SlideShare ist ein Scribd-Unternehmen logo

Kubernetes - What? Why? How

Elad Hirsch
Elad Hirsch

In this session we'll discuss some of Kubernetes' basic concepts and talk about the architecture of the system, the problems it solves, and the model that it uses to handle containerized deployments and scaling.

Technologie
1 von 58
Contents Why even bother Containers Container Orchestrators Kubernetes - What? Why? How? Kubernetes - The details Extending Kubernetes Relation status - it’s complicated Going forward
Let’s define players Service based Event driven Open API No infra management Managed security Pay only for usage Developer Operator
Containers
Container - What's in a name? Coming from the shipping industry Caused aquatic theme for domain
Shipping containers Portability - can be used on any of supported types of ships Wide variety of cargo that can be packed inside Standard sizes - standard fittings on ships Many containers on a ship Isolates cargo from each other
Translated to software Portability - can be used on any supported system (system with container execution environment) Wide variety of software that can be packed inside Standard format Many containers to a physical node Isolates execution of one container from another
What is a container? way to pack code and dependencies together can run anywhere execute multiple containers to a physical machine
Sounds familiar? same concept as virtual machines pack OS and software together, to run in isolated instances can run anywhere the specific hypervisor runs multiple VMs to a physical machine
How do VMs work? hypervisor = layer between VM and kernel emulates system calls allows multiple types of operating systems on a machine (Windows on Linux) overhead for hypervisor
Containers on the other hand ... only contain application and application-related libraries and frameworks, that run on the host machine's kernel smaller lower overhead differences in OS distributions and dependencies are abstracted - same kernel
Working together, not against each other Windows on Linux possible only with VMs older software needs to be adapted to be run as containers (and won't) usage of VMs as a medium for containers (better isolation and easier scaling)
Greater modularity in software Monolithic application → independent services that interact (microservices)
Containers empowering microservices quicker start times -> easy to prototype or scale allow work to be done independently on modules -> independent releases for components (take care of interfaces) isolated and abstracted runtime environments, that can be tailored for each module shared runtime environment, for heterogeneous applications
Containers history – early days need for resources to be shared among many users -> multiple terminals connected to the same mainframe main problem - execution can cause the main computer to crash -> down for everybody
Containers history – Linux containers (lxc) 2008 Provides virtualization at OS level Provides containers with its own process and network space
Containers history – Docker 2013 Container execution and management system Originally started with lxc, then moved to libcontainer, which allows containers to work with: • linux namespaces • libcontainer control groups • capabilities • app armor security profiles • network interfaces • firewall rules
Containers history – OCI & CNCF Open Container Initiative – 2015 industry format for a container format and container runtime software for all platforms spend resources on developing additional software to support use of standard containers, instead of format alternatives Cloud Native Container Foundation – 2015 Working on different projects to further standardize the market: • Kubernetes • Container Network Interface • Containerd
Container orchestration
Need for something more? docker started out with a CLI tool on top of lxc, that built, created, started, stopped and exec'd containers does management at a node level, upon specific requests easy to manually manage with up to 100s of containers and 10s of nodes, but what next?
Orchestrator manage and organize both hosts and docker containers running on a cluster main issue - resource allocation - where can a container be scheduled, to fulfill its requirements (CPU/RAM/disk) + how to keep track of nodes and scale
Some orchestrator tasks manage networking and access track state of containers scale services do load balancing relocation in case of unresponsive host service discovery attribute storage to containers
Orchestrator options Kubernetes – open-source, product of CNCF Apache Mesos – cluster management tool, with container orchestration being only one of the things it can do, originally through a plugin called Marathon Docker Swarm – integrated in docker container platform
Lately ... Mesos announced Kubernetes support as container orchestration, alongside Marathon Docker Enterprise Edition - integration with Kubernetes alongside Swarm → Kubernetes becoming the de-facto standard for container orchestration (allowing developers to focus on building on top instead of alternatives)
Kubernetes – What? Why? How?
What is Kubernetes? “Kubernetes” = Greek for governor, helmsman, captain open-source container orchestration system originally designed by Google, maintained by CNCF aim to provide "platform for automating deployment, scaling and operations of application containers across clusters of hosts"
Why Kubernetes? - Goals Main objectives, stated by devs, for community Achieve velocity Allow scaling of both software and teams Present abstract infrastructure Gain efficiency
Achieve velocity Velocity = number of things you ship while maintaining a highly available service Achieved by: • immutability - created artifact cannot be changed • declarative configuration - declare desired state and Kubernetes' job is to ensure it matches • self-healing systems - trying to maintain desired states if something changes
Allow scaling of software encouraging decoupling in applications - separated components that communicate via defined APIs via load-balanced services running in shared abstract environment, without interference utilizing standard container format that runs on any machine
Allow scaling of teams separation of concerns for consistency and scaling • application ops rely on the SLA provided by the platform • orchestrator ops uphold SLA
Present abstract infrastructure decoupling container images and machines cluster can be heterogeneous and reduce overhead and cost portability - container can be used on another cluster without being changed
Gain efficiency optimized usage of physical machines - multiple containers on same machine isolated with namespaces, to not interfere with each other
Kubernetes - the details
Container image format layered format, allowing to inherit from lower levels and to modify them by adding, changing or removing files using unified file system that allows this layering issue – deleted file remains in older layers image size bigger and build time longer -> development of better tools
Running a container image provides the filesystem base for execution configuration, to interoperate with the rest of the system – environment variables, CPU/RAM requirements, process to execute, ports to expose, etc.
Kubernetes and containers Can you deploy a container in Kubernetes? NO (not directly) Why not? Because the smallest deployable unit of computing is not a container, but ...
Pod smallest deployable unit of computing in Kubernetes colocated multiple apps(containers) into a single atomic unit, scheduled onto a single machine upon creation, statically allocated to a certain node
Pod each container runs in its own cgroup (CPU + RAM allocation), but they share some namespaces and filesystems, such as: • IP address and port space • same hostname • IPC channels for communication
So, why a pod and not container directly? all or nothing approach for a group of symbiotic containers, that need to be kept together at all times pod considered running if all containers are scheduled and running Can you deploy a container in Kubernetes? Yes, inside a pod!
Service abstraction which defines a logical set of Pods (selected using label selector), that provide the same functionality (same microservice) different types, for different types of exposure provided by the service
Deployment manages replica set through time and versions for pod spec scale != version update using health checks, makes sure a new version works allows rollbacks to older versions (keeps track of changes)
Deployment strategies - recreate all previous pods are destroyed and new pods are created quickest downtime while new pods start in case of problems and rollback, even more downtime
Kubernetes - next steps
Soooo many things to configure :( at least one controller some services some configMaps and Secrets preallocate persistentVolumes or create storage class for dynamic provisioning
Solution: another level of abstraction higher-level controller that can manage lower-level elements for the moment, not included in Kubernetes ... YET! BUT can be added, through third-party controllers
What is Helm? package manager for Kubernetes provides higher-level abstraction (Chart) to configure full-fledged applications manage complexity, easy upgrades, simple sharing of full application setups, safe rollbacks
How does Helm work? Helm CLI + Tiller server in Kubernetes (which is a controller) CLI responsible for management + requests for releases of charts on Kubernetes Tiller - listens for requests, combines chart + configuration = release, install release, track release
Helm++ Helm release controller - current Lentiq way to manage applications expose HelmRelease as a CRD (custom resource definition) in Kubernetes, to work directly with Kubernetes to manage apps
What are Operators? domain-specific controller manages lifetime of a single application works with Kubernetes primitives, as well as performing application-specific steps
Operators pre and post provision hooks, for application-specific operations single tool to perform all management (kubectl) work in a scalable, repeatable, standard fashion improve resiliency while reducing burden on IT teams
Relation status - it’s complicated Write Build a container image Deploy the application Expose at an endpoint Request-level load balancing Set up SSL/TLS Scale up based on demand Scale down to zero Canary deployments Monitor metrics
Cloud native stack
What Kubernetes missing ? Source-to-URL deploys Canary deployments, rollouts/rollbacks Kubernetes needs container images built/pushed Kubernetes has no notion of immutable revisions to cleanly rollback Manage application traffic Kubernetes cannot natively split traffic (lack of L7 HTTP load balancing) Out-of-the box monitoring Kubernetes doesn’t provide monitoring signals beyond CPU/memory Scale-to-zero Kubernetes cannot do natively
Going forward More projects will natively support k8s CockroachDB - A database architected and built for Kubernetes SiSense BI engine rewritten in k8s) More business scenarios (KubeFlow - Running ML/DS pipeline) Go serverless (Knative ,kubeless) Lightweight k8s (k3s - running on edge devices) Advanced k8s management systems (Multi cloud ,Backup and restore ,Security)
Q&A

Empfohlen

Jenkins 1
Jenkins 1Jenkins 1
Jenkins 1Elad Hirsch
 
Photon Controller: An Open Source Container Infrastructure Platform from VMware
Photon Controller: An Open Source Container Infrastructure Platform from VMwarePhoton Controller: An Open Source Container Infrastructure Platform from VMware
Photon Controller: An Open Source Container Infrastructure Platform from VMwareDocker, Inc.
 
Kubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation SlidesKubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation SlidesSlideTeam
 
Ultimate Guide to Microservice Architecture on Kubernetes
Ultimate Guide to Microservice Architecture on KubernetesUltimate Guide to Microservice Architecture on Kubernetes
Ultimate Guide to Microservice Architecture on Kuberneteskloia
 
NetflixOSS for Triangle Devops Oct 2013
NetflixOSS for Triangle Devops Oct 2013NetflixOSS for Triangle Devops Oct 2013
NetflixOSS for Triangle Devops Oct 2013aspyker
 
Kubernetes - Sailing a Sea of Containers
Kubernetes - Sailing a Sea of ContainersKubernetes - Sailing a Sea of Containers
Kubernetes - Sailing a Sea of ContainersKel Cecil
 
What Is Kubernetes | Kubernetes Introduction | Kubernetes Tutorial For Beginn...
What Is Kubernetes | Kubernetes Introduction | Kubernetes Tutorial For Beginn...What Is Kubernetes | Kubernetes Introduction | Kubernetes Tutorial For Beginn...
What Is Kubernetes | Kubernetes Introduction | Kubernetes Tutorial For Beginn...Edureka!
 
Microservices, Kubernetes and Istio - A Great Fit!
Microservices, Kubernetes and Istio - A Great Fit!Microservices, Kubernetes and Istio - A Great Fit!
Microservices, Kubernetes and Istio - A Great Fit!Animesh Singh
 

Empfohlen

Jenkins 1
Jenkins 1Jenkins 1
Jenkins 1Elad Hirsch
 
Photon Controller: An Open Source Container Infrastructure Platform from VMware
Photon Controller: An Open Source Container Infrastructure Platform from VMwarePhoton Controller: An Open Source Container Infrastructure Platform from VMware
Photon Controller: An Open Source Container Infrastructure Platform from VMwareDocker, Inc.
 
Kubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation SlidesKubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation SlidesSlideTeam
 
Ultimate Guide to Microservice Architecture on Kubernetes
Ultimate Guide to Microservice Architecture on KubernetesUltimate Guide to Microservice Architecture on Kubernetes
Ultimate Guide to Microservice Architecture on Kuberneteskloia
 
NetflixOSS for Triangle Devops Oct 2013
NetflixOSS for Triangle Devops Oct 2013NetflixOSS for Triangle Devops Oct 2013
NetflixOSS for Triangle Devops Oct 2013aspyker
 
Kubernetes - Sailing a Sea of Containers
Kubernetes - Sailing a Sea of ContainersKubernetes - Sailing a Sea of Containers
Kubernetes - Sailing a Sea of ContainersKel Cecil
 
What Is Kubernetes | Kubernetes Introduction | Kubernetes Tutorial For Beginn...
What Is Kubernetes | Kubernetes Introduction | Kubernetes Tutorial For Beginn...What Is Kubernetes | Kubernetes Introduction | Kubernetes Tutorial For Beginn...
What Is Kubernetes | Kubernetes Introduction | Kubernetes Tutorial For Beginn...Edureka!
 
Microservices, Kubernetes and Istio - A Great Fit!
Microservices, Kubernetes and Istio - A Great Fit!Microservices, Kubernetes and Istio - A Great Fit!
Microservices, Kubernetes and Istio - A Great Fit!Animesh Singh
 
Why kubernetes matters
Why kubernetes mattersWhy kubernetes matters
Why kubernetes mattersPlatform9
 
DCEU 18: Docker Enterprise Platform and Architecture
DCEU 18: Docker Enterprise Platform and ArchitectureDCEU 18: Docker Enterprise Platform and Architecture
DCEU 18: Docker Enterprise Platform and ArchitectureDocker, Inc.
 
Building Your Docker Swarm Tech Stack
Building Your Docker Swarm Tech StackBuilding Your Docker Swarm Tech Stack
Building Your Docker Swarm Tech StackBret Fisher
 
DockerCon 15 Keynote - Day 2
DockerCon 15 Keynote - Day 2DockerCon 15 Keynote - Day 2
DockerCon 15 Keynote - Day 2Docker, Inc.
 
Kubernetes Architecture - beyond a black box - Part 1
Kubernetes Architecture - beyond a black box - Part 1Kubernetes Architecture - beyond a black box - Part 1
Kubernetes Architecture - beyond a black box - Part 1Hao H. Zhang
 
Container Orchestration with Docker Swarm and Kubernetes
Container Orchestration with Docker Swarm and KubernetesContainer Orchestration with Docker Swarm and Kubernetes
Container Orchestration with Docker Swarm and KubernetesWill Hall
 
(DEV302) Hosting ASP.Net 5 Apps in AWS with Docker & AWS CodeDeploy
(DEV302) Hosting ASP.Net 5 Apps in AWS with Docker & AWS CodeDeploy(DEV302) Hosting ASP.Net 5 Apps in AWS with Docker & AWS CodeDeploy
(DEV302) Hosting ASP.Net 5 Apps in AWS with Docker & AWS CodeDeployAmazon Web Services
 
Microservices + Events + Docker = A Perfect Trio by Docker Captain Chris Rich...
Microservices + Events + Docker = A Perfect Trio by Docker Captain Chris Rich...Microservices + Events + Docker = A Perfect Trio by Docker Captain Chris Rich...
Microservices + Events + Docker = A Perfect Trio by Docker Captain Chris Rich...Docker, Inc.
 
Zero downtime-java-deployments-with-docker-and-kubernetes
Zero downtime-java-deployments-with-docker-and-kubernetesZero downtime-java-deployments-with-docker-and-kubernetes
Zero downtime-java-deployments-with-docker-and-kubernetesArjan Schaaf
 
DockerCon SF 2015: Ben Golub's Keynote Day 1
DockerCon SF 2015: Ben Golub's Keynote Day 1DockerCon SF 2015: Ben Golub's Keynote Day 1
DockerCon SF 2015: Ben Golub's Keynote Day 1Docker, Inc.
 
7+1 myths of the new os
7+1 myths of the new os7+1 myths of the new os
7+1 myths of the new osAlexis Richardson
 
DCSF19 Container Security: Theory & Practice at Netflix
DCSF19 Container Security: Theory & Practice at NetflixDCSF19 Container Security: Theory & Practice at Netflix
DCSF19 Container Security: Theory & Practice at NetflixDocker, Inc.
 
Docker in Production, Look No Hands! by Scott Coulton
Docker in Production, Look No Hands! by Scott CoultonDocker in Production, Look No Hands! by Scott Coulton
Docker in Production, Look No Hands! by Scott CoultonDocker, Inc.
 
DockerCon SF 2015: Keynote Day 1
DockerCon SF 2015: Keynote Day 1DockerCon SF 2015: Keynote Day 1
DockerCon SF 2015: Keynote Day 1Docker, Inc.
 
DockerCon SF 2015: DHE/DTR
DockerCon SF 2015: DHE/DTRDockerCon SF 2015: DHE/DTR
DockerCon SF 2015: DHE/DTRDocker, Inc.
 
Introduction to Docker - 2017
Introduction to Docker - 2017Introduction to Docker - 2017
Introduction to Docker - 2017Docker, Inc.
 
DCSF19 Docker Containers & Java: What I Wish I Had Been Told
DCSF19 Docker Containers & Java: What I Wish I Had Been ToldDCSF19 Docker Containers & Java: What I Wish I Had Been Told
DCSF19 Docker Containers & Java: What I Wish I Had Been ToldDocker, Inc.
 
DCEU 18: Docker Container Networking
DCEU 18: Docker Container NetworkingDCEU 18: Docker Container Networking
DCEU 18: Docker Container NetworkingDocker, Inc.
 
Docker Meetup at Docker HQ: Docker Cloud
Docker Meetup at Docker HQ: Docker CloudDocker Meetup at Docker HQ: Docker Cloud
Docker Meetup at Docker HQ: Docker CloudDocker, Inc.
 
Cluster management with Kubernetes
Cluster management with KubernetesCluster management with Kubernetes
Cluster management with KubernetesSatnam Singh
 
Kubernetes Immersion
Kubernetes ImmersionKubernetes Immersion
Kubernetes ImmersionJuan Larriba
 
KubernetesPPT.pptx
KubernetesPPT.pptxKubernetesPPT.pptx
KubernetesPPT.pptxRyuzaki360
 

Weitere ähnliche Inhalte

Was ist angesagt?

Why kubernetes matters
Why kubernetes mattersWhy kubernetes matters
Why kubernetes mattersPlatform9
 
DCEU 18: Docker Enterprise Platform and Architecture
DCEU 18: Docker Enterprise Platform and ArchitectureDCEU 18: Docker Enterprise Platform and Architecture
DCEU 18: Docker Enterprise Platform and ArchitectureDocker, Inc.
 
Building Your Docker Swarm Tech Stack
Building Your Docker Swarm Tech StackBuilding Your Docker Swarm Tech Stack
Building Your Docker Swarm Tech StackBret Fisher
 
DockerCon 15 Keynote - Day 2
DockerCon 15 Keynote - Day 2DockerCon 15 Keynote - Day 2
DockerCon 15 Keynote - Day 2Docker, Inc.
 
Kubernetes Architecture - beyond a black box - Part 1
Kubernetes Architecture - beyond a black box - Part 1Kubernetes Architecture - beyond a black box - Part 1
Kubernetes Architecture - beyond a black box - Part 1Hao H. Zhang
 
Container Orchestration with Docker Swarm and Kubernetes
Container Orchestration with Docker Swarm and KubernetesContainer Orchestration with Docker Swarm and Kubernetes
Container Orchestration with Docker Swarm and KubernetesWill Hall
 
(DEV302) Hosting ASP.Net 5 Apps in AWS with Docker & AWS CodeDeploy
(DEV302) Hosting ASP.Net 5 Apps in AWS with Docker & AWS CodeDeploy(DEV302) Hosting ASP.Net 5 Apps in AWS with Docker & AWS CodeDeploy
(DEV302) Hosting ASP.Net 5 Apps in AWS with Docker & AWS CodeDeployAmazon Web Services
 
Microservices + Events + Docker = A Perfect Trio by Docker Captain Chris Rich...
Microservices + Events + Docker = A Perfect Trio by Docker Captain Chris Rich...Microservices + Events + Docker = A Perfect Trio by Docker Captain Chris Rich...
Microservices + Events + Docker = A Perfect Trio by Docker Captain Chris Rich...Docker, Inc.
 
Zero downtime-java-deployments-with-docker-and-kubernetes
Zero downtime-java-deployments-with-docker-and-kubernetesZero downtime-java-deployments-with-docker-and-kubernetes
Zero downtime-java-deployments-with-docker-and-kubernetesArjan Schaaf
 
DockerCon SF 2015: Ben Golub's Keynote Day 1
DockerCon SF 2015: Ben Golub's Keynote Day 1DockerCon SF 2015: Ben Golub's Keynote Day 1
DockerCon SF 2015: Ben Golub's Keynote Day 1Docker, Inc.
 
DCSF19 Container Security: Theory & Practice at Netflix
DCSF19 Container Security: Theory & Practice at NetflixDCSF19 Container Security: Theory & Practice at Netflix
DCSF19 Container Security: Theory & Practice at NetflixDocker, Inc.
 
Docker in Production, Look No Hands! by Scott Coulton
Docker in Production, Look No Hands! by Scott CoultonDocker in Production, Look No Hands! by Scott Coulton
Docker in Production, Look No Hands! by Scott CoultonDocker, Inc.
 
DockerCon SF 2015: Keynote Day 1
DockerCon SF 2015: Keynote Day 1DockerCon SF 2015: Keynote Day 1
DockerCon SF 2015: Keynote Day 1Docker, Inc.
 
DockerCon SF 2015: DHE/DTR
DockerCon SF 2015: DHE/DTRDockerCon SF 2015: DHE/DTR
DockerCon SF 2015: DHE/DTRDocker, Inc.
 
Introduction to Docker - 2017
Introduction to Docker - 2017Introduction to Docker - 2017
Introduction to Docker - 2017Docker, Inc.
 
DCSF19 Docker Containers & Java: What I Wish I Had Been Told
DCSF19 Docker Containers & Java: What I Wish I Had Been ToldDCSF19 Docker Containers & Java: What I Wish I Had Been Told
DCSF19 Docker Containers & Java: What I Wish I Had Been ToldDocker, Inc.
 
DCEU 18: Docker Container Networking
DCEU 18: Docker Container NetworkingDCEU 18: Docker Container Networking
DCEU 18: Docker Container NetworkingDocker, Inc.
 
Docker Meetup at Docker HQ: Docker Cloud
Docker Meetup at Docker HQ: Docker CloudDocker Meetup at Docker HQ: Docker Cloud
Docker Meetup at Docker HQ: Docker CloudDocker, Inc.
 
Cluster management with Kubernetes
Cluster management with KubernetesCluster management with Kubernetes
Cluster management with KubernetesSatnam Singh
 

Was ist angesagt? (20)

Why kubernetes matters
Why kubernetes mattersWhy kubernetes matters
Why kubernetes matters
 
DCEU 18: Docker Enterprise Platform and Architecture
DCEU 18: Docker Enterprise Platform and ArchitectureDCEU 18: Docker Enterprise Platform and Architecture
DCEU 18: Docker Enterprise Platform and Architecture
 
Building Your Docker Swarm Tech Stack
Building Your Docker Swarm Tech StackBuilding Your Docker Swarm Tech Stack
Building Your Docker Swarm Tech Stack
 
DockerCon 15 Keynote - Day 2
DockerCon 15 Keynote - Day 2DockerCon 15 Keynote - Day 2
DockerCon 15 Keynote - Day 2
 
Kubernetes Architecture - beyond a black box - Part 1
Kubernetes Architecture - beyond a black box - Part 1Kubernetes Architecture - beyond a black box - Part 1
Kubernetes Architecture - beyond a black box - Part 1
 
Container Orchestration with Docker Swarm and Kubernetes
Container Orchestration with Docker Swarm and KubernetesContainer Orchestration with Docker Swarm and Kubernetes
Container Orchestration with Docker Swarm and Kubernetes
 
(DEV302) Hosting ASP.Net 5 Apps in AWS with Docker & AWS CodeDeploy
(DEV302) Hosting ASP.Net 5 Apps in AWS with Docker & AWS CodeDeploy(DEV302) Hosting ASP.Net 5 Apps in AWS with Docker & AWS CodeDeploy
(DEV302) Hosting ASP.Net 5 Apps in AWS with Docker & AWS CodeDeploy
 
Microservices + Events + Docker = A Perfect Trio by Docker Captain Chris Rich...
Microservices + Events + Docker = A Perfect Trio by Docker Captain Chris Rich...Microservices + Events + Docker = A Perfect Trio by Docker Captain Chris Rich...
Microservices + Events + Docker = A Perfect Trio by Docker Captain Chris Rich...
 
Zero downtime-java-deployments-with-docker-and-kubernetes
Zero downtime-java-deployments-with-docker-and-kubernetesZero downtime-java-deployments-with-docker-and-kubernetes
Zero downtime-java-deployments-with-docker-and-kubernetes
 
DockerCon SF 2015: Ben Golub's Keynote Day 1
DockerCon SF 2015: Ben Golub's Keynote Day 1DockerCon SF 2015: Ben Golub's Keynote Day 1
DockerCon SF 2015: Ben Golub's Keynote Day 1
 
7+1 myths of the new os
7+1 myths of the new os7+1 myths of the new os
7+1 myths of the new os
 
DCSF19 Container Security: Theory & Practice at Netflix
DCSF19 Container Security: Theory & Practice at NetflixDCSF19 Container Security: Theory & Practice at Netflix
DCSF19 Container Security: Theory & Practice at Netflix
 
Docker in Production, Look No Hands! by Scott Coulton
Docker in Production, Look No Hands! by Scott CoultonDocker in Production, Look No Hands! by Scott Coulton
Docker in Production, Look No Hands! by Scott Coulton
 
DockerCon SF 2015: Keynote Day 1
DockerCon SF 2015: Keynote Day 1DockerCon SF 2015: Keynote Day 1
DockerCon SF 2015: Keynote Day 1
 
DockerCon SF 2015: DHE/DTR
DockerCon SF 2015: DHE/DTRDockerCon SF 2015: DHE/DTR
DockerCon SF 2015: DHE/DTR
 
Introduction to Docker - 2017
Introduction to Docker - 2017Introduction to Docker - 2017
Introduction to Docker - 2017
 
DCSF19 Docker Containers & Java: What I Wish I Had Been Told
DCSF19 Docker Containers & Java: What I Wish I Had Been ToldDCSF19 Docker Containers & Java: What I Wish I Had Been Told
DCSF19 Docker Containers & Java: What I Wish I Had Been Told
 
DCEU 18: Docker Container Networking
DCEU 18: Docker Container NetworkingDCEU 18: Docker Container Networking
DCEU 18: Docker Container Networking
 
Docker Meetup at Docker HQ: Docker Cloud
Docker Meetup at Docker HQ: Docker CloudDocker Meetup at Docker HQ: Docker Cloud
Docker Meetup at Docker HQ: Docker Cloud
 
Cluster management with Kubernetes
Cluster management with KubernetesCluster management with Kubernetes
Cluster management with Kubernetes
 

Ähnlich wie Kubernetes - What? Why? How

Kubernetes Immersion
Kubernetes ImmersionKubernetes Immersion
Kubernetes ImmersionJuan Larriba
 
KubernetesPPT.pptx
KubernetesPPT.pptxKubernetesPPT.pptx
KubernetesPPT.pptxRyuzaki360
 
Newesis - Introduction to Containers
Newesis - Introduction to ContainersNewesis - Introduction to Containers
Newesis - Introduction to ContainersRauno De Pasquale
 
modern-guide-to-container-monitoring-and-orchestration.pdf
modern-guide-to-container-monitoring-and-orchestration.pdfmodern-guide-to-container-monitoring-and-orchestration.pdf
modern-guide-to-container-monitoring-and-orchestration.pdfGuillaume Kpotufe
 
Kubernetes Basics - ICP Workshop Batch II
Kubernetes Basics - ICP Workshop Batch IIKubernetes Basics - ICP Workshop Batch II
Kubernetes Basics - ICP Workshop Batch IIPT Datacomm Diangraha
 
Containerization Report
Containerization ReportContainerization Report
Containerization ReportJatin Chauhan
 
IRJET- Container Live Migration using Docker Checkpoint and Restore
IRJET- Container Live Migration using Docker Checkpoint and RestoreIRJET- Container Live Migration using Docker Checkpoint and Restore
IRJET- Container Live Migration using Docker Checkpoint and RestoreIRJET Journal
 
Why kubernetes for Serverless (FaaS)
Why kubernetes for Serverless (FaaS)Why kubernetes for Serverless (FaaS)
Why kubernetes for Serverless (FaaS)Krishna-Kumar
 
Kubernetes for Serverless - Serverless Summit 2017 - Krishna Kumar
Kubernetes for Serverless - Serverless Summit 2017 - Krishna KumarKubernetes for Serverless - Serverless Summit 2017 - Krishna Kumar
Kubernetes for Serverless - Serverless Summit 2017 - Krishna KumarCodeOps Technologies LLP
 
Kubernetes: від знайомства до використання у CI/CD
Kubernetes: від знайомства до використання у CI/CDKubernetes: від знайомства до використання у CI/CD
Kubernetes: від знайомства до використання у CI/CDStfalcon Meetups
 
Mesos and Kubernetes ecosystem overview
Mesos and Kubernetes ecosystem overviewMesos and Kubernetes ecosystem overview
Mesos and Kubernetes ecosystem overviewKrishna-Kumar
 
Techdays SE 2016 - Micros.. err Microcosmos
Techdays SE 2016 - Micros.. err MicrocosmosTechdays SE 2016 - Micros.. err Microcosmos
Techdays SE 2016 - Micros.. err MicrocosmosMike Martin
 
Containers and workload security an overview
Containers and workload security an overview Containers and workload security an overview
Containers and workload security an overview Krishna-Kumar
 
Kubernetes: A Top Notch Automation Solution
Kubernetes: A Top Notch Automation SolutionKubernetes: A Top Notch Automation Solution
Kubernetes: A Top Notch Automation SolutionFibonalabs
 
Introduction to containers, k8s, Microservices & Cloud Native
Introduction to containers, k8s, Microservices & Cloud NativeIntroduction to containers, k8s, Microservices & Cloud Native
Introduction to containers, k8s, Microservices & Cloud NativeTerry Wang
 

Ähnlich wie Kubernetes - What? Why? How (20)

Kubernetes Immersion
Kubernetes ImmersionKubernetes Immersion
Kubernetes Immersion
 
KubernetesPPT.pptx
KubernetesPPT.pptxKubernetesPPT.pptx
KubernetesPPT.pptx
 
Newesis - Introduction to Containers
Newesis - Introduction to ContainersNewesis - Introduction to Containers
Newesis - Introduction to Containers
 
modern-guide-to-container-monitoring-and-orchestration.pdf
modern-guide-to-container-monitoring-and-orchestration.pdfmodern-guide-to-container-monitoring-and-orchestration.pdf
modern-guide-to-container-monitoring-and-orchestration.pdf
 
Kubernetes Basics - ICP Workshop Batch II
Kubernetes Basics - ICP Workshop Batch IIKubernetes Basics - ICP Workshop Batch II
Kubernetes Basics - ICP Workshop Batch II
 
Containerization Report
Containerization ReportContainerization Report
Containerization Report
 
Docker and kubernetes
Docker and kubernetesDocker and kubernetes
Docker and kubernetes
 
IRJET- Container Live Migration using Docker Checkpoint and Restore
IRJET- Container Live Migration using Docker Checkpoint and RestoreIRJET- Container Live Migration using Docker Checkpoint and Restore
IRJET- Container Live Migration using Docker Checkpoint and Restore
 
Why kubernetes for Serverless (FaaS)
Why kubernetes for Serverless (FaaS)Why kubernetes for Serverless (FaaS)
Why kubernetes for Serverless (FaaS)
 
Kubernetes for Serverless - Serverless Summit 2017 - Krishna Kumar
Kubernetes for Serverless - Serverless Summit 2017 - Krishna KumarKubernetes for Serverless - Serverless Summit 2017 - Krishna Kumar
Kubernetes for Serverless - Serverless Summit 2017 - Krishna Kumar
 
Kubernetes: від знайомства до використання у CI/CD
Kubernetes: від знайомства до використання у CI/CDKubernetes: від знайомства до використання у CI/CD
Kubernetes: від знайомства до використання у CI/CD
 
Mesos and Kubernetes ecosystem overview
Mesos and Kubernetes ecosystem overviewMesos and Kubernetes ecosystem overview
Mesos and Kubernetes ecosystem overview
 
Techdays SE 2016 - Micros.. err Microcosmos
Techdays SE 2016 - Micros.. err MicrocosmosTechdays SE 2016 - Micros.. err Microcosmos
Techdays SE 2016 - Micros.. err Microcosmos
 
Containers and workload security an overview
Containers and workload security an overview Containers and workload security an overview
Containers and workload security an overview
 
Containers kuberenetes
Containers kuberenetesContainers kuberenetes
Containers kuberenetes
 
Containers kuberenetes
Containers kuberenetesContainers kuberenetes
Containers kuberenetes
 
Kubernetes: A Top Notch Automation Solution
Kubernetes: A Top Notch Automation SolutionKubernetes: A Top Notch Automation Solution
Kubernetes: A Top Notch Automation Solution
 
Openshift Workshop
Openshift Workshop Openshift Workshop
Openshift Workshop
 
Introduction to containers, k8s, Microservices & Cloud Native
Introduction to containers, k8s, Microservices & Cloud NativeIntroduction to containers, k8s, Microservices & Cloud Native
Introduction to containers, k8s, Microservices & Cloud Native
 
Microservices, Containers and Docker
Microservices, Containers and DockerMicroservices, Containers and Docker
Microservices, Containers and Docker
 

Mehr von Elad Hirsch

Data in the wild west with some DevOps to the rescue
Data in the wild west with some DevOps to the rescueData in the wild west with some DevOps to the rescue
Data in the wild west with some DevOps to the rescueElad Hirsch
 
KNATIVE - DEPLOY, AND MANAGE MODERN CONTAINER-BASED SERVERLESS WORKLOADS
KNATIVE - DEPLOY, AND MANAGE MODERN CONTAINER-BASED SERVERLESS WORKLOADSKNATIVE - DEPLOY, AND MANAGE MODERN CONTAINER-BASED SERVERLESS WORKLOADS
KNATIVE - DEPLOY, AND MANAGE MODERN CONTAINER-BASED SERVERLESS WORKLOADSElad Hirsch
 
JaVers (Open Source) - Object auditing and diff framework
JaVers (Open Source) - Object auditing and diff framework JaVers (Open Source) - Object auditing and diff framework
JaVers (Open Source) - Object auditing and diff frameworkElad Hirsch
 
So you want to write a cloud function
So you want to write a cloud functionSo you want to write a cloud function
So you want to write a cloud functionElad Hirsch
 
Migrate AngularJS to Angular (v5)
Migrate AngularJS to Angular (v5)Migrate AngularJS to Angular (v5)
Migrate AngularJS to Angular (v5)Elad Hirsch
 
Refactoring to GO modules
Refactoring to GO modulesRefactoring to GO modules
Refactoring to GO modulesElad Hirsch
 
Cloud native - CI/CD
Cloud native - CI/CDCloud native - CI/CD
Cloud native - CI/CDElad Hirsch
 
devjam2018 - angular 5 performance
devjam2018 - angular 5 performancedevjam2018 - angular 5 performance
devjam2018 - angular 5 performanceElad Hirsch
 
Jenkins 17 IL - JavaScript CI/CD
Jenkins 17 IL - JavaScript CI/CDJenkins 17 IL - JavaScript CI/CD
Jenkins 17 IL - JavaScript CI/CDElad Hirsch
 
AngularJS - Architecture decisions in a large project 
AngularJS - Architecture decisions in a large project AngularJS - Architecture decisions in a large project 
AngularJS - Architecture decisions in a large project Elad Hirsch
 

Mehr von Elad Hirsch (10)

Data in the wild west with some DevOps to the rescue
Data in the wild west with some DevOps to the rescueData in the wild west with some DevOps to the rescue
Data in the wild west with some DevOps to the rescue
 
KNATIVE - DEPLOY, AND MANAGE MODERN CONTAINER-BASED SERVERLESS WORKLOADS
KNATIVE - DEPLOY, AND MANAGE MODERN CONTAINER-BASED SERVERLESS WORKLOADSKNATIVE - DEPLOY, AND MANAGE MODERN CONTAINER-BASED SERVERLESS WORKLOADS
KNATIVE - DEPLOY, AND MANAGE MODERN CONTAINER-BASED SERVERLESS WORKLOADS
 
JaVers (Open Source) - Object auditing and diff framework
JaVers (Open Source) - Object auditing and diff framework JaVers (Open Source) - Object auditing and diff framework
JaVers (Open Source) - Object auditing and diff framework
 
So you want to write a cloud function
So you want to write a cloud functionSo you want to write a cloud function
So you want to write a cloud function
 
Migrate AngularJS to Angular (v5)
Migrate AngularJS to Angular (v5)Migrate AngularJS to Angular (v5)
Migrate AngularJS to Angular (v5)
 
Refactoring to GO modules
Refactoring to GO modulesRefactoring to GO modules
Refactoring to GO modules
 
Cloud native - CI/CD
Cloud native - CI/CDCloud native - CI/CD
Cloud native - CI/CD
 
devjam2018 - angular 5 performance
devjam2018 - angular 5 performancedevjam2018 - angular 5 performance
devjam2018 - angular 5 performance
 
Jenkins 17 IL - JavaScript CI/CD
Jenkins 17 IL - JavaScript CI/CDJenkins 17 IL - JavaScript CI/CD
Jenkins 17 IL - JavaScript CI/CD
 
AngularJS - Architecture decisions in a large project 
AngularJS - Architecture decisions in a large project AngularJS - Architecture decisions in a large project 
AngularJS - Architecture decisions in a large project 
 

Kürzlich hochgeladen

Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 

Kürzlich hochgeladen (20)

Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 

Kubernetes - What? Why? How

  • 1.
  • 2. Contents Why even bother Containers Container Orchestrators Kubernetes - What? Why? How? Kubernetes - The details Extending Kubernetes Relation status - it’s complicated Going forward
  • 3.
  • 4. Let’s define players Service based Event driven Open API No infra management Managed security Pay only for usage Developer Operator
  • 5.
  • 6.
  • 8. Container - What's in a name? Coming from the shipping industry Caused aquatic theme for domain
  • 9. Shipping containers Portability - can be used on any of supported types of ships Wide variety of cargo that can be packed inside Standard sizes - standard fittings on ships Many containers on a ship Isolates cargo from each other
  • 10. Translated to software Portability - can be used on any supported system (system with container execution environment) Wide variety of software that can be packed inside Standard format Many containers to a physical node Isolates execution of one container from another
  • 11. What is a container? way to pack code and dependencies together can run anywhere execute multiple containers to a physical machine
  • 12. Sounds familiar? same concept as virtual machines pack OS and software together, to run in isolated instances can run anywhere the specific hypervisor runs multiple VMs to a physical machine
  • 13. How do VMs work? hypervisor = layer between VM and kernel emulates system calls allows multiple types of operating systems on a machine (Windows on Linux) overhead for hypervisor
  • 14. Containers on the other hand ... only contain application and application-related libraries and frameworks, that run on the host machine's kernel smaller lower overhead differences in OS distributions and dependencies are abstracted - same kernel
  • 15. Working together, not against each other Windows on Linux possible only with VMs older software needs to be adapted to be run as containers (and won't) usage of VMs as a medium for containers (better isolation and easier scaling)
  • 16. Greater modularity in software Monolithic application → independent services that interact (microservices)
  • 17. Containers empowering microservices quicker start times -> easy to prototype or scale allow work to be done independently on modules -> independent releases for components (take care of interfaces) isolated and abstracted runtime environments, that can be tailored for each module shared runtime environment, for heterogeneous applications
  • 18. Containers history – early days need for resources to be shared among many users -> multiple terminals connected to the same mainframe main problem - execution can cause the main computer to crash -> down for everybody
  • 19. Containers history – Linux containers (lxc) 2008 Provides virtualization at OS level Provides containers with its own process and network space
  • 20. Containers history – Docker 2013 Container execution and management system Originally started with lxc, then moved to libcontainer, which allows containers to work with: • linux namespaces • libcontainer control groups • capabilities • app armor security profiles • network interfaces • firewall rules
  • 21. Containers history – OCI & CNCF Open Container Initiative – 2015 industry format for a container format and container runtime software for all platforms spend resources on developing additional software to support use of standard containers, instead of format alternatives Cloud Native Container Foundation – 2015 Working on different projects to further standardize the market: • Kubernetes • Container Network Interface • Containerd
  • 23. Need for something more? docker started out with a CLI tool on top of lxc, that built, created, started, stopped and exec'd containers does management at a node level, upon specific requests easy to manually manage with up to 100s of containers and 10s of nodes, but what next?
  • 24. Orchestrator manage and organize both hosts and docker containers running on a cluster main issue - resource allocation - where can a container be scheduled, to fulfill its requirements (CPU/RAM/disk) + how to keep track of nodes and scale
  • 25. Some orchestrator tasks manage networking and access track state of containers scale services do load balancing relocation in case of unresponsive host service discovery attribute storage to containers
  • 26. Orchestrator options Kubernetes – open-source, product of CNCF Apache Mesos – cluster management tool, with container orchestration being only one of the things it can do, originally through a plugin called Marathon Docker Swarm – integrated in docker container platform
  • 27. Lately ... Mesos announced Kubernetes support as container orchestration, alongside Marathon Docker Enterprise Edition - integration with Kubernetes alongside Swarm → Kubernetes becoming the de-facto standard for container orchestration (allowing developers to focus on building on top instead of alternatives)
  • 28. Kubernetes – What? Why? How?
  • 29. What is Kubernetes? “Kubernetes” = Greek for governor, helmsman, captain open-source container orchestration system originally designed by Google, maintained by CNCF aim to provide "platform for automating deployment, scaling and operations of application containers across clusters of hosts"
  • 30. Why Kubernetes? - Goals Main objectives, stated by devs, for community Achieve velocity Allow scaling of both software and teams Present abstract infrastructure Gain efficiency
  • 31. Achieve velocity Velocity = number of things you ship while maintaining a highly available service Achieved by: • immutability - created artifact cannot be changed • declarative configuration - declare desired state and Kubernetes' job is to ensure it matches • self-healing systems - trying to maintain desired states if something changes
  • 32. Allow scaling of software encouraging decoupling in applications - separated components that communicate via defined APIs via load-balanced services running in shared abstract environment, without interference utilizing standard container format that runs on any machine
  • 33. Allow scaling of teams separation of concerns for consistency and scaling • application ops rely on the SLA provided by the platform • orchestrator ops uphold SLA
  • 34. Present abstract infrastructure decoupling container images and machines cluster can be heterogeneous and reduce overhead and cost portability - container can be used on another cluster without being changed
  • 35. Gain efficiency optimized usage of physical machines - multiple containers on same machine isolated with namespaces, to not interfere with each other
  • 36. Kubernetes - the details
  • 37. Container image format layered format, allowing to inherit from lower levels and to modify them by adding, changing or removing files using unified file system that allows this layering issue – deleted file remains in older layers image size bigger and build time longer -> development of better tools
  • 38. Running a container image provides the filesystem base for execution configuration, to interoperate with the rest of the system – environment variables, CPU/RAM requirements, process to execute, ports to expose, etc.
  • 39. Kubernetes and containers Can you deploy a container in Kubernetes? NO (not directly) Why not? Because the smallest deployable unit of computing is not a container, but ...
  • 40. Pod smallest deployable unit of computing in Kubernetes colocated multiple apps(containers) into a single atomic unit, scheduled onto a single machine upon creation, statically allocated to a certain node
  • 41. Pod each container runs in its own cgroup (CPU + RAM allocation), but they share some namespaces and filesystems, such as: • IP address and port space • same hostname • IPC channels for communication
  • 42. So, why a pod and not container directly? all or nothing approach for a group of symbiotic containers, that need to be kept together at all times pod considered running if all containers are scheduled and running Can you deploy a container in Kubernetes? Yes, inside a pod!
  • 43. Service abstraction which defines a logical set of Pods (selected using label selector), that provide the same functionality (same microservice) different types, for different types of exposure provided by the service
  • 44. Deployment manages replica set through time and versions for pod spec scale != version update using health checks, makes sure a new version works allows rollbacks to older versions (keeps track of changes)
  • 45. Deployment strategies - recreate all previous pods are destroyed and new pods are created quickest downtime while new pods start in case of problems and rollback, even more downtime
  • 47. Soooo many things to configure :( at least one controller some services some configMaps and Secrets preallocate persistentVolumes or create storage class for dynamic provisioning
  • 48. Solution: another level of abstraction higher-level controller that can manage lower-level elements for the moment, not included in Kubernetes ... YET! BUT can be added, through third-party controllers
  • 49. What is Helm? package manager for Kubernetes provides higher-level abstraction (Chart) to configure full-fledged applications manage complexity, easy upgrades, simple sharing of full application setups, safe rollbacks
  • 50. How does Helm work? Helm CLI + Tiller server in Kubernetes (which is a controller) CLI responsible for management + requests for releases of charts on Kubernetes Tiller - listens for requests, combines chart + configuration = release, install release, track release
  • 51. Helm++ Helm release controller - current Lentiq way to manage applications expose HelmRelease as a CRD (custom resource definition) in Kubernetes, to work directly with Kubernetes to manage apps
  • 52. What are Operators? domain-specific controller manages lifetime of a single application works with Kubernetes primitives, as well as performing application-specific steps
  • 53. Operators pre and post provision hooks, for application-specific operations single tool to perform all management (kubectl) work in a scalable, repeatable, standard fashion improve resiliency while reducing burden on IT teams
  • 54. Relation status - it’s complicated Write Build a container image Deploy the application Expose at an endpoint Request-level load balancing Set up SSL/TLS Scale up based on demand Scale down to zero Canary deployments Monitor metrics
  • 56. What Kubernetes missing ? Source-to-URL deploys Canary deployments, rollouts/rollbacks Kubernetes needs container images built/pushed Kubernetes has no notion of immutable revisions to cleanly rollback Manage application traffic Kubernetes cannot natively split traffic (lack of L7 HTTP load balancing) Out-of-the box monitoring Kubernetes doesn’t provide monitoring signals beyond CPU/memory Scale-to-zero Kubernetes cannot do natively
  • 57. Going forward More projects will natively support k8s CockroachDB - A database architected and built for Kubernetes SiSense BI engine rewritten in k8s) More business scenarios (KubeFlow - Running ML/DS pipeline) Go serverless (Knative ,kubeless) Lightweight k8s (k3s - running on edge devices) Advanced k8s management systems (Multi cloud ,Backup and restore ,Security)
  • 58. Q&A