Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Wildfires, Firefighters and Sustainability Learnings from Mitigating Kubernetes Fires in the Community

Nabarun Pal
April 20, 2023
Technology
0
11

Wildfires, Firefighters and Sustainability Learnings from Mitigating Kubernetes Fires in the Community

Nabarun Pal

April 20, 2023
Tweet

More Decks by Nabarun Pal

See All by Nabarun Pal
Kubernetes - The Universal Control Plane
palnabarun
0
30
Learnings from Sustainably Steering the Kubernetes Project
palnabarun
0
19
The Eight Fallacies of Distributed Cloud Native Communities
palnabarun
0
9
State of Kubernetes and CNCF: A path to a sustainable and secure future
palnabarun
0
12
What does the Kubernetes Steering Committee Steer?
palnabarun
0
26
State of Kubernetes in 2022
palnabarun
0
35
Leadership Learnings from Kubernetes Releases
palnabarun
0
29
Prow! Leveraging Developer-Centric CI for Your OSS Project!
palnabarun
0
30
Exploring the Kubernetes Clients ecosystem
palnabarun
0
25

Other Decks in Technology

See All in Technology
ユーザーストーリーのレビューを自動化したみたの
bun913
1
410
EMとして2023年度に頑張ったこと / What we did well in FY2023 as a EM
pauli
1
160
ゼロから始めるVue.jsコミュニティ貢献 / first-vuejs-community-contribution-link-and-motivation
lmi
1
110
サーバー間 GraphQL と webmock-graphql の話 / server-to-server graphql and webmock-graphql
qsona
2
180
Hands-on Gemini, the Google DeepMind LLM
meteatamel
1
110
On Your Data を超えていく!
hirotomotaguchi
2
650
長期運用プロジェクトでのMySQLからTiDB移行の検証
colopl
2
820
KubeCon EU 2024 Recap “Kubernetes Policy Time Machine: Where to Next?”
ryysud
0
200
SPI原点回帰論:事業課題とFour Keysの結節点を見出す実践的ソフトウェアプロセス改善 / DevOpsDays Tokyo 2024
visional_engineering_and_design
4
1.9k
家族アルバム みてねにおけるGrafana活用術 / Grafana Meetup Japan Vol.1 LT
isaoshimizu
0
170
どうするコスト最適化のトレードオフ
tetsuyaooooo
1
490
プロデザ! BY リクルート vol.18_リクルートのリサーチ実践組織「リサーチブーストコミュニティ」
recruitengineers
PRO
3
270

Featured

See All Featured
Clear Off the Table
cherdarchuk
84
310k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
227
16k
The Brand Is Dead. Long Live the Brand.
mthomps
49
28k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
352
28k
Designing with Data
zakiwarfel
96
4.8k
Optimizing for Happiness
mojombo
370
69k
jQuery: Nuts, Bolts and Bling
dougneiner
59
7.1k
In The Pink: A Labor of Love
frogandcode
138
21k
What's in a price? How to price your products and services
michaelherold
237
11k
A Philosophy of Restraint
colly
197
16k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
244
20k
We Have a Design System, Now What?
morganepeng
43
6.7k

Transcript

  1. None

  2. Nabarun Pal & Madhav Jivrajani, VMware Wildfires, Firefighters and Sustainability

    Learnings from Mitigating Kubernetes Fires in the Community

  3. Code of Conduct Remember the Golden Rule: Treat others as

    you would want to be treated - with kindness and respect Scan the QR code to access and review the CNCF Code of Conduct:

  4. Virtual Audience Closed Captioning Closed captioning for the virtual audience

    is available during each session through Wordly. The Wordly functionality can be found under the “Translations” tab on the session page. Wordly will default to English. If another language is needed, simply click the dropdown at the bottom of the “Translations” tab and choose from one of 26+ languages available so you don’t miss a beat from our presenters. *Note: Closed captioning is ONLY available during the scheduled live sessions and will not be available for the recordings on-demand within the virtual conference platform.

  5. Who Are We? Madhav Jivrajani @MadhavJivrajani Kubernetes SIG ContribEx Technical

    Lead Nabarun Pal @theonlynabarun Kubernetes Steering Committee / SIG ContribEx Chair

  6. Before We Start… @MadhavJivrajani & @theonlynabarun

  7. registry.k8s.io is GA!🎉 🚨❄k8s.gcr.io is frozen❄🚨 More info on https://k8s.io/image-registry-redirect

    Also see: k8s.gcr.io Redirect to registry.k8s.io - What You Need to Know @MadhavJivrajani & @theonlynabarun

  8. Agenda • Timeline of a Kubernetes Release • Introduction and

    Setting the context • Why were the releases delayed? • What went right? • What could be done better? • Takeaways @MadhavJivrajani & @theonlynabarun

  9. Prelude: Timeline of a Kubernetes Release Cadence: Every ~4 months

    @MadhavJivrajani & @theonlynabarun

  10. Prelude: Timeline of a Kubernetes Release Elaborate song and dance

    of People and Processes @MadhavJivrajani & @theonlynabarun

  11. Prelude: Timeline of a Kubernetes Release Emeritus Adviser Release Lead

    Branch Manager Bug Triage CI Signal Comms Docs Enhancements Release Notes Release Lead Shadows Branch Manager Shadow Bug Triage Shadows CI Signal Shadows Comms Shadows Docs Shadows Enhancements Shadows Release Notes Shadows @MadhavJivrajani & @theonlynabarun

  12. Prelude: Timeline of a Kubernetes Release @MadhavJivrajani & @theonlynabarun

  13. Prelude: Timeline of a Kubernetes Release @MadhavJivrajani & @theonlynabarun

  14. Prelude: Timeline of a Kubernetes Release @MadhavJivrajani & @theonlynabarun

  15. Prelude: Timeline of a Kubernetes Release @MadhavJivrajani & @theonlynabarun

  16. Prelude: Timeline of a Kubernetes Release @MadhavJivrajani & @theonlynabarun

  17. Prelude: Timeline of a Kubernetes Release @MadhavJivrajani & @theonlynabarun

  18. Prelude: Timeline of a Kubernetes Release @MadhavJivrajani & @theonlynabarun

  19. Prelude: Timeline of a Kubernetes Release @MadhavJivrajani & @theonlynabarun

  20. Prelude: Timeline of a Kubernetes Release @MadhavJivrajani & @theonlynabarun

  21. Prelude: Timeline of a Kubernetes Release @MadhavJivrajani & @theonlynabarun

  22. Wildfires, Firefighters and Sustainability Learnings from Mitigating Kubernetes Fires in

    the Community @MadhavJivrajani & @theonlynabarun

  23. Wildfires, Firefighters and Sustainability Learnings from Mitigating Kubernetes Fires in

    the Community @MadhavJivrajani & @theonlynabarun

  24. Wildfires, Firefighters and Sustainability Learnings from Mitigating Kubernetes Fires in

    the Community @MadhavJivrajani & @theonlynabarun

  25. @MadhavJivrajani & @theonlynabarun

  26. @MadhavJivrajani & @theonlynabarun

  27. @MadhavJivrajani & @theonlynabarun

  28. @MadhavJivrajani & @theonlynabarun

  29. @MadhavJivrajani & @theonlynabarun

  30. @MadhavJivrajani & @theonlynabarun

  31. Wildfires, Firefighters and Sustainability Learnings from Mitigating Kubernetes Fires in

    the Community @MadhavJivrajani & @theonlynabarun

  32. @MadhavJivrajani & @theonlynabarun

  33. @MadhavJivrajani & @theonlynabarun

  34. Usually, release-blockers tend to happen towards the end of a

    release, but not necessarily: @MadhavJivrajani & @theonlynabarun

  35. Usually, release-blockers tend to happen towards the end of a

    release, but not necessarily: @MadhavJivrajani & @theonlynabarun

  36. Wildfires, Firefighters and Sustainability Learnings from Mitigating Kubernetes Fires in

    the Community @MadhavJivrajani & @theonlynabarun

  37. @MadhavJivrajani & @theonlynabarun

  38. @MadhavJivrajani & @theonlynabarun

  39. @MadhavJivrajani & @theonlynabarun

  40. @MadhavJivrajani & @theonlynabarun

  41. @MadhavJivrajani & @theonlynabarun

  42. @MadhavJivrajani & @theonlynabarun

  43. Typical Flow of Fighting A Wildfire @MadhavJivrajani & @theonlynabarun

  44. Typical Flow of Fighting A Wildfire @MadhavJivrajani & @theonlynabarun

  45. Typical Flow of Fighting A Wildfire @MadhavJivrajani & @theonlynabarun

  46. Typical Flow of Fighting A Wildfire @MadhavJivrajani & @theonlynabarun

  47. Typical Flow of Fighting A Wildfire @MadhavJivrajani & @theonlynabarun

  48. Typical Flow of Fighting A Wildfire @MadhavJivrajani & @theonlynabarun

  49. Typical Flow of Fighting A Wildfire @MadhavJivrajani & @theonlynabarun

  50. Typical Flow of Fighting A Wildfire Data for release-blockers for

    releases 1.24 - 1.27 @MadhavJivrajani & @theonlynabarun

  51. Wildfires, Firefighters and Sustainability Learnings from Mitigating Kubernetes Fires in

    the Community @MadhavJivrajani & @theonlynabarun

  52. Sustainability @MadhavJivrajani & @theonlynabarun

  53. Sustainability According to Elinor Ostrom, in her Nobel Prize winning

    work “Governing the Commons”: “[A system is sustainable] as long as the average rate of withdrawal does not exceed the average rate of replenishment” @MadhavJivrajani & @theonlynabarun

  54. Sustainability @MadhavJivrajani & @theonlynabarun

  55. Sustainability @MadhavJivrajani & @theonlynabarun

  56. Sustainability @MadhavJivrajani & @theonlynabarun

  57. Recapping… @MadhavJivrajani & @theonlynabarun

  58. @MadhavJivrajani & @theonlynabarun

  59. Fire Stories: Regressions and Heroics!!! @MadhavJivrajani & @theonlynabarun

  60. Fire Stories: Regressions and Heroics!!! @MadhavJivrajani & @theonlynabarun

  61. Fire Stories: Regressions and Heroics!!! @MadhavJivrajani & @theonlynabarun

  62. Fire Stories: Regressions and Heroics!!! @MadhavJivrajani & @theonlynabarun

  63. Fire Stories: Regressions and Heroics!!! @MadhavJivrajani & @theonlynabarun

  64. Fire Stories: Regressions and Heroics!!! @MadhavJivrajani & @theonlynabarun

  65. Fire Stories: Regressions and Heroics!!! Turn Around Time = ~1

    day @MadhavJivrajani & @theonlynabarun

  66. Fire Stories: Regressions and Heroics!!! Observations: • Detection possible due

    to consumption of latest version of Kubernetes @MadhavJivrajani & @theonlynabarun

  67. Fire Stories: Regressions and Heroics!!! Observations: • Detection possible due

    to consumption of latest version of Kubernetes • Community Release Engineers and Triagers available around the globe @MadhavJivrajani & @theonlynabarun

  68. Fire Stories: Regressions and Heroics!!! Observations: • Detection possible due

    to consumption of latest version of Kubernetes • Community Release Engineers and people with knowledge of machinery available around the globe Thank you Andy, dims, liggitt, Kubernetes Release Managers and Google Build Admins! @MadhavJivrajani & @theonlynabarun

  69. Fire Stories: go1.18 Breaks CSR Validation Like most fires, we

    start with our CI looking like this: @MadhavJivrajani & @theonlynabarun

  70. Fire Stories: go1.18 Breaks CSR Validation Like most fires, we

    start with our CI looking like this: @MadhavJivrajani & @theonlynabarun

  71. Fire Stories: go1.18 Breaks CSR Validation Quick summary of what

    happened: • In go1.18 crypto/x509 started to reject certificates signed with SHA-1 hash function. • Problem was it also rejected CSRs while it should only have rejected certificates. • Due to this, CI remains red till we get a fix in the next minor Go version @MadhavJivrajani & @theonlynabarun

  72. Fire Stories: go1.18 Breaks CSR Validation Triage @MadhavJivrajani & @theonlynabarun

  73. Fire Stories: go1.18 Breaks CSR Validation Triage @MadhavJivrajani & @theonlynabarun

  74. Fire Stories: go1.18 Breaks CSR Validation Triage Quick fix to

    unblock CI @MadhavJivrajani & @theonlynabarun

  75. Fix: When the actual fix isn’t in our control, “fixing”

    includes charting the best course forward with what we can control. Fire Stories: go1.18 Breaks CSR Validation @MadhavJivrajani & @theonlynabarun

  76. Fire Stories: go1.18 Breaks CSR Validation Fix: Watch and List

    @MadhavJivrajani & @theonlynabarun

  77. Fire Stories: go1.18 Breaks CSR Validation “Subfires” @MadhavJivrajani & @theonlynabarun

  78. Fire Stories: go1.18 Breaks CSR Validation From fighting this, we

    largely see the need for: • Folks with cross functional knowledge of the tooling and machinery of the project. • Folks with knowledge about policies of other open source communities and projects that we depend on (Go in this case). @MadhavJivrajani & @theonlynabarun

  79. What went right? @MadhavJivrajani & @theonlynabarun

  80. Dissecting issues into actionable chunks @MadhavJivrajani & @theonlynabarun

  81. Correct Set of Tools @MadhavJivrajani & @theonlynabarun

  82. @MadhavJivrajani & @theonlynabarun Correct Set of Tools

  83. Correct Set of Tools @MadhavJivrajani & @theonlynabarun

  84. Correct Set of Tools @MadhavJivrajani & @theonlynabarun

  85. Correct Set of Tools @MadhavJivrajani & @theonlynabarun

  86. Global Distribution of Contributors @MadhavJivrajani & @theonlynabarun

  87. Employer Support For OSS Work Company Supported 3169 Independent 669

    @MadhavJivrajani & @theonlynabarun

  88. What Can Be Improved? We’ve seen what went right, let’s

    take a look at how we can potentially improve. @MadhavJivrajani & @theonlynabarun

  89. Strategically Growing OWNERS @MadhavJivrajani & @theonlynabarun

  90. Strategically Growing OWNERS • Growing OWNERS in the project is

    critical. Period. @MadhavJivrajani & @theonlynabarun

  91. Strategically Growing OWNERS • Growing OWNERS in the project is

    critical. Period. • Looking back at our fire stories, we can get things back on track quicker if we have a geo distributed set of firefighters: @MadhavJivrajani & @theonlynabarun

  92. Strategically Growing OWNERS • Growing OWNERS in the project is

    critical. Period. • Looking back at our fire stories, we can get things back on track quicker if we have a geo distributed set of firefighters: ◦ But is that enough? @MadhavJivrajani & @theonlynabarun

  93. Strategically Growing OWNERS @MadhavJivrajani & @theonlynabarun

  94. Strategically Growing OWNERS @MadhavJivrajani & @theonlynabarun

  95. Strategically Growing OWNERS @MadhavJivrajani & @theonlynabarun

  96. Strategically Growing OWNERS @MadhavJivrajani & @theonlynabarun

  97. Strategically Growing OWNERS @MadhavJivrajani & @theonlynabarun

  98. Strategically Growing OWNERS @MadhavJivrajani & @theonlynabarun

  99. Strategically Growing OWNERS @MadhavJivrajani & @theonlynabarun

  100. Strategically Growing OWNERS @MadhavJivrajani & @theonlynabarun

  101. Strategically Growing OWNERS • Growing OWNERS in the project is

    critical. Period. • Looking back at our fire stories, we can get things back on track quicker if we have a geo distributed set of firefighters: ◦ But is that enough? ◦ Along with this, we also benefit from a geo distributed set of OWNERS ▪ Brings back things back on track faster (ex: unblocks CI faster) ▪ More time for CI to soak changes made by PRs (especially towards the end of a release) @MadhavJivrajani & @theonlynabarun

  102. Reliability @MadhavJivrajani & @theonlynabarun

  103. Reliability We don’t need firefighters if we don’t have fires

    @MadhavJivrajani & @theonlynabarun

  104. Reliability Investing in the reliability of the project gives exponentially

    positive returns @MadhavJivrajani & @theonlynabarun

  105. Reliability Investing in the reliability of the project gives exponentially

    positive returns: • There has been a great amount of work being put towards reliability of the Kubernetes project. @MadhavJivrajani & @theonlynabarun

  106. Reliability Investing in the reliability of the project gives exponentially

    positive returns: • There has been a great amount of work being put towards reliability of the Kubernetes project. • This effort is largely owed to SIG Testing – thank you to everyone involved, but there is still a lot of help needed here. @MadhavJivrajani & @theonlynabarun

  107. Reliability Investing in the reliability of the project gives exponentially

    positive returns: • There has been a great amount of work being put towards reliability of the Kubernetes project. • This effort is largely owed to SIG Testing – thank you to everyone involved, but there is still a lot of help needed here. ◦ If you are an end user or a vendor or someone who cares about Kubernetes, investing and funding folks to work on the Kubernetes project is critical for us as an ecosystem. @MadhavJivrajani & @theonlynabarun

  108. Having More Firefighters @MadhavJivrajani & @theonlynabarun

  109. Having More Firefighters According to Curto-Millet et al. in “The

    sustainability of open source commons”: “Not all participation is equal and projects and communities need to encourage positive social relations. This involves participants becoming core members through situated learning and identity construction.” @MadhavJivrajani & @theonlynabarun

  110. Having More Firefighters • Undocumented context — one of the

    largest reasons we depend on a small number of project veterans. @MadhavJivrajani & @theonlynabarun

  111. Having More Firefighters • Undocumented context — one of the

    largest reasons we depend on a small number of project veterans. ◦ As a first step, let’s start doing and publishing post mortems after each fire. @MadhavJivrajani & @theonlynabarun

  112. Having More Firefighters • Undocumented context — one of the

    largest reasons we depend on a small number of project veterans. ◦ As a first step, let’s start doing and publishing post mortems after each fire. • Enable folks who are potential firefighters @MadhavJivrajani & @theonlynabarun

  113. Having More Firefighters • Undocumented context — one of the

    largest reasons we depend on a small number of project veterans. ◦ As a first step, let’s start doing and publishing post mortems after each fire. • Enable folks who are potential firefighters ◦ When fires come up - having broken down, tangible descriptions and analyses enable potential firefighters. @MadhavJivrajani & @theonlynabarun

  114. Having More Firefighters • Undocumented context — one of the

    largest reasons we depend on a small number of project veterans. ◦ As a first step, let’s start doing and publishing post mortems after each fire. • Enable folks who are potential firefighters ◦ When fires come up - having broken down, tangible descriptions and analyses enable potential firefighters. • We have amazing teams like the Release CI Signal who can be enabled to be the entry point of firefighting. @MadhavJivrajani & @theonlynabarun

  115. Having More Firefighters Link to the video: YouTube @MadhavJivrajani &

    @theonlynabarun

  116. Takeaways @MadhavJivrajani & @theonlynabarun

  117. Takeaways Globally distributed contributors, with employer support, trained to triage

    and debug fires, with the right tools. @MadhavJivrajani & @theonlynabarun

  118. Takeaways Globally distributed contributors, with employer support, trained to triage

    and debug fires, with the right tools. @MadhavJivrajani & @theonlynabarun

  119. Takeaways Globally distributed contributors, with employer support, trained to triage

    and debug fires, with the right tools. @MadhavJivrajani & @theonlynabarun

  120. Takeaways Globally distributed contributors, with employer support, trained to triage

    and debug fires, with the right tools. @MadhavJivrajani & @theonlynabarun

  121. Takeaways Globally distributed contributors, with employer support, trained to triage

    and debug fires, with the right tools. @MadhavJivrajani & @theonlynabarun

  122. Thank You! @MadhavJivrajani & @theonlynabarun

  123. Come join us at the Kubernetes SIG Meet and Greet

    Tomorrow at 12.30PM at Europe Foyer 1, Ground Floor, Congress Centre. @MadhavJivrajani & @theonlynabarun

  124. Please scan the QR Code above to leave feedback on

    this session @MadhavJivrajani & @theonlynabarun