Kubernetes Workshop
-
Upload
loodse -
Category
Technology
-
view
161 -
download
2
Transcript of Kubernetes Workshop
Kubernetes Overview
Sebastian Scheele
What is this Docker thing?• A company?
• A format?
• An API?
Basic Docker components
3
Kube what?
4
KubernetesGreek for “Helmsman”; also the root of the words
“governor” and “cybernetic”
• Runs and manages containers• Inspired and informed by Google’s experiences and
internal systems• Supports multiple cloud and bare-metal
environments• Supports multiple container runtimes• 100% Open source, written in Go
Manage applications, not machines
Everything at Google runs in containers:
•Gmail, Web Search, Maps, ...•MapReduce, batch, ...•GFS, Colossus, ...•Even Google’s Cloud Platform: VMs
run in containers!
Google launch over 2 billion containers per week
Start with a Cluster• Laptop to high-availability multi-node cluster• Hosted or self managed• On-Premise or Cloud• Bare Metal or Virtual Machines• Most OSes (inc. RedHat Atomic, Fedora, CentOS)• Or just a bunch of Raspberry Pis• Many options, See Matrix for details
Kubernetes Cluster Matrix: http://bit.ly/1MmhpMW
etcd
scheduler
controller-manager
apiserver
kubelet docker
kube-proxy iptables
1. User sends Pod request to API server
2. API server saves pod info to etcd (unscheduled)
3. Scheduler finds unscheduled pod and schedules it to node.
4. Kubelet sees pod scheduled to it and tells docker to run the container.
5. Docker runs the container.
1
2
5
3
4
Kubelet Kubelet Kubelet
Kubernetes Master
Scheduler
API Server
Start with a Cluster
Picture of Whales
The atom of scheduling for containersRepresents an application specific logical hostHosts containers and volumesEach has its own routable (no NAT) IP addressEphemeral• Pods are functionally identical and
therefore ephemeral and replaceablePod
Web Server
Volume
Consumers
A pod of whales containers
Pods
Pod
GitSynchronizer
Node.js App Container
Volume
Consumersgit RepoCan be used to group multiple containers & shared volumes Containers within a pod are tightly coupledShared namespaces• Containers in a pod share IP, port and IPC
namespaces• Containers in a pod talk to each other
through localhost
Pod Networking (across nodes)Pods have IPs which are routablePods can reach each other without NAT• Even across nodes
No Brokering of Port NumbersThese are fundamental requirements
Many solutions• GCE Advanced Routes, AWS Flannel, Weave,
OpenVSwitch, Cloud Provider
10.1.2.0/24
10.1.1.0/24
10.1.1.211 10.1.1.2
10.1.2.106
10.1.3.0/24
10.1.3.4510.1.3.17
10.1.3.0/24
Client
Pod
Container
Pod
Container
Pod
ContainerContainer
A logical grouping of pods that perform the same function• grouped by label selector
Load balances incoming requests across constituent pods
Choice of pod is random but supports session affinity (ClientIP)
Gets a stable virtual IP and port• also a DNS nametype = FE
Services
Service
Label selector: type = FE
VIP
type = FE type = FE type = FE
Pod Pod
frontend
Pod
frontend
Pod Pod
type = FE
version = v2
type = FE version = v2
● Metadata with semantic meaning
● Membership identifier
● The only Grouping Mechanism
Behavior Benefits➔ Allow for intent of many users (e.g. dashboards)
➔ Build higher level systems …
➔ Queryable by Selectors
Labels
Dashboard
selector: type = FE
Dashboard
selector: version = v2
Replication Controller Pod Pod
frontend
Pod
frontend
Pod Pod
Replication Controller
#pods = 1version = v2
show: version = v2
version= v1 version = v1 version = v2
Replication Controller
#pods = 2version = v1
show: version = v2Behavior Benefits
● Keeps Pods running
● Gives direct control of Pods
● Grouped by Label Selector
➔ Recreates Pods, maintains desired state
➔ Fine-grained control for scaling
➔ Standard grouping semantics
Replication Controllers
Replication Controllers
Replication Controller- Name = “backend”- Selector = {“name”: “backend”}- Template = { ... }- NumReplicas = 4
API Server
3
Start 1 more
OK 4
How many?
How many?
Canonical example of control loops
Have one job: ensure N copies of a pod• if too few, start new ones• if too many, kill some• group == selector
Replicated pods are fungible• No implied order or identity
Pod Pod
frontend
Pod
frontend
Pod Pod
type = FE
version = v2
type = FE version = v2
● Metadata with semantic meaning
● Membership identifier
● The only Grouping Mechanism
Behavior Benefits➔ Allow for intent of many users (e.g. dashboards)
➔ Build higher level systems …
➔ Queryable by Selectors
Labels
Dashboard
selector: type = FE
Dashboard
selector: version = v2
Rolling Update
kubectl rolling-update
API
kubectl rolling-update
Create frontend-rc-v2
kubectl rolling-update
Create frontend-rc-v2
Scale frontend-rc-v2 up to 1
kubectl rolling-update
Create frontend-rc-v2
Scale frontend-rc-v2 up to 1
Scale frontend-rc-v1 down to 1
kubectl rolling-update
Create frontend-rc-v2
Scale frontend-rc-v2 up to 1
Scale frontend-rc-v1 down to 1
Scale frontend-rc-v2 up to 2
kubectl rolling-update
Create frontend-rc-v2
Scale frontend-rc-v2 up to 1
Scale frontend-rc-v1 down to 1
Scale frontend-rc-v2 up to 2
Scale frontend-rc-v1 down to 0
kubectl rolling-update
Scale frontend-rc-v2 up to 1
Scale frontend-rc-v1 down to 1
Scale frontend-rc-v2 up to 2
Scale frontend-rc-v1 down to 0
Delete frontend-rc-v1 Pod Pod
frontend
Pod
version = v1version = v2version= v1
RCversion = v1type = BE#pods = 2
show: version = v2
type = BE type = BE
RCversion = v2type = BE#pods = 0
show: version = v2
Pod
version = v2
type = BE
kubectl rolling-update is imperative, client-side
RCversion = v1type = BE#pods = 2
show: version = v2
RCversion = v1type = BE#pods = 1
show: version = v2
RCversion = v1type = BE#pods = 0
show: version = v2
RCversion = v2type = BE#pods = 1
show: version = v2
RCversion = v2type = BE#pods = 2
show: version = v2
be-svc
Deployment
RS
RS
Pod Pod Pod
env: test env: test env: test
Pod
env: test
version: v2
version: v2
version: v2
version: v2
Reliable mechanism for creating, updating and managing Pods
Deployment manages replica changes, including rolling updates and scaling
Edit Deployment configurations in place with kubectl edit or kubectl apply
Managed rollouts and rollbacks
Status: BETA in Kubernetes v1.2
Deployments: Updates as a Service
...
Pod Pod
frontend
Pod
frontend
Pod Pod
env = qa env = test
● env = prod
● tier != backend
● env = prod, tier !=backend
Expressions● env in (test,qa)
● release notin (stable,beta)
● tier
● !tier
Generalized Labels (1.2)
env = prod
Pod
env = prod
Dashboard
selector: env = notin(prod)
Replication Controller Pod Pod
frontend
Pod
frontend
Pod Pod
app = demo app = demo app = demo
ReplicaSet
#pods = 3app = democolor in (blue,grey)show: version = v2
Similar to ReplicationController but supports generalized Selectors
ReplicaSets (1.2)
selector: matchLabels: app: demo matchExpressions: - {key: color, operator: In, values: [blue,grey]}
color = blue color = blue color = grey
Rollout
API
DeploymentDeployment
Create frontend-1234567
Deployment
Create frontend-1234567
Scale frontend-1234567 up to 1
Deployment
Create frontend-1234567
Scale frontend-1234567 up to 1
Scale frontend-7654321 down to 0
Pod Pod
frontend
Pod
version = v1
ReplicaSet
frontend-1234567version = v2type = BE#pods = 0
show: version = v2
ReplicaSet
frontend-7654321version = v1type = BE#pods = 2
version: v2
ReplicaSet
frontend-7654321version: v1type: BE#pods = 0
version: v1
ReplicaSet
frontend-1234567version = v2type = BE#pods = 1
show: version = v2
ReplicaSet
frontend-1234567version: v2type: BE#pods = 2
type = BE type = BE
Pod
version: v2
type = BE
Service
be-svc
Deployment
Create frontend-1234567
Scale frontend-1234567 up to 1
Scale frontend-7654321 down to 0
Scale frontend-1234567 up to 2
kubectl edit deployment ...
Thank youwww.loodse.com
@Loodse
github.com/loodse/