K8s vs Cloud Foundry
-
Upload
ivan-borshukov -
Category
Software
-
view
105 -
download
0
Transcript of K8s vs Cloud Foundry
![Page 1: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/1.jpg)
k8s vs cfThrough the eyes of the user
![Page 2: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/2.jpg)
HELLO!Ivan BorshukovChaosGroup@botu6aa
![Page 3: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/3.jpg)
What is it?
![Page 4: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/4.jpg)
k8sopen-source system for automating deployment, scaling, and management of containerized applications
What is it?
cfcode-centric platform thatruns code in any language or framework in the cloud and manages its lifecycle
![Page 5: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/5.jpg)
k8s● Open-source● Lifecycle● Containers
What is it?
cf
● Open-source● Lifecycle● Applications
![Page 6: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/6.jpg)
Abstractions
![Page 7: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/7.jpg)
k8sContainerPodReplica SetDeploymentDaemon SetVolume
Abstractions
cfApplicationService
![Page 8: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/8.jpg)
● Container● Pod - group of one or more containers with
shared storage/network● Replication Controller - ensures that a
specified number of pod replicas are running at any one time
● Deployment - provides declarative updates for Pods and Replica Sets.
Kubernetes Abstractions 101
![Page 9: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/9.jpg)
● Service - defines a logical set of Pods and a policy by which to access them
● Volume● ConfigMap - configuration key/value pairs● Secret - sensitive data● Label & Label selector● And more...
Kubernetes Abstractions 101 (continued)
![Page 10: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/10.jpg)
Kubernetes Abstractions 101
![Page 11: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/11.jpg)
User Interaction
![Page 12: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/12.jpg)
● CLI - both CF and k8s● Web interface (limited functionality) - k8s
User Interaction
![Page 13: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/13.jpg)
K8s
Hello, World!
$ kubectl run hello-k8s --image=hello
# or
$ kubectl apply -f descriptor.yml
# or
$ kubectl create -f descriptor.yml
![Page 14: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/14.jpg)
CF
Hello, World!
$ cf push
![Page 15: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/15.jpg)
Running your application
cf● Blocks until app is
started● Gives you logs
k8s● Eventually starts your
containers● You need to take care
of what’s happening
![Page 16: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/16.jpg)
k8s● Container image● ConfigMap● Secret● Volume
Configuring your application
cf● Env variables
![Page 17: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/17.jpg)
k8s● Creating a Service
○ ENV variables○ DNS
● IaaS specific
Accessing your application
cf● https://myapp.cfapps.i
o
![Page 18: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/18.jpg)
k8s● Direct● Using a Service
App to App communication
cf● https://myapp.cfapps.i
o
![Page 19: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/19.jpg)
k8s● Volumes (IaaS-specific)● User-provided service● Self-hosted service
Storing state
cf● Marketplace● User-provided service
![Page 20: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/20.jpg)
Storing state
![Page 21: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/21.jpg)
k8s
Viewing logs
cf
$ kubectl logs $ cf logs
![Page 22: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/22.jpg)
k8s
Attaching to your Application (ssh)
cf
$ kubectl exec
$ kubectl \ port-forward
$ cf ssh
![Page 23: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/23.jpg)
k8s● Labels
○ env=test○ env=prod○ env=prod
● Namespaces
Environment isolation
cf● Organizations and
spaces
![Page 24: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/24.jpg)
K8s Labels
![Page 25: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/25.jpg)
k8s● Global or namespace● User-described, based
on rules
Role-based access control
cf● Global, org or space● Predefined roles
![Page 26: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/26.jpg)
K8s roles example
rules:- apiGroups: [""] resources: ["pods"] verbs: ["get", "list", "watch"]
- apiGroups: [""] resources: ["configmaps"] resourceNames: ["my-config"] verbs: ["get"]
![Page 27: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/27.jpg)
k8s● Memory & CPU● Request resources● Limit resources
Resource restriction
cf● Memory
![Page 28: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/28.jpg)
K8s resource: request & limit
containers: - name: frontend image: wordpress resources: requests: memory: "64Mi" cpu: "250m" limits: memory: "128Mi" cpu: "500m"
![Page 29: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/29.jpg)
k8s● Restart on crash with
backoff● Liveness probes - is app alive● Readiness probes - is app
ready to serve requests● Customizable - TCP, HTTP,
custom command
Health management
cf● Restart on crash● Health checks - TCP, HTTP,
PID
![Page 30: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/30.jpg)
Readiness & Liveness
livenessProbe: exec: command: - cat - /tmp/healthy initialDelaySeconds: 5 periodSeconds: 2
![Page 31: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/31.jpg)
Running locally
![Page 32: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/32.jpg)
k8s
$ minikube start
$ minikube addons \ enable efk
Attaching to your Application (ssh)
cf
$ vagrant up$ bosh target$ bosh deploy
![Page 33: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/33.jpg)
Containers
![Page 34: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/34.jpg)
k8s● User provided● Privileged● Root● Stateless or stateful
Containers
cf
● Platform-created● Non-privileged● Rootless● Stateless
![Page 35: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/35.jpg)
Usage Scenarios
![Page 36: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/36.jpg)
k8s● Out of the box support● 3rd party components
integration (e.g. Prometheus)
Application Monitoring using PULL
cf
● Different URL for each app instance (hack)
![Page 37: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/37.jpg)
Multiple processes
cf
● Multiple processes?
k8s● Pods - group of one or
more containers with shared storage & network
![Page 38: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/38.jpg)
● Sidecar - extend and enhance the "main" container
K8s Sidecar
![Page 39: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/39.jpg)
● Ambassador - proxy a local connection to the world
K8s Ambassador
![Page 40: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/40.jpg)
● Adapter - standardize and normalize output
K8s Adapters
![Page 41: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/41.jpg)
k8sStateful & Feature-rich
![Page 42: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/42.jpg)
cfStateless & Simple
![Page 43: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/43.jpg)
THANKS!Any questions?
![Page 44: K8s vs Cloud Foundry](https://reader033.fdocuments.us/reader033/viewer/2022051504/5a6479107f8b9a70568b45bb/html5/thumbnails/44.jpg)
Credits
Special thanks to all the people who made and released these awesome resources for free:✘ Presentation template by SlidesCarnival✘ Photographs by Unsplash