redhat logo

Intro: Docker and Kubernetes training - Day 2

Christian Posta
10/20/2015

Who

ceposta

Principal Middleware Architect

Blog: http://blog.christianposta.com

Twitter: @christianposta

Email: christian@redhat.com

  • Committer on Apache ActiveMQ, Apache Camel, Fabric8

  • Technology evangelist, recovering consultant

  • Spent a lot of time working with one of the largest Microservices, web-scale, unicorn companies

  • Frequent blogger and speaker about open-source, cloud, microservices

Agenda

  • Intro / Prep Environments

  • Day 1: Docker Deep Dive

  • Day 2: Kubernetes Deep Dive

  • Day 3: Advanced Kubernetes: Concepts, Management, Middleware

  • Day 4: Advanced Kubernetes: CI/CD, open discussions

 

redhat logo

Quick Recap

Recap Docker

  • Linux containers

  • Docker API

  • Images

  • Containers

  • Registry

Why Docker matters

  • Application distribution

  • Dependency management

  • Application density

  • Reduced management overhead in terms of VMs

  • On premise, hybrid, public cloud

Recap Docker

  • Containers run on single Docker host

  • Containers are ephemeral

  • Nothing watchdogs the containers

  • Containers can have external persistence

  • Containers do not contain

  • Operating system matters

Why you win with Docker-based solutions

  • Immutable infrastructure

  • DevOps

  • CI/CD

  • Who cares: give me a platform to move faster!!!

 

redhat logo

Local environment setup

Set up kubernetes

Final output

Waiting for each minion to be registered with cloud provider
Validating we can run kubectl commands.
NAME      READY     STATUS    RESTARTS   AGE
Connection to 127.0.0.1 closed.
Kubernetes cluster is running.  The master is running at:
https://10.245.1.2
The user name and password to use is located in ~/.kubernetes_vagrant_auth.
calling validate-cluster
Found 1 nodes.
        NAME         LABELS                              STATUS
     1  10.245.1.3   kubernetes.io/hostname=10.245.1.3   Ready
Validate output:
NAME                 STATUS    MESSAGE              ERROR
controller-manager   Healthy   ok                   nil
scheduler            Healthy   ok                   nil
etcd-0               Healthy   {"health": "true"}   nil
Cluster validation succeeded
Done, listing cluster services:
Kubernetes master is running at https://10.245.1.2
KubeDNS is running at https://10.245.1.2/api/v1/proxy/namespaces/kube-system/services/kube-dns
KubeUI is running at https://10.245.1.2/api/v1/proxy/namespaces/kube-system/services/kube-ui

Simple kubernetes architecture

kube-diagram

Overall Kubernetes

kubernetes-platform

 

redhat logo

Kubernetes

Containerize all the things!

Everything at Google runs in containers!!

  • Gmail, search, maps

  • 2 billion containers a week

  • GCE? VMs in containers…

all-containers

Kube what?

kubernetes

What is Kubernetes

  • Different way to look at managing instances: scale

  • Design for failure

  • Efficient / Lean/ Simple

  • Portability

  • Extensible

What is Kubernetes

  • How to place containers on a cluster

  • Smart placement

  • How to interact with a system that does placement

  • Different than configuration management

    • Immutable infrastructure principles

  • What to do when containers fail?

  • Containers will fail

  • Cluster security authZ/authN

  • Scaling

  • Grouping/Aggregates

Why is it important

  • Managing containers by hand is harder than VMs: won’t scale

  • Automate the boilerplate stuff

  • Runbooks → Scripts → Config management → Scale

  • Decouple application from machine!

  • Applications run on "resources"

  • Kubernetes manages this interaction of applications and resources

  • Manage applications, not machines!

  • What about legacy apps?

Kubernetes core concepts

kube-pods

Reconciliation of end state

make-it-so

Kubernetes control plane

  • etcd

  • API Server

  • Scheduler

  • Controller manager

kube-control-plane

etcd

  • Open source project started at CoreOS

  • Distributed database

  • CAP Theorem? == CP

  • Raft algorithm/protocol

  • watchable

  • etcd provides HA datastore

etcd

Kubernetes nodes

  • Nodes are VMs / physical hosts

  • Nodes need connectivity between them

  • Ideally same network/data center/availability zone

node-connectivity

Kubernetes nodes

kube-control-plane-nodes

Kubernetes nodes

  • Kubelet

    • Watches for pods to be assigned to node

    • Mount volumes

    • Install secrets

    • Runs the pod (via Docker)

    • Reports pod status / node status

  • kube-proxy

    • Connection forwarding

    • Kube services

  • Docker

Cluster add-ons

  • Monitoring

  • DNS

  • UI

  • Logging

Quick Demo!

Guestbook demo

demo

 

redhat logo

Kubernetes Deep Dive

Kubernetes core concepts

  • Pods

  • Labels / Selectors

  • Replication Controllers

  • Services

Kubernetes Pods

  • A pod is one or more docker containers

  • Ensures collocation / shared fate

  • Pods are scheduled and do not move nodes

  • Docker containers share resources within the pod

    • Volumes

    • Network / IP

    • Port space

    • CPU / Mem allocations

  • Pod health probes

    • Readiness

    • Liveness

Kubernetes Pods