5. @bridgetkromhout #tcsw19
“Kubernetes is an open-source
platform designed to automate
deploying, scaling, and operating
application containers."
Initial release: 7 June 2014
8. @bridgetkromhout #tcsw19
cloud native trail map
containerization
CI/CD
orchestration & application definition
observability & analysis
service proxy, discovery, & mesh
networking & policy
…and more at landscape.cncf.io
9. @bridgetkromhout #tcsw19
Deploy k8s clusters, pods, and services!
Find modules: https://registry.terraform.io/
Providers include Azure & Azure Stack, as
well as other clouds.
16. @bridgetkromhout #tcsw19
kubeval: find invalid deployments
$ helm kubeval stable/nginx-ingress --set
controller.replicaCount=two
[…]
The file nginx-ingress/templates/controller-
deployment.yaml contains an invalid Deployment
---> spec.replicas: Invalid type. Expected:
[integer,null], given: string
The file nginx-ingress/templates/default-backend-
deployment.yaml contains a valid Deployment
[…]
Error: plugin "kubeval" exited with error
17. @bridgetkromhout #tcsw19
Simple app development and deployment – into any
Kubernetes cluster
Simplified development
Using two simple commands,
developers can now begin working
on container-based applications
without requiring Docker or even
installing Kubernetes themselves
Language support
Draft detects which language your
app is written in, and then uses
packs to generate a Dockerfile and
Helm Chart with the best practices
for that language
draft.sh
18. @bridgetkromhout #tcsw19
Run scriptable, automated tasks in the cloud — as part of
your Kubernetes cluster
Simple, powerful pipes
Each project gets a brigade.js
config file, which is where you
can write dynamic, interwoven
pipelines and tasks for your
Kubernetes cluster
Runs inside your cluster
By running Brigade as a
service inside your Kubernetes
cluster, you can harness the
power of millions of available
Docker images
brigade.sh
19. @bridgetkromhout #tcsw19
Spec for packaging distributed apps
CNAB: package distributed apps
CNABs facilitate the bundling,
installing and managing of
container-native apps — and
their coupled services
Cloud Native Application Bundle
cnab.io
20. @bridgetkromhout #tcsw19
Duffle
Install and manage distributed app bundles
Duffle: install & manage
distributed app bundles
Simple CLI to interact with
CNAB, for use with your
clouds and services of choice
duffle.sh
21. @bridgetkromhout #tcsw19
A friendlier cloud installer
Install your app and its baggage
Bundle up not just the app,
but everything it needs to run
in the cloud
Build bundles smarter, not harder
Use mixins for common tools
and clouds, and depend on
existing bundles.
Surprise! It does package
management too
Package and version your
bundle, then distribute it for
others to use.
porter.sh
22. @bridgetkromhout #tcsw19
Service Mesh Interface
A Kubernetes interface that provides traffic
routing, traffic telemetry, and traffic policy
Apps Tooling Ecosystem
Standardized
Standard interface for
service mesh on Kubernetes
Simplified
Basic feature set to address
most common scenarios
Extensible
Support for new features as
they become widely available
…and more
Service Mesh Interface
smi-spec.io
25. @bridgetkromhout #tcsw19
conftest
openpolicyagent.org
Open Policy Agent
https://garethr.dev/2019/06/introducing-conftest/
Policy-based control
specified declaratively &
enforced automatically
Write policy in OPA native
query language Rego
test locally against structured configuration data (uses Rego)
(enforced server-side: PodSecurityPolicy, Gatekeeper, etc)
26. @bridgetkromhout #tcsw19
$ helm conftest stable/nginx-ingress
FAIL - nginx-ingress-controller in the Deployment
release-name-nginx-ingress-controller does not have
a memory limit set
FAIL - nginx-ingress-controller in the Deployment
release-name-nginx-ingress-controller does not have
a CPU limit set
[…]
Error: plugin "conftest" exited with error
conftest: fail if non-compliant with policy
28. @bridgetkromhout #tcsw19
•allows serverless resources to join a
Kubernetes cluster
•serverless cloud container services
appear as virtual nodes via Virtual
Kubelet providers
•enables capacity on demand,
without delays or pre-provisioning
virtual-kubelet.io
29. @bridgetkromhout #tcsw19
- View & manage Kubernetes clusters
- Build & run containers from Dockerfiles
- Intellisense for Kubernetes & Helm resources
- Works anywhere (Azure, Minikube, KIND, AWS, GCP, etc)
32. To learn more…
@bridgetkromhout #tcsw19
Cloud Native Tooling
deislabs.io
Container Training
container.training
What is Kubernetes?
aka.ms/k8slearning
VS Code extension for k8s
azure.github.io/vscode-kubernetes-tools
33. @bridgetkromhout #tcsw19
Thanks!
Cloud Native Tooling
deislabs.io
Container Training
container.training
What is Kubernetes?
aka.ms/k8slearning
VS Code extension for k8s
azure.github.io/vscode-kubernetes-tools