Slides from the May 2018 Rancher Online Meetup Rancher 2.0 was released to general availability this month, and one of the key use cases we developed this platform for was to help organizations build a Container-as-a-Service platform using Kubernetes. In our May online meetup, we covered the possibility of running an enterprise container platform built on Rancher 2.0. Topics covered included: Approaches to workload isolation in Kubernetes Multi-cluster management approaches User privileges and Delegated administration Defining centralized security policies Optimizing infrastructure utilization You can find a recording of the meetup here: https://youtu.be/7cqP-VzCP3M

1. May 11, 2018#RancherMeetup
Building an Enterprise CaaS on
Kubernetes with Rancher 2.0

2. 2
Darren Shepherd
Co-Founder/Chief Architect
@ibuildthecloud
Freenode: darren0
#RancherMeetup
Shannon Williams
Co-Founder/VP Sales
@smw355

3. 3
First things first…
This is a not a !
#RancherMeetup

4. 4
There are rules for a meetup!
• We won’t be done on time
• Questions are always welcome
• There are no bad questions
• Demo, then demo some more
• Things will break, be patient
#RancherMeetup

5. 5
Join the conversation on Twitter
#RancherMeetup
5

6. 6
Agenda
Building an Enterprise Kubernetes Platform – Shannon
Demo: Kubernetes-as-a-Service – Darren
What’s next – Shannon

7. 7

8. 8
Rancher Kubernetes Engine
(RKE)
vSphere • Bare metal GKE AKS
Unified Cluster Management
Provisioning • Authentication • RBAC • Policy • Security • Capacity • Cost
Workload Management
User Interface • App Catalog • CI/CD • Monitoring • Logging
COMPLETE
CONTAINER
MANAGEMENT
PLATFORM
EKS Import

9. Building an Enterprise CaaS
on Kubernetes

10. 10
Kubernetes adoption in the enterprise typically
starts from a single deployment
- Specific team realizes the
impact of microservices, Docker
and Kubernetes
- Builds and manages
Kubernetes themselves
- Project goes live, word spreads.

11. 11
Quickly, Kubernetes usage expands and we see
clusters dedicated to a wide set of use cases
One large biotech firm:
1. Custom developed microservices
application
2. CI/CD platform
3. Hybrid Tensorflow deployment
using GPUs on-prem and in AWS
4. Hosting Web and Mobile Apps

12. 12
We’ve seen this before
Early adoption
• Driven by use cases
• Significant impact
• Success means word
spreads
Broad Adoption
• Teams adopt
aggressively
• Many different use
cases/versions
• Management and
security/controls
become problems
Standardization and
Management
• IT begins to implement
controls
• Security and
compliance become
important
• Utilization improves
• Costs are better
managed
• Access expands

13. 13
Historically when we add the controls,
we slow the innovation!

14. 14
What’s driving Enterprise
Kubernetes adoption
1. Containers are the game changer
1. Consistent packaging
2. Portability
3. Consistent testing
4. Predictable deployments
5. Simplified upgrades
2. Kubernetes is a robust way to run containers
1. Critical ops capabilities for production
2. Well integrated infrastructure services
3. Strong technology ecosystem

15. 15
Moving from isolated deployments to a
Kubernetes-based CaaS unlocks new value
1. More consistent Operations
2. Infrastructure density
3. Security & Compliance
4. Hybrid cloud platform
5. Standard Application Catalogs

16. 16
Our demo today – Building an enterprise CaaS that
unifies Users, Infrastructure, and IT Policy
Container ServiceTeam 2
Infrastructure
Kubernetes
Dev
Staging
Prod
Team 3
Infrastructure
Kubernetes
Dev
Staging
Prod
DevOps Teams
Team 1 Infrastructure
Kubernetes
Dev
Staging
Prod
AD/LDAP
Monitoring
Service Desk
Registry
IT Systems
Policy Operations

17. 17
Our demo today – Building an enterprise CaaS that
unifies Users, Infrastructure, and IT Policy
Container ServiceTeam 2
Dev
Staging
Prod
Team 3
Infrastructure
Kubernetes
Dev
Staging
Prod
DevOps Teams
Team 1 Infrastructure
Kubernetes
Dev
Staging
Prod
AD/LDAP
Monitoring
Service Desk
Registry
IT Systems
Policy Operations

18. 18
Key Requirements
1. Deploy and/or manage any Kubernetes
2. Isolate users as much as necessary
3. Manage users and simplify access
4. Security and policy management
5. Encourage adoption

19. 19
Key Requirement: Multi-Cluster Management
1. Manage Kubernetes everywhere
1. Cloud Hosted (GKE, EKS, AKS)
2. Datacenter (BareMetal, OpenStack,
VMware)
2. Support importing existing clusters
3. Support deployments as code
4. Upgrade, Backup and Restore
clusters

20. 20
Key Requirement: Workload Isolation
1. Support dedicated Kubernetes
clusters
2. Support shared Kubernetes
clusters with workload isolation
3. Give users real control over their
cluster

21. 21
Key Requirement: Improved Access
1. Integrate with existing directory
services for authentication and
authorization
2. Allow delegated cluster and
project administration to users
3. Allow policy management at user
level

22. 22
Key Requirement: Centralize Security and Policy
Management
1. Centrally define and apply policies
to any Kubernetes cluster
1. Pod security policies
2. Network security policies
3. Admission controllers
2. Focus on a security stance that
can be adjusted based on use
case

23. 23
Key Requirement: Drive Container Adoption
1. CLI/UI/API access
2. Provide easy access to shared
and private application catalogs
3. Provide out of the box
monitoring and alerting
4. Simplify logging
5. Offer flexibility on tooling

24. 24
Demo: Building a
CaaS with
Rancher 2.0

25. 25
Get started in two easy steps
Step 1: Prepare a Linux Host
Rancher requires a single host installed with either Ubuntu 16.04 (kernel v3.10+) or
RHEL/CentOS 7.3 as well as at least 2GB of memory, 20GB of local disk and a
supported version of Docker.
Step 2: Start the server
To install and run Rancher server, execute the following Docker command on your host:
$ sudo docker run -d --restart=unless-stopped -p 80:80 -p 443:443 rancher/server:preview

26. 26
Rancher 2.0 Quick Start Guide
http://rancher.com/docs/rancher/v2.0/en/quick-start-guide/

27. 27
Rancher, RancherOS, RKE are in GitHub
Get involved!
http://github.com/rancher

28. 28
Thank you
@Rancher_Labs · #RancherMeetup