SlideShare une entreprise Scribd logo

Zero-Configuration Kubernetes Provisioning on Unmanaged Infrastructure

rhirschfeld
rhirschfeld

Kubernetes Immutable Boot via Digital Rebar w/ KubeAdm

Technologie
1  sur  27
Télécharger pour lire hors ligne
Zero-Configuration Pattern Provisioning Kubernetes on Unmanaged Infrastructure Rob @zehicle Hirschfeld, RackN November, 2017
Hang on to your Hats! Krazy New Stuff ● Immutable Bootstrap (demo!) ● Node Admission (v1.7) ● Dynamic Kubelet (v1.8)
3 #KubeCon - @zehicle Rob Hirschfeld (@zehicle) Involved in Kubernetes since launch Co-chair of Cluster Ops SIG Co-Founder of RackN & Digital Rebar Project We focus on operations automation for bare metal
4 #KubeCon - @zehicle We’ve been using Kubespray since Kubernetes v1.2 But first… Kubespray ● Very Solid Ansible Playbook ● Strong Community ● Amazing Features like HA & Upgrade HTTP://bit.ly/SYDkubespray But….
5 #KubeCon - @zehicle Why not Kubespray? We’d like to do better! ● No Centralized Orchestration ● No Inventory Building ● No SSH ● Immutable Booting ● and, much FASTER I don’t always Ansible, but when I do Ansible, I use Kubespray.
6 #KubeCon - @zehicle Let’s get Immutable! What? ● Create, Destroy & Repeat ● Machines recreated, not updated ● Typically “Pre-Baked” images Why? ● Very repeatable and predictable installation ● Simpler node configuration ● Faster deploy time
7 #KubeCon - @zehicle Community converging to single install utility! Leveraging Kubeadm Basic Three Step Cluster Initialization: 1. Initialize Master 2. Retrieve Token from Initialize 3. Join Nodes with Token Still requires coordination / synchronization
8 #KubeCon - @zehicle We need to build underlay infrastructure But First, Kubeadm Prereqs Basic Three Step Underlay: 1. install operating system with network access 2. attach disks (optional?!) 3. install Docker on the machine Oh, and we need to have some control mechanism on the nodes too.
9 #KubeCon - @zehicle A bootstrapping illustration node01 node02 node03 node04
10 #KubeCon - @zehicle A bootstrapping illustration Install O/S Install Docker Install O/S Install Docker 1 2 Install O/S Install Docker Install O/S Install Docker node01 node02 node03 node04 Install Stage
11 #KubeCon - @zehicle A bootstrapping illustration Install O/S Install Docker Kubeadm -- Init Cluster Token Install O/S Install Docker 1 2 3 4 Install O/S Install Docker Install O/S Install Docker node01 node02 node03 node04 master node (random or selected)
12 #KubeCon - @zehicle A bootstrapping illustration Install O/S Install Docker Kubeadm -- Init Cluster Token Install O/S Install Docker Kubeadm -- Join wait for token 1 2 3 4 5 Install O/S Install Docker Kubeadm -- Join wait for token Install O/S Install Docker Kubeadm -- Join wait for token node01 node02 node03 node04
13 #KubeCon - @zehicle Later... A bootstrapping illustration Install O/S Install Docker Kubeadm -- Init Cluster Token Install O/S Install Docker Kubeadm -- Join wait for token 1 2 3 4 5 Install O/S Install Docker Kubeadm -- Join wait for token Install O/S Install Docker Kubeadm -- Join wait for token Install O/S Install Docker Kubeadm -- Join wait for token node01 node02 node03 node04 nodeN
14 #KubeCon - @zehicle A bootstrapping illustration Install O/S Install Docker Kubeadm -- Init Cluster Token Install O/S Install Docker Kubeadm -- Join wait for token 1 2 3 4 5 Install O/S Install Docker Kubeadm -- Join wait for token Install O/S Install Docker Kubeadm -- Join wait for token Install O/S Install Docker Kubeadm -- Join wait for token node01 node02 node03 node04 nodeN
PSA: THIS IS NOT A NEW INSTALLER At RackN, we push back against the distro installer wars (ala OpenStack). We believe that Kubernetes install tooling should be a shared community investment.
Demo! Kubeadm Rebar Immutable Bootstrap
Pretty Cool! But... There is more to do ● Adding Nodes requires Token ● Adding Kubelet requires Configuration ● Cluster API (Orchestrating Update)
18 #KubeCon - @zehicle Benefits! 1. Immutable Configuration 2. Auto Scaling 3. Faster Node Install 4. Centralized Configuration of Cluster 5. Coordinated Upgrades Still requires coordination / synchronization https://kubernetes.io/docs/admin/admission-controllers/ Node Admission
19 #KubeCon - @zehicle NOT Node specific! Admission control provides an API mechanism to block creation of new objects. In this case, Admission would allow an external system to validate that new nodes are known and trusted. HSM: Hardware Signing Module Node Admission Kubelet API Server External Node Validation 1 Install 2Create 3 Confirm 5Allow 4 Verify
20 #KubeCon - @zehicle HSM: Hardware Signing Module Node Admission with HSM Kubelet API Server External Node Validation 1 Install 2Create 3 Confirm 5Allow 4 Verify PKI A Pass Token B Encrypt Token Encrypted Token E Encrypted Token FEncrypted Token GVerfiy HSM ensures unique identy of machine by signing secret token. Only token creater (PKI) and machine know the secret. API Server cannot read or validate internally. C Public Key
21 #KubeCon - @zehicle Frankly, RackN is on the fence. If injecting a join cluster token then the external system has already verified the new node. Is Node Admission Needed?
22 #KubeCon - @zehicle https://kubernetes.io/docs/tasks/administer-cluster/reconfigure-kubelet/ Kubelet Dynamic Configuration We want to eliminate external configuration tools. Kubernetes is already a system configuration database! Can’t we just use that capability to bootstrap the system? Then we have fewer tools to learn and managed! (IMHO, this is known as a the bootstrap fallacy)
23 #KubeCon - @zehicle Ideally, it would be like this... 1. Centrally Configurate 2. Install Kubelet 3. Allow Kubelet to Register 4. Kubelet Configures itself Kubelet2 Install 3Reg 4Config API Server1 Config
24 #KubeCon - @zehicle https://kubernetes.io/docs/tasks/administer-cluster/reconfigure-kubelet/ Kubelet Dynamic Configuration 1. Install Node and Kubelet 2. Configure Kubelet 3. Allow Kubelet to Register 4. Register Configuration in API 5. Reconfigure Kubelet to use configuration from API 6. Manage configuration from API Kubelet 1 Install 3Reg 6Config API Server 2 Config 4 Config 5 ReConfig
25 #KubeCon - @zehicle Frankly, RackN is on the fence. Since we have to boostrap a node with some configuration, there is not much difference between some and all configuration. We have not eliminated configuration. Is Dynamic Configuration Needed?
We’re Making Great Progress! We can automatically bootstrap a cluster using open community tools with minimal configuration. And we have room to improve.
Thank you Join In! http://rebar.digital Follow: ● Rob Hirschfeld > @zehicle ● RackN > @rackngo ● Digital Rebar > @digitalrebar ● Cluster Ops SIG > http://bit.ly/k8sclops

Recommandé

#SREcon Immutable Infrastructure: rethinking configuration mgmt
#SREcon Immutable Infrastructure: rethinking configuration mgmt#SREcon Immutable Infrastructure: rethinking configuration mgmt
#SREcon Immutable Infrastructure: rethinking configuration mgmtrhirschfeld
 
What is Digital Rebar Provision (and how RackN extends)?
What is Digital Rebar Provision (and how RackN extends)?What is Digital Rebar Provision (and how RackN extends)?
What is Digital Rebar Provision (and how RackN extends)?rhirschfeld
 
KubeCon 2017 Zero Touch Provision
KubeCon 2017 Zero Touch ProvisionKubeCon 2017 Zero Touch Provision
KubeCon 2017 Zero Touch ProvisionRackN
 
Infrastructure as code
Infrastructure as codeInfrastructure as code
Infrastructure as codeAxel Quack
 
Relay: The Next Leg, Eric Sorenson, Puppet
Relay: The Next Leg, Eric Sorenson, PuppetRelay: The Next Leg, Eric Sorenson, Puppet
Relay: The Next Leg, Eric Sorenson, PuppetPuppet
 
Docker for developers on mac and windows
Docker for developers on mac and windowsDocker for developers on mac and windows
Docker for developers on mac and windowsDocker, Inc.
 
"On-premises" FaaS on Kubernetes
"On-premises" FaaS on Kubernetes"On-premises" FaaS on Kubernetes
"On-premises" FaaS on KubernetesAlex Casalboni
 
CI Implementation with Kubernetes at LivePerson by Saar Demri
CI Implementation with Kubernetes at LivePerson by Saar DemriCI Implementation with Kubernetes at LivePerson by Saar Demri
CI Implementation with Kubernetes at LivePerson by Saar DemriDoiT International
 

Recommandé

#SREcon Immutable Infrastructure: rethinking configuration mgmt
#SREcon Immutable Infrastructure: rethinking configuration mgmt#SREcon Immutable Infrastructure: rethinking configuration mgmt
#SREcon Immutable Infrastructure: rethinking configuration mgmtrhirschfeld
 
What is Digital Rebar Provision (and how RackN extends)?
What is Digital Rebar Provision (and how RackN extends)?What is Digital Rebar Provision (and how RackN extends)?
What is Digital Rebar Provision (and how RackN extends)?rhirschfeld
 
KubeCon 2017 Zero Touch Provision
KubeCon 2017 Zero Touch ProvisionKubeCon 2017 Zero Touch Provision
KubeCon 2017 Zero Touch ProvisionRackN
 
Infrastructure as code
Infrastructure as codeInfrastructure as code
Infrastructure as codeAxel Quack
 
Relay: The Next Leg, Eric Sorenson, Puppet
Relay: The Next Leg, Eric Sorenson, PuppetRelay: The Next Leg, Eric Sorenson, Puppet
Relay: The Next Leg, Eric Sorenson, PuppetPuppet
 
Docker for developers on mac and windows
Docker for developers on mac and windowsDocker for developers on mac and windows
Docker for developers on mac and windowsDocker, Inc.
 
"On-premises" FaaS on Kubernetes
"On-premises" FaaS on Kubernetes"On-premises" FaaS on Kubernetes
"On-premises" FaaS on KubernetesAlex Casalboni
 
CI Implementation with Kubernetes at LivePerson by Saar Demri
CI Implementation with Kubernetes at LivePerson by Saar DemriCI Implementation with Kubernetes at LivePerson by Saar Demri
CI Implementation with Kubernetes at LivePerson by Saar DemriDoiT International
 
Effective Building your Platform with Kubernetes == Keep it Simple
Effective Building your Platform with Kubernetes == Keep it Simple Effective Building your Platform with Kubernetes == Keep it Simple
Effective Building your Platform with Kubernetes == Keep it Simple Wojciech Barczyński
 
Kubernetes the Very Hard Way. Lisa Portland 2019
Kubernetes the Very Hard Way. Lisa Portland 2019Kubernetes the Very Hard Way. Lisa Portland 2019
Kubernetes the Very Hard Way. Lisa Portland 2019Laurent Bernaille
 
Tectonic Summit 2016: The Origins of Kubernetes
Tectonic Summit 2016: The Origins of KubernetesTectonic Summit 2016: The Origins of Kubernetes
Tectonic Summit 2016: The Origins of KubernetesCoreOS
 
Distributed tensorflow on kubernetes
Distributed tensorflow on kubernetesDistributed tensorflow on kubernetes
Distributed tensorflow on kubernetesinwin stack
 
TIAD : Automating the aplication lifecycle
TIAD : Automating the aplication lifecycleTIAD : Automating the aplication lifecycle
TIAD : Automating the aplication lifecycleThe Incredible Automation Day
 
Continuous Integration with Cloud Foundry Concourse and Docker on OpenPOWER
Continuous Integration with Cloud Foundry Concourse and Docker on OpenPOWERContinuous Integration with Cloud Foundry Concourse and Docker on OpenPOWER
Continuous Integration with Cloud Foundry Concourse and Docker on OpenPOWERIndrajit Poddar
 
What is serveless?
What is serveless? What is serveless?
What is serveless? Provectus
 
OSDN: Serverless technologies with Kubernetes
OSDN: Serverless technologies with Kubernetes OSDN: Serverless technologies with Kubernetes
OSDN: Serverless technologies with Kubernetes Provectus
 
Cloud Foundry Summit 2015: Managing Multiple Cloud with a Single BOSH Deploym...
Cloud Foundry Summit 2015: Managing Multiple Cloud with a Single BOSH Deploym...Cloud Foundry Summit 2015: Managing Multiple Cloud with a Single BOSH Deploym...
Cloud Foundry Summit 2015: Managing Multiple Cloud with a Single BOSH Deploym...VMware Tanzu
 
Autoscaling Kubernetes
Autoscaling KubernetesAutoscaling Kubernetes
Autoscaling Kubernetescraigbox
 
An Introduction into Bosh | anynines
An Introduction into Bosh | anynines An Introduction into Bosh | anynines
An Introduction into Bosh | anynines anynines GmbH
 
[Hands-on] Kubernetes | Nov 18, 2017
[Hands-on] Kubernetes | Nov 18, 2017[Hands-on] Kubernetes | Nov 18, 2017
[Hands-on] Kubernetes | Nov 18, 2017Oracle Korea
 
Challenges of Kubernetes On-premise Deployment
Challenges of Kubernetes On-premise DeploymentChallenges of Kubernetes On-premise Deployment
Challenges of Kubernetes On-premise DeploymentVietnam Open Infrastructure User Group
 
To Build My Own Cloud with Blackjack…
To Build My Own Cloud with Blackjack…To Build My Own Cloud with Blackjack…
To Build My Own Cloud with Blackjack…Sergey Dzyuban
 
Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!
Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!
Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!smalltown
 
Achieving Continuous Delivery: An Automation Story
Achieving Continuous Delivery: An Automation StoryAchieving Continuous Delivery: An Automation Story
Achieving Continuous Delivery: An Automation Storyjimi-c
 
How to Achieve Canary Deployment on Kubernetes
How to Achieve Canary Deployment on KubernetesHow to Achieve Canary Deployment on Kubernetes
How to Achieve Canary Deployment on KubernetesHanLing Shen
 
Zero downtime deployment of micro-services with Kubernetes
Zero downtime deployment of micro-services with KubernetesZero downtime deployment of micro-services with Kubernetes
Zero downtime deployment of micro-services with KubernetesWojciech Barczyński
 
Quick and Solid - Baremetal on OpenStack | Rico Lin
Quick and Solid - Baremetal on OpenStack | Rico LinQuick and Solid - Baremetal on OpenStack | Rico Lin
Quick and Solid - Baremetal on OpenStack | Rico LinVietnam Open Infrastructure User Group
 
Oracle meetup kubernetes_171118
Oracle meetup kubernetes_171118Oracle meetup kubernetes_171118
Oracle meetup kubernetes_171118Oracle Korea
 
Kubernetes - Sailing a Sea of Containers
Kubernetes - Sailing a Sea of ContainersKubernetes - Sailing a Sea of Containers
Kubernetes - Sailing a Sea of ContainersKel Cecil
 
Kubernetes
KubernetesKubernetes
KubernetesMeng-Ze Lee
 

Contenu connexe

Tendances

Effective Building your Platform with Kubernetes == Keep it Simple
Effective Building your Platform with Kubernetes == Keep it Simple Effective Building your Platform with Kubernetes == Keep it Simple
Effective Building your Platform with Kubernetes == Keep it Simple Wojciech Barczyński
 
Kubernetes the Very Hard Way. Lisa Portland 2019
Kubernetes the Very Hard Way. Lisa Portland 2019Kubernetes the Very Hard Way. Lisa Portland 2019
Kubernetes the Very Hard Way. Lisa Portland 2019Laurent Bernaille
 
Tectonic Summit 2016: The Origins of Kubernetes
Tectonic Summit 2016: The Origins of KubernetesTectonic Summit 2016: The Origins of Kubernetes
Tectonic Summit 2016: The Origins of KubernetesCoreOS
 
Distributed tensorflow on kubernetes
Distributed tensorflow on kubernetesDistributed tensorflow on kubernetes
Distributed tensorflow on kubernetesinwin stack
 
Continuous Integration with Cloud Foundry Concourse and Docker on OpenPOWER
Continuous Integration with Cloud Foundry Concourse and Docker on OpenPOWERContinuous Integration with Cloud Foundry Concourse and Docker on OpenPOWER
Continuous Integration with Cloud Foundry Concourse and Docker on OpenPOWERIndrajit Poddar
 
What is serveless?
What is serveless? What is serveless?
What is serveless? Provectus
 
OSDN: Serverless technologies with Kubernetes
OSDN: Serverless technologies with Kubernetes OSDN: Serverless technologies with Kubernetes
OSDN: Serverless technologies with Kubernetes Provectus
 
Cloud Foundry Summit 2015: Managing Multiple Cloud with a Single BOSH Deploym...
Cloud Foundry Summit 2015: Managing Multiple Cloud with a Single BOSH Deploym...Cloud Foundry Summit 2015: Managing Multiple Cloud with a Single BOSH Deploym...
Cloud Foundry Summit 2015: Managing Multiple Cloud with a Single BOSH Deploym...VMware Tanzu
 
Autoscaling Kubernetes
Autoscaling KubernetesAutoscaling Kubernetes
Autoscaling Kubernetescraigbox
 
An Introduction into Bosh | anynines
An Introduction into Bosh | anynines An Introduction into Bosh | anynines
An Introduction into Bosh | anynines anynines GmbH
 
[Hands-on] Kubernetes | Nov 18, 2017
[Hands-on] Kubernetes | Nov 18, 2017[Hands-on] Kubernetes | Nov 18, 2017
[Hands-on] Kubernetes | Nov 18, 2017Oracle Korea
 
To Build My Own Cloud with Blackjack…
To Build My Own Cloud with Blackjack…To Build My Own Cloud with Blackjack…
To Build My Own Cloud with Blackjack…Sergey Dzyuban
 
Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!
Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!
Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!smalltown
 
Achieving Continuous Delivery: An Automation Story
Achieving Continuous Delivery: An Automation StoryAchieving Continuous Delivery: An Automation Story
Achieving Continuous Delivery: An Automation Storyjimi-c
 
How to Achieve Canary Deployment on Kubernetes
How to Achieve Canary Deployment on KubernetesHow to Achieve Canary Deployment on Kubernetes
How to Achieve Canary Deployment on KubernetesHanLing Shen
 
Zero downtime deployment of micro-services with Kubernetes
Zero downtime deployment of micro-services with KubernetesZero downtime deployment of micro-services with Kubernetes
Zero downtime deployment of micro-services with KubernetesWojciech Barczyński
 
Oracle meetup kubernetes_171118
Oracle meetup kubernetes_171118Oracle meetup kubernetes_171118
Oracle meetup kubernetes_171118Oracle Korea
 

Tendances (20)

Effective Building your Platform with Kubernetes == Keep it Simple
Effective Building your Platform with Kubernetes == Keep it Simple Effective Building your Platform with Kubernetes == Keep it Simple
Effective Building your Platform with Kubernetes == Keep it Simple
 
Kubernetes the Very Hard Way. Lisa Portland 2019
Kubernetes the Very Hard Way. Lisa Portland 2019Kubernetes the Very Hard Way. Lisa Portland 2019
Kubernetes the Very Hard Way. Lisa Portland 2019
 
Tectonic Summit 2016: The Origins of Kubernetes
Tectonic Summit 2016: The Origins of KubernetesTectonic Summit 2016: The Origins of Kubernetes
Tectonic Summit 2016: The Origins of Kubernetes
 
Distributed tensorflow on kubernetes
Distributed tensorflow on kubernetesDistributed tensorflow on kubernetes
Distributed tensorflow on kubernetes
 
TIAD : Automating the aplication lifecycle
TIAD : Automating the aplication lifecycleTIAD : Automating the aplication lifecycle
TIAD : Automating the aplication lifecycle
 
Continuous Integration with Cloud Foundry Concourse and Docker on OpenPOWER
Continuous Integration with Cloud Foundry Concourse and Docker on OpenPOWERContinuous Integration with Cloud Foundry Concourse and Docker on OpenPOWER
Continuous Integration with Cloud Foundry Concourse and Docker on OpenPOWER
 
What is serveless?
What is serveless? What is serveless?
What is serveless?
 
OSDN: Serverless technologies with Kubernetes
OSDN: Serverless technologies with Kubernetes OSDN: Serverless technologies with Kubernetes
OSDN: Serverless technologies with Kubernetes
 
Cloud Foundry Summit 2015: Managing Multiple Cloud with a Single BOSH Deploym...
Cloud Foundry Summit 2015: Managing Multiple Cloud with a Single BOSH Deploym...Cloud Foundry Summit 2015: Managing Multiple Cloud with a Single BOSH Deploym...
Cloud Foundry Summit 2015: Managing Multiple Cloud with a Single BOSH Deploym...
 
Autoscaling Kubernetes
Autoscaling KubernetesAutoscaling Kubernetes
Autoscaling Kubernetes
 
An Introduction into Bosh | anynines
An Introduction into Bosh | anynines An Introduction into Bosh | anynines
An Introduction into Bosh | anynines
 
[Hands-on] Kubernetes | Nov 18, 2017
[Hands-on] Kubernetes | Nov 18, 2017[Hands-on] Kubernetes | Nov 18, 2017
[Hands-on] Kubernetes | Nov 18, 2017
 
Challenges of Kubernetes On-premise Deployment
Challenges of Kubernetes On-premise DeploymentChallenges of Kubernetes On-premise Deployment
Challenges of Kubernetes On-premise Deployment
 
To Build My Own Cloud with Blackjack…
To Build My Own Cloud with Blackjack…To Build My Own Cloud with Blackjack…
To Build My Own Cloud with Blackjack…
 
Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!
Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!
Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!
 
Achieving Continuous Delivery: An Automation Story
Achieving Continuous Delivery: An Automation StoryAchieving Continuous Delivery: An Automation Story
Achieving Continuous Delivery: An Automation Story
 
How to Achieve Canary Deployment on Kubernetes
How to Achieve Canary Deployment on KubernetesHow to Achieve Canary Deployment on Kubernetes
How to Achieve Canary Deployment on Kubernetes
 
Zero downtime deployment of micro-services with Kubernetes
Zero downtime deployment of micro-services with KubernetesZero downtime deployment of micro-services with Kubernetes
Zero downtime deployment of micro-services with Kubernetes
 
Quick and Solid - Baremetal on OpenStack | Rico Lin
Quick and Solid - Baremetal on OpenStack | Rico LinQuick and Solid - Baremetal on OpenStack | Rico Lin
Quick and Solid - Baremetal on OpenStack | Rico Lin
 
Oracle meetup kubernetes_171118
Oracle meetup kubernetes_171118Oracle meetup kubernetes_171118
Oracle meetup kubernetes_171118
 

Similaire à Zero-Configuration Kubernetes Provisioning on Unmanaged Infrastructure

Kubernetes - Sailing a Sea of Containers
Kubernetes - Sailing a Sea of ContainersKubernetes - Sailing a Sea of Containers
Kubernetes - Sailing a Sea of ContainersKel Cecil
 
Learn kubernetes in 90 minutes
Learn kubernetes in 90 minutesLearn kubernetes in 90 minutes
Learn kubernetes in 90 minutesLarry Cai
 
Kubernetes from the ground up
Kubernetes from the ground upKubernetes from the ground up
Kubernetes from the ground upSander Knape
 
Setting up a kubernetes cluster on ubuntu 18.04- loves cloud
Setting up a kubernetes cluster on ubuntu 18.04- loves cloudSetting up a kubernetes cluster on ubuntu 18.04- loves cloud
Setting up a kubernetes cluster on ubuntu 18.04- loves cloudLoves Cloud
 
From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)佑介 九岡
 
5 Painless Demos to Get You Started with Kubernetes
5 Painless Demos to Get You Started with Kubernetes5 Painless Demos to Get You Started with Kubernetes
5 Painless Demos to Get You Started with KubernetesAmartus
 
Deploy the blockchain network using kubernetes ap is on google cloud
Deploy the blockchain network using kubernetes ap is on google cloudDeploy the blockchain network using kubernetes ap is on google cloud
Deploy the blockchain network using kubernetes ap is on google cloudAjeet Singh
 
Tectonic Summit 2016: Kubernetes 1.5 and Beyond
Tectonic Summit 2016: Kubernetes 1.5 and BeyondTectonic Summit 2016: Kubernetes 1.5 and Beyond
Tectonic Summit 2016: Kubernetes 1.5 and BeyondCoreOS
 
Setup Kubernetes with flannel on ubuntu platform
Setup Kubernetes with flannel on ubuntu platformSetup Kubernetes with flannel on ubuntu platform
Setup Kubernetes with flannel on ubuntu platformAjeet Singh
 
kubeadm Cluster Creation Internals_ From Self-Hosting to Upgradability and HA...
kubeadm Cluster Creation Internals_ From Self-Hosting to Upgradability and HA...kubeadm Cluster Creation Internals_ From Self-Hosting to Upgradability and HA...
kubeadm Cluster Creation Internals_ From Self-Hosting to Upgradability and HA...ssuser92b4be
 
Setting up CI/CD Pipeline with Kubernetes and Kublr step by-step
Setting up CI/CD Pipeline with Kubernetes and Kublr step by-stepSetting up CI/CD Pipeline with Kubernetes and Kublr step by-step
Setting up CI/CD Pipeline with Kubernetes and Kublr step by-stepKublr
 
Setting up CI/CD pipeline with Kubernetes and Kublr step-by-step
Setting up CI/CD pipeline with Kubernetes and Kublr step-by-stepSetting up CI/CD pipeline with Kubernetes and Kublr step-by-step
Setting up CI/CD pipeline with Kubernetes and Kublr step-by-stepOleg Chunikhin
 
Kubernetes Networking
Kubernetes NetworkingKubernetes Networking
Kubernetes NetworkingCJ Cullen
 
OSS Japan 2019 service mesh bridging Kubernetes and legacy
OSS Japan 2019 service mesh bridging Kubernetes and legacyOSS Japan 2019 service mesh bridging Kubernetes and legacy
OSS Japan 2019 service mesh bridging Kubernetes and legacySteve Wong
 
Kubernetes Architecture with Components
Kubernetes Architecture with Components Kubernetes Architecture with Components
Kubernetes Architecture with ComponentsAjeet Singh
 
The path to a serverless-native era with Kubernetes
The path to a serverless-native era with KubernetesThe path to a serverless-native era with Kubernetes
The path to a serverless-native era with Kubernetessparkfabrik
 
Kubernetes in kubernetes 搭建高可用環境
Kubernetes in kubernetes 搭建高可用環境Kubernetes in kubernetes 搭建高可用環境
Kubernetes in kubernetes 搭建高可用環境inwin stack
 
Run K8s on Local Environment
Run K8s on Local EnvironmentRun K8s on Local Environment
Run K8s on Local EnvironmentGanesh Pol
 

Similaire à Zero-Configuration Kubernetes Provisioning on Unmanaged Infrastructure (20)

Kubernetes - Sailing a Sea of Containers
Kubernetes - Sailing a Sea of ContainersKubernetes - Sailing a Sea of Containers
Kubernetes - Sailing a Sea of Containers
 
Kubernetes
KubernetesKubernetes
Kubernetes
 
Learn kubernetes in 90 minutes
Learn kubernetes in 90 minutesLearn kubernetes in 90 minutes
Learn kubernetes in 90 minutes
 
Kubernetes from the ground up
Kubernetes from the ground upKubernetes from the ground up
Kubernetes from the ground up
 
Setting up a kubernetes cluster on ubuntu 18.04- loves cloud
Setting up a kubernetes cluster on ubuntu 18.04- loves cloudSetting up a kubernetes cluster on ubuntu 18.04- loves cloud
Setting up a kubernetes cluster on ubuntu 18.04- loves cloud
 
From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)
 
5 Painless Demos to Get You Started with Kubernetes
5 Painless Demos to Get You Started with Kubernetes5 Painless Demos to Get You Started with Kubernetes
5 Painless Demos to Get You Started with Kubernetes
 
Deploy the blockchain network using kubernetes ap is on google cloud
Deploy the blockchain network using kubernetes ap is on google cloudDeploy the blockchain network using kubernetes ap is on google cloud
Deploy the blockchain network using kubernetes ap is on google cloud
 
Tectonic Summit 2016: Kubernetes 1.5 and Beyond
Tectonic Summit 2016: Kubernetes 1.5 and BeyondTectonic Summit 2016: Kubernetes 1.5 and Beyond
Tectonic Summit 2016: Kubernetes 1.5 and Beyond
 
Setup Kubernetes with flannel on ubuntu platform
Setup Kubernetes with flannel on ubuntu platformSetup Kubernetes with flannel on ubuntu platform
Setup Kubernetes with flannel on ubuntu platform
 
kubeadm Cluster Creation Internals_ From Self-Hosting to Upgradability and HA...
kubeadm Cluster Creation Internals_ From Self-Hosting to Upgradability and HA...kubeadm Cluster Creation Internals_ From Self-Hosting to Upgradability and HA...
kubeadm Cluster Creation Internals_ From Self-Hosting to Upgradability and HA...
 
Setting up CI/CD Pipeline with Kubernetes and Kublr step by-step
Setting up CI/CD Pipeline with Kubernetes and Kublr step by-stepSetting up CI/CD Pipeline with Kubernetes and Kublr step by-step
Setting up CI/CD Pipeline with Kubernetes and Kublr step by-step
 
Setting up CI/CD pipeline with Kubernetes and Kublr step-by-step
Setting up CI/CD pipeline with Kubernetes and Kublr step-by-stepSetting up CI/CD pipeline with Kubernetes and Kublr step-by-step
Setting up CI/CD pipeline with Kubernetes and Kublr step-by-step
 
Kubernetes Networking
Kubernetes NetworkingKubernetes Networking
Kubernetes Networking
 
OSS Japan 2019 service mesh bridging Kubernetes and legacy
OSS Japan 2019 service mesh bridging Kubernetes and legacyOSS Japan 2019 service mesh bridging Kubernetes and legacy
OSS Japan 2019 service mesh bridging Kubernetes and legacy
 
Kubernetes Architecture with Components
Kubernetes Architecture with Components Kubernetes Architecture with Components
Kubernetes Architecture with Components
 
The path to a serverless-native era with Kubernetes
The path to a serverless-native era with KubernetesThe path to a serverless-native era with Kubernetes
The path to a serverless-native era with Kubernetes
 
Kubernetes in kubernetes 搭建高可用環境
Kubernetes in kubernetes 搭建高可用環境Kubernetes in kubernetes 搭建高可用環境
Kubernetes in kubernetes 搭建高可用環境
 
Run K8s on Local Environment
Run K8s on Local EnvironmentRun K8s on Local Environment
Run K8s on Local Environment
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101
 

Plus de rhirschfeld

RackN Physical Layer Automation Innovation
RackN Physical Layer Automation InnovationRackN Physical Layer Automation Innovation
RackN Physical Layer Automation Innovationrhirschfeld
 
Immutable infrastructure & Rethinking Configuration PREVIEW
Immutable infrastructure & Rethinking Configuration PREVIEWImmutable infrastructure & Rethinking Configuration PREVIEW
Immutable infrastructure & Rethinking Configuration PREVIEWrhirschfeld
 
Open Patterns for Day 2 Ops [Gluecon 2017]
Open Patterns for Day 2 Ops [Gluecon 2017]Open Patterns for Day 2 Ops [Gluecon 2017]
Open Patterns for Day 2 Ops [Gluecon 2017]rhirschfeld
 
Interop ITX Kubernetes Presentation
Interop ITX Kubernetes PresentationInterop ITX Kubernetes Presentation
Interop ITX Kubernetes Presentationrhirschfeld
 
OpenStack on Kubernetes (BOS Summit / May 2017 update)
OpenStack on Kubernetes (BOS Summit / May 2017 update)OpenStack on Kubernetes (BOS Summit / May 2017 update)
OpenStack on Kubernetes (BOS Summit / May 2017 update)rhirschfeld
 
SRE vs DevOps vs Cloud Native Preso
SRE vs DevOps vs Cloud Native PresoSRE vs DevOps vs Cloud Native Preso
SRE vs DevOps vs Cloud Native Presorhirschfeld
 
The developer rebellion against infrastructure
The developer rebellion against infrastructureThe developer rebellion against infrastructure
The developer rebellion against infrastructurerhirschfeld
 
IBM Interconnect: Think you can Out Innovate Open Source
IBM Interconnect: Think you can Out Innovate Open SourceIBM Interconnect: Think you can Out Innovate Open Source
IBM Interconnect: Think you can Out Innovate Open Sourcerhirschfeld
 
Joint OpenStack Kubernetes Environment (March 17 update)
Joint OpenStack Kubernetes Environment (March 17 update)Joint OpenStack Kubernetes Environment (March 17 update)
Joint OpenStack Kubernetes Environment (March 17 update)rhirschfeld
 
Kubernetes community demo march 16 2017
Kubernetes community demo march 16 2017Kubernetes community demo march 16 2017
Kubernetes community demo march 16 2017rhirschfeld
 
The Messy Underlay Dilemma - automating PKI at Defragcon
The Messy Underlay Dilemma - automating PKI at DefragconThe Messy Underlay Dilemma - automating PKI at Defragcon
The Messy Underlay Dilemma - automating PKI at Defragconrhirschfeld
 
Joint OpenStack Kubernetes Environment (OpenStack Summit)
Joint OpenStack Kubernetes Environment (OpenStack Summit)Joint OpenStack Kubernetes Environment (OpenStack Summit)
Joint OpenStack Kubernetes Environment (OpenStack Summit)rhirschfeld
 
Containers, orchestration and security, oh my!
Containers, orchestration and security, oh my!Containers, orchestration and security, oh my!
Containers, orchestration and security, oh my!rhirschfeld
 
Gluecon Preso: Hybrid Container Infrastructure
Gluecon Preso: Hybrid Container InfrastructureGluecon Preso: Hybrid Container Infrastructure
Gluecon Preso: Hybrid Container Infrastructurerhirschfeld
 
OpenStack Preso: DevOps on Hybrid Infrastructure
OpenStack Preso: DevOps on Hybrid InfrastructureOpenStack Preso: DevOps on Hybrid Infrastructure
OpenStack Preso: DevOps on Hybrid Infrastructurerhirschfeld
 
OpenServerSummit: Operating Hybrid Infrastructure
OpenServerSummit: Operating Hybrid InfrastructureOpenServerSummit: Operating Hybrid Infrastructure
OpenServerSummit: Operating Hybrid Infrastructurerhirschfeld
 
Git & dev ops come together, right now!
Git & dev ops come together, right now!Git & dev ops come together, right now!
Git & dev ops come together, right now!rhirschfeld
 
Apply, rinse and repeat: avoid the fidelity gap
Apply, rinse and repeat: avoid the fidelity gapApply, rinse and repeat: avoid the fidelity gap
Apply, rinse and repeat: avoid the fidelity gaprhirschfeld
 
Tokyo DefCore Presentation
Tokyo DefCore PresentationTokyo DefCore Presentation
Tokyo DefCore Presentationrhirschfeld
 
Containers all the way down
Containers all the way downContainers all the way down
Containers all the way downrhirschfeld
 

Plus de rhirschfeld (20)

RackN Physical Layer Automation Innovation
RackN Physical Layer Automation InnovationRackN Physical Layer Automation Innovation
RackN Physical Layer Automation Innovation
 
Immutable infrastructure & Rethinking Configuration PREVIEW
Immutable infrastructure & Rethinking Configuration PREVIEWImmutable infrastructure & Rethinking Configuration PREVIEW
Immutable infrastructure & Rethinking Configuration PREVIEW
 
Open Patterns for Day 2 Ops [Gluecon 2017]
Open Patterns for Day 2 Ops [Gluecon 2017]Open Patterns for Day 2 Ops [Gluecon 2017]
Open Patterns for Day 2 Ops [Gluecon 2017]
 
Interop ITX Kubernetes Presentation
Interop ITX Kubernetes PresentationInterop ITX Kubernetes Presentation
Interop ITX Kubernetes Presentation
 
OpenStack on Kubernetes (BOS Summit / May 2017 update)
OpenStack on Kubernetes (BOS Summit / May 2017 update)OpenStack on Kubernetes (BOS Summit / May 2017 update)
OpenStack on Kubernetes (BOS Summit / May 2017 update)
 
SRE vs DevOps vs Cloud Native Preso
SRE vs DevOps vs Cloud Native PresoSRE vs DevOps vs Cloud Native Preso
SRE vs DevOps vs Cloud Native Preso
 
The developer rebellion against infrastructure
The developer rebellion against infrastructureThe developer rebellion against infrastructure
The developer rebellion against infrastructure
 
IBM Interconnect: Think you can Out Innovate Open Source
IBM Interconnect: Think you can Out Innovate Open SourceIBM Interconnect: Think you can Out Innovate Open Source
IBM Interconnect: Think you can Out Innovate Open Source
 
Joint OpenStack Kubernetes Environment (March 17 update)
Joint OpenStack Kubernetes Environment (March 17 update)Joint OpenStack Kubernetes Environment (March 17 update)
Joint OpenStack Kubernetes Environment (March 17 update)
 
Kubernetes community demo march 16 2017
Kubernetes community demo march 16 2017Kubernetes community demo march 16 2017
Kubernetes community demo march 16 2017
 
The Messy Underlay Dilemma - automating PKI at Defragcon
The Messy Underlay Dilemma - automating PKI at DefragconThe Messy Underlay Dilemma - automating PKI at Defragcon
The Messy Underlay Dilemma - automating PKI at Defragcon
 
Joint OpenStack Kubernetes Environment (OpenStack Summit)
Joint OpenStack Kubernetes Environment (OpenStack Summit)Joint OpenStack Kubernetes Environment (OpenStack Summit)
Joint OpenStack Kubernetes Environment (OpenStack Summit)
 
Containers, orchestration and security, oh my!
Containers, orchestration and security, oh my!Containers, orchestration and security, oh my!
Containers, orchestration and security, oh my!
 
Gluecon Preso: Hybrid Container Infrastructure
Gluecon Preso: Hybrid Container InfrastructureGluecon Preso: Hybrid Container Infrastructure
Gluecon Preso: Hybrid Container Infrastructure
 
OpenStack Preso: DevOps on Hybrid Infrastructure
OpenStack Preso: DevOps on Hybrid InfrastructureOpenStack Preso: DevOps on Hybrid Infrastructure
OpenStack Preso: DevOps on Hybrid Infrastructure
 
OpenServerSummit: Operating Hybrid Infrastructure
OpenServerSummit: Operating Hybrid InfrastructureOpenServerSummit: Operating Hybrid Infrastructure
OpenServerSummit: Operating Hybrid Infrastructure
 
Git & dev ops come together, right now!
Git & dev ops come together, right now!Git & dev ops come together, right now!
Git & dev ops come together, right now!
 
Apply, rinse and repeat: avoid the fidelity gap
Apply, rinse and repeat: avoid the fidelity gapApply, rinse and repeat: avoid the fidelity gap
Apply, rinse and repeat: avoid the fidelity gap
 
Tokyo DefCore Presentation
Tokyo DefCore PresentationTokyo DefCore Presentation
Tokyo DefCore Presentation
 
Containers all the way down
Containers all the way downContainers all the way down
Containers all the way down
 

Dernier

Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 

Dernier (20)

Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 

Zero-Configuration Kubernetes Provisioning on Unmanaged Infrastructure

  • 1. Zero-Configuration Pattern Provisioning Kubernetes on Unmanaged Infrastructure Rob @zehicle Hirschfeld, RackN November, 2017
  • 2. Hang on to your Hats! Krazy New Stuff ● Immutable Bootstrap (demo!) ● Node Admission (v1.7) ● Dynamic Kubelet (v1.8)
  • 3. 3 #KubeCon - @zehicle Rob Hirschfeld (@zehicle) Involved in Kubernetes since launch Co-chair of Cluster Ops SIG Co-Founder of RackN & Digital Rebar Project We focus on operations automation for bare metal
  • 4. 4 #KubeCon - @zehicle We’ve been using Kubespray since Kubernetes v1.2 But first… Kubespray ● Very Solid Ansible Playbook ● Strong Community ● Amazing Features like HA & Upgrade HTTP://bit.ly/SYDkubespray But….
  • 5. 5 #KubeCon - @zehicle Why not Kubespray? We’d like to do better! ● No Centralized Orchestration ● No Inventory Building ● No SSH ● Immutable Booting ● and, much FASTER I don’t always Ansible, but when I do Ansible, I use Kubespray.
  • 6. 6 #KubeCon - @zehicle Let’s get Immutable! What? ● Create, Destroy & Repeat ● Machines recreated, not updated ● Typically “Pre-Baked” images Why? ● Very repeatable and predictable installation ● Simpler node configuration ● Faster deploy time
  • 7. 7 #KubeCon - @zehicle Community converging to single install utility! Leveraging Kubeadm Basic Three Step Cluster Initialization: 1. Initialize Master 2. Retrieve Token from Initialize 3. Join Nodes with Token Still requires coordination / synchronization
  • 8. 8 #KubeCon - @zehicle We need to build underlay infrastructure But First, Kubeadm Prereqs Basic Three Step Underlay: 1. install operating system with network access 2. attach disks (optional?!) 3. install Docker on the machine Oh, and we need to have some control mechanism on the nodes too.
  • 9. 9 #KubeCon - @zehicle A bootstrapping illustration node01 node02 node03 node04
  • 10. 10 #KubeCon - @zehicle A bootstrapping illustration Install O/S Install Docker Install O/S Install Docker 1 2 Install O/S Install Docker Install O/S Install Docker node01 node02 node03 node04 Install Stage
  • 11. 11 #KubeCon - @zehicle A bootstrapping illustration Install O/S Install Docker Kubeadm -- Init Cluster Token Install O/S Install Docker 1 2 3 4 Install O/S Install Docker Install O/S Install Docker node01 node02 node03 node04 master node (random or selected)
  • 12. 12 #KubeCon - @zehicle A bootstrapping illustration Install O/S Install Docker Kubeadm -- Init Cluster Token Install O/S Install Docker Kubeadm -- Join wait for token 1 2 3 4 5 Install O/S Install Docker Kubeadm -- Join wait for token Install O/S Install Docker Kubeadm -- Join wait for token node01 node02 node03 node04
  • 13. 13 #KubeCon - @zehicle Later... A bootstrapping illustration Install O/S Install Docker Kubeadm -- Init Cluster Token Install O/S Install Docker Kubeadm -- Join wait for token 1 2 3 4 5 Install O/S Install Docker Kubeadm -- Join wait for token Install O/S Install Docker Kubeadm -- Join wait for token Install O/S Install Docker Kubeadm -- Join wait for token node01 node02 node03 node04 nodeN
  • 14. 14 #KubeCon - @zehicle A bootstrapping illustration Install O/S Install Docker Kubeadm -- Init Cluster Token Install O/S Install Docker Kubeadm -- Join wait for token 1 2 3 4 5 Install O/S Install Docker Kubeadm -- Join wait for token Install O/S Install Docker Kubeadm -- Join wait for token Install O/S Install Docker Kubeadm -- Join wait for token node01 node02 node03 node04 nodeN
  • 15. PSA: THIS IS NOT A NEW INSTALLER At RackN, we push back against the distro installer wars (ala OpenStack). We believe that Kubernetes install tooling should be a shared community investment.
  • 17. Pretty Cool! But... There is more to do ● Adding Nodes requires Token ● Adding Kubelet requires Configuration ● Cluster API (Orchestrating Update)
  • 18. 18 #KubeCon - @zehicle Benefits! 1. Immutable Configuration 2. Auto Scaling 3. Faster Node Install 4. Centralized Configuration of Cluster 5. Coordinated Upgrades Still requires coordination / synchronization https://kubernetes.io/docs/admin/admission-controllers/ Node Admission
  • 19. 19 #KubeCon - @zehicle NOT Node specific! Admission control provides an API mechanism to block creation of new objects. In this case, Admission would allow an external system to validate that new nodes are known and trusted. HSM: Hardware Signing Module Node Admission Kubelet API Server External Node Validation 1 Install 2Create 3 Confirm 5Allow 4 Verify
  • 20. 20 #KubeCon - @zehicle HSM: Hardware Signing Module Node Admission with HSM Kubelet API Server External Node Validation 1 Install 2Create 3 Confirm 5Allow 4 Verify PKI A Pass Token B Encrypt Token Encrypted Token E Encrypted Token FEncrypted Token GVerfiy HSM ensures unique identy of machine by signing secret token. Only token creater (PKI) and machine know the secret. API Server cannot read or validate internally. C Public Key
  • 21. 21 #KubeCon - @zehicle Frankly, RackN is on the fence. If injecting a join cluster token then the external system has already verified the new node. Is Node Admission Needed?
  • 22. 22 #KubeCon - @zehicle https://kubernetes.io/docs/tasks/administer-cluster/reconfigure-kubelet/ Kubelet Dynamic Configuration We want to eliminate external configuration tools. Kubernetes is already a system configuration database! Can’t we just use that capability to bootstrap the system? Then we have fewer tools to learn and managed! (IMHO, this is known as a the bootstrap fallacy)
  • 23. 23 #KubeCon - @zehicle Ideally, it would be like this... 1. Centrally Configurate 2. Install Kubelet 3. Allow Kubelet to Register 4. Kubelet Configures itself Kubelet2 Install 3Reg 4Config API Server1 Config
  • 24. 24 #KubeCon - @zehicle https://kubernetes.io/docs/tasks/administer-cluster/reconfigure-kubelet/ Kubelet Dynamic Configuration 1. Install Node and Kubelet 2. Configure Kubelet 3. Allow Kubelet to Register 4. Register Configuration in API 5. Reconfigure Kubelet to use configuration from API 6. Manage configuration from API Kubelet 1 Install 3Reg 6Config API Server 2 Config 4 Config 5 ReConfig
  • 25. 25 #KubeCon - @zehicle Frankly, RackN is on the fence. Since we have to boostrap a node with some configuration, there is not much difference between some and all configuration. We have not eliminated configuration. Is Dynamic Configuration Needed?
  • 26. We’re Making Great Progress! We can automatically bootstrap a cluster using open community tools with minimal configuration. And we have room to improve.
  • 27. Thank you Join In! http://rebar.digital Follow: ● Rob Hirschfeld > @zehicle ● RackN > @rackngo ● Digital Rebar > @digitalrebar ● Cluster Ops SIG > http://bit.ly/k8sclops