Más contenido relacionado

Similar a Kubernetes, Toolbox to fail or succeed for beginners - Demi Ben-Ari, VP R&D @ Panorays(20)


Más de Demi Ben-Ari(20)


Kubernetes, Toolbox to fail or succeed for beginners - Demi Ben-Ari, VP R&D @ Panorays

  1. Kubernetes (K8s) Toolbox to fail or succeed for beginners Demi Ben-Ari @ Panorays
  2. Some important things ● What I’m not: Docker / Kubernetes / Security Expert ● What you won’t be after this talk: Docker / Kubernetes / Security Expert ● What you will be after this talk? ● Happier people (Because I’ve stopped talking) ● You’ll know what was our problem and our way of solution ● You’ll know where to search and learn more things ● The answer to the “What’s the meaning of life?” (42)
  3. About Us Demi Ben-Ari, Co-Founder & VP R&D @ Panorays ● Google Developer Expert ● Co-Founder of Communities: ○ “Big Things” - Big Data, Data Science, DevOps ○ Google Developer Group Cloud ○ Ofek Alumni Association In the Past: ● Sr. Data Engineer - Windward ● Team Leader & Sr. Java Software Engineer, Missile defence and Alert System - “Ofek” – IAF
  4. What do we do at Panorays?
  5. How Do Hackers Get to Third Parties? Supplier Employees IT & Network Application - Confidential -7p. 52% by the Human Factor
  6. What makes Panorays different? 360 360⁰ full perimeter overview Comprehensive outside-in simulated hacker view and inside-out view. No false positives You and suppliers can dispute or validate findings. Complete third-party management Panorays works with suppliers to close cyber gaps.
  7. - Confidential - Inside-OutOutside-In BIG DATA ACTIONABLE INSIGHTSCONTEXT-BASED RATINGS Under the Hood
  8. A bit about history
  9. Applications Changing Loosely Coupled Services Many Small Servers ~2000 Today Monolithic Big Servers Slow changing Rapidly updated
  10. Solution: Docker Containers Static Website Web Front End Background Workers User DB Analytics DB Queue API Endpoint Any App Anywher e Composable Dynamic Portable
  11. Solution: Docker Containers • Packages up software binaries and dependencies • Isolates software from each other • Container is a standard format • Easily portable across environment • Allows ecosystem to develop around its standard Container
  12. Docker Fundamentals
  13. Docker Basics Docker Image The basis of a Docker container Docker Container The standard unit in which the application service resides Docker Engine Creates, ships and runs Docker containers deployable on physical or virtual host locally, in a datacenter or cloud service provider Docker Registry On-premises registry for image storing and collaboration
  14. What’s an Image? ● An image is a collection of files + some meta data. (Technically: those files form the root filesystem of a container.) ● Images are made of layers, conceptually stacked on top of each other. ● Each layer can add, change, and remove files. ● Images can share layers to optimize disk usage, transfer times, and memory use.
  15. What is a Container? ● Standardized packaging for software and dependencies ● Isolate apps from each other ● Share the same OS kernel ● Works for all major Linux distributions ● Containers native to Windows Server 2016
  16. Containers vs. VMs
  17. Like: Object Oriented Programming ● Images are conceptually similar to classes. ● Layers are conceptually similar to inheritance. ● Containers are conceptually similar to instances.
  18. Hypervisor OS OS OS Container Host OS
  19. Why Services and Microservices Can work so Well
  20. Monolith’s Weaknesses ● Team members can’t see the whole picture ● Unnecessary interdependencies are inevitable ● Deployments become scary ● Lump-Sum Technical Debt ● Limited Fault Isolation
  22. We’ve created a “Microlith”
  23. Small & Simple things are hard to break ● More Stable ● Easier to Debug / Fix ● Easier to Test
  24. Which size is right?
  25. Which size is right? ● How big is your team? ● What is your application like? ● What are the distinct pieces? ● What dat and / or logic must remain together? ● Can some parts be asynchronous? ● What pieces, when separated, will lower complexity and increase stability?
  26. Weaknesses with Microservices ● DevOps skills are a must ● Orchestration becomes much more complex ● Architecture costs more of you time ● Testing can be more difficult ● Thinking more & build better software is mandatory
  27. Community Top 0.01% of all GitHub projects 1,200+ external projects based on k8s Companies Contributing Companies Using 1,000+ unique contributors 15,000+ people signed up for k8s meetups
  28. Kubernetes (Openhub)
  29. Kubernetes ● Greek for “Helmsman”; also the root of the words “governor” and “cybernetic”. ● Manages container clusters ● Inspired and informed by Google’s experience and an internal system (Borg) ● Supports multiple cloud and bare-metal environments ● 100% Open source, written in Go ● Manage applications, not Machines
  30. Cattle vs. Pets CattlePet • Has a name • Is unique or rare • Personal Attention • If it gets ill, you make it better • Has a number • One is much like any other • Run as a group • If it gets ill, you make hamburgers
  31. Kubernetes Terminology ● Deployment ● Service ● ReplicaSet ● Pod ● Volume ● Label ● Selector ● ConfigMap ● Secret ● DaemonSet ● Stateful Set ● Job ● Liveness Probe ● Readiness Probe
  32. Why Kubernetes fits Microservices pattern?
  33. Breaking a Monolith to Microservices
  34. Identify Discrete Datasets ● Data is the centre of any application ● Decoupled data is as important as decoupled code ● Datasets often relate to departments of the business
  35. What’s in it for you?
  36. Containers are not enough - what about? ● Scaling up and down ● Scheduling ● Resiliency ● Redundancy ● Service Discovery ● Rolling out & back ● Access control ● Configs & Secrets
  37. Advance stages of Implementation ● ● ● ● The Operator Framework is an open source project that provides developer and runtime Kubernetes tools, enabling you to accelerate the development of an Operator. The Operator Framework includes:
  38. Resources Learn More ● Links ○ ○ Kubernetes documentation ○ Kubernetes user guide and troubleshooting guide ○ Kubernetes Github Repository ● Videos: ○ Kubernetes Cluster Federation Sneak Peek: Ask Questions ● Kubernetes on Stackoverflow: Keep in Touch ● @kubernetesio: ● #kubernetes-users on Slack: ● Kubernetes-dev Google Group:!forum/kubernetes-dev
  39. Conclusions ● If you have a possibility -> Don’t implement distributed systems ● Kubernetes is a great container orchestration tool ● Installing it on bare metal is not that fun - but also possible ● “Perfect” is the enemy of “Working” / “Giving Value” ● It might be a steep learning curve.
  40. Questions
  41. Thank You