Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Kubernetes: від знайомства до використання у CI/CD

313 views

Published on

Kubernetes: від знайомства до використання у CI/CD
Олександр Занічковський

Technical Lead у компанії SoftServe
14+ років досвіду розробки різноманітного програмного забезпечення, як для десктопа, так і для веб
Працював фріланс-програмістом та в команді
Цікавиться архітектурою ПЗ, автоматизацією процесів інтеграції та доставки нових версій продукту, хмарними технологіями
Віднедавна займається менторінгом майбутніх техлідів
У вільний від роботи час грає на гітарі і мріє про велику сцену
Олександр поділиться власним досвідом роботи з Kubernetes:
ознайомить з базовими поняттями та примітивами K8S
опише можливі сценарії використання Kubernetes для CI/CD на прикладі GitLab
покаже, як можна використовувати постійне сховище, збирати метрики контейнерів, використовувати Ingress для роутинга запитів за певними правилами
покаже, як можна самому встановити K8S для ознайомлення чи локальної роботи

Published in: Technology
  • Be the first to comment

Kubernetes: від знайомства до використання у CI/CD

  1. 1. Kubernetes: from introduction to usage in CI/CD Oleksandr Zanichkovskyi
  2. 2. Oleksandr Zanichkovskyi PHP Technical Lead with 14+ years of experience. Interested in clean code, good architecture, cloud computing, development processes automation and playing the guitar of course  Email: eternity.lviv@gmail.com Skype: olexandr.zanichkovsky FB: https://www.facebook.com/ozanichkovskyi
  3. 3.  Why should containers be used?  What is Kubernetes  Kubernetes Architecture  Kubernetes Primitives  Installing Kubernetes  Additional Tools  Automating DevOps with Kubernetes GitLab and Kubernetes integration Agenda
  4. 4. Tools
  5. 5. Why should containers be used?
  6. 6. The old way vs the new way
  7. 7. What is container? “A container image is a lightweight, stand-alone, executable package of a piece of software that includes everything needed to run it: code, runtime, system tools, system libraries, settings. … containerized software will always run the same, regardless of the environment. Containers isolate software from its surroundings, for example differences between development and staging environments and help reduce conflicts between teams running different software on the same infrastructure.” https://docker.com/what-container
  8. 8. Container advantages • Pre-Made Runtime Environment
  9. 9. Pre-Made Runtime Environment
  10. 10. Container advantages • Pre-Made Runtime Environment • Version-Controlled Infrastructure
  11. 11. Version-Controlled Infrastructure FROM multicloud/jre-8-oracle ENV version 4.1.1-linux-x64 ENV elasticsearch_server_url elasticsearch ENV elasticsearch_server_port 9200 RUN wget --no-check-certificate --progress=bar:force --retry-connrefused -t 5 https://download.elasticsearch.org/kibana/kibana/kibana-${version}.tar.gz -O /tmp/kibana.tar.gz && (cd /tmp && tar zxf kibana.tar.gz && mv kibana-* /opt/kibana && rm kibana.tar.gz) ADD entrypoint.sh /entrypoint.sh RUN chmod a+x /entrypoint.sh EXPOSE 5601 ENTRYPOINT ["/entrypoint.sh"]
  12. 12. Container advantages • Pre-Made Runtime Environment • Version-Controlled Infrastructure • Runtime Consistency
  13. 13. Runtime Consistency VM Laptop Cloud
  14. 14. Container advantages • Pre-Made Runtime Environment • Version-Controlled Infrastructure • Runtime Consistency • Isolation
  15. 15. Isolation Namespaces Control groups Union file system Container format
  16. 16. Container advantages • Pre-Made Runtime Environment • Version-Controlled Infrastructure • Runtime Consistency • Isolation • Lighter than VMS
  17. 17. Lighter than VM
  18. 18. Container advantages • Pre-Made Runtime Environment • Version-Controlled Infrastructure • Runtime Consistency • Securable • Lighter than VMS • Continuous Integration/Continuous Delivery
  19. 19. Continuous Integration/Continuous Delivery
  20. 20. Container advantages • Pre-Made Runtime Environment • Version-Controlled Infrastructure • Runtime Consistency • Securable • Lighter than VMS • Continuous Integration/Continuous Delivery • Scalability
  21. 21. Scalability Nginx reverse proxy web
  22. 22. Scalability – ”docker-compose scale web=3” Nginx reverse proxy web web web
  23. 23. Docker challenges • Service discovery • Load balancing • Multi-host Docker containers deployment • Secrets/configuration/storage management • Auto-[scaling/restart/healing] of containers and nodes • Zero-downtime deploys
  24. 24. What is Kubernetes?
  25. 25. Meaning The name Kubernetes originates from Greek, meaning helmsman or pilot.
  26. 26. Meaning K8S = Kubernetes
  27. 27. Origins • First announced by Google in mid-2014 • Kubernetes v1.0 was released in mid-2015 • Written in Go/Golang • https://github.com/kubernetes/kubernetes • Often shortened to k8s
  28. 28. What is Kubernetes? • We treat cluster of number of servers as single computer • We do not want to decide what server to put each app part on • We just want to let the cluster know the desired state in simple unified format • Up to: • 5000 nodes • 150000 total pods • 300000 total containers • 100 pods per node
  29. 29. Benefits • Agile application creation and deployment: Increased ease and efficiency of container image creation compared to VM image use. • Continuous development, integration, and deployment: Provides for reliable and frequent container image build and deployment with quick and easy rollbacks (due to image immutability). • Dev and Ops separation of concerns: Create application container images at build/release time rather than deployment time, thereby decoupling applications from infrastructure. • Environmental consistency across development, testing, and production: Runs the same on a laptop as it does in the cloud. • Cloud and OS distribution portability: Runs on Ubuntu, RHEL, CoreOS, on-prem, Google Kubernetes Engine, and anywhere else. • Application-centric management: Raises the level of abstraction from running an OS on virtual hardware to run an application on an OS using logical resources. • Loosely coupled, distributed, elastic, liberated micro-services: Applications are broken into smaller, independent pieces and can be deployed and managed dynamically – not a fat monolithic stack running on one big single-purpose machine. • Resource isolation: Predictable application performance. • Resource utilization: High efficiency and density.
  30. 30. Do I need Kubernetes? • Health checks • Replicating instances • Rolling updates • Accessing container logs • Service discovery • Load balancing
  31. 31. Is it difficult to use? • Different kinds of resources • Descriptive YAML • Easy to use API • Custom resources • Helm as package installer
  32. 32. Kubernetes Architecture
  33. 33. Kubernetes Architecture
  34. 34. Master API Server Component on the master that exposes the Kubernetes API. It is the front-end for the Kubernetes control plane. etcd Consistent and highly-available key value store used as Kubernetes’ backing store for all cluster data. kube-scheduler Component on the master that watches newly created pods that have no node assigned, and selects a node for them to run on. kube-controller-manager Component on the master that runs controllers.
  35. 35. Node Kubelet An agent that runs on each node in the cluster. It ensures that the containers on particular Node are running and healthy. Container Engine The container runtime is the software that is responsible for running containers. Kubernetes supports several runtimes: Docker, rkt, runc kube-proxy Enables the Kubernetes service abstraction by maintaining network rules on the host and performing connection forwarding.
  36. 36. Kubernetes Resources
  37. 37. Kubernetes Resources • Pod • Replica Set • Deployment • Service • …
  38. 38. Pod Container 1 Container 2 Volume 10.0.0.2app: name version: 1.0
  39. 39. Pod Template apiVersion: v1 kind: Pod metadata: name: myapp-pod labels: app: myapp spec: containers: - name: myapp-container image: busybox command: ['sh', '-c', 'echo Hello Kubernetes! && sleep 3600']
  40. 40. Kubernetes cluster
  41. 41. DEMO
  42. 42. ReplicaSet POD PODPOD ReplicaSet replicas: 3
  43. 43. ReplicaSet apiVersion: apps/v1 kind: ReplicaSet metadata: name: nginx-rs labels: app: nginx spec: replicas: 3 selector: matchLabels: app: nginx template: metadata: … spec: …
  44. 44. DEMO
  45. 45. Deployment POD nginx:1.7.9 POD nginx:1.7.9 POD nginx:1.7.9 Deployment replicas: 3 image: nginx:1.7.9
  46. 46. Deployment apiVersion: apps/v1 kind: Deployment metadata: name: nginx-deployment labels: app: nginx spec: replicas: 3 selector: matchLabels: app: nginx template: metadata: … spec: …
  47. 47. DEMO
  48. 48. Service POD app: nginx POD app: nginx POD app: nginx Service app: nginx
  49. 49. Service apiVersion: v1 kind: Service metadata: labels: app: nginx name: nginx-svc spec: ports: - nodePort: 30001 port: 80 protocol: TCP targetPort: 80 selector: app: nginx type: NodePort
  50. 50. DEMO
  51. 51. Labels
  52. 52. Ingress Ingress host: myserver.com Service app: nginx
  53. 53. Ingress • Collection of rules that allow inbound connections to reach cluster services
  54. 54. Ingress apiVersion: extensions/v1beta1 kind: Ingress metadata: name: nginx annotations: kubernetes.io/tls-acme: “true” spec: rules: - host: nginx.review.zophiatech.com http: paths: - path: / backend: serviceName: nginx-svc servicePort: 80
  55. 55. DEMO
  56. 56. Kube Lego? Cert-manager? Automate the management and issuance of TLS certificates from various issuing sources.
  57. 57. DEMO
  58. 58. Persistent Storage? Rook! • Stateful containers • Managed by Kubernetes • Few minutes to install
  59. 59. DEMO
  60. 60. Monitoring
  61. 61. DEMO
  62. 62. Install Kubernetes
  63. 63. Why bother with installing? • Try locally • Minikube • Kubeadm • Kubespray vagrant • Create your private cloud • Kubeadm • Kubespray
  64. 64. Minikube way • It is as easy as: • Install minikube and kubectl • Run ‘minikube up’
  65. 65. Kubespray way • It is as easy as: • Create ansible inventory file • Run ‘ansible-playbook -b -u sudouser -i inventory/inventory.cfg cluster.yml’
  66. 66. Why automate
  67. 67. Human factor • My code style seemed perfect • I expected that tests would pass • Copy pasting allowed to implement this quickly • …
  68. 68. Project state
  69. 69. Release now!
  70. 70. Environment • Agnostic • Show something to your colleagues even remotely • Dev test your code • QA test • Get it as quickly as possible • …
  71. 71. What if it is not what you expected?
  72. 72. GitLab to help
  73. 73. CI out of the box
  74. 74. Container registry
  75. 75. Kubernetes integration
  76. 76. Monitoring
  77. 77. Is it expensive? • Unlimited private repositories 10Gb each • 2000 CI minutes for free • Install CE if you want • Install separate runner
  78. 78. GitLab and Kubernetes Integration
  79. 79. gitlab-ci.yml Dockerfile .helm image registry tests helm install helm install
  80. 80. DEMO
  81. 81. I hope this wil help you!
  82. 82. Resources • GitLab • Kubernetes • Rook • Install instructions (without Persistent Storage) • Kube Lego
  83. 83. USA HQ Toll Free: 866-687-3588 Tel: +1-512-516-8880 Ukraine HQ Tel: +380-32-240-9090 Bulgaria Tel: +359-2-902-3760 Germany Tel: +49-69-2602-5857 Netherlands Tel: +31-20-262-33-23 Poland Tel: +48-71-382-2800 UK Tel: +44-207-544-8414 EMAIL info@softserveinc.com WEBSITE: www.softserveinc.com Thank you!
  84. 84. USA HQ Toll Free: 866-687-3588 Tel: +1-512-516-8880 Ukraine HQ Tel: +380-32-240-9090 Bulgaria Tel: +359-2-902-3760 Germany Tel: +49-69-2602-5857 Netherlands Tel: +31-20-262-33-23 Poland Tel: +48-71-382-2800 UK Tel: +44-207-544-8414 EMAIL info@softserveinc.com WEBSITE: www.softserveinc.com Questions?

×