2. About me...
Ishara Fernando
DevOps/CloudOps Technical Specialist
Pearson
KCA , AWS - ASOA , AWS-ADEV,AWS-ASA
RHCSA,RHCE,RHCVA , ITIL
BSc in Computer Science
MSc in Security Engineering
3. UI Process Components (UIP)
Services
Data
Sources
Service Gateways
(SG)
Data Access
Component (DAC)
Service Interfaces (SI)
Business
Workflow (BW)
UI Components (UIC)
Users
C
o
m
m
u
n
i
c
a
t
i
o
n
O
p
e
r
a
ti
o
n
a
l
M
a
n
a
g
e
m
e
n
t
S
e
c
u
r
i
t
y
Business
Workflow (BW)
Business
Workflow (BW)
General Architecture
5. ● Single Deployment
● Single Runtime
● Single Codebase
● Interaction between classes is most often
synchronous
Application
Server 1
Server 2
Server 3
7. ● Many small modules with specific functionality
● More than one codebase
● Every microservice is a separate deployment
● Every microservices has its own DB
● Ensures module independence
App 1 App 2
Server 1
Server 2Server 4
9. Benefits of Microservices
● Modelled around the business domain
● Deployment Automation culture
● Every microservice is a separate deployment
● Every microservices has its own DB
● Ensures module independence
10.
11. Microservices Use Cases
● Multiple teams
● Memory or CPU intensive parts
- To ease development
● Short-lived, Spawn workers
12. Challenges of Microservices CI/CD
● Lots of independent teams want their own
- Flexible pipeline
- Environments(Dev/IST/UAT/Prod)
- Resources(Compute, Network, Storage)
● Automation because we have lots of
microservices
- Creation of projects, CD pipelines, environments,
releases, etc.
13. Django web
frontend
? ? ? ? ? ?
Node.js
async API
? ? ? ? ? ?
Background
workers
? ? ? ? ? ?
SQL
database
? ? ? ? ? ?
Distributed
DB, big data
? ? ? ? ? ?
Message
queue
? ? ? ? ? ?
My laptop Your laptop QA Staging
Prod on
cloud VM
Prod on bare
metal
The Matrix from Hell
15. Linux Containers
● Units of software delivery (Ship it!)
● Run everywhere
- Regardless of kernel version
- Regardless of host distro
- (But container and host architecture must match*)
● Run anything
- If it can run on the host, it can run in the container
- i.e., if it can run on a Linux kernel, it can run
16. High level approach:
it’s a lightweight VM
● Own process space
● Own network interface
● Can run stuff as root
Machine Container
17. Low level approach:
it’s chroot on steroids
● Container = Isolated process(es)
● Share kernel with host
● No device emulation (neither HVM nor PV)
Application Container
18. Separation and Isolation
● Inside my container:
- My code
- My libraries
- My package manager
- My app
- My data
19. How does it work?
Isolation with cgroups
● Memory
● CPU
● blkio
● Devices
20. Why do you want to run your
application inside containers?
21. Container Advantages
● Lightweight footprint and minimal overhead
● Probability across machines
● Empower Microservices Architectures
● Speeds up Continuous Integration
● Simplify DevOps practices
● Isolation
23. $ docker run -d <image-name>
A single and isolated Linux
process running on a single
machine.
A way to
run a Linux
container
24. ● An Open-Source (Go) framework to
manage “container virtualization”.
● Docker isolates multiple user spaces
(file systems) inside the same host.
● The user space instances are called
“Containers”.
● Docker containers are much smaller
than full VMs, making it easy to
share.
● Used by Google Cloud (with the
Container Engine + Kubernetes).
Docker
25. DevOps Challenges for Multiple Containers
● How to scale?
● How to avoid port conflicts?
● How to manage them in multiple hosts?
● What happens if a host has a trouble?
● How to keep them running?
● How to update them?
● Where are my containers?
27. Kubernetes
● Greek for “Helmsman”; also the
root of the word “Governor”.
● Container Orchestrator.
● Supports multiple cloud and
bare-metal environments.
● Inspired by Google's’ experience
with containers.
● Open Source, written in Go.
● Manage Applications, not
Machines.
28. History of Kubernetes
● Earlier know as “Brog”.
● Brog -> Omega -> Kubernetes
● Google used MPM(Midas
Package Manager) to build
and deploy container images.
B
r
o
g
Gmail
Search
Google
Cloud
Ads
VMs
Containers
30. Open Source Community
Project
Version 1.3
Hosted on Github
800+ contributors
3000+ commits
16000+ Github stars
Project
RedHat CoreOS
HP Pivotal
IBM SaltStack
Mesosphere VMWare
Microsoft
https://kubernetes.io/
https://github.com/kubernetes/kubernetes
31.
32. Kubernetes Concepts
Pod
One or more containers
Shared IP
Shared Storage Volume
Shared Resources
Shared Lifecycle
Replication
Controller
Ensures that a specified
number of pod replicas
are running at a time.
Service
Grouping of pods, act
as one.
Has a stable virtual IP
and DNS name.
Label
Key-value pairs
associated with
Kubernetes objects.
Ex: env=prod
33. Pods
● Group of containers
● Live and die together
● Share
- IP
- Secrets
- Volumes
- Labels
Labels
Application
Administrative
Console
Log Collector
Volume
IP: 10.x.x.x
34. Labels
“Everything runs on Kubernetes can have a label”
Node
App: Cool
Env: Dev
Version: 1.0
Node
App: Cool
Env: Prod
Version: 1.0
Node
App: Cool
Env: Dev
Version: 2.0
Node
App: Cool
Env: Prod
Version: 2.0
39. How do we deliver value
fast(and safely)?
Continuous delivery of containerized
microservices.
40. Continuous Delivery and Automation are Key
$
Development
The Business
Feedback Loop
Production
Commit Build Test Stage Deploy
41. Deploying WordPress and MySQL with
Persistent Volumes
Create a persistent volume
Client Device Cloud Provider
Web User
Persistent
Volume
Persistent
Volume
42. Deploying WordPress and MySQL with
Persistent Volumes
Create a persistent volume
Create a persistent
volume
Create a persistent
volume
Create a secret
Deploy MySQLDeploy WordPress
43. Create a Persistent Volume
kubectl create -f local-volumes.yaml
List Persistent Volumes
kubectl get pv
Persistent Volume
44. Create a Secret
kubectl create secret generic mysql-pass
--from-literal=password=YOUR_PASSWORD
List Secrets
kubectl get secrets
Secret