SlideShare ist ein Scribd-Unternehmen logo

Kubernetes from a Box Mix

L
Liz Frost

A tutorial guiding you through setting up a minimal Kubernetes cluster.

Software
1 von 74
Downloaden Sie, um offline zu lesen
@stillinbeta // #SREcon Americas 2019 While you’re waiting... http://bit.ly/srecon-cake0
@stillinbeta // #SREcon Americas 2019 Kubernetes From A Cake Mix Liz Frost
@stillinbeta // #SREcon Americas 2019 Who am I? Liz Frost Twitter: @stillinbeta slack.k8s.io: @liz
@stillinbeta // #SREcon Americas 2019 Who am I?
@stillinbeta // #SREcon Americas 2019 Who am I?
@stillinbeta // #SREcon Americas 2019 Who am I? It’s pronounced “kube-cuddle”
@stillinbeta // #SREcon Americas 2019 Why should you listen to me? ● sig-cluster-lifecycle member ● kubernetes contributor ● kubeadm developer
@stillinbeta // #SREcon Americas 2019 What is Kubernetes?
@stillinbeta // #SREcon Americas 2019
@stillinbeta // #SREcon Americas 2019
@stillinbeta // #SREcon Americas 2019
@stillinbeta // #SREcon Americas 2019 Node Pod Pod Pod Node Pod Pod Pod User
@stillinbeta // #SREcon Americas 2019 Node Pod Pod Pod Node Pod Pod Pod User
@stillinbeta // #SREcon Americas 2019 Kubernetes API User
@stillinbeta // #SREcon Americas 2019 Kubernetes APIConformance Tests
@stillinbeta // #SREcon Americas 2019 Kubernetes APIConformance Tests
@stillinbeta // #SREcon Americas 2019 Kubernetes APIConformance Tests
@stillinbeta // #SREcon Americas 2019 Kubernetes APIConformance Tests
@stillinbeta // #SREcon Americas 2019 Kubernetes API A wizard did itConformance Tests
@stillinbeta // #SREcon Americas 2019 We got Opinions
@stillinbeta // #SREcon Americas 2019 Kubeadm™ brand Kubernetes
@stillinbeta // #SREcon Americas 2019 kubeadm init
@stillinbeta // #SREcon Americas 2019 $ kubeadm init --help Run this command in order to set up the Kubernetes master. The "init" command executes the following phases: ``` preflight Run master pre-flight checks kubelet-start Writes kubelet settings and (re)starts the kubelet certs Certificate generation /etcd-ca Generates the self-signed CA to provision identities for etcd /etcd-server Generates the certificate for serving etcd /etcd-healthcheck-client Generates the client certificate for liveness probes to healtcheck etcd /apiserver-etcd-client Generates the client apiserver uses to access etcd /etcd-peer Generates the credentials for etcd nodes to communicate with each other /ca Generates the self-signed Kubernetes CA to provision identities for other Kubernetes components /apiserver Generates the certificate for serving the Kubernetes API /apiserver-kubelet-client Generates the Client certificate for the API server to connect to kubelet /front-proxy-ca Generates the self-signed CA to provision identities for front proxy /front-proxy-client Generates the client for the front proxy /sa Generates a private key for signing service account tokens along with its public key kubeconfig Generates all kubeconfig files necessary to establish the control plane and the admin kubeconfig file /admin Generates a kubeconfig file for the admin to use and for kubeadm itself /kubelet Generates a kubeconfig file for the kubelet to use *only* for cluster bootstrapping purposes /controller-manager Generates a kubeconfig file for the controller manager to use /scheduler Generates a kubeconfig file for the scheduler to use control-plane Generates all static Pod manifest files necessary to establish the control plane /apiserver Generates the kube-apiserver static Pod manifest /controller-manager Generates the kube-controller-manager static Pod manifest /scheduler Generates the kube-scheduler static Pod manifest etcd Generates static Pod manifest file for local etcd. /local Generates the static Pod manifest file for a local, single-node local etcd instance. upload-config Uploads the kubeadm and kubelet configuration to a ConfigMap /kubeadm Uploads the kubeadm ClusterConfiguration to a ConfigMap /kubelet Uploads the kubelet component config to a ConfigMap mark-control-plane Mark a node as a control-plane bootstrap-token Generates bootstrap tokens used to join a node to a cluster addon Installs required addons for passing Conformance tests /coredns Installs the CoreDNS addon to a Kubernetes cluster /kube-proxy Installs the kube-proxy addon to a Kubernetes cluster
@stillinbeta // #SREcon Americas 2019 $ kubeadm init --help Run this command in order to set up the Kubernetes master. The "init" command executes the following phases: ``` preflight Run master pre-flight checks kubelet-start Writes kubelet settings and (re)starts the kubelet certs Certificate generation kubeconfig Generates all kubeconfig files necessary control-plane Generates all static Pod manifest files necessary to establish the /apiserver Generates the kube-apiserver static Pod manifest /controller-manager Generates the kube-controller-manager static Pod manifest /scheduler Generates the kube-scheduler static Pod manifest etcd Generates static Pod manifest file for local etcd. /local Generates the static Pod manifest file for a local etcd instance. upload-config Uploads the kubeadm and kubelet configuration to a ConfigMap /kubeadm Uploads the kubeadm ClusterConfiguration to a ConfigMap /kubelet Uploads the kubelet component config to a ConfigMap mark-control-plane Mark a node as a control-plane bootstrap-token Generates bootstrap tokens used to join a node to a cluster addon Installs required addons for passing Conformance tests /coredns Installs the CoreDNS addon to a Kubernetes cluster /kube-proxy Installs the kube-proxy addon to a Kubernetes cluster
@stillinbeta // #SREcon Americas 2019 preflight kubelet-start certs kubeconfig control-plane /apiserver /controller-manager /scheduler etcd /local upload-config /kubeadm /kubelet mark-control-plane bootstrap-token addon /coredns /kube-proxy
@stillinbeta // #SREcon Americas 2019 What are we making? ● kubelet ● etcd ● kube-apiserver ● kube-contoller-manager ● kube-scheduler
@stillinbeta // #SREcon Americas 2019 master kubelet etcd kube- apiserver kube- scheduler kube- controller- manager docker process container Node (VM / physical Machine) https IPC
@stillinbeta // #SREcon Americas 2019 kubelet etcd docker kube- apiserver kube- scheduler kube- controller -manager process container Node (VM / physical Machine)
@stillinbeta // #SREcon Americas 2019 kubelet etcd docker kube- apiserver kube- scheduler kube- controller -manager process Kubernetes pod Node (VM / physical Machine)
@stillinbeta // #SREcon Americas 2019 kubelet etcd docker kube- apiserver kube- scheduler kube- controller -manager process container Node (VM / physical Machine)
@stillinbeta // #SREcon Americas 2019 kubelet
@stillinbeta // #SREcon Americas 2019 What will we need locally? ● kubelet ● kubeadm ● docker
@stillinbeta // #SREcon Americas 2019 kubelet connects to API server... ...but the API server is run by the kubelet
@stillinbeta // #SREcon Americas 2019
@stillinbeta // #SREcon Americas 2019 Kubelet boot Start static pods Try to connect to API server
@stillinbeta // #SREcon Americas 2019 Kubelet boot Start static pods Try to connect to API server
@stillinbeta // #SREcon Americas 2019 Kubelet boot Start static pods
@stillinbeta // #SREcon Americas 2019 Tutorial 1! http://bit.ly/srecon-cake1
@stillinbeta // #SREcon Americas 2019 kubeadm
@stillinbeta // #SREcon Americas 2019 kubeadm REMOVE BEFORE FLIGHT
@stillinbeta // #SREcon Americas 2019 Preflight Checks ● Avoid common problems ● Handy guard-rails ● Ignore at your own peril!
@stillinbeta // #SREcon Americas 2019 Tutorial 2! http://bit.ly/srecon-cake2
@stillinbeta // #SREcon Americas 2019
@stillinbeta // #SREcon Americas 2019 From the Website ● Simple: well-defined, user-facing API (gRPC) ● Secure: automatic TLS with optional client cert authentication ● Fast: benchmarked 10,000 writes/sec ● Reliable: properly distributed using Raft
@stillinbeta // #SREcon Americas 2019 What you care about ● Key/value store ● Optionally distributed ● Only stateful part of kubernetes ● Secured by client certificates
@stillinbeta // #SREcon Americas 2019 Where do we put it? ● External? ● HA? ● Self-Hosted ● Single Node
@stillinbeta // #SREcon Americas 2019 Setting up etcd Generate Certificates Create Pod Manifest Run Healthcheck
@stillinbeta // #SREcon Americas 2019 Tutorial 3! http://bit.ly/srecon-cake3
@stillinbeta // #SREcon Americas 2019 apiserver
@stillinbeta // #SREcon Americas 2019 master kubelet etcd kube- apiserver kube- scheduler kube- controller- manager docker process container Node (VM / physical Machine) https IPC User
@stillinbeta // #SREcon Americas 2019 The centre of everything
@stillinbeta // #SREcon Americas 2019 kube-apiserver
@stillinbeta // #SREcon Americas 2019 kube-apiserver ● Exclusive control of etcd ● Handles all access control ● Stores some (but not all!) APIs ● Proxies everything
@stillinbeta // #SREcon Americas 2019 API Groups? GET /apis/apps/v1/namespaces/default/deployments/myapp API Group API Version Namespace Resource Resource Name
@stillinbeta // #SREcon Americas 2019 Custom Resource Definitions API Request MyCRD Watch NotificationMyCRD Response User (kubectl, curl) kube-apiserver CRD controller
@stillinbeta // #SREcon Americas 2019 kubectl exec Command Command Command output User (kubectl, curl) kube-apiserver Running Pod Command Output
@stillinbeta // #SREcon Americas 2019 Tutorial 4! http://bit.ly/srecon-cake4
@stillinbeta // #SREcon Americas 2019 kube-controller-manager
@stillinbeta // #SREcon Americas 2019 ...that could mean anything
@stillinbeta // #SREcon Americas 2019 Controller State Changes Desired State Reactions
@stillinbeta // #SREcon Americas 2019 ReplicaSetController Pod Created / Destroyed List of ReplicaSets Create / Destroy Pods
@stillinbeta // #SREcon Americas 2019 NodeController Node Health Changes List of Pods Destroy Pods
@stillinbeta // #SREcon Americas 2019 kube-controller-manager Controller goroutineController goroutineController goroutineController goroutineController goroutine Controller goroutineController goroutineController goroutineController goroutineController goroutine Controller goroutineController goroutineController goroutineController goroutineController goroutine Controller goroutineController goroutineController goroutineController goroutineController goroutine
@stillinbeta // #SREcon Americas 2019 Tutorial 5! http://bit.ly/srecon-cake5
@stillinbeta // #SREcon Americas 2019 Scheduler
@stillinbeta // #SREcon Americas 2019 kube-schedulerPods Nodes Assignments
@stillinbeta // #SREcon Americas 2019 I need a GPU I’m out of disk I’m running Solaris I’m in Europe I can’t be on Node17 I want to be in us-east-1c
@stillinbeta // #SREcon Americas 2019 I prefer Europe I prefer not to run on the same node as pod17
@stillinbeta // #SREcon Americas 2019 Bin Packing
@stillinbeta // #SREcon Americas 2019 Tutorial 6! http://bit.ly/srecon-cake6
@stillinbeta // #SREcon Americas 2019 What would be next? ● DNS ● Container Networking ● Proxying ● Multiple Nodes
@stillinbeta // #SREcon Americas 2019 Your Cluster is Not: ● Secure ● Production-Ready ● Resilient ● High-Availability ● Certified Kubernetes
@stillinbeta // #SREcon Americas 2019 But it is yours.
@stillinbeta / #Kubecon Seattle 2018 Questions? Concerns? Come find me! I’m the one with pink hair! Twitter: @stillinbeta slack.k8s.io: @liz Github: github.com/stillinbeta

Empfohlen

Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud with...
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud with...Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud with...
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud with...
VMware Tanzu
 
Building an API using Grape
Building an API using GrapeBuilding an API using Grape
Building an API using Grape
visnu priya
 
What's rancher v2.1.0 JA
What's rancher v2.1.0 JAWhat's rancher v2.1.0 JA
What's rancher v2.1.0 JA
cyberblack28 Ichikawa
 
Sailing into 2018 with Kubernetes and Istio
Sailing into 2018 with Kubernetes and IstioSailing into 2018 with Kubernetes and Istio
Sailing into 2018 with Kubernetes and Istio
Fernand Galiana
 
Making Swift Native Modules in React Native
Making Swift Native Modules in React NativeMaking Swift Native Modules in React Native
Making Swift Native Modules in React Native
Ray Deck
 
Spring Cloud Kubernetes - Spencer Gibb
Spring Cloud Kubernetes - Spencer GibbSpring Cloud Kubernetes - Spencer Gibb
Spring Cloud Kubernetes - Spencer Gibb
VMware Tanzu
 
How to build a tool for operating Flink on Kubernetes
How to build a tool for operating Flink on KubernetesHow to build a tool for operating Flink on Kubernetes
How to build a tool for operating Flink on Kubernetes
AndreaMedeghini
 
Drone CI/CD Platform
Drone CI/CD PlatformDrone CI/CD Platform
Drone CI/CD Platform
Bo-Yi Wu
 

Empfohlen

Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud with...
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud with...Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud with...
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud with...
VMware Tanzu
 
Building an API using Grape
Building an API using GrapeBuilding an API using Grape
Building an API using Grape
visnu priya
 
What's rancher v2.1.0 JA
What's rancher v2.1.0 JAWhat's rancher v2.1.0 JA
What's rancher v2.1.0 JA
cyberblack28 Ichikawa
 
Sailing into 2018 with Kubernetes and Istio
Sailing into 2018 with Kubernetes and IstioSailing into 2018 with Kubernetes and Istio
Sailing into 2018 with Kubernetes and Istio
Fernand Galiana
 
Making Swift Native Modules in React Native
Making Swift Native Modules in React NativeMaking Swift Native Modules in React Native
Making Swift Native Modules in React Native
Ray Deck
 
Spring Cloud Kubernetes - Spencer Gibb
Spring Cloud Kubernetes - Spencer GibbSpring Cloud Kubernetes - Spencer Gibb
Spring Cloud Kubernetes - Spencer Gibb
VMware Tanzu
 
How to build a tool for operating Flink on Kubernetes
How to build a tool for operating Flink on KubernetesHow to build a tool for operating Flink on Kubernetes
How to build a tool for operating Flink on Kubernetes
AndreaMedeghini
 
Drone CI/CD Platform
Drone CI/CD PlatformDrone CI/CD Platform
Drone CI/CD Platform
Bo-Yi Wu
 
Test-Driven Infrastructure with Chef
Test-Driven Infrastructure with ChefTest-Driven Infrastructure with Chef
Test-Driven Infrastructure with Chef
Michael Lihs
 
The Berkshelf Way
The Berkshelf WayThe Berkshelf Way
The Berkshelf Way
Chef Software, Inc.
 
Cookbook refactoring & abstracting logic to Ruby(gems)
Cookbook refactoring & abstracting logic to Ruby(gems)Cookbook refactoring & abstracting logic to Ruby(gems)
Cookbook refactoring & abstracting logic to Ruby(gems)
Chef Software, Inc.
 
ZFConf 2012: Реализация доступа к СУБД IBM DB2 посредством встраиваемого SQL ...
ZFConf 2012: Реализация доступа к СУБД IBM DB2 посредством встраиваемого SQL ...ZFConf 2012: Реализация доступа к СУБД IBM DB2 посредством встраиваемого SQL ...
ZFConf 2012: Реализация доступа к СУБД IBM DB2 посредством встраиваемого SQL ...
ZFConf Conference
 
ATDD with Behat and Selenium (LDNSE6)
ATDD with Behat and Selenium (LDNSE6)ATDD with Behat and Selenium (LDNSE6)
ATDD with Behat and Selenium (LDNSE6)
Shashikant Jagtap
 
jbang: Unleash the power of Java for shell scripting
jbang: Unleash the power of Java for shell scriptingjbang: Unleash the power of Java for shell scripting
jbang: Unleash the power of Java for shell scripting
Red Hat Developers
 
Everything-as-code. A polyglot adventure. #DevoxxPL
Everything-as-code. A polyglot adventure. #DevoxxPLEverything-as-code. A polyglot adventure. #DevoxxPL
Everything-as-code. A polyglot adventure. #DevoxxPL
Mario-Leander Reimer
 
The Berkshelf Way
The Berkshelf WayThe Berkshelf Way
The Berkshelf Way
Jamie Winsor
 
KubeCon 2017 Zero Touch Provision
KubeCon 2017 Zero Touch ProvisionKubeCon 2017 Zero Touch Provision
KubeCon 2017 Zero Touch Provision
RackN
 
Habitat 301: Building Habitats
Habitat 301: Building HabitatsHabitat 301: Building Habitats
Habitat 301: Building Habitats
Jamie Winsor
 
stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...
stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...
stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...
NETWAYS
 
Writing REST APIs with OpenAPI and Swagger Ada
Writing REST APIs with OpenAPI and Swagger AdaWriting REST APIs with OpenAPI and Swagger Ada
Writing REST APIs with OpenAPI and Swagger Ada
Stephane Carrez
 
You got database in my cloud!
You got database in my cloud!You got database in my cloud!
You got database in my cloud!
Liz Frost
 
Recap of de code 2019
Recap of de code 2019Recap of de code 2019
Recap of de code 2019
Kyohei Mizumoto
 
Kubernetes from the ground up
Kubernetes from the ground upKubernetes from the ground up
Kubernetes from the ground up
Sander Knape
 
XPDDS18: A dive into kbuild - Cao jin, Fujitsu
XPDDS18: A dive into kbuild - Cao jin, FujitsuXPDDS18: A dive into kbuild - Cao jin, Fujitsu
XPDDS18: A dive into kbuild - Cao jin, Fujitsu
The Linux Foundation
 
Kubernetes Basis: Pods, Deployments, and Services
Kubernetes Basis: Pods, Deployments, and ServicesKubernetes Basis: Pods, Deployments, and Services
Kubernetes Basis: Pods, Deployments, and Services
Jian-Kai Wang
 
Containerize vs Virtualize? NGDC 2009
Containerize vs Virtualize? NGDC 2009Containerize vs Virtualize? NGDC 2009
Containerize vs Virtualize? NGDC 2009
Andy d
 
oSC-2023-Cross-Build.pdf
oSC-2023-Cross-Build.pdfoSC-2023-Cross-Build.pdf
oSC-2023-Cross-Build.pdf
AdrianSchrter1
 
You got database in my cloud (short version)
You got database in my cloud (short version)You got database in my cloud (short version)
You got database in my cloud (short version)
Liz Frost
 
WSO2 Screencast - How to Easily Build a Git-Based CI/CD Pipeline for your API...
WSO2 Screencast - How to Easily Build a Git-Based CI/CD Pipeline for your API...WSO2 Screencast - How to Easily Build a Git-Based CI/CD Pipeline for your API...
WSO2 Screencast - How to Easily Build a Git-Based CI/CD Pipeline for your API...
Wasura Wattearachchi
 
Installing Component Pack 6.0.0.6
Installing Component Pack 6.0.0.6Installing Component Pack 6.0.0.6
Installing Component Pack 6.0.0.6
LetsConnect
 

Weitere ähnliche Inhalte

Was ist angesagt?

Everything-as-code. A polyglot adventure. #DevoxxPL
Everything-as-code. A polyglot adventure. #DevoxxPLEverything-as-code. A polyglot adventure. #DevoxxPL
Everything-as-code. A polyglot adventure. #DevoxxPL
Mario-Leander Reimer
 

Was ist angesagt? (12)

Test-Driven Infrastructure with Chef
Test-Driven Infrastructure with ChefTest-Driven Infrastructure with Chef
Test-Driven Infrastructure with Chef
 
The Berkshelf Way
The Berkshelf WayThe Berkshelf Way
The Berkshelf Way
 
Cookbook refactoring & abstracting logic to Ruby(gems)
Cookbook refactoring & abstracting logic to Ruby(gems)Cookbook refactoring & abstracting logic to Ruby(gems)
Cookbook refactoring & abstracting logic to Ruby(gems)
 
ZFConf 2012: Реализация доступа к СУБД IBM DB2 посредством встраиваемого SQL ...
ZFConf 2012: Реализация доступа к СУБД IBM DB2 посредством встраиваемого SQL ...ZFConf 2012: Реализация доступа к СУБД IBM DB2 посредством встраиваемого SQL ...
ZFConf 2012: Реализация доступа к СУБД IBM DB2 посредством встраиваемого SQL ...
 
ATDD with Behat and Selenium (LDNSE6)
ATDD with Behat and Selenium (LDNSE6)ATDD with Behat and Selenium (LDNSE6)
ATDD with Behat and Selenium (LDNSE6)
 
jbang: Unleash the power of Java for shell scripting
jbang: Unleash the power of Java for shell scriptingjbang: Unleash the power of Java for shell scripting
jbang: Unleash the power of Java for shell scripting
 
Everything-as-code. A polyglot adventure. #DevoxxPL
Everything-as-code. A polyglot adventure. #DevoxxPLEverything-as-code. A polyglot adventure. #DevoxxPL
Everything-as-code. A polyglot adventure. #DevoxxPL
 
The Berkshelf Way
The Berkshelf WayThe Berkshelf Way
The Berkshelf Way
 
KubeCon 2017 Zero Touch Provision
KubeCon 2017 Zero Touch ProvisionKubeCon 2017 Zero Touch Provision
KubeCon 2017 Zero Touch Provision
 
Habitat 301: Building Habitats
Habitat 301: Building HabitatsHabitat 301: Building Habitats
Habitat 301: Building Habitats
 
stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...
stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...
stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...
 
Writing REST APIs with OpenAPI and Swagger Ada
Writing REST APIs with OpenAPI and Swagger AdaWriting REST APIs with OpenAPI and Swagger Ada
Writing REST APIs with OpenAPI and Swagger Ada
 

Ähnlich wie Kubernetes from a Box Mix

Containerize vs Virtualize? NGDC 2009
Containerize vs Virtualize? NGDC 2009Containerize vs Virtualize? NGDC 2009
Containerize vs Virtualize? NGDC 2009
Andy d
 
Developing Serverless Applications on Kubernetes with Knative
Developing Serverless Applications on Kubernetes with KnativeDeveloping Serverless Applications on Kubernetes with Knative
Developing Serverless Applications on Kubernetes with Knative
VMware Tanzu
 
Blasting Through the Clouds - Automating Cloud Foundry with Concourse CI
Blasting Through the Clouds - Automating Cloud Foundry with Concourse CIBlasting Through the Clouds - Automating Cloud Foundry with Concourse CI
Blasting Through the Clouds - Automating Cloud Foundry with Concourse CI
Fabian Keller
 
Embedding WPE WebKit - from Bring-up to Maintenance
Embedding WPE WebKit - from Bring-up to MaintenanceEmbedding WPE WebKit - from Bring-up to Maintenance
Embedding WPE WebKit - from Bring-up to Maintenance
Igalia
 

Ähnlich wie Kubernetes from a Box Mix (20)

You got database in my cloud!
You got database in my cloud!You got database in my cloud!
You got database in my cloud!
 
Recap of de code 2019
Recap of de code 2019Recap of de code 2019
Recap of de code 2019
 
Kubernetes from the ground up
Kubernetes from the ground upKubernetes from the ground up
Kubernetes from the ground up
 
XPDDS18: A dive into kbuild - Cao jin, Fujitsu
XPDDS18: A dive into kbuild - Cao jin, FujitsuXPDDS18: A dive into kbuild - Cao jin, Fujitsu
XPDDS18: A dive into kbuild - Cao jin, Fujitsu
 
Kubernetes Basis: Pods, Deployments, and Services
Kubernetes Basis: Pods, Deployments, and ServicesKubernetes Basis: Pods, Deployments, and Services
Kubernetes Basis: Pods, Deployments, and Services
 
Containerize vs Virtualize? NGDC 2009
Containerize vs Virtualize? NGDC 2009Containerize vs Virtualize? NGDC 2009
Containerize vs Virtualize? NGDC 2009
 
oSC-2023-Cross-Build.pdf
oSC-2023-Cross-Build.pdfoSC-2023-Cross-Build.pdf
oSC-2023-Cross-Build.pdf
 
You got database in my cloud (short version)
You got database in my cloud (short version)You got database in my cloud (short version)
You got database in my cloud (short version)
 
WSO2 Screencast - How to Easily Build a Git-Based CI/CD Pipeline for your API...
WSO2 Screencast - How to Easily Build a Git-Based CI/CD Pipeline for your API...WSO2 Screencast - How to Easily Build a Git-Based CI/CD Pipeline for your API...
WSO2 Screencast - How to Easily Build a Git-Based CI/CD Pipeline for your API...
 
Installing Component Pack 6.0.0.6
Installing Component Pack 6.0.0.6Installing Component Pack 6.0.0.6
Installing Component Pack 6.0.0.6
 
Hands-on VeriFast with STM32 microcontroller @ Nagoya
Hands-on VeriFast with STM32 microcontroller @ NagoyaHands-on VeriFast with STM32 microcontroller @ Nagoya
Hands-on VeriFast with STM32 microcontroller @ Nagoya
 
Ports, pods and proxies
Ports, pods and proxiesPorts, pods and proxies
Ports, pods and proxies
 
Mete Atamel - Serverless with Knative - Codemotion Amsterdam 2019
Mete Atamel - Serverless with Knative - Codemotion Amsterdam 2019Mete Atamel - Serverless with Knative - Codemotion Amsterdam 2019
Mete Atamel - Serverless with Knative - Codemotion Amsterdam 2019
 
Developing Serverless Applications on Kubernetes with Knative
Developing Serverless Applications on Kubernetes with KnativeDeveloping Serverless Applications on Kubernetes with Knative
Developing Serverless Applications on Kubernetes with Knative
 
Blasting Through the Clouds - Automating Cloud Foundry with Concourse CI
Blasting Through the Clouds - Automating Cloud Foundry with Concourse CIBlasting Through the Clouds - Automating Cloud Foundry with Concourse CI
Blasting Through the Clouds - Automating Cloud Foundry with Concourse CI
 
AWS 고객사를 위한 ‘AWS 컨테이너 교육’ - 유재석, AWS 솔루션즈 아키텍트
AWS 고객사를 위한 ‘AWS 컨테이너 교육’ - 유재석, AWS 솔루션즈 아키텍트AWS 고객사를 위한 ‘AWS 컨테이너 교육’ - 유재석, AWS 솔루션즈 아키텍트
AWS 고객사를 위한 ‘AWS 컨테이너 교육’ - 유재석, AWS 솔루션즈 아키텍트
 
Webinar - Unbox GitLab CI/CD
Webinar - Unbox GitLab CI/CD Webinar - Unbox GitLab CI/CD
Webinar - Unbox GitLab CI/CD
 
Embedding WPE WebKit - from Bring-up to Maintenance
Embedding WPE WebKit - from Bring-up to MaintenanceEmbedding WPE WebKit - from Bring-up to Maintenance
Embedding WPE WebKit - from Bring-up to Maintenance
 
Scaling docker with kubernetes
Scaling docker with kubernetesScaling docker with kubernetes
Scaling docker with kubernetes
 
Buri2019
Buri2019Buri2019
Buri2019
 

Kürzlich hochgeladen

The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is inside
shinachiaurasa2
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
Presentation.STUDIO
 
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
masabamasaba
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
panagenda
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
Delhi Call girls
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
VictoriaMetrics
 
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
masabamasaba
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
masabamasaba
 
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
masabamasaba
 

Kürzlich hochgeladen (20)

8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is inside
 
tonesoftg
tonesoftgtonesoftg
tonesoftg
 
%in Harare+277-882-255-28 abortion pills for sale in Harare
%in Harare+277-882-255-28 abortion pills for sale in Harare%in Harare+277-882-255-28 abortion pills for sale in Harare
%in Harare+277-882-255-28 abortion pills for sale in Harare
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
 
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
WSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go Platformless
 
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
 
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
 
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
 
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
 

Kubernetes from a Box Mix

  • 1. @stillinbeta // #SREcon Americas 2019 While you’re waiting... http://bit.ly/srecon-cake0
  • 2. @stillinbeta // #SREcon Americas 2019 Kubernetes From A Cake Mix Liz Frost
  • 3. @stillinbeta // #SREcon Americas 2019 Who am I? Liz Frost Twitter: @stillinbeta slack.k8s.io: @liz
  • 4. @stillinbeta // #SREcon Americas 2019 Who am I?
  • 5. @stillinbeta // #SREcon Americas 2019 Who am I?
  • 6. @stillinbeta // #SREcon Americas 2019 Who am I? It’s pronounced “kube-cuddle”
  • 7. @stillinbeta // #SREcon Americas 2019 Why should you listen to me? ● sig-cluster-lifecycle member ● kubernetes contributor ● kubeadm developer
  • 8. @stillinbeta // #SREcon Americas 2019 What is Kubernetes?
  • 9. @stillinbeta // #SREcon Americas 2019
  • 10. @stillinbeta // #SREcon Americas 2019
  • 11. @stillinbeta // #SREcon Americas 2019
  • 12. @stillinbeta // #SREcon Americas 2019 Node Pod Pod Pod Node Pod Pod Pod User
  • 13. @stillinbeta // #SREcon Americas 2019 Node Pod Pod Pod Node Pod Pod Pod User
  • 14. @stillinbeta // #SREcon Americas 2019 Kubernetes API User
  • 15. @stillinbeta // #SREcon Americas 2019 Kubernetes APIConformance Tests
  • 16. @stillinbeta // #SREcon Americas 2019 Kubernetes APIConformance Tests
  • 17. @stillinbeta // #SREcon Americas 2019 Kubernetes APIConformance Tests
  • 18. @stillinbeta // #SREcon Americas 2019 Kubernetes APIConformance Tests
  • 19. @stillinbeta // #SREcon Americas 2019 Kubernetes API A wizard did itConformance Tests
  • 20. @stillinbeta // #SREcon Americas 2019 We got Opinions
  • 21. @stillinbeta // #SREcon Americas 2019 Kubeadm™ brand Kubernetes
  • 22. @stillinbeta // #SREcon Americas 2019 kubeadm init
  • 23. @stillinbeta // #SREcon Americas 2019 $ kubeadm init --help Run this command in order to set up the Kubernetes master. The "init" command executes the following phases: ``` preflight Run master pre-flight checks kubelet-start Writes kubelet settings and (re)starts the kubelet certs Certificate generation /etcd-ca Generates the self-signed CA to provision identities for etcd /etcd-server Generates the certificate for serving etcd /etcd-healthcheck-client Generates the client certificate for liveness probes to healtcheck etcd /apiserver-etcd-client Generates the client apiserver uses to access etcd /etcd-peer Generates the credentials for etcd nodes to communicate with each other /ca Generates the self-signed Kubernetes CA to provision identities for other Kubernetes components /apiserver Generates the certificate for serving the Kubernetes API /apiserver-kubelet-client Generates the Client certificate for the API server to connect to kubelet /front-proxy-ca Generates the self-signed CA to provision identities for front proxy /front-proxy-client Generates the client for the front proxy /sa Generates a private key for signing service account tokens along with its public key kubeconfig Generates all kubeconfig files necessary to establish the control plane and the admin kubeconfig file /admin Generates a kubeconfig file for the admin to use and for kubeadm itself /kubelet Generates a kubeconfig file for the kubelet to use *only* for cluster bootstrapping purposes /controller-manager Generates a kubeconfig file for the controller manager to use /scheduler Generates a kubeconfig file for the scheduler to use control-plane Generates all static Pod manifest files necessary to establish the control plane /apiserver Generates the kube-apiserver static Pod manifest /controller-manager Generates the kube-controller-manager static Pod manifest /scheduler Generates the kube-scheduler static Pod manifest etcd Generates static Pod manifest file for local etcd. /local Generates the static Pod manifest file for a local, single-node local etcd instance. upload-config Uploads the kubeadm and kubelet configuration to a ConfigMap /kubeadm Uploads the kubeadm ClusterConfiguration to a ConfigMap /kubelet Uploads the kubelet component config to a ConfigMap mark-control-plane Mark a node as a control-plane bootstrap-token Generates bootstrap tokens used to join a node to a cluster addon Installs required addons for passing Conformance tests /coredns Installs the CoreDNS addon to a Kubernetes cluster /kube-proxy Installs the kube-proxy addon to a Kubernetes cluster
  • 24. @stillinbeta // #SREcon Americas 2019 $ kubeadm init --help Run this command in order to set up the Kubernetes master. The "init" command executes the following phases: ``` preflight Run master pre-flight checks kubelet-start Writes kubelet settings and (re)starts the kubelet certs Certificate generation kubeconfig Generates all kubeconfig files necessary control-plane Generates all static Pod manifest files necessary to establish the /apiserver Generates the kube-apiserver static Pod manifest /controller-manager Generates the kube-controller-manager static Pod manifest /scheduler Generates the kube-scheduler static Pod manifest etcd Generates static Pod manifest file for local etcd. /local Generates the static Pod manifest file for a local etcd instance. upload-config Uploads the kubeadm and kubelet configuration to a ConfigMap /kubeadm Uploads the kubeadm ClusterConfiguration to a ConfigMap /kubelet Uploads the kubelet component config to a ConfigMap mark-control-plane Mark a node as a control-plane bootstrap-token Generates bootstrap tokens used to join a node to a cluster addon Installs required addons for passing Conformance tests /coredns Installs the CoreDNS addon to a Kubernetes cluster /kube-proxy Installs the kube-proxy addon to a Kubernetes cluster
  • 25. @stillinbeta // #SREcon Americas 2019 preflight kubelet-start certs kubeconfig control-plane /apiserver /controller-manager /scheduler etcd /local upload-config /kubeadm /kubelet mark-control-plane bootstrap-token addon /coredns /kube-proxy
  • 26. @stillinbeta // #SREcon Americas 2019 What are we making? ● kubelet ● etcd ● kube-apiserver ● kube-contoller-manager ● kube-scheduler
  • 27. @stillinbeta // #SREcon Americas 2019 master kubelet etcd kube- apiserver kube- scheduler kube- controller- manager docker process container Node (VM / physical Machine) https IPC
  • 28. @stillinbeta // #SREcon Americas 2019 kubelet etcd docker kube- apiserver kube- scheduler kube- controller -manager process container Node (VM / physical Machine)
  • 29. @stillinbeta // #SREcon Americas 2019 kubelet etcd docker kube- apiserver kube- scheduler kube- controller -manager process Kubernetes pod Node (VM / physical Machine)
  • 30. @stillinbeta // #SREcon Americas 2019 kubelet etcd docker kube- apiserver kube- scheduler kube- controller -manager process container Node (VM / physical Machine)
  • 31. @stillinbeta // #SREcon Americas 2019 kubelet
  • 32. @stillinbeta // #SREcon Americas 2019 What will we need locally? ● kubelet ● kubeadm ● docker
  • 33. @stillinbeta // #SREcon Americas 2019 kubelet connects to API server... ...but the API server is run by the kubelet
  • 34. @stillinbeta // #SREcon Americas 2019
  • 35. @stillinbeta // #SREcon Americas 2019 Kubelet boot Start static pods Try to connect to API server
  • 36. @stillinbeta // #SREcon Americas 2019 Kubelet boot Start static pods Try to connect to API server
  • 37. @stillinbeta // #SREcon Americas 2019 Kubelet boot Start static pods
  • 38. @stillinbeta // #SREcon Americas 2019 Tutorial 1! http://bit.ly/srecon-cake1
  • 39. @stillinbeta // #SREcon Americas 2019 kubeadm
  • 40. @stillinbeta // #SREcon Americas 2019 kubeadm REMOVE BEFORE FLIGHT
  • 41. @stillinbeta // #SREcon Americas 2019 Preflight Checks ● Avoid common problems ● Handy guard-rails ● Ignore at your own peril!
  • 42. @stillinbeta // #SREcon Americas 2019 Tutorial 2! http://bit.ly/srecon-cake2
  • 43. @stillinbeta // #SREcon Americas 2019
  • 44. @stillinbeta // #SREcon Americas 2019 From the Website ● Simple: well-defined, user-facing API (gRPC) ● Secure: automatic TLS with optional client cert authentication ● Fast: benchmarked 10,000 writes/sec ● Reliable: properly distributed using Raft
  • 45. @stillinbeta // #SREcon Americas 2019 What you care about ● Key/value store ● Optionally distributed ● Only stateful part of kubernetes ● Secured by client certificates
  • 46. @stillinbeta // #SREcon Americas 2019 Where do we put it? ● External? ● HA? ● Self-Hosted ● Single Node
  • 47. @stillinbeta // #SREcon Americas 2019 Setting up etcd Generate Certificates Create Pod Manifest Run Healthcheck
  • 48. @stillinbeta // #SREcon Americas 2019 Tutorial 3! http://bit.ly/srecon-cake3
  • 49. @stillinbeta // #SREcon Americas 2019 apiserver
  • 50. @stillinbeta // #SREcon Americas 2019 master kubelet etcd kube- apiserver kube- scheduler kube- controller- manager docker process container Node (VM / physical Machine) https IPC User
  • 51. @stillinbeta // #SREcon Americas 2019 The centre of everything
  • 52. @stillinbeta // #SREcon Americas 2019 kube-apiserver
  • 53. @stillinbeta // #SREcon Americas 2019 kube-apiserver ● Exclusive control of etcd ● Handles all access control ● Stores some (but not all!) APIs ● Proxies everything
  • 54. @stillinbeta // #SREcon Americas 2019 API Groups? GET /apis/apps/v1/namespaces/default/deployments/myapp API Group API Version Namespace Resource Resource Name
  • 55. @stillinbeta // #SREcon Americas 2019 Custom Resource Definitions API Request MyCRD Watch NotificationMyCRD Response User (kubectl, curl) kube-apiserver CRD controller
  • 56. @stillinbeta // #SREcon Americas 2019 kubectl exec Command Command Command output User (kubectl, curl) kube-apiserver Running Pod Command Output
  • 57. @stillinbeta // #SREcon Americas 2019 Tutorial 4! http://bit.ly/srecon-cake4
  • 58. @stillinbeta // #SREcon Americas 2019 kube-controller-manager
  • 59. @stillinbeta // #SREcon Americas 2019 ...that could mean anything
  • 60. @stillinbeta // #SREcon Americas 2019 Controller State Changes Desired State Reactions
  • 61. @stillinbeta // #SREcon Americas 2019 ReplicaSetController Pod Created / Destroyed List of ReplicaSets Create / Destroy Pods
  • 62. @stillinbeta // #SREcon Americas 2019 NodeController Node Health Changes List of Pods Destroy Pods
  • 63. @stillinbeta // #SREcon Americas 2019 kube-controller-manager Controller goroutineController goroutineController goroutineController goroutineController goroutine Controller goroutineController goroutineController goroutineController goroutineController goroutine Controller goroutineController goroutineController goroutineController goroutineController goroutine Controller goroutineController goroutineController goroutineController goroutineController goroutine
  • 64. @stillinbeta // #SREcon Americas 2019 Tutorial 5! http://bit.ly/srecon-cake5
  • 65. @stillinbeta // #SREcon Americas 2019 Scheduler
  • 66. @stillinbeta // #SREcon Americas 2019 kube-schedulerPods Nodes Assignments
  • 67. @stillinbeta // #SREcon Americas 2019 I need a GPU I’m out of disk I’m running Solaris I’m in Europe I can’t be on Node17 I want to be in us-east-1c
  • 68. @stillinbeta // #SREcon Americas 2019 I prefer Europe I prefer not to run on the same node as pod17
  • 69. @stillinbeta // #SREcon Americas 2019 Bin Packing
  • 70. @stillinbeta // #SREcon Americas 2019 Tutorial 6! http://bit.ly/srecon-cake6
  • 71. @stillinbeta // #SREcon Americas 2019 What would be next? ● DNS ● Container Networking ● Proxying ● Multiple Nodes
  • 72. @stillinbeta // #SREcon Americas 2019 Your Cluster is Not: ● Secure ● Production-Ready ● Resilient ● High-Availability ● Certified Kubernetes
  • 73. @stillinbeta // #SREcon Americas 2019 But it is yours.
  • 74. @stillinbeta / #Kubecon Seattle 2018 Questions? Concerns? Come find me! I’m the one with pink hair! Twitter: @stillinbeta slack.k8s.io: @liz Github: github.com/stillinbeta