Rancher update v2.5 preview

Transcript

1. © Copyright 2020 Rancher Labs. All Rights Reserved. 1 ©

   Copyright 2020 Rancher Labs. All Rights Reserved. 1 Rancher Ξοϓσʔτ৘ใ 3BODIFS W QSFWJFX 2020/08/27 Cheng Field Engineer

2. About me Jianqiang Cheng（νΣϯ） Field Engineer at Rancher Labs. [email protected]

   [email protected] ▪Favorite technologies: Rancher, Kubernetes, AWS, Jenkins. ▪Certifications:

3. © Copyright 2020 Rancher Labs. All Rights Reserved. 3 Fleet

   RKE2 EKS Management Enhancement Other Features Agenda

4. © Copyright 2020 Rancher Labs. All Rights Reserved. 4 ΞδΣϯμ

   Մ؍ଌੑ޲্ͳͲͷػ ೳ ৽͍͠όʔδϣϯͷ؂ࢹ ͱϩΪϯάͷػೳͷఏڙ ʹΑΓɺӡ༻؂ࢹ͕վળ ͞ΕɺϘτϧωοΫͷಛ ఆɺ໰୊ͷਝ଎ͳղܾʹ ໾ཱͭ Amazon EKSΫϥελ ʔͷϥΠϑαΠΫϧΛ ϑϧϚωδϝϯτ ͢΂ͯͷEKSΫϥελʔ Λ୯ҰͷΠϯλϑΣʔε ͔ΒΠϯϙʔτɺϓϩϏ δϣχϯάɺΞοϓά Ϩʔυɺӡ༻؂ࢹɺࣗಈ εέʔϦϯά େྔͳΫϥελʔΛࣗ ಈӡ༻؅ཧ Fleet͸ɺΤοδ͔ΒΫϥ ΢υ·ͰɺΞϓϦέʔ γϣϯͷҰ؏ͨ͠ӡ༻؅ ཧΛఏڙ 100ສͷΫϥελʔͷΞϓ ϦέʔγϣϯͷϥΠϑα ΠΫϧΛ؅ཧ FIPSରԠͷ৽͍͠K8s σΟετϦϏϡʔγϣ ϯ RKE Federal(RKE2)͸ɺ ถࠃ੓෎ػؔͳͲͷݫ͠ ͍ηΩϡϦςΟཁ݅Ͱ΋ ରԠͰ͖ΔK8sج൫Λఏڙ

5. © Copyright 2020 Rancher Labs. All Rights Reserved. 5 Dev

   teams can leverage K3s to develop their applications The Rancher Management Server manages all downstream Kubernetes nodes K3s Nodes are the downstream Kubernetes compute nodes at the edge Rancher + Fleet Single node design assumes acceptable downtime when required w/all benefits of Kubernetes at the edge Rancher Management Server in HA – Prod/UAT Node Node Node All-in-one nodes (cp/etcd/worker) Node Backup Node Node Backup Node Node Backup Node Node Backup Node Node Backup Node Node Backup Node

6. © Copyright 2020 Rancher Labs. All Rights Reserved. 6 •

   Fleet • v2.4͸2KͷΫϥελʔ·ͰରԠɺ'MFFUΛ ౷߹ͨ͠v2.5͕100MͷΫϥελʔΛରԠ • FleetͰɺK8sͷYamlͰ؅ཧ͞ΕΔΞϓϦέ ʔγϣϯΛେྔͳΫϥελʔʹ༰қʹల։ • 'MFFUͷ؅ཧԼͷΫϥελʔͷن໛֦ு͸ ༰қʹͰ͖Δ Fleet-powered Continuous Deployment

7. © Copyright 2020 Rancher Labs. All Rights Reserved. 7 ΞʔΩςΫνϟ

   • Concepts • Bundles K8sϦιʔε(YAML, Helm, Kustomize) • Cluster Groups ΫϥελʔΛάϧʔϓͰ؅ཧ • Fleet controller • ηϯτϥϧͷΫϥελʔ্ʹಈ͘ • Fleet Agents • 1 Agents /1Ϋϥελ • #VOEMFTதʹఆ͍ٛͯ͠ΔϦιʔεΛσϓϩΠ • 'MFFU
   DPOUSPMMFSʹσϓϩΠͷεςʔλεΛใࠂ

8. © Copyright 2020 Rancher Labs. All Rights Reserved. 8 Demo

   Fleet

9. © Copyright 2020 Rancher Labs. All Rights Reserved. 9 3BODIFS
   
   *OUFHSBUJPO

   ˞
   ·ͩ։ൃதͷը໘6*ͷҝɺWͷ("࣌ͷը໘ͱҟͳΔՄೳੑ͕͋Γ·͢ɻ

10. © Copyright 2020 Rancher Labs. All Rights Reserved. 10 •

    RKE2 –ηΩϡϦςΟཁ͕݅ݫ͍͠੓෎ͳͲͷ ެڞػؔ޲͚ͷK8sσΟετϦϏϡʔγϣϯ • FIPS-enabled • SELinux Support • CIS Benchmark Certification • Container-dΛσϑΥϧτͷϥϯλΠϜͱͯ͠ ࢖༻ • ΦϑϥΠϯ(AirGap)ͷΠϯετʔϧΛαϙʔτ RKE2 2

11. © Copyright 2020 Rancher Labs. All Rights Reserved. 11 ---

    Dockerfile (master) +++ Dockerfile (boringcrypto) # Start with an official image -FROM golang:1.13.4 +FROM goboring/golang:1.13.4b4 RKE2 FIPS-enabled • ΞϝϦΧࠃཱඪ४ٕज़ݚڀॴʢNISTʣ͸ɺถࠃ࿈๜੓෎ػؔ޲͚ͷ҉߸Ϟδϡʔϧͷཁ ݅Λنఆ͢ΔηΩϡϦςΟඪ४ͱͯ͠ɺ࿈๜৘ใॲཧඪ४ʢFIPSʣύϒϦέʔγϣϯ 140-2 Λ࡞੒ • ੓෎ػؔ΍ۚ༥ػؔ͸ɺ͜ΕΒͷن֨Λج४ʹ͢Δ͜ͱͰɺ໌ه͞ΕͨηΩϡϦςΟʔཁ ݅ʹ੡඼͕४ڌ͍ͯ͠Δ͜ͱΛ֬ೝ͍ͯ͠·͢ɻ • RKE2͸ɺ FIPS140-2ͷج४Λຬͨ͢Α͏ʹɺK8sͷίϯϙʔωϯτΛGoboring libraryͰɺ ίϯύΠϧͨ͠σΟετϦϏϡʔγϣϯ

12. © Copyright 2020 Rancher Labs. All Rights Reserved. 12 Demo

    RKE2

13. © Copyright 2020 Rancher Labs. All Rights Reserved. 13 3BODIFS
    
    *OUFHSBUJPO

    ˞
    ·ͩ։ൃதͷը໘6*ͷҝɺWͷ("࣌ͷը໘ͱҟͳΔՄೳੑ͕͋Γ·͢ɻ

14. © Copyright 2020 Rancher Labs. All Rights Reserved. 14 Infrastructure

    ITOps DevOps - Provisioning - Auth/RBAC - Policy - Security - Capacity © Copyright 2020 Rancher Labs. All Rights Reserved. 14 - User Interface - Service Catalog - CI/CD - Monitoring - Logging - Alerting クラスタ一元管理 セルフサービス クラスタ環境の利用 Amazon EKS Azure AKS Google GKE Cloud Datacenter Dev Branch Edge Windows Linux EKSΫϥελʔ؅ཧػೳ૿ڧ

15. © Copyright 2020 Rancher Labs. All Rights Reserved. 15 How

    Rancher 2.5 enhances native EKS clusters compared to Rancher 2.4 EKSΫϥελʔͷϥΠϑαΠΫϧΛϑϧϚωδϝϯτ ライフサイクル管理 機能 EKS with Rancher 2.5 EKS with Rancher 2.4 プロビジョニング Kubernetes Management EKSクラスターのインポート機能 標準のインポート機能のみ 運用管理 Infrastructure Management クラスター設定項目を追加 設定項目が限られている Visualize Kubernetes Resources 新しいDashboard UIに全てのK8sリソースを参照可能 参照可能な項目が限られている セキュリティ Centralized Tooling and Visibility CIS Scanning OPA Gatekeeper N/A

16. © Copyright 2020 Rancher Labs. All Rights Reserved. 16 &,4
    XJUI
    3BODIFS
    

    ˞
    ·ͩ։ൃதͷը໘6*ͷҝɺWͷ("࣌ͷը໘ͱҟͳΔՄೳੑ͕͋Γ·͢ɻ

17. © Copyright 2020 Rancher Labs. All Rights Reserved. 17 &,4
    XJUI
    3BODIFS
    

    ˞
    ·ͩ։ൃதͷը໘6*ͷҝɺWͷ("࣌ͷը໘ͱҟͳΔՄೳੑ͕͋Γ·͢ɻ

18. © Copyright 2020 Rancher Labs. All Rights Reserved. 18 &,4
    XJUI
    3BODIFS
    

    ˞
    ·ͩ։ൃதͷը໘6*ͷҝɺWͷ("࣌ͷը໘ͱҟͳΔՄೳੑ͕͋Γ·͢ɻ

19. © Copyright 2020 Rancher Labs. All Rights Reserved. 19 •

    Monitoring v2 • Logging v2 • OPA GA • CIS Scan Enhancement • Istio 1.16 or 1.17? • K8s 1.19 • Rancherd - New rancher installation tool? …etc Other Features

20. © Copyright 2020 Rancher Labs. All Rights Reserved. 20 Summary

    v2.5のpreviewバージョンはGAリリース前に出される為、興味 がある方はお試しください まだv2.5が開発中の為、GA時に、一部の機能仕様が変更される 可能性があります 本セッションには、対象機能を詳細レベルで紹介していない且つ、全ての v2.5の機能を紹介していないだが、GA後のMeetupで対象機能を網羅的 に紹介させていただきます