SlideShare ist ein Scribd-Unternehmen logo

Kubecon 2017 Zero Touch Kubernetes

‱
‱
rhirschfeld
rhirschfeld

Kubernetes Immutable Boot via Digital Rebar w/ KubeAdm

Technologie
1 von 27
Downloaden Sie, um offline zu lesen
Zero-Configuration Pattern Provisioning Kubernetes on Unmanaged Infrastructure Rob @zehicle Hirschfeld, RackN November, 2017
Hang on to your Hats! Krazy New Stuff ● Immutable Bootstrap (demo!) ● Node Admission (v1.7) ● Dynamic Kubelet (v1.8)
3 #KubeCon - @zehicle Rob Hirschfeld (@zehicle) Involved in Kubernetes since launch Co-chair of Cluster Ops SIG Co-Founder of RackN & Digital Rebar Project We focus on operations automation for bare metal
4 #KubeCon - @zehicle We’ve been using Kubespray since Kubernetes v1.2 But first
 Kubespray ● Very Solid Ansible Playbook ● Strong Community ● Amazing Features like HA & Upgrade HTTP://bit.ly/SYDkubespray But
.
5 #KubeCon - @zehicle Why not Kubespray? We’d like to do better! ● No Centralized Orchestration ● No Inventory Building ● No SSH ● Immutable Booting ● and, much FASTER I don’t always Ansible, but when I do Ansible, I use Kubespray.
6 #KubeCon - @zehicle Let’s get Immutable! What? ● Create, Destroy & Repeat ● Machines recreated, not updated ● Typically “Pre-Baked” images Why? ● Very repeatable and predictable installation ● Simpler node configuration ● Faster deploy time
7 #KubeCon - @zehicle Community converging to single install utility! Leveraging Kubeadm Basic Three Step Cluster Initialization: 1. Initialize Master 2. Retrieve Token from Initialize 3. Join Nodes with Token Still requires coordination / synchronization
8 #KubeCon - @zehicle We need to build underlay infrastructure But First, Kubeadm Prereqs Basic Three Step Underlay: 1. install operating system with network access 2. attach disks (optional?!) 3. install Docker on the machine Oh, and we need to have some control mechanism on the nodes too.
9 #KubeCon - @zehicle A bootstrapping illustration node01 node02 node03 node04
10 #KubeCon - @zehicle A bootstrapping illustration Install O/S Install Docker Install O/S Install Docker 1 2 Install O/S Install Docker Install O/S Install Docker node01 node02 node03 node04 Install Stage
11 #KubeCon - @zehicle A bootstrapping illustration Install O/S Install Docker Kubeadm -- Init Cluster Token Install O/S Install Docker 1 2 3 4 Install O/S Install Docker Install O/S Install Docker node01 node02 node03 node04 master node (random or selected)
12 #KubeCon - @zehicle A bootstrapping illustration Install O/S Install Docker Kubeadm -- Init Cluster Token Install O/S Install Docker Kubeadm -- Join wait for token 1 2 3 4 5 Install O/S Install Docker Kubeadm -- Join wait for token Install O/S Install Docker Kubeadm -- Join wait for token node01 node02 node03 node04
13 #KubeCon - @zehicle Later... A bootstrapping illustration Install O/S Install Docker Kubeadm -- Init Cluster Token Install O/S Install Docker Kubeadm -- Join wait for token 1 2 3 4 5 Install O/S Install Docker Kubeadm -- Join wait for token Install O/S Install Docker Kubeadm -- Join wait for token Install O/S Install Docker Kubeadm -- Join wait for token node01 node02 node03 node04 nodeN
14 #KubeCon - @zehicle A bootstrapping illustration Install O/S Install Docker Kubeadm -- Init Cluster Token Install O/S Install Docker Kubeadm -- Join wait for token 1 2 3 4 5 Install O/S Install Docker Kubeadm -- Join wait for token Install O/S Install Docker Kubeadm -- Join wait for token Install O/S Install Docker Kubeadm -- Join wait for token node01 node02 node03 node04 nodeN
PSA: THIS IS NOT A NEW INSTALLER At RackN, we push back against the distro installer wars (ala OpenStack). We believe that Kubernetes install tooling should be a shared community investment.
Demo! Kubeadm Rebar Immutable Bootstrap
Pretty Cool! But... There is more to do ● Adding Nodes requires Token ● Adding Kubelet requires Configuration ● Cluster API (Orchestrating Update)
18 #KubeCon - @zehicle Benefits! 1. Immutable Configuration 2. Auto Scaling 3. Faster Node Install 4. Centralized Configuration of Cluster 5. Coordinated Upgrades Still requires coordination / synchronization https://kubernetes.io/docs/admin/admission-controllers/ Node Admission
19 #KubeCon - @zehicle NOT Node specific! Admission control provides an API mechanism to block creation of new objects. In this case, Admission would allow an external system to validate that new nodes are known and trusted. HSM: Hardware Signing Module Node Admission Kubelet API Server External Node Validation 1 Install 2Create 3 Confirm 5Allow 4 Verify
20 #KubeCon - @zehicle HSM: Hardware Signing Module Node Admission with HSM Kubelet API Server External Node Validation 1 Install 2Create 3 Confirm 5Allow 4 Verify PKI A Pass Token B Encrypt Token Encrypted Token E Encrypted Token FEncrypted Token GVerfiy HSM ensures unique identy of machine by signing secret token. Only token creater (PKI) and machine know the secret. API Server cannot read or validate internally. C Public Key
21 #KubeCon - @zehicle Frankly, RackN is on the fence. If injecting a join cluster token then the external system has already verified the new node. Is Node Admission Needed?
22 #KubeCon - @zehicle https://kubernetes.io/docs/tasks/administer-cluster/reconfigure-kubelet/ Kubelet Dynamic Configuration We want to eliminate external configuration tools. Kubernetes is already a system configuration database! Can’t we just use that capability to bootstrap the system? Then we have fewer tools to learn and managed! (IMHO, this is known as a the bootstrap fallacy)
23 #KubeCon - @zehicle Ideally, it would be like this... 1. Centrally Configurate 2. Install Kubelet 3. Allow Kubelet to Register 4. Kubelet Configures itself Kubelet2 Install 3Reg 4Config API Server1 Config
24 #KubeCon - @zehicle https://kubernetes.io/docs/tasks/administer-cluster/reconfigure-kubelet/ Kubelet Dynamic Configuration 1. Install Node and Kubelet 2. Configure Kubelet 3. Allow Kubelet to Register 4. Register Configuration in API 5. Reconfigure Kubelet to use configuration from API 6. Manage configuration from API Kubelet 1 Install 3Reg 6Config API Server 2 Config 4 Config 5 ReConfig
25 #KubeCon - @zehicle Frankly, RackN is on the fence. Since we have to boostrap a node with some configuration, there is not much difference between some and all configuration. We have not eliminated configuration. Is Dynamic Configuration Needed?
We’re Making Great Progress! We can automatically bootstrap a cluster using open community tools with minimal configuration. And we have room to improve.
Thank you Join In! http://rebar.digital Follow: ● Rob Hirschfeld > @zehicle ● RackN > @rackngo ● Digital Rebar > @digitalrebar ● Cluster Ops SIG > http://bit.ly/k8sclops

Empfohlen

#SREcon Immutable Infrastructure: rethinking configuration mgmt
#SREcon Immutable Infrastructure: rethinking configuration mgmt#SREcon Immutable Infrastructure: rethinking configuration mgmt
#SREcon Immutable Infrastructure: rethinking configuration mgmtrhirschfeld
 
What is Digital Rebar Provision (and how RackN extends)?
What is Digital Rebar Provision (and how RackN extends)?What is Digital Rebar Provision (and how RackN extends)?
What is Digital Rebar Provision (and how RackN extends)?rhirschfeld
 
KubeCon 2017 Zero Touch Provision
KubeCon 2017 Zero Touch ProvisionKubeCon 2017 Zero Touch Provision
KubeCon 2017 Zero Touch ProvisionRackN
 
Infrastructure as code
Infrastructure as codeInfrastructure as code
Infrastructure as codeAxel Quack
 
Relay: The Next Leg, Eric Sorenson, Puppet
Relay: The Next Leg, Eric Sorenson, PuppetRelay: The Next Leg, Eric Sorenson, Puppet
Relay: The Next Leg, Eric Sorenson, PuppetPuppet
 
Docker for developers on mac and windows
Docker for developers on mac and windowsDocker for developers on mac and windows
Docker for developers on mac and windowsDocker, Inc.
 
"On-premises" FaaS on Kubernetes
"On-premises" FaaS on Kubernetes"On-premises" FaaS on Kubernetes
"On-premises" FaaS on KubernetesAlex Casalboni
 
CI Implementation with Kubernetes at LivePerson by Saar Demri
CI Implementation with Kubernetes at LivePerson by Saar DemriCI Implementation with Kubernetes at LivePerson by Saar Demri
CI Implementation with Kubernetes at LivePerson by Saar DemriDoiT International
 

Empfohlen

#SREcon Immutable Infrastructure: rethinking configuration mgmt
#SREcon Immutable Infrastructure: rethinking configuration mgmt#SREcon Immutable Infrastructure: rethinking configuration mgmt
#SREcon Immutable Infrastructure: rethinking configuration mgmtrhirschfeld
 
What is Digital Rebar Provision (and how RackN extends)?
What is Digital Rebar Provision (and how RackN extends)?What is Digital Rebar Provision (and how RackN extends)?
What is Digital Rebar Provision (and how RackN extends)?rhirschfeld
 
KubeCon 2017 Zero Touch Provision
KubeCon 2017 Zero Touch ProvisionKubeCon 2017 Zero Touch Provision
KubeCon 2017 Zero Touch ProvisionRackN
 
Infrastructure as code
Infrastructure as codeInfrastructure as code
Infrastructure as codeAxel Quack
 
Relay: The Next Leg, Eric Sorenson, Puppet
Relay: The Next Leg, Eric Sorenson, PuppetRelay: The Next Leg, Eric Sorenson, Puppet
Relay: The Next Leg, Eric Sorenson, PuppetPuppet
 
Docker for developers on mac and windows
Docker for developers on mac and windowsDocker for developers on mac and windows
Docker for developers on mac and windowsDocker, Inc.
 
"On-premises" FaaS on Kubernetes
"On-premises" FaaS on Kubernetes"On-premises" FaaS on Kubernetes
"On-premises" FaaS on KubernetesAlex Casalboni
 
CI Implementation with Kubernetes at LivePerson by Saar Demri
CI Implementation with Kubernetes at LivePerson by Saar DemriCI Implementation with Kubernetes at LivePerson by Saar Demri
CI Implementation with Kubernetes at LivePerson by Saar DemriDoiT International
 
Effective Building your Platform with Kubernetes == Keep it Simple
Effective Building your Platform with Kubernetes == Keep it Simple Effective Building your Platform with Kubernetes == Keep it Simple
Effective Building your Platform with Kubernetes == Keep it Simple Wojciech BarczyƄski
 
Kubernetes the Very Hard Way. Lisa Portland 2019
Kubernetes the Very Hard Way. Lisa Portland 2019Kubernetes the Very Hard Way. Lisa Portland 2019
Kubernetes the Very Hard Way. Lisa Portland 2019Laurent Bernaille
 
Tectonic Summit 2016: The Origins of Kubernetes
Tectonic Summit 2016: The Origins of KubernetesTectonic Summit 2016: The Origins of Kubernetes
Tectonic Summit 2016: The Origins of KubernetesCoreOS
 
Distributed tensorflow on kubernetes
Distributed tensorflow on kubernetesDistributed tensorflow on kubernetes
Distributed tensorflow on kubernetesinwin stack
 
TIAD : Automating the aplication lifecycle
TIAD : Automating the aplication lifecycleTIAD : Automating the aplication lifecycle
TIAD : Automating the aplication lifecycleThe Incredible Automation Day
 
Continuous Integration with Cloud Foundry Concourse and Docker on OpenPOWER
Continuous Integration with Cloud Foundry Concourse and Docker on OpenPOWERContinuous Integration with Cloud Foundry Concourse and Docker on OpenPOWER
Continuous Integration with Cloud Foundry Concourse and Docker on OpenPOWERIndrajit Poddar
 
What is serveless?
What is serveless? What is serveless?
What is serveless? Provectus
 
OSDN: Serverless technologies with Kubernetes
OSDN: Serverless technologies with Kubernetes OSDN: Serverless technologies with Kubernetes
OSDN: Serverless technologies with Kubernetes Provectus
 
Cloud Foundry Summit 2015: Managing Multiple Cloud with a Single BOSH Deploym...
Cloud Foundry Summit 2015: Managing Multiple Cloud with a Single BOSH Deploym...Cloud Foundry Summit 2015: Managing Multiple Cloud with a Single BOSH Deploym...
Cloud Foundry Summit 2015: Managing Multiple Cloud with a Single BOSH Deploym...VMware Tanzu
 
Autoscaling Kubernetes
Autoscaling KubernetesAutoscaling Kubernetes
Autoscaling Kubernetescraigbox
 
An Introduction into Bosh | anynines
An Introduction into Bosh | anynines An Introduction into Bosh | anynines
An Introduction into Bosh | anynines anynines GmbH
 
[Hands-on] Kubernetes | Nov 18, 2017
[Hands-on] Kubernetes | Nov 18, 2017[Hands-on] Kubernetes | Nov 18, 2017
[Hands-on] Kubernetes | Nov 18, 2017Oracle Korea
 
Challenges of Kubernetes On-premise Deployment
Challenges of Kubernetes On-premise DeploymentChallenges of Kubernetes On-premise Deployment
Challenges of Kubernetes On-premise DeploymentVietnam Open Infrastructure User Group
 
To Build My Own Cloud with Blackjack

To Build My Own Cloud with Blackjack
To Build My Own Cloud with Blackjack

To Build My Own Cloud with Blackjack
Sergey Dzyuban
 
Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!
Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!
Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!smalltown
 
Achieving Continuous Delivery: An Automation Story
Achieving Continuous Delivery: An Automation StoryAchieving Continuous Delivery: An Automation Story
Achieving Continuous Delivery: An Automation Storyjimi-c
 
How to Achieve Canary Deployment on Kubernetes
How to Achieve Canary Deployment on KubernetesHow to Achieve Canary Deployment on Kubernetes
How to Achieve Canary Deployment on KubernetesHanLing Shen
 
Zero downtime deployment of micro-services with Kubernetes
Zero downtime deployment of micro-services with KubernetesZero downtime deployment of micro-services with Kubernetes
Zero downtime deployment of micro-services with KubernetesWojciech BarczyƄski
 
Quick and Solid - Baremetal on OpenStack | Rico Lin
Quick and Solid - Baremetal on OpenStack | Rico LinQuick and Solid - Baremetal on OpenStack | Rico Lin
Quick and Solid - Baremetal on OpenStack | Rico LinVietnam Open Infrastructure User Group
 
Oracle meetup kubernetes_171118
Oracle meetup kubernetes_171118Oracle meetup kubernetes_171118
Oracle meetup kubernetes_171118Oracle Korea
 
Kubernetes - Sailing a Sea of Containers
Kubernetes - Sailing a Sea of ContainersKubernetes - Sailing a Sea of Containers
Kubernetes - Sailing a Sea of ContainersKel Cecil
 
Kubernetes
KubernetesKubernetes
KubernetesMeng-Ze Lee
 

Weitere Àhnliche Inhalte

Was ist angesagt?

Effective Building your Platform with Kubernetes == Keep it Simple
Effective Building your Platform with Kubernetes == Keep it Simple Effective Building your Platform with Kubernetes == Keep it Simple
Effective Building your Platform with Kubernetes == Keep it Simple Wojciech BarczyƄski
 
Kubernetes the Very Hard Way. Lisa Portland 2019
Kubernetes the Very Hard Way. Lisa Portland 2019Kubernetes the Very Hard Way. Lisa Portland 2019
Kubernetes the Very Hard Way. Lisa Portland 2019Laurent Bernaille
 
Tectonic Summit 2016: The Origins of Kubernetes
Tectonic Summit 2016: The Origins of KubernetesTectonic Summit 2016: The Origins of Kubernetes
Tectonic Summit 2016: The Origins of KubernetesCoreOS
 
Distributed tensorflow on kubernetes
Distributed tensorflow on kubernetesDistributed tensorflow on kubernetes
Distributed tensorflow on kubernetesinwin stack
 
Continuous Integration with Cloud Foundry Concourse and Docker on OpenPOWER
Continuous Integration with Cloud Foundry Concourse and Docker on OpenPOWERContinuous Integration with Cloud Foundry Concourse and Docker on OpenPOWER
Continuous Integration with Cloud Foundry Concourse and Docker on OpenPOWERIndrajit Poddar
 
What is serveless?
What is serveless? What is serveless?
What is serveless? Provectus
 
OSDN: Serverless technologies with Kubernetes
OSDN: Serverless technologies with Kubernetes OSDN: Serverless technologies with Kubernetes
OSDN: Serverless technologies with Kubernetes Provectus
 
Cloud Foundry Summit 2015: Managing Multiple Cloud with a Single BOSH Deploym...
Cloud Foundry Summit 2015: Managing Multiple Cloud with a Single BOSH Deploym...Cloud Foundry Summit 2015: Managing Multiple Cloud with a Single BOSH Deploym...
Cloud Foundry Summit 2015: Managing Multiple Cloud with a Single BOSH Deploym...VMware Tanzu
 
Autoscaling Kubernetes
Autoscaling KubernetesAutoscaling Kubernetes
Autoscaling Kubernetescraigbox
 
An Introduction into Bosh | anynines
An Introduction into Bosh | anynines An Introduction into Bosh | anynines
An Introduction into Bosh | anynines anynines GmbH
 
[Hands-on] Kubernetes | Nov 18, 2017
[Hands-on] Kubernetes | Nov 18, 2017[Hands-on] Kubernetes | Nov 18, 2017
[Hands-on] Kubernetes | Nov 18, 2017Oracle Korea
 
To Build My Own Cloud with Blackjack

To Build My Own Cloud with Blackjack
To Build My Own Cloud with Blackjack

To Build My Own Cloud with Blackjack
Sergey Dzyuban
 
Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!
Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!
Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!smalltown
 
Achieving Continuous Delivery: An Automation Story
Achieving Continuous Delivery: An Automation StoryAchieving Continuous Delivery: An Automation Story
Achieving Continuous Delivery: An Automation Storyjimi-c
 
How to Achieve Canary Deployment on Kubernetes
How to Achieve Canary Deployment on KubernetesHow to Achieve Canary Deployment on Kubernetes
How to Achieve Canary Deployment on KubernetesHanLing Shen
 
Zero downtime deployment of micro-services with Kubernetes
Zero downtime deployment of micro-services with KubernetesZero downtime deployment of micro-services with Kubernetes
Zero downtime deployment of micro-services with KubernetesWojciech BarczyƄski
 
Oracle meetup kubernetes_171118
Oracle meetup kubernetes_171118Oracle meetup kubernetes_171118
Oracle meetup kubernetes_171118Oracle Korea
 

Was ist angesagt? (20)

Effective Building your Platform with Kubernetes == Keep it Simple
Effective Building your Platform with Kubernetes == Keep it Simple Effective Building your Platform with Kubernetes == Keep it Simple
Effective Building your Platform with Kubernetes == Keep it Simple
 
Kubernetes the Very Hard Way. Lisa Portland 2019
Kubernetes the Very Hard Way. Lisa Portland 2019Kubernetes the Very Hard Way. Lisa Portland 2019
Kubernetes the Very Hard Way. Lisa Portland 2019
 
Tectonic Summit 2016: The Origins of Kubernetes
Tectonic Summit 2016: The Origins of KubernetesTectonic Summit 2016: The Origins of Kubernetes
Tectonic Summit 2016: The Origins of Kubernetes
 
Distributed tensorflow on kubernetes
Distributed tensorflow on kubernetesDistributed tensorflow on kubernetes
Distributed tensorflow on kubernetes
 
TIAD : Automating the aplication lifecycle
TIAD : Automating the aplication lifecycleTIAD : Automating the aplication lifecycle
TIAD : Automating the aplication lifecycle
 
Continuous Integration with Cloud Foundry Concourse and Docker on OpenPOWER
Continuous Integration with Cloud Foundry Concourse and Docker on OpenPOWERContinuous Integration with Cloud Foundry Concourse and Docker on OpenPOWER
Continuous Integration with Cloud Foundry Concourse and Docker on OpenPOWER
 
What is serveless?
What is serveless? What is serveless?
What is serveless?
 
OSDN: Serverless technologies with Kubernetes
OSDN: Serverless technologies with Kubernetes OSDN: Serverless technologies with Kubernetes
OSDN: Serverless technologies with Kubernetes
 
Cloud Foundry Summit 2015: Managing Multiple Cloud with a Single BOSH Deploym...
Cloud Foundry Summit 2015: Managing Multiple Cloud with a Single BOSH Deploym...Cloud Foundry Summit 2015: Managing Multiple Cloud with a Single BOSH Deploym...
Cloud Foundry Summit 2015: Managing Multiple Cloud with a Single BOSH Deploym...
 
Autoscaling Kubernetes
Autoscaling KubernetesAutoscaling Kubernetes
Autoscaling Kubernetes
 
An Introduction into Bosh | anynines
An Introduction into Bosh | anynines An Introduction into Bosh | anynines
An Introduction into Bosh | anynines
 
[Hands-on] Kubernetes | Nov 18, 2017
[Hands-on] Kubernetes | Nov 18, 2017[Hands-on] Kubernetes | Nov 18, 2017
[Hands-on] Kubernetes | Nov 18, 2017
 
Challenges of Kubernetes On-premise Deployment
Challenges of Kubernetes On-premise DeploymentChallenges of Kubernetes On-premise Deployment
Challenges of Kubernetes On-premise Deployment
 
To Build My Own Cloud with Blackjack

To Build My Own Cloud with Blackjack
To Build My Own Cloud with Blackjack

To Build My Own Cloud with Blackjack

 
Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!
Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!
Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!
 
Achieving Continuous Delivery: An Automation Story
Achieving Continuous Delivery: An Automation StoryAchieving Continuous Delivery: An Automation Story
Achieving Continuous Delivery: An Automation Story
 
How to Achieve Canary Deployment on Kubernetes
How to Achieve Canary Deployment on KubernetesHow to Achieve Canary Deployment on Kubernetes
How to Achieve Canary Deployment on Kubernetes
 
Zero downtime deployment of micro-services with Kubernetes
Zero downtime deployment of micro-services with KubernetesZero downtime deployment of micro-services with Kubernetes
Zero downtime deployment of micro-services with Kubernetes
 
Quick and Solid - Baremetal on OpenStack | Rico Lin
Quick and Solid - Baremetal on OpenStack | Rico LinQuick and Solid - Baremetal on OpenStack | Rico Lin
Quick and Solid - Baremetal on OpenStack | Rico Lin
 
Oracle meetup kubernetes_171118
Oracle meetup kubernetes_171118Oracle meetup kubernetes_171118
Oracle meetup kubernetes_171118
 

Ähnlich wie Kubecon 2017 Zero Touch Kubernetes

Kubernetes - Sailing a Sea of Containers
Kubernetes - Sailing a Sea of ContainersKubernetes - Sailing a Sea of Containers
Kubernetes - Sailing a Sea of ContainersKel Cecil
 
Kubernetes
KubernetesKubernetes
KubernetesMeng-Ze Lee
 
Learn kubernetes in 90 minutes
Learn kubernetes in 90 minutesLearn kubernetes in 90 minutes
Learn kubernetes in 90 minutesLarry Cai
 
Kubernetes from the ground up
Kubernetes from the ground upKubernetes from the ground up
Kubernetes from the ground upSander Knape
 
Setting up a kubernetes cluster on ubuntu 18.04- loves cloud
Setting up a kubernetes cluster on ubuntu 18.04- loves cloudSetting up a kubernetes cluster on ubuntu 18.04- loves cloud
Setting up a kubernetes cluster on ubuntu 18.04- loves cloudLoves Cloud
 
From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)䜑介 äčćČĄ
 
5 Painless Demos to Get You Started with Kubernetes
5 Painless Demos to Get You Started with Kubernetes5 Painless Demos to Get You Started with Kubernetes
5 Painless Demos to Get You Started with KubernetesAmartus
 
Deploy the blockchain network using kubernetes ap is on google cloud
Deploy the blockchain network using kubernetes ap is on google cloudDeploy the blockchain network using kubernetes ap is on google cloud
Deploy the blockchain network using kubernetes ap is on google cloudAjeet Singh
 
Tectonic Summit 2016: Kubernetes 1.5 and Beyond
Tectonic Summit 2016: Kubernetes 1.5 and BeyondTectonic Summit 2016: Kubernetes 1.5 and Beyond
Tectonic Summit 2016: Kubernetes 1.5 and BeyondCoreOS
 
Setup Kubernetes with flannel on ubuntu platform
Setup Kubernetes with flannel on ubuntu platformSetup Kubernetes with flannel on ubuntu platform
Setup Kubernetes with flannel on ubuntu platformAjeet Singh
 
kubeadm Cluster Creation Internals_ From Self-Hosting to Upgradability and HA...
kubeadm Cluster Creation Internals_ From Self-Hosting to Upgradability and HA...kubeadm Cluster Creation Internals_ From Self-Hosting to Upgradability and HA...
kubeadm Cluster Creation Internals_ From Self-Hosting to Upgradability and HA...ssuser92b4be
 
Setting up CI/CD pipeline with Kubernetes and Kublr step-by-step
Setting up CI/CD pipeline with Kubernetes and Kublr step-by-stepSetting up CI/CD pipeline with Kubernetes and Kublr step-by-step
Setting up CI/CD pipeline with Kubernetes and Kublr step-by-stepOleg Chunikhin
 
Setting up CI/CD Pipeline with Kubernetes and Kublr step by-step
Setting up CI/CD Pipeline with Kubernetes and Kublr step by-stepSetting up CI/CD Pipeline with Kubernetes and Kublr step by-step
Setting up CI/CD Pipeline with Kubernetes and Kublr step by-stepKublr
 
Kubernetes Networking
Kubernetes NetworkingKubernetes Networking
Kubernetes NetworkingCJ Cullen
 
OSS Japan 2019 service mesh bridging Kubernetes and legacy
OSS Japan 2019 service mesh bridging Kubernetes and legacyOSS Japan 2019 service mesh bridging Kubernetes and legacy
OSS Japan 2019 service mesh bridging Kubernetes and legacySteve Wong
 
Kubernetes Architecture with Components
Kubernetes Architecture with Components Kubernetes Architecture with Components
Kubernetes Architecture with ComponentsAjeet Singh
 
The path to a serverless-native era with Kubernetes
The path to a serverless-native era with KubernetesThe path to a serverless-native era with Kubernetes
The path to a serverless-native era with Kubernetessparkfabrik
 
Kubernetes in kubernetes 搭ć»șé«˜ćŻç”šç’°ćąƒ
Kubernetes in kubernetes 搭ć»șé«˜ćŻç”šç’°ćąƒKubernetes in kubernetes 搭ć»șé«˜ćŻç”šç’°ćąƒ
Kubernetes in kubernetes 搭ć»șé«˜ćŻç”šç’°ćąƒinwin stack
 
Run K8s on Local Environment
Run K8s on Local EnvironmentRun K8s on Local Environment
Run K8s on Local EnvironmentGanesh Pol
 

Ähnlich wie Kubecon 2017 Zero Touch Kubernetes (20)

Kubernetes - Sailing a Sea of Containers
Kubernetes - Sailing a Sea of ContainersKubernetes - Sailing a Sea of Containers
Kubernetes - Sailing a Sea of Containers
 
Kubernetes
KubernetesKubernetes
Kubernetes
 
Learn kubernetes in 90 minutes
Learn kubernetes in 90 minutesLearn kubernetes in 90 minutes
Learn kubernetes in 90 minutes
 
Kubernetes from the ground up
Kubernetes from the ground upKubernetes from the ground up
Kubernetes from the ground up
 
Setting up a kubernetes cluster on ubuntu 18.04- loves cloud
Setting up a kubernetes cluster on ubuntu 18.04- loves cloudSetting up a kubernetes cluster on ubuntu 18.04- loves cloud
Setting up a kubernetes cluster on ubuntu 18.04- loves cloud
 
From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)From dev to prod: Kubernetes on AWS (short ver.)
From dev to prod: Kubernetes on AWS (short ver.)
 
5 Painless Demos to Get You Started with Kubernetes
5 Painless Demos to Get You Started with Kubernetes5 Painless Demos to Get You Started with Kubernetes
5 Painless Demos to Get You Started with Kubernetes
 
Deploy the blockchain network using kubernetes ap is on google cloud
Deploy the blockchain network using kubernetes ap is on google cloudDeploy the blockchain network using kubernetes ap is on google cloud
Deploy the blockchain network using kubernetes ap is on google cloud
 
Tectonic Summit 2016: Kubernetes 1.5 and Beyond
Tectonic Summit 2016: Kubernetes 1.5 and BeyondTectonic Summit 2016: Kubernetes 1.5 and Beyond
Tectonic Summit 2016: Kubernetes 1.5 and Beyond
 
Setup Kubernetes with flannel on ubuntu platform
Setup Kubernetes with flannel on ubuntu platformSetup Kubernetes with flannel on ubuntu platform
Setup Kubernetes with flannel on ubuntu platform
 
kubeadm Cluster Creation Internals_ From Self-Hosting to Upgradability and HA...
kubeadm Cluster Creation Internals_ From Self-Hosting to Upgradability and HA...kubeadm Cluster Creation Internals_ From Self-Hosting to Upgradability and HA...
kubeadm Cluster Creation Internals_ From Self-Hosting to Upgradability and HA...
 
Setting up CI/CD pipeline with Kubernetes and Kublr step-by-step
Setting up CI/CD pipeline with Kubernetes and Kublr step-by-stepSetting up CI/CD pipeline with Kubernetes and Kublr step-by-step
Setting up CI/CD pipeline with Kubernetes and Kublr step-by-step
 
Setting up CI/CD Pipeline with Kubernetes and Kublr step by-step
Setting up CI/CD Pipeline with Kubernetes and Kublr step by-stepSetting up CI/CD Pipeline with Kubernetes and Kublr step by-step
Setting up CI/CD Pipeline with Kubernetes and Kublr step by-step
 
Kubernetes Networking
Kubernetes NetworkingKubernetes Networking
Kubernetes Networking
 
OSS Japan 2019 service mesh bridging Kubernetes and legacy
OSS Japan 2019 service mesh bridging Kubernetes and legacyOSS Japan 2019 service mesh bridging Kubernetes and legacy
OSS Japan 2019 service mesh bridging Kubernetes and legacy
 
Kubernetes Architecture with Components
Kubernetes Architecture with Components Kubernetes Architecture with Components
Kubernetes Architecture with Components
 
The path to a serverless-native era with Kubernetes
The path to a serverless-native era with KubernetesThe path to a serverless-native era with Kubernetes
The path to a serverless-native era with Kubernetes
 
Kubernetes in kubernetes 搭ć»șé«˜ćŻç”šç’°ćąƒ
Kubernetes in kubernetes 搭ć»șé«˜ćŻç”šç’°ćąƒKubernetes in kubernetes 搭ć»șé«˜ćŻç”šç’°ćąƒ
Kubernetes in kubernetes 搭ć»șé«˜ćŻç”šç’°ćąƒ
 
Run K8s on Local Environment
Run K8s on Local EnvironmentRun K8s on Local Environment
Run K8s on Local Environment
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101
 

Mehr von rhirschfeld

RackN Physical Layer Automation Innovation
RackN Physical Layer Automation InnovationRackN Physical Layer Automation Innovation
RackN Physical Layer Automation Innovationrhirschfeld
 
Immutable infrastructure & Rethinking Configuration PREVIEW
Immutable infrastructure & Rethinking Configuration PREVIEWImmutable infrastructure & Rethinking Configuration PREVIEW
Immutable infrastructure & Rethinking Configuration PREVIEWrhirschfeld
 
Open Patterns for Day 2 Ops [Gluecon 2017]
Open Patterns for Day 2 Ops [Gluecon 2017]Open Patterns for Day 2 Ops [Gluecon 2017]
Open Patterns for Day 2 Ops [Gluecon 2017]rhirschfeld
 
Interop ITX Kubernetes Presentation
Interop ITX Kubernetes PresentationInterop ITX Kubernetes Presentation
Interop ITX Kubernetes Presentationrhirschfeld
 
OpenStack on Kubernetes (BOS Summit / May 2017 update)
OpenStack on Kubernetes (BOS Summit / May 2017 update)OpenStack on Kubernetes (BOS Summit / May 2017 update)
OpenStack on Kubernetes (BOS Summit / May 2017 update)rhirschfeld
 
SRE vs DevOps vs Cloud Native Preso
SRE vs DevOps vs Cloud Native PresoSRE vs DevOps vs Cloud Native Preso
SRE vs DevOps vs Cloud Native Presorhirschfeld
 
The developer rebellion against infrastructure
The developer rebellion against infrastructureThe developer rebellion against infrastructure
The developer rebellion against infrastructurerhirschfeld
 
IBM Interconnect: Think you can Out Innovate Open Source
IBM Interconnect: Think you can Out Innovate Open SourceIBM Interconnect: Think you can Out Innovate Open Source
IBM Interconnect: Think you can Out Innovate Open Sourcerhirschfeld
 
Joint OpenStack Kubernetes Environment (March 17 update)
Joint OpenStack Kubernetes Environment (March 17 update)Joint OpenStack Kubernetes Environment (March 17 update)
Joint OpenStack Kubernetes Environment (March 17 update)rhirschfeld
 
Kubernetes community demo march 16 2017
Kubernetes community demo march 16 2017Kubernetes community demo march 16 2017
Kubernetes community demo march 16 2017rhirschfeld
 
The Messy Underlay Dilemma - automating PKI at Defragcon
The Messy Underlay Dilemma - automating PKI at DefragconThe Messy Underlay Dilemma - automating PKI at Defragcon
The Messy Underlay Dilemma - automating PKI at Defragconrhirschfeld
 
Joint OpenStack Kubernetes Environment (OpenStack Summit)
Joint OpenStack Kubernetes Environment (OpenStack Summit)Joint OpenStack Kubernetes Environment (OpenStack Summit)
Joint OpenStack Kubernetes Environment (OpenStack Summit)rhirschfeld
 
Containers, orchestration and security, oh my!
Containers, orchestration and security, oh my!Containers, orchestration and security, oh my!
Containers, orchestration and security, oh my!rhirschfeld
 
Gluecon Preso: Hybrid Container Infrastructure
Gluecon Preso: Hybrid Container InfrastructureGluecon Preso: Hybrid Container Infrastructure
Gluecon Preso: Hybrid Container Infrastructurerhirschfeld
 
OpenStack Preso: DevOps on Hybrid Infrastructure
OpenStack Preso: DevOps on Hybrid InfrastructureOpenStack Preso: DevOps on Hybrid Infrastructure
OpenStack Preso: DevOps on Hybrid Infrastructurerhirschfeld
 
OpenServerSummit: Operating Hybrid Infrastructure
OpenServerSummit: Operating Hybrid InfrastructureOpenServerSummit: Operating Hybrid Infrastructure
OpenServerSummit: Operating Hybrid Infrastructurerhirschfeld
 
Git & dev ops come together, right now!
Git & dev ops come together, right now!Git & dev ops come together, right now!
Git & dev ops come together, right now!rhirschfeld
 
Apply, rinse and repeat: avoid the fidelity gap
Apply, rinse and repeat: avoid the fidelity gapApply, rinse and repeat: avoid the fidelity gap
Apply, rinse and repeat: avoid the fidelity gaprhirschfeld
 
Tokyo DefCore Presentation
Tokyo DefCore PresentationTokyo DefCore Presentation
Tokyo DefCore Presentationrhirschfeld
 
Containers all the way down
Containers all the way downContainers all the way down
Containers all the way downrhirschfeld
 

Mehr von rhirschfeld (20)

RackN Physical Layer Automation Innovation
RackN Physical Layer Automation InnovationRackN Physical Layer Automation Innovation
RackN Physical Layer Automation Innovation
 
Immutable infrastructure & Rethinking Configuration PREVIEW
Immutable infrastructure & Rethinking Configuration PREVIEWImmutable infrastructure & Rethinking Configuration PREVIEW
Immutable infrastructure & Rethinking Configuration PREVIEW
 
Open Patterns for Day 2 Ops [Gluecon 2017]
Open Patterns for Day 2 Ops [Gluecon 2017]Open Patterns for Day 2 Ops [Gluecon 2017]
Open Patterns for Day 2 Ops [Gluecon 2017]
 
Interop ITX Kubernetes Presentation
Interop ITX Kubernetes PresentationInterop ITX Kubernetes Presentation
Interop ITX Kubernetes Presentation
 
OpenStack on Kubernetes (BOS Summit / May 2017 update)
OpenStack on Kubernetes (BOS Summit / May 2017 update)OpenStack on Kubernetes (BOS Summit / May 2017 update)
OpenStack on Kubernetes (BOS Summit / May 2017 update)
 
SRE vs DevOps vs Cloud Native Preso
SRE vs DevOps vs Cloud Native PresoSRE vs DevOps vs Cloud Native Preso
SRE vs DevOps vs Cloud Native Preso
 
The developer rebellion against infrastructure
The developer rebellion against infrastructureThe developer rebellion against infrastructure
The developer rebellion against infrastructure
 
IBM Interconnect: Think you can Out Innovate Open Source
IBM Interconnect: Think you can Out Innovate Open SourceIBM Interconnect: Think you can Out Innovate Open Source
IBM Interconnect: Think you can Out Innovate Open Source
 
Joint OpenStack Kubernetes Environment (March 17 update)
Joint OpenStack Kubernetes Environment (March 17 update)Joint OpenStack Kubernetes Environment (March 17 update)
Joint OpenStack Kubernetes Environment (March 17 update)
 
Kubernetes community demo march 16 2017
Kubernetes community demo march 16 2017Kubernetes community demo march 16 2017
Kubernetes community demo march 16 2017
 
The Messy Underlay Dilemma - automating PKI at Defragcon
The Messy Underlay Dilemma - automating PKI at DefragconThe Messy Underlay Dilemma - automating PKI at Defragcon
The Messy Underlay Dilemma - automating PKI at Defragcon
 
Joint OpenStack Kubernetes Environment (OpenStack Summit)
Joint OpenStack Kubernetes Environment (OpenStack Summit)Joint OpenStack Kubernetes Environment (OpenStack Summit)
Joint OpenStack Kubernetes Environment (OpenStack Summit)
 
Containers, orchestration and security, oh my!
Containers, orchestration and security, oh my!Containers, orchestration and security, oh my!
Containers, orchestration and security, oh my!
 
Gluecon Preso: Hybrid Container Infrastructure
Gluecon Preso: Hybrid Container InfrastructureGluecon Preso: Hybrid Container Infrastructure
Gluecon Preso: Hybrid Container Infrastructure
 
OpenStack Preso: DevOps on Hybrid Infrastructure
OpenStack Preso: DevOps on Hybrid InfrastructureOpenStack Preso: DevOps on Hybrid Infrastructure
OpenStack Preso: DevOps on Hybrid Infrastructure
 
OpenServerSummit: Operating Hybrid Infrastructure
OpenServerSummit: Operating Hybrid InfrastructureOpenServerSummit: Operating Hybrid Infrastructure
OpenServerSummit: Operating Hybrid Infrastructure
 
Git & dev ops come together, right now!
Git & dev ops come together, right now!Git & dev ops come together, right now!
Git & dev ops come together, right now!
 
Apply, rinse and repeat: avoid the fidelity gap
Apply, rinse and repeat: avoid the fidelity gapApply, rinse and repeat: avoid the fidelity gap
Apply, rinse and repeat: avoid the fidelity gap
 
Tokyo DefCore Presentation
Tokyo DefCore PresentationTokyo DefCore Presentation
Tokyo DefCore Presentation
 
Containers all the way down
Containers all the way downContainers all the way down
Containers all the way down
 

KĂŒrzlich hochgeladen

Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel AraĂșjo
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 

KĂŒrzlich hochgeladen (20)

Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 

Kubecon 2017 Zero Touch Kubernetes

  • 1. Zero-Configuration Pattern Provisioning Kubernetes on Unmanaged Infrastructure Rob @zehicle Hirschfeld, RackN November, 2017
  • 2. Hang on to your Hats! Krazy New Stuff ● Immutable Bootstrap (demo!) ● Node Admission (v1.7) ● Dynamic Kubelet (v1.8)
  • 3. 3 #KubeCon - @zehicle Rob Hirschfeld (@zehicle) Involved in Kubernetes since launch Co-chair of Cluster Ops SIG Co-Founder of RackN & Digital Rebar Project We focus on operations automation for bare metal
  • 4. 4 #KubeCon - @zehicle We’ve been using Kubespray since Kubernetes v1.2 But first
 Kubespray ● Very Solid Ansible Playbook ● Strong Community ● Amazing Features like HA & Upgrade HTTP://bit.ly/SYDkubespray But
.
  • 5. 5 #KubeCon - @zehicle Why not Kubespray? We’d like to do better! ● No Centralized Orchestration ● No Inventory Building ● No SSH ● Immutable Booting ● and, much FASTER I don’t always Ansible, but when I do Ansible, I use Kubespray.
  • 6. 6 #KubeCon - @zehicle Let’s get Immutable! What? ● Create, Destroy & Repeat ● Machines recreated, not updated ● Typically “Pre-Baked” images Why? ● Very repeatable and predictable installation ● Simpler node configuration ● Faster deploy time
  • 7. 7 #KubeCon - @zehicle Community converging to single install utility! Leveraging Kubeadm Basic Three Step Cluster Initialization: 1. Initialize Master 2. Retrieve Token from Initialize 3. Join Nodes with Token Still requires coordination / synchronization
  • 8. 8 #KubeCon - @zehicle We need to build underlay infrastructure But First, Kubeadm Prereqs Basic Three Step Underlay: 1. install operating system with network access 2. attach disks (optional?!) 3. install Docker on the machine Oh, and we need to have some control mechanism on the nodes too.
  • 9. 9 #KubeCon - @zehicle A bootstrapping illustration node01 node02 node03 node04
  • 10. 10 #KubeCon - @zehicle A bootstrapping illustration Install O/S Install Docker Install O/S Install Docker 1 2 Install O/S Install Docker Install O/S Install Docker node01 node02 node03 node04 Install Stage
  • 11. 11 #KubeCon - @zehicle A bootstrapping illustration Install O/S Install Docker Kubeadm -- Init Cluster Token Install O/S Install Docker 1 2 3 4 Install O/S Install Docker Install O/S Install Docker node01 node02 node03 node04 master node (random or selected)
  • 12. 12 #KubeCon - @zehicle A bootstrapping illustration Install O/S Install Docker Kubeadm -- Init Cluster Token Install O/S Install Docker Kubeadm -- Join wait for token 1 2 3 4 5 Install O/S Install Docker Kubeadm -- Join wait for token Install O/S Install Docker Kubeadm -- Join wait for token node01 node02 node03 node04
  • 13. 13 #KubeCon - @zehicle Later... A bootstrapping illustration Install O/S Install Docker Kubeadm -- Init Cluster Token Install O/S Install Docker Kubeadm -- Join wait for token 1 2 3 4 5 Install O/S Install Docker Kubeadm -- Join wait for token Install O/S Install Docker Kubeadm -- Join wait for token Install O/S Install Docker Kubeadm -- Join wait for token node01 node02 node03 node04 nodeN
  • 14. 14 #KubeCon - @zehicle A bootstrapping illustration Install O/S Install Docker Kubeadm -- Init Cluster Token Install O/S Install Docker Kubeadm -- Join wait for token 1 2 3 4 5 Install O/S Install Docker Kubeadm -- Join wait for token Install O/S Install Docker Kubeadm -- Join wait for token Install O/S Install Docker Kubeadm -- Join wait for token node01 node02 node03 node04 nodeN
  • 15. PSA: THIS IS NOT A NEW INSTALLER At RackN, we push back against the distro installer wars (ala OpenStack). We believe that Kubernetes install tooling should be a shared community investment.
  • 17. Pretty Cool! But... There is more to do ● Adding Nodes requires Token ● Adding Kubelet requires Configuration ● Cluster API (Orchestrating Update)
  • 18. 18 #KubeCon - @zehicle Benefits! 1. Immutable Configuration 2. Auto Scaling 3. Faster Node Install 4. Centralized Configuration of Cluster 5. Coordinated Upgrades Still requires coordination / synchronization https://kubernetes.io/docs/admin/admission-controllers/ Node Admission
  • 19. 19 #KubeCon - @zehicle NOT Node specific! Admission control provides an API mechanism to block creation of new objects. In this case, Admission would allow an external system to validate that new nodes are known and trusted. HSM: Hardware Signing Module Node Admission Kubelet API Server External Node Validation 1 Install 2Create 3 Confirm 5Allow 4 Verify
  • 20. 20 #KubeCon - @zehicle HSM: Hardware Signing Module Node Admission with HSM Kubelet API Server External Node Validation 1 Install 2Create 3 Confirm 5Allow 4 Verify PKI A Pass Token B Encrypt Token Encrypted Token E Encrypted Token FEncrypted Token GVerfiy HSM ensures unique identy of machine by signing secret token. Only token creater (PKI) and machine know the secret. API Server cannot read or validate internally. C Public Key
  • 21. 21 #KubeCon - @zehicle Frankly, RackN is on the fence. If injecting a join cluster token then the external system has already verified the new node. Is Node Admission Needed?
  • 22. 22 #KubeCon - @zehicle https://kubernetes.io/docs/tasks/administer-cluster/reconfigure-kubelet/ Kubelet Dynamic Configuration We want to eliminate external configuration tools. Kubernetes is already a system configuration database! Can’t we just use that capability to bootstrap the system? Then we have fewer tools to learn and managed! (IMHO, this is known as a the bootstrap fallacy)
  • 23. 23 #KubeCon - @zehicle Ideally, it would be like this... 1. Centrally Configurate 2. Install Kubelet 3. Allow Kubelet to Register 4. Kubelet Configures itself Kubelet2 Install 3Reg 4Config API Server1 Config
  • 24. 24 #KubeCon - @zehicle https://kubernetes.io/docs/tasks/administer-cluster/reconfigure-kubelet/ Kubelet Dynamic Configuration 1. Install Node and Kubelet 2. Configure Kubelet 3. Allow Kubelet to Register 4. Register Configuration in API 5. Reconfigure Kubelet to use configuration from API 6. Manage configuration from API Kubelet 1 Install 3Reg 6Config API Server 2 Config 4 Config 5 ReConfig
  • 25. 25 #KubeCon - @zehicle Frankly, RackN is on the fence. Since we have to boostrap a node with some configuration, there is not much difference between some and all configuration. We have not eliminated configuration. Is Dynamic Configuration Needed?
  • 26. We’re Making Great Progress! We can automatically bootstrap a cluster using open community tools with minimal configuration. And we have room to improve.
  • 27. Thank you Join In! http://rebar.digital Follow: ● Rob Hirschfeld > @zehicle ● RackN > @rackngo ● Digital Rebar > @digitalrebar ● Cluster Ops SIG > http://bit.ly/k8sclops