O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.

Resilient microservices with Kubernetes - Mete Atamel

Creating a single microservice is a well understood problem. Creating a cluster of load-balanced microservices that are resilient and self-healing is not so easy. Managing that cluster with rollouts and rollbacks, scaling individual services on demand, securely sharing secrets and configuration among services is even harder. Kubernetes, an open-source container management system, can help with this. In this talk, we will start with a simple microservice, containerize it using Docker, and scale it to a cluster of resilient microservices managed by Kubernetes. Along the way, we will learn what makes Kubernetes a great system for automating deployment, operations, and scaling of containerized applications.

  • Entre para ver os comentários

Resilient microservices with Kubernetes - Mete Atamel

  1. 1. Resilient Microservices with Kubernetes Mete Atamel Developer Advocate for Google Cloud @meteatamel
  2. 2. Confidential & ProprietaryGoogle Cloud Platform 2 Mete Atamel Developer Advocate for Google Cloud @meteatamel atamel@google.com meteatamel.wordpress.com Please send talk feedback: bit.ly/atamel
  3. 3. Google Cloud Platform The .NET Revolution @meteatamel
  4. 4. Google Cloud Platform The world of 2014 ASP.NET C# Visual Studio SQL Server PowerShell Java Apache MySQL Eclipse Bash @meteatamel
  5. 5. Google Cloud Platform Things are changing @meteatamel ASP.NET Core on Linux, Mac, Windows Microsoft joins Linux foundation Google joins .NET foundation 2014 .NET Goes Open Source OpenSSH on Windows Ubuntu, Debian on Azure 2015 SQL Server on Linux Bash on Windows PowerShell on Linux 2016
  6. 6. Google Cloud Platform The convergence ASP.NET C# Visual Studio SQL Server Java ApacheMySQL PowerShell Eclipse Bash
  7. 7. Confidential & ProprietaryGoogle Cloud Platform 7 Great time to be a .NET developer!
  8. 8. Confidential & ProprietaryGoogle Cloud Platform 8 However, software development is HARD! @meteatamel And it is not getting any easier...
  9. 9. Google Cloud Platform In the good old days @meteatamel This is all I had to care... Image Source: Wikipedia Life was good :-)
  10. 10. Google Cloud Platform A lot happened since then Internet App Servers Web Servers Databases Microservices The Monolith Object Oriented Programming Version Control Caching Cloud Computing Firewalls Virtual Machines Big Data Machine Learning Mobile DevOps IoT
  11. 11. Google Cloud Platform Nowadays ZONE A Load Balancer Health Endpoint Health Endpoint Health Endpoint Health Checker ZONE B Load Balancer Health Endpoint Health Endpoint Health Endpoint Health Checker REPLICATION Task Queues Autoscaler
  12. 12. Google Cloud Platform Maintaining code in different languages on different types of machines Rolling out the new version of your code reliably Rolling back to the old version if something goes wrong Managing configuration and secrets Managing scripts that need to run on each machine We haven’t even talked about
  13. 13. Google Cloud Platform I just want to write some code to solve a real-world problem @meteatamel
  14. 14. Google Cloud Platform The reality ZONE A Load Balancer Health Endpoint Health Endpoint Health Endpoint Health Checker ZONE B Load Balancer Health Endpoint Health Endpoint Health Endpoint Health Checker REPLICATION Task Queues Autoscaler This is all I want to care This is all I have to care What do we do?
  15. 15. Google Cloud Platform In the good old days @meteatamel Write your code, pass it to QA for testing, let operations team run it...
  16. 16. Google Cloud Platform Nowadays, it is your problem What do we do?
  17. 17. Google Cloud Platform You can write your code in any language and run anywhere exactly the same way @meteatamel Your app is optimally deployed somewhere and managed by someone. It just works! There are no machines. All resources are automatically provisioned on demand
  18. 18. Google Cloud Platform Write your code in any language and run it anywhere exactly the same way ⇒ Containers (eg. Docker, Rkt) Your app is optimally deployed and managed ⇒ Container Management Platforms (eg. Kubernetes, Docker Swarm, Mesos) All the resources needed for your app is automatically provisioned per demand ⇒ Cloud Providers (eg. Google Cloud, AWS, Azure) Docker + Kubernetes + Cloud
  19. 19. Google Cloud Platform Demo: Simple Microservice @meteatamel
  20. 20. Google Cloud Platform Containers @meteatamel
  21. 21. Google Cloud Platform ✕ No isolation ✕ Common libs ✕ Highly coupled Apps & OS Why containers? app libs kernel libs app app kernel app libs libs kernel kernel libs app kernel libs app libs app libs app ✓ Isolation ✓ No Common Libs ✕ Expensive and Inefficient ✕ Hard to manage ✓ Isolation ✓ No Common Libs ✓ Less overhead ✕ Less Dependency on Host OS kernel libs app app app app Physical Machine Virtual Machines Containers @meteatamel
  22. 22. Google Cloud Platform What is a container? Lightweight Hermetically sealed Isolated Easily deployable Introspectable Composable Linux (or Windows) processes A lightweight way to virtualize applications @meteatamel Docker
  23. 23. Google Cloud Platform Google has been developing and using containers to manage our applications for over 12 years. Images by Connie Zhou @meteatamel
  24. 24. Google Cloud Platform Everything at Google runs in containers Gmail, Web Search, Maps, ... MapReduce, batch, ... GFS, Colossus, ... Even Google’s Cloud Platform: our VMs run in containers! We launch over 2 billion containers per week @meteatamel
  25. 25. Google Cloud Platform Demo: Containerised Microservice @meteatamel
  26. 26. Google Cloud Platform Containers not enough @meteatamel Containers help to create a lightweight and consistent environment for apps ● Who takes care of redundancy? ● Who takes care of resiliency? ● Who scales up/down your app? ● Who and how a new version of your app gets deployed? ● Who rolls back to a previous version if something goes wrong? ● Etc. etc. etc. But you still need to answer these questions:
  27. 27. Google Cloud Platform Kubernetes @meteatamel
  28. 28. Google Cloud Platform Greek for “Helmsman”; also the root of the words “governor” and “cybernetic” • Manages container clusters • Inspired and informed by Google’s experiences and internal systems (borg) • Supports multiple cloud and bare-metal environments • Supports multiple container runtimes • 100% Open source, written in Go Manage applications, not machines Kubernetes @meteatamel
  29. 29. Google Cloud Platform kubelet UI kubeletCLI API users master nodes etcd kubelet scheduler controllers apiserver The 10000 foot view @meteatamel
  30. 30. Google Cloud Platform UI API Container Cluster All you really care about @meteatamel
  31. 31. Google Cloud Platform 1. Setting up the cluster • Choose a cloud: GCE, AWS, Azure, Rackspace, on-premises, ... • Choose a node OS: CoreOS, Atomic, RHEL, Debian, CentOS, Ubuntu, ... • Provision machines: Boot VMs, install and run kube components, ... • Configure networking: IP ranges for Pods, Services, SDN, ... • Start cluster services: DNS, logging, monitoring, ... • Manage nodes: kernel upgrades, OS updates, hardware failures... Not the easy or fun part, but unavoidable This is where things like Google Container Engine (GKE) really help Container clusters: A story in two parts @meteatamel
  32. 32. Google Cloud Platform Kubernetes cluster on GKE @meteatamel
  33. 33. Google Cloud Platform Windows Server Node in Kubernetes
  34. 34. Google Cloud Platform Demo: Create Kubernetes cluster @meteatamel
  35. 35. Google Cloud Platform 2. Using the cluster • Run Pods & Containers • Replica Sets • Services • Volumes This is the fun part! A distinct set of problems from cluster setup and management Don’t make developers deal with cluster administration! Accelerate development by focusing on the applications, not the cluster Container clusters: A story in two parts @meteatamel
  36. 36. Google Cloud Platform Kubernetes Building Blocks @meteatamel
  37. 37. Google Cloud Platform Deployment Pod Volume Label Selector Kubernetes Terminology ReplicaSet Liveness Probe Readiness Probe Service DaemonSet Job StatefulSet ConfigMap Secret
  38. 38. Container cluster Service Pods Each pod containers one or more containers Nodes Role: frontend Role: frontend Role: frontend Role: frontend Replication controller Replicas: 3 Env: prod microservice labels Service communication channel Blueprint “pod template” Env: prod Env: prod Env: prod registry containers @meteatamel
  39. 39. Google Cloud Platform Deployments @meteatamel
  40. 40. Google Cloud Platform A Deployment provides declarative updates for Pods and Replica Sets Describe the desired state and the Deployment controller will change the actual state to the desired state at a controlled rate for you. Deployment manages replica changes for you • stable object name • updates are configurable, done server-side • kubectl edit or kubectl apply ... Deployments @meteatamel
  41. 41. Google Cloud Platform Demo: Create Deployment @meteatamel
  42. 42. Google Cloud Platform Deployment Pod Volume Label Selector Kubernetes Terminology ReplicaSet Liveness Probe Readiness Probe Service DaemonSet Job StatefulSet ConfigMap Secret
  43. 43. Google Cloud Platform Pods and Volumes @meteatamel
  44. 44. Google Cloud Platform Small group of containers & volumes Tightly coupled The atom of scheduling & placement Shared namespace • share IP address & localhost • share IPC, etc. Managed lifecycle • bound to a node, restart in place • can die, cannot be reborn with same ID Example: data puller & web server Consumers Content Manager File Puller Web Server Volume Pod Pods @meteatamel
  45. 45. Google Cloud Platform Pod-scoped storage Support many types of volume plugins • Empty dir (and tmpfs) • Host path • Git repository • GCE Persistent Disk • AWS Elastic Block Store • Azure File Storage • iSCSI • Flocker • NFS • vSphere • GlusterFS • Ceph File and RBD • Cinder • FibreChannel • Secret, ConfigMap, DownwardAPI • Flex (exec a binary) • ... Volumes @meteatamel
  46. 46. Google Cloud Platform Deployment Pod Volume Label Selector Kubernetes Terminology ReplicaSet Liveness Probe Readiness Probe Service DaemonSet Job StatefulSet ConfigMap Secret
  47. 47. Google Cloud Platform Labels & Selectors @meteatamel
  48. 48. Google Cloud Platform Arbitrary metadata Attached to any API object Generally represent identity Queryable by selectors • think SQL ‘select ... where ...’ The only grouping mechanism • pods under a ReplicationController • pods in a Service • capabilities of a node (constraints) Labels @meteatamel
  49. 49. Google Cloud Platform App: MyApp Phase: prod Role: FE App: MyApp Phase: test Role: FE App: MyApp Phase: prod Role: BE App: MyApp Phase: test Role: BE Selectors @meteatamel
  50. 50. Google Cloud Platform App: MyApp Phase: prod Role: FE App: MyApp Phase: test Role: FE App: MyApp Phase: prod Role: BE App: MyApp Phase: test Role: BE App = MyApp Selectors @meteatamel
  51. 51. Google Cloud Platform App: MyApp Phase: prod Role: FE App: MyApp Phase: test Role: FE App: MyApp Phase: prod Role: BE App: MyApp Phase: test Role: BE App = MyApp, Role = FE Selectors @meteatamel
  52. 52. Google Cloud Platform App: MyApp Phase: prod Role: FE App: MyApp Phase: test Role: FE App: MyApp Phase: prod Role: BE App: MyApp Phase: test Role: BE App = MyApp, Role = BE Selectors @meteatamel
  53. 53. Google Cloud Platform App: MyApp Phase: prod Role: FE App: MyApp Phase: test Role: FE App: MyApp Phase: prod Role: BE App: MyApp Phase: test Role: BE App = MyApp, Phase = prod Selectors @meteatamel
  54. 54. Google Cloud Platform App: MyApp Phase: prod Role: FE App: MyApp Phase: test Role: FE App: MyApp Phase: prod Role: BE App: MyApp Phase: test Role: BE App = MyApp, Phase = test Selectors @meteatamel
  55. 55. Google Cloud Platform Deployment Pod Volume Label Selector Kubernetes Terminology ReplicaSet Liveness Probe Readiness Probe Service DaemonSet Job StatefulSet ConfigMap Secret
  56. 56. Google Cloud Platform Resiliency & Redundancy @meteatamel
  57. 57. Google Cloud Platform A simple control loop Runs out-of-process wrt API server One job: ensure N copies of a pod • grouped by a selector • too few? start some • too many? kill some Layered on top of the public Pod API Replicated pods are fungible • No implied order or identity * The evolution of ReplicationControllers ReplicaSet - name = “my-rc” - selector = {“App”: “MyApp”} - template = { ... } - replicas = 4 API Server How many? 3 Start 1 more OK How many? 4 ReplicaSets* @meteatamel
  58. 58. Google Cloud Platform ReplicaSets Replication Controller Pod frontend Pod frontend app = demo app = demo app = demo ReplicaSet #pods = 3 app = demo color in (blue,grey) show: version = v2 color = blue color = blue color = grey Behavior Benefits ● Keeps Pods running ● Gives direct control of Pod #s ● Grouped by Label Selector ➔ Recreates Pods, maintains desired state ➔ Fine-grained control for scaling ➔ Standard grouping semantics Pod Pod Pod @meteatamel
  59. 59. Google Cloud Platform Demo: ReplicaSets @meteatamel
  60. 60. Google Cloud Platform Kubernetes Health Checks @meteatamel
  61. 61. Google Cloud Platform It’s your responsibility to let Kubernetes know whether your app is healthy or not! Health Check Philosophy
  62. 62. Google Cloud Platform Liveness Probes make sure your application is running livenessProbe: # an http probe httpGet: path: /healthz port: 8080 initialDelaySeconds: 15 # wait 15 seconds after pod is started to check for health timeoutSeconds: 1 # wait 1 second for a response to health check Liveness Probes
  63. 63. Google Cloud Platform Readiness probes make sure your application is ready to serve traffic readinessProbe: # an http probe httpGet: path: /readiness port: 8080 initialDelaySeconds: 20 # wait 20 seconds after pod is started to check for health timeoutSeconds: 5 # wait 5 second for a response to health check Readiness Probes
  64. 64. Google Cloud Platform Deployment Pod Volume Label Selector Kubernetes Terminology ReplicaSet Liveness Probe Readiness Probe Service DaemonSet Job StatefulSet ConfigMap Secret
  65. 65. Google Cloud Platform Services @meteatamel
  66. 66. Google Cloud Platform Services Client Pod Container Pod Container Pod Container A logical grouping of pods that perform the same function (the Service’s endpoints) • grouped by label selector Load balances incoming requests across constituent pods Choice of pod is random but supports session affinity (ClientIP) Gets a stable virtual IP and port • also a DNS nametype = Service Label selector: type = FE VIP type = FE type = FE type = FE @meteatamel
  67. 67. Google Cloud Platform Demo: Services @meteatamel
  68. 68. Google Cloud Platform A general purpose, web-based UI to view/manage Kubernetes clusters Kubernetes Dashboard
  69. 69. Google Cloud Platform Demo: Kubernetes Dashboard
  70. 70. Google Cloud Platform Deployment Pod Volume Label Selector Kubernetes Terminology ReplicaSet Liveness Probe Readiness Probe Service DaemonSet Job StatefulSet ConfigMap Secret
  71. 71. Google Cloud Platform Scaling @meteatamel
  72. 72. Google Cloud Platform Scaling @meteatamel Service Label selectors: version = 1.0 type = Frontend Service name = frontend Label selector: type = BE Replication Controller Pod frontend Pod version= v1 version = v1 ReplicaSet version = v1 #pods = 1 show: version = v2 type = FE type = FE Pod frontend Pod version = v1 type = FE ReplicaSet version = v1 #pods = 2 show: version = v2 Pod ReplicaSet version = v1 type = FE #pods = 3 show: version = v2
  73. 73. Google Cloud Platform Scaling @meteatamel Service Label selectors: version = 1.0 type = Frontend Service name = frontend Label selector: type = BE Replication Controller Pod frontend Pod version= v1 version = v1 ReplicaSet version = v1 #pods = 1 show: version = v2 type = FE type = FE Pod frontend Pod version = v1 type = FE ReplicaSet version = v1 #pods = 2 show: version = v2 Pod Pod ReplicaSet version = v1 type = FE #pods = 4 show: version = v2 version = v1 type = FE
  74. 74. Google Cloud Platform Demo: Scaling @meteatamel
  75. 75. Google Cloud Platform Rolling Update @meteatamel
  76. 76. Google Cloud Platform ReplicaSet - name: my-app-v1 - replicas: 3 - selector: - app: MyApp - version: v1 Service - app: MyApp Rolling Update @meteatamel
  77. 77. Google Cloud Platform ReplicaSet - name: my-app-v1 - replicas: 3 - selector: - app: MyApp - version: v1 ReplicaSet - name: my-app-v2 - replicas: 0 - selector: - app: MyApp - version: v2 Service - app: MyApp Rolling Update @meteatamel
  78. 78. Google Cloud Platform ReplicaSet - name: my-app-v1 - replicas: 3 - selector: - app: MyApp - version: v1 ReplicaSet - name: my-app-v2 - replicas: 1 - selector: - app: MyApp - version: v2 Service - app: MyApp Rolling Update @meteatamel
  79. 79. Google Cloud Platform ReplicaSet - name: my-app-v1 - replicas: 2 - selector: - app: MyApp - version: v1 ReplicaSet - name: my-app-v2 - replicas: 1 - selector: - app: MyApp - version: v2 Service - app: MyApp Rolling Update @meteatamel
  80. 80. Google Cloud Platform ReplicaSet - name: my-app-v1 - replicas: 2 - selector: - app: MyApp - version: v1 ReplicaSet - name: my-app-v2 - replicas: 2 - selector: - app: MyApp - version: v2 Service - app: MyApp Rolling Update @meteatamel
  81. 81. Google Cloud Platform ReplicaSet - name: my-app-v1 - replicas: 1 - selector: - app: MyApp - version: v1 ReplicaSet - name: my-app-v2 - replicas: 2 - selector: - app: MyApp - version: v2 Service - app: MyApp Rolling Update @meteatamel
  82. 82. Google Cloud Platform ReplicaSet - name: my-app-v1 - replicas: 1 - selector: - app: MyApp - version: v1 ReplicaSet - name: my-app-v2 - replicas: 3 - selector: - app: MyApp - version: v2 Service - app: MyApp Rolling Update @meteatamel
  83. 83. Google Cloud Platform ReplicaSet - name: my-app-v1 - replicas: 0 - selector: - app: MyApp - version: v1 ReplicaSet - name: my-app-v2 - replicas: 3 - selector: - app: MyApp - version: v2 Service - app: MyApp Rolling Update @meteatamel
  84. 84. Google Cloud Platform ReplicaSet - name: my-app-v2 - replicas: 3 - selector: - app: MyApp - version: v2 Service - app: MyApp Rolling Update @meteatamel
  85. 85. Google Cloud Platform Demo: Rolling Update @meteatamel
  86. 86. Google Cloud Platform Canary Deployments Replication Controller ReplicaSet version = v2 type = BE #pods = 1 show: version = v2 Pod frontend Pod version = v2 type = BE @meteatamel Pod frontend Service Label selectors: version = 1.0 type = Frontend Service name = backend Label selector: type = BE Replication Controller Pod version= v1 ReplicaSet version = v1 type = BE #pods = 2 show: version = v2 type = BE type = BE Pod version = v1
  87. 87. Google Cloud Platform Autoscaling Replication Controller Pod frontend Pod name=locust name=locust ReplicaSet name=locust role=worker #pods = 1 show: version = v2 Pod frontend Pod name=locust ReplicaSet name=locust role=worker #pods = 2 show: version = v2 Pod Pod name=locust role=worker role=worker role=worker role=worker ReplicaSet name=locust role=worker #pods = 4 Heapster 70% CPU 40% CPU Scale CPU Target% = 50 > 50% CPU @meteatamel
  88. 88. Google Cloud Platform DaemonSets @meteatamel
  89. 89. Google Cloud Platform Problem: how to run a Pod on every node? • or a subset of nodes Similar to ReplicaSet • principle: do one thing, don’t overload “Which nodes?” is a selector Use familiar tools and patterns Pod DaemonSets @meteatamel
  90. 90. Google Cloud Platform Jobs @meteatamel
  91. 91. Google Cloud Platform Run-to-completion, as opposed to run-forever • Express parallelism vs. required completions • Workflow: restart on failure • Build/test: don’t restart on failure Aggregates success/failure counts Built for batch and big-data work ... Jobs @meteatamel
  92. 92. Google Cloud Platform StatefulSets @meteatamel
  93. 93. Google Cloud Platform Goal: enable clustered software on Kubernetes • mysql, redis, zookeeper, ... Clustered apps need “identity” and sequencing guarantees • stable hostname, available in DNS • an ordinal index • stable storage: linked to the ordinal & hostname • discovery of peers for quorum • startup/teardown ordering StatefulSets @meteatamel
  94. 94. Google Cloud Platform ConfigMaps @meteatamel
  95. 95. Google Cloud Platform Goal: manage app configuration • ...without making overly-brittle container images 12-factor says config comes from the environment • Kubernetes is the environment Manage config via the Kubernetes API Inject config as a virtual volume into your Pods • late-binding, live-updated (atomic) • also available as env vars node API Pod Config Map ConfigMaps @meteatamel
  96. 96. Google Cloud Platform Secrets @meteatamel
  97. 97. Google Cloud Platform Goal: grant a pod access to a secured something • don’t put secrets in the container image! 12-factor says config comes from the environment • Kubernetes is the environment Manage secrets via the Kubernetes API Inject secrets as virtual volumes into your Pods • late-binding, tmpfs - never touches disk • also available as env vars node API Pod Secret Secrets @meteatamel
  98. 98. Google Cloud Platform Deployment Pod Volume Label Selector Kubernetes Terminology ReplicaSet Liveness Probe Readiness Probe Service DaemonSet Job StatefulSet ConfigMap Secret
  99. 99. Confidential & ProprietaryGoogle Cloud Platform 99 There is more! @meteatamel
  100. 100. Confidential & ProprietaryGoogle Cloud Platform 100 kubernetes.io cloud.google.com/container-engine Mete Atamel @meteatamel atamel@google.com meteatamel.wordpress.com Thank You @meteatamel Send talk feedback bit.ly/atamel

×