Build Systems that Drive Business
30–31 Oct 2018: Training
31 Oct–2 Nov 2018: Tutorials & Conference
London, UK

Your path to production-ready Kubernetes (Day 2)

Brice Fernandes (Weaveworks)
Location: Hilton Meeting Room 5/6

Who is this presentation for?

You are starting out with Kubernetes. You may have set up your first cluster or used a cloud provider like Google’s GKE, and want to have a clear path to bringing Kubernetes to production for your team. It will be suitable for application developers, operations engineers and the DevOps engineers who do both. You do not need hands-on experience with kubernetes.

Prerequisite knowledge

In order to profit from this workshop you will need to be able to:

  • Read and write basic programs
  • Use Git fluently
  • Use the command line

What you'll learn

After this training, attendees will be able to:

  • Deploy applications to a Kubernetes cluster with confidence
  • Instrument existing applications for monitoring
  • Create Dashboards and alerts for Kubernetes workloads
  • Implement tracing and log collection for Kubernetes workloads
  • Setup and manage Continuous deployment on Kubernetes

Description

DAY ONE

0900-0930 Welcome & introduction

  • Background & Scene setting
  • Question for audience about their experience and struggles
  • Incidents we moved through

0930-1000 Getting started with your environment

  • Logging in
  • Quick tour
  • Talking to Kubernetes

1000-1030 Intro to Kubernetes

  • Kubernetes concepts (Nodes, Pods, Services, Namespaces)

1030-1100 Break

1100-1200 Releasing a kubernetes Service

  • Creating the manifests
  • Using Kubectl to apply the service
  • Exposing the service outside the cluster

1200-1230 Monitoring with Prometheus

  • Monitoring vs Observability
  • Prometheus
  • Models of monitoring
  • Metrics that matter: RED/USE

1230-1330 Lunch

1330-1430 Prometheus in practice

  • Instrumenting an application for monitoring
  • Using the Prometheus Query Language
  • Creating dashboards

1430-1500 Advanced Kubernetes

  • Ingress controllers
  • Resource requests and limits
  • Labels, taints and affinity
  • Rolling updates
  • Readiness probes
  • Disruption budgets
  • Storage with Volumes

1500-1530 Break

1530-1600 Devops and Gitops

  • The Gitops model
  • Git as canonical source of truth
  • Useful properties of Gitops (Compliance, auditability, etc…)
  • Separation of privilege

1600-1700 Setting up continuous deployment

  • Setting up CD for dashboards
  • Using Grafanlib to generate dashboards

1700-1730 Review and recap

  • Kubernetes basics
  • Running applications and defining services
  • Monitoring with Prometheus
  • Gitops
  • Setting up CD for Kubernetes

DAY 2

0900-0930 What is “Production Ready"

  • Cluster checklist – What matters in a production cluster
  • App checklist – What matters when releasing an app

0930-1030 Alerts that matter

  • Alerting with Prometheus
  • Helpful dashboards
  • Defining and using a playbook

1030-1100 Break

1100-1130 Observability in Kubernetes

  • Instrumenting code use cases (HPA and Istio Canary)
  • Structured logging aggregation (Fluentd and Prometheus)

1130-1230 Building for observability

  • Logging aggregation with the ELK stack
  • Tracing with Opentracing and Jaeger

1230-1330 Lunch

1330-1400 Advanced Deployment Patterns

  • Canary deploys
  • Blue/Green deploys
  • A/B testing

1400-1430 Kubernetes Security

  • Restricting operators access to management API
  • Applications RBAC
  • Using K8s security groups
  • Network policies

1430-1500 Implementing Security

  • Setting up client certificates
  • Creating Roles and RoleBindings
  • Using an external authorisation provider with webhooks

1500-1530 Break

1530-1700 Practical recap: Setting up a production cluster from scratch
From a cluster with kubernetes only, set up a production-ready cluster and deploy an instrumented application

1700-1730 Final recap and further resources

  • Production ready checklists
  • Observability
  • Deployment patterns
  • Security
  • Things not covered
  • Further resources
Photo of Brice Fernandes

Brice Fernandes

Weaveworks

Brice Fernandes is a senior engineer at Weaveworks, where he spends his professional time helping companies understand GitOps and make the most of Kubernetes. Brice fell in love with programming while studying physics and never really looked back. He has a broad technology background that covers everything from embedded C to backendless browser apps using the trendiest JavaScript frameworks. Before joining Weaveworks, he taught game development and functional programming online and founded his own education platform for developers.