SlideShare a Scribd company logo

Kube-AWS

CoreOS
CoreOS

Colin Hom, Infrastructure Engineer at CoreOS

Technology
1 of 29
Download to read offline
Colin Hom - Infrastructure Engineer github.com/colhom | colin.hom@coreos.com Kube-AWS: Production Kubernetes Clusters on AWS
Design Goals Artifacts should be:
Design Goals Artifacts should be: Secure
Design Goals Artifacts should be: Secure Reproducible
Design Goals Artifacts should be: Secure Reproducible Auditable
Cloud EC2, VPC, IAM, security groups, Autoscaling groups
Cloud EC2, VPC, IAM, security groups, Autoscaling groups Host docker, flannel, etcd
Cloud EC2, VPC, IAM, security groups, Autoscaling groups Host docker, flannel, etcd Cluster hyperkube
Cloud EC2, VPC, IAM, security groups, Autoscaling groups Host docker, flannel, etcd Cluster hyperkube containers: - name: cat-pics-server image: quay.io/colin_hom/cat-pics:latest
“Under the hood” demo
$ kube-aws init --cluster-name=demo-chom --external-dns-name=my-cluster-endpoint --region=us-west-1 --availability-zone=us-west-1c --key-name=key-pair-name --kms-key-arn="arn:aws:kms:us-west-1: xxxxxxxxxx:key/xxxxxxxxxxxxxxxxxxx" $ ls -R . > cluster.yaml Step 1. Initialize your cluster configuration Under the hood
Under the hood cluster.yaml 1. init clusterName: demo-chom externalDNSName: demo.coreos.com availabilityZone: us-west-1c #workerCount: 1 #workerInstanceType: m3.medium #controllerInstanceType: m3.medium
$ kube-aws render $ ls -R . > userdata/ > credentials/ > stack-template.json > cluster.yaml > kubeconfig Step 2. Render cluster assets Under the hood
Under the hood init cluster.yaml render user data TLS credentials stack template 1. 2.
Under the hood init cluster.yaml render user data TLS credentials stack template 1. 2. "AutoScaleWorker": { "Properties": { "AvailabilityZones": [ "{{.AvailabilityZone}}" ], "DesiredCapacity": "{{.WorkerCount}}", …. }
$ kube-aws up …. (get coffee) $ kubectl get nodes > NAME STATUS AGE > node-1 READY 10m Step 3. Push the button! Under the hood
Under the hood init cluster.yaml render user data TLS credentials stack template 1. 2. up 3. stack template user data TLS credentials
Under the hood init cluster.yaml render user data TLS credentials stack template 1. 2. up 3. stack template user data TLS credentials
$ kube-aws up --export > Exporting demo-chom.stack-template.json $ git add my-cluster.stack-template.json $ git commit -am “first pass at my cluster!” Step 4. Save your state! Under the hood
render Under the hood init cluster.yaml user data TLS credentials stack template 1. 2. up 3. j stack template user data TLS credentials 4. export
Design Goals Secure Reproducible Auditable
$ git diff > --- a/cluster.yaml +++ b/cluster.yaml # Instance type for worker nodes -#workerInstanceType: m3.medium +workerInstanceType: m3.large $ kube-aws up --export > Exporting demo-chom.stack-template.json Let’s make some changes! Change the worker instance type from m3.medium to m3.large
$ git diff > # Instance type for worker nodes -#workerInstanceType: m3.medium +workerInstanceType: m3.large $ kube-aws up --export > Exporting demo-chom.stack-template.json Let’s make some changes! Change the worker instance type from m3.medium to m3.large
$ git diff > # Instance type for worker nodes -#workerInstanceType: m3.medium +workerInstanceType: m3.large $ kube-aws up --export > Exporting demo-chom.stack-template.json Let’s make some changes! Change the worker instance type from m3.medium to m3.large
$ git diff > # Instance type for worker nodes -#workerInstanceType: m3.medium +workerInstanceType: m3.large $ kube-aws up --export > Exporting demo-chom.stack-template.json $ git commit -am “workers are m3.large” Let’s make some changes! Change the worker instance type from m3.medium to m3.large
$ git diff HEAD~1 c542d5d8f20f6c059dfccc2b147f0097b1656 381 Author: Colin Hom <colhom@gmail.com> Date: Thu Apr 28 13:37:45 2016 -0700 # Instance type for worker nodes -#workerInstanceType: m3.medium +workerInstanceType: m3.large j Let’s make some changes!
Road to Version 1.0 Recently Completed: - Calico for network policy - Route53 Integration - Existing VPC support Future Work: - Zero-downtime upgrade path - HA control plane - Automated TLS rotation
github.com/coreos/coreos- kubernetes Colin Hom github.com/colhom | colin.hom@coreos.com | coreos.com We’re hiring in all departments! Email: careers@coreos.com Positions: coreos.com/ careers

Recommended

Tectonic Summit 2016: The Origins of Kubernetes
Tectonic Summit 2016: The Origins of KubernetesTectonic Summit 2016: The Origins of Kubernetes
Tectonic Summit 2016: The Origins of Kubernetes
CoreOS
 
GKE vs OpenStack Magnum
GKE vs OpenStack MagnumGKE vs OpenStack Magnum
GKE vs OpenStack Magnum
Motohiro OTSUKA
 
Scaling Docker Containers using Kubernetes and Azure Container Service
Scaling Docker Containers using Kubernetes and Azure Container ServiceScaling Docker Containers using Kubernetes and Azure Container Service
Scaling Docker Containers using Kubernetes and Azure Container Service
Ben Hall
 
Clair, A Container Image Security Analyzer
Clair, A Container Image Security AnalyzerClair, A Container Image Security Analyzer
Clair, A Container Image Security Analyzer
CoreOS
 
Rex gke-clustree
Rex gke-clustreeRex gke-clustree
Rex gke-clustree
Romain Vrignaud
 
[OpenInfra Days Korea 2018] Day 2 - E5-1: "Invited Talk: Kubicorn - Building ...
[OpenInfra Days Korea 2018] Day 2 - E5-1: "Invited Talk: Kubicorn - Building ...[OpenInfra Days Korea 2018] Day 2 - E5-1: "Invited Talk: Kubicorn - Building ...
[OpenInfra Days Korea 2018] Day 2 - E5-1: "Invited Talk: Kubicorn - Building ...
OpenStack Korea Community
 
CoreOS in a Nutshell
CoreOS in a NutshellCoreOS in a Nutshell
CoreOS in a Nutshell
CoreOS
 
Build Your Own CaaS (Container as a Service)
Build Your Own CaaS (Container as a Service)Build Your Own CaaS (Container as a Service)
Build Your Own CaaS (Container as a Service)
HungWei Chiu
 

Recommended

Tectonic Summit 2016: The Origins of Kubernetes
Tectonic Summit 2016: The Origins of KubernetesTectonic Summit 2016: The Origins of Kubernetes
Tectonic Summit 2016: The Origins of Kubernetes
CoreOS
 
GKE vs OpenStack Magnum
GKE vs OpenStack MagnumGKE vs OpenStack Magnum
GKE vs OpenStack Magnum
Motohiro OTSUKA
 
Scaling Docker Containers using Kubernetes and Azure Container Service
Scaling Docker Containers using Kubernetes and Azure Container ServiceScaling Docker Containers using Kubernetes and Azure Container Service
Scaling Docker Containers using Kubernetes and Azure Container Service
Ben Hall
 
Clair, A Container Image Security Analyzer
Clair, A Container Image Security AnalyzerClair, A Container Image Security Analyzer
Clair, A Container Image Security Analyzer
CoreOS
 
Rex gke-clustree
Rex gke-clustreeRex gke-clustree
Rex gke-clustree
Romain Vrignaud
 
[OpenInfra Days Korea 2018] Day 2 - E5-1: "Invited Talk: Kubicorn - Building ...
[OpenInfra Days Korea 2018] Day 2 - E5-1: "Invited Talk: Kubicorn - Building ...[OpenInfra Days Korea 2018] Day 2 - E5-1: "Invited Talk: Kubicorn - Building ...
[OpenInfra Days Korea 2018] Day 2 - E5-1: "Invited Talk: Kubicorn - Building ...
OpenStack Korea Community
 
CoreOS in a Nutshell
CoreOS in a NutshellCoreOS in a Nutshell
CoreOS in a Nutshell
CoreOS
 
Build Your Own CaaS (Container as a Service)
Build Your Own CaaS (Container as a Service)Build Your Own CaaS (Container as a Service)
Build Your Own CaaS (Container as a Service)
HungWei Chiu
 
Cantainer CI/ CD with Kubernetes
Cantainer CI/ CD with KubernetesCantainer CI/ CD with Kubernetes
Cantainer CI/ CD with Kubernetes
inwin stack
 
From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)
佑介 九岡
 
Clocker - The Docker Cloud Maker
Clocker - The Docker Cloud MakerClocker - The Docker Cloud Maker
Clocker - The Docker Cloud Maker
Andrew Kennedy
 
Kubernetes Boston — Custom High Availability of Kubernetes
Kubernetes Boston — Custom High Availability of KubernetesKubernetes Boston — Custom High Availability of Kubernetes
Kubernetes Boston — Custom High Availability of Kubernetes
Mike Splain
 
Cluster Networking with Docker
Cluster Networking with DockerCluster Networking with Docker
Cluster Networking with Docker
Stefan Schimanski
 
How to Achieve Canary Deployment on Kubernetes
How to Achieve Canary Deployment on KubernetesHow to Achieve Canary Deployment on Kubernetes
How to Achieve Canary Deployment on Kubernetes
HanLing Shen
 
Docker storage designing a platform for persistent data
Docker storage designing a platform for persistent dataDocker storage designing a platform for persistent data
Docker storage designing a platform for persistent data
Docker, Inc.
 
Cluster Lifecycle Landscape
Cluster Lifecycle LandscapeCluster Lifecycle Landscape
Cluster Lifecycle Landscape
Mike Danese
 
Monitoring, Logging and Tracing on Kubernetes
Monitoring, Logging and Tracing on KubernetesMonitoring, Logging and Tracing on Kubernetes
Monitoring, Logging and Tracing on Kubernetes
Martin Etmajer
 
Kubernetes meetup 101
Kubernetes meetup 101Kubernetes meetup 101
Kubernetes meetup 101
Jakir Patel
 
Kubernetes HA @ AppDirect - Montreal Kubernetes Meetup
Kubernetes HA @ AppDirect - Montreal Kubernetes MeetupKubernetes HA @ AppDirect - Montreal Kubernetes Meetup
Kubernetes HA @ AppDirect - Montreal Kubernetes Meetup
alexgervais
 
Immutable infrastructure 介紹與實做:以 kolla 為例
Immutable infrastructure 介紹與實做:以 kolla 為例Immutable infrastructure 介紹與實做:以 kolla 為例
Immutable infrastructure 介紹與實做:以 kolla 為例
kao kuo-tung
 
Kubernetes Walk Through from Technical View
Kubernetes Walk Through from Technical ViewKubernetes Walk Through from Technical View
Kubernetes Walk Through from Technical View
Lei (Harry) Zhang
 
Docker at Shopify: From This-Looks-Fun to Production by Simon Eskildsen (Shop...
Docker at Shopify: From This-Looks-Fun to Production by Simon Eskildsen (Shop...Docker at Shopify: From This-Looks-Fun to Production by Simon Eskildsen (Shop...
Docker at Shopify: From This-Looks-Fun to Production by Simon Eskildsen (Shop...
Docker, Inc.
 
Introduction to CircleCI
Introduction to CircleCIIntroduction to CircleCI
Introduction to CircleCI
HungWei Chiu
 
[OpenInfra Days Korea 2018] Day 1 - T4-7: "Ceph 스토리지, PaaS로 서비스 운영하기"
[OpenInfra Days Korea 2018] Day 1 - T4-7: "Ceph 스토리지, PaaS로 서비스 운영하기"[OpenInfra Days Korea 2018] Day 1 - T4-7: "Ceph 스토리지, PaaS로 서비스 운영하기"
[OpenInfra Days Korea 2018] Day 1 - T4-7: "Ceph 스토리지, PaaS로 서비스 운영하기"
OpenStack Korea Community
 
Thinking Inside the Container: A Continuous Delivery Story by Maxfield Stewart
Thinking Inside the Container: A Continuous Delivery Story by Maxfield Stewart Thinking Inside the Container: A Continuous Delivery Story by Maxfield Stewart
Thinking Inside the Container: A Continuous Delivery Story by Maxfield Stewart
Docker, Inc.
 
Scaling Development Environments with Docker
Scaling Development Environments with DockerScaling Development Environments with Docker
Scaling Development Environments with Docker
Docker, Inc.
 
Couch to OpenStack: Cinder - August 6, 2013
Couch to OpenStack: Cinder - August 6, 2013Couch to OpenStack: Cinder - August 6, 2013
Couch to OpenStack: Cinder - August 6, 2013
Trevor Roberts Jr.
 
Kubernetes Networking 101
Kubernetes Networking 101Kubernetes Networking 101
Kubernetes Networking 101
Weaveworks
 
Running Production-Grade Kubernetes on AWS
Running Production-Grade Kubernetes on AWSRunning Production-Grade Kubernetes on AWS
Running Production-Grade Kubernetes on AWS
DoiT International
 
DevOps in AWS with Kubernetes
DevOps in AWS with KubernetesDevOps in AWS with Kubernetes
DevOps in AWS with Kubernetes
Oleg Chunikhin
 

More Related Content

What's hot

Thinking Inside the Container: A Continuous Delivery Story by Maxfield Stewart
Thinking Inside the Container: A Continuous Delivery Story by Maxfield Stewart Thinking Inside the Container: A Continuous Delivery Story by Maxfield Stewart
Thinking Inside the Container: A Continuous Delivery Story by Maxfield Stewart
Docker, Inc.
 
Scaling Development Environments with Docker
Scaling Development Environments with DockerScaling Development Environments with Docker
Scaling Development Environments with Docker
Docker, Inc.
 

What's hot (20)

Cantainer CI/ CD with Kubernetes
Cantainer CI/ CD with KubernetesCantainer CI/ CD with Kubernetes
Cantainer CI/ CD with Kubernetes
 
From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)
 
Clocker - The Docker Cloud Maker
Clocker - The Docker Cloud MakerClocker - The Docker Cloud Maker
Clocker - The Docker Cloud Maker
 
Kubernetes Boston — Custom High Availability of Kubernetes
Kubernetes Boston — Custom High Availability of KubernetesKubernetes Boston — Custom High Availability of Kubernetes
Kubernetes Boston — Custom High Availability of Kubernetes
 
Cluster Networking with Docker
Cluster Networking with DockerCluster Networking with Docker
Cluster Networking with Docker
 
How to Achieve Canary Deployment on Kubernetes
How to Achieve Canary Deployment on KubernetesHow to Achieve Canary Deployment on Kubernetes
How to Achieve Canary Deployment on Kubernetes
 
Docker storage designing a platform for persistent data
Docker storage designing a platform for persistent dataDocker storage designing a platform for persistent data
Docker storage designing a platform for persistent data
 
Cluster Lifecycle Landscape
Cluster Lifecycle LandscapeCluster Lifecycle Landscape
Cluster Lifecycle Landscape
 
Monitoring, Logging and Tracing on Kubernetes
Monitoring, Logging and Tracing on KubernetesMonitoring, Logging and Tracing on Kubernetes
Monitoring, Logging and Tracing on Kubernetes
 
Kubernetes meetup 101
Kubernetes meetup 101Kubernetes meetup 101
Kubernetes meetup 101
 
Kubernetes HA @ AppDirect - Montreal Kubernetes Meetup
Kubernetes HA @ AppDirect - Montreal Kubernetes MeetupKubernetes HA @ AppDirect - Montreal Kubernetes Meetup
Kubernetes HA @ AppDirect - Montreal Kubernetes Meetup
 
Immutable infrastructure 介紹與實做:以 kolla 為例
Immutable infrastructure 介紹與實做:以 kolla 為例Immutable infrastructure 介紹與實做:以 kolla 為例
Immutable infrastructure 介紹與實做:以 kolla 為例
 
Kubernetes Walk Through from Technical View
Kubernetes Walk Through from Technical ViewKubernetes Walk Through from Technical View
Kubernetes Walk Through from Technical View
 
Docker at Shopify: From This-Looks-Fun to Production by Simon Eskildsen (Shop...
Docker at Shopify: From This-Looks-Fun to Production by Simon Eskildsen (Shop...Docker at Shopify: From This-Looks-Fun to Production by Simon Eskildsen (Shop...
Docker at Shopify: From This-Looks-Fun to Production by Simon Eskildsen (Shop...
 
Introduction to CircleCI
Introduction to CircleCIIntroduction to CircleCI
Introduction to CircleCI
 
[OpenInfra Days Korea 2018] Day 1 - T4-7: "Ceph 스토리지, PaaS로 서비스 운영하기"
[OpenInfra Days Korea 2018] Day 1 - T4-7: "Ceph 스토리지, PaaS로 서비스 운영하기"[OpenInfra Days Korea 2018] Day 1 - T4-7: "Ceph 스토리지, PaaS로 서비스 운영하기"
[OpenInfra Days Korea 2018] Day 1 - T4-7: "Ceph 스토리지, PaaS로 서비스 운영하기"
 
Thinking Inside the Container: A Continuous Delivery Story by Maxfield Stewart
Thinking Inside the Container: A Continuous Delivery Story by Maxfield Stewart Thinking Inside the Container: A Continuous Delivery Story by Maxfield Stewart
Thinking Inside the Container: A Continuous Delivery Story by Maxfield Stewart
 
Scaling Development Environments with Docker
Scaling Development Environments with DockerScaling Development Environments with Docker
Scaling Development Environments with Docker
 
Couch to OpenStack: Cinder - August 6, 2013
Couch to OpenStack: Cinder - August 6, 2013Couch to OpenStack: Cinder - August 6, 2013
Couch to OpenStack: Cinder - August 6, 2013
 
Kubernetes Networking 101
Kubernetes Networking 101Kubernetes Networking 101
Kubernetes Networking 101
 

Viewers also liked

Web scale infrastructures with kubernetes and flannel
Web scale infrastructures with kubernetes and flannelWeb scale infrastructures with kubernetes and flannel
Web scale infrastructures with kubernetes and flannel
purpleocean
 
Kubernetes automation in production
Kubernetes automation in productionKubernetes automation in production
Kubernetes automation in production
Paul Bakker
 
Intro to Project Calico: a pure layer 3 approach to scale-out networking
Intro to Project Calico: a pure layer 3 approach to scale-out networkingIntro to Project Calico: a pure layer 3 approach to scale-out networking
Intro to Project Calico: a pure layer 3 approach to scale-out networking
Packet
 
Deliver Docker Containers Continuously on AWS - QCon 2017
Deliver Docker Containers Continuously on AWS - QCon 2017Deliver Docker Containers Continuously on AWS - QCon 2017
Deliver Docker Containers Continuously on AWS - QCon 2017
Philipp Garbe
 
Container Network Interface: Network Plugins for Kubernetes and beyond
Container Network Interface: Network Plugins for Kubernetes and beyondContainer Network Interface: Network Plugins for Kubernetes and beyond
Container Network Interface: Network Plugins for Kubernetes and beyond
KubeAcademy
 
Scaling Docker with Kubernetes
Scaling Docker with KubernetesScaling Docker with Kubernetes
Scaling Docker with Kubernetes
Carlos Sanchez
 

Viewers also liked (20)

Running Production-Grade Kubernetes on AWS
Running Production-Grade Kubernetes on AWSRunning Production-Grade Kubernetes on AWS
Running Production-Grade Kubernetes on AWS
 
DevOps in AWS with Kubernetes
DevOps in AWS with KubernetesDevOps in AWS with Kubernetes
DevOps in AWS with Kubernetes
 
Kubernetes networking in AWS
Kubernetes networking in AWSKubernetes networking in AWS
Kubernetes networking in AWS
 
Tectonic Summit 2016: CoreOS Tectonic on AWS
Tectonic Summit 2016: CoreOS Tectonic on AWSTectonic Summit 2016: CoreOS Tectonic on AWS
Tectonic Summit 2016: CoreOS Tectonic on AWS
 
Monitoring with Stackdriver
Monitoring with StackdriverMonitoring with Stackdriver
Monitoring with Stackdriver
 
Web scale infrastructures with kubernetes and flannel
Web scale infrastructures with kubernetes and flannelWeb scale infrastructures with kubernetes and flannel
Web scale infrastructures with kubernetes and flannel
 
Scaling Jenkins with Kubernetes by Ami Mahloof
Scaling Jenkins with Kubernetes by Ami MahloofScaling Jenkins with Kubernetes by Ami Mahloof
Scaling Jenkins with Kubernetes by Ami Mahloof
 
Kubernetes automation in production
Kubernetes automation in productionKubernetes automation in production
Kubernetes automation in production
 
Intro to Project Calico: a pure layer 3 approach to scale-out networking
Intro to Project Calico: a pure layer 3 approach to scale-out networkingIntro to Project Calico: a pure layer 3 approach to scale-out networking
Intro to Project Calico: a pure layer 3 approach to scale-out networking
 
Lena Koinberg | Fysik: Mått och materia
Lena Koinberg | Fysik: Mått och materiaLena Koinberg | Fysik: Mått och materia
Lena Koinberg | Fysik: Mått och materia
 
Kubernetes Networking - Giragadurai Vallirajan
Kubernetes Networking - Giragadurai VallirajanKubernetes Networking - Giragadurai Vallirajan
Kubernetes Networking - Giragadurai Vallirajan
 
AWS Black Belt Techシリーズ AWS Key Management Service
AWS Black Belt Techシリーズ AWS Key Management ServiceAWS Black Belt Techシリーズ AWS Key Management Service
AWS Black Belt Techシリーズ AWS Key Management Service
 
Deliver Docker Containers Continuously on AWS - QCon 2017
Deliver Docker Containers Continuously on AWS - QCon 2017Deliver Docker Containers Continuously on AWS - QCon 2017
Deliver Docker Containers Continuously on AWS - QCon 2017
 
Kubernetes networking: Introduction to overlay networks, communication models...
Kubernetes networking: Introduction to overlay networks, communication models...Kubernetes networking: Introduction to overlay networks, communication models...
Kubernetes networking: Introduction to overlay networks, communication models...
 
Tutorial on using CoreOS Flannel for Docker networking
Tutorial on using CoreOS Flannel for Docker networkingTutorial on using CoreOS Flannel for Docker networking
Tutorial on using CoreOS Flannel for Docker networking
 
Container Days Boston - Kubernetes in production
Container Days Boston - Kubernetes in productionContainer Days Boston - Kubernetes in production
Container Days Boston - Kubernetes in production
 
Introduction to DevOps on AWS
Introduction to DevOps on AWSIntroduction to DevOps on AWS
Introduction to DevOps on AWS
 
Container Network Interface: Network Plugins for Kubernetes and beyond
Container Network Interface: Network Plugins for Kubernetes and beyondContainer Network Interface: Network Plugins for Kubernetes and beyond
Container Network Interface: Network Plugins for Kubernetes and beyond
 
Scaling Docker with Kubernetes
Scaling Docker with KubernetesScaling Docker with Kubernetes
Scaling Docker with Kubernetes
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes Basics
 

Similar to Kube-AWS

DevOps Workflow: A Tutorial on Linux Containers
DevOps Workflow: A Tutorial on Linux ContainersDevOps Workflow: A Tutorial on Linux Containers
DevOps Workflow: A Tutorial on Linux Containers
inside-BigData.com
 
Deploying a Kubernetes App with Amazon EKS
Deploying a Kubernetes App with Amazon EKSDeploying a Kubernetes App with Amazon EKS
Deploying a Kubernetes App with Amazon EKS
Laura Frank Tacho
 

Similar to Kube-AWS (20)

CI/CD on pure AWS
CI/CD on pure AWSCI/CD on pure AWS
CI/CD on pure AWS
 
What Is AWS Elastic Kubernetes Service
What Is AWS Elastic Kubernetes Service What Is AWS Elastic Kubernetes Service
What Is AWS Elastic Kubernetes Service
 
Shakr - Container CI/CD with Google Cloud Platform
Shakr - Container CI/CD with Google Cloud PlatformShakr - Container CI/CD with Google Cloud Platform
Shakr - Container CI/CD with Google Cloud Platform
 
A 60-minute tour of AWS Compute (November 2016)
A 60-minute tour of AWS Compute (November 2016)A 60-minute tour of AWS Compute (November 2016)
A 60-minute tour of AWS Compute (November 2016)
 
Docker Security workshop slides
Docker Security workshop slidesDocker Security workshop slides
Docker Security workshop slides
 
Bitbucket Pipelines - Powered by Kubernetes
Bitbucket Pipelines - Powered by KubernetesBitbucket Pipelines - Powered by Kubernetes
Bitbucket Pipelines - Powered by Kubernetes
 
Service Delivery Assembly Line with Vagrant, Packer, and Ansible
Service Delivery Assembly Line with Vagrant, Packer, and AnsibleService Delivery Assembly Line with Vagrant, Packer, and Ansible
Service Delivery Assembly Line with Vagrant, Packer, and Ansible
 
OpenSource ToolChain for the Hybrid Cloud
OpenSource ToolChain for the Hybrid CloudOpenSource ToolChain for the Hybrid Cloud
OpenSource ToolChain for the Hybrid Cloud
 
Intro to application packaging in K8 , Helm, Kustomize and Ship
Intro to application packaging in K8 , Helm, Kustomize and ShipIntro to application packaging in K8 , Helm, Kustomize and Ship
Intro to application packaging in K8 , Helm, Kustomize and Ship
 
From Kubernetes to OpenStack in Sydney
From Kubernetes to OpenStack in SydneyFrom Kubernetes to OpenStack in Sydney
From Kubernetes to OpenStack in Sydney
 
Assembling an Open Source Toolchain to Manage Public, Private and Hybrid Clou...
Assembling an Open Source Toolchain to Manage Public, Private and Hybrid Clou...Assembling an Open Source Toolchain to Manage Public, Private and Hybrid Clou...
Assembling an Open Source Toolchain to Manage Public, Private and Hybrid Clou...
 
Exploring MySQL Operator for Kubernetes in Python
Exploring MySQL Operator for Kubernetes in PythonExploring MySQL Operator for Kubernetes in Python
Exploring MySQL Operator for Kubernetes in Python
 
Julien Simon "Scaling ML from 0 to millions of users"
Julien Simon "Scaling ML from 0 to millions of users"Julien Simon "Scaling ML from 0 to millions of users"
Julien Simon "Scaling ML from 0 to millions of users"
 
DevOps Workflow: A Tutorial on Linux Containers
DevOps Workflow: A Tutorial on Linux ContainersDevOps Workflow: A Tutorial on Linux Containers
DevOps Workflow: A Tutorial on Linux Containers
 
Packer, where DevOps begins
Packer, where DevOps beginsPacker, where DevOps begins
Packer, where DevOps begins
 
Docker on AWS with Amazon ECR & ECS - Pop-up Loft Tel Aviv
Docker on AWS with Amazon ECR & ECS - Pop-up Loft Tel Aviv Docker on AWS with Amazon ECR & ECS - Pop-up Loft Tel Aviv
Docker on AWS with Amazon ECR & ECS - Pop-up Loft Tel Aviv
 
AWS Lambda from the trenches
AWS Lambda from the trenchesAWS Lambda from the trenches
AWS Lambda from the trenches
 
VSTS Release Pipelines with Kubernetes
VSTS Release Pipelines with KubernetesVSTS Release Pipelines with Kubernetes
VSTS Release Pipelines with Kubernetes
 
Deploying a Kubernetes App with Amazon EKS
Deploying a Kubernetes App with Amazon EKSDeploying a Kubernetes App with Amazon EKS
Deploying a Kubernetes App with Amazon EKS
 
Building a Kubernetes App with Amazon EKS
Building a Kubernetes App with Amazon EKSBuilding a Kubernetes App with Amazon EKS
Building a Kubernetes App with Amazon EKS
 

More from CoreOS

Tectonic Summit 2016: Networking for Kubernetes
Tectonic Summit 2016: Networking for Kubernetes Tectonic Summit 2016: Networking for Kubernetes
Tectonic Summit 2016: Networking for Kubernetes
CoreOS
 

More from CoreOS (13)

Tectonic Summit 2016: Managing 6 PB of Earth Imagery with Kubernetes
Tectonic Summit 2016: Managing 6 PB of Earth Imagery with KubernetesTectonic Summit 2016: Managing 6 PB of Earth Imagery with Kubernetes
Tectonic Summit 2016: Managing 6 PB of Earth Imagery with Kubernetes
 
Tectonic Summit 2016: It's Go Time
Tectonic Summit 2016: It's Go Time Tectonic Summit 2016: It's Go Time
Tectonic Summit 2016: It's Go Time
 
Tectonic Summit 2016: Betting on Kubernetes
Tectonic Summit 2016: Betting on KubernetesTectonic Summit 2016: Betting on Kubernetes
Tectonic Summit 2016: Betting on Kubernetes
 
Tectonic Summit 2016: Multi-Cluster Kubernetes: Planning for Unknowns
Tectonic Summit 2016: Multi-Cluster Kubernetes: Planning for UnknownsTectonic Summit 2016: Multi-Cluster Kubernetes: Planning for Unknowns
Tectonic Summit 2016: Multi-Cluster Kubernetes: Planning for Unknowns
 
Tectonic Summit 2016: Networking for Kubernetes
Tectonic Summit 2016: Networking for Kubernetes Tectonic Summit 2016: Networking for Kubernetes
Tectonic Summit 2016: Networking for Kubernetes
 
Tectonic Summit 2016: Multitenant Data Architectures with Kubernetes
Tectonic Summit 2016: Multitenant Data Architectures with KubernetesTectonic Summit 2016: Multitenant Data Architectures with Kubernetes
Tectonic Summit 2016: Multitenant Data Architectures with Kubernetes
 
Tectonic Summit 2016: Brandon Philips, CTO of CoreOS, Keynote
Tectonic Summit 2016: Brandon Philips, CTO of CoreOS, KeynoteTectonic Summit 2016: Brandon Philips, CTO of CoreOS, Keynote
Tectonic Summit 2016: Brandon Philips, CTO of CoreOS, Keynote
 
Tectonic Summit 2016: Ticketmaster's Public Cloud & Kubernetes Strategy
Tectonic Summit 2016: Ticketmaster's Public Cloud & Kubernetes StrategyTectonic Summit 2016: Ticketmaster's Public Cloud & Kubernetes Strategy
Tectonic Summit 2016: Ticketmaster's Public Cloud & Kubernetes Strategy
 
Tectonic Summit 2016: Alex Polvi, CEO of CoreOS, Keynote
Tectonic Summit 2016: Alex Polvi, CEO of CoreOS, KeynoteTectonic Summit 2016: Alex Polvi, CEO of CoreOS, Keynote
Tectonic Summit 2016: Alex Polvi, CEO of CoreOS, Keynote
 
Tectonic Summit 2016: Kubernetes 1.5 and Beyond
Tectonic Summit 2016: Kubernetes 1.5 and BeyondTectonic Summit 2016: Kubernetes 1.5 and Beyond
Tectonic Summit 2016: Kubernetes 1.5 and Beyond
 
Tectonic Summit 2016: Preparing for Cloud Native
Tectonic Summit 2016: Preparing for Cloud Native Tectonic Summit 2016: Preparing for Cloud Native
Tectonic Summit 2016: Preparing for Cloud Native
 
Etcd- Mission Critical Key-Value Store
Etcd- Mission Critical Key-Value StoreEtcd- Mission Critical Key-Value Store
Etcd- Mission Critical Key-Value Store
 
Tectonic Summit 2015: Containers Across the Cloud and Data Center
Tectonic Summit 2015: Containers Across the Cloud and Data CenterTectonic Summit 2015: Containers Across the Cloud and Data Center
Tectonic Summit 2015: Containers Across the Cloud and Data Center
 

Recently uploaded

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 

Recently uploaded (20)

Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 

Kube-AWS

  • 1. Colin Hom - Infrastructure Engineer github.com/colhom | colin.hom@coreos.com Kube-AWS: Production Kubernetes Clusters on AWS
  • 4. Design Goals Artifacts should be: Secure Reproducible
  • 5. Design Goals Artifacts should be: Secure Reproducible Auditable
  • 6.
  • 7. Cloud EC2, VPC, IAM, security groups, Autoscaling groups
  • 8. Cloud EC2, VPC, IAM, security groups, Autoscaling groups Host docker, flannel, etcd
  • 9. Cloud EC2, VPC, IAM, security groups, Autoscaling groups Host docker, flannel, etcd Cluster hyperkube
  • 10. Cloud EC2, VPC, IAM, security groups, Autoscaling groups Host docker, flannel, etcd Cluster hyperkube containers: - name: cat-pics-server image: quay.io/colin_hom/cat-pics:latest
  • 12. $ kube-aws init --cluster-name=demo-chom --external-dns-name=my-cluster-endpoint --region=us-west-1 --availability-zone=us-west-1c --key-name=key-pair-name --kms-key-arn="arn:aws:kms:us-west-1: xxxxxxxxxx:key/xxxxxxxxxxxxxxxxxxx" $ ls -R . > cluster.yaml Step 1. Initialize your cluster configuration Under the hood
  • 13. Under the hood cluster.yaml 1. init clusterName: demo-chom externalDNSName: demo.coreos.com availabilityZone: us-west-1c #workerCount: 1 #workerInstanceType: m3.medium #controllerInstanceType: m3.medium
  • 14. $ kube-aws render $ ls -R . > userdata/ > credentials/ > stack-template.json > cluster.yaml > kubeconfig Step 2. Render cluster assets Under the hood
  • 15. Under the hood init cluster.yaml render user data TLS credentials stack template 1. 2.
  • 16. Under the hood init cluster.yaml render user data TLS credentials stack template 1. 2. "AutoScaleWorker": { "Properties": { "AvailabilityZones": [ "{{.AvailabilityZone}}" ], "DesiredCapacity": "{{.WorkerCount}}", …. }
  • 17. $ kube-aws up …. (get coffee) $ kubectl get nodes > NAME STATUS AGE > node-1 READY 10m Step 3. Push the button! Under the hood
  • 18. Under the hood init cluster.yaml render user data TLS credentials stack template 1. 2. up 3. stack template user data TLS credentials
  • 19. Under the hood init cluster.yaml render user data TLS credentials stack template 1. 2. up 3. stack template user data TLS credentials
  • 20. $ kube-aws up --export > Exporting demo-chom.stack-template.json $ git add my-cluster.stack-template.json $ git commit -am “first pass at my cluster!” Step 4. Save your state! Under the hood
  • 21. render Under the hood init cluster.yaml user data TLS credentials stack template 1. 2. up 3. j stack template user data TLS credentials 4. export
  • 23. $ git diff > --- a/cluster.yaml +++ b/cluster.yaml # Instance type for worker nodes -#workerInstanceType: m3.medium +workerInstanceType: m3.large $ kube-aws up --export > Exporting demo-chom.stack-template.json Let’s make some changes! Change the worker instance type from m3.medium to m3.large
  • 24. $ git diff > # Instance type for worker nodes -#workerInstanceType: m3.medium +workerInstanceType: m3.large $ kube-aws up --export > Exporting demo-chom.stack-template.json Let’s make some changes! Change the worker instance type from m3.medium to m3.large
  • 25. $ git diff > # Instance type for worker nodes -#workerInstanceType: m3.medium +workerInstanceType: m3.large $ kube-aws up --export > Exporting demo-chom.stack-template.json Let’s make some changes! Change the worker instance type from m3.medium to m3.large
  • 26. $ git diff > # Instance type for worker nodes -#workerInstanceType: m3.medium +workerInstanceType: m3.large $ kube-aws up --export > Exporting demo-chom.stack-template.json $ git commit -am “workers are m3.large” Let’s make some changes! Change the worker instance type from m3.medium to m3.large
  • 27. $ git diff HEAD~1 c542d5d8f20f6c059dfccc2b147f0097b1656 381 Author: Colin Hom <colhom@gmail.com> Date: Thu Apr 28 13:37:45 2016 -0700 # Instance type for worker nodes -#workerInstanceType: m3.medium +workerInstanceType: m3.large j Let’s make some changes!
  • 28. Road to Version 1.0 Recently Completed: - Calico for network policy - Route53 Integration - Existing VPC support Future Work: - Zero-downtime upgrade path - HA control plane - Automated TLS rotation
  • 29. github.com/coreos/coreos- kubernetes Colin Hom github.com/colhom | colin.hom@coreos.com | coreos.com We’re hiring in all departments! Email: careers@coreos.com Positions: coreos.com/ careers