How to Become a Gophernetes Gianluca Arbezzano / @gianarb

K8s is Hard and there’s nothing wrong with that

What is a Gophernetes? What does it look like?

What is a Gophernetes? • Develop applications running in Kubernetes • Develop Kubernetes • Develop on the Kubernetes Foundation

What does it look like?

Where are they? • Kubernetes Slack • GitHub around the kubernetes or kubernetes-sigs organization

https://kubernetes.io/docs/concepts/architecture/cloud-controller/ 


https://kubernetes.io/blog/2018/07/18/11-ways-not-to-get-hacked/ 


https://github.com/kubernetes/website/blob/master/content/en/blog/_posts/2017-11-00-Containerd-Container-Runtime-Options-Kubernetes.md 
 


Extensibility is the key Kubernetes is a blob of APIs ● API Server ● CRI (Container Runtime Interface: docker, containerd) ● CNI (Container Networking Interface: calico, flannel) ● CSI (Container Storage Interface: aws-ebs, packet-csi) This is how it abstracts your workflow from your infrastructure API Server kubelet CSI CNI CRI

About Me
 Gianluca Arbezzano • Gophernetes at Packet.com • www.gianarb.it / @gianarb What I like: • I make dirty hacks that look awesome • I grow my vegetables • Travel for fun and work

Workflow? Workflow is the reason behind why we have Kubernetes. It is the end goal for any good Gophernetes. Being able to leverage kubernetes extendibility to implement the best workflow you can even image. Examples of workflows: ● Troubleshooting and debugging ● Observability (data pipeline for logs, metrics, traces) ● Delivery (canary release, blue green deployment, progressive delivery, your own one)

Workflow The Gophernetes is the limitation. It means that in theory with good code you can whatever you image

Extensibility is the key

• Event system • Share informers • Custom Resource Definitions • Kubecutl plugin • ClusterAPI (Packet implementation is under active development! Watch out!) How do you extend Kubernetes in practice?

Gophernetes toolchain • kubernetes/client-go • kubernetes/cli-runtime • kubernetes-sigs/kind

Kubectl Plugin $ cat > /usr/local/bin/kubectl-hello #!/bin/bash echo "this is a simple kubectl plugin. But gophernetes can do better, because this is bash..." ^C $ chmod +x /usr/local/bin/kubectl-hello $ kubectl hello this is a simple kubectl plugin. But gophernetes can do better, because this is bash...

Shared Informer https://gianarb.it/blog/kubernetes-shared-informer

The UX is crucial. Keep it as close as possible with the Kubernetes one...

Authentication

Flags Companies and teams invests a lot of time learning kubernetes and its cli.
 Tools developed to Gophernetes has to keep the same flavour. It should be the same as running a bike, does not matter which one you own, it always looks familiar.

Flags: github.com/kubernetes/cli-runtime This library is a shared dependency for clients to work with Kubernetes API infrastructure which allows to maintain kubectl compatible behavior. Its first consumer is k8s.io/kubectl.

Flags: kubectl-profefe uses it as well My expectations as a kubernetes user for examples are (at least): ● When I have to do filtering ○ Label Selection: -l app=dev -l runtime=1.14 (--selector) ○ Namespace selection: -n namespace (--namespace) ○ -a (--all-namespaces) ● When it comes to authentication ○ --kubeconfig ● Output ○ -o yaml | json (--output)

No content

• kubernetes-sigs/krew-index • kubernetes-sigs/krew Krew makes plugins easy to install and discover $ kubectl krew install profefe
 $ kubectl krew install tree
 $ kubectl krew install ctx


The CLI runtime contains utils to print tables from cli, but I didn’t use it yet!

Production is a dangerous place.
 Usually hard to work with (reasonable)…


Kubernetes gives you for free a couple of things: • As we saw, a consistent API and a solid ecosystem to interact with it • Authentication (that you can plug with your identity management) • Authorization with RBAC • Audit logs Why?

• Kubernetes Assemble • https://get.oreilly.com/ind_extending-kubernetes.html • Programming Kubernetes: Developing Cloud-Native Applications • Krew kubectl plugin index • jtblin/kube2iam • https://gianarb.it THANKS LINKS

Thanks @gianarb / gianarb.it