SlideShare a Scribd company logo

Kubernetes from a Box Mix

L
Liz Frost

A tutorial guiding you through setting up a minimal Kubernetes cluster.

Software
1 of 74
Download to read offline
@stillinbeta // #SREcon Americas 2019 While you’re waiting... http://bit.ly/srecon-cake0
@stillinbeta // #SREcon Americas 2019 Kubernetes From A Cake Mix Liz Frost
@stillinbeta // #SREcon Americas 2019 Who am I? Liz Frost Twitter: @stillinbeta slack.k8s.io: @liz
@stillinbeta // #SREcon Americas 2019 Who am I?
@stillinbeta // #SREcon Americas 2019 Who am I?
@stillinbeta // #SREcon Americas 2019 Who am I? It’s pronounced “kube-cuddle”
@stillinbeta // #SREcon Americas 2019 Why should you listen to me? ● sig-cluster-lifecycle member ● kubernetes contributor ● kubeadm developer
@stillinbeta // #SREcon Americas 2019 What is Kubernetes?
@stillinbeta // #SREcon Americas 2019
@stillinbeta // #SREcon Americas 2019
@stillinbeta // #SREcon Americas 2019
@stillinbeta // #SREcon Americas 2019 Node Pod Pod Pod Node Pod Pod Pod User
@stillinbeta // #SREcon Americas 2019 Node Pod Pod Pod Node Pod Pod Pod User
@stillinbeta // #SREcon Americas 2019 Kubernetes API User
@stillinbeta // #SREcon Americas 2019 Kubernetes APIConformance Tests
@stillinbeta // #SREcon Americas 2019 Kubernetes APIConformance Tests
@stillinbeta // #SREcon Americas 2019 Kubernetes APIConformance Tests
@stillinbeta // #SREcon Americas 2019 Kubernetes APIConformance Tests
@stillinbeta // #SREcon Americas 2019 Kubernetes API A wizard did itConformance Tests
@stillinbeta // #SREcon Americas 2019 We got Opinions
@stillinbeta // #SREcon Americas 2019 Kubeadm™ brand Kubernetes
@stillinbeta // #SREcon Americas 2019 kubeadm init
@stillinbeta // #SREcon Americas 2019 $ kubeadm init --help Run this command in order to set up the Kubernetes master. The "init" command executes the following phases: ``` preflight Run master pre-flight checks kubelet-start Writes kubelet settings and (re)starts the kubelet certs Certificate generation /etcd-ca Generates the self-signed CA to provision identities for etcd /etcd-server Generates the certificate for serving etcd /etcd-healthcheck-client Generates the client certificate for liveness probes to healtcheck etcd /apiserver-etcd-client Generates the client apiserver uses to access etcd /etcd-peer Generates the credentials for etcd nodes to communicate with each other /ca Generates the self-signed Kubernetes CA to provision identities for other Kubernetes components /apiserver Generates the certificate for serving the Kubernetes API /apiserver-kubelet-client Generates the Client certificate for the API server to connect to kubelet /front-proxy-ca Generates the self-signed CA to provision identities for front proxy /front-proxy-client Generates the client for the front proxy /sa Generates a private key for signing service account tokens along with its public key kubeconfig Generates all kubeconfig files necessary to establish the control plane and the admin kubeconfig file /admin Generates a kubeconfig file for the admin to use and for kubeadm itself /kubelet Generates a kubeconfig file for the kubelet to use *only* for cluster bootstrapping purposes /controller-manager Generates a kubeconfig file for the controller manager to use /scheduler Generates a kubeconfig file for the scheduler to use control-plane Generates all static Pod manifest files necessary to establish the control plane /apiserver Generates the kube-apiserver static Pod manifest /controller-manager Generates the kube-controller-manager static Pod manifest /scheduler Generates the kube-scheduler static Pod manifest etcd Generates static Pod manifest file for local etcd. /local Generates the static Pod manifest file for a local, single-node local etcd instance. upload-config Uploads the kubeadm and kubelet configuration to a ConfigMap /kubeadm Uploads the kubeadm ClusterConfiguration to a ConfigMap /kubelet Uploads the kubelet component config to a ConfigMap mark-control-plane Mark a node as a control-plane bootstrap-token Generates bootstrap tokens used to join a node to a cluster addon Installs required addons for passing Conformance tests /coredns Installs the CoreDNS addon to a Kubernetes cluster /kube-proxy Installs the kube-proxy addon to a Kubernetes cluster
@stillinbeta // #SREcon Americas 2019 $ kubeadm init --help Run this command in order to set up the Kubernetes master. The "init" command executes the following phases: ``` preflight Run master pre-flight checks kubelet-start Writes kubelet settings and (re)starts the kubelet certs Certificate generation kubeconfig Generates all kubeconfig files necessary control-plane Generates all static Pod manifest files necessary to establish the /apiserver Generates the kube-apiserver static Pod manifest /controller-manager Generates the kube-controller-manager static Pod manifest /scheduler Generates the kube-scheduler static Pod manifest etcd Generates static Pod manifest file for local etcd. /local Generates the static Pod manifest file for a local etcd instance. upload-config Uploads the kubeadm and kubelet configuration to a ConfigMap /kubeadm Uploads the kubeadm ClusterConfiguration to a ConfigMap /kubelet Uploads the kubelet component config to a ConfigMap mark-control-plane Mark a node as a control-plane bootstrap-token Generates bootstrap tokens used to join a node to a cluster addon Installs required addons for passing Conformance tests /coredns Installs the CoreDNS addon to a Kubernetes cluster /kube-proxy Installs the kube-proxy addon to a Kubernetes cluster
@stillinbeta // #SREcon Americas 2019 preflight kubelet-start certs kubeconfig control-plane /apiserver /controller-manager /scheduler etcd /local upload-config /kubeadm /kubelet mark-control-plane bootstrap-token addon /coredns /kube-proxy
@stillinbeta // #SREcon Americas 2019 What are we making? ● kubelet ● etcd ● kube-apiserver ● kube-contoller-manager ● kube-scheduler
@stillinbeta // #SREcon Americas 2019 master kubelet etcd kube- apiserver kube- scheduler kube- controller- manager docker process container Node (VM / physical Machine) https IPC
@stillinbeta // #SREcon Americas 2019 kubelet etcd docker kube- apiserver kube- scheduler kube- controller -manager process container Node (VM / physical Machine)
@stillinbeta // #SREcon Americas 2019 kubelet etcd docker kube- apiserver kube- scheduler kube- controller -manager process Kubernetes pod Node (VM / physical Machine)
@stillinbeta // #SREcon Americas 2019 kubelet etcd docker kube- apiserver kube- scheduler kube- controller -manager process container Node (VM / physical Machine)
@stillinbeta // #SREcon Americas 2019 kubelet
@stillinbeta // #SREcon Americas 2019 What will we need locally? ● kubelet ● kubeadm ● docker
@stillinbeta // #SREcon Americas 2019 kubelet connects to API server... ...but the API server is run by the kubelet
@stillinbeta // #SREcon Americas 2019
@stillinbeta // #SREcon Americas 2019 Kubelet boot Start static pods Try to connect to API server
@stillinbeta // #SREcon Americas 2019 Kubelet boot Start static pods Try to connect to API server
@stillinbeta // #SREcon Americas 2019 Kubelet boot Start static pods
@stillinbeta // #SREcon Americas 2019 Tutorial 1! http://bit.ly/srecon-cake1
@stillinbeta // #SREcon Americas 2019 kubeadm
@stillinbeta // #SREcon Americas 2019 kubeadm REMOVE BEFORE FLIGHT
@stillinbeta // #SREcon Americas 2019 Preflight Checks ● Avoid common problems ● Handy guard-rails ● Ignore at your own peril!
@stillinbeta // #SREcon Americas 2019 Tutorial 2! http://bit.ly/srecon-cake2
@stillinbeta // #SREcon Americas 2019
@stillinbeta // #SREcon Americas 2019 From the Website ● Simple: well-defined, user-facing API (gRPC) ● Secure: automatic TLS with optional client cert authentication ● Fast: benchmarked 10,000 writes/sec ● Reliable: properly distributed using Raft
@stillinbeta // #SREcon Americas 2019 What you care about ● Key/value store ● Optionally distributed ● Only stateful part of kubernetes ● Secured by client certificates
@stillinbeta // #SREcon Americas 2019 Where do we put it? ● External? ● HA? ● Self-Hosted ● Single Node
@stillinbeta // #SREcon Americas 2019 Setting up etcd Generate Certificates Create Pod Manifest Run Healthcheck
@stillinbeta // #SREcon Americas 2019 Tutorial 3! http://bit.ly/srecon-cake3
@stillinbeta // #SREcon Americas 2019 apiserver
@stillinbeta // #SREcon Americas 2019 master kubelet etcd kube- apiserver kube- scheduler kube- controller- manager docker process container Node (VM / physical Machine) https IPC User
@stillinbeta // #SREcon Americas 2019 The centre of everything
@stillinbeta // #SREcon Americas 2019 kube-apiserver
@stillinbeta // #SREcon Americas 2019 kube-apiserver ● Exclusive control of etcd ● Handles all access control ● Stores some (but not all!) APIs ● Proxies everything
@stillinbeta // #SREcon Americas 2019 API Groups? GET /apis/apps/v1/namespaces/default/deployments/myapp API Group API Version Namespace Resource Resource Name
@stillinbeta // #SREcon Americas 2019 Custom Resource Definitions API Request MyCRD Watch NotificationMyCRD Response User (kubectl, curl) kube-apiserver CRD controller
@stillinbeta // #SREcon Americas 2019 kubectl exec Command Command Command output User (kubectl, curl) kube-apiserver Running Pod Command Output
@stillinbeta // #SREcon Americas 2019 Tutorial 4! http://bit.ly/srecon-cake4
@stillinbeta // #SREcon Americas 2019 kube-controller-manager
@stillinbeta // #SREcon Americas 2019 ...that could mean anything
@stillinbeta // #SREcon Americas 2019 Controller State Changes Desired State Reactions
@stillinbeta // #SREcon Americas 2019 ReplicaSetController Pod Created / Destroyed List of ReplicaSets Create / Destroy Pods
@stillinbeta // #SREcon Americas 2019 NodeController Node Health Changes List of Pods Destroy Pods
@stillinbeta // #SREcon Americas 2019 kube-controller-manager Controller goroutineController goroutineController goroutineController goroutineController goroutine Controller goroutineController goroutineController goroutineController goroutineController goroutine Controller goroutineController goroutineController goroutineController goroutineController goroutine Controller goroutineController goroutineController goroutineController goroutineController goroutine
@stillinbeta // #SREcon Americas 2019 Tutorial 5! http://bit.ly/srecon-cake5
@stillinbeta // #SREcon Americas 2019 Scheduler
@stillinbeta // #SREcon Americas 2019 kube-schedulerPods Nodes Assignments
@stillinbeta // #SREcon Americas 2019 I need a GPU I’m out of disk I’m running Solaris I’m in Europe I can’t be on Node17 I want to be in us-east-1c
@stillinbeta // #SREcon Americas 2019 I prefer Europe I prefer not to run on the same node as pod17
@stillinbeta // #SREcon Americas 2019 Bin Packing
@stillinbeta // #SREcon Americas 2019 Tutorial 6! http://bit.ly/srecon-cake6
@stillinbeta // #SREcon Americas 2019 What would be next? ● DNS ● Container Networking ● Proxying ● Multiple Nodes
@stillinbeta // #SREcon Americas 2019 Your Cluster is Not: ● Secure ● Production-Ready ● Resilient ● High-Availability ● Certified Kubernetes
@stillinbeta // #SREcon Americas 2019 But it is yours.
@stillinbeta / #Kubecon Seattle 2018 Questions? Concerns? Come find me! I’m the one with pink hair! Twitter: @stillinbeta slack.k8s.io: @liz Github: github.com/stillinbeta

Recommended

Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud with...
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud with...Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud with...
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud with...VMware Tanzu
 
Building an API using Grape
Building an API using GrapeBuilding an API using Grape
Building an API using Grapevisnu priya
 
What's rancher v2.1.0 JA
What's rancher v2.1.0 JAWhat's rancher v2.1.0 JA
What's rancher v2.1.0 JAcyberblack28 Ichikawa
 
Sailing into 2018 with Kubernetes and Istio
Sailing into 2018 with Kubernetes and IstioSailing into 2018 with Kubernetes and Istio
Sailing into 2018 with Kubernetes and IstioFernand Galiana
 
Making Swift Native Modules in React Native
Making Swift Native Modules in React NativeMaking Swift Native Modules in React Native
Making Swift Native Modules in React NativeRay Deck
 
Spring Cloud Kubernetes - Spencer Gibb
Spring Cloud Kubernetes - Spencer GibbSpring Cloud Kubernetes - Spencer Gibb
Spring Cloud Kubernetes - Spencer GibbVMware Tanzu
 
How to build a tool for operating Flink on Kubernetes
How to build a tool for operating Flink on KubernetesHow to build a tool for operating Flink on Kubernetes
How to build a tool for operating Flink on KubernetesAndreaMedeghini
 
Drone CI/CD Platform
Drone CI/CD PlatformDrone CI/CD Platform
Drone CI/CD PlatformBo-Yi Wu
 

Recommended

Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud with...
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud with...Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud with...
Communication Amongst Microservices: Kubernetes, Istio, and Spring Cloud with...VMware Tanzu
 
Building an API using Grape
Building an API using GrapeBuilding an API using Grape
Building an API using Grapevisnu priya
 
What's rancher v2.1.0 JA
What's rancher v2.1.0 JAWhat's rancher v2.1.0 JA
What's rancher v2.1.0 JAcyberblack28 Ichikawa
 
Sailing into 2018 with Kubernetes and Istio
Sailing into 2018 with Kubernetes and IstioSailing into 2018 with Kubernetes and Istio
Sailing into 2018 with Kubernetes and IstioFernand Galiana
 
Making Swift Native Modules in React Native
Making Swift Native Modules in React NativeMaking Swift Native Modules in React Native
Making Swift Native Modules in React NativeRay Deck
 
Spring Cloud Kubernetes - Spencer Gibb
Spring Cloud Kubernetes - Spencer GibbSpring Cloud Kubernetes - Spencer Gibb
Spring Cloud Kubernetes - Spencer GibbVMware Tanzu
 
How to build a tool for operating Flink on Kubernetes
How to build a tool for operating Flink on KubernetesHow to build a tool for operating Flink on Kubernetes
How to build a tool for operating Flink on KubernetesAndreaMedeghini
 
Drone CI/CD Platform
Drone CI/CD PlatformDrone CI/CD Platform
Drone CI/CD PlatformBo-Yi Wu
 
Test-Driven Infrastructure with Chef
Test-Driven Infrastructure with ChefTest-Driven Infrastructure with Chef
Test-Driven Infrastructure with ChefMichael Lihs
 
The Berkshelf Way
The Berkshelf WayThe Berkshelf Way
The Berkshelf WayChef Software, Inc.
 
Cookbook refactoring & abstracting logic to Ruby(gems)
Cookbook refactoring & abstracting logic to Ruby(gems)Cookbook refactoring & abstracting logic to Ruby(gems)
Cookbook refactoring & abstracting logic to Ruby(gems)Chef Software, Inc.
 
ZFConf 2012: Реализация доступа к СУБД IBM DB2 посредством встраиваемого SQL ...
ZFConf 2012: Реализация доступа к СУБД IBM DB2 посредством встраиваемого SQL ...ZFConf 2012: Реализация доступа к СУБД IBM DB2 посредством встраиваемого SQL ...
ZFConf 2012: Реализация доступа к СУБД IBM DB2 посредством встраиваемого SQL ...ZFConf Conference
 
ATDD with Behat and Selenium (LDNSE6)
ATDD with Behat and Selenium (LDNSE6)ATDD with Behat and Selenium (LDNSE6)
ATDD with Behat and Selenium (LDNSE6)Shashikant Jagtap
 
jbang: Unleash the power of Java for shell scripting
jbang: Unleash the power of Java for shell scriptingjbang: Unleash the power of Java for shell scripting
jbang: Unleash the power of Java for shell scriptingRed Hat Developers
 
Everything-as-code. A polyglot adventure. #DevoxxPL
Everything-as-code. A polyglot adventure. #DevoxxPLEverything-as-code. A polyglot adventure. #DevoxxPL
Everything-as-code. A polyglot adventure. #DevoxxPLMario-Leander Reimer
 
The Berkshelf Way
The Berkshelf WayThe Berkshelf Way
The Berkshelf WayJamie Winsor
 
KubeCon 2017 Zero Touch Provision
KubeCon 2017 Zero Touch ProvisionKubeCon 2017 Zero Touch Provision
KubeCon 2017 Zero Touch ProvisionRackN
 
Habitat 301: Building Habitats
Habitat 301: Building HabitatsHabitat 301: Building Habitats
Habitat 301: Building HabitatsJamie Winsor
 
stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...
stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...
stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...NETWAYS
 
Writing REST APIs with OpenAPI and Swagger Ada
Writing REST APIs with OpenAPI and Swagger AdaWriting REST APIs with OpenAPI and Swagger Ada
Writing REST APIs with OpenAPI and Swagger AdaStephane Carrez
 
You got database in my cloud!
You got database in my cloud!You got database in my cloud!
You got database in my cloud!Liz Frost
 
Recap of de code 2019
Recap of de code 2019Recap of de code 2019
Recap of de code 2019Kyohei Mizumoto
 
Kubernetes from the ground up
Kubernetes from the ground upKubernetes from the ground up
Kubernetes from the ground upSander Knape
 
XPDDS18: A dive into kbuild - Cao jin, Fujitsu
XPDDS18: A dive into kbuild - Cao jin, FujitsuXPDDS18: A dive into kbuild - Cao jin, Fujitsu
XPDDS18: A dive into kbuild - Cao jin, FujitsuThe Linux Foundation
 
Kubernetes Basis: Pods, Deployments, and Services
Kubernetes Basis: Pods, Deployments, and ServicesKubernetes Basis: Pods, Deployments, and Services
Kubernetes Basis: Pods, Deployments, and ServicesJian-Kai Wang
 
Containerize vs Virtualize? NGDC 2009
Containerize vs Virtualize? NGDC 2009Containerize vs Virtualize? NGDC 2009
Containerize vs Virtualize? NGDC 2009Andy d
 
oSC-2023-Cross-Build.pdf
oSC-2023-Cross-Build.pdfoSC-2023-Cross-Build.pdf
oSC-2023-Cross-Build.pdfAdrianSchrter1
 
You got database in my cloud (short version)
You got database in my cloud (short version)You got database in my cloud (short version)
You got database in my cloud (short version)Liz Frost
 
WSO2 Screencast - How to Easily Build a Git-Based CI/CD Pipeline for your API...
WSO2 Screencast - How to Easily Build a Git-Based CI/CD Pipeline for your API...WSO2 Screencast - How to Easily Build a Git-Based CI/CD Pipeline for your API...
WSO2 Screencast - How to Easily Build a Git-Based CI/CD Pipeline for your API...Wasura Wattearachchi
 
Installing Component Pack 6.0.0.6
Installing Component Pack 6.0.0.6Installing Component Pack 6.0.0.6
Installing Component Pack 6.0.0.6LetsConnect
 

More Related Content

What's hot

Test-Driven Infrastructure with Chef
Test-Driven Infrastructure with ChefTest-Driven Infrastructure with Chef
Test-Driven Infrastructure with ChefMichael Lihs
 
Cookbook refactoring & abstracting logic to Ruby(gems)
Cookbook refactoring & abstracting logic to Ruby(gems)Cookbook refactoring & abstracting logic to Ruby(gems)
Cookbook refactoring & abstracting logic to Ruby(gems)Chef Software, Inc.
 
ZFConf 2012: Реализация доступа к СУБД IBM DB2 посредством встраиваемого SQL ...
ZFConf 2012: Реализация доступа к СУБД IBM DB2 посредством встраиваемого SQL ...ZFConf 2012: Реализация доступа к СУБД IBM DB2 посредством встраиваемого SQL ...
ZFConf 2012: Реализация доступа к СУБД IBM DB2 посредством встраиваемого SQL ...ZFConf Conference
 
ATDD with Behat and Selenium (LDNSE6)
ATDD with Behat and Selenium (LDNSE6)ATDD with Behat and Selenium (LDNSE6)
ATDD with Behat and Selenium (LDNSE6)Shashikant Jagtap
 
jbang: Unleash the power of Java for shell scripting
jbang: Unleash the power of Java for shell scriptingjbang: Unleash the power of Java for shell scripting
jbang: Unleash the power of Java for shell scriptingRed Hat Developers
 
Everything-as-code. A polyglot adventure. #DevoxxPL
Everything-as-code. A polyglot adventure. #DevoxxPLEverything-as-code. A polyglot adventure. #DevoxxPL
Everything-as-code. A polyglot adventure. #DevoxxPLMario-Leander Reimer
 
KubeCon 2017 Zero Touch Provision
KubeCon 2017 Zero Touch ProvisionKubeCon 2017 Zero Touch Provision
KubeCon 2017 Zero Touch ProvisionRackN
 
Habitat 301: Building Habitats
Habitat 301: Building HabitatsHabitat 301: Building Habitats
Habitat 301: Building HabitatsJamie Winsor
 
stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...
stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...
stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...NETWAYS
 
Writing REST APIs with OpenAPI and Swagger Ada
Writing REST APIs with OpenAPI and Swagger AdaWriting REST APIs with OpenAPI and Swagger Ada
Writing REST APIs with OpenAPI and Swagger AdaStephane Carrez
 

What's hot (12)

Test-Driven Infrastructure with Chef
Test-Driven Infrastructure with ChefTest-Driven Infrastructure with Chef
Test-Driven Infrastructure with Chef
 
The Berkshelf Way
The Berkshelf WayThe Berkshelf Way
The Berkshelf Way
 
Cookbook refactoring & abstracting logic to Ruby(gems)
Cookbook refactoring & abstracting logic to Ruby(gems)Cookbook refactoring & abstracting logic to Ruby(gems)
Cookbook refactoring & abstracting logic to Ruby(gems)
 
ZFConf 2012: Реализация доступа к СУБД IBM DB2 посредством встраиваемого SQL ...
ZFConf 2012: Реализация доступа к СУБД IBM DB2 посредством встраиваемого SQL ...ZFConf 2012: Реализация доступа к СУБД IBM DB2 посредством встраиваемого SQL ...
ZFConf 2012: Реализация доступа к СУБД IBM DB2 посредством встраиваемого SQL ...
 
ATDD with Behat and Selenium (LDNSE6)
ATDD with Behat and Selenium (LDNSE6)ATDD with Behat and Selenium (LDNSE6)
ATDD with Behat and Selenium (LDNSE6)
 
jbang: Unleash the power of Java for shell scripting
jbang: Unleash the power of Java for shell scriptingjbang: Unleash the power of Java for shell scripting
jbang: Unleash the power of Java for shell scripting
 
Everything-as-code. A polyglot adventure. #DevoxxPL
Everything-as-code. A polyglot adventure. #DevoxxPLEverything-as-code. A polyglot adventure. #DevoxxPL
Everything-as-code. A polyglot adventure. #DevoxxPL
 
The Berkshelf Way
The Berkshelf WayThe Berkshelf Way
The Berkshelf Way
 
KubeCon 2017 Zero Touch Provision
KubeCon 2017 Zero Touch ProvisionKubeCon 2017 Zero Touch Provision
KubeCon 2017 Zero Touch Provision
 
Habitat 301: Building Habitats
Habitat 301: Building HabitatsHabitat 301: Building Habitats
Habitat 301: Building Habitats
 
stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...
stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...
stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...
 
Writing REST APIs with OpenAPI and Swagger Ada
Writing REST APIs with OpenAPI and Swagger AdaWriting REST APIs with OpenAPI and Swagger Ada
Writing REST APIs with OpenAPI and Swagger Ada
 

Similar to Kubernetes from a Box Mix

You got database in my cloud!
You got database in my cloud!You got database in my cloud!
You got database in my cloud!Liz Frost
 
Kubernetes from the ground up
Kubernetes from the ground upKubernetes from the ground up
Kubernetes from the ground upSander Knape
 
XPDDS18: A dive into kbuild - Cao jin, Fujitsu
XPDDS18: A dive into kbuild - Cao jin, FujitsuXPDDS18: A dive into kbuild - Cao jin, Fujitsu
XPDDS18: A dive into kbuild - Cao jin, FujitsuThe Linux Foundation
 
Kubernetes Basis: Pods, Deployments, and Services
Kubernetes Basis: Pods, Deployments, and ServicesKubernetes Basis: Pods, Deployments, and Services
Kubernetes Basis: Pods, Deployments, and ServicesJian-Kai Wang
 
Containerize vs Virtualize? NGDC 2009
Containerize vs Virtualize? NGDC 2009Containerize vs Virtualize? NGDC 2009
Containerize vs Virtualize? NGDC 2009Andy d
 
oSC-2023-Cross-Build.pdf
oSC-2023-Cross-Build.pdfoSC-2023-Cross-Build.pdf
oSC-2023-Cross-Build.pdfAdrianSchrter1
 
You got database in my cloud (short version)
You got database in my cloud (short version)You got database in my cloud (short version)
You got database in my cloud (short version)Liz Frost
 
WSO2 Screencast - How to Easily Build a Git-Based CI/CD Pipeline for your API...
WSO2 Screencast - How to Easily Build a Git-Based CI/CD Pipeline for your API...WSO2 Screencast - How to Easily Build a Git-Based CI/CD Pipeline for your API...
WSO2 Screencast - How to Easily Build a Git-Based CI/CD Pipeline for your API...Wasura Wattearachchi
 
Installing Component Pack 6.0.0.6
Installing Component Pack 6.0.0.6Installing Component Pack 6.0.0.6
Installing Component Pack 6.0.0.6LetsConnect
 
Hands-on VeriFast with STM32 microcontroller @ Nagoya
Hands-on VeriFast with STM32 microcontroller @ NagoyaHands-on VeriFast with STM32 microcontroller @ Nagoya
Hands-on VeriFast with STM32 microcontroller @ NagoyaKiwamu Okabe
 
Ports, pods and proxies
Ports, pods and proxiesPorts, pods and proxies
Ports, pods and proxiesLibbySchulze
 
Mete Atamel - Serverless with Knative - Codemotion Amsterdam 2019
Mete Atamel - Serverless with Knative - Codemotion Amsterdam 2019Mete Atamel - Serverless with Knative - Codemotion Amsterdam 2019
Mete Atamel - Serverless with Knative - Codemotion Amsterdam 2019Codemotion
 
Developing Serverless Applications on Kubernetes with Knative
Developing Serverless Applications on Kubernetes with KnativeDeveloping Serverless Applications on Kubernetes with Knative
Developing Serverless Applications on Kubernetes with KnativeVMware Tanzu
 
Blasting Through the Clouds - Automating Cloud Foundry with Concourse CI
Blasting Through the Clouds - Automating Cloud Foundry with Concourse CIBlasting Through the Clouds - Automating Cloud Foundry with Concourse CI
Blasting Through the Clouds - Automating Cloud Foundry with Concourse CIFabian Keller
 
AWS 고객사를 위한 ‘AWS 컨테이너 교육’ - 유재석, AWS 솔루션즈 아키텍트
AWS 고객사를 위한 ‘AWS 컨테이너 교육’ - 유재석, AWS 솔루션즈 아키텍트AWS 고객사를 위한 ‘AWS 컨테이너 교육’ - 유재석, AWS 솔루션즈 아키텍트
AWS 고객사를 위한 ‘AWS 컨테이너 교육’ - 유재석, AWS 솔루션즈 아키텍트Amazon Web Services Korea
 
Webinar - Unbox GitLab CI/CD
Webinar - Unbox GitLab CI/CD Webinar - Unbox GitLab CI/CD
Webinar - Unbox GitLab CI/CD Annie Huang
 
Scaling docker with kubernetes
Scaling docker with kubernetesScaling docker with kubernetes
Scaling docker with kubernetesLiran Cohen
 
AWS Container Services – 유재석 (AWS 솔루션즈 아키텍트)
AWS Container Services – 유재석 (AWS 솔루션즈 아키텍트)AWS Container Services – 유재석 (AWS 솔루션즈 아키텍트)
AWS Container Services – 유재석 (AWS 솔루션즈 아키텍트)Amazon Web Services Korea
 

Similar to Kubernetes from a Box Mix (20)

You got database in my cloud!
You got database in my cloud!You got database in my cloud!
You got database in my cloud!
 
Recap of de code 2019
Recap of de code 2019Recap of de code 2019
Recap of de code 2019
 
Kubernetes from the ground up
Kubernetes from the ground upKubernetes from the ground up
Kubernetes from the ground up
 
XPDDS18: A dive into kbuild - Cao jin, Fujitsu
XPDDS18: A dive into kbuild - Cao jin, FujitsuXPDDS18: A dive into kbuild - Cao jin, Fujitsu
XPDDS18: A dive into kbuild - Cao jin, Fujitsu
 
Kubernetes Basis: Pods, Deployments, and Services
Kubernetes Basis: Pods, Deployments, and ServicesKubernetes Basis: Pods, Deployments, and Services
Kubernetes Basis: Pods, Deployments, and Services
 
Containerize vs Virtualize? NGDC 2009
Containerize vs Virtualize? NGDC 2009Containerize vs Virtualize? NGDC 2009
Containerize vs Virtualize? NGDC 2009
 
oSC-2023-Cross-Build.pdf
oSC-2023-Cross-Build.pdfoSC-2023-Cross-Build.pdf
oSC-2023-Cross-Build.pdf
 
You got database in my cloud (short version)
You got database in my cloud (short version)You got database in my cloud (short version)
You got database in my cloud (short version)
 
WSO2 Screencast - How to Easily Build a Git-Based CI/CD Pipeline for your API...
WSO2 Screencast - How to Easily Build a Git-Based CI/CD Pipeline for your API...WSO2 Screencast - How to Easily Build a Git-Based CI/CD Pipeline for your API...
WSO2 Screencast - How to Easily Build a Git-Based CI/CD Pipeline for your API...
 
Installing Component Pack 6.0.0.6
Installing Component Pack 6.0.0.6Installing Component Pack 6.0.0.6
Installing Component Pack 6.0.0.6
 
Hands-on VeriFast with STM32 microcontroller @ Nagoya
Hands-on VeriFast with STM32 microcontroller @ NagoyaHands-on VeriFast with STM32 microcontroller @ Nagoya
Hands-on VeriFast with STM32 microcontroller @ Nagoya
 
Ports, pods and proxies
Ports, pods and proxiesPorts, pods and proxies
Ports, pods and proxies
 
Mete Atamel - Serverless with Knative - Codemotion Amsterdam 2019
Mete Atamel - Serverless with Knative - Codemotion Amsterdam 2019Mete Atamel - Serverless with Knative - Codemotion Amsterdam 2019
Mete Atamel - Serverless with Knative - Codemotion Amsterdam 2019
 
Developing Serverless Applications on Kubernetes with Knative
Developing Serverless Applications on Kubernetes with KnativeDeveloping Serverless Applications on Kubernetes with Knative
Developing Serverless Applications on Kubernetes with Knative
 
Blasting Through the Clouds - Automating Cloud Foundry with Concourse CI
Blasting Through the Clouds - Automating Cloud Foundry with Concourse CIBlasting Through the Clouds - Automating Cloud Foundry with Concourse CI
Blasting Through the Clouds - Automating Cloud Foundry with Concourse CI
 
AWS 고객사를 위한 ‘AWS 컨테이너 교육’ - 유재석, AWS 솔루션즈 아키텍트
AWS 고객사를 위한 ‘AWS 컨테이너 교육’ - 유재석, AWS 솔루션즈 아키텍트AWS 고객사를 위한 ‘AWS 컨테이너 교육’ - 유재석, AWS 솔루션즈 아키텍트
AWS 고객사를 위한 ‘AWS 컨테이너 교육’ - 유재석, AWS 솔루션즈 아키텍트
 
Webinar - Unbox GitLab CI/CD
Webinar - Unbox GitLab CI/CD Webinar - Unbox GitLab CI/CD
Webinar - Unbox GitLab CI/CD
 
Scaling docker with kubernetes
Scaling docker with kubernetesScaling docker with kubernetes
Scaling docker with kubernetes
 
Buri2019
Buri2019Buri2019
Buri2019
 
AWS Container Services – 유재석 (AWS 솔루션즈 아키텍트)
AWS Container Services – 유재석 (AWS 솔루션즈 아키텍트)AWS Container Services – 유재석 (AWS 솔루션즈 아키텍트)
AWS Container Services – 유재석 (AWS 솔루션즈 아키텍트)
 

Recently uploaded

2024 DevNexus Patterns for Resiliency: Shuffle shards
2024 DevNexus Patterns for Resiliency: Shuffle shards2024 DevNexus Patterns for Resiliency: Shuffle shards
2024 DevNexus Patterns for Resiliency: Shuffle shardsChristopher Curtin
 
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...OnePlan Solutions
 
Not a Kubernetes fan? The state of PaaS in 2024
Not a Kubernetes fan? The state of PaaS in 2024Not a Kubernetes fan? The state of PaaS in 2024
Not a Kubernetes fan? The state of PaaS in 2024Anthony Dahanne
 
Sending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdfSending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdf31events.com
 
Machine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their EngineeringMachine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their EngineeringHironori Washizaki
 
Large Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and RepairLarge Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and RepairLionel Briand
 
What’s New in VictoriaMetrics: Q1 2024 Updates
What’s New in VictoriaMetrics: Q1 2024 UpdatesWhat’s New in VictoriaMetrics: Q1 2024 Updates
What’s New in VictoriaMetrics: Q1 2024 UpdatesVictoriaMetrics
 
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...Bert Jan Schrijver
 
UI5ers live - Custom Controls wrapping 3rd-party libs.pptx
UI5ers live - Custom Controls wrapping 3rd-party libs.pptxUI5ers live - Custom Controls wrapping 3rd-party libs.pptx
UI5ers live - Custom Controls wrapping 3rd-party libs.pptxAndreas Kunz
 
SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at RuntimeSpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtimeandrehoraa
 
A healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfA healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfMarharyta Nedzelska
 
Leveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
Leveraging AI for Mobile App Testing on Real Devices | Applitools + KobitonLeveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
Leveraging AI for Mobile App Testing on Real Devices | Applitools + KobitonApplitools
 
The Role of IoT and Sensor Technology in Cargo Cloud Solutions.pptx
The Role of IoT and Sensor Technology in Cargo Cloud Solutions.pptxThe Role of IoT and Sensor Technology in Cargo Cloud Solutions.pptx
The Role of IoT and Sensor Technology in Cargo Cloud Solutions.pptxRTS corp
 
Effectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryErrorEffectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryErrorTier1 app
 
Salesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZSalesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZABSYZ Inc
 
Ronisha Informatics Private Limited Catalogue
Ronisha Informatics Private Limited CatalogueRonisha Informatics Private Limited Catalogue
Ronisha Informatics Private Limited Catalogueitservices996
 
eSoftTools IMAP Backup Software and migration tools
eSoftTools IMAP Backup Software and migration toolseSoftTools IMAP Backup Software and migration tools
eSoftTools IMAP Backup Software and migration toolsosttopstonverter
 
Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...Rob Geurden
 
Best Angular 17 Classroom & Online training - Naresh IT
Best Angular 17 Classroom & Online training - Naresh ITBest Angular 17 Classroom & Online training - Naresh IT
Best Angular 17 Classroom & Online training - Naresh ITmanoharjgpsolutions
 
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Cizo Technology Services
 

Recently uploaded (20)

2024 DevNexus Patterns for Resiliency: Shuffle shards
2024 DevNexus Patterns for Resiliency: Shuffle shards2024 DevNexus Patterns for Resiliency: Shuffle shards
2024 DevNexus Patterns for Resiliency: Shuffle shards
 
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...
 
Not a Kubernetes fan? The state of PaaS in 2024
Not a Kubernetes fan? The state of PaaS in 2024Not a Kubernetes fan? The state of PaaS in 2024
Not a Kubernetes fan? The state of PaaS in 2024
 
Sending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdfSending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdf
 
Machine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their EngineeringMachine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their Engineering
 
Large Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and RepairLarge Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and Repair
 
What’s New in VictoriaMetrics: Q1 2024 Updates
What’s New in VictoriaMetrics: Q1 2024 UpdatesWhat’s New in VictoriaMetrics: Q1 2024 Updates
What’s New in VictoriaMetrics: Q1 2024 Updates
 
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
 
UI5ers live - Custom Controls wrapping 3rd-party libs.pptx
UI5ers live - Custom Controls wrapping 3rd-party libs.pptxUI5ers live - Custom Controls wrapping 3rd-party libs.pptx
UI5ers live - Custom Controls wrapping 3rd-party libs.pptx
 
SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at RuntimeSpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtime
 
A healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfA healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdf
 
Leveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
Leveraging AI for Mobile App Testing on Real Devices | Applitools + KobitonLeveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
Leveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
 
The Role of IoT and Sensor Technology in Cargo Cloud Solutions.pptx
The Role of IoT and Sensor Technology in Cargo Cloud Solutions.pptxThe Role of IoT and Sensor Technology in Cargo Cloud Solutions.pptx
The Role of IoT and Sensor Technology in Cargo Cloud Solutions.pptx
 
Effectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryErrorEffectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryError
 
Salesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZSalesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZ
 
Ronisha Informatics Private Limited Catalogue
Ronisha Informatics Private Limited CatalogueRonisha Informatics Private Limited Catalogue
Ronisha Informatics Private Limited Catalogue
 
eSoftTools IMAP Backup Software and migration tools
eSoftTools IMAP Backup Software and migration toolseSoftTools IMAP Backup Software and migration tools
eSoftTools IMAP Backup Software and migration tools
 
Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...
 
Best Angular 17 Classroom & Online training - Naresh IT
Best Angular 17 Classroom & Online training - Naresh ITBest Angular 17 Classroom & Online training - Naresh IT
Best Angular 17 Classroom & Online training - Naresh IT
 
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
 

Kubernetes from a Box Mix

  • 1. @stillinbeta // #SREcon Americas 2019 While you’re waiting... http://bit.ly/srecon-cake0
  • 2. @stillinbeta // #SREcon Americas 2019 Kubernetes From A Cake Mix Liz Frost
  • 3. @stillinbeta // #SREcon Americas 2019 Who am I? Liz Frost Twitter: @stillinbeta slack.k8s.io: @liz
  • 4. @stillinbeta // #SREcon Americas 2019 Who am I?
  • 5. @stillinbeta // #SREcon Americas 2019 Who am I?
  • 6. @stillinbeta // #SREcon Americas 2019 Who am I? It’s pronounced “kube-cuddle”
  • 7. @stillinbeta // #SREcon Americas 2019 Why should you listen to me? ● sig-cluster-lifecycle member ● kubernetes contributor ● kubeadm developer
  • 8. @stillinbeta // #SREcon Americas 2019 What is Kubernetes?
  • 9. @stillinbeta // #SREcon Americas 2019
  • 10. @stillinbeta // #SREcon Americas 2019
  • 11. @stillinbeta // #SREcon Americas 2019
  • 12. @stillinbeta // #SREcon Americas 2019 Node Pod Pod Pod Node Pod Pod Pod User
  • 13. @stillinbeta // #SREcon Americas 2019 Node Pod Pod Pod Node Pod Pod Pod User
  • 14. @stillinbeta // #SREcon Americas 2019 Kubernetes API User
  • 15. @stillinbeta // #SREcon Americas 2019 Kubernetes APIConformance Tests
  • 16. @stillinbeta // #SREcon Americas 2019 Kubernetes APIConformance Tests
  • 17. @stillinbeta // #SREcon Americas 2019 Kubernetes APIConformance Tests
  • 18. @stillinbeta // #SREcon Americas 2019 Kubernetes APIConformance Tests
  • 19. @stillinbeta // #SREcon Americas 2019 Kubernetes API A wizard did itConformance Tests
  • 20. @stillinbeta // #SREcon Americas 2019 We got Opinions
  • 21. @stillinbeta // #SREcon Americas 2019 Kubeadm™ brand Kubernetes
  • 22. @stillinbeta // #SREcon Americas 2019 kubeadm init
  • 23. @stillinbeta // #SREcon Americas 2019 $ kubeadm init --help Run this command in order to set up the Kubernetes master. The "init" command executes the following phases: ``` preflight Run master pre-flight checks kubelet-start Writes kubelet settings and (re)starts the kubelet certs Certificate generation /etcd-ca Generates the self-signed CA to provision identities for etcd /etcd-server Generates the certificate for serving etcd /etcd-healthcheck-client Generates the client certificate for liveness probes to healtcheck etcd /apiserver-etcd-client Generates the client apiserver uses to access etcd /etcd-peer Generates the credentials for etcd nodes to communicate with each other /ca Generates the self-signed Kubernetes CA to provision identities for other Kubernetes components /apiserver Generates the certificate for serving the Kubernetes API /apiserver-kubelet-client Generates the Client certificate for the API server to connect to kubelet /front-proxy-ca Generates the self-signed CA to provision identities for front proxy /front-proxy-client Generates the client for the front proxy /sa Generates a private key for signing service account tokens along with its public key kubeconfig Generates all kubeconfig files necessary to establish the control plane and the admin kubeconfig file /admin Generates a kubeconfig file for the admin to use and for kubeadm itself /kubelet Generates a kubeconfig file for the kubelet to use *only* for cluster bootstrapping purposes /controller-manager Generates a kubeconfig file for the controller manager to use /scheduler Generates a kubeconfig file for the scheduler to use control-plane Generates all static Pod manifest files necessary to establish the control plane /apiserver Generates the kube-apiserver static Pod manifest /controller-manager Generates the kube-controller-manager static Pod manifest /scheduler Generates the kube-scheduler static Pod manifest etcd Generates static Pod manifest file for local etcd. /local Generates the static Pod manifest file for a local, single-node local etcd instance. upload-config Uploads the kubeadm and kubelet configuration to a ConfigMap /kubeadm Uploads the kubeadm ClusterConfiguration to a ConfigMap /kubelet Uploads the kubelet component config to a ConfigMap mark-control-plane Mark a node as a control-plane bootstrap-token Generates bootstrap tokens used to join a node to a cluster addon Installs required addons for passing Conformance tests /coredns Installs the CoreDNS addon to a Kubernetes cluster /kube-proxy Installs the kube-proxy addon to a Kubernetes cluster
  • 24. @stillinbeta // #SREcon Americas 2019 $ kubeadm init --help Run this command in order to set up the Kubernetes master. The "init" command executes the following phases: ``` preflight Run master pre-flight checks kubelet-start Writes kubelet settings and (re)starts the kubelet certs Certificate generation kubeconfig Generates all kubeconfig files necessary control-plane Generates all static Pod manifest files necessary to establish the /apiserver Generates the kube-apiserver static Pod manifest /controller-manager Generates the kube-controller-manager static Pod manifest /scheduler Generates the kube-scheduler static Pod manifest etcd Generates static Pod manifest file for local etcd. /local Generates the static Pod manifest file for a local etcd instance. upload-config Uploads the kubeadm and kubelet configuration to a ConfigMap /kubeadm Uploads the kubeadm ClusterConfiguration to a ConfigMap /kubelet Uploads the kubelet component config to a ConfigMap mark-control-plane Mark a node as a control-plane bootstrap-token Generates bootstrap tokens used to join a node to a cluster addon Installs required addons for passing Conformance tests /coredns Installs the CoreDNS addon to a Kubernetes cluster /kube-proxy Installs the kube-proxy addon to a Kubernetes cluster
  • 25. @stillinbeta // #SREcon Americas 2019 preflight kubelet-start certs kubeconfig control-plane /apiserver /controller-manager /scheduler etcd /local upload-config /kubeadm /kubelet mark-control-plane bootstrap-token addon /coredns /kube-proxy
  • 26. @stillinbeta // #SREcon Americas 2019 What are we making? ● kubelet ● etcd ● kube-apiserver ● kube-contoller-manager ● kube-scheduler
  • 27. @stillinbeta // #SREcon Americas 2019 master kubelet etcd kube- apiserver kube- scheduler kube- controller- manager docker process container Node (VM / physical Machine) https IPC
  • 28. @stillinbeta // #SREcon Americas 2019 kubelet etcd docker kube- apiserver kube- scheduler kube- controller -manager process container Node (VM / physical Machine)
  • 29. @stillinbeta // #SREcon Americas 2019 kubelet etcd docker kube- apiserver kube- scheduler kube- controller -manager process Kubernetes pod Node (VM / physical Machine)
  • 30. @stillinbeta // #SREcon Americas 2019 kubelet etcd docker kube- apiserver kube- scheduler kube- controller -manager process container Node (VM / physical Machine)
  • 31. @stillinbeta // #SREcon Americas 2019 kubelet
  • 32. @stillinbeta // #SREcon Americas 2019 What will we need locally? ● kubelet ● kubeadm ● docker
  • 33. @stillinbeta // #SREcon Americas 2019 kubelet connects to API server... ...but the API server is run by the kubelet
  • 34. @stillinbeta // #SREcon Americas 2019
  • 35. @stillinbeta // #SREcon Americas 2019 Kubelet boot Start static pods Try to connect to API server
  • 36. @stillinbeta // #SREcon Americas 2019 Kubelet boot Start static pods Try to connect to API server
  • 37. @stillinbeta // #SREcon Americas 2019 Kubelet boot Start static pods
  • 38. @stillinbeta // #SREcon Americas 2019 Tutorial 1! http://bit.ly/srecon-cake1
  • 39. @stillinbeta // #SREcon Americas 2019 kubeadm
  • 40. @stillinbeta // #SREcon Americas 2019 kubeadm REMOVE BEFORE FLIGHT
  • 41. @stillinbeta // #SREcon Americas 2019 Preflight Checks ● Avoid common problems ● Handy guard-rails ● Ignore at your own peril!
  • 42. @stillinbeta // #SREcon Americas 2019 Tutorial 2! http://bit.ly/srecon-cake2
  • 43. @stillinbeta // #SREcon Americas 2019
  • 44. @stillinbeta // #SREcon Americas 2019 From the Website ● Simple: well-defined, user-facing API (gRPC) ● Secure: automatic TLS with optional client cert authentication ● Fast: benchmarked 10,000 writes/sec ● Reliable: properly distributed using Raft
  • 45. @stillinbeta // #SREcon Americas 2019 What you care about ● Key/value store ● Optionally distributed ● Only stateful part of kubernetes ● Secured by client certificates
  • 46. @stillinbeta // #SREcon Americas 2019 Where do we put it? ● External? ● HA? ● Self-Hosted ● Single Node
  • 47. @stillinbeta // #SREcon Americas 2019 Setting up etcd Generate Certificates Create Pod Manifest Run Healthcheck
  • 48. @stillinbeta // #SREcon Americas 2019 Tutorial 3! http://bit.ly/srecon-cake3
  • 49. @stillinbeta // #SREcon Americas 2019 apiserver
  • 50. @stillinbeta // #SREcon Americas 2019 master kubelet etcd kube- apiserver kube- scheduler kube- controller- manager docker process container Node (VM / physical Machine) https IPC User
  • 51. @stillinbeta // #SREcon Americas 2019 The centre of everything
  • 52. @stillinbeta // #SREcon Americas 2019 kube-apiserver
  • 53. @stillinbeta // #SREcon Americas 2019 kube-apiserver ● Exclusive control of etcd ● Handles all access control ● Stores some (but not all!) APIs ● Proxies everything
  • 54. @stillinbeta // #SREcon Americas 2019 API Groups? GET /apis/apps/v1/namespaces/default/deployments/myapp API Group API Version Namespace Resource Resource Name
  • 55. @stillinbeta // #SREcon Americas 2019 Custom Resource Definitions API Request MyCRD Watch NotificationMyCRD Response User (kubectl, curl) kube-apiserver CRD controller
  • 56. @stillinbeta // #SREcon Americas 2019 kubectl exec Command Command Command output User (kubectl, curl) kube-apiserver Running Pod Command Output
  • 57. @stillinbeta // #SREcon Americas 2019 Tutorial 4! http://bit.ly/srecon-cake4
  • 58. @stillinbeta // #SREcon Americas 2019 kube-controller-manager
  • 59. @stillinbeta // #SREcon Americas 2019 ...that could mean anything
  • 60. @stillinbeta // #SREcon Americas 2019 Controller State Changes Desired State Reactions
  • 61. @stillinbeta // #SREcon Americas 2019 ReplicaSetController Pod Created / Destroyed List of ReplicaSets Create / Destroy Pods
  • 62. @stillinbeta // #SREcon Americas 2019 NodeController Node Health Changes List of Pods Destroy Pods
  • 63. @stillinbeta // #SREcon Americas 2019 kube-controller-manager Controller goroutineController goroutineController goroutineController goroutineController goroutine Controller goroutineController goroutineController goroutineController goroutineController goroutine Controller goroutineController goroutineController goroutineController goroutineController goroutine Controller goroutineController goroutineController goroutineController goroutineController goroutine
  • 64. @stillinbeta // #SREcon Americas 2019 Tutorial 5! http://bit.ly/srecon-cake5
  • 65. @stillinbeta // #SREcon Americas 2019 Scheduler
  • 66. @stillinbeta // #SREcon Americas 2019 kube-schedulerPods Nodes Assignments
  • 67. @stillinbeta // #SREcon Americas 2019 I need a GPU I’m out of disk I’m running Solaris I’m in Europe I can’t be on Node17 I want to be in us-east-1c
  • 68. @stillinbeta // #SREcon Americas 2019 I prefer Europe I prefer not to run on the same node as pod17
  • 69. @stillinbeta // #SREcon Americas 2019 Bin Packing
  • 70. @stillinbeta // #SREcon Americas 2019 Tutorial 6! http://bit.ly/srecon-cake6
  • 71. @stillinbeta // #SREcon Americas 2019 What would be next? ● DNS ● Container Networking ● Proxying ● Multiple Nodes
  • 72. @stillinbeta // #SREcon Americas 2019 Your Cluster is Not: ● Secure ● Production-Ready ● Resilient ● High-Availability ● Certified Kubernetes
  • 73. @stillinbeta // #SREcon Americas 2019 But it is yours.
  • 74. @stillinbeta / #Kubecon Seattle 2018 Questions? Concerns? Come find me! I’m the one with pink hair! Twitter: @stillinbeta slack.k8s.io: @liz Github: github.com/stillinbeta