Kubernetes - Sailing a Sea of Containers

Post on 22-Jan-2018

1,045 views 0 download

Preview:

Click to see full reader
Report this document
SHARE

transcript

KubernetesKubernetesSailing a Sea of ContainersSailing a Sea of Containers

Kel Cecil - @praisechaos

What is Kubernetes?What is Kubernetes?Container Orchestration Toolset

Originated at Google (Borg)

Now a Cloud Native Computing Foundation project

Used in commercial and open source projects

Tectonic (CoreOS)Meteor Galaxy (MeteorJS)OpenShift 3 (Red Hat)Kubernetes Scheduler for Deis (Engine Yard)

Why Kubernetes?Why Kubernetes?Deploying one single container app is easy

Deploying a complex app is more difficult

One or more containersReplicas of containersData volumes for persistent storage

Deploying lots of complex apps can be a challenge

FeaturesFeatures

Services for load balancing

Resource-based scheduling

Robust API

Great CLI tooling via kubectl

Container-spec agnostic

What does a simple Kubernetes cluster look like?

Master

Node Node Node

NodeNodePhysical or virtual machine on which containers can be

scheduled

What unit runs on the nodes?What unit runs on the nodes?

PodPodA colocated set of application containers and shared data

volumes.

Smallest unit that can be scheduled.

Pod

container 1 container n

AWS EBS Volume GCE Volume

NFS Share Git Commit

Containers

Data Volumes

And more...

How can we organize podsHow can we organize pods(or any other Kubernetes resource)?

LabelsLabelsKey-value pairs used to organize resources.

important-microservicedocker.io/kelcecil/app:latest

env=productionserver=nginx

important-microservicedocker.io/kelcecil/app:feature

env=qaserver=nginx

Pods Nodes

172.17.8.102

hostname=172.17.8.102rack=tatooine

172.17.8.103

hostname=172.17.8.103rack=tatooine

172.17.8.104

hostname=172.17.8.104rack=alderaan

Let's have replicas of pods...Let's have replicas of pods...(There's a Kubernetes resource for that.)

Replication ControllerReplication ControllerManages the lifecycle of pods by ensuring a desired

number of pods exist.

Replication Controllerreplicas=2

selector: app=user-service

Podlabels: app=user-service

Podlabels: app=user-service

Podlabels: app=user-service

How can we direct traffic to pods?How can we direct traffic to pods?

ServiceServiceProvides a single, stable endpoint for a set of pods.

Very much like a round-robin load balancer

user-microservice

app=user-service

user-microservice

app=user-service

Client

Servicename: user-microservice

port: 31335selector: app=user-service

Pods

What components make up Kubernetes?

Master

Node

kube-apiserverkube-schedulerkube-controller-manager

kubeletkube-proxy

Master

kube-apiserver

Validates and sets data for resources

Services REST operations

Provides the interface from whichcomponents interact

Master

kube-scheduler

Performs scheduling of pods

Considers many factors when decidingwhere to schedule

Resource requirementsData localityProcess affinity and anti-affinity

Master

kube-controller-manager

Watches the state of the cluster through the API

Makes changes to make actual state of podsmatch the desired state of pods

Node

kubelet

Ensures that pod specifications are met on anode

Performs garbage collection on containers

Ensures that containers are healthy

Node

kube-proxy

Network proxy that forwards traffic to propercontainer

Configured using Kubernetes service

Can forward TCP and UDP steams or round-robin TCP and UDP forwarding

important-microservice

app=user-service

important-microservice

app=user-service

Client

Servicename: user-microservice

port: 31335selector: app=user-service

Pods

kube-proxy

DemonstrationDemonstrationLet's deploy something!Let's deploy something!

Thanks for coming!Questions?

kelcecil@praisechaos.comEmail:

Twitter:@praisechaos

Website:http://kelcecil.com

If you see this and following slides during thetalk, then my demo was a bust. These slidesare plan B. Sorry about that.

If you're browsing my slides after the talk,then this is what I demonstrated live.

https://github.com/pires/kubernetes-vagrant-coreos-clusterFollow along with this simple Kubernetes vagrant setup.

https://github.com/pires/kubernetes-vagrant-coreos-cluster

apiVersion: v1kind: ReplicationController# Metadata about the controllermetadata: name: blog-controller labels: name: blog-controllerspec: replicas: 2 # The labels of pods to be monitored selector: name: blog-pod # Template newly created pods follow template: metadata: # Match the controller selector at minimum labels: name: blog-pod spec: containers: - name: blog-container image: quay.io/kelcecil/kelcecil-com:latest # containerPort is port in use inside container ports: - containerPort: 80

Create a new replication controllerblog.yaml

Create a new replication controller (2/2)

# Set your KUBERNETES_MASTER to your API Server# Alternatively, use the -s flag with kubectlexport KUBERNETES_MASTER="http://127.0.0.1:8080"kubectl create -f blog.yaml

In your terminal...

Get a list of replication controllers and pods

kelcecil@Kels-MBP ~/c/kube-talk> kubectl get rcCONTROLLER CONTAINER(S) IMAGE(S) SELECTOR REPLICASblog-controller blog-container quay.io/kelcecil/kelcecil-com:latest name=blog-pod 2

kelcecil@Kels-MBP ~/c/kube-talk> kubectl get podsNAME READY STATUS RESTARTS AGEblog-controller-0g7ng 1/1 Running 0 1mblog-controller-a6729 1/1 Running 0 1m

# You can use kubectl get with any Kubernetes resource# kubectl get <resource># kubectl get nodes# kubectl get services

kelcecil@Kels-MBP ~/c/kube-talk> kubectl describe pod blog-controller-0g7ngName: blog-controller-0g7ngNamespace: defaultImage(s): quay.io/kelcecil/kelcecil-com:latestNode: 172.17.8.102/172.17.8.102Labels: name=blog-podStatus: RunningReason:Message:IP: 10.244.35.4Replication Controllers: blog-controller (2/2 replicas created)Containers: blog-container: Image: quay.io/kelcecil/kelcecil-com:latest State: Running Started: Tue, 29 Sep 2015 20:44:37 -0400 Ready: True Restart Count: 0..................

Get information about a particular pod

kubectl describe also works for any Kubernetes resource

kelcecil@Kels-MBP ~/c/kube-talk> kubectl describe node 172.17.8.102Name: 172.17.8.102Labels: kubernetes.io/hostname=172.17.8.102CreationTimestamp: Sun, 13 Sep 2015 15:53:52 -0400Conditions: Type Status LastHeartbeatTime LastTransitionTime Reason Message Ready True Sun, 13 Sep 2015 16:55:16 -0400 Sun, 13 Sep 2015 15:53:52 -0400 kubelet is posting ready statusAddresses: 172.17.8.102Capacity: memory: 2053532Ki pods: 40 cpu: 1Version: Kernel Version: 4.1.6-coreos-r2 OS Image: CoreOS 801.0.0 Container Runtime Version: docker://1.8.1 Kubelet Version: v1.0.3 Kube-Proxy Version: v1.0.3ExternalID: 172.17.8.102Pods: (1 in total) Namespace Name default blog-lmj3cNo events.

Get system information about a node

kelcecil@Kels-MBP ~/c/kube-talk> kubectl get nodesNAME LABELS STATUS172.17.8.102 kubernetes.io/hostname=172.17.8.102 Ready172.17.8.103 kubernetes.io/hostname=172.17.8.103 Ready

Create a labelkelcecil@Kels-MBP ~/c/kube-talk> kubectl label node 172.17.8.102 region=us-east-1NAME LABELS STATUS172.17.8.102 kubernetes.io/hostname=172.17.8.102,region=us-east-1 Ready

kelcecil@Kels-MBP ~/c/kube-talk> kubectl get nodesNAME LABELS STATUS172.17.8.102 kubernetes.io/hostname=172.17.8.102,region=us-east-1 Ready172.17.8.103 kubernetes.io/hostname=172.17.8.103 Ready

kelcecil@Kels-MBP ~/c/kube-talk> kubectl get -l region=us-east-1 nodesNAME LABELS STATUS172.17.8.102 kubernetes.io/hostname=172.17.8.102,region=us-east-1 Ready

Filter resources by label

Remove a labelkelcecil@Kels-MBP ~/c/kube-talk> kubectl label node 172.17.8.102 region-NAME LABELS STATUS172.17.8.102 kubernetes.io/hostname=172.17.8.102 Ready

Scale a Replication Controller to 3 Replicaskelcecil@Kels-MBP ~/c/kube-talk> kubectl get podsNAME READY STATUS RESTARTS AGEblog-controller-0g7ng 1/1 Running 0 3mblog-controller-a6729 1/1 Running 0 3m

kelcecil@Kels-MBP ~/c/kube-talk> kubectl scale --replicas=3 rc blog-controllerscaled

kelcecil@Kels-MBP ~/c/kube-talk> kubectl get podsNAME READY STATUS RESTARTS AGEblog-controller-0g7ng 1/1 Running 0 3mblog-controller-a6729 1/1 Running 0 3mblog-controller-sems7 1/1 Running 0 18s

Get logs from a pod

> kubectl logs blog-controller-0g7ng2015/09/14 03:07:32 [notice] 12#0: using the "epoll" event method2015/09/14 03:07:32 [notice] 12#0: nginx/1.8.02015/09/14 03:07:32 [notice] 12#0: OS: Linux 4.1.6-coreos-r22015/09/14 03:07:32 [notice] 12#0: getrlimit(RLIMIT_NOFILE): 1048576:10485762015/09/14 03:07:32 [notice] 12#0: start worker processes2015/09/14 03:07:32 [notice] 12#0: start worker process 13

Executing a command inside a pod/container> kubectl exec blog-controller-0g7ng "ps"PID USER TIME COMMAND 1 root 0:00 /bin/sh -c nginx 12 root 0:00 nginx: master process nginx 13 nginx 0:00 nginx: worker process 82 root 0:00 ps

Interact with a shell inside a container> kubectl exec -it blog-controller-0g7ng "sh"/ # ps axPID USER TIME COMMAND 1 root 0:00 /bin/sh -c nginx 12 root 0:00 nginx: master process nginx 13 nginx 0:00 nginx: worker process 98 root 0:00 sh 103 root 0:00 ps ax/ # exit

apiVersion: v1kind: Service# Metadata about the servicemetadata: name: blog-service labels: name: blog-servicespec: # Open a port on nodes using kube-proxy type: NodePort ports: # the port the container serves on - port: 80 # Match the labels for pods to be served selector: name: blog-pod

Create a new serviceblog-service.yaml

# Set your KUBERNETES_MASTER to your API Serverexport KUBERNETES_MASTER="http://127.0.0.1:8080"kubectl create -f blog-service.yaml

In your terminal...

Perform a rolling update on a container

> kubectl rolling-update --image=quay.io/kelcecil/kelcecil-com:talks blog-controllerCreating blog-controller-676be42f24a573bf0ee7733377bd5ea8At beginning of loop: blog-controller replicas: 1, blog-controller-676be42f24a573bf0ee7733377bd5ea8 Updating blog-controller replicas: 1, blog-controller-676be42f24a573bf0ee7733377bd5ea8 replicas: 1At end of loop: blog-controller replicas: 1, blog-controller-676be42f24a573bf0ee7733377bd5ea8 replicas: At beginning of loop: blog-controller replicas: 0, blog-controller-676be42f24a573bf0ee7733377bd5ea8 Updating blog-controller replicas: 0, blog-controller-676be42f24a573bf0ee7733377bd5ea8 replicas: 2At end of loop: blog-controller replicas: 0, blog-controller-676be42f24a573bf0ee7733377bd5ea8 replicas: Update succeeded. Deleting old controller: blog-controllerRenaming blog-controller-676be42f24a573bf0ee7733377bd5ea8 to blog-controllerblog-controller

Top related

Kubernetes - how to orchestrate containers
Technology
To Couchbase and Kubernetes · Kubernetes focuses on building a robust orchestration system for running thousands of containers in production. Through automation of processes, Kubernetes
Documents
CONTAINERS AND KUBERNETES
Documents
Getting Started with Containers and Kubernetes...High-level overview of and motivation for containers Learn about Kubernetes architecture and objects Demo Build a continer image for
Documents
Using Containers for Building and Testing: Docker, Kubernetes and Mesos. FOSDEM 2017
Software
Rethinking kubernetes networking with SRv6 and Contiv-VPP · Kubernetes networking (1) •Kubernetes does not provide any solution for handling containers networking –It offloads
Documents
Kubernetes and containers
Documents
APPLICATIONS AND CONTAINERS AT SCALE: OpenShift + Kubernetes + Docker
Internet
developermarch.comdevelopermarch.com/developersummit/2015/report/... · Docker and Kubernetes Scaling applications . Docker and Kubernetes for the uninitiated . Containers Provide
Documents
Kubernetes in the Cloud – Part One - snia.org · This work, "Kubernetes in the Cloud", is a derivative of "Intro to Kubernetes - from containers to orchestrating the world" by Alex
Documents
Consuming cloud services with the Kubernetes Service Catalog · Agenda-Example application (problem statement)-Kubernetes (beyond containers)-Integrating Kubernetes with cloud providers
Documents
Kubernetes - How to orchastrate containers - inovex GmbH · Kubernetes Clusters, the compute recources on top of which the containers are built. Pods, a colocated group of (Docker)
Documents
15-319 / 15-619 Cloud Computingmsakr/15619-s17/... · Quiz 4 completed P2.2: Containers: Docker + Kubernetes 4. Project 2.2 Containers: Docker + Kubernetes Build a multi-cloud service
Documents
Containers, Kubernetes, Introduction to and Cloud Technology
Documents
Unified Kubernetes CRI runtimes based on Kata …...Unified Kubernetes CRI runtimes based on Kata Containers Xu Wang (@gnawux) hyper.sh Agenda •Kubernetes CRI Deep Dive •The Current
Documents
PostgreSQL in Containers at Scale · PostgreSQL in Containers at Scale Presented by: ... Jeff McCormick . Goals Introduction to containers, kubernetes, and OpenShift Watch the easiest
Documents
KUBERNETES ON AZURE BOOTCAMP · 10/1/2015  · Containers and Kubernetes How Does It Work? Kubernetes is an open-source platform for automating deployment, scaling, and management
Documents
Containers and Kubernetes Put a Lid on It: Securing for ...€¦ · Containers and Kubernetes on vSphere and in Cloud Nolan Karpinski, VMware, Inc. Steve Hoenisch, VMware, Inc. Wei
Documents
Containers rise, why OpenStack needs Kubernetes
Technology
HACKING CONTAINERS AND KUBERNETES...HACKING CONTAINERS AND KUBERNETES Exploiting and protecting containers with a few lines of scripting Chaos Communication Camp 2019 Mildenberg, August
Documents

Copyright © 2018 DOCUMENTS