Why is Kubernetes so [censored] complex?

0:04 okay welcome to today’s webinar from appvia uh and today’s webinar is entitled why 0:11 is kubernetes so complicated and we’re going to be exploring that uh 0:17 before we get started there’s a couple of things to go over for housekeeping details 0:23 as we talk through kubernetes and its complexities you’re welcome to submit questions by clicking on the question 0:29 tab on the right uh we have also created a blog which touches on this same subject and 0:36 it’s on our website appia.io and lastly there’s a feedback tab uh on 0:42 the session so that you could offer feedback as well uh we’d love to hear 0:47 from you and with that we’ll get started i suppose we can take down the slide and introduce 0:53 ourselves um i’m tennis smith and salmon 0:59 hi uh my name is salman iqbal and i’m a solutions engineer and apnea i have been 1:05 working with kubernetes for the last three and a half years i have run quite a few systems in production in 1:10 kubernetes three and a half years sounds quite short but i feel like tennis in terms of 1:16 kubernetes is quite long it’s a long time for kubernetes um yeah and uh currently i 1:23 i’m working in half here as a solutions engineer and i do work in the mlops area so just taking 1:30 any of the machine learning workloads and running them in the cloud efficiently and at scale so i 1:36 any all the cloud services including kubernetes that’s what i do and i also do the training from within 1:43 app here so any anything to do with cloud or kubernetes or anything like that and i do like uh tennis how you 1:49 coughed while pronunciating the 1:55 this is it’s a word that you can insert anything you like in that in that blank uh which leads me to what we’re going to 2:02 talk about which is the the the idea of behind kubernetes why it got so complicated you know how 2:09 what i think is a simple idea that evolved in this into this technical behemoth and we’re going to talk about 2:14 things like you know what contributes to its complexity and how it differs from a classic monolithic application strategy 2:21 and the trade-offs of course because it’s a technical world nothing’s free everything’s got a price 2:27 um and of course the explosion of the configuration options and finally at the end we’ll get into when your head is 2:33 about to explode we’ll we’ll get into the mitigation of these complexities that we could talk about 2:40 um so with that i’ll i’ll kick it off by saying that the idea behind kubernetes 2:45 is a very simple one which is this is that let’s 2:50 build an ecosystem where you can have applications as simple as possible 2:57 so that we can concentrate on building applications alone and not have to worry 3:02 about a lot of the ancillary things that go into building an application in the classical uh monolithic model which 3:10 we’re going to go into more and how that simple idea has turned into a 3:17 pretty complicated implementation so um i don’t know if you wanted to well 3:23 there’s the cncf landscape we can show that’s a nice uh segue into what we’re talking about 3:31 absolutely i think uh yes i think i agree with what you’re saying by the way apologies i’ve got some work happening CNCF Cloud Native Interactive Landscape 3:37 right next door so you might you might be hearing some somebody drilling in the walls but uh 3:42 i’m going to try and keep it so you don’t yeah ignore the jackhammers yeah ignore all of that jackhammer drill 3:49 machine anything that might be happening that’s uh that’s just coming from next door so um yeah tennis point is very 3:56 very very good point at the point is that we need to make sure our applications are quite simple and we 4:01 want to run them in the cloud in an efficient manner in cloud and we talk about kubernetes too 4:07 but when you need to run anything in cloud native way as in like we can scale 4:13 up when we need to we can scale down we need to use cloud more efficiently than we can 4:18 there’s a lot of options and for example you say i want to run a database in the cloud 4:23 how do you pick to run a database in the cloud and as you can see one of the places you go to is landscape.cncf.io 4:31 by the way any of the discussions that we have today or any resources that we share that we talk about you will 4:37 receive an email uh from uh from kirsten she’s going to send her an email with all the details 4:43 that we discussed and and the blog itself which which this is based on so you don’t really have to take a note of 4:48 any of that we will share all the resources but yeah if you need to do anything like if you need to do messaging if you need to pick a 4:54 container runtime there’s lots of options and the options exist because of flexibility because 5:00 one solution might give you something or the other solution minded might not give you what you want 5:05 and when that happens things start to get a bit complicated tennis right what do you think yeah yeah it’s it’s 5:12 exactly and it the um the if if if we could switch over to miro this there’s a 5:18 pretty good uh depiction we can use um let’s see i like 5:24 i can see maro that’s good um one thing that we can talk about is Monolithic Applications 5:30 how in a monolithic world this is my 5:36 rendition of a monolithic application this is you have the operating system yeah yeah excuse the crayon handwriting 5:43 i’m not a trained uh artist can you tell the app 5:48 inside the jackhammer the app had to have in a monolithic model you 5:54 had to have all the things in it that you needed 5:59 to be supported like logging it should be an ing 6:05 like logging and error recovery 6:13 and metrics and 6:18 database access lots of lots of goodies that had to be 6:24 included as a part of the application in a monolithic model 6:30 that is what we wanted to get away from and and salmon i don’t know if you wanted to 6:36 add on to that anything that yeah uh absolutely so 6:42 we are we’re assuming that you know you might back in the day you’re developing 6:47 monolithic applications and then everybody comes along and says you know we have to include everything 6:52 within the application and that’s fine but then we need to break these applications up right is that where you were going to go next that’s right 6:58 that’s right yeah we need to break them maybe maybe i can try and sketch what you will maybe i can 7:04 extend your diagram a little bit sure um tennis so i mean what we’ve got right now is an is an application that is a 7:13 monolith and what you need to do is you need to take the application and break it into microservice so what we’re going Why Kubernetes becomes so complicated 7:18 to talk about is the complications that lead to why kubernetes becomes so complicated why just just the steps now 7:26 if we say maybe i can use a slightly different color so we can differentiate between 7:32 so we’re going to go from here to uh we take this monolithic application and we 7:37 are going to try and break this up and let’s just draw some boxes here so we take the application and we might break 7:44 it up right in in the pa in the past the whole application itself might be doing the front and might be doing the back 7:51 end might be doing the api but it’s basically doing everything is that right tennis that’s what we get right 7:56 basically doing everything but then we say is we are working in market services land um and what we want to do is we 8:03 want to break things up so if in your whole uh monolithic application you have the 8:08 ui we’ll break it up and the ui will be one part i hope you can see this 8:14 looks fine yeah and then what we say is oh you know what we’re going to take another another thing and we’ll this is microservices 8:21 land right we’ll say okay we will make we’ll make the back end i’m going to call it be as back end so that that 8:27 becomes the back end now right oh that’s maybe a bit too big and maybe one more component let’s say 8:33 there’s some business logic right and i’m going to take that and i’m going to stick the business bl 8:39 as business logic in there right so we got we took this one application and we broke it up 8:45 into three separate components and as tennis was saying before previously in one app you had the 8:51 logging you had the the database you had the error recovery now we have a distributed system 8:57 so a distributed system and what we need to do is consider how we do the logging how we do the error recovery how do we 9:04 communicate amongst each other so amongst the each services so that starts to add some complications 9:11 tennis yeah is that what you’re trying to get to yeah maybe i’ll stop sharing the screen for a couple of seconds so people can see us that we’re real human 9:18 beings and then we can yeah we’re not just a couple of pearl 9:24 scripts we don’t just yeah we’re not just some pods running in the kubernetes cluster just really yeah 9:30 no the the problem that comes up in in in going back to what salman was saying is you can containerize all these 9:36 components and you can have them do just their piece and it works great small problem though what happens when you 9:42 need to coordinate among these components and you need to start putting more robust logic around them when for 9:48 example air recovery one of my components dies how do i recover it where is it going to live 9:53 that’s when kubernetes starts coming into the picture because it’s the overall master choreographer 9:59 to take care of questions like that again going back to simplified 10:04 applications now we have to build an ecosystem around those simplified applications or containerized 10:10 applications that takes care of all those issues that we used to have to do internally inside a monolithic app 10:19 yeah correct see yeah i think that’s that’s that’s correct i think maybe i’ll just add a couple more things right sure 10:24 you break this application up into smaller components instead of one massive component you’ve got i don’t 10:30 know let’s just take one app right you have four smaller components but you you’re not looking after one application 10:35 right tennis maybe you’re looking after 15 or 16 applications and each one of them has got four or five 10:43 you know small small parts you might end up with like hundreds of applications correct hundred of little micro services 10:49 they’re looking at that’s right and then we then at that point we bring in the containers because you say 10:54 containers solve a lot of problems we don’t have to you know you have this operating system overhead that you 11:00 talked about maybe we can go back to the diagram now um sure people have seen enough of us they probably had enough so 11:06 maybe we can go back and break it up you know um yeah so this is the bit that tenants were saying you got an operating 11:12 system running but then we break this up we don’t need all this operating system or you know we need to make sure that 11:18 all the uh dependencies for the applications are included so we we containerize it so this is this is where 11:24 the first complexity comes in so you’re starting to add a new layer right so well well the second let’s say so we we 11:30 we broke the application up then we introduced containers some people can say some people might 11:37 say it’s not a complexity but you know it’s it’s something new that you have to learn in order to run your applications 11:43 right so you build that as containers and you know not containers there i can run a 11:49 container or two and that’s fine right tennis if container fails i’m sure you can log into a machine and do a docker 11:56 run and start it back up right that’s not really too much of an issue right but tennis would you be happy if you’re 12:03 looking after 100 containers and 20 of them failed at 2 am in the morning what 12:08 would you and the first thing you know being the true lazy compar uh programmer that i i 12:15 am i would write some process to restart everything if they die and and that comes out of the box with 12:21 kubernetes that capability so you have the concept of deployments for example and replicate 12:27 replica sets to make sure that that kind of things don’t happen that eventuality 12:33 but that is a complicating factor no no joke so and and also you know there’s 12:40 all kinds of uh parameters literally an infinite number of combinations 12:46 to set up how big your car your com your uh cluster is going to be how many nodes 12:51 are going to be in the cluster we haven’t talked about what nodes are can i can i go back to this yeah absolutely should i share my screen and then yeah 12:58 exactly so as tennis is saying that uh you know in order to manage containers we we look Nodes, Kubernetes Infrastructure (K8’s), Pods, and Containers 13:04 at look towards orchestrators and kubernetes is one of them so you have i’m going to do so oh sorry 13:12 let me see where you are tennis uh okay i’m over to your right oh i’ve got you i’ll call you i mean you’re all over in 13:18 usa but i understand what you’re saying and [Laughter] 13:23 all right go for it so basically what what you have now what you have now 13:29 are called nodes which is operating systems and they’re called nodes 13:36 and you have superimposed on these nodes 13:42 the kubernetes infrastructure or kate’s for sure 13:49 and inside of kubernetes you have these entities called pods which are a collection of related 13:56 containers 14:05 that’s and i’ll put a c for container and 14:11 there’s all kinds of fun complexity involved in this um for example 14:18 the the the relationship between the nodes has to be set up with certs 14:24 to make sure that they’re authorized to talk to each other similarly within cates there’s there’s 14:30 certifications there’s cert set up for that um and there’s all kinds of parameters 14:35 to verify that the the the correct 14:40 permissions are for the pods running on the particular nodes it gets very very 14:46 involved so i don’t know salmon if you wanted to yeah 14:51 absolutely so so i’ll i’ll extend what what uh what tenants are saying in order 14:56 to run our applications in kubernetes we need to run it on some 15:03 resources and the resource comes in the shape of machines so the nodes that tennis is drawn in front of you are are 15:11 nodes they could be virtual machines they could be actual machines they could be a raspberry pi they could be your uh 15:16 your little laptop whatever it might be so a kubernetes cluster is made up of nodes 15:22 or called working nodes and another component i think i’ll use the same sketching as you did tennis oh 15:29 that’s all right okay we’ll go with that i think well i’m just gonna undo this and 15:34 i’ll go with uh you know yeah you may you do pretty boxes i do i’m gonna do i’m gonna do the boxes right so because 15:40 that’s uh that’s a little bit easier for me to write so this thing is called our control plane so the control plane is 15:47 the thing that’s in charge of running i’m gonna write cp as control plane control plane is the thing that’s in 15:53 charge of running these pods and the whatever else that needs to run inside the 15:59 kubernetes cluster now imagine you need to set this up yourself so that 16:04 another complexity comes in from when you have to create a cluster you have to configure all of these components inside 16:10 for example we will take a couple of minutes tennis and explain some of the components inside kubernetes do you 16:16 think that’s a that’s a fair thing because you know it might might give you an idea 16:21 of uh what kind of complexity we’re talking about for example let me just go in here 16:26 in a control plane uh let’s just make a little bit bigger there you go 16:32 in the control pane there’s the api as the api is the one where you have to submit a request 16:38 it goes by the api and it takes the request and stores it in in xcd now the 16:44 request that you write is written in a yaml file so i think this is another point that we 16:50 need to talk about is anytime you need to create something inside a kubernetes cluster you have to write a 16:55 configuration file and the configuration file is written in yaml and xcd stores that configuration inside the cluster as 17:02 a source of truth so it can go back because you know kubernetes is a declarative infrastructure it knows at 17:08 what time what’s running but anyway in order to configure your cluster we know we’re not talking about application 17:13 deployments yet we just talked about your cluster configuration you have to set up hcd which is called which is a key value database that 17:20 stores your uh your resource definitions and the definitions that you ask for like i have a 17:26 deployment it needs to have this many replicas of that many replicas now that needs to be configured and that has to 17:32 be in a full tolerant way if you’re connect if you’re managing this yourself you have to set that up and make sure 17:38 that you got enough uh nodes that can you know recover if there’s a failure because if 17:44 at cd fails and you only have one instance of that cd running your kubernetes cluster is dead and 17:51 buried so you know there’s there’s more components and there’s different types of controller managers there’s different 17:57 types of schedulers now and search as uh as uh uh um as tennis was talking about the 18:05 search there’s a lot of these components when you’re configuring you have to set them and these components have a lot of 18:11 uh properties that you can set and then you might be little for example i’ll give you one example there’s tons of 18:17 examples out there one example is what’s known as a pod eviction threshold 18:24 now if a node fails and the control plane doesn’t get a response from the node for for this 18:31 given time it will try and evict the part from that node and move it on to the other node now that 18:38 is in minutes or seconds or whatever it might be so the point is there’s some configuration that you that you need to 18:44 be aware of need to understand in order to set that depending on what your application is just just to give you an 18:50 idea now you set up your control plane and as you were saying you also have to set up your 18:55 nodes and in the nodes there’s a number of components i think i’m just going to point to a couple of components which 19:01 will show why there’s a bit more complexity when you’re setting up the cluster there’s a lot more but we’re just going to add a couple more things 19:08 one of the things in your cluster is the container runtime interface cri contain 19:13 runtime interface think docker on your machine think the bit that runs the container that’s cri container runtime 19:20 interface now why don’t why is it not called just docker 19:25 within kubernetes it’s not called docker because they’ve created an interface container runtime interface because 19:31 tomorrow you say i don’t want to use docker i want to use i don’t know pod man i want 19:36 to use continuity i want to use cryo whatever i want to use and now this is why people think this 19:43 perceived complexity because you need to understand what kind of runtime you want how to configure it so out of the box 19:49 plain vanilla kubernetes doesn’t give you this and that’s why you there’s some more um you know options for you to 19:56 decide i mean container storage interface so how do you map your drives onto the nodes onto 20:02 the pods that’s a whole topic in itself yes in short in short what we say what 20:08 we’re trying to say tennis is that uh configuring a cluster to run your application is not an easy task 20:15 correct tennis because you have to go through and configure it and have you also have to decide the number of nodes 20:20 i’m gonna i think i’ll stop sharing the screen for a second you have to decide number of nodes you have to decide what 20:26 components you want to use they’re all the old plugable and you know modifiable 20:32 anything you want to add on that tennis yes that’s that’s all absolutely accurate and the um the the 20:40 the cloud providers have tried to mitigate some of the complexity by having their own pre-packaged 20:46 offerings in the case of aws it’s eks in the case of azure it’s aks in the case 20:52 of google it’s gke yeah but basically what they do is they take on 20:58 the task of managing the environment for you um with the 21:04 the view to having cut down on a lot of the complexity of setting it up that is they are not the be all end-all 21:10 however because you’re still left with plenty of complexity to worry about but it’s certainly much better than it was 21:15 uh setting up your own uh your own club cluster which by the way 21:20 we know a lot about as a company because cops the well-known 21:26 cluster creation cluster orchestrator creation tool is uh maintained oh well pretty put 21:33 this way the in the top 20 contributors of cops we have uh uh 21:40 at least three or our folks engineers are in the top 20 contributors so you know we know something about what 21:46 we’re talking about uh salmon and i don’t but everybody else does absolutely yeah you could uh yeah 21:52 you know know about cops we can talk about other stuff but absolutely yeah so as as you 21:57 know i know we talk about complexity and our point is not to scare you um that uh you know it’s complex it is 22:04 complex for a reason as we you know this example that we talked about was a runtime interface you know we said oh 22:11 why does an interface exist because it’s pluggable you can pick one or we can pick the other one now um as and as as 22:18 standard says there’s options you can go for a cloud provider solution which is the managed service you can go for 22:24 google gcp oh sorry google aws le note whatever you want you want and plus 22:29 there’s some more complexity that you can use or you can use tools like cops um cube spray cube adm to help you 22:36 configure it but still there’s a lot of work you need to do to make sure the cluster is secure the 22:42 cluster is manageable uh but we’ll come we’ll come to that security stuff in a 22:47 little while and we have it we haven’t even talked about um distributing your applications on the cluster and ci cd 22:53 pipelines and all those kinds of concerns correct correct which is a which is a big concern yes so maybe if 23:00 we before we move on to the next bit uh if you’ve just joined us welcome to the 23:05 webinar with myself salman and tennis from app here we’re talking about why is kubernetes so complicated that any the 23:13 idea of this session is to give you give you an understanding of why perhaps some of the components 23:19 are can be perceived as complicated within kubernetes i was the reasoning behind it of course we can’t cover 23:24 everything we and uh you know we will send a bit of a summary at the end of it 23:30 you’ll we’ll get it in an email after the summary and before we forget we are 23:35 doing this as a series of webinars so if you have any feedback for us feel 23:40 free to reach out to us i think you can leave it leave a message here and if if there’s any topic you’d like us to cover 23:46 you can let us know we’ve got two more webinars coming up you can in next week we can talk about at the very end but so 23:53 far what we talked about is the complexity of taking your application your monolithic application and breaking 23:59 into microservices so we’ve got distributed system so you have to think about all these things like how do i do the distributed logging how do i do 24:05 distributed fault tolerance and all that sort of stuff and then you mix and you bring in 24:10 containers because you want to be able to uh incorporate all the dependencies within the container and run it 24:18 but managing container one by one is not that easy by hand so we use a container orchestrator and kubernetes is 24:26 one of the ones that’s winning the race i think that’s a valid point to say there tennis very much so and and we we have one um 24:35 one question that’s come up okay and we’re getting it which is what are some alternatives to kubernetes 24:41 okay and and that’s it’s an interesting i’ll i’ll go ahead take a stab at it i’ve i’ve got some ideas and 24:49 yeah sure i mean yeah there’s a there’s many alternatives to kubernetes it depends on what your 24:56 requirements are and what you’re trying to do and where it is for example uh you can 25:01 hatch corp have hasty corp nomad that’s a kubernetes 25:06 orchestrator you can use that to run your containers uh people if you are within aws you can use aws file gate 25:13 elastic container service you can use some of those you can depending on what you’re trying to achieve you can even 25:19 use docker docker swarm to do your um you know container orchestration but all depends on what 25:26 you’re trying to achieve and what your requirements are so there are there are some out there um 25:31 uh and i don’t know if you want to add anything more tennis yeah there’s a couple things uh um you can go 25:38 the serverless route which is correct is it basically uh 25:43 functions as a service as an alternative to kubernetes architecturally a very different animal uh and and 25:51 while it is very attractive in some ways it’s also 25:56 provider specific so if you do serverless on aws you will have to 26:02 tailor it specifically for aws similar facilities are available on the other two cloud providers 26:09 but in every case it is proprietary so again everything that we’ve described 26:14 nothing’s free everything’s got its costs in the case of serverless that is the cost of serverless 26:20 um and the question that came up you know what are alternatives to kubernetes this 26:25 is not to frighten you away from kubernetes this is to this is a a sober assessment of kubernetes it is not a 26:33 uh uh kubernetes and how to avoid it uh webinar yeah so 26:39 don’t think don’t think we’re trying to talk you out of it because we’re not we’re big believers in kubernetes but we also are big believers in in in 26:46 thinking professionals using it rather than people who are not walking into it without having done their homework 26:53 uh so uh anyway i i anything you want to add to that salmon yeah i guess i i 27:00 resonate what you’re saying is use the right tool for the right job and yes and if you’ve got if you need to just run a 27:06 little script that i don’t know does something at 8 a.m in the morning or 6 a.m in the morning pull some data from 27:11 somewhere functions is an excellent choice and that’s what a lot of people do that’s 27:17 what i’ve done in a lot of places so yeah i mean that’s absolutely fine if uh people want to know more about 27:23 different quintan orchestrators perhaps we can do it another session and explain that 27:29 that’s right that’s right and that’s just to let everyone know and this is a nice segue into it as we have a couple 27:35 more uh as salman alluded to we have a couple more uh webinars coming up and the one next week is when you should not 27:42 use kubernetes uh so that and we we will specifically talk about those situations then yeah and then on the 29th that’s 27:48 the number number 16th november 29th we’re going to be talking about who’s really doing a good job running 27:54 kubernetes you know what’s what’s what’s does a successful implementation look like basically okay um 28:00 that’s fair enough is that is the answer to that app here is that is that right 28:08 yeah yeah yeah um uh and speaking always this is this is a good that’s this is a 28:13 good juncture to talk about appian what we bring to the table as far as dealing with kubernetes is concerned 28:22 we offer an enabling technology that mitigates a 28:27 lot of the complexity of kubernetes and do you want to go over the highlights of it salman or 28:34 yeah perhaps if we cover other complexities of kubernetes and then in the end we can we can talk certainly 28:40 what does help with what do you think i think that might be a good idea if we just talk about what the complexities are there 28:45 um so we covered the infrastructure complexity i think we’ll probably tennis we’ll probably go on for another 28:51 10 15 minutes right uh if it’s fine you know so we talked about the 28:57 complexity of configuring your cluster to run it there’s a lot of options there 29:02 lots of components you have to install also you have to think about how do you upgrade something because this is running in an operating system you need 29:09 to make sure that’s upgraded any vulnerabilities that come in from kubernetes itself you have to upgrade kubernetes so there’s a lot of work that 29:16 you need to do in order to maintain your kubernetes cluster and if you take a managed service 29:22 that alleviates some of your pains but that’s only the cluster uh you know some some issues with the 29:29 cluster management so that might be something that your devops people in the organization use 29:36 sre people in the organization that infrastructure people in the organization they will be dealing with what about the application 29:43 developers what about them what kind of complexity do they have to deal with maybe we can 29:49 talk about that do you think that’s a certain that’s a good idea maybe should we just share a screen and and uh maybe 29:55 we can we can do a couple of things on there let me just share a screen you know there’s technology you gotta YAML files and Kubernetes deployments 30:03 okay so i i’ve got a cluster here at the top and i have an application that i need to 30:09 submit in order to in order to deploy an application in kubernetes i’ll write 30:15 a yaml file and if since you can see it so we can say 30:20 cube or kubernetes deployment just to give you an example if you’ve 30:25 not seen one i can i can show an example so maybe just let me just make it a little bit bigger 30:31 no that’s fine you can see that right so all right excellent so i in order to deploy an 30:37 application within kubernetes you use what’s known as a deployment and in a second we’ll draw some diagrams and explain it to you which will explain 30:43 some more complexities of why they exist within kubernetes and what we can do about them 30:48 so what we got here is deployment file and there’s a lot of things happening in there but 30:55 the reason why i’m showing you this file is because there’s there’s a file that’s got a lot of key value pairs inside and 31:00 there’s specific information about what kind of resource it is and what kind of image it’s using so this is a container 31:06 image that’s running and there’s some con configuration in here the ports that need to run and some labels that you 31:12 need to add but basically the point is in order to deploy an application you have to write 31:18 a ton of these yaml files and the way the application in the 31:23 application structure in kubernetes is a bit like this i’m going to draw some diagrams tennis and 31:29 then you know we can we can talk about them oh yeah actually let’s just go down a bit more 31:36 oh what am i doing let’s go here okay so let’s uh let’s draw some diagrams right so what i’ve got is a 31:43 deployment so that’s my deployment i’m gonna write a deployment on the side 31:49 deploy 31:54 that’s our deployment and then when we do our deployment in a deployment we define how many containers we want to 32:00 run how many replicas of of the application we want to run and in our case we might be running let’s say 32:07 two pods and a pod as as uh um tennis was saying before it’s just 32:12 the uh running a container inside one or more containers now in this case we got one 32:18 part and i can also have another part right because it’s part of deployment i can have multiple replicas running so i 32:24 can have another part so i’ve got two parts and inside that it’s just a normal website right tennis there’s nothing 32:30 special just a normal website running and the reason why you’re running two replicas is if one fails or if there’s a 32:36 lot of load on it i can distribute the load and things can go there now back today you run your application and 32:42 you say all right i’m done my application is running you give somebody it’s like a web server right let’s say 32:48 it’s a web server you you go in you run the python website on there and you can just run it and everything is great 32:55 but in kubernetes what we want is to have you’ll see there’s a few more components that you have to deal with 33:01 and we’ll talk about why they exist so as a developer of these applications 33:06 there’s some more things that you have to consider that you didn’t use to before and you might think it’s a bit unfair but 33:11 hopefully we can explain why they exist right so we’ve got a pod here and on the top there’s another component 33:19 what’s called a service so let’s go service oh no sir i service now the service 33:27 is an abstraction it’s an extraction layer because i might have a pod here and a pod here this is 33:34 one application and i might have another pod somewhere else that’s running somewhere else let’s just 33:39 call it part two but that’s running somewhere else you know not it’s not part of the same 33:44 deployment it’s a different deployment now the part two here wants to talk to this pod here which is 33:51 i’m gonna i should read it right the number here part one uh so part two 33:57 wants to talk to part one we can get part two to talk to part one that’s you can’t directly call things 34:05 but what happens if the pod dies now how do i communicate with that part i need to know the ip address i need to know 34:11 the port and all that sort of stuff so kubernetes says don’t worry about that information don’t worry about 34:17 what the pod ip is what address it is where does it exist what you need to do is you need to call the abstraction 34:23 there which is the service now if there’s these two pods inside you 34:28 know part one uh and part one b i’m gonna call right part one part wouldn’t be they’re replicas how do you pick 34:34 which part to send the traffic to because we need to do load balancing and that’s why we’ve got this thing called a service think of service as an internal 34:41 load balancer the pod sends the request to the service and the service there’s different types of 34:47 services depending on what you want to do there’s four different types of services and then the service says okay 34:53 uh i might have like hundreds of replicas of two replicas of three airplanes whatever it might be it will pick one and it will send it 35:01 and it will send the response back to where it needs to come to now the services exist as 35:06 as an abstraction for internal load balancing and that’s why there’s this extra part of configuration yammer file 35:14 that you have to write in order to do that but it doesn’t end there right tennis can i can i add another couple of 35:19 points and then maybe we can we can it doesn’t end there right you might be 35:24 like okay am i am i done but no not really we’re just getting started um so if i can 35:31 for another one now the service we said is an internal load balancer so the traffic 35:38 there’s a service is all about running inside the cluster what about if i need to send traffic from outside of the 35:44 cluster um you know what if uh what if you know some person is i’m gonna i should stop 35:50 my screen for a couple of seconds dennis we can go back to it what if it’s a website that some people need to access 35:57 from outside the cluster like i don’t know right name your web name your favorite website tennis 36:02 what’s your favorite website oh i don’t know amazon oh the wrong answer there tennis it should 36:07 be appvia.io that’s your favorite sorry um 36:13 so let’s say we’ve got appear.i running inside the kubernetes cluster which it is right and we need to make it so make 36:18 sure it’s available to to the public outside the cluster and in order to do that we use another component called 36:26 ingress and an ingress is the bit that allows you to root traffic from outside Ingress is like a load balancer 36:31 the cluster to inside the cluster think ingress as your like load balancers like nginx load 36:38 balancers or or kong load balancer is some you know one of those things now 36:44 ingress by default in kubernetes is not installed so when you set up a cluster you have to decide what kind of ingress 36:50 you want to use and there’s different types of ingresses that do different things the way they do their load balances 36:56 balancing is different the way they handle their their sessions is different the way they handle stickiness is different 37:02 now you might say that’s a bit complicated because i have to figure out what ingress i want to use 37:09 how do i configure it but not that exists just for that reason for the 37:14 extensibility of kubernetes so as a developer you’ll have to write an ingress file that maps everything right 37:20 that maps it says okay make sure this is what you know this is what happens if you by the way if you need a webinar on 37:25 how to write all these things we can we can do one uh a bit of a session but you can you have to map this up and say okay 37:31 ingress you talk to this service so some if somebody goes to app get a high io 37:38 they end up on the ingress and the ingress says okay if the request comes from appiah.io you have to send it to the service and the service goes okay if 37:44 you get you get a request from this ingress you have to send it to this pod it has enable and 37:51 and then return back response now you configure all this stuff in configuration file like camels so 37:57 there’s a bit more work that you need to do that’s why it’s complicated because of extensibility but it doesn’t just stop there what about your environment 38:03 variables what about your secrets all that stuff goes in configuration files for example 38:10 your secrets you can you can use kubernetes secrets now they exist because you know you 38:16 you’re not going to have the same secret in every environment right every environment will have different secret correct 38:22 uh tennis like your database connection and dev is that’s right everything has its own secrets and that’s that’s a big 38:27 subject in itself it’s a leveling secret yeah correct and you might you’ll end up with an application might end up with i 38:35 don’t know eight or nine yellow files correct and then there’s a there’s a lot 38:40 of yeah correct right and you might be like oh that’s a lot of complication and that complication 38:45 is 100 there’s you know there’s a lot of files you have to deal with so i don’t know if you want to add 38:51 anything tennis yeah one thing to point out about ingress which is ingress is interesting but because it’s on the 38:56 peripheral excuse me the periphery of kubernetes and the provider environment 39:01 it’s it’s it sits on the edge because literally it’s ingress from the outside world into kubernetes and because of 39:08 that it is uh not exactly proprietary but it does have 39:14 a lot of bells and whistles that vary between the different cloud vendors 39:20 so ingress is not quite the same on azure that it is on aws and of course 39:26 on google there are going to be different kinds of parameters that 39:32 you’re going to have on each so you have to be really cognizant of exactly how it’s going to get used 39:37 correct correct so uh that’s absolutely right so what do we do with all this application 39:44 complexity well the first thing is you kind of have to learn what these different components are right tennis you have to understand oh 39:50 yes what deployment is you have to understand what are services you have to understand i’m going to stop sharing the screen now you have to understand all 39:56 these components and you have to also understand we haven’t talked about a lot of things yet like how do you do storage 40:01 how do you do state for laps actually we have a few blogs coming up quite soon so head over to app via blog so you can 40:07 check out these tennis already wrote this beautiful blog that i’m um you know actually maybe i should share the screen 40:13 again uh you know i don’t know why i stopped sharing the screen tennis wrote this this uh this great blog about uh uh you 40:20 know why is it so complicated the thing that we’re talking about now but of course you know these things uh 40:26 are there and they’re a little bit complicated to start with but you know you can you can understand then you can 40:32 learn this there’s some resources that we’ll share with you later on um and you can read our blogs 40:37 and perhaps understand a little bit more about why they live why they’re complicated so some of the things that 40:43 we really haven’t touched upon our link actually is in the announcements there you go a link has 40:48 been added to the announcement section so if you head over to the announcement you will um 40:53 you will see that there thank you very much kirsten for sharing that beautiful um so 40:59 what we haven’t touched upon is a lot of other components in kubernetes that are 41:04 complicated but i think tennis maybe i should do a uh a bit of a 41:10 recap as to how can you deal with this this you know um development complexity you can use tools 41:18 like let’s say you don’t want to write all these yaml files and apply them to kubernetes cluster there’s tons of tools 41:24 out there there’s this helm template uh helmet allows you to do templating there’s customize there’s um 41:30 you know there’s uh there’s quite a few tools out there there’s also even kubernetes api where you can use the 41:36 client libraries and you can write your yaml files as code and submit them like you know these resources code and submit 41:42 them but there are some tools out there that allow you to package your application and deploy 41:49 them and yeah yeah ultimately kubernetes is a bunch of apis 41:54 under the covers and you can write your own tools to talk to those apis 42:01 using a language that it understands so um there’s a great deal of flexibility and 42:07 also there’s a great deal of opportunity to hurt yourself if you’re not careful um you know but it’s it’s that’s there’s 42:14 a tremendous amount of flexibility and by the way one point to bring up uh that we touch on or have touched on with 42:21 other webinars is that the the price of admission for kubernetes is growing a kind of internal 42:28 priesthood in your organization that will understand kubernetes and will typically fall into the devops 42:35 uh group name under the name of devops um they will be the ones who 42:41 will will will understand or be tasked with understanding kubernetes and it shifts the the onus of 42:48 of understanding from the classically the application people to the kubernetes 42:54 administration devops people um that’s a that’s a cultural shift that 42:59 needs to happen as well and also of course part of the the complexity we’re talking about 43:06 yeah that’s that’s that’s cool so maybe um if you if you’re joining now welcome to the webinar and uh we are 43:13 talking about why is kubernetes so complex so maybe tennis should i give you like maybe give a one minute summary 43:19 of what we discussed and maybe we can start wrapping up and what the next steps should be we should 43:24 should we do that yeah sure yeah so so what we started with saying is that uh 43:30 it becomes starts to become a bit complicated because you have an application which was a monolith before 43:36 everything’s inside the application you take applications you run it inside the virtual machine and everything’s good but there comes a point and you go if 43:43 the the virtual machine fails that’s a bit of a problem what do we do so we break the application monolithic 43:49 application into microservices architecture if you need a bit of a you know you can look at 12 factor apps to 43:55 help you understand if you want to break up your applications you can use strangler patent we’re going to send 44:00 some links later on to help you break your applications up once you have that you use containers to 44:06 run them because containers give you some uh some features like all the dependencies 44:12 are included inside in one place you can build and you can run it you can manage one or two containers okay but if you go 44:18 hundreds or tens of containers you need to make sure if one crashes you can bring it up how do you scale it and this 44:24 is where kubernetes comes in the kubernetes is a container orchestrator that allows you 44:29 to deploy applications and as tennis was saying kubernetes is basically just one massive api that’s open for 44:36 extensibility so you can first of all you have to create your own cluster and 44:41 install all the components and we said well you can’t do that but it’s a little bit you you basically need to know what 44:47 you’re doing or what you can do is you can use one of the managed providers or talk to app here or talk to somebody who 44:53 uses kubernetes quite a lot and you know uh use one of the managed services 44:58 and there’s we have another we have a product that allows you to spin up your kubernetes clusters in some environments 45:05 and and does all that for you then you don’t have to worry about installing some of those components yourselves so that’s 45:12 infrastructure complexity and we have the application complexity like how why is it so complicated then and i think we 45:18 shared maybe i can do a quick one i’ll share the screen here again 45:24 there’s different components that go into writing your application so you have the applications that run as pause 45:29 then we have services then we have ingresses the first complication is that you kind of have to understand what these parts 45:36 are what they do and how to write them and how to deploy them in the kubernetes cluster and how 45:41 to manage them did you use some of the tools so we haven’t even touched upon security of the kubernetes cluster 45:47 out of the box not a lot security exists so you kind of have to look into what the network policies are make sure the pods are 45:55 supposed to talk to each other they can only talk to each other nobody else is talking to each other so there’s some projects that exist that help you with 46:02 security often kubernetes clusters and also your applications that are running inside it’s can your clusters and look 46:08 for that um so that is a summary i think um of what we’ve discussed 46:14 uh i think what tennis’s point was you know yes it’s complicated but fear 46:20 not right tennis i don’t know if you want to uh give some partner thoughts to people before sure 46:26 exactly don’t run away every thing is you know controllable 46:32 uh kubernetes while it is a complex beast there are 46:37 ways to mitigate the complexity we offer a product called wayfinder that allows you to 46:43 pre-configure what a cluster is going to look like in a very opinionated way 46:48 that an administrator would configure ahead of time what a cluster would look like and then you would allow users at 46:55 the time they need it to say please give me a cluster and the cluster will be instantiated 47:00 and have all the bells and whistles and correct security hooks and things like 47:06 that that you have had the administrator pre-configure and that makes the process of bringing 47:14 up a cluster so much simpler than it even and this sits on top of the 47:20 uh the managed kubernetes offerings from the the big three cloud vendors 47:25 uh so we invite you to have a look at that product uh because it could help you 47:32 know address any issues that you may have uh dealing with the uh the inherent 47:37 complexities of kubernetes cool um 47:43 with that uh we’ve got a couple of things to say is first of all thank you for joining in 47:48 we’ve got another webinar next week november 16th do you really need kubernetes anyways 47:54 and we will talk about some of the reasons why you should not adopt kubernetes you know we’ll talk about how you should not run away from kubernetes 48:01 like why you should not adopt communities next week and the week after november 29th uh who’s killing the 48:06 kubernetes game and what you can learn from their successes there’s some some use cases on how people are are using 48:12 and hopefully some of them will resonate with you and some of the some of the tips that you can take 48:17 that might help you adopt kubernetes a little bit easier uh just that bit easier but we hope that you found it 48:24 useful as to why it’s a bit complicated because there’s a lot of extensibility and you you kind of have to learn some of 48:32 that stuff but hopefully some of the resources that we have on our website and find out this 48:37 there’s tons of resources on youtube you can find us on linkedin and twitter if you just search 48:43 for soulman equal s-o-u-l-n-a-n equal on twitter youtube you’ll come across 48:50 my profiles uh but if you have any questions you can email us uh salman.iqbal appfier.io 48:57 tennis.smith i o uh and please do leave some feedback for us and in the feedback tab i think 49:04 that’s uh that’s the thing that is is on the right you’ll see somewhere on the right there’s a 49:10 feedback tab just please that’s your feedback uh tell us anything else you’d like to add 49:16 no sir i think we covered it okay uh on that note uh we will say thank you 49:22 all for joining us and please stay tuned for the next one as well we’ll be doing a lot more of these and let us know what 49:28 you’d like to hear about we hope that you found this useful and wherever you are have a good day evening 49:34 afternoon night thank you