Consolidating Infrastructure with Azure Kubernetes Service
•
0 gostou•272 visualizações
In this session, see how Tailwind Traders took a containerized application and deployed it to Azure Kubernetes Service (AKS). You’ll walk away with a deep understanding of major Kubernetes concepts and how to put it all to use with industry standard tooling.
Recomendados
Recomendados
Mais conteúdo relacionado
Mais procurados
Mais procurados (18)
Semelhante a Consolidating Infrastructure with Azure Kubernetes Service
Semelhante a Consolidating Infrastructure with Azure Kubernetes Service (20)
Mais de Eng Teong Cheah
Mais de Eng Teong Cheah (20)
Último
Último (20)
Consolidating Infrastructure with Azure Kubernetes Service
- 2. App Intro AKS architecture Scale Network & Security Handling Failures Tailwind Traders Introduction to Kubernetes and components Scale your applications in and out Pod identity and Calico network policies Cluster and Application Error Management
- 5. Management’s Ask of Us Resiliency Security Flexibility Scale4 3 2 1
- 6. Why Kubernetes? 4 3 2 1 Extensibility Scalability Self-healing Standardized API for infrastructure abstractions
- 8. Kubernetes ArchitectureKubernetes control API server replication, namespace, serviceaccounts, etc. -controller- manager -scheduler etcd Master node Worker node kubelet kube-proxy Docker Pods Pods Containers Containers Worker node kubelet kube-proxy Docker Pods Pods Containers Containers Internet
- 9. AKS Architecture API server Controller ManagerScheduler etcd Store Cloud Controller Self-managed master node(s) Customer VMs App/ workload definitionUser Docker Pods Docker Pods Docker Pods Docker Pods Docker Pods Schedule pods over private tunnel Kubernetes API endpoint Azure managed control plane
- 10. AKS Architecture - Networking Kubernetes cluster: Azure VNET App Gateway Worker node Pods Containers kubelet Control plane Internal Load Balancer Ingress Controller Worker node Pods Containers kubelet … Namespace External DNS
- 11. AKS Architecture - Virtual Node Azure Container Instances (ACI) Pods Virtual node Node Pods Node Pods Kubernetes control plane
- 12. AKS Architecture - Availability Zones Region* AKS AZs Region* AKS AZs Region* AKS AZs
- 13. Create a resource group az group create -l <Azure region> -n myResGroupThis is holding all the resources for our cluster az commands
- 14. az network vnet create --resource-group myResGroup --name myVnet --address-prefixes 10.0.0.0/8 --subnet-name myVnetSub --subnet-prefix 10.240.0.0/16 Create vnet az commands Also we create a subnet for our cluster
- 15. az network vnet subnet create --resource-group myResGroup --vnet-name myVnet --name VNSubnet --address-prefix 10.241.0.0/16 Create a subnet az commands Create a subnet for virtual node
- 16. mySPk8s Create a service principal az commands The service principal allows us to create other cloud resources
- 17. az aks create --resource-group myResGroup --name myAKSCluster --node-count 3 --generate-ssh-keys Create a base AKS Cluster az commands Basic cluster
- 18. az aks create --resource-group myResGroup --name myAKSCluster --node-count 3 --service-principal <appId> --client-secret <password> --generate-ssh-keys --network-plugin azure --dns-service-ip $KUBE_DNS_IP --docker-bridge-address 172.17.0.1/16 --vnet-subnet-id <vnet id> --load-balancer-sku standard --enable-vmss --node-zones 1 2 3 Create an AKS Cluster az commands All addon flags
- 19. myResGroup myAKSCluster VNsubnet Add virtual node az commands Add the virtual node addon
- 20. Future proof your cluster by enabling virtual node, CNI, and availability zones 3
- 21. Scale
- 22. Feature Request From Management Management has asked us for a new service. The service must ✓ Generate customer recommendations off previous orders ✓ Service must be its own deployable artifact ✓ Must have a documented API to interface with existing services
- 23. Solution to the new request
- 25. Scaling Technologies Horizontal Pod Autoscaler (HPA)
- 26. Virtual Node is Based Off Virtual Kubelet
- 27. Virtual Node Supports ▰ Linux containers ▰ Windows containers ▰ GPU Tip In the backend Virtual node is using Helm to deploy the binary needed to connect to ACI
- 28. nodeSelector: beta.kubernetes.io/os: linux kubernetes.io/role: agent type: virtual-kubelet tolerations: - key: virtual-kubelet.io/provider operator: Equal value: azure effect: NoSchedule Tell Your Pods to Use Virtual Node Example.yaml When using virtual node you need to specify virtual node in the node selector
- 29. Demo: Scaling with Virtual Node
- 31. Introduction into AKS security
- 32. Introduction into Pod Identity • • •
- 33. Introduction into Pod Identity Node Management Identity (NMI) Managed Identity Controller (MIC)
- 34. Pod Identity
- 35. Network Policy Options in AKS
- 36. Network Policy Options in AKS
- 41. Availability Zones Region* AKS AZs Region* AKS AZs Region* AKS AZs
- 42. Availability Zones Resiliency to data centre failures Nodes are split across 3 datacenters in a region Gives us fault domains to plan our deployments around. Manually bring failed nodes back to your cluster 1 2 3 4
- 43. Availability zones is in public beta aka.ms/AKSavailability Availability zones is in public beta
- 44. Handling Application Failure Use deployments with replication set to the number of zones you are using Use an ingress controller that is highly available Understand your disk mounts in pods 2 3 1
- 45. apiVersion: apps/v1 kind: Deployment metadata: name: webapp-deployment spec: selector: matchLabels: app: webapp replicas: 3 template: metadata: labels: app: webapp spec: containers: - name: webapp image: scottyc/webapp:latest ports: - containerPort: 3000 hostPort: 3000 Example deployment Example.yaml To handle failure
- 47. THANKS! Any questions? You can find me at @walkercet