SlideShare a Scribd company logo

Portable Apps across IBM Kubernetes Service and IBM Cloud Private (#Think2019 #5956)

Michael Elder
Michael Elder

Building apps to run in your local Kubernetes or managed Kubernetes environment is easy and straightforward. A common packaging mechanism based on container images and open source Helm to distribute your Kubernetes apps can be produced to your continuous delivery pipeline. These apps can then be deployed wherever needed. Deploying in your datacenter? Great! You can run Kubernetes with IBM Cloud Private anywhere! Want Kubernetes but don’t want to manage it yourself? Great! You can consume Kubernetes-as-a-Service with IBM Cloud Kubernetes Service! In this talk, we’ll demonstrate how to leverage each of these offerings to build and run apps. We’ll also cover some of the nuances of running in a hybrid cloud operating model.

Related slideshows

DevOps within the Hybrid Cloud Deploying to the VMware Platform on the IBM Cloud
DevOps within the Hybrid Cloud Deploying to the VMware Platform on the IBM CloudDevOps within the Hybrid Cloud Deploying to the VMware Platform on the IBM Cloud
DevOps within the Hybrid Cloud Deploying to the VMware Platform on the IBM Cloud
 
How do you deliver your applications to the cloud?
How do you deliver your applications to the cloud?How do you deliver your applications to the cloud?
How do you deliver your applications to the cloud?
 
IBM Think 2019 session 2116 - Best practices for operating and managing a pro...
IBM Think 2019 session 2116 - Best practices for operating and managing a pro...IBM Think 2019 session 2116 - Best practices for operating and managing a pro...
IBM Think 2019 session 2116 - Best practices for operating and managing a pro...
 
1 of 29
Download to read offline
Portable Apps across IBM Kubernetes Service and IBM Cloud Private (#5956A) — Dan Berg IBM Distinguished Engineer, IBM Cloud Kubernetes Service @dancberg Michael Elder IBM Distinguished Engineer – IBM Multicloud Platform @mdelder Think 2019 / DOC ID / Month XX, 2019 / © 2019 IBM Corporation
IBM’s statementsregarding itsplans, directions, andintent are subject to change or withdrawal without notice andat IBM’s sole discretion. Information regarding potential future productsisintended to outline our general product direction andit should not be reliedon in making a purchasing decision. The information mentionedregarding potential future productsisnot a commitment, promise, or legal obligation to deliver any material, code or functionality. Information about potential future productsmaynot be incorporatedinto any contract. The development, release, and timing of anyfuture featuresor functionalitydescribedfor our products remainsat our sole discretion. Performance isbasedon measurementsandprojectionsusing standard IBM benchmarksin a controlled environment. The actual throughput or performance that anyuser will experience will vary depending upon manyfactors, including considerations such as the amount of multiprogramming in the user’sjobstream, the I/O configuration, the storage configuration, andthe workloadprocessed. Therefore, no assurance can be given that an individual user will achieve results similar to those statedhere. 2 Please note
Notices and disclaimers 3Think 2019 / DOC ID / Month XX, 2019 / © 2019 IBM Corporation © 2018 International BusinessMachinesCorporation. No part of this document maybe reproducedor transmittedin any form without written permission from IBM. U.S. Government Users Restricted Rights — use,duplication or disclosure restricted by GSA ADP Schedule Contract with IBM. Information in these presentations(including information relating to products that have not yet been announcedby IBM) hasbeen reviewed for accuracyasof the date of initial publication andcouldinclude unintentional technical or typographical errors. IBM shall have no responsibility to update this information. This document is distributed “as is” without any warranty, either express or implied.In no event, shall IBM be liable for any damage arising from the use of this information, including but not limited to, loss of data, business interruption, loss of profit or loss of opportunity.IBM products and servicesare warrantedper the termsand conditionsof the agreements under which they are provided. IBM productsare manufacturedfrom newpartsor new and used parts. In some cases, a product may not be new and mayhave been previously installed. Regardless, our warrantytermsapply.” Any statements regarding IBM's future direction,intent or product plans are subject to change orwithdrawal without notice. Performance data containedherein wasgenerallyobtainedin a controlled, isolated environments. Customer examplesare presented as illustrationsof how those customershave used IBM productsand the results they mayhave achieved. Actual performance, cost, savingsor other results in other operating environmentsmay vary. Referencesin thisdocument to IBM products, programs, or services does not implythat IBM intends to make such products, programsor servicesavailable in all countriesin which IBM operatesor does business. Workshops, sessions and associatedmaterialsmayhave been prepared by independent session speakers, and do not necessarily reflect the views of IBM. All materialsanddiscussions are provided for informational purposesonly, andare neither intendedto, nor shall constitute legal or other guidance or advice to any individual participant or their specific situation. It isthe customer’sresponsibility to insure itsown compliance with legal requirementsand to obtain advice of competent legal counsel as to the identification andinterpretation of anyrelevant lawsand regulatoryrequirementsthat may affect the customer’sbusinessand any actionsthe customer mayneed to take to complywith such laws. IBM does not provide legal advice or represent or warrant that its servicesor products will ensure that the customer follows any law.
Notices and disclaimers continued 4Think 2019 / DOC ID / Month XX, 2019 / © 2019 IBM Corporation Information concerning non-IBM products was obtainedfrom the suppliers of those products, their published announcementsor other publicly available sources. IBM has not tested those products about this publication andcannot confirm the accuracyof performance, compatibilityor anyother claimsrelatedto non-IBM products. Questions on the capabilities of non-IBM productsshould be addressed to the suppliers of those products. IBM does not warrant the qualityof any third-party products, or the ability of any such third-party products to interoperate with IBM’s products. IBM expressly disclaims all warranties, expressed or implied,including but not limited to, the implied warranties of merchantability and fitness fora purpose. The provision of the information containedherein isnot intendedto, and does not, grant anyright or license under any IBM patents, copyrights, trademarksor other intellectual propertyright. IBM, the IBM logo, ibm.com and[names of other referencedIBM products andservices used in the presentation]are trademarksof International Business MachinesCorporation, registeredin many jurisdictionsworldwide. Other product and service namesmight be trademarksof IBM or other companies. A current list of IBM trademarksisavailable on the Web at “Copyright and trademark information” at: www.ibm.com/legal/copytrade.shtml.
7 The Evolving Enterprise Operating Model Full enterprise cloud journey Preserve & Optimize | Extend & Integrate | Refactor Management
8 IBM Cloud / © 2018 IBM Corporation As organizations deploy more clusters, new challenges are introduced.
IBM Cloud Kubernetes Service IBM Cloud IBM Cloud Private Public Cloud Private Cloud IBM Confidential / Think 2019 / 5615 / Feb 11, 2019 / © 2019 IBM Corporation
Pod (Single IP Address) Volume Volume container container container Volume What’s in a Kubernetes App? 11Think 2019 / DOC ID / Month XX, 2019 / © 2019 IBM Corporation Pod (Single IP Address) Volume Volume container container container Volume Secret ConfigMap Persistent Volume Service Deployment (ReplicaSet) Stateles s Stateless
Apps represented as text 12 # Application to deploy apiVersion: extensions/v1beta1 kind: Deployment metadata: name: watson-conversation-app spec: replicas: 2 # tells deployment to run 2 pods matching the template template: # create pods using pod definition in this template metadata: labels: app: watson-conversation-app tier: frontend spec: containers: - name: watson-conversation-app image: mycluster.icp:8500/default/conversation- simple:alt resources: requests: cpu: 100m memory: 100Mi env: - name: WORKSPACE_ID valueFrom: configMapKeyRef: name: car-dashboard-config key: workspace_id - name: CONVERSATION_SERVICE_CAR valueFrom: secretKeyRef: name: binding-conversation-service-car key: binding • Container Images are built from Dockerfiles. Kubernetes Deployments, etc are managed as YAML • Having a strong artifact-driven model makes it easier to follow a Continuous Delivery lifecycle • Using the same images and YAML objects make it easier for dev teams to match what’s running in production
Kubernetes provides very portable abstractions for your app Where a cloud provider must get specific about a concern, Kubernetes allows runtime substitution 13Think 2019 / DOC ID / Month XX, 2019 / © 2019 IBM Corporation Factors where the app interacts with its platform: 1. Network ingress 2. Persistent storage 3. Network Security 4. Pod Security 5. RBAC 6. Certificates/Keys Abstractions Factors where the platform interacts with the app: 1. Packaging formats 2. Monitoring 3. Log collection 4. Metering
Portability concerns 14Think 2019 / DOC ID / Month XX, 2019 / © 2019 IBM Corporation Pod (1..n containers) Storage Network Ingress Monitoring Logging Packaging Network Security Creates UsesExposes Managed by Pod Security Certs/Keys Metering
An app to talk about 15IBM Cloud / O‘Reilly Software Architecture Conference / October 30, 2018 / © 2018 IBM Corporation
kubectl apply -f watson-conversation-app-configured.yaml kubectl get deployments -o wide kubectl get services –o wide # IKS kubectl expose deployment/watson-conversation-app --type=LoadBalancer --port=3000 --name=watson-conversation-app --target-port=3000 16Think 2019 / DOC ID / Month XX, 2019 / © 2019 IBM Corporation
Enough talking, let’s see it LIVE!Think 2019 / 6393A / Feb 11, 2019 / © 2019 IBM Corporation
IKS Deployment automation 18Think 2019 / DOC ID / Month XX, 2019 / © 2019 IBM Corporation Managing over 20,000 clusters Managing over 350,000 resources 1000+ deployments per week Rule-based, multi-version deployments Opinionated k8s deployment
19 Use Case: Cluster Lifecycle Management IBM Cloud / © 2018 IBM Corporation • Manages clusters across multiple data centers and public cloud Kubernetes services • Identifies health across all clusters • Provides visibility into problems across clusters • Enables cluster organization
20 Use Case: Application Management IBM Cloud / © 2018 IBM Corporation • Define and Deploy applications across clusters based on policy • Autogenerated monitoring dashboards that update based on deployment
Packaging Think 2019 / 6393A / Feb 11, 2019 / © 2019 IBM Corporation
Helm - Introduction 22 Helm helps you manage Kubernetes applications — Helm Charts helps you define, install, and upgrade even the most complex Kubernetes application.
Charts, Repositories and Releases 23 Charts: A bundle of Kubernetes resources Repository: A collection of charts. Releases: A chart instance loaded into Kubernetes . Same chart can be deployed several times and each becomes its own release Providing an easy to use, extend, and compose catalog of IBM and Third-Party content is part of our universal platform for IBM middleware in containers
IBM certified software for Kubernetes © 2018 IBM Corporation Pre-integrated • Logging (Debug) • Monitoring (Alerting) • Usage Metering • License Management Scanned for Vulnerabilities • Extendable to Redhat Certified with RHEL base image Upgrade & Rollback • Consistent across all IBM Software built for Kubernetes Enterprise Ready & Simple to Deploy • Orchestrated by the product experts • Integrated catalog experience • Open standards packaging • Secured by ICP IAM IBM Cloud Private A universal platformfor IBM middlewarerunning in containers The largest catalog of enterprise-grade services to accelerate your Cloud journey 24 Packaging Operations Secure & Integrated Management Containers IBM Cloud / November 2018 /© 2018 IBM Corporation
Deploying across clouds Think 2019 / 6393A / Feb 11, 2019 / © 2019 IBM Corporation
Compliance across clouds Think 2019 / 6393A / Feb 11, 2019 / © 2019 IBM Corporation
28 Use Case: Policy-Based Governance IBM Cloud / © 2018 IBM Corporation • Set and enforce polices for security, applications, & infrastructure • Checks compliance across all clusters
29 Multiple clusters generates new challenges IBM Cloud / © 2018 IBM Corporation Visibility Governance Automation • Where are the failed components? • Where are my services running? • How can I monitor applications across clusters and clouds? • How can I manage clusters as if they were one environment ? • How do I monitor usage across clouds ? • How do I set consistent security policies across environments ? • Which clusters are compliant? • How can I manage configuration across this large environment ? • How can I place workloads based on capacity, policy? • How do I deploy applications across these environments? • How do I move workloads across these environments? • How can I backup my applications? • How do I do Disaster Recovery ?
30 Learn More IBM Cloud / © 2018 IBM Corporation https://www.ibm.com/cloud/multicloud-manager • Product Overview • Overview videos • White paper • FAQs
Leverage the IBM Cloud Garage Method to change how you work. 31Think 2018 Provides an in-depthcollection of practices,tutorials,and architecturesto help you on this journey. Completelyopen forum for learning at your own pace. We offer hands-on guidance and services,if needed. Defined Practices Business Benefits Technical Benefits ibm.com/cloud/garage>
32 Book signing on Wed @ Code Cafe #7678A: Tech Talk: Deploying Kubernetes in the Enterprise (with the authors) When: Wednesday, 11:30 AM - 12:10 PM Where: Table Top Tap Room at the Metreon | Code Cafe Tech Talks Area Get a hard copy signed by the authors at the Code Café Mezzaine on Wednesday (7 – 7:30PM)! ibm.biz/BdYA4i>Grab a free digital copy:
33 ® https://www.ibm.com/legal/us/en/c opytrade.s html

More Related Content

Portable Apps across IBM Kubernetes Service and IBM Cloud Private (#Think2019 #5956)

  • 1. Portable Apps across IBM Kubernetes Service and IBM Cloud Private (#5956A) — Dan Berg IBM Distinguished Engineer, IBM Cloud Kubernetes Service @dancberg Michael Elder IBM Distinguished Engineer – IBM Multicloud Platform @mdelder Think 2019 / DOC ID / Month XX, 2019 / © 2019 IBM Corporation
  • 2. IBM’s statementsregarding itsplans, directions, andintent are subject to change or withdrawal without notice andat IBM’s sole discretion. Information regarding potential future productsisintended to outline our general product direction andit should not be reliedon in making a purchasing decision. The information mentionedregarding potential future productsisnot a commitment, promise, or legal obligation to deliver any material, code or functionality. Information about potential future productsmaynot be incorporatedinto any contract. The development, release, and timing of anyfuture featuresor functionalitydescribedfor our products remainsat our sole discretion. Performance isbasedon measurementsandprojectionsusing standard IBM benchmarksin a controlled environment. The actual throughput or performance that anyuser will experience will vary depending upon manyfactors, including considerations such as the amount of multiprogramming in the user’sjobstream, the I/O configuration, the storage configuration, andthe workloadprocessed. Therefore, no assurance can be given that an individual user will achieve results similar to those statedhere. 2 Please note
  • 3. Notices and disclaimers 3Think 2019 / DOC ID / Month XX, 2019 / © 2019 IBM Corporation © 2018 International BusinessMachinesCorporation. No part of this document maybe reproducedor transmittedin any form without written permission from IBM. U.S. Government Users Restricted Rights — use,duplication or disclosure restricted by GSA ADP Schedule Contract with IBM. Information in these presentations(including information relating to products that have not yet been announcedby IBM) hasbeen reviewed for accuracyasof the date of initial publication andcouldinclude unintentional technical or typographical errors. IBM shall have no responsibility to update this information. This document is distributed “as is” without any warranty, either express or implied.In no event, shall IBM be liable for any damage arising from the use of this information, including but not limited to, loss of data, business interruption, loss of profit or loss of opportunity.IBM products and servicesare warrantedper the termsand conditionsof the agreements under which they are provided. IBM productsare manufacturedfrom newpartsor new and used parts. In some cases, a product may not be new and mayhave been previously installed. Regardless, our warrantytermsapply.” Any statements regarding IBM's future direction,intent or product plans are subject to change orwithdrawal without notice. Performance data containedherein wasgenerallyobtainedin a controlled, isolated environments. Customer examplesare presented as illustrationsof how those customershave used IBM productsand the results they mayhave achieved. Actual performance, cost, savingsor other results in other operating environmentsmay vary. Referencesin thisdocument to IBM products, programs, or services does not implythat IBM intends to make such products, programsor servicesavailable in all countriesin which IBM operatesor does business. Workshops, sessions and associatedmaterialsmayhave been prepared by independent session speakers, and do not necessarily reflect the views of IBM. All materialsanddiscussions are provided for informational purposesonly, andare neither intendedto, nor shall constitute legal or other guidance or advice to any individual participant or their specific situation. It isthe customer’sresponsibility to insure itsown compliance with legal requirementsand to obtain advice of competent legal counsel as to the identification andinterpretation of anyrelevant lawsand regulatoryrequirementsthat may affect the customer’sbusinessand any actionsthe customer mayneed to take to complywith such laws. IBM does not provide legal advice or represent or warrant that its servicesor products will ensure that the customer follows any law.
  • 4. Notices and disclaimers continued 4Think 2019 / DOC ID / Month XX, 2019 / © 2019 IBM Corporation Information concerning non-IBM products was obtainedfrom the suppliers of those products, their published announcementsor other publicly available sources. IBM has not tested those products about this publication andcannot confirm the accuracyof performance, compatibilityor anyother claimsrelatedto non-IBM products. Questions on the capabilities of non-IBM productsshould be addressed to the suppliers of those products. IBM does not warrant the qualityof any third-party products, or the ability of any such third-party products to interoperate with IBM’s products. IBM expressly disclaims all warranties, expressed or implied,including but not limited to, the implied warranties of merchantability and fitness fora purpose. The provision of the information containedherein isnot intendedto, and does not, grant anyright or license under any IBM patents, copyrights, trademarksor other intellectual propertyright. IBM, the IBM logo, ibm.com and[names of other referencedIBM products andservices used in the presentation]are trademarksof International Business MachinesCorporation, registeredin many jurisdictionsworldwide. Other product and service namesmight be trademarksof IBM or other companies. A current list of IBM trademarksisavailable on the Web at “Copyright and trademark information” at: www.ibm.com/legal/copytrade.shtml.
  • 5. 7 The Evolving Enterprise Operating Model Full enterprise cloud journey Preserve & Optimize | Extend & Integrate | Refactor Management
  • 6. 8 IBM Cloud / © 2018 IBM Corporation As organizations deploy more clusters, new challenges are introduced.
  • 7. IBM Cloud Kubernetes Service IBM Cloud IBM Cloud Private Public Cloud Private Cloud IBM Confidential / Think 2019 / 5615 / Feb 11, 2019 / © 2019 IBM Corporation
  • 8. Pod (Single IP Address) Volume Volume container container container Volume What’s in a Kubernetes App? 11Think 2019 / DOC ID / Month XX, 2019 / © 2019 IBM Corporation Pod (Single IP Address) Volume Volume container container container Volume Secret ConfigMap Persistent Volume Service Deployment (ReplicaSet) Stateles s Stateless
  • 9. Apps represented as text 12 # Application to deploy apiVersion: extensions/v1beta1 kind: Deployment metadata: name: watson-conversation-app spec: replicas: 2 # tells deployment to run 2 pods matching the template template: # create pods using pod definition in this template metadata: labels: app: watson-conversation-app tier: frontend spec: containers: - name: watson-conversation-app image: mycluster.icp:8500/default/conversation- simple:alt resources: requests: cpu: 100m memory: 100Mi env: - name: WORKSPACE_ID valueFrom: configMapKeyRef: name: car-dashboard-config key: workspace_id - name: CONVERSATION_SERVICE_CAR valueFrom: secretKeyRef: name: binding-conversation-service-car key: binding • Container Images are built from Dockerfiles. Kubernetes Deployments, etc are managed as YAML • Having a strong artifact-driven model makes it easier to follow a Continuous Delivery lifecycle • Using the same images and YAML objects make it easier for dev teams to match what’s running in production
  • 10. Kubernetes provides very portable abstractions for your app Where a cloud provider must get specific about a concern, Kubernetes allows runtime substitution 13Think 2019 / DOC ID / Month XX, 2019 / © 2019 IBM Corporation Factors where the app interacts with its platform: 1. Network ingress 2. Persistent storage 3. Network Security 4. Pod Security 5. RBAC 6. Certificates/Keys Abstractions Factors where the platform interacts with the app: 1. Packaging formats 2. Monitoring 3. Log collection 4. Metering
  • 11. Portability concerns 14Think 2019 / DOC ID / Month XX, 2019 / © 2019 IBM Corporation Pod (1..n containers) Storage Network Ingress Monitoring Logging Packaging Network Security Creates UsesExposes Managed by Pod Security Certs/Keys Metering
  • 12. An app to talk about 15IBM Cloud / O‘Reilly Software Architecture Conference / October 30, 2018 / © 2018 IBM Corporation
  • 13. kubectl apply -f watson-conversation-app-configured.yaml kubectl get deployments -o wide kubectl get services –o wide # IKS kubectl expose deployment/watson-conversation-app --type=LoadBalancer --port=3000 --name=watson-conversation-app --target-port=3000 16Think 2019 / DOC ID / Month XX, 2019 / © 2019 IBM Corporation
  • 14. Enough talking, let’s see it LIVE!Think 2019 / 6393A / Feb 11, 2019 / © 2019 IBM Corporation
  • 15. IKS Deployment automation 18Think 2019 / DOC ID / Month XX, 2019 / © 2019 IBM Corporation Managing over 20,000 clusters Managing over 350,000 resources 1000+ deployments per week Rule-based, multi-version deployments Opinionated k8s deployment
  • 16. 19 Use Case: Cluster Lifecycle Management IBM Cloud / © 2018 IBM Corporation • Manages clusters across multiple data centers and public cloud Kubernetes services • Identifies health across all clusters • Provides visibility into problems across clusters • Enables cluster organization
  • 17. 20 Use Case: Application Management IBM Cloud / © 2018 IBM Corporation • Define and Deploy applications across clusters based on policy • Autogenerated monitoring dashboards that update based on deployment
  • 18. Packaging Think 2019 / 6393A / Feb 11, 2019 / © 2019 IBM Corporation
  • 19. Helm - Introduction 22 Helm helps you manage Kubernetes applications — Helm Charts helps you define, install, and upgrade even the most complex Kubernetes application.
  • 20. Charts, Repositories and Releases 23 Charts: A bundle of Kubernetes resources Repository: A collection of charts. Releases: A chart instance loaded into Kubernetes . Same chart can be deployed several times and each becomes its own release Providing an easy to use, extend, and compose catalog of IBM and Third-Party content is part of our universal platform for IBM middleware in containers
  • 21. IBM certified software for Kubernetes © 2018 IBM Corporation Pre-integrated • Logging (Debug) • Monitoring (Alerting) • Usage Metering • License Management Scanned for Vulnerabilities • Extendable to Redhat Certified with RHEL base image Upgrade & Rollback • Consistent across all IBM Software built for Kubernetes Enterprise Ready & Simple to Deploy • Orchestrated by the product experts • Integrated catalog experience • Open standards packaging • Secured by ICP IAM IBM Cloud Private A universal platformfor IBM middlewarerunning in containers The largest catalog of enterprise-grade services to accelerate your Cloud journey 24 Packaging Operations Secure & Integrated Management Containers IBM Cloud / November 2018 /© 2018 IBM Corporation
  • 22. Deploying across clouds Think 2019 / 6393A / Feb 11, 2019 / © 2019 IBM Corporation
  • 23. Compliance across clouds Think 2019 / 6393A / Feb 11, 2019 / © 2019 IBM Corporation
  • 24. 28 Use Case: Policy-Based Governance IBM Cloud / © 2018 IBM Corporation • Set and enforce polices for security, applications, & infrastructure • Checks compliance across all clusters
  • 25. 29 Multiple clusters generates new challenges IBM Cloud / © 2018 IBM Corporation Visibility Governance Automation • Where are the failed components? • Where are my services running? • How can I monitor applications across clusters and clouds? • How can I manage clusters as if they were one environment ? • How do I monitor usage across clouds ? • How do I set consistent security policies across environments ? • Which clusters are compliant? • How can I manage configuration across this large environment ? • How can I place workloads based on capacity, policy? • How do I deploy applications across these environments? • How do I move workloads across these environments? • How can I backup my applications? • How do I do Disaster Recovery ?
  • 26. 30 Learn More IBM Cloud / © 2018 IBM Corporation https://www.ibm.com/cloud/multicloud-manager • Product Overview • Overview videos • White paper • FAQs
  • 27. Leverage the IBM Cloud Garage Method to change how you work. 31Think 2018 Provides an in-depthcollection of practices,tutorials,and architecturesto help you on this journey. Completelyopen forum for learning at your own pace. We offer hands-on guidance and services,if needed. Defined Practices Business Benefits Technical Benefits ibm.com/cloud/garage>
  • 28. 32 Book signing on Wed @ Code Cafe #7678A: Tech Talk: Deploying Kubernetes in the Enterprise (with the authors) When: Wednesday, 11:30 AM - 12:10 PM Where: Table Top Tap Room at the Metreon | Code Cafe Tech Talks Area Get a hard copy signed by the authors at the Code Café Mezzaine on Wednesday (7 – 7:30PM)! ibm.biz/BdYA4i>Grab a free digital copy: