Download to read offline
![STORY
Lyke - [12.2016 - 07.2017]
SMACC - [10.2017 - present]](https://image.slidesharecdn.com/index-180917195221/85/Effective-Kubernetes-Is-Kubernetes-the-new-Linux-Is-the-new-Application-Server-4-320.jpg)
![1. CLEAN UP
Single script for repo - Makefile [1]
Resurrect the README
[1] With zsh or bash auto-completion plug-in in your terminal.](https://image.slidesharecdn.com/index-180917195221/85/Effective-Kubernetes-Is-Kubernetes-the-new-Linux-Is-the-new-Application-Server-39-320.jpg)
![6. KEEP IT RUNNING
Bridge the new with old:
Use external services in Kubernetes
Optional: Expose k8s in the Legacy [1]
[1] feeding K8S events to HashiCorp consul](https://image.slidesharecdn.com/index-180917195221/85/Effective-Kubernetes-Is-Kubernetes-the-new-Linux-Is-the-new-Application-Server-44-320.jpg)
![WHAT DID NOT WORK
1. Too many PoC, should cut them to 2 weeks max
2. Do it with smaller chunks
3. Alert rules too hard to write
4. Push back to k8s yaml [*]
With coaching, I thought, it is OK](https://image.slidesharecdn.com/index-180917195221/85/Effective-Kubernetes-Is-Kubernetes-the-new-Linux-Is-the-new-Application-Server-52-320.jpg)
![Repo .travis.yml
language: go
go:
- '1.10'
services:
- docker
install:
- curl -sL https://${GITHUB_TOKEN}@raw.githubusercontent.com
- if [ -f "tools/travis/install.sh" ]; then bash tools/travi
script:
- dep ensure
- make lint
- make test
- if [ -z "${TRAVIS_TAG}" ]; then make snapshot; fi;
deploy:
provider: script](https://image.slidesharecdn.com/index-180917195221/85/Effective-Kubernetes-Is-Kubernetes-the-new-Linux-Is-the-new-Application-Server-63-320.jpg)
![STORY
Lyke - [12.2016 - 07.2017]
SMACC - [10.2017 - present]](https://image.slidesharecdn.com/index-180917195221/75/Effective-Kubernetes-Is-Kubernetes-the-new-Linux-Is-the-new-Application-Server-4-2048.jpg)
![1. CLEAN UP
Single script for repo - Makefile [1]
Resurrect the README
[1] With zsh or bash auto-completion plug-in in your terminal.](https://image.slidesharecdn.com/index-180917195221/75/Effective-Kubernetes-Is-Kubernetes-the-new-Linux-Is-the-new-Application-Server-39-2048.jpg)
![6. KEEP IT RUNNING
Bridge the new with old:
Use external services in Kubernetes
Optional: Expose k8s in the Legacy [1]
[1] feeding K8S events to HashiCorp consul](https://image.slidesharecdn.com/index-180917195221/75/Effective-Kubernetes-Is-Kubernetes-the-new-Linux-Is-the-new-Application-Server-44-2048.jpg)
![WHAT DID NOT WORK
1. Too many PoC, should cut them to 2 weeks max
2. Do it with smaller chunks
3. Alert rules too hard to write
4. Push back to k8s yaml [*]
With coaching, I thought, it is OK](https://image.slidesharecdn.com/index-180917195221/75/Effective-Kubernetes-Is-Kubernetes-the-new-Linux-Is-the-new-Application-Server-52-2048.jpg)
![Repo .travis.yml
language: go
go:
- '1.10'
services:
- docker
install:
- curl -sL https://${GITHUB_TOKEN}@raw.githubusercontent.com
- if [ -f "tools/travis/install.sh" ]; then bash tools/travi
script:
- dep ensure
- make lint
- make test
- if [ -z "${TRAVIS_TAG}" ]; then make snapshot; fi;
deploy:
provider: script](https://image.slidesharecdn.com/index-180917195221/75/Effective-Kubernetes-Is-Kubernetes-the-new-Linux-Is-the-new-Application-Server-63-2048.jpg)
Uploaded byWojciech Barczyński
Effective Kubernetes - Is Kubernetes the new Linux? Is the new Application Server?
The document discusses effective platform building with Kubernetes, emphasizing its role in simplifying infrastructure management for micro-services, enhancing resource utilization, and reducing operational costs. It outlines practical approaches to deploying applications, managing rolling updates, and implementing a continuous deployment process using tools like Terraform and GitHub. The author shares experiences from their own work with various companies, detailing successes and challenges faced during transitions to Kubernetes-based architectures.
More Related Content
Similar to Effective Kubernetes - Is Kubernetes the new Linux? Is the new Application Server?
![Effective Kubernetes == Keep it Simple [Ignite Talk DevOpsDays Warsaw]](https://cdn.slidesharecdn.com/ss_thumbnails/slides-181120223017-thumbnail.jpg?width=600ounds&width=560&fit=bounds)
![UiPath Automation Suite Installation (Hands-On) [2/3]](https://cdn.slidesharecdn.com/ss_thumbnails/automationsuitecommunitysession2-251015095633-a6d862f1-thumbnail.jpg?width=600ounds&width=560&fit=bounds)
Effective Kubernetes - Is Kubernetes the new Linux? Is the new Application Server?
- 1. EFFECTIVE PLATFORM BUILDINGWITH KUBERNETES. IS K8S NEW LINUX? Wojciech Barczynski - SMACC.io | Hypatos.ai Wrzesień 2018
- 2. WOJCIECH BARCZYŃSKI Lead Soware Engineer & System Engineer Interests: working so ware Hobby: teaching so ware engineering
- 3. BACKGROUND ML FinTech ➡micro-services and k8s Before: 1 z 10 Indonesian mobile e-commerce (Rocket Internet) Spent 3.5y with Openstack, 1000+ nodes, 21 data centers I do not like INFRA :D
- 4. STORY Lyke - [12.2016- 07.2017] SMACC - [10.2017 - present]
- 5.
- 6. WHY? Admistracja jest trudnai kosztowna Virtualne Maszyny, ansible, salt, etc. Za dużo ruchomych części Nie kończąca się standaryzacja
- 7.
- 8. WHY? Cloud is notso cheap - $$$
- 9. IMAGINE do not needto think about IaaS no login on a VM less gold plating your CI / CD ... DC as a black box
- 10. KUBERNETES Container management Service andapplication mindset Simple Semantic* Independent from IaaS provider
- 11. KUBERNETES Batteries for your12factory apps Service discovery, meta-data support Utilize resources to nearly 100%
- 12. KUBERNETES Kubernetes Node Node Node Node App Ingress Controller Repository make docker_push;kubectl create -f app-srv-dpl.yaml
- 13. SCALE UP! SCALEDOWN! Kubernetes Node Node Node Node App Ingress Controller App Appscale 3x kubectl --replicas=3 -f app-srv-dpl.yaml
- 14. SCALE UP! SCALEDOWN! Kubernetes Node Node Node Node Ingress Controller scale 1x App kubectl --replicas=1 -f app-srv-dpl.yaml
- 15. ROLLING UPDATES! Kubernetes Node Node Node Node App Ingress Controller App App kubectlset image deployment/app app=app:v2.0.0
- 16.
- 17.
- 18.
- 19.
- 20.
- 21. HOW GET USERREQUESTS? API BACKOFFICE 1 DATA WEB ADMIN BACKOFFICE 2 BACKOFFICE 3 API.DOMAIN.COM DOMAIN.COM/WEB BACKOFFICE.DOMAIN.COM ORCHESTRATOR PRIVATE NETWORKINTERNET API LISTEN (DOCKER, SWARM, MESOS...) Ingress Controller
- 22. INGRESS Pattern Target AppService api.smacc.io/v1/users users-v1 api.smacc.io/v2/users users-v2 smacc.io web
- 23.
- 24. SERVICE DISCOVERY names inDNS: curl labels: name=value annotations: prometheus.io/scrape: "true" http://users/list
- 25. SERVICE DISCOVERY loosely couplecomponents auto-wiring with logging and monitoring
- 26. DROP-IN traefik / Ingress/ Envoy prometheus audit checks ...
- 27. THE BEST PART Alllive in git: all in Yaml integration with monitoring, alarming integration with ingress-controller ... Devs can forget about infrastructure... almost DevOps Culture Dream!
- 29. LYKE Now JollyChic Indonesia E-commerce Mobile-only 50k+users 2M downloads Top 10 Fashion Apps w Google Play Store http://www.news.getlyke.com/single- post/2016/12/02/Introducing-the- New-Beautiful-LYKE
- 30. GOOD PARTS Fast Growth A/BTesting Data-driven Product Manager, UI Designer, Mobile Dev, and tester - one body
- 31. CHALLENGES 50+ VMs inAmazon, 1 VM - 1 App, idle machine Puppet, hilarious (manual) deployment process Fear Forgotten components sometimes performance issues
- 32. APPROACH 1. Simplify infrastructure 2.Change the Development practices 3. Change the work organization see: Conway's law
- 33. SIMPLIFY 1. Kubernetes withGoogle Kubernetes Engine 2. Terraform for all new
- 34. SIMPLIFY 1. Prometheus, AlertManager,and Grafana 2. Elasticsearch-Fluentd-Kibana 3. Google Identity-Aware-Proxy to protect all dev dashboards 4. 3rd party SaaS: statuscake and opsgenie
- 35.
- 36. TRAVISCI 1. Tests 2. Builddocker 3. Deploy to Google Container Registry 4. Deploy to k8s only new docker 5. no config applied
- 37. GIT REPO |- tools ||- kube-service.yaml | - kube-deployment.yaml | |- Dockerfile |- VERSION - Makefile
- 38. Makefile Copy&Paste from theproject to project SERVICE_NAME=v-connector GCP_DOCKER_REGISTRY=eu.gcr.io test: test_short test_integration run_local: docker_build: docker_push kube_create_config: kube_apply: kube_deploy:
- 39. 1. CLEAN UP Singlescript for repo - Makefile [1] Resurrect the README [1] With zsh or bash auto-completion plug-in in your terminal.
- 40. 2. GET BACKALL THE KNOWLEDGE Puppet, Chef, ... ➡ Dockerfile Check the instances ➡ Dockerfile, README.rst Nagios, ... ➡ README.rst, checks/
- 41. 3. INTRODUCE RUN_LOCAL makerun_local A nice section on how to run in README.rst Use: docker-compose The most crucial point.
- 42. 4. GET TOKUBERNETES make kube_create_config make kube_apply Generate the yaml files if your envs differ
- 43. 5. CONTINUOUS DEPLOYMENT Travis: usethe same Makefile as a developer
- 44. 6. KEEP ITRUNNING Bridge the new with old: Use external services in Kubernetes Optional: Expose k8s in the Legacy [1] [1] feeding K8S events to HashiCorp consul
- 45. Bridge the newwith old Service <External> Rabbit Prometheus Exporter RabbitMQ Google AWS Kubernetes EC2 http://rabbitmq:15672 IP 9090 Monitor legacy with new stack
- 46. Architecture During Migration Staging K8S 6 Production K8S 10 GoogleLB Google LB Live 30+ Staging 10+ Google AWS Cloudfront (Live/Staging) api.xstaging-api.x Google LBGoogle LBELB Google LBGoogle LBELB VPN VPN lyke.x staging-lyke.x Prometheus EFK - 2 ElasticSearch 4 nodes Lambdas
- 47. 7. INTRODUCE SMOKE-TEST TARGET_URL=127.0.0make smoke_test TARGET_URL=api.example.com/users make smoke_test
- 48. 8. MOVE TOMICRO-SERVICES To offload the biggest components: Keep the lights on New functionality delegated to micro-services
- 49. 9. SERVICE SELF-CONSCIOUSNESS Addto old services: 1. metrics/ 2. health/ 3. info/
- 50. 10. GET PERFORMANCETESTING introduce wrk for evaluating performance load test the real system
- 51. WHAT WORKED 1. C&PMakefile and k8s between repos 2. Separate deployments a good transition strategy
- 52. WHAT DID NOTWORK 1. Too many PoC, should cut them to 2 weeks max 2. Do it with smaller chunks 3. Alert rules too hard to write 4. Push back to k8s yaml [*] With coaching, I thought, it is OK
- 53. DO DIFFERENT 1. Movedev and staging data immediately 2. Let devs know it is a transition stage 3. Teach earlier about resources 4. EFK could wait 5. World-stop for a paid-XXX% weekend for migration
- 57. STORY Legacy on AWS,experiments with AWS ECS :/ Self-hosted K8S on ProfitBricks Get to Microso ScaleUp, welcome Azure Luckily - AKS
- 58. AZURE KUBERNETES SERVICE Independentfrom IaaS Our OnPrem = Our OnCloud Consolidation of our micro-services Plug and play, e.g., monitoring
- 59. SIMPLICITY az aks CLIfor setting k8s - README.rst Terraform for everything else 1Password and gopass.pw TF also sets our AWS
- 60. DIFFERENCE ☠ Two teamsin Berlin and Warsaw Me in Warsaw
- 61. NEW EXPERIENCE devs reallydo not like TravisCI ... k8s yamls transition from PB to AKS was painful
- 62. SOLUTION make everything ligther c&pwithout modifications hide the k8s, remove magic deploy on tag Similar to the Kelsey Hightower approach
- 63. Repo .travis.yml language: go go: -'1.10' services: - docker install: - curl -sL https://${GITHUB_TOKEN}@raw.githubusercontent.com - if [ -f "tools/travis/install.sh" ]; then bash tools/travi script: - dep ensure - make lint - make test - if [ -z "${TRAVIS_TAG}" ]; then make snapshot; fi; deploy: provider: script
- 64. Makefile |- tools | |-Makefile | |- kube-service.yaml | - kube-deployment.yaml | |- Dockerfile - Makefile
- 65.
- 66. PROCESS 1. git tagand push
- 67. PROCESS 1. Generate deploy,ingress, and svc kubernetes files 2. Commit to smacc-platform.git on staging branch 3. Deploy to staging environment
- 68. PROCESS 1. Create PRin smacc-platform.git for production branch 2. On merge, deploy to production
- 69. smacc-platform 3 independent branches:dev, staging, and master Target for other scripts
- 70. KUBERNETES Pure, generated, kubernetesconfig 2x kubernetes operators
- 71. WHAT WORKED Hiding k8s Gofor ubuntu-based docker images
- 72. WOULD DO DIFFERENT Moresensitive to feedback
- 73. NEXT Acceptance tests onevery deployment Scale our ML trainings on the top of k8s Deployment tool based on Keeping an eye on Istio missy
- 74. K8S - Linux Kubernetesnot a silver bullet, but damn close Common runtime for onPrem and onCloud The biggest asset - the API With service discovery - an integration platform With kubevirt - might replace your Openstack
- 75. DZIĘKUJĘ. PYTANIA? ps. Weare hiring.
- 76.
- 77. HIRING Senior Polyglot Soware Engineers Experienced System Engineers Front-end Engineers 1 Data-Driven Product Manager Apply: hello-warsaw@smacc.io, Questions? wojciech.barczynski@smacc.io, or We will teach you Go if needed. No k8s or ML, we will take care of that. FB LI
- 78.
- 79. CHANGE THE WORKORGANIZATION From Scrum To Kanban For the next talk
- 80.
- 81.
- 82.
- 83. PODS See each otheron localhost Live and die together Can expose multiple ports Pod nginx WebFiles ENV: HOSTNAME=0.0.0.0 LISTENPORT=8080
- 84.
- 85. BASIC CONCEPTS Name Purpose ServiceInterface Entry point (Service Name) Deployment Factory How many pods, which pods Pod Implementation 1+ docker running
- 86. ROLLING RELEASE WITHDEPLOYMENTS Service Pods Labels Deployment Deployment << Creates >> << Creates >> Also possible