Kubernetes Meetup Tokyo #34 (2020/9/30) Shunya Murata @shmurata_ Shinya Uemura @uesyn Kubernetes v1.19 มߋ఺ௐࠪͷ·ͱΊ

Shinya Uemura / @suemura ▶ θοτϥϘגࣜձࣾ ιϑτ΢ΣΞΤϯδχΞ ▶ 2019೥θοτϥϘגࣜձࣾʹೖࣾ ▶ Prometheus Meetup Tokyo, Cloud Native Meetup TokyoͷӡӦ΍ͬͯ·͢

θοτϥϘגࣜձࣾ / Z Lab Corporation ▶ 2015೥ʹઃཱ͞ΕͨϠϑʔגࣜձࣾͷ100%ࢠձࣾ ▶ Πϯϑϥج൫ٕज़ͷௐࠪɾݚڀ։ൃ ▶ Ϡϑʔגࣜձࣾ޲͚ͷϚωʔδυ Kubernetes αʔϏεͷ։ൃ ▶ https://zlab.co.jp/

ΞδΣϯμ ▶ มߋ఺ௐࠪͷऔΓ૊Έʹ͍ͭͯ ▶ @uesynͷؾʹͳͬͨมߋ఺ͷ঺հ ▶ @shmurata_ ͷؾʹͳͬͨมߋ఺ͷ঺հ

มߋ఺ௐࠪʹ͍ͭͯ

มߋ఺ௐࠪͱ͸ʁͳ࣮ͥࢪ͢Δͷ͔ʁ ▶ มߋ఺ௐࠪͱ͸ʁ + Z LabͰ͸KubernetesͷCHANGELOGΛௐࠪɾ೔ຊޠ༁ͷهࣄΛ࡞੒͍ͯ͠·͢ + ϚΠφʔόʔδϣϯͷϦϦʔεຖʹ࣮ࢪ + v1.19͸Z Labͱ@superbrothers͞ΜͰ࣮ࢪ + SIG (Special Interest Group) ຖʹ୲౰Λ෼୲͠ɺSIGʹؔ࿈ͨ͠಺༰Λ·ͱΊΔ ▶ ͳ࣮ͥࢪ͢Δͷ͔ʁ + ίϛϡχςΟ΁ͷߩݙͷͨΊ + CaaSΛར༻͍ͯ͠ΔϢʔβ΁Өڹ΍ศརͳػೳͷ঺հ + Kubernetesͷมߋ఺͔Βɺఏڙ͍ͯ͠ΔCaaS΁ͷӨڹΛ೺Ѳ͢ΔͨΊ + ެ։͍ͯ͠Δͷ͸ϚΠφʔόʔδϣϯ͚ͩͰ͕͢ɺύονόʔδϣϯͷมߋ΋֬ೝ

มߋ఺ௐࠪͱ͸ʁͳ࣮ͥࢪ͢Δͷ͔ʁ ▶ มߋ఺ௐࠪͱ͸ʁ + Z LabͰ͸KubernetesͷCHANGELOGΛௐࠪɾ೔ຊޠ༁ͷهࣄΛ࡞੒͍ͯ͠·͢ + ϚΠφʔόʔδϣϯͷϦϦʔεຖʹ࣮ࢪ + v1.19͸Z Labͱ@superbrothers͞ΜͰ࣮ࢪ + SIG (Special Interest Group) ຖʹ୲౰Λ෼୲͠ɺSIGʹؔ࿈ͨ͠಺༰Λ·ͱΊΔ ▶ ͳ࣮ͥࢪ͢Δͷ͔ʁ + ίϛϡχςΟ΁ͷߩݙͷͨΊ + CaaSΛར༻͍ͯ͠ΔϢʔβ΁Өڹ΍ศརͳػೳͷ঺հ + Kubernetesͷมߋ఺͔Βɺఏڙ͍ͯ͠ΔCaaS΁ͷӨڹΛ೺Ѳ͢ΔͨΊ + ެ։͍ͯ͠Δͷ͸ϚΠφʔόʔδϣϯ͚ͩͰ͕͢ɺύονόʔδϣϯͷมߋ΋֬ೝ

@uesyn ͷؾʹͳͬͨมߋ఺

͔͜͜Βࢲ͕࿩͢಺༰ 1. Expanded CLI support for debugging workloads and nodes
 2. Deprecation warnings
 3. Avoiding permanent beta
 4. Increase the Kubernetes support window to one year
 5. Structure Logging
 6. EndpointSlices are now enabled by default

Expanded CLI support for debugging workloads and nodes

Expanded CLI support for debugging workloads and nodes ▶ ”kubectl alpha debug” ΁৽ͨʹ2ͭͷػೳ͕௥Ճ 1. NodeͷͨΊͷdebugػೳ + Nodeͷσόοά༻ίϯςφΛ࡞੒ + /host ΁Nodeͷ / ΛϚ΢ϯτ͠ɺNodeͷPID,IPC΍NWωʔϜεϖʔεͰىಈ 2. PodͷͨΊͷdebugػೳ + debugର৅ͷPodΛίϐʔ͠debug༻PodΛ࡞੒ + debug༻ίϯςφΛૠೖͨ͠ΓɺίϯςφΠϝʔδ΍Ҿ਺ͳͲΛมߋͨ͠΋ͷΛ࡞੒ ▶ ͲͪΒ΋FeatureGatesͷEphemeralContainersΛ༗ޮʹ͢Δඞཁͳ͠ + alphaػೳ͕༗ޮʹͰ͖ͳ͍؀ڥͰ΋ར༻Մೳ

௥Ճ͞ΕͨNodeͷͨΊͷdebugػೳ(1/2)

௥Ճ͞ΕͨNodeͷͨΊͷdebugػೳ(2/2) /hostʹNodeͷ/͕Ϛ΢ϯτ͞Ε͍ͯΔ NodeͷPID,IPC΍NWωʔϜεϖʔεͰ࣮ߦ debug༻ͷPod໊

௥Ճ͞ΕͨPodͷͨΊͷdebugػೳ(1/2) ͜ͷ໊લͰdebug༻Pod͕࡞੒͞ΕΔ share-processͰ΋debug༻ίϯςφΛىಈՄೳ

௥Ճ͞ΕͨPodͷͨΊͷdebugػೳ(2/2) share-processͰ΋debug༻ίϯςφΛىಈՄೳ ▶ ͬ͟ͱ֬ೝͨ͠ײ͡ؾΛ෇͚ͨํ͕ྑͦ͞͏ͳࣄ + label͸ίϐʔ͞Εͳ͍ + Service഑ԼͷPodΛdebug͢Δͱ͖ɺಉ͡τϥϑΟοΫ͸ྲྀΕͯ͜ͳ͍ + Volume, VolumeMounts΋ίϐʔ͞ΕΔ + hostPort΋ίϐʔ͞ΕΔ ౳ʑ… ▶ ىಈॱংͷ੍໿΍εέʔϧͰ͖ͳ͍ΞϓϦέʔγϣϯ΋஫ҙ͢Δඞཁ

௥Ճ͞Εͨdebugػೳʹ͍ͭͯ ▶ ௥Ճ͞Εͨೋͭͷػೳ͸ڞʹɺศརPodΛ࡞ΔͨΊͷίϚϯυ ▶ ৄ͍࣮͠૷͸ҎԼΛࢀর + https://github.com/kubernetes/kubectl/blob/v0.19.2/pkg/cmd/debug/debug.go#L478-L522 + https://github.com/kubernetes/kubectl/blob/v0.19.2/pkg/cmd/debug/debug.go#L413-L476

Deprecation warnings

Deprecation warnings ▶ APIར༻࣌ʹWarningΛฦ͢ػೳ͕௥Ճ + ഇࢭ༧ఆͷAPIΛୟ͍ͨ࣌ + Admission WebhooksͷϨεϙϯεͰࢦఆ (ϢʔβఆٛՄೳ) + CRDͷϑΟʔϧυͰࢦఆ (ϢʔβఆٛՄೳ)

ValidatingWebhookΛ༻͍ͨWarningͷσϞ ▶ ԿͷK8sϦιʔεͷValidation΋ͤͣɺWarning͚ͩฦ͢ValidatingWebhookͷσϞΛ͠·͢ + https://github.com/uesyn/sample-warning-admission-webhook + ↑ޙ΄Ͳͪ͜ΒͰެ։͓͖ͯ͠·͢ + ϦιʔεͷValidation͸͠·ͤΜ͕ɺۈ຿࣌ؒͷValidation͸ͯ͘͠Ε·͢ + ۈ຿࣌ؒ֎ʹಇ͘͜ͱΛېࢭ͠·ͤΜ͕ɺWarningͱͯ͠ग़ྗ ▶ Admission WebhookͷWarningʹ͍ͭͯ͸ҎԼΛࢀর͍ͩ͘͞ + https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/#admissionreview-response-warning

Avoiding permanent beta

Avoiding permanent beta ▶ ͣͬͱvXbetaYͰ͢ʂͱͳΒͳ͍ͨΊͷϙϦγʔΛద༻ + Ingress͸2015೥ʹ͸betaʹͳ͍ͬͯͨΑ͏Ͱ͢ ▶ ৽͍͠API͕betaʹͳΔͱɺͦͷAPI͸9ϲ݄Ҏ಺ͰҎԼͷΞΫγϣϯ͕ඞཁ + GAΛग़͠ɺbetaͷ΋ͷΛඇਪ঑ͱ͢Δ + ৽͍͠betaΛग़͠ɺݹ͍΋ͷΛඇਪ঑ͱ͢Δ ▶ 9ϲ݄ܦաͯ͠͠·ͬͨ৔߹ + ࣍ͷϦϦʔεͰͦͷAPIͷόʔδϣϯ͸ඇਪ঑ͱͳΔ + ಉ͡betaόʔδϣϯͰଓߦͱ͍͏બ୒ࢶ͸ͳ͍ ▶ ৄࡉ͸ҎԼ + https://kubernetes.io/blog/2020/08/21/moving-forward-from-beta/

Increase the Kubernetes support window to one year

Increase the Kubernetes support window to one year ▶ Kubernetes v1.19͔Βɺόάमਖ਼ͷαϙʔτ͕9ϲ݄͔Β1೥΁ ▶ ͜Ε͔Β΋ؤுͬͯΫϥελͷΞοϓάϨʔυ͍͖ͯ͠·͠ΐ͏ʂ

Structure Logging

Structure Logging ▶ ߏ଄ԽϩΪϯά͕ಋೖ͞Εͨ + ରԠ͍ͯ͠ΔkubernetesͷίϯϙʔωϯτͰ͋Ε͹—logging-formatΦϓγϣϯͰࢦఆՄೳ + json ·ͨ͸ text Λࢦఆ ▶ k8s.io/klog ͕v2ͱͳΓInfoS΍ErrorSͳͲͷߏ଄Խ͞ΕͨϩάΛग़ྗ͢Δؔ਺͕௥Ճ + jsonͰग़ྗ͢Δ࣮૷͸klogʹ͸ͳ͍ + SetLogger ؔ਺Ͱgithub.com/go-logr/logr Λ࣮૷ͨ͠΋ͷΛηοτ͢Δ + K8sίϯϙʔωϯτ͕ར༻͍ͯ͠Δ্ه࣮૷͸ k8s.io/component-base ʹଘࡏ

EndpointSlices are now enabled by default

EndpointSlices are now enabled by default ▶ Endpointsͷ୅ΘΓʹEndpointSlice͕kube-proxyͰσϑΥϧτͰར༻͞ΕΔΑ͏ʹ ▶ EndpointSliceϦιʔεࣗମ͸v1.18͔Β࡞੒͞ΕΔ ▶ EndpointsϦιʔεΛ୯ମͰ࡞੒͢ΔͱɺରԠ͢ΔEndpointSliceϦιʔε͕࡞੒͞ΕΔ + EndpointSliceMirrorling controllerʹΑΓੜ੒͞ΕΔ + labelͰendpointslice.kubernetes.io/skip-mirror: “true" ͱ͢Δ͜ͱͰϛϥʔϦϯά͞Εͳ͘ͳΔ + ࡞੒͞ΕΔEndpointSlice͸OwnerReference͕ͦͷEndpointsͱͳΔΑ͏Ͱ͢