SlideShare a Scribd company logo

Docker, Atomic Host and Kubernetes.

Download as PPTX, PDF
Jooho Lee, profile picture
Jooho Lee

DevOps is a software development methodology that emphasizes communication, collaboration and integration between software developers and IT operations professionals. Kubernetes is an open-source system for automating deployment, scaling, and management of containerized applications. It groups containers that make up an application into logical units for easy management and discovery. Flannel provides networking and subnet routing for Kubernetes clusters by allocating a subnet to each Kubernetes node and routing containers on a node to use the node's subnet.

Software
1 of 47
Downloaded 27 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
Docker, Atomic Host and Kubernetes.
Docker, Atomic Host and Kubernetes. Red Hat Jooho Lee Technical Support Engineer
IT Trend - Cloud • Cloud Computing Trends (Right Scale)
What is DevOps? • DevOps (Developers + Operations) • Software development methodology • Culture • Emphasize on communication, collaboration and integration. • Achieve rapid release. Developer Operations Rapid Change StabilitySeparate workflow Different object Different situation
Key points in DevOps • Worth & Object • Respect • Share value • Share ownership • Agreement • Process • Share same workflow • Synchronize focus • Decrease cycle time • Tool • Automation • Package • Build • Test Operating System Infrastructure Application Platform QA DevOps DevOps is not only development culture but also collaboration process ,which could develop and operate service independently in a organization
DevOps • Benefit • Innovate faster • More responsive to business needs • Better collaboration • Better quality • More frequent releases • Necessary • New Mindset (Open mind) • New Tools (Provisioning, Monitoring, etc) • New Skills (From platform to QA)
Docker Concept • Share kernel (Lightweight) • Share resources (Fast) • Share image (Portable) • Layered file system (Easy commit) • …….
Why DevOps prefer docker? • Container-based Platform • Easy/Fast deployment, build, provisioning • Similar performance compared to bare-metal • Low learning curve (Dockerfile use bash shell) • Ansible(Python)/ Chef(Ruby and Erlang) / Puppet(Ruby) • RedHat, IBM, Microsoft, CoreOS... Many companies support.
DevOps needs more… • Reliable system management. (Atomic Host, etc) • Handle network complexity (OVS, flanneld, etc) • Management module for bigger infrastructure. (Kubernetes, etc) Docker in real Minimal Docker
What is Atomic Host? • Trusted operating system platform • Container-based application • Service deployment • End-to-End hosting architecture that’s modern, reliable and secure. Reliable distribution OS High Secure Module SELinux Container Management
Atomic Host Feature • Support packages • Docker • Flannel • Kubernetes • rpm-ostree • Support various file system for Docker • vfs • devicemapper • btrfs • aufs (not recommend for production, not supported) • Networking • Single-host networking : Docker • Multi-host networking : Kubernetes & Flannel
How to debug Atomic Host ? • Atomic Host is minimal of RHEL system. • Does NOT use “YUM” on Atomic Host. • How debug or install packages? • Red hat provide “Red Hat Enterprise Linux Atomic Tools Container Image” • It’s Big (1G) • Contains man pages • Opens privileges • May behave differently • How? # docker pull rhel7/rhel-tools # atomic run rhel7/rhel-tools [root@localhost /]#
What is Kubernetes? • Greek for “pilot” or “helmsman of a ship” • Kubernetes is an open source Container Cluster orchestration framework that was started by Google in 2014.
Kubernetes do WHAT? • Manage docker containers centrally. • Manage nodes. • Handle complex networking. ….. Manage a cluster of Linux containers as a single system to accelerate Dev and simplify Ops
Kubernetes Architecture Kubectl(user commands) Scheduling actuator REST (pods,services, rep.controllers) Replication Controller Storage (etcd) kubelet Proxy …… Auth APIServer Scheduler Node cadvisor Pod Pod Pod kubelet Proxy …… Node cadvisor Pod Pod Pod
Main Terms • Master • Managing machine, which oversees one or more minions. • Minion • A slave that runs tasks as delegated by the user and Kubernetes master. • Pod • An application (or part of an application) that runs on a minion. • Replication Controller • Ensures that the requested number of pods are running on minions at all times. • Label • An arbitrary key/value pair that the Replication Controller uses for service discovery • Service • An endpoint that provides load balancing across a replicated group of pods • kubectl • The command line config tool
Main Components • API Server • REST server • Controller Tower • Controller Manager • Replication Controller Management (Watches etcd) • Scheduler • Communicate with minions • Decide a minion to distribute workload • Check if the task happen. • Kubelet • Manage container deployments • Ensure the state of containers (which is supposed to be in) • Kube-proxy • Route and forward traffic to and from containers • ETCD • Distributed, consistent key value store for shared configuration and service discovery
How to configure Kubernetes? # Comma seperated list of nodes in the etcd cluster KUBE_ETCD_SERVERS="--etcd_servers=http://192.168.20.10:4001" configure # The address on the local server to listen to. KUBE_API_ADDRESS="--address=0.0.0.0"... # How the replication controller and scheduler find the kube-apiserver KUBE_MASTER="--master=192.168.20.10:8080" apiserver # Comma seperated list of minions KUBELET_ADDRESSES="--machines=minion1,minion2,minion3,minion4" controller-manager Service Register # systemctl enable etcd kube-apiserver kube-controller-manager kube-scheduler Service Start # systemctl start etcd kube-apiserver kube-controller-manager kube-scheduler Service Check # systemctl status etcd kube-apiserver kube-controller-manager kube-scheduler # systemctl status etcd kube-apiserver kube-controller-manager kube-scheduler | grep active |wc –l 4 Master : /etc/kubernetes/
How to configure Kubernetes? Master { "Network": "172.16.0.0/12", "SubnetLen": 24, "Backend": { "Type": "vxlan" } } Create Flanneld-conf.json Flanneld Configuration curl -L http://localhost:4001/v2/keys/atomic01/network/config -XPUT --data-urlencode value@flanneld-conf.json Create key/value on ETCD
How to configure Kubernetes? Minion Create /etc/sysconfig/flanneld # etcd url location. Point this to the server where etcd runs FLANNEL_ETCD="http://192.168.122.10:4001" # etcd config key. This is the configuration key that flannel queries # For address range assignment FLANNEL_ETCD_KEY="/atomic01/network" [Unit] After=flanneld.service Requires=flanneld.service [Service] EnvironmentFile=/run/flannel/subnet.env ExecStartPre=-/usr/sbin/ip link del docker0 ExecStart=/usr/bin/docker -d --bip=${FLANNEL_SUBNET} --mtu=${FLANNEL_MTU} $OPTIONS $DOCKER_STORAGE_OPTIONS Create /etc/systemd/system/docker.service.d/10-flanneld-network.conf Flanneld Configuration
How to configure Kubernetes? # Comma seperated list of nodes in the etcd cluster KUBE_ETCD_SERVERS="--etcd_servers=http://192.168.20.10:4001“ config # The address for the info server to serve on (set to 0.0.0.0 or "" for all interfaces) KUBELET_ADDRESS="--address=192.168.20.11".. .# You may leave this blank to use the actual hostname KUBELET_HOSTNAME="--hostname_override=minion1" kubelet Minion
What does Flanneld do? ens3 192.168.10.11 docker0 172.17.42.1/16 veth0 172.17.0.1/24 veth0 172.17.0.2/24 Atomic Host Pod A Pod B Apache container Apache container Apache container in Pod A Apache container in Pod B Communication ??
What does Flanneld do? ens3 192.168.10.11 docker0 172.17.42.1/16 veth0 172.17.0.1/24 veth0 172.17.0.2/24 Atomic Host Pod A Pod B Apache container Apache container Apache container in Pod A Apache container in Pod B Communication OK through docker0 bridge
What does Flanneld do? ens3 192.168.10.11 docker0 172.17.42.1/16 veth0 172.17.0.1/24 veth0 172.17.0.2/24 Atomic Host Pod A Pod B Apache container Apache container ens3 192.168.10.12 docker0 172.17.42.1/16 veth0 172.17.0.1/24 veth0 172.17.0.2/24 Atomic Host Pod C Pod D Apache container Apache container br0 192.168.10.1
What does Flanneld do? ens3 192.168.10.11 docker0 172.17.42.1/16 veth0 172.17.0.1/24 veth0 172.17.0.2/24 Atomic Host Pod A Pod B Apache container Apache container ens3 192.168.10.12 docker0 172.17.42.1/16 veth0 172.17.0.1/24 veth0 172.17.0.2/24 Atomic Host Pod C Pod D Apache container Apache container br0 192.168.10.1 Apache container in Pod A Apache container in Pod C Communication ??
What does Flanneld do? ens3 192.168.10.11 docker0 172.17.42.1/16 veth0 172.17.0.1/24 veth0 172.17.0.2/24 Atomic Host Pod A Pod B Apache container Apache container ens3 192.168.10.12 docker0 172.17.42.1/16 veth0 172.17.0.1/24 veth0 172.17.0.2/24 Atomic Host Pod C Pod D Apache container Apache container br0 192.168.10.1 Apache container in Pod A Apache container in Pod C Communication NO
What does Flanneld do? ens3 192.168.10.11 docker0 172.16.32.1/24 veth0 172.16.32.2/24 veth0 172.16.32.3/24 Atomic Host Pod A Pod B Apache container Apache container br0 192.168.10.1 Flannel.1 172.16.32.0/16 flanneld ens3 192.168.10.12 docker0 172.16.10.1/24 veth0 172.16.10.2/24 veth0 172.16.10.3/24 Atomic Host Pod C Pod D Apache container Apache container Flannel.1 172.16.10.0/16 flanneld Apache container in Pod A Apache container in Pod C Communication YES
Label Service Pod Pod Pod Replication Controller Replication Controller Replication Controller Service Pod Replication Controller Replication Controller Service
Label Service Pod Pod Pod Replication Controller Replication Controller Replication Controller Service Pod Replication Controller Replication Controller Service labels : name : apache
Label Service Pod Pod Pod Replication Controller Replication Controller Replication Controller Service Pod Replication Controller Replication Controller Service labels : name : apache port : 80
Pod id: "apache" kind: "Pod" apiVersion: "v1beta1" desiredState: manifest: version: "v1beta1" containers: - name: "apache80" image: local-registry:5000/rhel7-ews21:demo imagePullPolicy: PullAlways ports: - containerPort: 80 hostPort: 80 cpu: 100 labels: name: "apache" port: "80"
Pod id: "apache" kind: "Pod" apiVersion: "v1beta1" desiredState: manifest: version: "v1beta1" containers: - name: "apache80" image: local-registry:5000/rhel7-ews21:demo imagePullPolicy: PullAlways ports: - containerPort: 80 hostPort: 80 cpu: 100 labels: name: "apache" port: "80" POD IP CONTAINER(S) IMAGE(S) HOST LABELS STATUS apache 172.16.69.238 apache80 local-registry:5000/rhel7-ews21:demo minion4/ name=apache,port=80 Running
Pod id: "apache" kind: "Pod" apiVersion: "v1beta1" desiredState: manifest: version: "v1beta1" containers: - name: "apache80" image: local-registry:5000/rhel7-ews21:demo imagePullPolicy: PullAlways ports: - containerPort: 80 hostPort: 80 cpu: 100 labels: name: "apache" port: "80" POD IP CONTAINER(S) IMAGE(S) HOST LABELS STATUS apache 172.16.69.238 apache80 local-registry:5000/rhel7-ews21:demo minion4/ name=apache,port=80 Running minion1 minion2 minion3 minion4 Pod : apache apache80 Container 172.16.69.238
Pod id: "apache" kind: "Pod" apiVersion: "v1beta1" desiredState: manifest: version: "v1beta1" containers: - name: "apache80" image: local-registry:5000/rhel7-ews21:demo imagePullPolicy: PullAlways ports: - containerPort: 80 hostPort: 80 cpu: 100 labels: name: "apache" port: "80" POD IP CONTAINER(S) IMAGE(S) HOST LABELS STATUS apache 172.16.69.238 apache80 local-registry:5000/rhel7-ews21:demo minion4/ name=apache,port=80 Running minion1 minion2 minion3 minion4 Pod : apache apache80 Container 172.16.69.238 172.16.69.28 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 1a0e11d8363e local-registry:5000/rhel7-ews21:demo "/bin/sh -c '$EWS_HO 14 minutes ago Up 14 minutes k8s_apache80.afee6806
Pod id: "apache" ….. containers: - name: "apache80" image: local-registry:5000/rhel7-ews21:demo imagePullPolicy: PullAlways ports: - containerPort: 80 hostPort: 80 cpu: 100 - name: "apache8080" image: local-registry:5000/rhel7-ews21:8080 imagePullPolicy: PullAlways ports: - containerPort: 8080 hostPort: 8080 cpu: 100 labels: name: "apache" POD IP CONTAINER(S) IMAGE(S) HOST LABELS STATUS apache 172.16.15.9 apache80 local-registry:5000/rhel7-ews21:demo minion3/ name=apache Running apache8080 jonlangemak/docker:web_container_8080 minion3 Pod : apache apache80 172.16.15.9 apache8080 pause
Pod id: "apache" ….. containers: - name: "apache80" image: local-registry:5000/rhel7-ews21:demo imagePullPolicy: PullAlways ports: - containerPort: 80 hostPort: 80 cpu: 100 - name: "apache8080" image: jonlangemak/docker:web_container_8080 imagePullPolicy: PullAlways ports: - containerPort: 8080 hostPort: 8080 cpu: 100 labels: name: "apache" minion3 Pod : apache apache80 172.16.15.9 apache8080 pause CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES af1e66870aa1 jonlangemak/docker:web_container_8080 "/usr/bin/supervisor 7 minutes ago Up 7 minutes k8s_apache8080….. f3c0c5009a1b local-registry:5000/rhel7-ews21:demo "/bin/sh -c '$EWS_HO 10 minutes ago Up 10 minutes k8s_apache80.32…. 605fccc3e06f kubernetes/pause:latest "/pause" 10 minutes ago Up 10 minutes 0.0.0.0:80->80/tcp, 0.0.0.0:8080->8080/tcp k8s_net.13b8d9d0_...
Replication Controller id: apache-rc-controller apiVersion: v1beta1 kind: ReplicationController desiredState: replicas: 3 replicaSelector: name: apache podTemplate: desiredState: manifest: version: v1beta1 id: apache-pod containers: - name: apache-pod image: local-registry:5000/rhel7-ews21:demo imagePullPolicy: PullAlways ports: - containerPort: 80 hostPort: 80 labels: name: apache port : 80
Replication Controller id: apache-rc-controller apiVersion: v1beta1 kind: ReplicationController desiredState: replicas: 3 replicaSelector: name: apache .… id: apache-pod containers: - name: apache-pod image: local-registry:5000/rhel7-ews21:demo imagePullPolicy: PullAlways ports: - containerPort: 80 hostPort: 80 labels: name: apache port : 80 CONTROLLER CONTAINER(S) IMAGE(S) SELECTOR REPLICAS apache-rc-controller apache-pod local-registry:5000/rhel7-ews21:demo name=apache 3 minion1 minion2 minion3 minion4 Pod : apache apache80 Container 172.16.69.239 POD IP CONTAINER(S) IMAGE(S) HOST LABELS STATUS ff433d37-…-52540098677f 172.16.31.28 apache-pod loal-registry:5000/rhel7-ews21:demo minion1/ name=apache Running 26a89e0e-…-52540098677f 172.16.20.15 apache-pod local-registry:5000/rhel7-ews21:demo minion2/ name=apache Running d7deb52e-…-52540098677f 172.16.69.239 apache-pod local-registry:5000/rhel7-ews21:demo minion4/ name=apache Running Pod : apache apache80 Container 172.16.31.28 Pod : apache apache80 Container 172.16.20.15 Replication Controller
Replication Controller id: apache-rc-controller apiVersion: v1beta1 kind: ReplicationController desiredState: replicas: 1 replicaSelector: name: apache .… id: apache-pod containers: - name: apache-pod image: local-registry:5000/rhel7-ews21:demo imagePullPolicy: PullAlways ports: - containerPort: 80 hostPort: 80 labels: name: apache port : 80 CONTROLLER CONTAINER(S) IMAGE(S) SELECTOR REPLICAS apache-rc-controller apache-pod local-registry:5000/rhel7-ews21:demo name=apache 1 POD IP CONTAINER(S) IMAGE(S) HOST LABELS STATUS d7deb52e-…-52540098677f 172.16.69.239 apache-pod local-registry:5000/rhel7-ews21:demo minion4/ name=apache Running minion1 minion2 minion3 minion4 Pod : apache apache80 Container 172.16.69.239 Pod : apache apache80 Container 172.16.31.28 Pod : apache apache80 Container 172.16.20.15 Replication Controller
Service POD IP CONTAINER(S) IMAGE(S) HOST LABELS STATUS ff433d37-…-52540098677f 172.16.31.28 apache-pod local-registry:5000/rhel7-ews21:demo minion1/ name=apache Running 26a89e0e-…-52540098677f 172.16.20.15 apache-pod local-registry:5000/rhel7-ews21:demo minion2/ name=apache Running d7deb52e-…-52540098677f 172.16.69.239 apache-pod local-registry:5000/rhel7-ews21:demo minion4/ name=apache Running NAME LABELS SELECTOR IP PORT apache-service name=apache-service name=apache 10.254.220.71 80 CONTROLLER CONTAINER(S) IMAGE(S) SELECTOR REPLICAS apache-rc-controller apache-pod local-registry:5000/rhel7-ews21:demo name=apache 3 Service Replication Controller Pod id: apache-service kind: Service apiVersion: v1beta1 port: 80 containerPort: 80 selector: name: apache labels: name: apache-service
Service #iptables –L –n –t nat …. Chain KUBE-PORTALS-CONTAINER (1 references) target prot opt source destination REDIRECT tcp -- 0.0.0.0/0 10.254.57.4 /* apache-service */ tcp dpt:80 redir ports 42927 REDIRECT tcp -- 0.0.0.0/0 10.254.12.160 /* kubernetes */ tcp dpt:443 redir ports 43044 REDIRECT tcp -- 0.0.0.0/0 10.254.34.217 /* kubernetes-ro */ tcp dpt:80 redir ports 49932 Chain KUBE-PORTALS-HOST (1 references) target prot opt source destination DNAT tcp -- 0.0.0.0/0 10.254.57.4 /* apache-service */ tcp dpt:80 to:192.168.20.12:42927 DNAT tcp -- 0.0.0.0/0 10.254.12.160 /* kubernetes */ tcp dpt:443 to:192.168.20.12:43044 DNAT tcp -- 0.0.0.0/0 10.254.34.217 /* kubernetes-ro */ tcp dpt:80 to:192.168.20.12:49932 Mininon 2 #iptables –L –n –t nat Chain KUBE-PORTALS-CONTAINER (1 references) target prot opt source destination REDIRECT tcp -- 0.0.0.0/0 10.254.57.4 /* apache-service */ tcp dpt:80 redir ports 40144 REDIRECT tcp -- 0.0.0.0/0 10.254.12.160 /* kubernetes */ tcp dpt:443 redir ports 42578 REDIRECT tcp -- 0.0.0.0/0 10.254.34.217 /* kubernetes-ro */ tcp dpt:80 redir ports 36642 Chain KUBE-PORTALS-HOST (1 references) target prot opt source destination DNAT tcp -- 0.0.0.0/0 10.254.57.4 /* apache-service */ tcp dpt:80 to:192.168.20.14:40144 DNAT tcp -- 0.0.0.0/0 10.254.12.160 /* kubernetes */ tcp dpt:443 to:192.168.20.14:42578 DNAT tcp -- 0.0.0.0/0 10.254.34.217 /* kubernetes-ro */ tcp dpt:80 to:192.168.20.14:36642 Mininon 4
Service minion1 minion2 minion3 minion4 Pod : apache apache80 Container 172.16.69.239 Pod : apache apache80 Container 172.16.31.28 Pod : apache apache80 Container 172.16.20.15 Service 10.254.220.71:80
Service minion1 minion2 minion3 minion4 Pod : apache apache80 Container 172.16.69.239 Pod : apache apache80 Container 172.16.31.28 Pod : apache apache80 Container 172.16.20.15 Kube-Proxy Kube-ProxyKube-Proxy Kube-Proxy docker0 flannel.1 12 14 docker0 flannel.1 docker0 flannel.1 docker0 flannel.1 1311 On 172.16.20.15(minion2) request to 10.254.220.71:80 # Curl 10.254.220.71
Kubectl commands • Create • kubectl create pod/service/rc –f *.yaml/json • Log • kubectl log pod <pod_id> • Get • kubectl get pod/service/rc • Describe • kubectl describe pod <pod_id> • Update • kubectl update –f *.yaml/json • Delete • kubectl delete pod/service/rc <id> or –l <label> • Resize replicas • kubectl resize --current-replicas=3 --replicas=4 rc apache-rc-controller • Rollingupdate • kubectl rollingupdate apache-rc-controller -f apache-rc-2.yaml --update-period="5s"
Live Demo •EAP test environment using Docker •Rolling Update
Q&A •Questions?
Thank you. 한국레드햇 이주호 과장 TSE jlee@redhat.com

More Related Content

PDF
Hello istio
Jooho Lee
 
PDF
MuleSoft Manchester Meetup #3 slides 31st March 2020
Ieva Navickaite
 
PDF
DockerCon US 2016 - Extending Docker With APIs, Drivers, and Plugins
Arnaud Porterie
 
PDF
Docker in production service discovery with consul - road to opscon 2015
Giovanni Toraldo
 
PDF
Monitoring Containers at New Relic by Sean Kane
Docker, Inc.
 
PDF
DockerDay2015: Docker orchestration for sysadmin
Docker-Hanoi
 
PPTX
Docker Service Registration and Discovery
m_richardson
 
PDF
Service discovery in Docker environments
alexandru giurgiu
 
Hello istio
Jooho Lee
 
MuleSoft Manchester Meetup #3 slides 31st March 2020
Ieva Navickaite
 
DockerCon US 2016 - Extending Docker With APIs, Drivers, and Plugins
Arnaud Porterie
 
Docker in production service discovery with consul - road to opscon 2015
Giovanni Toraldo
 
Monitoring Containers at New Relic by Sean Kane
Docker, Inc.
 
DockerDay2015: Docker orchestration for sysadmin
Docker-Hanoi
 
Docker Service Registration and Discovery
m_richardson
 
Service discovery in Docker environments
alexandru giurgiu
 

What's hot (20)

PDF
How we scale DroneCi on demand
Patrick Jahns
 
PDF
Atmosphere 2018: Yury Tsarev - TEST DRIVEN INFRASTRUCTURE FOR HIGHLY PERFORMI...
PROIDEA
 
PPTX
Microservices with docker swarm and consul
Nguyen Sy Thanh Son
 
PPTX
Openstack Overview
rajdeep
 
PDF
Service discovery like a pro (presented at reversimX)
Eran Harel
 
PDF
fabric8 ... and Docker, Kubernetes & OpenShift
roland.huss
 
PDF
Fabric8 - Being devOps doesn't suck anymore
Henryk Konsek
 
PPTX
Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown
Docker, Inc.
 
PDF
runC: The little engine that could (run Docker containers) by Docker Captain ...
Docker, Inc.
 
PDF
Service Discovery & Load-Balancing under Docker 1.12.0 @ Docker Meetup #22
Ajeet Singh Raina
 
PDF
Kubernetes Ingress 101
Kublr
 
PDF
Microservices, Kubernetes and Istio - A Great Fit!
Animesh Singh
 
PDF
Workshop Consul .- Service Discovery & Failure Detection
Vincent Composieux
 
PDF
Developing Java based microservices ready for the world of containers
Claus Ibsen
 
PDF
Clocker - The Docker Cloud Maker
Andrew Kennedy
 
PDF
Container Runtimes: Comparing and Contrasting Today's Engines
Phil Estes
 
PDF
Scaling docker with kubernetes
Liran Cohen
 
PDF
Docker at Shopify: From This-Looks-Fun to Production by Simon Eskildsen (Shop...
Docker, Inc.
 
PDF
Kubernetes deep dive - - Huawei 2015-10
Vishnu Kannan
 
PPTX
Power of Open SDN- The Vendor Neutral Approach to Optimizing Your Network 09...
Cary Hayward
 
How we scale DroneCi on demand
Patrick Jahns
 
Atmosphere 2018: Yury Tsarev - TEST DRIVEN INFRASTRUCTURE FOR HIGHLY PERFORMI...
PROIDEA
 
Microservices with docker swarm and consul
Nguyen Sy Thanh Son
 
Openstack Overview
rajdeep
 
Service discovery like a pro (presented at reversimX)
Eran Harel
 
fabric8 ... and Docker, Kubernetes & OpenShift
roland.huss
 
Fabric8 - Being devOps doesn't suck anymore
Henryk Konsek
 
Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown
Docker, Inc.
 
runC: The little engine that could (run Docker containers) by Docker Captain ...
Docker, Inc.
 
Service Discovery & Load-Balancing under Docker 1.12.0 @ Docker Meetup #22
Ajeet Singh Raina
 
Kubernetes Ingress 101
Kublr
 
Microservices, Kubernetes and Istio - A Great Fit!
Animesh Singh
 
Workshop Consul .- Service Discovery & Failure Detection
Vincent Composieux
 
Developing Java based microservices ready for the world of containers
Claus Ibsen
 
Clocker - The Docker Cloud Maker
Andrew Kennedy
 
Container Runtimes: Comparing and Contrasting Today's Engines
Phil Estes
 
Scaling docker with kubernetes
Liran Cohen
 
Docker at Shopify: From This-Looks-Fun to Production by Simon Eskildsen (Shop...
Docker, Inc.
 
Kubernetes deep dive - - Huawei 2015-10
Vishnu Kannan
 
Power of Open SDN- The Vendor Neutral Approach to Optimizing Your Network 09...
Cary Hayward
 
Ad

Similar to Docker, Atomic Host and Kubernetes. (20)

PPTX
Kubernetes Introduction
Martin Danielsson
 
PPTX
Kubernetes Intro @HaufeDev
Haufe-Lexware GmbH & Co KG
 
PDF
99cloud Docker Training module 2
Liang Bo
 
PDF
Demystifying kubernetes
Works Applications
 
PPTX
Containers, Serverless and Functions in a nutshell
Eugene Fedorenko
 
PDF
Containerize! Between Docker and Jube.
Henryk Konsek
 
PDF
The Docker "Gauntlet" - Introduction, Ecosystem, Deployment, Orchestration
Erica Windisch
 
PDF
Get you Java application ready for Kubernetes !
Anthony Dahanne
 
PPTX
Kubernetes101 - Pune Kubernetes Meetup 6
Harshal Shah
 
PPTX
Introduction to Kubernetes
Vishal Biyani
 
PPTX
01 - VMUGIT - Lecce 2018 - Fabio Rapposelli, VMware
VMUG IT
 
PDF
DevJam 2019 - Introduction to Kubernetes
Ronny Trommer
 
PPTX
Docker and kubernetes_introduction
Jason Hu
 
PPTX
Adf with docker
Eugene Fedorenko
 
PPTX
Docker and kubernetes
Dongwon Kim
 
PPTX
Kubernetes #1 intro
Terry Cho
 
PDF
Kubernetes automation in production
Paul Bakker
 
PPTX
Containers and Cloud: From LXC to Docker to Kubernetes
Shreyas MM
 
PDF
2015 05-06-elias weingaertner-docker-intro
Haufe-Lexware GmbH & Co KG
 
PPTX
Kubernetes 101 Workshop
Vishal Biyani
 
Kubernetes Introduction
Martin Danielsson
 
Kubernetes Intro @HaufeDev
Haufe-Lexware GmbH & Co KG
 
99cloud Docker Training module 2
Liang Bo
 
Demystifying kubernetes
Works Applications
 
Containers, Serverless and Functions in a nutshell
Eugene Fedorenko
 
Containerize! Between Docker and Jube.
Henryk Konsek
 
The Docker "Gauntlet" - Introduction, Ecosystem, Deployment, Orchestration
Erica Windisch
 
Get you Java application ready for Kubernetes !
Anthony Dahanne
 
Kubernetes101 - Pune Kubernetes Meetup 6
Harshal Shah
 
Introduction to Kubernetes
Vishal Biyani
 
01 - VMUGIT - Lecce 2018 - Fabio Rapposelli, VMware
VMUG IT
 
DevJam 2019 - Introduction to Kubernetes
Ronny Trommer
 
Docker and kubernetes_introduction
Jason Hu
 
Adf with docker
Eugene Fedorenko
 
Docker and kubernetes
Dongwon Kim
 
Kubernetes #1 intro
Terry Cho
 
Kubernetes automation in production
Paul Bakker
 
Containers and Cloud: From LXC to Docker to Kubernetes
Shreyas MM
 
2015 05-06-elias weingaertner-docker-intro
Haufe-Lexware GmbH & Co KG
 
Kubernetes 101 Workshop
Vishal Biyani
 
Ad

More from Jooho Lee (7)

PDF
Quay 3.3 installation
Jooho Lee
 
PPTX
OpenShift4 Installation by UPI on kvm
Jooho Lee
 
PDF
OpenSCAP Overview(security scanning for docker image and container)
Jooho Lee
 
PDF
OpenSCAP Overview(security scanning for docker image and container)
Jooho Lee
 
PPTX
Tcp summary
Jooho Lee
 
ODP
Practical byteman sample 20131128
Jooho Lee
 
PPTX
Consistent hashing
Jooho Lee
 
Quay 3.3 installation
Jooho Lee
 
OpenShift4 Installation by UPI on kvm
Jooho Lee
 
OpenSCAP Overview(security scanning for docker image and container)
Jooho Lee
 
OpenSCAP Overview(security scanning for docker image and container)
Jooho Lee
 
Tcp summary
Jooho Lee
 
Practical byteman sample 20131128
Jooho Lee
 
Consistent hashing
Jooho Lee
 

Recently uploaded (20)

PDF
Upgrade and Innovation Strategies for SAP ERP Customers
Virendra Rai, PMP
 
PDF
medical staffing services at VALiNTRY
Tiyan Grayson
 
PDF
Claude Code: Everyone is a 10x Developer - A Comprehensive AI-Powered CLI Tool
William Chong
 
PPTX
Reimagine Home Health with the Power of Agentic AI​
AutomationEdge Technologies
 
PPTX
Lecture 3: Operating Systems Introduction to Computer Hardware Systems
hci7se
 
PDF
How to Migrate SBCGlobal Email to Yahoo Easily
raymondjones7273
 
PDF
System and Network Administration Chapter 2
jaramharo
 
PPTX
Introduction to Artificial Intelligence
lohedi9363
 
PPTX
ai tools demonstartion for schools and inter college
harshavardhanreddyka11
 
PDF
How to Choose the Right IT Partner for Your Business in Malaysia
Asian Business Services & Technologies
 
PDF
top salesforce developer skills in 2025.pdf
CloudMetic
 
PDF
Wondershare Filmora 15 Crack With Activation Key [2025
ghrom2211g
 
PPTX
Essential Infomation Tech presentation.pptx
pradeepjava2016
 
PDF
System and Network Administraation Chapter 3
jaramharo
 
PDF
Which alternative to Crystal Reports is best for small or large businesses.pdf
Varsha Nayak
 
PDF
Odoo Companies in India – Driving Business Transformation.pdf
azhuhardeen1968
 
PDF
EN-Survey-Report-SAP-LeanIX-EA-Insights-2025.pdf
deepakkhaitan3
 
PDF
Addressing The Cult of Project Management Tools-Why Disconnected Work is Hold...
OnePlan Solutions
 
PDF
Design an Analysis of Algorithms II-SECS-1021-03
DilanEscobar1
 
PDF
Understanding Forklifts - TECH EHS Solution
TECH EHS Solution
 
Upgrade and Innovation Strategies for SAP ERP Customers
Virendra Rai, PMP
 
medical staffing services at VALiNTRY
Tiyan Grayson
 
Claude Code: Everyone is a 10x Developer - A Comprehensive AI-Powered CLI Tool
William Chong
 
Reimagine Home Health with the Power of Agentic AI​
AutomationEdge Technologies
 
Lecture 3: Operating Systems Introduction to Computer Hardware Systems
hci7se
 
How to Migrate SBCGlobal Email to Yahoo Easily
raymondjones7273
 
System and Network Administration Chapter 2
jaramharo
 
Introduction to Artificial Intelligence
lohedi9363
 
ai tools demonstartion for schools and inter college
harshavardhanreddyka11
 
How to Choose the Right IT Partner for Your Business in Malaysia
Asian Business Services & Technologies
 
top salesforce developer skills in 2025.pdf
CloudMetic
 
Wondershare Filmora 15 Crack With Activation Key [2025
ghrom2211g
 
Essential Infomation Tech presentation.pptx
pradeepjava2016
 
System and Network Administraation Chapter 3
jaramharo
 
Which alternative to Crystal Reports is best for small or large businesses.pdf
Varsha Nayak
 
Odoo Companies in India – Driving Business Transformation.pdf
azhuhardeen1968
 
EN-Survey-Report-SAP-LeanIX-EA-Insights-2025.pdf
deepakkhaitan3
 
Addressing The Cult of Project Management Tools-Why Disconnected Work is Hold...
OnePlan Solutions
 
Design an Analysis of Algorithms II-SECS-1021-03
DilanEscobar1
 
Understanding Forklifts - TECH EHS Solution
TECH EHS Solution
 

Docker, Atomic Host and Kubernetes.

  • 2. Docker, Atomic Host and Kubernetes. Red Hat Jooho Lee Technical Support Engineer
  • 3. IT Trend - Cloud • Cloud Computing Trends (Right Scale)
  • 4. What is DevOps? • DevOps (Developers + Operations) • Software development methodology • Culture • Emphasize on communication, collaboration and integration. • Achieve rapid release. Developer Operations Rapid Change StabilitySeparate workflow Different object Different situation
  • 5. Key points in DevOps • Worth & Object • Respect • Share value • Share ownership • Agreement • Process • Share same workflow • Synchronize focus • Decrease cycle time • Tool • Automation • Package • Build • Test Operating System Infrastructure Application Platform QA DevOps DevOps is not only development culture but also collaboration process ,which could develop and operate service independently in a organization
  • 6. DevOps • Benefit • Innovate faster • More responsive to business needs • Better collaboration • Better quality • More frequent releases • Necessary • New Mindset (Open mind) • New Tools (Provisioning, Monitoring, etc) • New Skills (From platform to QA)
  • 7. Docker Concept • Share kernel (Lightweight) • Share resources (Fast) • Share image (Portable) • Layered file system (Easy commit) • …….
  • 8. Why DevOps prefer docker? • Container-based Platform • Easy/Fast deployment, build, provisioning • Similar performance compared to bare-metal • Low learning curve (Dockerfile use bash shell) • Ansible(Python)/ Chef(Ruby and Erlang) / Puppet(Ruby) • RedHat, IBM, Microsoft, CoreOS... Many companies support.
  • 9. DevOps needs more… • Reliable system management. (Atomic Host, etc) • Handle network complexity (OVS, flanneld, etc) • Management module for bigger infrastructure. (Kubernetes, etc) Docker in real Minimal Docker
  • 10. What is Atomic Host? • Trusted operating system platform • Container-based application • Service deployment • End-to-End hosting architecture that’s modern, reliable and secure. Reliable distribution OS High Secure Module SELinux Container Management
  • 11. Atomic Host Feature • Support packages • Docker • Flannel • Kubernetes • rpm-ostree • Support various file system for Docker • vfs • devicemapper • btrfs • aufs (not recommend for production, not supported) • Networking • Single-host networking : Docker • Multi-host networking : Kubernetes & Flannel
  • 12. How to debug Atomic Host ? • Atomic Host is minimal of RHEL system. • Does NOT use “YUM” on Atomic Host. • How debug or install packages? • Red hat provide “Red Hat Enterprise Linux Atomic Tools Container Image” • It’s Big (1G) • Contains man pages • Opens privileges • May behave differently • How? # docker pull rhel7/rhel-tools # atomic run rhel7/rhel-tools [root@localhost /]#
  • 13. What is Kubernetes? • Greek for “pilot” or “helmsman of a ship” • Kubernetes is an open source Container Cluster orchestration framework that was started by Google in 2014.
  • 14. Kubernetes do WHAT? • Manage docker containers centrally. • Manage nodes. • Handle complex networking. ….. Manage a cluster of Linux containers as a single system to accelerate Dev and simplify Ops
  • 15. Kubernetes Architecture Kubectl(user commands) Scheduling actuator REST (pods,services, rep.controllers) Replication Controller Storage (etcd) kubelet Proxy …… Auth APIServer Scheduler Node cadvisor Pod Pod Pod kubelet Proxy …… Node cadvisor Pod Pod Pod
  • 16. Main Terms • Master • Managing machine, which oversees one or more minions. • Minion • A slave that runs tasks as delegated by the user and Kubernetes master. • Pod • An application (or part of an application) that runs on a minion. • Replication Controller • Ensures that the requested number of pods are running on minions at all times. • Label • An arbitrary key/value pair that the Replication Controller uses for service discovery • Service • An endpoint that provides load balancing across a replicated group of pods • kubectl • The command line config tool
  • 17. Main Components • API Server • REST server • Controller Tower • Controller Manager • Replication Controller Management (Watches etcd) • Scheduler • Communicate with minions • Decide a minion to distribute workload • Check if the task happen. • Kubelet • Manage container deployments • Ensure the state of containers (which is supposed to be in) • Kube-proxy • Route and forward traffic to and from containers • ETCD • Distributed, consistent key value store for shared configuration and service discovery
  • 18. How to configure Kubernetes? # Comma seperated list of nodes in the etcd cluster KUBE_ETCD_SERVERS="--etcd_servers=http://192.168.20.10:4001" configure # The address on the local server to listen to. KUBE_API_ADDRESS="--address=0.0.0.0"... # How the replication controller and scheduler find the kube-apiserver KUBE_MASTER="--master=192.168.20.10:8080" apiserver # Comma seperated list of minions KUBELET_ADDRESSES="--machines=minion1,minion2,minion3,minion4" controller-manager Service Register # systemctl enable etcd kube-apiserver kube-controller-manager kube-scheduler Service Start # systemctl start etcd kube-apiserver kube-controller-manager kube-scheduler Service Check # systemctl status etcd kube-apiserver kube-controller-manager kube-scheduler # systemctl status etcd kube-apiserver kube-controller-manager kube-scheduler | grep active |wc –l 4 Master : /etc/kubernetes/
  • 19. How to configure Kubernetes? Master { "Network": "172.16.0.0/12", "SubnetLen": 24, "Backend": { "Type": "vxlan" } } Create Flanneld-conf.json Flanneld Configuration curl -L http://localhost:4001/v2/keys/atomic01/network/config -XPUT --data-urlencode value@flanneld-conf.json Create key/value on ETCD
  • 20. How to configure Kubernetes? Minion Create /etc/sysconfig/flanneld # etcd url location. Point this to the server where etcd runs FLANNEL_ETCD="http://192.168.122.10:4001" # etcd config key. This is the configuration key that flannel queries # For address range assignment FLANNEL_ETCD_KEY="/atomic01/network" [Unit] After=flanneld.service Requires=flanneld.service [Service] EnvironmentFile=/run/flannel/subnet.env ExecStartPre=-/usr/sbin/ip link del docker0 ExecStart=/usr/bin/docker -d --bip=${FLANNEL_SUBNET} --mtu=${FLANNEL_MTU} $OPTIONS $DOCKER_STORAGE_OPTIONS Create /etc/systemd/system/docker.service.d/10-flanneld-network.conf Flanneld Configuration
  • 21. How to configure Kubernetes? # Comma seperated list of nodes in the etcd cluster KUBE_ETCD_SERVERS="--etcd_servers=http://192.168.20.10:4001“ config # The address for the info server to serve on (set to 0.0.0.0 or "" for all interfaces) KUBELET_ADDRESS="--address=192.168.20.11".. .# You may leave this blank to use the actual hostname KUBELET_HOSTNAME="--hostname_override=minion1" kubelet Minion
  • 22. What does Flanneld do? ens3 192.168.10.11 docker0 172.17.42.1/16 veth0 172.17.0.1/24 veth0 172.17.0.2/24 Atomic Host Pod A Pod B Apache container Apache container Apache container in Pod A Apache container in Pod B Communication ??
  • 23. What does Flanneld do? ens3 192.168.10.11 docker0 172.17.42.1/16 veth0 172.17.0.1/24 veth0 172.17.0.2/24 Atomic Host Pod A Pod B Apache container Apache container Apache container in Pod A Apache container in Pod B Communication OK through docker0 bridge
  • 24. What does Flanneld do? ens3 192.168.10.11 docker0 172.17.42.1/16 veth0 172.17.0.1/24 veth0 172.17.0.2/24 Atomic Host Pod A Pod B Apache container Apache container ens3 192.168.10.12 docker0 172.17.42.1/16 veth0 172.17.0.1/24 veth0 172.17.0.2/24 Atomic Host Pod C Pod D Apache container Apache container br0 192.168.10.1
  • 25. What does Flanneld do? ens3 192.168.10.11 docker0 172.17.42.1/16 veth0 172.17.0.1/24 veth0 172.17.0.2/24 Atomic Host Pod A Pod B Apache container Apache container ens3 192.168.10.12 docker0 172.17.42.1/16 veth0 172.17.0.1/24 veth0 172.17.0.2/24 Atomic Host Pod C Pod D Apache container Apache container br0 192.168.10.1 Apache container in Pod A Apache container in Pod C Communication ??
  • 26. What does Flanneld do? ens3 192.168.10.11 docker0 172.17.42.1/16 veth0 172.17.0.1/24 veth0 172.17.0.2/24 Atomic Host Pod A Pod B Apache container Apache container ens3 192.168.10.12 docker0 172.17.42.1/16 veth0 172.17.0.1/24 veth0 172.17.0.2/24 Atomic Host Pod C Pod D Apache container Apache container br0 192.168.10.1 Apache container in Pod A Apache container in Pod C Communication NO
  • 27. What does Flanneld do? ens3 192.168.10.11 docker0 172.16.32.1/24 veth0 172.16.32.2/24 veth0 172.16.32.3/24 Atomic Host Pod A Pod B Apache container Apache container br0 192.168.10.1 Flannel.1 172.16.32.0/16 flanneld ens3 192.168.10.12 docker0 172.16.10.1/24 veth0 172.16.10.2/24 veth0 172.16.10.3/24 Atomic Host Pod C Pod D Apache container Apache container Flannel.1 172.16.10.0/16 flanneld Apache container in Pod A Apache container in Pod C Communication YES
  • 31. Pod id: "apache" kind: "Pod" apiVersion: "v1beta1" desiredState: manifest: version: "v1beta1" containers: - name: "apache80" image: local-registry:5000/rhel7-ews21:demo imagePullPolicy: PullAlways ports: - containerPort: 80 hostPort: 80 cpu: 100 labels: name: "apache" port: "80"
  • 32. Pod id: "apache" kind: "Pod" apiVersion: "v1beta1" desiredState: manifest: version: "v1beta1" containers: - name: "apache80" image: local-registry:5000/rhel7-ews21:demo imagePullPolicy: PullAlways ports: - containerPort: 80 hostPort: 80 cpu: 100 labels: name: "apache" port: "80" POD IP CONTAINER(S) IMAGE(S) HOST LABELS STATUS apache 172.16.69.238 apache80 local-registry:5000/rhel7-ews21:demo minion4/ name=apache,port=80 Running
  • 33. Pod id: "apache" kind: "Pod" apiVersion: "v1beta1" desiredState: manifest: version: "v1beta1" containers: - name: "apache80" image: local-registry:5000/rhel7-ews21:demo imagePullPolicy: PullAlways ports: - containerPort: 80 hostPort: 80 cpu: 100 labels: name: "apache" port: "80" POD IP CONTAINER(S) IMAGE(S) HOST LABELS STATUS apache 172.16.69.238 apache80 local-registry:5000/rhel7-ews21:demo minion4/ name=apache,port=80 Running minion1 minion2 minion3 minion4 Pod : apache apache80 Container 172.16.69.238
  • 34. Pod id: "apache" kind: "Pod" apiVersion: "v1beta1" desiredState: manifest: version: "v1beta1" containers: - name: "apache80" image: local-registry:5000/rhel7-ews21:demo imagePullPolicy: PullAlways ports: - containerPort: 80 hostPort: 80 cpu: 100 labels: name: "apache" port: "80" POD IP CONTAINER(S) IMAGE(S) HOST LABELS STATUS apache 172.16.69.238 apache80 local-registry:5000/rhel7-ews21:demo minion4/ name=apache,port=80 Running minion1 minion2 minion3 minion4 Pod : apache apache80 Container 172.16.69.238 172.16.69.28 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 1a0e11d8363e local-registry:5000/rhel7-ews21:demo "/bin/sh -c '$EWS_HO 14 minutes ago Up 14 minutes k8s_apache80.afee6806
  • 35. Pod id: "apache" ….. containers: - name: "apache80" image: local-registry:5000/rhel7-ews21:demo imagePullPolicy: PullAlways ports: - containerPort: 80 hostPort: 80 cpu: 100 - name: "apache8080" image: local-registry:5000/rhel7-ews21:8080 imagePullPolicy: PullAlways ports: - containerPort: 8080 hostPort: 8080 cpu: 100 labels: name: "apache" POD IP CONTAINER(S) IMAGE(S) HOST LABELS STATUS apache 172.16.15.9 apache80 local-registry:5000/rhel7-ews21:demo minion3/ name=apache Running apache8080 jonlangemak/docker:web_container_8080 minion3 Pod : apache apache80 172.16.15.9 apache8080 pause
  • 36. Pod id: "apache" ….. containers: - name: "apache80" image: local-registry:5000/rhel7-ews21:demo imagePullPolicy: PullAlways ports: - containerPort: 80 hostPort: 80 cpu: 100 - name: "apache8080" image: jonlangemak/docker:web_container_8080 imagePullPolicy: PullAlways ports: - containerPort: 8080 hostPort: 8080 cpu: 100 labels: name: "apache" minion3 Pod : apache apache80 172.16.15.9 apache8080 pause CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES af1e66870aa1 jonlangemak/docker:web_container_8080 "/usr/bin/supervisor 7 minutes ago Up 7 minutes k8s_apache8080….. f3c0c5009a1b local-registry:5000/rhel7-ews21:demo "/bin/sh -c '$EWS_HO 10 minutes ago Up 10 minutes k8s_apache80.32…. 605fccc3e06f kubernetes/pause:latest "/pause" 10 minutes ago Up 10 minutes 0.0.0.0:80->80/tcp, 0.0.0.0:8080->8080/tcp k8s_net.13b8d9d0_...
  • 37. Replication Controller id: apache-rc-controller apiVersion: v1beta1 kind: ReplicationController desiredState: replicas: 3 replicaSelector: name: apache podTemplate: desiredState: manifest: version: v1beta1 id: apache-pod containers: - name: apache-pod image: local-registry:5000/rhel7-ews21:demo imagePullPolicy: PullAlways ports: - containerPort: 80 hostPort: 80 labels: name: apache port : 80
  • 38. Replication Controller id: apache-rc-controller apiVersion: v1beta1 kind: ReplicationController desiredState: replicas: 3 replicaSelector: name: apache .… id: apache-pod containers: - name: apache-pod image: local-registry:5000/rhel7-ews21:demo imagePullPolicy: PullAlways ports: - containerPort: 80 hostPort: 80 labels: name: apache port : 80 CONTROLLER CONTAINER(S) IMAGE(S) SELECTOR REPLICAS apache-rc-controller apache-pod local-registry:5000/rhel7-ews21:demo name=apache 3 minion1 minion2 minion3 minion4 Pod : apache apache80 Container 172.16.69.239 POD IP CONTAINER(S) IMAGE(S) HOST LABELS STATUS ff433d37-…-52540098677f 172.16.31.28 apache-pod loal-registry:5000/rhel7-ews21:demo minion1/ name=apache Running 26a89e0e-…-52540098677f 172.16.20.15 apache-pod local-registry:5000/rhel7-ews21:demo minion2/ name=apache Running d7deb52e-…-52540098677f 172.16.69.239 apache-pod local-registry:5000/rhel7-ews21:demo minion4/ name=apache Running Pod : apache apache80 Container 172.16.31.28 Pod : apache apache80 Container 172.16.20.15 Replication Controller
  • 39. Replication Controller id: apache-rc-controller apiVersion: v1beta1 kind: ReplicationController desiredState: replicas: 1 replicaSelector: name: apache .… id: apache-pod containers: - name: apache-pod image: local-registry:5000/rhel7-ews21:demo imagePullPolicy: PullAlways ports: - containerPort: 80 hostPort: 80 labels: name: apache port : 80 CONTROLLER CONTAINER(S) IMAGE(S) SELECTOR REPLICAS apache-rc-controller apache-pod local-registry:5000/rhel7-ews21:demo name=apache 1 POD IP CONTAINER(S) IMAGE(S) HOST LABELS STATUS d7deb52e-…-52540098677f 172.16.69.239 apache-pod local-registry:5000/rhel7-ews21:demo minion4/ name=apache Running minion1 minion2 minion3 minion4 Pod : apache apache80 Container 172.16.69.239 Pod : apache apache80 Container 172.16.31.28 Pod : apache apache80 Container 172.16.20.15 Replication Controller
  • 40. Service POD IP CONTAINER(S) IMAGE(S) HOST LABELS STATUS ff433d37-…-52540098677f 172.16.31.28 apache-pod local-registry:5000/rhel7-ews21:demo minion1/ name=apache Running 26a89e0e-…-52540098677f 172.16.20.15 apache-pod local-registry:5000/rhel7-ews21:demo minion2/ name=apache Running d7deb52e-…-52540098677f 172.16.69.239 apache-pod local-registry:5000/rhel7-ews21:demo minion4/ name=apache Running NAME LABELS SELECTOR IP PORT apache-service name=apache-service name=apache 10.254.220.71 80 CONTROLLER CONTAINER(S) IMAGE(S) SELECTOR REPLICAS apache-rc-controller apache-pod local-registry:5000/rhel7-ews21:demo name=apache 3 Service Replication Controller Pod id: apache-service kind: Service apiVersion: v1beta1 port: 80 containerPort: 80 selector: name: apache labels: name: apache-service
  • 41. Service #iptables –L –n –t nat …. Chain KUBE-PORTALS-CONTAINER (1 references) target prot opt source destination REDIRECT tcp -- 0.0.0.0/0 10.254.57.4 /* apache-service */ tcp dpt:80 redir ports 42927 REDIRECT tcp -- 0.0.0.0/0 10.254.12.160 /* kubernetes */ tcp dpt:443 redir ports 43044 REDIRECT tcp -- 0.0.0.0/0 10.254.34.217 /* kubernetes-ro */ tcp dpt:80 redir ports 49932 Chain KUBE-PORTALS-HOST (1 references) target prot opt source destination DNAT tcp -- 0.0.0.0/0 10.254.57.4 /* apache-service */ tcp dpt:80 to:192.168.20.12:42927 DNAT tcp -- 0.0.0.0/0 10.254.12.160 /* kubernetes */ tcp dpt:443 to:192.168.20.12:43044 DNAT tcp -- 0.0.0.0/0 10.254.34.217 /* kubernetes-ro */ tcp dpt:80 to:192.168.20.12:49932 Mininon 2 #iptables –L –n –t nat Chain KUBE-PORTALS-CONTAINER (1 references) target prot opt source destination REDIRECT tcp -- 0.0.0.0/0 10.254.57.4 /* apache-service */ tcp dpt:80 redir ports 40144 REDIRECT tcp -- 0.0.0.0/0 10.254.12.160 /* kubernetes */ tcp dpt:443 redir ports 42578 REDIRECT tcp -- 0.0.0.0/0 10.254.34.217 /* kubernetes-ro */ tcp dpt:80 redir ports 36642 Chain KUBE-PORTALS-HOST (1 references) target prot opt source destination DNAT tcp -- 0.0.0.0/0 10.254.57.4 /* apache-service */ tcp dpt:80 to:192.168.20.14:40144 DNAT tcp -- 0.0.0.0/0 10.254.12.160 /* kubernetes */ tcp dpt:443 to:192.168.20.14:42578 DNAT tcp -- 0.0.0.0/0 10.254.34.217 /* kubernetes-ro */ tcp dpt:80 to:192.168.20.14:36642 Mininon 4
  • 42. Service minion1 minion2 minion3 minion4 Pod : apache apache80 Container 172.16.69.239 Pod : apache apache80 Container 172.16.31.28 Pod : apache apache80 Container 172.16.20.15 Service 10.254.220.71:80
  • 43. Service minion1 minion2 minion3 minion4 Pod : apache apache80 Container 172.16.69.239 Pod : apache apache80 Container 172.16.31.28 Pod : apache apache80 Container 172.16.20.15 Kube-Proxy Kube-ProxyKube-Proxy Kube-Proxy docker0 flannel.1 12 14 docker0 flannel.1 docker0 flannel.1 docker0 flannel.1 1311 On 172.16.20.15(minion2) request to 10.254.220.71:80 # Curl 10.254.220.71
  • 44. Kubectl commands • Create • kubectl create pod/service/rc –f *.yaml/json • Log • kubectl log pod <pod_id> • Get • kubectl get pod/service/rc • Describe • kubectl describe pod <pod_id> • Update • kubectl update –f *.yaml/json • Delete • kubectl delete pod/service/rc <id> or –l <label> • Resize replicas • kubectl resize --current-replicas=3 --replicas=4 rc apache-rc-controller • Rollingupdate • kubectl rollingupdate apache-rc-controller -f apache-rc-2.yaml --update-period="5s"
  • 45. Live Demo •EAP test environment using Docker •Rolling Update

Editor's Notes

  • #6: Devops란 개발과 운영을 합쳐서 하나의 조직내에서 서비스를 독립적으로 개발 및 운영할 수 있는 협업 체계이자 개발 문화라고 정의할 수 있다