This document provides a comprehensive overview of Kubernetes, its architecture, benefits, and how it integrates with CI/CD pipelines, particularly using GitLab. Key topics include the advantages of containerization, the components of the Kubernetes architecture, and the process of installing and using Kubernetes for automated DevOps. It also addresses challenges, features, and the overall purpose of using Kubernetes in modern software development and deployment.

1. Kubernetes: from
introduction to usage
in CI/CD
Oleksandr Zanichkovskyi

2. Oleksandr Zanichkovskyi
PHP Technical Lead with 14+ years of experience.
Interested in clean code, good architecture, cloud
computing, development processes automation and
playing the guitar of course 
Email: eternity.lviv@gmail.com
Skype: olexandr.zanichkovsky
FB: https://www.facebook.com/ozanichkovskyi

3.  Why should containers be used?
 What is Kubernetes
 Kubernetes Architecture
 Kubernetes Primitives
 Installing Kubernetes
 Additional Tools
 Automating DevOps with Kubernetes
GitLab and Kubernetes integration
Agenda

4. Tools

5. Why should containers be
used?

6. The old way vs the
new way

7. What is container?
“A container image is a lightweight, stand-alone, executable package
of a piece of software that includes everything needed to run it: code,
runtime, system tools, system libraries, settings. … containerized
software will always run the same, regardless of the environment.
Containers isolate software from its surroundings, for example
differences between development and staging environments and help
reduce conflicts between teams running different software on the
same infrastructure.”
https://docker.com/what-container

8. Container advantages
• Pre-Made Runtime Environment

9. Pre-Made Runtime Environment

10. Container advantages
• Pre-Made Runtime Environment
• Version-Controlled Infrastructure

11. Version-Controlled Infrastructure
FROM multicloud/jre-8-oracle
ENV version 4.1.1-linux-x64
ENV elasticsearch_server_url elasticsearch
ENV elasticsearch_server_port 9200
RUN wget --no-check-certificate --progress=bar:force --retry-connrefused -t 5 https://download.elasticsearch.org/kibana/kibana/kibana-${version}.tar.gz
-O /tmp/kibana.tar.gz &&
(cd /tmp && tar zxf kibana.tar.gz && mv kibana-* /opt/kibana &&
rm kibana.tar.gz)
ADD entrypoint.sh /entrypoint.sh
RUN chmod a+x /entrypoint.sh
EXPOSE 5601
ENTRYPOINT ["/entrypoint.sh"]

12. Container advantages
• Pre-Made Runtime Environment
• Version-Controlled Infrastructure
• Runtime Consistency

13. Runtime Consistency
VM Laptop Cloud

14. Container advantages
• Pre-Made Runtime Environment
• Version-Controlled Infrastructure
• Runtime Consistency
• Isolation

15. Isolation
Namespaces
Control
groups
Union file
system
Container
format

16. Container advantages
• Pre-Made Runtime Environment
• Version-Controlled Infrastructure
• Runtime Consistency
• Isolation
• Lighter than VMS

17. Lighter than VM

18. Container advantages
• Pre-Made Runtime Environment
• Version-Controlled Infrastructure
• Runtime Consistency
• Securable
• Lighter than VMS
• Continuous Integration/Continuous Delivery

19. Continuous Integration/Continuous Delivery

20. Container advantages
• Pre-Made Runtime Environment
• Version-Controlled Infrastructure
• Runtime Consistency
• Securable
• Lighter than VMS
• Continuous Integration/Continuous Delivery
• Scalability

21. Scalability
Nginx reverse
proxy
web

22. Scalability – ”docker-compose scale web=3”
Nginx reverse
proxy
web web web

23. Docker challenges
• Service discovery
• Load balancing
• Multi-host Docker containers deployment
• Secrets/configuration/storage management
• Auto-[scaling/restart/healing] of containers and nodes
• Zero-downtime deploys

24. What is Kubernetes?

25. Meaning
The name Kubernetes originates from
Greek, meaning helmsman or pilot.

26. Meaning
K8S = Kubernetes

27. Origins
• First announced by Google in mid-2014
• Kubernetes v1.0 was released in mid-2015
• Written in Go/Golang
• https://github.com/kubernetes/kubernetes
• Often shortened to k8s

28. What is Kubernetes?
• We treat cluster of number of servers as single computer
• We do not want to decide what server to put each app part on
• We just want to let the cluster know the desired state in simple
unified format
• Up to:
• 5000 nodes
• 150000 total pods
• 300000 total containers
• 100 pods per node

29. Benefits
• Agile application creation and deployment: Increased ease and efficiency of container image creation compared to VM image use.
• Continuous development, integration, and deployment: Provides for reliable and frequent container image build and deployment with quick
and easy rollbacks (due to image immutability).
• Dev and Ops separation of concerns: Create application container images at build/release time rather than deployment time, thereby decoupling
applications from infrastructure.
• Environmental consistency across development, testing, and production: Runs the same on a laptop as it does in the cloud.
• Cloud and OS distribution portability: Runs on Ubuntu, RHEL, CoreOS, on-prem, Google Kubernetes Engine, and anywhere else.
• Application-centric management: Raises the level of abstraction from running an OS on virtual hardware to run an application on an OS using
logical resources.
• Loosely coupled, distributed, elastic, liberated micro-services: Applications are broken into smaller, independent pieces and can be deployed
and managed dynamically – not a fat monolithic stack running on one big single-purpose machine.
• Resource isolation: Predictable application performance.
• Resource utilization: High efficiency and density.

30. Do I need Kubernetes?
• Health checks
• Replicating instances
• Rolling updates
• Accessing container logs
• Service discovery
• Load balancing

31. Is it difficult to use?
• Different kinds of
resources
• Descriptive YAML
• Easy to use API
• Custom resources
• Helm as package
installer

32. Kubernetes
Architecture

33. Kubernetes Architecture

34. Master
API Server
Component on the master that exposes the
Kubernetes API. It is the front-end for the Kubernetes
control plane.
etcd Consistent and highly-available key value store used
as Kubernetes’ backing store for all cluster data.
kube-scheduler
Component on the master that watches newly created
pods that have no node assigned, and selects a node
for them to run on.
kube-controller-manager Component on the master that runs controllers.

35. Node
Kubelet
An agent that runs on each node in the cluster. It
ensures that the containers on particular Node are
running and healthy.
Container Engine
The container runtime is the software that is
responsible for running containers. Kubernetes
supports several runtimes: Docker, rkt, runc
kube-proxy
Enables the Kubernetes service abstraction by
maintaining network rules on the host and performing
connection forwarding.

36. Kubernetes
Resources

37. Kubernetes Resources
• Pod
• Replica Set
• Deployment
• Service
• …

38. Pod
Container 1 Container 2
Volume
10.0.0.2app: name
version: 1.0

39. Pod Template
apiVersion: v1
kind: Pod
metadata:
name: myapp-pod
labels:
app: myapp
spec:
containers:
- name: myapp-container
image: busybox
command: ['sh', '-c', 'echo Hello Kubernetes! && sleep 3600']

40. Kubernetes cluster

41. DEMO

42. ReplicaSet
POD PODPOD
ReplicaSet
replicas: 3

43. ReplicaSet
apiVersion: apps/v1
kind: ReplicaSet
metadata:
name: nginx-rs
labels:
app: nginx
spec:
replicas: 3
selector:
matchLabels:
app: nginx
template:
metadata: …
spec: …

44. DEMO

45. Deployment
POD
nginx:1.7.9
POD
nginx:1.7.9
POD
nginx:1.7.9
Deployment
replicas: 3
image: nginx:1.7.9

46. Deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
labels:
app: nginx
spec:
replicas: 3
selector:
matchLabels:
app: nginx
template:
metadata: …
spec: …

47. DEMO

48. Service
POD
app: nginx
POD
app: nginx
POD
app: nginx
Service
app: nginx

49. Service
apiVersion: v1
kind: Service
metadata:
labels:
app: nginx
name: nginx-svc
spec:
ports:
- nodePort: 30001
port: 80
protocol: TCP
targetPort: 80
selector:
app: nginx
type: NodePort

50. DEMO

51. Labels

52. Ingress
Ingress
host: myserver.com
Service
app: nginx

53. Ingress
• Collection of rules that allow
inbound connections to reach
cluster services

54. Ingress
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: nginx
annotations:
kubernetes.io/tls-acme: “true”
spec:
rules:
- host: nginx.review.zophiatech.com
http:
paths:
- path: /
backend:
serviceName: nginx-svc
servicePort: 80

55. DEMO

56. Kube Lego? Cert-manager?
Automate the management
and issuance of TLS
certificates from various
issuing sources.

57. DEMO

58. Persistent Storage? Rook!
• Stateful containers
• Managed by Kubernetes
• Few minutes to install

59. DEMO

60. Monitoring

61. DEMO

62. Install
Kubernetes

63. Why bother with installing?
• Try locally
• Minikube
• Kubeadm
• Kubespray vagrant
• Create your private cloud
• Kubeadm
• Kubespray

64. Minikube way
• It is as easy as:
• Install minikube and kubectl
• Run ‘minikube up’

65. Kubespray way
• It is as easy as:
• Create ansible inventory file
• Run ‘ansible-playbook -b -u sudouser -i
inventory/inventory.cfg cluster.yml’

66. Why automate

67. Human factor
• My code style seemed
perfect
• I expected that tests would
pass
• Copy pasting allowed to
implement this quickly
• …

68. Project state

70. Release now!

71. Environment
• Agnostic
• Show something to your
colleagues even remotely
• Dev test your code
• QA test
• Get it as quickly as possible
• …

72. What if it is not what you expected?

74. GitLab to help

75. CI out of the box

76. Container registry

77. Kubernetes integration

78. Monitoring

79. Is it expensive?
• Unlimited private repositories 10Gb each
• 2000 CI minutes for free
• Install CE if you want
• Install separate runner

80. GitLab and
Kubernetes
Integration

81. gitlab-ci.yml
Dockerfile
.helm
image
registry
tests
helm install helm install

82. DEMO

83. I hope this wil help you!

84. Resources
• GitLab
• Kubernetes
• Rook
• Install instructions (without Persistent Storage)
• Kube Lego

85. USA HQ
Toll Free: 866-687-3588
Tel: +1-512-516-8880
Ukraine HQ
Tel: +380-32-240-9090
Bulgaria
Tel: +359-2-902-3760
Germany
Tel: +49-69-2602-5857
Netherlands
Tel: +31-20-262-33-23
Poland
Tel: +48-71-382-2800
UK
Tel: +44-207-544-8414
EMAIL
info@softserveinc.com
WEBSITE:
www.softserveinc.com
Thank you!

86. USA HQ
Toll Free: 866-687-3588
Tel: +1-512-516-8880
Ukraine HQ
Tel: +380-32-240-9090
Bulgaria
Tel: +359-2-902-3760
Germany
Tel: +49-69-2602-5857
Netherlands
Tel: +31-20-262-33-23
Poland
Tel: +48-71-382-2800
UK
Tel: +44-207-544-8414
EMAIL
info@softserveinc.com
WEBSITE:
www.softserveinc.com
Questions?