在這個workshop裡，您將會學到： - 在 AWS 上創建 Kubernetes Cluster - 使用 kubectl 操作 Kubernetes 服務 - 將 Kubernetes 上的應用部署到 AWS 上 - 熟悉 Kubernetes 的主要組成，包括 Cluster, Nodes, Pods, Deployments, Services, Ingress, ReplicaSets 等 - 伸縮擴展你的 Kubernetes 應用 - 配置 Ingress 結合 ALB (Application Load Balancer) 與NLB (Network Load Balancer)

1. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Pahud Hsieh, Solutions Architect
Mar 30, 2018
Kubernetes on AWS
Hands-On Workshop
DEV
DAY 2018

2. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
What is Kubernetes?
• Kubernetes comes from the Greek word κυβερνήτης:, which
means helmsman or ship pilot. With this analogy in mind, we can think of
Kubernetes as the manager for shipping containers.
• Kubernetes is also referred to as k8s, as there are 8 characters between k and s.
• Kubernetes is highly inspired by the Google Borg system, which we will explore in
this chapter. It is an open source project written in the Go language, and licensed
under the Apache License Version 2.0.
• Kubernetes was started by Google and, with its v1.0 release in July 2015, Google
donated it to the Cloud Native Computing Foundation (CNCF).
• Generally, Kubernetes has new releases every three months. The current stable
version is 1.10
"Kubernetes is an open-source system for
automating deployment, scaling, and
management of containerized applications."

3. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Kubernetes Features I
• Automatic binpacking
Kubernetes automatically schedules the containers based on resource usage and
constraints, without sacrificing the availability.
• Self-healing
Kubernetes automatically replaces and reschedules the containers from failed
nodes. It also kills and restarts the containers which do not respond to health
checks, based on existing rules/policy.
• Horizontal scaling
Kubernetes can automatically scale applications based on resource usage like CPU
and memory. In some cases, it also supports dynamic scaling based on customer
metrics.
• Service discovery and Load balancing
Kubernetes groups sets of containers and refers to them via a DNS name. This DNS
name is also called a Kubernetes service. Kubernetes can discover these services
automatically, and load-balance requests between containers of a given service.

4. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Kubernetes Features II
• Automated rollouts and rollbacks
Kubernetes can roll out and roll back new versions/configurations of an application,
without introducing any downtime.
• Secrets and configuration management
Kubernetes can manage secrets and configuration details for an application without
re-building the respective images. With secrets, we can share confidential
information to our application without exposing it to the stack configuration, like
on GitHub.
• Storage orchestration
With Kubernetes and its plugins, we can automatically mount local, external, and
storage solutions to the containers in a seamless manner, based on Software
Defined Storage (SDS).
• Batch execution
Besides long running jobs, Kubernetes also supports batch execution.

5. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Cloud Native Computing Foundation (CNCF)
• containerd for Container Runtime
• rkt for Container Runtime
• Kubernetes for Container Orchestration
• Linkerd for Service Mesh
• gRPC for Remote Procedure Call
• Container Network Interface (CNI) for Container Networking
• CoreDNS for Service Discovery
• Prometheus for Monitoring
• OpenTracing for Tracing
• Fluentd for Logging.

6. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS and the CNCF

7. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

8. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Cloud Native Computing Foundation (CNCF)

9. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

10. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Kubernetes on AWS

11. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Building our cluster(before)
$ brew install kops kubectl
$ kops create cluster
--name k8s.demothe.cloud
--state s3://k8s.demothe.cloud
--networking calico
--topology private
--zones eu-west-1a,eu-west-1b,eu-west-1c
--master-zones eu-west-1a,eu-west-1b,eu-west-1c
--master-size c4.large
--node-size c4.large
--node-count 3

12. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Building our cluster(today)
// open cloud9 IDE
$ kops create cluster
--name example.cluster.k8s.local
--zones $AWS_AVAILABILITY_ZONES

13. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Spot instances for node group
machineType: t2.medium
maxPrice: "0.02"

14. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Verifying and deploying
$ kops edit ig --name=example.cluster.k8s.local nodes
…check YAML looks okay and set spot price…
$ kops update cluster example.cluster.k8s.local --yes
…make cup of coffee…

15. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Here we go!
https://github.com/pahud/k8s-on-aws-workshop

16. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Kubernetes concepts
Pods: Co-located group of
containers that share an IP,
namespace, storage volume
Replica Set: Manages the
lifecycle of pods and ensures
specified number are running
Service: Single, stable name
for a set of pods, also acts as LB
Label: Used to organize
and select group of objects
port 8080 port 8080
“web”
ReplicaSet
#Pods—2
label selector: v1
ReplicaSet
#Pods—1
label selector: v2
Pod
v1
Pod
v1
Pod
v2
Node
Docker
Pod
Containers

17. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Kubernetes concepts
“Virtual” clusters for users/projects
L7 load balancing
Declarative version updates
Run to completion
Automatically adjust number of Pods
AKA Security Groups for Pods
Support for long-term stateful distributed systems
More…

18. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Ingress and ALB

19. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
405-ingress-controllers

20. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Create your golang app
from scratch to Kubernetes
https://github.com/pahud/greeting

21. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
We love Challenges!

22. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Send me your ingress resource template
hunhsieh@amazon.com