from code to kubernetes
TRANSCRIPT
From Code to Kubernetes
About UsArt Richards
CTO - truckin.io
Agenda
● Scenario and Architecture● Technologies● Challenges● Results● Foundations● Infrastructure as Code● Configuration Management● Building and Deployments● Application Debugging using Weavescope● Demo - From code to Kubernetes● Future● QA
git push
Scenario and Architecture
Distributed Teams
Early stages products
Greenfield projects
One man's operations team
Priorities vs Resources
Deployments Lifecycle
10+Non-production deployments per day
8 ProjectsFrontend, Backend API, Android
Development, Test, Staging, Demo and Production
WeeklyProduction deployments
(mobile, frontend and backend)
Technologies
Applications
Infrastructure
Challenges
● CI/CD Pipeline
● Infrastructure as Code
● Isolated Environments (Dev, Test, Demo, Staging, Production)
● Unified orchestrator for builds and deployments processes
● Integrations
● Easy application debugging
● Automation
Results
Foundations
IaaSCloud Provider
ResourcesNetwork, Instances, IAM, Disk, Registry, Kubernetes Cluster
Software, Packages and ConfigsSalt Master, Salt Minion, Docker, Postgresql and Elasticsearch
Pro
visi
onin
g O
rder
Desired StateMinions, API, Reactor, Integrations
Let's talk about provisioning
Infrastructure as Code
IaaSCloud Provider
ResourcesNetwork, Instances, IAM, Disk, Registry, Kubernetes Cluster
Software, Packages and ConfigsSalt Master, Salt Minion, Docker, Postgresql and Elasticsearch
Pro
visi
onin
g O
rder
Desired StateMinions, API, Reactor, Integrations
Basic network resources configuration file
variable
● Command line tool (apply, plan, destroy)
● Multiples Providers
● Config based resources
● Usage of Variables
● Dependencies Graph
● Execution Plan
● Resource Creation in Parallel
● Multiples Provisioners
● Detailed Output
dependency
Terraform output
Configure 'Em AllNetwork, Firewall, Subnetworks, Instances,
Buckets, Disks, Kubernetes Cluster, Services Accounts and IAM
Configuration Management
IaaSCloud Provider
ResourcesNetwork, Instances, IAM, Disk, Registry, Kubernetes Cluster
Software, Packages and ConfigsSalt Master, Salt Minion, Docker, Postgresql and Elasticsearch
Pro
visi
onin
g O
rder
Desired StateMinions, API, Reactor, Integrations
SaltStack Open Sourcehttps://docs.saltstack.com/en/latest/
Master
MinionOperator
MinionPostgresql
MinionBuilder
MinionElastic
G@roles:builder and G@environment:test
Selectors
Master
MinionBuilder
Executed imperatively via command line or reactively via Salt Reactor.
salt cli selector command
Salt Pillars"Offer global values that can be distributed to minions"
Salt States"The SLS is a representation of the state in which a system should be in, and is
set up to contain this data in a simple format."
state ID
modulename.command
arguments
Using defined pillars within states
● Introducing the map.jinja file
● Passing pillars values when compiling states
Output to MinionParse + Merge
SaltStack Compilation Process
+ =Pillarsdictionaries
Statesjinja2
Low Data
Parse
Gitfs"The gitfs backend allows Salt to serve files from git repositories."
push 15s
Master
Gitfs
Putting all together
Desired State● 8 VMs
○ Salt Master○ Operator○ Builder○ Postgresql○ Elasticsearch○ 3 Kubernetes nodes
● 2 Persistent Data Disks: 500GB attached to PG and ELS● 1 Kubernetes Cluster● Network
○ Required Firewall Rules○ 2 Subnets
● 2 IAM/Service Accounts: Pull/Push Docker Registry
Complete Cloud Provision Flow
NetworkFirewall, Subnets, Static IPs,
...
InstancesSalt Master, Salt Minion,
Postgresql, Elasticsearch, Builder, Operator
KubernetesCluster
Nodes, Firewall Rules, K8S Master and Workers
● $ terraform apply
Salt states are applied just after an instance is created, based on its "role" specified in the grains config
Core resources are created during this phase
Creates the initial cluster state based on the number of nodes specified
Work is done!
Google Cloud Admin Panel
Kubernetes Dashboard
Show me the flow!
Salt API
https
http
s
ssh
Builder
Operator
runnersreactor
Event Hubhttps
Building and Deploying
Kubernetes Objects"Kubernetes Objects are persistent entities in the Kubernetes system. Kubernetes uses these entities to represent the state of your cluster."
Kubernetes objects
● Abstracts: deployments, services, replica sets, ingress, ...
● Generated on the fly by Salt using templates
● Final .yaml file compiled including pillars and arguments
● $ kubectl apply -f mysite-development.yaml
● Garbage collector
deploymentV1.yaml
Builder
1 2
3
4 5
67
8
Code to Image FlowRegistry
Reactor
push
state.apply
notifynotify
notify
push notify
Operator
Kubernetes Deployment Flow
Registry
Reactor (Post Build)
Pullkubectlstate.apply12 4
notify3
5
notify6
Build
Build
Rollback
Application Debugginghttps://www.weave.works/products/weave-scope/
DemoLive from code to Kubernetes!
FutureWhat must be improved?
● Error Handling● Credentials Management● Logging and Monitoring● On Demand Environments● Terraform File Refactoring● Implement Production● Rollout Deployments ● Postgresql Cluster● Elasticsearch Cluster● ...
Wrap upWhat I've seen so far?
● Automated provision
● Infrastructure as Code
● Event driven environment
● Fast delivery cycle
● Isolated environments
● Application Debugging
● ChatOps
Final Words
Doesn't have to be perfect from day 0!
Pick up the right people
"When you get into one of these groups, there's only a couple of ways you can get out: one is death, the other is mental institutions..." - Devops Engineer testimonial
LinksSaltstack - https://saltstack.com
Salt States - https://docs.saltstack.com/en/latest/topics/tutorials/starting_states.html
Salt Pillars - https://docs.saltstack.com/en/latest/topics/pillar/
Terraform - https://www.terraform.io/intro/index.html
Weavescope - https://www.weave.works/products/weave-scope
Kubernetesio - http://kubernetes.io
Jenkins CI - https://jenkins.io
Docker - https://docker.com
Google Cloud Platform - cloud.google.com
GCP Calculator - https://cloud.google.com/products/calculator/
Danke Schön!
Questions?