SlideShare uma empresa Scribd logo

Application portability with kubernetes

•Transferir como PPTX, PDF•
•
Oleg Chunikhin
Oleg Chunikhin

The presentation was given on 11/12/2018 on CloudExpo NY. The presentation talks about software portability approaches and technologies on Kubernetes, microservices, service mesh, and serverless platforms

Software
1 de 27
Application Portability with Kubernetes Oleg Chunikhin |CTO, Kublr
Introductions Oleg Chunikhin CTO, Kublr • Nearly 20 years in the field of software architecture and development. • Joined Kublr in 2016. • Kublr is an enterprise Kubernetes management and operations platform that helps accelerate Kubernetes adoption and containerized applications management for enterprises.
Software Portability Ability to be used in varying environments • Different clouds • Cloud, on-prem, hybrid • Different OS or OS flavors • Desktop, data center Why? • Move load quickly (geography, cost, features) • Lifecycle (dev / test / staging / production environments) • Disaster recovery • Split-tier architecture (application tiers may reside in different environments) • Cloud-bursting
Portability Pre-requisites • Generalized abstraction between the application logic and system interfaces. • Application designed for portability • Technology stack and platform that support portability
System Abstractions Application Database Exclusive FS Shared FS Routing SSL TermBalancing Messaging
“Rich” Platform Application Routing SSL TermBalancing Platform or framework Platform or framework Database Exclusive FS Shared FS Messaging
Not Quite as Rich a Platform Application ?Routing? ?SSL Term?Balancing Platform Platform ?Database? Exclusive FS Shared FS Messaging
“Poor” Platform Application ?Routing? ?SSL Term??Balancing? Platform ?Database? Exclusive FS ?Shared FS? ?Messaging?
Compute Abstractions Application Functions Services Containers Instances
Compute Abstractions Application ?Functions? ?Services? ?Containers? Instances
Kubernetes to the Rescue Kubernetes is a portable container orchestration framework • Simple and powerful application abstraction – interconnected containers • Simple and flexible containers configuration and connections • Extensible framework and abstractions for traffic management processing • Service • Ingress and Ingress Controllers • Extensible framework and abstractions for storage management • Configuration templating tools: Helm, Ksonnet • Microservices and Serverless frameworks
Kubernetes Abstractions Environment-provided and/or Self-hosted services K8S Container Orchestration Application Route ServiceIngress Service Mesh Serverless ConfigMap Secret PersistentVolume API Gateway NetworkPolicy Database Exclusive FS Shared FS Messaging Routing SSL TermBalancing ServerlessServiceMesh ContainerOrchestration
Container Orchestration Master Node K8s master components: etcd, scheduler, api, controller K8s metadata Docker kubelet App data Infrastructure and application containers Infrastructure and application containers Overlay network K8s node components: overlay network, discovery, connectivity
Service External node ports or external load balancer Kubernetes cluster Pod A-1 10.0.0.3 Pod A-2 10.0.1.5 Pod B-1 10.0.0.8 SrvB 10.7.0.3 Internal service SrvA 10.7.0.1 SrvC 10.7.0.5 Ext Resourc e
Ingress Kubernetes cluster SrvA 10.7.0.1 SrvB 10.7.0.3 Ingress rule 1: abc.com/abc > SrvA Ingress rule 2: def.com/def > SrvB Pod A-1 Pod A-2 Pod B-1
Ingress Controller Ingress controller implementations • AWS ALB • HAProxy • Nginx • Kong API Management • Letsencrypt • ... Edge / entry point / load balancer Kubernetes cluster SrvA 10.7.0.1 SrvB 10.7.0.3 Ingress controller Ingress rule 1: abc.com/abc > SrvA Ingress rule 2: def.com/def > SrvB Pod A-1 Pod A-2 Pod B-1
Configurability and Persistence Pod Container 1 Container 2 Persistent Volume: NFS, Gluster, ceph, EBS, dir, etc Volume Volume Claim Volume Mount Volume Mount Config Map Secret Storage Class Static or dynamically allocated
Service Mesh on Kubernetes Kubernetes Service B Infrastructu re and application containers Pod Envoy Svc B Service A Infrastructu re and application containers Pod Envoy Svc A HTTP, gRPC, TCP SSL or plain Istio Control Plane Pilot Mixer Auth HTTP, gRPC, TCP SSL or plain • Access control policies • Routing policies • Usage policies Tracing Dashboard Collector Istio, Conduit, Linkerd, Zipkin, Jaeger • Pilot • Service discovery for Envoy and traffic routing • Splitting: gradual (canary) rollout, A/B testing • Fault injection • Mirroring • Failure recovery: circuit breakers, retries, timeouts • Mixer • Per-request policies: access and usage control • Auth • Request authentication and encryption • Identity and credential management • Envoy • Request routing and processing; attributes • Zipkin/Jaeger, Prometheus/Grafana • Distributed request tracing • Monitoring
Serverless on Kubernetes Kubernetes serverless Frameworks: • Fn • Fission • Kubeless Kubernetes Generic Executor Pod Controller HTTP, gRPC, TCP SSL or plain Specific Executor Pod BuilderRouter Pod Message queue (async calls)
Serverless Abstraction Frameworks Kubernetes Generic Executor Pod Controller Specific Executor Pod BuilderRouter Pod Serverless
Other resources Resource Managed Self-hosted / Portable File system/Files AWS EFS, EBS, S3; Azure Storage Rook/Ceph; Portworx; GlusterFS Database AWS RDS; Azure DB Vitess; MySql; Postgres TLS Certificates AWS Cert Mgmt; Azure Cert Mgmt Letsencrypt; K8S Cert Authority Messaging AWS SQS; Azure Messaging RabbitMQ; ActiveMQ; NATS API Management AWS API Mgmt; Azure API Mgmt Kong; Tyk Containers/K8S AWS EKS/ECS; Azure AKS/ACS Kubernetes
Putting it all Together Application AWS EFS AWS EKS AWS ELB Amazon API Management AWS RDS AWS Lambda Application Vitess Kubeless Ingress Nginx Kong Rook/Ceph NAS Hardware LB Serverless
Gotchas and Considerations • Abstractions leak • Ingress rules often use controller specific annotations • Implementations may defy abstractions • AWS Cert management hides private keys, while letsencrypt K8S integration • Managed vs self-hosted • Self-hosted is more difficult to operate than managed • Data synchronization / replication • Cross-environment ingress management • Cross-environment operations
Gotchas and Considerations • Implementations are different • Functionality • SLA, QoS, Performance • Tuning • Managed services may be better tuned for hardware • Self-hosted services may be better tuned for applications • Examples • AWS EBS are AZ local • Letsencrypt certificate issuance rate limits
Takeaways • Kubernetes provides powerful and flexible infrastructure abstractions: PV, Ingress, Services etc • Kubernetes enables and simplifies usage of self- hosted resources and frameworks where managed ones are not available • Well-designed cloud native Kubernetes applications are portable, and easy to test, experiment, and configure
Q&A
Oleg Chunikhin Chief Technology Officer oleg@kublr.com Kublr | kublr.com Thank you!

Recomendados

Centralizing Kubernetes and Container Operations
Centralizing Kubernetes and Container OperationsCentralizing Kubernetes and Container Operations
Centralizing Kubernetes and Container Operations
Kublr
 
The Evolution of your Kubernetes Cluster
The Evolution of your Kubernetes ClusterThe Evolution of your Kubernetes Cluster
The Evolution of your Kubernetes Cluster
Kublr
 
Kubernetes data science and machine learning
Kubernetes data science and machine learningKubernetes data science and machine learning
Kubernetes data science and machine learning
Kublr
 
Setup Hybrid Clusters Using Kubernetes Federation
Setup Hybrid Clusters Using Kubernetes FederationSetup Hybrid Clusters Using Kubernetes Federation
Setup Hybrid Clusters Using Kubernetes Federation
inwin stack
 
Setup kubernetes federation between clusters
Setup kubernetes federation between clustersSetup kubernetes federation between clusters
Setup kubernetes federation between clusters
ssuser75c76a2
 
基於 K8S 開發的 FaaS 專案 - riff
基於 K8S 開發的 FaaS 專案 - riff基於 K8S 開發的 FaaS 專案 - riff
基於 K8S 開發的 FaaS 專案 - riff
inwin stack
 
Ports, pods and proxies
Ports, pods and proxiesPorts, pods and proxies
Ports, pods and proxies
LibbySchulze
 
Container Runtime Security with Falco, by NĂŠstor Salceda
Container Runtime Security with Falco, by NĂŠstor SalcedaContainer Runtime Security with Falco, by NĂŠstor Salceda
Container Runtime Security with Falco, by NĂŠstor Salceda
Cloud Native Day Tel Aviv
 

Recomendados

Centralizing Kubernetes and Container Operations
Centralizing Kubernetes and Container OperationsCentralizing Kubernetes and Container Operations
Centralizing Kubernetes and Container Operations
Kublr
 
The Evolution of your Kubernetes Cluster
The Evolution of your Kubernetes ClusterThe Evolution of your Kubernetes Cluster
The Evolution of your Kubernetes Cluster
Kublr
 
Kubernetes data science and machine learning
Kubernetes data science and machine learningKubernetes data science and machine learning
Kubernetes data science and machine learning
Kublr
 
Setup Hybrid Clusters Using Kubernetes Federation
Setup Hybrid Clusters Using Kubernetes FederationSetup Hybrid Clusters Using Kubernetes Federation
Setup Hybrid Clusters Using Kubernetes Federation
inwin stack
 
Setup kubernetes federation between clusters
Setup kubernetes federation between clustersSetup kubernetes federation between clusters
Setup kubernetes federation between clusters
ssuser75c76a2
 
基於 K8S 開發的 FaaS 專案 - riff
基於 K8S 開發的 FaaS 專案 - riff基於 K8S 開發的 FaaS 專案 - riff
基於 K8S 開發的 FaaS 專案 - riff
inwin stack
 
Ports, pods and proxies
Ports, pods and proxiesPorts, pods and proxies
Ports, pods and proxies
LibbySchulze
 
Container Runtime Security with Falco, by NĂŠstor Salceda
Container Runtime Security with Falco, by NĂŠstor SalcedaContainer Runtime Security with Falco, by NĂŠstor Salceda
Container Runtime Security with Falco, by NĂŠstor Salceda
Cloud Native Day Tel Aviv
 
StarlingX - A Platform for the Distributed Edge | Ildiko Vancsa
StarlingX - A Platform for the Distributed Edge | Ildiko VancsaStarlingX - A Platform for the Distributed Edge | Ildiko Vancsa
StarlingX - A Platform for the Distributed Edge | Ildiko Vancsa
Vietnam Open Infrastructure User Group
 
實際架構實踐演化與解決方案
實際架構實踐演化與解決方案實際架構實踐演化與解決方案
實際架構實踐演化與解決方案
Camel Camel
 
Kubernetes Networking 101
Kubernetes Networking 101Kubernetes Networking 101
Kubernetes Networking 101
Kublr
 
Service Discovery and Registration in a Microservices Architecture
Service Discovery and Registration in a Microservices ArchitectureService Discovery and Registration in a Microservices Architecture
Service Discovery and Registration in a Microservices Architecture
PLUMgrid
 
Secure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CI
Secure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CISecure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CI
Secure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CI
Mitchell Pronschinske
 
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18
CodeOps Technologies LLP
 
Virtualized Containers - How Good is it - Ananth - Siemens - CC18
Virtualized Containers - How Good is it - Ananth - Siemens - CC18Virtualized Containers - How Good is it - Ananth - Siemens - CC18
Virtualized Containers - How Good is it - Ananth - Siemens - CC18
CodeOps Technologies LLP
 
Container Orchestration
Container OrchestrationContainer Orchestration
Container Orchestration
dfilppi
 
Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...
Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...
Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...
Sanjeev Rampal
 
Tectonic Summit 2016: Brandon Philips, CTO of CoreOS, Keynote
Tectonic Summit 2016: Brandon Philips, CTO of CoreOS, KeynoteTectonic Summit 2016: Brandon Philips, CTO of CoreOS, Keynote
Tectonic Summit 2016: Brandon Philips, CTO of CoreOS, Keynote
CoreOS
 
Practical Guide to Securing Kubernetes
Practical Guide to Securing KubernetesPractical Guide to Securing Kubernetes
Practical Guide to Securing Kubernetes
Lacework
 
Build Robust Blockchain Services with Hyperledger and Containers
Build Robust Blockchain Services with Hyperledger and ContainersBuild Robust Blockchain Services with Hyperledger and Containers
Build Robust Blockchain Services with Hyperledger and Containers
LinuxCon ContainerCon CloudOpen China
 
Stateless and Stateful Services in Kubernetes - Mohit Saxena - Citrix - CC18
Stateless and Stateful Services in Kubernetes - Mohit Saxena - Citrix - CC18Stateless and Stateful Services in Kubernetes - Mohit Saxena - Citrix - CC18
Stateless and Stateful Services in Kubernetes - Mohit Saxena - Citrix - CC18
CodeOps Technologies LLP
 
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ... The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
Josef Adersberger
 
Istio on Kubernetes
Istio on KubernetesIstio on Kubernetes
Istio on Kubernetes
Daneyon Hansen
 
Sf bay area Kubernetes meetup dec8 2016 - deployment models
Sf bay area Kubernetes meetup dec8 2016 - deployment modelsSf bay area Kubernetes meetup dec8 2016 - deployment models
Sf bay area Kubernetes meetup dec8 2016 - deployment models
Peter Ss
 
A sail in the cloud
A sail in the cloudA sail in the cloud
A sail in the cloud
Kamesh Sampath
 
KURMA - A Containerized Container Platform - KubeCon 2016
KURMA - A Containerized Container Platform - KubeCon 2016KURMA - A Containerized Container Platform - KubeCon 2016
KURMA - A Containerized Container Platform - KubeCon 2016
Apcera
 
The Challenges of Becoming Cloud Native
The Challenges of Becoming Cloud NativeThe Challenges of Becoming Cloud Native
The Challenges of Becoming Cloud Native
Ben Hall
 
Ambassador Kubernetes-Native API Gateway
Ambassador Kubernetes-Native API GatewayAmbassador Kubernetes-Native API Gateway
Ambassador Kubernetes-Native API Gateway
Ambassador Labs
 
Application Portability with Kubernetes (k8)
Application Portability with Kubernetes (k8)Application Portability with Kubernetes (k8)
Application Portability with Kubernetes (k8)
Kublr
 
Azure Kubernetes Service 2019 ふりかえり
Azure Kubernetes Service 2019 ふりかえりAzure Kubernetes Service 2019 ふりかえり
Azure Kubernetes Service 2019 ふりかえり
Toru Makabe
 

Mais conteĂşdo relacionado

Mais procurados

Kubernetes Networking 101
Kubernetes Networking 101Kubernetes Networking 101
Kubernetes Networking 101
Kublr
 
Service Discovery and Registration in a Microservices Architecture
Service Discovery and Registration in a Microservices ArchitectureService Discovery and Registration in a Microservices Architecture
Service Discovery and Registration in a Microservices Architecture
PLUMgrid
 
Virtualized Containers - How Good is it - Ananth - Siemens - CC18
Virtualized Containers - How Good is it - Ananth - Siemens - CC18Virtualized Containers - How Good is it - Ananth - Siemens - CC18
Virtualized Containers - How Good is it - Ananth - Siemens - CC18
CodeOps Technologies LLP
 
Stateless and Stateful Services in Kubernetes - Mohit Saxena - Citrix - CC18
Stateless and Stateful Services in Kubernetes - Mohit Saxena - Citrix - CC18Stateless and Stateful Services in Kubernetes - Mohit Saxena - Citrix - CC18
Stateless and Stateful Services in Kubernetes - Mohit Saxena - Citrix - CC18
CodeOps Technologies LLP
 
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ... The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
Josef Adersberger
 
KURMA - A Containerized Container Platform - KubeCon 2016
KURMA - A Containerized Container Platform - KubeCon 2016KURMA - A Containerized Container Platform - KubeCon 2016
KURMA - A Containerized Container Platform - KubeCon 2016
Apcera
 

Mais procurados (20)

StarlingX - A Platform for the Distributed Edge | Ildiko Vancsa
StarlingX - A Platform for the Distributed Edge | Ildiko VancsaStarlingX - A Platform for the Distributed Edge | Ildiko Vancsa
StarlingX - A Platform for the Distributed Edge | Ildiko Vancsa
 
實際架構實踐演化與解決方案
實際架構實踐演化與解決方案實際架構實踐演化與解決方案
實際架構實踐演化與解決方案
 
Kubernetes Networking 101
Kubernetes Networking 101Kubernetes Networking 101
Kubernetes Networking 101
 
Service Discovery and Registration in a Microservices Architecture
Service Discovery and Registration in a Microservices ArchitectureService Discovery and Registration in a Microservices Architecture
Service Discovery and Registration in a Microservices Architecture
 
Secure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CI
Secure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CISecure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CI
Secure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CI
 
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18
 
Virtualized Containers - How Good is it - Ananth - Siemens - CC18
Virtualized Containers - How Good is it - Ananth - Siemens - CC18Virtualized Containers - How Good is it - Ananth - Siemens - CC18
Virtualized Containers - How Good is it - Ananth - Siemens - CC18
 
Container Orchestration
Container OrchestrationContainer Orchestration
Container Orchestration
 
Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...
Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...
Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...
 
Tectonic Summit 2016: Brandon Philips, CTO of CoreOS, Keynote
Tectonic Summit 2016: Brandon Philips, CTO of CoreOS, KeynoteTectonic Summit 2016: Brandon Philips, CTO of CoreOS, Keynote
Tectonic Summit 2016: Brandon Philips, CTO of CoreOS, Keynote
 
Practical Guide to Securing Kubernetes
Practical Guide to Securing KubernetesPractical Guide to Securing Kubernetes
Practical Guide to Securing Kubernetes
 
Build Robust Blockchain Services with Hyperledger and Containers
Build Robust Blockchain Services with Hyperledger and ContainersBuild Robust Blockchain Services with Hyperledger and Containers
Build Robust Blockchain Services with Hyperledger and Containers
 
Stateless and Stateful Services in Kubernetes - Mohit Saxena - Citrix - CC18
Stateless and Stateful Services in Kubernetes - Mohit Saxena - Citrix - CC18Stateless and Stateful Services in Kubernetes - Mohit Saxena - Citrix - CC18
Stateless and Stateful Services in Kubernetes - Mohit Saxena - Citrix - CC18
 
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ... The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
 
Istio on Kubernetes
Istio on KubernetesIstio on Kubernetes
Istio on Kubernetes
 
Sf bay area Kubernetes meetup dec8 2016 - deployment models
Sf bay area Kubernetes meetup dec8 2016 - deployment modelsSf bay area Kubernetes meetup dec8 2016 - deployment models
Sf bay area Kubernetes meetup dec8 2016 - deployment models
 
A sail in the cloud
A sail in the cloudA sail in the cloud
A sail in the cloud
 
KURMA - A Containerized Container Platform - KubeCon 2016
KURMA - A Containerized Container Platform - KubeCon 2016KURMA - A Containerized Container Platform - KubeCon 2016
KURMA - A Containerized Container Platform - KubeCon 2016
 
The Challenges of Becoming Cloud Native
The Challenges of Becoming Cloud NativeThe Challenges of Becoming Cloud Native
The Challenges of Becoming Cloud Native
 
Ambassador Kubernetes-Native API Gateway
Ambassador Kubernetes-Native API GatewayAmbassador Kubernetes-Native API Gateway
Ambassador Kubernetes-Native API Gateway
 

Semelhante a Application portability with kubernetes

Azure Kubernetes Service 2019 ふりかえり
Azure Kubernetes Service 2019 ふりかえりAzure Kubernetes Service 2019 ふりかえり
Azure Kubernetes Service 2019 ふりかえり
Toru Makabe
 
Amazon EKS 그리고 Service Mesh (김세호 솔루션즈 아키텍트, AWS) :: Gaming on AWS 2018
Amazon EKS 그리고 Service Mesh (김세호 솔루션즈 아키텍트, AWS) :: Gaming on AWS 2018Amazon EKS 그리고 Service Mesh (김세호 솔루션즈 아키텍트, AWS) :: Gaming on AWS 2018
Amazon EKS 그리고 Service Mesh (김세호 솔루션즈 아키텍트, AWS) :: Gaming on AWS 2018
Amazon Web Services Korea
 
Migrating Hundreds of Legacy Applications to Kubernetes - The Good, the Bad, ...
Migrating Hundreds of Legacy Applications to Kubernetes - The Good, the Bad, ...Migrating Hundreds of Legacy Applications to Kubernetes - The Good, the Bad, ...
Migrating Hundreds of Legacy Applications to Kubernetes - The Good, the Bad, ...
QAware GmbH
 
Accelerate Application Innovation Journey with Azure Kubernetes Service
Accelerate Application Innovation Journey with Azure Kubernetes Service Accelerate Application Innovation Journey with Azure Kubernetes Service
Accelerate Application Innovation Journey with Azure Kubernetes Service
WinWire Technologies Inc
 
Building a Cloud Native Service - Docker Meetup Santa Clara (July 20, 2017)
Building a Cloud Native Service - Docker Meetup Santa Clara (July 20, 2017)Building a Cloud Native Service - Docker Meetup Santa Clara (July 20, 2017)
Building a Cloud Native Service - Docker Meetup Santa Clara (July 20, 2017)
Yong Tang
 

Semelhante a Application portability with kubernetes (20)

Application Portability with Kubernetes (k8)
Application Portability with Kubernetes (k8)Application Portability with Kubernetes (k8)
Application Portability with Kubernetes (k8)
 
Azure Kubernetes Service 2019 ふりかえり
Azure Kubernetes Service 2019 ふりかえりAzure Kubernetes Service 2019 ふりかえり
Azure Kubernetes Service 2019 ふりかえり
 
Amazon EKS 그리고 Service Mesh (김세호 솔루션즈 아키텍트, AWS) :: Gaming on AWS 2018
Amazon EKS 그리고 Service Mesh (김세호 솔루션즈 아키텍트, AWS) :: Gaming on AWS 2018Amazon EKS 그리고 Service Mesh (김세호 솔루션즈 아키텍트, AWS) :: Gaming on AWS 2018
Amazon EKS 그리고 Service Mesh (김세호 솔루션즈 아키텍트, AWS) :: Gaming on AWS 2018
 
Migrating Hundreds of Legacy Applications to Kubernetes - The Good, the Bad, ...
Migrating Hundreds of Legacy Applications to Kubernetes - The Good, the Bad, ...Migrating Hundreds of Legacy Applications to Kubernetes - The Good, the Bad, ...
Migrating Hundreds of Legacy Applications to Kubernetes - The Good, the Bad, ...
 
Building Portable Applications with Kubernetes
Building Portable Applications with KubernetesBuilding Portable Applications with Kubernetes
Building Portable Applications with Kubernetes
 
Accelerate Application Innovation Journey with Azure Kubernetes Service
Accelerate Application Innovation Journey with Azure Kubernetes Service Accelerate Application Innovation Journey with Azure Kubernetes Service
Accelerate Application Innovation Journey with Azure Kubernetes Service
 
Service fabric and azure service fabric mesh
Service fabric and azure service fabric meshService fabric and azure service fabric mesh
Service fabric and azure service fabric mesh
 
Elastic Kubernetes Services (EKS)
Elastic Kubernetes Services (EKS)Elastic Kubernetes Services (EKS)
Elastic Kubernetes Services (EKS)
 
AWS re:Invent 2016: Introduction to Container Management on AWS (CON303)
AWS re:Invent 2016: Introduction to Container Management on AWS (CON303)AWS re:Invent 2016: Introduction to Container Management on AWS (CON303)
AWS re:Invent 2016: Introduction to Container Management on AWS (CON303)
 
DevOps and BigData Analytics
DevOps and BigData Analytics DevOps and BigData Analytics
DevOps and BigData Analytics
 
DevConf.cz - Introduction to Kubernetes Operators for Databases
DevConf.cz - Introduction to Kubernetes Operators for DatabasesDevConf.cz - Introduction to Kubernetes Operators for Databases
DevConf.cz - Introduction to Kubernetes Operators for Databases
 
Aws + kubernetes = ❤︎
Aws + kubernetes = ❤︎Aws + kubernetes = ❤︎
Aws + kubernetes = ❤︎
 
01 - VMUGIT - Lecce 2018 - Fabio Rapposelli, VMware
01 - VMUGIT - Lecce 2018 - Fabio Rapposelli, VMware01 - VMUGIT - Lecce 2018 - Fabio Rapposelli, VMware
01 - VMUGIT - Lecce 2018 - Fabio Rapposelli, VMware
 
Intro into Rook and Ceph on Kubernetes
Intro into Rook and Ceph on KubernetesIntro into Rook and Ceph on Kubernetes
Intro into Rook and Ceph on Kubernetes
 
OSDC 2017: Automating Kubernetes Cluster Operations with Operators by Timo De...
OSDC 2017: Automating Kubernetes Cluster Operations with Operators by Timo De...OSDC 2017: Automating Kubernetes Cluster Operations with Operators by Timo De...
OSDC 2017: Automating Kubernetes Cluster Operations with Operators by Timo De...
 
OSDC 2017 - Timo Derstappen - Automating kubernetes cluster operations with o...
OSDC 2017 - Timo Derstappen - Automating kubernetes cluster operations with o...OSDC 2017 - Timo Derstappen - Automating kubernetes cluster operations with o...
OSDC 2017 - Timo Derstappen - Automating kubernetes cluster operations with o...
 
Hybrid architecture solutions with kubernetes and the cloud native stack
Hybrid architecture solutions with kubernetes and the cloud native stackHybrid architecture solutions with kubernetes and the cloud native stack
Hybrid architecture solutions with kubernetes and the cloud native stack
 
Building a Cloud Native Service - Docker Meetup Santa Clara (July 20, 2017)
Building a Cloud Native Service - Docker Meetup Santa Clara (July 20, 2017)Building a Cloud Native Service - Docker Meetup Santa Clara (July 20, 2017)
Building a Cloud Native Service - Docker Meetup Santa Clara (July 20, 2017)
 
AKS
AKSAKS
AKS
 
Containers, orchestration and security, oh my!
Containers, orchestration and security, oh my!Containers, orchestration and security, oh my!
Containers, orchestration and security, oh my!
 

Último

%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
masabamasaba
 
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
masabamasaba
 
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Medical / Health Care (+971588192166) Mifepristone and Misoprostol tablets 200mg
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
panagenda
 
What Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationWhat Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the Situation
Juha-Pekka Tolvanen
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Steffen Staab
 
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
masabamasaba
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
masabamasaba
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
Health
 
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Medical / Health Care (+971588192166) Mifepristone and Misoprostol tablets 200mg
 
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
masabamasaba
 

Último (20)

Announcing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareAnnouncing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK Software
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
 
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
 
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
 
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
 
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
 
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
 
%in Benoni+277-882-255-28 abortion pills for sale in Benoni
%in Benoni+277-882-255-28 abortion pills for sale in Benoni%in Benoni+277-882-255-28 abortion pills for sale in Benoni
%in Benoni+277-882-255-28 abortion pills for sale in Benoni
 
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
What Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationWhat Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the Situation
 
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
 
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students
 
%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
 
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
 

Application portability with kubernetes

  • 2. Introductions Oleg Chunikhin CTO, Kublr • Nearly 20 years in the field of software architecture and development. • Joined Kublr in 2016. • Kublr is an enterprise Kubernetes management and operations platform that helps accelerate Kubernetes adoption and containerized applications management for enterprises.
  • 3. Software Portability Ability to be used in varying environments • Different clouds • Cloud, on-prem, hybrid • Different OS or OS flavors • Desktop, data center Why? • Move load quickly (geography, cost, features) • Lifecycle (dev / test / staging / production environments) • Disaster recovery • Split-tier architecture (application tiers may reside in different environments) • Cloud-bursting
  • 4. Portability Pre-requisites • Generalized abstraction between the application logic and system interfaces. • Application designed for portability • Technology stack and platform that support portability
  • 5. System Abstractions Application Database Exclusive FS Shared FS Routing SSL TermBalancing Messaging
  • 6. “Rich” Platform Application Routing SSL TermBalancing Platform or framework Platform or framework Database Exclusive FS Shared FS Messaging
  • 7. Not Quite as Rich a Platform Application ?Routing? ?SSL Term?Balancing Platform Platform ?Database? Exclusive FS Shared FS Messaging
  • 8. “Poor” Platform Application ?Routing? ?SSL Term??Balancing? Platform ?Database? Exclusive FS ?Shared FS? ?Messaging?
  • 11. Kubernetes to the Rescue Kubernetes is a portable container orchestration framework • Simple and powerful application abstraction – interconnected containers • Simple and flexible containers configuration and connections • Extensible framework and abstractions for traffic management processing • Service • Ingress and Ingress Controllers • Extensible framework and abstractions for storage management • Configuration templating tools: Helm, Ksonnet • Microservices and Serverless frameworks
  • 12. Kubernetes Abstractions Environment-provided and/or Self-hosted services K8S Container Orchestration Application Route ServiceIngress Service Mesh Serverless ConfigMap Secret PersistentVolume API Gateway NetworkPolicy Database Exclusive FS Shared FS Messaging Routing SSL TermBalancing ServerlessServiceMesh ContainerOrchestration
  • 13. Container Orchestration Master Node K8s master components: etcd, scheduler, api, controller K8s metadata Docker kubelet App data Infrastructure and application containers Infrastructure and application containers Overlay network K8s node components: overlay network, discovery, connectivity
  • 14. Service External node ports or external load balancer Kubernetes cluster Pod A-1 10.0.0.3 Pod A-2 10.0.1.5 Pod B-1 10.0.0.8 SrvB 10.7.0.3 Internal service SrvA 10.7.0.1 SrvC 10.7.0.5 Ext Resourc e
  • 15. Ingress Kubernetes cluster SrvA 10.7.0.1 SrvB 10.7.0.3 Ingress rule 1: abc.com/abc > SrvA Ingress rule 2: def.com/def > SrvB Pod A-1 Pod A-2 Pod B-1
  • 16. Ingress Controller Ingress controller implementations • AWS ALB • HAProxy • Nginx • Kong API Management • Letsencrypt • ... Edge / entry point / load balancer Kubernetes cluster SrvA 10.7.0.1 SrvB 10.7.0.3 Ingress controller Ingress rule 1: abc.com/abc > SrvA Ingress rule 2: def.com/def > SrvB Pod A-1 Pod A-2 Pod B-1
  • 17. Configurability and Persistence Pod Container 1 Container 2 Persistent Volume: NFS, Gluster, ceph, EBS, dir, etc Volume Volume Claim Volume Mount Volume Mount Config Map Secret Storage Class Static or dynamically allocated
  • 18. Service Mesh on Kubernetes Kubernetes Service B Infrastructu re and application containers Pod Envoy Svc B Service A Infrastructu re and application containers Pod Envoy Svc A HTTP, gRPC, TCP SSL or plain Istio Control Plane Pilot Mixer Auth HTTP, gRPC, TCP SSL or plain • Access control policies • Routing policies • Usage policies Tracing Dashboard Collector Istio, Conduit, Linkerd, Zipkin, Jaeger • Pilot • Service discovery for Envoy and traffic routing • Splitting: gradual (canary) rollout, A/B testing • Fault injection • Mirroring • Failure recovery: circuit breakers, retries, timeouts • Mixer • Per-request policies: access and usage control • Auth • Request authentication and encryption • Identity and credential management • Envoy • Request routing and processing; attributes • Zipkin/Jaeger, Prometheus/Grafana • Distributed request tracing • Monitoring
  • 19. Serverless on Kubernetes Kubernetes serverless Frameworks: • Fn • Fission • Kubeless Kubernetes Generic Executor Pod Controller HTTP, gRPC, TCP SSL or plain Specific Executor Pod BuilderRouter Pod Message queue (async calls)
  • 20. Serverless Abstraction Frameworks Kubernetes Generic Executor Pod Controller Specific Executor Pod BuilderRouter Pod Serverless
  • 21. Other resources Resource Managed Self-hosted / Portable File system/Files AWS EFS, EBS, S3; Azure Storage Rook/Ceph; Portworx; GlusterFS Database AWS RDS; Azure DB Vitess; MySql; Postgres TLS Certificates AWS Cert Mgmt; Azure Cert Mgmt Letsencrypt; K8S Cert Authority Messaging AWS SQS; Azure Messaging RabbitMQ; ActiveMQ; NATS API Management AWS API Mgmt; Azure API Mgmt Kong; Tyk Containers/K8S AWS EKS/ECS; Azure AKS/ACS Kubernetes
  • 22. Putting it all Together Application AWS EFS AWS EKS AWS ELB Amazon API Management AWS RDS AWS Lambda Application Vitess Kubeless Ingress Nginx Kong Rook/Ceph NAS Hardware LB Serverless
  • 23. Gotchas and Considerations • Abstractions leak • Ingress rules often use controller specific annotations • Implementations may defy abstractions • AWS Cert management hides private keys, while letsencrypt K8S integration • Managed vs self-hosted • Self-hosted is more difficult to operate than managed • Data synchronization / replication • Cross-environment ingress management • Cross-environment operations
  • 24. Gotchas and Considerations • Implementations are different • Functionality • SLA, QoS, Performance • Tuning • Managed services may be better tuned for hardware • Self-hosted services may be better tuned for applications • Examples • AWS EBS are AZ local • Letsencrypt certificate issuance rate limits
  • 25. Takeaways • Kubernetes provides powerful and flexible infrastructure abstractions: PV, Ingress, Services etc • Kubernetes enables and simplifies usage of self- hosted resources and frameworks where managed ones are not available • Well-designed cloud native Kubernetes applications are portable, and easy to test, experiment, and configure
  • 26. Q&A
  • 27. Oleg Chunikhin Chief Technology Officer oleg@kublr.com Kublr | kublr.com Thank you!

Notas do Editor

  1. Kublr CTO Building Kublr – a platform for managing Kubernetes clusters in an enterprise Feel free to ask questions as you have them
  2. As they say, good portability is a two way street. Application should be designed for portability, but technology stack and environments you use should support it too. We will focus on technology stack and environment, but here is also a brief note on application design.
  3. Those are also “hard problems”
  4. AWS, Azure
  5. Same platform differences … So platforms differ. Shell we limit ourselves to the least common denominator of the services available in different environments?
  6. Extreme ease and flexibility of component configurations and connections Container orchestration Abstractions and extensible framework for ingress traffic processing Service Ingress and Ingress Controllers Abstractions and extensible framework for storage management Volumes and Persistent Volumes Configuration templating tools Helm Microservices and Serverless frameworks
  7. Kubernetes Container Orchestration Infrastructure Abstraction
  8. Services: Intra-cluster communication baseline ingress
  9. Ingress – advanced ingress
  10. Ingress controller – ingress implementation adapter Generic nature of ingress – anything can be an implementation of ingress
  11. Application configuration information facilities Persistence abstraction