Henning Jacobs is a Kubernetes on AWS Hacker at Zalando Tech. His talk briefly covers our learnings in Zalando Tech while running Kubernetes on AWS in production.
Topics include:
- Cluster provisioning,
- AWS integration,
- Ingress,
- Cluster autoscaling,
- OAuth/IAM and
- Operations/monitoring.
https://www.meetup.com/Zalando-Tech-Events-Berlin/events/238212872/
Handwritten Text Recognition for manuscripts and early printed texts
Kubernetes on AWS at Europe's Leading Online Fashion Platform
1. Kubernetes on AWS
AT EUROPE’S LEADING
ONLINE FASHION PLATFORM
HENNING JACOBS
@try_except_
2017-03-27
2. 2
ZALANDO
15 markets
6 fulfillment centers
20 million active customers
3.6 billion € net sales 2016
165 million visits per month
12,000 employees in Europe
8. 8
ARCHITECTURE DECISIONS
• API server behind SSL ELB
• Webhook for authn & authz
• OAuth Bearer token
• Group membership lookup
• Read only access to production
• CI/CD for write access
• etcd running separately on EC2
• Multi AZ clusters
15. 15
INGRESS.YAML
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: "{{ application }}"
annotations:
# optional: SSL certificate ARN to use for the ALB (auto discovery for ACM)
zalando.org/aws-load-balancer-ssl-cert: "arn:aws:iam:..:..:..1a"
spec:
rules:
# DNS name your application should be exposed on
- host: "myapp.foo.example.org"
http:
paths:
- backend:
serviceName: "{{ application }}"
servicePort: 80
21. 21
CLUSTER AUTOSCALING
Control # of worker nodes in ASG:
• Satisfy all resource requests
• One spare node per AZ
• No manual config “tweaking”
• Scale down, but not too fast