Kubernetes - Sailing a Sea of Containers
-
Upload
kel-cecil -
Category
Engineering
-
view
1.045 -
download
0
Transcript of Kubernetes - Sailing a Sea of Containers
![Page 1: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/1.jpg)
KubernetesKubernetesSailing a Sea of ContainersSailing a Sea of Containers
Kel Cecil - @praisechaos
![Page 2: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/2.jpg)
What is Kubernetes?What is Kubernetes?Container Orchestration Toolset
Originated at Google (Borg)
Now a Cloud Native Computing Foundation project
Used in commercial and open source projects
Tectonic (CoreOS)Meteor Galaxy (MeteorJS)OpenShift 3 (Red Hat)Kubernetes Scheduler for Deis (Engine Yard)
![Page 3: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/3.jpg)
Why Kubernetes?Why Kubernetes?Deploying one single container app is easy
Deploying a complex app is more difficult
One or more containersReplicas of containersData volumes for persistent storage
Deploying lots of complex apps can be a challenge
![Page 4: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/4.jpg)
FeaturesFeatures
Services for load balancing
Resource-based scheduling
Robust API
Great CLI tooling via kubectl
Container-spec agnostic
![Page 5: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/5.jpg)
What does a simple Kubernetes cluster look like?
Master
Node Node Node
![Page 6: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/6.jpg)
NodeNodePhysical or virtual machine on which containers can be
scheduled
![Page 7: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/7.jpg)
What unit runs on the nodes?What unit runs on the nodes?
![Page 8: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/8.jpg)
PodPodA colocated set of application containers and shared data
volumes.
Smallest unit that can be scheduled.
![Page 9: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/9.jpg)
Pod
container 1 container n
AWS EBS Volume GCE Volume
NFS Share Git Commit
Containers
Data Volumes
And more...
![Page 10: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/10.jpg)
How can we organize podsHow can we organize pods(or any other Kubernetes resource)?
![Page 11: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/11.jpg)
LabelsLabelsKey-value pairs used to organize resources.
![Page 12: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/12.jpg)
important-microservicedocker.io/kelcecil/app:latest
env=productionserver=nginx
important-microservicedocker.io/kelcecil/app:feature
env=qaserver=nginx
Pods Nodes
172.17.8.102
hostname=172.17.8.102rack=tatooine
172.17.8.103
hostname=172.17.8.103rack=tatooine
172.17.8.104
hostname=172.17.8.104rack=alderaan
![Page 13: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/13.jpg)
Let's have replicas of pods...Let's have replicas of pods...(There's a Kubernetes resource for that.)
![Page 14: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/14.jpg)
Replication ControllerReplication ControllerManages the lifecycle of pods by ensuring a desired
number of pods exist.
![Page 15: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/15.jpg)
Replication Controllerreplicas=2
selector: app=user-service
Podlabels: app=user-service
Podlabels: app=user-service
Podlabels: app=user-service
![Page 16: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/16.jpg)
How can we direct traffic to pods?How can we direct traffic to pods?
![Page 17: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/17.jpg)
ServiceServiceProvides a single, stable endpoint for a set of pods.
Very much like a round-robin load balancer
![Page 18: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/18.jpg)
user-microservice
app=user-service
user-microservice
app=user-service
Client
Servicename: user-microservice
port: 31335selector: app=user-service
Pods
![Page 19: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/19.jpg)
What components make up Kubernetes?
![Page 20: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/20.jpg)
Master
Node
kube-apiserverkube-schedulerkube-controller-manager
kubeletkube-proxy
![Page 21: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/21.jpg)
Master
kube-apiserver
Validates and sets data for resources
Services REST operations
Provides the interface from whichcomponents interact
![Page 22: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/22.jpg)
Master
kube-scheduler
Performs scheduling of pods
Considers many factors when decidingwhere to schedule
Resource requirementsData localityProcess affinity and anti-affinity
![Page 23: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/23.jpg)
Master
kube-controller-manager
Watches the state of the cluster through the API
Makes changes to make actual state of podsmatch the desired state of pods
![Page 24: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/24.jpg)
Node
kubelet
Ensures that pod specifications are met on anode
Performs garbage collection on containers
Ensures that containers are healthy
![Page 25: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/25.jpg)
Node
kube-proxy
Network proxy that forwards traffic to propercontainer
Configured using Kubernetes service
Can forward TCP and UDP steams or round-robin TCP and UDP forwarding
![Page 26: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/26.jpg)
important-microservice
app=user-service
important-microservice
app=user-service
Client
Servicename: user-microservice
port: 31335selector: app=user-service
Pods
kube-proxy
![Page 27: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/27.jpg)
DemonstrationDemonstrationLet's deploy something!Let's deploy something!
![Page 29: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/29.jpg)
If you see this and following slides during thetalk, then my demo was a bust. These slidesare plan B. Sorry about that.
If you're browsing my slides after the talk,then this is what I demonstrated live.
https://github.com/pires/kubernetes-vagrant-coreos-clusterFollow along with this simple Kubernetes vagrant setup.
![Page 30: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/30.jpg)
apiVersion: v1kind: ReplicationController# Metadata about the controllermetadata: name: blog-controller labels: name: blog-controllerspec: replicas: 2 # The labels of pods to be monitored selector: name: blog-pod # Template newly created pods follow template: metadata: # Match the controller selector at minimum labels: name: blog-pod spec: containers: - name: blog-container image: quay.io/kelcecil/kelcecil-com:latest # containerPort is port in use inside container ports: - containerPort: 80
Create a new replication controllerblog.yaml
![Page 31: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/31.jpg)
Create a new replication controller (2/2)
# Set your KUBERNETES_MASTER to your API Server# Alternatively, use the -s flag with kubectlexport KUBERNETES_MASTER="http://127.0.0.1:8080"kubectl create -f blog.yaml
In your terminal...
![Page 32: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/32.jpg)
Get a list of replication controllers and pods
kelcecil@Kels-MBP ~/c/kube-talk> kubectl get rcCONTROLLER CONTAINER(S) IMAGE(S) SELECTOR REPLICASblog-controller blog-container quay.io/kelcecil/kelcecil-com:latest name=blog-pod 2
kelcecil@Kels-MBP ~/c/kube-talk> kubectl get podsNAME READY STATUS RESTARTS AGEblog-controller-0g7ng 1/1 Running 0 1mblog-controller-a6729 1/1 Running 0 1m
# You can use kubectl get with any Kubernetes resource# kubectl get <resource># kubectl get nodes# kubectl get services
![Page 33: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/33.jpg)
kelcecil@Kels-MBP ~/c/kube-talk> kubectl describe pod blog-controller-0g7ngName: blog-controller-0g7ngNamespace: defaultImage(s): quay.io/kelcecil/kelcecil-com:latestNode: 172.17.8.102/172.17.8.102Labels: name=blog-podStatus: RunningReason:Message:IP: 10.244.35.4Replication Controllers: blog-controller (2/2 replicas created)Containers: blog-container: Image: quay.io/kelcecil/kelcecil-com:latest State: Running Started: Tue, 29 Sep 2015 20:44:37 -0400 Ready: True Restart Count: 0..................
Get information about a particular pod
kubectl describe also works for any Kubernetes resource
![Page 34: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/34.jpg)
kelcecil@Kels-MBP ~/c/kube-talk> kubectl describe node 172.17.8.102Name: 172.17.8.102Labels: kubernetes.io/hostname=172.17.8.102CreationTimestamp: Sun, 13 Sep 2015 15:53:52 -0400Conditions: Type Status LastHeartbeatTime LastTransitionTime Reason Message Ready True Sun, 13 Sep 2015 16:55:16 -0400 Sun, 13 Sep 2015 15:53:52 -0400 kubelet is posting ready statusAddresses: 172.17.8.102Capacity: memory: 2053532Ki pods: 40 cpu: 1Version: Kernel Version: 4.1.6-coreos-r2 OS Image: CoreOS 801.0.0 Container Runtime Version: docker://1.8.1 Kubelet Version: v1.0.3 Kube-Proxy Version: v1.0.3ExternalID: 172.17.8.102Pods: (1 in total) Namespace Name default blog-lmj3cNo events.
Get system information about a node
kelcecil@Kels-MBP ~/c/kube-talk> kubectl get nodesNAME LABELS STATUS172.17.8.102 kubernetes.io/hostname=172.17.8.102 Ready172.17.8.103 kubernetes.io/hostname=172.17.8.103 Ready
![Page 35: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/35.jpg)
Create a labelkelcecil@Kels-MBP ~/c/kube-talk> kubectl label node 172.17.8.102 region=us-east-1NAME LABELS STATUS172.17.8.102 kubernetes.io/hostname=172.17.8.102,region=us-east-1 Ready
kelcecil@Kels-MBP ~/c/kube-talk> kubectl get nodesNAME LABELS STATUS172.17.8.102 kubernetes.io/hostname=172.17.8.102,region=us-east-1 Ready172.17.8.103 kubernetes.io/hostname=172.17.8.103 Ready
kelcecil@Kels-MBP ~/c/kube-talk> kubectl get -l region=us-east-1 nodesNAME LABELS STATUS172.17.8.102 kubernetes.io/hostname=172.17.8.102,region=us-east-1 Ready
Filter resources by label
Remove a labelkelcecil@Kels-MBP ~/c/kube-talk> kubectl label node 172.17.8.102 region-NAME LABELS STATUS172.17.8.102 kubernetes.io/hostname=172.17.8.102 Ready
![Page 36: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/36.jpg)
Scale a Replication Controller to 3 Replicaskelcecil@Kels-MBP ~/c/kube-talk> kubectl get podsNAME READY STATUS RESTARTS AGEblog-controller-0g7ng 1/1 Running 0 3mblog-controller-a6729 1/1 Running 0 3m
kelcecil@Kels-MBP ~/c/kube-talk> kubectl scale --replicas=3 rc blog-controllerscaled
kelcecil@Kels-MBP ~/c/kube-talk> kubectl get podsNAME READY STATUS RESTARTS AGEblog-controller-0g7ng 1/1 Running 0 3mblog-controller-a6729 1/1 Running 0 3mblog-controller-sems7 1/1 Running 0 18s
![Page 37: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/37.jpg)
Get logs from a pod
> kubectl logs blog-controller-0g7ng2015/09/14 03:07:32 [notice] 12#0: using the "epoll" event method2015/09/14 03:07:32 [notice] 12#0: nginx/1.8.02015/09/14 03:07:32 [notice] 12#0: OS: Linux 4.1.6-coreos-r22015/09/14 03:07:32 [notice] 12#0: getrlimit(RLIMIT_NOFILE): 1048576:10485762015/09/14 03:07:32 [notice] 12#0: start worker processes2015/09/14 03:07:32 [notice] 12#0: start worker process 13
![Page 38: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/38.jpg)
Executing a command inside a pod/container> kubectl exec blog-controller-0g7ng "ps"PID USER TIME COMMAND 1 root 0:00 /bin/sh -c nginx 12 root 0:00 nginx: master process nginx 13 nginx 0:00 nginx: worker process 82 root 0:00 ps
Interact with a shell inside a container> kubectl exec -it blog-controller-0g7ng "sh"/ # ps axPID USER TIME COMMAND 1 root 0:00 /bin/sh -c nginx 12 root 0:00 nginx: master process nginx 13 nginx 0:00 nginx: worker process 98 root 0:00 sh 103 root 0:00 ps ax/ # exit
![Page 39: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/39.jpg)
apiVersion: v1kind: Service# Metadata about the servicemetadata: name: blog-service labels: name: blog-servicespec: # Open a port on nodes using kube-proxy type: NodePort ports: # the port the container serves on - port: 80 # Match the labels for pods to be served selector: name: blog-pod
Create a new serviceblog-service.yaml
# Set your KUBERNETES_MASTER to your API Serverexport KUBERNETES_MASTER="http://127.0.0.1:8080"kubectl create -f blog-service.yaml
In your terminal...
![Page 40: Kubernetes - Sailing a Sea of Containers](https://reader033.fdocuments.in/reader033/viewer/2022050614/58e992081a28ab287d8b4ffb/html5/thumbnails/40.jpg)
Perform a rolling update on a container
> kubectl rolling-update --image=quay.io/kelcecil/kelcecil-com:talks blog-controllerCreating blog-controller-676be42f24a573bf0ee7733377bd5ea8At beginning of loop: blog-controller replicas: 1, blog-controller-676be42f24a573bf0ee7733377bd5ea8 Updating blog-controller replicas: 1, blog-controller-676be42f24a573bf0ee7733377bd5ea8 replicas: 1At end of loop: blog-controller replicas: 1, blog-controller-676be42f24a573bf0ee7733377bd5ea8 replicas: At beginning of loop: blog-controller replicas: 0, blog-controller-676be42f24a573bf0ee7733377bd5ea8 Updating blog-controller replicas: 0, blog-controller-676be42f24a573bf0ee7733377bd5ea8 replicas: 2At end of loop: blog-controller replicas: 0, blog-controller-676be42f24a573bf0ee7733377bd5ea8 replicas: Update succeeded. Deleting old controller: blog-controllerRenaming blog-controller-676be42f24a573bf0ee7733377bd5ea8 to blog-controllerblog-controller