Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

Production ready tooling for microservices on kubernetes

10 336 vues

Publié le

I presented this talk on Container conf 18.

Publié dans : Ingénierie
  • Identifiez-vous pour voir les commentaires

  • Soyez le premier à aimer ceci

Production ready tooling for microservices on kubernetes

  1. 1. Production ready tooling for microservices on Kubernetes Chandresh Pancholi
  2. 2. Source: http://www.rafaelhart.com/2018/03/18/monolith-or-microservices.html
  3. 3. Service discovery ● Kubernetes supports DNS based service discovery ● Kubernetes supports Kube-DNS & CoreDNS based discovery ● Kube-DNS uses SkyDNS which is written by author of CoreDNS ● CoreDNS, that is built with a more modular, extensible framework ● Kube DNS uses dnsmq for caching but CoreDNS has caching a middleware
  4. 4. Request routing & load balancing ● Kubernetes services ● Kubernetes ingress ● External load balancer ● Kubernetes NodePort
  5. 5. Monitoring & Visualization ● Prometheus ● Prometheus operator ● cAdvisor ● Grafana
  6. 6. Edge server ● Ingress ○ Nginx ○ Kong ○ GCE ○ Traefik ● Ingress resource → The Ingress resource is a set of rules that map to Kubernetes services. ● Ingress controller → Ingress controllers are applications that watch Ingresses in the cluster and configure a balancer to apply those rules.
  7. 7. Configuration managements ● Config maps ● Secrets ● Etcd ● Hashicorp vault
  8. 8. Security ● RBAC ● Service account ● Istio ● Oauth 2.0/OpenId Connect
  9. 9. Centralised logging ● Fluentd ● Fluent bit ● Elasticsearch ● Kibana ● Elastalert
  10. 10. helm It’s a package manager for Kubernetes. Helm helps you manage Kubernetes applications — Helm Charts helps you define, install, and upgrade even the most complex Kubernetes application. Source: https://thomasmodeneis.files.wordpress.com/2017/06/screenshot_20170623_194919.png
  11. 11. Prometheus ● Node monitoring ● Pod monitoring ● Cluster monitoring ● Container monitoring ● Application monitoring ● Alerting
  12. 12. Source: https://prometheus.io/
  13. 13. Prometheus operator Source: https://coreos.com/blog/the-prometheus-operator.html
  14. 14. Fluentd Fluentd is an open source data collector, which lets you unify the data collection and consumption for a better use and understanding of data. ● Unified logging with Json ● Pluggable Architecture ● Minimum resources required ● Built-in reliability
  15. 15. Source: https://www.fluentd.org/architecture
  16. 16. Source: https://www.fluentd.org/architecture
  17. 17. Jaeger/Open tracing Jaeger, inspired by Dapper and OpenZipkin, is a distributed tracing system released as open source by Uber Technologies. It is used for monitoring and troubleshooting microservices-based distributed systems. ● Distributed context propagation ● Distributed transaction monitoring ● Root cause analysis ● Service dependency analysis ● Performance / latency optimization
  18. 18. Source: https://www.jaegertracing.io/
  19. 19. Kubeless Kubeless is a Kubernetes-native serverless framework that lets you deploy small bits of code (functions) without having to worry about the underlying infrastructure. ● Support for Python, Node.js, Ruby, PHP, Golang, .NET, Ballerina and custom runtimes ● CLI compliant with AWS Lambda CLI ● Event triggers using Kafka messaging system and HTTP events ● Prometheus monitoring of functions calls and function latency by default
  20. 20. Source: https://blog.cloudboost.io/kubeless-is-more-9f20fb443b5a
  21. 21. Istio Istio makes it easy to create a network of deployed services with load balancing, service-to-service authentication, monitoring, and more, without any changes in service code. You add Istio support to services by deploying a special sidecar proxy throughout your environment that intercepts all network communication between microservices, then configure and manage Istio using its control plane functionality.
  22. 22. Source: https://istio.io/docs/concepts/what-is-istio/arch.svg
  23. 23. Kubewatch kubewatch is a Kubernetes watcher that currently publishes notification to Slack. Run it in your k8s cluster, and you will get event notifications in a slack channel. Resources to watch ● Daemonsets ● Deployment ● Pod ● Replica sets ● Replication controller ● Services ● Secrets ● Config maps
  24. 24. Kube-monkey An implementation of Netflix's Chaos Monkey for Kubernetes clusters.It randomly deletes Kubernetes (k8s) pods in the cluster encouraging and validating the development of failure-resilient services.
  25. 25. Questions?