This example demonstrates how Level 2 k8orization can significantly optimize a Python Flask application deployed in Kubernetes. The specific techniques and benefits will vary depending on your application and chosen packages.
Let's consider a k8orized deployment of a simple Python Flask application serving a basic API endpoint.
Standard Image:
-
OS:Ubuntu 20.04 LTS with default package selection. -
Python Installation:Python 3.9 installed with full development libraries and tools. -
Flask Package:Installed with all dependencies, including documentation and development tools. -
Image Size:Approximately 500MB.
k8orized Image (Level 2):
-
OS: k8orized Ubuntu 20.04 LTS image (Level 1 optimized).
-
Python Installation:Python 3.9 with minimal libraries required for running the Flask application (e.g., httpx, python-dotenv). -
Flask Package:Only specific Flask components needed for the API functionality are included, excluding documentation and development tools. -
Image Size:Reduced to approximately 200MB.
Optimization Techniques:
-
Package Analysis:Tools like pipdeptree or pip-tools analyze dependencies and pinpoint unused libraries within the standard Flask installation. -
Library Trimming:Unnecessary libraries identified in the analysis are removed using package managers like pip. -
Documentation Removal:Static analysis identifies and removes documentation files bundled with the package. -
Development Tool Removal:Development tools like Flask-Script or pytest are excluded if not required for deployment.
Benefits:
-
Reduced Image Size:Smaller image leads to faster downloads, deployments, and lower storage costs. -
Optimized Resource Utilization:Minimal libraries translate to lower CPU, memory, and disk consumption in k8or. -
Enhanced Security:Smaller attack surface due to the absence of unused code and documentation. -
Simplified Management:Consistent package configurations across deployments streamline security updates and maintenance.
Additional Techniques:
-
Application-Specific Optimizations:Analyze the specific Flask application dependencies and remove any further elements not directly involved in the API functionality. -
Security Hardening:Apply additional security measures within the k8orized image, such as disabling root access and setting restrictive file permissions. -
CI/CD Integration:Automate Level 2 k8orization steps within your CI/CD pipeline for efficient and consistent container builds.
This document presents an example hGraph visualization of the package k8orization process implemented at BOTops company.
Sector 1:
The user authorization process requires accessing and verifying credentials across all necessary services: Google, AWS, Jira, Miro, Toggle Tracker, GitHub, and DockerHub.
Sector 2:
This sector outlines the creation of manifest files in YAML format for various Kubernetes products.
-
The first manifest defines a StorageClass, enabling volume creation.
-
The second manifest creates a PersistentVolumeClaim, claiming a volume.
-
The third manifest deploys a service with mounted volumes, exposing both /mnt and /usr directories.
-
The fourth manifest deploys another service with mounted volumes, focusing specifically on volumes within the /usr directory.
Sector 3:
Section 3 outlines the pre-deployment steps, including authorizing access to a Jump EC2 instance, establishing a connection to the EKS cluster, switching to the appropriate namespace, and verifying connectivity to the Node Group, ensuring a smooth and secure deployment process.
Sector 4:
Section 4 dives into deploying the StorageClass, detailing the steps: uploading the manifest file, establishing the StorageClass itself, and the subsequent automatic volume creation, streamlining storage provisioning for your application.
Sector 5:
Section 5 outlines the deployment of the PersistentVolumeClaim (PVC), guiding you through uploading the manifest file and subsequent PVC creation. This empowers your application to request and utilize persistent storage seamlessly.
Sector 6:
Section 6 delves into the deployment process, guiding you through applying the deployment manifest, creating the deployment resource, spawning a replica set, and finally launching individual pods, orchestrating the entire application rollout in a step-by-step manner.
Sector 7:
Section 7 tackles automated pod storage attachment, demonstrating how to specify StorageClass and PersistentVolumeClaim information within your manifest file. This ensures seamless storage provisioning for your deployed pods.
Sector 8:
Section 8 dives into content migration, guiding you through executing the created pod, copying all files from /usr to the mounted /mnt directory, and then verifying memory usage remains consistent across both directories. This final step confirms successful migration and data persistence within the mounted volume.
Sector 9:
Sector 9 streamlines resource removal with the deployment manifest deletion, triggering a cascading process that automatically deletes the associated pods, replica set, and ultimately the deployment itself.
Sector 10:
Section 10 showcases deployment with a dedicated volume for the /usr directory. It walks you through applying a deployment manifest, spawning a replica set, and launching individual pods, all configured with the mounted volume.
Sector 11:
Sector 11 focuses on automated storage provisioning for deployed pods. This triggers the automatic attachment of the storage resources to the created pod.
Sector 12:
This section details the installation process of essential software packages for the system. It covers the installation of pip, cassio, python-dotenv, llama_index, and openai. Each package installation is accompanied by the generation of log files for tracking purposes.
Looking to expand your k8or knowledge?
k8or is easier to use with a basic understanding of Kubernetes principles and core concepts. Learn and apply fundamental k8or practices to run your application in k8or.
Explore BLOCK framework, k8orization, custom images, deployments, and more
