SlideShare una empresa de Scribd logo

KubeCon EU 2018 – Sig API Machinery Deep Dive

S
Stefan Schimanski

This document summarizes a presentation on SIG API Machinery and custom resource definitions (CRDs) in Kubernetes. It outlines upcoming features for CRDs in Kubernetes 1.11 and 1.12, including multiple versions without conversion, pruning of unspecified fields, defaulting from OpenAPI schemas, and declarative field renames between versions. It also provides a deep dive into how CRDs are implemented in apiextensions-apiserver, including validation, defaulting, conversion, storage in etcd, and subresources.

Software
1 de 29
Descargar para leer sin conexión
SIG API Machinery Deep Dive Stefan Schimanski – sttts@redhat.com – @the_sttts
@the_sttts Agenda • Outlook to Kubernetes 1.11+ • Deep Dive into CustomResourceDefinitions • Questions
@the_sttts Outlook – Custom Resources • Kubernetes 1.11+ • ⍺: Multiple versions without conversion – design proposal • ⍺: Pruning – in validation spec unspecified fields are removed – blocker for GA • ⍺: Defaulting – defaults from OpenAPI validation schema are applied • ⍺: Graceful Deletion – maybe, to be discussed – #63162 • ⍺: Server Side Printing Columns – “kubectl get” customization – #60991 • β: Subresources – ⍺ since 1.10 – #62786 • OpenAPI additionalProperties allowed now (mutually exclusive with properties) • Kubernetes 1.12+ • Multiple versions with declarative field renames • Strict create mode? Discuss: #5889 – my favorite CRD UX issue Related: CRD OpenAPI validation spec not served by kube-apiserver
@the_sttts The Future: Versioning • Most asked for feature for long time • It is coming, but slowly "NoConversion": maybe in 1.11 apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: contibutorsummit.kubecon.io spec: group: kubecon.io version: v1 versions: - name: v1 storage: true - name: v1alpha1 "Declarative Conversions": maybe in 1.12+ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: contibutorsummit.kubecon.io spec: group: kubecon.io version: v1 conversions: declarative: renames: from: v1alpha1 to: v1 old: .spec.foo new: bar
@the_sttts Outlook – Prepare for Pruning • Deep change of semantics of Custom Resources • From JSON blob store to schema based storage OpenAPIv3Schema: { properties: { foo: {} } } • Example CR: { "foo": 1, "bar": 2 } → { "foo": 1 } Opt-in in CRD v1beta1 Mandatory in GA
@the_sttts Deep Dive
@the_sttts apiextensions-apiserver CustomResourceDefinitions are served by https://github.com/kubernetes/apiextensions-apiserver usually embedded into kube-apiserver via delegation. kube-apiserver kube-aggregator kube resources apiextensions- apiserver 404 etcd "delegation" "aggregation"
@the_sttts api-machinery-session.kubecon.io.yaml apiVersion: kubecon.io/v1 kind: Session metadata: name: api-machinery namespace: eu2018 spec: type: deepdive title: "SIG API Machinery Deep Dive" capacity: 42 status: attendees: 23 conditions: - lastTransitionTime: 2018-05-04T12:47:54Z status: "True" type: Started
@the_sttts sessions.kubecon.io.yaml apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: sessions.kubecon.io spec: group: kubecon.io version: v1 scope: Namespaced names: plural: sessions singular: session kind: Session # shortNames: # - talks mustmatch the kind: - usually capital singular - like the Go type the resource: - usually lower-case singular - in http path
@the_sttts Create & wait for Established $ kubectl create –f sessions.kubecon.io.yaml ... and then watch status.conditions["Established"]. Conditions: → NamesAccepted → Established = no name conflicts = CRD is served* * There is a race – to be fixed in #63068. Better wait 5 seconds in ≤1.10.
@the_sttts kubectl get sessions –v=7 • I0429 21:17:53.042783 66743 round_trippers.go:383] GET https://localhost:6443/apis • I0429 21:17:53.135811 66743 round_trippers.go:383] GET https://localhost:6443/apis/kubecon.io/v1 • I0429 21:17:53.138353 66743 round_trippers.go:383] GET https://localhost:6443/apis/kubecon.io/v1/namespaces/default/sessions No resources found. sessions → kind Session resource sessions discovery LIST note: we also support "shortNames" in API group kubecon.io/v1 We call this "REST mapping"
@the_sttts api-machinery-session.kubecon.io.yaml apiVersion: kubecon.io/v1 kind: Session metadata: name: api-machinery namespace: eu2018 spec: type: deepdive title: "SIG API Machinery Deep Dive" capacity: 42 status: attendees: 23 conditions: - lastTransitionTime: 2018-05-04T12:47:54Z status: "True" type: Started Recommended to follow the spec+status pattern. Important for /status subresource.
@the_sttts etcd Storage $ export ETCDCTL_API=3 $ etcdctl get / --prefix --keys-only | grep kubecon /registry/apiextensions.k8s.io/customresourcedefinitions/sessions.kubecon.io /registry/apiregistration.k8s.io/apiservices/v1.kubecon.io /registry/kubecon.io/sessions/eu2018/api-machinery $ etcdctl get /registry/kubecon.io/sessions/eu2018/api-machinery {"apiVersion":"kubecon.io/v1","kind":"Session","metadata":{"clusterName":"","creat ionTimestamp":"2018-04-29T20:30:27Z","generation":1,"name":"api- machinery","namespace":"eu2018","resourceVersion":"","selfLink":"","uid":"273a1ae3 -4bec-11e8-8d91-4c3275978b79"},"spec":{"capacity":10,"title":"SIG API Machinery Deep Dive","type":"deepdive"},"status":{"attendees":10,"conditions":[{"lastTransitionTi me":"2018-05-04T12:47:54Z","status":"True","type":"Started"}]}} unverified JSON blob
@the_sttts unstructured.Unstructured Internally, CustomResources are import "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" unstructured.Unstructured{ Object: map[string]interface{} } i.e. maps+slices+values. Dynamic Client • client-go counterpart: k8s.io/client-go/dynamic • in 1.11+ with sane interface #62913: dynamic.NewForConfig(cfg).Resource(gvr).Namespace(ns).Get(name, opts) • generated, typed clients are generally preferred json.Unmarshal
@the_sttts Zoom into apiextensions-apiserver kube-apiserver kube- aggregator kube resources apiextensions-apiserver 404 etcd "delegation" "aggregation" authn/z CR handlers CR handlers CR handlers ⟲Naming Controller ⟲CRD Finalizer request conversion& defaulting storage conversion & defaulting REST logic result conversion validation admission decoding encode GET CREATE LIST UPDATE DELETE WATCH mutating webhooks validating webhooks NoOps json.Unmarshal
@the_sttts Validation • The standard: OpenAPI v3 schema https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.0.md#schemaObject • based on JSON Schema: https://tools.ietf.org/html/draft-wright-json-schema-validation-00
spec: type: deepdive title: "SIG API Machinery De… capacity: 42 status: attendees: 23 conditions: - lastTransitionTime: 2018… status: "True" type: Started properties: spec: properties: type: anyOf: [{"pattern": "^deepdive$"}, …] title: {"type": "string"} capacity: {"type": "format": "integer", "minimum": 0, "default": 0} required: ["type", "title", "capacity"] status: properties: attendees: {"type": "number", "format": "integer", "minimum": 0} conditions: type: "array" items: properties: lastTransitionTime: {"type": "dateTime"} status: anyOf: [{"pattern": "^True$"}, …] type: anyOf: [{"pattern": "^Started$"}, …] required: ["lastTransitionTime", "status", "type"] OpenAPIv3Schema a quantor (anyOf, oneOf, allOf exist) note: enum is forbidden (why?) regular expression maybe in 1.11+ Custom Resource Helpful tools: kubernetes/kube-openapi#37 tamalsaha/kube-openapi-generator Some other tool from prometheus-operator? Rancher has another one, speak to @lemonjet
@the_sttts etcd Storage – Pruning $ export ETCDCTL_API=3 $ etcdctl get / --prefix --keys-only | grep kubecon /registry/apiextensions.k8s.io/customresourcedefinitions/sessions.kubecon.io /registry/apiregistration.k8s.io/apiservices/v1.kubecon.io /registry/kubecon.io/sessions/eu2018/api-machinery $ etcdctl get /registry/kubecon.io/sessions/eu2018/api-machinery {"apiVersion":"kubecon.io/v1","kind":"Session","metadata":{"clusterName":""," creationTimestamp":"2018-04-29T20:30:27Z","generation":1,"name":"api- machinery","namespace":"eu2018","resourceVersion":"","selfLink":"","uid":"273 a1ae3-4bec-11e8-8d91-4c3275978b79"},"spec":{"capacity":10,"title":"SIG API Machinery Deep Dive","type":"deepdive"},"status":{"attendees":10,"conditions":[{"lastTransit ionTime":"2018-05-04T12:47:54Z","status":"True","type":"Started", "someUnknownField":"someValue", "someFutureField":"dangerous value"}]}} unverified JSON blob with possibly unspecified fields we need pruning! Kube 1.11+
@the_sttts Deeper Dive – go-openapi/validate validator := validate.NewSchemaValidator(schema, …) result := validator.Validate(obj) specSchema := result.FieldSchemata()[ validator.NewFieldKey(obj, "spec") ] = OpenAPIv3Schema = JSON object OpenAPI validation result gives us a mapping: JSON nodes → OpenAPI schemata: spec: type: deepdive title: "SIG API Machinery De… capacity: 42 status: properties: spec: properties: type: anyOf: [{"pattern": "^deepdive$"}, …] title: {"type": "string"} capacity: {"type": "format": "integer", "minimum": 0, "default": 0}
@the_sttts Deeper Dive – go-openapi/validate func ApplyDefaults(r *validate.Result) { fieldSchemata := r.FieldSchemata() for key, schemata := range fieldSchemata { LookForDefaultingScheme: for _, s := range schemata { if s.Default != nil { if _, found := key.Object()[key.Field()]; !found { key.Object()[key.Field()] = s.Default break LookForDefaultingScheme } } } } } ← defaulting algorithm on half a slide spec: type: deepdive title: "SIG API Machinery De… capacity: 42 "someFutureField":"…" properties: spec: properties: type: anyOf: [{"pattern": "^deepdive title: {"type": "string"} capacity: {"type": "format": "in required: ["type", "title", "capac sketch of pruning→
@the_sttts Zoom into apiextensions-apiserver kube-apiserver kube- aggregator kube resources apiextensions-apiserver 404 etcd "delegation" "aggregation" authn/z CR handlers CR handlers CR handlers ⟲Naming Controller ⟲CRD Finalizer conversion & pruning & defaulting REST logic result conversion validation admission decoding defaulting& pruning& conversion encode GET CREATE LIST UPDATE DELETE WATCH mutating webhooks validating webhooks
@the_sttts Scaling the session $ kubectl scale --replicas=10 -n eu2018 sessions/api-machinery --v=7 I0429 22:33:03.083150 74535 round_trippers.go:383] GET https://localhost:6443/apis/kubecon.io/v1/namespaces/eu2018/sessions/api- machinery/scale I0429 22:33:03.083725 74535 round_trippers.go:408] Response Status: 404 Not Found in 0 milliseconds We call this "subresource /scale".
spec: type: deepdive title: "SIG API Machinery De… capacity: 42 status: attendees: 23 conditions: - lastTransitionTime: 2018… status: "True" type: Started apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: sessions.kubecon.io spec: … subresources: scale: specReplicasPath: .spec.capacity statusReplicasPath: .status.attendees # status: {} alpha in 1.10 hopefully beta in 1.11 JSON paths
@the_sttts Scaling the session $ kubectl scale --replicas=10 -n eu2018 sessions/api-machinery --v=7 • I0429 22:43:14.757286 80725 round_trippers.go:405] GET https://localhost:6443/apis/kubecon.io/v1/namespaces/eu2018/sessions/api-machinery/scale 200 OK in 0 milliseconds • I0429 22:43:14.757318 80725 request.go:897] Response Body: { "kind": "Scale", "apiVersion": "autoscaling/v1", "metadata": {...}, "spec": {"replicas":42}, "status":{"replicas":23} } • PUT https://localhost:6443/apis/kubecon.io/v1/namespaces/eu2018/sessions/api-machinery/scale 200 OK in 2 milliseconds session.kubecon.io/api-machinery scaled
@the_sttts (polymorphic) scale client import ( "k8s.io/client-go/discovery/cached" "k8s.io/client-go/scale" ) cachedDiscovery := discocache.NewMemCacheClient(hpaClientGoClient.Discovery()) restMapper := discovery.NewDeferredDiscoveryRESTMapper(cachedDiscovery) scaleKindResolver := scale.NewDiscoveryScaleKindResolver(hpaClientGoClient.Discovery()) scaleClient, err := scale.NewForConfig(cfg, restMapper, dynamic.LegacyAPIPathResolverFunc, scaleKindResolver)
spec: type: deepdive title: "SIG API Machinery De… capacity: 42 status: attendees: 23 conditions: - lastTransitionTime: 2018… status: "True" type: Started apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: sessions.kubecon.io spec: … subresources: scale: specReplicasPath: .spec.capacity statusReplicasPath: .status.attendees status: {} alpha in 1.10 hopefully beta in 1.11 JSON paths spec/status split main endpoint only changes .spec /status changes .status
@the_sttts Recap
@the_sttts Outlook – Prepare for Pruning • Deep change of semantics of Custom Resources • From JSON blob store to schema based storage OpenAPIv3Schema: { properties: { foo: {} } } • Example CR: { "foo": 1, "bar": 2 } → { "foo": 1 } Opt-in in CRD v1beta1 Mandatory in GA
@the_sttts Outlook – Custom Resources • Kubernetes 1.11+ • ⍺: Multiple versions without conversion – design proposal • ⍺: Pruning – in validation spec unspecified fields are removed – blocker for GA • ⍺: Defaulting – defaults from OpenAPI validation schema are applied • ⍺: Graceful Deletion – maybe, to be discussed – #63162 • ⍺: Server Side Printing Columns – “kubectl get” customization – #60991 • β: Subresources – ⍺ since 1.10 – #62786 • OpenAPI additionalProperties allowed now (mutually exclusive with properties) • Kubernetes 1.12+ • Multiple versions with declarative field renames • Strict create mode? Discuss: #5889 – my favorite CRD UX issue Related: CRD OpenAPI validation spec not served by kube-apiserver

Recomendados

Extending Kubernetes – Admission webhooks
Extending Kubernetes – Admission webhooksExtending Kubernetes – Admission webhooks
Extending Kubernetes – Admission webhooksStefan Schimanski
 
Extending the Kube API
Extending the Kube APIExtending the Kube API
Extending the Kube APIStefan Schimanski
 
Kubernetes API code-base tour
Kubernetes API code-base tourKubernetes API code-base tour
Kubernetes API code-base tourStefan Schimanski
 
Meetup - Principles of the kube api and how to extend it
Meetup - Principles of the kube api and how to extend itMeetup - Principles of the kube api and how to extend it
Meetup - Principles of the kube api and how to extend itStefan Schimanski
 
JDD2015: Kubernetes - Beyond the basics - Paul Bakker
JDD2015: Kubernetes - Beyond the basics - Paul BakkerJDD2015: Kubernetes - Beyond the basics - Paul Bakker
JDD2015: Kubernetes - Beyond the basics - Paul BakkerPROIDEA
 
I can't believe it's not a queue: Kafka and Spring
I can't believe it's not a queue: Kafka and SpringI can't believe it's not a queue: Kafka and Spring
I can't believe it's not a queue: Kafka and SpringJoe Kutner
 
Advanced Scheduling in Kubernetes
Advanced Scheduling in KubernetesAdvanced Scheduling in Kubernetes
Advanced Scheduling in KubernetesKublr
 
Regex Considered Harmful: Use Rosie Pattern Language Instead
Regex Considered Harmful: Use Rosie Pattern Language InsteadRegex Considered Harmful: Use Rosie Pattern Language Instead
Regex Considered Harmful: Use Rosie Pattern Language InsteadAll Things Open
 

Recomendados

Extending Kubernetes – Admission webhooks
Extending Kubernetes – Admission webhooksExtending Kubernetes – Admission webhooks
Extending Kubernetes – Admission webhooksStefan Schimanski
 
Extending the Kube API
Extending the Kube APIExtending the Kube API
Extending the Kube APIStefan Schimanski
 
Kubernetes API code-base tour
Kubernetes API code-base tourKubernetes API code-base tour
Kubernetes API code-base tourStefan Schimanski
 
Meetup - Principles of the kube api and how to extend it
Meetup - Principles of the kube api and how to extend itMeetup - Principles of the kube api and how to extend it
Meetup - Principles of the kube api and how to extend itStefan Schimanski
 
JDD2015: Kubernetes - Beyond the basics - Paul Bakker
JDD2015: Kubernetes - Beyond the basics - Paul BakkerJDD2015: Kubernetes - Beyond the basics - Paul Bakker
JDD2015: Kubernetes - Beyond the basics - Paul BakkerPROIDEA
 
I can't believe it's not a queue: Kafka and Spring
I can't believe it's not a queue: Kafka and SpringI can't believe it's not a queue: Kafka and Spring
I can't believe it's not a queue: Kafka and SpringJoe Kutner
 
Advanced Scheduling in Kubernetes
Advanced Scheduling in KubernetesAdvanced Scheduling in Kubernetes
Advanced Scheduling in KubernetesKublr
 
Regex Considered Harmful: Use Rosie Pattern Language Instead
Regex Considered Harmful: Use Rosie Pattern Language InsteadRegex Considered Harmful: Use Rosie Pattern Language Instead
Regex Considered Harmful: Use Rosie Pattern Language InsteadAll Things Open
 
Portable CI/CD Environment as Code with Kubernetes, Kublr and Jenkins
Portable CI/CD Environment as Code with Kubernetes, Kublr and JenkinsPortable CI/CD Environment as Code with Kubernetes, Kublr and Jenkins
Portable CI/CD Environment as Code with Kubernetes, Kublr and JenkinsKublr
 
Transforming Infrastructure into Code - Importing existing cloud resources u...
Transforming Infrastructure into Code - Importing existing cloud resources u...Transforming Infrastructure into Code - Importing existing cloud resources u...
Transforming Infrastructure into Code - Importing existing cloud resources u...Shih Oon Liong
 
Developing Java based microservices ready for the world of containers
Developing Java based microservices ready for the world of containersDeveloping Java based microservices ready for the world of containers
Developing Java based microservices ready for the world of containersClaus Ibsen
 
[JCConf 2020] 用 Kotlin 跨入 Serverless 世代
[JCConf 2020] 用 Kotlin 跨入 Serverless 世代[JCConf 2020] 用 Kotlin 跨入 Serverless 世代
[JCConf 2020] 用 Kotlin 跨入 Serverless 世代Shengyou Fan
 
Kubernetes stack reliability
Kubernetes stack reliabilityKubernetes stack reliability
Kubernetes stack reliabilityOleg Chunikhin
 
Plack basics for Perl websites - YAPC::EU 2011
Plack basics for Perl websites - YAPC::EU 2011Plack basics for Perl websites - YAPC::EU 2011
Plack basics for Perl websites - YAPC::EU 2011leo lapworth
 
Kubernetes
KubernetesKubernetes
KubernetesDONGJIN KIM
 
How to test infrastructure code: automated testing for Terraform, Kubernetes,...
How to test infrastructure code: automated testing for Terraform, Kubernetes,...How to test infrastructure code: automated testing for Terraform, Kubernetes,...
How to test infrastructure code: automated testing for Terraform, Kubernetes,...Yevgeniy Brikman
 
Building A SaaS with CoreOS, Docker, and Etcd
Building A SaaS with CoreOS, Docker, and EtcdBuilding A SaaS with CoreOS, Docker, and Etcd
Building A SaaS with CoreOS, Docker, and EtcdRoss Kukulinski
 
Online game server on Akka.NET (NDC2016)
Online game server on Akka.NET (NDC2016)Online game server on Akka.NET (NDC2016)
Online game server on Akka.NET (NDC2016)Esun Kim
 
Kubernetes in Highly Restrictive Environments
Kubernetes in Highly Restrictive EnvironmentsKubernetes in Highly Restrictive Environments
Kubernetes in Highly Restrictive EnvironmentsKublr
 
Reusable, composable, battle-tested Terraform modules
Reusable, composable, battle-tested Terraform modulesReusable, composable, battle-tested Terraform modules
Reusable, composable, battle-tested Terraform modulesYevgeniy Brikman
 
How to deploy PHP projects with docker
How to deploy PHP projects with dockerHow to deploy PHP projects with docker
How to deploy PHP projects with dockerRuoshi Ling
 
Kubernetes Scheduler deep dive
Kubernetes Scheduler deep diveKubernetes Scheduler deep dive
Kubernetes Scheduler deep diveDONGJIN KIM
 
A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices Nebulaworks
 
[Kotlin Serverless 工作坊] 單元 3 - 實作 JSON API
[Kotlin Serverless 工作坊] 單元 3 - 實作 JSON API[Kotlin Serverless 工作坊] 單元 3 - 實作 JSON API
[Kotlin Serverless 工作坊] 單元 3 - 實作 JSON APIShengyou Fan
 
Taking Apache Camel For A Ride
Taking Apache Camel For A RideTaking Apache Camel For A Ride
Taking Apache Camel For A RideBruce Snyder
 
Using Spinnaker to Create a Development Workflow on Kubernetes - Paul Czarkowski
Using Spinnaker to Create a Development Workflow on Kubernetes - Paul CzarkowskiUsing Spinnaker to Create a Development Workflow on Kubernetes - Paul Czarkowski
Using Spinnaker to Create a Development Workflow on Kubernetes - Paul CzarkowskiVMware Tanzu
 
Code reviews vs Pull requests
Code reviews vs Pull requestsCode reviews vs Pull requests
Code reviews vs Pull requestsTim Pettersen
 
Ignacy Kowalczyk
Ignacy KowalczykIgnacy Kowalczyk
Ignacy KowalczykCodeFest
 
Kubernetes Boston — Custom High Availability of Kubernetes
Kubernetes Boston — Custom High Availability of KubernetesKubernetes Boston — Custom High Availability of Kubernetes
Kubernetes Boston — Custom High Availability of KubernetesMike Splain
 
KubeCon EU 2016: Templatized Application Configuration on OpenShift and Kuber...
KubeCon EU 2016: Templatized Application Configuration on OpenShift and Kuber...KubeCon EU 2016: Templatized Application Configuration on OpenShift and Kuber...
KubeCon EU 2016: Templatized Application Configuration on OpenShift and Kuber...KubeAcademy
 

Más contenido relacionado

La actualidad más candente

Portable CI/CD Environment as Code with Kubernetes, Kublr and Jenkins
Portable CI/CD Environment as Code with Kubernetes, Kublr and JenkinsPortable CI/CD Environment as Code with Kubernetes, Kublr and Jenkins
Portable CI/CD Environment as Code with Kubernetes, Kublr and JenkinsKublr
 
Transforming Infrastructure into Code - Importing existing cloud resources u...
Transforming Infrastructure into Code - Importing existing cloud resources u...Transforming Infrastructure into Code - Importing existing cloud resources u...
Transforming Infrastructure into Code - Importing existing cloud resources u...Shih Oon Liong
 
Developing Java based microservices ready for the world of containers
Developing Java based microservices ready for the world of containersDeveloping Java based microservices ready for the world of containers
Developing Java based microservices ready for the world of containersClaus Ibsen
 
[JCConf 2020] 用 Kotlin 跨入 Serverless 世代
[JCConf 2020] 用 Kotlin 跨入 Serverless 世代[JCConf 2020] 用 Kotlin 跨入 Serverless 世代
[JCConf 2020] 用 Kotlin 跨入 Serverless 世代Shengyou Fan
 
Kubernetes stack reliability
Kubernetes stack reliabilityKubernetes stack reliability
Kubernetes stack reliabilityOleg Chunikhin
 
Plack basics for Perl websites - YAPC::EU 2011
Plack basics for Perl websites - YAPC::EU 2011Plack basics for Perl websites - YAPC::EU 2011
Plack basics for Perl websites - YAPC::EU 2011leo lapworth
 
How to test infrastructure code: automated testing for Terraform, Kubernetes,...
How to test infrastructure code: automated testing for Terraform, Kubernetes,...How to test infrastructure code: automated testing for Terraform, Kubernetes,...
How to test infrastructure code: automated testing for Terraform, Kubernetes,...Yevgeniy Brikman
 
Building A SaaS with CoreOS, Docker, and Etcd
Building A SaaS with CoreOS, Docker, and EtcdBuilding A SaaS with CoreOS, Docker, and Etcd
Building A SaaS with CoreOS, Docker, and EtcdRoss Kukulinski
 
Online game server on Akka.NET (NDC2016)
Online game server on Akka.NET (NDC2016)Online game server on Akka.NET (NDC2016)
Online game server on Akka.NET (NDC2016)Esun Kim
 
Kubernetes in Highly Restrictive Environments
Kubernetes in Highly Restrictive EnvironmentsKubernetes in Highly Restrictive Environments
Kubernetes in Highly Restrictive EnvironmentsKublr
 
Reusable, composable, battle-tested Terraform modules
Reusable, composable, battle-tested Terraform modulesReusable, composable, battle-tested Terraform modules
Reusable, composable, battle-tested Terraform modulesYevgeniy Brikman
 
How to deploy PHP projects with docker
How to deploy PHP projects with dockerHow to deploy PHP projects with docker
How to deploy PHP projects with dockerRuoshi Ling
 
Kubernetes Scheduler deep dive
Kubernetes Scheduler deep diveKubernetes Scheduler deep dive
Kubernetes Scheduler deep diveDONGJIN KIM
 
A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices Nebulaworks
 
[Kotlin Serverless 工作坊] 單元 3 - 實作 JSON API
[Kotlin Serverless 工作坊] 單元 3 - 實作 JSON API[Kotlin Serverless 工作坊] 單元 3 - 實作 JSON API
[Kotlin Serverless 工作坊] 單元 3 - 實作 JSON APIShengyou Fan
 
Taking Apache Camel For A Ride
Taking Apache Camel For A RideTaking Apache Camel For A Ride
Taking Apache Camel For A RideBruce Snyder
 
Using Spinnaker to Create a Development Workflow on Kubernetes - Paul Czarkowski
Using Spinnaker to Create a Development Workflow on Kubernetes - Paul CzarkowskiUsing Spinnaker to Create a Development Workflow on Kubernetes - Paul Czarkowski
Using Spinnaker to Create a Development Workflow on Kubernetes - Paul CzarkowskiVMware Tanzu
 
Code reviews vs Pull requests
Code reviews vs Pull requestsCode reviews vs Pull requests
Code reviews vs Pull requestsTim Pettersen
 
Ignacy Kowalczyk
Ignacy KowalczykIgnacy Kowalczyk
Ignacy KowalczykCodeFest
 

La actualidad más candente (20)

Portable CI/CD Environment as Code with Kubernetes, Kublr and Jenkins
Portable CI/CD Environment as Code with Kubernetes, Kublr and JenkinsPortable CI/CD Environment as Code with Kubernetes, Kublr and Jenkins
Portable CI/CD Environment as Code with Kubernetes, Kublr and Jenkins
 
Transforming Infrastructure into Code - Importing existing cloud resources u...
Transforming Infrastructure into Code - Importing existing cloud resources u...Transforming Infrastructure into Code - Importing existing cloud resources u...
Transforming Infrastructure into Code - Importing existing cloud resources u...
 
Developing Java based microservices ready for the world of containers
Developing Java based microservices ready for the world of containersDeveloping Java based microservices ready for the world of containers
Developing Java based microservices ready for the world of containers
 
[JCConf 2020] 用 Kotlin 跨入 Serverless 世代
[JCConf 2020] 用 Kotlin 跨入 Serverless 世代[JCConf 2020] 用 Kotlin 跨入 Serverless 世代
[JCConf 2020] 用 Kotlin 跨入 Serverless 世代
 
Kubernetes stack reliability
Kubernetes stack reliabilityKubernetes stack reliability
Kubernetes stack reliability
 
Plack basics for Perl websites - YAPC::EU 2011
Plack basics for Perl websites - YAPC::EU 2011Plack basics for Perl websites - YAPC::EU 2011
Plack basics for Perl websites - YAPC::EU 2011
 
Kubernetes
KubernetesKubernetes
Kubernetes
 
How to test infrastructure code: automated testing for Terraform, Kubernetes,...
How to test infrastructure code: automated testing for Terraform, Kubernetes,...How to test infrastructure code: automated testing for Terraform, Kubernetes,...
How to test infrastructure code: automated testing for Terraform, Kubernetes,...
 
Building A SaaS with CoreOS, Docker, and Etcd
Building A SaaS with CoreOS, Docker, and EtcdBuilding A SaaS with CoreOS, Docker, and Etcd
Building A SaaS with CoreOS, Docker, and Etcd
 
Online game server on Akka.NET (NDC2016)
Online game server on Akka.NET (NDC2016)Online game server on Akka.NET (NDC2016)
Online game server on Akka.NET (NDC2016)
 
Kubernetes in Highly Restrictive Environments
Kubernetes in Highly Restrictive EnvironmentsKubernetes in Highly Restrictive Environments
Kubernetes in Highly Restrictive Environments
 
Reusable, composable, battle-tested Terraform modules
Reusable, composable, battle-tested Terraform modulesReusable, composable, battle-tested Terraform modules
Reusable, composable, battle-tested Terraform modules
 
How to deploy PHP projects with docker
How to deploy PHP projects with dockerHow to deploy PHP projects with docker
How to deploy PHP projects with docker
 
Kubernetes Scheduler deep dive
Kubernetes Scheduler deep diveKubernetes Scheduler deep dive
Kubernetes Scheduler deep dive
 
A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices
 
[Kotlin Serverless 工作坊] 單元 3 - 實作 JSON API
[Kotlin Serverless 工作坊] 單元 3 - 實作 JSON API[Kotlin Serverless 工作坊] 單元 3 - 實作 JSON API
[Kotlin Serverless 工作坊] 單元 3 - 實作 JSON API
 
Taking Apache Camel For A Ride
Taking Apache Camel For A RideTaking Apache Camel For A Ride
Taking Apache Camel For A Ride
 
Using Spinnaker to Create a Development Workflow on Kubernetes - Paul Czarkowski
Using Spinnaker to Create a Development Workflow on Kubernetes - Paul CzarkowskiUsing Spinnaker to Create a Development Workflow on Kubernetes - Paul Czarkowski
Using Spinnaker to Create a Development Workflow on Kubernetes - Paul Czarkowski
 
Code reviews vs Pull requests
Code reviews vs Pull requestsCode reviews vs Pull requests
Code reviews vs Pull requests
 
Ignacy Kowalczyk
Ignacy KowalczykIgnacy Kowalczyk
Ignacy Kowalczyk
 

Similar a KubeCon EU 2018 – Sig API Machinery Deep Dive

Kubernetes Boston — Custom High Availability of Kubernetes
Kubernetes Boston — Custom High Availability of KubernetesKubernetes Boston — Custom High Availability of Kubernetes
Kubernetes Boston — Custom High Availability of KubernetesMike Splain
 
KubeCon EU 2016: Templatized Application Configuration on OpenShift and Kuber...
KubeCon EU 2016: Templatized Application Configuration on OpenShift and Kuber...KubeCon EU 2016: Templatized Application Configuration on OpenShift and Kuber...
KubeCon EU 2016: Templatized Application Configuration on OpenShift and Kuber...KubeAcademy
 
KubeCon EU 2016: A Practical Guide to Container Scheduling
KubeCon EU 2016: A Practical Guide to Container SchedulingKubeCon EU 2016: A Practical Guide to Container Scheduling
KubeCon EU 2016: A Practical Guide to Container SchedulingKubeAcademy
 
Kubernetes上で動作する機械学習モジュールの配信&管理基盤Rekcurd について
Kubernetes上で動作する機械学習モジュールの配信&管理基盤Rekcurd についてKubernetes上で動作する機械学習モジュールの配信&管理基盤Rekcurd について
Kubernetes上で動作する機械学習モジュールの配信&管理基盤Rekcurd についてLINE Corporation
 
K8s best practices from the field!
K8s best practices from the field!K8s best practices from the field!
K8s best practices from the field!DoiT International
 
From Kubernetes to OpenStack in Sydney
From Kubernetes to OpenStack in SydneyFrom Kubernetes to OpenStack in Sydney
From Kubernetes to OpenStack in SydneySK Telecom
 
Managing Stateful Services with the Operator Pattern in Kubernetes - Kubernet...
Managing Stateful Services with the Operator Pattern in Kubernetes - Kubernet...Managing Stateful Services with the Operator Pattern in Kubernetes - Kubernet...
Managing Stateful Services with the Operator Pattern in Kubernetes - Kubernet...Jakob Karalus
 
IVS CTO Night And Day 2018 Winter - [re:Cap] Serverless & Mobile
IVS CTO Night And Day 2018 Winter - [re:Cap] Serverless & MobileIVS CTO Night And Day 2018 Winter - [re:Cap] Serverless & Mobile
IVS CTO Night And Day 2018 Winter - [re:Cap] Serverless & MobileAmazon Web Services Japan
 
Who is afraid of privileged containers ?
Who is afraid of privileged containers ?Who is afraid of privileged containers ?
Who is afraid of privileged containers ?Marko Bevc
 
Run the elastic stack on kubernetes with eck
Run the elastic stack on kubernetes with eck Run the elastic stack on kubernetes with eck
Run the elastic stack on kubernetes with eck Daliya Spasova
 
Introduction to Kubernetes RBAC
Introduction to Kubernetes RBACIntroduction to Kubernetes RBAC
Introduction to Kubernetes RBACKublr
 
Terraforming the Kubernetes Land
Terraforming the Kubernetes LandTerraforming the Kubernetes Land
Terraforming the Kubernetes LandRadek Simko
 
Extending kubernetes with CustomResourceDefinitions
Extending kubernetes with CustomResourceDefinitionsExtending kubernetes with CustomResourceDefinitions
Extending kubernetes with CustomResourceDefinitionsStefan Schimanski
 
Scaling search-clusters-solr-k8s-2020-amrit-sarkar
Scaling search-clusters-solr-k8s-2020-amrit-sarkarScaling search-clusters-solr-k8s-2020-amrit-sarkar
Scaling search-clusters-solr-k8s-2020-amrit-sarkarAmrit Sarkar
 
[Kotlin Serverless 工作坊] 單元 4 - 實作 RSS Aggregator
[Kotlin Serverless 工作坊] 單元 4 - 實作 RSS Aggregator[Kotlin Serverless 工作坊] 單元 4 - 實作 RSS Aggregator
[Kotlin Serverless 工作坊] 單元 4 - 實作 RSS AggregatorShengyou Fan
 
Tdc 2013 - Ecossistema Ruby
Tdc 2013 - Ecossistema RubyTdc 2013 - Ecossistema Ruby
Tdc 2013 - Ecossistema RubyFabio Akita
 
You got database in my cloud (short version)
You got database in my cloud (short version)You got database in my cloud (short version)
You got database in my cloud (short version)Liz Frost
 
Monitoring infrastructure with prometheus
Monitoring infrastructure with prometheusMonitoring infrastructure with prometheus
Monitoring infrastructure with prometheusShahnawaz Saifi
 
Meetup 12-12-2017 - Application Isolation on Kubernetes
Meetup 12-12-2017 - Application Isolation on KubernetesMeetup 12-12-2017 - Application Isolation on Kubernetes
Meetup 12-12-2017 - Application Isolation on Kubernetesdtoledo67
 
Kubernetes - Starting with 1.2
Kubernetes - Starting with 1.2Kubernetes - Starting with 1.2
Kubernetes - Starting with 1.2William Stewart
 

Similar a KubeCon EU 2018 – Sig API Machinery Deep Dive (20)

Kubernetes Boston — Custom High Availability of Kubernetes
Kubernetes Boston — Custom High Availability of KubernetesKubernetes Boston — Custom High Availability of Kubernetes
Kubernetes Boston — Custom High Availability of Kubernetes
 
KubeCon EU 2016: Templatized Application Configuration on OpenShift and Kuber...
KubeCon EU 2016: Templatized Application Configuration on OpenShift and Kuber...KubeCon EU 2016: Templatized Application Configuration on OpenShift and Kuber...
KubeCon EU 2016: Templatized Application Configuration on OpenShift and Kuber...
 
KubeCon EU 2016: A Practical Guide to Container Scheduling
KubeCon EU 2016: A Practical Guide to Container SchedulingKubeCon EU 2016: A Practical Guide to Container Scheduling
KubeCon EU 2016: A Practical Guide to Container Scheduling
 
Kubernetes上で動作する機械学習モジュールの配信&管理基盤Rekcurd について
Kubernetes上で動作する機械学習モジュールの配信&管理基盤Rekcurd についてKubernetes上で動作する機械学習モジュールの配信&管理基盤Rekcurd について
Kubernetes上で動作する機械学習モジュールの配信&管理基盤Rekcurd について
 
K8s best practices from the field!
K8s best practices from the field!K8s best practices from the field!
K8s best practices from the field!
 
From Kubernetes to OpenStack in Sydney
From Kubernetes to OpenStack in SydneyFrom Kubernetes to OpenStack in Sydney
From Kubernetes to OpenStack in Sydney
 
Managing Stateful Services with the Operator Pattern in Kubernetes - Kubernet...
Managing Stateful Services with the Operator Pattern in Kubernetes - Kubernet...Managing Stateful Services with the Operator Pattern in Kubernetes - Kubernet...
Managing Stateful Services with the Operator Pattern in Kubernetes - Kubernet...
 
IVS CTO Night And Day 2018 Winter - [re:Cap] Serverless & Mobile
IVS CTO Night And Day 2018 Winter - [re:Cap] Serverless & MobileIVS CTO Night And Day 2018 Winter - [re:Cap] Serverless & Mobile
IVS CTO Night And Day 2018 Winter - [re:Cap] Serverless & Mobile
 
Who is afraid of privileged containers ?
Who is afraid of privileged containers ?Who is afraid of privileged containers ?
Who is afraid of privileged containers ?
 
Run the elastic stack on kubernetes with eck
Run the elastic stack on kubernetes with eck Run the elastic stack on kubernetes with eck
Run the elastic stack on kubernetes with eck
 
Introduction to Kubernetes RBAC
Introduction to Kubernetes RBACIntroduction to Kubernetes RBAC
Introduction to Kubernetes RBAC
 
Terraforming the Kubernetes Land
Terraforming the Kubernetes LandTerraforming the Kubernetes Land
Terraforming the Kubernetes Land
 
Extending kubernetes with CustomResourceDefinitions
Extending kubernetes with CustomResourceDefinitionsExtending kubernetes with CustomResourceDefinitions
Extending kubernetes with CustomResourceDefinitions
 
Scaling search-clusters-solr-k8s-2020-amrit-sarkar
Scaling search-clusters-solr-k8s-2020-amrit-sarkarScaling search-clusters-solr-k8s-2020-amrit-sarkar
Scaling search-clusters-solr-k8s-2020-amrit-sarkar
 
[Kotlin Serverless 工作坊] 單元 4 - 實作 RSS Aggregator
[Kotlin Serverless 工作坊] 單元 4 - 實作 RSS Aggregator[Kotlin Serverless 工作坊] 單元 4 - 實作 RSS Aggregator
[Kotlin Serverless 工作坊] 單元 4 - 實作 RSS Aggregator
 
Tdc 2013 - Ecossistema Ruby
Tdc 2013 - Ecossistema RubyTdc 2013 - Ecossistema Ruby
Tdc 2013 - Ecossistema Ruby
 
You got database in my cloud (short version)
You got database in my cloud (short version)You got database in my cloud (short version)
You got database in my cloud (short version)
 
Monitoring infrastructure with prometheus
Monitoring infrastructure with prometheusMonitoring infrastructure with prometheus
Monitoring infrastructure with prometheus
 
Meetup 12-12-2017 - Application Isolation on Kubernetes
Meetup 12-12-2017 - Application Isolation on KubernetesMeetup 12-12-2017 - Application Isolation on Kubernetes
Meetup 12-12-2017 - Application Isolation on Kubernetes
 
Kubernetes - Starting with 1.2
Kubernetes - Starting with 1.2Kubernetes - Starting with 1.2
Kubernetes - Starting with 1.2
 

Más de Stefan Schimanski

Cutting the Kubernetes Monorepo in pieces
Cutting the Kubernetes Monorepo in piecesCutting the Kubernetes Monorepo in pieces
Cutting the Kubernetes Monorepo in piecesStefan Schimanski
 
Cutting the Kubernetes Monorepo in pieces – never learnt more about git
Cutting the Kubernetes Monorepo in pieces – never learnt more about gitCutting the Kubernetes Monorepo in pieces – never learnt more about git
Cutting the Kubernetes Monorepo in pieces – never learnt more about gitStefan Schimanski
 
Git deep dive – chopping Kubernetes
Git deep dive – chopping KubernetesGit deep dive – chopping Kubernetes
Git deep dive – chopping KubernetesStefan Schimanski
 
Extend and build on Kubernetes
Extend and build on KubernetesExtend and build on Kubernetes
Extend and build on KubernetesStefan Schimanski
 
Kubernetes API - deep dive into the kube-apiserver
Kubernetes API - deep dive into the kube-apiserverKubernetes API - deep dive into the kube-apiserver
Kubernetes API - deep dive into the kube-apiserverStefan Schimanski
 
Kubernetes Architecture and Introduction – Paris Kubernetes Meetup
Kubernetes Architecture and Introduction – Paris Kubernetes MeetupKubernetes Architecture and Introduction – Paris Kubernetes Meetup
Kubernetes Architecture and Introduction – Paris Kubernetes MeetupStefan Schimanski
 
Kubernetes Architecture and Introduction
Kubernetes Architecture and IntroductionKubernetes Architecture and Introduction
Kubernetes Architecture and IntroductionStefan Schimanski
 
Kubernetes on Top of Mesos on Top of DCOS
Kubernetes on Top of Mesos on Top of DCOSKubernetes on Top of Mesos on Top of DCOS
Kubernetes on Top of Mesos on Top of DCOSStefan Schimanski
 
An Introduction to the Kubernetes API
An Introduction to the Kubernetes APIAn Introduction to the Kubernetes API
An Introduction to the Kubernetes APIStefan Schimanski
 
Cluster Networking with Docker
Cluster Networking with DockerCluster Networking with Docker
Cluster Networking with DockerStefan Schimanski
 

Más de Stefan Schimanski (12)

Cutting the Kubernetes Monorepo in pieces
Cutting the Kubernetes Monorepo in piecesCutting the Kubernetes Monorepo in pieces
Cutting the Kubernetes Monorepo in pieces
 
Cutting the Kubernetes Monorepo in pieces – never learnt more about git
Cutting the Kubernetes Monorepo in pieces – never learnt more about gitCutting the Kubernetes Monorepo in pieces – never learnt more about git
Cutting the Kubernetes Monorepo in pieces – never learnt more about git
 
Git deep dive – chopping Kubernetes
Git deep dive – chopping KubernetesGit deep dive – chopping Kubernetes
Git deep dive – chopping Kubernetes
 
Extend and build on Kubernetes
Extend and build on KubernetesExtend and build on Kubernetes
Extend and build on Kubernetes
 
Kubernetes API - deep dive into the kube-apiserver
Kubernetes API - deep dive into the kube-apiserverKubernetes API - deep dive into the kube-apiserver
Kubernetes API - deep dive into the kube-apiserver
 
Elastic etcd
Elastic etcdElastic etcd
Elastic etcd
 
Kubernetes Architecture and Introduction – Paris Kubernetes Meetup
Kubernetes Architecture and Introduction – Paris Kubernetes MeetupKubernetes Architecture and Introduction – Paris Kubernetes Meetup
Kubernetes Architecture and Introduction – Paris Kubernetes Meetup
 
Kubernetes Architecture and Introduction
Kubernetes Architecture and IntroductionKubernetes Architecture and Introduction
Kubernetes Architecture and Introduction
 
Kubernetes on Top of Mesos on Top of DCOS
Kubernetes on Top of Mesos on Top of DCOSKubernetes on Top of Mesos on Top of DCOS
Kubernetes on Top of Mesos on Top of DCOS
 
An Introduction to the Kubernetes API
An Introduction to the Kubernetes APIAn Introduction to the Kubernetes API
An Introduction to the Kubernetes API
 
Cluster Networking with Docker
Cluster Networking with DockerCluster Networking with Docker
Cluster Networking with Docker
 
Beyond static configuration
Beyond static configurationBeyond static configuration
Beyond static configuration
 

Último

Introduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfIntroduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfFerryKemperman
 
Sending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdfSending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdf31events.com
 
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Cizo Technology Services
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样umasea
 
Recruitment Management Software Benefits (Infographic)
Recruitment Management Software Benefits (Infographic)Recruitment Management Software Benefits (Infographic)
Recruitment Management Software Benefits (Infographic)Hr365.us smith
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxTier1 app
 
Software Coding for software engineering
Software Coding for software engineeringSoftware Coding for software engineering
Software Coding for software engineeringssuserb3a23b
 
Ahmed Motair CV April 2024 (Senior SW Developer)
Ahmed Motair CV April 2024 (Senior SW Developer)Ahmed Motair CV April 2024 (Senior SW Developer)
Ahmed Motair CV April 2024 (Senior SW Developer)Ahmed Mater
 
Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesFolding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesPhilip Schwarz
 
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...confluent
 
Comparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfComparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfDrew Moseley
 
CRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceCRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceBrainSell Technologies
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureDinusha Kumarasiri
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEEVICTOR MAESTRE RAMIREZ
 
PREDICTING RIVER WATER QUALITY ppt presentation
PREDICTING RIVER WATER QUALITY ppt presentationPREDICTING RIVER WATER QUALITY ppt presentation
PREDICTING RIVER WATER QUALITY ppt presentationvaddepallysandeep122
 
Precise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalPrecise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalLionel Briand
 
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company OdishaBalasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odishasmiwainfosol
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based projectAnoyGreter
 
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...Natan Silnitsky
 

Último (20)

Introduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfIntroduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdf
 
Sending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdfSending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdf
 
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
 
Recruitment Management Software Benefits (Infographic)
Recruitment Management Software Benefits (Infographic)Recruitment Management Software Benefits (Infographic)
Recruitment Management Software Benefits (Infographic)
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
 
Software Coding for software engineering
Software Coding for software engineeringSoftware Coding for software engineering
Software Coding for software engineering
 
Ahmed Motair CV April 2024 (Senior SW Developer)
Ahmed Motair CV April 2024 (Senior SW Developer)Ahmed Motair CV April 2024 (Senior SW Developer)
Ahmed Motair CV April 2024 (Senior SW Developer)
 
Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesFolding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a series
 
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
 
Comparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfComparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdf
 
CRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceCRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. Salesforce
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with Azure
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEE
 
PREDICTING RIVER WATER QUALITY ppt presentation
PREDICTING RIVER WATER QUALITY ppt presentationPREDICTING RIVER WATER QUALITY ppt presentation
PREDICTING RIVER WATER QUALITY ppt presentation
 
Precise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalPrecise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive Goal
 
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company OdishaBalasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based project
 
Odoo Development Company in India | Devintelle Consulting Service
Odoo Development Company in India | Devintelle Consulting ServiceOdoo Development Company in India | Devintelle Consulting Service
Odoo Development Company in India | Devintelle Consulting Service
 
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
 

KubeCon EU 2018 – Sig API Machinery Deep Dive

  • 1. SIG API Machinery Deep Dive Stefan Schimanski – sttts@redhat.com – @the_sttts
  • 2. @the_sttts Agenda • Outlook to Kubernetes 1.11+ • Deep Dive into CustomResourceDefinitions • Questions
  • 3. @the_sttts Outlook – Custom Resources • Kubernetes 1.11+ • ⍺: Multiple versions without conversion – design proposal • ⍺: Pruning – in validation spec unspecified fields are removed – blocker for GA • ⍺: Defaulting – defaults from OpenAPI validation schema are applied • ⍺: Graceful Deletion – maybe, to be discussed – #63162 • ⍺: Server Side Printing Columns – “kubectl get” customization – #60991 • β: Subresources – ⍺ since 1.10 – #62786 • OpenAPI additionalProperties allowed now (mutually exclusive with properties) • Kubernetes 1.12+ • Multiple versions with declarative field renames • Strict create mode? Discuss: #5889 – my favorite CRD UX issue Related: CRD OpenAPI validation spec not served by kube-apiserver
  • 4. @the_sttts The Future: Versioning • Most asked for feature for long time • It is coming, but slowly "NoConversion": maybe in 1.11 apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: contibutorsummit.kubecon.io spec: group: kubecon.io version: v1 versions: - name: v1 storage: true - name: v1alpha1 "Declarative Conversions": maybe in 1.12+ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: contibutorsummit.kubecon.io spec: group: kubecon.io version: v1 conversions: declarative: renames: from: v1alpha1 to: v1 old: .spec.foo new: bar
  • 5. @the_sttts Outlook – Prepare for Pruning • Deep change of semantics of Custom Resources • From JSON blob store to schema based storage OpenAPIv3Schema: { properties: { foo: {} } } • Example CR: { "foo": 1, "bar": 2 } → { "foo": 1 } Opt-in in CRD v1beta1 Mandatory in GA
  • 7. @the_sttts apiextensions-apiserver CustomResourceDefinitions are served by https://github.com/kubernetes/apiextensions-apiserver usually embedded into kube-apiserver via delegation. kube-apiserver kube-aggregator kube resources apiextensions- apiserver 404 etcd "delegation" "aggregation"
  • 8. @the_sttts api-machinery-session.kubecon.io.yaml apiVersion: kubecon.io/v1 kind: Session metadata: name: api-machinery namespace: eu2018 spec: type: deepdive title: "SIG API Machinery Deep Dive" capacity: 42 status: attendees: 23 conditions: - lastTransitionTime: 2018-05-04T12:47:54Z status: "True" type: Started
  • 9. @the_sttts sessions.kubecon.io.yaml apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: sessions.kubecon.io spec: group: kubecon.io version: v1 scope: Namespaced names: plural: sessions singular: session kind: Session # shortNames: # - talks mustmatch the kind: - usually capital singular - like the Go type the resource: - usually lower-case singular - in http path
  • 10. @the_sttts Create & wait for Established $ kubectl create –f sessions.kubecon.io.yaml ... and then watch status.conditions["Established"]. Conditions: → NamesAccepted → Established = no name conflicts = CRD is served* * There is a race – to be fixed in #63068. Better wait 5 seconds in ≤1.10.
  • 11. @the_sttts kubectl get sessions –v=7 • I0429 21:17:53.042783 66743 round_trippers.go:383] GET https://localhost:6443/apis • I0429 21:17:53.135811 66743 round_trippers.go:383] GET https://localhost:6443/apis/kubecon.io/v1 • I0429 21:17:53.138353 66743 round_trippers.go:383] GET https://localhost:6443/apis/kubecon.io/v1/namespaces/default/sessions No resources found. sessions → kind Session resource sessions discovery LIST note: we also support "shortNames" in API group kubecon.io/v1 We call this "REST mapping"
  • 12. @the_sttts api-machinery-session.kubecon.io.yaml apiVersion: kubecon.io/v1 kind: Session metadata: name: api-machinery namespace: eu2018 spec: type: deepdive title: "SIG API Machinery Deep Dive" capacity: 42 status: attendees: 23 conditions: - lastTransitionTime: 2018-05-04T12:47:54Z status: "True" type: Started Recommended to follow the spec+status pattern. Important for /status subresource.
  • 13. @the_sttts etcd Storage $ export ETCDCTL_API=3 $ etcdctl get / --prefix --keys-only | grep kubecon /registry/apiextensions.k8s.io/customresourcedefinitions/sessions.kubecon.io /registry/apiregistration.k8s.io/apiservices/v1.kubecon.io /registry/kubecon.io/sessions/eu2018/api-machinery $ etcdctl get /registry/kubecon.io/sessions/eu2018/api-machinery {"apiVersion":"kubecon.io/v1","kind":"Session","metadata":{"clusterName":"","creat ionTimestamp":"2018-04-29T20:30:27Z","generation":1,"name":"api- machinery","namespace":"eu2018","resourceVersion":"","selfLink":"","uid":"273a1ae3 -4bec-11e8-8d91-4c3275978b79"},"spec":{"capacity":10,"title":"SIG API Machinery Deep Dive","type":"deepdive"},"status":{"attendees":10,"conditions":[{"lastTransitionTi me":"2018-05-04T12:47:54Z","status":"True","type":"Started"}]}} unverified JSON blob
  • 14. @the_sttts unstructured.Unstructured Internally, CustomResources are import "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" unstructured.Unstructured{ Object: map[string]interface{} } i.e. maps+slices+values. Dynamic Client • client-go counterpart: k8s.io/client-go/dynamic • in 1.11+ with sane interface #62913: dynamic.NewForConfig(cfg).Resource(gvr).Namespace(ns).Get(name, opts) • generated, typed clients are generally preferred json.Unmarshal
  • 15. @the_sttts Zoom into apiextensions-apiserver kube-apiserver kube- aggregator kube resources apiextensions-apiserver 404 etcd "delegation" "aggregation" authn/z CR handlers CR handlers CR handlers ⟲Naming Controller ⟲CRD Finalizer request conversion& defaulting storage conversion & defaulting REST logic result conversion validation admission decoding encode GET CREATE LIST UPDATE DELETE WATCH mutating webhooks validating webhooks NoOps json.Unmarshal
  • 16. @the_sttts Validation • The standard: OpenAPI v3 schema https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.0.md#schemaObject • based on JSON Schema: https://tools.ietf.org/html/draft-wright-json-schema-validation-00
  • 17. spec: type: deepdive title: "SIG API Machinery De… capacity: 42 status: attendees: 23 conditions: - lastTransitionTime: 2018… status: "True" type: Started properties: spec: properties: type: anyOf: [{"pattern": "^deepdive$"}, …] title: {"type": "string"} capacity: {"type": "format": "integer", "minimum": 0, "default": 0} required: ["type", "title", "capacity"] status: properties: attendees: {"type": "number", "format": "integer", "minimum": 0} conditions: type: "array" items: properties: lastTransitionTime: {"type": "dateTime"} status: anyOf: [{"pattern": "^True$"}, …] type: anyOf: [{"pattern": "^Started$"}, …] required: ["lastTransitionTime", "status", "type"] OpenAPIv3Schema a quantor (anyOf, oneOf, allOf exist) note: enum is forbidden (why?) regular expression maybe in 1.11+ Custom Resource Helpful tools: kubernetes/kube-openapi#37 tamalsaha/kube-openapi-generator Some other tool from prometheus-operator? Rancher has another one, speak to @lemonjet
  • 18. @the_sttts etcd Storage – Pruning $ export ETCDCTL_API=3 $ etcdctl get / --prefix --keys-only | grep kubecon /registry/apiextensions.k8s.io/customresourcedefinitions/sessions.kubecon.io /registry/apiregistration.k8s.io/apiservices/v1.kubecon.io /registry/kubecon.io/sessions/eu2018/api-machinery $ etcdctl get /registry/kubecon.io/sessions/eu2018/api-machinery {"apiVersion":"kubecon.io/v1","kind":"Session","metadata":{"clusterName":""," creationTimestamp":"2018-04-29T20:30:27Z","generation":1,"name":"api- machinery","namespace":"eu2018","resourceVersion":"","selfLink":"","uid":"273 a1ae3-4bec-11e8-8d91-4c3275978b79"},"spec":{"capacity":10,"title":"SIG API Machinery Deep Dive","type":"deepdive"},"status":{"attendees":10,"conditions":[{"lastTransit ionTime":"2018-05-04T12:47:54Z","status":"True","type":"Started", "someUnknownField":"someValue", "someFutureField":"dangerous value"}]}} unverified JSON blob with possibly unspecified fields we need pruning! Kube 1.11+
  • 19. @the_sttts Deeper Dive – go-openapi/validate validator := validate.NewSchemaValidator(schema, …) result := validator.Validate(obj) specSchema := result.FieldSchemata()[ validator.NewFieldKey(obj, "spec") ] = OpenAPIv3Schema = JSON object OpenAPI validation result gives us a mapping: JSON nodes → OpenAPI schemata: spec: type: deepdive title: "SIG API Machinery De… capacity: 42 status: properties: spec: properties: type: anyOf: [{"pattern": "^deepdive$"}, …] title: {"type": "string"} capacity: {"type": "format": "integer", "minimum": 0, "default": 0}
  • 20. @the_sttts Deeper Dive – go-openapi/validate func ApplyDefaults(r *validate.Result) { fieldSchemata := r.FieldSchemata() for key, schemata := range fieldSchemata { LookForDefaultingScheme: for _, s := range schemata { if s.Default != nil { if _, found := key.Object()[key.Field()]; !found { key.Object()[key.Field()] = s.Default break LookForDefaultingScheme } } } } } ← defaulting algorithm on half a slide spec: type: deepdive title: "SIG API Machinery De… capacity: 42 "someFutureField":"…" properties: spec: properties: type: anyOf: [{"pattern": "^deepdive title: {"type": "string"} capacity: {"type": "format": "in required: ["type", "title", "capac sketch of pruning→
  • 21. @the_sttts Zoom into apiextensions-apiserver kube-apiserver kube- aggregator kube resources apiextensions-apiserver 404 etcd "delegation" "aggregation" authn/z CR handlers CR handlers CR handlers ⟲Naming Controller ⟲CRD Finalizer conversion & pruning & defaulting REST logic result conversion validation admission decoding defaulting& pruning& conversion encode GET CREATE LIST UPDATE DELETE WATCH mutating webhooks validating webhooks
  • 22. @the_sttts Scaling the session $ kubectl scale --replicas=10 -n eu2018 sessions/api-machinery --v=7 I0429 22:33:03.083150 74535 round_trippers.go:383] GET https://localhost:6443/apis/kubecon.io/v1/namespaces/eu2018/sessions/api- machinery/scale I0429 22:33:03.083725 74535 round_trippers.go:408] Response Status: 404 Not Found in 0 milliseconds We call this "subresource /scale".
  • 23. spec: type: deepdive title: "SIG API Machinery De… capacity: 42 status: attendees: 23 conditions: - lastTransitionTime: 2018… status: "True" type: Started apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: sessions.kubecon.io spec: … subresources: scale: specReplicasPath: .spec.capacity statusReplicasPath: .status.attendees # status: {} alpha in 1.10 hopefully beta in 1.11 JSON paths
  • 24. @the_sttts Scaling the session $ kubectl scale --replicas=10 -n eu2018 sessions/api-machinery --v=7 • I0429 22:43:14.757286 80725 round_trippers.go:405] GET https://localhost:6443/apis/kubecon.io/v1/namespaces/eu2018/sessions/api-machinery/scale 200 OK in 0 milliseconds • I0429 22:43:14.757318 80725 request.go:897] Response Body: { "kind": "Scale", "apiVersion": "autoscaling/v1", "metadata": {...}, "spec": {"replicas":42}, "status":{"replicas":23} } • PUT https://localhost:6443/apis/kubecon.io/v1/namespaces/eu2018/sessions/api-machinery/scale 200 OK in 2 milliseconds session.kubecon.io/api-machinery scaled
  • 25. @the_sttts (polymorphic) scale client import ( "k8s.io/client-go/discovery/cached" "k8s.io/client-go/scale" ) cachedDiscovery := discocache.NewMemCacheClient(hpaClientGoClient.Discovery()) restMapper := discovery.NewDeferredDiscoveryRESTMapper(cachedDiscovery) scaleKindResolver := scale.NewDiscoveryScaleKindResolver(hpaClientGoClient.Discovery()) scaleClient, err := scale.NewForConfig(cfg, restMapper, dynamic.LegacyAPIPathResolverFunc, scaleKindResolver)
  • 26. spec: type: deepdive title: "SIG API Machinery De… capacity: 42 status: attendees: 23 conditions: - lastTransitionTime: 2018… status: "True" type: Started apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: sessions.kubecon.io spec: … subresources: scale: specReplicasPath: .spec.capacity statusReplicasPath: .status.attendees status: {} alpha in 1.10 hopefully beta in 1.11 JSON paths spec/status split main endpoint only changes .spec /status changes .status
  • 28. @the_sttts Outlook – Prepare for Pruning • Deep change of semantics of Custom Resources • From JSON blob store to schema based storage OpenAPIv3Schema: { properties: { foo: {} } } • Example CR: { "foo": 1, "bar": 2 } → { "foo": 1 } Opt-in in CRD v1beta1 Mandatory in GA
  • 29. @the_sttts Outlook – Custom Resources • Kubernetes 1.11+ • ⍺: Multiple versions without conversion – design proposal • ⍺: Pruning – in validation spec unspecified fields are removed – blocker for GA • ⍺: Defaulting – defaults from OpenAPI validation schema are applied • ⍺: Graceful Deletion – maybe, to be discussed – #63162 • ⍺: Server Side Printing Columns – “kubectl get” customization – #60991 • β: Subresources – ⍺ since 1.10 – #62786 • OpenAPI additionalProperties allowed now (mutually exclusive with properties) • Kubernetes 1.12+ • Multiple versions with declarative field renames • Strict create mode? Discuss: #5889 – my favorite CRD UX issue Related: CRD OpenAPI validation spec not served by kube-apiserver