INTRO Kubernetes

Understand the basic principles of containers and container orchestration, as well as why Kubernetes and containers are beneficial.

Experiences we want to change!

Why Containers?

Many people have a complex job building, testing, and running systems based on old concepts and technology in today’s IT — the results you can see below (Experiences we want to change!). Modern ways to build, test, and run IT systems are not adopted as broadly as possible. Hence, a lot of pain is still out there that we could ease by changing IT processes and utilizing the new ways.

Why Containers?

Experiences we want to change!

BUILD - Life of a Developer

Here you see a developer who brought her code into production, only to find out that it didn’t run like on her laptop …

TEST - Life of System Architects

Here you can see system architects who mistakenly made a load test on a production server …

RUN - Life of a System Administrator

Here you can see a system administrator who was woken at 3 am to restart a process …

New Ideas & Concepts

New Ideas & Concepts

As often in IT, great “new” ideas and concepts are recycled or borrowed from others. So it happened that the shipping industry was a big inspiration for optimizing IT infrastructure operations more than two decades ago.

The concept of a container to standardize the packing of goods, make them universal to handle and transport on different means of transportation to improve efficiency and reduce the transportation costs was a real success story for the transportation industry.

Replication of success is always desirable and sparked a new way of operating IT infrastructures indifferent of application on development, testing, or production.

Container Technology in the shipping industry Instead of thinking up a separate way of shipping for each product, placing the goods in steel containers designed for pickup by the crane on the dock and fit into the ship is a more efficient way to do transport at scale.

A Container Ship

In streamlining the processes and the loading of the goods in standardized containers, the goods can be moved as one unit in a space-saving and cost-effective manner.

Container Technology in the IT industry Computer container technology in the IT industry addresses similar challenges to steel containers in the shipping industry:

  • increase compatibility
  • reduce dependencies
  • develop, deploy and operate easier

Docker

In streamlining the processes and the apps’ packaging in containers, deploying and running apps as one unit become a more performant and resource-effective process.

Container Benefits

Container Benefits

  • dev and ops separation of concerns create application container images at build/release time rather than deployment time, thereby decoupling applications from infrastructure

DevOps

  • continuous development, integration, and deployment provides for reliable and frequent container image build and deployment with quick and efficient rollbacks – due to image immutability

Mutable vs Immutable

  • environmental consistency across dev, test, and prod runs the same on a laptop as it does on an on-premises server, virtualized server, and in the cloud

  • OS distribution and cloud portability runs on Ubuntu, RHEL, CoreOS, on major public clouds, on-premises, and anywhere else

  • resource utilization and isolation benefits higher efficiency and density due to better utilization and predictable application performance due to isolation

  • loosely coupled, distributed, elastic microservices applications are broken into smaller, independent pieces and can be deployed and managed dynamically – not a monolithic stack running on one big single-purpose machine

  • agile application creation and deployment increased ease and efficiency of container image creation compared to VM image use

  • application-centric management raises abstraction level:

    • from running applications on an OS using virtual hardware
    • to running applications on an OS using logical resources

History of Application Deployments

History of Application Deployments

Application Deployments

Traditional Deployment

Early on, organizations ran applications on physical servers. There was no way to define resource boundaries for applications in a physical server, and this caused resource allocation issues. For example, if multiple applications run on a physical server, there can be instances where one application would take up most of the resources, and as a result, the other applications would underperform. A solution for this would be to run each application on a different physical server. But this did not scale as resources were underutilized, and it was expensive for organizations to maintain many physical servers.

Virtualized Deployment

As a solution, virtualization was introduced. It allows you to run multiple Virtual Machines (VMs) on a single physical server’s CPU. Virtualization allows applications to be isolated between VMs and provides a level of security as the information of one application cannot be freely accessed by another application. Virtualization allows better utilization of resources in a physical server and allows better scalability because an application can be added or updated easily, reduces hardware costs, and much more. With virtualization, you can present a set of physical resources as a cluster of disposable virtual machines. Each VM is a full machine running all the components, including its own operating system, on top of the virtualized hardware.

Container Deployment

Containers are similar to VMs, but they have relaxed isolation properties to share the Operating System (OS) among the applications. Therefore, containers are considered lightweight. Similar to a VM, a container has its own file system, share of CPU, memory, process space, and more. As they are decoupled from the underlying infrastructure, they are portable across clouds and OS distributions.

Without Container Orchestration

Why Kubernetes?

Running services in containers tend to produce numerous containers pretty quick. Handling many containers with no additional aid is a very cumbersome job. Hence, an orchestration solution is necessary to run services in containers efficiently.

Why Kubernetes?

Without Container Orchestration

  • Think about scaling up services; it increases manual work.
  • Think about fixing crashing nodes; it increases manual work.
  • Think about the complexity of running new stuff in production; it increases.
  • Think about the human cost of running those services; it increases.
  • Scaling services/applications becomes more and more difficult.
  • Public cloud provider resource usage becomes more and more expensive.

Without Container Orchestration

Kubernetes in Plain English

Kubernetes in Plain English

Containerization is this trend that’s taking over the world to allow people to run all kinds of different applications in a variety of different environments. When they do that, they need an orchestration solution in order to keep track of all of those containers and schedule them and orchestrate them. Kubernetes is an increasingly popular way to do that.

Dan Kohn, former executive director of the CNCF

Kubernetes ?

Kubernetes ?

Google open-sourced the Kubernetes project in 2014. Kubernetes combines over 15 years of Google’s experience running production workloads at scale with best-of-breed ideas and practices from the community.

The name Kubernetes originates from Greek, meaning helmsman or pilot.

Helmsman

Kubernetes is a portable, extensible, open-source platform for managing containerized workloads and services that facilitates both automation and declarative configuration.

Imperative vs Declarative

Configuration Differences

What a difference a configuration make :).

The significant change in this new IT world is that well-trained and practiced processes are outdated and useless. The imperative was the old world, you defined step-by-step guidance, and you also executed or overseen the execution of those configuration steps. The declarative way is to determine the desired state and an intelligent system conducts and supervises the configuration and operation steps.

Imperative vs Declarative

Features

Features

Kubernetes Features

Kubernetes provides the following features

self-healing

Kubernetes restarts containers that fail, replaces containers, kills containers that don’t respond to your user-defined health check, and doesn’t advertise them to clients until they are ready to serve.

automatic bin packing

you provide Kubernetes with a cluster of nodes that it can use to run containerized tasks. You tell Kubernetes how much CPU and RAM each container needs. Kubernetes can fit containers onto your nodes to make the best use of your resources.

automated rollouts and rollbacks

you can describe the desired state for your deployed containers using Kubernetes. It can change the actual state to the desired state at a controlled rate; e.g. you can automate Kubernetes to create new containers, remove existing containers and adopt all their resources to the new container.

secret and configuration management

Kubernetes lets you store and manage sensitive information, such as passwords, OAuth tokens, and SSH keys. You can deploy and update secrets and application configuration without rebuilding your container images without exposing secrets in your setup.

service discovery and load balancing

Kubernetes can expose a container using the DNS name or using their IP address. If traffic to a container is high, Kubernetes can load balance and distribute the network traffic to stabilize the deployment.

storage orchestration

Kubernetes allows you to automatically mount a storage system of your choice, such as local storages, public cloud providers, and more.

Kubernetes …

Kubernetes is …

providing the building blocks for creating developer and infrastructure platforms but preserves user choice and flexibility where it is essential.

extensible, and lets users integrate their logging, monitoring, alerting, and many more solutions because it is not monolithic, and these solutions are optional and pluggable.

Pluggable Solutions

Kubernetes does NOT …

limit the types of applications supported.

Kubernetes aims to support a highly diverse workload, including stateless, stateful, and data-processing workloads. If an application can run in a container, it should run great on Kubernetes.

deploy source code and does not build your application.

Organizational cultures determine Continuous Integration, Delivery, and Deployment (CI/CD) workflows and preferences and technical requirements.

provide application-level services;

such as middleware, data-processing frameworks, databases, caches, nor cluster storage systems as built-in services. Application access through portable mechanisms the components mentioned above - both are running Kubernetes.

provide nor adopt any comprehensive machine management.

The task requires additional components for system configuration, system management & maintenance, etc…

Kubernetes is NOT …

a traditional, all-inclusive PaaS system.

Kubernetes operates at the container level rather than at the hardware level. It provides some generally helpful features common to PaaS offerings, such as deployment, scaling, load balancing.

a mere orchestration system.

It eliminates the need for orchestration. The definition of orchestration is executing a defined workflow:

  • first, do A, then B, then C → imperative.

Kubernetes comprises independent, composable control processes that continuously drive the current state:

  • towards the desired state → declarative.

Important Building Blocks

Important Building Blocks

An application running on Kubernetes is a workload. Whether your workload is a single component or several that work together, on Kubernetes, you run it inside a set of Pods. In Kubernetes, a Pod represents a set of running containers on your cluster.

A critical fault on the node where your Pod runs means that all the Pods on that node fail. Kubernetes treats that level of failure as final: you would need to create a new Pod to recover, even if the node later becomes healthy. However, to make life easier, you don’t need to manage each Pod directly.

Instead, you can use workload resources that address a set of Pods on your behalf. These resources configure controllers that ensure the correct number and right kind of Pods are running to match the state you specified. Kubernetes provides several built-in workload resources: Pods, ReplicaSet, Deployment, DaemonSet, Ingress, and CronJob, to name a few of those building blocks.

Important Building Blocks

PODs

PODs

Pods are the basic building blocks to run containers inside of Kubernetes. Every Pod holds at least one container and controls the execution of that container. If all containers terminate, the Pod terminates too. Mounting storage, setting environment variables, and feed information into the container are all functions provided by the Pod.

PODs

Pods are the smallest deployable units of computing that you can create and manage in Kubernetes. Pods in a Kubernetes cluster are used in two main ways:

  • Pods that run a single container

The “one-container-per-Pod” model is the most common Kubernetes use case; in this case, you can think of a Pod as a wrapper around a single container; Kubernetes manages Pods rather than managing the containers directly.

  • Pods that run multiple containers that need to work together

A Pod can encapsulate an application composed of multiple co-located containers tightly coupled and need to share resources. These co-located containers form a single cohesive unit of service—for example, one container serving data stored in a shared volume to the public. In contrast, a separate sidecar container refreshes or updates those files. The Pod wraps these containers, storage resources, and an ephemeral network identity together as a single unit.

REPLICASETs

REPLICASETs

A ReplicaSet’s purpose is to maintain a stable set of replica Pods running at any given time to guarantee the availability of a specified number of identical Pods. However, a Deployment is a higher-level concept that manages ReplicaSets and provides declarative updates to Pods and other useful features. Therefore, Deployments are recommended instead of directly using ReplicaSets.

REPLICASETs

DEPLOYMENTs

DEPLOYMENTs

A Deployment is a higher-order abstraction that controls deploying and maintaining a set of Pods. Behind the scenes, it uses a ReplicaSet to keep the Pods running, but it offers sophisticated logic for deploying, updating, and scaling a set of Pods within a cluster. Deployments support rollbacks and rolling updates. Rollouts can be paused if needed.

DEPLOYMENTs

DEAMONSETs

DEAMONSETs

DaemonSets have many use cases – one frequent pattern is to use DaemonSets to install or configure each host node. DaemonSets provide a way to ensure that a Pod copy is running on every node in the cluster. As a cluster grows and shrinks, the DaemonSet spreads these specially labelled Pods across all nodes.

DAEMONSETs

INGRESS

INGRESS

Route traffic to and from the cluster. Provide a single SSL endpoint for multiple applications. Many implementations of an ingress allow you to customize your platform. Ingresses provide a way to declare that they should channel traffic from the outside of the cluster into destination points within the cluster. One single external Ingress point can accept traffic destined to many internal services.

INGRESS

CRONJOBs

CRONJOBs

Use familiar cron syntax to schedule tasks. CronJobs are part of the Batch API for creating short-lived non-server tools. CronJobs provide a method for scheduling the execution of Pods. They are excellent for running periodic tasks like backups, reports, and automated tests.

CRONJOBs

Managed Kubernetes

Managed Kubernetes

Suppose you don’t have the time, the budget, and the human resources to master all the complexity of Kubernetes on your own. In that case, your best option is to select a managed alternative to benefit from the power of Kubernetes in your developer and infrastructure platforms.

A simple who is responsible for what and pain versus gain comparison from available solutions should paint a clear picture of the golden mean, which is managed Kubernetes for most newcomers to the topic at hand.

To say that Kubernetes is the leading container orchestration platform is an understatement. It’s the only container orchestration platform that counts. However, to say that Kubernetes is complex is also an understatement. The learning curve is both steep and long.

Managed Ecosystems

Container Orchestration Ecosystem

While Kubernetes solves the orchestration part, additional components are needed to deploy and run containers smoothly in production.

Container lifecycle management as well as monitoring, backup, CI/CD, security, logging and registration are all activities needed in container orchestration.

K8s comes with multiple options and plugins for each layer. Each team has its preferences for ecosystem decisions.

Ecosystem

Managed Container Orchestration Ecosystems

SKS

Exoscale’s Scalable Kubernetes Service (SKS) built into the platform’s core based on vanilla Kubernetes. Easily upgradeable to go along with the progress of the Kubernetes project. A fully open ecosystem with the flexibility to choose all additional pluggable solutions based on your needs. Start a production Kubernetes cluster in seconds. Run from the portal, CLI, API and configuration management tools. The managed service scope is the Kubernetes Cluster, precisely the total lifecycle management of the control plane and the nodes.

APPUiO

VSHN’s APPUiO is the leading Kubernetes based Container Platform for the design, development and operation of applications. Based on reliable Open Source concepts, such as Docker and Kubernetes, APPUiO supports the DevOps approach. Development, deployment and operation processes are accelerated through automation and self-service. The cooperation between software developers and business organization is also improved. The managed service scope extends into parts of the ecosystem of pluggable Kubernetes solutions, increasing user comfort and reducing user flexibility in individual tool selection.

CK8s

Elastisys’ Compliant Kubernetes (CK8s) is a security-hardened, CNCF certified Kubernetes distribution that allows organizations to enjoy the benefits of Kubernetes while fulfilling regulatory requirements – all the way from development to deployment to operations and audits. Compliant Kubernetes comes pre-configured with CNCF approved open source projects that make life easier at audits and enforces compliance policies for your workloads, helping fulfil regulatory standards. You can rely on pre-configured templates and best practices and define your policies to achieve your regulatory goals. The managed service scope is fully managed.

Managed Ecosystems

Scalable Kubernetes Service

Scalable, On-demand Kubernetes Cluster

Start with a privacy-minded public cloud to host from single applications to complex architectures. Deploy a production-ready cluster in 90 seconds and manage it with a simple web portal, CLI, API or your choice of tools (Terraform).

SKS Features

Access to all compute instance types

It is your cluster on your terms. Size the Node-Pools as needed, using all instance types available. Attach one Node-Pool with Memory-Optimized instances and another one with CPU-Optimized ones.

Full cluster lifecycle management

Kubernetes is a fast-changing platform, and versions roll out fast. SKS has built-in commands to upgrade your control plane seamlessly – minimizing downtimes and errors.

Integration with NLB and Instance Pools

Manage ingress traffic with Exoscale Network Load Balancer support directly integrated into SKS management. Scale pools from Kubernetes using Instance Pools.

High-Availability control plane

With the PRO SKS plan, benefit from a resilient HA Kubernetes control plane, so your workloads are always up.

Simple and transparent pricing

With a free STARTER version and an affordable PRO plan, SKS provides straightforward pricing. Nodes are charged their usual rate with no extra cluster management fee.

All zones

Deploy your cluster where you need to, in the region that suits your latency, privacy or redundancy strategy.

Packaging & Pricing

Packaging & Pricing

Exoscale SKS - Packaging & Pricing

SKS Pricing