Kubernetes 1.8 and Beyond

Similar documents
Kubernetes 1.9 Features and Future

Kubernetes, CNCF and Beyond

Introduction to Kubernetes

Overview of Container Management

Top Nine Kubernetes Settings You Should Check Right Now to Maximize Security

Kubernetes Integration Guide

Implementing SaaS on Kubernetes

Kubernetes. An open platform for container orchestration. Johannes M. Scheuermann. Karlsruhe,

TEN LAYERS OF CONTAINER SECURITY

Kuberiter White Paper. Kubernetes. Cloud Provider Comparison Chart. Lawrence Manickam Kuberiter Inc

Open Service Broker API: Creating a Cross-Platform Standard Doug Davis IBM Shannon Coen Pivotal

Enabling Multi-Cloud with Istio Stretching an Istio service mesh between Public & Private Clouds. John Joyce Robert Li

Kubernetes 101. Doug Davis, STSM September, 2017

Taming your heterogeneous cloud with Red Hat OpenShift Container Platform.

Building Kubernetes cloud: real world deployment examples, challenges and approaches. Alena Prokharchyk, Rancher Labs

Introduction to the Open Service Broker API. Doug Davis

DEPLOY MODERN APPS WITH KUBERNETES AS A SERVICE

DEPLOY MODERN APPS WITH KUBERNETES AS A SERVICE

OpenShift Dedicated 3 Release Notes

OpenShift Roadmap Enterprise Kubernetes for Developers. Clayton Coleman, Architect, OpenShift

Launching StarlingX. The Journey to Drive Compute to the Edge Pilot Project Supported by the OpenStack

Kubernetes made easy with Docker EE. Patrick van der Bleek Sr. Solutions Engineer NEMEA

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Building a Kubernetes on Bare-Metal Cluster to Serve Wikipedia. Alexandros Kosiaris Giuseppe Lavagetto

KUBERNETES IN A GROWN ENVIRONMENT AND INTEGRATION INTO CONTINUOUS DELIVERY

What s New in Kubernetes 1.12

What s New in K8s 1.3

MSB to Support for Carrier Grade ONAP Microservice Architecture. Huabing Zhao, PTL of MSB Project, ZTE

Hacking and Hardening Kubernetes

Cisco Container Platform

Transform Your Business To An Open Hybrid Cloud Architecture. Presenter Name Title Date

VMWARE PIVOTAL CONTAINER SERVICE

EASILY DEPLOY AND SCALE KUBERNETES WITH RANCHER

INTRODUCING CONTAINER-NATIVE VIRTUALIZATION

REDEFINING THE ENTERPRISE

Defining Security for an AWS EKS deployment

What s New in K8s 1.3

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

CONTAINERS AND MICROSERVICES WITH CONTRAIL

Taming Distributed Pets with Kubernetes

What is Dell EMC Cloud for Microsoft Azure Stack?

This document (including, without limitation, any product roadmap or statement of direction data) illustrates the planned testing, release and

Module Day Topic. 1 Definition of Cloud Computing and its Basics

Kubernetes - Load Balancing For Virtual Machines (Pods)

NGINX: From North/South to East/West

How to Leverage Containers to Bolster Security and Performance While Moving to Google Cloud

Managing Compute and Storage at Scale with Kubernetes. Dan Paik / Google

VMWARE ENTERPRISE PKS

Onto Petaflops with Kubernetes

Running MarkLogic in Containers (Both Docker and Kubernetes)

OpenShift Commons Briefing. Kubernetes Service Catalog 0.1.0

VMWARE PKS. What is VMware PKS? VMware PKS Architecture DATASHEET

ISTIO 1.0 INTRODUCTION & OVERVIEW OpenShift Commons Briefing Brian redbeard Harrington Product Manager, Istio

Kuber-what?! Learn about Kubernetes

PSOACI Why ACI: An overview and a customer (BBVA) perspective. Technology Officer DC EMEAR Cisco

Title DC Automation: It s a MARVEL!

Contrail Networking: Evolve your cloud with Containers

Securing Microservice Interactions in Openstack and Kubernetes

TEN LAYERS OF CONTAINER SECURITY. Kirsten Newcomer Security Strategist

2018 Cisco and/or its affiliates. All rights reserved.

Introduction to Kubernetes Storage Primitives for Stateful Workloads

Managing your microservices with Kubernetes and Istio. Craig Box

OpenShift 3 Technical Architecture. Clayton Coleman, Dan McPherson Lead Engineers

An Introduction to Kubernetes

Container Orchestration on Amazon Web Services. Arun

Secure Kubernetes Container Workloads

Setting up Kubernetes with Day 2 in Mind. Angela Chin, Senior Software Engineer, Pivotal Urvashi Reddy, Senior Software Engineer, Pivotal

Multitenancy Deep Dive

What s New in Red Hat OpenShift Container Platform 3.4. Torben Jäger Red Hat Solution Architect

Everything You Need to Know About MySQL Group Replication

Istio. A modern service mesh. Louis Ryan Principal

Fault Tolerant Stateful Services on Kubernetes. Timothy St.

Docker CaaS. Sandor Klein VP EMEA

Cisco Unified Data Center Strategy

Open Hybrid Cloud & Red Hat Products Announcements

Going cloud-native with Kubernetes and Pivotal

The Path to GPU as a Service in Kubernetes Renaud Gaubert Lead Kubernetes Engineer

Project Calico v3.2. Overview. Architecture and Key Components. Project Calico provides network security for containers and virtual machine workloads.

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Apache Hadoop 3. Balazs Gaspar Sales Engineer CEE & CIS Cloudera, Inc. All rights reserved.

Dan Williams Networking Services, Red Hat

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Virtustream Managed Services Drive value from technology investments through IT management solutions. Tim Calahan, Manager Managed Services

Red Hat Roadmap for Containers and DevOps

Cisco CloudCenter Solution with Cisco ACI: Common Use Cases

Two years of on Kubernetes

Table of Contents DevOps Administrators

PUBLIC AND HYBRID CLOUD: BREAKING DOWN BARRIERS

CLUSTERING HIVEMQ. Building highly available, horizontally scalable MQTT Broker Clusters

Oracle Container Services for use with Kubernetes. User's Guide

BRINGING CLARITY TO THE CLOUD

Orchestrating the Continuous Delivery Process

BoF: Grafeas Using Artifact Metadata to Track and Govern Your Software Supply Chain

Continuous delivery while migrating to Kubernetes

São Paulo. August,

ebook ADVANCED LOAD BALANCING IN THE CLOUD 5 WAYS TO SIMPLIFY THE CHAOS

The Road to Istio: How IBM, Google and Lyft Joined Forces to Simplify Microservices

Transformation Through Innovation

State of OpenShift on Bare Metal

EXPERTS LIVE SUMMER NIGHT. Close your datacenter and give your users-wings

Transcription:

Kubernetes 1.8 and Beyond Aparna Sinha, Group Product Manager, Google OpenShift Commons Gathering - Austin, Texas

Why do users choose Kubernetes? Open Source Community Frequent releases Resource efficiency Runs anywhere Fast deployments

Enterprise IT

Why do users choose Kubernetes? Open Source Community Frequent releases Resource efficiency Runs anywhere Fast deployments $ kubectl apply -f dir/

The Hybrid reality Traditional Virtualized Fully managed & optimized for Containers

What matters most? We want to move to the cloud Developer productivity, service innovation, scale, while navigating legacy and regulatory We need a between public and private We need applications & infrastructure Train once run everywhere Scalable management Developer flow should be consistent and fast, operations team needs to be efficient and scale across Retain programmatic control and transparency across public and on-premises

Kubernetes 1.8 and 1.9 Themes Stability & Conformance Security Extensibility

1.8 Features overview Maturing security (RBAC, Network policy) Changes to Apps and Batch workloads CRDs replace TPRs! Notable experimental features (Scheduling, Storage...) Progress on big data (Spark, GPUs)

Security: Auth Role Based Access Control (RBAC) is GA allows cluster administrators to dynamically define roles to enforce access policies through the Kubernetes API enforces organizational security requirements Users are bounds to roles (ClusterRoles and Roles) via bindings (ClusterRoleBindings and RoleBindings) supports custom roles if k8s default roles are not right for your organization

Network Policy Network Policy is beta specifies how groups of pods are allowed to communicate with each other and other network endpoints allow and block traffic to your pod through a NetworkPolicy resource filters outbound traffic through network policies enforces regulatory security requirements network policy is implemented with network plugins such as those by Calico, Weave, and Romana.

Stability: Workloads API The Road to GA extensions/v1beta1 apps/v1beta1 apps/v1beta2 apps/v1 (k8s v1.9) Deployment Deployment Deployment Deployment DaemonSet StatefulSet DaemonSet DaemonSet ReplicaSet ReplicaSet ReplicaSet... StatefulSet StatefulSet Legend: Recommended, Deprecated, Future

API Extensibility in 1.8 Client kube-apiserver service-catalog-apiserver Deployment ClusterServiceBroker CronJob ClusterServiceClass CustomResourceDefinition ServiceInstance EtcdCluster ServiceBinding A Brief History of the Cloud

Architecture of a Hybrid cloud Kubernetes Istio Open Service Broker Platform for deployment, scaling, and execution of containers Service mesh routing control plane Provision and bind to managed services Decouples development and deployment Decouples deployment and traffic management/security Decouples service producers and consumers Container-level policy enforcement and telemetry Endpoint-level policy enforcement and telemetry Service-level policy enforcement

Benefits Raised level of abstraction Decouples development and deployment Decouples deployment and traffic management/security Decouples service producers and consumers Developer focus Services not infrastructure Legacy and modern Open Multi-cloud Portable

Beyond Stability & Conformance Security -> Multi-tenancy Extensibility -> Build on top

Looking forward: Cloud-Ready 1. Start immediately without filing a ticket 2. Discover and reuse services managed by others 3. Easily secure applications 4. Recover quickly and imperceptibly from infrastructure errors 5. Pay for only the resources consumed 6. Develop / port to any platform that suits the application 7. Scale or degrade gracefully

Q&A

Scheduling Priority / Preemption in alpha Preempt (evict) lower priority pods for higher priority pods when pods are pending (unable to schedule pods in nodes) Create one or more PriorityClass(es) Create pods with PriorityClassName

Cluster Lifecycle: Kubeadm Easy upgrades beta kubeadm upgrade plan - shows which versions you can upgrade to kubeadm upgrade apply <version> - upgrades your cluster --dry-run - flag allows for a non-intrusive dry run of the upgrade Self Hosting is in alpha control plane components, api server, scheduler are workloads managed as k8s primitives (e.g. can run schedulers as a daemonset on all masters, rolling upgrades automatically upgrade control plane components, etc.) kubeadm join is in beta

Appendix

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback