Kubernetes in 20 minutes - HDE Monthly Technical Session 24

Kubernetes in 20 minutes

HDE Monthly Technical Session July 22, 2016

Daisuke Maki @lestrrat

Netscape Navigator

Kubernetes

κυβερνήτης

“Something to do with containers…?

•You know about containers •You know about orchestration •You know about the painful art of deploying stuff

Assumptions

Docker

“Random containers doing their own sh*t”

Compose

“Foreman on Acid”

“Clustering and Discovery” (hey, we’re getting somewhere!)

“Batteries Included”

K8s on GCP

GKE GCE Networking

…and others

Basic Concepts

Hosts running k8s daemons

Node

kubelet

Node

kubelet

Node

kubelet

Master

Scheduler

etc..

API

Basic unit of deployment in k8s

Group of Containers

Container configurations

Shared storage

Pod

container

Pod

container

container

Pod

container

container

container

Pod

container

container

container

nginx

app

redis/cache

e.g.

Scheduled together(“co-scheduled”)

Guaranteed to be on the same node

(“co-located”)

Node NodeNode

Node NodeNode

Depends on each node’s resource availability and each pod’s resource requirements

Node Node

container

container

container

Node Node

container

container

container

This will NEVER happen

Miscellaneous

• Each pod has its own IP address • Pods are expected to be stateless

Replica Set

Keeps track of Pod replicas

Replica Setreplicas: 3template:


A


A B


CA B


A B


A B D

Deployment

Manages Replica Set state transitions

Deploymentreplicas: 3template:


Replica Set A

replicas: 3template:


Replica Set A


Change some settings, please!


Replica Set A


2Change some settings,

please!


Replica Set A


Replica Set B



please!


Replica Set B



please!

Keeps track of state change history


Areplicas: 3template:



Change some settings, please!




please!



Breplicas: 2template:


please!




please!



2Oh wait, I actually

didn’t want to do that…





3





rollback

3





rollback


3





3

Services

Logical set of Pods(and ways to access them)

Pod 10.0.96.2

Pod 10.0.96.3

Pod 10.0.96.3

Raw Pod Access

Pod 10.0.96.2

Pod 10.0.96.3

Raw Pod Access

Pod 10.0.96.3

role=web

Access Via Service

Pod 10.0.96.4

role=web

Servicematch role=web

Pod 10.0.96.2

role=web

Pod 10.0.96.5

role=db

Access Via Service

Pod 10.0.96.4

role=web


Pod 10.0.96.2

role=web

Pod 10.0.96.5

role=db

Access Via Service

Pod 10.0.96.6

role=web

Pod 10.0.96.4

role=web


Pod 10.0.96.2

role=web

Pod 10.0.96.5

role=db

Secrets

Store pieces of data in k8s

e.g. Identity Information

(securely)

(…in the future)

Secret

key1 → base64 value



Pod

container

volumes

container: volumeMounts: - name: certificates mountPath: /etc/ssl/certs

volumes: - name: certificates secret: secretName: ca-certificates

ConfigMaps

Same as Secrets (Unprotected)

Ingress

Services are for within the cluster only

(New since 1.2)

Inbound connections to internal cluster services

Please checkout my presentation https://docs.google.com/presentation/d/

11ZN6qgiuZZfVyhBK2hjp1vhp_5N0DOGnAmhPreS3L5A/pub?start=false&loop=false&delayms=3000

https://docs.google.com/presentation/d/11ZN6qgiuZZfVyhBK2hjp1vhp_5N0DOGnAmhPreS3L5A/pub?start=false&loop=false&delayms=3000

DaemonSets

Ensure nodes run a copy of a Pod

Node

prometheus-exporter prometheus-exporter prometheus-exporter

Node Node

PetSets

Questions?

Appendix: ECS vs GKE

https://railsadventures.wordpress.com/2015/12/06/why-we-chose-kubernetes-over-ecs/

If you want to play with k8s, I’m doing this entirely on GCP/GKE…

Come Join https://slack-invite-dot-builderscon-1248.appspot.com/

Kubernetes in 20 minutes - HDE Monthly Technical Session 24

Engineering

Transcript of Kubernetes in 20 minutes - HDE Monthly Technical Session 24