Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Recap API Machinery Deep Dive

71d7f6cdf5b1934a1b69f0624f5a7523?s=47 Aya (Igarashi) Ozawa
May 17, 2018
Technology
4
1.8k

Recap API Machinery Deep Dive

Kubernetes Meetup Tokyo #11 - KubeCon EU Recap
https://k8sjp.connpass.com/event/85336/

Google Slide ver. https://docs.google.com/presentation/d/1-4XHr7Q_uEK6vFrNJmByqJzkdiyPmTAGk2T14a_5I90/edit?usp=sharing

71d7f6cdf5b1934a1b69f0624f5a7523?s=128

Aya (Igarashi) Ozawa

May 17, 2018
Tweet

More Decks by Aya (Igarashi) Ozawa

See All by Aya (Igarashi) Ozawa
71d7f6cdf5b1934a1b69f0624f5a7523?s=48 ladicle
0
89
71d7f6cdf5b1934a1b69f0624f5a7523?s=48 ladicle
0
130
71d7f6cdf5b1934a1b69f0624f5a7523?s=48 ladicle
0
97
71d7f6cdf5b1934a1b69f0624f5a7523?s=48 ladicle
17
6.6k
71d7f6cdf5b1934a1b69f0624f5a7523?s=48 ladicle
3
4.3k
71d7f6cdf5b1934a1b69f0624f5a7523?s=48 ladicle
5
2.7k
71d7f6cdf5b1934a1b69f0624f5a7523?s=48 ladicle
5
790
71d7f6cdf5b1934a1b69f0624f5a7523?s=48 ladicle
1
420
71d7f6cdf5b1934a1b69f0624f5a7523?s=48 ladicle
31
11k

Other Decks in Technology

See All in Technology
Ddbf32a824ff6979227a8cf26d2cc28c?s=48 hajimexxxnakagawa
0
620
93c80c388fe9d8f9df7d030549a0ff0b?s=48 chaspy
0
120
2ec6ef5833820c7e6bb85e69db368537?s=48 shuntaito
0
100
3fa91dc187588e13e827810d2f30d8c7?s=48 moepy_stats
2
2k
79dcb04101764d7bf66f898dd446838e?s=48 tsukubachallenge
0
220
Aa5b922fefbf18bea89972521971dfea?s=48 yoshikiiida
6
6.9k
1c187c3f67507a90ced63f2c006ec4ad?s=48 regonn
1
930
8065fe5a0d33908c6f71c5ae28939dcd?s=48 ayatokura
0
210
F51e113117352226a2583a1f24d4de6d?s=48 shimashima35
0
190
20ddbe9b7cfdde5e2dfeb8d8714d5de8?s=48 tarugoconf
0
2.4k
Cdf97a1b1b132c56582773c3ba09a3a6?s=48 rakus_dev
0
260
4c5769c58c5b504cd196dbc51d1d3858?s=48 dmiyamoto
0
190

Featured

See All Featured
79acae287842acf29084005533a7fb3b?s=48 hursman
112
9.6k
A0517b08532aec8ab2aae3f65d40ad86?s=48 hannesfritz
32
1.2k
0bce06bd06ee7a2c4f5500f25dcf7f18?s=48 paulrobertlloyd
73
4k
6bb82b13cda86d3b821fa44100335ddf?s=48 thoeni
6
1k
8081b26e05bb4354f7d65ffc34cbbd67?s=48 chriscoyier
498
130k
9375a9529679f1b42b567a640d775e7d?s=48 schacon
152
7k
465724d73fe3a92c0879fdfb43a3a6f3?s=48 philhawksworth
195
9.1k
282d599b414022eba5096510f675b6e2?s=48 chrislema
174
14k
64827b31aef81498662e8af4bd6d5157?s=48 jonrohan
1021
410k
8ec1383b240b5ba15ffb9743fceb3c0e?s=48 philnash
23
1.3k
E14f55d3f939977cecbf51b64ff6f861?s=48 keithpitt
405
20k
3d4519fd34b76fb265fc0237f3792bd4?s=48 danielanewman
6
830

Transcript

  1. Recap SIG API Machinery Deep Dive Kubernetes meetup Tokyo #11

    Aya Igarashi @ladicle

  2. @Ladicle Aya Igarashi Software Engineer - Z Lab Corp. Who

    am I?

  3. Custom Resources Demo https://github.com/Ladicle/crd-sample

  4. Outline of the Talk ★ DeepDive Stefan Schimanski Senior Software

    Engineer at Red Hat ◦ api-serverがapiextensions-apierverに委譲する流れ ◦ CRDを生成する流れと, raceするbugの紹介 ◦ spec+ statusパターンの推奨 (for subresource) ◦ structuredなclientコード生成のすゝめ ◦ OpenAPI v3 schemaによるvalidationの紹介 ◦ 上記のvalidationを利用したpruning (schema外のfieldがあった場合は除去 ) ◦ Subresourceの /scaleと /status の紹介 ◦ Versioning, Pruning/Defaulting, Graceful Deletion, Server Side Printing Columns, Subresources ★ Custom Resources 1.11+ (1.12+) https://www.youtube.com/watch?v=XsFH7OEIIvI

  5. Versioning & Validation DEEP DIVE

  6. CRD versioning (nop conversion) v1.11 ◦ Design: https://github.com/kubernetes/community/pull/2054/files ◦ Pull-Request:

    https://github.com/kubernetes/kubernetes/pull/63830 #ONGOING type CustomResourceDefinitionSpec struct { ... // 将来的にDeprecatedになる. Version string // 対応するVersionリスト. // StoredVersionsリストに含まれているものは削除できない. Versions []CustomResourceDefinitionVersion } type CustomResourceDefinitionVersion struct { // v2beta1などのバージョン名. Name string // REST APIから指定できるようにするかのフラグ. Served Boolean // Storage(etcd)に保存する時のVersionであるかのフラグ. // Versionリストの中で1つのみTrueにする. Storage Boolean } type CustomResourceDefinitionStatus struct { ... // Storageに保存されているCRのVersionリスト. // migrationが完了したらリストから除く. StoredVersions []string }

  7. CRD versioning v1.12+ ◦ Design: https://github.com/kubernetes/community/pull/2026/files #ONGOING type CustomResourceDefinitionVersion struct

    { ... Conversion CustomResourceConversion } // 変更するpathごとにconversion resourceを作成する type CustomResourceConversion struct { Declarative map[string]CustomResourceDeclarativeConversion } type CustomResourceDeclarativeConversion struct { Rename RenameConversion // 右のWebhook用の設定 External CustomResourceConversionWebhook } // JsonPath(例: .spec.hoge)形式で指定 type RenameConversion struct { From JsonPath To JsonPath } type CustomResourceExternalConversion struct { // 変換先のVersion名リスト. To []string Webhook ConversionWebhook } type ConversionWebhook struct { // clientとどう通信するかを定義するもの. // WebhookのService等を指定する ClientConfig WebhookClientConfig } // 各VersionのValidationにも対応するようだが // これの詳細はまだ未定

  8. Validation OpenAPI v3 schema & Admission Controllers

  9. Validation using OpenAPI v3 schema apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata:

    name: meetups.kube.tokyo ... validation: openAPIV3Schema: properties: spec: properties: eventName: type: string pattern: '^KubernetesMeetup#\d+$' theme: type: string enum: - normal - recap speakerNames: type: array items: type: string capacity: type: integer default: 10 minimum: 10 apiVersion: kube.tokyo/v1 kind: Meetup metadata: name: meetup11 namespace: default spec: eventName: Kubernetes Meetup Tokyo #11 theme: recap speakerNames: - lanMLewis - amsy810 - ladicle - nasa9085 - jyoshise - rafiror - dtan4 capacity: 200

  10. Validation using Admission Controllers --enable-admission-plugins=DefaultStorageClass,DefaultTolerationSeconds,Mutating AdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota • ValidatingAdmissionWebhook ◦ リソースをValidationするためのWebhook

    (変更はできない) • MutatingAdmissionWebhook ◦ リソースのチェックや変更をするための Webhook • Initializers ◦ リソースを初期化するための metadata.initializers.pendingリストを付与する ◦ 全ての初期化が終わるまでリソースが作成されない etc...

  11. What should I use to validate resources?

  12. WE ARE HIRING!

  13. THANK YOU For your time & we’ll see you soon

    ladicle