How Plesk visited KubeCon
This year, Plesk decided to send a few people to KubeCon - the main Kubernetes event in the world. There are no specialized conferences in Russia on this topic. Of course, we are talking about K8s, and everyone wants it, but so many practicing companies in one place are not going anywhere else. I was one of the participants since I work on a platform based on Kubernetes.
The scale of the conference is amazing: 7000 participants, a huge exhibition center. The transition from one hall to another took 5-7 minutes. At the same time there were 30 reports on various topics. There were a huge number of companies with their stands, some played a lot of good and a few excellent prizes, and also distributed everything in the form of T-shirts, pens and other nice things. All communication was in English, but I did not experience any difficulties. If this is the only factor that prevents you from going to foreign conferences, feel free to ride. English in IT is simpler than ordinary English due to the abundance of familiar words that you write and read every day in code and documentation. In the perception of the reports, too, there were no problems. There was a lot of information in my head. By evening, I was reminded of a server on which a buffer overflow was used, and poured directly into the subconscious.
I want to talk briefly about the reports that I liked the most, and I would recommend them to look.
')
This report impressed me because it put pressure on severe pain. We have a lot of separate services, they are supported and developed by different people in a team. We follow infrastructure as a code, but there are some unresolved issues. There is a repository with the code for Ansible, but the current state and inventory are kept by the developer running the script on the machine, there are also credits. Some of the information can be found in confluence, but it’s not always obvious where. There is no place where you can just press a button, and it will be good. It is proposed to make a description and put in the repository not only the code, but also the deployment tools. Describe where to get state and credits, do make Install and enjoy the result. I would like more order in the services, I will follow the CNAB releases, use it myself, implement it, convince it. A good template for registration Readme in turnips.
A lot of information on the rake when writing operators. I consider the report a must-see for those who are going to write their own operator for Kubernetes. It takes into account all things like statuses, garbage collection, competition and everything. Very informative. I liked the quote from the persistent volumes Kubernetes code a lot:
K8s professes the complexity of integration in favor of ease of implementation.
This report reveals in detail one of the main architectural elements of the cluster - the control plane, namely a set of controllers. Their role and architecture, the basic principles of creating their own controller are described on the example of already existing ones.
Of the most original moments, the recommendation is not to disguise abnormal situations for correct controller behavior, but to change the behavior in some way in order to signal the system about the occurrence of problems.
Very interesting experience, a lot of information with recipes that need to be considered when you have a really high load. In Kubernetes, they climbed well, support 50 clusters. They told about all aspects of squeezing maximum performance. I recommend to see the report before making any technical decisions on clusters.
The report, after which I realized that Loki should definitely try for the logs in the cluster and, most likely, stay with him. The bottom line: elastic heavy. Grafana wanted to develop a lightweight, scalable solution suitable for debugging problems. The solution turned out to be elegant: Loki chooses meta information from Kubernetes (labels, like Prometheus), and spreads logs on them. Thus, you can select pieces of the log by service, find a specific sub, select a specific time, filter by error code. These filters work without full-text search. So, gradually narrowing the circle of the search, you can get to the specific error you need. In the end, the search is still involved, but since the circle is narrowed, there is enough speed without indexing. By clicking on it, the context is loaded - a couple of lines before and a couple of lines of the log after. Thus, it looks like a search for a file with logs and grep on it, but a little more convenient in the same interface as the metrics. Able to count the number of occurrences of the search query. The search queries themselves are similar to the language of Prometheus and look simple. The speaker drew our attention to the fact that the solution is not very suitable for analytics. I strongly advise you to see all who need logs, very easy flow.
The processes of the canary and blue-green deployment are very clearly shown. I advise you to see the report to those who have not yet penetrated. Presenters will present a solution in the form of an extension for the promising ARGO CI-CD system. English speaker speech from Russia is easier to listen to than the rest of the speakers.
One of the most difficult aspects of cluster management remains setting up security, in particular, access rights to resources. Built-in K8s primitives allow you to configure authorization, as you like. How painlessly keep them up to date? How to deal with what is happening with access rights, and debug created roles? This report not only provides an overview of several debugging authorization tools in k8s, but also provides general recommendations for building simple and effective policies.
I will not recommend. Some were captain, some were very difficult. I advise you to climb into this playlist and see everything that is marked as keynote. This will allow a wide view to cover the industry around Cloud Native Apps, and then press ctrl + f and search for keywords, companies, products and approaches of interest.
At the Haproxy stand I was presented with a t-shirt for my son. I doubt that because of this, I will replace haproxy in Nginx production, but I remembered them the most. Who knows what new owners will do with Nginx?
At the IBM booth, all three days were short reports, and they lured people, playing Oculus Go, Beats headphones and a quadrocopter. It was necessary to be on the stand for half an hour. Twice in three days he tried his luck - he did not fall out. Also, short reports were with VMWare and Microsoft.
At the booth, Ubuntu did what everyone seemed to be doing - was photographed with Shuttleworth. A sociable man was glad to learn that I have been using her since 8.04 and that the server has worked with her for 10 years without dist upgrade without a single break (but without access to the Internet).
Ubuntu saws its MicroK8s - Fast, Light, Upstream Developer Kubernetes microk8s.io
I could not get past the tired Dmitry Stolyarov, talked with him about the difficult everyday life of engineers who support Kubernetes. He will delegate the reading of reports to his colleagues, but he is preparing some kind of new presentation format. Called to subscribe to the channel Flanta on youtube.
A lot of money in the stands invested IBM, Cisco, Microsoft, VMWare. More modest stands were at open-air comrades. I talked at the stand with representatives of Grafana, persuaded me - you need to try Loki. In general, it seems that a full-text search in the logging system is needed only for analytics, and Loki-level systems are enough for trabbling. Talked to the developers of Prometheus. They do not plan to do a long storage of metrics and downsampling of data. It is advised to watch cortex and thanos as a means to solve. A lot of stands, it took a whole day to get around everyone. A dozen monitoring solutions as a service. Heels security services. Heel performance services. A dozen UI for Kubernetes. Many who provide k8s as a service. Everyone wants their piece of the market.
Amazon and Google rented patios with artificial grass on the roof, set up deck chairs there. Amazon distributed mugs and poured lemonade, and at the stand talked about innovations in working with spot instances. Google gave out cookies from the Kubernetes logo and made a cool photo zone, and on the stand fished for a large enterprise fish.
In love with Barcelona. I was there for the second time, the first time in 2012 on a sightseeing tour. This is surprising, but many facts have come to mind, I managed to tell a lot to my colleagues, I was a mini-guide. The clean sea air instantly saved me from allergies. Delicious seafood, paella, sangria. Very warm, sunny architecture. Small number of floors, a lot of greenery. During these three days we walked about 50 kilometers, we would like to walk around this city again and again. All this after the reports, in the evenings.
I am very glad that I had the opportunity to attend this conference. She laid out on the shelves that which had not been laid out before. Inspired, made some things obvious.
The thought was a red thread: Kubernetes is not an end point, but a tool. Platform for creating platforms.
And the main task of the entire movement: to build and run scalable applications
The main directions the community is working on have crystallized. Approximately, in due time, 12 factors appeared for applications, a list of what and how to do for the infrastructure as a whole appeared. If you want, you can call it trends:
These techniques allow building systems with such characteristics:
CNCF selects the best projects (small list) and drowns for such things:
Kubernetes is complicated. It is simple ideologically and piece by piece, but complex as a whole. No one showed all-in-one solutions. In the k8s market as a service, and in the rest of the market there is a wild west: they sell support for both $ 50 and $ 1000 a month. Everyone goes into some part and digs into it. Someone in monitoring and dashboards, someone in performance, someone in safety.
K8S, everything is just beginning!
About organization
The scale of the conference is amazing: 7000 participants, a huge exhibition center. The transition from one hall to another took 5-7 minutes. At the same time there were 30 reports on various topics. There were a huge number of companies with their stands, some played a lot of good and a few excellent prizes, and also distributed everything in the form of T-shirts, pens and other nice things. All communication was in English, but I did not experience any difficulties. If this is the only factor that prevents you from going to foreign conferences, feel free to ride. English in IT is simpler than ordinary English due to the abundance of familiar words that you write and read every day in code and documentation. In the perception of the reports, too, there were no problems. There was a lot of information in my head. By evening, I was reminded of a server on which a buffer overflow was used, and poured directly into the subconscious.
About reports
I want to talk briefly about the reports that I liked the most, and I would recommend them to look.
')
Intro to CNAB: Packaging for Multiple Toolchains - Chris Crone, Docker
This report impressed me because it put pressure on severe pain. We have a lot of separate services, they are supported and developed by different people in a team. We follow infrastructure as a code, but there are some unresolved issues. There is a repository with the code for Ansible, but the current state and inventory are kept by the developer running the script on the machine, there are also credits. Some of the information can be found in confluence, but it’s not always obvious where. There is no place where you can just press a button, and it will be good. It is proposed to make a description and put in the repository not only the code, but also the deployment tools. Describe where to get state and credits, do make Install and enjoy the result. I would like more order in the services, I will follow the CNAB releases, use it myself, implement it, convince it. A good template for registration Readme in turnips.
Keep the Space Shuttle Flying: Writing Robust Operators - Illya Chekrygin, Upbound
A lot of information on the rake when writing operators. I consider the report a must-see for those who are going to write their own operator for Kubernetes. It takes into account all things like statuses, garbage collection, competition and everything. Very informative. I liked the quote from the persistent volumes Kubernetes code a lot:
Controls for the Busy People Who Like Pictures - Google Smith
K8s professes the complexity of integration in favor of ease of implementation.
This report reveals in detail one of the main architectural elements of the cluster - the control plane, namely a set of controllers. Their role and architecture, the basic principles of creating their own controller are described on the example of already existing ones.
Of the most original moments, the recommendation is not to disguise abnormal situations for correct controller behavior, but to change the behavior in some way in order to signal the system about the occurrence of problems.
Running eBay's High-Performance Workloads with Kubernetes - Xin Ma, eBay
Very interesting experience, a lot of information with recipes that need to be considered when you have a really high load. In Kubernetes, they climbed well, support 50 clusters. They told about all aspects of squeezing maximum performance. I recommend to see the report before making any technical decisions on clusters.
Grafana Loki: Like Prometheus, But for logs. - Tom Wilkie, Grafana Labs
The report, after which I realized that Loki should definitely try for the logs in the cluster and, most likely, stay with him. The bottom line: elastic heavy. Grafana wanted to develop a lightweight, scalable solution suitable for debugging problems. The solution turned out to be elegant: Loki chooses meta information from Kubernetes (labels, like Prometheus), and spreads logs on them. Thus, you can select pieces of the log by service, find a specific sub, select a specific time, filter by error code. These filters work without full-text search. So, gradually narrowing the circle of the search, you can get to the specific error you need. In the end, the search is still involved, but since the circle is narrowed, there is enough speed without indexing. By clicking on it, the context is loaded - a couple of lines before and a couple of lines of the log after. Thus, it looks like a search for a file with logs and grep on it, but a little more convenient in the same interface as the metrics. Able to count the number of occurrences of the search query. The search queries themselves are similar to the language of Prometheus and look simple. The speaker drew our attention to the fact that the solution is not very suitable for analytics. I strongly advise you to see all who need logs, very easy flow.
How Does the K8s Controller Introduce Canary and Blue Green Deployments - Daniel Thomson
The processes of the canary and blue-green deployment are very clearly shown. I advise you to see the report to those who have not yet penetrated. Presenters will present a solution in the form of an extension for the promising ARGO CI-CD system. English speaker speech from Russia is easier to listen to than the rest of the speakers.
Smarter Kubernetes Access Control: A Simpler Approach to Auth - Rob Scott, ReactiveOps
One of the most difficult aspects of cluster management remains setting up security, in particular, access rights to resources. Built-in K8s primitives allow you to configure authorization, as you like. How painlessly keep them up to date? How to deal with what is happening with access rights, and debug created roles? This report not only provides an overview of several debugging authorization tools in k8s, but also provides general recommendations for building simple and effective policies.
Other reports
I will not recommend. Some were captain, some were very difficult. I advise you to climb into this playlist and see everything that is marked as keynote. This will allow a wide view to cover the industry around Cloud Native Apps, and then press ctrl + f and search for keywords, companies, products and approaches of interest.
There is a link to the playlist with reports, pay attention to it.
Youtube playlist
About company stands
At the Haproxy stand I was presented with a t-shirt for my son. I doubt that because of this, I will replace haproxy in Nginx production, but I remembered them the most. Who knows what new owners will do with Nginx?
At the IBM booth, all three days were short reports, and they lured people, playing Oculus Go, Beats headphones and a quadrocopter. It was necessary to be on the stand for half an hour. Twice in three days he tried his luck - he did not fall out. Also, short reports were with VMWare and Microsoft.
At the booth, Ubuntu did what everyone seemed to be doing - was photographed with Shuttleworth. A sociable man was glad to learn that I have been using her since 8.04 and that the server has worked with her for 10 years without dist upgrade without a single break (but without access to the Internet).
Ubuntu saws its MicroK8s - Fast, Light, Upstream Developer Kubernetes microk8s.io
I could not get past the tired Dmitry Stolyarov, talked with him about the difficult everyday life of engineers who support Kubernetes. He will delegate the reading of reports to his colleagues, but he is preparing some kind of new presentation format. Called to subscribe to the channel Flanta on youtube.
A lot of money in the stands invested IBM, Cisco, Microsoft, VMWare. More modest stands were at open-air comrades. I talked at the stand with representatives of Grafana, persuaded me - you need to try Loki. In general, it seems that a full-text search in the logging system is needed only for analytics, and Loki-level systems are enough for trabbling. Talked to the developers of Prometheus. They do not plan to do a long storage of metrics and downsampling of data. It is advised to watch cortex and thanos as a means to solve. A lot of stands, it took a whole day to get around everyone. A dozen monitoring solutions as a service. Heels security services. Heel performance services. A dozen UI for Kubernetes. Many who provide k8s as a service. Everyone wants their piece of the market.
Amazon and Google rented patios with artificial grass on the roof, set up deck chairs there. Amazon distributed mugs and poured lemonade, and at the stand talked about innovations in working with spot instances. Google gave out cookies from the Kubernetes logo and made a cool photo zone, and on the stand fished for a large enterprise fish.
About Barcelona
In love with Barcelona. I was there for the second time, the first time in 2012 on a sightseeing tour. This is surprising, but many facts have come to mind, I managed to tell a lot to my colleagues, I was a mini-guide. The clean sea air instantly saved me from allergies. Delicious seafood, paella, sangria. Very warm, sunny architecture. Small number of floors, a lot of greenery. During these three days we walked about 50 kilometers, we would like to walk around this city again and again. All this after the reports, in the evenings.
What is important to understand
I am very glad that I had the opportunity to attend this conference. She laid out on the shelves that which had not been laid out before. Inspired, made some things obvious.
The thought was a red thread: Kubernetes is not an end point, but a tool. Platform for creating platforms.
And the main task of the entire movement: to build and run scalable applications
The main directions the community is working on have crystallized. Approximately, in due time, 12 factors appeared for applications, a list of what and how to do for the infrastructure as a whole appeared. If you want, you can call it trends:
- Dynamic environments
- Public, hybrid and private clouds
- Container
- Service mesh
- Microservices
- Immutable infrastructure
- Declarative API
These techniques allow building systems with such characteristics:
- Data loss protected
- Elastic (adaptable to the load)
- Serviced
- Observed (three pillars: monitoring, logging, tracing)
- Having the ability to roll out major changes often and predictably safely.
CNCF selects the best projects (small list) and drowns for such things:
- Robust automation
- Open source code
- Freedom to choose a service provider
Kubernetes is complicated. It is simple ideologically and piece by piece, but complex as a whole. No one showed all-in-one solutions. In the k8s market as a service, and in the rest of the market there is a wild west: they sell support for both $ 50 and $ 1000 a month. Everyone goes into some part and digs into it. Someone in monitoring and dashboards, someone in performance, someone in safety.
K8S, everything is just beginning!
Source: https://habr.com/ru/post/455038/
All Articles