Hack the Stack: Fast-track Kubernetes to Production with ...files.informatandm.com › uploads ›...

© 2019 DIAMANTI | CONFIDENTIAL | DO NOT DISTRIBUTE 1Information Classification: General

Hack the Stack: Fast-track Kubernetes to Production with the Right Infrastructure Strategy

Sean Roth, Director of Product MarketingDiamanti


Agenda

▪ Enterprises are going Cloud Native

▪ …but what actually defines ‘cloud native’?

▪ What Options Do I Have To Deploy My Cloud Native Apps?

▪ The DIY Kubernetes Stack In Depth

▪ Why You Should Run Containers On Bare Metal, And Not VMs

▪ A Look At Container Persistent Storage And Container Networking


What is ’Cloud Native’? 10 Key Attributes

1. Packaged as lightweight containers

2. Developed with best-of-breed languages and frameworks

3. Designed as loosely coupled microservices

4. Centered around APIs for interaction and collaboration

5. Architected with a clean separation of stateless and stateful services

6. Isolated from server and operating system dependencies

7. Deployed on self-service, elastic, cloud infrastructure

8. Managed through agile DevOps processes

9. Automated capabilities

10. Defined, policy-driven resource allocation

Source: https://thenewstack.io/10-key-attributes-of-cloud-native-applications/


Enterprises are Going ‘Cloud Native’: A Look Back At 2018

80 BILLIONDocker downloads to date

*Diamanti 2018 end-user survey

More than 50% of new workloads will be deployed

in containers in 2018

>70% of enterprisesplan to deploy containers in

production in 2018*

31% are modernizing legacy apps with containers*

Diamanti Survey

How are containers being used?

New cloud-native applications

Lightweight stateless applications

Cloud migrations

Modernizing legacy applications

Database

CI/CD pipeline

Stateful applications

requiring persistent storage

Content management

All the above

Other

54.19%

0 10 20 30 40 50 60

38.71%

32.26%

30.54%

30.32%

28.17%

20.86%

19.35%

9.03%

2.80%


Infrastructure Remains a Top Container Adoption Challenge

“Enterprise interest in Kubernetes to build

and deploy new applications is off the charts.

Security, storage, networking and monitoring

are the top challenges that our user

community have highlighted on the

Kubernetes adoption path.”

-- Dan Kohn, Executive Director


What Options Do I Have for Cloud Native App Deployments?

On-Prem: DIY with

Hypervisor

PROS:

▪ Low complexity at small scale

▪ Experience with traditional

technology components

CONS:

▪ Longer time-to-value

▪ With a VM layer, resource efficiency

is reduced and complexity

increases

▪ High complexity and cost at scale

▪ Difficult to manage at scale

Public Cloud

PROS:

▪ 100% OPEX means lowest cost

at small scale

▪ Proven, resilient infrastructure

as a service

CONS:

▪ Highest costs at large scale

▪ Difficult to optimize efficiency

▪ Security and compliance

concerns

▪ No bare metal support yet

On-Prem: DIY with Bare

Metal

PROS:

▪ Flexible, seamlessly scalable

infrastructure

▪ Better overall performance at scale

▪ TCO advantages are realized

CONS:

▪ Specialized skill sets required at

different areas of the stack


Major Container Adoption Challenges

Choose your cloud native infrastructure wisely;

it matters at every step.

Day 1 (Hard)

Deploy infrastructure

▪ Build the container stack

▪ Configure network, storage

▪ Install container runtime and orchestration

Day 2 (Harder)

Manage containers in production

▪ Guarantee real-time SLAs

▪ Infrastructure services

▪ 24x7 support

Day 3 (Hardest)

Expand with multi-cloud

▪ Quick movement of containers across cloud environments

▪ Seamless scalability

▪ Policy-driven


Do-It-Yourself Approach to Container Infrastructure

DAY 1:Build a

Container

Environment

Yourself

Vendor Engagement

Equipment Installation

Container Orchestration

Network Storage

Config Management

Orchestration

Network Overlay

Persistent Storage

Clustering

Management

Burn-In Testing

Run Applications

Monitoring

Access Controls

Upgrade Trials

Tribal Knowledge

Support / Handoff

Operationalized

Container

Environment

Is Complete

Ecosystem Research


CNCF Landscape


How Containers Use Compute Resources

▪ Kubernetes podspecs offers a declarative

model for carving out CPU and memory on a

per-container basis

▪ Limits = maximums

▪ Requests = guaranteed minimum

▪ K8S prevents oversubscription of requests

apiVersion: v1

kind: Pod

metadata:

name: qos-demo

namespace: qos-example

spec:

containers:

- name: qos-demo-ctr

image: nginx

resources:

limits:

memory: "200Mi”

cpu: "700m”

requests:

memory: "200Mi”

cpu: "700m"


Drilling Down: Storage For Stateful Containers

Kubernetes FlexVolume

/ CSI

▪ Single way to integrate 3rd

party storage

▪ replaces the need to

maintain several different

storage drivers as part of

the mainline Kubernetes

code

Local Storage

▪ Host paths can be mounted

to containers in Docker and

Kubernetes

CHALLENGES

▪ Persistence

▪ High Availability (HA)

▪ Who is managing it?

Kubernetes Native

Storage Drivers

▪ K8S team integrated

several popular filesystems

and storage drivers:

▪ iSCSI, NFS, GlusterFS,

CEPH, GCEpersistent,

AzureFile, etc.


Kubernetes Networking Model

POD 1

NETWORK

CNI

POD 2 POD n

Kubernetes accepts only ONE container network interface (CNI)

OTHERS


Container Networking Model: IP Layers and Port Mapping

HOST / Node IP:172.16.100.101/24

CLUSTER IP

10.100.100.101

Runtime Internal

192.168.xxx.yyy

CONTAINER 01

CLUSTER IP

10.100.100.102

Runtime Internal

192.168.xxx.yyy

CONTAINER 02

CLUSTER IP

10.100.100.103

Runtime Internal

192.168.xxx.yyy

CONTAINER 03

CLUSTER IP

10.100.100.104

Runtime Internal

192.168.xxx.yyy

CONTAINER 04

Node IP:172.16.100.102/24

CLUSTER IP

10.100.100.109

Runtime Internal

192.168.xxx.yyy

CONTAINER 09

CLUSTER IP

10.100.100.110

Runtime Internal

192.168.xxx.yyy

CONTAINER 10

CLUSTER IP

10.100.100.111

Runtime Internal

192.168.xxx.yyy

CONTAINER 11

CLUSTER IP

10.100.100.112

Runtime Internal

192.168.xxx.yyy

CONTAINER 12

Node IP:172.16.100.103/24

CLUSTER IP

10.100.100.113

Runtime Internal

192.168.xxx.yyy

CONTAINER 13

CLUSTER IP

10.100.100.121

Runtime Internal

192.168.xxx.yyy

CONTAINER 21

CLUSTER IP

10.100.100.107

Runtime Internal

192.168.xxx.yyy

CONTAINER 07

CLUSTER IP

10.100.100.114

Runtime Internal

192.168.xxx.yyy

CONTAINER 14

Outside World

It’s not NAT, but it sort of acts like it:


Drilling Down: Kubernetes Networking Model

Source: https://kubernetes.io/docs/concepts/services-networking/service/

NODE

ServiceIP

(iptables) kube-proxy

BACKEND POD 1 BACKEND POD 2 BACKEND POD 3

labels: app=MyApp

Port: 9376

labels: app=MyApp

Port: 9376

labels: app=MyApp

Port: 9376

client apiserver

client


OPERATING SYSTEM

ORCHESTRATOR

CONTAINER RUNTIME

OPERATING SYSTEM

HYPERVISOR

LEGACY INFRASTRUCTUREServersNetworkSAN Storage

Guest OS

/ Kernel

Guest OS

/ Kernel

Guest OS

/ Kernel

Guest bins

/ libs

Guest bins

/ libs

Guest bins

/ libs

Runtime

Orchestrator

▪ Complex

management

▪ Inefficient resource

utilization

▪ Low container

density

▪ Limited

performance

▪ High TCO

Runtime

Orchestrator

Runtime

Orchestrator

I/O LAYER

▪ Simpler

management

▪ Efficient resource

utilization

▪ High container

density

▪ Enhanced

performance

▪ Lower TCO

Application

Y

Container

Application

X

Container

Etcd

MASTER

Application

X

Container

Etcd

MASTER 1

Application

Y

Container

Application

Z

Container

Application

X

Container

Application

W

Container

Application

Y

Container

Application

Z

Container

Application

X

Container

Application

W

Container

Application

Y

Container

Application

Z

Container

Infrastructure: VMs VS. Bare Metal Hyperconverged


Case Study: Containers for Database-as-a-Service

▪ Solution:

▪ Solution up and running in a week

▪ Minutes to deploy new instance

▪ Nodes added dynamically without disruption

▪ $1.2M upfront savings

▪ $4M+ TCO savings over 3 years

▪ 4 FTE -> ½ FTE

▪ 23x faster than legacy

▪ 84 RUs down to 4 RUs

▪ Quality of service without overprovisioning

▪ High availability based on Kubernetes

▪ 24x7 support

10xFootprint reduction

$4MTCO savings over 3 years

10xFaster

deployment

7 Days Start to finish

▪ Challenge:

▪ Move to Postgres + DBaaS

▪ Looked at building it

▪ 6 FTE, 12 month development

▪ 4 FTE support

▪ 42 RUs

▪ Profile:

▪ Fortune 50 Financial Institution

▪ Sybase legacy app, ecosystem diminishing

▪ VM infrastructure takes months to deploy new instance

▪ Costly DB and VM licensing, overprovisioning, $10K per node + 84 Rus


Complete turnkey Kubernetes stack

▪ Hyperconverged 1U appliance built on x86 architecture

▪ Features container-optimized networking and storage models

▪ 24/7 full-stack support

Built for public cloud experience, on-prem

▪ Manage multiple on-prem clusters and private-cloud deployments through single UI

▪ Per container network and storage QoS

▪ Enterprise DP/DR features: mirroring/synchronous replication, snapshots/asynchronous replication

▪ Burst production workloads to the cloud

Benefits:

▪ High performance

▪ Efficient

▪ Secure

▪ Installs in minutes

▪ Low TCO

Diamanti Enterprise Kubernetes Platform


Thank You

Hack the Stack: Fast-track Kubernetes to Production with ...files.informatandm.com › uploads ›...

Documents

Transcript of Hack the Stack: Fast-track Kubernetes to Production with ...files.informatandm.com › uploads ›...