mirror of
https://github.com/jpetazzo/container.training.git
synced 2026-02-14 17:49:59 +00:00
📃 Update slides about k8s setup
This commit is contained in:
Jérôme Petazzoni
@@ -198,6 +198,30 @@
|
||||
|
||||
- The only limit is yourself, and the time you are willing to sink in!
|
||||
|
||||
---
|
||||
|
||||
## GPU support
|
||||
|
||||
Some solutions can expose your GPU to your containers.
|
||||
|
||||
This can be useful for machine learning inference and training.
|
||||
|
||||
It only works for some combinations of hardware and operating system.
|
||||
|
||||
For example:
|
||||
|
||||
- WSL2 + NVIDIA is supported by Docker Desktop and Podman Desktop
|
||||
|
||||
- Linux + NVIDIA is supported by Podman Desktop
|
||||
|
||||
- MacOS + Apple silicon is supported by Podman Desktop
|
||||
|
||||
See [Docker Deskop][gpu-docker-desktop] and [Podman Desktop][gpu-podman-desktop]
|
||||
documentations for more details.
|
||||
|
||||
[gpu-docker-desktop]: https://docs.docker.com/desktop/features/gpu/
|
||||
[gpu-podman-desktop]: https://podman-desktop.io/docs/podman/gpu
|
||||
|
||||
???
|
||||
|
||||
:EN:- Kubernetes options for local development
|
||||
|
||||
@@ -392,6 +392,18 @@ https://www.scaleway.com/en/pricing/)
|
||||
|
||||
- ...
|
||||
|
||||
---
|
||||
|
||||
## Reminder...
|
||||
|
||||
Managed Kubernetes ≠ managed hosting!
|
||||
|
||||
- Running an app also involves system upgrades, supervision, on-call, backups...
|
||||
|
||||
- "Managed hosting" means that the hosting provider takes care of it
|
||||
|
||||
- In "managed Kubernetes", you are responsible for these tasks!
|
||||
|
||||
???
|
||||
|
||||
:EN:- Installing a managed cluster
|
||||
|
||||
@@ -72,6 +72,107 @@
|
||||
|
||||
---
|
||||
|
||||
## Managed ≠ managed
|
||||
|
||||
- Managed Kubernetes ≠ managed hosting
|
||||
|
||||
- Managed hosting typically means that the hosting provider takes care of:
|
||||
|
||||
- installation, upgrades, time-sensitive security patches, backups
|
||||
|
||||
- logging and metrics collection
|
||||
|
||||
- setting up supervision, alerts, and on-call rotation
|
||||
|
||||
- Managed Kubernetes typically means that the hosting provider takes care of:
|
||||
|
||||
- installation
|
||||
|
||||
- maybe upgrades (kind of; you typically need to initiate/coordinate them)
|
||||
|
||||
- and that's it!
|
||||
|
||||
---
|
||||
|
||||
## "Managed" Kubernetes
|
||||
|
||||
- "Managed Kubernetes" gives us the equivalent of a raw VM
|
||||
|
||||
- We still need to add a lot of things to make it production-ready
|
||||
|
||||
(upgrades, logging, supervision...)
|
||||
|
||||
- We also need some almost-essential components that don't always come out of the box
|
||||
|
||||
- ingress controller
|
||||
|
||||
- network policy controller
|
||||
|
||||
- storage class...
|
||||
|
||||
📽️[How to make Kubernetes ryhme with production readiness](https://www.youtube.com/watch?v=6G4v-ZE6OHI
|
||||
)
|
||||
|
||||
---
|
||||
|
||||
## Observability
|
||||
|
||||
- Logging, metrics, traces...
|
||||
|
||||
- Pick a solution (self-hosted, as-a-service?)
|
||||
|
||||
- Configure control plane, nodes, various components
|
||||
|
||||
- Set up dashboards, track important metrics
|
||||
|
||||
(e.g. on AWS, track inter-AZ and external traffic per app to avoid $$$ surprises)
|
||||
|
||||
- Set up supervision, on-call notifications, on-call rotation
|
||||
|
||||
---
|
||||
|
||||
## Backups
|
||||
|
||||
- Full machine backups of the nodes?
|
||||
|
||||
(not very effective)
|
||||
|
||||
- Backup of control plane data?
|
||||
|
||||
(important; it's not always possible to obtain etcd backups)
|
||||
|
||||
- Backup of persistent volumes?
|
||||
|
||||
(good idea; but not always effective)
|
||||
|
||||
- App-level backups, e.g. database dumps, log-shipping?
|
||||
|
||||
(more effective and reliable; more work depending on the app and database)
|
||||
|
||||
---
|
||||
|
||||
## Upgrades
|
||||
|
||||
- Control plane
|
||||
|
||||
*typically automated by the provider; but might cause breakage*
|
||||
|
||||
- Nodes
|
||||
|
||||
*best case scenario: can be done in-place; otherwise: requires provisioning new nodes*
|
||||
|
||||
- Additional components (ingress controller, operators, etc.)
|
||||
|
||||
*depends wildly of the components!*
|
||||
|
||||
---
|
||||
|
||||
## It's dangerous to go alone!
|
||||
|
||||
Don't hesitate to hire help before going to production with your first K8S app!
|
||||
|
||||
---
|
||||
|
||||
## Node management
|
||||
|
||||
- Most "Turnkey Solutions" offer fully managed control planes
|
||||
@@ -138,7 +239,7 @@
|
||||
|
||||
- There are too many options to list them all
|
||||
|
||||
(check [this page](https://kubernetes.io/partners/#conformance) for an overview!)
|
||||
(check [this page](https://kubernetes.io/partners/#iframe-landscape-conformance) for an overview!)
|
||||
|
||||
---
|
||||
|
||||
|
||||
@@ -10,27 +10,37 @@
|
||||
|
||||
(e.g. national security for states that don't have a suitable domestic cloud)
|
||||
|
||||
- There are [countless](https://kubernetes.io/docs/setup/pick-right-solution/) distributions available
|
||||
- There are countless [distributions and installers][certified-kubernetes] available
|
||||
|
||||
- We can't review them all
|
||||
|
||||
- We're just going to explore a few options
|
||||
[certified-kubernetes]: https://kubernetes.io/partners/#iframe-landscape-conformance
|
||||
|
||||
---
|
||||
|
||||
## [kops](https://github.com/kubernetes/kops)
|
||||
## Evolution over time
|
||||
|
||||
- Deploys Kubernetes using cloud infrastructure
|
||||
- 2014 - early days; Kubernetes is installed manually
|
||||
|
||||
(supports AWS, GCE, Digital Ocean ...)
|
||||
- 2015 - CoreOS, Rancher
|
||||
|
||||
- Leverages special cloud features when possible
|
||||
- 2016 - [kops](https://github.com/kubernetes/kops), kubeadm
|
||||
|
||||
(e.g. Auto Scaling Groups ...)
|
||||
- 2017 - Kubernetes the hard way, Docker Enterprise
|
||||
|
||||
- 2018 - Crossplane, Cluster API, PKS
|
||||
|
||||
- 2019 - k3s, Talos
|
||||
|
||||
- 2021 - k0s, EKS anywhere
|
||||
|
||||
Note: some of these dates might be approximative (should we count
|
||||
announcements, first commit, first release, release 1.0...), the
|
||||
goal is to get an overall idea of the evolution of the state of the art.
|
||||
|
||||
---
|
||||
|
||||
## kubeadm
|
||||
## Example - kubeadm
|
||||
|
||||
- Provisions Kubernetes nodes on top of existing machines
|
||||
|
||||
@@ -40,69 +50,51 @@
|
||||
|
||||
- Supports HA control plane [with some extra steps](https://kubernetes.io/docs/setup/independent/high-availability/)
|
||||
|
||||
---
|
||||
- Installing a single cluster is easy
|
||||
|
||||
## [kubespray](https://github.com/kubernetes-incubator/kubespray)
|
||||
- Upgrading a cluster is possible, but must be done carefully
|
||||
|
||||
- Based on Ansible
|
||||
|
||||
- Works on bare metal and cloud infrastructure
|
||||
|
||||
(good for hybrid deployments)
|
||||
|
||||
- The expert says: ultra flexible; slow; complex
|
||||
💡 Great to install a single cluster quickly with a reasonable learning curve.
|
||||
|
||||
---
|
||||
|
||||
## RKE (Rancher Kubernetes Engine)
|
||||
## Example - Cluster API
|
||||
|
||||
- Opinionated installer with low requirements
|
||||
- Provision and manage Kubernetes clusters declaratively
|
||||
|
||||
- Requires a set of machines with Docker + SSH access
|
||||
- Clusters, nodes... are represented by Kubernetes resources
|
||||
|
||||
- Supports highly available etcd and control plane
|
||||
- Initial setup is more or less complicated
|
||||
|
||||
- The expert says: fast; maintenance can be tricky
|
||||
(depending on the infrastructure and bootstrap providers used)
|
||||
|
||||
- Installing many clusters is then easy
|
||||
|
||||
- Upgrading clusters can be fully automated
|
||||
|
||||
(again, depending on infrastructure, bootstrap providers...)
|
||||
|
||||
💡 Great to manage dozens or hundreds of clusters, with a bigger initial investment.
|
||||
|
||||
---
|
||||
|
||||
## Terraform + kubeadm
|
||||
## Example - Talos Linux
|
||||
|
||||
- Sometimes it is necessary to build a custom solution
|
||||
- Based on an immutable system
|
||||
|
||||
- Example use case:
|
||||
(like CoreOS Linux, Flatcar... but learned a lot from these precursors)
|
||||
|
||||
- deploying Kubernetes on OpenStack
|
||||
- Control plane and nodes are managed declaratively
|
||||
|
||||
- ... with highly available control plane
|
||||
- Initial setup and upgrades are relatively straightforward
|
||||
|
||||
- ... and Cloud Controller Manager integration
|
||||
- Some admin tasks require to learn a new way to do things
|
||||
|
||||
- Solution: Terraform + kubeadm (kubeadm driven by remote-exec)
|
||||
(e.g. managing storage, troubleshooting nodes...)
|
||||
|
||||
- [GitHub repository](https://github.com/enix/terraform-openstack-kubernetes)
|
||||
- Managing fleets of clusters is facilitated by Omni (commercial product)
|
||||
|
||||
- [Blog post (in French)](https://enix.io/fr/blog/deployer-kubernetes-1-13-sur-openstack-grace-a-terraform/)
|
||||
|
||||
---
|
||||
|
||||
## And many more ...
|
||||
|
||||
- [AKS Engine](https://github.com/Azure/aks-engine)
|
||||
|
||||
- Docker Enterprise Edition
|
||||
|
||||
- [Lokomotive](https://github.com/kinvolk/lokomotive), leveraging Terraform and [Flatcar Linux](https://www.flatcar-linux.org/)
|
||||
|
||||
- Pivotal Container Service (PKS)
|
||||
|
||||
- [Tarmak](https://github.com/jetstack/tarmak), leveraging Puppet and Terraform
|
||||
|
||||
- Tectonic by CoreOS (now being integrated into Red Hat OpenShift)
|
||||
|
||||
- [Typhoon](https://typhoon.psdn.io/), leveraging Terraform
|
||||
|
||||
- VMware Tanzu Kubernetes Grid (TKG)
|
||||
💡 As of 2025, Talos Linux popularity has significantly increased among "trendsetters".
|
||||
|
||||
---
|
||||
|
||||
|
||||
Reference in New Issue
Block a user