CRDs Aren't Just For Add-Ons

569f10721398d92f5033097ac6d9132c?s=47 Tim Hockin
December 11, 2018
Technology
22
1.9k

CRDs Aren't Just For Add-Ons

569f10721398d92f5033097ac6d9132c?s=128

Tim Hockin

December 11, 2018
Tweet

More Decks by Tim Hockin

See All by Tim Hockin
569f10721398d92f5033097ac6d9132c?s=48 thockin
3
180
569f10721398d92f5033097ac6d9132c?s=48 thockin
4
570
569f10721398d92f5033097ac6d9132c?s=48 thockin
2
160
569f10721398d92f5033097ac6d9132c?s=48 thockin
37
5.7k
569f10721398d92f5033097ac6d9132c?s=48 thockin
54
29k
569f10721398d92f5033097ac6d9132c?s=48 thockin
23
1.4k
569f10721398d92f5033097ac6d9132c?s=48 thockin
0
120
569f10721398d92f5033097ac6d9132c?s=48 thockin
3
320
569f10721398d92f5033097ac6d9132c?s=48 thockin
0
140

Other Decks in Technology

See All in Technology
D5554c0703d71b3f813e658020267954?s=48 masudas75
1
240
9e7a653ed313b3da4b263a772bfc5026?s=48 clustervr
0
4k
380bcd2ab751f5838abd8219df53e5fe?s=48 tomoki10
0
1k
0d29d155ce5c5a93ed46363626da3ea7?s=48 ocise
1
920
Cb88f765dd38cd942c39aacb5abbea06?s=48 ufoo68
0
260
2102a6b8760bd6f57f672805723dd83a?s=48 line_developers_tw
0
390
7689d16bbad8f2fa05a5e9afb8527675?s=48 fatsushi
2
960
Dc3f88b2c2c4210e3068d94ce7c25bf2?s=48 terkel
2
260
1b177b37d966f573b1df5d7218a5f560?s=48 k2wanko
1
200
A73e465566ed41cd2b66b7d889b31666?s=48 maiamea
1
550
Da467feb3ca0106d571915faedb714f2?s=48 enakai00
3
150
C636093440dd4a8be6416e83cb980979?s=48 iselegant
13
2.4k

Featured

See All Featured
1b75d89772b7eea1f6c89fbf362607d9?s=48 moore
125
21k
95d9f37115fbb0d13135d0f77132f856?s=48 morganepeng
11
690
C44e1f7e22c3f23cff7bc130871047ef?s=48 eileencodes
112
24k
D67fff74178013024d833b3eec6cf27f?s=48 lynnandtonic
267
16k
5f50f94346fbcb23706f0707169317a4?s=48 aarron
254
36k
Aff5641764408271f7bc398f2097edd0?s=48 denniskardys
219
110k
B83d5b590577969ee79a5ad845411a7d?s=48 ammeep
653
54k
433acaea1012b25d97ae66da9b998dad?s=48 malarkey
392
60k
E195ae45320d9202eaa01c9f1d31a416?s=48 marktimemedia
5
190
8081b26e05bb4354f7d65ffc34cbbd67?s=48 chriscoyier
682
180k
Aebc2d07a50011e2a30d38435fde564a?s=48 jrom
113
7k
Dafc4723e9a1c067796c0fec6f509774?s=48 lemiorhan
622
40k

Transcript

  1. Google Cloud Platform CRDs Aren’t Just For Addons KubeCon NA,

    Seattle 12/2018 Tim Hockin <thockin@google.com> Principal Software Engineer @thockin (c) Google LLC

  2. Google Cloud Platform NOTE: This talk is forward looking

  3. Google Cloud Platform Started as a way to prototype new

    features for Kubernetes itself, and for users to leverage some of our API machinery Why? • Kube-style APIs are simple and powerful • We already have an API server (and storage) Limited: No schema, validation, defaulting Result: a 2nd class experience History of CRD (née TPR)

  4. Google Cloud Platform As limited as it was, it was

    useful People started creating really interesting software-robots to automate things: “operators” Custom abstractions to control almost anything Often used for managing stateful apps Driven by declarative APIs, actuated asynchronously by controllers Birth of the Operator pattern

  5. Google Cloud Platform Webhook admission controllers • Mutating (set values,

    e.g. defaults) • Validating (synchronous input validation) Schema • OpenAPI v3 schema definition • Declarative validation (simple) Almost all the pieces are in place to make truly native-feeling APIs Becoming more native

  6. Google Cloud Platform Webhook admission controllers • Mutating (set values,

    e.g. defaults) • Validating (synchronous input validation) Schema • OpenAPI v3 schema definition • Declarative validation (simple) Almost all the pieces are in place to make truly native-feeling APIs WITHOUT changing Kubernetes code! Becoming more native

  7. Google Cloud Platform Being used for out-of-tree, third-party things •

    Add-ons • Stateful orchestration (e.g. MySQL) • Domain-specific APIs (e.g. Istio) • Higher levels of abstraction (e.g. kNative) The role of CRDs in Kubernetes

  8. Google Cloud Platform Being used for out-of-tree, third-party things •

    Add-ons • Stateful orchestration (e.g. MySQL) • Domain-specific APIs (e.g. Istio) • Higher levels of abstraction (e.g. kNative) More recently: for in-tree, first-party things! • Storage Snapshots (integrates w/ PersistentVolumes) • RuntimeClass (integrates w/ Kubelet and CRI) • CSI • Expect more... CRDs are no longer 2nd class The role of CRDs in Kubernetes

  9. Google Cloud Platform Now: most/all new APIs are CRDs Eventually:

    Everything becomes a CRD (except things to run CRDs) • Built-in: Namespaces, CRDs, Admission, etc. • CRDs: Pods, Services, Nodes, Deployments, ... • Kubernetes is a set of operators CRD will need to get more powerful (a good thing). We need to simplify some APIs (also a good thing). There should be nothing that we can do that you can’t Vision

  10. Google Cloud Platform generic apiserver Namespaces CustomResourceDefinitions ValidatingWebhookConfigurations MutatingWebhookConfigurations k8s.io

    typeset Pods Services Nodes istio.io typeset Gateways VirtualServices DestinationRules CRD CRD

  11. Google Cloud Platform Kubernetes is getting more powerful here •

    CRD versioning • Sub-resources • Better validation The generic apiserver should be the only apiserver Kubernetes API machinery is a project of its own Serving “cloud-native” APIs should be trivial Work in progress