Kubernetes II Deep Dive

Homework dn.dev/kube-tutorial

dn.dev/kubemaster2
1
 Upcoming DevNation Schedule
Master Italy (Italian) France (French) Brazil (Portuguese) USA (English) Mexico (Spanish)
Course UTC: 8:00 UTC 11:00 UTC 15:00 UTC 16:00 UTC 18:00
Series Local 10:00 Local 13:00 Local 12:00 Local 12:00 Eastern Local 13:00
Central Standard

Apr 18 2021 Kubernetes II Quarkus

Kubernetes-native

Apr 27-28 2021 Red Hat Summit Red Hat Summit Red Hat Summit Red Hat Summit Red Hat Summit

May 2 2021 Quarkus Quarkus Quarkus

Kubernetes-native Kubernetes-native Kubernetes-native

May 9 2021 Kafka

May 11 2021 Kubernetes III

May 16 2021 Kafka Kafka Kafka

dn.dev/master
 @burrsutter

burr@redhat.com

● Featured speaker at technology events around the globe

● Java Champion since 2005
● Former President of the Atlanta Java User Group
● Founded the DevNexus conference
● Always looking for technologies that enable developers to
deliver better software ever faster

dn.dev/kubemaster2
dn.dev/kubemaster2
https://www.surveymonkey.com/r/Y
HFRFC7

Edson’s Survey
https://www.surveymonkey.com/r/2V727GL

dn.dev/kubemaster2
 @kamesh_sampath
● Email: kameshs@redhat.com
● OpenSource Contributor for more than a decade
○ Minikube
○ Eclipse Che
○ Camel-K

● LinkedIn: Kamesh Sampath - Director of Developer

Experience - Red Hat
● Twitter: Kamesh Sampath (@kamesh_sampath)
● GitHub: kameshsampath (Kamesh Sampath) · GitHub

dn.dev/kubemaster2
 Survey Link
https://www.surveymonkey.com/r/MYWRGZW

dn.dev/kubemaster2
 Alex Soto (lordofthejars.com)

● @alexsotob
● asotobue@redhat.com
● Currently Red Hat’s Director of Developer Experience
● Featured speaker at technology events around the globe
● A Java Champion since 2017
● Writer, University Professor, Radio collaborator
● A big fan of testing and continuous delivery in 21st century

dn.dev/kubemaster1
 Alex Survey
https://www.surveymonkey.com/r/2LGVLGM

dn.dev/kubemaster2
 Sebastien Blanc
● @sebi2706
● sblanc@redhat.com
● Currently Red Hat’s Director of Developer Experience
● Featured speaker at technology events around the globe
● Java Champion
● Co-organizer of Riviera DEV
● Passion-Driven-Developer with one goal : share his passion
by giving talks that are pragmatic, fun and focused on live
coding

dn.dev/kubemaster2
 @elderjava
● Developer Advocate at Red Hat
● Java Champion
● Board Member at SouJava
● Featured speaker at developers conferences around the
world
● Helps Java developers to build and deliver awesome
applications

dn.dev/kubemaster2
 Elder Moraes
instagram.com/eldermoraes ● Developer Advocate at Red Hat
● Java Champion
● Board Member at SouJava
● Featured speaker at developers conferences around the
world
● Helps Java developers to build and deliver awesome
applications

dn.dev/kubemaster2
 Elder Survey
https://www.surveymonkey.com/r/2L5NSVF

dn.dev/kubemaster2
 Ana Mihalceanu

● @ammbra1508
● Currently Developer Advocate at Red Hat
● Java Champion and Certified Architect
● Co-founder of Bucharest Software Craftmanship Community
● Featured speaker at technology events around the globe
● Loving to solve challenging technical scenarios that involve
Java-based frameworks and multiple cloud providers

dn.dev/kubemaster2
 Natale Vinto
$ oc whoami

Developer Advocate for OpenShift, helping people within

communities and customers having success with their
Kubernetes and Cloud Native strategy.

Love Free and Open Source software, Blues 🎸 and coffee ☕

@natalevinto

dn.dev/kubemaster2 OpenShift.TV Coffee Break every Wed 10 AM CEST

 Josh Wood
Principal Developer Advocate

Formerly CoreOS
Kubernetes Operators, O’Reilly 2020
OpenShift for Developers, O’Reilly 2021 (link at end!)
joshix@redhat.com

dn.dev/kubemaster2
 Agenda
Part I Part II Part III
• Why Kubernetes • Building Images • Volumes
• What is Kubernetes • Resource Limits • Secrets
• Installation • Rolling Updates • Operators
• kubectl • Liveness & Readiness • Taints & Affinity
• Pod • Env & ConfigMap • Jobs & CronJobs
• ReplicaSet • DaemonSet
• Deployment • StatefulSets
• logs, stern
• Apps as a Service

dn.dev/kubemaster2
 Agenda
Part I Part II
• Why Kubernetes • Building Images
• What is Kubernetes • Resource Limits
• Installation • Rolling Updates
• kubectl • Liveness & Readiness
• Pod • Env & ConfigMap
• ReplicaSet
• Deployment
• logs, stern
• Apps as a Service

dn.dev/kubemaster2
 What’s your experience level?

https://www.menti.com/oqdkxdw5ru
dn.dev/kubemaster2
Developer
DeveloperSandbox!
Sandbox!

Get free access for renewable 30 days to a self-service,

cloud-hosted Kubernetes experience with
Developer Sandbox for Red Hat OpenShift.

https://developers.redhat.com/developer-sandbox

dn.dev/kubemaster2
 Quick Recap
Kubernetes Deep Dive I

dn.dev/kubemaster2
 DevOps Challenges for Multiple Containers
▪ How to scale?
▪ How to avoid port conflicts? Node Node Node
▪ How to manage them on multiple
hosts?
▪ What happens if a host has trouble?
▪ How to keep them running? Node Node Node
▪ How to update them?
▪ Rebuild Container Images?
Logger

dn.dev/kubemaster2
 Kubernetes Terms
Pod Replicaset/ Service Persistent Label
Deployment Volume

✓ 1+ containers ✓ The Desired ✓ Grouping of ✓ Network ✓ Key/Value pairs

✓ Shared IP State - replicas, pods (acting as available storage associated with
pod template: one) has stable ✓ PVs and PVCs Kubernetes objects
✓ Shared storage (ephemeral) health checks, virtual IP and (env=production)
✓ Shared resources resources, DNS name
✓ Shared lifecycle image

dn.dev/kubemaster2
 Building Images

dn.dev/kubemaster2
 Recap: Dockerfile

1 Inherit from a base image FROM registry.access.redhat.com/ubi8/ubi

2 Parameters as environment ENV foo=text

variables

3 Install dependencies RUN dnf install -y java-11-openjdk

(tooling from base image)
4 Add your app as a new Layer ADD my-app.jar /home/my-app.jar

5 Expose the port your app will use EXPOSE 8080

6 Run the app CMD java -jar /home/my-app.jar

dn.dev/kubemaster2
 Running an image on Kubernetes

1. Find a base Image: Docker Hub, quay.io, gcr.io,

access.redhat.com/containers
2. Craft your Dockerfile
3. Build your Image: docker build -t mystuff/myimage:v1
a. If remote, do "docker push"
4. kubectl apply -f myDeployment.yml
5. kubectl apply -f myService.yml
6. Expose a URL via your Kubernetes distribution's load-balancer

dn.dev/kubemaster2
 Image Builders
Options Include:
A. docker build then kubectl run or kubectl create -f deploy.yml
B. Fabric8 maven plugin (fabric8.io) (Eclipse JKube)
C. Jib - Maven/Gradle plugin
D. s2i - source to image
E. Knative Build - source to image, source to url (Tekton.dev)
F. Instead of docker...
a. Red Hat's podman/buildah, Google's kaniko, Uber's makisu
G. Buildpacks - similar to Heroku & Cloud Foundry

dn.dev/kubemaster2
 Managing Yaml
Options Include:
A. Helm Charts - but for Tiller (Tiller going away in 3)
B. Kompose - converts docker-compose.yml to kubernetes yaml
C. jsonnet - https://jsonnet.org/articles/kubernetes.html
D. Ksonnet - templating for Kubernetes manifests (archived)
E. Kapitan - templating for Kubernetes manifests (helm, kapitan, kustomize)
F. Kustomize - templating for Kubernetes manifests (Helm vs Kustomize)

dn.dev/kubemaster2
 Do NOT Java + Docker == FAIL

Slides: bit.ly/javadockerfail
Recording: JBCNConf 2017
docker run -m 100MB openjdk:8u121 java
-XshowSettings:vm -version

docker run -m 100MB openjdk:8u131 java

-XX:+UnlockExperimentalVMOptions
-XX:+UseCGroupMemoryLimitForHeap -XshowSettings:vm
-version

dn.dev/kubemaster2
 Building Exercises
View exercises

dn.dev/kubemaster2
 Resource Limits

dn.dev/kubemaster2
 The hidden truth of containers
Containers are about sharing and deployment density

costs memory

cost lots of memory

Threads
cost CPU cycles
Container Host
+ quotas =
BOOM

dn.dev/kubemaster2
 Resource Requests/Limits
resources:
requests:
memory: "300Mi"
cpu: "250m" # 1/4 core
limits:
memory: "400Mi"
cpu: "1000m" # 1 core

dn.dev/kubemaster2
 Resource Limits Exercises
View exercises

dn.dev/kubemaster2
 Rolling Updates

dn.dev/kubemaster2
 “Rolling updates allow
Deployments' update to take
place with zero downtime by
incrementally updating Pods
instances with new ones.”

https://kubernetes.io/docs/tutorials/kubernetes-basics/update/update-intro/

dn.dev/kubemaster2
 Rolling Update Exercises
View exercises

dn.dev/kubemaster2
 Liveness & Readiness

dn.dev/kubemaster2
 “The kubelet uses liveness probes to
know when to restart a container.”

“The kubelet uses readiness probes

to know when a container is ready to
start accepting traffic.”

https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/

dn.dev/kubemaster2
 Example
resources:
requests:
memory: "300Mi"
cpu: "250m" # 1/4 core
limits:
memory: "400Mi"
cpu: "1000m" # 1 core
livenessProbe:
kubectl create -f Deployment.yml httpGet:
port: 8080
path: /
initialDelaySeconds: 10
periodSeconds: 5
timeoutSeconds: 2
readinessProbe:
httpGet:
path: /health
port: 8080
initialDelaySeconds: 10

dn.dev/kubemaster2 periodSeconds: 3
 Live & Ready Exercises
View exercises

dn.dev/kubemaster2
 Environment & ConfigMap

dn.dev/kubemaster2
 env vars & configmaps
An app’s config is everything that is likely to vary between deploys (staging, production,
developer environments, etc). 12 Factor Apps
kubectl set env deployment/myboot DBCONN="jdbc:sqlserver://45.91.12.123:1443;user=MyUserName;password=*****;"

kubectl create cm my-config --from-env-file=config/some.properties

dn.dev/kubemaster2
 ConfigMaps
kubectl create cm my-config --from-env-file=config/some.properties

some.properties Partial .java

GREETING=jambo @Autowired
LOVE=Amour
private Environment environment;

Partial deployment.yml String greeting =

spec: environment.getProperty("GREETING","Default");
containers:
String love =
- name: myboot
environment.getProperty("LOVE","Default");
image: 9stepsawesome/myboot:v1
ports:
- containerPort: 8080
envFrom:
- configMapRef:
name: my-config

dn.dev/kubemaster2
 Exercises
External Configuration Secrets exercise

dn.dev/kubemaster2
 What’s Next?

dn.dev/kubemaster2
 DevNation Summer Labs! 🏖

dn.dev/kubemaster2
 Free Resources

dn.dev/kubemaster2
 Download

bit.ly/istiobook

dn.dev/kubemaster2
 Download

bit.ly/javamicroservicesbook

dn.dev/kubemaster2
 Download

dn.dev/k8spatterns1

dn.dev/kubemaster2
 Download

dn.dev/knative-cookbook

dn.dev/kubemaster2
 Download

bit.ly/mono2microdb

dn.dev/kubemaster2
 Download

https://red.ht/modernize-enterprise-java

dn.dev/kubemaster2
 Download

https://red.ht/3IxJCzY

dn.dev/kubemaster2
 The End

dn.dev/kubemaster2
 Backup Content

dn.dev/kubemaster2
 Blue/Green
Deployment
dn.dev/kubemaster2
 Blue/Green Deployment

BUILD
SCM

DEVELOPMENT QA STAGING PRODUCTION ROUTER USERS

dn.dev/kubemaster2
 Blue/Green Deployment

BUILD
SCM

DEVELOPMENT QA STAGING PRODUCTION ROUTER USERS

dn.dev/kubemaster2
 Blue/Green Deployment

BUILD
SCM

DEVELOPMENT QA STAGING PRODUCTION ROUTER USERS

dn.dev/kubemaster2
 Blue/Green Deployment

BUILD
SCM

DEVELOPMENT QA STAGING PRODUCTION ROUTER USERS

dn.dev/kubemaster2
 Blue/Green Deployment

SCM BUILD

DEVELOPMENT QA STAGING PRODUCTION ROUTER USERS

dn.dev/kubemaster2
 Blue/Green Deployment

SCM

DEVELOPMENT QA STAGING PRODUCTION ROUTER USERS

dn.dev/kubemaster2
 Blue/Green Deployment

SCM
x

DEVELOPMENT QA STAGING PRODUCTION ROUTER USERS

dn.dev/kubemaster2
 Blue/Green Deployment

SCM

DEVELOPMENT QA STAGING PRODUCTION ROUTER USERS

dn.dev/kubemaster2
 Blue/Green Exercises
View exercises

dn.dev/kubemaster2
 Custom Resource Definitions

dn.dev/kubemaster2
 Pizzas or Kafkas
apiVersion: kafka.strimzi.io/v1alpha1
kind: Kafka
metadata:
name: mycluster
spec:
kafka: apiVersion: mykubernetes.burrsutter.com/v1beta2
replicas: 3 kind: Pizza
listeners: metadata:
external: name: themeats
type: route spec:
storage: toppings:
type: ephemeral - mozzarella
zookeeper: - pepperoni
replicas: 3 - sausage
storage: - bacon
type: ephemeral sauce: extra
entityOperator:
topicOperator: {}
userOperator: {}
dn.dev/kubemaster2
 http://strimzi.io/

Apache Kafka on
Kubernetes & OpenShift

dn.dev/kubemaster2
 Beyond Managing Yaml - Operators

Phase I Phase II Phase III Phase IV Phase V

Installation Updates Full Lifecycle Deep Insights Auto Pilot

Provisioning Patches and App and Storage Metrics, alerts, log Auto tuning, auto
Configuration Minors (backup, failure, processing, scaling, abnormality
Management recovery) workload analysis detection

Helm

Ansible

Go

Operator SDK
https://github.com/operator-framework/operator-sdk

dn.dev/kubemaster2
 Operatorhub.io

dn.dev/kubemaster2
 CRD Exercises
View exercises

dn.dev/kubemaster2
dn.dev/kubemaster2