Upgrade to Pro — share decks privately, control downloads, hide ads and more …

CoreOS Fest 2017 Recap

Kazuki Suda
June 27, 2017
Technology
1
2.1k

CoreOS Fest 2017 Recap

Kubernetes Meetup Tokyo #5 / 2017.06.27
Kazuki Suda @superbrothers, Tomoya Usami @hiyosi
https://k8sjp.connpass.com/event/56945/

Kazuki Suda

June 27, 2017
Tweet

More Decks by Kazuki Suda

See All by Kazuki Suda
個人的、Kubernetes の最新注目機能! (2024年5月版)
superbrothers
0
67
Kubernetes + containerd で cgroup v2 に移行したら "failed to create fsnotify watcher" エラーが発生する原因と対策
superbrothers
0
1.2k
Kubernetes にこれから入るかもしれない注目機能!(2022年11月版)
superbrothers
2
1.4k
コミュニティ/ 勉強会紹介
superbrothers
0
210
高可用性、省力運用を目指す 自宅 Kubernetes クラスタ (K8s@home #1)
superbrothers
12
5.1k
KubeCon + CloudNativeCon Europe 2022 Recap
superbrothers
0
48
独断と偏見で選んだ Kubernetes 1.24 の注目機能と今後!
superbrothers
2
7.4k
わかる!metadata.managedFields
superbrothers
4
1.9k
Local ephemeral-storage のメトリクスを取得するのに kube-summary-exporter がべんり / kube-summary-exporter is useful to get the metrics of local ephemeral-storage
superbrothers
0
620

Other Decks in Technology

See All in Technology
Adopting Jetpack Compose in Your Existing Project - GDG DevFest Bangkok 2024
akexorcist
0
100
Oracle Cloud Infrastructure データベース・クラウド:各バージョンのサポート期間
oracle4engineer
PRO
28
12k
TanStack Routerに移行するのかい しないのかい、どっちなんだい! / Are you going to migrate to TanStack Router or not? Which one is it?
kaminashi
0
580
Lambdaと地方とコミュニティ
miu_crescent
2
370
Can We Measure Developer Productivity?
ewolff
1
150
AWS Lambdaと歩んだ“サーバーレス”と今後 #lambda_10years
yoshidashingo
1
170
ドメインの本質を掴む / Get the essence of the domain
sinsoku
2
150
iOSチームとAndroidチームでブランチ運用が違ったので整理してます
sansantech
PRO
0
130
Exadata Database Service on Dedicated Infrastructure(ExaDB-D) UI スクリーン・キャプチャ集
oracle4engineer
PRO
2
3.2k
個人でもIAM Identity Centerを使おう!(アクセス管理編)
ryder472
3
200
Security-JAWS【第35回】勉強会クラウドにおけるマルウェアやコンテンツ改ざんへの対策
4su_para
0
170
The Role of Developer Relations in AI Product Success.
giftojabu1
0
120

Featured

See All Featured
Optimising Largest Contentful Paint
csswizardry
33
2.9k
KATA
mclloyd
29
14k
Statistics for Hackers
jakevdp
796
220k
A designer walks into a library…
pauljervisheath
203
24k
Happy Clients
brianwarren
98
6.7k
Designing the Hi-DPI Web
ddemaree
280
34k
The Art of Programming - Codeland 2020
erikaheidi
52
13k
Faster Mobile Websites
deanohume
305
30k
Building an army of robots
kneath
302
43k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
329
21k
Fireside Chat
paigeccino
34
3k
Code Review Best Practice
trishagee
64
17k

Transcript

  1. ,VCFSOFUFT.FFUVQ5PLZP  ,B[VLJ4VEBLTVEB![MBCDPKQ!TVQFSCSPUIFST 5PNPZB6TBNJUPVTBNJ![MBCDPKQ!IJZPTJ $PSF04'FTU3FDBQ

  2. 8IBUJT$PSF04'FTU Ӝ FUDE $POUBJOFS-JOVY׾Ꟛ涪ׅ׷$PSF04 *ODךؕٝؿ؋ٖٝأ Ӝ ⚺ח$PSF04 *ODָꟚ涪ׅ׷اؿزؐؑ،װꟼ鸬䪮遭ָ䪔׻׸׷ ,VCFSOFUFT FUDE

    $POUBJOFS-JOVY 5FDUPOJD FUD $PSF04 *ODה♧筰חؽآطأ׃גְ׷⟰噟ך✲⢽稱➜׮ Ӝ ➙䎃䎃כ ך✳傈꟦؟ٝؿٓٝءأ؝דꟚ⪵ ׍ז׫ח䎃כس؎خكٕٔٝ 
  3. None

  4. https://twitter.com/ibrahim_haouari/status/869959495824404481

  5. None

  6. https://twitter.com/mies/status/870395605155053569

  7. https://twitter.com/LachlanEvenson/status/870333567653433346

  8. 5/30 San Francisco Kubernetes Meetup

  9. None

  10. 'JOFHSBJOFE %FDMBSBUJWF"ENJTTJPO$POUSPMVTJOH8FCIPPLTBOE01" Ӝ "ENJTTJPODPOUSPMMFSח8FCIPPL׾鷄⸇ׅ׷13ך鍑铡הرٌ IUUQTHJUIVCDPNLVCFSOFUFTLVCFSOFUFTQVMM Ӝ 植㖈"ENJTTJPO$POUSPMMFSח⟣䠐ךⳢ椚׾鷄⸇׃׋ֽ׸לծ ,VCFSOFUFT׾ؿؓ٦ؙׅ׷䗳銲ָ֮׷ָծ8FCIPPLז׵㺁僒 ח䭁䓸דֹ׷ 

  11.  https://speakerdeck.com/tksm/kubernetes-falseren-zheng-ren-ke-to-rbac "ENJTTJPO$POUSPMך䗁统

  12. 01"0QFO1PMJDZ"HFOU Ӝ ؖغشٝأٗآحؙ׾،فٔ؛٦ءّٝٗآحַؙ׵ⴓꨄ Ӝ هٔء٦׾㹑鎉涸ז鎉铂ד鎸鶢 3FHP  Ӝ +40/ת׋כ:".- Ӝ

    3&45"1*T Ӝ (P鎉铂ד㹋鄲 ر٦ٌٝծٓ؎ـٓٔծ3&1-  Ӝ "QBDIFٓ؎إٝأ Ӝ IUUQXXXPQFOQPMJDZBHFOUPSH 

  13.  package admission.blacklist reason["must pin image(s) to specific version in

    production namespace"] { input.spec.namespace = "production" unpinned_tag } unpinned_tag = true { image_names[name] not re_match(pinned_version_pattern, name) } unpinned_tag = true { image_names[name] endswith(name, ":latest") } image_names[name] { name = input.spec.object.Spec.Template.Spec.Containers[_].Image } image_names[name] { name = input.spec.object.Spec.Containers[_].Image } pinned_version_pattern = ".+:.+"

  14.  'JOFHSBJOFE %FDMBSBUJWF"ENJTTJPO$POUSPMVTJOH8FCIPPLTBOE01" Webhook OPA ! 1PMJDZ %BUB +40/

  15. CoreOS Fest 2017 Day1

  16. Ӝ (BCF.POSPZ -FBE1.GPS$POUBJOFSTPO.JDSPTPGU"[VSF Ӝ #VJMEPVUUIFTDBPMEUPTVQQPSUDPOUBJOFSJ[JOHZPVSBQQMJDBUJPO Ӝ %FQMPZBOBQQJOUPZPVSDMVTUFSBOELFFQJUJOTZODXJUIUIFDPEF *OUSPEVDJOH%SBGU  $

    draft create —-> Python app detected —-> Ready to sail $ draft up —> Building Dockerfile Step 1 : FROM python:onbuild …
  17. None

  18. Ӝ +PIO8JMLFT1SJODJQBM4PGUXBSF&OHJOFFS (PPHMF Ӝ #PSH 0NFHB BOE,VCFSOFUFT IUUQTSFTFBSDIHPPHMFDPNQVCTQVCIUNM #PSH 0NFHB

    BOE,VCFSOFUFTDMVTUFSNBOBHFNFOUBU(PPHMF 
  19. None

  20. 

  21. Ӝ %BO8JMTPO 1SJODJQBM"SDIJUFDU $PODVS Ӝ GFEFSBUJPO4VQQPSUDSFBUJOHSFTPVSDFTJOTQFDJDDMVTUFST  Ӝ WTVQQPSUFEPCKFDUT $POHNBQ

    4FDSFU %BFNPOTFU 4FSWJDFT *OHSFTT 
 3FQMJDBTFU %FQMPZNFOU ,VCFSOFUFT'FEFSBUFE$MVTUFS4FMFDUPS 

  22. ,VCFSOFUFT$MVTUFS'FEFSBUJPO  DMVTUFS 1PET 47$ *OHSFTT 'FEFSBUJPO"1*4FSWFS kubectl DMVTUFS 1PET

    47$ *OHSFTT

  23. GFEFSBUJPOBMQIBLVCFSOFUFTJPDMVTUFSTFMFDUPS  apiVersion: extensions/v1beta1 kind: Ingress metadata: name: test annotations:

    federation.alpha.kubernetes.io/cluster-selector: [{"key": "cluster", "operator": "==", "values": ["cluster1"]}] spec: rules: - host: foo.bar.com http: paths: - path: /foo backend: serviceName: s1 servicePort: 80 - path: /bar backend: serviceName: s2 servicePort: 80

  24. 8SJUJOHB$VTUPN,VCFSOFUFT0QFSBUPS $POUSPMMFS Ӝ "BSPO-FWZ $PSF04 Ӝ 8IZ  傀㶷ך׮ךח㼎ׅ׷堣腉䭁䓸 倜׃ְ堣腉װ؝ٝه٦طٝز׾ؙٓأةח鷄⸇

    ؙٓأةח㼎ׅ׷"ENJOةأؙך荈⹛⻉ 

  25. Ӝ $POUSPMMFS1BUUFSO 朐䡾׾ؐؓحث׃ג➙ך朐䡾׾劄׬朐䡾ח鵚בֽגְֻ  for { desired := getDesiredState() current

    := getCurrentState() makeChanges(desired, current) } 8SJUJOHB$VTUPN,VCFSOFUFT0QFSBUPS $POUSPMMFS

  26. Ӝ FH/PEF3FCPPU$POUSPMMFS BOOPUBUJPOח朐䡾׾剅ֹ鴥׬ SFCPPUOFFEFEծSFCPPUOPXծSFCPPUJOQSPHSFTTזו 朐䡾ך㢌⻉׾*OGPSNFS׾⢪׏ג湊鋔ծ؎كٝز׾鸐濼 ؎كٝزعٝسٓדBOOPUBUJPOך⦼ח䖞׏גⳢ椚 Ӝ IUUQTHJUIVCDPNBBSPOMFWZLVCFDPOUSPMMFSEFNP  8SJUJOHB$VTUPN,VCFSOFUFT0QFSBUPS

    $POUSPMMFS

  27.  _, controller := cache.NewInformer( &cache.ListWatch{ // List should return

    a list type object ListFunc: func(lo metav1.ListOptions) (runtime.Object, error) { return client.Core().Nodes().List(lo) }, // Watch should return a watch Interface. begin a watch at the specified version. WatchFunc: func(lo metav1.ListOptions) (watch.Interface, error) { return client.Core().Nodes().Watch(lo) }, }, // The types of objects this informer will return &v1.Node{}, // The resync period of this object 10*time.Second, // the object you want notifications sent to cache.ResourceEventHandlerFuncs{ // AddFunc: func(obj interface{}) {} UpdateFunc: func(old, newObj interface{}) { … }, // DeleteFunc: func(obj interface{}) {} }, )

  28. Ӝ )FMQGVMUPPMT -FBEFS&MFDUJPO 8PSL2VFVF 5IJSE1BSUZ3FTPVSDF 4IBSFE*OGPSNFSFT &WFOUT  8SJUJOHB$VTUPN,VCFSOFUFT0QFSBUPS $POUSPMMFS

  29.  $PSF04'FTU)BQQZ)PVS
 TQPOTPSFECZ5JHFSB %JBNBOUJ8BWFGSPOU

  30. CoreOS Fest 2017 Day2

  31. ,FZOPUF Ӝ #SBOEPO1IJMJQT $50PG$PSF04 Ӝ $PSF"1*T.PWF5P4UBCMF Ӝ .PSF.POJUPSJOH%SJWFO"1*T
 XJUI.FUSJDT"1* 

  32. None
  33. None

  34. 0SBDMF$PSF04 

  35. None

  36. &OEUPFOENPOJUPSJOHXJUIUIF1SPNFUIFVT0QFSBUPS Ӝ 'SFEFSJD#SBOD[ZL $PSF04 Ӝ 1SPNFUIFVT*OUSP Ӝ ,VCFSOFUFTDPNQPOFOUTFYQPTF1SPNFUIFVTNFUSJDT Ӝ 4FMGIPTUFE,VCFSOFUFT

    IUUQTDPSFPTDPNCMPHTFMGIPTUFELVCFSOFUFTIUNM Ӝ 1SPNFUIFVT0QFSBUPS IUUQTHJUIVCDPNDPSFPTQSPNFUIFVTPQFSBUPS 

  37. 1SPNFUIFVTח״׷,VCFSOFUFTٌصةؚٔٝך㛇燉 https://speakerdeck.com/tksm/kubernetes-monitoring-with-prometheus

  38. None
  39. None

  40. 1SPNFUIFVT0QFSBUPS Operator workflow and relationships

  41. 1SPNFUIFVT0QFSBUPS apiVersion: monitoring.coreos.com/v1alpha1 kind: Prometheus metadata: name: k8s labels: prometheus:

    k8s spec: replicas: 2 version: v1.7.0 serviceAccountName: prometheus-k8s serviceMonitorSelector: matchExpressions: - {Key: k8s-app, operator: Exists} $ kubectl create -f prometheus-k8s.yaml prometheus "prometheus-k8s" created service "prometheus-k8s" created

  42. 4UBUFPG4UBUFJO$POUBJOFST Ӝ 3PTT,VLVMJOTLJ-VJT1BCPO $PSF04 Ӝ 寋,VCFSOFUFT♳דEBUBCBTF׾⹛ַׅזַ׸ USVF 

  43. 4UBUFPG4UBUFJO$POUBJOFST Ӝ $MPVE/BUJWF%#3FRVJSFNFOUT 1SPDFTT.BOBHFNFOU $POTJTU/BNJOH 1FSTJTUFOU4UPSBHF 1FFSEJTDPWFSZ 

  44. 4UBUFPG4UBUFJO$POUBJOFST Ӝ 4UBUFGVM4FU 4UBCMF VOJRVF OFUXPSLJEFOUJFST 4UBCMF QFSTJTUFOUTUPSBHF 0SEFSFEEFQMPZNFOUBOETDBMJOH 0SEFSFEEFMFUJPO

    

  45. 4UBUFPG4UBUFJO$POUBJOFST Ӝ 4UBUFGVM4FU 1SPDFTT.BOBHFNFOU $POTJTU/BNJOH  TUBUFGVMTFUOBNF  PSEJOBM 

    1FSTJTUFOU4UPSBHF WPMVNF$MBJN5FNQMBUFBOE%ZOBNJD1SPWJTJPOJOH 1FFSEJTDPWFSZ )FBEMFTT4FSWJDF 

  46. $POUBJOFSJ[FE4UPSBHF4ZTUFNT

  47. 

  48.  0QFSBUJOH%BUBCBTFJT)BSE

  49. HJUIVCDPNDPSFPTRVBSUFSNBTUFS

  50. XJMMCFZFBSPGTUBUF
 PO,VCFSOFUFT

  51. Helm Chart Hack Night Brought to By Microsoft

  52. None
  53. None

  54. Wrap up

  55. 8SBQVQ Ӝ $PSF04'FTUJO4BO'SBODJTDPPO.BZTUBOE+VOFTU  Ӝ $PSF04'FTU:PV5VCF Ӝ 4',VCFSOFUFT.FFUVQ,VCFSOFUFT$PSF04'FTU*HOJUJPO $POHTBOE5JNF4FSJFT4UPSBHFJO,VCFSOFUFT Ӝ

    $PSF04'FTU)FMN$IBSU)BDL/JHIU 

  56. 5IBOLT Ӝ 4MJEF CJUMZDPSFPTGFTUSFDBQ Ӝ 2VFTUJPOT  ,B[VLJ4VEBLTVEB![MBCDPKQ!TVQFSCSPUIFST 5PNPZB6TBNJUPVTBNJ![MBCDPKQ!IJZPTJ 8FˏSFIJSJOHCJUMZ[MBCDBSFFST