SlideShare a Scribd company logo

Kubeadm Deep Dive (Kubecon Seattle 2018)

L
Liz Frost

A deep dive into the cluster setup and upgrade tool Kubeadm, presented at Kubecon 2018 by Liz Frost and Tim StClair

Engineering
1 of 39
Download to read offline
#kubeadm deep dive
Agenda ● Who? ● Mission ● GA ● Roadmap 2019 ● Getting Involved ● Q/A L
Who? L
Who are we? Timothy St. Clair SIG Cluster Lifecycle co-lead Steering Committee Member Staff Engineer @Heptio/VMWare @timothysc Liz Frost SIG Cluster Lifecycle Contributor Kube Cuddle creator SW Engineer @Heptio/VMWare @liztio
Who are we? ● 100s of contributors across several companies ● Smaller core group of active maintainers ○ VMWare ■ Lubomir, Ross ○ VMWare (née Heptio) ■ Tim, Liz, Jason, Chuck ○ Suse ■ Marek, Rafael ○ Intel ■ Alex, Ed ○ Other/Independent ■ Luxas, Fabrizio, Yago, Di ● Large user community on #kubeadm L
Mission L
What is our mission? SIG Cluster Lifecycle’s objective is to simplify creation, configuration, upgrade, downgrade, and teardown of Kubernetes clusters and their components. L
<BRACE FOR RANT} T
Why are we doing this? ● To prevent the mistakes of other open source cluster mgmt provisioning tools ○ Because… ■ Kubernetes is the beginning of the story, not the end ■ commoditizing the deployment of the core raises all boats and allows the community to focus on solving end user problems ■ “production grade” shouldn’t be firewalled by providers ■ It should “just work” ■ Because cross provider matters ● To make the management of (X) clusters across (Y) providers simple, secure, and configurable. T
Why (unix philosophy)? ● Make each program do one thing well. To do a new job, build afresh rather than complicate old programs by adding new "features". ● Expect the output of every program to become the input to another, as yet unknown, program. Don't clutter output with extraneous information. Don't insist on interactive input. ● Design and build software, to be tried early, ideally within weeks. Don't hesitate to throw away the clumsy parts and rebuild them. ● Use tools instead of people to lighten a programming task, even if you have to detour to build the tools and expect to throw some of them out after you've finished using them. ○ Write down the “Hard Way” and optimize 80% UX Flow with override T
Key Design Takeaways ● kubeadm’s task is to set up a best-practice cluster for each minor version ● The user experience should be simple, and the cluster reasonably secure ● kubeadm’s scope is limited; intended to be a composable building block ○ Only ever deals with the local filesystem and the Kubernetes API ○ Agnostic to how exactly the kubelet is run ○ Setting up or favoring a specific CNI network is out of scope ● Composable architecture with everything divided into phases ● Versioned configuration T
Component View Master 1 Master N Node 1 Node N kubeadm kubeadm kubeadm kubeadm Cloud Provider Load Balancers Monitoring Logging Cluster API Spec Cluster API Cluster API Implementation Addons Kubernetes API Bootstrapping Machines Infrastructure Layer 2 The scope of kubeadm Layer 3 Layer 1
Kubeadm is GA!!!
What does GA mean? ● Stable command-line UX — The kubeadm CLI conforms to #5a GA rule of the Kubernetes Deprecation Policy, which states that a command or flag that exists in a GA version must be kept for at least 12 months after deprecation. ○ init/join/upgrade/config/reset/token/version ● Stable underlying implementation — kubeadm now creates a new Kubernetes cluster using methods that shouldn’t change any time soon. The control plane, for example, is run as a set of static Pods, bootstrap tokens are used for the kubeadm join flow, and ComponentConfig is used for configuring the kubelet. ● Upgrades between minor versions — The kubeadm upgrade command is now fully GA. It handles control plane upgrades for you, which includes upgrades to etcd, the API Server, the Controller Manager, and the Scheduler. You can seamlessly upgrade your cluster between minor or patch versions (e.g. v1.12.2 -> v1.13.1 or v1.13.1 -> v1.13.3). T
What does GA mean? ● Configuration file schema — With the new v1beta1 API version, you can now tune almost every part of the cluster declaratively and thus build a “GitOps” flow around kubeadm-built clusters. In future versions, we plan to graduate the API to version v1 with minimal changes (and perhaps none). ○ Examples and references are now in standard Godoc format ○ Config is split into parts ■ InitConfiguration ■ ClusterConfiguration - stored on cluster in a configmap ■ JoinConfiguration L
kubeadm: InitConfiguration apiVersion: kubeadm.k8s.io/v1beta1 kind: InitConfiguration localAPIEndpoint: advertiseAddress: "10.100.0.1" bindPort: 6443 nodeRegistration: criSocket: "/var/run/crio/crio.sock" kubeletExtraArgs: cgroupDriver: "cgroupfs" bootstrapTokens: ... • Usage • “kubeadm init --config …” • Why • Custom API endpoint address • Specify init bootstrap tokens • Pass custom kubelet flags • Set node name/taints L
kubeadm: Cluster Configuration apiVersion: kubeadm.k8s.io/v1beta1 kind: ClusterConfiguration kubernetesVersion: "v1.12.2" imageRepository: registry.example.com networking: serviceSubnet: "10.96.0.0/12" dnsDomain: "cluster.local" etcd: ... apiServer: extraArgs: ... extraVolumes: ... • Usage • “kubeadm init --config …” • Why • Fine tune cluster defaults • Custom arguments and volume mounts to control plane components L
What does GA mean? ● The “toolbox” interface of kubeadm — Also known as phases. If you don’t want to perform all kubeadm init tasks, you can instead apply more fine-grained actions using the kubeadm init phase command (for example generating certificates or control plane Static Pod manifests). ○ Currently this only applies to `kubeadm init` ○ In 2019 - `kubeadm join phases` ● etcd setup — etcd is now set up in a way that is secure by default, with TLS communication everywhere, and allows for expanding to a highly available cluster when needed. T
kubeadm: init phases preflight Run pre-flight checks kubelet-start Writes kubelet settings and (re)starts the kubelet certs Generates certificates for a Kubernetes cluster kubeconfig Generates all kubeconfig files for the control plane and the admin kubeconfig file control-plane Generates all static Pod manifest files necessary to establish the control plane etcd Generates static Pod manifest file for local etcd. upload-config Uploads the currently used configuration for kubeadm to a ConfigMap mark-control-plane Mark a node as a control-plane bootstrap-token Manage kubeadm-specific bootstrap token functions addon Installs required addons for passing Conformance tests T
kubeadm: init phases Run Preflight Checks Install DNS and Proxy Addons Setup the RBAC Authorization System Taint and label the master Upload kubeadm & kubelet config to a ConfigMap Kubelet Start Wait for the control plane to be healthy Generate static Pod Manifests for the Control Plane Generate Certificates Generate KubeConfig Files Generate a (by default random) Bootstrap Token T
kubeadm joinkubeadm join Preflight Checks Fetches Init Configuration Run Specific Checks base on the Init Configuration Checks if the Cluster Configuration Supports Runs Kubeadm Init Preflight Check Generates static Pod Manifests for new Control Plane Bootstraps Kubelet Uploading Currently Used InitConfiguration Applies Master Label and Taints --experimental-control-plane --experimental-control-plane
kubeadm upgrade: Control Plane Preflight Checks Checks if the cluster is healthy Gets the configuration from the "kubeadm-config" ConfigMap Enforces all version skew policies Upgrades the control plane Static Pods Upgrade RBAC rules and addons L
Certificate Management etcd kubelet kubelet API Server Proxied Pod Poduser L
Certificate Management ● apiserver ● apiserver-kubelet-client ● front-proxy-client ● etcd-server ● etcd-peer ● etcd-healthcheck-client ● apiserver-etcd-client ● user certificates L
Certificate Hierarchy ● root CA ○ apiserver ○ apiserver-kubelet-client ● front-proxy CA ○ front-proxy-client ● etcd CA ○ etcd-server ○ etcd-peer ○ etcd-healthcheck-client ○ apiserver-etcd-client L
Certificate Hierarchy ● root CA ○ apiserver ○ apiserver-kubelet-client ● front-proxy CA ○ front-proxy-client ● etcd CA ○ etcd-server ○ etcd-peer ○ etcd-healthcheck-client ○ apiserver-etcd-client root CA etcd CA front proxy CA kube client api server etcd server etcd peer etcd health check api etcd client front proxy client L
Certificate Generation ● From Scratch root CA etcd CA front proxy CA kube client api server etcd server etcd peer etcd health check api etcd client front proxy client L
Certificate Generation ● From Scratch ● Provided CAs (+ keys) root CA etcd CA front proxy CA kube client api server etcd server etcd peer etcd health check api etcd client front proxy client L
Certificate Generation ● From Scratch ● Provided CAs (+ keys) ● All External (keys optional) root CA etcd CA front proxy CA kube client api server etcd server etcd peer etcd health check api etcd client front proxy client L
Certificate Generation ● From Scratch ● Provided CAs (+ keys) ● All External (keys optional) ● Mixed root CA etcd CA front proxy CA kube client api server etcd server etcd peer etcd health check api etcd client front proxy client L
Other Certificate Options ● Generate CSRs! ● `kubeadm alpha certs renew` ● Certificates API requests L
2019 Roadmap L
2019 Roadmap ● Config to v1 ● HA to GA ○ Full test automation ● Continued promotion of alpha phases to subcommands ○ e.g. join phases ● Grand unified field theory on ComponentConfiguration ○ Working group being formed. ● Incorporate etcdadm and bundles when stable ● Test and release automation … T
Testing and release tooling T
2019 Roadmap - CI + Release ● CI ○ KIND as the only PR blocking job ○ Move all SCL jobs to periodics ○ CI = release artifacts ○ Kill `kubernetes-anywhere` with extreme prejudice ● Release ○ Move all package building into k/k ■ .deb/rpm build artifacts ○ Keep signing and publishing separate in the release repo ○ Work with k8s-infra team ■ Want -devel and -stable repos & registries T
Getting Involved http://bit.ly/kubeadm-survey L
How can you contribute ● Contributing to SIG Cluster Lifecycle documentation ● We’re working on growing the contributor/reviewers pool; scaling the SIG ● We have “Office Hours” for our projects: weekly for kubeadm, bi-weekly for kops and kubespray… ● Cluster API office hours weekly for both US West Coast and EMEA ● Full list of SIG meetings and links to minutes and recordings can be found on SIG page ● Attend our Zoom meetings / be around on Slack ● Look for “good first issue”, “help wanted” and “sig/cluster-lifecycle” labeled issues in our repositories L
Logistics ● Follow the SIG Cluster Lifecycle YouTube playlist ● Check out the meeting notes for our weekly office hours meetings ● Join #sig-cluster-lifecycle, #kubeadm channels ● Check out the kubeadm setup guide, reference doc and design doc ● Read how you can get involved and improve kubeadm! L
Thank You! Q/A

Recommended

2016 - Continuously Delivering Microservices in Kubernetes using Jenkins
2016 - Continuously Delivering Microservices in Kubernetes using Jenkins2016 - Continuously Delivering Microservices in Kubernetes using Jenkins
2016 - Continuously Delivering Microservices in Kubernetes using Jenkinsdevopsdaysaustin
 
Lessons learned from the charts repo
Lessons learned from the charts repoLessons learned from the charts repo
Lessons learned from the charts repoVictor Iglesias
 
Effective Building your Platform with Kubernetes == Keep it Simple
Effective Building your Platform with Kubernetes == Keep it Simple Effective Building your Platform with Kubernetes == Keep it Simple
Effective Building your Platform with Kubernetes == Keep it Simple Wojciech Barczyński
 
Introduction to Kubernetes with demo
Introduction to Kubernetes with demoIntroduction to Kubernetes with demo
Introduction to Kubernetes with demoOpsta
 
Environment management in a continuous delivery world (3)
Environment management in a continuous delivery world (3)Environment management in a continuous delivery world (3)
Environment management in a continuous delivery world (3)Victor Iglesias
 
Continuous Delivery with Jenkins & Kubernetes @ Sky
Continuous Delivery with Jenkins & Kubernetes @ SkyContinuous Delivery with Jenkins & Kubernetes @ Sky
Continuous Delivery with Jenkins & Kubernetes @ SkyAdriana Vasiu
 
4K–Kubernetes with Knative, Kafka and Kamel
4K–Kubernetes with Knative, Kafka and Kamel 4K–Kubernetes with Knative, Kafka and Kamel
4K–Kubernetes with Knative, Kafka and Kamel Red Hat Developers
 
Docker based-Pipelines with Codefresh
Docker based-Pipelines with CodefreshDocker based-Pipelines with Codefresh
Docker based-Pipelines with CodefreshCodefresh
 

Recommended

2016 - Continuously Delivering Microservices in Kubernetes using Jenkins
2016 - Continuously Delivering Microservices in Kubernetes using Jenkins2016 - Continuously Delivering Microservices in Kubernetes using Jenkins
2016 - Continuously Delivering Microservices in Kubernetes using Jenkinsdevopsdaysaustin
 
Lessons learned from the charts repo
Lessons learned from the charts repoLessons learned from the charts repo
Lessons learned from the charts repoVictor Iglesias
 
Effective Building your Platform with Kubernetes == Keep it Simple
Effective Building your Platform with Kubernetes == Keep it Simple Effective Building your Platform with Kubernetes == Keep it Simple
Effective Building your Platform with Kubernetes == Keep it Simple Wojciech Barczyński
 
Introduction to Kubernetes with demo
Introduction to Kubernetes with demoIntroduction to Kubernetes with demo
Introduction to Kubernetes with demoOpsta
 
Environment management in a continuous delivery world (3)
Environment management in a continuous delivery world (3)Environment management in a continuous delivery world (3)
Environment management in a continuous delivery world (3)Victor Iglesias
 
Continuous Delivery with Jenkins & Kubernetes @ Sky
Continuous Delivery with Jenkins & Kubernetes @ SkyContinuous Delivery with Jenkins & Kubernetes @ Sky
Continuous Delivery with Jenkins & Kubernetes @ SkyAdriana Vasiu
 
4K–Kubernetes with Knative, Kafka and Kamel
4K–Kubernetes with Knative, Kafka and Kamel 4K–Kubernetes with Knative, Kafka and Kamel
4K–Kubernetes with Knative, Kafka and Kamel Red Hat Developers
 
Docker based-Pipelines with Codefresh
Docker based-Pipelines with CodefreshDocker based-Pipelines with Codefresh
Docker based-Pipelines with CodefreshCodefresh
 
Back to the Future: Containerize Legacy Applications
Back to the Future: Containerize Legacy ApplicationsBack to the Future: Containerize Legacy Applications
Back to the Future: Containerize Legacy ApplicationsDocker, Inc.
 
KUDO - Kubernetes Operators, the easy way
KUDO - Kubernetes Operators, the easy wayKUDO - Kubernetes Operators, the easy way
KUDO - Kubernetes Operators, the easy wayNick Jones
 
Deploying WSO2 Middleware on Containers
Deploying WSO2 Middleware on ContainersDeploying WSO2 Middleware on Containers
Deploying WSO2 Middleware on ContainersImesh Gunaratne
 
My kubernetes toolkit
My kubernetes toolkitMy kubernetes toolkit
My kubernetes toolkitSreenivas Makam
 
[OpenInfra Days Korea 2018] Day 2 - E4 - 핸즈온 워크샵: 서버리스가 컨테이너를 만났을 때
[OpenInfra Days Korea 2018] Day 2 - E4 - 핸즈온 워크샵: 서버리스가 컨테이너를 만났을 때 [OpenInfra Days Korea 2018] Day 2 - E4 - 핸즈온 워크샵: 서버리스가 컨테이너를 만났을 때
[OpenInfra Days Korea 2018] Day 2 - E4 - 핸즈온 워크샵: 서버리스가 컨테이너를 만났을 때 OpenStack Korea Community
 
SRE principles and (Kubernetes) Operator practice | DevNation Tech Talk
SRE principles and (Kubernetes) Operator practice | DevNation Tech TalkSRE principles and (Kubernetes) Operator practice | DevNation Tech Talk
SRE principles and (Kubernetes) Operator practice | DevNation Tech TalkRed Hat Developers
 
Kubernetes and Cloud Native Meetup - March, 2019
Kubernetes and Cloud Native Meetup - March, 2019Kubernetes and Cloud Native Meetup - March, 2019
Kubernetes and Cloud Native Meetup - March, 2019CloudOps2005
 
Cloud spanner architecture and use cases
Cloud spanner architecture and use casesCloud spanner architecture and use cases
Cloud spanner architecture and use casesGDG Cloud Bengaluru
 
Serverless, Tekton, and Argo CD: How to craft modern CI/CD workflows | DevNat...
Serverless, Tekton, and Argo CD: How to craft modern CI/CD workflows | DevNat...Serverless, Tekton, and Argo CD: How to craft modern CI/CD workflows | DevNat...
Serverless, Tekton, and Argo CD: How to craft modern CI/CD workflows | DevNat...Red Hat Developers
 
Cloud Native CI/CD with Jenkins X and Knative Pipelines
Cloud Native CI/CD with Jenkins X and Knative PipelinesCloud Native CI/CD with Jenkins X and Knative Pipelines
Cloud Native CI/CD with Jenkins X and Knative PipelinesC4Media
 
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech Talk
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech TalkArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech Talk
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech TalkRed Hat Developers
 
5 Habits of High-Velocity Teams Using Kubernetes
5 Habits of High-Velocity Teams Using Kubernetes5 Habits of High-Velocity Teams Using Kubernetes
5 Habits of High-Velocity Teams Using KubernetesCodefresh
 
The 2nd half. Scaling to the next^2
The 2nd half. Scaling to the next^2The 2nd half. Scaling to the next^2
The 2nd half. Scaling to the next^2Haggai Philip Zagury
 
Building Your Docker Swarm Tech Stack
Building Your Docker Swarm Tech StackBuilding Your Docker Swarm Tech Stack
Building Your Docker Swarm Tech StackBret Fisher
 
CI/CD Pipeline mit Gitlab CI und Kubernetes
CI/CD Pipeline mit Gitlab CI und KubernetesCI/CD Pipeline mit Gitlab CI und Kubernetes
CI/CD Pipeline mit Gitlab CI und Kubernetesinovex GmbH
 
Next-gen DevOps engineering with Docker and Kubernetes by Antons Kranga
Next-gen DevOps engineering with Docker and Kubernetes by Antons KrangaNext-gen DevOps engineering with Docker and Kubernetes by Antons Kranga
Next-gen DevOps engineering with Docker and Kubernetes by Antons KrangaJavaDayUA
 
Future of Cloud Computing with Containers
Future of Cloud Computing with ContainersFuture of Cloud Computing with Containers
Future of Cloud Computing with ContainersLakmal Warusawithana
 
CI/CD with Openshift and Jenkins
CI/CD with Openshift and JenkinsCI/CD with Openshift and Jenkins
CI/CD with Openshift and JenkinsAri LiVigni
 
Lets git to it
Lets git to itLets git to it
Lets git to itYoram Michaeli
 
Considerations for operating docker at scale
Considerations for operating docker at scaleConsiderations for operating docker at scale
Considerations for operating docker at scaleDocker, Inc.
 
Free GitOps Workshop
Free GitOps WorkshopFree GitOps Workshop
Free GitOps WorkshopWeaveworks
 
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)Weaveworks
 

More Related Content

What's hot

Back to the Future: Containerize Legacy Applications
Back to the Future: Containerize Legacy ApplicationsBack to the Future: Containerize Legacy Applications
Back to the Future: Containerize Legacy ApplicationsDocker, Inc.
 
KUDO - Kubernetes Operators, the easy way
KUDO - Kubernetes Operators, the easy wayKUDO - Kubernetes Operators, the easy way
KUDO - Kubernetes Operators, the easy wayNick Jones
 
Deploying WSO2 Middleware on Containers
Deploying WSO2 Middleware on ContainersDeploying WSO2 Middleware on Containers
Deploying WSO2 Middleware on ContainersImesh Gunaratne
 
[OpenInfra Days Korea 2018] Day 2 - E4 - 핸즈온 워크샵: 서버리스가 컨테이너를 만났을 때
[OpenInfra Days Korea 2018] Day 2 - E4 - 핸즈온 워크샵: 서버리스가 컨테이너를 만났을 때 [OpenInfra Days Korea 2018] Day 2 - E4 - 핸즈온 워크샵: 서버리스가 컨테이너를 만났을 때
[OpenInfra Days Korea 2018] Day 2 - E4 - 핸즈온 워크샵: 서버리스가 컨테이너를 만났을 때 OpenStack Korea Community
 
SRE principles and (Kubernetes) Operator practice | DevNation Tech Talk
SRE principles and (Kubernetes) Operator practice | DevNation Tech TalkSRE principles and (Kubernetes) Operator practice | DevNation Tech Talk
SRE principles and (Kubernetes) Operator practice | DevNation Tech TalkRed Hat Developers
 
Kubernetes and Cloud Native Meetup - March, 2019
Kubernetes and Cloud Native Meetup - March, 2019Kubernetes and Cloud Native Meetup - March, 2019
Kubernetes and Cloud Native Meetup - March, 2019CloudOps2005
 
Cloud spanner architecture and use cases
Cloud spanner architecture and use casesCloud spanner architecture and use cases
Cloud spanner architecture and use casesGDG Cloud Bengaluru
 
Serverless, Tekton, and Argo CD: How to craft modern CI/CD workflows | DevNat...
Serverless, Tekton, and Argo CD: How to craft modern CI/CD workflows | DevNat...Serverless, Tekton, and Argo CD: How to craft modern CI/CD workflows | DevNat...
Serverless, Tekton, and Argo CD: How to craft modern CI/CD workflows | DevNat...Red Hat Developers
 
Cloud Native CI/CD with Jenkins X and Knative Pipelines
Cloud Native CI/CD with Jenkins X and Knative PipelinesCloud Native CI/CD with Jenkins X and Knative Pipelines
Cloud Native CI/CD with Jenkins X and Knative PipelinesC4Media
 
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech Talk
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech TalkArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech Talk
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech TalkRed Hat Developers
 
5 Habits of High-Velocity Teams Using Kubernetes
5 Habits of High-Velocity Teams Using Kubernetes5 Habits of High-Velocity Teams Using Kubernetes
5 Habits of High-Velocity Teams Using KubernetesCodefresh
 
The 2nd half. Scaling to the next^2
The 2nd half. Scaling to the next^2The 2nd half. Scaling to the next^2
The 2nd half. Scaling to the next^2Haggai Philip Zagury
 
Building Your Docker Swarm Tech Stack
Building Your Docker Swarm Tech StackBuilding Your Docker Swarm Tech Stack
Building Your Docker Swarm Tech StackBret Fisher
 
CI/CD Pipeline mit Gitlab CI und Kubernetes
CI/CD Pipeline mit Gitlab CI und KubernetesCI/CD Pipeline mit Gitlab CI und Kubernetes
CI/CD Pipeline mit Gitlab CI und Kubernetesinovex GmbH
 
Next-gen DevOps engineering with Docker and Kubernetes by Antons Kranga
Next-gen DevOps engineering with Docker and Kubernetes by Antons KrangaNext-gen DevOps engineering with Docker and Kubernetes by Antons Kranga
Next-gen DevOps engineering with Docker and Kubernetes by Antons KrangaJavaDayUA
 
Future of Cloud Computing with Containers
Future of Cloud Computing with ContainersFuture of Cloud Computing with Containers
Future of Cloud Computing with ContainersLakmal Warusawithana
 
CI/CD with Openshift and Jenkins
CI/CD with Openshift and JenkinsCI/CD with Openshift and Jenkins
CI/CD with Openshift and JenkinsAri LiVigni
 
Considerations for operating docker at scale
Considerations for operating docker at scaleConsiderations for operating docker at scale
Considerations for operating docker at scaleDocker, Inc.
 

What's hot (20)

Back to the Future: Containerize Legacy Applications
Back to the Future: Containerize Legacy ApplicationsBack to the Future: Containerize Legacy Applications
Back to the Future: Containerize Legacy Applications
 
KUDO - Kubernetes Operators, the easy way
KUDO - Kubernetes Operators, the easy wayKUDO - Kubernetes Operators, the easy way
KUDO - Kubernetes Operators, the easy way
 
Deploying WSO2 Middleware on Containers
Deploying WSO2 Middleware on ContainersDeploying WSO2 Middleware on Containers
Deploying WSO2 Middleware on Containers
 
My kubernetes toolkit
My kubernetes toolkitMy kubernetes toolkit
My kubernetes toolkit
 
[OpenInfra Days Korea 2018] Day 2 - E4 - 핸즈온 워크샵: 서버리스가 컨테이너를 만났을 때
[OpenInfra Days Korea 2018] Day 2 - E4 - 핸즈온 워크샵: 서버리스가 컨테이너를 만났을 때 [OpenInfra Days Korea 2018] Day 2 - E4 - 핸즈온 워크샵: 서버리스가 컨테이너를 만났을 때
[OpenInfra Days Korea 2018] Day 2 - E4 - 핸즈온 워크샵: 서버리스가 컨테이너를 만났을 때
 
SRE principles and (Kubernetes) Operator practice | DevNation Tech Talk
SRE principles and (Kubernetes) Operator practice | DevNation Tech TalkSRE principles and (Kubernetes) Operator practice | DevNation Tech Talk
SRE principles and (Kubernetes) Operator practice | DevNation Tech Talk
 
Kubernetes and Cloud Native Meetup - March, 2019
Kubernetes and Cloud Native Meetup - March, 2019Kubernetes and Cloud Native Meetup - March, 2019
Kubernetes and Cloud Native Meetup - March, 2019
 
Cloud spanner architecture and use cases
Cloud spanner architecture and use casesCloud spanner architecture and use cases
Cloud spanner architecture and use cases
 
Serverless, Tekton, and Argo CD: How to craft modern CI/CD workflows | DevNat...
Serverless, Tekton, and Argo CD: How to craft modern CI/CD workflows | DevNat...Serverless, Tekton, and Argo CD: How to craft modern CI/CD workflows | DevNat...
Serverless, Tekton, and Argo CD: How to craft modern CI/CD workflows | DevNat...
 
Cloud Native CI/CD with Jenkins X and Knative Pipelines
Cloud Native CI/CD with Jenkins X and Knative PipelinesCloud Native CI/CD with Jenkins X and Knative Pipelines
Cloud Native CI/CD with Jenkins X and Knative Pipelines
 
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech Talk
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech TalkArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech Talk
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech Talk
 
5 Habits of High-Velocity Teams Using Kubernetes
5 Habits of High-Velocity Teams Using Kubernetes5 Habits of High-Velocity Teams Using Kubernetes
5 Habits of High-Velocity Teams Using Kubernetes
 
The 2nd half. Scaling to the next^2
The 2nd half. Scaling to the next^2The 2nd half. Scaling to the next^2
The 2nd half. Scaling to the next^2
 
Building Your Docker Swarm Tech Stack
Building Your Docker Swarm Tech StackBuilding Your Docker Swarm Tech Stack
Building Your Docker Swarm Tech Stack
 
CI/CD Pipeline mit Gitlab CI und Kubernetes
CI/CD Pipeline mit Gitlab CI und KubernetesCI/CD Pipeline mit Gitlab CI und Kubernetes
CI/CD Pipeline mit Gitlab CI und Kubernetes
 
Next-gen DevOps engineering with Docker and Kubernetes by Antons Kranga
Next-gen DevOps engineering with Docker and Kubernetes by Antons KrangaNext-gen DevOps engineering with Docker and Kubernetes by Antons Kranga
Next-gen DevOps engineering with Docker and Kubernetes by Antons Kranga
 
Future of Cloud Computing with Containers
Future of Cloud Computing with ContainersFuture of Cloud Computing with Containers
Future of Cloud Computing with Containers
 
CI/CD with Openshift and Jenkins
CI/CD with Openshift and JenkinsCI/CD with Openshift and Jenkins
CI/CD with Openshift and Jenkins
 
Lets git to it
Lets git to itLets git to it
Lets git to it
 
Considerations for operating docker at scale
Considerations for operating docker at scaleConsiderations for operating docker at scale
Considerations for operating docker at scale
 

Similar to Kubeadm Deep Dive (Kubecon Seattle 2018)

Free GitOps Workshop
Free GitOps WorkshopFree GitOps Workshop
Free GitOps WorkshopWeaveworks
 
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)Weaveworks
 
kubeadm Cluster Creation Internals_ From Self-Hosting to Upgradability and HA...
kubeadm Cluster Creation Internals_ From Self-Hosting to Upgradability and HA...kubeadm Cluster Creation Internals_ From Self-Hosting to Upgradability and HA...
kubeadm Cluster Creation Internals_ From Self-Hosting to Upgradability and HA...ssuser92b4be
 
Kubernetes and Cloud Native Update Q4 2018
Kubernetes and Cloud Native Update Q4 2018Kubernetes and Cloud Native Update Q4 2018
Kubernetes and Cloud Native Update Q4 2018CloudOps2005
 
Intro to Kubernetes & GitOps Workshop
Intro to Kubernetes & GitOps WorkshopIntro to Kubernetes & GitOps Workshop
Intro to Kubernetes & GitOps WorkshopWeaveworks
 
Free GitOps Workshop + Intro to Kubernetes & GitOps
Free GitOps Workshop + Intro to Kubernetes & GitOpsFree GitOps Workshop + Intro to Kubernetes & GitOps
Free GitOps Workshop + Intro to Kubernetes & GitOpsWeaveworks
 
stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...
stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...
stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...NETWAYS
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetesRishabh Indoria
 
Gitlab ci e kubernetes, build test and deploy your projects like a pro
Gitlab ci e kubernetes, build test and deploy your projects like a proGitlab ci e kubernetes, build test and deploy your projects like a pro
Gitlab ci e kubernetes, build test and deploy your projects like a prosparkfabrik
 
Deploy 22 microservices from scratch in 30 mins with GitOps
Deploy 22 microservices from scratch in 30 mins with GitOpsDeploy 22 microservices from scratch in 30 mins with GitOps
Deploy 22 microservices from scratch in 30 mins with GitOpsOpsta
 
Extending Kubectl.pptx
Extending Kubectl.pptxExtending Kubectl.pptx
Extending Kubectl.pptxLibbySchulze
 
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...Oleg Shalygin
 
The path to a serverless-native era with Kubernetes
The path to a serverless-native era with KubernetesThe path to a serverless-native era with Kubernetes
The path to a serverless-native era with Kubernetessparkfabrik
 
ACDKOCHI19 - Turbocharge Developer productivity with platform build on K8S an...
ACDKOCHI19 - Turbocharge Developer productivity with platform build on K8S an...ACDKOCHI19 - Turbocharge Developer productivity with platform build on K8S an...
ACDKOCHI19 - Turbocharge Developer productivity with platform build on K8S an...AWS User Group Kochi
 
Kubernetes #1 intro
Kubernetes #1 introKubernetes #1 intro
Kubernetes #1 introTerry Cho
 
Upgrade Kubernetes the boring way
Upgrade Kubernetes the boring wayUpgrade Kubernetes the boring way
Upgrade Kubernetes the boring wayOleksandr Slynko
 
Project Gardener - EclipseCon Europe - 2018-10-23
Project Gardener - EclipseCon Europe - 2018-10-23Project Gardener - EclipseCon Europe - 2018-10-23
Project Gardener - EclipseCon Europe - 2018-10-23msohn
 
[GS네오텍] Google Kubernetes Engine
[GS네오텍] Google Kubernetes Engine [GS네오텍] Google Kubernetes Engine
[GS네오텍] Google Kubernetes Engine GS Neotek
 
SCM Puppet: from an intro to the scaling
SCM Puppet: from an intro to the scalingSCM Puppet: from an intro to the scaling
SCM Puppet: from an intro to the scalingStanislav Osipov
 
Deploying Kubernetes on GCP with Kubespray
Deploying Kubernetes on GCP with KubesprayDeploying Kubernetes on GCP with Kubespray
Deploying Kubernetes on GCP with KubesprayAltoros
 

Similar to Kubeadm Deep Dive (Kubecon Seattle 2018) (20)

Free GitOps Workshop
Free GitOps WorkshopFree GitOps Workshop
Free GitOps Workshop
 
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
 
kubeadm Cluster Creation Internals_ From Self-Hosting to Upgradability and HA...
kubeadm Cluster Creation Internals_ From Self-Hosting to Upgradability and HA...kubeadm Cluster Creation Internals_ From Self-Hosting to Upgradability and HA...
kubeadm Cluster Creation Internals_ From Self-Hosting to Upgradability and HA...
 
Kubernetes and Cloud Native Update Q4 2018
Kubernetes and Cloud Native Update Q4 2018Kubernetes and Cloud Native Update Q4 2018
Kubernetes and Cloud Native Update Q4 2018
 
Intro to Kubernetes & GitOps Workshop
Intro to Kubernetes & GitOps WorkshopIntro to Kubernetes & GitOps Workshop
Intro to Kubernetes & GitOps Workshop
 
Free GitOps Workshop + Intro to Kubernetes & GitOps
Free GitOps Workshop + Intro to Kubernetes & GitOpsFree GitOps Workshop + Intro to Kubernetes & GitOps
Free GitOps Workshop + Intro to Kubernetes & GitOps
 
stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...
stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...
stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
 
Gitlab ci e kubernetes, build test and deploy your projects like a pro
Gitlab ci e kubernetes, build test and deploy your projects like a proGitlab ci e kubernetes, build test and deploy your projects like a pro
Gitlab ci e kubernetes, build test and deploy your projects like a pro
 
Deploy 22 microservices from scratch in 30 mins with GitOps
Deploy 22 microservices from scratch in 30 mins with GitOpsDeploy 22 microservices from scratch in 30 mins with GitOps
Deploy 22 microservices from scratch in 30 mins with GitOps
 
Extending Kubectl.pptx
Extending Kubectl.pptxExtending Kubectl.pptx
Extending Kubectl.pptx
 
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
 
The path to a serverless-native era with Kubernetes
The path to a serverless-native era with KubernetesThe path to a serverless-native era with Kubernetes
The path to a serverless-native era with Kubernetes
 
ACDKOCHI19 - Turbocharge Developer productivity with platform build on K8S an...
ACDKOCHI19 - Turbocharge Developer productivity with platform build on K8S an...ACDKOCHI19 - Turbocharge Developer productivity with platform build on K8S an...
ACDKOCHI19 - Turbocharge Developer productivity with platform build on K8S an...
 
Kubernetes #1 intro
Kubernetes #1 introKubernetes #1 intro
Kubernetes #1 intro
 
Upgrade Kubernetes the boring way
Upgrade Kubernetes the boring wayUpgrade Kubernetes the boring way
Upgrade Kubernetes the boring way
 
Project Gardener - EclipseCon Europe - 2018-10-23
Project Gardener - EclipseCon Europe - 2018-10-23Project Gardener - EclipseCon Europe - 2018-10-23
Project Gardener - EclipseCon Europe - 2018-10-23
 
[GS네오텍] Google Kubernetes Engine
[GS네오텍] Google Kubernetes Engine [GS네오텍] Google Kubernetes Engine
[GS네오텍] Google Kubernetes Engine
 
SCM Puppet: from an intro to the scaling
SCM Puppet: from an intro to the scalingSCM Puppet: from an intro to the scaling
SCM Puppet: from an intro to the scaling
 
Deploying Kubernetes on GCP with Kubespray
Deploying Kubernetes on GCP with KubesprayDeploying Kubernetes on GCP with Kubespray
Deploying Kubernetes on GCP with Kubespray
 

More from Liz Frost

EZRust: Z80 for the Web
EZRust: Z80 for the WebEZRust: Z80 for the Web
EZRust: Z80 for the WebLiz Frost
 
Kubernetes from a Box Mix
Kubernetes from a Box MixKubernetes from a Box Mix
Kubernetes from a Box MixLiz Frost
 
You got database in my cloud!
You got database in my cloud!You got database in my cloud!
You got database in my cloud!Liz Frost
 
Postgres plays pokemon
Postgres plays pokemonPostgres plays pokemon
Postgres plays pokemonLiz Frost
 
CGo for fun and profit
CGo for fun and profitCGo for fun and profit
CGo for fun and profitLiz Frost
 
You got database in my cloud (short version)
You got database in my cloud (short version)You got database in my cloud (short version)
You got database in my cloud (short version)Liz Frost
 

More from Liz Frost (6)

EZRust: Z80 for the Web
EZRust: Z80 for the WebEZRust: Z80 for the Web
EZRust: Z80 for the Web
 
Kubernetes from a Box Mix
Kubernetes from a Box MixKubernetes from a Box Mix
Kubernetes from a Box Mix
 
You got database in my cloud!
You got database in my cloud!You got database in my cloud!
You got database in my cloud!
 
Postgres plays pokemon
Postgres plays pokemonPostgres plays pokemon
Postgres plays pokemon
 
CGo for fun and profit
CGo for fun and profitCGo for fun and profit
CGo for fun and profit
 
You got database in my cloud (short version)
You got database in my cloud (short version)You got database in my cloud (short version)
You got database in my cloud (short version)
 

Recently uploaded

Internet of things -Arshdeep Bahga .pptx
Internet of things -Arshdeep Bahga .pptxInternet of things -Arshdeep Bahga .pptx
Internet of things -Arshdeep Bahga .pptxVelmuruganTECE
 
Indian Dairy Industry Present Status and.ppt
Indian Dairy Industry Present Status and.pptIndian Dairy Industry Present Status and.ppt
Indian Dairy Industry Present Status and.pptMadan Karki
 
Work Experience-Dalton Park.pptxfvvvvvvv
Work Experience-Dalton Park.pptxfvvvvvvvWork Experience-Dalton Park.pptxfvvvvvvv
Work Experience-Dalton Park.pptxfvvvvvvvLewisJB
 
An experimental study in using natural admixture as an alternative for chemic...
An experimental study in using natural admixture as an alternative for chemic...An experimental study in using natural admixture as an alternative for chemic...
An experimental study in using natural admixture as an alternative for chemic...Chandu841456
 
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)Dr SOUNDIRARAJ N
 
The SRE Report 2024 - Great Findings for the teams
The SRE Report 2024 - Great Findings for the teamsThe SRE Report 2024 - Great Findings for the teams
The SRE Report 2024 - Great Findings for the teamsDILIPKUMARMONDAL6
 
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfg
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfgUnit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfg
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfgsaravananr517913
 
Input Output Management in Operating System
Input Output Management in Operating SystemInput Output Management in Operating System
Input Output Management in Operating SystemRashmi Bhat
 
Steel Structures - Building technology.pptx
Steel Structures - Building technology.pptxSteel Structures - Building technology.pptx
Steel Structures - Building technology.pptxNikhil Raut
 
IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024Mark Billinghurst
 
TechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catchers
TechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor CatchersTechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catchers
TechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catcherssdickerson1
 
Introduction to Machine Learning Unit-3 for II MECH
Introduction to Machine Learning Unit-3 for II MECHIntroduction to Machine Learning Unit-3 for II MECH
Introduction to Machine Learning Unit-3 for II MECHC Sai Kiran
 
Earthing details of Electrical Substation
Earthing details of Electrical SubstationEarthing details of Electrical Substation
Earthing details of Electrical Substationstephanwindworld
 
Solving The Right Triangles PowerPoint 2.ppt
Solving The Right Triangles PowerPoint 2.pptSolving The Right Triangles PowerPoint 2.ppt
Solving The Right Triangles PowerPoint 2.pptJasonTagapanGulla
 
US Department of Education FAFSA Week of Action
US Department of Education FAFSA Week of ActionUS Department of Education FAFSA Week of Action
US Department of Education FAFSA Week of ActionMebane Rash
 
Mine Environment II Lab_MI10448MI__________.pptx
Mine Environment II Lab_MI10448MI__________.pptxMine Environment II Lab_MI10448MI__________.pptx
Mine Environment II Lab_MI10448MI__________.pptxRomil Mishra
 
Correctly Loading Incremental Data at Scale
Correctly Loading Incremental Data at ScaleCorrectly Loading Incremental Data at Scale
Correctly Loading Incremental Data at ScaleAlluxio, Inc.
 
Main Memory Management in Operating System
Main Memory Management in Operating SystemMain Memory Management in Operating System
Main Memory Management in Operating SystemRashmi Bhat
 
NO1 Certified Black Magic Specialist Expert Amil baba in Uae Dubai Abu Dhabi ...
NO1 Certified Black Magic Specialist Expert Amil baba in Uae Dubai Abu Dhabi ...NO1 Certified Black Magic Specialist Expert Amil baba in Uae Dubai Abu Dhabi ...
NO1 Certified Black Magic Specialist Expert Amil baba in Uae Dubai Abu Dhabi ...Amil Baba Dawood bangali
 
Industrial Safety Unit-IV workplace health and safety.ppt
Industrial Safety Unit-IV workplace health and safety.pptIndustrial Safety Unit-IV workplace health and safety.ppt
Industrial Safety Unit-IV workplace health and safety.pptNarmatha D
 

Recently uploaded (20)

Internet of things -Arshdeep Bahga .pptx
Internet of things -Arshdeep Bahga .pptxInternet of things -Arshdeep Bahga .pptx
Internet of things -Arshdeep Bahga .pptx
 
Indian Dairy Industry Present Status and.ppt
Indian Dairy Industry Present Status and.pptIndian Dairy Industry Present Status and.ppt
Indian Dairy Industry Present Status and.ppt
 
Work Experience-Dalton Park.pptxfvvvvvvv
Work Experience-Dalton Park.pptxfvvvvvvvWork Experience-Dalton Park.pptxfvvvvvvv
Work Experience-Dalton Park.pptxfvvvvvvv
 
An experimental study in using natural admixture as an alternative for chemic...
An experimental study in using natural admixture as an alternative for chemic...An experimental study in using natural admixture as an alternative for chemic...
An experimental study in using natural admixture as an alternative for chemic...
 
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
 
The SRE Report 2024 - Great Findings for the teams
The SRE Report 2024 - Great Findings for the teamsThe SRE Report 2024 - Great Findings for the teams
The SRE Report 2024 - Great Findings for the teams
 
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfg
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfgUnit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfg
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfg
 
Input Output Management in Operating System
Input Output Management in Operating SystemInput Output Management in Operating System
Input Output Management in Operating System
 
Steel Structures - Building technology.pptx
Steel Structures - Building technology.pptxSteel Structures - Building technology.pptx
Steel Structures - Building technology.pptx
 
IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024
 
TechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catchers
TechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor CatchersTechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catchers
TechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catchers
 
Introduction to Machine Learning Unit-3 for II MECH
Introduction to Machine Learning Unit-3 for II MECHIntroduction to Machine Learning Unit-3 for II MECH
Introduction to Machine Learning Unit-3 for II MECH
 
Earthing details of Electrical Substation
Earthing details of Electrical SubstationEarthing details of Electrical Substation
Earthing details of Electrical Substation
 
Solving The Right Triangles PowerPoint 2.ppt
Solving The Right Triangles PowerPoint 2.pptSolving The Right Triangles PowerPoint 2.ppt
Solving The Right Triangles PowerPoint 2.ppt
 
US Department of Education FAFSA Week of Action
US Department of Education FAFSA Week of ActionUS Department of Education FAFSA Week of Action
US Department of Education FAFSA Week of Action
 
Mine Environment II Lab_MI10448MI__________.pptx
Mine Environment II Lab_MI10448MI__________.pptxMine Environment II Lab_MI10448MI__________.pptx
Mine Environment II Lab_MI10448MI__________.pptx
 
Correctly Loading Incremental Data at Scale
Correctly Loading Incremental Data at ScaleCorrectly Loading Incremental Data at Scale
Correctly Loading Incremental Data at Scale
 
Main Memory Management in Operating System
Main Memory Management in Operating SystemMain Memory Management in Operating System
Main Memory Management in Operating System
 
NO1 Certified Black Magic Specialist Expert Amil baba in Uae Dubai Abu Dhabi ...
NO1 Certified Black Magic Specialist Expert Amil baba in Uae Dubai Abu Dhabi ...NO1 Certified Black Magic Specialist Expert Amil baba in Uae Dubai Abu Dhabi ...
NO1 Certified Black Magic Specialist Expert Amil baba in Uae Dubai Abu Dhabi ...
 
Industrial Safety Unit-IV workplace health and safety.ppt
Industrial Safety Unit-IV workplace health and safety.pptIndustrial Safety Unit-IV workplace health and safety.ppt
Industrial Safety Unit-IV workplace health and safety.ppt
 

Kubeadm Deep Dive (Kubecon Seattle 2018)

  • 2. Agenda ● Who? ● Mission ● GA ● Roadmap 2019 ● Getting Involved ● Q/A L
  • 4. Who are we? Timothy St. Clair SIG Cluster Lifecycle co-lead Steering Committee Member Staff Engineer @Heptio/VMWare @timothysc Liz Frost SIG Cluster Lifecycle Contributor Kube Cuddle creator SW Engineer @Heptio/VMWare @liztio
  • 5. Who are we? ● 100s of contributors across several companies ● Smaller core group of active maintainers ○ VMWare ■ Lubomir, Ross ○ VMWare (née Heptio) ■ Tim, Liz, Jason, Chuck ○ Suse ■ Marek, Rafael ○ Intel ■ Alex, Ed ○ Other/Independent ■ Luxas, Fabrizio, Yago, Di ● Large user community on #kubeadm L
  • 7. What is our mission? SIG Cluster Lifecycle’s objective is to simplify creation, configuration, upgrade, downgrade, and teardown of Kubernetes clusters and their components. L
  • 9. Why are we doing this? ● To prevent the mistakes of other open source cluster mgmt provisioning tools ○ Because… ■ Kubernetes is the beginning of the story, not the end ■ commoditizing the deployment of the core raises all boats and allows the community to focus on solving end user problems ■ “production grade” shouldn’t be firewalled by providers ■ It should “just work” ■ Because cross provider matters ● To make the management of (X) clusters across (Y) providers simple, secure, and configurable. T
  • 10. Why (unix philosophy)? ● Make each program do one thing well. To do a new job, build afresh rather than complicate old programs by adding new "features". ● Expect the output of every program to become the input to another, as yet unknown, program. Don't clutter output with extraneous information. Don't insist on interactive input. ● Design and build software, to be tried early, ideally within weeks. Don't hesitate to throw away the clumsy parts and rebuild them. ● Use tools instead of people to lighten a programming task, even if you have to detour to build the tools and expect to throw some of them out after you've finished using them. ○ Write down the “Hard Way” and optimize 80% UX Flow with override T
  • 11. Key Design Takeaways ● kubeadm’s task is to set up a best-practice cluster for each minor version ● The user experience should be simple, and the cluster reasonably secure ● kubeadm’s scope is limited; intended to be a composable building block ○ Only ever deals with the local filesystem and the Kubernetes API ○ Agnostic to how exactly the kubelet is run ○ Setting up or favoring a specific CNI network is out of scope ● Composable architecture with everything divided into phases ● Versioned configuration T
  • 12. Component View Master 1 Master N Node 1 Node N kubeadm kubeadm kubeadm kubeadm Cloud Provider Load Balancers Monitoring Logging Cluster API Spec Cluster API Cluster API Implementation Addons Kubernetes API Bootstrapping Machines Infrastructure Layer 2 The scope of kubeadm Layer 3 Layer 1
  • 14. What does GA mean? ● Stable command-line UX — The kubeadm CLI conforms to #5a GA rule of the Kubernetes Deprecation Policy, which states that a command or flag that exists in a GA version must be kept for at least 12 months after deprecation. ○ init/join/upgrade/config/reset/token/version ● Stable underlying implementation — kubeadm now creates a new Kubernetes cluster using methods that shouldn’t change any time soon. The control plane, for example, is run as a set of static Pods, bootstrap tokens are used for the kubeadm join flow, and ComponentConfig is used for configuring the kubelet. ● Upgrades between minor versions — The kubeadm upgrade command is now fully GA. It handles control plane upgrades for you, which includes upgrades to etcd, the API Server, the Controller Manager, and the Scheduler. You can seamlessly upgrade your cluster between minor or patch versions (e.g. v1.12.2 -> v1.13.1 or v1.13.1 -> v1.13.3). T
  • 15. What does GA mean? ● Configuration file schema — With the new v1beta1 API version, you can now tune almost every part of the cluster declaratively and thus build a “GitOps” flow around kubeadm-built clusters. In future versions, we plan to graduate the API to version v1 with minimal changes (and perhaps none). ○ Examples and references are now in standard Godoc format ○ Config is split into parts ■ InitConfiguration ■ ClusterConfiguration - stored on cluster in a configmap ■ JoinConfiguration L
  • 16. kubeadm: InitConfiguration apiVersion: kubeadm.k8s.io/v1beta1 kind: InitConfiguration localAPIEndpoint: advertiseAddress: "10.100.0.1" bindPort: 6443 nodeRegistration: criSocket: "/var/run/crio/crio.sock" kubeletExtraArgs: cgroupDriver: "cgroupfs" bootstrapTokens: ... • Usage • “kubeadm init --config …” • Why • Custom API endpoint address • Specify init bootstrap tokens • Pass custom kubelet flags • Set node name/taints L
  • 17. kubeadm: Cluster Configuration apiVersion: kubeadm.k8s.io/v1beta1 kind: ClusterConfiguration kubernetesVersion: "v1.12.2" imageRepository: registry.example.com networking: serviceSubnet: "10.96.0.0/12" dnsDomain: "cluster.local" etcd: ... apiServer: extraArgs: ... extraVolumes: ... • Usage • “kubeadm init --config …” • Why • Fine tune cluster defaults • Custom arguments and volume mounts to control plane components L
  • 18. What does GA mean? ● The “toolbox” interface of kubeadm — Also known as phases. If you don’t want to perform all kubeadm init tasks, you can instead apply more fine-grained actions using the kubeadm init phase command (for example generating certificates or control plane Static Pod manifests). ○ Currently this only applies to `kubeadm init` ○ In 2019 - `kubeadm join phases` ● etcd setup — etcd is now set up in a way that is secure by default, with TLS communication everywhere, and allows for expanding to a highly available cluster when needed. T
  • 19. kubeadm: init phases preflight Run pre-flight checks kubelet-start Writes kubelet settings and (re)starts the kubelet certs Generates certificates for a Kubernetes cluster kubeconfig Generates all kubeconfig files for the control plane and the admin kubeconfig file control-plane Generates all static Pod manifest files necessary to establish the control plane etcd Generates static Pod manifest file for local etcd. upload-config Uploads the currently used configuration for kubeadm to a ConfigMap mark-control-plane Mark a node as a control-plane bootstrap-token Manage kubeadm-specific bootstrap token functions addon Installs required addons for passing Conformance tests T
  • 20. kubeadm: init phases Run Preflight Checks Install DNS and Proxy Addons Setup the RBAC Authorization System Taint and label the master Upload kubeadm & kubelet config to a ConfigMap Kubelet Start Wait for the control plane to be healthy Generate static Pod Manifests for the Control Plane Generate Certificates Generate KubeConfig Files Generate a (by default random) Bootstrap Token T
  • 21. kubeadm joinkubeadm join Preflight Checks Fetches Init Configuration Run Specific Checks base on the Init Configuration Checks if the Cluster Configuration Supports Runs Kubeadm Init Preflight Check Generates static Pod Manifests for new Control Plane Bootstraps Kubelet Uploading Currently Used InitConfiguration Applies Master Label and Taints --experimental-control-plane --experimental-control-plane
  • 22. kubeadm upgrade: Control Plane Preflight Checks Checks if the cluster is healthy Gets the configuration from the "kubeadm-config" ConfigMap Enforces all version skew policies Upgrades the control plane Static Pods Upgrade RBAC rules and addons L
  • 24. Certificate Management ● apiserver ● apiserver-kubelet-client ● front-proxy-client ● etcd-server ● etcd-peer ● etcd-healthcheck-client ● apiserver-etcd-client ● user certificates L
  • 25. Certificate Hierarchy ● root CA ○ apiserver ○ apiserver-kubelet-client ● front-proxy CA ○ front-proxy-client ● etcd CA ○ etcd-server ○ etcd-peer ○ etcd-healthcheck-client ○ apiserver-etcd-client L
  • 26. Certificate Hierarchy ● root CA ○ apiserver ○ apiserver-kubelet-client ● front-proxy CA ○ front-proxy-client ● etcd CA ○ etcd-server ○ etcd-peer ○ etcd-healthcheck-client ○ apiserver-etcd-client root CA etcd CA front proxy CA kube client api server etcd server etcd peer etcd health check api etcd client front proxy client L
  • 27. Certificate Generation ● From Scratch root CA etcd CA front proxy CA kube client api server etcd server etcd peer etcd health check api etcd client front proxy client L
  • 28. Certificate Generation ● From Scratch ● Provided CAs (+ keys) root CA etcd CA front proxy CA kube client api server etcd server etcd peer etcd health check api etcd client front proxy client L
  • 29. Certificate Generation ● From Scratch ● Provided CAs (+ keys) ● All External (keys optional) root CA etcd CA front proxy CA kube client api server etcd server etcd peer etcd health check api etcd client front proxy client L
  • 30. Certificate Generation ● From Scratch ● Provided CAs (+ keys) ● All External (keys optional) ● Mixed root CA etcd CA front proxy CA kube client api server etcd server etcd peer etcd health check api etcd client front proxy client L
  • 31. Other Certificate Options ● Generate CSRs! ● `kubeadm alpha certs renew` ● Certificates API requests L
  • 33. 2019 Roadmap ● Config to v1 ● HA to GA ○ Full test automation ● Continued promotion of alpha phases to subcommands ○ e.g. join phases ● Grand unified field theory on ComponentConfiguration ○ Working group being formed. ● Incorporate etcdadm and bundles when stable ● Test and release automation … T
  • 34. Testing and release tooling T
  • 35. 2019 Roadmap - CI + Release ● CI ○ KIND as the only PR blocking job ○ Move all SCL jobs to periodics ○ CI = release artifacts ○ Kill `kubernetes-anywhere` with extreme prejudice ● Release ○ Move all package building into k/k ■ .deb/rpm build artifacts ○ Keep signing and publishing separate in the release repo ○ Work with k8s-infra team ■ Want -devel and -stable repos & registries T
  • 37. How can you contribute ● Contributing to SIG Cluster Lifecycle documentation ● We’re working on growing the contributor/reviewers pool; scaling the SIG ● We have “Office Hours” for our projects: weekly for kubeadm, bi-weekly for kops and kubespray… ● Cluster API office hours weekly for both US West Coast and EMEA ● Full list of SIG meetings and links to minutes and recordings can be found on SIG page ● Attend our Zoom meetings / be around on Slack ● Look for “good first issue”, “help wanted” and “sig/cluster-lifecycle” labeled issues in our repositories L
  • 38. Logistics ● Follow the SIG Cluster Lifecycle YouTube playlist ● Check out the meeting notes for our weekly office hours meetings ● Join #sig-cluster-lifecycle, #kubeadm channels ● Check out the kubeadm setup guide, reference doc and design doc ● Read how you can get involved and improve kubeadm! L