Installing and Setting Up PostgreSQL on Kubernetes - Percona Community PostgreSQL Live Stream & Chat - July, 28th

Learn more about Installing and Setting Up PostgreSQL on Kubernetes with experts. This is a part of Percona Community’s bi-weekly Live Stream. Dave and Charly shared their experience with a demo session.



Dave Stokes well, I’m going to drop off quickly and get handed over to the Postgres person the week last week, we couldn’t get him online, that thing, and I will drop him off. And, folks, this is a great thing. You’re going to learn a lot today as well. With that here is Charlie.

Charly Batista
All right. So, yeah, we’re having some technical difficulties here, I cannot see or hear Dave. So I’m probably going to be just myself today. So on the stage here, and the talk today, it was to be about Kubernetes, and containers, and the database and all this kind of stuff. And I was thinking, I want to discuss those things. And now that we have these difficulties, this technical difficulty, so we need to do some improvisation to improvise a little bit here. And one thing that I was thinking is, that we need to understand underlying technology when we start using that. So for example, when we talk about Kubernetes, so the first thing that comes to mind is containers. So things run inside of containers. And then you have the whole ecosystem of the Kubernetes, that it’s going to do the orchestration and all this kind of stuff. And people are talking for about a minute for quite a long time now, or five, seven value don’t really remember when this, this Headstart, but it’s been quite a long time. But one thing that I have seen is, that a lot of people, still do not understand what is a container, especially in the Linux environment, when we talk about containers inside of Linux, a lot of people think a container is a lightweight virtual machine, we surely are not quite true. So it’s a good way to explain but that’s not exactly how it is. And before we start to talk about Kubernetes start to try to run posts with inside replica branches, we need to sort of have a better understanding of what is a component. This is one thing that I will try to do today. So we’ll try to build together here a container environment without a container ecosystem. So we’re going to, we’re going to build our containers without using Docker and Aleksey or whatever order container environment is just it’s going to be a postman container that we’re going to do today. So I hope that works. We’ve been doing some tests here a lot of those tests; sometimes they don’t work quite as expected, and sometimes they fail. And but it’s been quite fun. And I believe that this is a really good way of learning when we have failures. And then we need to understand what what what was broken, what failed. And this is the way that like we can understand. And the main objective today is to have two containers inside a box. So I have a root question on AWS. So we have a box on AWS and then we’re going to build two containers but not really containers but it will give you an idea of how things work underneath what are the technologies that are being used and how those things work. To give us this idea so let’s start sharing my screen here in just a second. Okay, this is my screen here I hope everybody can see it because you also increase the font size here if you if you can see properly or if you have anything you can give a thumbs up so Dave cannot I cannot hear see Dave but like he’s there so he can think me and let me know if you guys can see or can Are you? Okay? So as I said, I have this virtual machine here. So what I’m using here, is the source code, there is nothing low plugins not in here on the resource to code. The only thing that I’m doing here is using the terminal here. I have the terminal here, under the window. And we have I have some most of the things we’re going to do I scripted here, and I’m going to go through each of them. So we understand what I’m doing here. And we understand how those things work. Right. So this is just a normal Linux box, but it’s not in here. So, for example, using Amazon Linux, so

I can do an RPM dash QA, and search for Docker. Not such a great draft Docker, so there is no darkness installed, there is no lxe. Nothing here is being sold, as reflected on Barker. So command not found. So we don’t have any container environment installed on this machine, right? But one thing that I did in advance was I used it my laptop to download the one Docker image, actually this image, we will see it’s just the file system of the image. So I could be created using the one of Ubuntu or Debian, which is the image I’m using here and install and then copy the files. But that will be will take quite a long time. And the easiest way to get the image working, I’ve read work in the file system where that work is just using a marker or like C just cool. We’ll see that there’s nothing fancy here is just literally the installation of the system just as the file system, right? So let me do a sudo. Here, I want to use my screen, I like to use the screen here because we can have multiple terminals. And we will need multiple terminals for this example. You’ll see it later on. So the first thing that I got to do is I got to create my file system hierarchy. Right? So it’s just crazy. I’m lazy, the like two to five, I could have I just am huggy lab and Cadillac containers old blah, blah. So what I actually used to do so instead, so I just created those files. So we can check here on those files, or I have one folder that we’re going to hold out the containers we got to recreate and one folder that will hold all the images. So the image that I downloaded previously. So there are tar files, right? So but now they’re integer right I just created so we can remove that creep again, just make sure that empty. Okay. So we are going to have to always remember the objective is to have one primary and replica, they’ve been replicated the need to be able to communicate between them. And we use a totally different network address. Here, instead of using the same address, a family of the box that very, very, very, we’re using instead of using this the server here, but we’ll see. So if I check node one. So we will see that we have two different folders here. So this is when things start getting interesting. One thing that Docker does is to use the overlay mounting overlay filesystem mounting point. So how does it work? When we mount using the overlay monitor here, we can simulate what we have for example, on gauge we have different layers, one on top of the other ones in the example that we’re going to use here, we’re going to use basically two or three layers. So we are going to use the lower layer that we have here we’re going to use the lower layer, so the lower layer will be wherever we go to boot, the base installation of the operating system. So everything that I got a copy from this image here, I gotta put inside of this lower layer. And then I’ll tell them, the overlay that all this, this path, I have the lower layer when you mount it just uses the more deer for the layer. So we won’t be able to change anything on this folder,

It’s like, okay, we did it, it mounted here, and everything now is frozen. That I’ll tell the overlay that okay, now you also have an upper layer of the operator, that is this upper one here, this is where all the things where you start doing run to be saved. For example, if I create a new file, the new file will be saved here. If I change a file that already exists on my lower layer, what it does is it copies the file and saves the change inside of the upper layer. So it means that every time that we change something inside of a Docker container or Aleksey container, we are replicating the files, right? That’s why people value if you have something on your iPhone application change files inside of the container, he started off using the container file system, creating an external mounting point and mountainside. Because it will always be replicated, we have multiple versions of the same file. And we have this merged one. So this merchant here is what gonna give us the idea of the final file system. So it will get the lower layer, it will get the upper the work layers, older layers, it will merge, and just expose to the container, the latest version of the files that we have. Okay, that’s too much talk. Let’s, let’s start building those things. So I want to execute it here. If you see it here. What I did, was I change my keyboard shortcuts here, when I press Ctrl, Alt-Enter, that just execute the line that I have here. So but you can see the execution out here, we can fold it out here. Alright, so I have moved the files inserted inside of this, this lab so we can check if everything is in there, so it’s indeed removed. So I have a Q image here. One is for Debian and another one is for CentOS. So for this example, today, we’re going to use the Debian one. So right, they’re gonna decompress here, inside of a folder that I called layered. Funny thing is, if we check what’s inside of this folder, here, we see that it created a directory with a Docker UID. So this is from Docker. And inside of this guy, just copy here, we will see that there is a moderator file, a layer of the tar file. And this is the file that we have all the file system, the Debian file system, the ETC root slash Bing in all the file systems inside here on the stock file. So in what they’re going to do now, they’re going to decompress this, this file, and I want to put it inside of our lower layer. So this is what we’re going to do here. We’re going to unbox and save and put everything in solder inside of the lower layer. If we check now the lower layer so you’ll see that it should be empty. It’s empty here. There is not enough. And when we decompress. Now we have all we have the file system. So this is basically our Linux file in Linux file system, in my case, a Debian that we just downloaded from the Docker file. So now we have a base mounting point for the file system right? So what I’m going to do is I want to tell you today we’re going to mount using the overlay, I got to use again the lower layer. So we also got to use the upper, let’s check what we have inside of them. So here should be empty, it’s empty. And the word one is also empty.

Empty, and the one that we care about is the merged one. Right? It’s also empty. One thing is for this one here, and I name it, I’m just calling Nan. Okay, and I mounted here and the mount sold yet the mounting point that the court none was mounted on this. But this is the pathway mounted exactly the path of the merged one. So if you check the marriage now, we’ll see that we have the whole file system here, right? And those are exactly the files that we compress it here and there; inside of the lower layer, we work we install the posts, which will do everything. But everything from now on that we do inside of this container will not be saved on the lower layer anymore, we will be saved on the upper layers, and it can create more and more and more layers. So we can have the whole history of all the changes that we do inside of the file system. Right? So okay, I mounted here. And now it’s time to understand the next important piece of technology; let’s call it this way. That enables a container to work, which is the namespace. Namespace, in a very naive way to explain a namespace, is a way that Linux has to isolate, and process isolates information from not on users. But for the process itself. So we have basically, for you remember correctly, we have via basically seven different namespaces, we have a network namespace so that we can create isolated networks. We have the user namespace on the user namespace we can have as MCs; we can have a user process and users themselves isolated. Inside of each namespace. We have the UID namespace. We have the UID namespace we have let me see for the PID namespace or not. Why do you have the PID namespace? This is also very important for us. Because when we start running our container here, we don’t want the PID that is inside of our container to be the same PID that is outside of the containers on the Linux box. So we want our application to believe that it’s inside of a Linux machine, and it holds everything in there. And the PID namespace is going to help us to isolate all those things. Right, then there are other names based for now. We basically care about those three. And what are you going to do here? The first thing is I want to start creating our network topology. And to create our network topology I go to add, create in a different namespace. When we start Linux machine, we start with the machine for the first time. You are already inside one namespace. This is the original namespace there is actually there is a type of comment I don’t recall now, but this is the main class Khomeini namespace.

Everything is in that main namespace, and they are on there. That main namespace is processed zero. In their case, they did the first one that booted the system. So the root is the owner and the process is zero or process one. I guess it’s process one and process one is the owner of that full namespace. So everything that we do with like the shell that we have here, everything that I’ve been doing here is in this original Omate namespace All right, if I create a network interface here, I can use the IP command here to create the network interface. If I just create the network, you’ll be created in this main namespace. And because it’s in the main namespace, it has a lot of restrictions, right? You need to be a super user to do everything here; all those kinds of things are restricted because we’re inside of this main namespace. So what we’re going to start to do now we’re going to create, our namespace. And everything on that namespace will be isolated from the main namespace. So everyone that is being here won’t be able to view or to see everything that I can except we can use, but like, it will simulate what we really are a container, right? So here, I am going to create a network that is just adding a network namespace, this is what it does. So what is this is wrong, it’s here; just add the network namespace and make one call it this network namespace and one. So this is what we do here, we create a natural namespace. And then what I’m going to do is, I’m going to create a bridge, right? Because remember that I said, we want to use a different natural topology inside of our containers? For example, here, my box has the IP 10 zero, dot 100 dot 12. So this is the natural family that we have here not handled. With the network mask that we have here, we are on the network 10.0 dot 100. And once again, I want to do here, I want to put everything on the network 192168 dots 20 Q. So for them to be able to communicate and for our container to be able to communicate to all to the outside vote, we need a bridge network; it looks like it went to work just like a switch or router, that’s a bad idea. Now the switches, it’s a router. So our network, and our container will be connected fees, not physically, but will be logically connected. And I will show later how that works for this router, and this router will route everything to the outside of the container. And also when we communicate from outside to the database inside of the container, we need to have a way to route, that to that namespace. And the bridge, as the name says is going to be the bridge between the container and everything outside of the container. So let me create this bridge. Okay, I got to assign an IP this year and assign the IP for the bridge. And this is our bridge IP. And I will just enable it. Right. So it’s up. If I go here, again, IP back. Now we see that we have this new network interface, we have a bridge. And this bridge has desired IP they just gave it right. So this is the IP that we have. And it’s up we see the link. You see here the link. Yep, it’s up. Here. It’s up. So it’s working. So far, so good. And another thing that we need to do is we need to enable to tell the colonel that we want to enable the backhand to fall forward. But what happened is now our box is working as a router, right? So but usually when is the kernel of the network interface, like the cheat zero in this case that we have here received a package that is not addressing today’s network interface, it should just drop people into anything because it’s not an atrocity to that network interface. We’re telling them here’s a look man, we’re working as a router here. So before you drop anything, can you check if it’s not addressed for one of the IP all the natural farmers that you know here, so then you can fall watch that information package? If you don’t do this, it won’t fall lunch, and our container will be fully isolated. Well, it won’t be able to communicate to the outside or receive anything from outside. So we need to tell the term that we want to enable it And here. There are other ways to make this. But here, for simplicity, I’m using IP tables to forward all the package that comes from outside looking for this; this network address to send them to our mesh network is just helping to do different things. Okay, now we started our network namespace; right, so far, we have the bridge. And what I want to do now here I want to create to order namespace; remember that we have the natural namespace, but now we want the PID namespace. And because we want it to be isolated, we don’t want the outside wants to see what’s happening inside. Well, they can, but not with the same ID. And more importantly, we don’t want our applications inside of the container to see what happens outside of the container, we want really them to be isolated. So and I want to use the network namespace that we created; I want to use the Merge Folder. So I’m also doing a sage root here. So it will tell now that we are just mounting change in the root folder. This kind of works with Debian; why has something similar that was the call fake root? So the idea, the concept, the idea is very similar; we are literally creating a sandbox here. So this is a sandbox; everything will be encapsulated there, including the file system, which is the file system that we extracted. Okay, so if everything worked fine, now we are inside the container. And we can check here, for example, the PS oops, yeah. This is one thing of an image like Debian or a small image that we download from Docker. They don’t have anything right PS; for example, they don’t have the common px, right? Okay, that’s fine. I want to change the hostname. Because the outside of the host server is SRV. I don’t want I want to be able to know, and one thing that I was not able to show you is because we don’t have PS here, we need to mount the proc file system. The proc file system has it’s a beautiful file system, not a real file system; it’s in memory, and it’s controlled by Linux everything. That is, there is something that the kernel dt, and the information that cannot need to keep and used for a lot of stuff. And when we created those things here, the container.

I have LS here; I have a less. So if I check the proc, we’ll see it’s empty. Because when we were using the sage root here, I used all the care for loop, I wanted to change my root folder. So from our long my root folder, my operating system is on this path that is the merchant one. So this is my root file system. But I didn’t tell him that I also want to be able to have my own proc file system here. So the proc file system is where we have the UID, the PID, all this kind of stuff, or they reside inside of the proc, so we need to mount it. And yet, now that I mounted it, if we check now, we have a lot of stuff here inside of the game, the proc file system, and if you see here, we have only two PID running inside of our container, the PID one, that’s you know, the first one and the PID nine. So if I go to the outside, I’m here on my server on my host, if we check, oops. We have tons of P IDs here. All of those are pages. So they will be related to all those P IDs that we have here, right all those numbers are the P IDs that we see when we run the P us; oh, let’s go back, I, I want you to show the names of the host here. And the easiest way to do it is just suing again. So you just reload the information from the, from the variables. That’s okay. So now I need to finish my network configuration. And to finish my network configuration, I need to do those things. All my hopes I cannot do here inside of my container because they do not exist, and they are related to the votes. For example, if I tried to run here, we’ll see that the comment doesn’t exist. Because I’m inside of my host, I’m inside of my container, not of my host. So I’m now going to my host, and one thing that we need to do is we need to create a V network or a VT pair, what we call it there is a pipe, it works like a pipe, it’s like the cable that you plug on your computer, to the router or the switch, this is the cable that we want to work from the container to the bridge, right, then it works just like a pipe that going to link the container to the bridge network. And as it is a fire pole, a cable, it has two ends, one and we want to put on the bridge and another end, you’re going to need to put in your computer, right if you’re using a physical cable, and this is the site, we are going to use, we have two tenants. And that’s why it’s a pair. And one, I gave two names, one of which is this, that is the one that we are going to work on the container. And this is the one that we are going to plug on the bridge, but it’s just named, the name here we just becoming, it can be whatever name you want to want to give to that. Right? So remember, when we create things using an IP, it goes to the main namespace, right? But we want to move it inside of our namespace. Remember that the name of things created was empty and wanted zero. So yeah, I got up and moved this vid inside of that namespace. So okay, I got to move. And then I got. Now I’m going to plug one of the points, these sets in the master of these, into the bridge. So one of the ends, one of the points of my cable, and just plug in here on our bridge on our switch. Right, and

I got to set it up. So but for Shaq here, we’ll see that it already exists here. It’s already created. Here is our linkage to the bridge. But it’s down since they stated stuff. So we need you to put it up. And if we check now. And here we go. It’s up now. So this is what we just created, we created a monitor network interface that works like a cable that we plug from our computer to the switch. That’s fine now, we need to work on the other end; this is the end that we’re going to put inside of the container. Right. So the first thing that I’m going to do is I’m going to give it an address. So and when the funny thing is, if we check here, we won’t see these addresses, see there is no the address that I gave is 22. For n two, I always see the address of our bridge, because remember, this one is inside of our container, this is not outside. So I got to put it up. And now, oh, this is the loopback interface. So we also set the loopback interface, and I put this looking back interface and loopback interface inside our container. So the IP dash N here means that I’m working inside of a namespace just like the IP, IP, and as per the same thing. The dash N is the shorthand for an SDS. And here is the name of the interface. Remember that we gave this nd one Net 04 We are running those commands inside of this namespace, right? So inside of this namespace, I am setting up my loopback interface. Now I’ve set up my physical interface, this is the interface that you’re going to use. And this is the interface that color holds these IP now because this is our, we gave it here, right? And one last thing that we need to do is we need to set a routing table. So, for example, if I execute this, let me get a copy here. I’m too lazy to fight.

So if I execute, this is the one I wanted to call. If I execute here. The common IPA, is inside of our namespace. So oops.

Execute; of course, you need to give the namespace name. So this is what we have inside of our namespace at the moment. So we have our loopback interface, and we have our network interface. See the address that we gave to our network interface; this is inside of our container. This is already inside of our container; this is not on the host anymore. This is exactly what you chose when you run your Docker exec, or darker brown or something. This is how it translates inside of vivid characters for comments that we do on Instagram, but not inside; here are the lyrics that we’re using in bash comments. And I need to have a routing table. So if we use IP dash r, you’ll see that our routing table here is it’s empty. Actually, it’s pointing to its own IP. So I’m adding a default route. And the default route, I’m pointing to the bridge, truss. Remember the bridge, everything that goes from here to the old side goes through the bridge. So at the moment, I cannot think of anything from the side here. So if I tried to ping like these others, if I tried to think the Goldwater as so, I just get network unreachable because we don’t have routing. Now, after I have my Bollington table, so I can come back here. And now we can be routed outside. Now we have access to the outside because we have access to the breach. The breaching network is giving us access to outside here. So at this point, we’re basically done with our network inside of the container. So what we have now at the container, we have the file system, and we have the P IDs. And we have the network, right? We have everything that you need. And now comes to the latest one that I want to talk about today, that is the groups. So if we just leave the container like it is now, we can use it; the problem is the container can, this container can exhaust all the resources that we have. And cgroups is what we use to control the resources. So we, the cgroups, we put some limits on the results. Here, I’m going to lock this in just to finish things here. So here, I want to limit the memory; I don’t want my attorney to use more than one gigabyte. So what happens is if my container or whatever is inside of my container, for example, if my database is out of the container, try to use more than one gigabyte here, the kernel will kill it, you will see an oil kill, and you killed that one because it’s the container using more memory than it has. So I’m given how much memory my container going to have here. And we can limit everything. We can limit memory, we can limit us yo we can limit CPU, or we can limit natural bandwidth. So most of the things that we can limit using cgroups so I want this weakness to be reserved because I don’t want to have stuff inside of my container. Here I’m just binding that information to the PID. Because remember that I said when we start the Linux box, the first PID PID one is the PID that is the owner of that namespace right here, this being bash that they executed when I mounted here when I executed the Sure, and the fork. And here, these being Bash is the owner of our namespaces, the owner of our container, this is the guy that is writing our container. So has this guy had the PID one, for example. If not yet, I will show some because they can install some stuff inside of the data set of that container. Right. And what we do here is we’re telling

that everything related to those pods that everything that’s inside of our container is the same group. This is what we’re telling here because everything that we execute now will fall from that that PLP ID. After all, it’s inside of our container. So you will be under the same form, that PID, or that created our container. So I’m telling the C group for blue, all those guys are in the same family, all of those tasks, everything that happened here is in the same family. So I want you to control the family, not only one PID. So if the family exceeds one-gigabyte memory, it will cube, which is what we do here. So now I’m done with my container out from outside all the configuration I needed to do on the host. Now I can go back to my container. So I can go here now inside the container. Remember that the note one thing here we are inside the container. And now we can start working. So I got to do an apt update. And look, let’s a recap. I’m running on Amazon, Linux, Amazon Linux, oops, just Amazon Linux here; we don’t have an act, right it uses the app. So that’s the first thing that we need to keep in mind. We are writing oops, not this one here. Okay, we are writing. Alright, inside of the container. We are running Debian comments here inside of our container. So I want to install them and some proc stuff. Those proc stuff are going to give me the PS for finally FPS. We have some stuff inside our container. And see, we all have up IDs here. And this is the key one the first one that created that first batch is the owner of everything, right? I got to install Postgres. Okay, installation should take just a few seconds here, not install Postgres

one thing that I believe it’s just a preference I don’t like is the way how even works on post quizzes because it puts all the configuration files inside etc. And sometimes it gives me some trouble. So what I’m going to do here is I want to copy the posting is not confined in the PGA comm file size of this folder, because if you see here, we don’t have them, we have But you don’t have the confidence to JPA. So a copy, and I’m using some configuration. For example, when changing the location of the BGP find a set of proposals or columns, the listing address, and put into a star instead of localhost the log destination I’m enabling logging here so the logical actor directory and putting two to the dash log define the name instead of that huge file name and just want my all my logs to be just last resort, Clark. That’s That’s it. So I want to have the truncate on rotation. It’s usually not good to have truncation on rotation, but here I don’t want to keep too many watts. I want it to get the 10 megabytes. So it doesn’t matter how plus, I want to disable the include D that is inside of the post does not count because it always gives trouble. And on the PGH PA, I want to allow connections for everyone. Right? And this is the only side of the container, right? So we could have done this, I could have saved the configuration file and then just put the configuration file over here. That’s all. It’s easy to do here. And now it comes to the time that we start the database. Right, so Well, it’s, that’s fine. That’s because I’m grinding this up here. But it started the database. And how can we publish it? We have a Postgres shell here; we have a Postgres database working now. So I got to create the user trolley, I got to create the database and test are going to change to that database are going to create a table, and they will insert our Yeah, I sorted 1000 rooms. So that’s fine. That looks amazing. We’re running inside of the container. And we see that from the inside of the company words, but are we able to access it from the outside? Can we access this container from outside? Let’s try it out. Right. So oops. So what I have to do here is I want to try to do a PS CRO. So remember, this is the IP that we gave. So I guess you’re not fond. Of course, I’m inside of my groups now. So on my host, I need to run the yum install. So I just installed the client; I don’t need everything; I just need the client. And what if now it tried to access? Well, that’s a good sign because it’s asking for the password if I type the password. And here, yeah, I’m accessing my container from outside from the host. So all those network things worked. And now I have a post is running inside of a container that it built without using Aleksey or Docker or anything with built it man built it my head. This is my poor man’s container, right, so you can do a select count from one. Yeah, we have one-minute rolls here. So it’s working fine. So now the next step is I going to create another one. So this one is running almost the same thing. So all the comments here are basically the same I’m not going to explain all of them again because we’re almost running out of time. So because the idea here is to have two containers, right one communicating to each other. So I’m calling this node Q Okay, host node to mountain practicing way.

I got to create the books this is I need to run for an outside remember that so that would be with writing important to have more shelves. This is the moment that we need more shelves. Let me just double-check one thing here on the network here, we are using 192168 training cube, and the other one is was one I do okay, so we are in the right network. So okay, so everything looks fine so far. Let me just run here. Okay, now let’s see if we’ve been, we can think so it means the computer works fine. The same thing for the groups we want to limit. This was a test that I needed. So though they don’t need anymore. Okay, we have the container here. We can go back to denote you remember this is the container no cube, okay. And I want to do the same on the container with you. Right, so I want to run apt update I going to install the Veen and post-release, but one thing here, I want to remove the main folder because this got to be a replica. It’s not the primary database. There’s going to be a rapid replication of the database. And our containers are able to communicate with each other. Are we in the same network? Let’s find out. So it’s taking longer than I was expecting. Okay. Okay. So I got to remove it. And this is the moment. Remember, this is our other container IP. So do I have it commented here? We don’t have a comment here. But we have outside. So can I can just execute

and DQ is the name of that one. So this is the IP of the container Q., And this is the ID of the container runtime. So the container Q, this one won’t be a replica of a container Q. Right? Let’s go back to the note here. Let me go back here. Let’s run this PG backrest comment here. And we hope that everything will work well.

Well, we have a common problem. That was fast. For us, it’s asking for my password How stupid I am. Okay, yeah, it’s doing the backup; well, it’s a good sign; it’s taken some time. And it should not take too long because it’s inside of the same box, right? Just wait here a couple of seconds. And well, wait, it’s backing up here. So from what we have here, what would be the next steps? The next step would be to have an order server. So we could put models or what they call in Kubernetes pods. So now here and work inside of one port, as we can see here, all the basement, all the foundations of how containers work. They are inside the Linux kernel. So everything else everything that Dockers and Alexei all those those those guys they do is to use the underlying infrastructure that we have already. And remember when I said that the analogy of a lightweight virtual machine for the container it’s not a quarter, and it’s not true. Because it’s not the view information. We are still inside of the same box; there is not that strong isolation. So what we do here is we create namespaces to isolate the applications to isolate things. Oh, it’s waiting for the checkpoint never to finish here.

Okay, now it’s. So all those isolations here, they’re being done for the namespacing capability that the caravans, right, and then we have the restrictions for all the other things for cgroups. And so we all those together are what we call a container. Nothing so special. Like, it’s amazing how it works. It’s It is amazing how it works. And it’s amazing to understand how those things work. It’s super amazing. But so everything is there already, right? And you must understand how those things work. So you can decide if it makes sense for you to use on your database or if it will be harmful. There are a lot of applications that are a lot of customers that make a lot of sense for that to run inside of containers or inside of Kubernetes. But for all of our situations or house of our situations that it does more harm than good to run inside of containers or run inside of the Kubernetes. All the orchestration that Kubernetes gives and things they’re amazing. But for the other side, they also need a lot of investment in time and training for the team for models. They’re not easy; they’re not simple as you can see. There are so many pieces together to make those things work. And when a problem happens, it’s it can be a nightmare to find one of our options. So we need to understand those things. This is what my message for today is really, really need to understand how this thing works so that we can decide how we can move on. And I hope that that was okay. Well, of course, they don’t have that they will teach you, right? But they should have that they would be one. Yep, it is just replicated for a DBQ. One. And let’s give it a try. discreditable to create Oops, my.

Nope. Okay, I had a great table to choose from. I love how sometimes things work. We went, I went to be lazy, and it just doesn’t work. Let me change here. I have just been here. So I’ll take credit they will I got it, sir, that they will teach you. But instead of one of your roles, icon searches 300,000. So it should be enough. So only certain 300,000 holes. If we go for the other one. Now, we should have they will teach you. And here we have. We have two containers running inside of our box. And inside of each container. We have a post was writing, and we have replication between them. So I can call it a success. Right. So yeah. That’s it for today. I hope you enjoyed it and I hope that it was useful for you. I hope you learned some things. And it’s bad that Dave cannot like I cannot hear Dave. And that’s all that was great. Oh, thanks for your time. And have a great day.


Charly Batista

Percona, PostgreSQL Tech Lead

Charly Batista is currently PostgreSQL Tech Lead at Percona. Possesses over twelve (12) years of experience in various areas of IT including Database Administration, Data Analysis, Systems Analysis and Software Development. Strong analytical skills combined with experience in object oriented programming techniques. Technical Leader for more than four (4) years for the Developer Team. Born in Brazil and now living in Shanghai-China.

See all talks by Charly Batista »

Dave Stokes

Technology Evangelist at Percona

Dave joined Percona last February 2022. Dave is MySQL Community Manager and the author of MySQL & JSON - A Practical Programming Guide

See all talks by Dave Stokes »

✎ Edit this page on GitHub