The Evolution of your Kubernetes Cluster

•Télécharger en tant que PPTX, PDF•

0 j'aime•124 vues

From a skunk-works project to running the entire enterprise While developers see and realize the benefits of Kubernetes, how it improves efficiencies, saves time, and enables focus on the unique business requirements of each project; InfoSec, infrastructure, and software operations teams still face challenges when managing a new set of tools and technologies, and integrating them into an existing enterprise infrastructure. In this meetup, Chris, CTO at Tigera, and Oleg, CTO at Kublr, discussed the evolution of your Kubernetes cluster - from a skunk-works project to running the entire enterprise.

Technologie

The Evolution of Your Kubernetes Cluster
From a Skunk-Works Project to Running the Entire Enterprise
Oleg Chunikhin | CTO, Kublr

Introductions
Oleg Chunikhin
CTO, Kublr
• 20 years in software architecture & development
• Working w/ Kubernetes since its release in 2015
• Software architect behind Kublr—an enterprise
ready container management platform
• Twitter @olgch

History
• Custom software development company
• Dozens of projects per year
• Varying target environments: clouds, on-prem,
hybrid
• Recurring need for unified application delivery
and ops platform w/ monitoring, logs, security,
multiple env, ...
@olgch; @kublr

Docker and Kubernetes to the Rescue
• Docker is great, but local
• Kubernetes is great... when it is up and running
• Who sets up and operates K8S clusters?
• Who takes care of operational aspects at scale?
• How do you provide governance and ensure
compliance?
@olgch; @kublr

Enterprise Kubernetes Needs
Developers SRE/Ops/DevOps/SecOps
• Self-service
• Compatible
• Conformant
• Configurable
• Open & Flexible
• Governance
• Org multi-tenancy
• Single pane of glass
• Operations
• Monitoring
• Log collection
• Image management
• Identity management
• Security
• Reliability
• Performance
• Portability
@olgch; @kublr

@olgch; @kublr
Automation
Ingress
Custom
Clusters
Infrastructure
Logging Monitoring
Observability
API
Usage
Reporting
RBAC IAM
Air Gap TLS
Certificate
Rotation
Audit
Storage Networking Container
Registry
CI / CD App Mgmt
Infrastructure
Container Runtime Kubernetes
OPERATIONS SECURITY &
GOVERNANCE

Central Control Plane: Operations
K8S Clusters
Cloud(s)
Data
center
API UI
Log collection
Operations
Monitoring
Authn and authz, SSO, federation
Audit Image Repo
Infrastructure management
Backup & DR
Dev
K8S API
Cloud API
Prod
PoC
Dev
@olgch; @kublr

Central Control Plane: Operations
@olgch; @kublr

Talking Points
Self-service and Governance
• Resource quotas and limits
Deployment and Day 2 Ops
• Infrastructure, portability
• Storage/data, image mgmt, CI/CD
Visibility/Observability
• Asset visibility and ownership
• Log collection/monitoring/tracing
• Network & flow logging (IP
ephemerality)
Security and AAA
• IaM
• RBAC and Network Policy
• Container scanning, signing, governance
• Underlying OS and updates
• Underlying platform security (e.g.
SElinux)
Legacy & Enterprise integration
• RBAC, IaM
• Legacy network enforcement integration
@olgch; @kublr

Oleg Chunikhin
Chief Technology Officer
oleg@kublr.com
@olgch
Kublr | kublr.com
@kublr
Signup for our newsletter
at kublr.com
@olgch; @kublr

Contenu connexe

Tendances

Installing Kubernetes is easy. Ensuring it complies with your organization’s enterprise governance and security requirements isn’t. How do you use the technologies while meeting enterprise security requirements? We'll summarize common prerequisites for running Kubernetes in production, and how to leverage fine-grained controls and separation of responsibilities to meet enterprise governance and security needs. This deck includes basic requirements for audit, security, authentication, authorization, integration with existing identity broker, logging, and monitoring. Additionally, we'll go into whether cloud-hosted Kubernetes cover these requirements, how to integrate a compliant Kubernetes installation with their existing cloud infrastructure and how to handle cross-team communication (network/compute/storage/security). Since on-premise Kubernetes deployments have their challenges, limitations of a bare-metal installation, interactions with vSphere’s API, achieving HA, reliability and disaster recovery, as well as handling OS upgrades, security patches, and Kubernetes upgrades are also considered.

Kubernetes in Highly Restrictive Environments

Kublr

Openstack days sv building highly available services using kubernetes (preso)

Allan Naim

Meeting the Needs of Enterprise Governance and Security Installing Kubernetes is easy. Ensuring it complies with your organization’s enterprise governance and security requirements isn’t. During this webinar, Oleg will explain how to use Kubernetes while meeting enterprise requirements. In this technically-focused talk, he’ll summarize common prerequisites for running Kubernetes in production, and how to leverage fine-grained controls and separation of responsibilities to meet enterprise governance and security needs. The presentation will include basic requirements for audit, security, authentication, authorization, integration with existing identity management, logging, and monitoring. Because on-premise Kubernetes deployments don’t come without their challenges, Oleg will cover the limitations of a bare-metal installation, interactions with vSphere’s API, achieving HA, reliability and disaster recovery, as well as handling OS upgrades, security patches, and Kubernetes upgrades. He’ll close with a quick outlook of what’s next, including infrastructure as code, immutable infrastructure, and GitOps.

How to Run Kubernetes in Restrictive Environments

Kublr

Kubernetes is a fast-paced project and things move really fast. In deploying applications, you have several options like raw YAML files, Helm, or Operator but what are the pros and cons of each? This talk will explore the right ways to manage your production applications through seamless installation, the patch fixes, and upgrades. Several demos will be used on a live cluster to illustrate how things can be done the right way that makes life very easy for the DevOps.

Managing kubernetes deployment with operators

Cloud Technology Experts

Setup Hybrid Clusters Using Kubernetes Federation

inwin stack

In a microservices world, applications consist of dozens, hundreds, or even thousands of components. Manually deploying and verifying deployment quality in production is virtually impossible. Kubernetes, which natively supports rolling updates, enables blue-green application deployments with Spinnaker. However, the gradual rollout is a feature that doesn’t come out-of-the-box but can be achieved by adding Istio and Prometheus to the equation. During this meetup, Slava will discuss canary release implementations on Kubernetes with Spinnaker, Istio, and Prometheus. He’ll examine the role of each tool in the process and how they are all connected. During a demo, he will demonstrate a successful and failed canary release, and how these tools enable IT teams, to properly roll out changes to their customer base without any downtime.

Canary Releases on Kubernetes with Spinnaker, Istio, & Prometheus (2020)

Kublr

Spinnaker on Kubernetes

Jinwoong Kim

Kyverno is a CNCF Sandbox Project Created by Nirmata. Kyverno is a policy engine designed for Kubernetes. With Kyverno, policies are managed as Kubernetes resources and no new language is required to write policies. This allows using familiar tools such as kubectl, git, and kustomize to manage policies. Kyverno policies can validate, mutate, and generate Kubernetes resources. The Kyverno CLI can be used to test policies and validate resources as part of a CI/CD pipeline. In this session Shuting Zhao and Jim Bugwadia, both of whom are Kyverno maintainers will provide an overview of Kyverno and describe how you can get started with using it.

Securing and Automating Kubernetes with Kyverno

Saim Safder

[Spark Summit 2017 NA] Apache Spark on Kubernetes

Timothy Chen

Nodeless and serverless kubernetes

Nills Franssens

Running I/O intensive workloads on Kubernetes, by Nati Shalom

Cloud Native Day Tel Aviv

In any Cloud Native architecture there’s a seemingly endless stream of events that happen at each layer. These events can be used to detect abnormal activity and possible security incidents, as well as providing an audit trail of activity. In this talk we’ll cover how we extended Falco to ingest events beyond just host system calls, such as Kubernetes audit events or even application level events. We will also show how to create Falco rules to detect behaviors in these new event streams. We show how we implemented Kubernetes audit events in Falco, and how to configure the event stream.

Container Runtime Security with Falco, by Néstor Salceda

Cloud Native Day Tel Aviv

Cncf event driven autoscaling with keda

JurajHantk

Advanced Scheduling in Kubernetes

Kublr

AWS Summit Singapore 2019 | Autoscaling Your Kubernetes Workloads

AWS Summits

使用 Prometheus 監控 Kubernetes Cluster

inwin stack

Kubernetes 1.16 and rancher 2.3 enhancements

Saiyam Pathak

Many companies are experiencing a dramatic increase in the number of their Kubernetes clusters, for reasons such as geographical/legislative constraints, data/service replication, etc. However, when the number of clusters increases, the complexity of deploying apps, managing the entire multi-cluster infrastructure, and keeping its state under control, becomes rapidly an unmanageable problem. A possible solution is Liqo, an open-source project that simplifies the creation of multi-cluster topologies by replicating the Kubernetes “cattle” model also to clusters. Liqo creates a virtual cluster that spans multiple real clusters, either on-prem or managed (AKS, EKS, GKE), and instantiates the desired applications seamlessly in the appropriate cluster. This talk will discuss the potentials and roadblocks of this vision and highlight how Liqo brings multi- cluster transparency to the users.

Multi-Clusters Made Easy with Liqo: Getting Rid of Your Clusters Keeping Them...

KCDItaly

Kubernetes scheduling and QoS

Cloud Technology Experts

The recent constraints on businesses have pushed organizations to accelerate their plans for moving operations to the digital world—often shrinking timelines from years to months. Microservice architecture (MSA) is critical to accomplish fast innovation and the APIs exposed from microservices should be secured, managed, observed and monetized. All these steps require significant time. Kubernetes is designed for automation. The Operator pattern captures how you can write code and extend the Kubernetes cluster to automate a task going beyond its out-of-the-box capabilities. In this session, Lakmal will demonstrate and share his experience of how to automate microservice to API by introducing a Kubernetes Operator that works together with an API Management system while enhancing the developer experience.

[Lakmal] Automate Microservice to API

Lakmal Warusawithana

Tendances (20)

Kubernetes in Highly Restrictive Environments

Openstack days sv building highly available services using kubernetes (preso)

How to Run Kubernetes in Restrictive Environments

Managing kubernetes deployment with operators

Setup Hybrid Clusters Using Kubernetes Federation

Canary Releases on Kubernetes with Spinnaker, Istio, & Prometheus (2020)

Spinnaker on Kubernetes

Securing and Automating Kubernetes with Kyverno

[Spark Summit 2017 NA] Apache Spark on Kubernetes

Nodeless and serverless kubernetes

Running I/O intensive workloads on Kubernetes, by Nati Shalom

Container Runtime Security with Falco, by Néstor Salceda

Cncf event driven autoscaling with keda

Advanced Scheduling in Kubernetes

AWS Summit Singapore 2019 | Autoscaling Your Kubernetes Workloads

使用 Prometheus 監控 Kubernetes Cluster

Kubernetes 1.16 and rancher 2.3 enhancements

Multi-Clusters Made Easy with Liqo: Getting Rid of Your Clusters Keeping Them...

Kubernetes scheduling and QoS

[Lakmal] Automate Microservice to API

Similaire à The Evolution of your Kubernetes Cluster

An application path to production does not end with a deployment, even if you are using Kubernetes (K8s) as your application deployment platform. Reliable BCDR (backup and disaster recovery) plan and framework is a must for any production-ready system. This presentation accompanies meetups and webinars in which Oleg Chunikhin, CTO at Kublr, shows how Velero BCDR framework works and demonstrates how it can be used to backup and recover realistic applications running on Kubernetes in different clouds and environments. What is covered: - general notions of Kubernetes applications BCDR - Velero BCDR framework - demo Velero BCDR for stateful applications running on AWS and Azure clouds - demo Velero BCDR using Strimzi / Kafka cluster and ArgoCD CI/CD manager as example application

Multi-cloud Kubernetes BCDR with Velero

Kublr

DevOpsDays Houston 2019 - Terry Shea - Centralizing Kubernetes Operations

DevOpsDays Houston

How to establish Kubernetes as your infrastructure for a truly cloud native environment for optimal productivity and cost. Using Kublr for infrastructure as code approach for fast, reliable and inexpensive production-ready DevOps environment setup bringing together a combination of technologies - Kubernetes; AWS Mixed Instance Policies, Spot Instances and availability zones; AWS EFS; Nexus and Jenkins. Best practices based on open source tools such as Nexus and Jenkins. How to tackle build process dilemmas and difficulties including managing dependencies, hermetic builds and build scripts.

Portable CI/CD Environment as Code with Kubernetes, Kublr and Jenkins

Kublr

Self-healing does not equal self-healing. There are multiple layers to it, whether a self-healing infrastructure, cluster, pods, or Kubernetes. Kubernetes itself ensures self-healing pods. But how do you ensure your applications, whose reliability depends on every single layer, are truly reliable? In this presentation we discuss aspects of reliability and self-healing in the different layers of a comprehensive container management stack; what Kubernetes does and doesn't do (at least not by default), and what you should look out for to ensure true reliable applications.

Kubernetes stack reliability

Oleg Chunikhin

Self-healing does not equal self-healing. There are multiple layers to it, whether a self-healing infrastructure, cluster, pods, or Kubernetes. Kubernetes itself ensures self-healing pods. But how do you ensure your applications, whose reliability depends on every single layer, are truly reliable? This presentation covers the different self-healing layers, what Kubernetes does and doesn't do (at least not by default), and what you should look out for to ensure true reliable applications. Hint: infrastructure provisioning plays a key role.

How Self-Healing Nodes and Infrastructure Management Impact Reliability

Kublr

Kubernetes – An open platform for container orchestration

inovex GmbH

Kubernetes 101

Vishwas N

Kubernetes is a deep and complex technology that is evolving fast with new functionality and a growing ecosystem of cloud-native solutions. While the public cloud delivers an almost frictionless user experience, configuring and managing a production Kubernetes environment is an enormous technical challenge for the majority of enterprises that choose to do so on premises. Without the right approach, operationalizing Kubernetes in the data center can take upwards of 6 months, jeopardizing developer productivity and speed-to-market. In this webinar, you’ll learn from Nutanix cloud native experts on how to fast-track your way to operationalizing a production-ready Kubernetes environment on-prem. Specifically, we’ll talk about: How containerized applications use IT resources (and why legacy infrastructure isn’t built for Kubernetes); The main advantages of running Kubernetes on prem (as part of a multi-cloud strategy); Key aspects of Kubernetes lifecycle management that greatly benefit from automation.

Simplify Your Way To Expert Kubernetes Management

DevOps.com

Did your company start down the path of building a cloud native platform using Kubernetes with the goal of enabling developers to innovate faster and increase productivity, but then run into challenges keeping it operating in an optimal way? In this session, Weaveworks will discuss how to migrate from self-managed Kubernetes on EC2 to a GitOps managed Shared Services Platform (SSP) on EKS. A SSP built on EKS and managed with Weave GitOps provides developers and operators with common workflows to update both applications and infrastructure. With every change in version control, full audit trails are available, and security is enforced. While at the same time enabling easier rollbacks and faster mean-time-to-recovery (MTTR). In short, a Weave GitOps managed SSP increases developer velocity while boosting stability. How to operate a hybrid Kubernetes architecture, using managed EKS in the AWS Cloud and EKS-Distro on premises. How to structure your infrastructure repository to efficiently manage multiple teams. How to use Kubernetes RBAC to provide secure cluster multi-tenancy. How to use GitOps to promote releases across a hybrid set of independent clusters. How to accomplish data and operational sovereignty.

Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS

Weaveworks

Kubernetes And Istio and Azure AKS DevOps

Ofir Makmal

Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...

Docker, Inc.

Regardless of your organization’s size or industry, migrating to the public cloud and Kubernetes is burdened with business and technical risk. Managing Kubernetes clusters, applying blueprint to clusters and adding requisite governance and control are just a few hurdles that can stall your application modernization journey. Azure Kubernetes Service (AKS) simplifies deploying a managed Kubernetes cluster in Azure by offloading much of the complexity and operational overhead. In this session, you will learn: - Introduction and architecture of AKS - Best practices in adopting Azure Kubernetes Service - How to monitor and optimize AKS

Accelerate Application Innovation Journey with Azure Kubernetes Service

WinWire Technologies Inc

Azure meetup cloud native concepts - may 28th 2018

Jim Bugwadia

This presentation is devoted to current trends that affect DevOps activities. It also deals with Cloud Flex Framework, a Kubernetes-based framework, which provides a set of flexible and comprehensive operation principles to cover all stages of a modern application life cycle. This presentation was held by Denys Vasyliev (Lead Software Engineer, Consultant, GlobalLogic) at GlobalLogic Kyiv DevOps Career Day on June 9, 2018. Learn more: https://www.globallogic.com/ua/events/globallogic-kyiv-devops-career-day-summary

Kubernetes: Dive into the Future of Infrastructure

GlobalLogic Ukraine

The talk gives a state of the art update of experiences with deploying applications in Kubernetes on scale. If in clouds or on premises, Kubernetes took over the leading role as a container operating system. The central paradigm of stateless containers connected to storage and services is the core of Kubernetes. However, it can be extended to distributed databases, Machine Learning, Windows VMs in Kubernetes. All these applications have been considered as edge cases a few years ago, however, are going more and more mainstream today.

OSDC 2018 | Three years running containers with Kubernetes in Production by T...

NETWAYS

This presentation provides an overview of how Kubernetes capabilities can be used to simplify use of hybrid infrastructure rather than complicate it. It covers the general challenges posed by hybrid multi-site architectures, including provisioning and operations, ingress traffic management, network connectivity, and distributed data management. The presentation reviews using AWS and Azure as examples how each of these challenges can be addressed with Kubernetes and various Kubernetes controllers used as an infrastructure abstraction layer.

Hybrid architecture solutions with kubernetes and the cloud native stack

Kublr

Rook turns distributed storage systems into self-managing, self-scaling, self-healing storage services. It automates the tasks of a storage administrator: deployment, bootstrapping, configuration, provisioning, scaling, upgrading, migration, disaster recovery, monitoring, and resource management. Rook uses the power of the Kubernetes platform to deliver its services via a Kubernetes Operator for each storage provider. Oleg Chunikhin, Co-Founder and CTO @ Kublr.com, will present an introduction to storage management on k8s using Rook and Ceph.

Intro into Rook and Ceph on Kubernetes

Kublr

01 - VMUGIT - Lecce 2018 - Fabio Rapposelli, VMware

VMUG IT

With Docker adoption on the rise in many organisations, it’s becoming increasingly challenging to manage multiple containerized environments across clusters and infrastructure providers. Starting from the question of what do we use to manage our Kubernetes clusters in cloud or on-premise, we’ll look at a head-to-head comparison of major Container Orchestration and Management platforms in the enterprise and open-source world. RedHat OpenShift Container Platform, Docker Enterprise, DC/OS, Rancher and Spinnaker and the main platforms which we’ll be taking a closer look at and I hope that this comparison will help make a more informed choice for a Container Management platform. Looking forward to discussing the above and possibly other options with you. For those interested after the presentation, we could have a hands-on session with all of the above platforms, to get a real feeling of each one.

Navigating the Container Orchestration Maze

Alex Vranceanu

Not since the rise of Service Oriented Architecture (and the supporting Fusion Middleware technology) over a decade ago have we seen so much rapid change in terms of application and infrastructure architecture. Cloud, Microservices and DevOps are perhaps the most explicit examples – but many other developments in technology, architecture and even the industry at large have an impact on how enterprises consider and employ IT – such as machine learning, IoT, blockchain. In this session for (infrastructure, solution, application, enterprise, security, data) architects – we will present the main stories, roadmaps and technologies from Oracle OpenWorld 2017 (and JavaOne) that influence, shape and enable architecture. We will brainstorm together on the consequences of the new directions outlined by Oracle – and coming our way from other quarters. We are seeing a a lot of change. New opportunities arise – that may become challenges or threats if we fail to recognize and embrace the change in time. This session will help us all to get a better handle on the winds in enterprise IT in general and in Oracle land in particular. Among the topics we will present and discuss are: - The Only Way is Up – the inevitable and imminent move from on premises to the cloud, and upwards in the stack – from IaaS to SaaS - Security and Ops in a hybrid landscape (multiple clouds & on premises, multiple technologies & interaction channels) - Autonomous Database – what, when, how - Oracle’s cloud strategy, High PaaS and Low PaaS, Open [source] technology (star of the show: Apache Kafka) and the commodization of the traditional Oracle platform - Container and Cloud Native at Oracle Cloud (Docker, Kubernetes Container Platform, Wercker, Istio Service Mesh, CNCF) - Serverless - Java Reborn – for microservices and cloud, modularized (highlights from the JavaOne conference) - Disruptive: Blockchain, IoT, Machine Learning

Dutch Oracle Architects Platform - Reviewing Oracle OpenWorld 2017 and New Tr...

Lucas Jellema

Similaire à The Evolution of your Kubernetes Cluster (20)

Multi-cloud Kubernetes BCDR with Velero

DevOpsDays Houston 2019 - Terry Shea - Centralizing Kubernetes Operations

Portable CI/CD Environment as Code with Kubernetes, Kublr and Jenkins

Kubernetes stack reliability

How Self-Healing Nodes and Infrastructure Management Impact Reliability

Kubernetes – An open platform for container orchestration

Kubernetes 101

Simplify Your Way To Expert Kubernetes Management

Migrating from Self-Managed Kubernetes on EC2 to a GitOps Enabled EKS

Kubernetes And Istio and Azure AKS DevOps

Evénement Docker Paris: Anticipez les nouveaux business model et réduisez vos...

Accelerate Application Innovation Journey with Azure Kubernetes Service

Azure meetup cloud native concepts - may 28th 2018

Kubernetes: Dive into the Future of Infrastructure

OSDC 2018 | Three years running containers with Kubernetes in Production by T...

Hybrid architecture solutions with kubernetes and the cloud native stack

Intro into Rook and Ceph on Kubernetes

01 - VMUGIT - Lecce 2018 - Fabio Rapposelli, VMware

Navigating the Container Orchestration Maze

Dutch Oracle Architects Platform - Reviewing Oracle OpenWorld 2017 and New Tr...

Plus de Kublr

Container Runtimes and Tooling, v2

Kublr

Container Runtimes and Tooling

Kublr

Submariner enables direct networking between Pods and Services in different Kubernetes clusters, either on-premises or in the cloud. As Kubernetes gains adoption, teams are finding they must deploy and manage multiple clusters to facilitate features like geo-redundancy, scale, and fault isolation for their applications. With Submariner, your applications and services can span multiple cloud providers, data centers, and regions. Submariner is completely open source, and designed to be network plugin (CNI) agnostic. Submariner Provides: cross-cluster L3 connectivity using encrypted VPN tunnels; service Discovery across clusters; subctl, a friendly deployment tool; support for interconnecting clusters with overlapping CIDRs

Kubernetes in Hybrid Environments with Submariner

Kublr

Kubernetes (K8s) is a powerful, flexible and portable open source framework for distributed containerized applications delivery and management. An important part of the services provided by most Kubernetes clusters is the containers’ networking stack. In most cases and for many applications it “just works”, but this seeming simplicity is backed by a complex stack of technologies that provide many capabilities beyond the basics. This presentation accompanies the meetup and webinar where Oleg Chunikhin, CTO at Kublr, shows how Kubernetes networking stack works, describes main components, interfaces and extensibility options. What is covered: - general notions of Kubernetes networking - Pods and Network Policies - implementation of Kubernetes networking - CNI, CNI plugins, and Linux network namespaces - some Kubernetes CNI providers: Calico, Weave, Flanel, and Canal - K8S networking extensibility for advanced and “exotic” use-cases with Multus CNI plugin as an example

Kubernetes Networking 101

Kublr

Kubernetes Ingress 101

Kublr

In this meetup, Oleg, CTO at Kublr, walks you through the basics of K8s persistence management functionality and how it can be used to simplify managing persistent applications across different environments - in the cloud or on premise. Oleg will use a demo environment with clusters in different clouds to show K8s persistence in practice. We will cover: • Persistent data abstractions in K8s: persistent volumes (PV) and their attributes • PV specifics in different clouds • Using PV in K8s: persistent volume claims (PVC) and storage classes (SC) • Automatic volume provisioning • Persistence and scheduling interrelationships • Practical examples Kubernetes (K8s) is a powerful and flexible open source container orchestration system. The power of K8s comes from its modularity and simplicity of basic concepts. Each of these basic concepts build on the other and, from the most basic elements to more advanced ones, each is responsible for its own well-defined logic and behavior.

Kubernetes persistence 101

Kublr

Kubernetes 101: Intro to Kubernetes namespaces, workloads, and architecture In this webinar Oleg, CTO at Kublr, will explain the basics of Kubernetes, a powerful and flexible open-source container orchestration system: what it is, how it works, and the main entities Kubernetes users work with. Containers are taking over the IT world, and while building and running them locally is simple, running them in production on a distributed infrastructure is much more involved. Oleg will show how Kubernetes can help orchestrating containers across multiple compute nodes and clouds. We will cover: - distributed container orchestration - architecture of Kubernetes clusters - important Kubernetes objects: namespaces, pods, services - overview controllers: deployment, daemonset, stateful set

Kubernetes 101

Kublr

Setting up CI/CD Pipeline with Kubernetes and Kublr step by-step

Kublr

Incredibly powerful and flexible, Kubernetes role-based access control (RBAC) is an essential tool to effectively manage production clusters. Yet many Ops and DevOps engineers are still facing barriers to efficiently use it at scale. These include a steep learning curve, YAML-based configuration, lack of standardized best practices, and the general complexity of this functionality at large -- it truly can be somewhat overwhelming. During this meetup Oleg, CTO at Kublr, will discuss Kubernetes RBAC concepts and objects. He'll explore different use cases ranging from simple permission management for in-cluster application accounts to integrations with external identity providers for SSO and enterprise user access management. Leveraging the Kublr Platform, Oleg will demonstrate how it simplifies the management of access and RBAC rules in a cloud native environment while staying vendor-independent and compatible with any Kubernetes distribution.

Introduction to Kubernetes RBAC

Kublr

Plus de Kublr (9)

Container Runtimes and Tooling, v2

Container Runtimes and Tooling

Kubernetes in Hybrid Environments with Submariner

Kubernetes Networking 101

Kubernetes Ingress 101

Kubernetes persistence 101

Kubernetes 101

Setting up CI/CD Pipeline with Kubernetes and Kublr step by-step

Introduction to Kubernetes RBAC

Dernier

ICT role in 21st century education and its challenges

rafiqahmad00786416

The microservices honeymoon is over. When starting a new project or revamping a legacy monolith, teams started looking for alternatives to microservices. The Modular Monolith, or 'Modulith', is an architecture that reaps the benefits of (vertical) functional decoupling without the high costs associated with separate deployments. This talk will delve into the advantages and challenges of this progressive architecture, beginning with exploring the concept of a 'module', its internal structure, public API, and inter-module communication patterns. Supported by spring-modulith, the talk provides practical guidance on addressing the main challenges of a Modultith Architecture: finding and guarding module boundaries, data decoupling, and integration module-testing. You should not miss this talk if you are a software architect or tech lead seeking practical, scalable solutions. About the author With two decades of experience, Victor is a Java Champion working as a trainer for top companies in Europe. Five thousands developers in 120 companies attended his workshops, so he gets to debate every week the challenges that various projects struggle with. In return, Victor summarizes key points from these workshops in conference talks and online meetups for the European Software Crafters, the world’s largest developer community around architecture, refactoring, and testing. Discover how Victor can help you on victorrentea.ro : company training catalog, consultancy and YouTube playlists.

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024

Victor Rentea

Whatsapp Number Escorts Call girls 8617370543 Available 24x7 Mcleodganj Call Girls Service Offer Genuine VIP Model Escorts Call Girls in Your Budget. Mcleodganj Call Girls Service Provide Real Call Girls Number. Make Your Sexual Pleasure Memorable with Our Mcleodganj Call Girls at Affordable Price. Top VIP Escorts Call Girls, High Profile Independent Escorts Call Girls, Housewife Women Escorts Call Girl, College Girls Escorts Call Girls, Russian Escorts Call girls Service in Your Budget.

Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model

Deepika Singh

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

Product Anonymous

Webinar Recording: https://www.panagenda.com/webinars/why-teams-call-analytics-is-critical-to-your-entire-business Nothing is as frustrating and noticeable as being in an important call and being unable to see or hear the other person. Not surprising then, that issues with Teams calls are among the most common problems users call their helpdesk for. Having in depth insight into everything relevant going on at the user’s device, local network, ISP and Microsoft itself during the call is crucial for good Microsoft Teams Call quality support. To ensure a quick and adequate solution and to ensure your users get the most out of their Microsoft 365. But did you know that ‘bad calls’ are also an excellent indicator of other problems arising? Precisely because it is so noticeable!? Like the canary in the mine, bad calls can be early indicators of problems. Problems that might otherwise not have been noticed for a while but can have a big impact on productivity and satisfaction. Join this session by Christoph Adler to learn how true Microsoft Teams call quality analytics helped other organizations troubleshoot bad calls and identify and fix problems that impacted Teams calls or the use of Microsoft365 in general. See what it can do to keep your users happy and productive! In this session we will cover - Why CQD data alone is not enough to troubleshoot call problems - The importance of attributing call problems to the right call participant - What call quality analytics can do to help you quickly find, fix-, and prevent problems - Why having retrospective detailed insights matters - Real life examples of how others have used Microsoft Teams call quality monitoring to problem shoot problems with their ISP, network, device health and more.

Why Teams call analytics are critical to your entire business

panagenda

Tracing the root cause of a performance issue requires a lot of patience, experience, and focus. It’s so hard that we sometimes attempt to guess by trying out tentative fixes, but that usually results in frustration, messy code, and a considerable waste of time and money. This talk explains how to correctly zoom in on a performance bottleneck using three levels of profiling: distributed tracing, metrics, and method profiling. After we learn to read the JVM profiler output as a flame graph, we explore a series of bottlenecks typical for backend systems, like connection/thread pool starvation, invisible aspects, blocking code, hot CPU methods, lock contention, and Virtual Thread pinning, and we learn to trace them even if they occur in library code you are not familiar with. Attend this talk and prepare for the performance issues that will eventually hit any successful system. About authorWith two decades of experience, Victor is a Java Champion working as a trainer for top companies in Europe. Five thousands developers in 120 companies attended his workshops, so he gets to debate every week the challenges that various projects struggle with. In return, Victor summarizes key points from these workshops in conference talks and online meetups for the European Software Crafters, the world’s largest developer community around architecture, refactoring, and testing. Discover how Victor can help you on victorrentea.ro : company training catalog, consultancy and YouTube playlists.

Finding Java's Hidden Performance Traps @ DevoxxUK 2024

Victor Rentea

DBX First Quarter 2024 Investor Presentation

Dropbox

Dubai, known for its towering skyscrapers, luxurious lifestyle, and relentless pursuit of innovation, often finds itself in the global spotlight. However, amidst the glitz and glamour, the emirate faces its own set of challenges, including the occasional threat of flooding. In recent years, Dubai has experienced sporadic but significant floods, disrupting normalcy and posing unique challenges to its infrastructure. Among the critical nodes in this bustling metropolis is the Dubai International Airport, a vital hub connecting the world. This article delves into the intersection of Dubai flood events and the resilience demonstrated by the Dubai International Airport in the face of such challenges.

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

Orbitshub

The value of a flexible API Management solution for Open Banking Steve Melan, Manager for IT Innovation and Architecture - State's and Saving's Bank of Luxembourg Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The value of a flexible API Management solution for O...

apidays

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

MadyBayot

Effective data discovery is crucial for maintaining compliance and mitigating risks in today's rapidly evolving privacy landscape. However, traditional manual approaches often struggle to keep pace with the growing volume and complexity of data. Join us for an insightful webinar where industry leaders from TrustArc and Privya will share their expertise on leveraging AI-powered solutions to revolutionize data discovery. You'll learn how to: - Effortlessly maintain a comprehensive, up-to-date data inventory - Harness code scanning insights to gain complete visibility into data flows leveraging the advantages of code scanning over DB scanning - Simplify compliance by leveraging Privya's integration with TrustArc - Implement proven strategies to mitigate third-party risks Our panel of experts will discuss real-world case studies and share practical strategies for overcoming common data discovery challenges. They'll also explore the latest trends and innovations in AI-driven data management, and how these technologies can help organizations stay ahead of the curve in an ever-changing privacy landscape.

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc

How to Troubleshoot Apps for the Modern Connected Worker

ThousandEyes

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

Edi Saputra

Corporate and higher education. Two industries that, in the past, have had a clear divide with very little crossover. The difference in goals, learning styles and objectives paved the way for differing learning technologies platforms to evolve. Now, those stark lines are blurring as both sides are discovering they have content that’s relevant to the other. Join Tammy Rutherford as she walks through the pros and cons of corporate and higher ed collaborating. And the challenges of these different technology platforms working together for a brighter future.

Corporate and higher education May webinar.pptx

Rustici Software

Scaling API-first – The story of a global engineering organization Ian Reasor, Senior Computer Scientist - Adobe Radu Cotescu, Senior Computer Scientist - Adobe Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

apidays

Following the popularity of “Cloud Revolution: Exploring the New Wave of Serverless Spatial Data,” we’re thrilled to announce this much-anticipated encore webinar. In this sequel, we’ll dive deeper into the Cloud-Native realm by uncovering practical applications and FME support for these new formats, including COGs, COPC, FlatGeoBuf, GeoParquet, STAC, and ZARR. Building on the foundation laid by industry leaders Michelle Roby of Radiant Earth and Chris Holmes of Planet in the first webinar, this second part offers an in-depth look at the real-world application and behind-the-scenes dynamics of these cutting-edge formats. We will spotlight specific use-cases and workflows, showcasing their efficiency and relevance in practical scenarios. Discover the vast possibilities each format holds, highlighted through detailed discussions and demonstrations. Our expert speakers will dissect the key aspects and provide critical takeaways for effective use, ensuring attendees leave with a thorough understanding of how to apply these formats in their own projects. Elevate your understanding of how FME supports these cutting-edge technologies, enhancing your ability to manage, share, and analyze spatial data. Whether you’re building on knowledge from our initial session or are new to the serverless spatial data landscape, this webinar is your gateway to mastering cloud-native formats in your workflows.

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Safe Software

CNIC Information System with Pakdata Cf In Pakistan

danishmna97

Boost Fertility New Invention Ups Success Rates.pdf

sudhanshuwaghmare1

💥 You’re lucky! We’ve found two different (lead) developers that are willing to share their valuable lessons learned about using UiPath Document Understanding! Based on recent implementations in appealing use cases at Partou and SPIE. Don’t expect fancy videos or slide decks, but real and practical experiences that will help you with your own implementations. 📕 Topics that will be addressed: • Training the ML-model by humans: do or don't? • Rule-based versus AI extractors • Tips for finding use cases • How to start 👨‍🏫👨‍💻 Speakers: o Dion Morskieft, RPA Product Owner @Partou o Jack Klein-Schiphorst, Automation Developer @Tacstone Technology

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam

UiPathCommunity

MS Copilot expands with MS Graph connectors

Nanddeep Nachan

Dernier (20)

ICT role in 21st century education and its challenges

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024

Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

Why Teams call analytics are critical to your entire business

Finding Java's Hidden Performance Traps @ DevoxxUK 2024

DBX First Quarter 2024 Investor Presentation

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

Apidays New York 2024 - The value of a flexible API Management solution for O...

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

How to Troubleshoot Apps for the Modern Connected Worker

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

Corporate and higher education May webinar.pptx

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

CNIC Information System with Pakdata Cf In Pakistan

Boost Fertility New Invention Ups Success Rates.pdf

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam

MS Copilot expands with MS Graph connectors

The Evolution of your Kubernetes Cluster

1. The Evolution of Your Kubernetes Cluster From a Skunk-Works Project to Running the Entire Enterprise Oleg Chunikhin | CTO, Kublr

2. Introductions Oleg Chunikhin CTO, Kublr • 20 years in software architecture & development • Working w/ Kubernetes since its release in 2015 • Software architect behind Kublr—an enterprise ready container management platform • Twitter @olgch

3. History • Custom software development company • Dozens of projects per year • Varying target environments: clouds, on-prem, hybrid • Recurring need for unified application delivery and ops platform w/ monitoring, logs, security, multiple env, ... @olgch; @kublr

4. Docker and Kubernetes to the Rescue • Docker is great, but local • Kubernetes is great... when it is up and running • Who sets up and operates K8S clusters? • Who takes care of operational aspects at scale? • How do you provide governance and ensure compliance? @olgch; @kublr

5. Enterprise Kubernetes Needs Developers SRE/Ops/DevOps/SecOps • Self-service • Compatible • Conformant • Configurable • Open & Flexible • Governance • Org multi-tenancy • Single pane of glass • Operations • Monitoring • Log collection • Image management • Identity management • Security • Reliability • Performance • Portability @olgch; @kublr

6. Kubernetes Management Platform Wanted • Portability – clouds, on-prem, hybrid, air-gapped, different OS’ • Centralized multi-cluster operations saves resources – many environments (dev, prod, QA, ...), teams, applications • Self-service and governance for Kubernetes operations • Reliability – cluster self-healing, self-reliance • Limited management profile – cloud and K8S API • Architecture – flexible, open, pluggable, compatible • Sturdy – secure, scalable, modular, HA, DR etc. @olgch; @kublr

7. @olgch; @kublr Automation Ingress Custom Clusters Infrastructure Logging Monitoring Observability API Usage Reporting RBAC IAM Air Gap TLS Certificate Rotation Audit Storage Networking Container Registry CI / CD App Mgmt Infrastructure Container Runtime Kubernetes OPERATIONS SECURITY & GOVERNANCE

8. Central Control Plane: Operations K8S Clusters Cloud(s) Data center API UI Log collection Operations Monitoring Authn and authz, SSO, federation Audit Image Repo Infrastructure management Backup & DR Dev K8S API Cloud API Prod PoC Dev @olgch; @kublr

9. Central Control Plane: Operations @olgch; @kublr

10. Talking Points Self-service and Governance • Resource quotas and limits Deployment and Day 2 Ops • Infrastructure, portability • Storage/data, image mgmt, CI/CD Visibility/Observability • Asset visibility and ownership • Log collection/monitoring/tracing • Network & flow logging (IP ephemerality) Security and AAA • IaM • RBAC and Network Policy • Container scanning, signing, governance • Underlying OS and updates • Underlying platform security (e.g. SElinux) Legacy & Enterprise integration • RBAC, IaM • Legacy network enforcement integration @olgch; @kublr

11. Q&A @olgch; @kublr

12. Oleg Chunikhin Chief Technology Officer oleg@kublr.com @olgch Kublr | kublr.com @kublr Signup for our newsletter at kublr.com @olgch; @kublr

Notes de l'éditeur

“If you like something you hear today, please tweet at me @olgch”
Unified application delivery and ops platform wanted:monitoring, logs, security, multiple env, ... Where the project comes from Company overview Kubernetes as a solution – standardized delivery platform Kubernetes is great for managing containers, but who manages Kubernetes? How to streamline monitoring and collection of logs with multiple Kubernetes clusters?
Docker – 2013 Kubernetes – 2014-2015
Requirements Portability – support for cloud environments, on prem deployment, and isolated deployments Multi-cluster operations support Centralized log collection and monitoring Reliability – self healing, modularity, cluster self-reliance Limited connectivity profile – do not require many ports Architecture – flexible, open, pluggable Security

The Evolution of your Kubernetes Cluster

Recommandé

Recommandé

Contenu connexe

Tendances

Tendances (20)

Similaire à The Evolution of your Kubernetes Cluster

Similaire à The Evolution of your Kubernetes Cluster (20)

Plus de Kublr

Plus de Kublr (9)

Dernier

Dernier (20)

The Evolution of your Kubernetes Cluster

Notes de l'éditeur