Kubernetes The Path to Cloud Native · Kubernetes The Path to Cloud Native Eric Brewer VP,...
Transcript of Kubernetes The Path to Cloud Native · Kubernetes The Path to Cloud Native Eric Brewer VP,...
![Page 1: Kubernetes The Path to Cloud Native · Kubernetes The Path to Cloud Native Eric Brewer VP, Infrastructure @eric_brewer August 28, 2015 ACM SOCC](https://reader036.fdocuments.in/reader036/viewer/2022062607/6053b84bf065c940c70114fd/html5/thumbnails/1.jpg)
Kubernetes The Path to Cloud Native
Eric Brewer VP, Infrastructure @eric_brewer
August 28, 2015 ACM SOCC
![Page 2: Kubernetes The Path to Cloud Native · Kubernetes The Path to Cloud Native Eric Brewer VP, Infrastructure @eric_brewer August 28, 2015 ACM SOCC](https://reader036.fdocuments.in/reader036/viewer/2022062607/6053b84bf065c940c70114fd/html5/thumbnails/2.jpg)
“Cloud Na*ve” Applica*ons Middle of a great transition ● unlimited “ethereal” resources in the Cloud ● an environment of services not machines ● thinking in APIs and co-designed services ● high availability offered and expected
![Page 3: Kubernetes The Path to Cloud Native · Kubernetes The Path to Cloud Native Eric Brewer VP, Infrastructure @eric_brewer August 28, 2015 ACM SOCC](https://reader036.fdocuments.in/reader036/viewer/2022062607/6053b84bf065c940c70114fd/html5/thumbnails/3.jpg)
Google confidential │ Do not distribute
Google has been developing and using containers to manage our applications for over 10 years.
Images by Connie Zhou
2B launched per week ● simplifies management ● performance isolation ● efficiency
![Page 4: Kubernetes The Path to Cloud Native · Kubernetes The Path to Cloud Native Eric Brewer VP, Infrastructure @eric_brewer August 28, 2015 ACM SOCC](https://reader036.fdocuments.in/reader036/viewer/2022062607/6053b84bf065c940c70114fd/html5/thumbnails/4.jpg)
VMs vs. Containers
Physical Processor
Virtual Processor
Operating System
Libraries
User Code Private Copy
Shared
Virtual Machines
Physical Processor
Virtual Processor
Operating System
Libraries
User Code
Containers
ISA
syscall
Containers: less overhead, enable more “magic”
![Page 5: Kubernetes The Path to Cloud Native · Kubernetes The Path to Cloud Native Eric Brewer VP, Infrastructure @eric_brewer August 28, 2015 ACM SOCC](https://reader036.fdocuments.in/reader036/viewer/2022062607/6053b84bf065c940c70114fd/html5/thumbnails/5.jpg)
Merging Two Kinds of Containers Docker ● It’s about packaging ● Control:
o packages o versions o (some config)
● Layered file system ● ⇒ Prod matches testing
Linux Containers ● It’s about isolation … performance isolation
● not security isolation … use VMs for that
● Manage CPUs, memory, bandwidth, …
● Nested groups
![Page 6: Kubernetes The Path to Cloud Native · Kubernetes The Path to Cloud Native Eric Brewer VP, Infrastructure @eric_brewer August 28, 2015 ACM SOCC](https://reader036.fdocuments.in/reader036/viewer/2022062607/6053b84bf065c940c70114fd/html5/thumbnails/6.jpg)
Google Pla=orm Layering
Infrastructure: Machines
App Engine: Language-based
Containers: Process-based
GCE
Kubernetes
GKE
GAE
Easy to use, Flexible
![Page 7: Kubernetes The Path to Cloud Native · Kubernetes The Path to Cloud Native Eric Brewer VP, Infrastructure @eric_brewer August 28, 2015 ACM SOCC](https://reader036.fdocuments.in/reader036/viewer/2022062607/6053b84bf065c940c70114fd/html5/thumbnails/7.jpg)
Kubernetes: Higher level of Abstrac*on
Don’t Worry About ● OS details ● Packages — no conflicts ● Machine sizes (much) ● Mixing languages ● Port conflicts
Think About ● Composition of services ● Load-balancing ● Names of services ● State management ● Monitoring and Logging ● Upgrading
![Page 8: Kubernetes The Path to Cloud Native · Kubernetes The Path to Cloud Native Eric Brewer VP, Infrastructure @eric_brewer August 28, 2015 ACM SOCC](https://reader036.fdocuments.in/reader036/viewer/2022062607/6053b84bf065c940c70114fd/html5/thumbnails/8.jpg)
Evolu*on is the Real Value Apps Structured as Independent Microservices ● Encapsulated state with APIs (like “objects”) ● Mixture of languages ● Mixture of teams
Services are Abstract ● A “Service” is just a long-lived abstract name ● Varied implementations over time (versions) ● Kubernetes routes to the right implementation
![Page 9: Kubernetes The Path to Cloud Native · Kubernetes The Path to Cloud Native Eric Brewer VP, Infrastructure @eric_brewer August 28, 2015 ACM SOCC](https://reader036.fdocuments.in/reader036/viewer/2022062607/6053b84bf065c940c70114fd/html5/thumbnails/9.jpg)
Service-‐Oriented Architecture? This is similar, but a also new Practical difference: ● Simple network RPCs now common ● JSON/http for REST (or gRPC for sessions)
Much better structure ● Micro ⇒ smaller services and more of them ● New in Kubernetes: modular sub-services
![Page 10: Kubernetes The Path to Cloud Native · Kubernetes The Path to Cloud Native Eric Brewer VP, Infrastructure @eric_brewer August 28, 2015 ACM SOCC](https://reader036.fdocuments.in/reader036/viewer/2022062607/6053b84bf065c940c70114fd/html5/thumbnails/10.jpg)
A Quick Look @ Your Code
![Page 11: Kubernetes The Path to Cloud Native · Kubernetes The Path to Cloud Native Eric Brewer VP, Infrastructure @eric_brewer August 28, 2015 ACM SOCC](https://reader036.fdocuments.in/reader036/viewer/2022062607/6053b84bf065c940c70114fd/html5/thumbnails/11.jpg)
& Your Code Community
Contribute
Customized Use Trade Secret
![Page 12: Kubernetes The Path to Cloud Native · Kubernetes The Path to Cloud Native Eric Brewer VP, Infrastructure @eric_brewer August 28, 2015 ACM SOCC](https://reader036.fdocuments.in/reader036/viewer/2022062607/6053b84bf065c940c70114fd/html5/thumbnails/12.jpg)
SOA… wrong granularity
![Page 13: Kubernetes The Path to Cloud Native · Kubernetes The Path to Cloud Native Eric Brewer VP, Infrastructure @eric_brewer August 28, 2015 ACM SOCC](https://reader036.fdocuments.in/reader036/viewer/2022062607/6053b84bf065c940c70114fd/html5/thumbnails/13.jpg)
Kubernetes: sub-structure Don’t think of a container as the boundary of your application “A container is more like a class in an object-oriented language.” --- Google’s Brendan Burns
![Page 14: Kubernetes The Path to Cloud Native · Kubernetes The Path to Cloud Native Eric Brewer VP, Infrastructure @eric_brewer August 28, 2015 ACM SOCC](https://reader036.fdocuments.in/reader036/viewer/2022062607/6053b84bf065c940c70114fd/html5/thumbnails/14.jpg)
Requirements...
Sharing among containers ● Share namespaces (esp. PID, Network and IPC) ● Share filesystems ● (Often) Share a resource hierarchy
![Page 15: Kubernetes The Path to Cloud Native · Kubernetes The Path to Cloud Native Eric Brewer VP, Infrastructure @eric_brewer August 28, 2015 ACM SOCC](https://reader036.fdocuments.in/reader036/viewer/2022062607/6053b84bf065c940c70114fd/html5/thumbnails/15.jpg)
Requirements...
Atomic co-scheduling of containers ● Composition requires co-location
![Page 16: Kubernetes The Path to Cloud Native · Kubernetes The Path to Cloud Native Eric Brewer VP, Infrastructure @eric_brewer August 28, 2015 ACM SOCC](https://reader036.fdocuments.in/reader036/viewer/2022062607/6053b84bf065c940c70114fd/html5/thumbnails/16.jpg)
Requirements...
Parameterization of containers ● Configurable at runtime ● Documented and discoverable
![Page 17: Kubernetes The Path to Cloud Native · Kubernetes The Path to Cloud Native Eric Brewer VP, Infrastructure @eric_brewer August 28, 2015 ACM SOCC](https://reader036.fdocuments.in/reader036/viewer/2022062607/6053b84bf065c940c70114fd/html5/thumbnails/17.jpg)
Pod
/data
Containers: ● Handle package dependencies ● Different versions, same machine ● No “DLL hell”
Substructure
python 3.4.2 glibc 2.21
MyService
python 2.7.9 glibc 2.19
MySQL Pods: ● Co-locate containers ● Shared volumes ● IP address, independent port space ● Unit of deployment, migration
![Page 18: Kubernetes The Path to Cloud Native · Kubernetes The Path to Cloud Native Eric Brewer VP, Infrastructure @eric_brewer August 28, 2015 ACM SOCC](https://reader036.fdocuments.in/reader036/viewer/2022062607/6053b84bf065c940c70114fd/html5/thumbnails/18.jpg)
Dependencies: Services Service: ● Replicated pods
o Source pod is a template ● Auto-restart member pods ● Abstract name (DNS) ● IP address for the service
o in addition to the members ● Load balancing among replicas
Load Balancer
Service IP
![Page 19: Kubernetes The Path to Cloud Native · Kubernetes The Path to Cloud Native Eric Brewer VP, Infrastructure @eric_brewer August 28, 2015 ACM SOCC](https://reader036.fdocuments.in/reader036/viewer/2022062607/6053b84bf065c940c70114fd/html5/thumbnails/19.jpg)
Some Patterns... Examples of how you use substructure
![Page 20: Kubernetes The Path to Cloud Native · Kubernetes The Path to Cloud Native Eric Brewer VP, Infrastructure @eric_brewer August 28, 2015 ACM SOCC](https://reader036.fdocuments.in/reader036/viewer/2022062607/6053b84bf065c940c70114fd/html5/thumbnails/20.jpg)
Pod
Sidecars
Application Container
node.js Git Synchronizer
Sidecars extend and enhance
Sidecar Container
![Page 21: Kubernetes The Path to Cloud Native · Kubernetes The Path to Cloud Native Eric Brewer VP, Infrastructure @eric_brewer August 28, 2015 ACM SOCC](https://reader036.fdocuments.in/reader036/viewer/2022062607/6053b84bf065c940c70114fd/html5/thumbnails/21.jpg)
Pod
Sidecar Pattern
Application Container
nginx Git Synchronizer
Sidecars extend and enhance
Sidecar Container
![Page 22: Kubernetes The Path to Cloud Native · Kubernetes The Path to Cloud Native Eric Brewer VP, Infrastructure @eric_brewer August 28, 2015 ACM SOCC](https://reader036.fdocuments.in/reader036/viewer/2022062607/6053b84bf065c940c70114fd/html5/thumbnails/22.jpg)
Ambassador Container
Pod
Ambassador Pattern
PHP app redis proxy
Ambassadors represent and present
localhost
Application Container
Redis Shards
![Page 23: Kubernetes The Path to Cloud Native · Kubernetes The Path to Cloud Native Eric Brewer VP, Infrastructure @eric_brewer August 28, 2015 ACM SOCC](https://reader036.fdocuments.in/reader036/viewer/2022062607/6053b84bf065c940c70114fd/html5/thumbnails/23.jpg)
Pod
Adapter Pattern
redis redis exporter
Adapters normalize and abstract
localhost
Application Container Adapter Container Monitoring System
Other adapters
![Page 24: Kubernetes The Path to Cloud Native · Kubernetes The Path to Cloud Native Eric Brewer VP, Infrastructure @eric_brewer August 28, 2015 ACM SOCC](https://reader036.fdocuments.in/reader036/viewer/2022062607/6053b84bf065c940c70114fd/html5/thumbnails/24.jpg)
Example: Rolling Upgrade with Labels
Pods:
Labels: frontend
v1.2
frontend
v1.2
frontend
v1.2
frontend
v1.2
frontend
v1.3
frontend
v1.3
frontend
v1.3
frontend
v1.3
frontend
Replication Controller
replicas: 4
v1.2
Replication Controller
replicas: 1
v1.3
replicas: 3 replicas: 2 replicas: 3 replicas: 2 replicas: 1 replicas: 4 replicas: 0
![Page 25: Kubernetes The Path to Cloud Native · Kubernetes The Path to Cloud Native Eric Brewer VP, Infrastructure @eric_brewer August 28, 2015 ACM SOCC](https://reader036.fdocuments.in/reader036/viewer/2022062607/6053b84bf065c940c70114fd/html5/thumbnails/25.jpg)
Summary A new path for Cloud Native applications: ● Collection of independent (micro) services ● Each service evolves on its own
o Scale as needed o Update as needed o Mix versions as needed
● Pods provide critical structure o Template for service members o Group containers and volumes o Dedicated IP and thus port space
● Containers are the new “classes”
![Page 26: Kubernetes The Path to Cloud Native · Kubernetes The Path to Cloud Native Eric Brewer VP, Infrastructure @eric_brewer August 28, 2015 ACM SOCC](https://reader036.fdocuments.in/reader036/viewer/2022062607/6053b84bf065c940c70114fd/html5/thumbnails/26.jpg)
BACKUP
![Page 27: Kubernetes The Path to Cloud Native · Kubernetes The Path to Cloud Native Eric Brewer VP, Infrastructure @eric_brewer August 28, 2015 ACM SOCC](https://reader036.fdocuments.in/reader036/viewer/2022062607/6053b84bf065c940c70114fd/html5/thumbnails/27.jpg)
Google confidential │ Do not distribute
How?
Implemented by a number of (unrelated) Linux APIs: • cgroups: Restrict resources a process can consume
• CPU, memory, disk IO, ... • namespaces: Change a process’s view of the system
• Network interfaces, PIDs, users, mounts, ... • capabilities: Limits what a user can do
• mount, kill, chown, ... • chroots: Determines what parts of the filesystem a user can see