SlideShare a Scribd company logo

Kubeadm Deep Dive (Kubecon Seattle 2018)

L
Liz Frost

A deep dive into the cluster setup and upgrade tool Kubeadm, presented at Kubecon 2018 by Liz Frost and Tim StClair

Engineering
1 of 39
Download to read offline
#kubeadm deep dive
Agenda ● Who? ● Mission ● GA ● Roadmap 2019 ● Getting Involved ● Q/A L
Who? L
Who are we? Timothy St. Clair SIG Cluster Lifecycle co-lead Steering Committee Member Staff Engineer @Heptio/VMWare @timothysc Liz Frost SIG Cluster Lifecycle Contributor Kube Cuddle creator SW Engineer @Heptio/VMWare @liztio
Who are we? ● 100s of contributors across several companies ● Smaller core group of active maintainers ○ VMWare ■ Lubomir, Ross ○ VMWare (née Heptio) ■ Tim, Liz, Jason, Chuck ○ Suse ■ Marek, Rafael ○ Intel ■ Alex, Ed ○ Other/Independent ■ Luxas, Fabrizio, Yago, Di ● Large user community on #kubeadm L
Mission L
What is our mission? SIG Cluster Lifecycle’s objective is to simplify creation, configuration, upgrade, downgrade, and teardown of Kubernetes clusters and their components. L
<BRACE FOR RANT} T
Why are we doing this? ● To prevent the mistakes of other open source cluster mgmt provisioning tools ○ Because… ■ Kubernetes is the beginning of the story, not the end ■ commoditizing the deployment of the core raises all boats and allows the community to focus on solving end user problems ■ “production grade” shouldn’t be firewalled by providers ■ It should “just work” ■ Because cross provider matters ● To make the management of (X) clusters across (Y) providers simple, secure, and configurable. T
Why (unix philosophy)? ● Make each program do one thing well. To do a new job, build afresh rather than complicate old programs by adding new "features". ● Expect the output of every program to become the input to another, as yet unknown, program. Don't clutter output with extraneous information. Don't insist on interactive input. ● Design and build software, to be tried early, ideally within weeks. Don't hesitate to throw away the clumsy parts and rebuild them. ● Use tools instead of people to lighten a programming task, even if you have to detour to build the tools and expect to throw some of them out after you've finished using them. ○ Write down the “Hard Way” and optimize 80% UX Flow with override T
Key Design Takeaways ● kubeadm’s task is to set up a best-practice cluster for each minor version ● The user experience should be simple, and the cluster reasonably secure ● kubeadm’s scope is limited; intended to be a composable building block ○ Only ever deals with the local filesystem and the Kubernetes API ○ Agnostic to how exactly the kubelet is run ○ Setting up or favoring a specific CNI network is out of scope ● Composable architecture with everything divided into phases ● Versioned configuration T
Component View Master 1 Master N Node 1 Node N kubeadm kubeadm kubeadm kubeadm Cloud Provider Load Balancers Monitoring Logging Cluster API Spec Cluster API Cluster API Implementation Addons Kubernetes API Bootstrapping Machines Infrastructure Layer 2 The scope of kubeadm Layer 3 Layer 1
Kubeadm is GA!!!
What does GA mean? ● Stable command-line UX — The kubeadm CLI conforms to #5a GA rule of the Kubernetes Deprecation Policy, which states that a command or flag that exists in a GA version must be kept for at least 12 months after deprecation. ○ init/join/upgrade/config/reset/token/version ● Stable underlying implementation — kubeadm now creates a new Kubernetes cluster using methods that shouldn’t change any time soon. The control plane, for example, is run as a set of static Pods, bootstrap tokens are used for the kubeadm join flow, and ComponentConfig is used for configuring the kubelet. ● Upgrades between minor versions — The kubeadm upgrade command is now fully GA. It handles control plane upgrades for you, which includes upgrades to etcd, the API Server, the Controller Manager, and the Scheduler. You can seamlessly upgrade your cluster between minor or patch versions (e.g. v1.12.2 -> v1.13.1 or v1.13.1 -> v1.13.3). T
What does GA mean? ● Configuration file schema — With the new v1beta1 API version, you can now tune almost every part of the cluster declaratively and thus build a “GitOps” flow around kubeadm-built clusters. In future versions, we plan to graduate the API to version v1 with minimal changes (and perhaps none). ○ Examples and references are now in standard Godoc format ○ Config is split into parts ■ InitConfiguration ■ ClusterConfiguration - stored on cluster in a configmap ■ JoinConfiguration L
kubeadm: InitConfiguration apiVersion: kubeadm.k8s.io/v1beta1 kind: InitConfiguration localAPIEndpoint: advertiseAddress: "10.100.0.1" bindPort: 6443 nodeRegistration: criSocket: "/var/run/crio/crio.sock" kubeletExtraArgs: cgroupDriver: "cgroupfs" bootstrapTokens: ... • Usage • “kubeadm init --config …” • Why • Custom API endpoint address • Specify init bootstrap tokens • Pass custom kubelet flags • Set node name/taints L
kubeadm: Cluster Configuration apiVersion: kubeadm.k8s.io/v1beta1 kind: ClusterConfiguration kubernetesVersion: "v1.12.2" imageRepository: registry.example.com networking: serviceSubnet: "10.96.0.0/12" dnsDomain: "cluster.local" etcd: ... apiServer: extraArgs: ... extraVolumes: ... • Usage • “kubeadm init --config …” • Why • Fine tune cluster defaults • Custom arguments and volume mounts to control plane components L
What does GA mean? ● The “toolbox” interface of kubeadm — Also known as phases. If you don’t want to perform all kubeadm init tasks, you can instead apply more fine-grained actions using the kubeadm init phase command (for example generating certificates or control plane Static Pod manifests). ○ Currently this only applies to `kubeadm init` ○ In 2019 - `kubeadm join phases` ● etcd setup — etcd is now set up in a way that is secure by default, with TLS communication everywhere, and allows for expanding to a highly available cluster when needed. T
kubeadm: init phases preflight Run pre-flight checks kubelet-start Writes kubelet settings and (re)starts the kubelet certs Generates certificates for a Kubernetes cluster kubeconfig Generates all kubeconfig files for the control plane and the admin kubeconfig file control-plane Generates all static Pod manifest files necessary to establish the control plane etcd Generates static Pod manifest file for local etcd. upload-config Uploads the currently used configuration for kubeadm to a ConfigMap mark-control-plane Mark a node as a control-plane bootstrap-token Manage kubeadm-specific bootstrap token functions addon Installs required addons for passing Conformance tests T
kubeadm: init phases Run Preflight Checks Install DNS and Proxy Addons Setup the RBAC Authorization System Taint and label the master Upload kubeadm & kubelet config to a ConfigMap Kubelet Start Wait for the control plane to be healthy Generate static Pod Manifests for the Control Plane Generate Certificates Generate KubeConfig Files Generate a (by default random) Bootstrap Token T
kubeadm joinkubeadm join Preflight Checks Fetches Init Configuration Run Specific Checks base on the Init Configuration Checks if the Cluster Configuration Supports Runs Kubeadm Init Preflight Check Generates static Pod Manifests for new Control Plane Bootstraps Kubelet Uploading Currently Used InitConfiguration Applies Master Label and Taints --experimental-control-plane --experimental-control-plane
kubeadm upgrade: Control Plane Preflight Checks Checks if the cluster is healthy Gets the configuration from the "kubeadm-config" ConfigMap Enforces all version skew policies Upgrades the control plane Static Pods Upgrade RBAC rules and addons L
Certificate Management etcd kubelet kubelet API Server Proxied Pod Poduser L
Certificate Management ● apiserver ● apiserver-kubelet-client ● front-proxy-client ● etcd-server ● etcd-peer ● etcd-healthcheck-client ● apiserver-etcd-client ● user certificates L
Certificate Hierarchy ● root CA ○ apiserver ○ apiserver-kubelet-client ● front-proxy CA ○ front-proxy-client ● etcd CA ○ etcd-server ○ etcd-peer ○ etcd-healthcheck-client ○ apiserver-etcd-client L
Certificate Hierarchy ● root CA ○ apiserver ○ apiserver-kubelet-client ● front-proxy CA ○ front-proxy-client ● etcd CA ○ etcd-server ○ etcd-peer ○ etcd-healthcheck-client ○ apiserver-etcd-client root CA etcd CA front proxy CA kube client api server etcd server etcd peer etcd health check api etcd client front proxy client L
Certificate Generation ● From Scratch root CA etcd CA front proxy CA kube client api server etcd server etcd peer etcd health check api etcd client front proxy client L
Certificate Generation ● From Scratch ● Provided CAs (+ keys) root CA etcd CA front proxy CA kube client api server etcd server etcd peer etcd health check api etcd client front proxy client L
Certificate Generation ● From Scratch ● Provided CAs (+ keys) ● All External (keys optional) root CA etcd CA front proxy CA kube client api server etcd server etcd peer etcd health check api etcd client front proxy client L
Certificate Generation ● From Scratch ● Provided CAs (+ keys) ● All External (keys optional) ● Mixed root CA etcd CA front proxy CA kube client api server etcd server etcd peer etcd health check api etcd client front proxy client L
Other Certificate Options ● Generate CSRs! ● `kubeadm alpha certs renew` ● Certificates API requests L
2019 Roadmap L
2019 Roadmap ● Config to v1 ● HA to GA ○ Full test automation ● Continued promotion of alpha phases to subcommands ○ e.g. join phases ● Grand unified field theory on ComponentConfiguration ○ Working group being formed. ● Incorporate etcdadm and bundles when stable ● Test and release automation … T
Testing and release tooling T
2019 Roadmap - CI + Release ● CI ○ KIND as the only PR blocking job ○ Move all SCL jobs to periodics ○ CI = release artifacts ○ Kill `kubernetes-anywhere` with extreme prejudice ● Release ○ Move all package building into k/k ■ .deb/rpm build artifacts ○ Keep signing and publishing separate in the release repo ○ Work with k8s-infra team ■ Want -devel and -stable repos & registries T
Getting Involved http://bit.ly/kubeadm-survey L
How can you contribute ● Contributing to SIG Cluster Lifecycle documentation ● We’re working on growing the contributor/reviewers pool; scaling the SIG ● We have “Office Hours” for our projects: weekly for kubeadm, bi-weekly for kops and kubespray… ● Cluster API office hours weekly for both US West Coast and EMEA ● Full list of SIG meetings and links to minutes and recordings can be found on SIG page ● Attend our Zoom meetings / be around on Slack ● Look for “good first issue”, “help wanted” and “sig/cluster-lifecycle” labeled issues in our repositories L
Logistics ● Follow the SIG Cluster Lifecycle YouTube playlist ● Check out the meeting notes for our weekly office hours meetings ● Join #sig-cluster-lifecycle, #kubeadm channels ● Check out the kubeadm setup guide, reference doc and design doc ● Read how you can get involved and improve kubeadm! L
Thank You! Q/A

Recommended

2016 - Continuously Delivering Microservices in Kubernetes using Jenkins
2016 - Continuously Delivering Microservices in Kubernetes using Jenkins2016 - Continuously Delivering Microservices in Kubernetes using Jenkins
2016 - Continuously Delivering Microservices in Kubernetes using Jenkinsdevopsdaysaustin
 
Lessons learned from the charts repo
Lessons learned from the charts repoLessons learned from the charts repo
Lessons learned from the charts repoVictor Iglesias
 
Effective Building your Platform with Kubernetes == Keep it Simple
Effective Building your Platform with Kubernetes == Keep it Simple Effective Building your Platform with Kubernetes == Keep it Simple
Effective Building your Platform with Kubernetes == Keep it Simple Wojciech Barczyński
 
Introduction to Kubernetes with demo
Introduction to Kubernetes with demoIntroduction to Kubernetes with demo
Introduction to Kubernetes with demoOpsta
 
Environment management in a continuous delivery world (3)
Environment management in a continuous delivery world (3)Environment management in a continuous delivery world (3)
Environment management in a continuous delivery world (3)Victor Iglesias
 
Continuous Delivery with Jenkins & Kubernetes @ Sky
Continuous Delivery with Jenkins & Kubernetes @ SkyContinuous Delivery with Jenkins & Kubernetes @ Sky
Continuous Delivery with Jenkins & Kubernetes @ SkyAdriana Vasiu
 
4K–Kubernetes with Knative, Kafka and Kamel
4K–Kubernetes with Knative, Kafka and Kamel 4K–Kubernetes with Knative, Kafka and Kamel
4K–Kubernetes with Knative, Kafka and Kamel Red Hat Developers
 
Docker based-Pipelines with Codefresh
Docker based-Pipelines with CodefreshDocker based-Pipelines with Codefresh
Docker based-Pipelines with CodefreshCodefresh
 

Recommended

2016 - Continuously Delivering Microservices in Kubernetes using Jenkins
2016 - Continuously Delivering Microservices in Kubernetes using Jenkins2016 - Continuously Delivering Microservices in Kubernetes using Jenkins
2016 - Continuously Delivering Microservices in Kubernetes using Jenkinsdevopsdaysaustin
 
Lessons learned from the charts repo
Lessons learned from the charts repoLessons learned from the charts repo
Lessons learned from the charts repoVictor Iglesias
 
Effective Building your Platform with Kubernetes == Keep it Simple
Effective Building your Platform with Kubernetes == Keep it Simple Effective Building your Platform with Kubernetes == Keep it Simple
Effective Building your Platform with Kubernetes == Keep it Simple Wojciech Barczyński
 
Introduction to Kubernetes with demo
Introduction to Kubernetes with demoIntroduction to Kubernetes with demo
Introduction to Kubernetes with demoOpsta
 
Environment management in a continuous delivery world (3)
Environment management in a continuous delivery world (3)Environment management in a continuous delivery world (3)
Environment management in a continuous delivery world (3)Victor Iglesias
 
Continuous Delivery with Jenkins & Kubernetes @ Sky
Continuous Delivery with Jenkins & Kubernetes @ SkyContinuous Delivery with Jenkins & Kubernetes @ Sky
Continuous Delivery with Jenkins & Kubernetes @ SkyAdriana Vasiu
 
4K–Kubernetes with Knative, Kafka and Kamel
4K–Kubernetes with Knative, Kafka and Kamel 4K–Kubernetes with Knative, Kafka and Kamel
4K–Kubernetes with Knative, Kafka and Kamel Red Hat Developers
 
Docker based-Pipelines with Codefresh
Docker based-Pipelines with CodefreshDocker based-Pipelines with Codefresh
Docker based-Pipelines with CodefreshCodefresh
 
Back to the Future: Containerize Legacy Applications
Back to the Future: Containerize Legacy ApplicationsBack to the Future: Containerize Legacy Applications
Back to the Future: Containerize Legacy ApplicationsDocker, Inc.
 
KUDO - Kubernetes Operators, the easy way
KUDO - Kubernetes Operators, the easy wayKUDO - Kubernetes Operators, the easy way
KUDO - Kubernetes Operators, the easy wayNick Jones
 
Deploying WSO2 Middleware on Containers
Deploying WSO2 Middleware on ContainersDeploying WSO2 Middleware on Containers
Deploying WSO2 Middleware on ContainersImesh Gunaratne
 
My kubernetes toolkit
My kubernetes toolkitMy kubernetes toolkit
My kubernetes toolkitSreenivas Makam
 
[OpenInfra Days Korea 2018] Day 2 - E4 - 핸즈온 워크샵: 서버리스가 컨테이너를 만났을 때
[OpenInfra Days Korea 2018] Day 2 - E4 - 핸즈온 워크샵: 서버리스가 컨테이너를 만났을 때 [OpenInfra Days Korea 2018] Day 2 - E4 - 핸즈온 워크샵: 서버리스가 컨테이너를 만났을 때
[OpenInfra Days Korea 2018] Day 2 - E4 - 핸즈온 워크샵: 서버리스가 컨테이너를 만났을 때 OpenStack Korea Community
 
SRE principles and (Kubernetes) Operator practice | DevNation Tech Talk
SRE principles and (Kubernetes) Operator practice | DevNation Tech TalkSRE principles and (Kubernetes) Operator practice | DevNation Tech Talk
SRE principles and (Kubernetes) Operator practice | DevNation Tech TalkRed Hat Developers
 
Kubernetes and Cloud Native Meetup - March, 2019
Kubernetes and Cloud Native Meetup - March, 2019Kubernetes and Cloud Native Meetup - March, 2019
Kubernetes and Cloud Native Meetup - March, 2019CloudOps2005
 
Cloud spanner architecture and use cases
Cloud spanner architecture and use casesCloud spanner architecture and use cases
Cloud spanner architecture and use casesGDG Cloud Bengaluru
 
Serverless, Tekton, and Argo CD: How to craft modern CI/CD workflows | DevNat...
Serverless, Tekton, and Argo CD: How to craft modern CI/CD workflows | DevNat...Serverless, Tekton, and Argo CD: How to craft modern CI/CD workflows | DevNat...
Serverless, Tekton, and Argo CD: How to craft modern CI/CD workflows | DevNat...Red Hat Developers
 
Cloud Native CI/CD with Jenkins X and Knative Pipelines
Cloud Native CI/CD with Jenkins X and Knative PipelinesCloud Native CI/CD with Jenkins X and Knative Pipelines
Cloud Native CI/CD with Jenkins X and Knative PipelinesC4Media
 
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech Talk
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech TalkArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech Talk
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech TalkRed Hat Developers
 
5 Habits of High-Velocity Teams Using Kubernetes
5 Habits of High-Velocity Teams Using Kubernetes5 Habits of High-Velocity Teams Using Kubernetes
5 Habits of High-Velocity Teams Using KubernetesCodefresh
 
The 2nd half. Scaling to the next^2
The 2nd half. Scaling to the next^2The 2nd half. Scaling to the next^2
The 2nd half. Scaling to the next^2Haggai Philip Zagury
 
Building Your Docker Swarm Tech Stack
Building Your Docker Swarm Tech StackBuilding Your Docker Swarm Tech Stack
Building Your Docker Swarm Tech StackBret Fisher
 
CI/CD Pipeline mit Gitlab CI und Kubernetes
CI/CD Pipeline mit Gitlab CI und KubernetesCI/CD Pipeline mit Gitlab CI und Kubernetes
CI/CD Pipeline mit Gitlab CI und Kubernetesinovex GmbH
 
Next-gen DevOps engineering with Docker and Kubernetes by Antons Kranga
Next-gen DevOps engineering with Docker and Kubernetes by Antons KrangaNext-gen DevOps engineering with Docker and Kubernetes by Antons Kranga
Next-gen DevOps engineering with Docker and Kubernetes by Antons KrangaJavaDayUA
 
Future of Cloud Computing with Containers
Future of Cloud Computing with ContainersFuture of Cloud Computing with Containers
Future of Cloud Computing with ContainersLakmal Warusawithana
 
CI/CD with Openshift and Jenkins
CI/CD with Openshift and JenkinsCI/CD with Openshift and Jenkins
CI/CD with Openshift and JenkinsAri LiVigni
 
Lets git to it
Lets git to itLets git to it
Lets git to itYoram Michaeli
 
Considerations for operating docker at scale
Considerations for operating docker at scaleConsiderations for operating docker at scale
Considerations for operating docker at scaleDocker, Inc.
 
Free GitOps Workshop
Free GitOps WorkshopFree GitOps Workshop
Free GitOps WorkshopWeaveworks
 
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)Weaveworks
 

More Related Content

What's hot

Back to the Future: Containerize Legacy Applications
Back to the Future: Containerize Legacy ApplicationsBack to the Future: Containerize Legacy Applications
Back to the Future: Containerize Legacy ApplicationsDocker, Inc.
 
KUDO - Kubernetes Operators, the easy way
KUDO - Kubernetes Operators, the easy wayKUDO - Kubernetes Operators, the easy way
KUDO - Kubernetes Operators, the easy wayNick Jones
 
Deploying WSO2 Middleware on Containers
Deploying WSO2 Middleware on ContainersDeploying WSO2 Middleware on Containers
Deploying WSO2 Middleware on ContainersImesh Gunaratne
 
[OpenInfra Days Korea 2018] Day 2 - E4 - 핸즈온 워크샵: 서버리스가 컨테이너를 만났을 때
[OpenInfra Days Korea 2018] Day 2 - E4 - 핸즈온 워크샵: 서버리스가 컨테이너를 만났을 때 [OpenInfra Days Korea 2018] Day 2 - E4 - 핸즈온 워크샵: 서버리스가 컨테이너를 만났을 때
[OpenInfra Days Korea 2018] Day 2 - E4 - 핸즈온 워크샵: 서버리스가 컨테이너를 만났을 때 OpenStack Korea Community
 
SRE principles and (Kubernetes) Operator practice | DevNation Tech Talk
SRE principles and (Kubernetes) Operator practice | DevNation Tech TalkSRE principles and (Kubernetes) Operator practice | DevNation Tech Talk
SRE principles and (Kubernetes) Operator practice | DevNation Tech TalkRed Hat Developers
 
Kubernetes and Cloud Native Meetup - March, 2019
Kubernetes and Cloud Native Meetup - March, 2019Kubernetes and Cloud Native Meetup - March, 2019
Kubernetes and Cloud Native Meetup - March, 2019CloudOps2005
 
Cloud spanner architecture and use cases
Cloud spanner architecture and use casesCloud spanner architecture and use cases
Cloud spanner architecture and use casesGDG Cloud Bengaluru
 
Serverless, Tekton, and Argo CD: How to craft modern CI/CD workflows | DevNat...
Serverless, Tekton, and Argo CD: How to craft modern CI/CD workflows | DevNat...Serverless, Tekton, and Argo CD: How to craft modern CI/CD workflows | DevNat...
Serverless, Tekton, and Argo CD: How to craft modern CI/CD workflows | DevNat...Red Hat Developers
 
Cloud Native CI/CD with Jenkins X and Knative Pipelines
Cloud Native CI/CD with Jenkins X and Knative PipelinesCloud Native CI/CD with Jenkins X and Knative Pipelines
Cloud Native CI/CD with Jenkins X and Knative PipelinesC4Media
 
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech Talk
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech TalkArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech Talk
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech TalkRed Hat Developers
 
5 Habits of High-Velocity Teams Using Kubernetes
5 Habits of High-Velocity Teams Using Kubernetes5 Habits of High-Velocity Teams Using Kubernetes
5 Habits of High-Velocity Teams Using KubernetesCodefresh
 
The 2nd half. Scaling to the next^2
The 2nd half. Scaling to the next^2The 2nd half. Scaling to the next^2
The 2nd half. Scaling to the next^2Haggai Philip Zagury
 
Building Your Docker Swarm Tech Stack
Building Your Docker Swarm Tech StackBuilding Your Docker Swarm Tech Stack
Building Your Docker Swarm Tech StackBret Fisher
 
CI/CD Pipeline mit Gitlab CI und Kubernetes
CI/CD Pipeline mit Gitlab CI und KubernetesCI/CD Pipeline mit Gitlab CI und Kubernetes
CI/CD Pipeline mit Gitlab CI und Kubernetesinovex GmbH
 
Next-gen DevOps engineering with Docker and Kubernetes by Antons Kranga
Next-gen DevOps engineering with Docker and Kubernetes by Antons KrangaNext-gen DevOps engineering with Docker and Kubernetes by Antons Kranga
Next-gen DevOps engineering with Docker and Kubernetes by Antons KrangaJavaDayUA
 
Future of Cloud Computing with Containers
Future of Cloud Computing with ContainersFuture of Cloud Computing with Containers
Future of Cloud Computing with ContainersLakmal Warusawithana
 
CI/CD with Openshift and Jenkins
CI/CD with Openshift and JenkinsCI/CD with Openshift and Jenkins
CI/CD with Openshift and JenkinsAri LiVigni
 
Considerations for operating docker at scale
Considerations for operating docker at scaleConsiderations for operating docker at scale
Considerations for operating docker at scaleDocker, Inc.
 

What's hot (20)

Back to the Future: Containerize Legacy Applications
Back to the Future: Containerize Legacy ApplicationsBack to the Future: Containerize Legacy Applications
Back to the Future: Containerize Legacy Applications
 
KUDO - Kubernetes Operators, the easy way
KUDO - Kubernetes Operators, the easy wayKUDO - Kubernetes Operators, the easy way
KUDO - Kubernetes Operators, the easy way
 
Deploying WSO2 Middleware on Containers
Deploying WSO2 Middleware on ContainersDeploying WSO2 Middleware on Containers
Deploying WSO2 Middleware on Containers
 
My kubernetes toolkit
My kubernetes toolkitMy kubernetes toolkit
My kubernetes toolkit
 
[OpenInfra Days Korea 2018] Day 2 - E4 - 핸즈온 워크샵: 서버리스가 컨테이너를 만났을 때
[OpenInfra Days Korea 2018] Day 2 - E4 - 핸즈온 워크샵: 서버리스가 컨테이너를 만났을 때 [OpenInfra Days Korea 2018] Day 2 - E4 - 핸즈온 워크샵: 서버리스가 컨테이너를 만났을 때
[OpenInfra Days Korea 2018] Day 2 - E4 - 핸즈온 워크샵: 서버리스가 컨테이너를 만났을 때
 
SRE principles and (Kubernetes) Operator practice | DevNation Tech Talk
SRE principles and (Kubernetes) Operator practice | DevNation Tech TalkSRE principles and (Kubernetes) Operator practice | DevNation Tech Talk
SRE principles and (Kubernetes) Operator practice | DevNation Tech Talk
 
Kubernetes and Cloud Native Meetup - March, 2019
Kubernetes and Cloud Native Meetup - March, 2019Kubernetes and Cloud Native Meetup - March, 2019
Kubernetes and Cloud Native Meetup - March, 2019
 
Cloud spanner architecture and use cases
Cloud spanner architecture and use casesCloud spanner architecture and use cases
Cloud spanner architecture and use cases
 
Serverless, Tekton, and Argo CD: How to craft modern CI/CD workflows | DevNat...
Serverless, Tekton, and Argo CD: How to craft modern CI/CD workflows | DevNat...Serverless, Tekton, and Argo CD: How to craft modern CI/CD workflows | DevNat...
Serverless, Tekton, and Argo CD: How to craft modern CI/CD workflows | DevNat...
 
Cloud Native CI/CD with Jenkins X and Knative Pipelines
Cloud Native CI/CD with Jenkins X and Knative PipelinesCloud Native CI/CD with Jenkins X and Knative Pipelines
Cloud Native CI/CD with Jenkins X and Knative Pipelines
 
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech Talk
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech TalkArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech Talk
ArgoCD and Tekton: Match made in Kubernetes heaven | DevNation Tech Talk
 
5 Habits of High-Velocity Teams Using Kubernetes
5 Habits of High-Velocity Teams Using Kubernetes5 Habits of High-Velocity Teams Using Kubernetes
5 Habits of High-Velocity Teams Using Kubernetes
 
The 2nd half. Scaling to the next^2
The 2nd half. Scaling to the next^2The 2nd half. Scaling to the next^2
The 2nd half. Scaling to the next^2
 
Building Your Docker Swarm Tech Stack
Building Your Docker Swarm Tech StackBuilding Your Docker Swarm Tech Stack
Building Your Docker Swarm Tech Stack
 
CI/CD Pipeline mit Gitlab CI und Kubernetes
CI/CD Pipeline mit Gitlab CI und KubernetesCI/CD Pipeline mit Gitlab CI und Kubernetes
CI/CD Pipeline mit Gitlab CI und Kubernetes
 
Next-gen DevOps engineering with Docker and Kubernetes by Antons Kranga
Next-gen DevOps engineering with Docker and Kubernetes by Antons KrangaNext-gen DevOps engineering with Docker and Kubernetes by Antons Kranga
Next-gen DevOps engineering with Docker and Kubernetes by Antons Kranga
 
Future of Cloud Computing with Containers
Future of Cloud Computing with ContainersFuture of Cloud Computing with Containers
Future of Cloud Computing with Containers
 
CI/CD with Openshift and Jenkins
CI/CD with Openshift and JenkinsCI/CD with Openshift and Jenkins
CI/CD with Openshift and Jenkins
 
Lets git to it
Lets git to itLets git to it
Lets git to it
 
Considerations for operating docker at scale
Considerations for operating docker at scaleConsiderations for operating docker at scale
Considerations for operating docker at scale
 

Similar to Kubeadm Deep Dive (Kubecon Seattle 2018)

Free GitOps Workshop
Free GitOps WorkshopFree GitOps Workshop
Free GitOps WorkshopWeaveworks
 
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)Weaveworks
 
kubeadm Cluster Creation Internals_ From Self-Hosting to Upgradability and HA...
kubeadm Cluster Creation Internals_ From Self-Hosting to Upgradability and HA...kubeadm Cluster Creation Internals_ From Self-Hosting to Upgradability and HA...
kubeadm Cluster Creation Internals_ From Self-Hosting to Upgradability and HA...ssuser92b4be
 
Kubernetes and Cloud Native Update Q4 2018
Kubernetes and Cloud Native Update Q4 2018Kubernetes and Cloud Native Update Q4 2018
Kubernetes and Cloud Native Update Q4 2018CloudOps2005
 
Intro to Kubernetes & GitOps Workshop
Intro to Kubernetes & GitOps WorkshopIntro to Kubernetes & GitOps Workshop
Intro to Kubernetes & GitOps WorkshopWeaveworks
 
Free GitOps Workshop + Intro to Kubernetes & GitOps
Free GitOps Workshop + Intro to Kubernetes & GitOpsFree GitOps Workshop + Intro to Kubernetes & GitOps
Free GitOps Workshop + Intro to Kubernetes & GitOpsWeaveworks
 
stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...
stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...
stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...NETWAYS
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetesRishabh Indoria
 
Gitlab ci e kubernetes, build test and deploy your projects like a pro
Gitlab ci e kubernetes, build test and deploy your projects like a proGitlab ci e kubernetes, build test and deploy your projects like a pro
Gitlab ci e kubernetes, build test and deploy your projects like a prosparkfabrik
 
Deploy 22 microservices from scratch in 30 mins with GitOps
Deploy 22 microservices from scratch in 30 mins with GitOpsDeploy 22 microservices from scratch in 30 mins with GitOps
Deploy 22 microservices from scratch in 30 mins with GitOpsOpsta
 
Extending Kubectl.pptx
Extending Kubectl.pptxExtending Kubectl.pptx
Extending Kubectl.pptxLibbySchulze
 
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...Oleg Shalygin
 
The path to a serverless-native era with Kubernetes
The path to a serverless-native era with KubernetesThe path to a serverless-native era with Kubernetes
The path to a serverless-native era with Kubernetessparkfabrik
 
ACDKOCHI19 - Turbocharge Developer productivity with platform build on K8S an...
ACDKOCHI19 - Turbocharge Developer productivity with platform build on K8S an...ACDKOCHI19 - Turbocharge Developer productivity with platform build on K8S an...
ACDKOCHI19 - Turbocharge Developer productivity with platform build on K8S an...AWS User Group Kochi
 
Kubernetes #1 intro
Kubernetes #1 introKubernetes #1 intro
Kubernetes #1 introTerry Cho
 
Upgrade Kubernetes the boring way
Upgrade Kubernetes the boring wayUpgrade Kubernetes the boring way
Upgrade Kubernetes the boring wayOleksandr Slynko
 
Project Gardener - EclipseCon Europe - 2018-10-23
Project Gardener - EclipseCon Europe - 2018-10-23Project Gardener - EclipseCon Europe - 2018-10-23
Project Gardener - EclipseCon Europe - 2018-10-23msohn
 
[GS네오텍] Google Kubernetes Engine
[GS네오텍] Google Kubernetes Engine [GS네오텍] Google Kubernetes Engine
[GS네오텍] Google Kubernetes Engine GS Neotek
 
SCM Puppet: from an intro to the scaling
SCM Puppet: from an intro to the scalingSCM Puppet: from an intro to the scaling
SCM Puppet: from an intro to the scalingStanislav Osipov
 
Deploying Kubernetes on GCP with Kubespray
Deploying Kubernetes on GCP with KubesprayDeploying Kubernetes on GCP with Kubespray
Deploying Kubernetes on GCP with KubesprayAltoros
 

Similar to Kubeadm Deep Dive (Kubecon Seattle 2018) (20)

Free GitOps Workshop
Free GitOps WorkshopFree GitOps Workshop
Free GitOps Workshop
 
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
 
kubeadm Cluster Creation Internals_ From Self-Hosting to Upgradability and HA...
kubeadm Cluster Creation Internals_ From Self-Hosting to Upgradability and HA...kubeadm Cluster Creation Internals_ From Self-Hosting to Upgradability and HA...
kubeadm Cluster Creation Internals_ From Self-Hosting to Upgradability and HA...
 
Kubernetes and Cloud Native Update Q4 2018
Kubernetes and Cloud Native Update Q4 2018Kubernetes and Cloud Native Update Q4 2018
Kubernetes and Cloud Native Update Q4 2018
 
Intro to Kubernetes & GitOps Workshop
Intro to Kubernetes & GitOps WorkshopIntro to Kubernetes & GitOps Workshop
Intro to Kubernetes & GitOps Workshop
 
Free GitOps Workshop + Intro to Kubernetes & GitOps
Free GitOps Workshop + Intro to Kubernetes & GitOpsFree GitOps Workshop + Intro to Kubernetes & GitOps
Free GitOps Workshop + Intro to Kubernetes & GitOps
 
stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...
stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...
stackconf 2020 | The path to a Serverless-native era with Kubernetes by Paolo...
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
 
Gitlab ci e kubernetes, build test and deploy your projects like a pro
Gitlab ci e kubernetes, build test and deploy your projects like a proGitlab ci e kubernetes, build test and deploy your projects like a pro
Gitlab ci e kubernetes, build test and deploy your projects like a pro
 
Deploy 22 microservices from scratch in 30 mins with GitOps
Deploy 22 microservices from scratch in 30 mins with GitOpsDeploy 22 microservices from scratch in 30 mins with GitOps
Deploy 22 microservices from scratch in 30 mins with GitOps
 
Extending Kubectl.pptx
Extending Kubectl.pptxExtending Kubectl.pptx
Extending Kubectl.pptx
 
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
 
The path to a serverless-native era with Kubernetes
The path to a serverless-native era with KubernetesThe path to a serverless-native era with Kubernetes
The path to a serverless-native era with Kubernetes
 
ACDKOCHI19 - Turbocharge Developer productivity with platform build on K8S an...
ACDKOCHI19 - Turbocharge Developer productivity with platform build on K8S an...ACDKOCHI19 - Turbocharge Developer productivity with platform build on K8S an...
ACDKOCHI19 - Turbocharge Developer productivity with platform build on K8S an...
 
Kubernetes #1 intro
Kubernetes #1 introKubernetes #1 intro
Kubernetes #1 intro
 
Upgrade Kubernetes the boring way
Upgrade Kubernetes the boring wayUpgrade Kubernetes the boring way
Upgrade Kubernetes the boring way
 
Project Gardener - EclipseCon Europe - 2018-10-23
Project Gardener - EclipseCon Europe - 2018-10-23Project Gardener - EclipseCon Europe - 2018-10-23
Project Gardener - EclipseCon Europe - 2018-10-23
 
[GS네오텍] Google Kubernetes Engine
[GS네오텍] Google Kubernetes Engine [GS네오텍] Google Kubernetes Engine
[GS네오텍] Google Kubernetes Engine
 
SCM Puppet: from an intro to the scaling
SCM Puppet: from an intro to the scalingSCM Puppet: from an intro to the scaling
SCM Puppet: from an intro to the scaling
 
Deploying Kubernetes on GCP with Kubespray
Deploying Kubernetes on GCP with KubesprayDeploying Kubernetes on GCP with Kubespray
Deploying Kubernetes on GCP with Kubespray
 

More from Liz Frost

EZRust: Z80 for the Web
EZRust: Z80 for the WebEZRust: Z80 for the Web
EZRust: Z80 for the WebLiz Frost
 
Kubernetes from a Box Mix
Kubernetes from a Box MixKubernetes from a Box Mix
Kubernetes from a Box MixLiz Frost
 
You got database in my cloud!
You got database in my cloud!You got database in my cloud!
You got database in my cloud!Liz Frost
 
Postgres plays pokemon
Postgres plays pokemonPostgres plays pokemon
Postgres plays pokemonLiz Frost
 
CGo for fun and profit
CGo for fun and profitCGo for fun and profit
CGo for fun and profitLiz Frost
 
You got database in my cloud (short version)
You got database in my cloud (short version)You got database in my cloud (short version)
You got database in my cloud (short version)Liz Frost
 

More from Liz Frost (6)

EZRust: Z80 for the Web
EZRust: Z80 for the WebEZRust: Z80 for the Web
EZRust: Z80 for the Web
 
Kubernetes from a Box Mix
Kubernetes from a Box MixKubernetes from a Box Mix
Kubernetes from a Box Mix
 
You got database in my cloud!
You got database in my cloud!You got database in my cloud!
You got database in my cloud!
 
Postgres plays pokemon
Postgres plays pokemonPostgres plays pokemon
Postgres plays pokemon
 
CGo for fun and profit
CGo for fun and profitCGo for fun and profit
CGo for fun and profit
 
You got database in my cloud (short version)
You got database in my cloud (short version)You got database in my cloud (short version)
You got database in my cloud (short version)
 

Recently uploaded

Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...VICTOR MAESTRE RAMIREZ
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girlsssuser7cb4ff
 
Artificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxArtificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxbritheesh05
 
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerAnamika Sarkar
 
chaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learningchaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learningmisbanausheenparvam
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxpurnimasatapathy1234
 
Past, Present and Future of Generative AI
Past, Present and Future of Generative AIPast, Present and Future of Generative AI
Past, Present and Future of Generative AIabhishek36461
 
main PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidmain PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidNikhilNagaraju
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSKurinjimalarL3
 
Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024hassan khalil
 
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...srsj9000
 
Internship report on mechanical engineering
Internship report on mechanical engineeringInternship report on mechanical engineering
Internship report on mechanical engineeringmalavadedarshan25
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )Tsuyoshi Horigome
 
complete construction, environmental and economics information of biomass com...
complete construction, environmental and economics information of biomass com...complete construction, environmental and economics information of biomass com...
complete construction, environmental and economics information of biomass com...asadnawaz62
 
Heart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxHeart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxPoojaBan
 
Introduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxIntroduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxk795866
 
Application of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptxApplication of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptx959SahilShah
 
Biology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxBiology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxDeepakSakkari2
 
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...VICTOR MAESTRE RAMIREZ
 

Recently uploaded (20)

Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girls
 
Artificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxArtificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptx
 
POWER SYSTEMS-1 Complete notes examples
POWER SYSTEMS-1 Complete notes examplesPOWER SYSTEMS-1 Complete notes examples
POWER SYSTEMS-1 Complete notes examples
 
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
 
chaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learningchaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learning
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptx
 
Past, Present and Future of Generative AI
Past, Present and Future of Generative AIPast, Present and Future of Generative AI
Past, Present and Future of Generative AI
 
main PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidmain PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfid
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
 
Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024
 
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
 
Internship report on mechanical engineering
Internship report on mechanical engineeringInternship report on mechanical engineering
Internship report on mechanical engineering
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )
 
complete construction, environmental and economics information of biomass com...
complete construction, environmental and economics information of biomass com...complete construction, environmental and economics information of biomass com...
complete construction, environmental and economics information of biomass com...
 
Heart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxHeart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptx
 
Introduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxIntroduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptx
 
Application of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptxApplication of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptx
 
Biology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxBiology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptx
 
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
 

Kubeadm Deep Dive (Kubecon Seattle 2018)

  • 2. Agenda ● Who? ● Mission ● GA ● Roadmap 2019 ● Getting Involved ● Q/A L
  • 4. Who are we? Timothy St. Clair SIG Cluster Lifecycle co-lead Steering Committee Member Staff Engineer @Heptio/VMWare @timothysc Liz Frost SIG Cluster Lifecycle Contributor Kube Cuddle creator SW Engineer @Heptio/VMWare @liztio
  • 5. Who are we? ● 100s of contributors across several companies ● Smaller core group of active maintainers ○ VMWare ■ Lubomir, Ross ○ VMWare (née Heptio) ■ Tim, Liz, Jason, Chuck ○ Suse ■ Marek, Rafael ○ Intel ■ Alex, Ed ○ Other/Independent ■ Luxas, Fabrizio, Yago, Di ● Large user community on #kubeadm L
  • 7. What is our mission? SIG Cluster Lifecycle’s objective is to simplify creation, configuration, upgrade, downgrade, and teardown of Kubernetes clusters and their components. L
  • 9. Why are we doing this? ● To prevent the mistakes of other open source cluster mgmt provisioning tools ○ Because… ■ Kubernetes is the beginning of the story, not the end ■ commoditizing the deployment of the core raises all boats and allows the community to focus on solving end user problems ■ “production grade” shouldn’t be firewalled by providers ■ It should “just work” ■ Because cross provider matters ● To make the management of (X) clusters across (Y) providers simple, secure, and configurable. T
  • 10. Why (unix philosophy)? ● Make each program do one thing well. To do a new job, build afresh rather than complicate old programs by adding new "features". ● Expect the output of every program to become the input to another, as yet unknown, program. Don't clutter output with extraneous information. Don't insist on interactive input. ● Design and build software, to be tried early, ideally within weeks. Don't hesitate to throw away the clumsy parts and rebuild them. ● Use tools instead of people to lighten a programming task, even if you have to detour to build the tools and expect to throw some of them out after you've finished using them. ○ Write down the “Hard Way” and optimize 80% UX Flow with override T
  • 11. Key Design Takeaways ● kubeadm’s task is to set up a best-practice cluster for each minor version ● The user experience should be simple, and the cluster reasonably secure ● kubeadm’s scope is limited; intended to be a composable building block ○ Only ever deals with the local filesystem and the Kubernetes API ○ Agnostic to how exactly the kubelet is run ○ Setting up or favoring a specific CNI network is out of scope ● Composable architecture with everything divided into phases ● Versioned configuration T
  • 12. Component View Master 1 Master N Node 1 Node N kubeadm kubeadm kubeadm kubeadm Cloud Provider Load Balancers Monitoring Logging Cluster API Spec Cluster API Cluster API Implementation Addons Kubernetes API Bootstrapping Machines Infrastructure Layer 2 The scope of kubeadm Layer 3 Layer 1
  • 14. What does GA mean? ● Stable command-line UX — The kubeadm CLI conforms to #5a GA rule of the Kubernetes Deprecation Policy, which states that a command or flag that exists in a GA version must be kept for at least 12 months after deprecation. ○ init/join/upgrade/config/reset/token/version ● Stable underlying implementation — kubeadm now creates a new Kubernetes cluster using methods that shouldn’t change any time soon. The control plane, for example, is run as a set of static Pods, bootstrap tokens are used for the kubeadm join flow, and ComponentConfig is used for configuring the kubelet. ● Upgrades between minor versions — The kubeadm upgrade command is now fully GA. It handles control plane upgrades for you, which includes upgrades to etcd, the API Server, the Controller Manager, and the Scheduler. You can seamlessly upgrade your cluster between minor or patch versions (e.g. v1.12.2 -> v1.13.1 or v1.13.1 -> v1.13.3). T
  • 15. What does GA mean? ● Configuration file schema — With the new v1beta1 API version, you can now tune almost every part of the cluster declaratively and thus build a “GitOps” flow around kubeadm-built clusters. In future versions, we plan to graduate the API to version v1 with minimal changes (and perhaps none). ○ Examples and references are now in standard Godoc format ○ Config is split into parts ■ InitConfiguration ■ ClusterConfiguration - stored on cluster in a configmap ■ JoinConfiguration L
  • 16. kubeadm: InitConfiguration apiVersion: kubeadm.k8s.io/v1beta1 kind: InitConfiguration localAPIEndpoint: advertiseAddress: "10.100.0.1" bindPort: 6443 nodeRegistration: criSocket: "/var/run/crio/crio.sock" kubeletExtraArgs: cgroupDriver: "cgroupfs" bootstrapTokens: ... • Usage • “kubeadm init --config …” • Why • Custom API endpoint address • Specify init bootstrap tokens • Pass custom kubelet flags • Set node name/taints L
  • 17. kubeadm: Cluster Configuration apiVersion: kubeadm.k8s.io/v1beta1 kind: ClusterConfiguration kubernetesVersion: "v1.12.2" imageRepository: registry.example.com networking: serviceSubnet: "10.96.0.0/12" dnsDomain: "cluster.local" etcd: ... apiServer: extraArgs: ... extraVolumes: ... • Usage • “kubeadm init --config …” • Why • Fine tune cluster defaults • Custom arguments and volume mounts to control plane components L
  • 18. What does GA mean? ● The “toolbox” interface of kubeadm — Also known as phases. If you don’t want to perform all kubeadm init tasks, you can instead apply more fine-grained actions using the kubeadm init phase command (for example generating certificates or control plane Static Pod manifests). ○ Currently this only applies to `kubeadm init` ○ In 2019 - `kubeadm join phases` ● etcd setup — etcd is now set up in a way that is secure by default, with TLS communication everywhere, and allows for expanding to a highly available cluster when needed. T
  • 19. kubeadm: init phases preflight Run pre-flight checks kubelet-start Writes kubelet settings and (re)starts the kubelet certs Generates certificates for a Kubernetes cluster kubeconfig Generates all kubeconfig files for the control plane and the admin kubeconfig file control-plane Generates all static Pod manifest files necessary to establish the control plane etcd Generates static Pod manifest file for local etcd. upload-config Uploads the currently used configuration for kubeadm to a ConfigMap mark-control-plane Mark a node as a control-plane bootstrap-token Manage kubeadm-specific bootstrap token functions addon Installs required addons for passing Conformance tests T
  • 20. kubeadm: init phases Run Preflight Checks Install DNS and Proxy Addons Setup the RBAC Authorization System Taint and label the master Upload kubeadm & kubelet config to a ConfigMap Kubelet Start Wait for the control plane to be healthy Generate static Pod Manifests for the Control Plane Generate Certificates Generate KubeConfig Files Generate a (by default random) Bootstrap Token T
  • 21. kubeadm joinkubeadm join Preflight Checks Fetches Init Configuration Run Specific Checks base on the Init Configuration Checks if the Cluster Configuration Supports Runs Kubeadm Init Preflight Check Generates static Pod Manifests for new Control Plane Bootstraps Kubelet Uploading Currently Used InitConfiguration Applies Master Label and Taints --experimental-control-plane --experimental-control-plane
  • 22. kubeadm upgrade: Control Plane Preflight Checks Checks if the cluster is healthy Gets the configuration from the "kubeadm-config" ConfigMap Enforces all version skew policies Upgrades the control plane Static Pods Upgrade RBAC rules and addons L
  • 24. Certificate Management ● apiserver ● apiserver-kubelet-client ● front-proxy-client ● etcd-server ● etcd-peer ● etcd-healthcheck-client ● apiserver-etcd-client ● user certificates L
  • 25. Certificate Hierarchy ● root CA ○ apiserver ○ apiserver-kubelet-client ● front-proxy CA ○ front-proxy-client ● etcd CA ○ etcd-server ○ etcd-peer ○ etcd-healthcheck-client ○ apiserver-etcd-client L
  • 26. Certificate Hierarchy ● root CA ○ apiserver ○ apiserver-kubelet-client ● front-proxy CA ○ front-proxy-client ● etcd CA ○ etcd-server ○ etcd-peer ○ etcd-healthcheck-client ○ apiserver-etcd-client root CA etcd CA front proxy CA kube client api server etcd server etcd peer etcd health check api etcd client front proxy client L
  • 27. Certificate Generation ● From Scratch root CA etcd CA front proxy CA kube client api server etcd server etcd peer etcd health check api etcd client front proxy client L
  • 28. Certificate Generation ● From Scratch ● Provided CAs (+ keys) root CA etcd CA front proxy CA kube client api server etcd server etcd peer etcd health check api etcd client front proxy client L
  • 29. Certificate Generation ● From Scratch ● Provided CAs (+ keys) ● All External (keys optional) root CA etcd CA front proxy CA kube client api server etcd server etcd peer etcd health check api etcd client front proxy client L
  • 30. Certificate Generation ● From Scratch ● Provided CAs (+ keys) ● All External (keys optional) ● Mixed root CA etcd CA front proxy CA kube client api server etcd server etcd peer etcd health check api etcd client front proxy client L
  • 31. Other Certificate Options ● Generate CSRs! ● `kubeadm alpha certs renew` ● Certificates API requests L
  • 33. 2019 Roadmap ● Config to v1 ● HA to GA ○ Full test automation ● Continued promotion of alpha phases to subcommands ○ e.g. join phases ● Grand unified field theory on ComponentConfiguration ○ Working group being formed. ● Incorporate etcdadm and bundles when stable ● Test and release automation … T
  • 34. Testing and release tooling T
  • 35. 2019 Roadmap - CI + Release ● CI ○ KIND as the only PR blocking job ○ Move all SCL jobs to periodics ○ CI = release artifacts ○ Kill `kubernetes-anywhere` with extreme prejudice ● Release ○ Move all package building into k/k ■ .deb/rpm build artifacts ○ Keep signing and publishing separate in the release repo ○ Work with k8s-infra team ■ Want -devel and -stable repos & registries T
  • 37. How can you contribute ● Contributing to SIG Cluster Lifecycle documentation ● We’re working on growing the contributor/reviewers pool; scaling the SIG ● We have “Office Hours” for our projects: weekly for kubeadm, bi-weekly for kops and kubespray… ● Cluster API office hours weekly for both US West Coast and EMEA ● Full list of SIG meetings and links to minutes and recordings can be found on SIG page ● Attend our Zoom meetings / be around on Slack ● Look for “good first issue”, “help wanted” and “sig/cluster-lifecycle” labeled issues in our repositories L
  • 38. Logistics ● Follow the SIG Cluster Lifecycle YouTube playlist ● Check out the meeting notes for our weekly office hours meetings ● Join #sig-cluster-lifecycle, #kubeadm channels ● Check out the kubeadm setup guide, reference doc and design doc ● Read how you can get involved and improve kubeadm! L