THREAD

Running new apps in Kubernetes is straightforward.

But what happens when you have legacy apps that:

- Log to file instead of stdout?
- Has no support Prometheus?
- Has no support for HTTPS

Read on →
1/

First, let's cover the basics.

In Kubernetes, a pod is a collection of containers.

And a container is just a process.

So Pods are a collection of processes.
2/

Why would you need to run more than a container in a Pod?

If you can't (or don't want to) change the code in your app, you might need to adjust its functionality in other ways.

Let's have a look at an example.
3/

Recent versions of Elasticsearch support TLS, but it was a paid extra feature for a long time.

How did you secure traffic with TLS without paying?
4/

What happens when you want to use Prometheus, but your app has a custom format for exposing metrics?

There's no need to change the code if you use an adapter.
5/

The default for apps in Kubernetes is to print the logs to stdout.

What if you have an app that logs to file instead?

How do you collect the logs?
6/

What happens when you need to run a init script before the app starts?

As an example, Elasticsearch recommends setting the virtual memory to a higher value (i.e. mmap count) before the app starts.

How do you do that in Kubernetes?
7/

So if you're migrating existing apps into Kubernetes, you have four patterns at your disposal:

- Ambassador
- Adapter
- Sidecar
- Init

Those are from the original Google paper: static.googleusercontent.com/media/research…
8/

You can find more in-depth explanations about the multi-container patterns on this blog post: learnk8s.io/sidecar-contai…
9/

Did you like this thread?

You might enjoy the previous threads too! You can find all of them here:

I also released a book last week "Kubernetes first steps!" check it out here: learnk8s.io/first-steps

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Daniele Polencic

Daniele Polencic Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @danielepolencic

3 Feb
THREAD

Nginx has a service mesh too. Is it any good?

Let's find out.
1/

Most service meshes use Envoy as a proxy and for good reasons:

1. It's fully open-source
2. It can be customised on-the-fly via an API
3. It can be extended
2/

Is there a service mesh without Envoy? Of course!

The best example is @Linkerd that uses a custom proxy written in Rust.

Linkerd is smaller and more focussed but it is also slower to add features.

And now there's a new entry: @nginx
Read 11 tweets
18 Nov 20
Do you know all the YAML tricks and gotchas?

Are there any YAML tips for Kubernetes?

Read along!
1/

Let's cover the basics first.

YAML has three basic rules:

1. Indentation — only 2 or 4 spaces
2. Maps — key-value pairs
3. Lists — collections of things
2/

Maps and lists are the basic building blocks of any YAML file.

Any value that is part of a list or of map's value can be a string, a number, a boolean, `null`, or another dictionary.

In most cases, strings don't require quotes.

But sometimes if you miss them... 💣💥
Read 7 tweets
24 Sep 20
THREAD: How does the scheduler work in Kubernetes?

The scheduler is in charge of deciding where your pods are deployed in the cluster.

It might sound like an easy job, but it's rather complicated!

Let's dive into it. Image
1/8

Every time a Pod is created, it also added to the Scheduler queue.

The scheduler process Pods 1 by 1 through two phases:

1. Scheduling phase (what node should I pick?)
2. Binding phase (let's write to the database that this pod belongs to that node) ImageImageImageImage
2/8

The Scheduler phase is divided into two parts. The Scheduler:

1. Filters relevant nodes (using a list of functions call predicates)
2. Ranks the remaining nodes (using a list of functions called priorities)

Let's make an example.
Read 9 tweets
26 Aug 20
MEGATHREAD

Learn Kubernetes one Twitter thread at the time!

Below you can find a collection of threads about Kubernetes and Kubernetes-related tech!

I regularly add more, so you can follow me or @learnk8s for more updates!
What happens when you create a Pod in Kubernetes?

In this thread, you will learn how endpoints are propagated in the cluster when a Pod is created!

In Kubernetes, what should I use as CPU requests and limits?

Learn how to set requests and limits on your Pods.

Read 12 tweets
6 Aug 20
THREAD: What happens when you create a Pod in Kubernetes?

Spoiler: a surprisingly simple task reveals a complicated workflow that touches several components in the cluster.
1/8

You are probably familiar with the first 4 steps:

1. kubectl sends the YAML to the API
2. The Pod is stored in etcd
3. The scheduler assigns a Node

At this point the Pod is etcd, but no in the node.

4. The kubelet starts creating the Pod.
2/8

Next:

1. The kubelet delegates creating the container to the CRI
2. The kubelet delegates attaching the container to the network to the CNI
3. The CNI assigns an IP address
4. Probes are checked
5. The kubelet reports the IP address to the control plane
Read 9 tweets
29 Jul 20
THREAD: What is GitOps?

Is this something that you should learn?

Let's dive into it.
1/10

The idea behind GitOps is straightforward:

1. Scripts that create update, delete, etc. infrastructure are saved in GIT.
2. The state of your infrastructure is saved in GIT.
3. You have automation to trigger all your scripts.

Let's see an example.
2/10

Let's deploy an app with a single replica:

1. Commit the Deployment definition in GIT
2. Execute the script to deploy
3. Done

How is this new?

Surely you do this already!

The devil is in the details, though.
Read 11 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!