kubernetes fundamentals - froscon
Post on 25-Jan-2022
6 Views
Preview:
TRANSCRIPT
Kubernetes fundamentals Roadmap from KubeCon 2019 End
Kubernetes Fundamentals
Oleg Fiksel |Michael Siebertz
Email: oleg@fiksel.info | mail@michaelsiebertz.deMatrix: @oleg:fiksel.info | @captain.vsan:matrix.org
2019-08-10 FrOSCon
Kubernetes fundamentals Roadmap from KubeCon 2019 End
KUBERNETES HISTORY
I Borg 2003I Omega 2013I Kubernetes 2014
I Greek for “pilot” or “Helmsman of a ship”I Cloud Native Computing Foundation Project
Kubernetes fundamentals Roadmap from KubeCon 2019 End
KUBERNETES HISTORY
I Borg 2003
I Omega 2013I Kubernetes 2014
I Greek for “pilot” or “Helmsman of a ship”I Cloud Native Computing Foundation Project
Kubernetes fundamentals Roadmap from KubeCon 2019 End
KUBERNETES HISTORY
I Borg 2003I Omega 2013
I Kubernetes 2014
I Greek for “pilot” or “Helmsman of a ship”I Cloud Native Computing Foundation Project
Kubernetes fundamentals Roadmap from KubeCon 2019 End
KUBERNETES HISTORY
I Borg 2003I Omega 2013I Kubernetes 2014
I Greek for “pilot” or “Helmsman of a ship”I Cloud Native Computing Foundation Project
Kubernetes fundamentals Roadmap from KubeCon 2019 End
KUBERNETES HISTORY
I Borg 2003I Omega 2013I Kubernetes 2014
I Greek for “pilot” or “Helmsman of a ship”
I Cloud Native Computing Foundation Project
Kubernetes fundamentals Roadmap from KubeCon 2019 End
KUBERNETES HISTORY
I Borg 2003I Omega 2013I Kubernetes 2014
I Greek for “pilot” or “Helmsman of a ship”I Cloud Native Computing Foundation Project
Kubernetes fundamentals Roadmap from KubeCon 2019 End
GOALS OF KUBERNETES
Provides tools necessary to buildand deploy reliable, scalable
distributed applications usingcontainers.
Kubernetes fundamentals Roadmap from KubeCon 2019 End
GOALS OF KUBERNETES
Provides tools necessary to buildand deploy reliable, scalable
distributed applications usingcontainers.
Kubernetes fundamentals Roadmap from KubeCon 2019 End
GALILEO MYSTERY
Kubernetes fundamentals Roadmap from KubeCon 2019 End
GALILEO MYSTERY
Kubernetes fundamentals Roadmap from KubeCon 2019 End
PODS
I pods are the smallest deployable unitsI group of one or more containersI shared storage/networkI use labels to group pods + servicesI always co-located and co-scheduled
Kubernetes fundamentals Roadmap from KubeCon 2019 End
PODS
I pods are the smallest deployable units
I group of one or more containersI shared storage/networkI use labels to group pods + servicesI always co-located and co-scheduled
Kubernetes fundamentals Roadmap from KubeCon 2019 End
PODS
I pods are the smallest deployable unitsI group of one or more containers
I shared storage/networkI use labels to group pods + servicesI always co-located and co-scheduled
Kubernetes fundamentals Roadmap from KubeCon 2019 End
PODS
I pods are the smallest deployable unitsI group of one or more containersI shared storage/network
I use labels to group pods + servicesI always co-located and co-scheduled
Kubernetes fundamentals Roadmap from KubeCon 2019 End
PODS
I pods are the smallest deployable unitsI group of one or more containersI shared storage/networkI use labels to group pods + services
I always co-located and co-scheduled
Kubernetes fundamentals Roadmap from KubeCon 2019 End
PODS
I pods are the smallest deployable unitsI group of one or more containersI shared storage/networkI use labels to group pods + servicesI always co-located and co-scheduled
Kubernetes fundamentals Roadmap from KubeCon 2019 End
POD LIFECYCLE
I Pod Status: Pending / RunningI RestartPolicy: Always / OnFailure / NeverI Failed States: CrashLoopBackoff / Failed / Unknown
Kubernetes fundamentals Roadmap from KubeCon 2019 End
POD LIFECYCLE
I Pod Status: Pending / Running
I RestartPolicy: Always / OnFailure / NeverI Failed States: CrashLoopBackoff / Failed / Unknown
Kubernetes fundamentals Roadmap from KubeCon 2019 End
POD LIFECYCLE
I Pod Status: Pending / RunningI RestartPolicy: Always / OnFailure / Never
I Failed States: CrashLoopBackoff / Failed / Unknown
Kubernetes fundamentals Roadmap from KubeCon 2019 End
POD LIFECYCLE
I Pod Status: Pending / RunningI RestartPolicy: Always / OnFailure / NeverI Failed States: CrashLoopBackoff / Failed / Unknown
Kubernetes fundamentals Roadmap from KubeCon 2019 End
CONFIGMAPS
I configuration, commandline arguments, environmentvariables, portnumbers etc.
I decoupling configuration artifacts from image contentI unencrypted = suitable for non confident contents
Kubernetes fundamentals Roadmap from KubeCon 2019 End
CONFIGMAPS
I configuration, commandline arguments, environmentvariables, portnumbers etc.
I decoupling configuration artifacts from image contentI unencrypted = suitable for non confident contents
Kubernetes fundamentals Roadmap from KubeCon 2019 End
CONFIGMAPS
I configuration, commandline arguments, environmentvariables, portnumbers etc.
I decoupling configuration artifacts from image content
I unencrypted = suitable for non confident contents
Kubernetes fundamentals Roadmap from KubeCon 2019 End
CONFIGMAPS
I configuration, commandline arguments, environmentvariables, portnumbers etc.
I decoupling configuration artifacts from image contentI unencrypted = suitable for non confident contents
Kubernetes fundamentals Roadmap from KubeCon 2019 End
SECRETS
I base64 encodedI can be mounted as volume mount / exposed as
environment variablesI bound to namespaceI limit: 1 MB per secret
Kubernetes fundamentals Roadmap from KubeCon 2019 End
SECRETS
I base64 encoded
I can be mounted as volume mount / exposed asenvironment variables
I bound to namespaceI limit: 1 MB per secret
Kubernetes fundamentals Roadmap from KubeCon 2019 End
SECRETS
I base64 encodedI can be mounted as volume mount / exposed as
environment variables
I bound to namespaceI limit: 1 MB per secret
Kubernetes fundamentals Roadmap from KubeCon 2019 End
SECRETS
I base64 encodedI can be mounted as volume mount / exposed as
environment variablesI bound to namespace
I limit: 1 MB per secret
Kubernetes fundamentals Roadmap from KubeCon 2019 End
SECRETS
I base64 encodedI can be mounted as volume mount / exposed as
environment variablesI bound to namespaceI limit: 1 MB per secret
Kubernetes fundamentals Roadmap from KubeCon 2019 End
PV / PVC
I local scratch directories created on demandI cloud block storage
I GCE Persistent DiskI AWS Elastic Block Storage
I cluster storageI File: NFS, Gluster, CephI Block: iSCSI, Cinder, Ceph
I special volumesI Git repositoryI Secret
Kubernetes fundamentals Roadmap from KubeCon 2019 End
PV / PVC
I local scratch directories created on demandI cloud block storage
I GCE Persistent DiskI AWS Elastic Block Storage
I cluster storageI File: NFS, Gluster, CephI Block: iSCSI, Cinder, Ceph
I special volumesI Git repositoryI Secret
Kubernetes fundamentals Roadmap from KubeCon 2019 End
DAEMONSET / REPLICASET / DEPLOYMENT
I daemonset
I run pod on every node beside exclusions
I replicaset
I guarantee the availability of a specified number ofidentical pods
I deployment
I declarative updates for pods and replicasets
Kubernetes fundamentals Roadmap from KubeCon 2019 End
DAEMONSET / REPLICASET / DEPLOYMENT
I daemonset
I run pod on every node beside exclusions
I replicaset
I guarantee the availability of a specified number ofidentical pods
I deployment
I declarative updates for pods and replicasets
Kubernetes fundamentals Roadmap from KubeCon 2019 End
DAEMONSET / REPLICASET / DEPLOYMENT
I daemonsetI run pod on every node beside exclusions
I replicaset
I guarantee the availability of a specified number ofidentical pods
I deployment
I declarative updates for pods and replicasets
Kubernetes fundamentals Roadmap from KubeCon 2019 End
DAEMONSET / REPLICASET / DEPLOYMENT
I daemonsetI run pod on every node beside exclusions
I replicaset
I guarantee the availability of a specified number ofidentical pods
I deployment
I declarative updates for pods and replicasets
Kubernetes fundamentals Roadmap from KubeCon 2019 End
DAEMONSET / REPLICASET / DEPLOYMENT
I daemonsetI run pod on every node beside exclusions
I replicasetI guarantee the availability of a specified number of
identical pods
I deployment
I declarative updates for pods and replicasets
Kubernetes fundamentals Roadmap from KubeCon 2019 End
DAEMONSET / REPLICASET / DEPLOYMENT
I daemonsetI run pod on every node beside exclusions
I replicasetI guarantee the availability of a specified number of
identical pods
I deployment
I declarative updates for pods and replicasets
Kubernetes fundamentals Roadmap from KubeCon 2019 End
DAEMONSET / REPLICASET / DEPLOYMENT
I daemonsetI run pod on every node beside exclusions
I replicasetI guarantee the availability of a specified number of
identical pods
I deploymentI declarative updates for pods and replicasets
Kubernetes fundamentals Roadmap from KubeCon 2019 End
LABELS AND SELECTORS
Kubernetes fundamentals Roadmap from KubeCon 2019 End
LABELS AND SELECTORS
Kubernetes fundamentals Roadmap from KubeCon 2019 End
LABELS AND SELECTORS
Kubernetes fundamentals Roadmap from KubeCon 2019 End
LABELS AND SELECTORS
Kubernetes fundamentals Roadmap from KubeCon 2019 End
LABELS AND SELECTORS
Kubernetes fundamentals Roadmap from KubeCon 2019 End
LABELS AND SELECTORS
Kubernetes fundamentals Roadmap from KubeCon 2019 End
SERVICES
I provide static dns name inside cluster for a set of pods-> including Loadbalancing
I usually determined by a selectorI manual creation possible with: service / endpoint
definition
Kubernetes fundamentals Roadmap from KubeCon 2019 End
SERVICES
I provide static dns name inside cluster for a set of pods-> including Loadbalancing
I usually determined by a selectorI manual creation possible with: service / endpoint
definition
Kubernetes fundamentals Roadmap from KubeCon 2019 End
SERVICES
I provide static dns name inside cluster for a set of pods-> including Loadbalancing
I usually determined by a selector
I manual creation possible with: service / endpointdefinition
Kubernetes fundamentals Roadmap from KubeCon 2019 End
SERVICES
I provide static dns name inside cluster for a set of pods-> including Loadbalancing
I usually determined by a selectorI manual creation possible with: service / endpoint
definition
Kubernetes fundamentals Roadmap from KubeCon 2019 End
NODEPORT
Kubernetes fundamentals Roadmap from KubeCon 2019 End
NODEPORT
Kubernetes fundamentals Roadmap from KubeCon 2019 End
INGRESS
I external access to the services in a clusterI load balancing / SSL termination / name-based virtual
hostingI most common: HAProxy / Træfik / Istio / Nginx
Kubernetes fundamentals Roadmap from KubeCon 2019 End
INGRESSI external access to the services in a cluster
I load balancing / SSL termination / name-based virtualhosting
I most common: HAProxy / Træfik / Istio / Nginx
Kubernetes fundamentals Roadmap from KubeCon 2019 End
INGRESSI external access to the services in a clusterI load balancing / SSL termination / name-based virtual
hosting
I most common: HAProxy / Træfik / Istio / Nginx
Kubernetes fundamentals Roadmap from KubeCon 2019 End
INGRESSI external access to the services in a clusterI load balancing / SSL termination / name-based virtual
hostingI most common: HAProxy / Træfik / Istio / Nginx
Kubernetes fundamentals Roadmap from KubeCon 2019 End
NAMESPACES
I multiple virtual clusters backed by the same physicalcluster
I resources need to be unique within a namespace, but notacross namespaces
(a) dev (b) qs (c) prod
Kubernetes fundamentals Roadmap from KubeCon 2019 End
NAMESPACES
I multiple virtual clusters backed by the same physicalcluster
I resources need to be unique within a namespace, but notacross namespaces
(a) dev (b) qs (c) prod
Kubernetes fundamentals Roadmap from KubeCon 2019 End
NAMESPACES
I multiple virtual clusters backed by the same physicalcluster
I resources need to be unique within a namespace, but notacross namespaces
(a) dev (b) qs (c) prod
Kubernetes fundamentals Roadmap from KubeCon 2019 End
KUBERNETES RBAC
I Role based access control
Subjects API Ressources OperationsDeveloper
Admin CustomPod ConfigMapsService PV PVC
DeploymentJob Ingress
Nodes CronjobSecrets Service
Autoscaler
list get watch cre-ate delete patch
Kubernetes fundamentals Roadmap from KubeCon 2019 End
KUBERNETES RBAC
I Role based access control
Subjects API Ressources OperationsDeveloper
Admin CustomPod ConfigMapsService PV PVC
DeploymentJob Ingress
Nodes CronjobSecrets Service
Autoscaler
list get watch cre-ate delete patch
Kubernetes fundamentals Roadmap from KubeCon 2019 End
CLUSTER
Kubernetes fundamentals Roadmap from KubeCon 2019 End
CLUSTER
Kubernetes fundamentals Roadmap from KubeCon 2019 End
CLUSTER
Kubernetes fundamentals Roadmap from KubeCon 2019 End
GITLAB ARCHITECTURE
Kubernetes fundamentals Roadmap from KubeCon 2019 End
GITLAB ARCHITECTURE
Kubernetes fundamentals Roadmap from KubeCon 2019 End
SELFHOSTED VS MANAGED
SelfHostedMinikube
KopsKubeadmKubesprayTerraform
Fix stuff by yourself
ManagedAWS
AzureDigitalOcean
GKEIBM
Hope for the best
Kubernetes fundamentals Roadmap from KubeCon 2019 End
SELFHOSTED VS MANAGED
SelfHostedMinikube
KopsKubeadmKubesprayTerraform
Fix stuff by yourself
ManagedAWS
AzureDigitalOcean
GKEIBM
Hope for the best
Kubernetes fundamentals Roadmap from KubeCon 2019 End
SELFHOSTED VS MANAGED
SelfHostedMinikube
KopsKubeadmKubesprayTerraform
Fix stuff by yourself
ManagedAWS
AzureDigitalOcean
GKEIBM
Hope for the best
Kubernetes fundamentals Roadmap from KubeCon 2019 End
PERSONAL MONITORING SETUPI Selfhosted vs Managed
I Blackbox
I Icinga2I Federated Prometheus
I Whitebox
I Kubernetes ServiceMonitorI JaegerI PrometheusI Prometheus Node ExporterI Icinga2I Graylog
Kubernetes fundamentals Roadmap from KubeCon 2019 End
PERSONAL MONITORING SETUPI Selfhosted vs ManagedI Blackbox
I Icinga2I Federated Prometheus
I Whitebox
I Kubernetes ServiceMonitorI JaegerI PrometheusI Prometheus Node ExporterI Icinga2I Graylog
Kubernetes fundamentals Roadmap from KubeCon 2019 End
PERSONAL MONITORING SETUPI Selfhosted vs ManagedI Blackbox
I Icinga2
I Federated PrometheusI Whitebox
I Kubernetes ServiceMonitorI JaegerI PrometheusI Prometheus Node ExporterI Icinga2I Graylog
Kubernetes fundamentals Roadmap from KubeCon 2019 End
PERSONAL MONITORING SETUPI Selfhosted vs ManagedI Blackbox
I Icinga2I Federated Prometheus
I Whitebox
I Kubernetes ServiceMonitorI JaegerI PrometheusI Prometheus Node ExporterI Icinga2I Graylog
Kubernetes fundamentals Roadmap from KubeCon 2019 End
PERSONAL MONITORING SETUPI Selfhosted vs ManagedI Blackbox
I Icinga2I Federated Prometheus
I Whitebox
I Kubernetes ServiceMonitorI JaegerI PrometheusI Prometheus Node ExporterI Icinga2I Graylog
Kubernetes fundamentals Roadmap from KubeCon 2019 End
PERSONAL MONITORING SETUPI Selfhosted vs ManagedI Blackbox
I Icinga2I Federated Prometheus
I WhiteboxI Kubernetes ServiceMonitor
I JaegerI PrometheusI Prometheus Node ExporterI Icinga2I Graylog
Kubernetes fundamentals Roadmap from KubeCon 2019 End
PERSONAL MONITORING SETUPI Selfhosted vs ManagedI Blackbox
I Icinga2I Federated Prometheus
I WhiteboxI Kubernetes ServiceMonitorI Jaeger
I PrometheusI Prometheus Node ExporterI Icinga2I Graylog
Kubernetes fundamentals Roadmap from KubeCon 2019 End
PERSONAL MONITORING SETUPI Selfhosted vs ManagedI Blackbox
I Icinga2I Federated Prometheus
I WhiteboxI Kubernetes ServiceMonitorI JaegerI Prometheus
I Prometheus Node ExporterI Icinga2I Graylog
Kubernetes fundamentals Roadmap from KubeCon 2019 End
PERSONAL MONITORING SETUPI Selfhosted vs ManagedI Blackbox
I Icinga2I Federated Prometheus
I WhiteboxI Kubernetes ServiceMonitorI JaegerI PrometheusI Prometheus Node Exporter
I Icinga2I Graylog
Kubernetes fundamentals Roadmap from KubeCon 2019 End
PERSONAL MONITORING SETUPI Selfhosted vs ManagedI Blackbox
I Icinga2I Federated Prometheus
I WhiteboxI Kubernetes ServiceMonitorI JaegerI PrometheusI Prometheus Node ExporterI Icinga2
I Graylog
Kubernetes fundamentals Roadmap from KubeCon 2019 End
PERSONAL MONITORING SETUPI Selfhosted vs ManagedI Blackbox
I Icinga2I Federated Prometheus
I WhiteboxI Kubernetes ServiceMonitorI JaegerI PrometheusI Prometheus Node ExporterI Icinga2I Graylog
Kubernetes fundamentals Roadmap from KubeCon 2019 End
ROADMAP FROM KUBECON 2019
I Kubernetes in Embeded (K3s)I CRD (K8s as a Framework)
I Kubernetes OperatorsI Cluster Lifecycle Management
(K8s manages K8s clusters as Pods)
I Security is a topic nowI Service mesh hype
I istio, Linkerd, Træfik EE, Aspen Mesh, NSX Service Mesh...
Kubernetes fundamentals Roadmap from KubeCon 2019 End
ROADMAP FROM KUBECON 2019
I Kubernetes in Embeded (K3s)
I CRD (K8s as a Framework)
I Kubernetes OperatorsI Cluster Lifecycle Management
(K8s manages K8s clusters as Pods)
I Security is a topic nowI Service mesh hype
I istio, Linkerd, Træfik EE, Aspen Mesh, NSX Service Mesh...
Kubernetes fundamentals Roadmap from KubeCon 2019 End
ROADMAP FROM KUBECON 2019
I Kubernetes in Embeded (K3s)I CRD (K8s as a Framework)
I Kubernetes OperatorsI Cluster Lifecycle Management
(K8s manages K8s clusters as Pods)
I Security is a topic nowI Service mesh hype
I istio, Linkerd, Træfik EE, Aspen Mesh, NSX Service Mesh...
Kubernetes fundamentals Roadmap from KubeCon 2019 End
ROADMAP FROM KUBECON 2019
I Kubernetes in Embeded (K3s)I CRD (K8s as a Framework)
I Kubernetes Operators
I Cluster Lifecycle Management(K8s manages K8s clusters as Pods)
I Security is a topic nowI Service mesh hype
I istio, Linkerd, Træfik EE, Aspen Mesh, NSX Service Mesh...
Kubernetes fundamentals Roadmap from KubeCon 2019 End
ROADMAP FROM KUBECON 2019
I Kubernetes in Embeded (K3s)I CRD (K8s as a Framework)
I Kubernetes OperatorsI Cluster Lifecycle Management
(K8s manages K8s clusters as Pods)
I Security is a topic nowI Service mesh hype
I istio, Linkerd, Træfik EE, Aspen Mesh, NSX Service Mesh...
Kubernetes fundamentals Roadmap from KubeCon 2019 End
ROADMAP FROM KUBECON 2019
I Kubernetes in Embeded (K3s)I CRD (K8s as a Framework)
I Kubernetes OperatorsI Cluster Lifecycle Management
(K8s manages K8s clusters as Pods)
I Security is a topic now
I Service mesh hype
I istio, Linkerd, Træfik EE, Aspen Mesh, NSX Service Mesh...
Kubernetes fundamentals Roadmap from KubeCon 2019 End
ROADMAP FROM KUBECON 2019
I Kubernetes in Embeded (K3s)I CRD (K8s as a Framework)
I Kubernetes OperatorsI Cluster Lifecycle Management
(K8s manages K8s clusters as Pods)
I Security is a topic nowI Service mesh hype
I istio, Linkerd, Træfik EE, Aspen Mesh, NSX Service Mesh...
Kubernetes fundamentals Roadmap from KubeCon 2019 End
ROADMAP FROM KUBECON 2019
I Kubernetes in Embeded (K3s)I CRD (K8s as a Framework)
I Kubernetes OperatorsI Cluster Lifecycle Management
(K8s manages K8s clusters as Pods)
I Security is a topic nowI Service mesh hype
I istio, Linkerd, Træfik EE, Aspen Mesh, NSX Service Mesh...
Kubernetes fundamentals Roadmap from KubeCon 2019 End
Thanks!
Oleg Fiksel |Michael SiebertzEmail: oleg@fiksel.info | mail@michaelsiebertz.de
Matrix: @oleg:fiksel.info | @captain.vsan:matrix.org
top related