Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Esegui pod serverless con Amazon EKS e AWS Fargate

1,392 views

Published on

Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi

  • Be the first to comment

  • Be the first to like this

Esegui pod serverless con Amazon EKS e AWS Fargate

  1. 1. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Esegui pod serverless con Amazon EKS e AWS Fargate Alessandro Micco, AWS Partner Solutions Architect
  2. 2. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Make AWS the BEST PLACE to run KUBERNETES
  3. 3. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Production Workloads Native and upstream Seamless integrations OSS Contribution
  4. 4. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Production workloads Single tenant Multi-AZ and highly available architecture by default 99.95% Service Level Agreement for every cluster
  5. 5. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Native and upstream Upstream conformant Integration testing with Kubernetes tooling APIs and existing tooling just work
  6. 6. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. OSS contributions AWS contributes bug fixes, security patches, and tooling improvements Open-source components Contribute to or maintain over 30 OSS projects on GitHub for Kubernetes
  7. 7. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Seamless integrations Identity Audits Routing Compliance Monitoring Logging Ingress Security Databases Networking Storage
  8. 8. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. All the building blocks for Kubernetes in one place
  9. 9. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Containers options on AWS – over time Docker Host AWS Cloud AWSmanagedCustomermanaged
  10. 10. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Containers options on AWS – over time Amazon ECS EC2 Container Instances Auto Scaling group 2015 ECS API Docker Host AWS Cloud AWSmanagedCustomermanaged
  11. 11. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Containers options on AWS – over time AWS Fargate Amazon ECS EC2 Container Instances Auto Scaling group 2017 ECS API Docker Host AWS Cloud AWSmanagedCustomermanaged
  12. 12. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Containers options on AWS – over time AWS Fargate Amazon ECS EC2 Container Instances Auto Scaling group Worker nodes Auto Scaling group DIY K8S ECS API K8s API Docker Host AWS Cloud AWSmanagedCustomermanaged
  13. 13. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Containers options on AWS – over time AWS Fargate Amazon ECSAmazon EKS EC2 Container Instances Auto Scaling group Worker nodes Auto Scaling group DIY K8S 2018 K8s API ECS API K8s API Docker Host AWS Cloud AWSmanagedCustomermanaged
  14. 14. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Management of the Kubernetes control plane Phase 1
  15. 15. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Management of the Kubernetes control plane Phase 1 Phase 2 Management of the Kubernetes data plane
  16. 16. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Containers options on AWS – over time AWS Fargate Amazon ECSAmazon EKS EC2 Container Instances Auto Scaling group Managed Node Groups Auto Scaling group Worker nodes Auto Scaling group DIY K8S 2019 K8s API ECS API K8s API Docker Host AWS Cloud AWSmanagedCustomermanaged
  17. 17. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Containers options on AWS – over time AWS Fargate Amazon ECSAmazon EKS EC2 Container Instances K8s API ECS API AWS Cloud Auto Scaling group Managed Node Groups Auto Scaling group Worker nodes Auto Scaling group DIY K8S re:Invent 2019 Docker Host K8s API AWSmanagedCustomermanaged
  18. 18. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon EKS on Fargate Bring existing pods Production ready Rightsized and integrated You don’t need to change your existing pods. Fargate works with existing workflows and services that run on Kubernetes. Launch pods quickly. Easily run pods across multiple AZs for high availability. Each pod runs in an isolated compute environment. Only pay for the resources you need to run your pods. Includes native AWS integrations for networking and security.
  19. 19. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What matters for Fargate Fargate is a serverless compute platform for containers on AWS The differences between using EKS and ECS with Fargate are driven by the orchestration system
  20. 20. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. The EC2 flow at 33,000 feet Amazon EC2 Customer AccountAWS VPC PodService You have to manage this capacity (e.g., with ASGs) Run a container on EC2 for me, please EC2 Control Plane ENI
  21. 21. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. The Fargate flow at 33,000 feet Customer AccountAWS Control Plane VPC AWS Fargate Run a container on FARGATE for me, please You don’t have to manage capacity FARGATE PodService ENI
  22. 22. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Fargate Managed nodes Unmanaged nodes Units of work Pod Pod and EC2 Pod and EC2 Unit of charge Pod EC2 EC2 Fargate Vs. (Un)Managed Nodes
  23. 23. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Fargate Managed nodes Unmanaged nodes Units of work Pod Pod and EC2 Pod and EC2 Unit of charge Pod EC2 EC2 Host lifecycle There is no visible host AWS (SSH is allowed) Customer Host AMI There is no visible host AWS vetted AMIs Customer BYO Fargate Vs. (Un)Managed Nodes
  24. 24. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Fargate Managed nodes Unmanaged nodes Units of work Pod Pod and EC2 Pod and EC2 Unit of charge Pod EC2 EC2 Host lifecycle There is no visible host AWS (SSH is allowed) Customer Host AMI There is no visible host AWS vetted AMIs Customer BYO Host : Pods 1 : 1 1 : many 1 : many Fargate vs. (Un)Managed Nodes
  25. 25. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. EKS data plane options Worker nodes only Amazon EKS Availability Zone 1 Auto Scaling group Availability Zone 2 Auto Scaling group Worker node Worker node Worker node Worker node Amazon EC2 Auto Scaling Traditional container data plane Pods
  26. 26. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. EKS data plane options Mixed mode Serverless container data plane re:Invent 2019 AWS Fargate Amazon EKS Availability Zone 1 Auto Scaling group Availability Zone 2 Auto Scaling group Worker node Worker node Worker node Worker node Amazon EC2 Auto Scaling Traditional container data plane PodsPods
  27. 27. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. EKS data plane options Fargate only Serverless container data plane re:Invent 2019 AWS Fargate Amazon EKS Pods
  28. 28. Demo
  29. 29. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Kubernetes and EKS: Objects and constructs KubernetesAmazon EKS Amazon EKS
  30. 30. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Kubernetes and EKS: Objects and constructs KubernetesAmazon EKS aws eks create-cluster aws eks update-cluster-version … kubectl apply kubectl autoscale Kubectl expose …aws eks create-fargate-profile NEW
  31. 31. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Fargate profile template Subnets to pick for the Pod deployment Parameters to “catch” the pod deployment IAM Role to be associated to the kubelet
  32. 32. { "name": profile-a, "clusterName": mycluster, "podExecutionRole": iam-role-xyz, "subnets": subnet-0ad888345, "selectors": [ { "namespace": prod, "labels": { stack: blue } } ] } Fargate profile Simplified deployment flow Availability Zone 1 Auto Scaling group Availability Zone 2 Auto Scaling group Worker node Worker node Worker node Worker node Amazon EC2 Auto Scaling AWS Fargate KubernetesAmazon EKS Fargate Scheduler Pod 4 Mutating/ Validating Webhooks namespace: prod labels: - stack: blue - profile = profile-a - schedulerName = fargate- scheduler Pod 3 2 namespace: prod labels: - stack: blue 1 Pod
  33. 33. { "name": profile-a, "clusterName": mycluster, "podExecutionRole": iam-role-xyz, "subnets": subnet-0ad888345, "selectors": [ { "namespace": prod, "labels": { stack: blue } } ] } Fargate profile Simplified deployment flow Availability Zone 1 Auto Scaling group Availability Zone 2 Auto Scaling group Worker node Worker node Worker node Worker node Amazon EC2 Auto Scaling AWS Fargate KubernetesAmazon EKS Fargate Scheduler Pod 4 Mutating/ Validating Webhooks namespace: test 1 Pod 2 3
  34. 34. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Need a custom pod spec to deploy to Fargate? No You can configure EKS to deploy to Fargate… without touching your pod spec See the pod restart on Fargate Kill the podCreate a Fargate profile that matches the pod namespace (and optionally, labels) Example Run a pod on standard worker nodes
  35. 35. Example: Deploy to workers Availability Zone 1 Auto Scaling group Availability Zone 2 Auto Scaling group Worker node Worker node Worker node Worker node Amazon EC2 Auto Scaling AWS Fargate KubernetesAmazon EKS Fargate Scheduler Pod 4 Mutating/ Validating Webhooks 2 3 1 Pod namespace: default 1 Pod
  36. 36. { "name": profile-a, "clusterName": mycluster, "podExecutionRole": iam-role-xyz, "subnets": subnet-0ad888345, "selectors": [ { "namespace": default } } ] } Fargate profile Example: Re-deploy to Fargate Availability Zone 1 Auto Scaling group Availability Zone 2 Auto Scaling group Worker node Worker node Worker node Worker node Amazon EC2 Auto Scaling AWS Fargate KubernetesAmazon EKS Fargate Scheduler Pod 4 Mutating/ Validating Webhooks namespace: default labels: - profile = profile-a - shchedulerName = fargate- schedulerPod 3 2 namespace: default 1 Pod Same pod spec
  37. 37. POD Sizing
  38. 38. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. How do we pick the size of the pod? Init containers Start sequentially and then stop Containers Long running Request Limit This is for both Memory and CPU dimensions
  39. 39. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. How do we pick the size of the pod? Init containers Start sequentially and then stop Containers Long running Request Only requests are considered 1
  40. 40. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. How do we pick the size of the pod? Init containers Start sequentially and then stop Containers Long running Request Requests for ALL long-running containers are added together 2
  41. 41. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. How do we pick the size of the pod? Init containers Start sequentially and then stop Containers Long running Request The biggest number is taken and used to size the Fargate pod 3 This
  42. 42. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. How do we pick the size of the pod? Init containers Start sequentially and then stop Containers Long running Another example?
  43. 43. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. How do we pick the size of the pod? Init containers Start sequentially and then stop Containers Long running Let’s consider the requests only
  44. 44. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. How do we pick the size of the pod? Init containers Start sequentially and then stop Containers Long running Let’s add all long-running containers and pick the biggest number This
  45. 45. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. How do we pick the size of the pod? Init containers Start sequentially and then stop Containers Long running How do we go from this Pod config example to a Fargate size? This
  46. 46. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. How do we pick the size of the pod? This Fargate task size combinations
  47. 47. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. How do we pick the size of the pod? This Closest config (rounded up) is picked Fargate task size combinations MEMCPU +256MB Kubernetes components
  48. 48. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Networking architecture Secondary IPs K8s components Worker nodes data plane (Instance) PodPodPodPod ENIENI (Instances) Fargate data plane K8s components Pod K8s components Pod K8s components Pod K8s components Pod ENIENIENIENI
  49. 49. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Secondary IPs K8s components Worker nodes data plane (Instance) PodPodPodPod ENIENI (Instances) Fargate data plane K8s components Pod K8s components Pod K8s components Pod K8s components Pod ENIENIENIENI Security group considerations SG1 SG1 SG1 SG1 SG1
  50. 50. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Load Balancers considerations ALB Ingress works as it normally does Latest version includes the required code changes to make it work NLB support with the AWS Load Balancer Controller (Oct, 2020) AWS Load Balancer Controller includes support for both Application Load Balancers and Network Load Balancers. The new controller enables you to simplify operations and save costs by sharing an Application Load Balancer across multiple applications in your Kubernetes cluster, as well as using a Network Load Balancer to target pods running on AWS Fargate. CLB will not work because it must target EC2 instances There are no EC2 instances with EKS/Fargate
  51. 51. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Storage options with EKS for Fargate AWS Fargate provides a local storage space for containers to share This space is ephemeral and only lives for the time the pod lives Persistent storage for Fargate is a frequent ask from customers and is available with latest Amazon EFS CSI driver (Aug, 2020) AWS Fargate will use the EFS CSI driver to automatically mount an EFS file system requested by a pod running on Fargate, without the need for manual driver installation. Fargate pods requiring EFS volumes can be started with newly created EKS clusters running Kubernetes version 1.17
  52. 52. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. EKSCTL support EKSCTL supports Fargate and EC2 worker nodes Make sure you use the latest version It is possible to create a Fargate-only cluster Or a combination of Fargate and managed node groups EKSCTL takes care of some undifferentiated heavy lifting Such as creating the Fargate profiles and more $ eksctl create cluster --fargate https://eksctl.io/
  53. 53. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Recap: EKS for Fargate introduces UX changes Things you no longer need to do Manage Kubernetes worker nodes Pay for unused capacity Use K8s Cluster Autoscaler (CA) Things you get out of the box VM isolation at pod level Pod level billing Easy chargeback in multi- tenant scenarios Use LoadBalancer (ALB/NLB) Run statefull workloads via EFS Things you can’t do (for now) Deploy Daemonsets Use Classic LoadBalancer (CLB) Running privileged containers Security Groups per Pod https://github.com/aws/containers-roadmap
  54. 54. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Limits: Things to keep in mind AWS accounts have a soft limit of 500 Fargate tasks/pods per region You increase this limit Due to the nature of the solution, there’s a limit of 5,000 pods per cluster K8s tests up to 5,000 workers per cluster
  55. 55. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Scalability: Things to keep in mind Single individual pod start time may be longer on Fargate than on EC2 Each pod deployment sources a virtual node first from the Fargate fleet Pod deployments at scale may be faster due to Fargate parallelism E.g., think of the delay that Cluster Autoscaler can introduce in sourcing new EC2 capacity
  56. 56. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Pricing Standard EKS cluster pricing $0.10 per hour Standard Fargate Pricing for vCPU and memory AWS Fargate for Amazon EKS now included in Compute Savings Plans (Aug, 2020)
  57. 57. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Europe (Milan) Region On April, 28th AWS expanded its global footprint with the opening of the AWS Infrastructure Region in Italy. The new Region AWS Europe (Milano) brings advanced cloud technologies that enable opportunities for innovation, entrepreneurship, and digital transformation. For additional information about services and characteristics of an AWS Region, you can check the website: aws.amazon.com/local/italy/milan/
  58. 58. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Training & Certification https://www.aws.training : Free on-demand courses to help you build new cloud skills Video: Deep Dive on AWS Fargate: Building Serverless Containers at Scale https://www.aws.training/Details/Video?id=26855 E-Learning: Amazon Elastic Kubernetes Service (EKS) Primer https://www.aws.training/Details/eLearning?id=32894 Video: Introduction to AWS Fargate https://www.aws.training/Details/Video?id=16623 For more info on AWS T&C visit: https://aws.amazon.com/it/training/ Available AWS Certifications
  59. 59. Thanks!

×