Pivotal Container Service il modo più semplice per gestire Kubernetes in azienda (Pivotal Cloud-Native Workshop: Milan) Fabio Marinelli & Mattia Gandolfi 7 February 2018

1. © Copyright 2017 Pivotal Software, Inc. All rights Reserved. Version 1.0
Fabio Marinelli
Platform Architect, Pivotal
Mattia Gandolfi
Cloud Sales Engineer, Google
Pivotal Container Service
il modo più semplice per gestire
Kubernetes in azienda

2. CONTAINERS
EVENT-DRIVEN
FUNCTIONS
DATA SERVICES
MICROSERVICES
Batches
MONOLITHIC
APPLICATIONS
Companies have many ways to package and run their
workloads in the cloud

3. Their goal: pick the right runtime for each workload
CONTAINERS
EVENT-DRIVEN
FUNCTIONS
DATA SERVICESMICROSERVICES
Batches
MONOLITHIC
APPLICATIONS
IaaS
Container
Orchestrator
(CaaS)
Application
Platform
(PaaS)
Serverless
Functions
(FaaS)

4. Container
Orchestrator
Container Scheduling
Primitives for Network,
Routing, Logs & Metrics
CONTAINER
Choose the right tool for the job
Developer
Provides
Tool
Provides
Application
Platform
APPLICATION
Container Orchestrator
Serverless
Functions
FUNCTION
Application Platform
IaaS
Container Image & build
L7 Network & Routing
Logs, Metrics, Monitoring
Services Marketplace
Team, Quotas & Usage
Function scheduling
Function exec services
Container Orchestrator

5. Container
Orchestrator
Container Scheduling
Primitives for Network,
Routing, Logs & Metrics
CONTAINER
Choose the right tool for the job
Developer
Provides
Tool
Provides
Application
Platform
APPLICATION
Container Orchestrator
Serverless
Functions
FUNCTION
IaaS
Container Image & build
L7 Network & Routing
Logs, Metrics, Monitoring
Services Marketplace
Team, Quotas & Usage
Application Platform
Container Orchestrator
Function scheduling
Function exec services
Lower complexity, higher efficiency
Higher flexibility, lower standardization

6. Hardware
IaaS
Container Orchestrator
Application Platform
Serverless
Functions
Strategic goal: Push as many workloads as technically
feasible to the top of the platform hierarchy
Higher flexibility and
less enforcement of
standards
Lower development
complexity and higher
operational efficiency

7. Patches Patching platform components with
thousands of apps running should feel normal.
Scaling Seamlessly scale platform components
to accommodate changing demand.
Upgrades. How do you roll out new versions of
the platform with the lights on?
Operating Effort Operating a platform should
require very few resources and minimum manual
intervention. Otherwise, is it really providing
operational benefits?
Multi-cloud Provide a reliable and smooth
experience for any cloud.
Open APIs Allow platform operations from
different toolsets and the creation of CD
pipelines.
Consistency Provide a consistent setup
experience, across different cloud environment
configurations.
Setup time How long does it take to setup a real
world working environment? Think hours, not
weeks.
Operational Challenges with any platform
Day 1 - Build Day 2 - Operate

8. “Run this app for me, I don’t care how”
Platform build containers The platform takes care of container creation and management
from source code. Pivotal makes sure they’re always up-to-date.
Out-of-box logging, metrics, tracing and monitoring. No additional configuration required.
Create services on demand On-demand service brokers allow dynamic creation and
binding of service dependencies, offered through a marketplace.
Fully automated Ops. State-of-art automation for consistent and reliable operations.
Pipeline-based deployment, scale, patching and upgrades. Powered by BOSH
Perfect for 12-Factor apps
Application
Platform

9. PIVOTAL CLOUD FOUNDRY OPS
Powered by BOSH
BOSH is an open source tool
for release engineering,
deployment, lifecycle
management, and monitoring
of distributed systems.
BOSH
Packaging w/ embedded OS
Server provisioning on any IaaS
Software deployment across availability
zones
Health monitoring (server AND processes)
Self-healing w/ Resurrector
Storage management
Rolling upgrades via canaries
Easy scaling of clusters

10. “Run this containerized app for me. Let me tell you how.”
Containerized workloads. Custom and ISV packaged apps and services delivered as containers
Stateful services. Services using persistent storage such as MongoDB, Cassandra, Spark,
Elastic Search, CouchDB
Customization. Specify how your app is deployed and operated to optimize performance and
reliability
Ideal for packaged apps, apps/services exposing
multiple ports and where finer grained control is needed
Container
Orchestrator

11. Kubernetes - especially hard to operationalize
High Availability. No out-of-the-box
fault-tolerance for the cluster components
themselves (masters and etcd nodes).
Scaling. Kubernetes clusters handle scaling the
pod/service within the Nodes, but doesn’t
provide a mechanism to scale Masters & etcd
VMs.
Health checks and healing. The Kubernetes
cluster does routine health checks for the health
of Nodes only.
Upgrades. Rolling upgrades on a large fleet of
clusters is hard. Who manages the system it runs
on?
BOSH

12. Project Kubo
Uniform way to instantiate,
deploy, and manage highly
available Kubernetes
clusters. On any cloud.
Launched by Pivotal &
Google Feb 2017.
Donated to Cloud Foundry
Foundation June 2017
“Day 1” Build
● Deploy K8s cluster via BOSH
● Deploy K8s clusters on-demand
“Day 2” Operate
● Self-healing VMs and monitoring
● Elastic scaling for clusters
● Rolling upgrades to latest
Kubernetes release
● High-availability and multi-AZ
support

13. Pivotal Container Service (PKS)
A turnkey solution to
provision, operate and
manage enterprise grade
Kubernetes clusters
Kubernetes Dial Tone:
• Health management
• Aggregated Metrics and Logging
• Autoscaling
• Persistence interface
Control Plane:
• Provisioning Engine
• T-shirt sized clusters
• Self-service Clusters
• Software Update Automation
• Load balancing
• Networking
• Multi-tenancy
+
+

14. BOSH
GCP
Service
Broker
Harbor
NSX-T
Kubernetes
K8s Cluster
K8s Cluster
K8s Cluster
Built with open-source Kubernetes — Constant compatibility
with the current stable release of Kubernetes, operated by
BOSH. No proprietary extensions.
Production-ready — Highly available from apps to
infrastructure, no single points of failure. Built-in health checks,
scaling, auto-healing and rolling upgrades.
Multicloud — BOSH provides a reliable and consistent
operational experience. For any cloud.
Network management and security out-of-the-box with
VMware NSX-T. Multi-cloud, multi-hypervisor.
GCP APIs access — The GCP Service Broker allows apps to
transparently access Google Cloud APIs, from anywhere. Easily
move workloads to/from Google Container Engine (GKE).
Fully automated Ops — Fully automated deploy, scale, patch,
upgrade. No downtime. Use CD pipelines to deploy your
platform, too.
VMware GCP Azure Openstack AWS
PKSController

15. Apps are constantly compatible between
PKS and Google Container Engine (GKE)
Google Container
Engine (GKE)
Pivotal Container
Service (PKS)
Private and
Public Cloud
Public Cloud
(on GCP)

16. Leveraging more than one abstraction
BOSH
Other
Broker
Services
Platform Services
Logging Metrics Monitoring
Elastic Runtime (ERT)
Application Application
VMware GCP Azure Openstack AWS
PKSController
GCP
Service
Broker
Harbor
NSX-T
Kubernetes
K8s Cluster
K8s Cluster
K8s Cluster

17. Sample Use Case
BOSH
Other
Broker
Services
Platform Services
Logging Metrics Monitoring
Elastic Runtime (ERT)
VMware GCP Azure Openstack AWS
Spring Boot App
PKSController
GCP
Service
Broker
Harbor
NSX-T
Kubernetes
K8s Cluster
K8s Cluster
Spring Boot App
Elastic Search

18. VMware PKS
Analytics Automation
SecurityOperations
MonitoringLogging
Physical Infrastructure
Container
Registry
vSphere vSAN
Kubernetes on BOSH (Kubo)
NSX
BOSH
GCP
Service
Broker
masteretcd workermasteretcd worker

19. Available from Pivotal, VMware and Dell EMC
Global Support Services
Availability starting Q4 2017
Availability and support

20. Let’s transform how the world
builds software, together