Cloud Native Applications on Kubernetes: a DevOps Approach

Nicola Ferraro - Voxxed Days Ticino 2017
Cloud Native Applications on Kubernetes:
a DevOps Approach
Nicola Ferraro
@ni_ferraro

About Me
Nicola Ferraro
Software Engineer at Red Hat
Working on Apache Camel,
Fabric8.io, JBoss Fuse, Fuse
Integration Services for Openshift,
Syndesis.io
Follow me on twitter:
@ni_ferraro

Agenda
● Technological Overview
○ Docker
○ Kubernetes
○ Development Tools
● Demo: deploying a microservice
● Buzzwords Explained
○ Cloud Native
○ Microservices
○ DevOps
○ IaC, CI & CD
● Demo: IaC, CI & CD

Containers
Docker is revolutionizing the way
we build software today.
● Lightweight virtualization
○ Ever tried to run docker
containers on a RaspberryPI?
● Full runtime isolation
○ Using linux namespaces
● Language-independent packaging
and distribution
○ The new JAR? The new EAR?
● Run 10x more apps in a single
host than with VMs
● Composability ...
$ docker run -d myuser/myapp

Containers: how to build them
There are multiple ways of building
containers:
● Dockerfile (classic)
● Rockerfile
○ Supports e.g. templating
● Ansible
● Docker-Maven-Plugin (for Java
apps, from fabric8)
● See ro14nd talk for 10+ ways:
https://github.com/ro14nd-talks/docker-conta
iner-loading/blob/master/docker-container-lo
ading.pdf
FROM ubuntu:16.04
…
RUN apt-get update && apt-get
install -y mongodb-org
RUN mkdir -p /data/db
EXPOSE 27017
…
ENTRYPOINT ["/usr/bin/mongod"]
… a Dockerfile

Containers: distribution
● Build locally
● Push to a registry
● Run public and private
images

Java EAR vs. Docker Image
Java EAR:
● Complete runnable description
of a Java EE application
● To be deployed on a Java EE
application server providing:
○ Availability
○ Scalability
○ Fault tolerance
○ Load balancing
○ Rolling upgrades
○ Monitoring
○ Logging
○ …
Docker Image:
● Complete runnable description
of a generic application
● To be run with “docker run” ???
There should be something else!

Introducing Kubernetes
Cloud platform (also for private cloud), to
Orchestrate (Docker) containers:
● Born at Google
● Production ready
● Provides:
○ Availability
○ Scalability (auto and manual)
○ Fault tolerance
○ Load balancing
○ Deployment (canary, blue-green, …)
○ Monitoring
○ Logging
○ …
○ Service discovery
Kubernetes
Openshift Origin
(Kubernetes on steroids)
Open source
(like anything else in Red Hat)

Kubernetes: Architecture
● kubectl / oc: client tools
● Master:
○ There can be multiple ones!
○ Rest API Server, Scheduler,
Controller Manager
○ Configuration in etcd v3
● Nodes:
○ Workers: run containers
○ Kubelet, Proxy
Can scale up to 4000 nodes!
And you can create smaller
federated clusters (v 1.6)
Master
kubectl / oc / ...
Node
Node
Node
Node

Kubernetes Concepts: Namespace
The same physical cluster can host multiple virtual
environments called namespaces (or projects in Openshift).
Node Node
Private networks
Master
N1 N2
kubectl / oc / ...
RBAC
● Openshift Origin
● New in Kubernetes (beta v. 1.6+)

Kubernetes Concepts: POD
The deployment unit in Kubernetes is not the container, but
the pod (group of related containers).
Containers inside pods are automatically restarted in case
of failure (configurable policy), but they don’t survive
node crash.
Node
Pod Pod
Pod
Pods:
● Are groups of related containers
● Share (virtual) network interfaces
● Usually 1 pod contains 1 container
● Are treated as a single unit by
Kubernetes (in replication controllers,
services, etc.)

Kubernetes Concepts: Deployment
Allows to specify the target condition of our application:
e.g. 3 replicas of a given pod.
Node Node Node Node
replicas = 3
Master
Ctrl Manager
Node choice:
● Affinity
● Anti-affinity
● ...
(using labels)
Kubernetes 1.6+
Openshift
Just change the
number of replicas to
scale up/down! Scheduler
Deployment

Kubernetes Concepts: Deployment
Allows software upgrades.
Two modes:
● Rolling update: e.g. for microservices
○ Gradual process
○ Configurable: max surge, max unav. (25%)
● Recreate: e.g. for databases
● Canary or Blue-green:
○ Not oob
○ Can be done using
Multiple deployments
Node
v1 v2
Node
v1 v2
Node
v1 v2
Deployment

Kubernetes Concepts: Service
Services provide named (dns) access to pod’s network
endpoints (level 4).
Kubernetes Namespace
Service
Load balancing
Route /
Ingress
myservice
http://myservice/api
http://myservice-ns.mycluster.io
L7

Kubernetes Concepts: Other “Objects”
● Volume, VolumeClaim: to attach storage to containers
● ConfigMap: key value map to inject configuration
● Secret: like a config map, with more access restrictions
● CronJob, StatefulSet, DaemonSet: other “deployment” options
Openshift:
● BuildConfig, Build: build automatically containers from source
and deploy (or run custom Jenkins pipelines).
Free!

Kubernetes: running it locally
Minikube
https://github.com/kuberne
tes/minikube
(VM based)
Minishift
https://github.com/minishi
ft/minishift
(VM based)
“oc cluster up”
https://github.com/openshi
ft/origin
(docker container based)

Demo
Deploying a microservice
(in Openshift)

Demo: Deploying a microservice
A demo showing how to create a spring-boot microservice
using the fabric8-maven-plugin.
Features of Kubernetes/Openshift are shown:
● Scaling
● Load Balancing
● Rolling Deployment
https://github.com/nicolaferraro/voxxed-ticino-demo

Cloud Native
It just means.. applications built for the cloud!
● Developed for a cloud platform (e.g. Kubernetes)
● Not bound to physical servers, networks, storage …
● Packaged and ready to run (e.g. Docker container)
● Supporting load balancing, auto-scaling, relocation …
● Communicating (directly or indirectly) with the platform:
○ Health checks
○ Configuration (e.g. with configmaps)
○ Service discovery
○ Logging
○ Tracing, circuit breaking (especially for microservices)
https://www.cncf.io/projects/

Microservices
Design applications as a set of independently
deployable services.
The Java EE
Monolith
Microservices !
i.e. “why are you
using Struts v 1
in 2017 ?”
NodeJS on
MongoDB
Vert.x with
PostgreSQL
Spring-Boot with
PostgreSQL

Microservices: How and why?
How:
● Develop a service around a “bounded context”
● Make a team responsible for the service
● Define a strict API to communicate with other services
Why:
● Optimize the service for speed (e.g. scaling)
● Evolve the service periodically
○ Even change technology!
● Release early and often:
○ To fix bugs
○ To patch security vulnerabilities
○ To meet business requirements
○ … there is more to say here …
Free!

DevOps: the first way
Why should we release earlier?
● DevOps = Dev + Ops = Make everyone work together towards the same goal:
deliver value to the end user.
Manufacturing Software
Not so easy …
Automation is
just the first
way!
Dev OpsBusiness User
QA
And do not pass problems
downstream (fail fast) !
→ Increase the capacity of this flow →

DevOps: the second way
Why should we release often?
● To create short feedback loops between business people, developers,
operation guys, quality assessment people and the end user.
● Feedback loops are the receipt for optimizing and correcting work
continuously towards the same goal.
● Short agile iterations are the key for continuous improvement.
● Automation is fundamental for the second way.
Business Dev QA Ops User
Learning paths

DevOps: the third way
Experimenting and learning from failures is the way to improve!
● Cultural change:
○ Do not fear the change
○ Taking risks should be the norm
● Mastery (experience) makes sure that risks are controlled
● Change the process to improve it continuously.
Business Dev QA Ops User

DevOps practices
Technically, the fundamental DevOps practices are:
● Infrastructure as Code
○ Write your entire system into “source code” (including configuration)
○ Your system must be “runnable”
● Continuous Integration (CI)
○ Continuously test if your modules (or “services”) can work together
● Continuous Delivery (CD)
○ Deliver software to users quickly with (very) limited intervention
○ Deliver software into “mirrors” of the production environment

Infrastructure as Code
The main enabler for DevOps:
● Code everything that constitute you application:
○ The application itself
○ Network configuration
○ Operating systems (and JVM)
○ Physical (or better virtual) Machines
○ Configuration (application settings, certificates, endpoints, …)
● Your whole infrastructure becomes “runnable”
Tools used for automation: Ansible, Chef, Puppet.

“Cloud Native” Infrastructure as Code
What’s the “infrastructure” for a cloud-native application?
In Kubernetes it’s more or less:
● a Deployment: containers (OS, JVM), health checks, pods,
replicas, network endpoints, load balancers, upgrade
process, placement strategy
● ConfigMap and Secrets: define the application
configuration
Ok, I put everything in my SCM. Now what?

CI-CD
Microservices are independently deployable…
Build
Deploy
to dev
Deploy
to stg
Deploy
to prod
Build
Deploy
to dev
Deploy
to stg
Deploy
to prod
Microservice 1
Microservice 2
conditional
conditional
Test
Test
The same software deployed here!!!

CI-CD: Testing
Testing is a crucial aspect of DevOps:
● Unit tests (in isolation)
● End-to-end functional tests
○ E.g. inject a Selenium pod
● Load tests
○ E.g. inject a (highly replicated!)
JMeter pod
● System tests
○ E.g. inject a chaos monkey
Testing pod (optional)
Production-like
environment
Create virtual
environments on the fly,
for testing!
You can run tests as part of the delivery
pipeline, in a production-like environment!

CI-CD: How
Openshift
Jenkins pipelines integrated into
the platform.
Kubernetes
Fabric8 (https://fabric8.io/)
Integrated development platform for
Kubernetes. Includes:
● Jenkins
● Gogs
● Nexus
● Hubot (chat ops)
● Quickstarts
● Maven Plugin
● …

Demo
IaC, CI & CD
(in Openshift)

Demo: IaC, CI & CD
Deploy a set of applications on Openshift and configure CI-CD.
Spring-Boot microservice, communicating with an Apache Spark recommender
system using a Kafka broker.
Source code:
● https://github.com/nicolaferraro/voxxed-bigdata-kafka
● https://github.com/nicolaferraro/voxxed-bigdata-web
● https://github.com/nicolaferraro/voxxed-bigdata-spark
● https://github.com/nicolaferraro/voxxed-bigdata-pipeline

Spark on Kubernetes: Oshinko
Oshinko is a project for running Apache Spark cloud native
applications on Openshift.
Spark Driver Cluster
Manager
Spark Workers
http://radanalytics.io
User “main”
code
Oshinko
“magic”

Future from Red Hat: Openshift.io
Preview announced few days ago. Cloud development platform
from the experience of Fabric8.
● SCM
● CI-CD
● Artifact Repository
● Planning
● Collaboration
● IDE (Eclipse Che)
Everything on the cloud! No need to install anything, just open a browser!

Future from Red Hat: syndesis.io
A new community for devs and non-devs for cloud integration.
● Deploy integration services on Openshift
● No need to write code!
● Connectors based on Apache Camel
Follow us on twitter!
@syndesisio

@ni_ferraro
That’s all folks!

Cloud Native Applications on Kubernetes: a DevOps Approach

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Cloud Native Applications on Kubernetes: a DevOps Approach

Similar to Cloud Native Applications on Kubernetes: a DevOps Approach (20)

More from Nicola Ferraro

More from Nicola Ferraro (6)

Recently uploaded

Recently uploaded (20)

Cloud Native Applications on Kubernetes: a DevOps Approach