SlideShare a Scribd company logo

KubeCon EU 2018 – Sig API Machinery Deep Dive

S
Stefan Schimanski

This document summarizes a presentation on SIG API Machinery and custom resource definitions (CRDs) in Kubernetes. It outlines upcoming features for CRDs in Kubernetes 1.11 and 1.12, including multiple versions without conversion, pruning of unspecified fields, defaulting from OpenAPI schemas, and declarative field renames between versions. It also provides a deep dive into how CRDs are implemented in apiextensions-apiserver, including validation, defaulting, conversion, storage in etcd, and subresources.

Software
1 of 29
Download to read offline
SIG API Machinery Deep Dive Stefan Schimanski – sttts@redhat.com – @the_sttts
@the_sttts Agenda • Outlook to Kubernetes 1.11+ • Deep Dive into CustomResourceDefinitions • Questions
@the_sttts Outlook – Custom Resources • Kubernetes 1.11+ • ⍺: Multiple versions without conversion – design proposal • ⍺: Pruning – in validation spec unspecified fields are removed – blocker for GA • ⍺: Defaulting – defaults from OpenAPI validation schema are applied • ⍺: Graceful Deletion – maybe, to be discussed – #63162 • ⍺: Server Side Printing Columns – “kubectl get” customization – #60991 • β: Subresources – ⍺ since 1.10 – #62786 • OpenAPI additionalProperties allowed now (mutually exclusive with properties) • Kubernetes 1.12+ • Multiple versions with declarative field renames • Strict create mode? Discuss: #5889 – my favorite CRD UX issue Related: CRD OpenAPI validation spec not served by kube-apiserver
@the_sttts The Future: Versioning • Most asked for feature for long time • It is coming, but slowly "NoConversion": maybe in 1.11 apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: contibutorsummit.kubecon.io spec: group: kubecon.io version: v1 versions: - name: v1 storage: true - name: v1alpha1 "Declarative Conversions": maybe in 1.12+ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: contibutorsummit.kubecon.io spec: group: kubecon.io version: v1 conversions: declarative: renames: from: v1alpha1 to: v1 old: .spec.foo new: bar
@the_sttts Outlook – Prepare for Pruning • Deep change of semantics of Custom Resources • From JSON blob store to schema based storage OpenAPIv3Schema: { properties: { foo: {} } } • Example CR: { "foo": 1, "bar": 2 } → { "foo": 1 } Opt-in in CRD v1beta1 Mandatory in GA
@the_sttts Deep Dive
@the_sttts apiextensions-apiserver CustomResourceDefinitions are served by https://github.com/kubernetes/apiextensions-apiserver usually embedded into kube-apiserver via delegation. kube-apiserver kube-aggregator kube resources apiextensions- apiserver 404 etcd "delegation" "aggregation"
@the_sttts api-machinery-session.kubecon.io.yaml apiVersion: kubecon.io/v1 kind: Session metadata: name: api-machinery namespace: eu2018 spec: type: deepdive title: "SIG API Machinery Deep Dive" capacity: 42 status: attendees: 23 conditions: - lastTransitionTime: 2018-05-04T12:47:54Z status: "True" type: Started
@the_sttts sessions.kubecon.io.yaml apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: sessions.kubecon.io spec: group: kubecon.io version: v1 scope: Namespaced names: plural: sessions singular: session kind: Session # shortNames: # - talks mustmatch the kind: - usually capital singular - like the Go type the resource: - usually lower-case singular - in http path
@the_sttts Create & wait for Established $ kubectl create –f sessions.kubecon.io.yaml ... and then watch status.conditions["Established"]. Conditions: → NamesAccepted → Established = no name conflicts = CRD is served* * There is a race – to be fixed in #63068. Better wait 5 seconds in ≤1.10.
@the_sttts kubectl get sessions –v=7 • I0429 21:17:53.042783 66743 round_trippers.go:383] GET https://localhost:6443/apis • I0429 21:17:53.135811 66743 round_trippers.go:383] GET https://localhost:6443/apis/kubecon.io/v1 • I0429 21:17:53.138353 66743 round_trippers.go:383] GET https://localhost:6443/apis/kubecon.io/v1/namespaces/default/sessions No resources found. sessions → kind Session resource sessions discovery LIST note: we also support "shortNames" in API group kubecon.io/v1 We call this "REST mapping"
@the_sttts api-machinery-session.kubecon.io.yaml apiVersion: kubecon.io/v1 kind: Session metadata: name: api-machinery namespace: eu2018 spec: type: deepdive title: "SIG API Machinery Deep Dive" capacity: 42 status: attendees: 23 conditions: - lastTransitionTime: 2018-05-04T12:47:54Z status: "True" type: Started Recommended to follow the spec+status pattern. Important for /status subresource.
@the_sttts etcd Storage $ export ETCDCTL_API=3 $ etcdctl get / --prefix --keys-only | grep kubecon /registry/apiextensions.k8s.io/customresourcedefinitions/sessions.kubecon.io /registry/apiregistration.k8s.io/apiservices/v1.kubecon.io /registry/kubecon.io/sessions/eu2018/api-machinery $ etcdctl get /registry/kubecon.io/sessions/eu2018/api-machinery {"apiVersion":"kubecon.io/v1","kind":"Session","metadata":{"clusterName":"","creat ionTimestamp":"2018-04-29T20:30:27Z","generation":1,"name":"api- machinery","namespace":"eu2018","resourceVersion":"","selfLink":"","uid":"273a1ae3 -4bec-11e8-8d91-4c3275978b79"},"spec":{"capacity":10,"title":"SIG API Machinery Deep Dive","type":"deepdive"},"status":{"attendees":10,"conditions":[{"lastTransitionTi me":"2018-05-04T12:47:54Z","status":"True","type":"Started"}]}} unverified JSON blob
@the_sttts unstructured.Unstructured Internally, CustomResources are import "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" unstructured.Unstructured{ Object: map[string]interface{} } i.e. maps+slices+values. Dynamic Client • client-go counterpart: k8s.io/client-go/dynamic • in 1.11+ with sane interface #62913: dynamic.NewForConfig(cfg).Resource(gvr).Namespace(ns).Get(name, opts) • generated, typed clients are generally preferred json.Unmarshal
@the_sttts Zoom into apiextensions-apiserver kube-apiserver kube- aggregator kube resources apiextensions-apiserver 404 etcd "delegation" "aggregation" authn/z CR handlers CR handlers CR handlers ⟲Naming Controller ⟲CRD Finalizer request conversion& defaulting storage conversion & defaulting REST logic result conversion validation admission decoding encode GET CREATE LIST UPDATE DELETE WATCH mutating webhooks validating webhooks NoOps json.Unmarshal
@the_sttts Validation • The standard: OpenAPI v3 schema https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.0.md#schemaObject • based on JSON Schema: https://tools.ietf.org/html/draft-wright-json-schema-validation-00
spec: type: deepdive title: "SIG API Machinery De… capacity: 42 status: attendees: 23 conditions: - lastTransitionTime: 2018… status: "True" type: Started properties: spec: properties: type: anyOf: [{"pattern": "^deepdive$"}, …] title: {"type": "string"} capacity: {"type": "format": "integer", "minimum": 0, "default": 0} required: ["type", "title", "capacity"] status: properties: attendees: {"type": "number", "format": "integer", "minimum": 0} conditions: type: "array" items: properties: lastTransitionTime: {"type": "dateTime"} status: anyOf: [{"pattern": "^True$"}, …] type: anyOf: [{"pattern": "^Started$"}, …] required: ["lastTransitionTime", "status", "type"] OpenAPIv3Schema a quantor (anyOf, oneOf, allOf exist) note: enum is forbidden (why?) regular expression maybe in 1.11+ Custom Resource Helpful tools: kubernetes/kube-openapi#37 tamalsaha/kube-openapi-generator Some other tool from prometheus-operator? Rancher has another one, speak to @lemonjet
@the_sttts etcd Storage – Pruning $ export ETCDCTL_API=3 $ etcdctl get / --prefix --keys-only | grep kubecon /registry/apiextensions.k8s.io/customresourcedefinitions/sessions.kubecon.io /registry/apiregistration.k8s.io/apiservices/v1.kubecon.io /registry/kubecon.io/sessions/eu2018/api-machinery $ etcdctl get /registry/kubecon.io/sessions/eu2018/api-machinery {"apiVersion":"kubecon.io/v1","kind":"Session","metadata":{"clusterName":""," creationTimestamp":"2018-04-29T20:30:27Z","generation":1,"name":"api- machinery","namespace":"eu2018","resourceVersion":"","selfLink":"","uid":"273 a1ae3-4bec-11e8-8d91-4c3275978b79"},"spec":{"capacity":10,"title":"SIG API Machinery Deep Dive","type":"deepdive"},"status":{"attendees":10,"conditions":[{"lastTransit ionTime":"2018-05-04T12:47:54Z","status":"True","type":"Started", "someUnknownField":"someValue", "someFutureField":"dangerous value"}]}} unverified JSON blob with possibly unspecified fields we need pruning! Kube 1.11+
@the_sttts Deeper Dive – go-openapi/validate validator := validate.NewSchemaValidator(schema, …) result := validator.Validate(obj) specSchema := result.FieldSchemata()[ validator.NewFieldKey(obj, "spec") ] = OpenAPIv3Schema = JSON object OpenAPI validation result gives us a mapping: JSON nodes → OpenAPI schemata: spec: type: deepdive title: "SIG API Machinery De… capacity: 42 status: properties: spec: properties: type: anyOf: [{"pattern": "^deepdive$"}, …] title: {"type": "string"} capacity: {"type": "format": "integer", "minimum": 0, "default": 0}
@the_sttts Deeper Dive – go-openapi/validate func ApplyDefaults(r *validate.Result) { fieldSchemata := r.FieldSchemata() for key, schemata := range fieldSchemata { LookForDefaultingScheme: for _, s := range schemata { if s.Default != nil { if _, found := key.Object()[key.Field()]; !found { key.Object()[key.Field()] = s.Default break LookForDefaultingScheme } } } } } ← defaulting algorithm on half a slide spec: type: deepdive title: "SIG API Machinery De… capacity: 42 "someFutureField":"…" properties: spec: properties: type: anyOf: [{"pattern": "^deepdive title: {"type": "string"} capacity: {"type": "format": "in required: ["type", "title", "capac sketch of pruning→
@the_sttts Zoom into apiextensions-apiserver kube-apiserver kube- aggregator kube resources apiextensions-apiserver 404 etcd "delegation" "aggregation" authn/z CR handlers CR handlers CR handlers ⟲Naming Controller ⟲CRD Finalizer conversion & pruning & defaulting REST logic result conversion validation admission decoding defaulting& pruning& conversion encode GET CREATE LIST UPDATE DELETE WATCH mutating webhooks validating webhooks
@the_sttts Scaling the session $ kubectl scale --replicas=10 -n eu2018 sessions/api-machinery --v=7 I0429 22:33:03.083150 74535 round_trippers.go:383] GET https://localhost:6443/apis/kubecon.io/v1/namespaces/eu2018/sessions/api- machinery/scale I0429 22:33:03.083725 74535 round_trippers.go:408] Response Status: 404 Not Found in 0 milliseconds We call this "subresource /scale".
spec: type: deepdive title: "SIG API Machinery De… capacity: 42 status: attendees: 23 conditions: - lastTransitionTime: 2018… status: "True" type: Started apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: sessions.kubecon.io spec: … subresources: scale: specReplicasPath: .spec.capacity statusReplicasPath: .status.attendees # status: {} alpha in 1.10 hopefully beta in 1.11 JSON paths
@the_sttts Scaling the session $ kubectl scale --replicas=10 -n eu2018 sessions/api-machinery --v=7 • I0429 22:43:14.757286 80725 round_trippers.go:405] GET https://localhost:6443/apis/kubecon.io/v1/namespaces/eu2018/sessions/api-machinery/scale 200 OK in 0 milliseconds • I0429 22:43:14.757318 80725 request.go:897] Response Body: { "kind": "Scale", "apiVersion": "autoscaling/v1", "metadata": {...}, "spec": {"replicas":42}, "status":{"replicas":23} } • PUT https://localhost:6443/apis/kubecon.io/v1/namespaces/eu2018/sessions/api-machinery/scale 200 OK in 2 milliseconds session.kubecon.io/api-machinery scaled
@the_sttts (polymorphic) scale client import ( "k8s.io/client-go/discovery/cached" "k8s.io/client-go/scale" ) cachedDiscovery := discocache.NewMemCacheClient(hpaClientGoClient.Discovery()) restMapper := discovery.NewDeferredDiscoveryRESTMapper(cachedDiscovery) scaleKindResolver := scale.NewDiscoveryScaleKindResolver(hpaClientGoClient.Discovery()) scaleClient, err := scale.NewForConfig(cfg, restMapper, dynamic.LegacyAPIPathResolverFunc, scaleKindResolver)
spec: type: deepdive title: "SIG API Machinery De… capacity: 42 status: attendees: 23 conditions: - lastTransitionTime: 2018… status: "True" type: Started apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: sessions.kubecon.io spec: … subresources: scale: specReplicasPath: .spec.capacity statusReplicasPath: .status.attendees status: {} alpha in 1.10 hopefully beta in 1.11 JSON paths spec/status split main endpoint only changes .spec /status changes .status
@the_sttts Recap
@the_sttts Outlook – Prepare for Pruning • Deep change of semantics of Custom Resources • From JSON blob store to schema based storage OpenAPIv3Schema: { properties: { foo: {} } } • Example CR: { "foo": 1, "bar": 2 } → { "foo": 1 } Opt-in in CRD v1beta1 Mandatory in GA
@the_sttts Outlook – Custom Resources • Kubernetes 1.11+ • ⍺: Multiple versions without conversion – design proposal • ⍺: Pruning – in validation spec unspecified fields are removed – blocker for GA • ⍺: Defaulting – defaults from OpenAPI validation schema are applied • ⍺: Graceful Deletion – maybe, to be discussed – #63162 • ⍺: Server Side Printing Columns – “kubectl get” customization – #60991 • β: Subresources – ⍺ since 1.10 – #62786 • OpenAPI additionalProperties allowed now (mutually exclusive with properties) • Kubernetes 1.12+ • Multiple versions with declarative field renames • Strict create mode? Discuss: #5889 – my favorite CRD UX issue Related: CRD OpenAPI validation spec not served by kube-apiserver

Recommended

Extending Kubernetes – Admission webhooks
Extending Kubernetes – Admission webhooksExtending Kubernetes – Admission webhooks
Extending Kubernetes – Admission webhooksStefan Schimanski
 
Extending the Kube API
Extending the Kube APIExtending the Kube API
Extending the Kube APIStefan Schimanski
 
Kubernetes API code-base tour
Kubernetes API code-base tourKubernetes API code-base tour
Kubernetes API code-base tourStefan Schimanski
 
Meetup - Principles of the kube api and how to extend it
Meetup - Principles of the kube api and how to extend itMeetup - Principles of the kube api and how to extend it
Meetup - Principles of the kube api and how to extend itStefan Schimanski
 
JDD2015: Kubernetes - Beyond the basics - Paul Bakker
JDD2015: Kubernetes - Beyond the basics - Paul BakkerJDD2015: Kubernetes - Beyond the basics - Paul Bakker
JDD2015: Kubernetes - Beyond the basics - Paul BakkerPROIDEA
 
I can't believe it's not a queue: Kafka and Spring
I can't believe it's not a queue: Kafka and SpringI can't believe it's not a queue: Kafka and Spring
I can't believe it's not a queue: Kafka and SpringJoe Kutner
 
Advanced Scheduling in Kubernetes
Advanced Scheduling in KubernetesAdvanced Scheduling in Kubernetes
Advanced Scheduling in KubernetesKublr
 
Regex Considered Harmful: Use Rosie Pattern Language Instead
Regex Considered Harmful: Use Rosie Pattern Language InsteadRegex Considered Harmful: Use Rosie Pattern Language Instead
Regex Considered Harmful: Use Rosie Pattern Language InsteadAll Things Open
 

Recommended

Extending Kubernetes – Admission webhooks
Extending Kubernetes – Admission webhooksExtending Kubernetes – Admission webhooks
Extending Kubernetes – Admission webhooksStefan Schimanski
 
Extending the Kube API
Extending the Kube APIExtending the Kube API
Extending the Kube APIStefan Schimanski
 
Kubernetes API code-base tour
Kubernetes API code-base tourKubernetes API code-base tour
Kubernetes API code-base tourStefan Schimanski
 
Meetup - Principles of the kube api and how to extend it
Meetup - Principles of the kube api and how to extend itMeetup - Principles of the kube api and how to extend it
Meetup - Principles of the kube api and how to extend itStefan Schimanski
 
JDD2015: Kubernetes - Beyond the basics - Paul Bakker
JDD2015: Kubernetes - Beyond the basics - Paul BakkerJDD2015: Kubernetes - Beyond the basics - Paul Bakker
JDD2015: Kubernetes - Beyond the basics - Paul BakkerPROIDEA
 
I can't believe it's not a queue: Kafka and Spring
I can't believe it's not a queue: Kafka and SpringI can't believe it's not a queue: Kafka and Spring
I can't believe it's not a queue: Kafka and SpringJoe Kutner
 
Advanced Scheduling in Kubernetes
Advanced Scheduling in KubernetesAdvanced Scheduling in Kubernetes
Advanced Scheduling in KubernetesKublr
 
Regex Considered Harmful: Use Rosie Pattern Language Instead
Regex Considered Harmful: Use Rosie Pattern Language InsteadRegex Considered Harmful: Use Rosie Pattern Language Instead
Regex Considered Harmful: Use Rosie Pattern Language InsteadAll Things Open
 
Portable CI/CD Environment as Code with Kubernetes, Kublr and Jenkins
Portable CI/CD Environment as Code with Kubernetes, Kublr and JenkinsPortable CI/CD Environment as Code with Kubernetes, Kublr and Jenkins
Portable CI/CD Environment as Code with Kubernetes, Kublr and JenkinsKublr
 
Transforming Infrastructure into Code - Importing existing cloud resources u...
Transforming Infrastructure into Code - Importing existing cloud resources u...Transforming Infrastructure into Code - Importing existing cloud resources u...
Transforming Infrastructure into Code - Importing existing cloud resources u...Shih Oon Liong
 
Developing Java based microservices ready for the world of containers
Developing Java based microservices ready for the world of containersDeveloping Java based microservices ready for the world of containers
Developing Java based microservices ready for the world of containersClaus Ibsen
 
[JCConf 2020] 用 Kotlin 跨入 Serverless 世代
[JCConf 2020] 用 Kotlin 跨入 Serverless 世代[JCConf 2020] 用 Kotlin 跨入 Serverless 世代
[JCConf 2020] 用 Kotlin 跨入 Serverless 世代Shengyou Fan
 
Kubernetes stack reliability
Kubernetes stack reliabilityKubernetes stack reliability
Kubernetes stack reliabilityOleg Chunikhin
 
Plack basics for Perl websites - YAPC::EU 2011
Plack basics for Perl websites - YAPC::EU 2011Plack basics for Perl websites - YAPC::EU 2011
Plack basics for Perl websites - YAPC::EU 2011leo lapworth
 
Kubernetes
KubernetesKubernetes
KubernetesDONGJIN KIM
 
How to test infrastructure code: automated testing for Terraform, Kubernetes,...
How to test infrastructure code: automated testing for Terraform, Kubernetes,...How to test infrastructure code: automated testing for Terraform, Kubernetes,...
How to test infrastructure code: automated testing for Terraform, Kubernetes,...Yevgeniy Brikman
 
Building A SaaS with CoreOS, Docker, and Etcd
Building A SaaS with CoreOS, Docker, and EtcdBuilding A SaaS with CoreOS, Docker, and Etcd
Building A SaaS with CoreOS, Docker, and EtcdRoss Kukulinski
 
Online game server on Akka.NET (NDC2016)
Online game server on Akka.NET (NDC2016)Online game server on Akka.NET (NDC2016)
Online game server on Akka.NET (NDC2016)Esun Kim
 
Kubernetes in Highly Restrictive Environments
Kubernetes in Highly Restrictive EnvironmentsKubernetes in Highly Restrictive Environments
Kubernetes in Highly Restrictive EnvironmentsKublr
 
Reusable, composable, battle-tested Terraform modules
Reusable, composable, battle-tested Terraform modulesReusable, composable, battle-tested Terraform modules
Reusable, composable, battle-tested Terraform modulesYevgeniy Brikman
 
How to deploy PHP projects with docker
How to deploy PHP projects with dockerHow to deploy PHP projects with docker
How to deploy PHP projects with dockerRuoshi Ling
 
Kubernetes Scheduler deep dive
Kubernetes Scheduler deep diveKubernetes Scheduler deep dive
Kubernetes Scheduler deep diveDONGJIN KIM
 
A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices Nebulaworks
 
[Kotlin Serverless 工作坊] 單元 3 - 實作 JSON API
[Kotlin Serverless 工作坊] 單元 3 - 實作 JSON API[Kotlin Serverless 工作坊] 單元 3 - 實作 JSON API
[Kotlin Serverless 工作坊] 單元 3 - 實作 JSON APIShengyou Fan
 
Taking Apache Camel For A Ride
Taking Apache Camel For A RideTaking Apache Camel For A Ride
Taking Apache Camel For A RideBruce Snyder
 
Using Spinnaker to Create a Development Workflow on Kubernetes - Paul Czarkowski
Using Spinnaker to Create a Development Workflow on Kubernetes - Paul CzarkowskiUsing Spinnaker to Create a Development Workflow on Kubernetes - Paul Czarkowski
Using Spinnaker to Create a Development Workflow on Kubernetes - Paul CzarkowskiVMware Tanzu
 
Code reviews vs Pull requests
Code reviews vs Pull requestsCode reviews vs Pull requests
Code reviews vs Pull requestsTim Pettersen
 
Ignacy Kowalczyk
Ignacy KowalczykIgnacy Kowalczyk
Ignacy KowalczykCodeFest
 
Kubernetes Boston — Custom High Availability of Kubernetes
Kubernetes Boston — Custom High Availability of KubernetesKubernetes Boston — Custom High Availability of Kubernetes
Kubernetes Boston — Custom High Availability of KubernetesMike Splain
 
KubeCon EU 2016: Templatized Application Configuration on OpenShift and Kuber...
KubeCon EU 2016: Templatized Application Configuration on OpenShift and Kuber...KubeCon EU 2016: Templatized Application Configuration on OpenShift and Kuber...
KubeCon EU 2016: Templatized Application Configuration on OpenShift and Kuber...KubeAcademy
 

More Related Content

What's hot

Portable CI/CD Environment as Code with Kubernetes, Kublr and Jenkins
Portable CI/CD Environment as Code with Kubernetes, Kublr and JenkinsPortable CI/CD Environment as Code with Kubernetes, Kublr and Jenkins
Portable CI/CD Environment as Code with Kubernetes, Kublr and JenkinsKublr
 
Transforming Infrastructure into Code - Importing existing cloud resources u...
Transforming Infrastructure into Code - Importing existing cloud resources u...Transforming Infrastructure into Code - Importing existing cloud resources u...
Transforming Infrastructure into Code - Importing existing cloud resources u...Shih Oon Liong
 
Developing Java based microservices ready for the world of containers
Developing Java based microservices ready for the world of containersDeveloping Java based microservices ready for the world of containers
Developing Java based microservices ready for the world of containersClaus Ibsen
 
[JCConf 2020] 用 Kotlin 跨入 Serverless 世代
[JCConf 2020] 用 Kotlin 跨入 Serverless 世代[JCConf 2020] 用 Kotlin 跨入 Serverless 世代
[JCConf 2020] 用 Kotlin 跨入 Serverless 世代Shengyou Fan
 
Kubernetes stack reliability
Kubernetes stack reliabilityKubernetes stack reliability
Kubernetes stack reliabilityOleg Chunikhin
 
Plack basics for Perl websites - YAPC::EU 2011
Plack basics for Perl websites - YAPC::EU 2011Plack basics for Perl websites - YAPC::EU 2011
Plack basics for Perl websites - YAPC::EU 2011leo lapworth
 
How to test infrastructure code: automated testing for Terraform, Kubernetes,...
How to test infrastructure code: automated testing for Terraform, Kubernetes,...How to test infrastructure code: automated testing for Terraform, Kubernetes,...
How to test infrastructure code: automated testing for Terraform, Kubernetes,...Yevgeniy Brikman
 
Building A SaaS with CoreOS, Docker, and Etcd
Building A SaaS with CoreOS, Docker, and EtcdBuilding A SaaS with CoreOS, Docker, and Etcd
Building A SaaS with CoreOS, Docker, and EtcdRoss Kukulinski
 
Online game server on Akka.NET (NDC2016)
Online game server on Akka.NET (NDC2016)Online game server on Akka.NET (NDC2016)
Online game server on Akka.NET (NDC2016)Esun Kim
 
Kubernetes in Highly Restrictive Environments
Kubernetes in Highly Restrictive EnvironmentsKubernetes in Highly Restrictive Environments
Kubernetes in Highly Restrictive EnvironmentsKublr
 
Reusable, composable, battle-tested Terraform modules
Reusable, composable, battle-tested Terraform modulesReusable, composable, battle-tested Terraform modules
Reusable, composable, battle-tested Terraform modulesYevgeniy Brikman
 
How to deploy PHP projects with docker
How to deploy PHP projects with dockerHow to deploy PHP projects with docker
How to deploy PHP projects with dockerRuoshi Ling
 
Kubernetes Scheduler deep dive
Kubernetes Scheduler deep diveKubernetes Scheduler deep dive
Kubernetes Scheduler deep diveDONGJIN KIM
 
A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices Nebulaworks
 
[Kotlin Serverless 工作坊] 單元 3 - 實作 JSON API
[Kotlin Serverless 工作坊] 單元 3 - 實作 JSON API[Kotlin Serverless 工作坊] 單元 3 - 實作 JSON API
[Kotlin Serverless 工作坊] 單元 3 - 實作 JSON APIShengyou Fan
 
Taking Apache Camel For A Ride
Taking Apache Camel For A RideTaking Apache Camel For A Ride
Taking Apache Camel For A RideBruce Snyder
 
Using Spinnaker to Create a Development Workflow on Kubernetes - Paul Czarkowski
Using Spinnaker to Create a Development Workflow on Kubernetes - Paul CzarkowskiUsing Spinnaker to Create a Development Workflow on Kubernetes - Paul Czarkowski
Using Spinnaker to Create a Development Workflow on Kubernetes - Paul CzarkowskiVMware Tanzu
 
Code reviews vs Pull requests
Code reviews vs Pull requestsCode reviews vs Pull requests
Code reviews vs Pull requestsTim Pettersen
 
Ignacy Kowalczyk
Ignacy KowalczykIgnacy Kowalczyk
Ignacy KowalczykCodeFest
 

What's hot (20)

Portable CI/CD Environment as Code with Kubernetes, Kublr and Jenkins
Portable CI/CD Environment as Code with Kubernetes, Kublr and JenkinsPortable CI/CD Environment as Code with Kubernetes, Kublr and Jenkins
Portable CI/CD Environment as Code with Kubernetes, Kublr and Jenkins
 
Transforming Infrastructure into Code - Importing existing cloud resources u...
Transforming Infrastructure into Code - Importing existing cloud resources u...Transforming Infrastructure into Code - Importing existing cloud resources u...
Transforming Infrastructure into Code - Importing existing cloud resources u...
 
Developing Java based microservices ready for the world of containers
Developing Java based microservices ready for the world of containersDeveloping Java based microservices ready for the world of containers
Developing Java based microservices ready for the world of containers
 
[JCConf 2020] 用 Kotlin 跨入 Serverless 世代
[JCConf 2020] 用 Kotlin 跨入 Serverless 世代[JCConf 2020] 用 Kotlin 跨入 Serverless 世代
[JCConf 2020] 用 Kotlin 跨入 Serverless 世代
 
Kubernetes stack reliability
Kubernetes stack reliabilityKubernetes stack reliability
Kubernetes stack reliability
 
Plack basics for Perl websites - YAPC::EU 2011
Plack basics for Perl websites - YAPC::EU 2011Plack basics for Perl websites - YAPC::EU 2011
Plack basics for Perl websites - YAPC::EU 2011
 
Kubernetes
KubernetesKubernetes
Kubernetes
 
How to test infrastructure code: automated testing for Terraform, Kubernetes,...
How to test infrastructure code: automated testing for Terraform, Kubernetes,...How to test infrastructure code: automated testing for Terraform, Kubernetes,...
How to test infrastructure code: automated testing for Terraform, Kubernetes,...
 
Building A SaaS with CoreOS, Docker, and Etcd
Building A SaaS with CoreOS, Docker, and EtcdBuilding A SaaS with CoreOS, Docker, and Etcd
Building A SaaS with CoreOS, Docker, and Etcd
 
Online game server on Akka.NET (NDC2016)
Online game server on Akka.NET (NDC2016)Online game server on Akka.NET (NDC2016)
Online game server on Akka.NET (NDC2016)
 
Kubernetes in Highly Restrictive Environments
Kubernetes in Highly Restrictive EnvironmentsKubernetes in Highly Restrictive Environments
Kubernetes in Highly Restrictive Environments
 
Reusable, composable, battle-tested Terraform modules
Reusable, composable, battle-tested Terraform modulesReusable, composable, battle-tested Terraform modules
Reusable, composable, battle-tested Terraform modules
 
How to deploy PHP projects with docker
How to deploy PHP projects with dockerHow to deploy PHP projects with docker
How to deploy PHP projects with docker
 
Kubernetes Scheduler deep dive
Kubernetes Scheduler deep diveKubernetes Scheduler deep dive
Kubernetes Scheduler deep dive
 
A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices
 
[Kotlin Serverless 工作坊] 單元 3 - 實作 JSON API
[Kotlin Serverless 工作坊] 單元 3 - 實作 JSON API[Kotlin Serverless 工作坊] 單元 3 - 實作 JSON API
[Kotlin Serverless 工作坊] 單元 3 - 實作 JSON API
 
Taking Apache Camel For A Ride
Taking Apache Camel For A RideTaking Apache Camel For A Ride
Taking Apache Camel For A Ride
 
Using Spinnaker to Create a Development Workflow on Kubernetes - Paul Czarkowski
Using Spinnaker to Create a Development Workflow on Kubernetes - Paul CzarkowskiUsing Spinnaker to Create a Development Workflow on Kubernetes - Paul Czarkowski
Using Spinnaker to Create a Development Workflow on Kubernetes - Paul Czarkowski
 
Code reviews vs Pull requests
Code reviews vs Pull requestsCode reviews vs Pull requests
Code reviews vs Pull requests
 
Ignacy Kowalczyk
Ignacy KowalczykIgnacy Kowalczyk
Ignacy Kowalczyk
 

Similar to KubeCon EU 2018 – Sig API Machinery Deep Dive

Kubernetes Boston — Custom High Availability of Kubernetes
Kubernetes Boston — Custom High Availability of KubernetesKubernetes Boston — Custom High Availability of Kubernetes
Kubernetes Boston — Custom High Availability of KubernetesMike Splain
 
KubeCon EU 2016: Templatized Application Configuration on OpenShift and Kuber...
KubeCon EU 2016: Templatized Application Configuration on OpenShift and Kuber...KubeCon EU 2016: Templatized Application Configuration on OpenShift and Kuber...
KubeCon EU 2016: Templatized Application Configuration on OpenShift and Kuber...KubeAcademy
 
KubeCon EU 2016: A Practical Guide to Container Scheduling
KubeCon EU 2016: A Practical Guide to Container SchedulingKubeCon EU 2016: A Practical Guide to Container Scheduling
KubeCon EU 2016: A Practical Guide to Container SchedulingKubeAcademy
 
Kubernetes上で動作する機械学習モジュールの配信&管理基盤Rekcurd について
Kubernetes上で動作する機械学習モジュールの配信&管理基盤Rekcurd についてKubernetes上で動作する機械学習モジュールの配信&管理基盤Rekcurd について
Kubernetes上で動作する機械学習モジュールの配信&管理基盤Rekcurd についてLINE Corporation
 
K8s best practices from the field!
K8s best practices from the field!K8s best practices from the field!
K8s best practices from the field!DoiT International
 
From Kubernetes to OpenStack in Sydney
From Kubernetes to OpenStack in SydneyFrom Kubernetes to OpenStack in Sydney
From Kubernetes to OpenStack in SydneySK Telecom
 
Managing Stateful Services with the Operator Pattern in Kubernetes - Kubernet...
Managing Stateful Services with the Operator Pattern in Kubernetes - Kubernet...Managing Stateful Services with the Operator Pattern in Kubernetes - Kubernet...
Managing Stateful Services with the Operator Pattern in Kubernetes - Kubernet...Jakob Karalus
 
IVS CTO Night And Day 2018 Winter - [re:Cap] Serverless & Mobile
IVS CTO Night And Day 2018 Winter - [re:Cap] Serverless & MobileIVS CTO Night And Day 2018 Winter - [re:Cap] Serverless & Mobile
IVS CTO Night And Day 2018 Winter - [re:Cap] Serverless & MobileAmazon Web Services Japan
 
Who is afraid of privileged containers ?
Who is afraid of privileged containers ?Who is afraid of privileged containers ?
Who is afraid of privileged containers ?Marko Bevc
 
Run the elastic stack on kubernetes with eck
Run the elastic stack on kubernetes with eck Run the elastic stack on kubernetes with eck
Run the elastic stack on kubernetes with eck Daliya Spasova
 
Introduction to Kubernetes RBAC
Introduction to Kubernetes RBACIntroduction to Kubernetes RBAC
Introduction to Kubernetes RBACKublr
 
Terraforming the Kubernetes Land
Terraforming the Kubernetes LandTerraforming the Kubernetes Land
Terraforming the Kubernetes LandRadek Simko
 
Extending kubernetes with CustomResourceDefinitions
Extending kubernetes with CustomResourceDefinitionsExtending kubernetes with CustomResourceDefinitions
Extending kubernetes with CustomResourceDefinitionsStefan Schimanski
 
Scaling search-clusters-solr-k8s-2020-amrit-sarkar
Scaling search-clusters-solr-k8s-2020-amrit-sarkarScaling search-clusters-solr-k8s-2020-amrit-sarkar
Scaling search-clusters-solr-k8s-2020-amrit-sarkarAmrit Sarkar
 
[Kotlin Serverless 工作坊] 單元 4 - 實作 RSS Aggregator
[Kotlin Serverless 工作坊] 單元 4 - 實作 RSS Aggregator[Kotlin Serverless 工作坊] 單元 4 - 實作 RSS Aggregator
[Kotlin Serverless 工作坊] 單元 4 - 實作 RSS AggregatorShengyou Fan
 
Tdc 2013 - Ecossistema Ruby
Tdc 2013 - Ecossistema RubyTdc 2013 - Ecossistema Ruby
Tdc 2013 - Ecossistema RubyFabio Akita
 
You got database in my cloud (short version)
You got database in my cloud (short version)You got database in my cloud (short version)
You got database in my cloud (short version)Liz Frost
 
Monitoring infrastructure with prometheus
Monitoring infrastructure with prometheusMonitoring infrastructure with prometheus
Monitoring infrastructure with prometheusShahnawaz Saifi
 
Meetup 12-12-2017 - Application Isolation on Kubernetes
Meetup 12-12-2017 - Application Isolation on KubernetesMeetup 12-12-2017 - Application Isolation on Kubernetes
Meetup 12-12-2017 - Application Isolation on Kubernetesdtoledo67
 
Kubernetes - Starting with 1.2
Kubernetes - Starting with 1.2Kubernetes - Starting with 1.2
Kubernetes - Starting with 1.2William Stewart
 

Similar to KubeCon EU 2018 – Sig API Machinery Deep Dive (20)

Kubernetes Boston — Custom High Availability of Kubernetes
Kubernetes Boston — Custom High Availability of KubernetesKubernetes Boston — Custom High Availability of Kubernetes
Kubernetes Boston — Custom High Availability of Kubernetes
 
KubeCon EU 2016: Templatized Application Configuration on OpenShift and Kuber...
KubeCon EU 2016: Templatized Application Configuration on OpenShift and Kuber...KubeCon EU 2016: Templatized Application Configuration on OpenShift and Kuber...
KubeCon EU 2016: Templatized Application Configuration on OpenShift and Kuber...
 
KubeCon EU 2016: A Practical Guide to Container Scheduling
KubeCon EU 2016: A Practical Guide to Container SchedulingKubeCon EU 2016: A Practical Guide to Container Scheduling
KubeCon EU 2016: A Practical Guide to Container Scheduling
 
Kubernetes上で動作する機械学習モジュールの配信&管理基盤Rekcurd について
Kubernetes上で動作する機械学習モジュールの配信&管理基盤Rekcurd についてKubernetes上で動作する機械学習モジュールの配信&管理基盤Rekcurd について
Kubernetes上で動作する機械学習モジュールの配信&管理基盤Rekcurd について
 
K8s best practices from the field!
K8s best practices from the field!K8s best practices from the field!
K8s best practices from the field!
 
From Kubernetes to OpenStack in Sydney
From Kubernetes to OpenStack in SydneyFrom Kubernetes to OpenStack in Sydney
From Kubernetes to OpenStack in Sydney
 
Managing Stateful Services with the Operator Pattern in Kubernetes - Kubernet...
Managing Stateful Services with the Operator Pattern in Kubernetes - Kubernet...Managing Stateful Services with the Operator Pattern in Kubernetes - Kubernet...
Managing Stateful Services with the Operator Pattern in Kubernetes - Kubernet...
 
IVS CTO Night And Day 2018 Winter - [re:Cap] Serverless & Mobile
IVS CTO Night And Day 2018 Winter - [re:Cap] Serverless & MobileIVS CTO Night And Day 2018 Winter - [re:Cap] Serverless & Mobile
IVS CTO Night And Day 2018 Winter - [re:Cap] Serverless & Mobile
 
Who is afraid of privileged containers ?
Who is afraid of privileged containers ?Who is afraid of privileged containers ?
Who is afraid of privileged containers ?
 
Run the elastic stack on kubernetes with eck
Run the elastic stack on kubernetes with eck Run the elastic stack on kubernetes with eck
Run the elastic stack on kubernetes with eck
 
Introduction to Kubernetes RBAC
Introduction to Kubernetes RBACIntroduction to Kubernetes RBAC
Introduction to Kubernetes RBAC
 
Terraforming the Kubernetes Land
Terraforming the Kubernetes LandTerraforming the Kubernetes Land
Terraforming the Kubernetes Land
 
Extending kubernetes with CustomResourceDefinitions
Extending kubernetes with CustomResourceDefinitionsExtending kubernetes with CustomResourceDefinitions
Extending kubernetes with CustomResourceDefinitions
 
Scaling search-clusters-solr-k8s-2020-amrit-sarkar
Scaling search-clusters-solr-k8s-2020-amrit-sarkarScaling search-clusters-solr-k8s-2020-amrit-sarkar
Scaling search-clusters-solr-k8s-2020-amrit-sarkar
 
[Kotlin Serverless 工作坊] 單元 4 - 實作 RSS Aggregator
[Kotlin Serverless 工作坊] 單元 4 - 實作 RSS Aggregator[Kotlin Serverless 工作坊] 單元 4 - 實作 RSS Aggregator
[Kotlin Serverless 工作坊] 單元 4 - 實作 RSS Aggregator
 
Tdc 2013 - Ecossistema Ruby
Tdc 2013 - Ecossistema RubyTdc 2013 - Ecossistema Ruby
Tdc 2013 - Ecossistema Ruby
 
You got database in my cloud (short version)
You got database in my cloud (short version)You got database in my cloud (short version)
You got database in my cloud (short version)
 
Monitoring infrastructure with prometheus
Monitoring infrastructure with prometheusMonitoring infrastructure with prometheus
Monitoring infrastructure with prometheus
 
Meetup 12-12-2017 - Application Isolation on Kubernetes
Meetup 12-12-2017 - Application Isolation on KubernetesMeetup 12-12-2017 - Application Isolation on Kubernetes
Meetup 12-12-2017 - Application Isolation on Kubernetes
 
Kubernetes - Starting with 1.2
Kubernetes - Starting with 1.2Kubernetes - Starting with 1.2
Kubernetes - Starting with 1.2
 

More from Stefan Schimanski

Cutting the Kubernetes Monorepo in pieces
Cutting the Kubernetes Monorepo in piecesCutting the Kubernetes Monorepo in pieces
Cutting the Kubernetes Monorepo in piecesStefan Schimanski
 
Cutting the Kubernetes Monorepo in pieces – never learnt more about git
Cutting the Kubernetes Monorepo in pieces – never learnt more about gitCutting the Kubernetes Monorepo in pieces – never learnt more about git
Cutting the Kubernetes Monorepo in pieces – never learnt more about gitStefan Schimanski
 
Git deep dive – chopping Kubernetes
Git deep dive – chopping KubernetesGit deep dive – chopping Kubernetes
Git deep dive – chopping KubernetesStefan Schimanski
 
Extend and build on Kubernetes
Extend and build on KubernetesExtend and build on Kubernetes
Extend and build on KubernetesStefan Schimanski
 
Kubernetes API - deep dive into the kube-apiserver
Kubernetes API - deep dive into the kube-apiserverKubernetes API - deep dive into the kube-apiserver
Kubernetes API - deep dive into the kube-apiserverStefan Schimanski
 
Kubernetes Architecture and Introduction – Paris Kubernetes Meetup
Kubernetes Architecture and Introduction – Paris Kubernetes MeetupKubernetes Architecture and Introduction – Paris Kubernetes Meetup
Kubernetes Architecture and Introduction – Paris Kubernetes MeetupStefan Schimanski
 
Kubernetes Architecture and Introduction
Kubernetes Architecture and IntroductionKubernetes Architecture and Introduction
Kubernetes Architecture and IntroductionStefan Schimanski
 
Kubernetes on Top of Mesos on Top of DCOS
Kubernetes on Top of Mesos on Top of DCOSKubernetes on Top of Mesos on Top of DCOS
Kubernetes on Top of Mesos on Top of DCOSStefan Schimanski
 
An Introduction to the Kubernetes API
An Introduction to the Kubernetes APIAn Introduction to the Kubernetes API
An Introduction to the Kubernetes APIStefan Schimanski
 
Cluster Networking with Docker
Cluster Networking with DockerCluster Networking with Docker
Cluster Networking with DockerStefan Schimanski
 

More from Stefan Schimanski (12)

Cutting the Kubernetes Monorepo in pieces
Cutting the Kubernetes Monorepo in piecesCutting the Kubernetes Monorepo in pieces
Cutting the Kubernetes Monorepo in pieces
 
Cutting the Kubernetes Monorepo in pieces – never learnt more about git
Cutting the Kubernetes Monorepo in pieces – never learnt more about gitCutting the Kubernetes Monorepo in pieces – never learnt more about git
Cutting the Kubernetes Monorepo in pieces – never learnt more about git
 
Git deep dive – chopping Kubernetes
Git deep dive – chopping KubernetesGit deep dive – chopping Kubernetes
Git deep dive – chopping Kubernetes
 
Extend and build on Kubernetes
Extend and build on KubernetesExtend and build on Kubernetes
Extend and build on Kubernetes
 
Kubernetes API - deep dive into the kube-apiserver
Kubernetes API - deep dive into the kube-apiserverKubernetes API - deep dive into the kube-apiserver
Kubernetes API - deep dive into the kube-apiserver
 
Elastic etcd
Elastic etcdElastic etcd
Elastic etcd
 
Kubernetes Architecture and Introduction – Paris Kubernetes Meetup
Kubernetes Architecture and Introduction – Paris Kubernetes MeetupKubernetes Architecture and Introduction – Paris Kubernetes Meetup
Kubernetes Architecture and Introduction – Paris Kubernetes Meetup
 
Kubernetes Architecture and Introduction
Kubernetes Architecture and IntroductionKubernetes Architecture and Introduction
Kubernetes Architecture and Introduction
 
Kubernetes on Top of Mesos on Top of DCOS
Kubernetes on Top of Mesos on Top of DCOSKubernetes on Top of Mesos on Top of DCOS
Kubernetes on Top of Mesos on Top of DCOS
 
An Introduction to the Kubernetes API
An Introduction to the Kubernetes APIAn Introduction to the Kubernetes API
An Introduction to the Kubernetes API
 
Cluster Networking with Docker
Cluster Networking with DockerCluster Networking with Docker
Cluster Networking with Docker
 
Beyond static configuration
Beyond static configurationBeyond static configuration
Beyond static configuration
 

Recently uploaded

Clustering techniques data mining book ....
Clustering techniques data mining book ....Clustering techniques data mining book ....
Clustering techniques data mining book ....ShaimaaMohamedGalal
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Steffen Staab
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfjoe51371421
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 

Recently uploaded (20)

Clustering techniques data mining book ....
Clustering techniques data mining book ....Clustering techniques data mining book ....
Clustering techniques data mining book ....
 
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
Exploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the ProcessExploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the Process
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdf
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 

KubeCon EU 2018 – Sig API Machinery Deep Dive

  • 1. SIG API Machinery Deep Dive Stefan Schimanski – sttts@redhat.com – @the_sttts
  • 2. @the_sttts Agenda • Outlook to Kubernetes 1.11+ • Deep Dive into CustomResourceDefinitions • Questions
  • 3. @the_sttts Outlook – Custom Resources • Kubernetes 1.11+ • ⍺: Multiple versions without conversion – design proposal • ⍺: Pruning – in validation spec unspecified fields are removed – blocker for GA • ⍺: Defaulting – defaults from OpenAPI validation schema are applied • ⍺: Graceful Deletion – maybe, to be discussed – #63162 • ⍺: Server Side Printing Columns – “kubectl get” customization – #60991 • β: Subresources – ⍺ since 1.10 – #62786 • OpenAPI additionalProperties allowed now (mutually exclusive with properties) • Kubernetes 1.12+ • Multiple versions with declarative field renames • Strict create mode? Discuss: #5889 – my favorite CRD UX issue Related: CRD OpenAPI validation spec not served by kube-apiserver
  • 4. @the_sttts The Future: Versioning • Most asked for feature for long time • It is coming, but slowly "NoConversion": maybe in 1.11 apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: contibutorsummit.kubecon.io spec: group: kubecon.io version: v1 versions: - name: v1 storage: true - name: v1alpha1 "Declarative Conversions": maybe in 1.12+ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: contibutorsummit.kubecon.io spec: group: kubecon.io version: v1 conversions: declarative: renames: from: v1alpha1 to: v1 old: .spec.foo new: bar
  • 5. @the_sttts Outlook – Prepare for Pruning • Deep change of semantics of Custom Resources • From JSON blob store to schema based storage OpenAPIv3Schema: { properties: { foo: {} } } • Example CR: { "foo": 1, "bar": 2 } → { "foo": 1 } Opt-in in CRD v1beta1 Mandatory in GA
  • 7. @the_sttts apiextensions-apiserver CustomResourceDefinitions are served by https://github.com/kubernetes/apiextensions-apiserver usually embedded into kube-apiserver via delegation. kube-apiserver kube-aggregator kube resources apiextensions- apiserver 404 etcd "delegation" "aggregation"
  • 8. @the_sttts api-machinery-session.kubecon.io.yaml apiVersion: kubecon.io/v1 kind: Session metadata: name: api-machinery namespace: eu2018 spec: type: deepdive title: "SIG API Machinery Deep Dive" capacity: 42 status: attendees: 23 conditions: - lastTransitionTime: 2018-05-04T12:47:54Z status: "True" type: Started
  • 9. @the_sttts sessions.kubecon.io.yaml apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: sessions.kubecon.io spec: group: kubecon.io version: v1 scope: Namespaced names: plural: sessions singular: session kind: Session # shortNames: # - talks mustmatch the kind: - usually capital singular - like the Go type the resource: - usually lower-case singular - in http path
  • 10. @the_sttts Create & wait for Established $ kubectl create –f sessions.kubecon.io.yaml ... and then watch status.conditions["Established"]. Conditions: → NamesAccepted → Established = no name conflicts = CRD is served* * There is a race – to be fixed in #63068. Better wait 5 seconds in ≤1.10.
  • 11. @the_sttts kubectl get sessions –v=7 • I0429 21:17:53.042783 66743 round_trippers.go:383] GET https://localhost:6443/apis • I0429 21:17:53.135811 66743 round_trippers.go:383] GET https://localhost:6443/apis/kubecon.io/v1 • I0429 21:17:53.138353 66743 round_trippers.go:383] GET https://localhost:6443/apis/kubecon.io/v1/namespaces/default/sessions No resources found. sessions → kind Session resource sessions discovery LIST note: we also support "shortNames" in API group kubecon.io/v1 We call this "REST mapping"
  • 12. @the_sttts api-machinery-session.kubecon.io.yaml apiVersion: kubecon.io/v1 kind: Session metadata: name: api-machinery namespace: eu2018 spec: type: deepdive title: "SIG API Machinery Deep Dive" capacity: 42 status: attendees: 23 conditions: - lastTransitionTime: 2018-05-04T12:47:54Z status: "True" type: Started Recommended to follow the spec+status pattern. Important for /status subresource.
  • 13. @the_sttts etcd Storage $ export ETCDCTL_API=3 $ etcdctl get / --prefix --keys-only | grep kubecon /registry/apiextensions.k8s.io/customresourcedefinitions/sessions.kubecon.io /registry/apiregistration.k8s.io/apiservices/v1.kubecon.io /registry/kubecon.io/sessions/eu2018/api-machinery $ etcdctl get /registry/kubecon.io/sessions/eu2018/api-machinery {"apiVersion":"kubecon.io/v1","kind":"Session","metadata":{"clusterName":"","creat ionTimestamp":"2018-04-29T20:30:27Z","generation":1,"name":"api- machinery","namespace":"eu2018","resourceVersion":"","selfLink":"","uid":"273a1ae3 -4bec-11e8-8d91-4c3275978b79"},"spec":{"capacity":10,"title":"SIG API Machinery Deep Dive","type":"deepdive"},"status":{"attendees":10,"conditions":[{"lastTransitionTi me":"2018-05-04T12:47:54Z","status":"True","type":"Started"}]}} unverified JSON blob
  • 14. @the_sttts unstructured.Unstructured Internally, CustomResources are import "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" unstructured.Unstructured{ Object: map[string]interface{} } i.e. maps+slices+values. Dynamic Client • client-go counterpart: k8s.io/client-go/dynamic • in 1.11+ with sane interface #62913: dynamic.NewForConfig(cfg).Resource(gvr).Namespace(ns).Get(name, opts) • generated, typed clients are generally preferred json.Unmarshal
  • 15. @the_sttts Zoom into apiextensions-apiserver kube-apiserver kube- aggregator kube resources apiextensions-apiserver 404 etcd "delegation" "aggregation" authn/z CR handlers CR handlers CR handlers ⟲Naming Controller ⟲CRD Finalizer request conversion& defaulting storage conversion & defaulting REST logic result conversion validation admission decoding encode GET CREATE LIST UPDATE DELETE WATCH mutating webhooks validating webhooks NoOps json.Unmarshal
  • 16. @the_sttts Validation • The standard: OpenAPI v3 schema https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.0.md#schemaObject • based on JSON Schema: https://tools.ietf.org/html/draft-wright-json-schema-validation-00
  • 17. spec: type: deepdive title: "SIG API Machinery De… capacity: 42 status: attendees: 23 conditions: - lastTransitionTime: 2018… status: "True" type: Started properties: spec: properties: type: anyOf: [{"pattern": "^deepdive$"}, …] title: {"type": "string"} capacity: {"type": "format": "integer", "minimum": 0, "default": 0} required: ["type", "title", "capacity"] status: properties: attendees: {"type": "number", "format": "integer", "minimum": 0} conditions: type: "array" items: properties: lastTransitionTime: {"type": "dateTime"} status: anyOf: [{"pattern": "^True$"}, …] type: anyOf: [{"pattern": "^Started$"}, …] required: ["lastTransitionTime", "status", "type"] OpenAPIv3Schema a quantor (anyOf, oneOf, allOf exist) note: enum is forbidden (why?) regular expression maybe in 1.11+ Custom Resource Helpful tools: kubernetes/kube-openapi#37 tamalsaha/kube-openapi-generator Some other tool from prometheus-operator? Rancher has another one, speak to @lemonjet
  • 18. @the_sttts etcd Storage – Pruning $ export ETCDCTL_API=3 $ etcdctl get / --prefix --keys-only | grep kubecon /registry/apiextensions.k8s.io/customresourcedefinitions/sessions.kubecon.io /registry/apiregistration.k8s.io/apiservices/v1.kubecon.io /registry/kubecon.io/sessions/eu2018/api-machinery $ etcdctl get /registry/kubecon.io/sessions/eu2018/api-machinery {"apiVersion":"kubecon.io/v1","kind":"Session","metadata":{"clusterName":""," creationTimestamp":"2018-04-29T20:30:27Z","generation":1,"name":"api- machinery","namespace":"eu2018","resourceVersion":"","selfLink":"","uid":"273 a1ae3-4bec-11e8-8d91-4c3275978b79"},"spec":{"capacity":10,"title":"SIG API Machinery Deep Dive","type":"deepdive"},"status":{"attendees":10,"conditions":[{"lastTransit ionTime":"2018-05-04T12:47:54Z","status":"True","type":"Started", "someUnknownField":"someValue", "someFutureField":"dangerous value"}]}} unverified JSON blob with possibly unspecified fields we need pruning! Kube 1.11+
  • 19. @the_sttts Deeper Dive – go-openapi/validate validator := validate.NewSchemaValidator(schema, …) result := validator.Validate(obj) specSchema := result.FieldSchemata()[ validator.NewFieldKey(obj, "spec") ] = OpenAPIv3Schema = JSON object OpenAPI validation result gives us a mapping: JSON nodes → OpenAPI schemata: spec: type: deepdive title: "SIG API Machinery De… capacity: 42 status: properties: spec: properties: type: anyOf: [{"pattern": "^deepdive$"}, …] title: {"type": "string"} capacity: {"type": "format": "integer", "minimum": 0, "default": 0}
  • 20. @the_sttts Deeper Dive – go-openapi/validate func ApplyDefaults(r *validate.Result) { fieldSchemata := r.FieldSchemata() for key, schemata := range fieldSchemata { LookForDefaultingScheme: for _, s := range schemata { if s.Default != nil { if _, found := key.Object()[key.Field()]; !found { key.Object()[key.Field()] = s.Default break LookForDefaultingScheme } } } } } ← defaulting algorithm on half a slide spec: type: deepdive title: "SIG API Machinery De… capacity: 42 "someFutureField":"…" properties: spec: properties: type: anyOf: [{"pattern": "^deepdive title: {"type": "string"} capacity: {"type": "format": "in required: ["type", "title", "capac sketch of pruning→
  • 21. @the_sttts Zoom into apiextensions-apiserver kube-apiserver kube- aggregator kube resources apiextensions-apiserver 404 etcd "delegation" "aggregation" authn/z CR handlers CR handlers CR handlers ⟲Naming Controller ⟲CRD Finalizer conversion & pruning & defaulting REST logic result conversion validation admission decoding defaulting& pruning& conversion encode GET CREATE LIST UPDATE DELETE WATCH mutating webhooks validating webhooks
  • 22. @the_sttts Scaling the session $ kubectl scale --replicas=10 -n eu2018 sessions/api-machinery --v=7 I0429 22:33:03.083150 74535 round_trippers.go:383] GET https://localhost:6443/apis/kubecon.io/v1/namespaces/eu2018/sessions/api- machinery/scale I0429 22:33:03.083725 74535 round_trippers.go:408] Response Status: 404 Not Found in 0 milliseconds We call this "subresource /scale".
  • 23. spec: type: deepdive title: "SIG API Machinery De… capacity: 42 status: attendees: 23 conditions: - lastTransitionTime: 2018… status: "True" type: Started apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: sessions.kubecon.io spec: … subresources: scale: specReplicasPath: .spec.capacity statusReplicasPath: .status.attendees # status: {} alpha in 1.10 hopefully beta in 1.11 JSON paths
  • 24. @the_sttts Scaling the session $ kubectl scale --replicas=10 -n eu2018 sessions/api-machinery --v=7 • I0429 22:43:14.757286 80725 round_trippers.go:405] GET https://localhost:6443/apis/kubecon.io/v1/namespaces/eu2018/sessions/api-machinery/scale 200 OK in 0 milliseconds • I0429 22:43:14.757318 80725 request.go:897] Response Body: { "kind": "Scale", "apiVersion": "autoscaling/v1", "metadata": {...}, "spec": {"replicas":42}, "status":{"replicas":23} } • PUT https://localhost:6443/apis/kubecon.io/v1/namespaces/eu2018/sessions/api-machinery/scale 200 OK in 2 milliseconds session.kubecon.io/api-machinery scaled
  • 25. @the_sttts (polymorphic) scale client import ( "k8s.io/client-go/discovery/cached" "k8s.io/client-go/scale" ) cachedDiscovery := discocache.NewMemCacheClient(hpaClientGoClient.Discovery()) restMapper := discovery.NewDeferredDiscoveryRESTMapper(cachedDiscovery) scaleKindResolver := scale.NewDiscoveryScaleKindResolver(hpaClientGoClient.Discovery()) scaleClient, err := scale.NewForConfig(cfg, restMapper, dynamic.LegacyAPIPathResolverFunc, scaleKindResolver)
  • 26. spec: type: deepdive title: "SIG API Machinery De… capacity: 42 status: attendees: 23 conditions: - lastTransitionTime: 2018… status: "True" type: Started apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: sessions.kubecon.io spec: … subresources: scale: specReplicasPath: .spec.capacity statusReplicasPath: .status.attendees status: {} alpha in 1.10 hopefully beta in 1.11 JSON paths spec/status split main endpoint only changes .spec /status changes .status
  • 28. @the_sttts Outlook – Prepare for Pruning • Deep change of semantics of Custom Resources • From JSON blob store to schema based storage OpenAPIv3Schema: { properties: { foo: {} } } • Example CR: { "foo": 1, "bar": 2 } → { "foo": 1 } Opt-in in CRD v1beta1 Mandatory in GA
  • 29. @the_sttts Outlook – Custom Resources • Kubernetes 1.11+ • ⍺: Multiple versions without conversion – design proposal • ⍺: Pruning – in validation spec unspecified fields are removed – blocker for GA • ⍺: Defaulting – defaults from OpenAPI validation schema are applied • ⍺: Graceful Deletion – maybe, to be discussed – #63162 • ⍺: Server Side Printing Columns – “kubectl get” customization – #60991 • β: Subresources – ⍺ since 1.10 – #62786 • OpenAPI additionalProperties allowed now (mutually exclusive with properties) • Kubernetes 1.12+ • Multiple versions with declarative field renames • Strict create mode? Discuss: #5889 – my favorite CRD UX issue Related: CRD OpenAPI validation spec not served by kube-apiserver