Kubernetes in 20 minutes - HDE Monthly Technical Session 24
105
Kubernetes in 20 minutes HDE Monthly Technical Session July 22, 2016 Daisuke Maki @lestrrat
-
Upload
lestrrat -
Category
Engineering
-
view
893 -
download
3
Transcript of Kubernetes in 20 minutes - HDE Monthly Technical Session 24
Kubernetes in 20 minutes
HDE Monthly Technical Session July 22, 2016
Daisuke Maki @lestrrat
Netscape Navigator
Netscape Navigator
Kubernetes
κυβερνήτης
k8s
“Something to do with containers…?
•You know about containers •You know about orchestration •You know about the painful art of deploying stuff
Assumptions
Docker
“Random containers doing their own sh*t”
Compose
“Foreman on Acid”
Swarm
“Clustering and Discovery” (hey, we’re getting somewhere!)
=
“Batteries Included”
K8s on GCP
GKE GCE Networking
…and others
Basic Concepts
Node
Hosts running k8s daemons
Node
kubelet
Node
kubelet
Node
kubelet
Master
Scheduler
etc..
API
Pod
Basic unit of deployment in k8s
Group of Containers
Container configurations
Shared storage
Pod
container
Pod
container
container
Pod
container
container
container
Pod
container
container
container
nginx
app
redis/cache
e.g.
Scheduled together(“co-scheduled”)
Guaranteed to be on the same node
(“co-located”)
Node NodeNode
Node NodeNode
Depends on each node’s resource availability and each pod’s resource requirements
Node Node
container
container
container
Node Node
container
container
container
This will NEVER happen
Miscellaneous
• Each pod has its own IP address • Pods are expected to be stateless
Replica Set
Keeps track of Pod replicas
Replica Setreplicas: 3template:
Replica Setreplicas: 3template:
A
Replica Setreplicas: 3template:
A B
Replica Setreplicas: 3template:
CA B
Replica Setreplicas: 3template:
CA B
Replica Setreplicas: 3template:
A B
Replica Setreplicas: 3template:
A B D
Deployment
Manages Replica Set state transitions
Deploymentreplicas: 3template:
Deploymentreplicas: 3template:
Replica Set A
replicas: 3template:
Deploymentreplicas: 3template:
Replica Set A
replicas: 3template:
Change some settings, please!
Deploymentreplicas: 3template:
Replica Set A
replicas: 3template:
2Change some settings,
please!
Deploymentreplicas: 3template:
Replica Set A
replicas: 3template:
Replica Set B
replicas: 2template:
2Change some settings,
please!
Deploymentreplicas: 3template:
Replica Set A
replicas: 3template:
Replica Set B
replicas: 2template:
2Change some settings,
please!
Deploymentreplicas: 3template:
Replica Set B
replicas: 2template:
2Change some settings,
please!
Keeps track of state change history
Deploymentreplicas: 3template:
Deploymentreplicas: 3template:
Areplicas: 3template:
Deploymentreplicas: 3template:
Areplicas: 3template:
Change some settings, please!
Deploymentreplicas: 3template:
Areplicas: 3template:
2Change some settings,
please!
Deploymentreplicas: 3template:
Areplicas: 3template:
Breplicas: 2template:
2Change some settings,
please!
Deploymentreplicas: 3template:
Areplicas: 3template:
Breplicas: 2template:
2Change some settings,
please!
Deploymentreplicas: 3template:
Breplicas: 2template:
2Change some settings,
please!
Deploymentreplicas: 3template:
Breplicas: 2template:
2Oh wait, I actually
didn’t want to do that…
Deploymentreplicas: 3template:
Breplicas: 2template:
2Oh wait, I actually
didn’t want to do that…
3
Deploymentreplicas: 3template:
Breplicas: 2template:
2Oh wait, I actually
didn’t want to do that…
rollback
3
Deploymentreplicas: 3template:
Breplicas: 2template:
2Oh wait, I actually
didn’t want to do that…
rollback
Areplicas: 3template:
3
Deploymentreplicas: 3template:
Breplicas: 2template:
2Oh wait, I actually
didn’t want to do that…
rollback
Areplicas: 3template:
3
Deploymentreplicas: 3template:
2Oh wait, I actually
didn’t want to do that…
Areplicas: 3template:
3
Services
Logical set of Pods(and ways to access them)
Pod 10.0.96.2
Pod 10.0.96.3
Pod 10.0.96.3
Raw Pod Access
Pod 10.0.96.2
Pod 10.0.96.3
Pod 10.0.96.3
Raw Pod Access
Pod 10.0.96.2
Pod 10.0.96.3
Pod 10.0.96.3
Raw Pod Access
Pod 10.0.96.2
Pod 10.0.96.3
Raw Pod Access
Pod 10.0.96.2
Pod 10.0.96.3
Raw Pod Access
Pod 10.0.96.3
role=web
Access Via Service
Pod 10.0.96.4
role=web
Servicematch role=web
Pod 10.0.96.2
role=web
Pod 10.0.96.5
role=db
Pod 10.0.96.3
role=web
Access Via Service
Pod 10.0.96.4
role=web
Servicematch role=web
Pod 10.0.96.2
role=web
Pod 10.0.96.5
role=db
Pod 10.0.96.3
role=web
Access Via Service
Pod 10.0.96.4
role=web
Servicematch role=web
Pod 10.0.96.2
role=web
Pod 10.0.96.5
role=db
Pod 10.0.96.3
role=web
Access Via Service
Pod 10.0.96.4
role=web
Servicematch role=web
Pod 10.0.96.2
role=web
Pod 10.0.96.5
role=db
Access Via Service
Pod 10.0.96.4
role=web
Servicematch role=web
Pod 10.0.96.2
role=web
Pod 10.0.96.5
role=db
Access Via Service
Pod 10.0.96.4
role=web
Servicematch role=web
Pod 10.0.96.2
role=web
Pod 10.0.96.5
role=db
Access Via Service
Pod 10.0.96.6
role=web
Pod 10.0.96.4
role=web
Servicematch role=web
Pod 10.0.96.2
role=web
Pod 10.0.96.5
role=db
Access Via Service
Pod 10.0.96.6
role=web
Pod 10.0.96.4
role=web
Servicematch role=web
Pod 10.0.96.2
role=web
Pod 10.0.96.5
role=db
Secrets
Store pieces of data in k8s
e.g. Identity Information
(securely)
(…in the future)
Secret
key1 → base64 value
key3 → base64 value
key2 → base64 value
Pod
container
volumes
container: volumeMounts: - name: certificates mountPath: /etc/ssl/certs
volumes: - name: certificates secret: secretName: ca-certificates
ConfigMaps
Same as Secrets (Unprotected)
Ingress
Services are for within the cluster only
(New since 1.2)
Inbound connections to internal cluster services
Please checkout my presentation https://docs.google.com/presentation/d/
11ZN6qgiuZZfVyhBK2hjp1vhp_5N0DOGnAmhPreS3L5A/pub?start=false&loop=false&delayms=3000
DaemonSets
Ensure nodes run a copy of a Pod
Node
prometheus-exporter prometheus-exporter prometheus-exporter
Node Node
PetSets
snip.
Questions?
Appendix: ECS vs GKE
https://railsadventures.wordpress.com/2015/12/06/why-we-chose-kubernetes-over-ecs/
If you want to play with k8s, I’m doing this entirely on GCP/GKE…
Come Join https://slack-invite-dot-builderscon-1248.appspot.com/
