AlviStack is a Hong Kong based Kubernetes distribution, passing CNCF Kubernetes Conformance Test, and now submitting as CNCF sandbox project. This workshop will share about how AlviStack works, a quick demo with Kubernetes deployment, and some on going public contribution roadmap. https://2022.hkoscon.org/edisonwong/

1. Hong Kong Open Source Conference 2022
AlviStack
Hong Kong Based Kubernetes Distribution
Edison Wong
2022-06-11

2. Wong Hoi Sing, Edison
●
2005: Drupal Developer & Contributor
– https://drupal.org/user/33940
●
2008: HKDUG Co-founder
– https://groups.drupal.org/drupalhk
●
2010: CEO, PantaRei Design
– hswong3i@pantarei-design.com
●
2020: HKOSCON 2022 Speaker
– https://hkoscon.org/2020/topics/ansible-vm-kubernetes
●
2022: Most Active GitHub user in Hong Kong
– https://commits.top/hong_kong.html

9. Outline
●
What is AlviStack?
●
How AlviStack Works?
●
Why Should I try AlviStack?
●
Demo
●
Roadmap
●
Q&A

10. What is AlviStack?
●
1st
Hong Kong based Kubernetes Distribution
– https://github.com/alvistack/ansible-collection-kubernetes
●
CNCF conformance test passed
– https://github.com/cncf/k8s-conformance/pull/1896
●
DevOps with Ansible
●
Production ready
●
Infra and OS independent
●
Apache License 2.0

11. What is AlviStack? (cont.)
●
GitHub project since 2017
– https://github.com/alvistack/
– Repositories: 509
●
Open Build Service Packages: 733
– https://build.opensuse.org/project/show/home:alvistack
●
Vagrant Boxes: 54
– https://app.vagrantup.com/alvistack
●
Docker Image: 75
– https://hub.docker.com/u/alvistack

12. What is AlviStack? (cont.)
●
Supported OS: 16
– Ubuntu 22.04, 21.10, 20.04, 18.04
– CentOS 7, 8 Stream, 9 Stream
– openSUSE Leap 15.3, Leap 15.4, Tumbleweed
– Debian 10, 11, Testing
– Fedora 35, 36, Rawhide
– RHEL 7, 8, 9

19. What is AlviStack? (cont.)
●
Submitting as CNCF certified distribution
– Conformance test with sonobuoy
– Join Linux Foundation and CNCF
– Interview with CNCF China director
– Etc…

20. How AlviStack Works?
●
Packaging with OBS
●
DevOps with Ansible
●
CI with Vagrant

21. Packaging with OBS
●
Kubernetes installation is complicated
– Kubernetes package repo conflict with Kubic CRI-O repo
– Missing package dependency for legacy LTS OS
– Latest Kubernetes tool chain may broken and you would
like to rollback to previous release (!?)
– Manual deployment with static binary is always a bad idea
for daily operation management (??)

23. Packaging with OBS (cont.)
●
openSUSE Open Build Service (OBS)
– Handle both RPM and DEB packaging
– Auto rebuild when dependent package get updated
– Provide repo management and package signing
– (HACK) Support multiple version of package within
Single-Fat-Repo

25. Packaging with OBS (cont.)
●
With OBS we package for
– Ansible, Kubernetes, CRI-O, Podman, etc
– Update legacy tool chain from OS
●
Hotfix if required
– Bug report to upstream
– But never wait for upstream (well, sometime endlessly...)
●
Greatly simplify package delivery, dependency management,
configuration changes, install and upgrade, etc etc etc...

27. DevOps with Ansible
●
Ansible is great BUT…
– Kubespary conflict with ceph-ansible...
– Most Ansible Roles are not reusable (ALL-or-
NOTHING)
– Some OS (e.g. openSUSE) support are not
generally available...

28. DevOps with Ansible (cont.)
●
AlviStack copy-cat from Kubespray and ceph-
ansible at the beginning, but improve with:
– Split all Ansible Role as independent and reusable,
e.g. OS bootstrap, SSHD, Python, Ansible, etc
– Add missing OS support
– Individually CI with Vagrant + Libvirt + multiple OS

29. DevOps with Ansible (cont.)
●
Once individual Ansible Role get ready, now
reuse as:
– Bare metal or VM deployment with Ansible
Collection
– Vagrant Box and Docker Image provision with
Packer + Ansible Provisioner

30. DevOps with Ansible (cont.)
●
Production ready Kubernetes with
– CRI: CRI-O + crun (i.e. without Docker)
– CNI: Cilium with network policy support
– CSI: csi-cephfs with PVC RWX support
– Ingress Nginx + cert-manager support

31. CI with Vagrant
●
CI for Ceph + Kubernetes is complicated
– Ceph OSD need a real block device for provision
– Kubernetes need flexible cgroup and network support
– Multiple instances is required for cluster test
●
Most CI platform (e.g. Github Action, GitLab Runner)
default docker-based solution is not suitable

32. CI with Vagrant (cont.)
●
AlviStack combine:
– Github as public repo
– GitLab CI as CI agent
– Self-hosted GitLab Runner with nested virtualization support
– 1st
layer Vagrant Box running each CI individually
– 2nd
layer Vagrant Box for different OS or multiple instances
– (HACK) ALL Vagrant Box running on tmpfs (in-memory!!)
– (HACK) Shared Vagrant Box and GitLab cache with Ceph FS

34. CI with Vagrant (cont.)
●
All CI steps could be implemented with
local development environment
●
Test cases also written in Ansible and
manage with Molecule

35. Why Should I try AlviStack?
●
Design for Hong Kong
●
Infra Independent
●
OS Independent
●
Zero Config with Auto Detect
●
Cost Effective Operation

36. Design for Hong Kong
●
Most HK customer have no choose with
their own infra and OS, e.g.
– Private cloud with VMWare ESXi or OpenStack...
– Public cloud with EKS or AKS or GKE...
– RHEL or Ubuntu or openSUSE or etc etc etc…

37. Design for Hong Kong (cont.)
●
Most HK customer do not care HOW your DR
works BUT asking for 99.99 SLA…
– Yes, Kubernetes is the best answer now a day
– But No, customer only looking for their
application running smoothly, e.g. a Drupal
website as official homepage

38. Infra Independent
●
AlviStack only require standard VM and
networking, e.g. CPU, RAM, Disk,
Networking
●
AlviStack support cooperate network
with outgoing HTTP/HTTPS proxy

39. OS Independent
●
Support legacy LTS OS, e.g.
– Ubuntu 18.04, 20.04
●
Support recent LTS OS, e.g.
– Ubuntu 22.04
●
(Limited) Support upstream rolling release, e.g.
– Debian Testing

40. Zero Config with Auto Detect
●
Default configuration is design for
– 2 core CPU
– 8GB RAM
– All-in-one with CephFS and Kubernetes
●
Auto detect hostname, disk, network interface, etc etc etc…
●
Support override for advanced customization

41. Cost Effective Operation
●
100% Open Source Software
●
Unified user experience
●
Support scale up from All-in-one to multi-
master to additional worker node
●
No vendor lock-in to specific infra or OS

42. Demo
●
Bootstrap Host
●
Bootstrap Ansible and Molecule
●
Deploy Kubernetes
●
Run Sonobuoy

43. Roadmap
●
(WIP) Join Linux Foundation and CNCF
– Submit AlviStack as CNCF sandbox project
●
(WIP) New company (AlviStack) formation for customer paid support service
– Submit new company for HKSTP incubation
●
Recruit co-maintainer with sponsorship
●
Partner with HKOS and CNCF China for community events, e.g.
– Training section
– Workshop
– Special Interest Groups (SIG)
– Case study sharing

44. Q&A

45. Contact Us
●
Address: Unit 326, 3/F, Building 16W, No.16 Science Park
West Avenue, Hong Kong Science Park, Shatin, N.T.
●
Phone: +852 3576 3812
●
Fax: +852 3753 3663
●
Email: sales@pantarei-design.com
●
Web: http://pantarei-design.com