This document discusses Google Cloud Platform and related technologies like .NET Core, SQL Server, containers, and Kubernetes. It provides an agenda for a user group meeting that will cover containers, Kubernetes, CoreOS, creating and running a .NET application in a Docker container, container registries, setting up a local Kubernetes cluster, and using pods and services. There is also information about Endocode, a company that provides software solutions and open source projects using technologies like these.
1. Google Cloud Platform
.NET Core, MSSQL,
Container und Kubernetes
thomas@endocode.com
.NET User Group Berlin-Brandenburg, March 2nd, 2017
2. Google Cloud Platform
HI!
Thomas Fricke
thomas@endocode.com
CTO Endocode
• System Automation
• DevOps
• Cloud, Database and Software
Architect
3. Google Cloud Platform
MORE BUGFIX EXAMPLES
• Application breaks
• systemd problem
• NO! journald problem
• analysis: application writes a log line
longer than the kernel buffer used by journald
• FIX: enlarge the kernel buffer
• Push fix to the upstream kernel
4. Google Cloud Platform
ENDOCODE
• high-quality software solutions
• best software engineering practices: test driven
• well known open source projects: https://github.com/endocode
• diverse range of technologies
• decades of experience
• software development,
• team management
• 100000s of server years in public and private clouds
• Be it web, mobile, server or desktop we use:
open source meet any challenge
5. Google Cloud Platform
WHY AM I HERE?
• FSFE recommendation
• .NET is going to be Open Source
• Microsoft has announced a Linux first policy
• Containers everywhere
• Kubernetes now available on Azure
• Large legacy code base in .NET
• Security
• Protecting Infrastructure
• Industry 4.0 Buzz
• ...
6. Google Cloud Platform
AGENDA
• Container
• Kubernetes
• CoreOS
• Create and Run an Example .NET Application
• Clean! Docker Image
• Registry
• Local Kubernetes Setup
• Minikube
• Pod
• Service
8. Google Cloud Platform
CONTAINER OR VIRTUALIZATION
Topic Container Virtualisation
Isolation OS Level,
OS namespaces
CPU Level:
Ring 0/Ring 3
foreign CPU no yes, with emulation
foreign kernels, OS no yes kernel is
common
emulated devices no yes security
host devices direct virtio driver security
CPU performance 100% 95%
IO performance 100% <<100%
root isolation yes yes USER
directive
CPU cache attacks easy possible PoC ?
9. Google Cloud Platform
Greek for “Helmsman”; also the root of the words
“governor” and “cybernetic”
• Runs and manages containers
• Inspired and informed by Google’s
experiences and internal systems
• Supports multiple cloud and bare-metal
environments
• Supports multiple container runtimes
• 100% Open source, written in Go
Manage applications, not machines
Kubernetes
16. Google Cloud Platform
SECURITY BUGS IN IMAGES
• Heartbleed: CVE-2014-0160
• Bug in SSL/TLS exposing the private key of a server
• present in 80% of containers still 18 months after disclosure
• GHOST: CVE-2015-0235
• glibc vulnerability in gethostbyname
• exploitable in some conservative distributions
https://www.banyanops.com/blog/analyzing-docker-hub/
https://coreos.com/blog/vulnerability-analysis-for-containers/
20. Google Cloud Platform
WE NEVER START FROM SCRATCH
- Almost no project starts from a green field
- Technical debt
- environments not made for microservices
21. Google Cloud Platform
● strict layered
architecture
○ separation of
stateless
○ and persistent data
● inside the pods
○ developers are free
to use what they
want
○ contract is binding to
the outside
22. Google Cloud Platform
EXISTING HETEROGENEOUS ENVIRONMENT
- Programming languages and their runtimes
- Various databases from various generations
- SQL
- NoSQL
- Local and sessions storage
- Message queueing
23. Google Cloud Platform
SEMI-AUTOMATED DEPLOYMENT
- Deployment chain automation
- Knowledge about staging and release processes typically implicit and critical
24. Google Cloud Platform
VM CLUSTER BASED ARCHITECTURES
- Assumes complete OS
- Package management
- Configuration management (at runtime)
26. Google Cloud Platform
FROM VMs TO PODS
OS instances microservices in Pods
- pods are containers sharing the same fate
- created together
- running on same node
- terminationg together
- one network address
- shared volumes
27. Google Cloud Platform
FROM VMs TO PODS
VM cluster Pods running on Kubernetes
- cattle: stateless containers
- pets: databases
configuration management separation of build time
and run time
29. Google Cloud Platform
immmr - one number for every need
immmr combines the best
of Internet base
communication with the
advantages of mobile
communication
immmr makes it possible
to use a single mobile
number from any device
30. Google Cloud Platform
.NET Kexel Webserver
• Typical Hello World
• Setup a Clean Container
• Ubuntu 16.04.2 TLS
• Microsoft .NET Version
DEMO TIME
32. Google Cloud Platform
MORE FROM ENDOCODE
- https://endocode.com
- https://endocode.com/blog/
- https://endocode.com/trainings-overview/
- Visit us on GitHub
https://github.com/endocode
-
34. Google Cloud Platform
Dive into Kubernetes!
Watch our Webinar ‘Dive into Kubernetes’ on our YouTube Channel
https://youtu.be/8694GGJlpZ8
Register for a free Google Cloud Platform Trial with $300 Google Cloud Platform Credits
https://goo.gl/dUzDWi
Use another $200 partner credits
https://goo.gl/eYldnT
35. Google Cloud Platform
Endoctus Academy
Next Trainings:
INTRODUCTION
TO KUBERNETES
April 27th
May 4th
May 18th
https://endoctus.com/course/introduction-to-kubernetes
36. Google Cloud Platform
QUESTIONS?
- https://endocode.com
- https://endocode.com/blog/
- https://endocode.com/trainings-overview/
- Visit us on GitHub
https://github.com/endocode
-