Slides from the May 2018 Rancher Online Meetup
Rancher 2.0 was released to general availability this month, and one of the key use cases we developed this platform for was to help organizations build a Container-as-a-Service platform using Kubernetes. In our May online meetup, we covered the possibility of running an enterprise container platform built on Rancher 2.0.
Topics covered included:
Approaches to workload isolation in Kubernetes
Multi-cluster management approaches
User privileges and Delegated administration
Defining centralized security policies
Optimizing infrastructure utilization
You can find a recording of the meetup here: https://youtu.be/7cqP-VzCP3M
4. 4
There are rules for a meetup!
• We won’t be done on time
• Questions are always welcome
• There are no bad questions
• Demo, then demo some more
• Things will break, be patient
#RancherMeetup
10. 10
Kubernetes adoption in the enterprise typically
starts from a single deployment
- Specific team realizes the
impact of microservices, Docker
and Kubernetes
- Builds and manages
Kubernetes themselves
- Project goes live, word spreads.
11. 11
Quickly, Kubernetes usage expands and we see
clusters dedicated to a wide set of use cases
One large biotech firm:
1. Custom developed microservices
application
2. CI/CD platform
3. Hybrid Tensorflow deployment
using GPUs on-prem and in AWS
4. Hosting Web and Mobile Apps
12. 12
We’ve seen this before
Early adoption
• Driven by use cases
• Significant impact
• Success means word
spreads
Broad Adoption
• Teams adopt
aggressively
• Many different use
cases/versions
• Management and
security/controls
become problems
Standardization and
Management
• IT begins to implement
controls
• Security and
compliance become
important
• Utilization improves
• Costs are better
managed
• Access expands
14. 14
What’s driving Enterprise
Kubernetes adoption
1. Containers are the game changer
1. Consistent packaging
2. Portability
3. Consistent testing
4. Predictable deployments
5. Simplified upgrades
2. Kubernetes is a robust way to run containers
1. Critical ops capabilities for production
2. Well integrated infrastructure services
3. Strong technology ecosystem
15. 15
Moving from isolated deployments to a
Kubernetes-based CaaS unlocks new value
1. More consistent Operations
2. Infrastructure density
3. Security & Compliance
4. Hybrid cloud platform
5. Standard Application Catalogs
16. 16
Our demo today – Building an enterprise CaaS that
unifies Users, Infrastructure, and IT Policy
Container ServiceTeam 2
Infrastructure
Kubernetes
Dev
Staging
Prod
Team 3
Infrastructure
Kubernetes
Dev
Staging
Prod
DevOps Teams
Team 1 Infrastructure
Kubernetes
Dev
Staging
Prod
AD/LDAP
Monitoring
Service Desk
Registry
IT Systems
Policy Operations
17. 17
Our demo today – Building an enterprise CaaS that
unifies Users, Infrastructure, and IT Policy
Container ServiceTeam 2
Dev
Staging
Prod
Team 3
Infrastructure
Kubernetes
Dev
Staging
Prod
DevOps Teams
Team 1 Infrastructure
Kubernetes
Dev
Staging
Prod
AD/LDAP
Monitoring
Service Desk
Registry
IT Systems
Policy Operations
18. 18
Key Requirements
1. Deploy and/or manage any Kubernetes
2. Isolate users as much as necessary
3. Manage users and simplify access
4. Security and policy management
5. Encourage adoption
19. 19
Key Requirement: Multi-Cluster Management
1. Manage Kubernetes everywhere
1. Cloud Hosted (GKE, EKS, AKS)
2. Datacenter (BareMetal, OpenStack,
VMware)
2. Support importing existing clusters
3. Support deployments as code
4. Upgrade, Backup and Restore
clusters
20. 20
Key Requirement: Workload Isolation
1. Support dedicated Kubernetes
clusters
2. Support shared Kubernetes
clusters with workload isolation
3. Give users real control over their
cluster
21. 21
Key Requirement: Improved Access
1. Integrate with existing directory
services for authentication and
authorization
2. Allow delegated cluster and
project administration to users
3. Allow policy management at user
level
22. 22
Key Requirement: Centralize Security and Policy
Management
1. Centrally define and apply policies
to any Kubernetes cluster
1. Pod security policies
2. Network security policies
3. Admission controllers
2. Focus on a security stance that
can be adjusted based on use
case
23. 23
Key Requirement: Drive Container Adoption
1. CLI/UI/API access
2. Provide easy access to shared
and private application catalogs
3. Provide out of the box
monitoring and alerting
4. Simplify logging
5. Offer flexibility on tooling
25. 25
Get started in two easy steps
Step 1: Prepare a Linux Host
Rancher requires a single host installed with either Ubuntu 16.04 (kernel v3.10+) or
RHEL/CentOS 7.3 as well as at least 2GB of memory, 20GB of local disk and a
supported version of Docker.
Step 2: Start the server
To install and run Rancher server, execute the following Docker command on your host:
$ sudo docker run -d --restart=unless-stopped -p 80:80 -p 443:443 rancher/server:preview