One of the challenges facing Telepresence is growing the contributor community. It’s a complex application that requires a good understanding of OS networking, VPNs, Kubernetes, and everything in between. We’ll kick off this meeting with a general architectural overview of Telepresence. We’ll talk about how we’ve managed the project to date, and our investments to make it easier. We want to then turn it over for an interactive discussion with participants to see what we can do to make it easier to contribute and grow the Telepresence community.
10. datawire.io
Strategy
Fast: run the code locally, use all your favorite tools
Realistic: wire the local code to a remote cluster
Rot Proof: use low level abstractions (network, process, and file system) instead of
forking app level configuration
20. datawire.io
Your Code
reverse tunnel (sshd) over
a kubectl port-forward
hijack dns & cluster IP ranges (iptables, pf
via sshuttle) and divert to cluster
sshfs
ssh
23. datawire.io
Use Case 1: Development with your IDE & debugger
● The first popular use case
● Easy to explain
● We’d love more documentation on how you do this!
● Extra popular with the Java developers
○ https://www.telepresence.io/tutorials/intellij
○ https://www.telepresence.io/tutorials/java
24. datawire.io
Use Case 2: Full Stack Development
● Single Page App -> API Gateway -> Serverside “Presentation” Logic -> …
26. datawire.io
Use Case 4: Automated testing with CI
● Telepresence inside your CI so tests can use remote dependencies
● Insures integration testing on local dev environments & within CI is identical
● Avoids the “lets use mocks as a substitute for integration testing” trap
27. datawire.io
Use Case 5: Developing/Testing Ambassador
● Ambassador is our API Gateway built on Envoy Proxy
● Integrates deeply with k8s
● Use Telepresence Heavily for Dev & CI
○ Run ambassador on laptop for dev
○ With telepresence, it behaves just like it’s in the cluster
○ Tests run on laptop to generate traffic
● Advantages
○ Fast dev, fast test suite
○ Easy debugging (if there’s a test failure, you can easily access services)
○ Single source of truth between dev & CI
30. datawire.io
Telepresence does a bunch of useful things today
● Inbound network
● Execution (env vars, filesystem)
● Outbound network
31. datawire.io
Decomposition
● The UI / interface is monolithic
● The implementation is monolithic
● We’ve started decomposing some of the implementation so we can build a better
UX
○ Inbound
○ Execution
○ Outbound
32. datawire.io
Your Code
reverse tunnel (sshd) over
a kubectl port-forward
hijack dns & cluster IP ranges (iptables, pf
via teleproxy) and divert to places
sshfs
ssh
33. datawire.io
What can we do with decomposition?
● Make telepresence multi-user friendly
○ Avoid the need to provision clusters or namespaces per dev
● Make telepresence require less privileges
● Pipe inbound/outbound to/from different clusters:
○ Shadow or dynamically route requests from prod
○ Send output to staging
● Override remote services piecemeal
○ Send some outbound connections to local docker containers
● Extension points for “developer discovery”
● Union clusters?
○ Run code against arbitrary combination of staging and prod
36. datawire.io
Reliability and stability
● Telepresence is very environmentally sensitive
○ Mac OS X has 3 or 4 different DNS implementations!
○ VPNs
○ Linux distros
○ …
● Want to do a better job capturing these different environments for automated
tests
38. datawire.io
“Test bench” : A bench with many
devices sitting on it, which
each run the tests.
“Bench test” : When you time the
tests, in order to catch
performance regressions.
testbench:
Run tests in many environments
We learned that a “testcase” is an environment, as much as it is
set-of-actions or a use-case.
testbench is a new tool to run the test suite in many environments
An “environment” is a virtual machine that has been set up a
certain way
40. datawire.io
Environments are a
neato text format
Python configparser (INI-ish) format inherited
from mkosi
[Distribution]
Distribution=fedora
[Output]
Bootable=yes
Cache=
/home/testbench/.cache/pip
[Partitions]
RootSize=4G
[Packages]
Packages=
# Base OS
@core
@standard
@development-tools
# For tests/utils.py
git
# Python
python3-setuptools
python3-virtualenv
# For Telepresence
conntrack-tools
docker
fuse
kubernetes-client
sshfs
torsocks
WithNetwork=yes
environments/fedora.mkosi
41. datawire.io
Environments are a
neato text format
Python configparser (INI-ish) format inherited
from mkosi
In conjunction with .postinst shell script
[Distribution]
Distribution=fedora
[Output]
Bootable=yes
Cache=
/home/testbench/.cache/pip
[Partitions]
RootSize=4G
[Packages]
Packages=
# Base OS
@core
@standard
@development-tools
# For tests/utils.py
git
# Python
python3-setuptools
python3-virtualenv
# For Telepresence
conntrack-tools
docker
fuse
kubernetes-client
sshfs
torsocks
WithNetwork=yes
environments/fedora.mkosi
#!/bin/sh
sudo groupadd docker
gpasswd -a testbench docker
systemctl enable NetworkManager
systemctl enable docker
environments/fedora.postinst
42. datawire.io
Environments are a
neato text format
Python configparser (INI-ish) format inherited
from mkosi
In conjunction with .postinst shell script
Actually, it’s garbage
[Distribution]
Distribution=fedora
[Output]
Bootable=yes
Cache=
/home/testbench/.cache/pip
[Partitions]
RootSize=4G
[Packages]
Packages=
# Base OS
@core
@standard
@development-tools
# For tests/utils.py
git
# Python
python3-setuptools
python3-virtualenv
# For Telepresence
conntrack-tools
docker
fuse
kubernetes-client
sshfs
torsocks
WithNetwork=yes
environments/fedora.mkosi
#!/bin/sh
sudo groupadd docker
gpasswd -a testbench docker
systemctl enable NetworkManager
systemctl enable docker
environments/fedora.postinst
43. datawire.io
Environments are a
neato text format
Python configparser (INI-ish) format inherited
from mkosi
In conjunction with .postinst shell script
Actually, it’s garbage
But we don’t yet know what a good format looks
like
We don’t know which things are invariant, and
which things we want control of
Inspirations:
● Like mkosi?
● Like osi-mk?
● Like Dockerfile?
● Like HashiCorp Packer?
● Like Travis CI matrix?
● Some combination of ideas taken from the
above?
45. datawire.io
Other problems with testbench of today
(AKA “next steps”)
● Can’t run on macOS hosts (sorry, macOS devs)
● Can’t run macOS guests (sorry, GNU/Linux devs)
● Can’t specify network configurations
● Can’t specify remote Kubernetes setup
○ Uses Kubernaut, maybe Kubernaut will grow support for
different cluster configs
46. datawire.io
Community
● CircleCI is totally invisible to people who aren’t part of the
github.com/telepresenceio organization
● CircleCI only runs for pull requests originating from the original repo
○ Some tests run against a GKE cluster--we don’t want that abused
■ Move to Kubernaut
○ Tests involve pushing to a Docker registry--we don’t want the docker.io/datawire repo
abused
■ Set TELEPRESENCE_REGISTRY= when testing locally
48. datawire.io
Get Involved!
● Join our community!
○ Short write ups (a couple paragraphs) of how you use Telepresence are incredibly helpful!
○ Looking for more volunteers to lead / organize parts of Telepresence
○ Write code, help test, do UX testing
● Learn more about the project:
○ www.telepresence.io
○ Join the Slack: http://d6e.co/slack
○ Follow us on Twitter (@telepresenceio)
○ Stop by the Datawire booth (S47) to talk with us about how you can get involved!