control theory + declarative API = Kubernetes

Transcript

1. control theory + declarative API = Kubernetes Lucas Käldström -

   CNCF Ambassador March 28, 2023 – Helsinki Image credit: CNCF

2. © 2023 Lucas Käldström 2 $ whoami Lucas Käldström, 1st-year

   MSc student at Aalto University, Finland CNCF Ambassador, Certified Kubernetes Administrator and Former Kubernetes maintainer KubeCon Speaker in Berlin, Austin, Copenhagen, Shanghai, Seattle, San Diego & Valencia KubeCon Keynote Speaker in Barcelona kubeadm, Weave Ignite & libgitops co-author, Entrepreneur Cloud Native Nordics co-founder & meetup organizer Guild of Automation and Systems Technology Head of Corporate Relations

3. © 2023 Lucas Käldström 3 est. 2014

4. © 2023 Lucas Käldström 4 Based on decades of experience

   at Google

5. © 2023 Lucas Käldström 5 Fast-forward 7 years, has 75000+

   contributors Cloud Native Computing Foundation is a non-profit under Linux Foundation CNCF hosts 153 “cloud native” projects under it’s vendor-neutral umbrella Kubernetes was the first project donated to CNCF by Google in 2015 It is one of the top 10 most actively developed open source projects

6. © 2023 Lucas Käldström 6 Let’s start by defining it

7. © 2023 Lucas Käldström 7 A Container Orchestrator? Yes

8. © 2023 Lucas Käldström 8 A Container Orchestrator? Yes But

   in fact, even more than that

9. © 2023 Lucas Käldström 9 Kubernetes: A Control Plane for

   (any) infrastructure

10. © 2023 Lucas Käldström 10 Kubernetes: A Control Plane for

    (any) infrastructure = A set of automated controllers with operational knowledge of how to control a target system

11. Not: Humans Operating Servers

12. Instead: Humans Operating Automation, that in turn Operate Servers

13. © 2023 Lucas Käldström 13 Credits to Simon Sinek

14. © 2023 Lucas Käldström 14 Run anywhere Self-healing Scalable workload

    scheduling Service discovery + config mgmt What?

15. © 2023 Lucas Käldström 15 Specify once; Kubernetes makes your

    dream true JSON container workload specification REST API server HTTP POST JSON object Container Workload Controller read desired state *The process doesn’t look exactly like this, it is a simplified mental model for now pull start re-start monitor

16. © 2023 Lucas Käldström 16 Credits to Simon Sinek

17. © 2023 Lucas Käldström 17 Run anywhere Self-healing Scalable workload

    scheduling Service discovery + config mgmt How? Closed-loop controllers Uniform, declarative and extensible API

18. © 2023 Lucas Käldström 18 Sysadmin Servers/Applications controls business value

    (e.g. webservice) business objective narrative Classic system administration (Imperative) e.g. “start 5 virtual machines through GUI”

19. © 2023 Lucas Käldström 19 Sysadmin Servers/Applications controls business value

    (e.g. webservice) Monitoring dashboard - business objective narrative (desired state in PDF) + human diff actual state Classic system administration (Declarative) e.g. “start 2 static web server processes per VM, send alerts via email if CPU exhausted”

20. © 2023 Lucas Käldström 20 Controller Servers/Applications controls business value

    (e.g. webservice) Monitoring data - declarative business objective (desired state in JSON) + programmatic diff actual state System Administration by Kubernetes Operators REST API desired state REST API actual state e.g. “I want at least 10 web servers always running, scale up to 20 if load is high. I don’t care where the web servers run as long as they are reachable in this subnet”

21. © 2023 Lucas Käldström 21 declarative business objective (desired state

    in JSON) Notice that desired and actual state are separated REST API desired state REST API actual state REST API is uniform, i.e. all resources has the same structure: kind, apiVersion, metadata, spec, Status REST API is extensible, you can add your own objects freely kind: Pod # What kind of object is this? apiVersion: v1 # What schema version is used? metadata: # Metadata about this object name: my-pod labels: app: web spec: # Desired state, set by user containers: - image: nginx:1.23 ports: - containerPort: 80 status: # Actual, observed state, set by controller conditions: - type: Ready status: "True" lastTransitionTime: 2018-01-01T00:00:00Z

22. © 2023 Lucas Käldström 22 controllers + extensible API =

    abstraction layer

23. © 2023 Lucas Käldström 23 Kubernetes is a “platform for

    platforms” Platform A Platform B Platform C Platform D

24. © 2023 Lucas Käldström 24 Kubernetes is a “platform for

    platforms” Platform A Platform B Platform C Platform D

25. © 2023 Lucas Käldström 25 Let’s say I create a

    “Workload” controller with the following API: kind: Workload # What kind of object is this? apiVersion: luxas.dev/v1 # What schema version is used? metadata: # Metadata about this object name: my-workload spec: # Desired state, set by user type: VM osImage: https://luxas.dev/ubuntu-2204 status: # Actual, observed state, set by controller phase: Running bootTime: 2023-03-28T00:00:00Z

26. © 2023 Lucas Käldström 26 Workload Controller Target Servers controls

    business value, running workloads Inspect server state - + programmatic diff actual state Controller implemented as: Workload spec Workload status

27. © 2023 Lucas Käldström 27 I need to make two

    new controllers: 1) a replicated Workload, which creates multiple workloads based on a template 2) a “Job” workload, which runs until completion

28. © 2023 Lucas Käldström 28 But I don’t want to

    duplicate the implementation of the Workload controller!

29. © 2023 Lucas Käldström 29 Workload Controller Target Servers running

    workloads Inspect server state - + Workload API object spec+status ReplicatedWorkload Controller Observe status - + ReplicatedWorkload spec ReplicatedWorkload status JobWorkload Controller Observe status - + JobWorkload spec JobWorkload status create “child” Workload object create “child” Workload object

30. © 2023 Lucas Käldström 30 Now the declarative implementation of

    controlling the Workload can be re-used and built upon!

31. © 2023 Lucas Käldström 31 This forms a loosely coupled

    microservice architecture! REST API server JobWorkload Workload ReplicatedWorkload JobWorkload controller ReplicatedWorkload controller Workload controller declare intent declare intent

32. © 2023 Lucas Käldström 32 Run anywhere Self-healing Scalable workload

    scheduling Service discovery + config mgmt How? Closed-loop controllers Uniform, declarative and extensible API

33. © 2023 Lucas Käldström 33 Kubernetes: A Control Plane for

    (any) infrastructure

34. Not: Humans Operating Servers

35. Instead: Humans Operating Automation, that in turn Operate Servers

36. Summary Baim Hanif on Unsplash Thank you! @luxas on Github

    @luxas on LinkedIn @luxas on SpeakerDeck @kubernetesonarm on Twitter [email protected]