Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

Container Conf 2017: Rancher Kubernetes

Deploy, manage and scale Kubernetes with Rancher - a session given in ContainerConf 2017 (7th April) in Bangalore

  • Soyez le premier à commenter

  • Soyez le premier à aimer ceci

Container Conf 2017: Rancher Kubernetes

  2. 2. VISHAL BIYANI CTO & Founder at infraCloud technologies (www.infracloud.io ) 2004 Java, PLM, JSP, Servlets 2004-2009 eMatrix PLM, J2EE, Database, architecture, Shell and what not 2010 - 2013: Spring, Maven, Jenkins, ElasticSearch, CloudFoundry, Google App Engine, APIs, CI 2013: Puppet, Chef, Ansible, CD/CI, DevOps Coach, Docker, API Mgmt, Microservices, Infra as code Now: Containers, Kubernetes, Mesos, Salt, Scale, Distributed https://twitter.com/vishal_biyani https://www.vishalbiyani.com
  3. 3. infraCloud is a Rancher consulting partner http://rancher.com/partners-index/ Rancher has published a FREE eBook on “Scaling and deploying Kubernetes” http://info.rancher.com/deploying-scaling-kubernetes-ebook
  4. 4. The average company QUINTUPLES its Docker usage within 9 MONTHS1 There are 460K Dockerized apps, a 3100% GROWTH over 2 years2 Docker containers have been downloaded more than 4 BILLION times3 THE MOMENTUM OF CONTAINER ADOPTION IS UNDENIABLE… 4 1 Datadog, June 2016 2 Coscale, July 2016 3 Docker, November 2016
  5. 5. …BUT RUNNING CONTAINERS IN PRODUCTION STILL ISN’T EASY 5 ⬆ number tools + ⬆ change = ⬆complexity App Catalog Helm, … Orchestration Compose, Kubernetes, Marathon, Scheduling Swarm, Kubernetes, Mesos, … Monitoring cAdvisor, Sysdig, Datadog, … Access Control LDAP, AD, GitHub, … Registry DockerHub, Quay.io, … Engine Docker, Rkt, … Security Notary, Vault, … Network VXLAN, IPSEC, HAProxy, … Storage Ceph, Gluster, Swift, … Distributed DB Etcd, Consul, MongoDB, … ⬆ density + ⬇ lifespan = ⬆volatility
  6. 6. A COMPLETE CONTAINER MANAGEMENT PLATFORM THAT MAKES IT EASY TO… 6 INNOVATE WITH CONTAINERS by empowering developers with fast access to the latest tools SIMPLIFY APPLICATION DEVELOPMENT with a powerful, yet easy to use interface and application catalog RUN CONTAINERS with the most complete set of container and infrastructure management capabilities Enterprise ready ✔ Open platform for innovating ✔ Easy to use interface ✔ Multi-tenancy ✔ Role based access ✔ 24X7 support ✔ And more….
  7. 7. DO YOU WANT TO MANAGE ALL THIS? 8 App Catalog Orchestration Scheduling Monitoring Access Control Network Storage Distributed DB Registry Engine Security Helm, … Compose, Kubernetes, Marathon, Swarm, Kubernetes, Mesos, … cAdvisor, Prometheus, Datadog, … LDAP, AD, GitHub, … Nexus, Artifactory, DTR… Docker, runC, Rocket … Notary, Vault, … VXLAN, IPSEC, HAProxy, … Ceph, Gluster, Swift, … Etcd, Consul, MongoDB, … …or this?
  8. 8. CHALLENGES : KUBERNETES ONLY IMPLEMENTATIONS • Creating a Kubernetes environment that is customized to DevOps needs • Automating the deployment of multiple Kubernetes clusters • Managing the health of Kubernetes clusters • Automating the upgrade of Kubernetes clusters • Deploying multiple clusters on premises or across disparate cloud providers • Ensuring enterprise readiness, including access to 24×7 support • Customizing then repeatedly deploying multiple combinations of infrastructure services (e.g. storage, networking, DNS, load balancer) • Deploying and automating upgrades for Kubernetes add-ons such as Dashboard, Helm and Heapster
  9. 9. RUNNING CONTAINERS IN PRODUCTION IS HARD, RANCHER MAKES IT EASY 10 Develop Build Package Test Deploy/Upgrade Operate Docker Hub
  10. 10. GAINING SIGNIFICANT MOMENTUM GA March 2016 >20 million downloads 5,000 GitHub stars 100+ enterprise customers
  11. 11. WORKSHOP AGENDA • Infrastructure Side • How to modify and maintain multiple Kubernetes configurations easily • Configure separate data, cluster & worker nodes • Configure Kubernetes cloud providers • NFS & EBS configuration • Configuring Network types: IPSec & VXLan • Application Side • Deploy applications with Helm chart • Auto creation of disks and ELB in action • Custom Registry • Auto Scaling of hosts • Hosts upgrades
  12. 12. SETUP WITH DIGICAL OCEAN • Use the promo code DOBCC. It will give you $15 worth of credits on DigitalOcean platform. Please note the following: • a) You can sign up for an account @ https://cloud.digitalocean.com/registrations/new. The above promo code will add credits only to new DigitalOcean accounts. • b) Adding a payment option (credit/debit card or Paypal) is part of the sign up workflow. To verify the authenticity of the card, sometimes the payment gateway does an authorization charge of around $1 but this charge gets reversed immediately after the card has been verified. • c) Once the above promo code is applied, $15 in credits will be added to your account which can be used for anything on the
  13. 13. ENVIRONMENT TEMPLATES • Creating and customizing templates for different requirements in an organization • You can have different storage, networking and other requirements in different units/projects • You might want a true HA setup for Pre-prod/prod where as a simple setup for Development environment • Rancher enables this with template stacks - official as well as community supported. • You can create multiple environment templates and can launch environments based on template
  14. 14. DEMO
  15. 15. RESILIENCY PLANES • Objective: Achieve separation between data, Orchestration and compute nodes. • Data - Used by Etcd to store all data • Recommended minimum 3 • Orchestrate - for Kubernetes • Recommended minimum 2 (For HA) • Compute - for actual workload • 1 or more • You can not change a node type from one resiliency plane to other etcd=true orchestrate=true compute=true 1 2 3 1 2 1 N
  16. 16. CLOUD PROVIDER CONFIGURATION • Kubernetes cloud providers: interface to underlying cloud provider • Useful for things such as: Load balancer, Node management, Networks etc. • Rancher comes built with two cloud providers: Rancher & AWS • AWS provider can be used for ELB, EBS and Node management • Rancher provider is useful for Nodes & HAProxy based load balancers
  17. 17. DNS - USING DIGITAL OCEAN • Enables quick and easy integration with DNS (AWS Route53, Digital Ocean DNS etc.) • Each service of type Load Balancer - gets the load balancer auto provisioned and DNS record created. • DNS record is customizable
  18. 18. RANCHER NETWORK SERVICES VXLan (Overlay) • Unencrypted traffic between hosts • Good if underlying network is secure • Faster Configurable MTU IPSec (Overlay) • Encrypted traffic between hosts, MTU configurable • Good for public clouds • Relatively slow due to encryption overhead More plugins coming for • Calico • Weave etc. Network Manager • Interface to CNI plugin & responds to add/remove container events • Takes care of part mapping (Initial CNI did not have it) Rancher DNS • DNS Service within cluster, communicates with upstream DNS • Provides service discovery in cluster Rancher - Metadata • Metadata agent runs on all hosts • Provides Service Discovery locally Networking Under the hood All three components are open source
  19. 19. RANCHER HEALTH CHECK • Health check stack is one of infrastructure stacks • Launched as a set of containers and utilized HAProxy internally to validate health of containers • Containers are checked for health from multiple health check containers • If even one of health check containers respond positive on a service - then it is good • If all of health check containers respond negative on a service, then it is assumed down
  20. 20. PORTAINER • We deployed Portainer as part of the stack, which is a simple UI for containers. • The Dashboard is reachable at http://rancher- server:8080/r/projects/1a5/portainer/ (Just open the Kubernetes dashboard UI and change the URL) • Portainer is simple utility and shows containers on a host • This shows how easy it can be to deploy custom utilities stacks on top of Rancher
  21. 21. POWERFUL COMPOSITION • Every stack is a rancher-compose + docker-compose • You can custom create complete stack, upload and have a new environment template
  22. 22. AWS CLOUD PROVIDER BASED ENVIRONMENT • Create a AWS cloud provider based Kubernetes environment template and an environment • Create Roles for instance profiles for the Kubernetes master & agent - this enables the instances to attach disks or create ELB and so on • Create 4 hosts - one master & 3 nodes and install docker on them • Add the hosts manually to the Rancher environment • See the environment build up
  23. 23. WALKTHROUGH OF INFRA STACKS • Health check stack for health checks • IPSec networking for encrypted overlay traffic • Ingress controller for LB and Ingress management • Supporting Network services - NW manager and metadata • Portainer as a utility • Scheduler framework for additionally scheduling
  24. 24. WALKTHROUGH OF INFRA STACKS • Kubernetes stack for all core components • Controller manager control nodes, endpoints etc. • Kubernetes - API Server • Ingress controller for ingress & LB management • Core Scheduler
  25. 25. SAMPLE APPLICATION DEPLOYMENT • We will use a Helm chart to deploy WordPress stack - which contains the WordPress app & MySQL DB • MySQL DB needs a persistent disk - which be auto provisioned for us. • We also need a LoadBalancer - which will be auto created. • We won’t use DNS like we did in last example, but that is possible too.
  26. 26. HELM ON MY MACHINE • Configure ~/.kube/config file - verify with kubectl • ‘helm init’ - initializes all directories and standard repo • helm search WordPress • helm install --name bcc-release stable/wordpress
  27. 27. OH, WAIT, WHAT IS HELM? • Helm is a package manager for Kubernetes • Tiller - Repo Server • Chart - a package • Helm is the client for Tiller • Charts are in a repo (Typically some Git repo) • A chart - is set of manifests • The values can be defaulted to or overridden as input from user • A chart is released as a release so that it can be tracked.
  28. 28. IS WORDPRESS DEPLOYED? • Deployments for WordPress created • Services created • Volumes auto created • ELB auto created
  29. 29. MORE VALIDATIONS • PV & PVC created using the default storage class • And we can reach our blog:
  30. 30. WordPress helm chart - code walkthrough
  31. 31. HOST EVACUATION • You want to upgrade a host for some security patches or some change • But without disrupting normal operations • Evacuation helps you reschedule pods to other hosts, gracefully!
  32. 32. CUSTOM REGISTRY ADDITION • You can use Docker hub or any private registry • Host dockercfg is auto populated - so images can be pulled from those registries
  33. 33. RECEIVER HOOKS • Like webhooks - can be used to invoke actions in Rancher • Can be tied to let’s say monitoring system • Possible to achieve auto - host scaling & service upgrade as of today. • More actions & “Kind” of hooks coming soon
  34. 34. AND IT COMES WITH AN API • Rancher has a comprehensive API - and all actions can be done via API • API is well documented, has in browser accessibility and is exhaustive • Rancher also comes with a CLI
  36. 36. INGRESS: LOAD BALANCERS • For an ingress you need a load balancer. • Rancher creates/updates/manages Rancher load balancers based on ingress lifecycle, using rancher ingress controller. • This also makes usage of ingress easier outside a cloud provider. • Rancher load balancers support • Host/path based routing • TLS • Advanced targeting and scheduling of load balancers.