# Mikrostoritve

Years ago, most **software applications were big**, running either as a single process or as a small number of processes spread across a handful of servers. These legacy systems are still widespread today. They have **slow release cycles and are updated relatively infrequently**. At the end of every release cycle, developers package up the whole system and hand it over to the ops team, who then deploys and monitors it. In case of hardware failures, the ops team manually migrates it to the remaining healthy servers.

Today, these big monolithic legacy applications are slowly **being broken down into smaller, independently running components called microservices**. Because microservices are decoupled from each other, they can be developed, deployed, updated, and scaled individually. This enables you to change components quickly and as often as necessary to keep up with **today’s rapidly changing business requirements**.

But with bigger numbers of deployable components and increasingly larger datacenters, it becomes increasingly difficult to configure, manage, and keep the whole system running smoothly. It’s much harder to figure out where to put each of those components to achieve high resource utilization and thereby keep the hardware costs down. Doing all this manually is hard work. We need automation, which includes automatic scheduling of those components to our servers, automatic configuration, supervision, and failure-handling. This is where Kubernetes comes in.

Kubernetes enables developers to **deploy their applications themselves and as often as they want, without requiring any assistance from the operations (ops) team**. But Kubernetes doesn’t benefit only developers. It also helps the ops team by automatically monitoring and rescheduling those apps in the event of a hardware failure. The focus for system administrators (sysadmins) shifts from supervising individual apps to mostly supervising and managing Kubernetes and the rest of the infrastructure, while Kubernetes itself takes care of the apps.

> NOTE: Kubernetes is Greek for pilot or helmsman (the person holding the ship’s steering wheel). People pronounce Kubernetes in a few different ways. Many pronounce it as Koo-ber-nay-tace, while others pronounce it more like Koo-ber-netties. No matter which form you use, people will understand what you mean.

**Kubernetes abstracts away the hardware infrastructure and exposes your whole datacenter as a single enormous computational resource**. It allows you to deploy and run your software components without having to know about the actual servers underneath. When deploying a multi-component application through Kubernetes, it selects a server for each component, deploys it, and enables it to easily find and communicate with all the other components of your application.

This makes Kubernetes great for most on-premises datacenters, but where it starts to shine is when it’s used in the largest datacenters, such as the ones built and operated by cloud providers. Kubernetes allows them to offer developers a simple platform for deploying and running any type of application, while not requiring the cloud provider’s own sysadmins to know anything about the tens of thousands of apps running on their hardware.

With more and more big companies accepting the Kubernetes model as the best way to run apps, it’s becoming the standard way of running distributed apps both in the cloud, as well as on local on-premises infrastructure.

## Moving from monolithic apps to microservices

**Monolithic applications consist of components that are all tightly coupled together and have to be developed, deployed, and managed as one entity, because they all run as a single OS process.** Changes to one part of the application require a redeployment of the whole application, and over time the lack of hard boundaries between the parts results in the increase of complexity and consequential deterioration of the quality of the whole system because of the unconstrained growth of inter-dependencies between these parts.

Running a monolithic application usually **requires a small number of powerful servers that can provide enough resources for running the application.** To deal with increasing loads on the system, you then either have to vertically scale the servers (also known as scaling up) by adding more CPUs, memory, and other server components, or scale the whole system horizontally, by setting up additional servers and running multiple copies (or replicas) of an application (scaling out). While scaling up usually doesn’t require any changes to the app, it gets expensive relatively quickly and in practice always has an upper limit. Scaling out, on the other hand, is relatively cheap hardware-wise, but may require big changes in the application code and isn’t always possible—certain parts of an application are extremely hard or next to impossible to scale horizontally (relational databases, for example). If any part of a monolithic application isn’t scalable, the whole application becomes unscalable, unless you can split up the monolith somehow.

**Splitting apps into microservices**

These and other problems have forced us to start s**plitting complex monolithic applications into smaller independently deployable components called microservices**. Each microservice runs as an independent process (see figure 1.1) and communicates with other microservices through simple, well-defined interfaces (APIs).

<img alt="" src="https://dpzbhybb2pdcj.cloudfront.net/luksa/Figures/01fig01_alt.jpg" data-action="zoom" data-zoom-src="https://dpzbhybb2pdcj.cloudfront.net/luksa/HighResolutionFigures/figure_1-1.png" class="medium-zoom-image">

**Microservices communicate through synchronous protocols such as HTTP, over which they usually expose RESTful (REpresentational State Transfer) APIs**, or through asynchronous protocols such as AMQP (Advanced Message Queueing Protocol). These protocols are simple, well understood by most developers, and not tied to any specific programming language. **Each microservice can be written in the language that’s most appropriate for implementing that specific microservice**.

Because each microservice is a standalone process with a relatively static external API, **it’s possible to develop and deploy each microservice separately**. A change to one of them doesn’t require changes or redeployment of any other service, provided that the API doesn’t change or changes only in a backward-compatible way.

**Scaling microservices**

Scaling microservices, unlike monolithic systems, where you need to scale the system as a whole, is done on a per-service basis, which means **you have the option of scaling only those services that require more resources, while leaving others at their original scale**. Figure 1.2 shows an example. Certain components are replicated and run as multiple processes deployed on different servers, while others run as a single application process. **When a monolithic application can’t be scaled out because one of its parts is unscalable, splitting the app into microservices allows you to horizontally scale the parts that allow scaling out, and scale the parts that don’t, vertically instead of horizontally.**

<img alt="" src="https://dpzbhybb2pdcj.cloudfront.net/luksa/Figures/01fig02_alt.jpg" data-action="zoom" data-zoom-src="https://dpzbhybb2pdcj.cloudfront.net/luksa/HighResolutionFigures/figure_1-2.png" class="medium-zoom-image">

**Deploying microservices**

As always, microservices also have drawbacks. When your system consists of only a small number of deployable components, managing those components is easy. It’s trivial to decide where to deploy each component, because there aren’t that many choices. **When the number of those components increases, deployment-related decisions become increasingly difficult because not only does the number of deployment combinations increase**, but the number of inter-dependencies between the components increases by an even greater factor.

Microservices perform their work together as a team, so they need to find and talk to each other. When deploying them, someone or something needs to configure all of them properly to enable them to work together as a single system. With increasing numbers of microservices, this becomes tedious and error-prone, especially when you consider what the ops/sysadmin teams need to do when a server fails.

Microservices also bring other problems, such as making it hard to debug and trace execution calls, because they span multiple processes and machines. Luckily, these problems are now being addressed with distributed tracing systems such as Zipkin.



**Understanding the divergence of environment requirements**

As I’ve already mentioned, **components in a microservices architecture aren’t only deployed independently, but are also developed that way**. Because of their independence and the fact that it’s common to have separate teams developing each component, nothing impedes each team from using **different libraries** and replacing them whenever the need arises. The divergence of dependencies between application components, like the one shown in figure 1.3, where applications require different versions of the same libraries, is inevitable.

<img alt="" src="https://dpzbhybb2pdcj.cloudfront.net/luksa/Figures/01fig03_alt.jpg" data-action="zoom" data-zoom-src="https://dpzbhybb2pdcj.cloudfront.net/luksa/HighResolutionFigures/figure_1-3.png" class="medium-zoom-image">

Deploying dynamically linked applications that require different versions of shared libraries, and/or require other environment specifics, can quickly become a nightmare for the ops team who deploys and manages them on production servers. The bigger the number of components you need to deploy on the same host, the harder it will be to manage all their dependencies to satisfy all their requirements.

###  Providing a consistent environment to applications

Regardless of how many individual components you’re developing and deploying, one of the biggest problems that developers and operations teams **always have to deal with is the differences in the environments** they run their apps in. Not only is there a huge difference between development and production environments, differences even exist between individual production machines. Another unavoidable fact is that the environment of a single production machine will change over time.

These differences range from hardware to the operating system to the libraries that are available on each machine. Production environments are managed by the operations team, while developers often take care of their development laptops on their own. The difference is how much these two groups of people know about system administration, and this understandably leads to relatively big differences between those two systems, not to mention that system administrators give much more emphasis on keeping the system up to date with the latest security patches, while a lot of developers don’t care about that as much.

Also, production systems can run applications from multiple developers or development teams, which isn’t necessarily true for developers’ computers. A production system must provide the proper environment to all applications it hosts, even though they may require different, even conflicting, versions of libraries.

To reduce the number of problems that only show up in production, it would be ideal if applications could **run in the exact same environment during development and in production** so they have the exact same operating system, libraries, system configuration, networking environment, and everything else. You also don’t want this environment to change too much over time, if at all. Also, if possible, you want the ability to add applications to the same server without affecting any of the existing applications on that server.

## Virtualizacija

- Virtualizacija omogoča transformacijo hardwarea v software.
- Ustvarimo popolnoma delujoč računalnik, ki lahko poganja svoje aplikacije in operacijski sistem
- Uporabimo virtualen CPU, RAM in disk, ki je iz vidika sistema enak fizičnemu

### Virtualizacija - motivacija

- Hardware je vedno cenejši in močnejši -> vedno bolj zahtevne aplikacije
- Neizkoriščene zmogljivosti
- Prostor v strežniških omarah je drag
- Varovanje okolja
- Zamudne in drage upravne naloge
- Monitoring strojne opreme
- Menjava pokvarjene opreme brez prekinitve delovanja sistema
- Inštalacija in nadgradnje strežnikov so zahtevne
- Backup


### Kaj pomeni višji nivo virtualizacije?


- Boljša izraba sistema gostitelja
- Večja kompleksnost infrastrukture
- Pomembna je programska oprema infrastrukture
- Večja abstrakcija strojne opreme
- Več odgovornosti je na strani ponudnika infrastrukture
- Natančnejše zaračunavanje

- Manj kontrole nad aplikacijo
- Manj varnosti pred ponudnikom infrastrukture
- Morebitne težave v programski opremi ponudnika
- Vendor lock!


## Introducing container technologies

In section 1.1 I presented a non-comprehensive list of problems facing today’s development and ops teams. While you have many ways of dealing with them, this book will focus on how they’re solved with Kubernetes.

Kubernetes uses Linux container technologies to provide isolation of running applications, so before we dig into Kubernetes itself, you need to become familiar with the basics of containers to understand what Kubernetes does itself, and what it offloads to container technologies like Docker or rkt (pronounced “rock-it”).

### Understanding what containers are

In section 1.1.1 we saw how different software components running on the same machine will require different, possibly conflicting, versions of dependent libraries or have other different environment requirements in general.

When an application is composed of only smaller numbers of large components, it’s completely acceptable to give a dedicated Virtual Machine (VM) to each component and isolate their environments by providing each of them with their own operating system instance.**But when these components start getting smaller and their numbers start to grow, you can’t give each of them their own VM if you don’t want to waste hardware resources and keep your hardware costs down.** But it’s not only about wasting hardware resources. Because each VM usually needs to be configured and managed individually, rising numbers of VMs also lead to wasting human resources, because they increase the system administrators’ workload considerably.

**Isolating components with Linux container technologies**

Instead of using virtual machines to isolate the environments of each microservice (or software processes in general), developers are turning to Linux container technologies. **They allow you to run multiple services on the same host machine, while not only exposing a different environment to each of them, but also isolating them from each other, similarly to VMs, but with much less overhead.**

A **process running in a container runs inside the host’s operating system, like all the other processes** (unlike VMs, where processes run in separate operating systems). But the process in the container is still isolated from other processes. To the process itself, it looks like it’s the only one running on the machine and in its operating system.

**Comparing virtual machines to containers**

Compared to VMs, containers are **much more lightweight**, which allows you to run higher numbers of software components on the same hardware, mainly because each VM needs to run its own set of system processes, which requires additional compute resources in addition to those consumed by the component’s own process. A container, on the other hand, is nothing more than a single isolated process running in the host OS, consuming only the resources that the app consumes and without the overhead of any additional processes.

Because of the overhead of VMs, you often end up grouping multiple applications into each VM because you don’t have enough resources to dedicate a whole VM to each app. When using containers, you can (and should) have one container for each application, as shown in figure 1.4. The end-result is that you can fit many more applications on the same bare-metal machine.

When you run three VMs on a host, you have three completely separate operating systems running on and sharing the same bare-metal hardware. Underneath those VMs is the host’s OS and a hypervisor, which divides the physical hardware resources into smaller sets of virtual resources that can be used by the operating system inside each VM. Applications running inside those VMs perform system calls to the guest OS’ kernel in the VM, and the kernel then performs x86 instructions on the host’s physical CPU through the hypervisor.

Containers, on the other hand, all perform system calls on the exact same kernel running in the host OS. This single kernel is the only one performing x86 instructions on the host’s CPU. The CPU doesn’t need to do any kind of virtualization the way it does with VMs (see figure 1.5).

The main benefit of virtual machines is the full isolation they provide, because each VM runs its own Linux kernel, while containers all call out to the same kernel, which can clearly pose a security risk. If you have a limited amount of hardware resources, VMs may only be an option when you have a small number of processes that you want to isolate. To run greater numbers of isolated processes on the same machine, containers are a much better choice because of their low overhead. Remember, each VM runs its own set of system services, while containers don’t, because they all run in the same OS. That also means that **to run a container, nothing needs to be booted up, as is the case in VMs. A process run in a container starts up immediately.**