Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
CoreOS NYC Meetup
Search
Eugene Yakubovich
July 28, 2015
Technology
2
230
CoreOS NYC Meetup
Under the hood of Tectonic and the CoreOS ecosystem
Eugene Yakubovich
July 28, 2015
Tweet
Share
More Decks by Eugene Yakubovich
See All by Eugene Yakubovich
Container Network Interface: Network plugins for Kubernetes and beyond
eyakubovich
0
270
From network namespace to fabric overlay
eyakubovich
0
36
Other Decks in Technology
See All in Technology
プロダクト価値を引き上げる、「課題の再定義」という習慣
moeka__c
0
210
AWSエンジニアに捧ぐLangChainの歩き方
tsukuboshi
0
220
(Simutrans) 所要時間ベース経路検索のご紹介
teamhimeh
0
100
GitLab SelfManagedをCodePipelineのソースに設定する/SetGitLabSelfManagedtoCodePipeline
norihiroishiyama
1
120
Creative Pair
kawaguti
PRO
1
130
CNAPPから考えるAWSガバナンスの実践と最適化
yuobayashi
5
680
Tech Blog執筆のモチベート向上作戦
imamura_ko_0314
0
740
【5分でわかる】セーフィー エンジニア向け会社紹介
safie_recruit
0
18k
エラーバジェット枯渇の原因 - 偽陽性との戦い -
phaya72
1
100
BLEAでAWSアカウントのセキュリティレベルを向上させよう
koheiyoshikawa
0
130
パブリッククラウドのプロダクトマネジメントとアーキテクト
tagomoris
4
770
Enhancing SRE Using AI
yoshiiryo1
1
270
Featured
See All Featured
Learning to Love Humans: Emotional Interface Design
aarron
274
40k
StorybookのUI Testing Handbookを読んだ
zakiyama
28
5.4k
Bash Introduction
62gerente
610
210k
Large-scale JavaScript Application Architecture
addyosmani
510
110k
Site-Speed That Sticks
csswizardry
3
310
Designing on Purpose - Digital PM Summit 2013
jponch
117
7.1k
GraphQLの誤解/rethinking-graphql
sonatard
68
10k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
49
2.2k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
39
1.9k
Statistics for Hackers
jakevdp
797
220k
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
29
990
Bootstrapping a Software Product
garrettdimon
PRO
305
110k
Transcript
Eugene Yakubovich Software Developer Maintainer of flannel @eyakubovich Under the
hood of Tectonic
Under the hood of tectonic CoreOS Linux CoreOS projects (etcd,
fleet, flannel) Kubernetes Tectonic layer
What is CoreOS Linux?
kernel systemd etcd ssh docker python java nginx mysql openssl
app tro distro distro distro distro distro
kernel systemd etcd ssh docker python java nginx mysql openssl
app tro distro distro distro distro distro
tro distro distro distro distro distro python openssl-A app1 java
openssl-B app2 java openssl-B app3 kernel systemd etcd ssh docker
tro distro distro distro distro distro python openssl-A app1 java
openssl-B app2 java openssl-B app3 CoreOS
tro distro distro distro distro distro CoreOS container container container
atomic with rollback auto updates
None
None
None
None
PUT /v2/keys/foo HTTP/1.1 value=bar
GET /v2/keys/foo HTTP/1.1 {“node”: {“value”: “bar”}}
Fault Tolerant Distributed K/V Store
fleet
None
None
None
10.0.16.0/24 10.0.24.0/24 10.0.71.0/24
10.0.16.0/24 10.0.24.0/24 10.0.71.0/24 10.0.16.2 10.0.24.3
None
$ rkt run example.com/app:v2.0.0 rkt: searching for app image example.com/app:v2.0.0
rkt: fetching image from https://example.com/app-v2.0.0-linux-amd64.aci Downloading signature from https://example.com/app-v2.0.0-linux-amd64.aci.asc Downloading ACI: [=================] 3.79 MB/3.79 MB openpgp: signature made by unknown entity
$ rkt run example.com/app:v2.0.0 rkt: searching for app image example.com/app:v2.0.0
rkt: fetching image from https://example.com/app-v2.0.0-linux-amd64.aci Downloading signature from https://example.com/app-v2.0.0-linux-amd64.aci.asc Downloading ACI: [=================] 3.79 MB/3.79 MB openpgp: signature made by unknown entity $ rkt trust --prefix example.com/app https://example.com/pubkeys.gpg Prefix: "example.com/app" Key: "https://example.com/pubkeys.gpg" GPG key fingerprint is: 8B86 DE38 890D DB72 9186 7B02 5210 BD88 8818 2190 ACI Builder <
[email protected]
> Are you sure you want to trust this key (yes/no)? yes Trusting "https://example.com/pubkeys.gpg" for prefix "example.com/app". Added key for prefix "example.com/app" at "/etc/rkt/trustedkeys/prefix. d/example.com/app/8b86de38890ddb7291867b025210bd8888182190"
$ rkt trust --prefix example.com/app https://example.com/pubkeys.gpg Prefix: "example.com/app" Key: "https://example.com/pubkeys.gpg"
GPG key fingerprint is: 8B86 DE38 890D DB72 9186 7B02 5210 BD88 8818 2190 ACI Builder <
[email protected]
> Are you sure you want to trust this key (yes/no)? yes Trusting "https://example.com/pubkeys.gpg" for prefix "example.com/app". Added key for prefix "example.com/app" at "/etc/rkt/trustedkeys/prefix. d/example.com/app/8b86de38890ddb7291867b025210bd8888182190" $ rkt run example.com/app:v2.0.0 rkt: searching for app image example.com/app:v2.0.0 rkt: fetching image from https://example.com/app-v2.0.0-linux-amd64.aci Downloading signature from https://example.com/app-v2.0.0-linux-amd64.aci.asc Downloading ACI: [=================] 3.79 MB/3.79 MB rkt: signature verified: ACI Builder <
[email protected]
>
[Service] ExecStart = /usr/bin/rkt run --inherit-env example.com/app:v2.0.0 Restart = always
CPUShares = 512 MemoryLimit = 1G Environment = HTTP_PROXY=192.0.2.3:5000 Environment = STORAGE_PATH=/opt/app Environment = TMPDIR=/var/tmp
None
None
Replication Controller x 4
kube-apiserver kube-controller-manager kube-scheduler kube-kubelet kube-proxy kube-kubelet kube-proxy
HOW-TO /GoogleCloudPlatform /kubernetes /tree /master /docs /getting-started-guides /coreos
Boot up master ◦ Start a CoreOS image ◦ Bring
up etcd ◦ Configure and bring up flannel ◦ Download and start ➢ kube-apiserver ➢ kube-controller-manager ➢ kube-scheduler
Boot up workers ◦ Bring up etcd proxy ◦ Download
and bring up ➢ kube-proxy ➢ kubelet
None
fleet deploy { } run kube-* CoreOS Linux + etcd
+ flannel
Workers talk to control cluster via proxy
None
Questions? Sign up for Tectonic at tectonic.com