K8S
Step required to get K8S running on Windows 10
docker login Username Password
ScOrch Task
Task "minikube start" Task "kubectl run hello-minikube --image=k8s.gcr.io/echoserver:1.10 --port=8080" Task "kubectl expose deployment hello-minikube --type=NodePort" Task "kubectl get node" Task "kubectl get pod" Task "minikube service hello-minikube --url"
Kube pods
#!/bin/bash
run_some_pods () {
for j in {1..20}
do
kubectl run -i -t busybox-${j} --image=busybox --restart=Never -- echo "hi" &> /dev/null &
done
sleep 1
wait
for j in {1..20}
do
kubectl delete pods busybox-${j} --grace-period=0 --force &> /dev/null || true
done
}
for i in {1..3279}
do
echo "Running pod batch $i"
run_some_pods
done
K8S Service Ports
ClusterIP - Default and basic type. Dynamically create a stable IP on a cluster, the stable port being 8080 and the app listening on port 80 in the pods and containers
spec: type: ClusterIP selector: app: web ports: - port: 8080 targetPort: 80
NodePort - Maps the nodePort on every cluster node, with an internal cluster port of 8080. The App is listening on port 80 in the pods/containers and the external port on every cluster node is 31111. The nodePort is a TCP/UDP port between 30000 and 32767
spec: type: NodePort ports: - port: 8080 targetPort: 80 nodePort: 31111
Load Balancer: Builds on top of NodePort and ClusterIP
spec: type: LoadBalancer ports: - port: 8080 targetPort: 8080
Best Practices for Running Containers and Kubernetes in Production
The container ecosystem is immature and lacks operational best practices, but adoption of containers and Kubernetes is increasing for legacy modernization and cloud-native applications. We outline best practices for I&O leaders to enable and expedite container deployment in production environments.
Recommendations
Infrastructure and operations leaders responsible for the data center should:
-
Create a container platform strategy that applies best practices across security, governance monitoring, storage, networking, container life cycle management and container orchestration.
-
Start with small, simple use cases; ensure that containers are stateless and immutable; and enforce standardization, automation and federation of clusters for easier management and rapid scalability.
-
Integrate container as a service or platform as a service platforms with continuous integration/continuous delivery, security and operational tools; if needed, then augment it with best-of-breed tooling that enables I&O to meet business SLAs and simplify developer workflow.
-
Create a platform ops team that works with application developers for platform selection and operations and is focused on continuous improvement to meet the required business SLAs of production applications.
Table 1: Managed Container Services in the Cloud
|
Cloud Provider |
Type of Service |
Product/Service |
|---|---|---|
|
Alibaba |
Native Cloud Service |
Alibaba Cloud Container Service, Alibaba Cloud Container Service for Kubernetes |
|
Amazon Web Services (AWS) |
Native Cloud Service |
Amazon Elastic Container Services (ECS), Amazon ECS for Kubernetes (EKS), AWS Fargate |
|
Giant Swarm |
MSP |
Giant Swarm Managed Kubernetes Infrastructure |
|
|
Native Cloud Service |
Google Container Engine (GKE) |
|
IBM |
Native Cloud Service |
IBM Cloud Kubernetes Service |
|
Microsoft |
Native Cloud Service |
Azure Kubernetes Service, Azure Service Fabric |
|
Oracle |
Native Cloud Service |
OCI Container Engine for Kubernetes |
|
Platform9 |
MSP |
Managed Kubernetes |
|
Red Hat |
Hosted Service |
OpenShift Dedicated & Online |
|
VMware |
Hosted Service |
Cloud PKS (Beta) |
Source: Gartner (February 2019)
Although Docker runtime and managed Kubernetes are becoming ubiquitous across on-premises and public cloud environments, seamless hybrid environments require better federation and service brokering than is currently available. On-premises CaaS vendors, such as Docker, Mesosphere, Rancher Labs, Red Hat and VMware/Pivotal, offer cloud-based services, with varying degrees of integration and support. Public cloud providers have also released capabilities (such as AKS on Azure Stack) or made announcements of availability for on-premises products in 2019 (GKE on-premises and AWS Outposts). Hybrid and multicloud support will be an area of rapid innovation among vendors in 2019 and beyond.
Recommendations:
-
Objectively evaluate your organization’s ability to deploy and manage the appropriate tooling, and strongly consider cloud container management services as an alternative.
-
Choose the points of lock-in carefully; where possible, implement alternative open-source software.
-
Select providers with consistent operating models across hybrid environments that offer single-pane-of-glass management of federated clusters and open service brokers that simplify IaaS self-service.
|
Technology |
Things to Look For |
Sample List of Vendors |
|---|---|---|
|
Monitoring |
Service visualization, proactive alerting, compliance enforcement, auditing |
Datadog, Dynatrace, Instana, Sysdig |
|
Networking |
Asset discovery, IP management for ephemeral containers, policy enforcement |
Cisco, Juniper Networks, Tigera, Weaveworks |
|
Security |
OS hardening, secure runtime and orchestration, image security, traffic isolation and lockdown |
Aqua Security, NeuVector, StackRox, Twistlock |
|
Service Mesh |
Service discovery, load balancing, authentication and access control, quality of service |
Aspen Mesh, Avi Networks, AWS (App Mesh), Buoyant (Linkerd), Tetrate.io (Istio in Beta), VMware (NSX Service Mesh) |
|
Storage |
Container-native data services, resource coalescing, multiprotocol support |
Diamanti, NetApp, Portworx, Robin Systems, StorageOS |
Source: Gartner (February 2019)