Portable Apps across IBM Kubernetes Service and IBM Cloud Private (#Think2019 #5956)
- 1. Portable Apps across IBM Kubernetes Service
and IBM Cloud Private (#5956A)
—
Dan Berg
IBM Distinguished Engineer,
IBM Cloud Kubernetes Service
@dancberg
Michael Elder
IBM Distinguished Engineer – IBM Multicloud Platform
@mdelder
Think 2019 / DOC ID / Month XX, 2019 / © 2019 IBM Corporation
- 2. IBM’s statementsregarding itsplans, directions, andintent are subject to change or withdrawal without
notice andat IBM’s sole discretion.
Information regarding potential future productsisintended to outline our general product direction andit
should not be reliedon in making a purchasing decision.
The information mentionedregarding potential future productsisnot a commitment, promise, or legal
obligation to deliver any material, code or functionality. Information about potential future productsmaynot
be incorporatedinto any contract.
The development, release, and timing of anyfuture featuresor functionalitydescribedfor our products
remainsat our sole discretion.
Performance isbasedon measurementsandprojectionsusing standard IBM benchmarksin a controlled
environment. The actual throughput or performance that anyuser will experience will vary depending upon
manyfactors, including considerations such as the amount of multiprogramming in the user’sjobstream,
the I/O configuration, the storage configuration, andthe workloadprocessed. Therefore, no assurance can
be given that an individual user will achieve results similar to those statedhere.
2
Please note
- 3. Notices and disclaimers
3Think 2019 / DOC ID / Month XX, 2019 / © 2019 IBM Corporation
© 2018 International BusinessMachinesCorporation. No part of this
document maybe reproducedor transmittedin any form without
written permission from IBM.
U.S. Government Users Restricted Rights — use,duplication or
disclosure restricted by GSA ADP Schedule Contract with IBM.
Information in these presentations(including information relating to
products that have not yet been announcedby IBM) hasbeen reviewed
for accuracyasof the date of initial publication andcouldinclude
unintentional technical or typographical errors. IBM shall have no
responsibility to update this information. This document is distributed
“as is” without any warranty, either express or implied.In no event,
shall IBM be liable for any damage arising from the use of this
information, including but not limited to, loss of data, business
interruption, loss of profit or loss of opportunity.IBM products and
servicesare warrantedper the termsand conditionsof the agreements
under which they are provided.
IBM productsare manufacturedfrom newpartsor new and used parts.
In some cases, a product may not be new and mayhave been previously
installed. Regardless, our warrantytermsapply.”
Any statements regarding IBM's future direction,intent or product
plans are subject to change orwithdrawal without notice.
Performance data containedherein wasgenerallyobtainedin a
controlled, isolated environments. Customer examplesare presented as
illustrationsof how those customershave used IBM productsand the
results they mayhave achieved. Actual performance, cost, savingsor
other results in other operating environmentsmay vary.
Referencesin thisdocument to IBM products, programs, or services
does not implythat IBM intends to make such products, programsor
servicesavailable in all countriesin which IBM operatesor does
business.
Workshops, sessions and associatedmaterialsmayhave been prepared
by independent session speakers, and do not necessarily reflect the
views of IBM. All materialsanddiscussions are provided for
informational purposesonly, andare neither intendedto, nor shall
constitute legal or other guidance or advice to any individual participant
or their specific situation.
It isthe customer’sresponsibility to insure itsown compliance
with legal requirementsand to obtain advice of competent legal counsel
as to the identification andinterpretation of anyrelevant lawsand
regulatoryrequirementsthat may affect the customer’sbusinessand
any actionsthe customer mayneed to take to complywith such
laws. IBM does not provide legal advice or represent or warrant that its
servicesor products will ensure that the customer follows any law.
- 4. Notices and disclaimers
continued
4Think 2019 / DOC ID / Month XX, 2019 / © 2019 IBM Corporation
Information concerning non-IBM products was obtainedfrom the
suppliers of those products, their published announcementsor other
publicly available sources. IBM has not tested those products about this
publication andcannot confirm the accuracyof performance,
compatibilityor anyother claimsrelatedto non-IBM products.
Questions on the capabilities of non-IBM productsshould be addressed
to the suppliers of those products. IBM does not warrant the qualityof
any third-party products, or the ability of any such third-party products
to interoperate with IBM’s products. IBM expressly disclaims all
warranties, expressed or implied,including but not limited to, the
implied warranties of merchantability and fitness fora purpose.
The provision of the information containedherein isnot intendedto, and
does not, grant anyright or license under any IBM patents, copyrights,
trademarksor other intellectual propertyright.
IBM, the IBM logo, ibm.com and[names of other referencedIBM
products andservices used in the presentation]are trademarksof
International Business MachinesCorporation, registeredin many
jurisdictionsworldwide. Other product and service namesmight
be trademarksof IBM or other companies. A current list of IBM
trademarksisavailable on the Web at “Copyright and trademark
information” at: www.ibm.com/legal/copytrade.shtml.
- 5. 7
The Evolving Enterprise Operating Model
Full enterprise cloud journey
Preserve & Optimize | Extend & Integrate | Refactor
Management
- 6. 8
IBM Cloud / © 2018 IBM Corporation
As organizations
deploy more
clusters, new
challenges are
introduced.
- 7. IBM Cloud
Kubernetes Service
IBM Cloud
IBM Cloud Private
Public Cloud Private Cloud
IBM Confidential / Think 2019 / 5615 / Feb 11, 2019 / © 2019 IBM Corporation
- 9. Apps represented as text
12
# Application to deploy
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: watson-conversation-app
spec:
replicas: 2 # tells deployment to run 2 pods matching the
template
template: # create pods using pod definition in this template
metadata:
labels:
app: watson-conversation-app
tier: frontend
spec:
containers:
- name: watson-conversation-app
image: mycluster.icp:8500/default/conversation-
simple:alt
resources:
requests:
cpu: 100m
memory: 100Mi
env:
- name: WORKSPACE_ID
valueFrom:
configMapKeyRef:
name: car-dashboard-config
key: workspace_id
- name: CONVERSATION_SERVICE_CAR
valueFrom:
secretKeyRef:
name: binding-conversation-service-car
key: binding
• Container Images are built
from Dockerfiles. Kubernetes
Deployments, etc are
managed as YAML
• Having a strong artifact-driven
model makes it easier to
follow a Continuous Delivery
lifecycle
• Using the same images and
YAML objects make it easier
for dev teams to match what’s
running in production
- 10. Kubernetes provides very
portable abstractions for your
app
Where a cloud provider must
get specific about a concern,
Kubernetes allows runtime
substitution
13Think 2019 / DOC ID / Month XX, 2019 / © 2019 IBM Corporation
Factors where the
app interacts with its
platform:
1. Network ingress
2. Persistent
storage
3. Network Security
4. Pod Security
5. RBAC
6. Certificates/Keys
Abstractions
Factors where the
platform interacts
with the app:
1. Packaging
formats
2. Monitoring
3. Log collection
4. Metering
- 11. Portability concerns
14Think 2019 / DOC ID / Month XX, 2019 / © 2019 IBM Corporation
Pod
(1..n containers)
Storage
Network
Ingress
Monitoring Logging
Packaging
Network
Security
Creates
UsesExposes
Managed by
Pod
Security
Certs/Keys
Metering
- 13. kubectl apply -f watson-conversation-app-configured.yaml
kubectl get deployments -o wide
kubectl get services –o wide
# IKS
kubectl expose deployment/watson-conversation-app
--type=LoadBalancer --port=3000
--name=watson-conversation-app
--target-port=3000
16Think 2019 / DOC ID / Month XX, 2019 / © 2019 IBM Corporation
- 15. IKS Deployment
automation
18Think 2019 / DOC ID / Month XX, 2019 / © 2019 IBM Corporation
Managing over 20,000 clusters
Managing over 350,000
resources
1000+ deployments per week
Rule-based, multi-version
deployments
Opinionated k8s deployment
- 16. 19
Use Case: Cluster Lifecycle Management
IBM Cloud / © 2018 IBM Corporation
• Manages clusters across
multiple data centers and
public cloud Kubernetes
services
• Identifies health across all
clusters
• Provides visibility into
problems across clusters
• Enables cluster organization
- 17. 20
Use Case: Application Management
IBM Cloud / © 2018 IBM Corporation
• Define and Deploy
applications across clusters
based on policy
• Autogenerated monitoring
dashboards that update
based on deployment
- 19. Helm - Introduction
22
Helm helps you manage Kubernetes applications — Helm Charts helps you define, install, and upgrade
even the most complex Kubernetes application.
- 20. Charts, Repositories and
Releases
23
Charts: A bundle of Kubernetes
resources
Repository: A collection of charts.
Releases: A chart instance loaded into
Kubernetes . Same chart can be
deployed several times and each
becomes its own release
Providing an easy to use, extend, and compose
catalog of IBM and Third-Party content is part
of our universal platform for
IBM middleware in containers
- 21. IBM certified software for Kubernetes
© 2018 IBM Corporation
Pre-integrated
• Logging (Debug)
• Monitoring
(Alerting)
• Usage Metering
• License
Management
Scanned for
Vulnerabilities
• Extendable to
Redhat Certified
with RHEL base
image
Upgrade & Rollback
• Consistent across all
IBM Software built
for Kubernetes
Enterprise Ready
& Simple to Deploy
• Orchestrated by
the product experts
• Integrated catalog
experience
• Open standards
packaging
• Secured by ICP IAM
IBM Cloud Private
A universal platformfor IBM middlewarerunning in containers
The largest catalog of enterprise-grade services to accelerate your Cloud journey
24
Packaging
Operations Secure
&
Integrated
Management
Containers
IBM Cloud / November 2018 /© 2018 IBM Corporation
- 24. 28
Use Case: Policy-Based Governance
IBM Cloud / © 2018 IBM Corporation
• Set and enforce polices for
security, applications, &
infrastructure
• Checks compliance across
all clusters
- 25. 29
Multiple clusters generates new challenges
IBM Cloud / © 2018 IBM Corporation
Visibility Governance Automation
• Where are the failed
components?
• Where are my services running?
• How can I monitor applications
across clusters and clouds?
• How can I manage clusters as if
they were one environment ?
• How do I monitor usage across
clouds ?
• How do I set consistent security
policies across environments ?
• Which clusters are compliant?
• How can I manage configuration
across this large environment ?
• How can I place workloads based
on capacity, policy?
• How do I deploy applications
across these environments?
• How do I move workloads across
these environments?
• How can I backup my
applications?
• How do I do Disaster Recovery ?
- 26. 30
Learn More
IBM Cloud / © 2018 IBM Corporation
https://www.ibm.com/cloud/multicloud-manager
• Product Overview
• Overview videos
• White paper
• FAQs
- 27. Leverage the IBM Cloud Garage
Method to change how you work.
31Think 2018
Provides an in-depthcollection of
practices,tutorials,and
architecturesto help you on this
journey.
Completelyopen forum for learning
at your own pace.
We offer hands-on guidance and
services,if needed.
Defined
Practices
Business
Benefits
Technical
Benefits
ibm.com/cloud/garage>
- 28. 32
Book
signing
on Wed
@ Code
Cafe
#7678A: Tech Talk:
Deploying Kubernetes in
the Enterprise (with the
authors)
When: Wednesday, 11:30
AM - 12:10 PM
Where: Table Top Tap Room
at the Metreon | Code Cafe
Tech Talks Area
Get a hard copy signed by
the authors at the Code
Café Mezzaine on
Wednesday (7 – 7:30PM)!
ibm.biz/BdYA4i>Grab a free digital copy: