Page 1
Kubernetes in 20 minutes
HDE Monthly Technical Session July 22, 2016
Daisuke Maki @lestrrat
Page 3
Netscape Navigator
Page 4
Netscape Navigator
Page 8
“Something to do with containers…?
Page 9
•You know about containers •You know about orchestration •You know about the painful art of deploying stuff
Assumptions
Page 11
“Random containers doing their own sh*t”
Page 13
“Foreman on Acid”
Page 15
“Clustering and Discovery” (hey, we’re getting somewhere!)
Page 17
“Batteries Included”
Page 18
K8s on GCP
GKE GCE Networking
…and others
Page 21
Hosts running k8s daemons
Page 22
Node
kubelet
Node
kubelet
Node
kubelet
Master
Scheduler
etc..
API
Page 24
Basic unit of deployment in k8s
Page 25
Group of Containers
Page 26
Container configurations
Page 29
Pod
container
container
Page 30
Pod
container
container
container
Page 31
Pod
container
container
container
nginx
app
redis/cache
e.g.
Page 32
Scheduled together(“co-scheduled”)
Page 33
Guaranteed to be on the same node
(“co-located”)
Page 35
Node NodeNode
Depends on each node’s resource availability and each pod’s resource requirements
Page 36
Node Node
container
container
container
Page 37
Node Node
container
container
container
This will NEVER happen
Page 38
Miscellaneous
• Each pod has its own IP address • Pods are expected to be stateless
Page 40
Keeps track of Pod replicas
Page 41
Replica Setreplicas: 3template:
Page 42
Replica Setreplicas: 3template:
A
Page 43
Replica Setreplicas: 3template:
A B
Page 44
Replica Setreplicas: 3template:
CA B
Page 45
Replica Setreplicas: 3template:
CA B
Page 46
Replica Setreplicas: 3template:
A B
Page 47
Replica Setreplicas: 3template:
A B D
Page 49
Manages Replica Set state transitions
Page 50
Deploymentreplicas: 3template:
Page 51
Deploymentreplicas: 3template:
Replica Set A
replicas: 3template:
Page 52
Deploymentreplicas: 3template:
Replica Set A
replicas: 3template:
Change some settings, please!
Page 53
Deploymentreplicas: 3template:
Replica Set A
replicas: 3template:
2Change some settings,
please!
Page 54
Deploymentreplicas: 3template:
Replica Set A
replicas: 3template:
Replica Set B
replicas: 2template:
2Change some settings,
please!
Page 55
Deploymentreplicas: 3template:
Replica Set A
replicas: 3template:
Replica Set B
replicas: 2template:
2Change some settings,
please!
Page 56
Deploymentreplicas: 3template:
Replica Set B
replicas: 2template:
2Change some settings,
please!
Page 57
Keeps track of state change history
Page 58
Deploymentreplicas: 3template:
Page 59
Deploymentreplicas: 3template:
Areplicas: 3template:
Page 60
Deploymentreplicas: 3template:
Areplicas: 3template:
Change some settings, please!
Page 61
Deploymentreplicas: 3template:
Areplicas: 3template:
2Change some settings,
please!
Page 62
Deploymentreplicas: 3template:
Areplicas: 3template:
Breplicas: 2template:
2Change some settings,
please!
Page 63
Deploymentreplicas: 3template:
Areplicas: 3template:
Breplicas: 2template:
2Change some settings,
please!
Page 64
Deploymentreplicas: 3template:
Breplicas: 2template:
2Change some settings,
please!
Page 65
Deploymentreplicas: 3template:
Breplicas: 2template:
2Oh wait, I actually
didn’t want to do that…
Page 66
Deploymentreplicas: 3template:
Breplicas: 2template:
2Oh wait, I actually
didn’t want to do that…
3
Page 67
Deploymentreplicas: 3template:
Breplicas: 2template:
2Oh wait, I actually
didn’t want to do that…
rollback
3
Page 68
Deploymentreplicas: 3template:
Breplicas: 2template:
2Oh wait, I actually
didn’t want to do that…
rollback
Areplicas: 3template:
3
Page 69
Deploymentreplicas: 3template:
Breplicas: 2template:
2Oh wait, I actually
didn’t want to do that…
rollback
Areplicas: 3template:
3
Page 70
Deploymentreplicas: 3template:
2Oh wait, I actually
didn’t want to do that…
Areplicas: 3template:
3
Page 72
Logical set of Pods(and ways to access them)
Page 73
Pod 10.0.96.2
Pod 10.0.96.3
Pod 10.0.96.3
Raw Pod Access
Page 74
Pod 10.0.96.2
Pod 10.0.96.3
Pod 10.0.96.3
Raw Pod Access
Page 75
Pod 10.0.96.2
Pod 10.0.96.3
Pod 10.0.96.3
Raw Pod Access
Page 76
Pod 10.0.96.2
Pod 10.0.96.3
Raw Pod Access
Page 77
Pod 10.0.96.2
Pod 10.0.96.3
Raw Pod Access
Page 78
Pod 10.0.96.3
role=web
Access Via Service
Pod 10.0.96.4
role=web
Servicematch role=web
Pod 10.0.96.2
role=web
Pod 10.0.96.5
role=db
Page 79
Pod 10.0.96.3
role=web
Access Via Service
Pod 10.0.96.4
role=web
Servicematch role=web
Pod 10.0.96.2
role=web
Pod 10.0.96.5
role=db
Page 80
Pod 10.0.96.3
role=web
Access Via Service
Pod 10.0.96.4
role=web
Servicematch role=web
Pod 10.0.96.2
role=web
Pod 10.0.96.5
role=db
Page 81
Pod 10.0.96.3
role=web
Access Via Service
Pod 10.0.96.4
role=web
Servicematch role=web
Pod 10.0.96.2
role=web
Pod 10.0.96.5
role=db
Page 82
Access Via Service
Pod 10.0.96.4
role=web
Servicematch role=web
Pod 10.0.96.2
role=web
Pod 10.0.96.5
role=db
Page 83
Access Via Service
Pod 10.0.96.4
role=web
Servicematch role=web
Pod 10.0.96.2
role=web
Pod 10.0.96.5
role=db
Page 84
Access Via Service
Pod 10.0.96.6
role=web
Pod 10.0.96.4
role=web
Servicematch role=web
Pod 10.0.96.2
role=web
Pod 10.0.96.5
role=db
Page 85
Access Via Service
Pod 10.0.96.6
role=web
Pod 10.0.96.4
role=web
Servicematch role=web
Pod 10.0.96.2
role=web
Pod 10.0.96.5
role=db
Page 87
Store pieces of data in k8s
Page 88
e.g. Identity Information
Page 91
Secret
key1 → base64 value
key3 → base64 value
key2 → base64 value
Page 92
Pod
container
volumes
container: volumeMounts: - name: certificates mountPath: /etc/ssl/certs
volumes: - name: certificates secret: secretName: ca-certificates
Page 94
Same as Secrets (Unprotected)
Page 96
Services are for within the cluster only
Page 97
(New since 1.2)
Inbound connections to internal cluster services
Page 98
Please checkout my presentation https://docs.google.com/presentation/d/
11ZN6qgiuZZfVyhBK2hjp1vhp_5N0DOGnAmhPreS3L5A/pub?start=false&loop=false&delayms=3000
Page 100
Ensure nodes run a copy of a Pod
Node
prometheus-exporter prometheus-exporter prometheus-exporter
Node Node
Page 104
Appendix: ECS vs GKE
https://railsadventures.wordpress.com/2015/12/06/why-we-chose-kubernetes-over-ecs/
Page 105
If you want to play with k8s, I’m doing this entirely on GCP/GKE…
Come Join https://slack-invite-dot-builderscon-1248.appspot.com/