Love Kubernetes at Mail.ru Group: February 14

Hello friends. Recently, we launched our Kubernetes series of meetings on Mail.ru - @ Kubernetes Meetup. We slightly underestimated the interest in the topic and received several hundred applications for participation in the first event of the series - more than we were able to confirm.

In honor of February 14, we decided to arrange a special edition-mitap for everyone who loves Kubernetes: let's get together in a larger circle, start a little earlier, expand the traditional program of performances with a hot discussion and interactive. We also prepared for the participants a few special surprises.

The meeting will be held on February 14 (Thursday) at 17:00 in the Moscow office of Mail.ru Group (Leningradsky Prospect, 39, p. 79).

At the mitap, Booking.com will reveal the details of its Kubernetes setup; The largest Czech hosting WEDOS will share its experience with K8S on Bare Metal, and Mail.ru Cloud Solutions will tell you how to make Kubernetes truly secure. As part of the discussion, the invited speakers will discuss, what is the future behind - vanilla Kubernetes or the distribution kit of the vendor?

Registration is compulsory and closes February 12 at 11:59 pm (or earlier if the seats run out).

Program mitap

"Kubernetes on Booking.com"
Ivan Kruglov, Booking.com, Principal Developer

The last two years Booking.com solves the problem of accelerating the release of new products on the market. Part of the new approach is to build an internal cloud. It is based on 15 Kubernetes clusters. When creating them, Booking.com departed from generally accepted methods: here the setup includes shared clusters, a flat network, SLO / SLI calculated for each cluster in a sly way, a set of tests that check the functionality of the cluster and its integrations in real time.

Booking.com not only exploits Kubernetes, but also actively develops system applications designed to improve the ecosystem. For example, it was created and laid out in open source Shipper - a set of controllers that provide Kubernetes-native orchestration of Canary and Blue-Green deployments into several clusters at the same time.

About this all and much more - more on February 14th.

“Security at Kubernetes. How to stop worrying and start living "
Dmitry Lazarenko, Mail.Ru Cloud Solutions, Head of PaaS-direction

Kubernetes is as powerful as a complex tool at the same time. The issue of security is no exception: everything is not so trivial as in the case of the “classic” security of applications running in virtual environments or even based on Docker.

By providing Kubernetes as a service in the Mail.ru public cloud, over the past year, the Mail.Ru Cloud Solutions team faced many requests on how to implement the maximum (sometimes paranoid) application security at Kubernetes at all levels, which is suitable even for a harsh Enterprise, and how to build the right Security Development Lifecycle / DevSecOps in Kubernetes.

The speaker will share the experience of implementing typical security patterns in Kubernetes, which can be applied both in the public and in the private cloud.

“Everything you need to know about Kubernetes on Bare Metal”
Andrey Kvapil, WEDOS Internet as, Cloud Architect / DevOps

Andrei Kvapil will share his experience in cloud solutions architecture and DevOps in the largest Czech hosting WEDOS, where Kubernetes is actively used to deploy services and servers - now for more than 500 nodes and with the planned expansion to several thousand.

Special attention will be paid to the organization of the server farm with network boot and the choice of storage. The speaker tested a large number of free SDS solutions before opting for Linstor, a fairly young project that, nevertheless, showed itself well in operation.

Along with this, other pressing issues will be addressed. In a programme:

• What is Bare Metal and what it is eaten with. What problems will you face when building a Bare-Metal cluster?
• Diskless nodes and server deployment automation using LTSP.
• The choice of storage. Consider the types of storage and when what should be used. How the Local Volumes Provisioner Works
• A few words about the organization of the network, the peculiarities of IPVS and the configuration of MetalLB. Getting rid of overlays as much as possible.
• Configure cluster access, LDAP connectivity, and seamless management of multiple clusters.

Panel discussion: “Vanilla Kubernetes or vendor distribution: what's the future for?”
Moderator: Mikhail Zhuchkov

The development of Kubernetes does not stand still: every quarter we receive new releases, often with significant improvements. The Cloud Native Computing Foundation ecosystem is also actively moving forward, stimulating the rapid growth of Kubernetes and expanding the capabilities of the technology.

Although most cloud providers provide Kubernetes as a service based on vanilla distribution, the market now also offers a lot of Kubernetes assemblies and even individual products based on them. Some of them just slightly improve non-optimal behavior, and some - for example, OpenShift - change Kubernetes almost beyond recognition. This is very similar to the situation with the fragmentation of Android devices a couple of years ago.

In order to understand the pros and cons of each option and understand which approach will survive, in the course of our discussion, we gathered both vendors of such distributions and representatives of companies that exploit Kubernetes vanilla along with vendor solutions.

Be sure to register by the link - we will review all applications and in a few days we will send confirmation. In honor of the holiday, we are ready to receive much more guests, but are still limited by the size of the room.

We immediately report on new events of the @ Kubernetes Meetup series and other Mail.Ru Cloud Solutions events in our channel in Telegram: t.me/k8s_mail

Want to perform at the next @Kubernetes Meetup? The application can be left here: mcs.mail.ru/k8s-speak