K8S

Step required to get K8S running on Windows 10

docker login
Username 
Password

 

ScOrch Task

Task "minikube start"
Task "kubectl run hello-minikube --image=k8s.gcr.io/echoserver:1.10 --port=8080"
Task "kubectl expose deployment hello-minikube --type=NodePort"
Task "kubectl get node"
Task "kubectl get pod"
Task "minikube service hello-minikube --url"

 

 

Kube pods

#!/bin/bash
run_some_pods () {
  for j in {1..20}
  do
    kubectl run -i -t busybox-${j} --image=busybox --restart=Never -- echo "hi" &> /dev/null &
  done
  sleep 1
  wait
  for j in {1..20}
  do
    kubectl delete pods busybox-${j} --grace-period=0 --force &> /dev/null || true
  done
}
for i in {1..3279}
do
  echo "Running pod batch $i"
  run_some_pods
done

 

K8S Service Ports

ClusterIP - Default and basic type. Dynamically create a stable IP on a cluster, the stable port being 8080 and the app listening on port 80 in the pods and containers 

spec:
  type: ClusterIP
  selector:
    app: web
  ports:
  - port: 8080
    targetPort: 80

NodePort - Maps the nodePort on every cluster node, with an internal cluster port of 8080. The App is listening on port 80 in the pods/containers and the external port on every cluster node is 31111. The nodePort is a TCP/UDP port between 30000 and 32767

spec:
  type: NodePort
  ports:
  - port: 8080
    targetPort: 80
    nodePort: 31111

Load Balancer: Builds on top of NodePort and ClusterIP

spec:
  type: LoadBalancer
  ports:
  - port: 8080
    targetPort: 8080

 

 

Best Practices for Running Containers and Kubernetes in Production


The container ecosystem is immature and lacks operational best practices, but adoption of containers and Kubernetes is increasing for legacy modernization and cloud-native applications. We outline best practices for I&O leaders to enable and expedite container deployment in production environments.

Recommendations

Infrastructure and operations leaders responsible for the data center should:

  • Create a container platform strategy that applies best practices across security, governance monitoring, storage, networking, container life cycle management and container orchestration.

  • Start with small, simple use cases; ensure that containers are stateless and immutable; and enforce standardization, automation and federation of clusters for easier management and rapid scalability.

  • Integrate container as a service or platform as a service platforms with continuous integration/continuous delivery, security and operational tools; if needed, then augment it with best-of-breed tooling that enables I&O to meet business SLAs and simplify developer workflow.

  • Create a platform ops team that works with application developers for platform selection and operations and is focused on continuous improvement to meet the required business SLAs of production applications.

 

Table 1: Managed Container Services in the Cloud

Cloud Provider

Type of Service

Product/Service

Alibaba

Native Cloud Service

Alibaba Cloud Container Service, Alibaba Cloud Container Service for Kubernetes

Amazon Web Services (AWS)

Native Cloud Service

Amazon Elastic Container Services (ECS), Amazon ECS for Kubernetes (EKS), AWS Fargate

Giant Swarm

MSP

Giant Swarm Managed Kubernetes Infrastructure

Google

Native Cloud Service

Google Container Engine (GKE)

IBM

Native Cloud Service

IBM Cloud Kubernetes Service

Microsoft

Native Cloud Service

Azure Kubernetes Service, Azure Service Fabric

Oracle

Native Cloud Service

OCI Container Engine for Kubernetes

Platform9

MSP

Managed Kubernetes

Red Hat

Hosted Service

OpenShift Dedicated & Online

VMware

Hosted Service

Cloud PKS (Beta)

Source: Gartner (February 2019)

Although Docker runtime and managed Kubernetes are becoming ubiquitous across on-premises and public cloud environments, seamless hybrid environments require better federation and service brokering than is currently available. On-premises CaaS vendors, such as Docker, Mesosphere, Rancher Labs, Red Hat and VMware/Pivotal, offer cloud-based services, with varying degrees of integration and support. Public cloud providers have also released capabilities (such as AKS on Azure Stack) or made announcements of availability for on-premises products in 2019 (GKE on-premises and AWS Outposts). Hybrid and multicloud support will be an area of rapid innovation among vendors in 2019 and beyond.

Recommendations:

  • Objectively evaluate your organization’s ability to deploy and manage the appropriate tooling, and strongly consider cloud container management services as an alternative.

  • Choose the points of lock-in carefully; where possible, implement alternative open-source software.

  • Select providers with consistent operating models across hybrid environments that offer single-pane-of-glass management of federated clusters and open service brokers that simplify IaaS self-service.

 

Technology

Things to Look For

Sample List of Vendors

Monitoring

Service visualization, proactive alerting, compliance enforcement, auditing

Datadog, Dynatrace, Instana, Sysdig

Networking

Asset discovery, IP management for ephemeral containers, policy enforcement

Cisco, Juniper Networks, Tigera, Weaveworks

Security

OS hardening, secure runtime and orchestration, image security, traffic isolation and lockdown

Aqua Security, NeuVector, StackRox, Twistlock

Service Mesh

Service discovery, load balancing, authentication and access control, quality of service

Aspen Mesh, Avi Networks, AWS (App Mesh), Buoyant (Linkerd), Tetrate.io (Istio in Beta), VMware (NSX Service Mesh)

Storage

Container-native data services, resource coalescing, multiprotocol support

Diamanti, NetApp, Portworx, Robin Systems, StorageOS

Source: Gartner (February 2019)