day 2 kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · scaling seamlessly...
TRANSCRIPT
![Page 1: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/1.jpg)
© Copyright 2018 Pivotal Software, Inc. All rights Reserved. Version 1.0
Paul CzarkowskiPrincipal Technologist
@pczarkowski github.com/paulczar
Day 2 KubernetesBeyond the install
![Page 2: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/2.jpg)
![Page 3: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/3.jpg)
![Page 4: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/4.jpg)
Who is using Linux Containers ?
![Page 5: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/5.jpg)
Who is using Kubernetes ?
![Page 6: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/6.jpg)
Who is operating Kubernetes ?
![Page 7: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/7.jpg)
> 1 year Kubernetes experience?
![Page 8: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/8.jpg)
![Page 9: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/9.jpg)
![Page 10: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/10.jpg)
People build PlatformsPeople build AppsApps run on Platforms
People are the most important componentof any platform.
![Page 11: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/11.jpg)
“Organizations which design systems ... are
constrained to produce designs which are
copies of the communication structures of
these organizations.” - Conways Law
![Page 12: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/12.jpg)
![Page 13: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/13.jpg)
https://www.slideshare.net/SatnamSingh67/2015-0605-cluster-management-with-kubernetes
![Page 14: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/14.jpg)
InfraServices
AppPlatform
Evolve your IT teams!
Platform Team
ApplicationTeam
Build common servicesfor App Teams
Take business requirements and turn
them into features
IaaS
Virtual Infrastructure
Physical Infrastructure
Abstract infrastructure complexity with easy
consumption
DBaaSELK
App2App1 App3
Middleware
ML
Creds/CertsMessaging
???
Container ServicesContainer Hosts | Kubernetes
InfrastructureTeam
![Page 15: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/15.jpg)
“In general, taking something that’s already working somewhere and expanding its usage (capabilities) is far more likely to succeed than building these capabilities from scratch”
![Page 16: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/16.jpg)
Patches Patching App and System components as CVEs occur
Scaling Seamlessly scale platform components to accommodate changing demand.
Upgrades. How do you roll out new versions of the platform with the lights on?
Operating Effort Operating the platform should require very few resources and minimum manual intervention. Otherwise, you will be spending lots on operational support!
Development The team can make progress in developing new features for the platform
CI/CD CI/CD pipelines drive the testing and promotion of artifacts
Consistency Provide a consistent setup experience, across different environment configurations.
Setup time How long does it take to setup a real world working environment? Think hours, not weeks.
Day 1 - Build Day 2 - Operate & Enhance
![Page 17: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/17.jpg)
Architecture
![Page 18: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/18.jpg)
![Page 19: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/19.jpg)
![Page 20: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/20.jpg)
API Server
Kube Scheduler
K8s Master
Controller Manager
Etcd
K8s Worker
PodPod
Pod
CNI
Kubelet
Kube-proxy
Docker
![Page 21: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/21.jpg)
API Server
Kube Scheduler
K8s Master
Controller Manager
Kubelet
Kube-proxy
Etcd
K8s Worker
PodPod
Pod
CNI
Docker
Etcd
![Page 22: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/22.jpg)
API Server
Kube Scheduler
K8s Master
Controller Manager
Etcd
K8s Worker
PodPod
Pod
CNI
Kubelet
Kube-proxy
Docker
![Page 23: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/23.jpg)
API Server
Kube Scheduler
K8s Master
Controller Manager
Etcd
Kubelet
Kube-proxy
K8s Worker
PodPod
Pod
K8s Worker
PodPod
Pod
K8s Worker
PodPod
Pod
CNI CNI CNI
Docker
Kubelet
Kube-proxy
Docker
Kubelet
Kube-proxy
Docker
API Server
Kube Scheduler
K8s Master
Controller Manager
![Page 24: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/24.jpg)
API Server
Kube Scheduler
K8s Master
Controller Manager
Etcd
Kubelet
Kube-proxy
K8s Worker
PodPod
Pod
K8s Worker
PodPod
Pod
K8s Worker
PodPod
Pod
CNI CNI CNI
Docker
Kubelet
Kube-proxy
Docker
Kubelet
Kube-proxy
Docker
API Server
Kube Scheduler
K8s Master
Controller Manager
API Server
Kube Scheduler
K8s Master
Controller Manager
EtcdEtcd
us-tirefire-1a us-tirefire-1b us-tirefire-1c
![Page 25: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/25.jpg)
High Availability
![Page 26: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/26.jpg)
API Server
Kube Scheduler
K8s Master
Controller Manager
Etcd
Kubelet
Kube-proxy
K8s Worker
PodPod
Pod
K8s Worker
PodPod
Pod
K8s Worker
PodPod
Pod
CNI CNI CNI
Docker
Kubelet
Kube-proxy
Docker
Kubelet
Kube-proxy
Docker
![Page 27: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/27.jpg)
API Server
Kube Scheduler
K8s Master
Controller Manager
Etcd
Kubelet
Kube-proxy
K8s Worker
PodPod
Pod
K8s Worker
PodPod
Pod
K8s Worker
PodPod
Pod
CNI CNI CNI
Docker
Kubelet
Kube-proxy
Docker
Kubelet
Kube-proxy
Docker
API Server
Kube Scheduler
K8s Master
Controller Manager
![Page 28: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/28.jpg)
API Server
Kube Scheduler
K8s Master
Controller Manager
Etcd
Kubelet
Kube-proxy
K8s Worker
PodPod
Pod
K8s Worker
PodPod
Pod
K8s Worker
PodPod
Pod
CNI CNI CNI
Docker
Kubelet
Kube-proxy
Docker
Kubelet
Kube-proxy
Docker
API Server
Kube Scheduler
K8s Master
Controller Manager
EtcdEtcd
![Page 29: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/29.jpg)
API Server
Kube Scheduler
K8s Master
Controller Manager
Etcd
Kubelet
Kube-proxy
K8s Worker
PodPod
Pod
K8s Worker
PodPod
Pod
K8s Worker
PodPod
Pod
CNI CNI CNI
Docker
Kubelet
Kube-proxy
Docker
Kubelet
Kube-proxy
Docker
API Server
Kube Scheduler
K8s Master
Controller Manager
![Page 30: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/30.jpg)
API Server
Kube Scheduler
K8s Master
Controller Manager
Etcd
Kubelet
Kube-proxy
K8s Worker
PodPod
Pod
K8s Worker
PodPod
Pod
K8s Worker
PodPod
Pod
CNI CNI CNI
Docker
Kubelet
Kube-proxy
Docker
Kubelet
Kube-proxy
Docker
API Server
Kube Scheduler
K8s Master
Controller Manager
EtcdEtcd
![Page 31: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/31.jpg)
http://www.bsielearning.com.au/keep-simple-stupid/
![Page 32: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/32.jpg)
Kubelet
Kube-proxy
K8s Worker
PodPod
Pod
K8s Worker
PodPod
Pod
K8s Worker
PodPod
Pod
CNI CNI CNI
Docker
Kubelet
Kube-proxy
Docker
Kubelet
Kube-proxy
Docker
API Server
Kube Scheduler
K8s Master
Controller Manager
EtcdEtcd
![Page 33: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/33.jpg)
Deployment
![Page 34: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/34.jpg)
![Page 35: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/35.jpg)
How toGet an
Kubernetes
Are you in the
“cloud”?
yes
Which cloud ?
GKEAKS EKS
Azure
Amazon
Do you want help?
no
GLHF
Pivotal Container Service…...
https://kubernetes.io/partners
no
yes
Other
A laptop ?
minikube
no
yes
![Page 36: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/36.jpg)
![Page 37: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/37.jpg)
Infrastructure
Compute Network Monitoring
Security Storage
Kubernetes Cluster
vSphere NSX Wavefront
NSX Datastores
Load Balancer
Storage Requirements
Availability Zone
Security Policy
Application Metrics
![Page 38: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/38.jpg)
![Page 39: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/39.jpg)
https://docs-cfcr.cfapps.io/
https://github.com/openshift/origin
https://github.com/kubernetes-incubator/kubespray
![Page 40: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/40.jpg)
Kubespray https://github.com/kubernetes-incubator/kubespray
● Ansible based, so very approachable● An official Kubernetes (incubator) project● Good support for CNIs and Cloud Providers● Combine with one of the Ansible Hardening projects
○ https://github.com/dev-sec/ansible-os-hardening○ https://github.com/openstack/ansible-hardening
![Page 41: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/41.jpg)
gitops
● Deployed Platform == code repo + environment repo○ Ansible - Playbook + Inventory○ Bosh - Release + Manifest
● Keep it all in git!○ Fork upstream repo… if only to ensure it doesn’t get changed from under you○ Inventory/Manifest is probably YAML … perfect to be stored in git.○ One repo for all envs, or a repo per env … either is fine.
● Consider using a gitops focussed wrapper around ansible○ Ursula-cli (https://github.com/blueboxgroup/ursula-cli)○ Gosible (https://github.com/paulczar/gosible)○ Molecule (https://github.com/metacloud/molecule)
● Use Jenkins or similar to run tests, deploy test envs, push to prod???○ But probably not full on Continuous Delivery … risks are very high!
![Page 42: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/42.jpg)
Validate and Backup
Validate your Kubernetes cluster is conformant!https://github.com/heptio/sonobuoy
Backup your Kubernetes cluster state!
https://github.com/heptio/ark
![Page 43: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/43.jpg)
Upgrades
![Page 44: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/44.jpg)
API Server
Kube Scheduler
K8s Master
Controller Manager
Etcd
K8s Worker
PodPod
Pod
CNI
Kubelet
Kube-proxy
Docker
![Page 45: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/45.jpg)
API Server
Kube Scheduler
K8s Master 1.10
Controller Manager
Etcd
Kubelet
Kube-proxy
K8s Worker 1.10
PodPod
Pod
K8s Worker 1.10
PodPod
Pod
K8s Worker 1.10
PodPod
Pod
CNI CNI CNI
Docker
Kubelet
Kube-proxy
Docker
Kubelet
Kube-proxy
Docker
API Server
Kube Scheduler
K8s Master 1.10
Controller Manager
API Server
Kube Scheduler
K8s Master 1.10
Controller Manager
EtcdEtcd
us-tirefire-1a us-tirefire-1b us-tirefire-1c
![Page 46: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/46.jpg)
API Server
Kube Scheduler
K8s Master 1.10
Controller Manager
Etcd
Kubelet
Kube-proxy
K8s Worker 1.10
PodPod
Pod
K8s Worker 1.10
PodPod
Pod
K8s Worker 1.10
PodPod
Pod
CNI CNI CNI
Docker
Kubelet
Kube-proxy
Docker
Kubelet
Kube-proxy
Docker
API Server
Kube Scheduler
K8s Master 1.10
Controller Manager
API Server
Kube Scheduler
K8s Master 1.10
Controller Manager
EtcdEtcd
us-tirefire-1a us-tirefire-1b us-tirefire-1c
API Server
Kube Scheduler
K8s Master 1.11
Controller Manager
![Page 47: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/47.jpg)
API Server
Kube Scheduler
K8s Master 1.11
Controller Manager
Etcd
Kubelet
Kube-proxy
K8s Worker 1.10
PodPod
Pod
K8s Worker 1.10
PodPod
Pod
K8s Worker 1.10
PodPod
Pod
CNI CNI CNI
Docker
Kubelet
Kube-proxy
Docker
Kubelet
Kube-proxy
Docker
API Server
Kube Scheduler
K8s Master 1.10
Controller Manager
API Server
Kube Scheduler
K8s Master 1.10
Controller Manager
EtcdEtcd
us-tirefire-1a us-tirefire-1b us-tirefire-1c
![Page 48: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/48.jpg)
API Server
Kube Scheduler
K8s Master 1.11
Controller Manager
Etcd
Kubelet
Kube-proxy
K8s Worker 1.10
PodPod
Pod
K8s Worker 1.10
PodPod
Pod
K8s Worker 1.10
PodPod
Pod
CNI CNI CNI
Docker
Kubelet
Kube-proxy
Docker
Kubelet
Kube-proxy
Docker
API Server
Kube Scheduler
K8s Master 1.11
Controller Manager
API Server
Kube Scheduler
K8s Master 1.11
Controller Manager
EtcdEtcd
us-tirefire-1a us-tirefire-1b us-tirefire-1c
![Page 49: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/49.jpg)
API Server
Kube Scheduler
K8s Master 1.11
Controller Manager
Etcd
Kubelet
Kube-proxy
K8s Worker 1.11
PodPod
Pod
K8s Worker 1.10
PodPod
Pod
K8s Worker 1.10
PodPod
Pod
CNI CNI CNI
Docker
Kubelet
Kube-proxy
Docker
Kubelet
Kube-proxy
Docker
API Server
Kube Scheduler
K8s Master 1.11
Controller Manager
API Server
Kube Scheduler
K8s Master 1.11
Controller Manager
EtcdEtcd
us-tirefire-1a us-tirefire-1b us-tirefire-1c
![Page 50: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/50.jpg)
API Server
Kube Scheduler
K8s Master 1.11
Controller Manager
Etcd
Kubelet
Kube-proxy
K8s Worker 1.10
PodPod
Pod
K8s Worker 1.10
PodPod
Pod
K8s Worker 1.10
PodPod
Pod
CNI CNI CNI
Docker
Kubelet
Kube-proxy
Docker
Kubelet
Kube-proxy
Docker
API Server
Kube Scheduler
K8s Master 1.11
Controller Manager
API Server
Kube Scheduler
K8s Master 1.11
Controller Manager
EtcdEtcd
us-tirefire-1a us-tirefire-1b us-tirefire-1c
![Page 51: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/51.jpg)
API Server
Kube Scheduler
K8s Master 1.11
Controller Manager
Etcd
Kubelet
Kube-proxy
K8s Worker 1.11
PodPod
Pod
K8s Worker 1.11
PodPod
Pod
K8s Worker 1.11
PodPod
Pod
CNI CNI CNI
Docker
Kubelet
Kube-proxy
Docker
Kubelet
Kube-proxy
Docker
API Server
Kube Scheduler
K8s Master 1.11
Controller Manager
API Server
Kube Scheduler
K8s Master 1.11
Controller Manager
EtcdEtcd
us-tirefire-1a us-tirefire-1b us-tirefire-1c
![Page 52: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/52.jpg)
Operations
![Page 53: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/53.jpg)
Monitoring / Logging - The Platform
Server Agents
● Install as binaries / containers on the underlying OS
● No chicken and egg problems
● Extra devops toil (config management etc)
● Direct access to system metrics and logs
● Can use existing tools / processes
Daemonsets
● Run in Kubernetes on each node as daemonset
● If Kubernetes is broken, will the monitoring daemonset be broken ?
● Have to be able to dockerize the agent
● Privileged containers / host volumes to access system metrics and logs
● Masters also have to be workers or can’t run daemonset on them.
![Page 54: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/54.jpg)
Monitoring / Logging - Workloads
Kubernetes Metrics API
● Basic point in time pod/node metrics
● $ kubectl top {node,pod}
● Adaptors for Prometheus / Graphite / etc
Kubernetes logging
● Kubernetes configures docker to log all Pod stdout/sterr to a file
● $ kubectl logs <name-of-pod>
● Need daemonset or agent to read k8s logs from filesystem
● EFK - Elastic, Fluent, Kibana
![Page 55: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/55.jpg)
Authentication / Access Control
● Node vs ABAC vs RBAC● Service Accounts - managed inside kubernetes● User Accounts - managed outside kubernetes
○ OpenID Connect■ Ldap / AD■ Oauth2■ Etc
● Secure your Kubernetes Dashboard silly! ○ Everything is TLS encrypted …. Right ?
$ kubectl auth can-i create deployments --namespace devyes$ kubectl auth can-i create deployments --namespace prodno
![Page 56: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/56.jpg)
Value!!
![Page 57: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/57.jpg)
● Leverage features in modern cloud platforms
○ Blue/Green deploys○ Auto-healing○ Auto-scaling○ Advanced routing/networking
automation● Design and build based on known
Cloud Native patterns● Longer term investment in the application● Likey you need access to the code● Plus everything mentioned in
“replatforming”
● Lift and Shift with “just enough modernization”● You may not have access to the code● Revisit decisions made in Greenfield time
○ Around CI/CD process● Get some quick wins through platform
capabilities○ Reduced operating and infrastructure
cost○ Improved speed to deploy & scale○ Faster patching of kernel level
vulnerabilities
Replatforming vs Modernization for PKS
Lift & Shift / Replatforming Modernization
![Page 58: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/58.jpg)
TIME MethodologyTE
CH
NIC
AL
QU
ALI
TY
BUSINESS VALUEWORSE BETTER
WO
RSE
BET
TER Tolerate Invest
MigrateEliminate
* Gartner’s TIME methodology for Application Portfolio Rationalization
TECHNICAL QUALITY - Technical Debt Level BUSINESS VALUE - Revenue / Cost Impact
Identify top 10s list
![Page 59: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/59.jpg)
APP
APP
APP
APP
1Identify 5-10 apps confirmed as suitable to run on PKS 2
Work on a short project to push a few apps all the way to prod and measure the ROI metrics
Samp
le Too
l Ch
ain
Gitlab Concourse
![Page 60: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/60.jpg)
PLATFORM VALUE STREAM AND METRICS
REPLATFORM > MODERNIZE > OPTIMIZE
ESTABLISH, MEASURE AND UPDATE KEY OBJECTIVES AND RESULTS (OKRs)
SPEED & AGILITY STABILITY
SCALABILITY SAVINGS
$SECURITY
40-60%*More Projects With Same Staff
MillionsAnnual Savings on HW, SW and Support
25-50%*Fewer Support Incidents
40%*Faster Patching Delivery @ Zero Downtime
-90%*Time to Scale
$
$
%
How We Think about the Business Case
![Page 61: Day 2 Kubernetes - on.notist.cloud › pdf › deck-b934b3b290e70990.pdf · Scaling Seamlessly scale platform components to accommodate changing demand. Upgrades. How do you roll](https://reader033.vdocuments.us/reader033/viewer/2022053017/5f1a1a92f115327148702a88/html5/thumbnails/61.jpg)
Transforming How The World Builds Software
© Copyright 2018 Pivotal Software, Inc. All rights Reserved.