developing kubernetes services
play

Developing Kubernetes Services at Airbnb Scale @MELANIECEBULA What - PowerPoint PPT Presentation

Oct 11, 2022 •620 likes •1.74k views

@MELANIECEBULA / MARCH 2019 / CON LONDON Developing Kubernetes Services at Airbnb Scale @MELANIECEBULA What is kubernetes? @MELANIECEBULA Who am I? A BRIEF HISTORY @MELANIECEBULA Why Microservices? 4000000 3000000 2000000 MONOLITH

  1. @MELANIECEBULA kubernetes config files Production Canary Dev Deployment Deployment Deployment kubectl apply kubernetes Production Canary Dev kubernetes cluster ConfigMap ConfigMap ConfigMap verbose Dev repetitive by Production Canary Service Service namespace Service P

  2. @MELANIECEBULA k tool KUBECTL WRAPPER Production Canary Dev Deployment Deployment Deployment kubectl apply Production Canary Dev kubernetes cluster ConfigMap ConfigMap ConfigMap calls kubectl commands (incl. Dev Production Canary plugins) Service Service Service

  3. @MELANIECEBULA k tool OPINIONATED KUBECTL

  4. @MELANIECEBULA • Runs in the project home directory: 
 $ cd /path/to/bonk $ k status • Environment variables for arguments: k tool standardized $ k status ENV=staging USES ENV VARS namespaces! • Prints the command that it will execute: 
 $ k status ENV=staging kubectl get pods --namespace=bonk-staging

  5. @MELANIECEBULA • k generate generates kubernetes fj les • k build performs project build, docker build and k tool docker push with tags • k deploy creates namespace, applies/replaces SIMPLIFIES BUILDS AND DEPLOYS kubernetes fj les, sleeps and checks deployment status • can chain commands; ex: k all

  6. @MELANIECEBULA • defaults to random pod, main container: $ k ssh ENV=staging k tool • specify particular pod, speci fj c container: A DEBUGGING TOOL $ k logs ENV=staging POD=… CONTAINER=bonk • automates debugging with k diagnose ENV=staging

  7. @MELANIECEBULA • defaults to random pod, main container: call kubectl diagnose $ k ssh ENV=staging k tool • specify particular pod, speci fj c container: A DEBUGGING TOOL $ k logs ENV=staging POD=… CONTAINER=bonk • automates debugging with k diagnose ENV=staging

  8. @MELANIECEBULA What are kubectl plugins?

  9. @MELANIECEBULA What are kubectl plugins?

  10. @MELANIECEBULA k diagnose SETUP deploy bonk service with failing command new pod in CrashLoopBackoff

  11. @MELANIECEBULA k diagnose MANUALLY 1. use “get pods - o=yaml” and look for problems 2. grab logs for unready container

  12. @MELANIECEBULA k diagnose MANUALLY 3. get k8s events related to this pod

  13. @MELANIECEBULA kubectl podevents KUBECTL PLUGIN kubectl podevents plugin

  14. @MELANIECEBULA // defines CLI command and flags kubectl diagnose var Namespace string USES COBRA GO CLI var rootCmd = &cobra.Command{ Use: “kubectl diagnose —namespace<namespace>" Short: “diagnoses a namespace with pods in CrashLoopBackOff” Run: func(cmd *cobra.Command, arg[]string) { // Fill in with program logic } } func Execute() { rootCmd.Flags().StringVarP(&Namespace, "namespace", "n", “”) rootCmd.MarkFlagRequired("namespace") if err := rootCmd.Execute(); err != nil { fmt.Println(err) os.Exit(1) }

  15. @MELANIECEBULA // get pods (assume Namespace is defined) kubectl diagnose kubeconfig := filepath.Join(os.Getenv("HOME"), ".kube","config") USES K8S CLIENT-GO config, err := clientcmd.BuildConfigFromFlags("", kubeconfig) if err != nil { … } clientset, err := kubernetes.NewForConfig(config) if err != nil { … } pods, err := uses k8s client-go clientset.CoreV1().Pods(Namespace).List(metav1.ListOptions{}) and Namespace fmt.Printf("There are %d pods in the namespace %s\n", param to get pods len(pods.Items), Namespace) for _, pod := range pod.Items { podName := pod.Name for _, c := range pod.Status.ContainerStatuses { if c.Ready != true { // print c.LastTerminatedState and c.State } }

  16. @MELANIECEBULA // get pods (assume Namespace is defined) kubectl diagnose kubeconfig := filepath.Join(os.Getenv("HOME"), ".kube","config") USES K8S CLIENT-GO config, err := clientcmd.BuildConfigFromFlags("", kubeconfig) if err != nil { … } clientset, err := kubernetes.NewForConfig(config) if err != nil { … } pods, err := clientset.CoreV1().Pods(Namespace).List(metav1.ListOptions{}) fmt.Printf("There are %d pods in the namespace %s\n", len(pods.Items), Namespace) for _, pod := range pod.Items { podName := pod.Name for _, c := range pod.Status.ContainerStatuses { if c.Ready != true { prints info for all unready containers // print c.LastTerminatedState and c.State } }

  17. @MELANIECEBULA // get pod events for namespace and pod kubectl diagnose cmd := exec.Command("kubectl", "podevents", Namespace, podName) USES OS/EXEC (WHEN LAZY) var out bytes.Buffer podevents kubectl var stderr bytes.Buffer plugin cmd.Stdout = &out cmd.Stderr = &stderr err := cmd.Run() if err != nil { fmt.Println(fmt.Sprint(err) + ": " + stderr.String()) log.Fatal(err) } else { fmt.Println("Events: \n" + out.String()) } } // also grab logs cmd = exec.Command("kubectl", "logs", podname, fmt.Sprintf("-- namespace=%s", Namespace), "-c", "bonk")

  18. @MELANIECEBULA kubectl diagnose GO KUBECTL PLUGIN

  19. @MELANIECEBULA kubectl diagnose GO KUBECTL PLUGIN 1. unready container info

  20. @MELANIECEBULA kubectl diagnose GO KUBECTL PLUGIN 1. unready container info 2. kubectl podevents

  21. @MELANIECEBULA kubectl diagnose GO KUBECTL PLUGIN 1. unready container info 2. kubectl podevents 3. pod logs for unready containers

  22. Takeaways • Create an opinionated kubectl wrapper • Automate common k8s workflows with kubectl plugins

  23. CI/CD

  25. Each step in our CI /CD jobs are RUN steps in a build Dockerfile

  26. runs k commands

  27. DEPLOY PROCESS

  28. @MELANIECEBULA A single deploy process for every change Develop Merge Deploy Write code and config Open a PR and merge Deploy all code and under your project your code to master config changes

  29. @MELANIECEBULA A single deploy process for every change Project Deployment AWS Storage ownership kubectl kubectl apply apply Service kubernetes cluster ConfigMap Alerts Docs Discovery API Gateway Service Dashboards Secrets Routes

  30. @MELANIECEBULA How do we apply k8s configuration? • kubectl apply all files Deployment • in some cases where apply “kubectl fails, replace files without apply” force kubernetes cluster • always restart pods on ConfigMap deploy to pick up changes • return atomic success or failure state by sleeping and checking status Service

  31. @MELANIECEBULA How do you always restart pods on deploy? We add a date label Deployment to the pod spec, which convinces k8s kubectl kubectl to relaunch all pods apply apply kubernetes cluster ConfigMap Service

  32. @MELANIECEBULA How do we apply custom configuration?

  33. @MELANIECEBULA How do we apply custom configuration? kubectl kubectl apply apply kubernetes cluster aws.yml AWS AWS AWS CRD Controller webhook

  34. @MELANIECEBULA How do we apply custom configuration? 1. Create a custom kubectl kubectl apply apply resource definition for aws.yml kubernetes cluster aws.yml AWS AWS AWS CRD Controller webhook

  35. @MELANIECEBULA How do we apply custom configuration? 2. Create a controller kubectl kubectl that calls a web hook apply apply when aws.yml is kubernetes cluster applied aws.yml AWS AWS AWS CRD Controller webhook

  36. @MELANIECEBULA How do we apply custom configuration? 3. Create a web hook kubectl kubectl that updates a apply apply custom resource kubernetes cluster aws.yml AWS AWS AWS CRD Controller webhook

  37. @MELANIECEBULA How do we apply custom configuration? 4. AWS lambda exposes web hook to be called AWS AWS AWS lambda AWS CRD Controller webhook

  38. Takeaways • Code and configuration should be deployed with the same process • Use custom resources and custom controllers to integrate k8s with your infra

  39. VALIDATION

  40. @MELANIECEBULA • enforce best practices • at build time with validation scripts Configuration • at deploy time with admission controller SHOULD BE VALIDATED

  41. @MELANIECEBULA How do we validate configuration at build time?

  42. @MELANIECEBULA How do we validate configuration at build time? project.yml validation script global job dispatcher kube project docs validation validation script build build jobs bonk CI jobs aws .yml validation script global jobs repo

  43. @MELANIECEBULA How do we validate configuration at build time? project.yml validation script global job dispatcher kube project docs validation validation script build build jobs 1. Define global job in bonk CI jobs aws .yml global jobs repo validation script global jobs repo

  44. @MELANIECEBULA How do we validate configuration at build time? project.yml validation script global job dispatcher kube project docs validation validation script build build jobs 2. job dispatcher always dispatches bonk CI jobs aws .yml global jobs to validation script projects global jobs repo

Recommend

Airflow on Kubernetes: Containerizing your Workflows By Michael Hewitt Agenda Kubernetes

Airflow on Kubernetes: Containerizing your Workflows By Michael Hewitt Agenda Kubernetes

Airflow on Kubernetes: Containerizing your Workflows By Michael Hewitt Agenda Kubernetes Overview 1 Airflows integration with Kubernetes 2 Deployment of Airflow on Kubernetes 3 Kubernetes Pod Operator and its benefits 4 DAG Development

2.79k views • 14 slides
Python, Docker, Kubernetes, Python, Docker, Kubernetes, and beyond? and beyond? Peter Bbics

Python, Docker, Kubernetes, Python, Docker, Kubernetes, and beyond? and beyond? Peter Bbics

Python, Docker, Kubernetes, Python, Docker, Kubernetes, and beyond? and beyond? Peter Bbics Peter Bbics | EuroPython 2018 EuroPython 2018 July 25, 2018 July 25, 2018 Based in Prague Small team of developers Developing a trading

361 views • 20 slides
Continuous Kubernetes Security @sublimino and @controlplaneio Im: - Andy - Dev-like -

Continuous Kubernetes Security @sublimino and @controlplaneio Im: - Andy - Dev-like -

Continuous Kubernetes Security @sublimino and @controlplaneio Im: - Andy - Dev-like - Sec-ish - Ops-y Is this Kubernetes cluster secure? EPIC FAIL GIF How secure is Kubernetes? What this Kubernetes talk is about Common Pwns

1.18k views • 113 slides
Kubernetes Matthias Haeussler Mirna Alaisami Overview Overview Kubernetes is an open-source

Kubernetes Matthias Haeussler Mirna Alaisami Overview Overview Kubernetes is an open-source

Kubernetes Matthias Haeussler Mirna Alaisami Overview Overview Kubernetes is an open-source platform designed to automate deploying , scaling , and operating application containers . Kubernetes v1.0 was released in 2015. It utilizes

916 views • 52 slides
K8s or Die! You must do Kubernetes. Or should you? If so when, where, why? How?! Marco Ceppi

K8s or Die! You must do Kubernetes. Or should you? If so when, where, why? How?! Marco Ceppi

K8s or Die! You must do Kubernetes. Or should you? If so when, where, why? How?! Marco Ceppi @marcoceppi Ryan Beisner @ryanbeisner Why Kubernetes Computing in the modern age Virtual Process Machines Containers Traditional Container

516 views • 24 slides
From Laptop to the World With Kubernetes @saturnism @googlecloud #kubernetes Ray Tsang

From Laptop to the World With Kubernetes @saturnism @googlecloud #kubernetes Ray Tsang

From Laptop to the World With Kubernetes @saturnism @googlecloud #kubernetes Ray Tsang Developer Advocate Google Cloud Platform @saturnism | +RayTsang @saturnism @googlecloud #kubernetes Ray Tsang Developer Architect Traveler

1.29k views • 65 slides
Contributing to kubernetes Who am I? Senior Software Engineer at Gojek Organizer at Kubernetes

Contributing to kubernetes Who am I? Senior Software Engineer at Gojek Organizer at Kubernetes

Contributing to kubernetes Who am I? Senior Software Engineer at Gojek Organizer at Kubernetes &amp; Cloud Native Meetups in Jakarta and Bandung https://www.meetup.com/jakarta-kubernetes/ https://www.meetup.com/Microservice-JKT/ You can find

709 views • 47 slides
Kubernetes Networking and Istio Apurva Bhandari $whoami SRE / DevOps Docker &amp; Kubernetes

Kubernetes Networking and Istio Apurva Bhandari $whoami SRE / DevOps Docker &amp; Kubernetes

Kubernetes Networking and Istio Apurva Bhandari $whoami SRE / DevOps Docker &amp; Kubernetes Enthusiast Speaker at Meetups Email: apurvbhandari@gmail.com LinkedIn: https://www.linkedin.com/in/apurvabhandari-linux GitHub:

2.17k views • 28 slides
Kubernetes APIs Under the Hood @pwittrock Who Am I? Phillip Wittrock (@pwittrock) Software

Kubernetes APIs Under the Hood @pwittrock Who Am I? Phillip Wittrock (@pwittrock) Software

Kubernetes APIs Under the Hood @pwittrock Who Am I? Phillip Wittrock (@pwittrock) Software Engineer at Google working on GKE and OSS Kubernetes My mission is to make using Kubernetes simple and enjoyable You might have come across me

1.12k views • 27 slides
Stateful workloads on kubernetes with ceph Agenda CaaS Kubernetes

Stateful workloads on kubernetes with ceph Agenda CaaS Kubernetes

Stateful workloads on kubernetes with ceph Agenda CaaS Kubernetes Ceph Storage Operation NVRAMOS 2019 10/28/2019 Cloud Service Model On Premises IaaS CaaS PaaS SaaS Applications Applications

660 views • 36 slides
Kubernetes Administration from Zero to (junior) Hero Lszl Budai Component Soft Ltd.

Kubernetes Administration from Zero to (junior) Hero Lszl Budai Component Soft Ltd.

Kubernetes Administration from Zero to (junior) Hero Lszl Budai Component Soft Ltd. Agenda 1.Introduction 2.Accessing the kubernetes API 3.Kubernetes workloads 4.Accessing applications 5.Volumes and persistent storage 2 (c) 2018

1.17k views • 57 slides
OpenStack on Kubernetes: Make OpenStack and Kubernetes Fail-Safe Seungkyu Ahn (ahnsk@sk.com)

OpenStack on Kubernetes: Make OpenStack and Kubernetes Fail-Safe Seungkyu Ahn (ahnsk@sk.com)

OpenStack on Kubernetes: Make OpenStack and Kubernetes Fail-Safe Seungkyu Ahn (ahnsk@sk.com) Jaesuk Ahn (jay.ahn@sk.com) Open System Lab Network IT Convergence R&amp;D Center SK Telecom Wil Reichert (wil@solinea.com) Solinea What will

1.26k views • 46 slides
Lessons learnt building Kubernetes controllers David Cheney - Heptio gday Craig McLuckie

Lessons learnt building Kubernetes controllers David Cheney - Heptio gday Craig McLuckie

Lessons learnt building Kubernetes controllers David Cheney - Heptio gday Craig McLuckie and Joe Beda 2/3rds of a pod Connaissez-vous Kubernetes? Kubernetes is an open-source system for automating deployment, scaling, and

747 views • 63 slides
Kubernetes on ARM64 Kubernetes on ARM64 Raspberry PI 4 Kubernetes cloud for a Raspberry PI 4

Kubernetes on ARM64 Kubernetes on ARM64 Raspberry PI 4 Kubernetes cloud for a Raspberry PI 4

Kubernetes on ARM64 Kubernetes on ARM64 Raspberry PI 4 Kubernetes cloud for a Raspberry PI 4 Kubernetes cloud for a few Euros! few Euros! Jean-Frederic Clere Jean-Frederic Clere @jfclere @jfclere Fosdem 2020 Feb. 1-2, 2020 TM Who am I?

529 views • 26 slides
Lecture 3: Kubernetes AC295 AC295 Advanced Practical Data Science Pavlos Protopapas Outline

Lecture 3: Kubernetes AC295 AC295 Advanced Practical Data Science Pavlos Protopapas Outline

Lecture 3: Kubernetes AC295 AC295 Advanced Practical Data Science Pavlos Protopapas Outline 1: Communications 2: Recap 3: Introduction to Kubernetes 4: Creating and Running Containers | Review 5: Anatomy of a Kubernetes Cluster 6:

821 views • 38 slides
Highly available cross-region deployments with Kubernetes Bastian Hofmann @BastianHofmann

Highly available cross-region deployments with Kubernetes Bastian Hofmann @BastianHofmann

Highly available cross-region deployments with Kubernetes Bastian Hofmann @BastianHofmann Container orchestration platform Deploy, run and scale your services in isolated containers No vendor lock in Standardized APIs Runs on Your laptop

2.39k views • 139 slides
Data Management in Kubernetes Using Kanister T om Manville | April 25th, 2018 2 3 4 yes* 5

Data Management in Kubernetes Using Kanister T om Manville | April 25th, 2018 2 3 4 yes* 5

Data Management in Kubernetes Using Kanister T om Manville | April 25th, 2018 2 3 4 yes* 5 Database Operations in Kubernetes kanister.io 6 Agenda Background DB in a container DB in Kubernetes Kanister Use

767 views • 42 slides
OPENSTACK + KUBERNETES + HYPERCONTAINER The Container Platform for NFV ABOUT ME Harry Zhang

OPENSTACK + KUBERNETES + HYPERCONTAINER The Container Platform for NFV ABOUT ME Harry Zhang

OPENSTACK + KUBERNETES + HYPERCONTAINER The Container Platform for NFV ABOUT ME Harry Zhang ID: @resouer Coder, Author, Speaker Member of Hyper Feature Maintainer &amp; Project Manager of Kubernetes sig-scheduling,

3.57k views • 46 slides
Developing Checkpointing and Recovery Procedures with the Storage Services of Amazon Web Services

Developing Checkpointing and Recovery Procedures with the Storage Services of Amazon Web Services

Developing Checkpointing and Recovery Procedures with the Storage Services of Amazon Web Services Luan Teylo 1 , Rafaela C. Brum 1 , Luciana Arantes 2 , Pierre Sens 2 and Lcia M. A. Drummond 1 1 Federal Fluminense University - IC/UFF 2 Sorbonne

861 views • 28 slides
Rootless Kubernetes Running Kubernetes and CRI/OCI Runtimes as an unprivileged user Akihiro Suda

Rootless Kubernetes Running Kubernetes and CRI/OCI Runtimes as an unprivileged user Akihiro Suda

FOSDEM (Feb 3, 2019) Rootless Kubernetes Running Kubernetes and CRI/OCI Runtimes as an unprivileged user Akihiro Suda / NTT (@_AkihiroSuda_) Giuseppe Scrivano / Red Hat (@gscrivano) 1 Who are we? Akihiro Suda Giuseppe Scrivano Software

552 views • 23 slides
Bringing Security and Multi- tenancy to Kubernetes Lei (Harry) Zhang About Me Lei (Harry)

Bringing Security and Multi- tenancy to Kubernetes Lei (Harry) Zhang About Me Lei (Harry)

Bringing Security and Multi- tenancy to Kubernetes Lei (Harry) Zhang About Me Lei (Harry) Zhang @resouer #CNCF member, #Microsoft MVP Previous: VMware, Baidu Feature Maintainer of Kubernetes HyperCrew: https://hyper.sh/

609 views • 40 slides
Where does CoreOS fit in? Automating Monitoring infrastructure Prometheus + Kubernetes

Where does CoreOS fit in? Automating Monitoring infrastructure Prometheus + Kubernetes

Alertmanager and high availability Frederic Branczyk Software Engineer at CoreOS Prometheus/Alertmanager/Kubernetes @brancz Where does CoreOS fit in? Automating Monitoring infrastructure Prometheus + Kubernetes What will I be talking

488 views • 29 slides
BUSINESS WITH IMPACT (BEAM) in developing markets Program funding &amp; services Our goal is

BUSINESS WITH IMPACT (BEAM) in developing markets Program funding &amp; services Our goal is

BUSINESS WITH IMPACT (BEAM) in developing markets Program funding &amp; services Our goal is to help companies and their partners achieve business with impacts in developing markets, globalize and grow Contents 1 Why are developing

681 views • 18 slides
JUG Bern Real World Kubernetes Agenda - Introduction Agenturclient - Architecture

JUG Bern Real World Kubernetes Agenda - Introduction Agenturclient - Architecture

JUG Bern Real World Kubernetes Agenda - Introduction Agenturclient - Architecture Agenturclient - Kubernetes Deployment - HA-Setup - Demo - Istio Introduction Florian Lscher Software Engineer and Co-Founder Skills CV Solution

1.48k views • 70 slides

More recommend