SlideShare a Scribd company logo

Sf bay area Kubernetes meetup dec8 2016 - deployment models

P
Peter Ss

The document discusses Kubernetes deployment models and the challenges of managing complex microservice architectures, emphasizing the need for a solution to handle dependencies efficiently. It introduces the K8s AppController, which allows for the expression of dependencies between Kubernetes objects and automates the deployment of multi-tier applications. The document also outlines the functionality of the AppController, including its workflow, architecture, and future roadmap for enhancements.

Technology
1 of 39
Downloaded 30 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
Copyright © 2015 Mirantis, Inc. All rights reserved www.mirantis.com Kubernetes deployment models (modelling complex applications in K8S) Dec8 2016 Piotr Siwczak (https://www.linkedin.com/in/psiwczak)
Copyright © 2015 Mirantis, Inc. All rights reserved Agenda ● Challenges in managing complex microservice architectures ● What’s missing in K8S to manage complex microservice architectures efficiently ● K8S AppController as an enhancement to handle complex architectures ● Demo of AppController ● Q&A about AppController
Copyright © 2015 Mirantis, Inc. All rights reserved Challenges in managing microservice architectures
Copyright © 2015 Mirantis, Inc. All rights reserved Linux as a microservice apps platform Collection of small, independent programs acting together to form larger systems. Programs communicate over standardized protocols/API-s Abstracts computing resources (kernel)
Copyright © 2015 Mirantis, Inc. All rights reserved Unix/Linux simplified architecture Kernel Libraries Init system Interactive shell Userspace apps Resource access Orchestration User functionality
Copyright © 2015 Mirantis, Inc. All rights reserved The role of init system SysVInit … Upstart … Systemd Init makes sure that apps start in proper order and deps for them are handled e.g. Network subsystem -> Iptables -> ssh
Copyright © 2015 Mirantis, Inc. All rights reserved Apps - combined K8S resources Kubernetes clients (kubectl...) Kubernetes resources (pod, service…) Unix/Linux vs K8S Kernel Libraries Init system Interactive shell Userspace apps ?
Copyright © 2015 Mirantis, Inc. All rights reserved Do we have init equivalent in k8s? Original photo by https://www.flickr.com/people/waferboard/ License: CC BY v2.0, Title: “wholesome stirfry” “Containers start in parallel after volumes are mounted, leaving no opportunity for coordination between containers...” https://github.com/kubernetes/kubernetes/blob/master/ docs/proposals/container-init.md
Copyright © 2015 Mirantis, Inc. All rights reserved ...to make a good dish one needs to follow steps Original photo by https://www.flickr.com/people/waferboard/ License: CC BY v2.0, Title: “wholesome stirfry” ● heat oil ● add garlic ● add veggies and sauce ● add meat
Copyright © 2015 Mirantis, Inc. All rights reserved K8S challenge for complex apps (T3) wordpress depl/service (T2) mysql depl/service (T1) mysql password password db dns name & password kubectl create -f mysql-pass.yaml kubectl create -f mysql-deployment.yaml kubectl create -f wordpress-deplyment.yaml
Copyright © 2015 Mirantis, Inc. All rights reserved Is lack of deps really a problem for K8S? We all know microservices are supposed to orchestrate themselves and tolerate failures ...but…
Copyright © 2015 Mirantis, Inc. All rights reserved ...deps seem to be needed https://blog.xebialabs.com/2015/04/13/before-you-go-over-the-container-cliff-with-docker-mesos-etc-po ints-to-consider/ “"A common definition for a microservice we often hear mentioned is an “independently-deployable unit”, and indeed it is good practice to design your microservices so they can start up successfully without requiring all kinds of other components to be available. But in the vast majority of cases, “no microservice is an island”...
Copyright © 2015 Mirantis, Inc. All rights reserved ...deps seem to be needed Docker-compose and Mesos application groups are here and being used: https://docs.docker.com/compose/gettingstarted/ https://mesosphere.github.io/marathon/docs/application-groups.html
Copyright © 2015 Mirantis, Inc. All rights reserved ...deps seem to be needed https://github.com/vishnubob/wait-for-it
Copyright © 2015 Mirantis, Inc. All rights reserved ...deps seem to be needed https://github.com/mesosphere/kubernetes-mesos/issues/119 http://stackoverflow.com/questions/27701994/specify-order-dockers-run-on-kube rnetes-pod https://github.com/kubernetes/kubernetes/issues/29804
Copyright © 2015 Mirantis, Inc. All rights reserved https://github.com/Mirantis/k8s-AppController AppController
Copyright © 2015 Mirantis, Inc. All rights reserved ● way to express dependencies between K8S objects, ● thus allowing to deploy complex, multi-tier applications in fully automated fashion ● k8s object dependency graph: ● definitions (nodes) ● dependencies (edges) AppController - really short summary...
Copyright © 2015 Mirantis, Inc. All rights reserved Before… ● kubectl create -f t1.yaml ● check status… ● kubectl create -f t2.yaml ● check status… ● kubectl create -f t3.yaml ● …. After… ● kubectl create -f graph.yaml ● k8s-appcontroller ac-run
Copyright © 2015 Mirantis, Inc. All rights reserved AppController architecture Kubernetes k8s-appcontroller pod kubeac binary k8s API extensions 3rd party resources: dependency definition
Copyright © 2015 Mirantis, Inc. All rights reserved workflow AppController
Copyright © 2015 Mirantis, Inc. All rights reserved AppController workflow - definitions Definition Standard K8S resource (deployment, pod, service…) Definition Standard K8S resource (deployment, pod, service…) Definition Standard K8S resource (deployment, pod, service…) Definition Standard K8S resource (deployment, pod, service…) kubectl create -f definitions.yaml
Copyright © 2015 Mirantis, Inc. All rights reserved AppController workflow - definitions apiVersion: appcontroller.k8s/v1alpha1 kind: Definition metadata: name: secret-mysql-pass secret: apiVersion: v1 data: password.txt: cXdxd3F3 kind: Secret metadata: creationTimestamp: 2016-12-06T16:56:02Z name: mysql-pass namespace: default secret/mysql-pass Standard K8S resource (secret) Objects are not created in k8s until triggered by AppController!
Copyright © 2015 Mirantis, Inc. All rights reserved Definitions - summary Definition: ● “node” in the graph ● wrapper over regular k8s resource ● defers the creation of the resource until triggered (in contrary to “kubectl create -f” which creates the resource immediately
Copyright © 2015 Mirantis, Inc. All rights reserved AppController - dependencies Definition Standard K8S resource (deployment, pod, service…) Definition Standard K8S resource (deployment, pod, service…) Definition Standard K8S resource (deployment, pod, service…) Definition Standard K8S resource (deployment, pod, service…) start end kubectl create -f deps.yaml
Copyright © 2015 Mirantis, Inc. All rights reserved AppController - dependencies apiVersion: appcontroller.k8s/v1alpha1 kind: Dependency metadata: name: mysql-pass--to--mysql-deployment parent: secret/mysql-pass child: deployment/mysql secret/mysql-pass Standard K8S resource (secret) deployment/mysql Standard K8S resource (deployment)
Copyright © 2015 Mirantis, Inc. All rights reserved Dependencies - summary Dependency: ● “edge” in the graph ● links definitions together ● provides the sense of dependency between definitions
Copyright © 2015 Mirantis, Inc. All rights reserved AppController - application rollout Definition Standard K8S resource (deployment, pod, service…) Definition Standard K8S resource (deployment, pod, service…) Definition Standard K8S resource (deployment, pod, service…) Definition Standard K8S resource (deployment, pod, service…) start end kubectl exec k8s-appcontroller ac-run kubectl exec k8s-appcontroller kubeac get-status
Copyright © 2015 Mirantis, Inc. All rights reserved AppController workflow - summary ● “wrap” regular k8s resources into definitions > defs.yaml ● load defs.yaml to k8s ● create dependencies between resources > deps.yaml ● load deps.yaml into k8s ● trigger the app deployment from AppController application (kubectl exec k8s-appcontroller ac-run)
Copyright © 2015 Mirantis, Inc. All rights reserved MySQL + Wordpress Demo
Copyright © 2015 Mirantis, Inc. All rights reserved def_db_password AppController - wordpress deployment secret: db_password def_db_deploymt deployment: mysql-deploym ent def_db_service service: db_service def_wp_deploymt deployment: wordpress-dep loyment def_wp_service service: wordpress-ser vice DB_PASS DB_HOSTNAME, DB_PASS
Copyright © 2015 Mirantis, Inc. All rights reserved Questions/Answers
Copyright © 2015 Mirantis, Inc. All rights reserved Q&A Q: What if I abort the deployment in the middle - how does AppController recover from partially provisioned graph? A: AppController will check the status of already provisioned resources. Will only provision the ones which are absent
Copyright © 2015 Mirantis, Inc. All rights reserved Q&A Q: Can I run multiple AppControllers on a single K8S ? A: You can run 1 AppController per namespace
Copyright © 2015 Mirantis, Inc. All rights reserved Q&A Q: What K8S resources can be currently wrapped into definitions? A: - Daemonset - Job - Petset - Pod - Replicaset - Service - ConfigMap - Secrets - Deployments
Copyright © 2015 Mirantis, Inc. All rights reserved Q&A Q: How is provisioning of resources validated? A: Status of the k8s resource is checked. AppController implements also some checks of its own (e.g. for replicasets readiness probe is based on “success factor” or all resources ready. Success factor is a part of appcontroller and for services we are checking service selector and see if the backends are ready - e.g. replica sets)
Copyright © 2015 Mirantis, Inc. All rights reserved Q&A Q: What’s on the roadmap? A: Graph notifications, reactions, error handling More resources supported Usability improvements Better documentation (incl. real-life complex examples)
Copyright © 2015 Mirantis, Inc. All rights reserved Q&A Q: How AppController is different from Init Containers? A: Supports more complex deployments (complex graphs) Handles deps not only between containers Checks resource states (no need to implement custom probes in the container) Keeps debug logs in one place Can react to changes in the graph
Copyright © 2015 Mirantis, Inc. All rights reserved Recording https://www.youtube.com/watch?v=7GSwSTtBAYo&utm_cont ent=38600000
Copyright © 2015 Mirantis, Inc. All rights reserved Thank you!

More Related Content

PDF
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
Josef Adersberger
 
PPTX
Building Portable Applications with Kubernetes
Kublr
 
PDF
Introduction to kubernetes
Gabriel Carro
 
PPTX
Istio canaries and kubernetes
Red Hat Developers
 
PDF
Single tenant software to multi-tenant SaaS using K8S
CloudLinux
 
PPTX
Netflix0SS Services on Docker
Docker, Inc.
 
PPTX
The Mushroom Cloud Effect or What Happens When Containers Fail? by Alois Mayr...
Docker, Inc.
 
PDF
Microservices + Events + Docker = A Perfect Trio by Docker Captain Chris Rich...
Docker, Inc.
 
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
Josef Adersberger
 
Building Portable Applications with Kubernetes
Kublr
 
Introduction to kubernetes
Gabriel Carro
 
Istio canaries and kubernetes
Red Hat Developers
 
Single tenant software to multi-tenant SaaS using K8S
CloudLinux
 
Netflix0SS Services on Docker
Docker, Inc.
 
The Mushroom Cloud Effect or What Happens When Containers Fail? by Alois Mayr...
Docker, Inc.
 
Microservices + Events + Docker = A Perfect Trio by Docker Captain Chris Rich...
Docker, Inc.
 

What's hot (20)

PDF
Kubernetes Concepts And Architecture Powerpoint Presentation Slides
SlideTeam
 
PDF
Securing Containers - Sathyajit Bhat - Adobe - Container Conference 18
CodeOps Technologies LLP
 
PPTX
Simple tweaks to get the most out of your JVM
Jamie Coleman
 
PDF
CDK Meetup: Rule the World through IaC
smalltown
 
PPTX
Centralizing Kubernetes and Container Operations
Kublr
 
PPTX
Multi-Clusters Made Easy with Liqo:
Getting Rid of Your Clusters Keeping Them...
KCDItaly
 
PDF
Container World 2017 - Characterizing and Contrasting Container Orchestrators
Lee Calcote
 
PDF
Kubernetes One-Click Deployment: Hands-on Workshop (Munich)
QAware GmbH
 
PDF
KNATIVE - DEPLOY, AND MANAGE MODERN CONTAINER-BASED SERVERLESS WORKLOADS
Elad Hirsch
 
PPTX
Building Cloud Native Applications Using Spring Boot and Spring Cloud
GeekNightHyderabad
 
PPTX
K8S in prod
Mageshwaran Rajendran
 
PDF
Kubernetes "Ubernetes" Cluster Federation by Quinton Hoole (Google, Inc) Huaw...
Quinton Hoole
 
PDF
OpenStack on Kubernetes (BOS Summit / May 2017 update)
rhirschfeld
 
PPTX
Intro to kubernetes
Faculty of Technical Sciences, University of Novi Sad
 
PDF
The Operator Pattern - Managing Stateful Services in Kubernetes
QAware GmbH
 
PPTX
Application Portability with Kubernetes (k8)
Kublr
 
PDF
Kubernetes as Infrastructure Abstraction
Kublr
 
PDF
Kubernetes stack reliability
Oleg Chunikhin
 
PPTX
Serverless and Servicefull Applications - Where Microservices complements Ser...
Red Hat Developers
 
PDF
MongoDB.local Austin 2018: MongoDB Ops Manager + Kubernetes
MongoDB
 
Kubernetes Concepts And Architecture Powerpoint Presentation Slides
SlideTeam
 
Securing Containers - Sathyajit Bhat - Adobe - Container Conference 18
CodeOps Technologies LLP
 
Simple tweaks to get the most out of your JVM
Jamie Coleman
 
CDK Meetup: Rule the World through IaC
smalltown
 
Centralizing Kubernetes and Container Operations
Kublr
 
Multi-Clusters Made Easy with Liqo:
Getting Rid of Your Clusters Keeping Them...
KCDItaly
 
Container World 2017 - Characterizing and Contrasting Container Orchestrators
Lee Calcote
 
Kubernetes One-Click Deployment: Hands-on Workshop (Munich)
QAware GmbH
 
KNATIVE - DEPLOY, AND MANAGE MODERN CONTAINER-BASED SERVERLESS WORKLOADS
Elad Hirsch
 
Building Cloud Native Applications Using Spring Boot and Spring Cloud
GeekNightHyderabad
 
K8S in prod
Mageshwaran Rajendran
 
Kubernetes "Ubernetes" Cluster Federation by Quinton Hoole (Google, Inc) Huaw...
Quinton Hoole
 
OpenStack on Kubernetes (BOS Summit / May 2017 update)
rhirschfeld
 
Intro to kubernetes
Faculty of Technical Sciences, University of Novi Sad
 
The Operator Pattern - Managing Stateful Services in Kubernetes
QAware GmbH
 
Application Portability with Kubernetes (k8)
Kublr
 
Kubernetes as Infrastructure Abstraction
Kublr
 
Kubernetes stack reliability
Oleg Chunikhin
 
Serverless and Servicefull Applications - Where Microservices complements Ser...
Red Hat Developers
 
MongoDB.local Austin 2018: MongoDB Ops Manager + Kubernetes
MongoDB
 
Ad

Similar to Sf bay area Kubernetes meetup dec8 2016 - deployment models (20)

PPTX
Operating Kubernetes at Scale (Australia Presentation)
Mesosphere Inc.
 
PDF
Kubernetes Docker Container Implementation Ppt PowerPoint Presentation Slide ...
SlideTeam
 
PDF
An Architectural Deep Dive With Kubernetes And Containers Powerpoint Presenta...
SlideTeam
 
PDF
Concevoir et déployer vos applications a base de microservices sur Cloud Foundry
VMware Tanzu
 
PDF
Why Microservice
Kelvin Yeung
 
PDF
Kubernetes One-Click Deployment: Hands-on Workshop (Mainz)
QAware GmbH
 
PDF
Accelerating the Software Delivery Pipelinewith Mirantis OpenStack
Bob Sokol
 
PPTX
[2015-11월 정기 세미나] Cloud Native Platform - Pivotal
OpenStack Korea Community
 
PDF
Kolla - containerizing the cloud itself
Michal Rostecki
 
PDF
Masterless Puppet Using AWS S3 Buckets and IAM Roles
Malcolm Duncanson, CISSP
 
PPTX
Webinar: Operating Kubernetes at Scale
Mesosphere Inc.
 
PDF
Driving Digital Transformation With Containers And Kubernetes Complete Deck
SlideTeam
 
PDF
Docker Orchestrators
Andrew Sullivan
 
PDF
Tech Talk: Harness the Power of Innovations Like Microservice Architecture an...
CA Technologies
 
PDF
Cloud expo 2015_rags
ragss
 
PDF
AppSphere 15 - Monitoring Cloud Native Apps on Pivotal Cloud Foundry with App...
AppDynamics
 
PPTX
Cloud Foundry Diego, Lattice, Docker and more
cornelia davis
 
PPTX
What's new in Pivotal Cloud Foundry 1.6
dektlong
 
PPTX
Episode 2: Deploying Kubernetes at Scale
Mesosphere Inc.
 
PDF
Cisco at v mworld 2015 shipped-vmworld
ldangelo0772
 
Operating Kubernetes at Scale (Australia Presentation)
Mesosphere Inc.
 
Kubernetes Docker Container Implementation Ppt PowerPoint Presentation Slide ...
SlideTeam
 
An Architectural Deep Dive With Kubernetes And Containers Powerpoint Presenta...
SlideTeam
 
Concevoir et déployer vos applications a base de microservices sur Cloud Foundry
VMware Tanzu
 
Why Microservice
Kelvin Yeung
 
Kubernetes One-Click Deployment: Hands-on Workshop (Mainz)
QAware GmbH
 
Accelerating the Software Delivery Pipelinewith Mirantis OpenStack
Bob Sokol
 
[2015-11월 정기 세미나] Cloud Native Platform - Pivotal
OpenStack Korea Community
 
Kolla - containerizing the cloud itself
Michal Rostecki
 
Masterless Puppet Using AWS S3 Buckets and IAM Roles
Malcolm Duncanson, CISSP
 
Webinar: Operating Kubernetes at Scale
Mesosphere Inc.
 
Driving Digital Transformation With Containers And Kubernetes Complete Deck
SlideTeam
 
Docker Orchestrators
Andrew Sullivan
 
Tech Talk: Harness the Power of Innovations Like Microservice Architecture an...
CA Technologies
 
Cloud expo 2015_rags
ragss
 
AppSphere 15 - Monitoring Cloud Native Apps on Pivotal Cloud Foundry with App...
AppDynamics
 
Cloud Foundry Diego, Lattice, Docker and more
cornelia davis
 
What's new in Pivotal Cloud Foundry 1.6
dektlong
 
Episode 2: Deploying Kubernetes at Scale
Mesosphere Inc.
 
Cisco at v mworld 2015 shipped-vmworld
ldangelo0772
 
Ad

Recently uploaded (20)

PPTX
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
PDF
[발표본] 너의 과제는 클라우드에 있어_KTDS_김동현_20250524.pdf
ssuserf8b8bd1
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PDF
GDG Cloud Iasi [PUBLIC] Florian Blaga - Unveiling the Evolution of Cybersecur...
athlonica
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PDF
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
PDF
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
PDF
GamePlan Trading System Review: Professional Trader's Honest Take
SOFTTECHHUB
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
PDF
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PPTX
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
PDF
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
[발표본] 너의 과제는 클라우드에 있어_KTDS_김동현_20250524.pdf
ssuserf8b8bd1
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
GDG Cloud Iasi [PUBLIC] Florian Blaga - Unveiling the Evolution of Cybersecur...
athlonica
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
GamePlan Trading System Review: Professional Trader's Honest Take
SOFTTECHHUB
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
MYSQL Presentation for SQL database connectivity
Swati270511
 
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
Cloud computing and distributed systems.
kkkkkhan
 
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 

Sf bay area Kubernetes meetup dec8 2016 - deployment models

  • 1. Copyright © 2015 Mirantis, Inc. All rights reserved www.mirantis.com Kubernetes deployment models (modelling complex applications in K8S) Dec8 2016 Piotr Siwczak (https://www.linkedin.com/in/psiwczak)
  • 2. Copyright © 2015 Mirantis, Inc. All rights reserved Agenda ● Challenges in managing complex microservice architectures ● What’s missing in K8S to manage complex microservice architectures efficiently ● K8S AppController as an enhancement to handle complex architectures ● Demo of AppController ● Q&A about AppController
  • 3. Copyright © 2015 Mirantis, Inc. All rights reserved Challenges in managing microservice architectures
  • 4. Copyright © 2015 Mirantis, Inc. All rights reserved Linux as a microservice apps platform Collection of small, independent programs acting together to form larger systems. Programs communicate over standardized protocols/API-s Abstracts computing resources (kernel)
  • 5. Copyright © 2015 Mirantis, Inc. All rights reserved Unix/Linux simplified architecture Kernel Libraries Init system Interactive shell Userspace apps Resource access Orchestration User functionality
  • 6. Copyright © 2015 Mirantis, Inc. All rights reserved The role of init system SysVInit … Upstart … Systemd Init makes sure that apps start in proper order and deps for them are handled e.g. Network subsystem -> Iptables -> ssh
  • 7. Copyright © 2015 Mirantis, Inc. All rights reserved Apps - combined K8S resources Kubernetes clients (kubectl...) Kubernetes resources (pod, service…) Unix/Linux vs K8S Kernel Libraries Init system Interactive shell Userspace apps ?
  • 8. Copyright © 2015 Mirantis, Inc. All rights reserved Do we have init equivalent in k8s? Original photo by https://www.flickr.com/people/waferboard/ License: CC BY v2.0, Title: “wholesome stirfry” “Containers start in parallel after volumes are mounted, leaving no opportunity for coordination between containers...” https://github.com/kubernetes/kubernetes/blob/master/ docs/proposals/container-init.md
  • 9. Copyright © 2015 Mirantis, Inc. All rights reserved ...to make a good dish one needs to follow steps Original photo by https://www.flickr.com/people/waferboard/ License: CC BY v2.0, Title: “wholesome stirfry” ● heat oil ● add garlic ● add veggies and sauce ● add meat
  • 10. Copyright © 2015 Mirantis, Inc. All rights reserved K8S challenge for complex apps (T3) wordpress depl/service (T2) mysql depl/service (T1) mysql password password db dns name & password kubectl create -f mysql-pass.yaml kubectl create -f mysql-deployment.yaml kubectl create -f wordpress-deplyment.yaml
  • 11. Copyright © 2015 Mirantis, Inc. All rights reserved Is lack of deps really a problem for K8S? We all know microservices are supposed to orchestrate themselves and tolerate failures ...but…
  • 12. Copyright © 2015 Mirantis, Inc. All rights reserved ...deps seem to be needed https://blog.xebialabs.com/2015/04/13/before-you-go-over-the-container-cliff-with-docker-mesos-etc-po ints-to-consider/ “"A common definition for a microservice we often hear mentioned is an “independently-deployable unit”, and indeed it is good practice to design your microservices so they can start up successfully without requiring all kinds of other components to be available. But in the vast majority of cases, “no microservice is an island”...
  • 13. Copyright © 2015 Mirantis, Inc. All rights reserved ...deps seem to be needed Docker-compose and Mesos application groups are here and being used: https://docs.docker.com/compose/gettingstarted/ https://mesosphere.github.io/marathon/docs/application-groups.html
  • 14. Copyright © 2015 Mirantis, Inc. All rights reserved ...deps seem to be needed https://github.com/vishnubob/wait-for-it
  • 15. Copyright © 2015 Mirantis, Inc. All rights reserved ...deps seem to be needed https://github.com/mesosphere/kubernetes-mesos/issues/119 http://stackoverflow.com/questions/27701994/specify-order-dockers-run-on-kube rnetes-pod https://github.com/kubernetes/kubernetes/issues/29804
  • 16. Copyright © 2015 Mirantis, Inc. All rights reserved https://github.com/Mirantis/k8s-AppController AppController
  • 17. Copyright © 2015 Mirantis, Inc. All rights reserved ● way to express dependencies between K8S objects, ● thus allowing to deploy complex, multi-tier applications in fully automated fashion ● k8s object dependency graph: ● definitions (nodes) ● dependencies (edges) AppController - really short summary...
  • 18. Copyright © 2015 Mirantis, Inc. All rights reserved Before… ● kubectl create -f t1.yaml ● check status… ● kubectl create -f t2.yaml ● check status… ● kubectl create -f t3.yaml ● …. After… ● kubectl create -f graph.yaml ● k8s-appcontroller ac-run
  • 19. Copyright © 2015 Mirantis, Inc. All rights reserved AppController architecture Kubernetes k8s-appcontroller pod kubeac binary k8s API extensions 3rd party resources: dependency definition
  • 20. Copyright © 2015 Mirantis, Inc. All rights reserved workflow AppController
  • 21. Copyright © 2015 Mirantis, Inc. All rights reserved AppController workflow - definitions Definition Standard K8S resource (deployment, pod, service…) Definition Standard K8S resource (deployment, pod, service…) Definition Standard K8S resource (deployment, pod, service…) Definition Standard K8S resource (deployment, pod, service…) kubectl create -f definitions.yaml
  • 22. Copyright © 2015 Mirantis, Inc. All rights reserved AppController workflow - definitions apiVersion: appcontroller.k8s/v1alpha1 kind: Definition metadata: name: secret-mysql-pass secret: apiVersion: v1 data: password.txt: cXdxd3F3 kind: Secret metadata: creationTimestamp: 2016-12-06T16:56:02Z name: mysql-pass namespace: default secret/mysql-pass Standard K8S resource (secret) Objects are not created in k8s until triggered by AppController!
  • 23. Copyright © 2015 Mirantis, Inc. All rights reserved Definitions - summary Definition: ● “node” in the graph ● wrapper over regular k8s resource ● defers the creation of the resource until triggered (in contrary to “kubectl create -f” which creates the resource immediately
  • 24. Copyright © 2015 Mirantis, Inc. All rights reserved AppController - dependencies Definition Standard K8S resource (deployment, pod, service…) Definition Standard K8S resource (deployment, pod, service…) Definition Standard K8S resource (deployment, pod, service…) Definition Standard K8S resource (deployment, pod, service…) start end kubectl create -f deps.yaml
  • 25. Copyright © 2015 Mirantis, Inc. All rights reserved AppController - dependencies apiVersion: appcontroller.k8s/v1alpha1 kind: Dependency metadata: name: mysql-pass--to--mysql-deployment parent: secret/mysql-pass child: deployment/mysql secret/mysql-pass Standard K8S resource (secret) deployment/mysql Standard K8S resource (deployment)
  • 26. Copyright © 2015 Mirantis, Inc. All rights reserved Dependencies - summary Dependency: ● “edge” in the graph ● links definitions together ● provides the sense of dependency between definitions
  • 27. Copyright © 2015 Mirantis, Inc. All rights reserved AppController - application rollout Definition Standard K8S resource (deployment, pod, service…) Definition Standard K8S resource (deployment, pod, service…) Definition Standard K8S resource (deployment, pod, service…) Definition Standard K8S resource (deployment, pod, service…) start end kubectl exec k8s-appcontroller ac-run kubectl exec k8s-appcontroller kubeac get-status
  • 28. Copyright © 2015 Mirantis, Inc. All rights reserved AppController workflow - summary ● “wrap” regular k8s resources into definitions > defs.yaml ● load defs.yaml to k8s ● create dependencies between resources > deps.yaml ● load deps.yaml into k8s ● trigger the app deployment from AppController application (kubectl exec k8s-appcontroller ac-run)
  • 29. Copyright © 2015 Mirantis, Inc. All rights reserved MySQL + Wordpress Demo
  • 30. Copyright © 2015 Mirantis, Inc. All rights reserved def_db_password AppController - wordpress deployment secret: db_password def_db_deploymt deployment: mysql-deploym ent def_db_service service: db_service def_wp_deploymt deployment: wordpress-dep loyment def_wp_service service: wordpress-ser vice DB_PASS DB_HOSTNAME, DB_PASS
  • 31. Copyright © 2015 Mirantis, Inc. All rights reserved Questions/Answers
  • 32. Copyright © 2015 Mirantis, Inc. All rights reserved Q&A Q: What if I abort the deployment in the middle - how does AppController recover from partially provisioned graph? A: AppController will check the status of already provisioned resources. Will only provision the ones which are absent
  • 33. Copyright © 2015 Mirantis, Inc. All rights reserved Q&A Q: Can I run multiple AppControllers on a single K8S ? A: You can run 1 AppController per namespace
  • 34. Copyright © 2015 Mirantis, Inc. All rights reserved Q&A Q: What K8S resources can be currently wrapped into definitions? A: - Daemonset - Job - Petset - Pod - Replicaset - Service - ConfigMap - Secrets - Deployments
  • 35. Copyright © 2015 Mirantis, Inc. All rights reserved Q&A Q: How is provisioning of resources validated? A: Status of the k8s resource is checked. AppController implements also some checks of its own (e.g. for replicasets readiness probe is based on “success factor” or all resources ready. Success factor is a part of appcontroller and for services we are checking service selector and see if the backends are ready - e.g. replica sets)
  • 36. Copyright © 2015 Mirantis, Inc. All rights reserved Q&A Q: What’s on the roadmap? A: Graph notifications, reactions, error handling More resources supported Usability improvements Better documentation (incl. real-life complex examples)
  • 37. Copyright © 2015 Mirantis, Inc. All rights reserved Q&A Q: How AppController is different from Init Containers? A: Supports more complex deployments (complex graphs) Handles deps not only between containers Checks resource states (no need to implement custom probes in the container) Keeps debug logs in one place Can react to changes in the graph
  • 38. Copyright © 2015 Mirantis, Inc. All rights reserved Recording https://www.youtube.com/watch?v=7GSwSTtBAYo&utm_cont ent=38600000
  • 39. Copyright © 2015 Mirantis, Inc. All rights reserved Thank you!