building resilient cloud native apps in gke
TRANSCRIPT
Senior System Architect, Google Developer Expert, Authorised Trainer
BUILDING RESILIENT CLOUD NATIVE APPS IN GKEJERRY JALAVA - QVIK
[email protected] | @W_I
FROM MONOLITHS TO CLOUD NATIVE
A BIT OF HISTORY
@W_I @QVIK
@W_I @QVIK
@W_I @QVIKHTTPS://WWW.NGINX.COM/BLOG/INTRODUCTION-TO-MICROSERVICES/
@W_I @QVIKHTTPS://WWW.NGINX.COM/BLOG/INTRODUCTION-TO-MICROSERVICES/
@W_I @QVIK
THERE, WE HAVE FIXED IT…
@W_I @QVIK
NETFLIX TWITTER THE EMPIRE
@W_I @QVIK
HOW IS IT DIFFERENTCLOUD NATIVE
@W_I @QVIK
MICROSERVICES CONTAINERIZED DYNAMICALLY ORCHESTRATED
@W_I @QVIK
THE CNCF REFERENCE ARCHITECTURE
@W_I @QVIK
QUICK INTROKUBERNETES & GKE
@W_I @QVIK
KUBERNETES (K8s)
‣ Ancient Greek for “pilot” or “helmsman”; root of the English word “governor”
‣ Orchestrator for containers
‣ Supports multi-cloud environments
‣ Started by Google
‣ Open source https://github.com/kubernetes
‣ Manage applications, not machines
@W_I
@W_I
@W_I
@W_I
GOOGLE CONTAINER ENGINE‣ Fully Managed
‣ Auto scale, Auto Upgrade, Auto repair
‣ Great access control
‣ Google maintains security updates, etc
‣ In-place upgrades
‣ Container-optimised OS
‣ Near zero maintenance requirements
‣ No vendor lock-in
‣ Integrated Logging & Monitoring
@W_I
OTHER BENEFITS FROM GCP‣ Central Logging, Tracing, Other dev tools
‣ Most performant hardware
‣ GPU support
‣ Global LB (>1M QPS)
‣ Wonderful pricing
‣ Per-minute Billing
‣ Sustained use discounts
‣ preemptible VMs
‣ Custom Machine Types
@W_I
RBACENHANCED K8S SECURITY
@W_I @QVIK
@W_I @QVIK
CREATE A CLUSTER IN GKE WITH RBAC ENABLED
DEMO
@W_I @QVIK
NAMESPACESENHANCED K8S SECURITY
@W_I @QVIK
MANAGING NAMESPACESDEMO
@W_I @QVIK
AND MOVE TO THE NEXT TOPIC
LETS SKIP REST OF THE K8S FUNDAMENTALS
@W_I @QVIK
WHAT IS IT AND WHY SHOULD I CARE
SERVICE MESH
@W_I @QVIKHTTPS://BUOYANT.IO/2017/04/25/WHATS-A-SERVICE-MESH-AND-WHY-DO-I-NEED-ONE/
@W_I @QVIK
DOES MORE THAN TRANSFER PACKETS FROM A TO B
@W_I @QVIK
‣ latency-aware Load Balancing
‣ Service discovery
‣ Tracing
‣ Circuit Breakers
‣ Retries & Deadlines
‣ Canarying
‣ Load Shedding
‣ Error Tracking
‣ Metrics
‣ Service Metrics
‣ Logging
‣ Timeouts
‣ Epirations
‣ Security Policies
‣ Back-offs
‣ Retry Budgets
‣ Dynamic Routing
FEW OPEN-SOURCE PROJECTS AVAILABLE
THERE ARE
@W_I @QVIK
LINKERD.IO ISTIO.IO
ISTIO CONCEPT
@W_I @QVIK
WE ARE USING LINKERD TODAY
@W_I @QVIK
WE ARE USING LINKEDTODAY
@W_I @QVIK
DEPLOYING LINKERDDEMO
@W_I @QVIK
STAGING MICROSERVICES
@W_I @QVIK
STAGING MICROSERVICES
@W_I @QVIK
STAGING MICROSERVICES
@W_I @QVIK
CANARY DEPLOYMENTSDEMO
@W_I @QVIK
CONTINUOUS DELIVERY
@W_I @QVIKHTTPS://BUOYANT.IO/2016/11/04/A-SERVICE-MESH-FOR-KUBERNETES-PART-IV-CONTINUOUS-DEPLOYMENT-VIA-TRAFFIC-SHIFTING/
CONTINUOUS DELIVERY
@W_I @QVIK
CONTINUOUS DELIVERY
@W_I @QVIKHTTPS://BUOYANT.IO/2016/11/04/A-SERVICE-MESH-FOR-KUBERNETES-PART-IV-CONTINUOUS-DEPLOYMENT-VIA-TRAFFIC-SHIFTING/
EXTRA BENEFITS FROM GOOGLE CLOUD PLATFORM
DEMO
@W_I @QVIK
SOME RESOURCES‣ linkerd.io ‣ https://buoyant.io/2016/10/04/a-service-mesh-for-
kubernetes-part-i-top-line-service-metrics/ ‣ istio.io ‣ http://redmonk.com/jgovernor/2017/05/31/so-what-even-
is-a-service-mesh-hot-take-on-istio-and-linkerd/ ‣ cncf.io ‣ cloud.google.com/container-engine/ ‣ github.com/jerryjj (Demo sources coming soon)
@QVIK
