2. VISHAL BIYANI
CTO & Founder at
infraCloud technologies (www.infracloud.io )
https://twitter.com/vishal_biyani
https://www.vishalbiyani.com
1st Kubernetes partner India
2nd in APAC region
Rancher partner - APAC
3. InfraCloud has published a FREE eBook on
“Scaling and deploying Kubernetes”
http://info.rancher.com/deploying-scaling-kubernetes-ebook
4. TIMELINES
Time (Minutes - total 180) Agenda
00 - 15 Introduction & Setting up
15 - 45 Quick walkthrough of concepts
45 - 95 3 concepts, code & labs - 15 minute each
95 - 100 Break
100 - 150 3 concept, code & labs - 15 min each
150 - 180 Open House
5. HAVE YOU?
• You have worked with either of
Puppet/Chef/Ansible/Salt?
• You have used Docker
• You have experience of one of:
Kubernetes/Mesos/Swarm/Openshift?
6. TABLE OF CONTAINERS.. ..
• What is Kubernetes, exactly?
• How to setup a Kubernetes Cluster?
• Various ways to get started with a Kubernetes cluster
• Kubernetes Architecture
• Kubernetes Concepts
• POD, Deployments, Services, Labels & Selectors etc.
• Kubectl Usage
• Deploying app with Helm
7. KUBERNETES - THE BOOKISH DEFINITION
• Kubernetes is an open-source
platform for automating
deployment, scaling, and
operations of application
containers across clusters of
hosts, providing container-
centric infrastructure (From
http://kubernetes.io/docs/whatisk8s/)
Open source project by
Google
Primarily targeted
at containerized
workloads
Platform - automates
deployment, scaling etc.
Abstracts hosts and
underlying
infrastructure from you
Portable - Run on
public/private cloud, data
center, your laptop -
doesn’t matter
Self - healing: It restarts,
replaces, scales, monitors
Containers
Extensible - replace certain
components if you want
to. Extend with pluggable
architecture
8. KUBERNETES HAS COMMON PATTERNS/DESIGNS
Need to run related
processes together in a
shared context
Integrating with underlying
storage (Block or Bucket
based)
Check health of
applications and maintain
certain number of
instances.
Scale instances based on
triggers.
Load balancing between
multiple instances of a
container
Provide easy and scalable
way to locate and reach
services (Aka service
discovery and naming)
Monitoring and log
management
Tagging and searching
instances dynamically to do
certain operations (For
example list all web servers
across all applications)
Rolling updates, Canary
deployments
Everything is API based- so
can be integrated with
external systems.
9. SETTING UP KUBERNETES
On Cloud & managed
Google
Container
Engine
StackpointCloud
Tectonic from
CoreOS
Openshift SaaS
DIY - any cloud/data center
Kubeadm
(official utility)
DIY On steroids
KOPS (Targeted
to AWS)
Kismatic from
Apperanda
Rancher -
provides
enterprise
features, multi
cluster support
Redhat
OpenShift -
comes with
complete
lifecycle
features
Many more: http://kubernetes.io/docs/getting-started-guides
Platform9
11. Lab - Setup Kubernetes in GKE & laptop setup
• GKE Cluster creation
• Kubectl on Google Cloud Console
• Checkout https://github.com/infracloudio/kubernetes-101
12. POD
• Related containers together
• Share same IP, port space & storage
etc.
• It’s a single unit for all practical
purposes
Code & Demo: Pod - create and destroy
Pod
nginx
monolith
NFSiSCSIGCE
10.10.1.100
16. DEPLOYMENT
• Drive desired state
• Maintain desired POD instances
• Enable deployment mechanisms
such as rolling deploy, Canary,
pause/resume etc.
Deployment
ReplicaSet
Pod
19. SERVICES
• Provide a fixed endpoint for PODs irrespective of
deletion/movement/modification of POD
• Expose services/endpoints to outside cluster or to world
• Services utilize labels to target PODs to represent
20. SERVICE TYPES
ExternalName (Kubenretes 1.5 onwards)
• Maps to a external provided CNAME like service.orgname.com
ClusterIP (Default)
• Exposes service only within cluster
NodePort
• Creates a ClusterIP + exposes the same port on every node/host. This is typically used if
you want to use an external loadBalancer
LoadBalancer
• NodePort+Creates a LB in cloud provider (Such as ELB) and points to respective ports
24. SECRETS & CONFIG MAPS
• Secrets
• Deliver sensitive data to intended target
• ConfigMap
• Configuration properties
25. NAMESPACES & NODES
• Namespaces
• Logically separate cluster
• Nodes
• Info about nodes
26. MORE TYPES
Volume types for
handling persistent data.
They interact with cloud
provider's storage.
StatefulSet - for
maanging clusters with
strong identity
requirements (Kafka,
Elastic, Zookeeper etc.)
DaemonSet - things
which need to run on a
set or all nodes of cluster.
For example logging
agents or
Job - ensures a certain
number of PODs execute
the process and upon
completion terminates.
(For batch jobs)
27. HELM - PACKAGE MANAGER FOR KUBERNETES
• Helm is a package manager for Kubernetes
• Tiller - Repo Server
• Chart - a package
• Helm is the client for Tiller
• Charts are in a repo (Typically some Git repo)
• A chart - is set of manifests
• The values can be defaulted to or overridden as input from user
• A chart is released as a release so that it can be tracked.
28. HELM ON MY MACHINE
• Configure ~/.kube/config file - verify with kubectl
• ‘helm init’ - initializes all directories and standard repo
• helm search WordPress
• helm install --name cc-release stable/wordpress
30. RESOURCES
• The workshop material & codelabs at
https://github.com/GoogleCloudPlatform/kubernetes-
workshops
• http://kubernetesbyexample.com
• info.rancher.com/deploying-scaling-kubernetes-ebook
31. Scalable Microservices with Kubernetes
https://www.udacity.com/course/scalable-microservices-with-kubernetes--ud615
Docker is running on every host
Node Components:
Kublet: manages the containers on that node and their storage, images etc.
Kube-proxy - A simple proxy which is running a load balancer. Does TCp/UDP forwarding in simple RoundRObin fashion.
Master Components (Might be on same node or different based on HA setup etc.)
Etcd: Config data storage and events for changes in dataKube
API Server: API layer with different components/plugins
Scheduler: Works on scheduling & rescheduling a container to a node
Controller manager server: There are various controllers like node controller does node management, endpoint controller takes care of exposing endpoints etc.
Co-located set of containers
One or more containers which need to run together -context they share the same storage, and a shared
They share the IP and port space and are reachable to each other via localhost.
They are always scheduled and handled together. The scaling applies to all containers in a POD
PODs must not be created directly even if you just need one - why? We will know in next one
Liveness probe & readiness probe
RC
Manages lifecycles of PODs. Ensures “n” instances of POD are always running (If less, increase. If more, kill)
If a POD gets deleted from a replicas=3, another one is created.
Even is a host machine/node gets terminated, RC will ensure that the PODs are scheduled elsewhere
Selects the PODs which should be part of replica based on labels
ReplicaSet is next generation of ReplicationController with additional features
Deployment type is the current preferred method, which also provides:
Rolling Deployment Strategy & Canary releasing
MaxSurge & MaxUnavailable parameters to control the rolling deployment
kubectl set image deployment/hello hello=kelseyhightower/hello:2.0.0
A way of tagging containers with information which may be useful for whole lifecycle
Think of them as roles - these are all my databases and these are my billing apps
Selector leverages lables to classify - which is leveraged by Service, ReplicationController and even for querying
Some objects support set based selectors (ReplicaSet, Job etc.)
Secrets
Secrets are meant to handle sensitive data - passwords etc. Although at the moment only B64 encoding is supported.
Once a secret is created, it can be used in one of three ways:
As an environment variable inside a container. The referenced secret’s variable are set as environment variable.
As a file mount inside the container - mounts the decoded data inside the container.
As a ‘imagePullSecret’ - which is used to fetch image from a private image registry.
Node
Nodes (Earlier called minions) as such are not created by Kubernetes - they are only managed
Node controller manages lifecycle and monitors health of node and talks to underlying cloud provider to take appropriate action
NameSpace
A logical space within same cluster. Default cluster is “default”
Good for organizing multiple teams/projects/units within same cluster.DNS names are appended by namespace names
If you want a more in-depth overview (plus extra goodies like interviews with the former Cloud Architect of Netflix, Adrian Cockcroft, and code walkthroughs from Google’s Kelsey Hightower), go check out Udacity and Google’s free Kubernetes course: Scalable Microservices with Kubernetes.(The trailer is embedded in the slide -- feel free to play it.)