Kubernetes is a container cluster manager that aims to provide a platform for automating deployment, scaling, and operations of application containers across clusters of machines. It uses pods as the basic building block, which are groups of application containers that share storage and networking resources. Kubernetes includes control planes for replication, scheduling, and services to expose applications. It supports deployment of multi-tier applications through replication controllers, services, labels, and pod templates.
Prometheus is an open-source monitoring system that collects metrics from configured targets, stores time-series data, and allows users to query and visualize the data. It works by scraping metrics over HTTP from applications and servers, storing the data in its time-series database, and providing a UI and query language to analyze the data. Prometheus is useful for monitoring system metrics like CPU usage and memory as well as application metrics like HTTP requests and errors.
The document discusses Cloud NC's copyright policy which prohibits copying, modifying, or distributing their content publicly. It then introduces the speaker as an experienced software engineer passionate about cloud native technologies and site reliability engineering who has experience building mobile and microservices applications for leading financial services in Thailand and helping them migrate over 100 apps to Kubernetes.
This presentation starts with an introduction to the rationale behind automated deployments in Continuous Delivery and DevOps. Then, I compare agent-based architectures, such as Chef and Puppet with the agentless architecture of the server orchestration engine Ansible. The presentation concludes with an automated deployment of Dynatrace into a simulated production environment.
Why we chose Argo Workflow to scale DevOps at InVisionNebulaworks
As the DevOps team grows in size and start to form a multi DevOps team structure, it starts to experience growing pains such as working in silos, decreased velocity, or lack of collaboration. The solution is to standardize tools for automation and provide the building blocks of commonly used patterns readily available. This is where workflows come into play. Adopting Workflows provides a common scalable platform for DevOps engineers to automate, trigger, and execute repetitive tasks and therefore leads to increased efficiency and innovation.
Presented at GDG Devfest Ukraine 2018.
Prometheus has become the defacto monitoring system for cloud native applications, with systems like Kubernetes and Etcd natively exposing Prometheus metrics. In this talk Tom will explore all the moving part for a working Prometheus-on-Kubernetes monitoring system, including kube-state-metrics, node-exporter, cAdvisor and Grafana. You will learn about the various methods for getting to a working setup: the manual approach, using CoreOS’s Prometheus Operator, or using Prometheus Ksonnet Mixin. Tom will also share some little tips and tricks for getting the most out of your Prometheus monitoring, including the common pitfalls and what you should be alerting on.
Helm version 3 was recently released with new features and a new architecture to support those features. The changes to Helm and charts were based on feedback, changes to Kubernetes, and lessons learned in the past couple years.
Kubernetes Deployment Tutorial | Kubernetes Tutorial For Beginners | Kubernet...Edureka!
( Kubernetes Certification Training: https://www.edureka.co/kubernetes-certification )
This Edureka tutorial on "Kubernetes Deployment Tutorial " will help you understand the various concepts related to Deployment in Kubernetes. The topics included in this session are:
1. What is Kubernetes?
2. What is a Pod?
3. Replication Controller & ReplicaSet
4. Deployment Controllers
5. Deployment Use-Cases
DevOps Tutorial Blog Series: https://goo.gl/P0zAfF
Follow us to never miss an update in the future.
Instagram: https://www.instagram.com/edureka_learning/
Facebook: https://www.facebook.com/edurekaIN/
Twitter: https://twitter.com/edurekain
LinkedIn: https://www.linkedin.com/company/edureka
OpenStack dans la pratique: comment ça marche ?
Démonstration par Adrien CUNIN
Vous êtes administrateur système, développeur, décideur, et vous vous posez des questions sur le rôle et le fonctionnement d'OpenStack ?
• Quels besoins couvrent OpenStack ?
• Quels sont les différents composants ? Comment fonctionnent-ils ?
• Comment tirer partie d'une technologie cloud ?
Ces slides sont issues du meetup du mercredi 17 septembre dans les locaux de Mozilla à Paris.
> Des projets OpenStack ? Besoin de formations OpenStack intra- / inter- entreprise ?
Contactez-nous sur http://www.osones.com
Red Hat OpenShift 4 allows for automated and customized deployments. The Full Stack Automation method fully automates installation and updates of both the OpenShift platform and Red Hat Enterprise Linux CoreOS host operating system. The Pre-existing Infrastructure method allows OpenShift to be deployed on user-managed infrastructure, where the customer provisions resources like load balancers and DNS. Both methods use the openshift-install tool to generate ignition configs and monitor the cluster deployment.
This is a talk on how you can monitor your microservices architecture using Prometheus and Grafana. This has easy to execute steps to get a local monitoring stack running on your local machine using docker.
The document summarizes a presentation by Mauricio Salatino and Thomas Vitale on using Knative and Spring to build serverless applications and functions. It includes demos of deploying Spring Cloud Functions on Knative to create serverless containers from code and route events between functions. It also describes using Knative Eventing to build an event-driven game architecture with reactive functions.
This document provides an overview of setting up monitoring for MySQL and MongoDB servers using Prometheus and Grafana. It discusses installing and configuring Prometheus, Grafana, exporters for collecting metrics from MySQL, MongoDB and systems, and dashboards for visualizing the metrics in Grafana. The tutorial hands-on sets up Prometheus and Grafana in two virtual machines to monitor a MySQL master-slave replication setup and MongoDB cluster.
Intro to open source observability with grafana, prometheus, loki, and tempo(...LibbySchulze
This document provides an introduction to open source observability tools including Grafana, Prometheus, Loki, and Tempo. It summarizes each tool and how they work together. Prometheus is introduced as a time series database that collects metrics. Loki is described as a log aggregation system that handles logs at scale without high costs. Tempo is explained as a tracing system that allows tracing from logs, metrics, and between services. The document emphasizes that these tools can be run together to gain observability across an entire system from logs to metrics to traces.
The document discusses how to monitor microservices with Prometheus by designing effective metrics. It recommends focusing on key metrics like rate, errors, and duration based on the RED methodology. Prometheus is introduced as a time-series database that collects metrics via scraping. Effective metric naming practices and integrating Prometheus with applications using client libraries and exporters are also covered. A demo shows setting up Prometheus, Grafana, and Alertmanager to monitor a sample Python application.
- Discuss the role of Observability (Logging; Tracing; and Metric) in modern architecture.
- How to implement observability in Golang using OpenCensus.
- The 4 golden signals when designing the metrics.
- How to apply observability into the process.
This document discusses different JavaScript frameworks and architectures for building applications, including MVC frameworks like Ember and Angular, Flux architectures, and reactive architectures. It provides examples of how data and events flow in applications built with Ember, Flux, and reactive architectures. Code examples are given for todo list applications built with Ember, Flux, and reactive architectures.
Persistent Storage with Containers with Kubernetes & OpenShiftRed Hat Events
Manually configuring mounts for containers to various network storage platforms and services is tedious and time consuming. OpenShift and Kubernetes provides a rich library of volume plugins that allow authors of containerized applications (Pods) to declaratively specify what the storage requirements for the containers are so that OpenShift can dynamically provision and allocate the storage assets for the specified containers. As the author of the Kubernetes Persistent Volume specification, I will provide an overview of how Persistent Volume plugins work in OpenShift, demo block storage and file storage volume plugins and close with the Red Hat storage roadmap.
Presented at LinuxCon/ContainerCon by Mark Turansky, Principal Software Engineer, Red Hat
Mark Turansky is a Principal Software Engineer at Red Hat and a full-time contributor to the Kubernetes Project. Mark is the author of the Kubernetes Persistent Volume specification and a member of the Red Hat OpenShift Engineering team.
Kubernetes in 20 minutes - HDE Monthly Technical Session 24lestrrat
This document provides a high-level overview of Kubernetes concepts including nodes, pods, replica sets, deployments, services, secrets, configmaps, ingress, daemon sets, and pet sets. It discusses how Kubernetes manages and schedules containers across a cluster and provides mechanisms for updating applications, handling traffic, and configuring containers. The presentation encourages attendees to try Kubernetes on Google Cloud Platform and Google Kubernetes Engine and invites them to join a Slack channel to learn more.
Checking in your deployment configuration as code
Helm is a tool that streamlines the creation, deployment and management of your Kubernetes-native applications. In this talk, we take a look at how Helm enables you to manage your deployment configurations as code, and demonstrate how it can be used to power your continuous delivery (CI/CD) pipeline.
Video: https://youtu.be/C_u4_l84ED8
Karl Isenberg reviews the history of distributed computing, clarifies terminology for layers in the container stack, and does a head to head comparison of several tools in the space, including Kubernetes, Marathon, and Docker Swarm. Learn which features and qualities are critical for container orchestration and how you can apply this knowledge when evaluating platforms.
Idea to Production - with Gitlab and KubernetesSimon Dittlmann
Setting up a continuous delivery pipeline form scratch with gitlab.com and Kubernetes (Google Container Service GKE) on Google Cloud Platform.
The entire source code is available at https://github.com/Pindar/gcloud-k8s-express-app
Blog post https://www.itnotes.de/gitlab/kubernetes/k8s/gke/gcloud/2017/03/05/idea-to-production-with-gitlab-and-kubernetes/
Stateful set in kubernetes implementation & usecases Krishna-Kumar
This document summarizes a presentation on StatefulSets in Kubernetes. It discusses why StatefulSets are useful for running stateful applications in containers, the differences between stateful and stateless applications, how volumes are used in StatefulSets, examples of running single-instance and multi-instance stateful applications like Zookeeper, and the current status and future roadmap of StatefulSets in Kubernetes.
Continuous delivery of microservices with kubernetes - Quintor 27-2-2017Arjen Wassink
Kubernetes is an open-source system for automating deployment, scaling, and management of containerized applications. It groups containers that make up an application into logical units for easy management and discovery. Kubernetes can deploy containerized applications as microservices and provide mechanisms to update them without downtime using techniques like rolling updates. It also provides tools for service discovery, load balancing, storage orchestration, auto-scaling, self-healing, and more.
The document discusses Kubernetes networking. It describes how Kubernetes networking allows pods to have routable IPs and communicate without NAT, unlike Docker networking which uses NAT. It covers how services provide stable virtual IPs to access pods, and how kube-proxy implements services by configuring iptables on nodes. It also discusses the DNS integration using SkyDNS and Ingress for layer 7 routing of HTTP traffic. Finally, it briefly mentions network plugins and how Kubernetes is designed to be open and customizable.
This document discusses Kubernetes usage at VMware SAAS. It covers dynamic provisioning of applications on Kubernetes, monitoring tools used like DataDog and Log Insight, and best practices for upgrading Kubernetes clusters. Key points include using stateless applications where possible, service discovery using Kubernetes services, dynamic provisioning using an onboarding service, and performing rolling upgrades for stateful applications to minimize downtime.
Kubernetes Basis: Pods, Deployments, and ServicesJian-Kai Wang
Kubernetes is a container management platform and empowers the scalability to the container. In this repository, we address the issues of how to use Kubernetes with real cases. We start from the basic objects in Kubernetes, Pods, deployments, and Services. This repository is also a tutorial for those with advanced containerization skills trying to step into the Kubernetes. We also provide several YAML examples for those looking for quickly deploying services. Please enjoy it and let's start the journey to Kubernetes.
DockerCon 2022 - From legacy to Kubernetes, securely & quicklyEric Smalling
You’ve been developing software for years and now your team is ready to take the plunge into orchestrated containers and Kubernetes. You’ve learned about containers, images, and Dockerfiles, but standing up a Kubernetes cluster and actually running your app in it seems like a daunting task.
In this session, we’ll go over the basics to get your app up and running in Kubernetes right on your own workstation using Docker Desktop. On the way, we’ll cover some of the security aspects you need to keep in mind and show you how to implement them in your Kubernetes manifests.
We’ll go over:
1.) Kubernetes basics, including pods, deployments, and services
2.) Moving a legacy app into a container and running it in Kubernetes
3.) Some security best practices to watch out for — and what can happen if you don’t
4.) Implementing those best practices to defend against and limit the blast radius of an attack
K8s in 3h - Kubernetes Fundamentals TrainingPiotr Perzyna
Kubernetes (K8s) is an open-source system for automating deployment, scaling, and management of containerized applications. This training helps you understand key concepts within 3 hours.
Dayta AI Seminar - Kubernetes, Docker and AI on CloudJung-Hong Kim
Kubernetes is an open-source system for automating deployment, scaling, and management of containerized applications. It groups containers that make up an application into logical units for easy management and discovery. Kubernetes services expose these units to enable dynamic load balancing while maintaining session affinity. It also provides self-healing capabilities by restarting containers that fail, replacing them, and killing containers that don't respond to their health check.
Get you Java application ready for Kubernetes !Anthony Dahanne
In this demos loaded talk we’ll explore the best practices to create a Docker image for a Java app (it’s 2019 and new comers such as Jib, CNCF buildpacks are interesting alternatives to Docker builds !) - and how to integrate best with the Kubernetes ecosystem : after explaining main Kubernetes objects and notions, we’ll discuss Helm charts and productivity tools such as Skaffold, Draft and Telepresence.
Automate drupal deployments with linux containers, docker and vagrant Ricardo Amaro
This document discusses strategies for automating Drupal deployments using Linux containers, Vagrant, and Docker. It begins with an overview of virtual machines and their disadvantages compared to containers. It then covers using Linux containers (LXC), Vagrant, and Docker to build and deploy containerized Drupal environments that can be easily reproduced and deployed across different systems. The document provides examples of building Drupal containers using LXC, Vagrant, and Docker that take advantage of their portability and reproducibility.
Docker Essentials Workshop— Innovation Labs July 2020CloudHero
This presentation was the foundation of our Docker Essentials workshop hosted by CloudHero CEO & founder Andrei Manea for the Innovation Labs team on the 23rd of July 2020.
This presentation covers the following topics:
-Getting started with containers
-A bit of history about orchestration
-Introduction to services (what they are, how to create and scale them).
To find out more about this topic, check https://cloudhero.io/
Kubernetes is designed to be an extensible system. But what is the vision for Kubernetes Extensibility? Do you know the difference between webhooks and cloud providers, or between CRI, CSI, and CNI? In this talk we will explore what extension points exist, how they have evolved, and how to use them to make the system do new and interesting things. We’ll give our vision for how they will probably evolve in the future, and talk about the sorts of things we expect the broader Kubernetes ecosystem to build with them.
This document discusses using containers and Kubernetes for local development and deployment of Laravel applications. It begins with an introduction to containers using Docker and Docker Compose. It then discusses using Kubernetes to distribute applications across multiple hosts for production. Key concepts covered include pods, deployments, services, configmaps, and using YAML files for declarative configuration in Kubernetes. The document provides recommendations for using tools like Laradock and Larakube to simplify deploying Laravel in containers and Kubernetes.
Running Docker in Development & Production (DevSum 2015)Ben Hall
This document provides an overview of Docker containers and how to use Docker for development and production environments. It discusses Docker concepts like images, containers, and Dockerfiles. It also demonstrates how to build images, run containers, link containers, manage ports, and use Docker Compose. The document shows how Docker can be used to develop applications using technologies like ASP.NET, Node.js, and Go. It also covers testing, deploying to production, and optimizing containers for production.
JDO 2019: Tips and Tricks from Docker Captain - Łukasz LachPROIDEA
The document provides tips and tricks for using Docker including:
1) Installing Docker on Linux in an easy way allowing choice of channel and version.
2) Setting up a local Docker Hub mirror for caching and revalidating images.
3) Using docker inspect to find containers that exited with non-zero codes or show commands for running containers.
4) Organizing docker-compose files with extensions, environment variables, anchors and aliases for well structured services.
A small introduction to get started on Kubernetes as a user. This explains the main concepts like pod, deployment and services and gives some hints to help you use kubectl command.
These slides were presented in Grenoble Docker meetup in November 2017.
Open Source Summit 2018, Vancouver (Canada): Workshop by Josef Adersberger (@adersberger, CTO at QAware) and Michael Frank (Software Architect at QAware)
Abstract:
Istio service mesh is a thrilling new tech that helps getting a lot of technical stuff out of your microservices (circuit breaking, observability, mutual-TLS, ...) into the infrastructure - for those who are lazy (aka productive) and want to keep their microservices small. Come one, come all to the Istio playground:
(1) We provide an overview of all current Istio features on a YAML and CLI level.
(2) We guide you through the installation of Istio on a local Kubernetes cluster.
(3) We bring a small sample application.
(4) We provide assistance in the case you get stuck ... and it's up to you to explore and tinker with Istio on your own paths and with your own pace.
*** Please find prerequisites and content here: https://github.com/adersberger/istio-playground ***
The Nova driver for Docker has been maturing rapidly since its mainline removal in Icehouse. During the Juno cycle, substantial improvements have been made to the driver, and greater parity has been reached with other virtualization drivers. We will explore these improvements and what they mean to deployers. Eric will additionally showcase deployment scenarios for the deployment of OpenStack itself inside and underneath of Docker for powering traditional VM-based computing, storage, and other cloud services. Finally, users should expect a preview of the planned integration with the new OpenStack Containers Service effort to provide automation of advanced containers functionality and Docker-API semantics inside of an OpenStack cloud.
Note that the included Heat templates are NOT usable. See the linked Heat resources for viable templates and examples.
This document discusses Docker container networking and publishing applications securely with Docker Enterprise. It provides an overview of key Kubernetes networking concepts like pods, services, ingress and network policies. It then details how Docker Enterprise integrates with Calico for container networking and policy-driven security. The integration provides connectivity between pods and services out of the box. It also allows enforcing network policies and zero-trust security through Calico's policy engine. The document concludes with demos of publishing sample applications using Docker Swarm services and Kubernetes ingress resources.
This document provides an agenda for a one-day Docker introduction workshop. It includes an introduction to Docker tools and concepts like containers vs VMs, the Docker ecosystem and tools, Linux and Docker command line usage, Docker Engine, Docker Hub, Docker images, networking and volumes. It also covers deploying Docker images to Azure PaaS, Docker Compose, building ARM images on x86 machines, and a TensorFlow demo. The workshop aims to provide attendees with foundational Docker knowledge and hands-on experience through examples and exercises.
This document discusses using Docker to deploy a multi-container web application stack. It first describes using Docker Compose to define and run the application services together. It then details the configuration of an Nginx proxy container, application services like PHP, MySQL, and Redis, and supporting containers for log rotation. Finally, it explains how to set up additional application instances by replicating the stack configuration.
Kubernetes is exploding in popularity right now and has all the buzz and cargo-culting that Docker enjoyed just a few years ago. But what even is Kubernetes? How do I run my PHP apps in it? Should I run my PHP apps in it ?
A brief introduction to quadcopter (drone) working. It provides an overview of flight stability, dynamics, general control system block diagram, and the electronic hardware.
Software Engineering and Project Management - Introduction to Project ManagementPrakhyath Rai
Introduction to Project Management: Introduction, Project and Importance of Project Management, Contract Management, Activities Covered by Software Project Management, Plans, Methods and Methodologies, some ways of categorizing Software Projects, Stakeholders, Setting Objectives, Business Case, Project Success and Failure, Management and Management Control, Project Management life cycle, Traditional versus Modern Project Management Practices.
In May 2024, globally renowned natural diamond crafting company Shree Ramkrishna Exports Pvt. Ltd. (SRK) became the first company in the world to achieve GNFZ’s final net zero certification for existing buildings, for its two two flagship crafting facilities SRK House and SRK Empire. Initially targeting 2030 to reach net zero, SRK joined forces with the Global Network for Zero (GNFZ) to accelerate its target to 2024 — a trailblazing achievement toward emissions elimination.
Exploring Deep Learning Models for Image Recognition: A Comparative Reviewsipij
Image recognition, which comes under Artificial Intelligence (AI) is a critical aspect of computer vision,
enabling computers or other computing devices to identify and categorize objects within images. Among
numerous fields of life, food processing is an important area, in which image processing plays a vital role,
both for producers and consumers. This study focuses on the binary classification of strawberries, where
images are sorted into one of two categories. We Utilized a dataset of strawberry images for this study; we
aim to determine the effectiveness of different models in identifying whether an image contains
strawberries. This research has practical applications in fields such as agriculture and quality control. We
compared various popular deep learning models, including MobileNetV2, Convolutional Neural Networks
(CNN), and DenseNet121, for binary classification of strawberry images. The accuracy achieved by
MobileNetV2 is 96.7%, CNN is 99.8%, and DenseNet121 is 93.6%. Through rigorous testing and analysis,
our results demonstrate that CNN outperforms the other models in this task. In the future, the deep
learning models can be evaluated on a richer and larger number of images (datasets) for better/improved
results.
Social media management system project report.pdfKamal Acharya
The project "Social Media Platform in Object-Oriented Modeling" aims to design
and model a robust and scalable social media platform using object-oriented
modeling principles. In the age of digital communication, social media platforms
have become indispensable for connecting people, sharing content, and fostering
online communities. However, their complex nature requires meticulous planning
and organization.This project addresses the challenge of creating a feature-rich and
user-friendly social media platform by applying key object-oriented modeling
concepts. It entails the identification and definition of essential objects such as
"User," "Post," "Comment," and "Notification," each encapsulating specific
attributes and behaviors. Relationships between these objects, such as friendships,
content interactions, and notifications, are meticulously established.The project
emphasizes encapsulation to maintain data integrity, inheritance for shared behaviors
among objects, and polymorphism for flexible content handling. Use case diagrams
depict user interactions, while sequence diagrams showcase the flow of interactions
during critical scenarios. Class diagrams provide an overarching view of the system's
architecture, including classes, attributes, and methods .By undertaking this project,
we aim to create a modular, maintainable, and user-centric social media platform that
adheres to best practices in object-oriented modeling. Such a platform will offer users
a seamless and secure online social experience while facilitating future enhancements
and adaptability to changing user needs.
Development of Chatbot Using AI/ML Technologiesmaisnampibarel
The rapid advancements in artificial intelligence and natural language processing have significantly transformed human-computer interactions. This thesis presents the design, development, and evaluation of an intelligent chatbot capable of engaging in natural and meaningful conversations with users. The chatbot leverages state-of-the-art deep learning techniques, including transformer-based architectures, to understand and generate human-like responses.
Key contributions of this research include the implementation of a context- aware conversational model that can maintain coherent dialogue over extended interactions. The chatbot's performance is evaluated through both automated metrics and user studies, demonstrating its effectiveness in various applications such as customer service, mental health support, and educational assistance. Additionally, ethical considerations and potential biases in chatbot responses are examined to ensure the responsible deployment of this technology.
The findings of this thesis highlight the potential of intelligent chatbots to enhance user experience and provide valuable insights for future developments in conversational AI.
Encontro anual da comunidade Splunk, onde discutimos todas as novidades apresentadas na conferência anual da Spunk, a .conf24 realizada em junho deste ano em Las Vegas.
Neste vídeo, trago os pontos chave do encontro, como:
- AI Assistant para uso junto com a SPL
- SPL2 para uso em Data Pipelines
- Ingest Processor
- Enterprise Security 8.0 (Maior atualização deste seu release)
- Federated Analytics
- Integração com Cisco XDR e Cisto Talos
- E muito mais.
Deixo ainda, alguns links com relatórios e conteúdo interessantes que podem ajudar no esclarecimento dos produtos e funções.
https://www.splunk.com/en_us/campaigns/the-hidden-costs-of-downtime.html
https://www.splunk.com/en_us/pdfs/gated/ebooks/building-a-leading-observability-practice.pdf
https://www.splunk.com/en_us/pdfs/gated/ebooks/building-a-modern-security-program.pdf
Nosso grupo oficial da Splunk:
https://usergroups.splunk.com/sao-paulo-splunk-user-group/
4. | Page
Docker?
Going back in time , most applications were deployed directly on physical hardware.
● Single userspace.
● Shared runtime env between applications.
● Hardware resources generally underutilized.
5. | Page
To overcome the limitation of shared runtime env ,
underutilized resources and more. The IT industry
adopted virtualization with hypervisor such as KVM
, ESX and more.
Docker?
6. | Page
Moving from VM => “Virtual OS” :
● We removed the hypervisor layer to reduce
complexity.
● The containers approach is to package each application
with all dependencies runtime environment.
● We have different application running on the same
host and isolated using the containers technology.
Docker?
8. | Page
Docker: Application centric.
● A clean, safe, portable runtime environment for your app.
● No more worries about missing dependencies, packages
and other pain points during deployments.
● Run each app in its own isolated container (fs , cgroup ,
pid etc ….)
● Easy to pack into a box and super portable.
Build once... (finally) run anywhere*
Docker?
9. | Page
Docker’s architecture
● Docker uses client server architecture.
● server: running the Docker daemon.
● Client: communicate with the server via sockets or RESTful API .
● Docker registry: public or private stores from which the server upload or download images
● The client can run on any host.
11. | Page
The name Kubernetes originates from Greek, meaning
“helmsman” or “pilot””(WiKi).
A helmsman or helm is a person who steers a ship, sailboat, submarine...
Kubernetes - κυβερνήτης
12. | Page
More facts:
● Originated at Google (Borg).
● Supports multiple cloud and bare-metal environments
● Supports multiple container runtimes (Docker , rkt)
● 100% Open source, written in Go
● k8s is an abbreviation derived by replacing the 8 letters “ubernete” with 8.
Manage containerized applications , not machines.
Kubernetes ?
Kubernetes is a container cluster manager. It aims to provide a
"platform for automating deployment, scaling, and operations of
application containers across clusters of machines.
13. | Page
Deploy single tier single container APP is “easy”
Deploying a complex multi tier APP is more difficult
● One or more containers.
● replication of containers.
● Persistent storage.
Deploying lots of complex APPs (microservices) can be a challenge.
More Info...
Why kubernetes ?
14. | Page
Control Plane
Node Controller
Replication Controller
Endpoints Controller
Service Account
Token Controllers
And more...`
architecture
15. | Page
A node is a physical or virtual machine
running Kubernetes, onto which pods
can be scheduled.
Node
operating system
kubelet
kube-proxy
k8s
16. | Page
Kubectl - get (Display one or many resources)
1. List kubernetes nodes.
kubectl get nodes
kubectl get nodes --context=kube-aws
DEMO
17. | Page
Pod is a Small group of co-located containers with optionally shared
volume between the containers.
Pods are the basic deployment unit in Kubernetes.
● Shared namespace
○ Share IP address , localhost
○ Every pod gets a unique IP
● Managed Lifecycle
○ Bound to a node , in place restart
○ Cannot move between nodes
Pod(po)
18. | Page
Pod(po) - yaml manifest
apiVersion: v1
kind: Pod
metadata:
labels:
phase: prod
role: frontend
name: myfirstpod
name: myfirstpod
spec:
containers:
- name: filepuller
image: sliranc/filepuller:latest
volumeMounts:
- mountPath: /usr/share/nginx/html
name: static-vol
- name: webserver
image: nginx:latest
ports:
- containerPort: 80
volumeMounts:
- mountPath: /usr/share/nginx/html
name: static-vol
volumes:
- name: static-vol
emptyDir: {}
Spec: is the specification of the
desired state of an object.
kind: System object resource
Examples: Pod, RC, Service etc...
19. | Page
kubectl
1. Create pod myfirstpod by filename.
kubectl create -f myfirst-pod.yaml
kubectl create -f myfirst-pod.yaml --context kube-aws
2. List pods.
kubectl get pods
kubectl get pods --context=kube-aws
DEMO
20. | Page
Label are key / value pairs - object metadata
● Label are attached to pods , services , rc or almost any other objects in k8s
● Can be used to organize or select subset of object.
● queryable by selectors
labels:
app: rcweb
phase: production
role: frontend
http://kubernetes.io/docs/user-guide/labels/
Labels
21. | Page
Label selector - query object using labels
● Can identify a set of objects
● Group a set of objects
● Used in svc and rc to select the monitored watched objects
replication controller selector example:
selector:
app: rcweb
phase: production
Selectors
22. | Page
direct traffic to pods
Defines a logical set of pods and a policy by which
to access them.
● are abstraction on top of the pods (LB)
● use selector to create the logical set of pods.
● Gets a stable virtual IP and Port.
● Cluster IP are only available inside k8s
services (svc)
Can define:
● What the 'internal' IP should be.(ClusterIP)
● What the 'external' IP should be. (NodePort , LoadBalancer)
● What port the service should listen on.
24. | Page
services (svc) - yaml manifest
apiVersion: v1
kind: Service
metadata:
name: myweb
spec:
ports:
- port: 80 # the port that this service should serve on.
# (e.g. 'www') or a number (e.g. 80)
targetPort: 80
protocol: TCP
# just like the selector in the replication controller,
# but this time it identifies the set of pods to load balance
traffic to.
selector:
name: myfirstpod
System object resource
Examples: Pod, RC, Service etc...
Spec is the specification of the
desired state of an object.
labels:
phase: prod
role: frontend
name: myfirstpod
26. | Page
Service Iptables mode:
Node X
Pod
Client A
Cluster IP(VIP)
Client B
Kube-Proxy
Kubelet
NodePort NodePort
Kube-Proxy
Pod 1 Pod 2 Pod 3
Iptables
27. | Page
Replication controller == pods supervisor
Ensures that a specified number of pod "replicas"
are running at any given time:
● Too many pods will trigger pods termination.
● Too few pods will trigger new pods creation.
● Main Goal = Replicas: x current / x desired.
replication controller will monitor all the pods
defined in the label selector.
replication controller (rc) ReplicaSet (rs)
ReplicationController
replica: 4
name: rcweb
selector:
app: rcweb
phase: production
28. | Page
apiVersion: v1
kind: ReplicationController
metadata:
name: rcweb
labels:
name: rcweb
spec:
replicas: 2
# selector identifies the set of pods that this replication controller is responsible for managing
selector:
app: rcweb
phase: production
# template defines the 'cookie cutter' used for creating new pods when necessary
template:
metadata:
labels:
app: rcweb
role: frontend
phase: production
name: rcwebpod
spec:
containers:
- name: staticweb
image: sliranc/rcweb:latest
Pod
Template
replication controller (rc) - yaml manifest
29. | Page
replication controller (rc) ReplicaSet
master
Node 1 Node 2
Replication controller
replica: 3
name: rcweb
selector:
app: rcweb
Phase: production
Pod 2
label:
app:rcweb
phase:production
Pod 1
label:
app:rcweb
phase:production
Pod 3
label:
app:rcweb
phase:production
Pod X
label:
app:my-app
phase:alpha
30. | Page
kubectl
1. create all resources in a directory.
kubectl create -f rcweb
kubectl get pods -l app=rcweb
kubectl describe svc/rcweb
kubectl rolling-update rcweb --image=sliranc/rcweb:v2 --update-period="10s"
DEMO
32. | Page
ConfigMap & Secrets
● ConfigMap is a resource available in kubernetes for managing
application configuration. The goal is to decouple the app
configuration from the image content in order to keep the
container portable and k8s agnostic.
● ConfigMap are key value pairs of configuration data.
http://kubernetes.io/docs/user-guide/configmap/
kind: ConfigMap
apiVersion: v1
metadata:
name: default-app
data:
db-host: MYDB
apiVersion: v1
kind: Pod
metadata:
name: test-default-app
spec:
containers:
- name: test-defaultapp
image:sliranc/rcweb
env:
- name: DB_HOST
valueFrom:
configMapKeyRef:
name: default-app
key: db-host
35. | Page
emptyDir
emptyDir is a temporary directory that
shares a pod's lifetime.
● Storage provider = Local host
● Files will be erased on pod deletion.
● Mounted by containers inside the pod.
emptyDir path on node:
/var/lib/kubelet/pods/<id>/volumes/kubernetes.io~empty-dir/<volume_name>
volumes:
- name: static-vol
emptyDir: {}
36. | Page
hostPath
hostPath is a bare host directory volume.
● Acts as data volume in Docker.
● Containers can RW files on localhost.
● There is no control on quota.
Volumes:
- name: static-vol
hostPath:
path: /target/path/on/host
37. | Page
PersistentVolume
Kubernetes provides
abstraction for volumes using
PersistentVolume (PV).
User - Claim PV using (PVC) persistentVolumeClaim
(pvc001 , pvc002)
PersistentVolume(PV)
nfs awsElasticBlockStore
rbdgcePersistentDisk
PersistentVolumeClaim(PVC)
Pod1 Pod2 Pod3
Admin - Creates pool of PVs (pv0001 , pv0002)
volumes:
- name: my-vol
persistentVolumeClaim:
claimName: "pvc001"
38. | Page
Multi tenancy in kubernetes.
● A single cluster should be able to satisfy the needs of multiple users or
groups of users.
Each user community has its own:
1. resources (pods, services, replication controllers, etc.)
2. policies (who can or cannot perform actions in their community)
3. constraints (this community is allowed this much quota, etc.)
Kubernetes starts with two initial namespaces:
default - The default namespace for objects with no other namespace.
kube-system - The namespace for objects created by the Kubernetes system
Namespaces
42. | Page
DNS
● The DNS add-on allows your services to have a DNS name
in addition to an IP address. This is helpful for simplified
service discovery between applications.
*As of Kubernetes 1.3, DNS is a built-in service launched automatically using the addon manager cluster add-on
43. | Page
Monitoring - Heapster
● Heapster enables monitoring and performance analysis in Kubernetes
Clusters. Heapster collects signals from kubelets(cadvisor) and the api
server, processes them, and exports them...
Heapster
sink
Data
push
Query
Master (API)Node (Kubelet)
48. | Page
DEMO
kubectl - describe
(Show details of a specific resource or group of resources)
1. describe a pod (po)
kubectl describe pod/myfirstpod
2. describe a service (svc) - check Endpoints
kubectl describe svc/myweb
3. describe a node
kubectl describe node/ctor-knb002
49. | Page
kubectl - logs (Print the logs for a container in a pod)
1. create logme pod from url.
kubectl create -f https://raw.githubusercontent.
com/sliranc/k8s_workshop/master/cli_demo/logme-pod.
yaml
2. Print the logs of a pod with one container
kubectl logs logme
3. stream the logs
kubectl logs -f logme
4. print the logs of a container filepuller in pod myfirstpod
kubectl logs myfirstpod -c filepuller
DEMO
50. | Page
kubectl - exec
(Execute a command in a container)
1. Inject bash to a single pod container
kubectl exec -it logme bash
ps -auxwww
exit
2. Inject bash to a multi container pod
kubectl exec -it myfirstpod -c webserver bash
ps -auxwww
exit
DEMO
51. | Page
kubectl
(Edit a resource from the default editor)
1. Edit ReplicationController
kubectl edit rc/rcweb
Restart pods
2. kubectl port-forward - forwards connections to a port on a pod
kubectl port-forward myfirstpod 8888:80
curl http://localhost:8888
DEMO
52. | Page
RedisSlave
Guestbook - DEMO
Deploy multi tier web_app - Guestbook
frontend - Pod
SVC - frontend
frontend - Pod
Pod
RedisMaster
SVC
RedisMaster
SVC
RedisSlave
Pod
RedisSlave
https://github.com/kubernetes/kubernetes/tree/master/examples/guestbook
53. | Page
Guestbook - DEMO
1. Create the replication controller for frontend
kubectl create -f gb-frontend-rc.yaml
2. Create the service for frontend
kubectl create -f gb-frontend-svc.yaml
3. Create the redis-master replication controller
kubectl create -f redis-master-rc.yaml
4. Create the service for redis-master
kubectl create -f redis-master-svc.yaml
5. Create the redis-slave replication controller
kubectl create -f redis-slave-rc.yaml
6. Create the service for redis-master
kubectl create -f redis-slave-svc.yaml
7. Get the external url for svc and browse to the website.
kubectl describe svc frontend
8. Delete all pods
Kubectl delete ...
9. Scale your rc
kubectl scale ...
10. Delete all resources svc , rc
DEMO
54. | Page
Pod Health checks
Liveliness Readiness
On failure Kill container Stop sending traffic to pod
Check types Http , exec , tcpSocket Http , exec , tcpSocket
Declaration example
(Pod.yaml)
livenessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: 8080
readinessProbe:
httpGet:
path: /status
port: 8080
55. | Page
Kubernetes - Proxies
1. Api-proxy
kubectl cluster-info
<kubernetes_master_address>/api/v1/proxy/namespaces/<namespace_name>/services/<service_name>[:port_name]
http://qtvr-kma01:8080/api/v1/proxy/namespaces/kube-system/services/kubernetes-dashboard
1. kubectl proxy - proxies from a localhost address to the apiserver
kubectl proxy
http://localhost:8001/api/v1/proxy/namespaces/kube-system/services/kubernetes-dashboard
2. Kube-proxy - proxies UDP and TCP - provides load balancing.
63. | Page
kubectl - kubernetes client.
1. Looking for Help...
kubectl help
Use "kubectl help [command]" for more information about a command
2. Version - get the server and client version.
kubectl version
3. Cluster info
kubectl cluster-info
*Display urls of the master and services(*api proxy) with label kubernetes.io/cluster-service=true
65. | Page
kubectl - create
1. Create a resource by filename.
kubectl create -f myfirst-pod.yaml
2. create all resources in a directory.
kubectl create -f rcweb
3. create a resource from stdin.
cat myfirst-svc.yaml | kubectl create -f -
4. create a resource from url.
kubectl create -f https://raw.githubusercontent.
com/sliranc/k8s_workshop/master/cli_demo/logme-pod.yaml
66. | Page
kubectl - get (Display one or many resources)
1. List all types of resource to get.
kubectl get
2. List all pods
kubectl get pods
3. List all pods in wide format
kubectl get pods -o wide
4. Display specific pod in yaml format
kubectl get pod/myfirstpod -o yaml
67. | Page
kubectl - get (Display one or many resources)
1. Query for pod with specific label
kubectl get pod -l name=rcwebpod
2. List all pods and services
kubectl get pods,svc
3. List all nodes (no)
kubectl get nodes
68. | Page
kubectl - describe
(Show details of a specific resource or group of resources)
1. List all types of resource to describe.
kubectl describe
2. describe a pod (po)
kubectl describe pod/myfirstpod
3. describe a service (svc)
kubectl describe svc/myweb
browse to LoadBalancer Ingress of the service http://ingress...
4. describe a node
kubectl describe node/<use one from the get nodes output>
69. | Page
kubectl - logs (Print the logs for a container in a pod)
1. Print the logs for pod with one container
kubectl logs logme
2. stream the logs
kubectl logs -f logme
3. print the logs of a container filepuller in pod myfirstpod
kubectl logs myfirstpod -c filepuller
HW : check out the -p flag for logs.
70. | Page
kubectl - scale
(Set a new size for a Replication Controller)
1. Scale rc rcweb to 3 replicas
kubectl get pods -l name=rcwebpod
kubectl scale --replicas=3 rc rcweb
kubectl get pods -l name=rcwebpod
2. Scale only if the current replication is X
kubectl scale --current-replicas=3 --replicas=2 rc rcweb
kubectl get pods -l name=rcwebpod
71. | Page
kubectl - exec
(Execute a command in a container)
1. Inject bash to a single pod container
kubectl exec -it logme bash
ps -auxwww
exit
2. Inject bash to a multi container pod
kubectl exec -it myfirstpod -c webserver bash
ps -auxwww
exit
72. | Page
kubectl - rolling-update
(Set a new size for a Replication Controller)
1. Get the service ingress and browse to http://ingress……..
kubectl describe svc/rcweb
2. upgrade your rc to new rc with 10s delay between pod.
kubectl rolling-update rcweb --image=sliranc/rcweb:v2 --update-
period="10s"
Refresh your browser.
kubectl get pods -l name=rcwebpod
73. | Page
kubectl edit
(Edit a resource from the default editor)
1. Edit the number of replicas
kubectl edit rc rcweb
kubectl get pods -l name=rcwebpod
74. | Page
kubectl - delete
(Delete a resource by filename, stdin, resource and name, or by resources and label selector)
1. Delete resource by file
kubectl delete -f myfirst-pod.yaml
2. Delete resource by name
kubectl delete svc myweb rcweb
3. Delete all pods
kubectl delete pods --all
4. Delete rc by name
kubectl delete rc rcweb
75. | Page
kubectl - delete
(Delete a resource by filename, stdin, resource and name, or by resources and label selector)
1. Delete resource by file
kubectl delete -f myfirst-pod.yaml
2. Delete resource by name
kubectl delete svc myweb rcweb
3. Delete all pods
kubectl delete pods --all
4. Delete rc by name
kubectl delete rc rcweb
76. | Page
Docker images
● Docker images are the basis of
containers.
● Docker images are read-only
templates we use for creating
containers.
● Docker images are multilayer.
● docker images are highly portable
and can be shared.
77. | Page
External source such as DB (headless service)
Web - Pod
SVC - Web
Web - Pod
App - Pod
SVC - App
App - Pod
SVC - DB
External DATA store