SlideShare ist ein Scribd-Unternehmen logo
1 von 26
Downloaden Sie, um offline zu lesen
1
Mario-Leander Reimer
mario-leander.reimer@qaware.de
@LeanderReimer
@Container_Conf @ConLifecycle
qaware.de
Photo by CHUTTERSNAP on Unsplash
kubectl apply -f cloud-Infrastructure.yaml
mit Crossplane et al.
2
Mario-Leander Reimer
Principal Software Architect
@LeanderReimer
#cloudnativenerd #qaware
#gernperDude
“Too much cognitive load will become a bottleneck for fast
flow and high productivity for many DevOps teams.”
QAware | 3
■ Intrinsic Cognitive Load
Relates to fundamental aspects and knowledge in the
problem space (e.g. used languages, APIs, frameworks)
■ Extraneous Cognitive Load
Relates to the environment (e.g. console
command, deployment, configuration)
■ Germane Cognitive Load
Relates to specific aspects of the business domain
(aka. „value added“ thinking)
A Platform team and its engineers are a key enabler for high
productivity of stream-aligned DevOps teams.
QAware | 4
■ Responsible to build and operation a platform to
enable and support the teams in their day to day
development work.
■ The platform aims to hide the inherent complexity
to reduce the cognitive load for the other teams.
– Standardization
– Self-Service
■ Fully automated software delivery is the goal!
https://hennyportman.wordpress.com/2020/05/25/review-team-topologies/
Cloud-native
Application Engineering
Cloud-native
Platform Engineering
The 5 Layers of Cloud-native Software Engineering
QAware | 5
IaaS
Network, Compute, Storage
(VPC, EC2, NLB, ALB, ...)
CaaS
(Kubernetes Services)
PaaS
(Software Infrastructure Blueprints with Helm and
Continuous Delivery Toolchain)
Application-specific
Software Infrastructure
Cloud-friendly & cloud-native
Applications
Architect Build Run
Amazon SNS
AWS IAM
Amazon
EC2
Amazon EBS
The 5 Layers of Cloud-native Software Engineering
QAware | 6
IaaS
Network, Compute, Storage
(VPC, EC2, NLB, ALB, ...)
CaaS
(Kubernetes Services)
PaaS
(Software Infrastructure Blueprints with Helm and
Continuous Delivery Toolchain)
Application-specific
Software Infrastructure
Cloud-friendly & cloud-native
Applications
Architect Build Run
Amazon SNS
AWS IAM
Amazon
EC2
Amazon EBS
?
Why not model cloud infrastructure
as Kubernetes resources?
Custom Resource Definitions are user-defined, declarative
extensions of the Kubernetes API
QAware | 8
■ Abstraction of complex application constructs and concepts
■ Definition solely via CustomResourceDefinitions
■ Structure definition via OpenAPI v3.0 Validation Schema
■ Default Support for several API Features: CRUD, Watch, Discovery,
json-patch, merge-patch, Admission Webhooks, Metadata, RBAC, …
■ Versioning und Conversion supported via Webhooks
QAware | 9
QAware | 10
Operator.
- Do stuff with my CRDs.
Operators are codified Ops procedures!
QAware | 11
■ Operators are the path towards Zero-Ops. They enable
auto-updating, self-monitoring and self-healing infrastructure
and applications.
■ The concept was coined in the Kubernetes world. It’s now been
adopted and used widespread in the cloud native world.
■ Examples: OKD, Sealed Secrets, Kube Monkey, Weave Flux,
Crossplane, and many more …
Kubernetes Operators Explained
QAware | 12
Introducing the Operator SDK
QAware | 13
lreimer/aws-ecr-operator
QAware | 15
https://intl.startrek.com/sites/default/files/styles/amp_metadata_content_image_min_696px_wide/public/images/2020-05/memes_002.png
Are you serious?!
qaware/k8s-native-iac
qaware/cloud-native-explab
Conceptual Showcase Architecture
QAware | 17
Provision
GitOps
Cluster API
AWS Controllers
for Kubernetes
Config
Connector
Config Connector Addon for Google Kubernetes Engine
QAware | 18
■ Define and use Google Cloud resources directly from Kubernetes. No need to define
resources outside the cluster using traditional IaC tools.
■ Config Connector can be added during GKE installation or later
■ Some in-cluster configuration required after initial setup
■ Requires dedicated service account with suitable permissions
■ Currently 20 different controllers with RELEASED status available, however, most of these
are still in PREVIEW maintenance phase
■ https://cloud.google.com/config-connector/docs/reference/overview
Examples for Config Connector Resources
QAware | 19
Manage AWS services using the Amazon Controllers for
Kubernetes (ACK)
QAware | 20
■ Define and use AWS service resources directly from Kubernetes. No need to define
resources outside the cluster using traditional IaC tools.
■ Each ACK service controller is packaged into a separate container image and Helm chart
■ Uses IAM Roles for Service Accounts (IRSA) to automate the provisioning and rotation of
temporary IAM credentials
■ Currently 20 different controllers with RELEASED status available, however, most of these
are still in PREVIEW maintenance phase
■ https://aws-controllers-k8s.github.io/community/
Examples for ACK Resources
QAware | 21
Crossplane in a Nutshell
QAware | 22
■ Open Source Kubernetes Add-on. Universal Control Plane for Cloud Infrastructure.
■ Cloud Infrastructure Services can be defined declaratively by application teams
■ Platform teams can provide relevant cloud infrastructure services via high level
self-services APIs
■ Individual Provider bundle a set of Managed Resources with their controllers. All major
cloud providers are supported, e.g. AWS, GCP, Azure, Alibaba, …
■ Managed Resources are fine granular representations of external cloud resources
■ Composite Resource Definitions or XRDs enable the definition and creation of new
abstractions for composite managed resources
■ https://crossplane.io
Examples for Crossplane AWS Resources
QAware | 23
apiVersion: sqs.aws.crossplane.io/v1beta1
kind: Queue
metadata:
name: test-queue.fifo
labels:
region: eu-central-1
spec:
deletionPolicy: Delete
forProvider:
region: eu-central-1
contentBasedDeduplication: true
delaySeconds: 3
fifoQueue: true
# 2 KB message size
maximumMessageSize: 2048
# 5 minutes
messageRetentionPeriod: 300
providerConfigRef:
name: providerconfig-aws
apiVersion: s3.aws.crossplane.io/v1beta1
kind: Bucket
metadata:
name: mastering-gitops
annotations:
crossplane.io/external-name: mastering-gitops-eu-central-1
labels:
region: eu-central-1
spec:
deletionPolicy: Delete
forProvider:
acl: private
locationConstraint: eu-central-1
serverSideEncryptionConfiguration:
rules:
- applyServerSideEncryptionByDefault:
sseAlgorithm: AES256
providerConfigRef:
name: providerconfig-aws
Kubernetes Cluster API
QAware | 24
■ Official Kubernetes sub-project
■ Declarative APIs and tooling to
provision, upgrade, and operate
multiple Kubernetes clusters
■ Work in different environments, both
on-premises and in the cloud
■ Reuse and integrate existing ecosystem
components rather than duplicating
Meetups & Talks vor der Winterpause
QAware | 25
1.12. in
Mainz!
6.12.
online!
qaware.de
QAware GmbH
Aschauer Straße 32
81549 München
Tel. +49 89 232315-0
info@qaware.de
twitter.com/qaware
linkedin.com/company/qaware-gmbh
xing.com/companies/qawaregmbh
slideshare.net/qaware
github.com/qaware

Weitere ähnliche Inhalte

Ähnlich wie kubectl apply -f cloud-Infrastructure.yaml mit Crossplane et al.

DevOps and BigData Analytics
DevOps and BigData Analytics DevOps and BigData Analytics
DevOps and BigData Analytics sbbabu
 
How kubernetes operators can rescue dev secops in midst of a pandemic updated
How kubernetes operators can rescue dev secops in midst of a pandemic updatedHow kubernetes operators can rescue dev secops in midst of a pandemic updated
How kubernetes operators can rescue dev secops in midst of a pandemic updatedShikha Srivastava
 
Micro service in aws meetup
Micro service in aws   meetupMicro service in aws   meetup
Micro service in aws meetupKiran Divekar
 
Docker & aPaaS: Enterprise Innovation and Trends for 2015
Docker & aPaaS: Enterprise Innovation and Trends for 2015Docker & aPaaS: Enterprise Innovation and Trends for 2015
Docker & aPaaS: Enterprise Innovation and Trends for 2015WaveMaker, Inc.
 
CNCF Meetup - OpenShift Overview
CNCF Meetup - OpenShift OverviewCNCF Meetup - OpenShift Overview
CNCF Meetup - OpenShift OverviewSumit Shatwara
 
Cloud Native Application @ VMUG.IT 20150529
Cloud Native Application @ VMUG.IT 20150529Cloud Native Application @ VMUG.IT 20150529
Cloud Native Application @ VMUG.IT 20150529VMUG IT
 
Getting Started with MariaDB with Docker
Getting Started with MariaDB with DockerGetting Started with MariaDB with Docker
Getting Started with MariaDB with DockerMariaDB plc
 
Linuxcon Europe 2011: Overview - Building Cloud Computing Environments
Linuxcon Europe 2011:  Overview - Building Cloud Computing EnvironmentsLinuxcon Europe 2011:  Overview - Building Cloud Computing Environments
Linuxcon Europe 2011: Overview - Building Cloud Computing EnvironmentsMark Hinkle
 
Containers Anywhere with OpenShift by Red Hat
Containers Anywhere with OpenShift by Red HatContainers Anywhere with OpenShift by Red Hat
Containers Anywhere with OpenShift by Red HatAmazon Web Services
 
VMware - Application Portability
VMware - Application PortabilityVMware - Application Portability
VMware - Application PortabilityVMUG IT
 
LinuxFest Northwest: Crash Course in Open Source Cloud Computing
LinuxFest Northwest: Crash Course in Open Source Cloud Computing LinuxFest Northwest: Crash Course in Open Source Cloud Computing
LinuxFest Northwest: Crash Course in Open Source Cloud Computing Mark Hinkle
 
Deploying Anything as a Service (XaaS) Using Operators on Kubernetes
Deploying Anything as a Service (XaaS) Using Operators on KubernetesDeploying Anything as a Service (XaaS) Using Operators on Kubernetes
Deploying Anything as a Service (XaaS) Using Operators on KubernetesAll Things Open
 
Cloud Computing Expo West - Crash Course in Open Source Cloud Computing
Cloud Computing Expo West - Crash Course in Open Source Cloud ComputingCloud Computing Expo West - Crash Course in Open Source Cloud Computing
Cloud Computing Expo West - Crash Course in Open Source Cloud ComputingMark Hinkle
 
InfoSec 2011: Crash Course Open Source Cloud Computing
InfoSec 2011: Crash Course Open Source Cloud ComputingInfoSec 2011: Crash Course Open Source Cloud Computing
InfoSec 2011: Crash Course Open Source Cloud ComputingMark Hinkle
 
Kubernetes for the VI Admin
Kubernetes for the VI AdminKubernetes for the VI Admin
Kubernetes for the VI AdminKendrick Coleman
 
Halifax DevOps - Meet-up - July.19 2017
Halifax DevOps - Meet-up - July.19 2017Halifax DevOps - Meet-up - July.19 2017
Halifax DevOps - Meet-up - July.19 2017Kyle Bassett
 
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019UA DevOps Conference
 
wisecloud based open cloud implementation guide
wisecloud based open cloud implementation guidewisecloud based open cloud implementation guide
wisecloud based open cloud implementation guidebizmerce
 
VMworld 2015: Build and Run Cloud Native Apps in your Software Defined Data C...
VMworld 2015: Build and Run Cloud Native Apps in your Software Defined Data C...VMworld 2015: Build and Run Cloud Native Apps in your Software Defined Data C...
VMworld 2015: Build and Run Cloud Native Apps in your Software Defined Data C...VMworld
 

Ähnlich wie kubectl apply -f cloud-Infrastructure.yaml mit Crossplane et al. (20)

DevOps and BigData Analytics
DevOps and BigData Analytics DevOps and BigData Analytics
DevOps and BigData Analytics
 
How kubernetes operators can rescue dev secops in midst of a pandemic updated
How kubernetes operators can rescue dev secops in midst of a pandemic updatedHow kubernetes operators can rescue dev secops in midst of a pandemic updated
How kubernetes operators can rescue dev secops in midst of a pandemic updated
 
Micro service in aws meetup
Micro service in aws   meetupMicro service in aws   meetup
Micro service in aws meetup
 
Docker & aPaaS: Enterprise Innovation and Trends for 2015
Docker & aPaaS: Enterprise Innovation and Trends for 2015Docker & aPaaS: Enterprise Innovation and Trends for 2015
Docker & aPaaS: Enterprise Innovation and Trends for 2015
 
CNCF Meetup - OpenShift Overview
CNCF Meetup - OpenShift OverviewCNCF Meetup - OpenShift Overview
CNCF Meetup - OpenShift Overview
 
Cloud Native Application @ VMUG.IT 20150529
Cloud Native Application @ VMUG.IT 20150529Cloud Native Application @ VMUG.IT 20150529
Cloud Native Application @ VMUG.IT 20150529
 
Getting Started with MariaDB with Docker
Getting Started with MariaDB with DockerGetting Started with MariaDB with Docker
Getting Started with MariaDB with Docker
 
Linuxcon Europe 2011: Overview - Building Cloud Computing Environments
Linuxcon Europe 2011:  Overview - Building Cloud Computing EnvironmentsLinuxcon Europe 2011:  Overview - Building Cloud Computing Environments
Linuxcon Europe 2011: Overview - Building Cloud Computing Environments
 
Containers Anywhere with OpenShift by Red Hat
Containers Anywhere with OpenShift by Red HatContainers Anywhere with OpenShift by Red Hat
Containers Anywhere with OpenShift by Red Hat
 
Cloud Native Application Development
Cloud Native Application DevelopmentCloud Native Application Development
Cloud Native Application Development
 
VMware - Application Portability
VMware - Application PortabilityVMware - Application Portability
VMware - Application Portability
 
LinuxFest Northwest: Crash Course in Open Source Cloud Computing
LinuxFest Northwest: Crash Course in Open Source Cloud Computing LinuxFest Northwest: Crash Course in Open Source Cloud Computing
LinuxFest Northwest: Crash Course in Open Source Cloud Computing
 
Deploying Anything as a Service (XaaS) Using Operators on Kubernetes
Deploying Anything as a Service (XaaS) Using Operators on KubernetesDeploying Anything as a Service (XaaS) Using Operators on Kubernetes
Deploying Anything as a Service (XaaS) Using Operators on Kubernetes
 
Cloud Computing Expo West - Crash Course in Open Source Cloud Computing
Cloud Computing Expo West - Crash Course in Open Source Cloud ComputingCloud Computing Expo West - Crash Course in Open Source Cloud Computing
Cloud Computing Expo West - Crash Course in Open Source Cloud Computing
 
InfoSec 2011: Crash Course Open Source Cloud Computing
InfoSec 2011: Crash Course Open Source Cloud ComputingInfoSec 2011: Crash Course Open Source Cloud Computing
InfoSec 2011: Crash Course Open Source Cloud Computing
 
Kubernetes for the VI Admin
Kubernetes for the VI AdminKubernetes for the VI Admin
Kubernetes for the VI Admin
 
Halifax DevOps - Meet-up - July.19 2017
Halifax DevOps - Meet-up - July.19 2017Halifax DevOps - Meet-up - July.19 2017
Halifax DevOps - Meet-up - July.19 2017
 
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019
 
wisecloud based open cloud implementation guide
wisecloud based open cloud implementation guidewisecloud based open cloud implementation guide
wisecloud based open cloud implementation guide
 
VMworld 2015: Build and Run Cloud Native Apps in your Software Defined Data C...
VMworld 2015: Build and Run Cloud Native Apps in your Software Defined Data C...VMworld 2015: Build and Run Cloud Native Apps in your Software Defined Data C...
VMworld 2015: Build and Run Cloud Native Apps in your Software Defined Data C...
 

Mehr von QAware GmbH

Make Agile Great - PM-Erfahrungen aus zwei virtuellen internationalen SAFe-Pr...
Make Agile Great - PM-Erfahrungen aus zwei virtuellen internationalen SAFe-Pr...Make Agile Great - PM-Erfahrungen aus zwei virtuellen internationalen SAFe-Pr...
Make Agile Great - PM-Erfahrungen aus zwei virtuellen internationalen SAFe-Pr...QAware GmbH
 
Fully-managed Cloud-native Databases: The path to indefinite scale @ CNN Mainz
Fully-managed Cloud-native Databases: The path to indefinite scale @ CNN MainzFully-managed Cloud-native Databases: The path to indefinite scale @ CNN Mainz
Fully-managed Cloud-native Databases: The path to indefinite scale @ CNN MainzQAware GmbH
 
Down the Ivory Tower towards Agile Architecture
Down the Ivory Tower towards Agile ArchitectureDown the Ivory Tower towards Agile Architecture
Down the Ivory Tower towards Agile ArchitectureQAware GmbH
 
"Mixed" Scrum-Teams – Die richtige Mischung macht's!
"Mixed" Scrum-Teams – Die richtige Mischung macht's!"Mixed" Scrum-Teams – Die richtige Mischung macht's!
"Mixed" Scrum-Teams – Die richtige Mischung macht's!QAware GmbH
 
Make Developers Fly: Principles for Platform Engineering
Make Developers Fly: Principles for Platform EngineeringMake Developers Fly: Principles for Platform Engineering
Make Developers Fly: Principles for Platform EngineeringQAware GmbH
 
Der Tod der Testpyramide? – Frontend-Testing mit Playwright
Der Tod der Testpyramide? – Frontend-Testing mit PlaywrightDer Tod der Testpyramide? – Frontend-Testing mit Playwright
Der Tod der Testpyramide? – Frontend-Testing mit PlaywrightQAware GmbH
 
Was kommt nach den SPAs
Was kommt nach den SPAsWas kommt nach den SPAs
Was kommt nach den SPAsQAware GmbH
 
Cloud Migration mit KI: der Turbo
Cloud Migration mit KI: der Turbo Cloud Migration mit KI: der Turbo
Cloud Migration mit KI: der Turbo QAware GmbH
 
Migration von stark regulierten Anwendungen in die Cloud: Dem Teufel die See...
 Migration von stark regulierten Anwendungen in die Cloud: Dem Teufel die See... Migration von stark regulierten Anwendungen in die Cloud: Dem Teufel die See...
Migration von stark regulierten Anwendungen in die Cloud: Dem Teufel die See...QAware GmbH
 
Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster
Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster
Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster QAware GmbH
 
Endlich gute API Tests. Boldly Testing APIs Where No One Has Tested Before.
Endlich gute API Tests. Boldly Testing APIs Where No One Has Tested Before.Endlich gute API Tests. Boldly Testing APIs Where No One Has Tested Before.
Endlich gute API Tests. Boldly Testing APIs Where No One Has Tested Before.QAware GmbH
 
Kubernetes with Cilium in AWS - Experience Report!
Kubernetes with Cilium in AWS - Experience Report!Kubernetes with Cilium in AWS - Experience Report!
Kubernetes with Cilium in AWS - Experience Report!QAware GmbH
 
50 Shades of K8s Autoscaling
50 Shades of K8s Autoscaling50 Shades of K8s Autoscaling
50 Shades of K8s AutoscalingQAware GmbH
 
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAP
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAPKontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAP
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAPQAware GmbH
 
Service Mesh Pain & Gain. Experiences from a client project.
Service Mesh Pain & Gain. Experiences from a client project.Service Mesh Pain & Gain. Experiences from a client project.
Service Mesh Pain & Gain. Experiences from a client project.QAware GmbH
 
50 Shades of K8s Autoscaling
50 Shades of K8s Autoscaling50 Shades of K8s Autoscaling
50 Shades of K8s AutoscalingQAware GmbH
 
Blue turns green! Approaches and technologies for sustainable K8s clusters.
Blue turns green! Approaches and technologies for sustainable K8s clusters.Blue turns green! Approaches and technologies for sustainable K8s clusters.
Blue turns green! Approaches and technologies for sustainable K8s clusters.QAware GmbH
 
Per Anhalter zu Cloud Nativen API Gateways
Per Anhalter zu Cloud Nativen API GatewaysPer Anhalter zu Cloud Nativen API Gateways
Per Anhalter zu Cloud Nativen API GatewaysQAware GmbH
 
Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster
Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster
Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster QAware GmbH
 
How to speed up Spring Integration Tests
How to speed up Spring Integration TestsHow to speed up Spring Integration Tests
How to speed up Spring Integration TestsQAware GmbH
 

Mehr von QAware GmbH (20)

Make Agile Great - PM-Erfahrungen aus zwei virtuellen internationalen SAFe-Pr...
Make Agile Great - PM-Erfahrungen aus zwei virtuellen internationalen SAFe-Pr...Make Agile Great - PM-Erfahrungen aus zwei virtuellen internationalen SAFe-Pr...
Make Agile Great - PM-Erfahrungen aus zwei virtuellen internationalen SAFe-Pr...
 
Fully-managed Cloud-native Databases: The path to indefinite scale @ CNN Mainz
Fully-managed Cloud-native Databases: The path to indefinite scale @ CNN MainzFully-managed Cloud-native Databases: The path to indefinite scale @ CNN Mainz
Fully-managed Cloud-native Databases: The path to indefinite scale @ CNN Mainz
 
Down the Ivory Tower towards Agile Architecture
Down the Ivory Tower towards Agile ArchitectureDown the Ivory Tower towards Agile Architecture
Down the Ivory Tower towards Agile Architecture
 
"Mixed" Scrum-Teams – Die richtige Mischung macht's!
"Mixed" Scrum-Teams – Die richtige Mischung macht's!"Mixed" Scrum-Teams – Die richtige Mischung macht's!
"Mixed" Scrum-Teams – Die richtige Mischung macht's!
 
Make Developers Fly: Principles for Platform Engineering
Make Developers Fly: Principles for Platform EngineeringMake Developers Fly: Principles for Platform Engineering
Make Developers Fly: Principles for Platform Engineering
 
Der Tod der Testpyramide? – Frontend-Testing mit Playwright
Der Tod der Testpyramide? – Frontend-Testing mit PlaywrightDer Tod der Testpyramide? – Frontend-Testing mit Playwright
Der Tod der Testpyramide? – Frontend-Testing mit Playwright
 
Was kommt nach den SPAs
Was kommt nach den SPAsWas kommt nach den SPAs
Was kommt nach den SPAs
 
Cloud Migration mit KI: der Turbo
Cloud Migration mit KI: der Turbo Cloud Migration mit KI: der Turbo
Cloud Migration mit KI: der Turbo
 
Migration von stark regulierten Anwendungen in die Cloud: Dem Teufel die See...
 Migration von stark regulierten Anwendungen in die Cloud: Dem Teufel die See... Migration von stark regulierten Anwendungen in die Cloud: Dem Teufel die See...
Migration von stark regulierten Anwendungen in die Cloud: Dem Teufel die See...
 
Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster
Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster
Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster
 
Endlich gute API Tests. Boldly Testing APIs Where No One Has Tested Before.
Endlich gute API Tests. Boldly Testing APIs Where No One Has Tested Before.Endlich gute API Tests. Boldly Testing APIs Where No One Has Tested Before.
Endlich gute API Tests. Boldly Testing APIs Where No One Has Tested Before.
 
Kubernetes with Cilium in AWS - Experience Report!
Kubernetes with Cilium in AWS - Experience Report!Kubernetes with Cilium in AWS - Experience Report!
Kubernetes with Cilium in AWS - Experience Report!
 
50 Shades of K8s Autoscaling
50 Shades of K8s Autoscaling50 Shades of K8s Autoscaling
50 Shades of K8s Autoscaling
 
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAP
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAPKontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAP
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAP
 
Service Mesh Pain & Gain. Experiences from a client project.
Service Mesh Pain & Gain. Experiences from a client project.Service Mesh Pain & Gain. Experiences from a client project.
Service Mesh Pain & Gain. Experiences from a client project.
 
50 Shades of K8s Autoscaling
50 Shades of K8s Autoscaling50 Shades of K8s Autoscaling
50 Shades of K8s Autoscaling
 
Blue turns green! Approaches and technologies for sustainable K8s clusters.
Blue turns green! Approaches and technologies for sustainable K8s clusters.Blue turns green! Approaches and technologies for sustainable K8s clusters.
Blue turns green! Approaches and technologies for sustainable K8s clusters.
 
Per Anhalter zu Cloud Nativen API Gateways
Per Anhalter zu Cloud Nativen API GatewaysPer Anhalter zu Cloud Nativen API Gateways
Per Anhalter zu Cloud Nativen API Gateways
 
Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster
Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster
Aus blau wird grün! Ansätze und Technologien für nachhaltige Kubernetes-Cluster
 
How to speed up Spring Integration Tests
How to speed up Spring Integration TestsHow to speed up Spring Integration Tests
How to speed up Spring Integration Tests
 

Kürzlich hochgeladen

Neo4j_Exploring the Impact of Graph Technology on Financial Services.pdf
Neo4j_Exploring the Impact of Graph Technology on Financial Services.pdfNeo4j_Exploring the Impact of Graph Technology on Financial Services.pdf
Neo4j_Exploring the Impact of Graph Technology on Financial Services.pdfNeo4j
 
testingsdadadadaaddadadadadadadadaad.pdf
testingsdadadadaaddadadadadadadadaad.pdftestingsdadadadaaddadadadadadadadaad.pdf
testingsdadadadaaddadadadadadadadaad.pdfDSP Mutual Fund
 
Film cover research.pptx for media courseowrk
Film cover research.pptx for media courseowrkFilm cover research.pptx for media courseowrk
Film cover research.pptx for media courseowrk494f574xmv
 
Digital Indonesia Report 2024 by We Are Social .pdf
Digital Indonesia Report 2024 by We Are Social .pdfDigital Indonesia Report 2024 by We Are Social .pdf
Digital Indonesia Report 2024 by We Are Social .pdfNicoChristianSunaryo
 
6 Tips for Interpretable Topic Models _ by Nicha Ruchirawat _ Towards Data Sc...
6 Tips for Interpretable Topic Models _ by Nicha Ruchirawat _ Towards Data Sc...6 Tips for Interpretable Topic Models _ by Nicha Ruchirawat _ Towards Data Sc...
6 Tips for Interpretable Topic Models _ by Nicha Ruchirawat _ Towards Data Sc...Dr Arash Najmaei ( Phd., MBA, BSc)
 
prediction of default payment next month using a logistic approach
prediction of default payment next month using a logistic approachprediction of default payment next month using a logistic approach
prediction of default payment next month using a logistic approachAdekunleJoseph4
 
why-transparency-and-traceability-are-essential-for-sustainable-supply-chains...
why-transparency-and-traceability-are-essential-for-sustainable-supply-chains...why-transparency-and-traceability-are-essential-for-sustainable-supply-chains...
why-transparency-and-traceability-are-essential-for-sustainable-supply-chains...Jack Cole
 
Statistics For Management by Richard I. Levin 8ed.pdf
Statistics For Management by Richard I. Levin 8ed.pdfStatistics For Management by Richard I. Levin 8ed.pdf
Statistics For Management by Richard I. Levin 8ed.pdfnikeshsingh56
 
Adobe Scan 06-Mar-2024 (1).pdfwvsbbsbsba
Adobe Scan 06-Mar-2024 (1).pdfwvsbbsbsbaAdobe Scan 06-Mar-2024 (1).pdfwvsbbsbsba
Adobe Scan 06-Mar-2024 (1).pdfwvsbbsbsbas73678sri
 
Data Discovery With Power Query in excel
Data Discovery With Power Query in excelData Discovery With Power Query in excel
Data Discovery With Power Query in excelKapilSidhpuria3
 
DATA ANALYSIS using various data sets like shoping data set etc
DATA ANALYSIS using various data sets like shoping data set etcDATA ANALYSIS using various data sets like shoping data set etc
DATA ANALYSIS using various data sets like shoping data set etclalithasri22
 
Rabobank_Exploring the Impact of Graph Technology on Financial Services.pdf
Rabobank_Exploring the Impact of Graph Technology on Financial Services.pdfRabobank_Exploring the Impact of Graph Technology on Financial Services.pdf
Rabobank_Exploring the Impact of Graph Technology on Financial Services.pdfNeo4j
 
Role of Consumer Insights in business transformation
Role of Consumer Insights in business transformationRole of Consumer Insights in business transformation
Role of Consumer Insights in business transformationAnnie Melnic
 
Adobe Scan 06-Mar-2024 (1).pdf shavashwvw
Adobe Scan 06-Mar-2024 (1).pdf shavashwvwAdobe Scan 06-Mar-2024 (1).pdf shavashwvw
Adobe Scan 06-Mar-2024 (1).pdf shavashwvws73678sri
 
Inference rules in artificial intelligence
Inference rules in artificial intelligenceInference rules in artificial intelligence
Inference rules in artificial intelligencePriyadharshiniG41
 
Predictive Analysis - Using Insight-informed Data to Plan Inventory in Next 6...
Predictive Analysis - Using Insight-informed Data to Plan Inventory in Next 6...Predictive Analysis - Using Insight-informed Data to Plan Inventory in Next 6...
Predictive Analysis - Using Insight-informed Data to Plan Inventory in Next 6...ThinkInnovation
 
Decoding Movie Sentiments: Analyzing Reviews with Data Analysis model
Decoding Movie Sentiments: Analyzing Reviews with Data Analysis modelDecoding Movie Sentiments: Analyzing Reviews with Data Analysis model
Decoding Movie Sentiments: Analyzing Reviews with Data Analysis modelBoston Institute of Analytics
 
IBEF report on the Insurance market in India
IBEF report on the Insurance market in IndiaIBEF report on the Insurance market in India
IBEF report on the Insurance market in IndiaManalVerma4
 

Kürzlich hochgeladen (19)

Neo4j_Exploring the Impact of Graph Technology on Financial Services.pdf
Neo4j_Exploring the Impact of Graph Technology on Financial Services.pdfNeo4j_Exploring the Impact of Graph Technology on Financial Services.pdf
Neo4j_Exploring the Impact of Graph Technology on Financial Services.pdf
 
testingsdadadadaaddadadadadadadadaad.pdf
testingsdadadadaaddadadadadadadadaad.pdftestingsdadadadaaddadadadadadadadaad.pdf
testingsdadadadaaddadadadadadadadaad.pdf
 
Film cover research.pptx for media courseowrk
Film cover research.pptx for media courseowrkFilm cover research.pptx for media courseowrk
Film cover research.pptx for media courseowrk
 
Digital Indonesia Report 2024 by We Are Social .pdf
Digital Indonesia Report 2024 by We Are Social .pdfDigital Indonesia Report 2024 by We Are Social .pdf
Digital Indonesia Report 2024 by We Are Social .pdf
 
6 Tips for Interpretable Topic Models _ by Nicha Ruchirawat _ Towards Data Sc...
6 Tips for Interpretable Topic Models _ by Nicha Ruchirawat _ Towards Data Sc...6 Tips for Interpretable Topic Models _ by Nicha Ruchirawat _ Towards Data Sc...
6 Tips for Interpretable Topic Models _ by Nicha Ruchirawat _ Towards Data Sc...
 
prediction of default payment next month using a logistic approach
prediction of default payment next month using a logistic approachprediction of default payment next month using a logistic approach
prediction of default payment next month using a logistic approach
 
why-transparency-and-traceability-are-essential-for-sustainable-supply-chains...
why-transparency-and-traceability-are-essential-for-sustainable-supply-chains...why-transparency-and-traceability-are-essential-for-sustainable-supply-chains...
why-transparency-and-traceability-are-essential-for-sustainable-supply-chains...
 
Statistics For Management by Richard I. Levin 8ed.pdf
Statistics For Management by Richard I. Levin 8ed.pdfStatistics For Management by Richard I. Levin 8ed.pdf
Statistics For Management by Richard I. Levin 8ed.pdf
 
Adobe Scan 06-Mar-2024 (1).pdfwvsbbsbsba
Adobe Scan 06-Mar-2024 (1).pdfwvsbbsbsbaAdobe Scan 06-Mar-2024 (1).pdfwvsbbsbsba
Adobe Scan 06-Mar-2024 (1).pdfwvsbbsbsba
 
Data Discovery With Power Query in excel
Data Discovery With Power Query in excelData Discovery With Power Query in excel
Data Discovery With Power Query in excel
 
2023 Survey Shows Dip in High School E-Cigarette Use
2023 Survey Shows Dip in High School E-Cigarette Use2023 Survey Shows Dip in High School E-Cigarette Use
2023 Survey Shows Dip in High School E-Cigarette Use
 
DATA ANALYSIS using various data sets like shoping data set etc
DATA ANALYSIS using various data sets like shoping data set etcDATA ANALYSIS using various data sets like shoping data set etc
DATA ANALYSIS using various data sets like shoping data set etc
 
Rabobank_Exploring the Impact of Graph Technology on Financial Services.pdf
Rabobank_Exploring the Impact of Graph Technology on Financial Services.pdfRabobank_Exploring the Impact of Graph Technology on Financial Services.pdf
Rabobank_Exploring the Impact of Graph Technology on Financial Services.pdf
 
Role of Consumer Insights in business transformation
Role of Consumer Insights in business transformationRole of Consumer Insights in business transformation
Role of Consumer Insights in business transformation
 
Adobe Scan 06-Mar-2024 (1).pdf shavashwvw
Adobe Scan 06-Mar-2024 (1).pdf shavashwvwAdobe Scan 06-Mar-2024 (1).pdf shavashwvw
Adobe Scan 06-Mar-2024 (1).pdf shavashwvw
 
Inference rules in artificial intelligence
Inference rules in artificial intelligenceInference rules in artificial intelligence
Inference rules in artificial intelligence
 
Predictive Analysis - Using Insight-informed Data to Plan Inventory in Next 6...
Predictive Analysis - Using Insight-informed Data to Plan Inventory in Next 6...Predictive Analysis - Using Insight-informed Data to Plan Inventory in Next 6...
Predictive Analysis - Using Insight-informed Data to Plan Inventory in Next 6...
 
Decoding Movie Sentiments: Analyzing Reviews with Data Analysis model
Decoding Movie Sentiments: Analyzing Reviews with Data Analysis modelDecoding Movie Sentiments: Analyzing Reviews with Data Analysis model
Decoding Movie Sentiments: Analyzing Reviews with Data Analysis model
 
IBEF report on the Insurance market in India
IBEF report on the Insurance market in IndiaIBEF report on the Insurance market in India
IBEF report on the Insurance market in India
 

kubectl apply -f cloud-Infrastructure.yaml mit Crossplane et al.

  • 1. 1 Mario-Leander Reimer mario-leander.reimer@qaware.de @LeanderReimer @Container_Conf @ConLifecycle qaware.de Photo by CHUTTERSNAP on Unsplash kubectl apply -f cloud-Infrastructure.yaml mit Crossplane et al.
  • 2. 2 Mario-Leander Reimer Principal Software Architect @LeanderReimer #cloudnativenerd #qaware #gernperDude
  • 3. “Too much cognitive load will become a bottleneck for fast flow and high productivity for many DevOps teams.” QAware | 3 ■ Intrinsic Cognitive Load Relates to fundamental aspects and knowledge in the problem space (e.g. used languages, APIs, frameworks) ■ Extraneous Cognitive Load Relates to the environment (e.g. console command, deployment, configuration) ■ Germane Cognitive Load Relates to specific aspects of the business domain (aka. „value added“ thinking)
  • 4. A Platform team and its engineers are a key enabler for high productivity of stream-aligned DevOps teams. QAware | 4 ■ Responsible to build and operation a platform to enable and support the teams in their day to day development work. ■ The platform aims to hide the inherent complexity to reduce the cognitive load for the other teams. – Standardization – Self-Service ■ Fully automated software delivery is the goal! https://hennyportman.wordpress.com/2020/05/25/review-team-topologies/
  • 5. Cloud-native Application Engineering Cloud-native Platform Engineering The 5 Layers of Cloud-native Software Engineering QAware | 5 IaaS Network, Compute, Storage (VPC, EC2, NLB, ALB, ...) CaaS (Kubernetes Services) PaaS (Software Infrastructure Blueprints with Helm and Continuous Delivery Toolchain) Application-specific Software Infrastructure Cloud-friendly & cloud-native Applications Architect Build Run Amazon SNS AWS IAM Amazon EC2 Amazon EBS
  • 6. The 5 Layers of Cloud-native Software Engineering QAware | 6 IaaS Network, Compute, Storage (VPC, EC2, NLB, ALB, ...) CaaS (Kubernetes Services) PaaS (Software Infrastructure Blueprints with Helm and Continuous Delivery Toolchain) Application-specific Software Infrastructure Cloud-friendly & cloud-native Applications Architect Build Run Amazon SNS AWS IAM Amazon EC2 Amazon EBS ?
  • 7. Why not model cloud infrastructure as Kubernetes resources?
  • 8. Custom Resource Definitions are user-defined, declarative extensions of the Kubernetes API QAware | 8 ■ Abstraction of complex application constructs and concepts ■ Definition solely via CustomResourceDefinitions ■ Structure definition via OpenAPI v3.0 Validation Schema ■ Default Support for several API Features: CRUD, Watch, Discovery, json-patch, merge-patch, Admission Webhooks, Metadata, RBAC, … ■ Versioning und Conversion supported via Webhooks
  • 10. QAware | 10 Operator. - Do stuff with my CRDs.
  • 11. Operators are codified Ops procedures! QAware | 11 ■ Operators are the path towards Zero-Ops. They enable auto-updating, self-monitoring and self-healing infrastructure and applications. ■ The concept was coined in the Kubernetes world. It’s now been adopted and used widespread in the cloud native world. ■ Examples: OKD, Sealed Secrets, Kube Monkey, Weave Flux, Crossplane, and many more …
  • 13. Introducing the Operator SDK QAware | 13
  • 17. Conceptual Showcase Architecture QAware | 17 Provision GitOps Cluster API AWS Controllers for Kubernetes Config Connector
  • 18. Config Connector Addon for Google Kubernetes Engine QAware | 18 ■ Define and use Google Cloud resources directly from Kubernetes. No need to define resources outside the cluster using traditional IaC tools. ■ Config Connector can be added during GKE installation or later ■ Some in-cluster configuration required after initial setup ■ Requires dedicated service account with suitable permissions ■ Currently 20 different controllers with RELEASED status available, however, most of these are still in PREVIEW maintenance phase ■ https://cloud.google.com/config-connector/docs/reference/overview
  • 19. Examples for Config Connector Resources QAware | 19
  • 20. Manage AWS services using the Amazon Controllers for Kubernetes (ACK) QAware | 20 ■ Define and use AWS service resources directly from Kubernetes. No need to define resources outside the cluster using traditional IaC tools. ■ Each ACK service controller is packaged into a separate container image and Helm chart ■ Uses IAM Roles for Service Accounts (IRSA) to automate the provisioning and rotation of temporary IAM credentials ■ Currently 20 different controllers with RELEASED status available, however, most of these are still in PREVIEW maintenance phase ■ https://aws-controllers-k8s.github.io/community/
  • 21. Examples for ACK Resources QAware | 21
  • 22. Crossplane in a Nutshell QAware | 22 ■ Open Source Kubernetes Add-on. Universal Control Plane for Cloud Infrastructure. ■ Cloud Infrastructure Services can be defined declaratively by application teams ■ Platform teams can provide relevant cloud infrastructure services via high level self-services APIs ■ Individual Provider bundle a set of Managed Resources with their controllers. All major cloud providers are supported, e.g. AWS, GCP, Azure, Alibaba, … ■ Managed Resources are fine granular representations of external cloud resources ■ Composite Resource Definitions or XRDs enable the definition and creation of new abstractions for composite managed resources ■ https://crossplane.io
  • 23. Examples for Crossplane AWS Resources QAware | 23 apiVersion: sqs.aws.crossplane.io/v1beta1 kind: Queue metadata: name: test-queue.fifo labels: region: eu-central-1 spec: deletionPolicy: Delete forProvider: region: eu-central-1 contentBasedDeduplication: true delaySeconds: 3 fifoQueue: true # 2 KB message size maximumMessageSize: 2048 # 5 minutes messageRetentionPeriod: 300 providerConfigRef: name: providerconfig-aws apiVersion: s3.aws.crossplane.io/v1beta1 kind: Bucket metadata: name: mastering-gitops annotations: crossplane.io/external-name: mastering-gitops-eu-central-1 labels: region: eu-central-1 spec: deletionPolicy: Delete forProvider: acl: private locationConstraint: eu-central-1 serverSideEncryptionConfiguration: rules: - applyServerSideEncryptionByDefault: sseAlgorithm: AES256 providerConfigRef: name: providerconfig-aws
  • 24. Kubernetes Cluster API QAware | 24 ■ Official Kubernetes sub-project ■ Declarative APIs and tooling to provision, upgrade, and operate multiple Kubernetes clusters ■ Work in different environments, both on-premises and in the cloud ■ Reuse and integrate existing ecosystem components rather than duplicating
  • 25. Meetups & Talks vor der Winterpause QAware | 25 1.12. in Mainz! 6.12. online!
  • 26. qaware.de QAware GmbH Aschauer Straße 32 81549 München Tel. +49 89 232315-0 info@qaware.de twitter.com/qaware linkedin.com/company/qaware-gmbh xing.com/companies/qawaregmbh slideshare.net/qaware github.com/qaware