Cloud Native Night June 2019, Munich: Talk by Josef Fuchshuber (@fuchshuber, Principal Software Architect at QAware) Join our Meetup: www.meetup.com/cloud-native-muc Abstract: Kubernetes ist komplex geworden. Eigentlich so komplex, dass man sich als App Developer mit diesem Komplexitätsgrad auf Platform-Level nur selten befassen will. Was aber ist die richtige Abstraktionsebene für App Developer? In diesem Talk werden zwei mögliche Lösungen vorgestellt: - Crossplane: Ein Multicloud Control Plane um Workload und Ressourcen unabhängig von Cloud Providern ausrollen zu können - Knative: Plattform um Serverless Workloads zu Bauen, Deployen und zu Managen Beide Tools definieren eine abstrahierte Sicht auf K8s, haben aber jeweils einen eigenen Lösungsansatz und unterschiedliche Einsatzszenarien. Diese werden in der Präsentation vorgestellt und mit Demos detaillierter erläutert.

1. K8S IS NOT FOR APP DEVELOPERS
What offers Knative and Crossplane to devs?

2. WHO AM I?
JOSEF FUCHSHUBER
• PRINCIPAL SOFTWARE ARCHITECT @ QAWARE
• DESIGNS AND BUILDS CLOUD
ARCHITECTURES FOR OUR CUSTOMERS
• LOVES CONTINUOUS DELIVERY AND ALL THE
RELATED TOOLS

3. „The first k8s years were under the slogan:
Deliver a production ready cloud native platform.
And not: Developer Happiness first.
-My opinion

4. How do you pronounce
kubectl ?
kube cuddle ?
kube control ?
kube see tea el ?
… ?

5. EXAMPLE: KUBERNETES HAS BECOME BIG AND COMPLEX
Source: https://kccna18.sched.com/event/GrRI/deploying-rock-solid-applications-with-kubernetes-jelmer-snoeck-manifold

6. „BUT I JUST WANTED TO DEPLOY AN APP!“
Source: https://giphy.com/gifs/cbc-comedy-what-3o7btPCcdNniyf0ArS

7. DEVELOPER HAPPINESS @ AIRBNB
Melanie Cebula: "The configuration and the tools are complex ... But what I want to stress is that these are all
solvable problems.“
1. Reduce kubernetes boilerplate
2. Standardize on environments and namespaces
3. Everything about a service should be in one place in git
4. Make best practices the default by generating configuration
5. Create a wrapper for kubectl commands
6. Automate common k8s workflows
7. CI/CD should run the same commands that engineers run locally, in a container
8. Validate configuration as part of CI/CD
9. Code and configuration should be deployed with the same process
10. Use custom resources and custom controllers to integrate with your infrastructure
Source: https://kccna18.sched.com/event/GsxY/keynote-developing-kubernetes-services-at-airbnb-scale-melanie-cebula-software-engineer-airbnb

8. CUSTOM RESOURCE DEFINITIONS (CRD) + CONTROLLER
• CRD is a powerful feature that allows K8s operators to add their own objects to the
Kubernetes cluster.
• These objects can be used like all native Kubernetes objects via the K8s API.
• Custom controllers are based on the operator pattern and are responsible for the
lifecycle handling of CRDs.

10. CROSSPLANE IS STILL VERY YOUNG
• Crossplane is a new Open Source project and is only at the beginning
• Dec 2018: Version 0.1
• Apr 2019: Version 0.2
• Behind Crossplane is the company Upbound, which has already made Rook to a
successful CNCF project.
• Crossplane describes itself as Multicloud Control Plane for Cloud Native Workload.

11. MULTICLOUD CONTROL PLANE
• Crossplane offers an abstraction for Kubernetes workload and the infrastructure components required for it.
• Crossplane is an open control plane: It uses managed services that your cloud provider offers (databases,
storage, message queues, …) and uses independent infrastructure.
• Currently, the major cloud providers Google, Amazon and Microsoft are supported.
Source: https://crossplane.io/docs/v0.2/

12. DEFINITION OF AN INFRASTRUCTURE DEPENDENCIES FOR OUR WORKLOAD

13. CROSSPLANE WORKLOAD DEFINITION

14. MORE INFOS ABOUT CROSSPLANE
• KubeConNA 2018: Clusters as Cattle - Wrangling Clusters Not Just Nodes - Illya Chekrygin,
Upbound
• Crossplane Blog: Crossplane composes fully-managed services in Kubernetes to deploy GitLab into
multiple clouds

16. KNATIVE IS ALSO STILL A YOUNG PROJECT - BUT ALREADY WELL SPREAD
• Published in June 2018 by Google, latest version is 0.6.1
• The main contributors are Google, Pivotal, IBM (Red Hat) & SAP
• Cloud providers will base some of their serverless offerings on Knative:
• „Red Hat plans to combine Knative with its OpenShift commercial Kubernetes
distribution“
• „Pivotal is rolling Knative into its Pivotal Function Service“
• „Google Cloud Run, a fully managed serverless execution environment.“

17. THE NATIVE AUDIENCE
Source: https://github.com/knative/docs/tree/master/docs

18. KNATIVE IS MADE UP OF THREE COMPONENTS
• Build - Source-to-container build orchestration
• Eventing - Management and delivery of events
• Google PubSub
• AWS SQS
• GitHub event types
• Kafka
• CronJob
• …
• Serving - Request-driven compute that can scale to zero

19. KNATIVE EVENTING DEMO
• Google Cloud Run - fully managed
• Google Pub/Sub
• „Hello World“ Go Service
Source: https://medium.com/knative/announcing-knative-v0-5-release-cfe646ca8e30
Knative Eventing Object Model

20. KNATIVE SERVING OBJECT MODEL
Source: https://github.com/knative/serving/blob/master/docs/spec/overview.md

21. KNATIVE: AUTOSCALE HELLO WORLD

22. KNATIVE SERVING DEMO
• Google GKE Cluster with Cloud Run
• knctl as kubectl Wrapper
• „Hello World“ Go Service
• Service endpoint returns „hello world“
string. Answer is configurable with env-
variable.
• Latency and cpu usage is „configurable“
as URL argument
• Demo parts:
• Scale from/to zero
• Canary deployments
• Autoscaling

23. DEMO #1 (1/2): SCALE FROM ZERO
$ knctl pod list -s knative-helloworld -n helloworld
Pods for service 'knative-helloworld'
Revision Name Phase Restarts Age
0 pods
Succeeded
$ knctl service list -n helloworld
Services in namespace 'helloworld'
Name Domain Annotations Conditions Age
knative-helloworld knative-helloworld.helloworld.example.com - 3 OK / 3 1d

24. DEMO #1 (2/2): SCALE FROM ZERO AND BACK
$ curl -H "Host: knative-helloworld.helloworld.example.com" http://35.234.97.39
Hello world!
Slept for 300.32 milliseconds.
$ knctl pod list -s knative-helloworld -n helloworld
Pods for service 'knative-helloworld'
Revision Name Phase Restarts Age
knative-helloworld-vltgs knative-helloworld-vltgs-deployment-777c96bcd-zxvkk Running 0 1m
1 pods
Succeeded

25. DEMO #2: ROUTING AND CANARY DEPLOYMENTS (1/6)
$ knctl route list -n helloworld
Routes in namespace 'helloworld'
Name Domain Traffic Annotations Conditions Age
knative-helloworld knative-helloworld.helloworld.example.com 100% -> knative-helloworld - 3 OK / 3 1d
1 routes
Succeeded
List all routes

26. DEMO #2: ROUTING AND CANARY DEPLOYMENTS (2/6)
$ knctl deploy -n helloworld -s knative-helloworld --image gcr.io/engineering-cloud/knative-helloworld --env
TARGET=blue --managed-route=false
Name knative-helloworld
Waiting for new revision (after revision 'knative-helloworld-vltgs') to be created...
Tagging new revision 'knative-helloworld-jggrj' as 'latest'
Tagging older revision 'knative-helloworld-vltgs' as 'previous'
Annotating new revision 'knative-helloworld-jggrj'
Waiting for new revision 'knative-helloworld-jggrj' to be ready for up to 5m0s (logs below)...
Revision 'knative-helloworld-jggrj' became ready
Continuing to watch logs for 5s before exiting
knative-helloworld-jggrj > knative-helloworld-jggrj-deployment-7d99dcb5-jt7z6 | 2019/06/11 22:30:07 Hello world
sample started.
knative-helloworld-jggrj > knative-helloworld-jggrj-deployment-66b84ddd6-w6zk5 | 2019/06/11 22:30:08 Hello world
sample started.
Succeeded
Deploy "blue" revision with unmanaged routes

27. DEMO #2: ROUTING AND CANARY DEPLOYMENTS (3/6)
$ knctl rollout -n helloworld --route knative-helloworld -p knative-helloworld:latest=100%
Succeeded
$ knctl route list -n helloworld
Routes in namespace 'helloworld'
Name Domain Traffic Annotations Conditions Age
knative-helloworld knative-helloworld.helloworld.example.com 100% -> knative-helloworld-jggrj - 3 OK / 3 1d
1 routes
Succeeded
Lock down route to current revision

28. DEMO #2: ROUTING AND CANARY DEPLOYMENTS (4/6)
$ knctl deploy -n helloworld -s knative-helloworld --image gcr.io/engineering-cloud/knative-helloworld --env
TARGET=green --managed-route=false
Name knative-helloworld
Waiting for new revision (after revision 'knative-helloworld-jggrj') to be created...
Tagging new revision 'knative-helloworld-zc29p' as 'latest'
Tagging older revision 'knative-helloworld-jggrj' as 'previous'
Annotating new revision 'knative-helloworld-zc29p'
Waiting for new revision 'knative-helloworld-zc29p' to be ready for up to 5m0s (logs below)...
Revision 'knative-helloworld-zc29p' became ready
Continuing to watch logs for 5s before exiting
knative-helloworld-zc29p > knative-helloworld-zc29p-deployment-fbfdcc5d5-lqv7k | 2019/06/11 22:39:32 Hello world
sample started.
knative-helloworld-zc29p > knative-helloworld-zc29p-deployment-5f44797d4d-647j5 | 2019/06/11 22:39:31 Hello world
sample started.
Succeeded
Deploy „green" revision with unmanaged routes

29. DEMO #2: ROUTING AND CANARY DEPLOYMENTS (5/6)
$ knctl rollout -n helloworld --route knative-helloworld -p knative-helloworld:latest=10% -p
knative-helloworld:previous=90%
Succeeded
$ knctl route list -n helloworld
Routes in namespace 'helloworld'
Name Domain Traffic Annotations Conditions Age
knative-helloworld knative-helloworld.helloworld.example.com 10% -> knative-helloworld-zc29p - 3 OK / 3 1d
90% -> knative-helloworld-jggrj
1 routes
Succeeded
Let's roll out new version to 10% of users
$ watch -n 0,5 curl -H "Host: knative-helloworld.helloworld.example.com" http://35.234.97.39
Check result

30. DEMO #2: ROUTING AND CANARY DEPLOYMENTS (6/6)
$ knctl rollout -n helloworld --route knative-helloworld -p knative-helloworld:latest=100%
Succeeded
$ knctl route list -n helloworld
Routes in namespace 'helloworld'
Name Domain Traffic Annotations Conditions Age
knative-helloworld knative-helloworld.helloworld.example.com 100% -> knative-helloworld-zc29p - 3 OK / 3 1d
1 routes
Succeeded
Roll out remaining traffic
$ watch -n 0,5 curl -H "Host: knative-helloworld.helloworld.example.com" http://35.234.97.39
Check result

31. DEMO #3: AUTOSCALE - CONCURRENT REQUESTS (1/2)
$ knctl deploy
--namespace helloworld
--service knative-helloworld
--image gcr.io/engineering-cloud/knative-helloworld
--env TARGET=RevAuto1
--annotation autoscaling.knative.dev/class=kpa.autoscaling.knative.dev
--annotation autoscaling.knative.dev/metric=concurrency
--annotation autoscaling.knative.dev/target="10"
--annotation autoscaling.knative.dev/minScale="1"
--annotation autoscaling.knative.dev/maxScale="20"

32. DEMO #3: AUTOSCALE - CONCURRENCY (2/2)
hey -z 10s -c 500 -host "knative-helloworld.helloworld.example.com" "http://35.234.97.39?
sleep=300"
$ watch knctl pod list -s knative-helloworld -n helloworld
knative-helloworld-fgzcf knative-helloworld-fgzcf-deployment-6cbb48c9df-7bp9h Running 0 45s
knative-helloworld-fgzcf knative-helloworld-fgzcf-deployment-6cbb48c9df-hjcld Running 0 49s
knative-helloworld-fgzcf knative-helloworld-fgzcf-deployment-6cbb48c9df-vr7kd Running 0 45s
Autoscaler „panic mode“: Calculates a 6 second panic window and will enter panic mode if that
window reached 2x the target concurrency
Check result
hey -z 90s -c 200 -host "knative-helloworld.helloworld.example.com" "http://35.234.97.39?
sleep=500"
Autoscaler "average concurrency over a 60 second window"

33. DEMO #4: AUTOSCALE - CPU
$ knctl deploy
--namespace helloworld
--service knative-helloworld
--image gcr.io/engineering-cloud/knative-helloworld
--env TARGET=RevAuto2
--annotation autoscaling.knative.dev/class=hpa.autoscaling.knative.dev
--annotation autoscaling.knative.dev/metric=cpu
--annotation autoscaling.knative.dev/target="60"

34. Thank you! Q&A and Small Talk in the Kitchen!