Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Writing Kubenetes tools in Go
Search
Daisuke Fujita
June 20, 2016
Programming
1
3.5k
Writing Kubenetes tools in Go
Kubernetes Meetup Tokyo #2
http://k8sjp.connpass.com/event/33508/
の発表資料です
Daisuke Fujita
June 20, 2016
Tweet
Share
More Decks by Daisuke Fujita
See All by Daisuke Fujita
SREcon19 Asia/Pacific Recap
dtan4
0
170
Our Practices of Delegating Ownership in Microservices World
dtan4
4
8.8k
Kubernetes Cluster Upgrade / Mercari Meetup for Microservices Platform
dtan4
3
4.6k
KubeCon EU 2018 Recap: Multi-Tenancy in Kubernetes: Best Practices Today, and Future Directions / Kubernetes Meetup Tokyo 11 #k8sjp
dtan4
1
1.8k
Wantedly から Chef を一掃した話 / #chibadan
dtan4
24
11k
さようなら Chef こんにちは Dockerfile / Web Tech Tokyo #1
dtan4
6
7.1k
Docker をフル活用したインフラの紹介と成長し続けるためのインフラ戦略 / #abejameetup
dtan4
19
3.9k
Docker Compose PaaS の作り方、そして社内に導入した話 / #yapc8oji
dtan4
1
8.3k
最近の wercker 便利って話 #tqrk10
dtan4
2
930
Other Decks in Programming
See All in Programming
負債になりにくいCSSをデザイナとつくるには?
fsubal
10
2.6k
Ruby on cygwin 2025-02
fd0
0
180
PHPカンファレンス名古屋2025 タスク分解の試行錯誤〜レビュー負荷を下げるために〜
soichi
1
680
2025.2.14_Developers Summit 2025_登壇資料
0101unite
0
200
第3回関東Kaggler会_AtCoderはKaggleの役に立つ
chettub
3
1.2k
XStateを用いた堅牢なReact Components設計~複雑なClient Stateをシンプルに~ @React Tokyo ミートアップ #2
kfurusho
1
990
Django NinjaによるAPI開発の効率化とリプレースの実践
kashewnuts
1
250
.NET Frameworkでも汎用ホストが使いたい!
tomokusaba
0
200
kintone開発を効率化するためにチームで試した施策とその結果を大放出!
oguemon
0
160
React 19アップデートのために必要なこと
uhyo
8
1.5k
Rubyで始める関数型ドメインモデリング
shogo_tksk
0
140
Jakarta EE meets AI
ivargrimstad
0
360
Featured
See All Featured
Automating Front-end Workflow
addyosmani
1368
200k
Practical Orchestrator
shlominoach
186
10k
Speed Design
sergeychernyshev
27
810
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
356
29k
Building an army of robots
kneath
303
45k
Six Lessons from altMBA
skipperchong
27
3.6k
Product Roadmaps are Hard
iamctodd
PRO
50
11k
4 Signs Your Business is Dying
shpigford
182
22k
Into the Great Unknown - MozCon
thekraken
35
1.6k
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
addyosmani
4
380
Docker and Python
trallard
44
3.3k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
226
22k
Transcript
Writing Kubernetes tools in Go ,VCFSOFUFT.FFUVQ5PLZP %BJTVLF'VKJUB!EUBO
Daisuke Fujita @dtan4
$ k8sec CLI tool to manage Kubernetes Secrets easily
k8sec • Kubernetes Secret Λखܰʹ͍͡Δπʔϧ • Interface like Heroku CLI
(heroku config) • Written in Go dtan4/k8sec $ k8sec <command> \ [--kubeconfig KUBECONFIG] \ [--namespace NAMESPACE] \ ARGS
Why k8sec? • Secret ΛΞϓϦέʔγϣϯͷڥมʹ͍͍ͨ • kubectl ͰΔͱ໘ͩͬͨ • kubectl
ͩͱҰൃͰ list, update Ͱ͖ͳ͍ • Ұ YAML ʹు͍ͯ replace http://kubernetes.io/docs/user-guide/secrets/#using-secrets-as-environment-variables $ kubectl create secret generic my-secret \ --from-literal=key1=supersecret \ --from-literal=key2=topsecret $ kubectl get secret registrykey -o json \ | jq -r '.data[".dockercfg"]' | base64 -D
k8sec $ k8sec list rails NAME TYPE KEY VALUE rails
Opaque database-url "postgres://example.com:5432/dbname" # Show values as base64-encoded string $ k8sec list --base64 rails NAME TYPE KEY VALUE rails Opaque database-url cG9zdGdyZXM6Ly9leGFtcGxlLmNvbTo1NDMyL2RibmFtZQ== Ұཡදࣔ list dtan4/k8sec
k8sec # Set secret $ k8sec set rails rails-env=production rails
# Pass base64-encoded value $ echo dtan4 | base64 ZHRhbjQK $ k8sec set --base64 rails foo=ZHRhbjQK rails $ k8sec list rails NAME TYPE KEY VALUE rails Opaque database-url "postgres://example.com:5432/dbname" rails Opaque foo "dtan4\n" # Unset secret $ k8sec unset rails rails-env ઃఆɺղআ set,unset dtan4/k8sec
k8sec # Save as .env $ k8sec save -f .env
rails $ cat .env database-url="postgres://example.com:5432/dbname" # Load .env $ k8sec load -f .env rails LFZWBMVFFOW load,save dtan4/k8sec
Why k8sec? • Secret ΛΞϓϦέʔγϣϯͷڥมʹ͍͍ͨ • kubectl ͰΔͱ໘ͩͬͨ • kubectl
ͩͱҰൃͰ list, update Ͱ͖ͳ͍ • Ұ YAML ʹు͍ͯ replace http://kubernetes.io/docs/user-guide/secrets/#using-secrets-as-environment-variables $ kubectl create secret generic my-secret \ --from-literal=key1=supersecret \ --from-literal=key2=topsecret $ kubectl get secret registrykey -o json \ | jq -r '.data[".dockercfg"]' | base64 -D
kubectl • ສೳʂ • API ͬͨΓͳͷͰɺ࣮ӡ༻Ͱ͍ʹ͍͘෦ • ඇӡ༻ଆ (e.g. Rails
developer) ͕৮Δʹ ֶशίετ͕ߴ͍…ʁ => ࣗͨͪͷཁٻʹదͨ͠ wrapper Λ࡞Ζ͏
kubectl wrapper • ଞݴޠ͔Β kubectl ίϚϯυΛୟ͘ͷ εϚʔτ͡Όͳ͍ • kubectl ͬͯཁ͢Δʹ
Kubernetes API ΫϥΠΞϯτͰ͢ΑͶ • API Λୟ͘Α͏ʹ͢Ε͍͍ͷͰ…ʁ
Kubernetes API Client Library https://github.com/kubernetes/kubernetes/blob/master/docs/devel/client-libraries.md
k8s.io/kubernetes/pkg/client Official Kubernetes API client library
API ΫϥΠΞϯτ࡞ loadingRules := clientcmd.NewDefaultClientConfigLoadingRules() loadingRules.ExplicitPath = clientcmd.RecommendedHomeFile loader :=
clientcmd.NewNonInteractiveDeferredLoadingClientConfig(loadingRules, &clientcmd.ConfigOverrides{}) clientConfig, err := loader.ClientConfig() if err != nil { return nil, err } kubeClient, err := client.New(clientConfig) if err != nil { return nil, err } import ( "k8s.io/kubernetes/pkg/api" client "k8s.io/kubernetes/pkg/client/unversioned" "k8s.io/kubernetes/pkg/client/unversioned/clientcmd" )
API ΫϥΠΞϯτ࡞ loadingRules.ExplicitPath = clientcmd.RecommendedHomeFile • loadingRules.ExplicitPath ʹ ίϯϑΟάϑΝΠϧͷύεΛࢦఆ •
RecommendedHomeFile == ~/.kube/config https://github.com/kubernetes/kubernetes/blob/master/pkg/client/unversioned/clientcmd/loader.go
API ݺͼग़͠ pods, err := kubeClient.Pods(api.NamespaceDefault).List(api.ListOptions{}) • ·ͣ Pods, Secret
ͷΑ͏ʹϦιʔεࢦఆ w Ҿ/BNFTQBDF • api.NamespaceDefault == "default" • api.NamespaceSystem == "system" w ϦιʔεʹνΣΠϯͯ͠ૢ࡞Λࢦఆ • Get(name), List kubeClient.<resource>.<operation> https://github.com/kubernetes/kubernetes/blob/4a78db61370df83a37957490749f7d171b00c28a/pkg/api/types.go#L154-L161
Pod ҰཡΛग़ྗ for _, pod := range pods.Items { fmt.Println(pod.Name)
} hello-world-e2d3x wordpress-mysql-488205646-t6v4k
ҙ • k8s.io/kubernetes Kubernetes ຊମͷϦϙδτϦ ͳͷͰɺͰ͔ͯ͘ॏ͍ (400 Mbyte ~)
• github.com/docker/docker ґଘͯ͠Δ • Godeps Έ͍ͨʹ vendoring ΛϦϙδτϦʹؚΊΔ ߹ཁҙ • glide ͓͏ • kubectl ͷιʔε (pkg/kubectl) Λಡ͏
·ͱΊ • Secret Λ؆୯ʹѻ͑Δ k8sec ͱ͍͏πʔϧΛ ࡞Γ·ͨ͠ • Go ͷ
API client library ΛͬͯɺKubernetes Λ ૢ࡞͢Δํ๏Λհ͠·ͨ͠ • ܅͚ͩͷ Kubernetes tool Λ࡞Ζ͏