SlideShare une entreprise Scribd logo

Kubernetes in Production: Lessons Learnt

A
Arunvel Sriram

What does it feel like to run a high-traffic large scale application on Kubernetes, with 100+ Microservices and 1600+ Pods, handling 2K requests/second in production? Experience these developers’ journey through the Do’s, the Don'ts, the pains, the pleasures, and the Gotcha!’s to production.

Technologie
1  sur  25
Télécharger pour lire hors ligne
KUBERNETES IN PRODUCTION: LESSONS LEARNT 1
Introduction ● Kubernetes in production for 6+ months, handling 2K requests/second ● 100+ micro-services and 200+ components like Databases, cache stores and queues ● 1800+ pods ● New environment setup in weeks through automation ● Cost savings through optimum utilization of resources 2
Cluster Creation ● Cluster pod address range (cluster-ipv4-cidr) ○ Size ○ IP conflict between clusters in different Google Cloud Platform (GCP) projects ● Cluster type ○ Zonal ○ Regional ● Add storage class for SSD 3
Namespaces != Environments 4 Pod Staging Cluster ns Pod Pod Pod Cluster staging ns Pod PodPod production ns Pod PodPod Production Cluster ns Pod Pod Pod
Team as Namespace 5 Pod Pod Cluster platform ns Pod PodPod promotions ns Pod PodPod
Helm & Tiller 6
Global vs Namespace-scoped Tiller 7
Caveat: ClusterRoleBinding cannot be created using these tillers Global vs Namespace-scoped Tiller 8
CI/CD for Helm 9
Rolling Update & Readiness probe 10 Service V2 V1 V1 Service V2 V1 V1 Service V2 V1 V2 Service V2 V2 Deploy one instance of new version Attach to load balancer Delete one instance of old version Deploy one instance of new version Delete another instance of old version Service V2 V1 V1 Crash loop in new version V2 Unhealthy V2 Healthy maxSurge: 1 maxUnavailable: 1 minReadySeconds: 3
Database on containers ● High Availability is important in container world ○ Pods are not durable ● Use persistent volumes ● Statefulset - What & Why? ○ Ordered creation, deletion and scaling ○ Stable Identifier for pods ○ Each pod will have dedicated persistent volume 11
Database on containers 12 K8s Cluster Pod Pod Pod Statefulset MasterSlave 1 Slave 2 ● Statefulset alone is not enough for achieving High Availability ● Postgres cluster => Stolon ● Use pod anti-affinity to reduce impact of a node failure
Isolate Stateful & Stateless Apps ● Why? ○ Separation of concerns ○ Different resource consumption pattern for stateful and stateless apps ○ Apps undergo frequent updates while components does not ● Separate Node pool ● Separate Cluster ○ Consul and kube-consul-register for service discovery 13
Inter Cluster - Service Discovery 14
Resource Requests & Limits Requests: When Containers have resource requests specified, the K8s scheduler can make better decisions about which nodes to place Pods on. Limits: When Containers have their limits specified, contention for resources on a node can be handled in a better way by the K8s scheduler. 15
● How we approached? ○ Start with default requests and limits which is unlimited ○ Learn the patterns over time and introduce appropriate requests and limits ● Advantages: ○ Measure the full utilization requirement of each application separately ● Disadvantages: ○ Unbalanced pod scheduling and this led to resource crunch ○ Auto scaling of nodes in GKE doesn’t work Resource Requests & Limits 16
Monitoring in K8s ● Why it is important in container world? ● Tools: ○ Prometheus in K8s - Prometheus operator ○ Grafana ● Metrics exporters as separate pods: ○ Independent from the actual component ● Metrics exporters as sidecar of the component pod ○ Needs restart of actual component in case of an update 17
Monitoring in K8s 18 ● Dashboards ○ Node metrics ○ Node Pod metrics ○ Ingress controller ○ K8s API latency ○ K8s persistent volumes
Alerting in K8s ● Pods - crash loops, readiness ● Nodes - Restart, Kubelet process restart, Docker daemon restart ● Sudden CPU and Memory, Disk Utilization spikes of Pods and Nodes ○ Indicates anomaly ○ If resource consumption of a node goes beyond configured eviction policy then pods are evicted based on priority. 19
Monitoring & Alerting Setup 20 K8s Cluster Pod Pod Pod PodAlertManager Prometheus Monitoring & Alerting Node Pool Default node pool GrafanaSlack
Kubernetes API Gotchas ● Downtime during K8s master upgrades in GKE ○ Applications dependent on Kubernetes API are affected ○ Maintenance Window (Beta) - GKE allows to configure a 4 hour time frame window ● Reduce application runtime dependency on K8s API 21
GKE Limitations ● Only 16 disks can be attached per node ● Only 8 SSD disks can be attached per node ● Max of 50 internal load balancer is allowed per project in GKE ● Pod IP range decides the number of nodes ● No control over K8s master nodes 22
Development practices that help containerization ● Config - Store config in the environment ● Logs - Treat logs as event streams ○ Centralized logging - Stackdriver / ELK ● Processes - Execute app as one or more stateless processes ● Concurrency - Scale out via process model ● The Twelve-Factor App - https://12factor.net 23
QUESTIONS ? 24
25 THANK YOU Arunvel Sriram & Prabhu Jayakumar

Recommandé

Get started with Kubernetes on GKE
Get started with Kubernetes on GKEGet started with Kubernetes on GKE
Get started with Kubernetes on GKE
Zachary Russell
 
Kubernetes & Google Kubernetes Engine (GKE)
Kubernetes & Google Kubernetes Engine (GKE)Kubernetes & Google Kubernetes Engine (GKE)
Kubernetes & Google Kubernetes Engine (GKE)
Akash Agrawal
 
Google Kubernetes Engine (GKE) deep dive
Google Kubernetes Engine (GKE) deep diveGoogle Kubernetes Engine (GKE) deep dive
Google Kubernetes Engine (GKE) deep dive
Akash Agrawal
 
Google container engine (GKE)
Google container engine (GKE)Google container engine (GKE)
Google container engine (GKE)
Md. Sadhan Sarker
 
PuppetConf 2017: Zero to Kubernetes -Scott Coulton, Puppet
PuppetConf 2017: Zero to Kubernetes -Scott Coulton, PuppetPuppetConf 2017: Zero to Kubernetes -Scott Coulton, Puppet
PuppetConf 2017: Zero to Kubernetes -Scott Coulton, Puppet
Puppet
 
Kubernetes and OpenStack at Scale
Kubernetes and OpenStack at ScaleKubernetes and OpenStack at Scale
Kubernetes and OpenStack at Scale
Stephen Gordon
 
Kuberenetes - From Zero to Hero
Kuberenetes - From Zero to HeroKuberenetes - From Zero to Hero
Kuberenetes - From Zero to Hero
Ori Stoliar
 
Gluster: a SWOT Analysis
Gluster: a SWOT Analysis Gluster: a SWOT Analysis
Gluster: a SWOT Analysis
Gluster.org
 

Recommandé

Get started with Kubernetes on GKE
Get started with Kubernetes on GKEGet started with Kubernetes on GKE
Get started with Kubernetes on GKE
Zachary Russell
 
Kubernetes & Google Kubernetes Engine (GKE)
Kubernetes & Google Kubernetes Engine (GKE)Kubernetes & Google Kubernetes Engine (GKE)
Kubernetes & Google Kubernetes Engine (GKE)
Akash Agrawal
 
Google Kubernetes Engine (GKE) deep dive
Google Kubernetes Engine (GKE) deep diveGoogle Kubernetes Engine (GKE) deep dive
Google Kubernetes Engine (GKE) deep dive
Akash Agrawal
 
Google container engine (GKE)
Google container engine (GKE)Google container engine (GKE)
Google container engine (GKE)
Md. Sadhan Sarker
 
PuppetConf 2017: Zero to Kubernetes -Scott Coulton, Puppet
PuppetConf 2017: Zero to Kubernetes -Scott Coulton, PuppetPuppetConf 2017: Zero to Kubernetes -Scott Coulton, Puppet
PuppetConf 2017: Zero to Kubernetes -Scott Coulton, Puppet
Puppet
 
Kubernetes and OpenStack at Scale
Kubernetes and OpenStack at ScaleKubernetes and OpenStack at Scale
Kubernetes and OpenStack at Scale
Stephen Gordon
 
Kuberenetes - From Zero to Hero
Kuberenetes - From Zero to HeroKuberenetes - From Zero to Hero
Kuberenetes - From Zero to Hero
Ori Stoliar
 
Gluster: a SWOT Analysis
Gluster: a SWOT Analysis Gluster: a SWOT Analysis
Gluster: a SWOT Analysis
Gluster.org
 
Kubernetes Colorado - Kubernetes metrics deep dive 10/25/2017
Kubernetes Colorado - Kubernetes metrics deep dive 10/25/2017Kubernetes Colorado - Kubernetes metrics deep dive 10/25/2017
Kubernetes Colorado - Kubernetes metrics deep dive 10/25/2017
Bob Cotton
 
Towards a self automated CERN Cloud
Towards a self automated CERN CloudTowards a self automated CERN Cloud
Towards a self automated CERN Cloud
Jose Castro Leon
 
OW2con'16 Keynote address: Kubernetes, the rising tide of systems administrat...
OW2con'16 Keynote address: Kubernetes, the rising tide of systems administrat...OW2con'16 Keynote address: Kubernetes, the rising tide of systems administrat...
OW2con'16 Keynote address: Kubernetes, the rising tide of systems administrat...
OW2
 
GKE Tip Series - Usage Metering
GKE Tip Series - Usage MeteringGKE Tip Series - Usage Metering
GKE Tip Series - Usage Metering
Sreenivas Makam
 
KubeCon Prometheus Salon -- Kubernetes metrics deep dive
KubeCon Prometheus Salon -- Kubernetes metrics deep diveKubeCon Prometheus Salon -- Kubernetes metrics deep dive
KubeCon Prometheus Salon -- Kubernetes metrics deep dive
Bob Cotton
 
PuppetConf 2017: Cloud, Containers, Puppet and You- Carl Caum, Puppet
PuppetConf 2017: Cloud, Containers, Puppet and You- Carl Caum, PuppetPuppetConf 2017: Cloud, Containers, Puppet and You- Carl Caum, Puppet
PuppetConf 2017: Cloud, Containers, Puppet and You- Carl Caum, Puppet
Puppet
 
OpenShift.io on Gluster
OpenShift.io on GlusterOpenShift.io on Gluster
OpenShift.io on Gluster
mountpoint.io
 
Handling Kubernetes Resources
Handling Kubernetes ResourcesHandling Kubernetes Resources
Handling Kubernetes Resources
Olivier Boukili
 
Persistent Storage in Openshift using GlusterFS
Persistent Storage in Openshift using GlusterFSPersistent Storage in Openshift using GlusterFS
Persistent Storage in Openshift using GlusterFS
Humble Chirammal
 
Time series denver an introduction to prometheus
Time series denver an introduction to prometheusTime series denver an introduction to prometheus
Time series denver an introduction to prometheus
Bob Cotton
 
Containarized Gluster Storage in Kubernetes
Containarized Gluster Storage in KubernetesContainarized Gluster Storage in Kubernetes
Containarized Gluster Storage in Kubernetes
Neependra Khare
 
GlusterFS Containers
GlusterFS ContainersGlusterFS Containers
GlusterFS Containers
Mohamed Ashiq
 
Architectural caching patterns for kubernetes
Architectural caching patterns for kubernetesArchitectural caching patterns for kubernetes
Architectural caching patterns for kubernetes
Rafał Leszko
 
GDG London Workshop: Build GCP infrastructure with Terraform
GDG London Workshop: Build GCP infrastructure with Terraform GDG London Workshop: Build GCP infrastructure with Terraform
GDG London Workshop: Build GCP infrastructure with Terraform
Pradeep Bhadani
 
Kubernetes 1.12 Update and Container Security with Liz Rice
Kubernetes 1.12 Update and Container Security with Liz RiceKubernetes 1.12 Update and Container Security with Liz Rice
Kubernetes 1.12 Update and Container Security with Liz Rice
CloudOps2005
 
[WSO2Con USA 2018] Deploying Applications in K8S and Docker
[WSO2Con USA 2018] Deploying Applications in K8S and Docker[WSO2Con USA 2018] Deploying Applications in K8S and Docker
[WSO2Con USA 2018] Deploying Applications in K8S and Docker
WSO2
 
Ryan Betts [InfluxData] | InfluxDB Platform Performance | InfluxDays Virtual ...
Ryan Betts [InfluxData] | InfluxDB Platform Performance | InfluxDays Virtual ...Ryan Betts [InfluxData] | InfluxDB Platform Performance | InfluxDays Virtual ...
Ryan Betts [InfluxData] | InfluxDB Platform Performance | InfluxDays Virtual ...
InfluxData
 
How to manage Kubernetes at scale with just git
How to manage Kubernetes at scale with just git How to manage Kubernetes at scale with just git
How to manage Kubernetes at scale with just git
Weaveworks
 
Greenplum: A Pivotal Moment on Wall Street - Greenplum Summit 2018
Greenplum: A Pivotal Moment on Wall Street - Greenplum Summit 2018Greenplum: A Pivotal Moment on Wall Street - Greenplum Summit 2018
Greenplum: A Pivotal Moment on Wall Street - Greenplum Summit 2018
VMware Tanzu
 
20180503 kube con eu kubernetes metrics deep dive
20180503 kube con eu kubernetes metrics deep dive20180503 kube con eu kubernetes metrics deep dive
20180503 kube con eu kubernetes metrics deep dive
Bob Cotton
 
Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra...
Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra... Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra...
Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra...
HostedbyConfluent
 
Kubernetes and Cloud Native Update Q4 2018
Kubernetes and Cloud Native Update Q4 2018Kubernetes and Cloud Native Update Q4 2018
Kubernetes and Cloud Native Update Q4 2018
CloudOps2005
 

Contenu connexe

Tendances

Towards a self automated CERN Cloud
Towards a self automated CERN CloudTowards a self automated CERN Cloud
Towards a self automated CERN Cloud
Jose Castro Leon
 
KubeCon Prometheus Salon -- Kubernetes metrics deep dive
KubeCon Prometheus Salon -- Kubernetes metrics deep diveKubeCon Prometheus Salon -- Kubernetes metrics deep dive
KubeCon Prometheus Salon -- Kubernetes metrics deep dive
Bob Cotton
 
PuppetConf 2017: Cloud, Containers, Puppet and You- Carl Caum, Puppet
PuppetConf 2017: Cloud, Containers, Puppet and You- Carl Caum, PuppetPuppetConf 2017: Cloud, Containers, Puppet and You- Carl Caum, Puppet
PuppetConf 2017: Cloud, Containers, Puppet and You- Carl Caum, Puppet
Puppet
 
20180503 kube con eu kubernetes metrics deep dive
20180503 kube con eu kubernetes metrics deep dive20180503 kube con eu kubernetes metrics deep dive
20180503 kube con eu kubernetes metrics deep dive
Bob Cotton
 

Tendances (20)

Kubernetes Colorado - Kubernetes metrics deep dive 10/25/2017
Kubernetes Colorado - Kubernetes metrics deep dive 10/25/2017Kubernetes Colorado - Kubernetes metrics deep dive 10/25/2017
Kubernetes Colorado - Kubernetes metrics deep dive 10/25/2017
 
Towards a self automated CERN Cloud
Towards a self automated CERN CloudTowards a self automated CERN Cloud
Towards a self automated CERN Cloud
 
OW2con'16 Keynote address: Kubernetes, the rising tide of systems administrat...
OW2con'16 Keynote address: Kubernetes, the rising tide of systems administrat...OW2con'16 Keynote address: Kubernetes, the rising tide of systems administrat...
OW2con'16 Keynote address: Kubernetes, the rising tide of systems administrat...
 
GKE Tip Series - Usage Metering
GKE Tip Series - Usage MeteringGKE Tip Series - Usage Metering
GKE Tip Series - Usage Metering
 
KubeCon Prometheus Salon -- Kubernetes metrics deep dive
KubeCon Prometheus Salon -- Kubernetes metrics deep diveKubeCon Prometheus Salon -- Kubernetes metrics deep dive
KubeCon Prometheus Salon -- Kubernetes metrics deep dive
 
PuppetConf 2017: Cloud, Containers, Puppet and You- Carl Caum, Puppet
PuppetConf 2017: Cloud, Containers, Puppet and You- Carl Caum, PuppetPuppetConf 2017: Cloud, Containers, Puppet and You- Carl Caum, Puppet
PuppetConf 2017: Cloud, Containers, Puppet and You- Carl Caum, Puppet
 
OpenShift.io on Gluster
OpenShift.io on GlusterOpenShift.io on Gluster
OpenShift.io on Gluster
 
Handling Kubernetes Resources
Handling Kubernetes ResourcesHandling Kubernetes Resources
Handling Kubernetes Resources
 
Persistent Storage in Openshift using GlusterFS
Persistent Storage in Openshift using GlusterFSPersistent Storage in Openshift using GlusterFS
Persistent Storage in Openshift using GlusterFS
 
Time series denver an introduction to prometheus
Time series denver an introduction to prometheusTime series denver an introduction to prometheus
Time series denver an introduction to prometheus
 
Containarized Gluster Storage in Kubernetes
Containarized Gluster Storage in KubernetesContainarized Gluster Storage in Kubernetes
Containarized Gluster Storage in Kubernetes
 
GlusterFS Containers
GlusterFS ContainersGlusterFS Containers
GlusterFS Containers
 
Architectural caching patterns for kubernetes
Architectural caching patterns for kubernetesArchitectural caching patterns for kubernetes
Architectural caching patterns for kubernetes
 
GDG London Workshop: Build GCP infrastructure with Terraform
GDG London Workshop: Build GCP infrastructure with Terraform GDG London Workshop: Build GCP infrastructure with Terraform
GDG London Workshop: Build GCP infrastructure with Terraform
 
Kubernetes 1.12 Update and Container Security with Liz Rice
Kubernetes 1.12 Update and Container Security with Liz RiceKubernetes 1.12 Update and Container Security with Liz Rice
Kubernetes 1.12 Update and Container Security with Liz Rice
 
[WSO2Con USA 2018] Deploying Applications in K8S and Docker
[WSO2Con USA 2018] Deploying Applications in K8S and Docker[WSO2Con USA 2018] Deploying Applications in K8S and Docker
[WSO2Con USA 2018] Deploying Applications in K8S and Docker
 
Ryan Betts [InfluxData] | InfluxDB Platform Performance | InfluxDays Virtual ...
Ryan Betts [InfluxData] | InfluxDB Platform Performance | InfluxDays Virtual ...Ryan Betts [InfluxData] | InfluxDB Platform Performance | InfluxDays Virtual ...
Ryan Betts [InfluxData] | InfluxDB Platform Performance | InfluxDays Virtual ...
 
How to manage Kubernetes at scale with just git
How to manage Kubernetes at scale with just git How to manage Kubernetes at scale with just git
How to manage Kubernetes at scale with just git
 
Greenplum: A Pivotal Moment on Wall Street - Greenplum Summit 2018
Greenplum: A Pivotal Moment on Wall Street - Greenplum Summit 2018Greenplum: A Pivotal Moment on Wall Street - Greenplum Summit 2018
Greenplum: A Pivotal Moment on Wall Street - Greenplum Summit 2018
 
20180503 kube con eu kubernetes metrics deep dive
20180503 kube con eu kubernetes metrics deep dive20180503 kube con eu kubernetes metrics deep dive
20180503 kube con eu kubernetes metrics deep dive
 

Similaire à Kubernetes in Production: Lessons Learnt

Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra...
Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra... Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra...
Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra...
HostedbyConfluent
 
[WSO2Con EU 2018] Deploying Applications in K8S and Docker
[WSO2Con EU 2018] Deploying Applications in K8S and Docker[WSO2Con EU 2018] Deploying Applications in K8S and Docker
[WSO2Con EU 2018] Deploying Applications in K8S and Docker
WSO2
 
Netflix Container Scheduling and Execution - QCon New York 2016
Netflix Container Scheduling and Execution - QCon New York 2016Netflix Container Scheduling and Execution - QCon New York 2016
Netflix Container Scheduling and Execution - QCon New York 2016
aspyker
 
Benchmarking your cloud performance with top 4 global public clouds
Benchmarking your cloud performance with top 4 global public cloudsBenchmarking your cloud performance with top 4 global public clouds
Benchmarking your cloud performance with top 4 global public clouds
data://disrupted®
 
The ultimate Kubernetes Deployment Checklist - Infra to Microservices
The ultimate Kubernetes Deployment Checklist - Infra to MicroservicesThe ultimate Kubernetes Deployment Checklist - Infra to Microservices
The ultimate Kubernetes Deployment Checklist - Infra to Microservices
Prakarsh -
 
Scalable Clusters On Demand
Scalable Clusters On DemandScalable Clusters On Demand
Scalable Clusters On Demand
Bogdan Kyryliuk
 

Similaire à Kubernetes in Production: Lessons Learnt (20)

Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra...
Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra... Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra...
Disaster Recovery Options Running Apache Kafka in Kubernetes with Rema Subra...
 
Kubernetes and Cloud Native Update Q4 2018
Kubernetes and Cloud Native Update Q4 2018Kubernetes and Cloud Native Update Q4 2018
Kubernetes and Cloud Native Update Q4 2018
 
Deploying WSO2 API Manager in Production-Grade Kubernetes
Deploying WSO2 API Manager in Production-Grade KubernetesDeploying WSO2 API Manager in Production-Grade Kubernetes
Deploying WSO2 API Manager in Production-Grade Kubernetes
 
Webinar: Building a multi-cloud Kubernetes storage on GitLab
Webinar: Building a multi-cloud Kubernetes storage on GitLabWebinar: Building a multi-cloud Kubernetes storage on GitLab
Webinar: Building a multi-cloud Kubernetes storage on GitLab
 
Container orchestration and microservices world
Container orchestration and microservices worldContainer orchestration and microservices world
Container orchestration and microservices world
 
[WSO2Con EU 2018] Deploying Applications in K8S and Docker
[WSO2Con EU 2018] Deploying Applications in K8S and Docker[WSO2Con EU 2018] Deploying Applications in K8S and Docker
[WSO2Con EU 2018] Deploying Applications in K8S and Docker
 
Cloud Native Use Cases / Case Studies - KubeCon 2019 San Diego - RECAP
Cloud Native Use Cases / Case Studies - KubeCon 2019 San Diego - RECAPCloud Native Use Cases / Case Studies - KubeCon 2019 San Diego - RECAP
Cloud Native Use Cases / Case Studies - KubeCon 2019 San Diego - RECAP
 
OpenEBS hangout #4
OpenEBS hangout #4OpenEBS hangout #4
OpenEBS hangout #4
 
Netflix Container Scheduling and Execution - QCon New York 2016
Netflix Container Scheduling and Execution - QCon New York 2016Netflix Container Scheduling and Execution - QCon New York 2016
Netflix Container Scheduling and Execution - QCon New York 2016
 
Scheduling a fuller house - Talk at QCon NY 2016
Scheduling a fuller house - Talk at QCon NY 2016Scheduling a fuller house - Talk at QCon NY 2016
Scheduling a fuller house - Talk at QCon NY 2016
 
Docker on docker leveraging kubernetes in docker ee
Docker on docker leveraging kubernetes in docker eeDocker on docker leveraging kubernetes in docker ee
Docker on docker leveraging kubernetes in docker ee
 
Kubernetes from scratch at veepee sysadmins days 2019
Kubernetes from scratch at veepee sysadmins days 2019Kubernetes from scratch at veepee sysadmins days 2019
Kubernetes from scratch at veepee sysadmins days 2019
 
[WSO2Con Asia 2018] Deploying Applications in K8S and Docker
[WSO2Con Asia 2018] Deploying Applications in K8S and Docker[WSO2Con Asia 2018] Deploying Applications in K8S and Docker
[WSO2Con Asia 2018] Deploying Applications in K8S and Docker
 
Google Kubernetes Engine Deep Dive Meetup
Google Kubernetes Engine Deep Dive MeetupGoogle Kubernetes Engine Deep Dive Meetup
Google Kubernetes Engine Deep Dive Meetup
 
Benchmarking your cloud performance with top 4 global public clouds
Benchmarking your cloud performance with top 4 global public cloudsBenchmarking your cloud performance with top 4 global public clouds
Benchmarking your cloud performance with top 4 global public clouds
 
The ultimate Kubernetes Deployment Checklist - Infra to Microservices
The ultimate Kubernetes Deployment Checklist - Infra to MicroservicesThe ultimate Kubernetes Deployment Checklist - Infra to Microservices
The ultimate Kubernetes Deployment Checklist - Infra to Microservices
 
Proteon - DevOps Live 2019 - OpenShift Pitfalls
Proteon - DevOps Live 2019 - OpenShift PitfallsProteon - DevOps Live 2019 - OpenShift Pitfalls
Proteon - DevOps Live 2019 - OpenShift Pitfalls
 
Scalable Clusters On Demand
Scalable Clusters On DemandScalable Clusters On Demand
Scalable Clusters On Demand
 
Red Hat Summit 2018 5 New High Performance Features in OpenShift
Red Hat Summit 2018 5 New High Performance Features in OpenShiftRed Hat Summit 2018 5 New High Performance Features in OpenShift
Red Hat Summit 2018 5 New High Performance Features in OpenShift
 
Introduction to rook
Introduction to rookIntroduction to rook
Introduction to rook
 

Dernier

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 

Dernier (20)

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 

Kubernetes in Production: Lessons Learnt

  • 2. Introduction ● Kubernetes in production for 6+ months, handling 2K requests/second ● 100+ micro-services and 200+ components like Databases, cache stores and queues ● 1800+ pods ● New environment setup in weeks through automation ● Cost savings through optimum utilization of resources 2
  • 3. Cluster Creation ● Cluster pod address range (cluster-ipv4-cidr) ○ Size ○ IP conflict between clusters in different Google Cloud Platform (GCP) projects ● Cluster type ○ Zonal ○ Regional ● Add storage class for SSD 3
  • 4. Namespaces != Environments 4 Pod Staging Cluster ns Pod Pod Pod Cluster staging ns Pod PodPod production ns Pod PodPod Production Cluster ns Pod Pod Pod
  • 5. Team as Namespace 5 Pod Pod Cluster platform ns Pod PodPod promotions ns Pod PodPod
  • 8. Caveat: ClusterRoleBinding cannot be created using these tillers Global vs Namespace-scoped Tiller 8
  • 10. Rolling Update & Readiness probe 10 Service V2 V1 V1 Service V2 V1 V1 Service V2 V1 V2 Service V2 V2 Deploy one instance of new version Attach to load balancer Delete one instance of old version Deploy one instance of new version Delete another instance of old version Service V2 V1 V1 Crash loop in new version V2 Unhealthy V2 Healthy maxSurge: 1 maxUnavailable: 1 minReadySeconds: 3
  • 11. Database on containers ● High Availability is important in container world ○ Pods are not durable ● Use persistent volumes ● Statefulset - What & Why? ○ Ordered creation, deletion and scaling ○ Stable Identifier for pods ○ Each pod will have dedicated persistent volume 11
  • 12. Database on containers 12 K8s Cluster Pod Pod Pod Statefulset MasterSlave 1 Slave 2 ● Statefulset alone is not enough for achieving High Availability ● Postgres cluster => Stolon ● Use pod anti-affinity to reduce impact of a node failure
  • 13. Isolate Stateful & Stateless Apps ● Why? ○ Separation of concerns ○ Different resource consumption pattern for stateful and stateless apps ○ Apps undergo frequent updates while components does not ● Separate Node pool ● Separate Cluster ○ Consul and kube-consul-register for service discovery 13
  • 14. Inter Cluster - Service Discovery 14
  • 15. Resource Requests & Limits Requests: When Containers have resource requests specified, the K8s scheduler can make better decisions about which nodes to place Pods on. Limits: When Containers have their limits specified, contention for resources on a node can be handled in a better way by the K8s scheduler. 15
  • 16. ● How we approached? ○ Start with default requests and limits which is unlimited ○ Learn the patterns over time and introduce appropriate requests and limits ● Advantages: ○ Measure the full utilization requirement of each application separately ● Disadvantages: ○ Unbalanced pod scheduling and this led to resource crunch ○ Auto scaling of nodes in GKE doesn’t work Resource Requests & Limits 16
  • 17. Monitoring in K8s ● Why it is important in container world? ● Tools: ○ Prometheus in K8s - Prometheus operator ○ Grafana ● Metrics exporters as separate pods: ○ Independent from the actual component ● Metrics exporters as sidecar of the component pod ○ Needs restart of actual component in case of an update 17
  • 18. Monitoring in K8s 18 ● Dashboards ○ Node metrics ○ Node Pod metrics ○ Ingress controller ○ K8s API latency ○ K8s persistent volumes
  • 19. Alerting in K8s ● Pods - crash loops, readiness ● Nodes - Restart, Kubelet process restart, Docker daemon restart ● Sudden CPU and Memory, Disk Utilization spikes of Pods and Nodes ○ Indicates anomaly ○ If resource consumption of a node goes beyond configured eviction policy then pods are evicted based on priority. 19
  • 20. Monitoring & Alerting Setup 20 K8s Cluster Pod Pod Pod PodAlertManager Prometheus Monitoring & Alerting Node Pool Default node pool GrafanaSlack
  • 21. Kubernetes API Gotchas ● Downtime during K8s master upgrades in GKE ○ Applications dependent on Kubernetes API are affected ○ Maintenance Window (Beta) - GKE allows to configure a 4 hour time frame window ● Reduce application runtime dependency on K8s API 21
  • 22. GKE Limitations ● Only 16 disks can be attached per node ● Only 8 SSD disks can be attached per node ● Max of 50 internal load balancer is allowed per project in GKE ● Pod IP range decides the number of nodes ● No control over K8s master nodes 22
  • 23. Development practices that help containerization ● Config - Store config in the environment ● Logs - Treat logs as event streams ○ Centralized logging - Stackdriver / ELK ● Processes - Execute app as one or more stateless processes ● Concurrency - Scale out via process model ● The Twelve-Factor App - https://12factor.net 23