Tweet
Tweet

Slide 1

Slide 1 text

No content

Slide 2

Slide 2 text

Nabarun Pal Kubernetes - The Universal Control Plane

Slide 3

Slide 3 text

$ whoami ● Kubernetes Maintainer and Steering Committee member ● Chair of Kubernetes Special Interest Group Contributor Experience ● Work on Auth, API Machinery, Release and ContribEx ● CNCF Ambassador ● Building Kubernetes based SaaS control planes for Tanzu at Broadcom @theonlynabarun

Slide 4

Slide 4 text

Some Important Things before we start… @theonlynabarun

Slide 5

Slide 5 text

🚨🚨🚨 The legacy Linux package repositories for Kubernetes are going away in January 2024! https://kubernetes.io/blog/2023/08/31/legacy-package-repository-deprecation/ @theonlynabarun

Slide 6

Slide 6 text

Coming to why you are here… @theonlynabarun

Slide 7

Slide 7 text

Why would you need an universal control plane? @theonlynabarun

Slide 8

Slide 8 text

Hybrid Cloud @theonlynabarun

Slide 9

Slide 9 text

Ease of management @theonlynabarun

Slide 10

Slide 10 text

Scalability @theonlynabarun

Slide 11

Slide 11 text

Security @theonlynabarun

Slide 12

Slide 12 text

Why is Kubernetes so good for this? @theonlynabarun

Slide 13

Slide 13 text

@theonlynabarun Declarative State Management

Slide 14

Slide 14 text

@theonlynabarun Declarative State Management Reliable Reconciliation Loops

Slide 15

Slide 15 text

How do you build one? @theonlynabarun

Slide 16

Slide 16 text

@theonlynabarun

Slide 17

Slide 17 text

@theonlynabarun

Slide 18

Slide 18 text

@theonlynabarun

Slide 19

Slide 19 text

@theonlynabarun

Slide 20

Slide 20 text

@theonlynabarun

Slide 21

Slide 21 text

@theonlynabarun

Slide 22

Slide 22 text

If something has an API, Crossplane can connect to it. @theonlynabarun

Slide 23

Slide 23 text

You can even order a Pizza. @theonlynabarun

Slide 24

Slide 24 text

@theonlynabarun kubectl apply -f farmhouse.yaml

Slide 25

Slide 25 text

@theonlynabarun kubectl apply -f farmhouse.yaml 👉

Slide 26

Slide 26 text

@theonlynabarun kubectl apply -f idli.yaml 👉

Slide 27

Slide 27 text

What do you end up with? @theonlynabarun Declarative configuration

Slide 28

Slide 28 text

What do you end up with? @theonlynabarun Declarative configuration Single Source of Truth

Slide 29

Slide 29 text

What do you end up with? @theonlynabarun Declarative configuration Single Source of Truth Extensibility

Slide 30

Slide 30 text

What do you end up with? @theonlynabarun Declarative configuration Single Source of Truth Extensibility Unification

Slide 31

Slide 31 text

What do you end up with? @theonlynabarun Declarative configuration Single Source of Truth Extensibility Unification Automation

Slide 32

Slide 32 text

What do you end up with? @theonlynabarun Declarative configuration Single Source of Truth Extensibility Unification Automation Separation

Slide 33

Slide 33 text

@theonlynabarun

Slide 34

Slide 34 text

KCP @theonlynabarun

Slide 35

Slide 35 text

kcp is a Kubernetes-like control plane @theonlynabarun

Slide 36

Slide 36 text

@theonlynabarun

Slide 37

Slide 37 text

@theonlynabarun

Slide 38

Slide 38 text

@theonlynabarun

Slide 39

Slide 39 text

@theonlynabarun Logical Clusters <> Workspaces

Slide 40

Slide 40 text

@theonlynabarun Logical Clusters <> Workspaces Workspace Aware Controllers

Slide 41

Slide 41 text

API Service Provider model @theonlynabarun

Slide 42

Slide 42 text

API Service Provider model @theonlynabarun

Slide 43

Slide 43 text

Resource Syncing @theonlynabarun

Slide 44

Slide 44 text

Kubernetes Generic Control Plane @theonlynabarun

Slide 45

Slide 45 text

A working kube-based control plane is more than just an apiserver component built on k/apiserver. It includes standard resources (depending on context namespaces, CRDs, RBAC, secrets, configmaps), and standard controllers (think of garbage collection, namespace deletion, etc.). kube-apiserver today is a bundle of those resources with container orchestration, kube-controller-manager equally for the corresponding controllers. Separating the generic parts from container orchestration will allow new use-cases building upon k/apimachinery and k/apiserver, while keeping a unified codebase and ecosystem, and by improving the factoring of kube-apiserver for easier maintenance due to less complexity by clear layering. @theonlynabarun https://github.com/kubernetes/enhancements/tree/master/keps/sig-api-machinery/4080-generic-controlplane

Slide 46

Slide 46 text

Vision @theonlynabarun

Slide 47

Slide 47 text

What’s in and What’s out @theonlynabarun Bundled ● CRDs ● Namespaces Optional ● Secrets ● Configmaps ● RBAC ● Service accounts ● Admission webhooks + policies ● Quota ● Aggregation, APIServices

Slide 48

Slide 48 text

What’s in and What’s out @theonlynabarun

Slide 49

Slide 49 text

@theonlynabarun KubeCon Demo of this feature https://youtu.be/AfjYrxTiOac?t=964

Slide 50

Slide 50 text

Concluding Thoughts @theonlynabarun

Slide 51

Slide 51 text

Concluding Thoughts @theonlynabarun Portability

Slide 52

Slide 52 text

@theonlynabarun Portability Consistent Interface Concluding Thoughts

Slide 53

Slide 53 text

@theonlynabarun Portability Consistent Interface Centralized API Concluding Thoughts

Slide 54

Slide 54 text

@theonlynabarun Portability Consistent Interface Centralized API Avoiding Vendor Lock-in Concluding Thoughts

Slide 55

Slide 55 text

@theonlynabarun Portability Consistent Interface Centralized API Avoiding Vendor Lock-in Deployment Strategies Concluding Thoughts

Slide 56

Slide 56 text

@theonlynabarun Portability Consistent Interface Centralized API Avoiding Vendor Lock-in Deployment Strategies Day 2 Operations Concluding Thoughts

Slide 57

Slide 57 text

Thank You! Slides will be available at https://speakerdeck.com/palnabarun/ shortly. @theonlynabarun

Slide 58

Slide 58 text

Questions @theonlynabarun

Slide 59

Slide 59 text

Questions I will be in the Hallway for any more questions. @theonlynabarun