CoreOS NYC Meetup

Eugene Yakubovich Software Developer Maintainer of flannel @eyakubovich Under the
hood of Tectonic

Under the hood of tectonic CoreOS Linux CoreOS projects (etcd,
fleet, flannel) Kubernetes Tectonic layer

What is CoreOS Linux?

kernel systemd etcd ssh docker python java nginx mysql openssl
app tro distro distro distro distro distro

tro distro distro distro distro distro python openssl-A app1 java
openssl-B app2 java openssl-B app3 kernel systemd etcd ssh docker

tro distro distro distro distro distro python openssl-A app1 java
openssl-B app2 java openssl-B app3 CoreOS

tro distro distro distro distro distro CoreOS container container container

atomic with rollback auto updates

PUT /v2/keys/foo HTTP/1.1 value=bar

GET /v2/keys/foo HTTP/1.1 {“node”: {“value”: “bar”}}

Fault Tolerant Distributed K/V Store

10.0.16.0/24 10.0.24.0/24 10.0.71.0/24

10.0.16.0/24 10.0.24.0/24 10.0.71.0/24 10.0.16.2 10.0.24.3

$ rkt run example.com/app:v2.0.0 rkt: searching for app image example.com/app:v2.0.0
rkt: fetching image from https://example.com/app-v2.0.0-linux-amd64.aci Downloading signature from https://example.com/app-v2.0.0-linux-amd64.aci.asc Downloading ACI: [=================] 3.79 MB/3.79 MB openpgp: signature made by unknown entity

$ rkt run example.com/app:v2.0.0 rkt: searching for app image example.com/app:v2.0.0
rkt: fetching image from https://example.com/app-v2.0.0-linux-amd64.aci Downloading signature from https://example.com/app-v2.0.0-linux-amd64.aci.asc Downloading ACI: [=================] 3.79 MB/3.79 MB openpgp: signature made by unknown entity $ rkt trust --prefix example.com/app https://example.com/pubkeys.gpg Prefix: "example.com/app" Key: "https://example.com/pubkeys.gpg" GPG key fingerprint is: 8B86 DE38 890D DB72 9186 7B02 5210 BD88 8818 2190 ACI Builder <[email protected]> Are you sure you want to trust this key (yes/no)? yes Trusting "https://example.com/pubkeys.gpg" for prefix "example.com/app". Added key for prefix "example.com/app" at "/etc/rkt/trustedkeys/prefix. d/example.com/app/8b86de38890ddb7291867b025210bd8888182190"

$ rkt trust --prefix example.com/app https://example.com/pubkeys.gpg Prefix: "example.com/app" Key: "https://example.com/pubkeys.gpg"
GPG key fingerprint is: 8B86 DE38 890D DB72 9186 7B02 5210 BD88 8818 2190 ACI Builder <[email protected]> Are you sure you want to trust this key (yes/no)? yes Trusting "https://example.com/pubkeys.gpg" for prefix "example.com/app". Added key for prefix "example.com/app" at "/etc/rkt/trustedkeys/prefix. d/example.com/app/8b86de38890ddb7291867b025210bd8888182190" $ rkt run example.com/app:v2.0.0 rkt: searching for app image example.com/app:v2.0.0 rkt: fetching image from https://example.com/app-v2.0.0-linux-amd64.aci Downloading signature from https://example.com/app-v2.0.0-linux-amd64.aci.asc Downloading ACI: [=================] 3.79 MB/3.79 MB rkt: signature verified: ACI Builder <[email protected]>

[Service] ExecStart = /usr/bin/rkt run --inherit-env example.com/app:v2.0.0 Restart = always
CPUShares = 512 MemoryLimit = 1G Environment = HTTP_PROXY=192.0.2.3:5000 Environment = STORAGE_PATH=/opt/app Environment = TMPDIR=/var/tmp

Replication Controller x 4

kube-apiserver kube-controller-manager kube-scheduler kube-kubelet kube-proxy kube-kubelet kube-proxy

HOW-TO /GoogleCloudPlatform /kubernetes /tree /master /docs /getting-started-guides /coreos

Boot up master ◦ Start a CoreOS image ◦ Bring
up etcd ◦ Configure and bring up flannel ◦ Download and start ➢ kube-apiserver ➢ kube-controller-manager ➢ kube-scheduler

Boot up workers ◦ Bring up etcd proxy ◦ Download
and bring up ➢ kube-proxy ➢ kubelet

fleet deploy { } run kube-* CoreOS Linux + etcd
+ flannel

Workers talk to control cluster via proxy

Questions? Sign up for Tectonic at tectonic.com

CoreOS NYC Meetup

CoreOS NYC Meetup

Eugene Yakubovich

More Decks by Eugene Yakubovich

Other Decks in Technology

Featured

Transcript

Eugene Yakubovich Software Developer Maintainer of flannel @eyakubovich Under the

Under the hood of tectonic CoreOS Linux CoreOS projects (etcd,

What is CoreOS Linux?

kernel systemd etcd ssh docker python java nginx mysql openssl

kernel systemd etcd ssh docker python java nginx mysql openssl

tro distro distro distro distro distro python openssl-A app1 java

tro distro distro distro distro distro python openssl-A app1 java

tro distro distro distro distro distro CoreOS container container container

atomic with rollback auto updates

PUT /v2/keys/foo HTTP/1.1 value=bar

GET /v2/keys/foo HTTP/1.1 {“node”: {“value”: “bar”}}

Fault Tolerant Distributed K/V Store

fleet

10.0.16.0/24 10.0.24.0/24 10.0.71.0/24

10.0.16.0/24 10.0.24.0/24 10.0.71.0/24 10.0.16.2 10.0.24.3

$ rkt run example.com/app:v2.0.0 rkt: searching for app image example.com/app:v2.0.0

$ rkt run example.com/app:v2.0.0 rkt: searching for app image example.com/app:v2.0.0

$ rkt trust --prefix example.com/app https://example.com/pubkeys.gpg Prefix: "example.com/app" Key: "https://example.com/pubkeys.gpg"

[Service] ExecStart = /usr/bin/rkt run --inherit-env example.com/app:v2.0.0 Restart = always

Replication Controller x 4

kube-apiserver kube-controller-manager kube-scheduler kube-kubelet kube-proxy kube-kubelet kube-proxy

HOW-TO /GoogleCloudPlatform /kubernetes /tree /master /docs /getting-started-guides /coreos

Boot up master ◦ Start a CoreOS image ◦ Bring

Boot up workers ◦ Bring up etcd proxy ◦ Download

fleet deploy { } run kube-* CoreOS Linux + etcd

Workers talk to control cluster via proxy

Questions? Sign up for Tectonic at tectonic.com