10 kube commandments we ve been in the game for years
play

10 Kube Commandments We've been in the game for years That in - PowerPoint PPT Presentation

Mar 19, 2024 •341 likes •1.01k views

10 Kube Commandments We've been in the game for years That in itself is admirable There's rules to this biz We wrote y'all a manual A step-by-step conf talk for you to get... Your clusters on track And not your releases pushed back Bryan

  1. 10 Kube Commandments

  2. We've been in the game for years

  3. That in itself is admirable

  4. There's rules to this biz

  5. We wrote y'all a manual

  6. A step-by-step conf talk for you to get...

  7. Your clusters on track

  8. And not your releases pushed back

  9. Bryan Liles Staff Software Engineer Heptio Lots of years Years of Experience @bryanl

  10. Carlos Amedee Senior Software Engineer DigitalOcean Observability Cloud Compute Services Systems Engineering @cagedmantis

  11. Rule Number Uno To go fast, you must start slow

  12. Rule Number Uno To go fast, you must start deliberately

  13. Public Cloud Datacenter Your Desktop

  14. Public Cloud Datacenter Your Desktop • GKE on Google Cloud • Minikube • kubeadm • AKS on Azure • Minik8s • *lots of vendors* • *lots of vendors* • Docker for Mac or Windows

  15. Not Declarative Public Cloud Datacenter X X • GKE on Google Cloud • kubeadm • AKS on Azure • *lots of vendors* • *lots of vendors*

  16. Cluster API

  17. Number Two Always let them know your next move

  18. Your next move is the images you'll deploy to your cluster

  19. Build Image Host Image

  20. docker build

  21. docker build • buildah • img • GCP Container Builder

  22. Why are you still building your containers with root privileges?

  23. Rule Number Three Never trust nobody: Hookup up that Pod Security Policy

  24. apiVersion: extensions/v1beta1 kind: PodSecurityPolicy metadata: name: how-not-to-get-robbed spec: privileged: false runAsUser: rule: MustRunAsNonRoot seLinux: rule: RunAsAny fsGroup: rule: RunAsAny supplementalGroups: rule: RunAsAny volumes: - nfs

  25. Number Four I know you heard this before: Never get high off what Kube supplies

  26. Custom Resource Definition Custom CRD Controller

  27. Custom Resources Pattern K8s External Resource Custom CRD Controller Native Resource

  28. Custom Resources Pattern Custom CRD Operator Controller

  29. Custom Resources Pattern Native Resource Native Custom CRD Resource Controller Native Resource

  30. Rule Number Five Communicating With Pods Never Mix Internal and External Traffic

  31. Ingress Tra ffi c

  32. Cluster IP apiVersion: v1 Proxy kind: Service metadata: name: sample-service spec: selector: app: sample-app Service type: ClusterIP ports: - name: http port: 80 targetPort: 80 protocol: TCP Pod Pod Pod

  33. Node Port Service apiVersion: v1 kind: Service metadata: name: my-nodeport-service spec: Pod Pod Pod Pod selector: app: my-app type: NodePort ports: - name: http port: 80 targetPort: 80 nodePort: 30036 protocol: TCP

  34. Load Balancer Load Balancer apiVersion: v1 kind: Service metadata: name: sample-lb Service spec: selector: app: some-app type: LoadBalancer ports: - name: http port: 80 Pod Pod Pod targetPort: 80 protocol: TCP

  35. Ingress apiVersion: extensions/v1beta1 Ingress kind: Ingress metadata: name: my-ingress spec: backend: serviceName: other Service Service servicePort: 8080 rules: - host: foo.mydomain.com http: paths: - backend: serviceName: foo Pod Pod Pod Pod Pod Pod servicePort: 8080 - host: mydomain.com http: paths: - path: /bar/* backend: serviceName: bar servicePort: 8080

  36. Egress Tra ffi c

  37. Egress apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: sample-network-policy spec: podSelector: matchLabels: role: my-app policyTypes: - Egress egress: - to: - ipBlock: cidr: 10.0.0.0/24

  38. Service Mesh

  39. Rule Number Six If You Think You Know What’s Happening In Your Cluster… Forget it.

  40. Observability What’s happening in your cluster?

  41. What’s happening on your cluster?

  42. Metrics and Alerting

  43. Logging

  44. Distributed Tracing

  45. Observability Dashboard

  46. Horizontal Pod Autoscaler

  47. Rule Number Seven Keep your storage and the business rules to manage it completely separated.

  48. Storage

  49. Easily create your own storage implementation

  50. Persistent Volume Snapshots

  51. Number 8: Using Tools

  52. Package Configuration Management Management

  53. Package Management • Helm 2 • Bounds of YAML

  54. Configuration Management • ksonnet • Pulumi • Ballerina

  56. Other types of tools? • ska ff old • kustomize

  57. Number 9: Extending Kubernetes

  58. What happens if you get an API for free?

  59. What happens when you outgrow the Kubernetes API?

  60. Number 10: A live word called refinement -- Building On Kubernetes

  61. App 1 App 2 App 3 Cluster "On top of Kubernetes"

  62. App 1 App 2 App 3 Cluster "On Kubernetes"

  63. Follow these rules

  64. You'll have mad bread to break up

  65. If not, 24 hours of on-call with constant wake ups.

Recommend

The Ten Commandments: Commandments 1-3 The Ten Commandments God chose the Israelites,

The Ten Commandments: Commandments 1-3 The Ten Commandments God chose the Israelites,

The Ten Commandments: Commandments 1-3 The Ten Commandments God chose the Israelites, descendants of Abraham, to be people particularly holy to Himself. To them was given the promise of the Messiah, who would be the Savior of the

549 views • 22 slides
RCIA 6: The First Three Commandments 6: The First Three Commandments Scene from the movie The

RCIA 6: The First Three Commandments 6: The First Three Commandments Scene from the movie The

9/2/2019 RCIA 6: The First Three Commandments 6: The First Three Commandments Scene from the movie The Ten Commandments 2 6: The First Three Commandments Exodus 20:2-17 3 1 9/2/2019 6: The First Three Commandments Gods Law

465 views • 12 slides
Review of Synchrotron Radiation based Diagnostics for Transverse Profile Measurements Gero Kube

Review of Synchrotron Radiation based Diagnostics for Transverse Profile Measurements Gero Kube

Review of Synchrotron Radiation based Diagnostics for Transverse Profile Measurements Gero Kube DESY / MDI gero.kube@desy.de Introduction Small Emittance Measurements Non-standard Profile Measurements D eutsches E lektronen SY

705 views • 55 slides
Kube-Knots: Resource Harvesting through Dynamic Container Orchestration in GPU-based Datacenters

Kube-Knots: Resource Harvesting through Dynamic Container Orchestration in GPU-based Datacenters

Kube-Knots: Resource Harvesting through Dynamic Container Orchestration in GPU-based Datacenters Prashanth Thinakaran , Jashwant Raj Gunasekaran, Bikash Sharma, Chita Das, Mahmut Kandemir September 25th, IEEE CLUSTER19 Motivation Sub-PF GPU

942 views • 32 slides
The 10 Commandments of Release Engineering Dinah McNutt Google, Inc. Overview This talk is

The 10 Commandments of Release Engineering Dinah McNutt Google, Inc. Overview This talk is

The 10 Commandments of Release Engineering Dinah McNutt Google, Inc. Overview This talk is really about "Build & Release", not just "Release" Focus is on server-side software The commandments are solutions to

358 views • 16 slides
Pencil Beam Scanning (PBS) in Radiotherapy of Malignant Lymphomas J. Kube PTC Prague, Czech

Pencil Beam Scanning (PBS) in Radiotherapy of Malignant Lymphomas J. Kube PTC Prague, Czech

Pencil Beam Scanning (PBS) in Radiotherapy of Malignant Lymphomas J. Kube PTC Prague, Czech Rep. Why proton beam therapy Why protons ? - Have Br Bragg peak and th they stop op in in th the tis tissue - Radio iobiological effec

452 views • 33 slides
e-Bug Junior Game Junior Game Game Style Game Process Demo Game Mechanics and

e-Bug Junior Game Junior Game Game Style Game Process Demo Game Mechanics and

e-Bug Junior Game Junior Game Game Style Game Process Demo Game Mechanics and Learning Outcomes Feedback to date and evaluation plans Game Style Game style encompasses two genres of game o Platform game fast action

575 views • 22 slides
e-Bug Senior Game Senior Game Game Style Game Process Demo Game Puzzles and

e-Bug Senior Game Senior Game Game Style Game Process Demo Game Puzzles and

e-Bug Senior Game Senior Game Game Style Game Process Demo Game Puzzles and Learning Outcomes Feedback to date and evaluation plans Game Style Game is a detective game where the player investigates microbial problems.

572 views • 19 slides
Introduction Let's start with an extreme example. After three years on the market, according to

Introduction Let's start with an extreme example. After three years on the market, according to

Introduction Let's start with an extreme example. After three years on the market, according to analytics site Think Gaming 's estimates, the tower defense hit game Clash of Clans is still the top grossing mobile game today, bringing in an

812 views • 38 slides
D r o u g h 33.6 -45.5 33.6 -45.5 11 years 5.4 years 11 years 5.4 years years t

D r o u g h 33.6 -45.5 33.6 -45.5 11 years 5.4 years 11 years 5.4 years years t

D r o u g h 33.6 -45.5 33.6 -45.5 11 years 5.4 years 11 years 5.4 years years t years Figure 2. Precipitation anomalies during 11 years of the dust bowl (1930-1940) Station Set-up Montana Mesonet January 2018 4 36 ranchers

533 views • 36 slides
LET US PRAY FOR BILLY JOEL 1 THE GREATEST COMMANDMENTS One of them, a lawyer, asked Him a

LET US PRAY FOR BILLY JOEL 1 THE GREATEST COMMANDMENTS One of them, a lawyer, asked Him a

LET US PRAY FOR BILLY JOEL 1 THE GREATEST COMMANDMENTS One of them, a lawyer, asked Him a question , testing 2 Him, Teacher, which is the great commandment in the Law? And He said to him, Y OU SHALL LOVE YHWH YOUR G OD WITH ALL

286 views • 26 slides
THE TEN COMMANDMENTS. People who want to live or work together make rules for themselves. The

THE TEN COMMANDMENTS. People who want to live or work together make rules for themselves. The

THE TEN COMMANDMENTS. People who want to live or work together make rules for themselves. The rules give them freedom to live as they wish, but at the same time, be responsible for the happiness of the whole group. This story is found in the

677 views • 11 slides
in the InsurTech Game Winners & Losers in the InsurTech Game The emergence of InsurTech has

in the InsurTech Game Winners & Losers in the InsurTech Game The emergence of InsurTech has

Winners & Losers in the InsurTech Game Winners & Losers in the InsurTech Game The emergence of InsurTech has dramatically impacted the traditional insurance space in recent years, and the increasing levels of interest and investment

339 views • 5 slides
2018 Annual Meeting OUTLINE Ten Commandments for Hydrogeologists Groundwater Flow Modeling

2018 Annual Meeting OUTLINE Ten Commandments for Hydrogeologists Groundwater Flow Modeling

presented by Steven T. Finch, Jr. CPG, PG JSAI 2018 Annual Meeting OUTLINE Ten Commandments for Hydrogeologists Groundwater Flow Modeling Concepts Pressure Response Versus Travel Time Head Gradients Well Construction and data

472 views • 20 slides
12 Commandments of Monitors in Python Synchronization class BK: def __init__(self): I. Thou

12 Commandments of Monitors in Python Synchronization class BK: def __init__(self): I. Thou

12 Commandments of Monitors in Python Synchronization class BK: def __init__(self): I. Thou shalt name your self.lock = Lock() VIII. Honor thy shared synchronization variables data with an invariant, properly self.hungrykid =

670 views • 27 slides
AGE* 13 YEARS OF AGE AND OLDER PREVIOUS GAME EXPERIENCE* NA PREVIOUS CERTIFICATION EXPERIENCE*

AGE* 13 YEARS OF AGE AND OLDER PREVIOUS GAME EXPERIENCE* NA PREVIOUS CERTIFICATION EXPERIENCE*

GRASSROO SSROOT T CER ERTIFIC FICATIO ATION N REQ EQUIREM REMEN ENTS ENROLLMENT REGISTRATION AGE* 13 YEARS OF AGE AND OLDER PREVIOUS GAME EXPERIENCE* NA PREVIOUS CERTIFICATION EXPERIENCE* NA TRAINING ONLINE + IN-PERSON GRASSROOTS

332 views • 19 slides
ANB Futbol 2015 ANB FUTBOL FUTURO Phase 2 intro to the next seven years November, 2014 1

ANB Futbol 2015 ANB FUTBOL FUTURO Phase 2 intro to the next seven years November, 2014 1

12/1/2014 Results Competitiveness Performance ANB Futbol 2015 ANB FUTBOL FUTURO Phase 2 intro to the next seven years November, 2014 1 12/1/2014 Global Game Futbol is the worlds game the beautiful game Futbol Education

389 views • 12 slides
1 What a Game is Not Outline A bunch of cool features What is a Game? Necessary, but

1 What a Game is Not Outline A bunch of cool features What is a Game? Necessary, but

Outline What is a Game? The Game Development Genres Process: Genres What is a Game? (1 of 4) What is a Game? (2 of 4) Movie? Movie? No interaction , outcome fixed Toy? Toy? Puzzle? No goal , but still fun!

512 views • 4 slides
Rally-Owl Overview of Rally-Owl Game This game is based off of Rally-X The goal of the game is

Rally-Owl Overview of Rally-Owl Game This game is based off of Rally-X The goal of the game is

Rally-Owl Overview of Rally-Owl Game This game is based off of Rally-X The goal of the game is to collect all 10 flags before losing all your lives The game makes use of a horizontally and vertically scrolling map This game implements a

101 views • 8 slides
W W W . E N V R M N T . C O M Raheel Khalid - @rkhalid890 A game industry and operating systems

W W W . E N V R M N T . C O M Raheel Khalid - @rkhalid890 A game industry and operating systems

W W W . E N V R M N T . C O M Raheel Khalid - @rkhalid890 A game industry and operating systems veteran that serves as the Chief Engineer for Verizon Labs. Using years of experience in building large scale game engines and graphics platforms I

473 views • 23 slides
GTC Raheel Khalid 09/15/16 1 Who am I? Raheel Khalid - @rkhalid890 A game industry and

GTC Raheel Khalid 09/15/16 1 Who am I? Raheel Khalid - @rkhalid890 A game industry and

GTC Raheel Khalid 09/15/16 1 Who am I? Raheel Khalid - @rkhalid890 A game industry and operating systems veteran that serves as the Chief Engineer for Verizon Labs. Using years of experience in building large scale game engines and graphics

695 views • 32 slides
Game interoperability with functors functor AgsFun (structure Game : GAME) :> sig structure

Game interoperability with functors functor AgsFun (structure Game : GAME) :> sig structure

Game interoperability with functors functor AgsFun (structure Game : GAME) :> sig structure Game : GAME val bestmove : Game.config -> Game.Move.move option val forecast : Game.config -> Player.outcome end where type Game.Move.move =

247 views • 22 slides
X4 Nick Maggini X4 - The Game The classic game of Connect Four or Four-in-a-Row. Game

X4 Nick Maggini X4 - The Game The classic game of Connect Four or Four-in-a-Row. Game

X4 Nick Maggini X4 - The Game The classic game of Connect Four or Four-in-a-Row. Game board is 7x6 Two player game, each get a color Players alternate until four tokens of the same color make a line Stalemates are possible

891 views • 13 slides
The name of the game: BASKIN ITALY https://www.youtube.com/watch?v=yttF1D_C9ok Game Basics Type

The name of the game: BASKIN ITALY https://www.youtube.com/watch?v=yttF1D_C9ok Game Basics Type

The name of the game: BASKIN ITALY https://www.youtube.com/watch?v=yttF1D_C9ok Game Basics Type of the game: Ball game Character of the game: Competitive Aim of the game: To score more points and goals than the opponent team. Number of players:

333 views • 6 slides

More recommend