Coding Defines MonitoringDevOps: Coding Defines Monitoring
DevOps: Coding Defines Monitoring
 
DevOps: The Future of Software Development
DevOps: The Future of Software DevelopmentDevOps: The Future of Software Development
DevOps: The Future of Software Development
 
Meetup 23 - 03 - Application Delivery on K8S with GitOps
Meetup 23 - 03 - Application Delivery on K8S with GitOpsMeetup 23 - 03 - Application Delivery on K8S with GitOps
Meetup 23 - 03 - Application Delivery on K8S with GitOps
 
Integracia security do ci cd pipelines
Integracia security do ci cd pipelinesIntegracia security do ci cd pipelines
Integracia security do ci cd pipelines
 
Container world 2019 Canary Release
Container world 2019 Canary ReleaseContainer world 2019 Canary Release
Container world 2019 Canary Release
 
Kubernetes: Increasing velocity without sacrificing quality
Kubernetes: Increasing velocity without sacrificing qualityKubernetes: Increasing velocity without sacrificing quality
Kubernetes: Increasing velocity without sacrificing quality
 
CI:CD in Lightspeed with kubernetes and argo cd
CI:CD in Lightspeed with kubernetes and argo cdCI:CD in Lightspeed with kubernetes and argo cd
CI:CD in Lightspeed with kubernetes and argo cd
 
Cloud Native Islamabad - Getting Closer to Continuous Delivery with Knative
Cloud Native Islamabad - Getting Closer to Continuous Delivery with KnativeCloud Native Islamabad - Getting Closer to Continuous Delivery with Knative
Cloud Native Islamabad - Getting Closer to Continuous Delivery with Knative
 
Deployment Strategies
Deployment StrategiesDeployment Strategies
Deployment Strategies
 
Cloud Native Java in Kubernetes
Cloud Native Java in KubernetesCloud Native Java in Kubernetes
Cloud Native Java in Kubernetes
 
The Automated Monolith
The Automated MonolithThe Automated Monolith
The Automated Monolith
 
What's New in GitLab and Software Development Trends
What's New in GitLab and Software Development TrendsWhat's New in GitLab and Software Development Trends
What's New in GitLab and Software Development Trends
 
The Power of GitOps with Flux & GitOps Toolkit
The Power of GitOps with Flux & GitOps ToolkitThe Power of GitOps with Flux & GitOps Toolkit
The Power of GitOps with Flux & GitOps Toolkit
 
What's New for GitLab CI/CD February 2020
What's New for GitLab CI/CD February 2020What's New for GitLab CI/CD February 2020
What's New for GitLab CI/CD February 2020
 
GitOps w/argocd
GitOps w/argocdGitOps w/argocd
GitOps w/argocd
 
GitOps with Gitkube
GitOps with GitkubeGitOps with Gitkube
GitOps with Gitkube
 
Case Study: Migration to GitLab (from Bitbucket) at AppsFlyer
Case Study: Migration to GitLab (from Bitbucket) at AppsFlyerCase Study: Migration to GitLab (from Bitbucket) at AppsFlyer
Case Study: Migration to GitLab (from Bitbucket) at AppsFlyer
 
Enhance Your Kubernetes CI/CD Pipelines With GitLab & Open Source
Enhance Your Kubernetes CI/CD Pipelines With GitLab & Open SourceEnhance Your Kubernetes CI/CD Pipelines With GitLab & Open Source
Enhance Your Kubernetes CI/CD Pipelines With GitLab & Open Source
 
Netflix Architecture and Open Source
Netflix Architecture and Open SourceNetflix Architecture and Open Source
Netflix Architecture and Open Source
 
Real World CI/CD with Kubernetes
Real World CI/CD with KubernetesReal World CI/CD with Kubernetes
Real World CI/CD with Kubernetes
 

Similar to Kubernetes at Reddit: An Origin Story - KubeCon NA 2018

Netflix Open Source: Building a Distributed and Automated Open Source Program
Netflix Open Source: Building a Distributed and Automated Open Source ProgramNetflix Open Source: Building a Distributed and Automated Open Source Program
Netflix Open Source: Building a Distributed and Automated Open Source Program
aspyker
 
Building a Distributed & Automated Open Source Program at Netflix
Building a Distributed & Automated Open Source Program at NetflixBuilding a Distributed & Automated Open Source Program at Netflix
Building a Distributed & Automated Open Source Program at Netflix
All Things Open
 
Microservices at Mercari
Microservices at MercariMicroservices at Mercari
Microservices at Mercari
Google Cloud Platform - Japan
 
Montreal Kubernetes Meetup: Developer-first workflows (for microservices) on ...
Montreal Kubernetes Meetup: Developer-first workflows (for microservices) on ...Montreal Kubernetes Meetup: Developer-first workflows (for microservices) on ...
Montreal Kubernetes Meetup: Developer-first workflows (for microservices) on ...
Ambassador Labs
 
Kubernetes, Toolbox to fail or succeed for beginners - Demi Ben-Ari, VP R&D @...
Kubernetes, Toolbox to fail or succeed for beginners - Demi Ben-Ari, VP R&D @...Kubernetes, Toolbox to fail or succeed for beginners - Demi Ben-Ari, VP R&D @...
Kubernetes, Toolbox to fail or succeed for beginners - Demi Ben-Ari, VP R&D @...
Demi Ben-Ari
 
Evolving your api architecture with the strangler pattern
Evolving your api architecture with the strangler patternEvolving your api architecture with the strangler pattern
Evolving your api architecture with the strangler pattern
dwcarter74
 
Continuous Delivery at Snyk
Continuous Delivery at SnykContinuous Delivery at Snyk
Continuous Delivery at Snyk
Anton Drukh
 
Dagster @ R&S MNT
Dagster @ R&S MNTDagster @ R&S MNT
Dagster @ R&S MNT
Simon Späti
 
Triangle Devops Meetup 10/2015
Triangle Devops Meetup 10/2015Triangle Devops Meetup 10/2015
Triangle Devops Meetup 10/2015
aspyker
 
Angular (v2 and up) - Morning to understand - Linagora
Angular (v2 and up) - Morning to understand - LinagoraAngular (v2 and up) - Morning to understand - Linagora
Angular (v2 and up) - Morning to understand - Linagora
LINAGORA
 
NetflixOSS Meetup S6E1 - Titus & Containers
NetflixOSS Meetup S6E1 - Titus & ContainersNetflixOSS Meetup S6E1 - Titus & Containers
NetflixOSS Meetup S6E1 - Titus & Containers
aspyker
 
Not my problem - Delegating responsibility to infrastructure
Not my problem - Delegating responsibility to infrastructureNot my problem - Delegating responsibility to infrastructure
Not my problem - Delegating responsibility to infrastructure
Yshay Yaacobi
 
Modern Web-site Development Pipeline
Modern Web-site Development PipelineModern Web-site Development Pipeline
Modern Web-site Development Pipeline
GlobalLogic Ukraine
 
RTBkit Meetup - Developer Spotlight, Behind the Scenes of RTBkit and Intro to...
RTBkit Meetup - Developer Spotlight, Behind the Scenes of RTBkit and Intro to...RTBkit Meetup - Developer Spotlight, Behind the Scenes of RTBkit and Intro to...
RTBkit Meetup - Developer Spotlight, Behind the Scenes of RTBkit and Intro to...
Datacratic
 
Easy Microservices with JHipster - Devoxx BE 2017
Easy Microservices with JHipster - Devoxx BE 2017Easy Microservices with JHipster - Devoxx BE 2017
Easy Microservices with JHipster - Devoxx BE 2017
Deepu K Sasidharan
 
Devoxx Belgium 2017 - easy microservices with JHipster
Devoxx Belgium 2017 - easy microservices with JHipsterDevoxx Belgium 2017 - easy microservices with JHipster
Devoxx Belgium 2017 - easy microservices with JHipster
Julien Dubois
 
Successful DevOps implementation for small teams a true story
Successful DevOps implementation for small teams a true storySuccessful DevOps implementation for small teams a true story
Successful DevOps implementation for small teams a true story
Jakub Paweł Głazik
 
Dust.js
Dust.jsDust.js
Dust.js
Yevgeniy Brikman
 
Hexagonal architecture
Hexagonal architectureHexagonal architecture
Hexagonal architecture
Nicolas Guignard
 
Continuos Integration and Delivery: from Zero to Hero with TeamCity, Docker a...
Continuos Integration and Delivery: from Zero to Hero with TeamCity, Docker a...Continuos Integration and Delivery: from Zero to Hero with TeamCity, Docker a...
Continuos Integration and Delivery: from Zero to Hero with TeamCity, Docker a...
Lean IT Consulting
 

Similar to Kubernetes at Reddit: An Origin Story - KubeCon NA 2018 (20)

Netflix Open Source: Building a Distributed and Automated Open Source Program
Netflix Open Source: Building a Distributed and Automated Open Source ProgramNetflix Open Source: Building a Distributed and Automated Open Source Program
Netflix Open Source: Building a Distributed and Automated Open Source Program
 
Building a Distributed & Automated Open Source Program at Netflix
Building a Distributed & Automated Open Source Program at NetflixBuilding a Distributed & Automated Open Source Program at Netflix
Building a Distributed & Automated Open Source Program at Netflix
 
Microservices at Mercari
Microservices at MercariMicroservices at Mercari
Microservices at Mercari
 
Montreal Kubernetes Meetup: Developer-first workflows (for microservices) on ...
Montreal Kubernetes Meetup: Developer-first workflows (for microservices) on ...Montreal Kubernetes Meetup: Developer-first workflows (for microservices) on ...
Montreal Kubernetes Meetup: Developer-first workflows (for microservices) on ...
 
Kubernetes, Toolbox to fail or succeed for beginners - Demi Ben-Ari, VP R&D @...
Kubernetes, Toolbox to fail or succeed for beginners - Demi Ben-Ari, VP R&D @...Kubernetes, Toolbox to fail or succeed for beginners - Demi Ben-Ari, VP R&D @...
Kubernetes, Toolbox to fail or succeed for beginners - Demi Ben-Ari, VP R&D @...
 
Evolving your api architecture with the strangler pattern
Evolving your api architecture with the strangler patternEvolving your api architecture with the strangler pattern
Evolving your api architecture with the strangler pattern
 
Continuous Delivery at Snyk
Continuous Delivery at SnykContinuous Delivery at Snyk
Continuous Delivery at Snyk
 
Dagster @ R&S MNT
Dagster @ R&S MNTDagster @ R&S MNT
Dagster @ R&S MNT
 
Triangle Devops Meetup 10/2015
Triangle Devops Meetup 10/2015Triangle Devops Meetup 10/2015
Triangle Devops Meetup 10/2015
 
Angular (v2 and up) - Morning to understand - Linagora
Angular (v2 and up) - Morning to understand - LinagoraAngular (v2 and up) - Morning to understand - Linagora
Angular (v2 and up) - Morning to understand - Linagora
 
NetflixOSS Meetup S6E1 - Titus & Containers
NetflixOSS Meetup S6E1 - Titus & ContainersNetflixOSS Meetup S6E1 - Titus & Containers
NetflixOSS Meetup S6E1 - Titus & Containers
 
Not my problem - Delegating responsibility to infrastructure
Not my problem - Delegating responsibility to infrastructureNot my problem - Delegating responsibility to infrastructure
Not my problem - Delegating responsibility to infrastructure
 
Modern Web-site Development Pipeline
Modern Web-site Development PipelineModern Web-site Development Pipeline
Modern Web-site Development Pipeline
 
RTBkit Meetup - Developer Spotlight, Behind the Scenes of RTBkit and Intro to...
RTBkit Meetup - Developer Spotlight, Behind the Scenes of RTBkit and Intro to...RTBkit Meetup - Developer Spotlight, Behind the Scenes of RTBkit and Intro to...
RTBkit Meetup - Developer Spotlight, Behind the Scenes of RTBkit and Intro to...
 
Easy Microservices with JHipster - Devoxx BE 2017
Easy Microservices with JHipster - Devoxx BE 2017Easy Microservices with JHipster - Devoxx BE 2017
Easy Microservices with JHipster - Devoxx BE 2017
 
Devoxx Belgium 2017 - easy microservices with JHipster
Devoxx Belgium 2017 - easy microservices with JHipsterDevoxx Belgium 2017 - easy microservices with JHipster
Devoxx Belgium 2017 - easy microservices with JHipster
 
Successful DevOps implementation for small teams a true story
Successful DevOps implementation for small teams a true storySuccessful DevOps implementation for small teams a true story
Successful DevOps implementation for small teams a true story
 
Dust.js
Dust.jsDust.js
Dust.js
 
Hexagonal architecture
Hexagonal architectureHexagonal architecture
Hexagonal architecture
 
Continuos Integration and Delivery: from Zero to Hero with TeamCity, Docker a...
Continuos Integration and Delivery: from Zero to Hero with TeamCity, Docker a...Continuos Integration and Delivery: from Zero to Hero with TeamCity, Docker a...
Continuos Integration and Delivery: from Zero to Hero with TeamCity, Docker a...
 

Recently uploaded

Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Crescat
 
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of CodeA Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
Aftab Hussain
 
APIs for Browser Automation (MoT Meetup 2024)
APIs for Browser Automation (MoT Meetup 2024)APIs for Browser Automation (MoT Meetup 2024)
APIs for Browser Automation (MoT Meetup 2024)
Boni García
 
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdfAutomated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
timtebeek1
 
Transform Your Communication with Cloud-Based IVR Solutions
Transform Your Communication with Cloud-Based IVR SolutionsTransform Your Communication with Cloud-Based IVR Solutions
Transform Your Communication with Cloud-Based IVR Solutions
TheSMSPoint
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
Fundamentals of Programming and Language Processors
Fundamentals of Programming and Language ProcessorsFundamentals of Programming and Language Processors
Fundamentals of Programming and Language Processors
Rakesh Kumar R
 
GraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph TechnologyGraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph Technology
Neo4j
 
AI Genie Review: World’s First Open AI WordPress Website Creator
AI Genie Review: World’s First Open AI WordPress Website CreatorAI Genie Review: World’s First Open AI WordPress Website Creator
AI Genie Review: World’s First Open AI WordPress Website Creator
Google
 
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket ManagementUtilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
Utilocate
 
Mobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona InfotechMobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona Infotech
Drona Infotech
 
May Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdfMay Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdf
Adele Miller
 
A Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of PassageA Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of Passage
Philip Schwarz
 
Artificia Intellicence and XPath Extension Functions
Artificia Intellicence and XPath Extension FunctionsArtificia Intellicence and XPath Extension Functions
Artificia Intellicence and XPath Extension Functions
Octavian Nadolu
 
Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604
Fermin Galan
 
Atelier - Innover avec l’IA Générative et les graphes de connaissances
Atelier - Innover avec l’IA Générative et les graphes de connaissancesAtelier - Innover avec l’IA Générative et les graphes de connaissances
Atelier - Innover avec l’IA Générative et les graphes de connaissances
Neo4j
 
Using Xen Hypervisor for Functional Safety
Using Xen Hypervisor for Functional SafetyUsing Xen Hypervisor for Functional Safety
Using Xen Hypervisor for Functional Safety
Ayan Halder
 
OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024
OpenMetadata
 
Enterprise Resource Planning System in Telangana
Enterprise Resource Planning System in TelanganaEnterprise Resource Planning System in Telangana
Enterprise Resource Planning System in Telangana
NYGGS Automation Suite
 
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing SuiteAI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
Google
 

Recently uploaded (20)

Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
 
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of CodeA Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
 
APIs for Browser Automation (MoT Meetup 2024)
APIs for Browser Automation (MoT Meetup 2024)APIs for Browser Automation (MoT Meetup 2024)
APIs for Browser Automation (MoT Meetup 2024)
 
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdfAutomated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
 
Transform Your Communication with Cloud-Based IVR Solutions
Transform Your Communication with Cloud-Based IVR SolutionsTransform Your Communication with Cloud-Based IVR Solutions
Transform Your Communication with Cloud-Based IVR Solutions
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
Fundamentals of Programming and Language Processors
Fundamentals of Programming and Language ProcessorsFundamentals of Programming and Language Processors
Fundamentals of Programming and Language Processors
 
GraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph TechnologyGraphSummit Paris - The art of the possible with Graph Technology
GraphSummit Paris - The art of the possible with Graph Technology
 
AI Genie Review: World’s First Open AI WordPress Website Creator
AI Genie Review: World’s First Open AI WordPress Website CreatorAI Genie Review: World’s First Open AI WordPress Website Creator
AI Genie Review: World’s First Open AI WordPress Website Creator
 
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket ManagementUtilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
Utilocate provides Smarter, Better, Faster, Safer Locate Ticket Management
 
Mobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona InfotechMobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona Infotech
 
May Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdfMay Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdf
 
A Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of PassageA Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of Passage
 
Artificia Intellicence and XPath Extension Functions
Artificia Intellicence and XPath Extension FunctionsArtificia Intellicence and XPath Extension Functions
Artificia Intellicence and XPath Extension Functions
 
Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604
 
Atelier - Innover avec l’IA Générative et les graphes de connaissances
Atelier - Innover avec l’IA Générative et les graphes de connaissancesAtelier - Innover avec l’IA Générative et les graphes de connaissances
Atelier - Innover avec l’IA Générative et les graphes de connaissances
 
Using Xen Hypervisor for Functional Safety
Using Xen Hypervisor for Functional SafetyUsing Xen Hypervisor for Functional Safety
Using Xen Hypervisor for Functional Safety
 
OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024
 
Enterprise Resource Planning System in Telangana
Enterprise Resource Planning System in TelanganaEnterprise Resource Planning System in Telangana
Enterprise Resource Planning System in Telangana
 
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing SuiteAI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
 

Kubernetes at Reddit: An Origin Story - KubeCon NA 2018

  • 1. Kubernetes at Reddit: An Origin Story Greg Taylor – EM, Reddit Infrastructure /u/gctaylor
  • 3. Something for everyone 5th/20th Alexa Rank (US/World) 400M+ Monthly active users 140K+ Communities 12M+ Posts per month 2B+ Votes per month
  • 7. 2016 - The Infrastructure Team ● Provisioned and configured all infrastructure ● Operated most of our systems ● Responded to most incidents
  • 8. Mid-2016 and onward: The Great Embiggening
  • 11. Growing pains: Infra team as a bottleneck ● Problem: Eng teams too dependent on Infra team ○ Service provisioning ○ Ongoing operation ○ Debugging and performance work ● Short-term “solution”: Train and deputize infrastructure-oriented teams ○ Allows for more self-sufficiency ○ Only possible for some teams!
  • 12. One size fits all some Not all teams want to operate the full stack for their service Don’t make me infrastructure! My toaster runs Docker
  • 13.
  • 14. What do the engineering teams REALLY want?
  • 15. Service ownership A service owner is empowered and expected to: ● Develop their service from start to finish ● Deploy their service early and often ● Operate their service
  • 17. A service owner should be able to develop, deploy, and operate their service. Regardless of engineering background
  • 18. Develop: Consistency in services Regardless of language/toolset, the “shape” of each service should be consistent: ● RPC protocol ● Secrets fetching ● Metrics ● Tracing ● Log output format Baseplate: https://baseplate.readthedocs.io
  • 19. Develop: Service creation Auto-generate starter material: Service sources ● Python/Go/Node service stub ● Dockerfile ● CI configs Helm Charts ● Friends don’t let friends write YAML!
  • 20. Develop: “Local” development Development is facilitated by Skaffold. Major considerations: ● Accessible to those without deep Kubernetes experience ● As similar to production as possible ● Re-use our standard Charts + images ● Must not exhaust standard dev laptop’s resources
  • 21. A service owner should be able to develop, deploy, and operate their service. Regardless of engineering background
  • 22. Deploy: Tests, builds, deploys ● CI runs through Drone a. Tests b. Artifact builds ● Spinnaker handles our deploys a. Standardized pipeline templates b. Renders Helm Charts c. Applies rendered YAML d. Uses V2 Kubernetes provider
  • 23. Deploy: Standard staging/production flow Staging and production deploy flow: 1. Developer pushes to canonical repo 2. Tests and builds run in CI 3. One of two flows are offered: a. CI triggers a deploy b. Eng manually triggers a deploy
  • 24. A service owner should be able to develop, deploy, and operate their service. Regardless of engineering background
  • 25. Operate: Explicitly defined expectations Service owners ● Learn some Kubernetes basics ● Deploy and operate own services Infrastructure team ● Keep the Kubernetes clusters running ● Provision AWS resources, caches, DBs ● Support and advise Product Users
  • 26. Operate: Paint-by-numbers Enabling service ownership for all backgrounds: ● Take the guesswork out ● Document all the things ● You want to do X? Here’s a guide for that ● Must be supported by training!
  • 27. ● Service owners auth via OpenID Connect ● RBAC policies are group-based ● Namespace per service ● Service owners have full access to their namespace(s) Operate: Service owner permissions
  • 28. Operate: Guardrails Things that prevent or minimize damage ● Resource limits and Network Policies ○ Built into Kubernetes ● Throttling and circuit breaking ○ Envoy + Istio ● Object and Image policies ○ Open Policy Agent ● Finely scoped RBAC ○ Open Policy Agent
  • 29. Operate: Oh no! Something exploded! Service owner: 1. Paged for service incident 2. Diagnoses + resolves issue 3. Can summon Infra if needed Infrastructure team: 1. Paged for cluster issues 2. Those never happen. Yep.
  • 30. Observability by default: ● Metrics ○ Wavefront ● Alerting ○ PagerDuty ● Tracing ○ Zipkin ● Exception/error tracking ○ Sentry ● Central logging and analysis Operate: Observe, Diagnose, Resolve
  • 31. Operate: Recap Service owners have: ● Explicitly defined responsibilities ● Enough access to own their services ● Guardrails to prevent+limit damage ● Tools needed to respond to and diagnose issues
  • 32. What does all of this buy us?
  • 33. A service owner should be is able to develop, deploy, and operate their service. Regardless of engineering background
  • 34. Infra team: From Operators to Enablers
  • 35. Kubernetes at Reddit 7 Kubernetes clusters ~30% Of our Engineering teams ~20 Production services 10-20 Deploys a day New services on Kubernetes by default in Q1!
  • 38. Presenter Info + Resources ● Greg Taylor - Reddit Infrastructure ● /u/gctaylor ● @gctaylor ● github.com/gtaylor ● reddit.com/r/kubernetes ● redditblog.com/topic/technology