Making kubectl plugins mainstream

Slide 1

Slide 1 text

@ahmetb making kubectl plugins mainstream ahmet alp balkan (@ahmetb) google cloud

Slide 2

Slide 2 text

@ahmetb @ahmetb on {twitter, github} ➔ ported docker.exe, docker maintainer ~2015 ➔ started Azure Container Registry ~2016 ➔ developer advocate @ Google ~2017 working on Google Cloud Run, Knative, dev tools ➔ kubectx & kubens & kubectl-aliases ➔ Google’s microservices-demo ➔ kubectl plugin manager krew.dev about me 2

Slide 3

Slide 3 text

@ahmetb agenda 1. kubectl plugins 101 2. krew (plugin manager) overview 3. why did we need plugins? 4. let's develop a plugin 5. plugin runtime 6. why develop a plugin? 7. how to distribute your plugins 8. best practices for writing plugins user developer 3

Slide 4

Slide 4 text

@ahmetb USING PLUGINS 4

Slide 5

Slide 5 text

@ahmetb kubectl plugins circa v1.12 an extension mechanism that lets you write your own kubectl subcommands. 5

Slide 6

Slide 6 text

@ahmetb kubectl plugin mechanism in a nutshell 1. write an executable program 2. name it kubectl-something 3. put it in your $PATH 4. invoke as "kubectl something" 6

Slide 7

Slide 7 text

@ahmetb where do I find plugins? - github? - some list? - package manager? 7

Slide 8

Slide 8 text

@ahmetb Krew the missing plugin manager for kubectl Kubernetes SIG CLI sub-project https://krew.dev (sigs.k8s.io/krew) 8

Slide 9

Slide 9 text

@ahmetb What is Krew? - Functionality - discover plugins - install plugins - update plugins - remove plugins - Started in 2018 as an intern project at Google Cloud. - Donated to Kubernetes project in May 2019. - Not an actual package manager - Doesn't handle dependencies. 9

Slide 10

Slide 10 text

@ahmetb kubectl plugins on Krew KubeCon 2018 Seattle Today KubeCon 2019 EU 10

Slide 11

Slide 11 text

@ahmetb kubectl plugins on Krew KubeCon 2018 Seattle Today KubeCon 2019 EU 11

Slide 12

Slide 12 text

@ahmetb demo: let's try krew 12

Slide 13

Slide 13 text

@ahmetb why did we need kubectl plugins? 13

Slide 14

Slide 14 text

@ahmetb 1. people want to add new sub-commands to kubectl 14

Slide 15

Slide 15 text

@ahmetb 15

Slide 16

Slide 16 text

@ahmetb 2. everybody has opinions 16

Slide 17

Slide 17 text

@ahmetb 17

Slide 18

Slide 18 text

@ahmetb 3. reaching consensus in open source is not trivial 18

Slide 19

Slide 19 text

@ahmetb 19

Slide 20

Slide 20 text

@ahmetb 20

Slide 21

Slide 21 text

@ahmetb 4. we cannot solve everything in the kubernetes core 21

Slide 22

Slide 22 text

@ahmetb Storage plugins Network plugins Custom controllers Scheduler extension/ custom scheduler Custom resources (CRD) API Access Extensions (Admission webhooks, authentication webhook, authz/RBAC webhooks) kubernetes.io/docs/concepts/extend-kubernetes/extend-cluster Kubectl Plugins 22

Slide 23

Slide 23 text

@ahmetb 5. kubernetes core moves slower 23

Slide 24

Slide 24 text

@ahmetb official command plugin KEP + approval no approvals usefulness and stability no restrictions hosted in kubectl codebase (Go only) any language tied to Kubernetes release cycle release at your own pace has to be consistent with kubectl has room for creativity takes O(months)..O(years) from alpha→beta→stable develop & distribute in O(hours) 24

Slide 25

Slide 25 text

@ahmetb 6. people are creative 25

Slide 26

Slide 26 text

@ahmetb 26

Slide 27

Slide 27 text

@ahmetb ...even GUI-based plugins 27

Slide 28

Slide 28 text

@ahmetb 7. allow safe experimentation 28

Slide 29

Slide 29 text

@ahmetb ➔ deprecating a kubectl command is painful. ➔ let people experiment, graduate successful ones. experimentation 29

Slide 30

Slide 30 text

@ahmetb DEVELOPING PLUGINS 30

Slide 31

Slide 31 text

@ahmetb kubectl plugin mechanism in a nutshell 1. write an executable program 2. name it kubectl-something 3. put it in your $PATH 4. invoke as "kubectl something" 31

Slide 32

Slide 32 text

@ahmetb demo: let's develop a plugin! git.k8s.io/sample-cli-plugin 32

Slide 33

Slide 33 text

@ahmetb "kubectl a b c" → is "a" builtin command? → kubectl-a-b-c ? → kubectl-a-b ? → kubectl-a ? plugin lookup 33

Slide 34

Slide 34 text

@ahmetb plugin execution runtime 1. look for the plugin executable in PATH 2. execve() syscall replace kubectl with the plugin process ◆ inherit environment variables ◆ inherit standard streams ◆ determine exitcode of kubectl invocation 34

Slide 35

Slide 35 text

@ahmetb why develop a kubectl plugin? 35

Slide 36

Slide 36 text

@ahmetb your tool has a weird name and it's not very memorable rakkess kubectl access-matrix ketall kubectl get-all ksort kubectl sort-manifests kail kubectl tail feels more natural 36

Slide 37

Slide 37 text

@ahmetb kubectl is missing a feature 37

Slide 38

Slide 38 text

@ahmetb kubectl is missing a feature 38

Slide 39

Slide 39 text

@ahmetb kubectl is missing a feature 39

Slide 40

Slide 40 text

@ahmetb address shortcomings of kubectl kubectl get all: lies to you plugin: tells you the truth 40

Slide 41

Slide 41 text

@ahmetb enhances existing kubectl command builtin: query one resource at a time plugin: shows a matrix of all capabilities 41

Slide 42

Slide 42 text

@ahmetb enhances existing kubectl command plugin: queries for all subjects in the cluster builtin: query one user at a time 42

Slide 43

Slide 43 text

@ahmetb so you have a plugin, now what? ➔ packaging ➔ distribution ➔ release 43

Slide 44

Slide 44 text

@ahmetb plugin developer problems ● How can people hear about my plugin? ● How can I package my plugin for others to install? ● How can I deliver updates? If you're a kubectl plugin developer, Krew solves these problems. 44

Slide 45

Slide 45 text

@ahmetb packaging/distribution user plugin 45

Slide 46

Slide 46 text

@ahmetb packaging/distribution macOS windows linux Chocolatey Homebrew MacPorts apt yum/dnf pacman apk ... user plugin 46

Slide 47

Slide 47 text

@ahmetb Krew to rescue! user plugin Krew 47

Slide 48

Slide 48 text

@ahmetb Without krew https://github.com/guessi/kubectl-grep how to update? how to uninstall? 48

Slide 49

Slide 49 text

@ahmetb ...users to: ● install plugins ● keep them up to date ● remove plugins cleanly ...developers to: ● make their plugins discoverable by users ● package their plugins for multiple platforms ● deliver updates Krew helps... 49

Slide 50

Slide 50 text

@ahmetb Krew currently operates with a centralized package index. sigs.k8s.io/krew-index centralized discovery 50

Slide 51

Slide 51 text

@ahmetb packaging & distributing with Krew 1. make your plugin available as a .tar.gz or .zip archive 2. write a plugin manifest 3. submit a pull request to krew-index 4. party! 51

Slide 52

Slide 52 text

@ahmetb plugin manifest apiVersion: krew.googlecontainertools.github.com/v1alpha2 kind: Plugin metadata: name: "access-matrix" spec: version: "v0.4.0" homepage: "https://github.com/corneliusweig/rakkess" platforms: - - - - ... 52

Slide 53

Slide 53 text

@ahmetb ... # continued spec: platforms: - selector: matchLabels: os: linux arch: amd64 uri: https://github.com/corneliusweig/rakkess/releases/v0.4.0/bundle.tar.gz sha256: 7a16c61dfc4e2924fdedc894d59db7820bc4643a58d9a853c4eb83eadd4deee8 files: - from: ./rakkess_linux-amd64 to: ./rakkess - from: ./LICENSE to: "." bin: ./rakkess plugin manifest - platform 53

Slide 54

Slide 54 text

@ahmetb recipes for success 1. name your plugin for clarity (see Krew Naming Guide) 2. reuse flags/options and KUBECONFIG detection from k8s.io/cli-runtime/pkg/genericclioptions 3. import auth plugins for cloud clusters import _ "k8s.io/client-go/plugin/pkg/client/auth" 54

Slide 55

Slide 55 text

@ahmetb wrap up 55

Slide 56

Slide 56 text

@ahmetb Join us make kubectl plugins better! ● Become a kubectl plugin developer, submit your plugins to Krew.dev. ● Join developing the Krew project. ○ you don’t need to be a Kubernetes expert ○ clean and young codebase ○ low bug count, high creativity ● Bring your ideas to Kubernetes SIG CLI. 56

Slide 57

Slide 57 text

@ahmetb thanks! sigs.k8s.io/krew git.k8s.io/sample-cli-plugin twitter.com/ahmetb github.com/ahmetb 57