Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Making kubectl plugins mainstream

Making kubectl plugins mainstream

It's the end of 2019 and kubectl plugins are finally gaining steam. Krew plugin manager for kubectl (https://krew.dev) is now hosting over 60 plugins (doubling every 6 months).
This talk is an introduction to kubectl plugin mechanism, and best practices for developing plugins.

Presented at KubeCon 2019 North America, San Diego, CA by @ahmetb.

Ahmet Alp Balkan

November 21, 2019
Tweet

More Decks by Ahmet Alp Balkan

Other Decks in Technology

Transcript

  1. @ahmetb
    making
    kubectl plugins
    mainstream
    ahmet alp balkan (@ahmetb)
    google cloud

    View Slide

  2. @ahmetb
    @ahmetb on {twitter, github}
    ➔ ported docker.exe, docker maintainer ~2015
    ➔ started Azure Container Registry ~2016
    ➔ developer advocate @ Google ~2017
    working on Google Cloud Run, Knative, dev tools
    ➔ kubectx & kubens & kubectl-aliases
    ➔ Google’s microservices-demo
    ➔ kubectl plugin manager krew.dev
    about me
    2

    View Slide

  3. @ahmetb
    agenda
    1. kubectl plugins 101
    2. krew (plugin manager) overview
    3. why did we need plugins?
    4. let's develop a plugin
    5. plugin runtime
    6. why develop a plugin?
    7. how to distribute your plugins
    8. best practices for writing plugins
    user
    developer
    3

    View Slide

  4. @ahmetb
    USING
    PLUGINS
    4

    View Slide

  5. @ahmetb
    kubectl plugins
    circa v1.12
    an extension mechanism
    that lets you write
    your own kubectl subcommands.
    5

    View Slide

  6. @ahmetb
    kubectl plugin mechanism
    in a nutshell
    1. write an executable program
    2. name it kubectl-something
    3. put it in your $PATH
    4. invoke as "kubectl something"
    6

    View Slide

  7. @ahmetb
    where do I
    find plugins?
    - github?
    - some list?
    - package manager?
    7

    View Slide

  8. @ahmetb
    Krew
    the missing plugin manager for kubectl
    Kubernetes SIG CLI sub-project
    https://krew.dev
    (sigs.k8s.io/krew)
    8

    View Slide

  9. @ahmetb
    What is Krew?
    - Functionality
    - discover plugins
    - install plugins
    - update plugins
    - remove plugins
    - Started in 2018 as an intern project at Google Cloud.
    - Donated to Kubernetes project in May 2019.
    - Not an actual package manager
    - Doesn't handle dependencies.
    9

    View Slide

  10. @ahmetb
    kubectl plugins on Krew
    KubeCon 2018 Seattle
    Today
    KubeCon 2019 EU
    10

    View Slide

  11. @ahmetb
    kubectl plugins on Krew
    KubeCon 2018 Seattle
    Today
    KubeCon 2019 EU
    11

    View Slide

  12. @ahmetb
    demo: let's try
    krew
    12

    View Slide

  13. @ahmetb
    why did we need
    kubectl plugins?
    13

    View Slide

  14. @ahmetb
    1.
    people want to add
    new sub-commands
    to kubectl
    14

    View Slide

  15. @ahmetb
    15

    View Slide

  16. @ahmetb
    2.
    everybody has
    opinions
    16

    View Slide

  17. @ahmetb
    17

    View Slide

  18. @ahmetb
    3.
    reaching consensus
    in open source
    is not trivial
    18

    View Slide

  19. @ahmetb
    19

    View Slide

  20. @ahmetb
    20

    View Slide

  21. @ahmetb
    4.
    we cannot solve
    everything in the
    kubernetes core
    21

    View Slide

  22. @ahmetb
    Storage plugins
    Network plugins
    Custom controllers
    Scheduler extension/
    custom scheduler
    Custom resources (CRD)
    API Access Extensions
    (Admission webhooks,
    authentication webhook,
    authz/RBAC webhooks)
    kubernetes.io/docs/concepts/extend-kubernetes/extend-cluster
    Kubectl Plugins
    22

    View Slide

  23. @ahmetb
    5.
    kubernetes core
    moves slower
    23

    View Slide

  24. @ahmetb
    official command plugin
    KEP + approval no approvals
    usefulness and stability no restrictions
    hosted in kubectl codebase
    (Go only)
    any language
    tied to Kubernetes release cycle release at your own pace
    has to be consistent with kubectl has room for creativity
    takes O(months)..O(years)
    from alpha→beta→stable
    develop & distribute
    in O(hours)
    24

    View Slide

  25. @ahmetb
    6.
    people are
    creative
    25

    View Slide

  26. @ahmetb
    26

    View Slide

  27. @ahmetb
    ...even GUI-based plugins
    27

    View Slide

  28. @ahmetb
    7.
    allow safe
    experimentation
    28

    View Slide

  29. @ahmetb
    ➔ deprecating a kubectl command is painful.
    ➔ let people experiment, graduate successful ones.
    experimentation
    29

    View Slide

  30. @ahmetb
    DEVELOPING
    PLUGINS
    30

    View Slide

  31. @ahmetb
    kubectl plugin mechanism
    in a nutshell
    1. write an executable program
    2. name it kubectl-something
    3. put it in your $PATH
    4. invoke as "kubectl something"
    31

    View Slide

  32. @ahmetb
    demo: let's develop a plugin!
    git.k8s.io/sample-cli-plugin
    32

    View Slide

  33. @ahmetb
    "kubectl a b c"
    → is "a" builtin command?
    → kubectl-a-b-c ?
    → kubectl-a-b ?
    → kubectl-a ?
    plugin lookup
    33

    View Slide

  34. @ahmetb
    plugin execution runtime
    1. look for the plugin executable in PATH
    2. execve() syscall
    replace kubectl with the plugin process
    ◆ inherit environment variables
    ◆ inherit standard streams
    ◆ determine exitcode of kubectl invocation
    34

    View Slide

  35. @ahmetb
    why develop a kubectl plugin?
    35

    View Slide

  36. @ahmetb
    your tool has a weird name
    and it's not very memorable
    rakkess kubectl access-matrix
    ketall kubectl get-all
    ksort kubectl sort-manifests
    kail kubectl tail
    feels more natural
    36

    View Slide

  37. @ahmetb
    kubectl is missing a feature
    37

    View Slide

  38. @ahmetb
    kubectl is missing a feature
    38

    View Slide

  39. @ahmetb
    kubectl is missing a feature
    39

    View Slide

  40. @ahmetb
    address shortcomings of kubectl
    kubectl get all:
    lies to you
    plugin: tells you the truth
    40

    View Slide

  41. @ahmetb
    enhances existing kubectl command
    builtin: query one
    resource at a time
    plugin: shows a matrix
    of all capabilities
    41

    View Slide

  42. @ahmetb
    enhances existing kubectl command
    plugin: queries for all
    subjects in the cluster
    builtin: query one
    user at a time
    42

    View Slide

  43. @ahmetb
    so you have a
    plugin, now what?
    ➔ packaging
    ➔ distribution
    ➔ release
    43

    View Slide

  44. @ahmetb
    plugin developer problems
    ● How can people hear about my plugin?
    ● How can I package my plugin for others to install?
    ● How can I deliver updates?
    If you're a kubectl plugin developer,
    Krew solves these problems.
    44

    View Slide

  45. @ahmetb
    packaging/distribution
    user
    plugin
    45

    View Slide

  46. @ahmetb
    packaging/distribution
    macOS
    windows
    linux
    Chocolatey
    Homebrew
    MacPorts
    apt
    yum/dnf
    pacman
    apk
    ...
    user
    plugin
    46

    View Slide

  47. @ahmetb
    Krew to rescue!
    user
    plugin
    Krew
    47

    View Slide

  48. @ahmetb
    Without krew
    https://github.com/guessi/kubectl-grep
    how to update?
    how to uninstall?
    48

    View Slide

  49. @ahmetb
    ...users to:
    ● install plugins
    ● keep them up to date
    ● remove plugins cleanly
    ...developers to:
    ● make their plugins discoverable by users
    ● package their plugins for multiple platforms
    ● deliver updates
    Krew helps...
    49

    View Slide

  50. @ahmetb
    Krew currently operates with a
    centralized package index.
    sigs.k8s.io/krew-index
    centralized discovery
    50

    View Slide

  51. @ahmetb
    packaging & distributing with Krew
    1. make your plugin available as a .tar.gz or .zip archive
    2. write a plugin manifest
    3. submit a pull request to krew-index
    4. party!
    51

    View Slide

  52. @ahmetb
    plugin manifest
    apiVersion: krew.googlecontainertools.github.com/v1alpha2
    kind: Plugin
    metadata:
    name: "access-matrix"
    spec:
    version: "v0.4.0"
    homepage: "https://github.com/corneliusweig/rakkess"
    platforms:
    -
    -
    -
    - ...
    52

    View Slide

  53. @ahmetb
    ... # continued
    spec:
    platforms:
    - selector:
    matchLabels:
    os: linux
    arch: amd64
    uri: https://github.com/corneliusweig/rakkess/releases/v0.4.0/bundle.tar.gz
    sha256: 7a16c61dfc4e2924fdedc894d59db7820bc4643a58d9a853c4eb83eadd4deee8
    files:
    - from: ./rakkess_linux-amd64
    to: ./rakkess
    - from: ./LICENSE
    to: "."
    bin: ./rakkess
    plugin manifest - platform
    53

    View Slide

  54. @ahmetb
    recipes for success
    1. name your plugin for clarity
    (see Krew Naming Guide)
    2. reuse flags/options and KUBECONFIG detection from
    k8s.io/cli-runtime/pkg/genericclioptions
    3. import auth plugins for cloud clusters
    import _ "k8s.io/client-go/plugin/pkg/client/auth"
    54

    View Slide

  55. @ahmetb
    wrap up
    55

    View Slide

  56. @ahmetb
    Join us make kubectl plugins better!
    ● Become a kubectl plugin developer,
    submit your plugins to Krew.dev.
    ● Join developing the Krew project.
    ○ you don’t need to be a Kubernetes expert
    ○ clean and young codebase
    ○ low bug count, high creativity
    ● Bring your ideas to Kubernetes SIG CLI.
    56

    View Slide

  57. @ahmetb
    thanks!
    sigs.k8s.io/krew
    git.k8s.io/sample-cli-plugin
    twitter.com/ahmetb
    github.com/ahmetb
    57

    View Slide