Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Writing Kubenetes tools in Go

Daisuke Fujita
June 20, 2016
Programming
1
3.2k

Writing Kubenetes tools in Go

Kubernetes Meetup Tokyo #2 http://k8sjp.connpass.com/event/33508/ の発表資料です

Daisuke Fujita

June 20, 2016
Tweet

More Decks by Daisuke Fujita

See All by Daisuke Fujita
SREcon19 Asia/Pacific Recap
dtan4
0
140
Our Practices of Delegating Ownership in Microservices World
dtan4
4
8.6k
Kubernetes Cluster Upgrade / Mercari Meetup for Microservices Platform
dtan4
3
4.1k
KubeCon EU 2018 Recap: Multi-Tenancy in Kubernetes: 
Best Practices Today, and Future Directions / Kubernetes Meetup Tokyo 11 #k8sjp
dtan4
1
1.7k
Wantedly から Chef を一掃した話 / #chibadan
dtan4
24
11k
さようなら Chef こんにちは Dockerfile / Web Tech Tokyo #1
dtan4
6
6.8k
Docker をフル活用したインフラの紹介と成長し続けるためのインフラ戦略 / #abejameetup
dtan4
19
3.8k
Docker Compose PaaS の作り方、そして社内に導入した話 / #yapc8oji
dtan4
1
7.6k
最近の wercker 便利って話 #tqrk10
dtan4
2
850

Other Decks in Programming

See All in Programming
Construindo APIs resilientes: práticas de versionamento e documentação
monicaribeiro
0
110
新卒研修でNext.js AppRouterを導入した 学びと反省
iuchimasatoshi
1
220
まず Container より始めよ
honey32
9
3k
Compose 첫 걸음 || Compose Migration
juhyung
2
100
マイクロサービス環境におけるToilを削減するTerraformの活用 in DMMプラットフォーム
pospome
1
220
第6回 AWSとGitHub勉強会 - AWS ECS Fargate環境の構築 -
ogiwarat
0
140
Compose Multiplatform 101
dalinaum
2
380
Unit of Workパターンで永続化とトランザクションを制御する
shimabox
7
1.5k
Build Backwards-Compatible REST APIs with Rolling Versions
subomi
0
140
実践!Swift API Design Guidelinesに基づいた簡潔明瞭なAPIの作り方
jrsaruo
1
240
Context Window のお話
schroneko
1
140
Help Collisions, Isolate the Worlds
tagomoris
0
100

Featured

See All Featured
Principles of Awesome APIs and How to Build Them.
keavy
119
16k
KATA
mclloyd
13
11k
RailsConf 2023
tenderlove
0
240
Building Effective Engineering Teams - LeadDev
addyosmani
21
950
Building Adaptive Systems
keathley
29
1.6k
Adopting Sorbet at Scale
ufuk
66
8.1k
Streamline your AJAX requests with AmplifyJS and jQuery
dougneiner
130
9k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
10
1.2k
Designing with Data
zakiwarfel
93
4.5k
Designing Experiences People Love
moore
133
22k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
152
14k
Product Roadmaps are Hard
iamctodd
42
8.7k

Transcript

  1. Writing Kubernetes tools
    in Go

    ,VCFSOFUFT.FFUVQ5PLZP
    %BJTVLF'VKJUB!EUBO

    View Slide

  2. Daisuke Fujita
    @dtan4

    View Slide

  3. $ k8sec
    CLI tool to manage Kubernetes Secrets easily

    View Slide

  4. k8sec
    • Kubernetes Secret Λखܰʹ͍͡Δπʔϧ

    • Interface like Heroku CLI (heroku config)

    • Written in Go
    dtan4/k8sec
    $ k8sec \
    [--kubeconfig KUBECONFIG] \
    [--namespace NAMESPACE] \
    ARGS

    View Slide

  5. Why k8sec?
    • Secret ΛΞϓϦέʔγϣϯͷ؀ڥม਺ʹ࢖͍͍ͨ

    • kubectl Ͱ΍Δͱ໘౗ͩͬͨ

    • kubectl ͩͱҰൃͰ list, update Ͱ͖ͳ͍

    • Ұ౓ YAML ʹు͍ͯ replace
    http://kubernetes.io/docs/user-guide/secrets/#using-secrets-as-environment-variables
    $ kubectl create secret generic my-secret \
    --from-literal=key1=supersecret \
    --from-literal=key2=topsecret
    $ kubectl get secret registrykey -o json \
    | jq -r '.data[".dockercfg"]' | base64 -D

    View Slide

  6. k8sec
    $ k8sec list rails
    NAME TYPE KEY VALUE
    rails Opaque database-url "postgres://example.com:5432/dbname"
    # Show values as base64-encoded string
    $ k8sec list --base64 rails
    NAME TYPE KEY VALUE
    rails Opaque database-url cG9zdGdyZXM6Ly9leGFtcGxlLmNvbTo1NDMyL2RibmFtZQ==
    Ұཡදࣔ list

    dtan4/k8sec

    View Slide

  7. k8sec
    # Set secret
    $ k8sec set rails rails-env=production
    rails
    # Pass base64-encoded value
    $ echo dtan4 | base64
    ZHRhbjQK
    $ k8sec set --base64 rails foo=ZHRhbjQK
    rails
    $ k8sec list rails
    NAME TYPE KEY VALUE
    rails Opaque database-url "postgres://example.com:5432/dbname"
    rails Opaque foo "dtan4\n"
    # Unset secret
    $ k8sec unset rails rails-env
    ઃఆɺղআ set,unset

    dtan4/k8sec

    View Slide

  8. k8sec
    # Save as .env
    $ k8sec save -f .env rails
    $ cat .env
    database-url="postgres://example.com:5432/dbname"
    # Load .env
    $ k8sec load -f .env rails
    LFZWBMVFFOW load,save

    dtan4/k8sec

    View Slide

  9. Why k8sec?
    • Secret ΛΞϓϦέʔγϣϯͷ؀ڥม਺ʹ࢖͍͍ͨ

    • kubectl Ͱ΍Δͱ໘౗ͩͬͨ

    • kubectl ͩͱҰൃͰ list, update Ͱ͖ͳ͍

    • Ұ౓ YAML ʹు͍ͯ replace
    http://kubernetes.io/docs/user-guide/secrets/#using-secrets-as-environment-variables
    $ kubectl create secret generic my-secret \
    --from-literal=key1=supersecret \
    --from-literal=key2=topsecret
    $ kubectl get secret registrykey -o json \
    | jq -r '.data[".dockercfg"]' | base64 -D

    View Slide

  10. kubectl
    • ສೳʂ

    • API ΂ͬͨΓͳͷͰɺ࣮ӡ༻Ͱ͸࢖͍ʹ͍͘෦෼΋

    • ඇӡ༻ଆ (e.g. Rails developer) ͕৮Δʹ͸

    ֶशίετ͕ߴ͍…ʁ

    => ࣗ෼ͨͪͷཁٻʹదͨ͠ wrapper Λ࡞Ζ͏

    View Slide

  11. kubectl wrapper
    • ଞݴޠ͔Β kubectl ίϚϯυΛ௚઀ୟ͘ͷ͸

    εϚʔτ͡Όͳ͍

    • kubectl ͬͯཁ͢Δʹ 

    Kubernetes API ΫϥΠΞϯτͰ͢ΑͶ

    • ௚઀ API Λୟ͘Α͏ʹ͢Ε͹͍͍ͷͰ͸…ʁ

    View Slide

  12. Kubernetes API Client
    Library
    https://github.com/kubernetes/kubernetes/blob/master/docs/devel/client-libraries.md

    View Slide

  13. k8s.io/kubernetes/pkg/client
    Official Kubernetes API client library

    View Slide

  14. API ΫϥΠΞϯτ࡞੒
    loadingRules := clientcmd.NewDefaultClientConfigLoadingRules()
    loadingRules.ExplicitPath = clientcmd.RecommendedHomeFile
    loader := clientcmd.NewNonInteractiveDeferredLoadingClientConfig(loadingRules,
    &clientcmd.ConfigOverrides{})
    clientConfig, err := loader.ClientConfig()
    if err != nil {
    return nil, err
    }
    kubeClient, err := client.New(clientConfig)
    if err != nil {
    return nil, err
    }
    import (
    "k8s.io/kubernetes/pkg/api"
    client "k8s.io/kubernetes/pkg/client/unversioned"
    "k8s.io/kubernetes/pkg/client/unversioned/clientcmd"
    )

    View Slide

  15. API ΫϥΠΞϯτ࡞੒
    loadingRules.ExplicitPath = clientcmd.RecommendedHomeFile
    • loadingRules.ExplicitPath ʹ

    ίϯϑΟάϑΝΠϧͷύεΛࢦఆ

    • RecommendedHomeFile == ~/.kube/config
    https://github.com/kubernetes/kubernetes/blob/master/pkg/client/unversioned/clientcmd/loader.go

    View Slide

  16. API ݺͼग़͠
    pods, err :=
    kubeClient.Pods(api.NamespaceDefault).List(api.ListOptions{})
    • ·ͣ Pods, Secret ͷΑ͏ʹϦιʔεࢦఆ
    w Ҿ਺͸/BNFTQBDF
    • api.NamespaceDefault == "default"
    • api.NamespaceSystem == "system"
    w ϦιʔεʹνΣΠϯͯ͠ૢ࡞Λࢦఆ
    • Get(name), List
    kubeClient..
    https://github.com/kubernetes/kubernetes/blob/4a78db61370df83a37957490749f7d171b00c28a/pkg/api/types.go#L154-L161

    View Slide

  17. Pod ҰཡΛग़ྗ
    for _, pod := range pods.Items {
    fmt.Println(pod.Name)
    }
    hello-world-e2d3x
    wordpress-mysql-488205646-t6v4k

    View Slide

  18. ஫ҙ
    • k8s.io/kubernetes ͸ Kubernetes ຊମͷϦϙδτϦ
    ͳͷͰɺͰ͔ͯ͘ॏ͍ (400 Mbyte ~)

    • github.com/docker/docker ΋ґଘͯ͠Δ

    • Godeps Έ͍ͨʹ vendoring ΛϦϙδτϦʹؚΊΔ

    ৔߹͸ཁ஫ҙ

    • glide ࢖͓͏

    • kubectl ͷιʔε (pkg/kubectl) Λಡ΋͏

    View Slide

  19. ·ͱΊ
    • Secret Λ؆୯ʹѻ͑Δ k8sec ͱ͍͏πʔϧΛ

    ࡞Γ·ͨ͠

    • Go ͷ API client library Λ࢖ͬͯɺKubernetes Λ

    ௚઀ૢ࡞͢Δํ๏Λ঺հ͠·ͨ͠

    • ܅͚ͩͷ Kubernetes tool Λ࡞Ζ͏

    View Slide