Kuber-What?! Learn About Kubernetes Webinar Slides

Kuber-what?! Learn about Kubernetes

Ashley Roach, Principal Engineer Evangelist [email protected] @aroach Agenda

• Objectives • A brief primer on containers • The problems with running containers at scale • Orchestration systems • Kubernetes background • Pods, Deployments, Services, Ingress • Cisco tie-ins

App 1 App 2

App 1 App 2 Bins/Libs Bins/Libs

Bins/Libs Bins/Libs Guest OS Guest OS Docker Engine

Hypervisor / Host OS Host OS

Server Server

app1 Manual RPM app2 app1 DEB app2 Puppet app3 app3 app3 app1 app1 app 2 app2 /usr /etc /bin /usr /etc /bin /usr /etc /bin Baked container Container 1 / Container 2 / images. Server One. / Server One.

app1 app1 app 2 app2 /usr /etc /bin /usr /etc /bin

Manual RPM DEB / / Puppet (Treat as servers) VM one VM two

OR Bake Images (AMI / Packer) Hypervisor Server One.

FROM ubuntu:15.04 COPY . /app RUN make /app CMD python /app/app.py

Web Server

Like Service Comment Service

Application Server

Profile Service Logging Service

Database

Photo Processing Friend Requests

Web front End iOS App Android App

API Service

Team 1 Team 2 Team n

Microservice 1 Microservice 2 … Microservice n

DB1 DB2 … DBn

• Autonomous • Microservice can be upgraded independent of other systems • Microservice can iterate as quickly as it needs • Polyglot application stacks (Technology Heterogenity) • Other microservices are black boxes to other services • Service can be used by other projects in the organization

Container Container Container Docker Engine Docker Engine Docker Engine Linux Kernel Linux Kernel Linux Kernel Host / VM 1 Host / VM 2 Host / VM 3 $ssh host1 host1# docker run container $ssh host2 host2# docker run container $ssh host3 host3# docker run container

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public Container orchestration is a must. Once you’ve built your containers and pushed them. Container Orchestrators manage running containers across a pool of resources for you

Load Balancing

Container Container Container Health Checks Log Aggregation / Access Kubernetes Developer API

$kubectl scale deployment --replicas=3

• Docker Swarm / EE • Apache Marathon • Rancher (seem to be moving towards k8s)

• GIFE • 2015 paper from Google: https://research.google.com/pubs/pub43438.html • Engineers who worked on Borg now work on Kubernetes: http://blog.kubernetes.io/2015/04/borg-predecessor-to- kubernetes.html • Lessons Learned: • Multi-Job services could not be managed as a single entity • One IP address per Machine

• Container Orchestration • Keeping your containers up, scaling them, routing traffic to them • Kubernetes != Docker though K8S uses Docker (or CoreOS rkt)

• MiniKube (local workstation) • Installers (on-prem, hybrid, custom) • Kops (part of core kubernetes.io github) • Kubespray (Ansible + Terraform) • Etc, etc… • Cloud • Google Container Engine (GKE J) • Azure Container Service • Amazon EKS • Etc…

• Step-by-step tutorial of how to assemble a kubernetes cluster

• https://github.com/kelseyhightower/kubernetes-the-hard-way

• Kubectl & ~/.kube/config • Minikube CLI • The Real Way™: CI system

Kubernetes Registry

CI/CD

Persistence

Pods Deployments Services Ingress

• Group of one or more containers, shared storage, and options for how to run the containers • Share IP address and port space • Atomic unit of management

Source: http://kubernetes.io/docs/user-guide/pods/

• Rolling upgrades • Declare intent: How many replicas should be running of a given pod? • Namespace • Labels • Ports that should be exposed

• Abstraction for the mortality of Pods • Provide single stable name and address for a set of pods inside the cluster (aka service discovery).

Source: http://kubernetes.io/docs/user-guide/services/

• Abstraction for services • An Ingress is a set of rules for directing inbound traffic to a service. • An Ingress Controller is a service that listens for the creation of new services and does reverse proxy (nginx, traefik, f5 loadbalancer)

See: http://kubernetes.io/docs/user-guide/ingress/

# k8s/dev/api-deployment.yaml apiVersion: extensions/v1beta1 kind: Deployment metadata: name: rest-api-swagger spec: replicas: 2 template: metadata: labels: app: rest-api-swagger spec: containers: - name: rest-api-swagger image: ciscodevnet/rest-api-swagger:latest ports: - containerPort: 10010

# k8s/services/api-service-lb.yaml kind: Service apiVersion: v1 metadata: name: rest-api-swagger spec: type: LoadBalancer # or NodePort, etc. ports: - name: http port: 8080 targetPort: 10010 protocol: TCP selector: app: rest-api-swagger

$ kubectl apply -f k8s/dev/api-deployment.yaml $ kubectl apply -f k8s/services/api-service-lb.yaml $ kubectl describe deployment $ kubectl describe service rest-api-swagger $ kubectl delete -f k8s/dev/api-deployment.yaml $ kubectl delete -f k8s/services/api-service-lb.yaml

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public Drone CI kubectl deployment deploy: k8s: image: containers.ex.com/devnet/drone-kubectl apiserver: https://your-gke-api-endpoint #kubectl cluster-info token: $$K8S_TOKEN commands: - 'kubectl apply -f k8s/services/*.yaml’ - 'kubectl apply -f k8s/dev/*.yaml --record’ - 'kubectl describe service ${SERVICE_NAME}’ when: branch: master

• Google-Cisco Partnership • Soon to be released Cisco Container Platform allows simple management of multiple kubernetes clusters aimed at enterprise hybrid cloud. • On-premises, Cisco’s hyper-converged platform, Cisco HyperFlex, will provide a cloud-ready solution for Kubernetes and containers, and management tools to enforce security and consumption policies. • Developers will be able to create new applications in the cloud or on- premises consistently using the same tools, runtime and production environment. • And more… • Contiv • Container Networking Interface plugin • Ties into ACI for policy-based controls

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public Connect with me

Ashley Roach • [email protected] • @aroach • http://github.com/aroach • http://linkedin.com/in/ashleyroach Cisco DEVNET • @CiscoDevNet • http://github.com/CiscoDevNet