OVHcloud Kubernetes Tech Lab Spain Horacio Gonzalez 2023-02-07 - Bilbao 2023-02-08 - Madrid 2023-02-09 - Valencia
Slide 2
¡WiFi! Network: WAYCO Password: VLC-5unc1t4
Slide 3
Who are we? Introducing myself and introducing OVHcloud
Slide 4
Horacio Gonzalez @LostInBrittany Spaniard Lost in Brittany
Flutter
Slide 5
OVHcloud Web Cloud & Telcom
30 Data Centers in 12 locations
1 Million+ Servers produced since 1999
Private Cloud
34 Points of Presence on a 20 TBPS Bandwidth Network
1.5 Million Customers across 132 countries
Public Cloud
2200 Employees worldwide
3.8 Million Websites hosting
Storage
115K Private Cloud VMS running
1.5 Billion Euros Invested since 2016
300K Public Cloud instances running
P.U.E. 1.09 Energy efficiency indicator
380K Physical Servers running in our data centers
20+ Years in Business Disrupting since 1999
Network & Security
Slide 6
Why do we need Kubernetes? Taming the complexity of operating containers
Slide 7
From bare metal to containers
Slide 8
From bare metal to containers
Slide 9
From bare metal to containers
Slide 10
Dockerfiles, images and containers
Slide 11
Containers are easy…
For developers
Slide 12
Less simple if you must operate them
Like in a production context
Slide 13
And what about microservices?
Are you sure you want to operate them by hand?
Slide 14
And what about microservices?
Are you sure you want to operate them by hand?
Slide 15
Helping to tame de complexity
Slide 16
Kubernetes: a full orchestrator
Slide 17
Kubernetes cluster: masters and nodes
Slide 18
Kubernetes cluster: more details
Slide 19
Desired State Management
Declarative infrastructure
Slide 20
Desired State Management
Slide 21
Let’s deploy an application
Slide 22
Demo: Hello Kubernetes World
https://docs.ovh.com/gb/en/kubernetes/deploying-hello-world/
Putting Kubernetes in production A journey not for the faint of heart
Slide 25
Kubernetes can be wonderful
For both developers and devops
Slide 26
The journey from dev to production
Slide 27
It’s a complex technology
Lots of abstraction layers
Slide 28
Kubernetes networking is complex…
Slide 29
The storage dilemma
Slide 30
The ETCD vulnerability
Slide 31
Kubernetes is insecure by design*
It’s a feature, not a bug. Up to K8s admin to secure it according to needs
Slide 32
Not everybody has the same security needs
Slide 33
Kubernetes allows to enforce security practices as needed
Slide 34
Always keep up to date
Both Kubernetes and plugins
Slide 35
And remember, even the best can get hacked
Remain attentive, don’t get too confident
Slide 36
A managed Kubernetes Because your company job is to use Kubernetes, not to operate it!
Slide 37
Kubernetes is powerful
It can make Developers’ and DevOps’ lives easier
Slide 38
But there is a price: operating it
Lot of things to think about
Slide 39
We have seen some of them
Slide 40
Different roles
Each role asks for very different knowledge and skill sets
Slide 41
Operating a Kubernetes cluster is hard
But we have a good news…
Slide 42
Most companies don’t need to do it!
As they don’t build and rack their own servers!
Slide 43
If you don’t need to build it, choose a certified managed solution
You get the cluster, the operator get the problems
Slide 44
Demo: A complete app - Wordpress
https://docs.ovh.com/gb/en/kubernetes/installing-wordpress/
Slide 45
Needed tools: helm
https://helm.sh/
Slide 46
Helm: a package manager for K8s
Slide 47
Wordpress is easy…
Two pods and a persistent volume
Slide 48
Yet is a complete app
Specially when deployed in production context
Slide 49
Persistent storage in Kubernetes
Slide 50
OVHcloud Managed Kubernetes Why would you choose ours?
Slide 51
Certified Kubernetes platform
Slide 52
OVHcloud Managed Private Registry
Slide 53
Node Pools
Users can define node pools controlled from inside Kubernetes
Slide 54
Autoscaling
Based on node pools New instances are spawned or released based on load
Slide 55
Kubernetes in a private network
Slide 56
Other features ● ● ● ● ● ●
Healthcare HDS 1 conformity ISO 27001/27701/27017/27018 conformity Terraform provider Control plane audit logs API server IP restrictions …
https://github.com/ovh/public-cloud-roadmap/projects/1