Kubernetes, Toolbox to fail or succeed for beginners - Demi Ben-Ari, VP R&D @ Panorays
Download as PPTX, PDF•1 like•423 views
Kubernetes (K8s) is a tool for managing containerized applications across multiple servers. It allows deploying and managing containerized applications without relying on virtual machines. Kubernetes can schedule containers across a cluster of nodes, provide basic health checking and restart policies, load balancing, storage orchestration and more. Some key Kubernetes concepts include pods, deployments, services, replication controllers and volumes. Kubernetes is well suited for microservices architectures as it helps manage the scaling and networking needs of distributed applications.
Kubernetes, Toolbox to fail or succeed for beginners - Demi Ben-Ari, VP R&D @ Panorays
- 1. Kubernetes (K8s) Toolbox to fail or succeed for beginners Demi Ben-Ari @ Panorays
- 3. Some important things ● What I’m not: Docker / Kubernetes / Security Expert ● What you won’t be after this talk: Docker / Kubernetes / Security Expert ● What you will be after this talk? ● Happier people (Because I’ve stopped talking) ● You’ll know what was our problem and our way of solution ● You’ll know where to search and learn more things ● The answer to the “What’s the meaning of life?” (42)
- 4. About Us Demi Ben-Ari, Co-Founder & VP R&D @ Panorays ● Google Developer Expert ● Co-Founder of Communities: ○ “Big Things” - Big Data, Data Science, DevOps ○ Google Developer Group Cloud ○ Ofek Alumni Association In the Past: ● Sr. Data Engineer - Windward ● Team Leader & Sr. Java Software Engineer, Missile defence and Alert System - “Ofek” – IAF
- 5. What do we do at Panorays?
- 6. How Do Hackers Get to Third Parties? Supplier Employees IT & Network Application - Confidential -7p. 52% by the Human Factor
- 7. What makes Panorays different? 360 360⁰ full perimeter overview Comprehensive outside-in simulated hacker view and inside-out view. No false positives You and suppliers can dispute or validate findings. Complete third-party management Panorays works with suppliers to close cyber gaps.
- 8. - Confidential - Inside-OutOutside-In BIG DATA ACTIONABLE INSIGHTSCONTEXT-BASED RATINGS Under the Hood
- 9. A bit about history
- 10. Applications Changing Loosely Coupled Services Many Small Servers ~2000 Today Monolithic Big Servers Slow changing Rapidly updated
- 11. Solution: Docker Containers Static Website Web Front End Background Workers User DB Analytics DB Queue API Endpoint Any App Anywher e Composable Dynamic Portable
- 15. Solution: Docker Containers • Packages up software binaries and dependencies • Isolates software from each other • Container is a standard format • Easily portable across environment • Allows ecosystem to develop around its standard Container
- 17. Docker Basics Docker Image The basis of a Docker container Docker Container The standard unit in which the application service resides Docker Engine Creates, ships and runs Docker containers deployable on physical or virtual host locally, in a datacenter or cloud service provider Docker Registry On-premises registry for image storing and collaboration
- 18. What’s an Image? ● An image is a collection of files + some meta data. (Technically: those files form the root filesystem of a container.) ● Images are made of layers, conceptually stacked on top of each other. ● Each layer can add, change, and remove files. ● Images can share layers to optimize disk usage, transfer times, and memory use.
- 19. What is a Container? ● Standardized packaging for software and dependencies ● Isolate apps from each other ● Share the same OS kernel ● Works for all major Linux distributions ● Containers native to Windows Server 2016
- 21. Like: Object Oriented Programming ● Images are conceptually similar to classes. ● Layers are conceptually similar to inheritance. ● Containers are conceptually similar to instances.
- 24. Why Services and Microservices Can work so Well
- 25. Monolith’s Weaknesses ● Team members can’t see the whole picture ● Unnecessary interdependencies are inevitable ● Deployments become scary ● Lump-Sum Technical Debt ● Limited Fault Isolation
- 27. We’ve created a “Microlith”
- 28. Small & Simple things are hard to break ● More Stable ● Easier to Debug / Fix ● Easier to Test
- 29. Which size is right?
- 30. Which size is right? ● How big is your team? ● What is your application like? ● What are the distinct pieces? ● What dat and / or logic must remain together? ● Can some parts be asynchronous? ● What pieces, when separated, will lower complexity and increase stability?
- 31. Weaknesses with Microservices ● DevOps skills are a must ● Orchestration becomes much more complex ● Architecture costs more of you time ● Testing can be more difficult ● Thinking more & build better software is mandatory
- 32. Community Top 0.01% of all GitHub projects 1,200+ external projects based on k8s Companies Contributing Companies Using 1,000+ unique contributors 15,000+ people signed up for k8s meetups
- 34. Kubernetes ● Greek for “Helmsman”; also the root of the words “governor” and “cybernetic”. ● Manages container clusters ● Inspired and informed by Google’s experience and an internal system (Borg) ● Supports multiple cloud and bare-metal environments ● 100% Open source, written in Go ● Manage applications, not Machines
- 35. Cattle vs. Pets CattlePet • Has a name • Is unique or rare • Personal Attention • If it gets ill, you make it better • Has a number • One is much like any other • Run as a group • If it gets ill, you make hamburgers
- 36. Kubernetes Terminology ● Deployment ● Service ● ReplicaSet ● Pod ● Volume ● Label ● Selector ● ConfigMap ● Secret ● DaemonSet ● Stateful Set ● Job ● Liveness Probe ● Readiness Probe
- 37. Why Kubernetes fits Microservices pattern?
- 38. Breaking a Monolith to Microservices
- 39. Identify Discrete Datasets ● Data is the centre of any application ● Decoupled data is as important as decoupled code ● Datasets often relate to departments of the business
- 40. What’s in it for you?
- 41. Containers are not enough - what about? ● Scaling up and down ● Scheduling ● Resiliency ● Redundancy ● Service Discovery ● Rolling out & back ● Access control ● Configs & Secrets
- 42. Advance stages of Implementation ● https://github.com/helm/helm ● https://helm.sh/ ● https://coreos.com/operators/ ● The Operator Framework is an open source project that provides developer and runtime Kubernetes tools, enabling you to accelerate the development of an Operator. The Operator Framework includes: https://kubernetes.io/docs/reference/tools/
- 43. Resources Learn More ● Links ○ http://kubernetes.io ○ Kubernetes documentation ○ Kubernetes user guide and troubleshooting guide ○ Kubernetes Github Repository ● Videos: ○ Kubernetes Cluster Federation Sneak Peek: https://www.youtube.com/watch?v=86jZdmAjWns Ask Questions ● Kubernetes on Stackoverflow: http://stackoverflow.com/questions/tagged/kubernetes Keep in Touch ● @kubernetesio: https://twitter.com/kubernetesio ● #kubernetes-users on Slack: http://slack.kubernetes.io ● Kubernetes-dev Google Group: https://groups.google.com/forum/#!forum/kubernetes-dev
- 44. Conclusions ● If you have a possibility -> Don’t implement distributed systems ● Kubernetes is a great container orchestration tool ● Installing it on bare metal is not that fun - but also possible ● “Perfect” is the enemy of “Working” / “Giving Value” ● It might be a steep learning curve.
- 45. Questions
- 46. Thank You