Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Making kubectl plugins mainstream

Making kubectl plugins mainstream

It's the end of 2019 and kubectl plugins are finally gaining steam. Krew plugin manager for kubectl (https://krew.dev) is now hosting over 60 plugins (doubling every 6 months).
This talk is an introduction to kubectl plugin mechanism, and best practices for developing plugins.

Presented at KubeCon 2019 North America, San Diego, CA by @ahmetb.

Bf59cd38a9c9084b6a66bf4fce47f691?s=128

Ahmet Alp Balkan

November 21, 2019
Tweet

Transcript

  1. @ahmetb making kubectl plugins mainstream ahmet alp balkan (@ahmetb) google

    cloud
  2. @ahmetb @ahmetb on {twitter, github} ➔ ported docker.exe, docker maintainer

    ~2015 ➔ started Azure Container Registry ~2016 ➔ developer advocate @ Google ~2017 working on Google Cloud Run, Knative, dev tools ➔ kubectx & kubens & kubectl-aliases ➔ Google’s microservices-demo ➔ kubectl plugin manager krew.dev about me 2
  3. @ahmetb agenda 1. kubectl plugins 101 2. krew (plugin manager)

    overview 3. why did we need plugins? 4. let's develop a plugin 5. plugin runtime 6. why develop a plugin? 7. how to distribute your plugins 8. best practices for writing plugins user developer 3
  4. @ahmetb USING PLUGINS 4

  5. @ahmetb kubectl plugins circa v1.12 an extension mechanism that lets

    you write your own kubectl subcommands. 5
  6. @ahmetb kubectl plugin mechanism in a nutshell 1. write an

    executable program 2. name it kubectl-something 3. put it in your $PATH 4. invoke as "kubectl something" 6
  7. @ahmetb where do I find plugins? - github? - some

    list? - package manager? 7
  8. @ahmetb Krew the missing plugin manager for kubectl Kubernetes SIG

    CLI sub-project https://krew.dev (sigs.k8s.io/krew) 8
  9. @ahmetb What is Krew? - Functionality - discover plugins -

    install plugins - update plugins - remove plugins - Started in 2018 as an intern project at Google Cloud. - Donated to Kubernetes project in May 2019. - Not an actual package manager - Doesn't handle dependencies. 9
  10. @ahmetb kubectl plugins on Krew KubeCon 2018 Seattle Today KubeCon

    2019 EU 10
  11. @ahmetb kubectl plugins on Krew KubeCon 2018 Seattle Today KubeCon

    2019 EU 11
  12. @ahmetb demo: let's try krew 12

  13. @ahmetb why did we need kubectl plugins? 13

  14. @ahmetb 1. people want to add new sub-commands to kubectl

    14
  15. @ahmetb 15

  16. @ahmetb 2. everybody has opinions 16

  17. @ahmetb 17

  18. @ahmetb 3. reaching consensus in open source is not trivial

    18
  19. @ahmetb 19

  20. @ahmetb 20

  21. @ahmetb 4. we cannot solve everything in the kubernetes core

    21
  22. @ahmetb Storage plugins Network plugins Custom controllers Scheduler extension/ custom

    scheduler Custom resources (CRD) API Access Extensions (Admission webhooks, authentication webhook, authz/RBAC webhooks) kubernetes.io/docs/concepts/extend-kubernetes/extend-cluster Kubectl Plugins 22
  23. @ahmetb 5. kubernetes core moves slower 23

  24. @ahmetb official command plugin KEP + approval no approvals usefulness

    and stability no restrictions hosted in kubectl codebase (Go only) any language tied to Kubernetes release cycle release at your own pace has to be consistent with kubectl has room for creativity takes O(months)..O(years) from alpha→beta→stable develop & distribute in O(hours) 24
  25. @ahmetb 6. people are creative 25

  26. @ahmetb 26

  27. @ahmetb ...even GUI-based plugins 27

  28. @ahmetb 7. allow safe experimentation 28

  29. @ahmetb ➔ deprecating a kubectl command is painful. ➔ let

    people experiment, graduate successful ones. experimentation 29
  30. @ahmetb DEVELOPING PLUGINS 30

  31. @ahmetb kubectl plugin mechanism in a nutshell 1. write an

    executable program 2. name it kubectl-something 3. put it in your $PATH 4. invoke as "kubectl something" 31
  32. @ahmetb demo: let's develop a plugin! git.k8s.io/sample-cli-plugin 32

  33. @ahmetb "kubectl a b c" → is "a" builtin command?

    → kubectl-a-b-c ? → kubectl-a-b ? → kubectl-a ? plugin lookup 33
  34. @ahmetb plugin execution runtime 1. look for the plugin executable

    in PATH 2. execve() syscall replace kubectl with the plugin process ◆ inherit environment variables ◆ inherit standard streams ◆ determine exitcode of kubectl invocation 34
  35. @ahmetb why develop a kubectl plugin? 35

  36. @ahmetb your tool has a weird name and it's not

    very memorable rakkess kubectl access-matrix ketall kubectl get-all ksort kubectl sort-manifests kail kubectl tail feels more natural 36
  37. @ahmetb kubectl is missing a feature 37

  38. @ahmetb kubectl is missing a feature 38

  39. @ahmetb kubectl is missing a feature 39

  40. @ahmetb address shortcomings of kubectl kubectl get all: lies to

    you plugin: tells you the truth 40
  41. @ahmetb enhances existing kubectl command builtin: query one resource at

    a time plugin: shows a matrix of all capabilities 41
  42. @ahmetb enhances existing kubectl command plugin: queries for all subjects

    in the cluster builtin: query one user at a time 42
  43. @ahmetb so you have a plugin, now what? ➔ packaging

    ➔ distribution ➔ release 43
  44. @ahmetb plugin developer problems • How can people hear about

    my plugin? • How can I package my plugin for others to install? • How can I deliver updates? If you're a kubectl plugin developer, Krew solves these problems. 44
  45. @ahmetb packaging/distribution user plugin 45

  46. @ahmetb packaging/distribution macOS windows linux Chocolatey Homebrew MacPorts apt yum/dnf

    pacman apk ... user plugin 46
  47. @ahmetb Krew to rescue! user plugin Krew 47

  48. @ahmetb Without krew https://github.com/guessi/kubectl-grep how to update? how to uninstall?

    48
  49. @ahmetb ...users to: • install plugins • keep them up

    to date • remove plugins cleanly ...developers to: • make their plugins discoverable by users • package their plugins for multiple platforms • deliver updates Krew helps... 49
  50. @ahmetb Krew currently operates with a centralized package index. sigs.k8s.io/krew-index

    centralized discovery 50
  51. @ahmetb packaging & distributing with Krew 1. make your plugin

    available as a .tar.gz or .zip archive 2. write a plugin manifest 3. submit a pull request to krew-index 4. party! 51
  52. @ahmetb plugin manifest apiVersion: krew.googlecontainertools.github.com/v1alpha2 kind: Plugin metadata: name: "access-matrix"

    spec: version: "v0.4.0" homepage: "https://github.com/corneliusweig/rakkess" platforms: - <PLATFORM1> - <PLATFORM2> - <PLATFORM3> - ... 52
  53. @ahmetb ... # continued spec: platforms: - selector: matchLabels: os:

    linux arch: amd64 uri: https://github.com/corneliusweig/rakkess/releases/v0.4.0/bundle.tar.gz sha256: 7a16c61dfc4e2924fdedc894d59db7820bc4643a58d9a853c4eb83eadd4deee8 files: - from: ./rakkess_linux-amd64 to: ./rakkess - from: ./LICENSE to: "." bin: ./rakkess plugin manifest - platform 53
  54. @ahmetb recipes for success 1. name your plugin for clarity

    (see Krew Naming Guide) 2. reuse flags/options and KUBECONFIG detection from k8s.io/cli-runtime/pkg/genericclioptions 3. import auth plugins for cloud clusters import _ "k8s.io/client-go/plugin/pkg/client/auth" 54
  55. @ahmetb wrap up 55

  56. @ahmetb Join us make kubectl plugins better! • Become a

    kubectl plugin developer, submit your plugins to Krew.dev. • Join developing the Krew project. ◦ you don’t need to be a Kubernetes expert ◦ clean and young codebase ◦ low bug count, high creativity • Bring your ideas to Kubernetes SIG CLI. 56
  57. @ahmetb thanks! sigs.k8s.io/krew git.k8s.io/sample-cli-plugin twitter.com/ahmetb github.com/ahmetb 57