CS代写 Cloud Computing INFS3208

Cloud Computing INFS3208
Re-cap
• Microservices
• •
• • • •
Docker Compose Docker Swam
Docker Machine
Create a Swarm
Deploy Services to a Swarm Deploy a Stack to a Swarm
CRICOS code 00025B 2
2/09/2021
2

Cloud Computing INFS3208
Outline
• •
• • • •
Kubernetes (K8s)
Architecture: Master and Worker Nodes Pods
Replicasets & Deployment
Service
Storage
CRICOS code 00025B 3
2/09/2021
3

Cloud Computing INFS3208
Evolution of Kubernetes
• Amazon Web Services (AWS) changed the world when it brought us modern day cloud computing.
• Kubernetes ( (koo-ber-net-eez) or K8s in short) was originally designed by Google and is now maintained by the Cloud Native Computing Foundation (CNCF).
• K8s provides automating deployment, scaling and management of containerised applications across multiple hosts.
• It works with a range of container tools, including Docker.
2/09/2021
CRICOS code 00025B 4
4

Cloud Computing INFS3208
Why Kubernetes?
• Automated rollouts and rollbacks
• Storage orchestration
• Self-healing
• Service discovery and load balancing
• Horizontal scaling

CRICOS code 00025B 5
2/09/2021
5

Cloud Computing INFS3208
Outline
• •
• • • •
Kubernetes (K8s)
Architecture: Master and Worker Nodes Pods
Replicasets & Deployment
Service
Storage
CRICOS code 00025B 6
2/09/2021
6

2/09/2021
Cloud Computing INFS3208
Kubernetes Architecture
Master Node (Control Plane)
• Multi-master high availability (HA) is a must have
• Scheduling, detect, or respond to cluster events
API Server
• Central component
• Provides k8s APIs and authentication
Source: https://knowitinfo.com/what-is-kubernetes-control-plane/
CRICOS code 00025B 7
7

Cloud Computing INFS3208
Kubernetes Architecture
Master Node (Control Plane)
• Multi-master high availability (HA) is a must have
• Scheduling, detect, or respond to cluster events
Scheduler
• Watch for the unassigned ‘task’
• Assign it to a node which has available resources (CPU & memory) matching the requirement
• Perform predicate checks and rank nodes
Source: https://knowitinfo.com/what-is-kubernetes-control-plane/
CRICOS code 00025B 8
2/09/2021
8

Cloud Computing INFS3208
Kubernetes Architecture
Master Node (Control Plane)
• Multi-master high availability (HA) is a must have
• Scheduling, detect, or respond to cluster events
Controller manger
• Node controller
• ReplicaSet (Replication) controller
• Endpoint controller
• Namespace controller
Etcd
• consistent and highly-avail key value store (cluster info)
Source: https://knowitinfo.com/what-is-kubernetes-control-plane/
CRICOS code 00025B 9
2/09/2021
9

Cloud Computing INFS3208
Kubernetes Architecture
Worker Node
1. Watch the API server for new work assignments
2. Executenewworkassignments
3. Report back to the control plane (via the API server)
Kubelet
• Core agent; runs on every worker nodes in the cluster
• Register the node with the cluster
• Watch the API server, execute the task, maintain the reporting channel
• Reports task failure
Source: https://knowitinfo.com/what-is-kubernetes-control-plane/
CRICOS code 00025B 10
2/09/2021
10

Cloud Computing INFS3208
Kubernetes Architecture
Worker Node
1. Watch the API server for new work assignments
2. Executenewworkassignments
3. Report back to the control plane (via the API server)
Container Runtime
• Perform container-related tasks
• Other choices e.g., Kata and containerd
Kube-proxy
• Responsible for local cluster networking
• Make sure each node gets its unique IP address
• Handle routing and load-balancing (IPTABLES / IPVS)
Source: https://knowitinfo.com/what-is-kubernetes-control-plane/
CRICOS code 00025B 11
2/09/2021
11

Cloud Computing INFS3208
Packing Apps for Kubernetes
For an application to run on a Kubernetes cluster…
1. Being packaged as a container
2. Being wrapped in a Pod
3. Being deployed via a declarative manifest file
CRICOS code 00025B 12
2/09/2021
12

Cloud Computing INFS3208
Outline
• •
• • • •
Kubernetes (K8s)
Architecture: Master and Worker Nodes Pods
Replicasets & Deployment
Service
Storage
CRICOS code 00025B 13
2/09/2021
13

Cloud Computing INFS3208
What is a Pod?
• The atomic unit of scheduling in K8s – Pod • ContainersmustalwaysruninsideofPods
https://kubernetes.io/docs/concepts/workloads/pods/
CRICOS code 00025B 14
2/09/2021
• •
Literally, Pod: a group of whale
Simplest model: one container per Pod; Advanced use cases that run multiple containers inside a single Pod
• e.g.,helpercontainerthatpullsthelatest content
14

Cloud Computing INFS3208
What is a Pod?

Multiple containers in a Pod share the same Pod environment

https://kubernetes.io/docs/concepts/workloads/pods/
CRICOS code 00025B 15
2/09/2021
• • •
Networking, as a unique cluster IP address Shared storage, as Volumes
Information about how to run each container,
(e.g. the container image version or specific ports to use)
15

Cloud Computing INFS3208
What is a Pod?
• Scaling:Podsareminimumunitofscaling • Deployment:AsinglePodcanonlybe
2/09/2021

scheduled to a single node
Lifecycle: is associated with a new ID and IP address
For an application to run on a Kubernetes cluster…
1. Being packaged as a container
2. Being wrapped in a Pod
3. Being deployed via a declarative manifest file
https://kubernetes.io/docs/concepts/workloads/pods/
CRICOS code 00025B 16
16

Cloud Computing INFS3208
Declarative v.s. Imperative
• The declarative model and the concept of desired state are at the very heart of K8s.
• In K8s, the declarative model works like:
Manifest File (YAML)
1.Declare the desired state of an application (microservice) in a manifest file 2.POST it to the API server
2/09/2021
https://kubernetes.io/docs/concepts/workloads/pods/
CRICOS code 00025B 17
17

Cloud Computing INFS3208
Declarative v.s. Imperative
• The declarative model and the concept of desired state are at the very heart of K8s.
• In K8s, the declarative model works like:
2/09/2021
Manifest File (YAML)
Implement the desired state & add watch loop
3. Kubernetes stores it in the Etcd as the application’s desired state
4. Kubernetes implements the desired state on the cluster
5. Kubernetes implements watch loops -> current state of the application doesn’t vary from the desired state
CRICOS code 00025B 18
18

Cloud Computing INFS3208
Declarative v.s. Imperative
• Imperativemodel:issuelonglistsofplatform-specificcommandstobuildthings • Declarative model:
• Simpler: concise file vs long scripts of imperative commands • Self-healing
• Scaling
• Versioncontrol
•…
For an application to run on a Kubernetes cluster…
1. Being packaged as a container
2. Being wrapped in a Pod
3. Being deployed via a declarative manifest file
2/09/2021
CRICOS code 00025B 19
19

Cloud Computing INFS3208
Example: Setup for Deployments
• Test playground: Play with Kubernetes (https://labs.play-with-k8s.com/)
• HostedKubernetes:zero-effortproduction-gradeKubernetesasyouwillget,e.g.,
• GCP: Google Kubernetes Engine (GKE), AWS: Elastic Kubernetes Service (EKS)
CRICOS code 00025B 20
2/09/2021
20

Cloud Computing INFS3208
Example: Setup for Deployments
• Sometoolsarepre-installed:Kubectl(Kubernetesclient)&Kubeadm(createcluster)
https://kubernetes.io/docs/reference/kubectl/cheatsheet/
2/09/2021
CRICOS code 00025B 21
21

Cloud Computing INFS3208
Example: Setup for Deployments
• Sometoolsarepre-installed:Kubectl(Kubernetesclient)&Kubeadm(createcluster)
2/09/2021
MiniKube: Easy to install, light; Single-node only
https://kubernetes.io/docs/tutorials/kubernetes-basics/create- cluster/cluster-interactive/
Kubeadm: production-level; Hard Installation, heavy
CRICOS code 00025B 22
22

Cloud Computing INFS3208
Example: Setup for Deployments
• Sometoolsarepre-installed:Kubectl(Kubernetesclient)&Kubeadm(createcluster) Play-with-k8s Playground
Tips: ctrl + insert = copy shift + insert = paste
CRICOS code 00025B 23
2/09/2021
23

Cloud Computing INFS3208
Demo: Try it Yourself
• Now let’s go to the playground and give it a try Play-with-k8s Playground (https://labs.play-with-k8s.com/)
CRICOS code 00025B 24
2/09/2021
24

Cloud Computing INFS3208
Demo: Try it Yourself
• Now let’s go to the playground and give it a try Play-with-k8s Playground
• Thisisbecauseyouhaven’tconfiguredthePodnetworkyet
Tips: ctrl + insert = copy shift + insert = paste
2/09/2021
CRICOS code 00025B 25
25

Cloud Computing INFS3208
Demo: Try it Yourself
• Create a Pod with Mongo in an imperative way Creating
Running
2/09/2021
CRICOS code 00025B 26
26

Cloud Computing INFS3208
Demo: Try it Yourself
• Create a Pod with Mongo in an declarative way
2/09/2021
Pod.yml
Mandatory keywords:
• apiVersion: version of Pod API
• kind: type of object
• Metadata: a name and labels
• spec: define the container
CRICOS code 00025B 27
27

Cloud Computing INFS3208
Pod’s scheduling sequence
CRICOS code 00025B 28
2/09/2021
28

Cloud Computing INFS3208
Outline
• •
• • • •
Kubernetes (K8s)
Architecture: Master and Worker Nodes Pods
Replicasets & Deployment
Service
Storage
CRICOS code 00025B 29
2/09/2021
29

Cloud Computing INFS3208
Deployments
Deployment controller
• Deployment: object type in K8s API
• Use Replicasets provide self- healing and scaling
Replicasets controller
• Ensure the specified number of replicas of a service are always running
CRICOS code 00025B 30
2/09/2021
30

Cloud Computing INFS3208
Deployments
2/09/2021
CRICOS code 00025B 31
31

Cloud Computing INFS3208
Demo: Google Kubernetes Engine (GKE) – Create a Cluster
CRICOS code 00025B 32
2/09/2021
32

Cloud Computing INFS3208
Demo: GKE – Create a Cluster
2/09/2021
CRICOS code 00025B 33
33

Cloud Computing INFS3208
Demo: GKE – Log in using Cloud Shell
CRICOS code 00025B 34
2/09/2021
34

2/09/2021
Cloud Computing INFS3208
Demo: Deploy Replicasets
Replicaset YAML file
• apiVersion, kind, metadata • spec:
• replicas: desired number of replicas
• selector: select which pods should be
included
• template: required field, same schema as a Pod specification
CRICOS code 00025B 35
35

Cloud Computing INFS3208
Demo: Deploy Replicasets
CRICOS code 00025B 36
2/09/2021
36

Cloud Computing INFS3208
Demo: Deploy Replicasets – Self-healing
• Destroy a Pod in the cluster as a simulation of failure
2/09/2021
CRICOS code 00025B 37
37

Cloud Computing INFS3208
Deployments
Deployment controller
• Deployment: object type in K8s API
• Use Replicasets provide self- healing and scaling
CRICOS code 00025B 38
2/09/2021
38

Cloud Computing INFS3208
Deployments
2/09/2021
CRICOS code 00025B 39
39

2/09/2021
Cloud Computing INFS3208
Demo: Deployments
Deployment YAML file
• minReadySeconds: minimum number of seconds before Kubernetes starts considering the Pods healthy
• revisionHistoryLimit
• strategy: RollingUpdate/Recreate
CRICOS code 00025B 40
40

Cloud Computing INFS3208
Demo: Deployments
2/09/2021
CRICOS code 00025B 41
41

Cloud Computing INFS3208
Demo: Deployments – Rolling Updates
2/09/2021
CRICOS code 00025B 42
42

Cloud Computing INFS3208
Outline
• •
• • • •
Kubernetes (K8s)
Architecture: Master and Worker Nodes Pods
Replicasets & Deployment
Service
Storage
CRICOS code 00025B 43
2/09/2021
43

2/09/2021
Cloud Computing INFS3208
Service
Motivation
• There are no communication path
• Pods are unreliable
• gets a new address
Definition
• Services provide reliable networking for a set of Pods
CRICOS code 00025B 44
44

2/09/2021
Cloud Computing INFS3208
Service
• REST object in the API that you define in a manifest and POST to the API server
• Every Service gets its own stable IP address, its own stable DNS name and its own stable port.
• Leverage labels to dynamically select the Pods they will send traffic to.
CRICOS code 00025B 45
45

Cloud Computing INFS3208
Kubernetes Master Kubernetes Nodes
2/09/2021
Service
CRICOS code 00025B 46
46

2/09/2021
Cloud Computing INFS3208
Service
Container tries to connect…
Visit Kube-dns
Kubelet configured the nameserver
Iptables maintained by kube-proxy
Iptable forwards request to just one endpoint
CRICOS code 00025B
47
47

Cloud Computing INFS3208
Service
Create services by exposing ports
2/09/2021
• ClusterIP (default): expose the port only inside the cluster
• NodePort: expose the target port on every node to the outside
• LoadBalancer: only useful when combined with cloud provider’s load balancer
CRICOS code 00025B 48
• Specified -> expose a deployment object
• Name it as ‘cc-demo-service’
• The port to expose (28017 for Mongodb)
48

Cloud Computing INFS3208
Service
Create services with YAML file (kubectl apply –f service.yml)
https://kubernetes.io/docs/concepts/services-networking/ingress/
2/09/2021
CRICOS code 00025B 49
49

Cloud Computing INFS3208
Outline
• •
• • • •
Kubernetes (K8s)
Architecture: Master and Worker Nodes Pods
Replicasets & Deployment
Service
Storage
CRICOS code 00025B 50
2/09/2021
50

Cloud Computing INFS3208
Kubernetes Storage
• Persistent Volume Subsystem:
2/09/2021
https://kubernetes.io/docs/concepts/storage/persistent-volumes/ https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volumes.html
• PersistentVolume(PV):howyou map external storage onto the cluster; resource
• PersistentVolumeClaim(PVC):a request for storage by a user; claim checks to the resource
CRICOS code 00025B 51
51

2/09/2021
Cloud Computing INFS3208
Kubernetes Storage
https://kubernetes.io/docs/concepts/storage/persistent-volumes/
1. Create the PV.
2. Create the PVC.
3. Define the volume.
4. Mount it into a container.
CRICOS code 00025B 52
52

Cloud Computing INFS3208
Kubernetes Storage
2/09/2021
•ReadWriteOnce (RWO) •ReadWriteMany (RWM) •ReadOnlyMany (ROM)
https://kubernetes.io/docs/concepts/storage/persistent-volumes/
gke-pv.yml
CRICOS code 00025B 53
53

Cloud Computing INFS3208
Kubernetes Storage
Persistent Volume Claim: like a ticket that grants the Pod to the PV
https://kubernetes.io/docs/concepts/storage/persistent-volumes/
CRICOS code 00025B 54
2/09/2021
54

Cloud Computing INFS3208
Kubernetes vs Docker Swarm
2/09/2021
https://medium.com/edureka/kubernetes-vs-docker-45231abeeaf1
Source: quarterly report on developer trends in the cloud by Digital Ocean
CRICOS code 00025B 55
55

Cloud Computing INFS3208
Review
• •
• • • •
Kubernetes (K8s)
Architecture: Master and Worker Nodes Pods
Replicasets & Deployment
Service
Storage
CRICOS code 00025B 56
2/09/2021
56

Cloud Computing INFS3208
What’s Next?
Getting more hands-on practice
• Play with Kubernetes classroom: https://training.play-with-kubernetes.com/kubernetes- workshop/
2/09/2021
Getting prepared for certification
• https://cloud.google.com/certification/cloud-architect Remember to stop GKE clusters when not in use…
CRICOS code 00025B 57
57

Cloud Computing INFS3208
What’s Next?
A few more things to explore…
• Kubernetes Dashboard (https://kubernetes.io/docs/tasks/access-application-cluster/web-ui- dashboard/)
2/09/2021
• •
ConfigMaps (https://kubernetes.io/docs/concepts/configuration/configmap/)
Threat Modeling (https://kubernetes.io/docs/tasks/administer-cluster/securing-a-cluster/)
https://kubernetes.io/docs/concepts/configuration/configmap/
CRICOS code 00025B 58
58

Cloud Computing INFS3208
Tutorial & Practical for Week 6
Tutorial 5 (Week 6)
1. Please describe what Kubernetes (K8s) is.
2. What are the motivations of using Kubernetes?
3. Please describe the components and their functions in a Kubernetes cluster?
4. Please generally summarise the workflow of Kubernetes
Practical 5 (Week 6)
1. Use Docker commands to deploy a PHP-based web development environment with four containers.
2. Consultation for A1
CRICOS code 00025B 59
2/09/2021
59

Cloud Computing INFS3208
Next (Week 7) Topic:
Databases in Cloud Computing NoSQL: Redis & MongoDB
CRICOS code 00025B 60
2/09/2021
60