Upload
coreos
View
216
Download
0
Embed Size (px)
Citation preview
digitalocean.com
Betting on Kubernetes:DigitalOcean’s journey from adoption to production
Joonas Bergius@joonas
Where we started
digitalocean.com
digitalocean.com
digitalocean.com
DeploymentProliferation of deployment tooling lead to inconsistent deployment capabilities from service to serviceSoftware deployment via configuration management took hours and was quite unreliableWriting the code to deploy new services could take up to as long as writing the software itself in the worst case“Total Ownership” model meant that every team needed to be experts in configuration management as well
Orchestration focused on servers rather than servicesMismatch how software was run at various stages of the lifecycle from developer laptops to production serversDependencies became increasingly intertwined making software upgrades difficult at best, near impossible at worstLack of consistent observability across services lead engineers needing direct access to the servers
digitalocean.com
Operability
digitalocean.com
Droplets launched
Ability to experiment with new features and services in matter of hours, not in days or weeksImproving visibility into the impact a given feature or service has on the wholeEmpower teams to deliver their work from end-to-end independent of other teamsCapability to quickly scale our services to be able to meet the ever-increasing customer demand digitalocean.com
Business needs
digitalocean.com
Coming up with a solution
digitalocean.com
Candidates
API-driven for automationCommunity engagementEase of operabilityFirst-class container supportFeature-compatibility with our existing toolingProduction-grade
digitalocean.com
Evaluation criteria
Built from the ground up to be API-firstExtremely engaged community and unparalleled
teamQuite involved to deploy and manage, but built with
GoBuilt on 10 years experience running containers at
GoogleRich feature set that surpassed our existing toolingReady for prime time
digitalocean.com
How Kubernetes stacked up
digitalocean.com
digitalocean.com
Refining our solution
digitalocean.com
Curate subset of Kubernetes features: Smaller feature set makes for a simplified user experience.
Focus on stateless services: Self-healing, automated remediation of service disruptions.
Declarative deployments: Each deploy is separate and immutable.
Abstract operational plumbing: Plugin to existing alerting, logging & metrics infrastructure.
digitalocean.com
Guiding principles
digitalocean.com
docc: a tool for deploying containerized, stateless applications
Enables users to describe their application: number of instances, ports to expose, environment variables to pass in, resource usage, etc.
Provides a way to configure the infrastructure plumbing: How to collect metrics, what and where to alert on, how the service should be made available to the outside.
Drives accountability and provides insight by requiring each
service to have a maintainer listed.digitalocean.com
docc requires a manifest
digitalocean.com
Tectonic Summit application
digitalocean.com
Kubernetes resources
Deployment ReplicaSetPodPodPod
digitalocean.com
Exposing a Service
digitalocean.com
Kubernetes resources:Exposing a Service
Deployment ReplicaSetPodPodPod
Servicetectonic-summit:8080
Endpoint
digitalocean.com
digitalocean.com
Kubernetes resources:Ingress connectivity
Deployment ReplicaSetPodPodPod
Servicetectonic-summit:8080
Endpoint
Ingresstectonic-summit-2016
digitalocean.com
kube-apiserverkube-apiserverkube-
apiserver
controllers
doccserver
ingress
docc
kubectl
kubelet
digitalocean.com
Reflecting on the past 12 months
50 applications deployed to production in past 6 months
Reduced time-to-deploy from days and weeks to hours
Service coverage across all of our datacentersPowered 2-day internal hackathon:
a. 154 docc deploys during that timeb. 16 new applications on docc digitalocean.com
Accomplishments so far
Kubernetes moves really fast, find ways to keep upGet involved in the community earlyInvest heavily into automation for managing clustersBring in the professionals early to kickstart your
journeyBuild on top of Kubernetes to make it your own, it was made for thatThis is great company to be in
digitalocean.com
Lessons learned
Service mesh using linkerdNetwork Policies using CalicoSecure secret storage using HashiCorp Vault
digitalocean.com
Investing in the future
digitalocean.com
– Tommy Murphy
“Reduce developer decision fatigue so they can make decisions that matter.”
digitalocean.comFatih Sneha Dan
Mac Tommy
Team
Thank you!