Kubernetes and the Potential for Higher Level Interfaces

Transcript

1. Kubernetes and the Potential for Higher Level Interfaces Puppet Labs

   Gareth Rushgrove Ecosystems, APIs and user needs

2. Gareth Rushgrove @garethr

3. Gareth Rushgrove

4. Human and computer interfaces Concepts and demos Ecosystems and interoperability

   Gareth Rushgrove - - -

5. The User Interface(s) of Kubernetes What do we mean by

   user and interface?

6. The user context matters Gareth Rushgrove

7. Creating Consuming Gareth Rushgrove - -

8. Developers Operators Gareth Rushgrove - -

9. Building something new Running in production Gareth Rushgrove - -

10. Team size Regulation/compliance Multi-tenancy Infrastructure size Skills and experience Gareth

    Rushgrove - - - - -

11. Gareth Rushgrove Gareth Rushgrove

12. kubectl is a user interface Gareth Rushgrove

13. YAML is a user interface Gareth Rushgrove

14. Gareth Rushgrove Dashboard is a user interface Gareth Rushgrove

15. The API is a user interface Gareth Rushgrove

16. Client libraries are a user interface Gareth Rushgrove

17. Different interfaces are useful in different contexts Gareth Rushgrove

18. Different people might use different interfaces to achieve different tasks

    Gareth Rushgrove

19. Out of the box Just enough user interface

20. kubectl Gareth Rushgrove

21. $ kubectl controls the Kubernetes cluster manager. Find more information

    at https://github.com/kubernetes/kubernetes. Usage: kubectl [flags] kubectl [command] Available Commands: get Display one or many resources describe Show details of a specific resource or group of resources create Create a resource by filename or stdin replace Replace a resource by filename or stdin. patch Update field(s) of a resource by stdin. delete Delete resources by filenames, stdin, resources and names, or by resources and label selector. edit Edit a resource on the server A universal interface for actions on a Kubernetes cluster Gareth Rushgrove

22. Gareth Rushgrove

23. YAML Gareth Rushgrove

24. template: metadata: labels: app: guestbook tier: frontend spec: containers: -

    name: php-redis image: gcr.io/google_samples/gb-frontend:v4 resources: requests: cpu: 100m memory: 100Mi env: - name: GET_HOSTS_FROM value: dns # If your cluster config does not include a dns service, then to A data format describing desired state Gareth Rushgrove

25. API wire format as user interface Gareth Rushgrove

26. But isn’t YAML declarative? And other user interface tales

27. Yes Gareth Rushgrove

28. Code plus data has advantages over data alone Gareth Rushgrove

29. The language to represent the data should be a simple,

    data-only format such as JSON or YAML, and programmatic modification of this data should be done in a real programming language Gareth Rushgrove Borg, Omega, and Kubernetes, ACM Queue, Volume 14, issue 1 http://queue.acm.org/detail.cfm?id=2898444 “

30. Avoid repetition Combine external inputs Correctness Abstractions Gareth Rushgrove -

    - - -

31. So why are so many people hand writing YAML? Gareth

    Rushgrove

32. Changes with kubectle patch diverge from the model $ kubectl

    patch --help Update field(s) of a resource using strategic merge patch JSON and YAML formats are accepted. Usage: kubectl patch (-f FILENAME | TYPE NAME) -p PATCH [flags] Examples: # Partially update a node using strategic merge patch kubectl patch node k8s-node-1 -p '{"spec":{"unschedulable":true}}' Gareth Rushgrove

33. $ kubectl apply --help Apply a configuration to a resource

    by filename or stdin. JSON and YAML formats are accepted. Usage: kubectl apply -f FILENAME [flags] Examples: # Apply the configuration in pod.json to a pod. $ kubectl apply -f ./pod.json And kubectl apply requires the full object serialisation Gareth Rushgrove

34. A familiar Kubernetes Pod definition in YAML Gareth Rushgrove

35. What happens if you run the same YAML file twice?

    Gareth Rushgrove

36. How many times do you have to repeat the same

    label? Gareth Rushgrove

37. kubectl is actually pretty low-level Gareth Rushgrove

38. kubectl get pod mypod -o yaml \ | sed 's/\(image:

    myimage\):.*$/\1:v4/' \ | kubectl replace -f - This is from the official kubectl help. It pipes to sed. Gareth Rushgrove

39. Declarative code with an idempotent runtime model Gareth Rushgrove

40. Describe what you want Gareth Rushgrove

41. Converge from any state Gareth Rushgrove

42. The same Kubernetes Pod described in Puppet Gareth Rushgrove

43. $ puppet apply examples/init.pp --test Info: Loading facts Notice: Compiled

    catalog for gareths in environment production in 1.24 seconds Info: Applying configuration version '1453298602' Info: Checking if sample-pod exists Info: Creating kubernetes_pod sample-pod Notice: /Stage[main]/Main/Kubernetes_pod[sample-pod]/ensure: created Notice: Applied catalog in 0.23 seconds Running without that Pod already existing will create it Gareth Rushgrove

44. Running a second time, nothing changes because the Pod already

    exists Gareth Rushgrove $ puppet apply examples/init.pp --test Info: Loading facts Notice: Compiled catalog for garethr in environment production in 1.33 seconds Info: Applying configuration version '1453298688' Info: Checking if sample-pod exists Notice: Applied catalog in 0.15 seconds

45. $ puppet resource kubernetes_pod sample-pod kubernetes_pod { 'sample-pod': ensure =>

    'present', metadata => { 'creationTimestamp' => '2016-01-20T14:03:23Z', 'name' => 'sample-pod', 'namespace' => 'default', 'resourceVersion' => '4579', 'selfLink' => '/api/v1/namespaces/default/pods/sample-pod’, 'uid' => '91c8a550-bf7e-11e5-816e-42010af001b1' }, spec => { 'containers' => [{ ‘image' => 'nginx', 'imagePullPolicy' => 'IfNotPresent', 'name' => ‘container-name', 'resources' => {'requests' => {'cpu' => '100m'}}, 'terminationMessagePat [{'mountPath' => '/var/run/secrets/kubernetes.io/serviceaccount', 'name' 'dnsPolicy' => 'ClusterFirst', 'nodeName' => 'gke-guestbook-dc15a31a-nod puppet resource allows for interrogating an existing Kubernetes installation Gareth Rushgrove

46. $ kubectl describe pod sample-pod Name: sample-pod Namespace: default Image(s):

    nginx Node: gke-guestbook-dc15a31a-node-fyb6/10.240. Start Time: Wed, 20 Jan 2016 14:03:23 +0000 Labels: <none> Status: Running Reason: Message: IP: 10.24.1.7 Replication Controllers: <none> Containers: container-name: Container ID: docker://542389c5b2a98616ba3a8001029bc4a3f00d7c0 Image: nginx Image ID: docker://407195ab8b07 The same information is still accessible via other tooling Gareth Rushgrove

47. Other programming languages exist Gareth Rushgrove

48. DEMO

49. Gareth Rushgrove More details on the official Kubernetes blog Gareth

    Rushgrove

50. Imperative Interfaces Pragmatism and familiarity

51. Gareth Rushgrove

52. Gareth Rushgrove Deis is an open source PaaS that provides

    a Heroku- inspired workflow, using Kubernetes under the hood Gareth Rushgrove

53. Interactive CLI to login Gareth Rushgrove $ deis login http://deis.example.com

    username: deis password: Logged in as deis

54. Create configs locally with the CLI Gareth Rushgrove $ deis

    create Creating application... done, created boring-huntress Git remote deis added

55. $ git push deis master Counting objects: 95, done. Delta

    compression using up to 8 threads. Compressing objects: 100% (52/52), done. Writing objects: 100% (95/95), 20.24 KiB | 0 bytes/s, done. Total 95 (delta 41), reused 85 (delta 37) -----> Ruby app detected -----> Compiling Ruby/Rack -----> Using Ruby version: ruby-1.9.3 -----> Installing dependencies using 1.5.2 Running: bundle install --without development:test --path vendor/bundle --binstubs vendor/bundle/bin -j4 --deployment Fetching gem metadata from http://rubygems.org/.......... Fetching additional metadata from http://rubygems.org/.. Using bundler (1.5.2) Installing tilt (1.3.6) Installing rack (1.5.2) The switch to Git for deployment Gareth Rushgrove

56. Set config using CLI Gareth Rushgrove $ deis config:set FOO=1

    BAR=baz && deis config:pull $ cat .env FOO=1 BAR=baz $ echo "TIDE=high" >> .env $ deis config:push Creating config... done, v4 === yuppie-earthman DEIS_APP: yuppie-earthman FOO: 1 BAR: baz TIDE: high

57. $ deis scale web=8 Scaling processes... but first, coffee! done

    in 20s === boring-huntress Processes --- web: web.1 up (v2) web.2 up (v2) web.3 up (v2) web.4 up (v2) web.5 up (v2) web.6 up (v2) web.7 up (v2) web.8 up (v2) Scale using the CLI Gareth Rushgrove

58. Replication Controllers, Services and Pods are implementation details Gareth Rushgrove

59. Kubernetes is an implementation details from the point of view

    of the user Gareth Rushgrove

60. Kubernetes is NOT an implementation details from the point of

    view of the administrator Gareth Rushgrove

61. The advantages of familiarity Gareth Rushgrove

62. The challenges of git as a user interface Gareth Rushgrove

63. Ecosystems and Interoperability Everyone can play together

64. Gareth Rushgrove

65. Package management Gareth Rushgrove

66. Gareth Rushgrove Helm, a package manager for Kubernetes Gareth Rushgrove

67. $ helm install redis-cluster ---> Running `kubectl create -f` ...

    services/redis-sentinel pods/redis-master replicationcontrollers/redis replicationcontrollers/redis-sentinel ---> Done Help provides distribution tools, plus wraps kubectl Gareth Rushgrove

68. Helm as a user interface Gareth Rushgrove

69. Gareth Rushgrove Charts as a place to share low level

    descriptions Gareth Rushgrove

70. name: jenkins home: https://jenkins-ci.org/ version: 0.2.0 description: The leading open-source

    continuous integration server. maintainers: - Matt Fisher <[email protected]> details: Jenkins is the leading open-source continuous integration server. Chart.yaml metadata format Gareth Rushgrove

71. Gareth Rushgrove Or, what is the Kubernetes equivalent to MPM

    metadata? Gareth Rushgrove

72. The importance of sharing metadata Gareth Rushgrove

73. Metadata as a first class user interface Gareth Rushgrove

74. If the API is the point of interoperability, how can

    it evolve safely? Gareth Rushgrove

75. Gareth Rushgrove Swagger is a specification for describing APIs Gareth

    Rushgrove

76. Gareth Rushgrove Now being developed by the Open API Initiative

    Gareth Rushgrove

77. "type": "integer", "format": "int32", "description": "The port on each node

    on which this service is exposed when type=NodePort or LoadBalancer. Usually assigned by the system. If specified, it will be allocated to the service if unused or else creation of the service will fail. Default is to auto-allocate a port if the ServiceType of this Service requires one. More info: http://releases.k8s.io/HEAD/docs/user- guide/services.md#type--nodeport" } } }, "v1.ServiceStatus": { "id": "v1.ServiceStatus", "description": "ServiceStatus represents the current status of a service.", "properties": { "loadBalancer": { "$ref": "v1.LoadBalancerStatus", "description": "LoadBalancer contains the current status of the load-balancer, if one is present." The Kubernetes API spec is ~14,000 lines of JSON Gareth Rushgrove

78. Some client libraries, including the Puppet module, are generated from

    the Swagger spec Gareth Rushgrove

79. Gareth Rushgrove

80. Standards mean going slow in the right places Gareth Rushgrove

81. So we can go fast everywhere else Gareth Rushgrove

82. Conclusions Why Kubernetes as a platform

83. Interoperable because of a stable set of APIs Gareth Rushgrove

84. Platforms exposing high level interfaces, without limiting access to lower

    level ones Gareth Rushgrove

85. Allow for different use-cases and different life-cycles on the same

    infrastructure Gareth Rushgrove

86. Questions? And thanks for listening