$30 off During Our Annual Pro Sale. View Details »

Kubernetes and the Potential for Higher Level Interfaces

Kubernetes and the Potential for Higher Level Interfaces

Talk from KubeCon, the Kubernetes community conference. Covering the importance of context for user interfaces, standards, platforms, ecosystems, APIs and examples of high-level user interfaces for Kubernetes.

Gareth Rushgrove

March 10, 2016

More Decks by Gareth Rushgrove

Other Decks in Technology


  1. Kubernetes and the Potential for Higher Level Interfaces Puppet Labs

    Gareth Rushgrove Ecosystems, APIs and user needs
  2. Gareth Rushgrove @garethr

  3. Gareth Rushgrove

  4. Human and computer interfaces Concepts and demos Ecosystems and interoperability

    Gareth Rushgrove - - -
  5. The User Interface(s) of Kubernetes What do we mean by

    user and interface?
  6. The user context matters Gareth Rushgrove

  7. Creating Consuming Gareth Rushgrove - -

  8. Developers Operators Gareth Rushgrove - -

  9. Building something new Running in production Gareth Rushgrove - -

  10. Team size Regulation/compliance Multi-tenancy Infrastructure size Skills and experience Gareth

    Rushgrove - - - - -
  11. Gareth Rushgrove Gareth Rushgrove

  12. kubectl is a user interface Gareth Rushgrove

  13. YAML is a user interface Gareth Rushgrove

  14. Gareth Rushgrove Dashboard is a user interface Gareth Rushgrove

  15. The API is a user interface Gareth Rushgrove

  16. Client libraries are a user interface Gareth Rushgrove

  17. Different interfaces are useful in different contexts Gareth Rushgrove

  18. Different people might use different interfaces to achieve different tasks

    Gareth Rushgrove
  19. Out of the box Just enough user interface

  20. kubectl Gareth Rushgrove

  21. $ kubectl controls the Kubernetes cluster manager. Find more information

    at https://github.com/kubernetes/kubernetes. Usage: kubectl [flags] kubectl [command] Available Commands: get Display one or many resources describe Show details of a specific resource or group of resources create Create a resource by filename or stdin replace Replace a resource by filename or stdin. patch Update field(s) of a resource by stdin. delete Delete resources by filenames, stdin, resources and names, or by resources and label selector. edit Edit a resource on the server A universal interface for actions on a Kubernetes cluster Gareth Rushgrove
  22. Gareth Rushgrove

  23. YAML Gareth Rushgrove

  24. template: metadata: labels: app: guestbook tier: frontend spec: containers: -

    name: php-redis image: gcr.io/google_samples/gb-frontend:v4 resources: requests: cpu: 100m memory: 100Mi env: - name: GET_HOSTS_FROM value: dns # If your cluster config does not include a dns service, then to A data format describing desired state Gareth Rushgrove
  25. API wire format as user interface Gareth Rushgrove

  26. But isn’t YAML declarative? And other user interface tales

  27. Yes Gareth Rushgrove

  28. Code plus data has advantages over data alone Gareth Rushgrove

  29. The language to represent the data should be a simple,

    data-only format such as JSON or YAML, and programmatic modification of this data should be done in a real programming language Gareth Rushgrove Borg, Omega, and Kubernetes, ACM Queue, Volume 14, issue 1 http://queue.acm.org/detail.cfm?id=2898444 “
  30. Avoid repetition Combine external inputs Correctness Abstractions Gareth Rushgrove -

    - - -
  31. So why are so many people hand writing YAML? Gareth

  32. Changes with kubectle patch diverge from the model $ kubectl

    patch --help Update field(s) of a resource using strategic merge patch JSON and YAML formats are accepted. Usage: kubectl patch (-f FILENAME | TYPE NAME) -p PATCH [flags] Examples: # Partially update a node using strategic merge patch kubectl patch node k8s-node-1 -p '{"spec":{"unschedulable":true}}' Gareth Rushgrove
  33. $ kubectl apply --help Apply a configuration to a resource

    by filename or stdin. JSON and YAML formats are accepted. Usage: kubectl apply -f FILENAME [flags] Examples: # Apply the configuration in pod.json to a pod. $ kubectl apply -f ./pod.json And kubectl apply requires the full object serialisation Gareth Rushgrove
  34. A familiar Kubernetes Pod definition in YAML Gareth Rushgrove

  35. What happens if you run the same YAML file twice?

    Gareth Rushgrove
  36. How many times do you have to repeat the same

    label? Gareth Rushgrove
  37. kubectl is actually pretty low-level Gareth Rushgrove

  38. kubectl get pod mypod -o yaml \ | sed 's/\(image:

    myimage\):.*$/\1:v4/' \ | kubectl replace -f - This is from the official kubectl help. It pipes to sed. Gareth Rushgrove
  39. Declarative code with an idempotent runtime model Gareth Rushgrove

  40. Describe what you want Gareth Rushgrove

  41. Converge from any state Gareth Rushgrove

  42. The same Kubernetes Pod described in Puppet Gareth Rushgrove

  43. $ puppet apply examples/init.pp --test Info: Loading facts Notice: Compiled

    catalog for gareths in environment production in 1.24 seconds Info: Applying configuration version '1453298602' Info: Checking if sample-pod exists Info: Creating kubernetes_pod sample-pod Notice: /Stage[main]/Main/Kubernetes_pod[sample-pod]/ensure: created Notice: Applied catalog in 0.23 seconds Running without that Pod already existing will create it Gareth Rushgrove
  44. Running a second time, nothing changes because the Pod already

    exists Gareth Rushgrove $ puppet apply examples/init.pp --test Info: Loading facts Notice: Compiled catalog for garethr in environment production in 1.33 seconds Info: Applying configuration version '1453298688' Info: Checking if sample-pod exists Notice: Applied catalog in 0.15 seconds
  45. $ puppet resource kubernetes_pod sample-pod kubernetes_pod { 'sample-pod': ensure =>

    'present', metadata => { 'creationTimestamp' => '2016-01-20T14:03:23Z', 'name' => 'sample-pod', 'namespace' => 'default', 'resourceVersion' => '4579', 'selfLink' => '/api/v1/namespaces/default/pods/sample-pod’, 'uid' => '91c8a550-bf7e-11e5-816e-42010af001b1' }, spec => { 'containers' => [{ ‘image' => 'nginx', 'imagePullPolicy' => 'IfNotPresent', 'name' => ‘container-name', 'resources' => {'requests' => {'cpu' => '100m'}}, 'terminationMessagePat [{'mountPath' => '/var/run/secrets/kubernetes.io/serviceaccount', 'name' 'dnsPolicy' => 'ClusterFirst', 'nodeName' => 'gke-guestbook-dc15a31a-nod puppet resource allows for interrogating an existing Kubernetes installation Gareth Rushgrove
  46. $ kubectl describe pod sample-pod Name: sample-pod Namespace: default Image(s):

    nginx Node: gke-guestbook-dc15a31a-node-fyb6/10.240. Start Time: Wed, 20 Jan 2016 14:03:23 +0000 Labels: <none> Status: Running Reason: Message: IP: Replication Controllers: <none> Containers: container-name: Container ID: docker://542389c5b2a98616ba3a8001029bc4a3f00d7c0 Image: nginx Image ID: docker://407195ab8b07 The same information is still accessible via other tooling Gareth Rushgrove
  47. Other programming languages exist Gareth Rushgrove

  48. DEMO

  49. Gareth Rushgrove More details on the official Kubernetes blog Gareth

  50. Imperative Interfaces Pragmatism and familiarity

  51. Gareth Rushgrove

  52. Gareth Rushgrove Deis is an open source PaaS that provides

    a Heroku- inspired workflow, using Kubernetes under the hood Gareth Rushgrove
  53. Interactive CLI to login Gareth Rushgrove $ deis login http://deis.example.com

    username: deis password: Logged in as deis
  54. Create configs locally with the CLI Gareth Rushgrove $ deis

    create Creating application... done, created boring-huntress Git remote deis added
  55. $ git push deis master Counting objects: 95, done. Delta

    compression using up to 8 threads. Compressing objects: 100% (52/52), done. Writing objects: 100% (95/95), 20.24 KiB | 0 bytes/s, done. Total 95 (delta 41), reused 85 (delta 37) -----> Ruby app detected -----> Compiling Ruby/Rack -----> Using Ruby version: ruby-1.9.3 -----> Installing dependencies using 1.5.2 Running: bundle install --without development:test --path vendor/bundle --binstubs vendor/bundle/bin -j4 --deployment Fetching gem metadata from http://rubygems.org/.......... Fetching additional metadata from http://rubygems.org/.. Using bundler (1.5.2) Installing tilt (1.3.6) Installing rack (1.5.2) The switch to Git for deployment Gareth Rushgrove
  56. Set config using CLI Gareth Rushgrove $ deis config:set FOO=1

    BAR=baz && deis config:pull $ cat .env FOO=1 BAR=baz $ echo "TIDE=high" >> .env $ deis config:push Creating config... done, v4 === yuppie-earthman DEIS_APP: yuppie-earthman FOO: 1 BAR: baz TIDE: high
  57. $ deis scale web=8 Scaling processes... but first, coffee! done

    in 20s === boring-huntress Processes --- web: web.1 up (v2) web.2 up (v2) web.3 up (v2) web.4 up (v2) web.5 up (v2) web.6 up (v2) web.7 up (v2) web.8 up (v2) Scale using the CLI Gareth Rushgrove
  58. Replication Controllers, Services and Pods are implementation details Gareth Rushgrove

  59. Kubernetes is an implementation details from the point of view

    of the user Gareth Rushgrove
  60. Kubernetes is NOT an implementation details from the point of

    view of the administrator Gareth Rushgrove
  61. The advantages of familiarity Gareth Rushgrove

  62. The challenges of git as a user interface Gareth Rushgrove

  63. Ecosystems and Interoperability Everyone can play together

  64. Gareth Rushgrove

  65. Package management Gareth Rushgrove

  66. Gareth Rushgrove Helm, a package manager for Kubernetes Gareth Rushgrove

  67. $ helm install redis-cluster ---> Running `kubectl create -f` ...

    services/redis-sentinel pods/redis-master replicationcontrollers/redis replicationcontrollers/redis-sentinel ---> Done Help provides distribution tools, plus wraps kubectl Gareth Rushgrove
  68. Helm as a user interface Gareth Rushgrove

  69. Gareth Rushgrove Charts as a place to share low level

    descriptions Gareth Rushgrove
  70. name: jenkins home: https://jenkins-ci.org/ version: 0.2.0 description: The leading open-source

    continuous integration server. maintainers: - Matt Fisher <mfisher@deis.com> details: Jenkins is the leading open-source continuous integration server. Chart.yaml metadata format Gareth Rushgrove
  71. Gareth Rushgrove Or, what is the Kubernetes equivalent to MPM

    metadata? Gareth Rushgrove
  72. The importance of sharing metadata Gareth Rushgrove

  73. Metadata as a first class user interface Gareth Rushgrove

  74. If the API is the point of interoperability, how can

    it evolve safely? Gareth Rushgrove
  75. Gareth Rushgrove Swagger is a specification for describing APIs Gareth

  76. Gareth Rushgrove Now being developed by the Open API Initiative

    Gareth Rushgrove
  77. "type": "integer", "format": "int32", "description": "The port on each node

    on which this service is exposed when type=NodePort or LoadBalancer. Usually assigned by the system. If specified, it will be allocated to the service if unused or else creation of the service will fail. Default is to auto-allocate a port if the ServiceType of this Service requires one. More info: http://releases.k8s.io/HEAD/docs/user- guide/services.md#type--nodeport" } } }, "v1.ServiceStatus": { "id": "v1.ServiceStatus", "description": "ServiceStatus represents the current status of a service.", "properties": { "loadBalancer": { "$ref": "v1.LoadBalancerStatus", "description": "LoadBalancer contains the current status of the load-balancer, if one is present." The Kubernetes API spec is ~14,000 lines of JSON Gareth Rushgrove
  78. Some client libraries, including the Puppet module, are generated from

    the Swagger spec Gareth Rushgrove
  79. Gareth Rushgrove

  80. Standards mean going slow in the right places Gareth Rushgrove

  81. So we can go fast everywhere else Gareth Rushgrove

  82. Conclusions Why Kubernetes as a platform

  83. Interoperable because of a stable set of APIs Gareth Rushgrove

  84. Platforms exposing high level interfaces, without limiting access to lower

    level ones Gareth Rushgrove
  85. Allow for different use-cases and different life-cycles on the same

    infrastructure Gareth Rushgrove
  86. Questions? And thanks for listening