Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Kubernetes - The Universal Control Plane

Nabarun Pal
December 08, 2023
0
63

Kubernetes - The Universal Control Plane

KubeDay India 2023

Nabarun Pal

December 08, 2023
Tweet

More Decks by Nabarun Pal

See All by Nabarun Pal
Keeping Social Engineering Attacks Away from OSS Communities
palnabarun
0
21
Learnings from Sustainably Steering the Kubernetes Project
palnabarun
0
52
The Eight Fallacies of Distributed Cloud Native Communities
palnabarun
0
38
State of Kubernetes and CNCF: A path to a sustainable and secure future
palnabarun
0
34
Wildfires, Firefighters and Sustainability Learnings from Mitigating Kubernetes Fires in the Community
palnabarun
0
34
What does the Kubernetes Steering Committee Steer?
palnabarun
0
67
State of Kubernetes in 2022
palnabarun
0
54
Leadership Learnings from Kubernetes Releases
palnabarun
0
45
Prow! Leveraging Developer-Centric CI for Your OSS Project!
palnabarun
0
50

Featured

See All Featured
Six Lessons from altMBA
skipperchong
27
3.5k
Bash Introduction
62gerente
608
210k
Intergalactic Javascript Robots from Outer Space
tanoku
270
27k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
45
2.2k
Facilitating Awesome Meetings
lara
50
6.1k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
0
96
Put a Button on it: Removing Barriers to Going Fast.
kastner
59
3.6k
Building Applications with DynamoDB
mza
91
6.1k
Keith and Marios Guide to Fast Websites
keithpitt
410
22k
How To Stay Up To Date on Web Technology
chriscoyier
789
250k
VelocityConf: Rendering Performance Case Studies
addyosmani
326
24k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
28
4.4k

Transcript

  1. None

  2. Nabarun Pal Kubernetes - The Universal Control Plane

  3. $ whoami • Kubernetes Maintainer and Steering Committee member •

    Chair of Kubernetes Special Interest Group Contributor Experience • Work on Auth, API Machinery, Release and ContribEx • CNCF Ambassador • Building Kubernetes based SaaS control planes for Tanzu at Broadcom @theonlynabarun

  4. Some Important Things before we start… @theonlynabarun

  5. 🚨🚨🚨 The legacy Linux package repositories for Kubernetes are going

    away in January 2024! https://kubernetes.io/blog/2023/08/31/legacy-package-repository-deprecation/ @theonlynabarun

  6. Coming to why you are here… @theonlynabarun

  7. Why would you need an universal control plane? @theonlynabarun

  8. Hybrid Cloud @theonlynabarun

  9. Ease of management @theonlynabarun

  10. Scalability @theonlynabarun

  11. Security @theonlynabarun

  12. Why is Kubernetes so good for this? @theonlynabarun

  13. @theonlynabarun Declarative State Management

  14. @theonlynabarun Declarative State Management Reliable Reconciliation Loops

  15. How do you build one? @theonlynabarun

  16. @theonlynabarun

  17. @theonlynabarun

  18. @theonlynabarun

  19. @theonlynabarun

  20. @theonlynabarun

  21. @theonlynabarun

  22. If something has an API, Crossplane can connect to it.

    @theonlynabarun

  23. You can even order a Pizza. @theonlynabarun

  24. @theonlynabarun kubectl apply -f farmhouse.yaml

  25. @theonlynabarun kubectl apply -f farmhouse.yaml 👉

  26. @theonlynabarun kubectl apply -f idli.yaml 👉

  27. What do you end up with? @theonlynabarun Declarative configuration

  28. What do you end up with? @theonlynabarun Declarative configuration Single

    Source of Truth

  29. What do you end up with? @theonlynabarun Declarative configuration Single

    Source of Truth Extensibility

  30. What do you end up with? @theonlynabarun Declarative configuration Single

    Source of Truth Extensibility Unification

  31. What do you end up with? @theonlynabarun Declarative configuration Single

    Source of Truth Extensibility Unification Automation

  32. What do you end up with? @theonlynabarun Declarative configuration Single

    Source of Truth Extensibility Unification Automation Separation

  33. @theonlynabarun

  34. KCP @theonlynabarun

  35. kcp is a Kubernetes-like control plane @theonlynabarun

  36. @theonlynabarun

  37. @theonlynabarun

  38. @theonlynabarun

  39. @theonlynabarun Logical Clusters <> Workspaces

  40. @theonlynabarun Logical Clusters <> Workspaces Workspace Aware Controllers

  41. API Service Provider model @theonlynabarun

  42. API Service Provider model @theonlynabarun

  43. Resource Syncing @theonlynabarun

  44. Kubernetes Generic Control Plane @theonlynabarun

  45. A working kube-based control plane is more than just an

    apiserver component built on k/apiserver. It includes standard resources (depending on context namespaces, CRDs, RBAC, secrets, configmaps), and standard controllers (think of garbage collection, namespace deletion, etc.). kube-apiserver today is a bundle of those resources with container orchestration, kube-controller-manager equally for the corresponding controllers. Separating the generic parts from container orchestration will allow new use-cases building upon k/apimachinery and k/apiserver, while keeping a unified codebase and ecosystem, and by improving the factoring of kube-apiserver for easier maintenance due to less complexity by clear layering. @theonlynabarun https://github.com/kubernetes/enhancements/tree/master/keps/sig-api-machinery/4080-generic-controlplane

  46. Vision @theonlynabarun

  47. What’s in and What’s out @theonlynabarun Bundled • CRDs •

    Namespaces Optional • Secrets • Configmaps • RBAC • Service accounts • Admission webhooks + policies • Quota • Aggregation, APIServices

  48. What’s in and What’s out @theonlynabarun

  49. @theonlynabarun KubeCon Demo of this feature https://youtu.be/AfjYrxTiOac?t=964

  50. Concluding Thoughts @theonlynabarun

  51. Concluding Thoughts @theonlynabarun Portability

  52. @theonlynabarun Portability Consistent Interface Concluding Thoughts

  53. @theonlynabarun Portability Consistent Interface Centralized API Concluding Thoughts

  54. @theonlynabarun Portability Consistent Interface Centralized API Avoiding Vendor Lock-in Concluding

    Thoughts

  55. @theonlynabarun Portability Consistent Interface Centralized API Avoiding Vendor Lock-in Deployment

    Strategies Concluding Thoughts

  56. @theonlynabarun Portability Consistent Interface Centralized API Avoiding Vendor Lock-in Deployment

    Strategies Day 2 Operations Concluding Thoughts

  57. Thank You! Slides will be available at https://speakerdeck.com/palnabarun/ shortly. @theonlynabarun

  58. Questions @theonlynabarun

  59. Questions I will be in the Hallway for any more

    questions. @theonlynabarun