Sumo Logic Cert Jam - Advanced Metrics with Kubernetes

Sumo Kubernetes Analyst
Advanced Metrics With K8s Certification
Become a

Sumo Logic confidential
Course Agenda
Explain centralized data collection and enrichment
Demo our Kubernetes capability
Gain Insight into our four different views into Kubernetes
Sumo Logic Apps available for Kubernetes
10 min.
10 min.
10 min.
10 min.
Engage in Hands-on Labs70 min.
Get certified as a Sumo Kubernetes Analyst60 min.
Intro our Kubernetes App10 min.

Intro to Kubernetes (K8s)
is an open source container orchestration platform developed by Google and is now managed
by the Cloud Native Computing Foundation.
It provides automated deployment, scaling, and operations of applications across clusters of hosts. It
provides Desired State Management for your cluster - define the cluster services system and it operates
based on that set criteria.
Everything in Kubernetes is, by design, ephemeral. Kubernetes achieves its elastic ability to scale and
contract by taking control over how pods—and the containers within those pods—are deployed.
And it runs anywhere, private, public cloud, or bare metal.

Sumo Logic Confidential
● Non-profit, part of the Linux Foundation
● Founded December 2015
● Members:
○ 18 Platinum
○ 19 Gold
○ 354 Silver
● https://www.cncf.io
Silver member:
Meet the (CNCF)

Key Kubernetes Terminology, Part 1
Cluster
A set of machines, called nodes, that run containerized applications managed by
Kubernetes.
A cluster has at least one worker node and at least one master node. The worker node(s) host
the pods that are the components of the application. The master node(s) manages the worker
nodes and the pods in the cluster. Multiple master nodes are used to provide a cluster with
failover and high availability.
Node
A node is a worker machine in Kubernetes. A worker node may be a VM or physical
machine, depending on the cluster. It has local daemons or services necessary to run Pods
and is managed by the control plane. The daemons on a node include kubelet, kube-proxy, and
a container runtime implementing the CRI such as Docker.
Pod
The smallest and simplest Kubernetes object. A Pod represents a set of running
containers on your cluster. A Pod is typically set up to run a single primary container. It can
also run optional sidecar containers that add supplementary features like logging. Pods are
commonly managed by a Deployment.
Container
A lightweight and portable executable image that contains software and all of its
dependencies. Containers decouple applications from underlying host infrastructure to make
deployment easier in different cloud or OS environments, and for easier scaling.
Container
Pod Container
Pod
Container
Pod Container
Pod
Worker
Node
Worker
NodeMaster
Node
Cluster
Source: https://kubernetes.io/docs/reference/glossary/?fundamental=true

Key Kubernetes Terminology, Part 2
Deployment
An abstraction to manage replications of a set of routines, protocols, and tools
for building software applications. Each replica is represented by a pod, and the pods are
distributed among the nodes of a cluster to achieve the Desired State Management.
Namespace
An abstraction to support multiple virtual clusters on the same physical
cluster. Namespaces are used to organize objects in a cluster and provide a way to divide cluster
resources. Names of resources need to be unique within a namespace, but not across namespaces.
Service
An abstract way to expose an application running on a set of Pods as a
network service. The set of Pods targeted by a Service is (usually) determined by a selector. If
more Pods are added or removed, the set of Pods matching the selector will change. The Service
makes sure that network traffic can be directed to the current set of Pods for the workload.
Deployment
Service
Payment
Service
User
Service
Maps
Service
Pod
nginx
Pod
nginx
Pod
nginx

Our Kubernetes App
Provides visibility into the worker nodes and
their application logs
You can monitor and troubleshoot container
health, replication, load balancing, pod state and
hardware resource allocation.
The App utilizes Falco events to monitor and
detect abnormal container, application, host, and
network activity.
A small 4 node k8s cluster can generate over 200,000 distinct metrics!

Data Collection and
Enrichment

Centralized Data Collection with Sumo Logic
Deployment
Namespace
Node
Pod
Container
Service

Monitoring and
Troubleshooting
Kubernetes at every level

Four different realtime views into your Kubernetes system
Node
Track environments with
many users spread across
multiple teams, or projects like
dev, lab, and prodMonitor to improve your
user experience
See how your deployment is
performing to your set criteria
and manage changes
Observe the infrastructure
topology of resources - private,
public cloud, or bare metal
Cluster
Pod
Container
Cluster
Namespace
Pod
Container
Deployment
Cluster
Pod
Container
Namespace
Service
Cluster
Pod
Container
Namespace

Explore tabs interconnected with dashboards
● Dashboards are filtered by
choosing one of the four views in
Explore By
● Metadata enables us to build a
hierarchical view
● Explore the Kubernetes stack by
connecting pods to their services
or group nodes by cluster
● Real-time dashboards by tapping
into the auto-discovery capabilities
inherent in Prometheus, we can
ensure that the hierarchy
visualized in Sumo Logic is
accurate and up to date.

Infrastructure-centric visibility (Node view)
Container
Pod Container
Pod
Container
Pod Container
Pod
Worker
Node
Worker
NodeMaster
Node
Cluster

View your services from a cluster perspective
● Very complex to examine
ephemeral services as
pods are spread out in a
node based view
● May be slow to find and
troubleshoot service issues
● Node view is
disconnected from the
customer user experience
Payment
Service
User
Service
Maps
Service
Cluster
Worker
Node
Worker
Node
Worker
Node
Worker
Node
Worker
Node
Worker
Node
Worker
Node

Service
Now, look at your services from a Service-centric view
● Easy to locate your services, if you look from
the services view
● Quick to find and troubleshoot issues due to
organization and filtration
● Tightly connected to the customer user
experience to maintain the customer interface
and satisfaction
Payment
Service
User
Service
Maps
Service

Deployment-centric visibility
Cluster Deployment A
Deployment C
Deployment B

Namespace-centric visibility
Container
Pod E
Namespace
= dev
Namespace
= lab
Namespace
= prod
Container
Pod D
Container
Pod A
Container
Pod B
Cluster
Container
Pod C
Container
Pod A
Container
Pod B
Container
Pod C
Container
Pod A
Container
Pod B

Use Case: Helps prove and sell DevOps automation
A Continuous Integration/Continuous Delivery (CI/CD) pipeline helps software development
organizations automate various steps in getting software deployed to production
environment.
Container orchestration monitoring and troubleshooting has impacted every aspect of modern
software development and deployment
“We want to launch new things
whenever we want.”
“Once everything is working, let’s not
change anything.”

We can monitor & troubleshoot your CI/CD
Product/Eng Management
Document
requirements
Create and
Assign Tasks
Development
Code Build Test
Deploy
Release OperateDeploy

Sumo Logic Apps
available for Kubernetes

Our Kubernetes Cluster Apps and Why You Need Them
App Purpose Details
Operations
and Security
Provides visibility into the operations and security of worker nodes of a
cluster, as well as application logs of the worker nodes. Install only one
instance of the Kubernetes app; one app can monitor multiple clusters.
Utilizes Falco events to monitor and detect abnormal container, application,
host, and network activity. Install one of the Control Plane apps, after the
Kubernetes app is installed, based on your deployment.
Cluster
Control
Plane
Monitors the master node control plane, including the API server, etcd, kube-
system and worker nodes. The App utilizes Falco Kubernetes Audit events to
monitor and detect notable or suspicious activity such as creating pods that
are privileged, mount sensitive host paths, use host networking, and the like.
Provider
Control
Planes
Provides insights into the master node / vendor-specific control plane,
including the API server, control-manager, kube-scheduler, etcd and kube-
system.
Control Plane
Core

Our Kubernetes Partner Apps - CI/CD
App Purpose Details
CI/CD
Helps you monitor and secure their DevOps pipeline to ensure
quality and increase delivery velocity
CI/CD
Reduces the complexity of managing Kubernetes deployments by
providing a uniform platform for securing, connecting, and monitoring
microservices
CI/CD
Spinnaker is a continuous delivery and infrastructure management
platform for hybrid-cloud, multi-cloud, and Kubernetes. Leverage
Spinnaker to deploy with more consistency, automation, and safety,
increasing your pace of software innovation by orders of magnitude.
Istio

Our Kubernetes Partner Apps - Security
App Purpose Details
SecOps
Provides comprehensive monitoring and analysis solution for detecting
vulnerabilities and potential threats throughout your environment,
including hosts, containers, images and registry.
SecOps
Helps you detect, investigate, and remediate vulnerabilities, insecure
configurations, compliance violations, and runtime threats across all
container and Kubernetes environments.
SecOps
Provides granular security and compliance control monitoring to
DevSecOps teams throughout the cloud native application lifecycle, from
development to runtime in production.
SecOps
Gives customers the ability to detect, investigate, and remediate
vulnerabilities in software artifacts across your deployment environments.

Install any App from
our Catalog
200+ Apps available
Your can preview an
Apps capability
Once installed, Apps
will appear in your
personal folder

Tutorial: Hands-on Exercises
Hands-on Labs:
• Follow along using the labs found
under Home > Certifications
Training Environment:
Go to: service.sumologic.com
username: training+user###@sumologic.com
password: ### will be a
number between
000 and 800

Sumo Logic Cert Jam - Advanced Metrics with Kubernetes

Kubernetes App Features
1. Centralized metadata enrichment enabling consistent tagging across logs,
metrics, events
2. Service-centric, node-centric, deployment and namespace views
3. Dynamic live state dashboards to keep up with your Kubernetes
environment
4. Unified visibility combines metrics + logs + events in a real-time view
5. Cloud Native Computing Foundation (CNCF) standards-based
6. Out of the box security that integrates easily into existing dashboards

In order to get credit for the exam,
In YOUR OWN INSTANCE, go to
Certification Tab.
• Online Exam
• 30 Multiple choice questions
• 60-minute time limit
• 3 attempts
Advanced Metrics
With K8s

Sumo Logic Certification
● Make sure to log out of the training
account you were using and sign in with
your own account
● If you do not have a working login, go to
sumologic.talentlms.com to sign up for
an account

If you find your login is cycling
back to the exam screen, do the
following:
● Click on Help in the black left bar
● Click Community in the black left bar
● An email verification should be sent
● Once you verify, you should able to
take the exam without any issues

For passing the exam, you will earn:
● SWAG
● A Certificate
● An invitation to our LinkedIn Group
● The respect of your peers
● Fame, Fortune and more... Jessica Robbens

Please take our survey:
https://forms.gle/2KMtxPuD
9cSYV8SJ6
How did we do?

Sumo Logic Cert Jam - Advanced Metrics with Kubernetes

More Related Content

What's hot (20)

Similar to Sumo Logic Cert Jam - Advanced Metrics with Kubernetes (20)

More from Sumo Logic (11)

Recently uploaded (20)

Sumo Logic Cert Jam - Advanced Metrics with Kubernetes