Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
CoreOS NYC Meetup
Search
Eugene Yakubovich
July 28, 2015
Technology
2
270
CoreOS NYC Meetup
Under the hood of Tectonic and the CoreOS ecosystem
Eugene Yakubovich
July 28, 2015
Tweet
Share
More Decks by Eugene Yakubovich
See All by Eugene Yakubovich
Container Network Interface: Network plugins for Kubernetes and beyond
eyakubovich
0
280
From network namespace to fabric overlay
eyakubovich
0
44
Other Decks in Technology
See All in Technology
多野優介
tanoyusuke
1
440
組織観点から IAM Identity CenterとIAMの設計を考える
nrinetcom
PRO
1
180
Goに育てられ開発者向けセキュリティ事業を立ち上げた僕が今向き合う、AI × セキュリティの最前線 / Go Conference 2025
flatt_security
0
350
【新卒研修資料】LLM・生成AI研修 / Large Language Model・Generative AI
brainpadpr
24
17k
Access-what? why and how, A11Y for All - Nordic.js 2025
gdomiciano
1
110
Pure Goで体験するWasmの未来
askua
1
180
Exadata Database Service on Dedicated Infrastructure(ExaDB-D) UI スクリーン・キャプチャ集
oracle4engineer
PRO
2
5.4k
PLaMo2シリーズのvLLM実装 / PFN LLM セミナー
pfn
PRO
2
980
AIが書いたコードをAIが検証する!自律的なモバイルアプリ開発の実現
henteko
1
340
GC25 Recap+: Advancing Go Garbage Collection with Green Tea
logica0419
1
410
Shirankedo NOCで見えてきたeduroam/OpenRoaming運用ノウハウと課題 - BAKUCHIKU BANBAN #2
marokiki
0
150
自動テストのコストと向き合ってみた
qa
0
150
Featured
See All Featured
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
31
2.5k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
114
20k
Context Engineering - Making Every Token Count
addyosmani
5
180
Build your cross-platform service in a week with App Engine
jlugia
232
18k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
46
7.6k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
229
22k
Building Better People: How to give real-time feedback that sticks.
wjessup
368
20k
Why Our Code Smells
bkeepers
PRO
339
57k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
45
2.5k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
507
140k
How to Think Like a Performance Engineer
csswizardry
27
2k
A designer walks into a library…
pauljervisheath
209
24k
Transcript
Eugene Yakubovich Software Developer Maintainer of flannel @eyakubovich Under the
hood of Tectonic
Under the hood of tectonic CoreOS Linux CoreOS projects (etcd,
fleet, flannel) Kubernetes Tectonic layer
What is CoreOS Linux?
kernel systemd etcd ssh docker python java nginx mysql openssl
app tro distro distro distro distro distro
kernel systemd etcd ssh docker python java nginx mysql openssl
app tro distro distro distro distro distro
tro distro distro distro distro distro python openssl-A app1 java
openssl-B app2 java openssl-B app3 kernel systemd etcd ssh docker
tro distro distro distro distro distro python openssl-A app1 java
openssl-B app2 java openssl-B app3 CoreOS
tro distro distro distro distro distro CoreOS container container container
atomic with rollback auto updates
None
None
None
None
PUT /v2/keys/foo HTTP/1.1 value=bar
GET /v2/keys/foo HTTP/1.1 {“node”: {“value”: “bar”}}
Fault Tolerant Distributed K/V Store
fleet
None
None
None
10.0.16.0/24 10.0.24.0/24 10.0.71.0/24
10.0.16.0/24 10.0.24.0/24 10.0.71.0/24 10.0.16.2 10.0.24.3
None
$ rkt run example.com/app:v2.0.0 rkt: searching for app image example.com/app:v2.0.0
rkt: fetching image from https://example.com/app-v2.0.0-linux-amd64.aci Downloading signature from https://example.com/app-v2.0.0-linux-amd64.aci.asc Downloading ACI: [=================] 3.79 MB/3.79 MB openpgp: signature made by unknown entity
$ rkt run example.com/app:v2.0.0 rkt: searching for app image example.com/app:v2.0.0
rkt: fetching image from https://example.com/app-v2.0.0-linux-amd64.aci Downloading signature from https://example.com/app-v2.0.0-linux-amd64.aci.asc Downloading ACI: [=================] 3.79 MB/3.79 MB openpgp: signature made by unknown entity $ rkt trust --prefix example.com/app https://example.com/pubkeys.gpg Prefix: "example.com/app" Key: "https://example.com/pubkeys.gpg" GPG key fingerprint is: 8B86 DE38 890D DB72 9186 7B02 5210 BD88 8818 2190 ACI Builder <
[email protected]
> Are you sure you want to trust this key (yes/no)? yes Trusting "https://example.com/pubkeys.gpg" for prefix "example.com/app". Added key for prefix "example.com/app" at "/etc/rkt/trustedkeys/prefix. d/example.com/app/8b86de38890ddb7291867b025210bd8888182190"
$ rkt trust --prefix example.com/app https://example.com/pubkeys.gpg Prefix: "example.com/app" Key: "https://example.com/pubkeys.gpg"
GPG key fingerprint is: 8B86 DE38 890D DB72 9186 7B02 5210 BD88 8818 2190 ACI Builder <
[email protected]
> Are you sure you want to trust this key (yes/no)? yes Trusting "https://example.com/pubkeys.gpg" for prefix "example.com/app". Added key for prefix "example.com/app" at "/etc/rkt/trustedkeys/prefix. d/example.com/app/8b86de38890ddb7291867b025210bd8888182190" $ rkt run example.com/app:v2.0.0 rkt: searching for app image example.com/app:v2.0.0 rkt: fetching image from https://example.com/app-v2.0.0-linux-amd64.aci Downloading signature from https://example.com/app-v2.0.0-linux-amd64.aci.asc Downloading ACI: [=================] 3.79 MB/3.79 MB rkt: signature verified: ACI Builder <
[email protected]
>
[Service] ExecStart = /usr/bin/rkt run --inherit-env example.com/app:v2.0.0 Restart = always
CPUShares = 512 MemoryLimit = 1G Environment = HTTP_PROXY=192.0.2.3:5000 Environment = STORAGE_PATH=/opt/app Environment = TMPDIR=/var/tmp
None
None
Replication Controller x 4
kube-apiserver kube-controller-manager kube-scheduler kube-kubelet kube-proxy kube-kubelet kube-proxy
HOW-TO /GoogleCloudPlatform /kubernetes /tree /master /docs /getting-started-guides /coreos
Boot up master ◦ Start a CoreOS image ◦ Bring
up etcd ◦ Configure and bring up flannel ◦ Download and start ➢ kube-apiserver ➢ kube-controller-manager ➢ kube-scheduler
Boot up workers ◦ Bring up etcd proxy ◦ Download
and bring up ➢ kube-proxy ➢ kubelet
None
fleet deploy { } run kube-* CoreOS Linux + etcd
+ flannel
Workers talk to control cluster via proxy
None
Questions? Sign up for Tectonic at tectonic.com
eyakubovich
tanoyusuke
nrinetcom
flatt_security
brainpadpr
gdomiciano
askua
oracle4engineer
pfn
henteko
logica0419
marokiki
qa
marktimemedia
panda_program
addyosmani
jlugia
eileencodes
danielanewman
wjessup
bkeepers
bcantrill
chriscoyier
csswizardry
pauljervisheath
![[Service] ExecStart = /usr/bin/rkt run --inherit-env example.com/app:v2.0.0 Restart = always](https://files.speakerdeck.com/presentations/567131d1e2af41a98ef519b484c36980/slide_26.jpg){kind=link}
