OVHcloud Kubernetes Tech Lab Spain Horacio Gonzalez 2022-09-20 - Madrid 2022-09-21 - Bilbao 2022-09-22 - Barcelona
Slide 2
Who are we? Introducing myself and introducing OVHcloud
Slide 3
Horacio Gonzalez @LostInBrittany Spaniard Lost in Brittany
Flutter
Slide 4
OVHcloud Web Cloud & Telcom
30 Data Centers in 12 locations
1 Million+ Servers produced since 1999
Private Cloud
34 Points of Presence on a 20 TBPS Bandwidth Network
1.5 Million Customers across 132 countries
Public Cloud
2200 Employees worldwide
3.8 Million Websites hosting
Storage
115K Private Cloud VMS running
1.5 Billion Euros Invested since 2016
300K Public Cloud instances running
P.U.E. 1.09 Energy efficiency indicator
380K Physical Servers running in our data centers
20+ Years in Business Disrupting since 1999
Network & Security
Slide 5
Why do we need Kubernetes? Taming the complexity of operating containers
Slide 6
From bare metal to containers
Slide 7
From bare metal to containers
Slide 8
From bare metal to containers
Slide 9
Dockerfiles, images and containers
Slide 10
Containers are easy…
For developers
Slide 11
Less simple if you must operate them
Like in a production context
Slide 12
And what about microservices?
Are you sure you want to operate them by hand?
Slide 13
And what about microservices?
Are you sure you want to operate them by hand?
Slide 14
Helping to tame de complexity
Slide 15
Kubernetes: a full orchestrator
Slide 16
Kubernetes cluster: masters and nodes
Slide 17
Kubernetes cluster: more details
Slide 18
Desired State Management
Declarative infrastructure
Slide 19
Desired State Management
Slide 20
Let’s deploy an application
Slide 21
Demo: Hello Kubernetes World
https://docs.ovh.com/gb/en/kubernetes/deploying-hello-world/
Putting Kubernetes in production A journey not for the faint of heart
Slide 24
Kubernetes can be wonderful
For both developers and devops
Slide 25
The journey from dev to production
Slide 26
It’s a complex technology
Lots of abstraction layers
Slide 27
Kubernetes networking is complex…
Slide 28
The storage dilemma
Slide 29
The ETCD vulnerability
Slide 30
Kubernetes is insecure by design*
It’s a feature, not a bug. Up to K8s admin to secure it according to needs
Slide 31
Not everybody has the same security needs
Slide 32
Kubernetes allows to enforce security practices as needed
Slide 33
Always keep up to date
Both Kubernetes and plugins
Slide 34
And remember, even the best can get hacked
Remain attentive, don’t get too confident
Slide 35
A managed Kubernetes Because your company job is to use Kubernetes, not to operate it!
Slide 36
Kubernetes is powerful
It can make Developers’ and DevOps’ lives easier
Slide 37
But there is a price: operating it
Lot of things to think about
Slide 38
We have seen some of them
Slide 39
Different roles
Each role asks for very different knowledge and skill sets
Slide 40
Operating a Kubernetes cluster is hard
But we have a good news…
Slide 41
Most companies don’t need to do it!
As they don’t build and rack their own servers!
Slide 42
If you don’t need to build it, choose a certified managed solution
You get the cluster, the operator get the problems
Slide 43
Demo: A complete app - Wordpress
https://docs.ovh.com/gb/en/kubernetes/installing-wordpress/
Slide 44
Needed tools: helm
https://helm.sh/
Slide 45
Helm: a package manager for K8s
Slide 46
Wordpress is easy…
Two pods and a persistent volume
Slide 47
Yet is a complete app
Specially when deployed in production context
Slide 48
Persistent storage in Kubernetes
Slide 49
OVHcloud Managed Kubernetes Why would you choose ours?
Slide 50
Certified Kubernetes platform
Slide 51
OVHcloud Managed Private Registry
Slide 52
Node Pools
Users can define node pools controlled from inside Kubernetes
Slide 53
Autoscaling
Based on node pools New instances are spawned or released based on load
Slide 54
Kubernetes in a private network
Slide 55
Other features ● ● ● ● ● ●
Healthcare HDS 1 conformity ISO 27001/27701/27017/27018 conformity Terraform provider Control plane audit logs API server IP restrictions …
https://github.com/ovh/public-cloud-roadmap/projects/1