SIG Cluster Lifecycle 20190506 Update

Transcript

1. SIG Cluster Lifecyce Community Meeting Update

2. Mission SIG Cluster Lifecycle’s objective is to simplify creation, configuration,

   upgrade, downgrade, and teardown of Kubernetes clusters and their components. “We spend a ton of time on trying to balance user experience vs. power and flexibility” “It should scale from 1...N and still be seamless” Charter: https://github.com/kubernetes/community/blob/master/sig-cluster-lifecycle/charter.md

3. Who are we? • 600+ members on mailing list •

   2000+ members in #sig-cluster-lifecycle Slack • 20+ companies represented during SIG meetings • 5 continents with contributors • O(10^3) contributions per cycle • 15+ SIG sponsored subprojects

4. Cluster API cluster-addons SIG Cluster Lifecycle Overview kubeadm k8s cluster

   provisioners: • minikube • kops • kubespray • kind (SIG Testing) • kubeadm-dind-cluster • cluster-api-provider-<name> • ... SCL is one of the biggest Kubernetes SIGs, with 100s of contributors across several companies actively contributing to 17 subprojects and several workgroups etcdadm Component Config k8s cluster provisioners

5. kubeadm (GA since v1.13!) Master 1 Master N Node 1

   Node N kubeadm kubeadm kubeadm kubeadm Cloud Provider Load Balancers Monitoring Logging Cluster API Spec Cluster API Cluster API Implementation Addons Kubernetes API Bootstrapping Machines Infrastructure = The official tool to bootstrap a minimum viable, best-practice Kubernetes cluster Layer 2 kubeadm Layer 3 Addon Operators Layer 1 Cluster API

6. end-to-end solution Master 1 Master N Node 1 Node N

   kubeadm kubeadm kubeadm kubeadm Cloud Provider Load Balancers Monitoring Logging Cluster API Spec Cluster API Cluster API Implementation Addons Kubernetes API Bootstrapping Machines Infrastructure kubeadm vs an end-to-end solution kubeadm is built to be part of a higher-level solution

7. Cluster API Overview • With Kubernetes we manage our applications

   declaratively a. Why not for the cluster itself? • With the Cluster API, we can declaratively define the desired cluster state a. Operator implementations reconcile the state b. Use Spec & Status like the rest of k8s c. Common management solutions for e.g. upgrades, autoscaling and repair d. Allows for “GitOps” workflows apiVersion: cluster.k8s.io/v1alpha1 kind: MachineDeployment metadata: name: my-nodes spec: replicas: 3 selector: matchLabels: foo: bar template: metadata: labels: foo: bar spec: providerConfig: value: apiVersion: "baremetalconfig/v1alpha1" kind: "BareMetalProviderConfig" zone: "us-central1-f" machineType: "n1-standard-1" image: "ubuntu-1604-lts" versions: kubelet: 1.14.2 containerRuntime: name: containerd version: 1.2.0

8. Cluster API Progress • The first version v0.1.0, has been

   with the v1alpha1 API • Work towards v1alpha2 happens in four workstreams: ◦ extension-mechanism ▪ How does Cluster API interact with providers? webhooks, gRPC, CRDs? ◦ data-model ▪ Refine the data model for the project, including concepts such as machines, clusters, and control planes. ◦ controlplane-lifecycle-management ▪ Make the cluster control plane a first class resource. Support scaling up/down of control plane, and upgrades. ◦ node-lifecycle-management ▪ Define extension points for bootstrapping nodes. Provide a reference implementation using kubeadm. • Get involved at: https://discuss.kubernetes.io/c/contributors/cluster-api

9. Addon Operator Management • There currently isn't much consistency in

   addon management across different cluster management tools. • We are working on proposals for unifying addon management in the Cluster Addons subproject. • Join the meeting! Here are the meeting notes • KEP: Addons via Operators • Repo for experiments: https://github.com/kubernetes-sigs/addon-operators • Check out Jeff & Justin's KubeCon talk: https://sched.co/GrY1

10. Unified etcd management with etcdadm ## Summary etcdadm makes operation

    of etcd for the Kubernetes control plane easy, on clouds and on bare-metal, including both single-node and HA configurations. It is able to perform cluster reconfigurations, upgrades / downgrades, and backups / restores. ## Motivation Today each installation tool must reimplement etcd operation, and this is difficult. It also leads to ecosystem fragmentation - e.g. etcd backups from one tool are not necessarily compatible with the backups from other tools. The failure modes are subtle and rare, and thus the kubernetes project benefits from having more collaboration. https://github.com/kubernetes-sigs/etcdadm KEP: etcdadm - automation for etcd clusters

11. WG Component Standard • Problem 1: The core Kubernetes components

    are not consistent in ◦ how they are configured ◦ how they should be set up ◦ what HTTP(S) endpoints they register ◦ how they do (delegated) auth • Problem 2: It’s pretty hard to write a k8s-like component with declarative config • Solution: Factor common component-related code into a `k8s.io/component-base` toolkit repository. Make it easier to write a non-core component that follows the k8s style ◦ KEP: Create a k8s.io/component-base repo

12. ComponentConfig • Maintainability: When $component’s flag set grows over 50+

    flags, configuring it becomes painful • Upgradability: On upgrades, $component still works using versioned config vs. flags • Programmability: Configuration expressed as JSON/YAML objects allows for consistent manipulation • Possibility: Many types of config simply can’t be expressed as simple key-value • Declarative: OpenAPI information can easily be exposed / used for doc generation • See Lucas’ talk on this here: Configuring Your Kubernetes Cluster on the Next Level

13. ComponentConfig End Goal apiVersion: kubecontrollermanager.config.k8s.io/v1 kind: KubeControllerManagerConfiguration controllers: csrSigning: clusterSigningCertFile:

    /some/path namespace: concurrentNamespaceSyncs: 5 nodeLifecycle: enableTaintManager: true $ kube-controller-manager --config config.yaml

14. The SCL Roadmap Cluster API cluster-addons kubeadm etcdadm Component Config

    k8s cluster Provisioners We need your help! There is still a lot of work to do in onder to get the full puzzle in place! GA Beta Alpha Pre-Alpha

15. How can you Contribute • SIG Cluster Lifecycle New Contributor

    Onboarding • Look for “good first issue”, “help wanted” and “sig/cluster-lifecycle” labeled issues in our repositories (in k/k or in various project repository) • Attend our Zoom meetings / be around on Slack • We have “Office Hours” for our projects: weekly for kubeadm and Cluster API, bi-weekly for kops and kubespray • Full list of SIG meetings and links to minutes and recordings can be found on SIG page • Contributing to SIG Cluster Lifecycle documentation

16. Where to find us • Chairs ◦ @timothysc ◦ @luxas

    ◦ @justinsb ◦ @roberthbailey (emeritus) • Home page: ◦ https://contributor.kubernetes.io/sigs/sig-cluster-lifecycle/ • Slack channel: https://kubernetes.slack.com/messages/sig-cluster-lifecycle ◦ Other relevant channels include: ▪ #kubeadm, #cluster-api, #kops-dev, #kops-users, #kubespray, #minikube, ... • Mailing List, YouTube playlist, Meeting Notes, New Contributor Onboarding • Backlog Triaging Processes, kubeadm Release Cycle docs