SlideShare una empresa de Scribd logo

Application portability with kubernetes

Descargar como PPTX, PDF
Oleg Chunikhin
Oleg Chunikhin

The presentation was given on 11/12/2018 on CloudExpo NY. The presentation talks about software portability approaches and technologies on Kubernetes, microservices, service mesh, and serverless platforms

Software
1 de 27
Application Portability with Kubernetes Oleg Chunikhin |CTO, Kublr
Introductions Oleg Chunikhin CTO, Kublr • Nearly 20 years in the field of software architecture and development. • Joined Kublr in 2016. • Kublr is an enterprise Kubernetes management and operations platform that helps accelerate Kubernetes adoption and containerized applications management for enterprises.
Software Portability Ability to be used in varying environments • Different clouds • Cloud, on-prem, hybrid • Different OS or OS flavors • Desktop, data center Why? • Move load quickly (geography, cost, features) • Lifecycle (dev / test / staging / production environments) • Disaster recovery • Split-tier architecture (application tiers may reside in different environments) • Cloud-bursting
Portability Pre-requisites • Generalized abstraction between the application logic and system interfaces. • Application designed for portability • Technology stack and platform that support portability
System Abstractions Application Database Exclusive FS Shared FS Routing SSL TermBalancing Messaging
“Rich” Platform Application Routing SSL TermBalancing Platform or framework Platform or framework Database Exclusive FS Shared FS Messaging
Not Quite as Rich a Platform Application ?Routing? ?SSL Term?Balancing Platform Platform ?Database? Exclusive FS Shared FS Messaging
“Poor” Platform Application ?Routing? ?SSL Term??Balancing? Platform ?Database? Exclusive FS ?Shared FS? ?Messaging?
Compute Abstractions Application Functions Services Containers Instances
Compute Abstractions Application ?Functions? ?Services? ?Containers? Instances
Kubernetes to the Rescue Kubernetes is a portable container orchestration framework • Simple and powerful application abstraction – interconnected containers • Simple and flexible containers configuration and connections • Extensible framework and abstractions for traffic management processing • Service • Ingress and Ingress Controllers • Extensible framework and abstractions for storage management • Configuration templating tools: Helm, Ksonnet • Microservices and Serverless frameworks
Kubernetes Abstractions Environment-provided and/or Self-hosted services K8S Container Orchestration Application Route ServiceIngress Service Mesh Serverless ConfigMap Secret PersistentVolume API Gateway NetworkPolicy Database Exclusive FS Shared FS Messaging Routing SSL TermBalancing ServerlessServiceMesh ContainerOrchestration
Container Orchestration Master Node K8s master components: etcd, scheduler, api, controller K8s metadata Docker kubelet App data Infrastructure and application containers Infrastructure and application containers Overlay network K8s node components: overlay network, discovery, connectivity
Service External node ports or external load balancer Kubernetes cluster Pod A-1 10.0.0.3 Pod A-2 10.0.1.5 Pod B-1 10.0.0.8 SrvB 10.7.0.3 Internal service SrvA 10.7.0.1 SrvC 10.7.0.5 Ext Resourc e
Ingress Kubernetes cluster SrvA 10.7.0.1 SrvB 10.7.0.3 Ingress rule 1: abc.com/abc > SrvA Ingress rule 2: def.com/def > SrvB Pod A-1 Pod A-2 Pod B-1
Ingress Controller Ingress controller implementations • AWS ALB • HAProxy • Nginx • Kong API Management • Letsencrypt • ... Edge / entry point / load balancer Kubernetes cluster SrvA 10.7.0.1 SrvB 10.7.0.3 Ingress controller Ingress rule 1: abc.com/abc > SrvA Ingress rule 2: def.com/def > SrvB Pod A-1 Pod A-2 Pod B-1
Configurability and Persistence Pod Container 1 Container 2 Persistent Volume: NFS, Gluster, ceph, EBS, dir, etc Volume Volume Claim Volume Mount Volume Mount Config Map Secret Storage Class Static or dynamically allocated
Service Mesh on Kubernetes Kubernetes Service B Infrastructu re and application containers Pod Envoy Svc B Service A Infrastructu re and application containers Pod Envoy Svc A HTTP, gRPC, TCP SSL or plain Istio Control Plane Pilot Mixer Auth HTTP, gRPC, TCP SSL or plain • Access control policies • Routing policies • Usage policies Tracing Dashboard Collector Istio, Conduit, Linkerd, Zipkin, Jaeger • Pilot • Service discovery for Envoy and traffic routing • Splitting: gradual (canary) rollout, A/B testing • Fault injection • Mirroring • Failure recovery: circuit breakers, retries, timeouts • Mixer • Per-request policies: access and usage control • Auth • Request authentication and encryption • Identity and credential management • Envoy • Request routing and processing; attributes • Zipkin/Jaeger, Prometheus/Grafana • Distributed request tracing • Monitoring
Serverless on Kubernetes Kubernetes serverless Frameworks: • Fn • Fission • Kubeless Kubernetes Generic Executor Pod Controller HTTP, gRPC, TCP SSL or plain Specific Executor Pod BuilderRouter Pod Message queue (async calls)
Serverless Abstraction Frameworks Kubernetes Generic Executor Pod Controller Specific Executor Pod BuilderRouter Pod Serverless
Other resources Resource Managed Self-hosted / Portable File system/Files AWS EFS, EBS, S3; Azure Storage Rook/Ceph; Portworx; GlusterFS Database AWS RDS; Azure DB Vitess; MySql; Postgres TLS Certificates AWS Cert Mgmt; Azure Cert Mgmt Letsencrypt; K8S Cert Authority Messaging AWS SQS; Azure Messaging RabbitMQ; ActiveMQ; NATS API Management AWS API Mgmt; Azure API Mgmt Kong; Tyk Containers/K8S AWS EKS/ECS; Azure AKS/ACS Kubernetes
Putting it all Together Application AWS EFS AWS EKS AWS ELB Amazon API Management AWS RDS AWS Lambda Application Vitess Kubeless Ingress Nginx Kong Rook/Ceph NAS Hardware LB Serverless
Gotchas and Considerations • Abstractions leak • Ingress rules often use controller specific annotations • Implementations may defy abstractions • AWS Cert management hides private keys, while letsencrypt K8S integration • Managed vs self-hosted • Self-hosted is more difficult to operate than managed • Data synchronization / replication • Cross-environment ingress management • Cross-environment operations
Gotchas and Considerations • Implementations are different • Functionality • SLA, QoS, Performance • Tuning • Managed services may be better tuned for hardware • Self-hosted services may be better tuned for applications • Examples • AWS EBS are AZ local • Letsencrypt certificate issuance rate limits
Takeaways • Kubernetes provides powerful and flexible infrastructure abstractions: PV, Ingress, Services etc • Kubernetes enables and simplifies usage of self- hosted resources and frameworks where managed ones are not available • Well-designed cloud native Kubernetes applications are portable, and easy to test, experiment, and configure
Q&A
Oleg Chunikhin Chief Technology Officer oleg@kublr.com Kublr | kublr.com Thank you!

Recomendados

Centralizing Kubernetes and Container Operations
Centralizing Kubernetes and Container OperationsCentralizing Kubernetes and Container Operations
Centralizing Kubernetes and Container OperationsKublr
 
The Evolution of your Kubernetes Cluster
The Evolution of your Kubernetes ClusterThe Evolution of your Kubernetes Cluster
The Evolution of your Kubernetes ClusterKublr
 
Kubernetes data science and machine learning
Kubernetes data science and machine learningKubernetes data science and machine learning
Kubernetes data science and machine learningKublr
 
Setup Hybrid Clusters Using Kubernetes Federation
Setup Hybrid Clusters Using Kubernetes FederationSetup Hybrid Clusters Using Kubernetes Federation
Setup Hybrid Clusters Using Kubernetes Federationinwin stack
 
Setup kubernetes federation between clusters
Setup kubernetes federation between clustersSetup kubernetes federation between clusters
Setup kubernetes federation between clustersssuser75c76a2
 
基於 K8S 開發的 FaaS 專案 - riff
基於 K8S 開發的 FaaS 專案 - riff基於 K8S 開發的 FaaS 專案 - riff
基於 K8S 開發的 FaaS 專案 - riffinwin stack
 
Ports, pods and proxies
Ports, pods and proxiesPorts, pods and proxies
Ports, pods and proxiesLibbySchulze
 
Container Runtime Security with Falco, by Néstor Salceda
Container Runtime Security with Falco, by Néstor SalcedaContainer Runtime Security with Falco, by Néstor Salceda
Container Runtime Security with Falco, by Néstor SalcedaCloud Native Day Tel Aviv
 

Recomendados

Centralizing Kubernetes and Container Operations
Centralizing Kubernetes and Container OperationsCentralizing Kubernetes and Container Operations
Centralizing Kubernetes and Container OperationsKublr
 
The Evolution of your Kubernetes Cluster
The Evolution of your Kubernetes ClusterThe Evolution of your Kubernetes Cluster
The Evolution of your Kubernetes ClusterKublr
 
Kubernetes data science and machine learning
Kubernetes data science and machine learningKubernetes data science and machine learning
Kubernetes data science and machine learningKublr
 
Setup Hybrid Clusters Using Kubernetes Federation
Setup Hybrid Clusters Using Kubernetes FederationSetup Hybrid Clusters Using Kubernetes Federation
Setup Hybrid Clusters Using Kubernetes Federationinwin stack
 
Setup kubernetes federation between clusters
Setup kubernetes federation between clustersSetup kubernetes federation between clusters
Setup kubernetes federation between clustersssuser75c76a2
 
基於 K8S 開發的 FaaS 專案 - riff
基於 K8S 開發的 FaaS 專案 - riff基於 K8S 開發的 FaaS 專案 - riff
基於 K8S 開發的 FaaS 專案 - riffinwin stack
 
Ports, pods and proxies
Ports, pods and proxiesPorts, pods and proxies
Ports, pods and proxiesLibbySchulze
 
Container Runtime Security with Falco, by Néstor Salceda
Container Runtime Security with Falco, by Néstor SalcedaContainer Runtime Security with Falco, by Néstor Salceda
Container Runtime Security with Falco, by Néstor SalcedaCloud Native Day Tel Aviv
 
StarlingX - A Platform for the Distributed Edge | Ildiko Vancsa
StarlingX - A Platform for the Distributed Edge | Ildiko VancsaStarlingX - A Platform for the Distributed Edge | Ildiko Vancsa
StarlingX - A Platform for the Distributed Edge | Ildiko VancsaVietnam Open Infrastructure User Group
 
實際架構實踐演化與解決方案
實際架構實踐演化與解決方案實際架構實踐演化與解決方案
實際架構實踐演化與解決方案Camel Camel
 
Kubernetes Networking 101
Kubernetes Networking 101Kubernetes Networking 101
Kubernetes Networking 101Kublr
 
Service Discovery and Registration in a Microservices Architecture
Service Discovery and Registration in a Microservices ArchitectureService Discovery and Registration in a Microservices Architecture
Service Discovery and Registration in a Microservices ArchitecturePLUMgrid
 
Secure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CI
Secure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CISecure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CI
Secure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CIMitchell Pronschinske
 
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18CodeOps Technologies LLP
 
Virtualized Containers - How Good is it - Ananth - Siemens - CC18
Virtualized Containers - How Good is it - Ananth - Siemens - CC18Virtualized Containers - How Good is it - Ananth - Siemens - CC18
Virtualized Containers - How Good is it - Ananth - Siemens - CC18CodeOps Technologies LLP
 
Container Orchestration
Container OrchestrationContainer Orchestration
Container Orchestrationdfilppi
 
Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...
Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...
Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...Sanjeev Rampal
 
Tectonic Summit 2016: Brandon Philips, CTO of CoreOS, Keynote
Tectonic Summit 2016: Brandon Philips, CTO of CoreOS, KeynoteTectonic Summit 2016: Brandon Philips, CTO of CoreOS, Keynote
Tectonic Summit 2016: Brandon Philips, CTO of CoreOS, KeynoteCoreOS
 
Practical Guide to Securing Kubernetes
Practical Guide to Securing KubernetesPractical Guide to Securing Kubernetes
Practical Guide to Securing KubernetesLacework
 
Build Robust Blockchain Services with Hyperledger and Containers
Build Robust Blockchain Services with Hyperledger and ContainersBuild Robust Blockchain Services with Hyperledger and Containers
Build Robust Blockchain Services with Hyperledger and ContainersLinuxCon ContainerCon CloudOpen China
 
Stateless and Stateful Services in Kubernetes - Mohit Saxena - Citrix - CC18
Stateless and Stateful Services in Kubernetes - Mohit Saxena - Citrix - CC18Stateless and Stateful Services in Kubernetes - Mohit Saxena - Citrix - CC18
Stateless and Stateful Services in Kubernetes - Mohit Saxena - Citrix - CC18CodeOps Technologies LLP
 
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ... The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...Josef Adersberger
 
Istio on Kubernetes
Istio on KubernetesIstio on Kubernetes
Istio on KubernetesDaneyon Hansen
 
Sf bay area Kubernetes meetup dec8 2016 - deployment models
Sf bay area Kubernetes meetup dec8 2016 - deployment modelsSf bay area Kubernetes meetup dec8 2016 - deployment models
Sf bay area Kubernetes meetup dec8 2016 - deployment modelsPeter Ss
 
A sail in the cloud
A sail in the cloudA sail in the cloud
A sail in the cloudKamesh Sampath
 
KURMA - A Containerized Container Platform - KubeCon 2016
KURMA - A Containerized Container Platform - KubeCon 2016KURMA - A Containerized Container Platform - KubeCon 2016
KURMA - A Containerized Container Platform - KubeCon 2016Apcera
 
The Challenges of Becoming Cloud Native
The Challenges of Becoming Cloud NativeThe Challenges of Becoming Cloud Native
The Challenges of Becoming Cloud NativeBen Hall
 
Ambassador Kubernetes-Native API Gateway
Ambassador Kubernetes-Native API GatewayAmbassador Kubernetes-Native API Gateway
Ambassador Kubernetes-Native API GatewayAmbassador Labs
 
Application Portability with Kubernetes (k8)
Application Portability with Kubernetes (k8)Application Portability with Kubernetes (k8)
Application Portability with Kubernetes (k8)Kublr
 
Azure Kubernetes Service 2019 ふりかえり
Azure Kubernetes Service 2019 ふりかえりAzure Kubernetes Service 2019 ふりかえり
Azure Kubernetes Service 2019 ふりかえりToru Makabe
 

Más contenido relacionado

La actualidad más candente

實際架構實踐演化與解決方案
實際架構實踐演化與解決方案實際架構實踐演化與解決方案
實際架構實踐演化與解決方案Camel Camel
 
Kubernetes Networking 101
Kubernetes Networking 101Kubernetes Networking 101
Kubernetes Networking 101Kublr
 
Service Discovery and Registration in a Microservices Architecture
Service Discovery and Registration in a Microservices ArchitectureService Discovery and Registration in a Microservices Architecture
Service Discovery and Registration in a Microservices ArchitecturePLUMgrid
 
Secure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CI
Secure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CISecure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CI
Secure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CIMitchell Pronschinske
 
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18CodeOps Technologies LLP
 
Virtualized Containers - How Good is it - Ananth - Siemens - CC18
Virtualized Containers - How Good is it - Ananth - Siemens - CC18Virtualized Containers - How Good is it - Ananth - Siemens - CC18
Virtualized Containers - How Good is it - Ananth - Siemens - CC18CodeOps Technologies LLP
 
Container Orchestration
Container OrchestrationContainer Orchestration
Container Orchestrationdfilppi
 
Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...
Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...
Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...Sanjeev Rampal
 
Tectonic Summit 2016: Brandon Philips, CTO of CoreOS, Keynote
Tectonic Summit 2016: Brandon Philips, CTO of CoreOS, KeynoteTectonic Summit 2016: Brandon Philips, CTO of CoreOS, Keynote
Tectonic Summit 2016: Brandon Philips, CTO of CoreOS, KeynoteCoreOS
 
Practical Guide to Securing Kubernetes
Practical Guide to Securing KubernetesPractical Guide to Securing Kubernetes
Practical Guide to Securing KubernetesLacework
 
Stateless and Stateful Services in Kubernetes - Mohit Saxena - Citrix - CC18
Stateless and Stateful Services in Kubernetes - Mohit Saxena - Citrix - CC18Stateless and Stateful Services in Kubernetes - Mohit Saxena - Citrix - CC18
Stateless and Stateful Services in Kubernetes - Mohit Saxena - Citrix - CC18CodeOps Technologies LLP
 
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ... The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...Josef Adersberger
 
Sf bay area Kubernetes meetup dec8 2016 - deployment models
Sf bay area Kubernetes meetup dec8 2016 - deployment modelsSf bay area Kubernetes meetup dec8 2016 - deployment models
Sf bay area Kubernetes meetup dec8 2016 - deployment modelsPeter Ss
 
KURMA - A Containerized Container Platform - KubeCon 2016
KURMA - A Containerized Container Platform - KubeCon 2016KURMA - A Containerized Container Platform - KubeCon 2016
KURMA - A Containerized Container Platform - KubeCon 2016Apcera
 
The Challenges of Becoming Cloud Native
The Challenges of Becoming Cloud NativeThe Challenges of Becoming Cloud Native
The Challenges of Becoming Cloud NativeBen Hall
 
Ambassador Kubernetes-Native API Gateway
Ambassador Kubernetes-Native API GatewayAmbassador Kubernetes-Native API Gateway
Ambassador Kubernetes-Native API GatewayAmbassador Labs
 

La actualidad más candente (20)

StarlingX - A Platform for the Distributed Edge | Ildiko Vancsa
StarlingX - A Platform for the Distributed Edge | Ildiko VancsaStarlingX - A Platform for the Distributed Edge | Ildiko Vancsa
StarlingX - A Platform for the Distributed Edge | Ildiko Vancsa
 
實際架構實踐演化與解決方案
實際架構實踐演化與解決方案實際架構實踐演化與解決方案
實際架構實踐演化與解決方案
 
Kubernetes Networking 101
Kubernetes Networking 101Kubernetes Networking 101
Kubernetes Networking 101
 
Service Discovery and Registration in a Microservices Architecture
Service Discovery and Registration in a Microservices ArchitectureService Discovery and Registration in a Microservices Architecture
Service Discovery and Registration in a Microservices Architecture
 
Secure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CI
Secure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CISecure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CI
Secure Infrastructure Provisioning with Terraform Cloud, Vault + GitLab CI
 
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18
Make Java Microservices Resilient with Istio - Mangesh - IBM - CC18
 
Virtualized Containers - How Good is it - Ananth - Siemens - CC18
Virtualized Containers - How Good is it - Ananth - Siemens - CC18Virtualized Containers - How Good is it - Ananth - Siemens - CC18
Virtualized Containers - How Good is it - Ananth - Siemens - CC18
 
Container Orchestration
Container OrchestrationContainer Orchestration
Container Orchestration
 
Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...
Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...
Architecture of Cisco Container Platform: A new Enterprise Multi-Cloud Kubern...
 
Tectonic Summit 2016: Brandon Philips, CTO of CoreOS, Keynote
Tectonic Summit 2016: Brandon Philips, CTO of CoreOS, KeynoteTectonic Summit 2016: Brandon Philips, CTO of CoreOS, Keynote
Tectonic Summit 2016: Brandon Philips, CTO of CoreOS, Keynote
 
Practical Guide to Securing Kubernetes
Practical Guide to Securing KubernetesPractical Guide to Securing Kubernetes
Practical Guide to Securing Kubernetes
 
Build Robust Blockchain Services with Hyperledger and Containers
Build Robust Blockchain Services with Hyperledger and ContainersBuild Robust Blockchain Services with Hyperledger and Containers
Build Robust Blockchain Services with Hyperledger and Containers
 
Stateless and Stateful Services in Kubernetes - Mohit Saxena - Citrix - CC18
Stateless and Stateful Services in Kubernetes - Mohit Saxena - Citrix - CC18Stateless and Stateful Services in Kubernetes - Mohit Saxena - Citrix - CC18
Stateless and Stateful Services in Kubernetes - Mohit Saxena - Citrix - CC18
 
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ... The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
 
Istio on Kubernetes
Istio on KubernetesIstio on Kubernetes
Istio on Kubernetes
 
Sf bay area Kubernetes meetup dec8 2016 - deployment models
Sf bay area Kubernetes meetup dec8 2016 - deployment modelsSf bay area Kubernetes meetup dec8 2016 - deployment models
Sf bay area Kubernetes meetup dec8 2016 - deployment models
 
A sail in the cloud
A sail in the cloudA sail in the cloud
A sail in the cloud
 
KURMA - A Containerized Container Platform - KubeCon 2016
KURMA - A Containerized Container Platform - KubeCon 2016KURMA - A Containerized Container Platform - KubeCon 2016
KURMA - A Containerized Container Platform - KubeCon 2016
 
The Challenges of Becoming Cloud Native
The Challenges of Becoming Cloud NativeThe Challenges of Becoming Cloud Native
The Challenges of Becoming Cloud Native
 
Ambassador Kubernetes-Native API Gateway
Ambassador Kubernetes-Native API GatewayAmbassador Kubernetes-Native API Gateway
Ambassador Kubernetes-Native API Gateway
 

Similar a Application portability with kubernetes

Application Portability with Kubernetes (k8)
Application Portability with Kubernetes (k8)Application Portability with Kubernetes (k8)
Application Portability with Kubernetes (k8)Kublr
 
Azure Kubernetes Service 2019 ふりかえり
Azure Kubernetes Service 2019 ふりかえりAzure Kubernetes Service 2019 ふりかえり
Azure Kubernetes Service 2019 ふりかえりToru Makabe
 
Amazon EKS 그리고 Service Mesh (김세호 솔루션즈 아키텍트, AWS) :: Gaming on AWS 2018
Amazon EKS 그리고 Service Mesh (김세호 솔루션즈 아키텍트, AWS) :: Gaming on AWS 2018Amazon EKS 그리고 Service Mesh (김세호 솔루션즈 아키텍트, AWS) :: Gaming on AWS 2018
Amazon EKS 그리고 Service Mesh (김세호 솔루션즈 아키텍트, AWS) :: Gaming on AWS 2018Amazon Web Services Korea
 
Migrating Hundreds of Legacy Applications to Kubernetes - The Good, the Bad, ...
Migrating Hundreds of Legacy Applications to Kubernetes - The Good, the Bad, ...Migrating Hundreds of Legacy Applications to Kubernetes - The Good, the Bad, ...
Migrating Hundreds of Legacy Applications to Kubernetes - The Good, the Bad, ...QAware GmbH
 
Building Portable Applications with Kubernetes
Building Portable Applications with KubernetesBuilding Portable Applications with Kubernetes
Building Portable Applications with KubernetesKublr
 
Accelerate Application Innovation Journey with Azure Kubernetes Service
Accelerate Application Innovation Journey with Azure Kubernetes Service Accelerate Application Innovation Journey with Azure Kubernetes Service
Accelerate Application Innovation Journey with Azure Kubernetes Service WinWire Technologies Inc
 
Service fabric and azure service fabric mesh
Service fabric and azure service fabric meshService fabric and azure service fabric mesh
Service fabric and azure service fabric meshMikkel Mørk Hegnhøj
 
Elastic Kubernetes Services (EKS)
Elastic Kubernetes Services (EKS)Elastic Kubernetes Services (EKS)
Elastic Kubernetes Services (EKS)sriram_rajan
 
AWS re:Invent 2016: Introduction to Container Management on AWS (CON303)
AWS re:Invent 2016: Introduction to Container Management on AWS (CON303)AWS re:Invent 2016: Introduction to Container Management on AWS (CON303)
AWS re:Invent 2016: Introduction to Container Management on AWS (CON303)Amazon Web Services
 
DevOps and BigData Analytics
DevOps and BigData Analytics DevOps and BigData Analytics
DevOps and BigData Analytics sbbabu
 
DevConf.cz - Introduction to Kubernetes Operators for Databases
DevConf.cz - Introduction to Kubernetes Operators for DatabasesDevConf.cz - Introduction to Kubernetes Operators for Databases
DevConf.cz - Introduction to Kubernetes Operators for DatabasesJuarez Junior
 
Aws + kubernetes = ❤︎
Aws + kubernetes = ❤︎Aws + kubernetes = ❤︎
Aws + kubernetes = ❤︎Anthony Stanton
 
01 - VMUGIT - Lecce 2018 - Fabio Rapposelli, VMware
01 - VMUGIT - Lecce 2018 - Fabio Rapposelli, VMware01 - VMUGIT - Lecce 2018 - Fabio Rapposelli, VMware
01 - VMUGIT - Lecce 2018 - Fabio Rapposelli, VMwareVMUG IT
 
Intro into Rook and Ceph on Kubernetes
Intro into Rook and Ceph on KubernetesIntro into Rook and Ceph on Kubernetes
Intro into Rook and Ceph on KubernetesKublr
 
OSDC 2017: Automating Kubernetes Cluster Operations with Operators by Timo De...
OSDC 2017: Automating Kubernetes Cluster Operations with Operators by Timo De...OSDC 2017: Automating Kubernetes Cluster Operations with Operators by Timo De...
OSDC 2017: Automating Kubernetes Cluster Operations with Operators by Timo De...NETWAYS
 
OSDC 2017 - Timo Derstappen - Automating kubernetes cluster operations with o...
OSDC 2017 - Timo Derstappen - Automating kubernetes cluster operations with o...OSDC 2017 - Timo Derstappen - Automating kubernetes cluster operations with o...
OSDC 2017 - Timo Derstappen - Automating kubernetes cluster operations with o...NETWAYS
 
Hybrid architecture solutions with kubernetes and the cloud native stack
Hybrid architecture solutions with kubernetes and the cloud native stackHybrid architecture solutions with kubernetes and the cloud native stack
Hybrid architecture solutions with kubernetes and the cloud native stackKublr
 
Building a Cloud Native Service - Docker Meetup Santa Clara (July 20, 2017)
Building a Cloud Native Service - Docker Meetup Santa Clara (July 20, 2017)Building a Cloud Native Service - Docker Meetup Santa Clara (July 20, 2017)
Building a Cloud Native Service - Docker Meetup Santa Clara (July 20, 2017)Yong Tang
 
Containers, orchestration and security, oh my!
Containers, orchestration and security, oh my!Containers, orchestration and security, oh my!
Containers, orchestration and security, oh my!rhirschfeld
 

Similar a Application portability with kubernetes (20)

Application Portability with Kubernetes (k8)
Application Portability with Kubernetes (k8)Application Portability with Kubernetes (k8)
Application Portability with Kubernetes (k8)
 
Azure Kubernetes Service 2019 ふりかえり
Azure Kubernetes Service 2019 ふりかえりAzure Kubernetes Service 2019 ふりかえり
Azure Kubernetes Service 2019 ふりかえり
 
Amazon EKS 그리고 Service Mesh (김세호 솔루션즈 아키텍트, AWS) :: Gaming on AWS 2018
Amazon EKS 그리고 Service Mesh (김세호 솔루션즈 아키텍트, AWS) :: Gaming on AWS 2018Amazon EKS 그리고 Service Mesh (김세호 솔루션즈 아키텍트, AWS) :: Gaming on AWS 2018
Amazon EKS 그리고 Service Mesh (김세호 솔루션즈 아키텍트, AWS) :: Gaming on AWS 2018
 
Migrating Hundreds of Legacy Applications to Kubernetes - The Good, the Bad, ...
Migrating Hundreds of Legacy Applications to Kubernetes - The Good, the Bad, ...Migrating Hundreds of Legacy Applications to Kubernetes - The Good, the Bad, ...
Migrating Hundreds of Legacy Applications to Kubernetes - The Good, the Bad, ...
 
Building Portable Applications with Kubernetes
Building Portable Applications with KubernetesBuilding Portable Applications with Kubernetes
Building Portable Applications with Kubernetes
 
Accelerate Application Innovation Journey with Azure Kubernetes Service
Accelerate Application Innovation Journey with Azure Kubernetes Service Accelerate Application Innovation Journey with Azure Kubernetes Service
Accelerate Application Innovation Journey with Azure Kubernetes Service
 
Service fabric and azure service fabric mesh
Service fabric and azure service fabric meshService fabric and azure service fabric mesh
Service fabric and azure service fabric mesh
 
Elastic Kubernetes Services (EKS)
Elastic Kubernetes Services (EKS)Elastic Kubernetes Services (EKS)
Elastic Kubernetes Services (EKS)
 
AWS re:Invent 2016: Introduction to Container Management on AWS (CON303)
AWS re:Invent 2016: Introduction to Container Management on AWS (CON303)AWS re:Invent 2016: Introduction to Container Management on AWS (CON303)
AWS re:Invent 2016: Introduction to Container Management on AWS (CON303)
 
DevOps and BigData Analytics
DevOps and BigData Analytics DevOps and BigData Analytics
DevOps and BigData Analytics
 
DevConf.cz - Introduction to Kubernetes Operators for Databases
DevConf.cz - Introduction to Kubernetes Operators for DatabasesDevConf.cz - Introduction to Kubernetes Operators for Databases
DevConf.cz - Introduction to Kubernetes Operators for Databases
 
Aws + kubernetes = ❤︎
Aws + kubernetes = ❤︎Aws + kubernetes = ❤︎
Aws + kubernetes = ❤︎
 
01 - VMUGIT - Lecce 2018 - Fabio Rapposelli, VMware
01 - VMUGIT - Lecce 2018 - Fabio Rapposelli, VMware01 - VMUGIT - Lecce 2018 - Fabio Rapposelli, VMware
01 - VMUGIT - Lecce 2018 - Fabio Rapposelli, VMware
 
Intro into Rook and Ceph on Kubernetes
Intro into Rook and Ceph on KubernetesIntro into Rook and Ceph on Kubernetes
Intro into Rook and Ceph on Kubernetes
 
OSDC 2017: Automating Kubernetes Cluster Operations with Operators by Timo De...
OSDC 2017: Automating Kubernetes Cluster Operations with Operators by Timo De...OSDC 2017: Automating Kubernetes Cluster Operations with Operators by Timo De...
OSDC 2017: Automating Kubernetes Cluster Operations with Operators by Timo De...
 
OSDC 2017 - Timo Derstappen - Automating kubernetes cluster operations with o...
OSDC 2017 - Timo Derstappen - Automating kubernetes cluster operations with o...OSDC 2017 - Timo Derstappen - Automating kubernetes cluster operations with o...
OSDC 2017 - Timo Derstappen - Automating kubernetes cluster operations with o...
 
Hybrid architecture solutions with kubernetes and the cloud native stack
Hybrid architecture solutions with kubernetes and the cloud native stackHybrid architecture solutions with kubernetes and the cloud native stack
Hybrid architecture solutions with kubernetes and the cloud native stack
 
Building a Cloud Native Service - Docker Meetup Santa Clara (July 20, 2017)
Building a Cloud Native Service - Docker Meetup Santa Clara (July 20, 2017)Building a Cloud Native Service - Docker Meetup Santa Clara (July 20, 2017)
Building a Cloud Native Service - Docker Meetup Santa Clara (July 20, 2017)
 
AKS
AKSAKS
AKS
 
Containers, orchestration and security, oh my!
Containers, orchestration and security, oh my!Containers, orchestration and security, oh my!
Containers, orchestration and security, oh my!
 

Último

Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio, Inc.
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWave PLM
 
cybersecurity notes for mca students for learning
cybersecurity notes for mca students for learningcybersecurity notes for mca students for learning
cybersecurity notes for mca students for learningVitsRangannavar
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...stazi3110
 
Engage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyEngage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyFrank van der Linden
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfkalichargn70th171
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about usDynamic Netsoft
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...Christina Lin
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfjoe51371421
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)OPEN KNOWLEDGE GmbH
 
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
The Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfThe Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfPower Karaoke
 
XpertSolvers: Your Partner in Building Innovative Software Solutions
XpertSolvers: Your Partner in Building Innovative Software SolutionsXpertSolvers: Your Partner in Building Innovative Software Solutions
XpertSolvers: Your Partner in Building Innovative Software SolutionsMehedi Hasan Shohan
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 

Último (20)

Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need It
 
cybersecurity notes for mca students for learning
cybersecurity notes for mca students for learningcybersecurity notes for mca students for learning
cybersecurity notes for mca students for learning
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
 
Engage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyEngage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The Ugly
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about us
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdf
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
 
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝
 
The Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfThe Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdf
 
XpertSolvers: Your Partner in Building Innovative Software Solutions
XpertSolvers: Your Partner in Building Innovative Software SolutionsXpertSolvers: Your Partner in Building Innovative Software Solutions
XpertSolvers: Your Partner in Building Innovative Software Solutions
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 

Application portability with kubernetes

  • 2. Introductions Oleg Chunikhin CTO, Kublr • Nearly 20 years in the field of software architecture and development. • Joined Kublr in 2016. • Kublr is an enterprise Kubernetes management and operations platform that helps accelerate Kubernetes adoption and containerized applications management for enterprises.
  • 3. Software Portability Ability to be used in varying environments • Different clouds • Cloud, on-prem, hybrid • Different OS or OS flavors • Desktop, data center Why? • Move load quickly (geography, cost, features) • Lifecycle (dev / test / staging / production environments) • Disaster recovery • Split-tier architecture (application tiers may reside in different environments) • Cloud-bursting
  • 4. Portability Pre-requisites • Generalized abstraction between the application logic and system interfaces. • Application designed for portability • Technology stack and platform that support portability
  • 5. System Abstractions Application Database Exclusive FS Shared FS Routing SSL TermBalancing Messaging
  • 6. “Rich” Platform Application Routing SSL TermBalancing Platform or framework Platform or framework Database Exclusive FS Shared FS Messaging
  • 7. Not Quite as Rich a Platform Application ?Routing? ?SSL Term?Balancing Platform Platform ?Database? Exclusive FS Shared FS Messaging
  • 8. “Poor” Platform Application ?Routing? ?SSL Term??Balancing? Platform ?Database? Exclusive FS ?Shared FS? ?Messaging?
  • 11. Kubernetes to the Rescue Kubernetes is a portable container orchestration framework • Simple and powerful application abstraction – interconnected containers • Simple and flexible containers configuration and connections • Extensible framework and abstractions for traffic management processing • Service • Ingress and Ingress Controllers • Extensible framework and abstractions for storage management • Configuration templating tools: Helm, Ksonnet • Microservices and Serverless frameworks
  • 12. Kubernetes Abstractions Environment-provided and/or Self-hosted services K8S Container Orchestration Application Route ServiceIngress Service Mesh Serverless ConfigMap Secret PersistentVolume API Gateway NetworkPolicy Database Exclusive FS Shared FS Messaging Routing SSL TermBalancing ServerlessServiceMesh ContainerOrchestration
  • 13. Container Orchestration Master Node K8s master components: etcd, scheduler, api, controller K8s metadata Docker kubelet App data Infrastructure and application containers Infrastructure and application containers Overlay network K8s node components: overlay network, discovery, connectivity
  • 14. Service External node ports or external load balancer Kubernetes cluster Pod A-1 10.0.0.3 Pod A-2 10.0.1.5 Pod B-1 10.0.0.8 SrvB 10.7.0.3 Internal service SrvA 10.7.0.1 SrvC 10.7.0.5 Ext Resourc e
  • 15. Ingress Kubernetes cluster SrvA 10.7.0.1 SrvB 10.7.0.3 Ingress rule 1: abc.com/abc > SrvA Ingress rule 2: def.com/def > SrvB Pod A-1 Pod A-2 Pod B-1
  • 16. Ingress Controller Ingress controller implementations • AWS ALB • HAProxy • Nginx • Kong API Management • Letsencrypt • ... Edge / entry point / load balancer Kubernetes cluster SrvA 10.7.0.1 SrvB 10.7.0.3 Ingress controller Ingress rule 1: abc.com/abc > SrvA Ingress rule 2: def.com/def > SrvB Pod A-1 Pod A-2 Pod B-1
  • 17. Configurability and Persistence Pod Container 1 Container 2 Persistent Volume: NFS, Gluster, ceph, EBS, dir, etc Volume Volume Claim Volume Mount Volume Mount Config Map Secret Storage Class Static or dynamically allocated
  • 18. Service Mesh on Kubernetes Kubernetes Service B Infrastructu re and application containers Pod Envoy Svc B Service A Infrastructu re and application containers Pod Envoy Svc A HTTP, gRPC, TCP SSL or plain Istio Control Plane Pilot Mixer Auth HTTP, gRPC, TCP SSL or plain • Access control policies • Routing policies • Usage policies Tracing Dashboard Collector Istio, Conduit, Linkerd, Zipkin, Jaeger • Pilot • Service discovery for Envoy and traffic routing • Splitting: gradual (canary) rollout, A/B testing • Fault injection • Mirroring • Failure recovery: circuit breakers, retries, timeouts • Mixer • Per-request policies: access and usage control • Auth • Request authentication and encryption • Identity and credential management • Envoy • Request routing and processing; attributes • Zipkin/Jaeger, Prometheus/Grafana • Distributed request tracing • Monitoring
  • 19. Serverless on Kubernetes Kubernetes serverless Frameworks: • Fn • Fission • Kubeless Kubernetes Generic Executor Pod Controller HTTP, gRPC, TCP SSL or plain Specific Executor Pod BuilderRouter Pod Message queue (async calls)
  • 20. Serverless Abstraction Frameworks Kubernetes Generic Executor Pod Controller Specific Executor Pod BuilderRouter Pod Serverless
  • 21. Other resources Resource Managed Self-hosted / Portable File system/Files AWS EFS, EBS, S3; Azure Storage Rook/Ceph; Portworx; GlusterFS Database AWS RDS; Azure DB Vitess; MySql; Postgres TLS Certificates AWS Cert Mgmt; Azure Cert Mgmt Letsencrypt; K8S Cert Authority Messaging AWS SQS; Azure Messaging RabbitMQ; ActiveMQ; NATS API Management AWS API Mgmt; Azure API Mgmt Kong; Tyk Containers/K8S AWS EKS/ECS; Azure AKS/ACS Kubernetes
  • 22. Putting it all Together Application AWS EFS AWS EKS AWS ELB Amazon API Management AWS RDS AWS Lambda Application Vitess Kubeless Ingress Nginx Kong Rook/Ceph NAS Hardware LB Serverless
  • 23. Gotchas and Considerations • Abstractions leak • Ingress rules often use controller specific annotations • Implementations may defy abstractions • AWS Cert management hides private keys, while letsencrypt K8S integration • Managed vs self-hosted • Self-hosted is more difficult to operate than managed • Data synchronization / replication • Cross-environment ingress management • Cross-environment operations
  • 24. Gotchas and Considerations • Implementations are different • Functionality • SLA, QoS, Performance • Tuning • Managed services may be better tuned for hardware • Self-hosted services may be better tuned for applications • Examples • AWS EBS are AZ local • Letsencrypt certificate issuance rate limits
  • 25. Takeaways • Kubernetes provides powerful and flexible infrastructure abstractions: PV, Ingress, Services etc • Kubernetes enables and simplifies usage of self- hosted resources and frameworks where managed ones are not available • Well-designed cloud native Kubernetes applications are portable, and easy to test, experiment, and configure
  • 26. Q&A
  • 27. Oleg Chunikhin Chief Technology Officer oleg@kublr.com Kublr | kublr.com Thank you!

Notas del editor

  1. Kublr CTO Building Kublr – a platform for managing Kubernetes clusters in an enterprise Feel free to ask questions as you have them
  2. As they say, good portability is a two way street. Application should be designed for portability, but technology stack and environments you use should support it too. We will focus on technology stack and environment, but here is also a brief note on application design.
  3. Those are also “hard problems”
  4. AWS, Azure
  5. Same platform differences … So platforms differ. Shell we limit ourselves to the least common denominator of the services available in different environments?
  6. Extreme ease and flexibility of component configurations and connections Container orchestration Abstractions and extensible framework for ingress traffic processing Service Ingress and Ingress Controllers Abstractions and extensible framework for storage management Volumes and Persistent Volumes Configuration templating tools Helm Microservices and Serverless frameworks
  7. Kubernetes Container Orchestration Infrastructure Abstraction
  8. Services: Intra-cluster communication baseline ingress
  9. Ingress – advanced ingress
  10. Ingress controller – ingress implementation adapter Generic nature of ingress – anything can be an implementation of ingress
  11. Application configuration information facilities Persistence abstraction