This document discusses Google Cloud Platform and related technologies like .NET Core, SQL Server, containers, and Kubernetes. It provides an agenda for a user group meeting that will cover containers, Kubernetes, CoreOS, creating and running a .NET application in a Docker container, container registries, setting up a local Kubernetes cluster, and using pods and services. There is also information about Endocode, a company that provides software solutions and open source projects using technologies like these.
IP addressing and IPv6, presented by Paul Wilson at IETF 119
GCP .NET Core, MSSQL, Container and Kubernetes
1. Google Cloud Platform
.NET Core, MSSQL,
Container und Kubernetes
thomas@endocode.com
.NET User Group Berlin-Brandenburg, March 2nd, 2017
2. Google Cloud Platform
HI!
Thomas Fricke
thomas@endocode.com
CTO Endocode
• System Automation
• DevOps
• Cloud, Database and Software
Architect
3. Google Cloud Platform
MORE BUGFIX EXAMPLES
• Application breaks
• systemd problem
• NO! journald problem
• analysis: application writes a log line
longer than the kernel buffer used by journald
• FIX: enlarge the kernel buffer
• Push fix to the upstream kernel
4. Google Cloud Platform
ENDOCODE
• high-quality software solutions
• best software engineering practices: test driven
• well known open source projects: https://github.com/endocode
• diverse range of technologies
• decades of experience
• software development,
• team management
• 100000s of server years in public and private clouds
• Be it web, mobile, server or desktop we use:
open source meet any challenge
5. Google Cloud Platform
WHY AM I HERE?
• FSFE recommendation
• .NET is going to be Open Source
• Microsoft has announced a Linux first policy
• Containers everywhere
• Kubernetes now available on Azure
• Large legacy code base in .NET
• Security
• Protecting Infrastructure
• Industry 4.0 Buzz
• ...
6. Google Cloud Platform
AGENDA
• Container
• Kubernetes
• CoreOS
• Create and Run an Example .NET Application
• Clean! Docker Image
• Registry
• Local Kubernetes Setup
• Minikube
• Pod
• Service
8. Google Cloud Platform
CONTAINER OR VIRTUALIZATION
Topic Container Virtualisation
Isolation OS Level,
OS namespaces
CPU Level:
Ring 0/Ring 3
foreign CPU no yes, with emulation
foreign kernels, OS no yes kernel is
common
emulated devices no yes security
host devices direct virtio driver security
CPU performance 100% 95%
IO performance 100% <<100%
root isolation yes yes USER
directive
CPU cache attacks easy possible PoC ?
9. Google Cloud Platform
Greek for “Helmsman”; also the root of the words
“governor” and “cybernetic”
• Runs and manages containers
• Inspired and informed by Google’s
experiences and internal systems
• Supports multiple cloud and bare-metal
environments
• Supports multiple container runtimes
• 100% Open source, written in Go
Manage applications, not machines
Kubernetes
16. Google Cloud Platform
SECURITY BUGS IN IMAGES
• Heartbleed: CVE-2014-0160
• Bug in SSL/TLS exposing the private key of a server
• present in 80% of containers still 18 months after disclosure
• GHOST: CVE-2015-0235
• glibc vulnerability in gethostbyname
• exploitable in some conservative distributions
https://www.banyanops.com/blog/analyzing-docker-hub/
https://coreos.com/blog/vulnerability-analysis-for-containers/
20. Google Cloud Platform
WE NEVER START FROM SCRATCH
- Almost no project starts from a green field
- Technical debt
- environments not made for microservices
21. Google Cloud Platform
● strict layered
architecture
○ separation of
stateless
○ and persistent data
● inside the pods
○ developers are free
to use what they
want
○ contract is binding to
the outside
22. Google Cloud Platform
EXISTING HETEROGENEOUS ENVIRONMENT
- Programming languages and their runtimes
- Various databases from various generations
- SQL
- NoSQL
- Local and sessions storage
- Message queueing
23. Google Cloud Platform
SEMI-AUTOMATED DEPLOYMENT
- Deployment chain automation
- Knowledge about staging and release processes typically implicit and critical
24. Google Cloud Platform
VM CLUSTER BASED ARCHITECTURES
- Assumes complete OS
- Package management
- Configuration management (at runtime)
26. Google Cloud Platform
FROM VMs TO PODS
OS instances microservices in Pods
- pods are containers sharing the same fate
- created together
- running on same node
- terminationg together
- one network address
- shared volumes
27. Google Cloud Platform
FROM VMs TO PODS
VM cluster Pods running on Kubernetes
- cattle: stateless containers
- pets: databases
configuration management separation of build time
and run time
29. Google Cloud Platform
immmr - one number for every need
immmr combines the best
of Internet base
communication with the
advantages of mobile
communication
immmr makes it possible
to use a single mobile
number from any device
30. Google Cloud Platform
.NET Kexel Webserver
• Typical Hello World
• Setup a Clean Container
• Ubuntu 16.04.2 TLS
• Microsoft .NET Version
DEMO TIME
32. Google Cloud Platform
MORE FROM ENDOCODE
- https://endocode.com
- https://endocode.com/blog/
- https://endocode.com/trainings-overview/
- Visit us on GitHub
https://github.com/endocode
-
34. Google Cloud Platform
Dive into Kubernetes!
Watch our Webinar ‘Dive into Kubernetes’ on our YouTube Channel
https://youtu.be/8694GGJlpZ8
Register for a free Google Cloud Platform Trial with $300 Google Cloud Platform Credits
https://goo.gl/dUzDWi
Use another $200 partner credits
https://goo.gl/eYldnT
35. Google Cloud Platform
Endoctus Academy
Next Trainings:
INTRODUCTION
TO KUBERNETES
April 27th
May 4th
May 18th
https://endoctus.com/course/introduction-to-kubernetes
36. Google Cloud Platform
QUESTIONS?
- https://endocode.com
- https://endocode.com/blog/
- https://endocode.com/trainings-overview/
- Visit us on GitHub
https://github.com/endocode
-