SlideShare a Scribd company logo

KubeCon EU 2016: Kubernetes and the Potential for Higher Level Interfaces

KubeAcademy
KubeAcademy

The document discusses Kubernetes and its interfaces, emphasizing the significance of user context when interacting with different interfaces such as kubectl, YAML, and dashboards. It highlights various user needs, the roles of developers and operators, and the importance of interoperability within Kubernetes ecosystems. The text also addresses challenges in user interfaces, the utility of Helm for package management, and the stability of APIs within the platform.

Technology
1 of 86
Downloaded 12 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
Kubernetes and the Potential for Higher Level Interfaces Puppet Labs Gareth Rushgrove Ecosystems, APIs and user needs
Gareth Rushgrove @garethr
Gareth Rushgrove
Human and computer interfaces Concepts and demos Ecosystems and interoperability Gareth Rushgrove - - -
The User Interface(s) of Kubernetes What do we mean by user and interface?
The user context matters Gareth Rushgrove
Creating Consuming Gareth Rushgrove - -
Developers Operators Gareth Rushgrove - -
Building something new Running in production Gareth Rushgrove - -
Team size Regulation/compliance Multi-tenancy Infrastructure size Skills and experience Gareth Rushgrove - - - - -
Gareth RushgroveGareth Rushgrove
kubectl is a user interface Gareth Rushgrove
YAML is a user interface Gareth Rushgrove
Gareth Rushgrove Dashboard is a user interface Gareth Rushgrove
The API is a user interface Gareth Rushgrove
Client libraries are a user interface Gareth Rushgrove
Different interfaces are useful in different contexts Gareth Rushgrove
Different people might use different interfaces to achieve different tasks Gareth Rushgrove
Out of the box Just enough user interface
kubectl Gareth Rushgrove
$ kubectl controls the Kubernetes cluster manager. Find more information at https://github.com/kubernetes/kubernetes. Usage: kubectl [flags] kubectl [command] Available Commands: get Display one or many resources describe Show details of a specific resource or group of resources create Create a resource by filename or stdin replace Replace a resource by filename or stdin. patch Update field(s) of a resource by stdin. delete Delete resources by filenames, stdin, resources and names, or by resources and label selector. edit Edit a resource on the server A universal interface for actions on a Kubernetes cluster Gareth Rushgrove
Gareth Rushgrove
YAML Gareth Rushgrove
template: metadata: labels: app: guestbook tier: frontend spec: containers: - name: php-redis image: gcr.io/google_samples/gb-frontend:v4 resources: requests: cpu: 100m memory: 100Mi env: - name: GET_HOSTS_FROM value: dns # If your cluster config does not include a dns service, then to A data format describing desired state Gareth Rushgrove
API wire format as user interface Gareth Rushgrove
But isn’t YAML declarative? And other user interface tales
Yes Gareth Rushgrove
Code plus data has advantages over data alone Gareth Rushgrove
The language to represent the data should be a simple, data-only format such as JSON or YAML, and programmatic modification of this data should be done in a real programming language Gareth Rushgrove Borg, Omega, and Kubernetes, ACM Queue,Volume 14, issue 1 http://queue.acm.org/detail.cfm?id=2898444 “
Avoid repetition Combine external inputs Correctness Abstractions Gareth Rushgrove - - - -
So why are so many people hand writing YAML? Gareth Rushgrove
Changes with kubectle patch diverge from the model $ kubectl patch --help Update field(s) of a resource using strategic merge patch JSON and YAML formats are accepted. Usage: kubectl patch (-f FILENAME | TYPE NAME) -p PATCH [flags] Examples: # Partially update a node using strategic merge patch kubectl patch node k8s-node-1 -p '{"spec":{"unschedulable":true}}' Gareth Rushgrove
$ kubectl apply --help Apply a configuration to a resource by filename or stdin. JSON and YAML formats are accepted. Usage: kubectl apply -f FILENAME [flags] Examples: # Apply the configuration in pod.json to a pod. $ kubectl apply -f ./pod.json And kubectl apply requires the full object serialisation Gareth Rushgrove
A familiar Kubernetes Pod definition in YAML Gareth Rushgrove
What happens if you run the same YAML file twice? Gareth Rushgrove
How many times do you have to repeat the same label? Gareth Rushgrove
kubectl is actually pretty low-level Gareth Rushgrove
kubectl get pod mypod -o yaml | sed 's/(image: myimage):.*$/1:v4/' | kubectl replace -f - This is from the official kubectl help. It pipes to sed. Gareth Rushgrove
Declarative code with an idempotent runtime model Gareth Rushgrove
Describe what you want Gareth Rushgrove
Converge from any state Gareth Rushgrove
The same Kubernetes Pod described in Puppet Gareth Rushgrove
$ puppet apply examples/init.pp --test Info: Loading facts Notice: Compiled catalog for gareths in environment production in 1.24 seconds Info: Applying configuration version '1453298602' Info: Checking if sample-pod exists Info: Creating kubernetes_pod sample-pod Notice: /Stage[main]/Main/Kubernetes_pod[sample-pod]/ensure: created Notice: Applied catalog in 0.23 seconds Running without that Pod already existing will create it Gareth Rushgrove
Running a second time, nothing changes because the Pod already existsGareth Rushgrove $ puppet apply examples/init.pp --test Info: Loading facts Notice: Compiled catalog for garethr in environment production in 1.33 seconds Info: Applying configuration version '1453298688' Info: Checking if sample-pod exists Notice: Applied catalog in 0.15 seconds
$ puppet resource kubernetes_pod sample-pod kubernetes_pod { 'sample-pod': ensure => 'present', metadata => { 'creationTimestamp' => '2016-01-20T14:03:23Z', 'name' => 'sample-pod', 'namespace' => 'default', 'resourceVersion' => '4579', 'selfLink' => '/api/v1/namespaces/default/pods/sample-pod’, 'uid' => '91c8a550-bf7e-11e5-816e-42010af001b1' }, spec => { 'containers' => [{ ‘image' => 'nginx', 'imagePullPolicy' => 'IfNotPresent', 'name' => ‘container-name', 'resources' => {'requests' => {'cpu' => '100m'}}, 'terminationMessagePat [{'mountPath' => '/var/run/secrets/kubernetes.io/serviceaccount', 'name' 'dnsPolicy' => 'ClusterFirst', 'nodeName' => 'gke-guestbook-dc15a31a-nod puppet resource allows for interrogating an existing Kubernetes installationGareth Rushgrove
$ kubectl describe pod sample-pod Name: sample-pod Namespace: default Image(s): nginx Node: gke-guestbook-dc15a31a-node-fyb6/10.240. Start Time: Wed, 20 Jan 2016 14:03:23 +0000 Labels: <none> Status: Running Reason: Message: IP: 10.24.1.7 Replication Controllers: <none> Containers: container-name: Container ID: docker://542389c5b2a98616ba3a8001029bc4a3f00d7c0 Image: nginx Image ID: docker://407195ab8b07 The same information is still accessible via other tooling Gareth Rushgrove
Other programming languages exist Gareth Rushgrove
DEMO
Gareth Rushgrove More details on the official Kubernetes blog Gareth Rushgrove
Imperative Interfaces Pragmatism and familiarity
Gareth Rushgrove
Gareth Rushgrove Deis is an open source PaaS that provides a Heroku- inspired workflow, using Kubernetes under the hoodGareth Rushgrove
Interactive CLI to login Gareth Rushgrove $ deis login http://deis.example.com username: deis password: Logged in as deis
Create configs locally with the CLI Gareth Rushgrove $ deis create Creating application... done, created boring-huntress Git remote deis added
$ git push deis master Counting objects: 95, done. Delta compression using up to 8 threads. Compressing objects: 100% (52/52), done. Writing objects: 100% (95/95), 20.24 KiB | 0 bytes/s, done. Total 95 (delta 41), reused 85 (delta 37) -----> Ruby app detected -----> Compiling Ruby/Rack -----> Using Ruby version: ruby-1.9.3 -----> Installing dependencies using 1.5.2 Running: bundle install --without development:test --path vendor/bundle --binstubs vendor/bundle/bin -j4 --deployment Fetching gem metadata from http://rubygems.org/.......... Fetching additional metadata from http://rubygems.org/.. Using bundler (1.5.2) Installing tilt (1.3.6) Installing rack (1.5.2) The switch to Git for deployment Gareth Rushgrove
Set config using CLI Gareth Rushgrove $ deis config:set FOO=1 BAR=baz && deis config:pull $ cat .env FOO=1 BAR=baz $ echo "TIDE=high" >> .env $ deis config:push Creating config... done, v4 === yuppie-earthman DEIS_APP: yuppie-earthman FOO: 1 BAR: baz TIDE: high
$ deis scale web=8 Scaling processes... but first, coffee! done in 20s === boring-huntress Processes --- web: web.1 up (v2) web.2 up (v2) web.3 up (v2) web.4 up (v2) web.5 up (v2) web.6 up (v2) web.7 up (v2) web.8 up (v2) Scale using the CLI Gareth Rushgrove
Replication Controllers, Services and Pods are implementation details Gareth Rushgrove
Kubernetes is an implementation details from the point of view of the user Gareth Rushgrove
Kubernetes is NOT an implementation details from the point of view of the administrator Gareth Rushgrove
The advantages of familiarity Gareth Rushgrove
The challenges of git as a user interface Gareth Rushgrove
Ecosystems and Interoperability Everyone can play together
Gareth Rushgrove
Package management Gareth Rushgrove
Gareth Rushgrove Helm, a package manager for Kubernetes Gareth Rushgrove
$ helm install redis-cluster ---> Running `kubectl create -f` ... services/redis-sentinel pods/redis-master replicationcontrollers/redis replicationcontrollers/redis-sentinel ---> Done Help provides distribution tools, plus wraps kubectl Gareth Rushgrove
Helm as a user interface Gareth Rushgrove
Gareth Rushgrove Charts as a place to share low level descriptions Gareth Rushgrove
name: jenkins home: https://jenkins-ci.org/ version: 0.2.0 description: The leading open-source continuous integration server. maintainers: - Matt Fisher <mfisher@deis.com> details: Jenkins is the leading open-source continuous integration server. Chart.yaml metadata format Gareth Rushgrove
Gareth Rushgrove Or, what is the Kubernetes equivalent to MPM metadata? Gareth Rushgrove
The importance of sharing metadata Gareth Rushgrove
Metadata as a first class user interface Gareth Rushgrove
If the API is the point of interoperability, how can it evolve safely? Gareth Rushgrove
Gareth Rushgrove Swagger is a specification for describing APIs Gareth Rushgrove
Gareth Rushgrove Now being developed by the Open API Initiative Gareth Rushgrove
"type": "integer", "format": "int32", "description": "The port on each node on which this service is exposed when type=NodePort or LoadBalancer. Usually assigned by the system. If specified, it will be allocated to the service if unused or else creation of the service will fail. Default is to auto-allocate a port if the ServiceType of this Service requires one. More info: http://releases.k8s.io/HEAD/docs/user- guide/services.md#type--nodeport" } } }, "v1.ServiceStatus": { "id": "v1.ServiceStatus", "description": "ServiceStatus represents the current status of a service.", "properties": { "loadBalancer": { "$ref": "v1.LoadBalancerStatus", "description": "LoadBalancer contains the current status of the load-balancer, if one is present." The Kubernetes API spec is ~14,000 lines of JSON Gareth Rushgrove
Some client libraries, including the Puppet module, are generated from the Swagger spec Gareth Rushgrove
Gareth Rushgrove
Standards mean going slow in the right places Gareth Rushgrove
So we can go fast everywhere else Gareth Rushgrove
Conclusions Why Kubernetes as a platform
Interoperable because of a stable set of APIs Gareth Rushgrove
Platforms exposing high level interfaces, without limiting access to lower level ones Gareth Rushgrove
Allow for different use-cases and different life-cycles on the same infrastructure Gareth Rushgrove
Questions? And thanks for listening

More Related Content

What's hot (20)

PDF
Cantainer CI/ CD with Kubernetes
inwin stack
 
PPTX
Kubernetes 101
Stanislav Pogrebnyak
 
PDF
Building kubectl plugins with Quarkus | DevNation Tech Talk
Red Hat Developers
 
PDF
Pluggable Infrastructure with CI/CD and Docker
Bob Killen
 
PPTX
Orchestration tool roundup kubernetes vs. docker vs. heat vs. terra form vs...
Nati Shalom
 
PDF
Kernel load-balancing for Docker containers using IPVS
Docker, Inc.
 
PPTX
KubeCon EU 2016: Multi-Tenant Kubernetes
KubeAcademy
 
PPTX
Kubernetes Introduction
Red Hat Developers
 
PPTX
Scaling Docker Containers using Kubernetes and Azure Container Service
Ben Hall
 
PDF
KubeCon EU 2016: Templatized Application Configuration on OpenShift and Kuber...
KubeAcademy
 
PPTX
Tectonic Summit 2016: Kubernetes 1.5 and Beyond
CoreOS
 
PDF
Kubernetes deep dive - - Huawei 2015-10
Vishnu Kannan
 
PDF
Kubernetes laravel and kubernetes
William Stewart
 
PDF
Kubernetes - Starting with 1.2
William Stewart
 
PPTX
Kubernetes - State of the Union (Q1-2016)
DoiT International
 
PDF
Demystifying the Nuts & Bolts of Kubernetes Architecture
Ajeet Singh Raina
 
PDF
Effective Building your Platform with Kubernetes == Keep it Simple
Wojciech Barczyński
 
PDF
KubeCon EU 2016: ITNW (If This Now What): Orchestrating an Enterprise
KubeAcademy
 
PDF
Kubernetes intro public - kubernetes meetup 4-21-2015
Rohit Jnagal
 
PDF
Kubernetes: The Next Research Platform
Bob Killen
 
Cantainer CI/ CD with Kubernetes
inwin stack
 
Kubernetes 101
Stanislav Pogrebnyak
 
Building kubectl plugins with Quarkus | DevNation Tech Talk
Red Hat Developers
 
Pluggable Infrastructure with CI/CD and Docker
Bob Killen
 
Orchestration tool roundup kubernetes vs. docker vs. heat vs. terra form vs...
Nati Shalom
 
Kernel load-balancing for Docker containers using IPVS
Docker, Inc.
 
KubeCon EU 2016: Multi-Tenant Kubernetes
KubeAcademy
 
Kubernetes Introduction
Red Hat Developers
 
Scaling Docker Containers using Kubernetes and Azure Container Service
Ben Hall
 
KubeCon EU 2016: Templatized Application Configuration on OpenShift and Kuber...
KubeAcademy
 
Tectonic Summit 2016: Kubernetes 1.5 and Beyond
CoreOS
 
Kubernetes deep dive - - Huawei 2015-10
Vishnu Kannan
 
Kubernetes laravel and kubernetes
William Stewart
 
Kubernetes - Starting with 1.2
William Stewart
 
Kubernetes - State of the Union (Q1-2016)
DoiT International
 
Demystifying the Nuts & Bolts of Kubernetes Architecture
Ajeet Singh Raina
 
Effective Building your Platform with Kubernetes == Keep it Simple
Wojciech Barczyński
 
KubeCon EU 2016: ITNW (If This Now What): Orchestrating an Enterprise
KubeAcademy
 
Kubernetes intro public - kubernetes meetup 4-21-2015
Rohit Jnagal
 
Kubernetes: The Next Research Platform
Bob Killen
 

Similar to KubeCon EU 2016: Kubernetes and the Potential for Higher Level Interfaces (20)

PPTX
Kubernetes
Lhouceine OUHAMZA
 
PPTX
Kubernetes: від знайомства до використання у CI/CD
Stfalcon Meetups
 
PPTX
Kubernetes Workshop
loodse
 
PPTX
K8s in 3h - Kubernetes Fundamentals Training
Piotr Perzyna
 
PDF
Kubernetes Basis: Pods, Deployments, and Services
Jian-Kai Wang
 
PDF
$ kubectl hacking @DevOpsCon Berlin 2019
Tobias Schneck
 
PPTX
Introduction kubernetes 2017_12_24
Sam Zheng
 
PDF
Introduction of kubernetes rancher
cyberblack28 Ichikawa
 
PPTX
Kubernetes Introduction
Eric Gustafson
 
PDF
JavaOne 2016: Kubernetes introduction for Java Developers
Rafael Benevides
 
PDF
Kubernetes for Java Developers
Red Hat Developers
 
PPTX
Introduction to Kubernetes
Samuel Dratwa
 
PDF
Multinode kubernetes-cluster
Ram Nath
 
PPTX
Kubernetes is Hard! Lessons Learned Taking Our Apps to Kubernetes by Eldad Assis
AgileSparks
 
PDF
[Podman Special Event] Kubernetes in Rootless Podman
Akihiro Suda
 
PPTX
Introduction to Kubernetes
Paul Czarkowski
 
PDF
A DevOps guide to Kubernetes
Paul Czarkowski
 
PDF
WKSctl: Gitops Management of Kubernetes Clusters
Weaveworks
 
PDF
Kubernetes
Meng-Ze Lee
 
PPTX
Introduction to Kubernetes
Vishal Biyani
 
Kubernetes
Lhouceine OUHAMZA
 
Kubernetes: від знайомства до використання у CI/CD
Stfalcon Meetups
 
Kubernetes Workshop
loodse
 
K8s in 3h - Kubernetes Fundamentals Training
Piotr Perzyna
 
Kubernetes Basis: Pods, Deployments, and Services
Jian-Kai Wang
 
$ kubectl hacking @DevOpsCon Berlin 2019
Tobias Schneck
 
Introduction kubernetes 2017_12_24
Sam Zheng
 
Introduction of kubernetes rancher
cyberblack28 Ichikawa
 
Kubernetes Introduction
Eric Gustafson
 
JavaOne 2016: Kubernetes introduction for Java Developers
Rafael Benevides
 
Kubernetes for Java Developers
Red Hat Developers
 
Introduction to Kubernetes
Samuel Dratwa
 
Multinode kubernetes-cluster
Ram Nath
 
Kubernetes is Hard! Lessons Learned Taking Our Apps to Kubernetes by Eldad Assis
AgileSparks
 
[Podman Special Event] Kubernetes in Rootless Podman
Akihiro Suda
 
Introduction to Kubernetes
Paul Czarkowski
 
A DevOps guide to Kubernetes
Paul Czarkowski
 
WKSctl: Gitops Management of Kubernetes Clusters
Weaveworks
 
Kubernetes
Meng-Ze Lee
 
Introduction to Kubernetes
Vishal Biyani
 
Ad

More from KubeAcademy (20)

PDF
KubeCon EU 2016: Distributed containers in the physical world
KubeAcademy
 
PDF
KubeCon EU 2016:
KubeAcademy
 
PDF
KubeCon EU 2016: ChatOps and Automatic Deployment on Kubernetes
KubeAcademy
 
PDF
KubeCon EU 2016: A Practical Guide to Container Scheduling
KubeAcademy
 
PDF
KubeCon EU 2016: Trading in the Kube
KubeAcademy
 
ODP
KubeCon EU 2016: Integrated trusted computing in Kubernetes
KubeAcademy
 
PDF
KubeCon EU 2016: Leveraging ephemeral namespaces in a CI/CD pipeline
KubeAcademy
 
PPTX
KubeCon EU 2016: Secure, Cloud-Native Networking with Project Calico
KubeAcademy
 
PDF
KubeCon EU 2016: Heroku to Kubernetes
KubeAcademy
 
PPTX
KubeCon EU 2016: Transforming the Government
KubeAcademy
 
PDF
KubeCon EU 2016: Getting the Jobs Done With Kubernetes
KubeAcademy
 
PDF
KubeCon EU 2016: Kubernetes Storage 101
KubeAcademy
 
PDF
KubeCon EU 2016: Using Traffic Control to Test Apps in Kubernetes
KubeAcademy
 
PDF
KubeCon EU 2016: Kubernetes in Production in The New York Times newsroom
KubeAcademy
 
PDF
KubeCon EU 2016: SmartCity IoT on Kubernetes
KubeAcademy
 
PDF
KubeCon EU 2016 Keynote: Pushing Kubernetes Forward
KubeAcademy
 
PDF
KubeCon EU 2016: Creating an Advanced Load Balancing Solution for Kubernetes ...
KubeAcademy
 
PDF
KubeCon EU 2016: Killing containers to make weather beautiful
KubeAcademy
 
PDF
KubeCon EU 2016: Bringing an open source Containerized Container Platform to ...
KubeAcademy
 
PDF
KubeCon EU 2016: "rktnetes": what's new with container runtimes and Kubernetes
KubeAcademy
 
KubeCon EU 2016: Distributed containers in the physical world
KubeAcademy
 
KubeCon EU 2016:
KubeAcademy
 
KubeCon EU 2016: ChatOps and Automatic Deployment on Kubernetes
KubeAcademy
 
KubeCon EU 2016: A Practical Guide to Container Scheduling
KubeAcademy
 
KubeCon EU 2016: Trading in the Kube
KubeAcademy
 
KubeCon EU 2016: Integrated trusted computing in Kubernetes
KubeAcademy
 
KubeCon EU 2016: Leveraging ephemeral namespaces in a CI/CD pipeline
KubeAcademy
 
KubeCon EU 2016: Secure, Cloud-Native Networking with Project Calico
KubeAcademy
 
KubeCon EU 2016: Heroku to Kubernetes
KubeAcademy
 
KubeCon EU 2016: Transforming the Government
KubeAcademy
 
KubeCon EU 2016: Getting the Jobs Done With Kubernetes
KubeAcademy
 
KubeCon EU 2016: Kubernetes Storage 101
KubeAcademy
 
KubeCon EU 2016: Using Traffic Control to Test Apps in Kubernetes
KubeAcademy
 
KubeCon EU 2016: Kubernetes in Production in The New York Times newsroom
KubeAcademy
 
KubeCon EU 2016: SmartCity IoT on Kubernetes
KubeAcademy
 
KubeCon EU 2016 Keynote: Pushing Kubernetes Forward
KubeAcademy
 
KubeCon EU 2016: Creating an Advanced Load Balancing Solution for Kubernetes ...
KubeAcademy
 
KubeCon EU 2016: Killing containers to make weather beautiful
KubeAcademy
 
KubeCon EU 2016: Bringing an open source Containerized Container Platform to ...
KubeAcademy
 
KubeCon EU 2016: "rktnetes": what's new with container runtimes and Kubernetes
KubeAcademy
 
Ad

Recently uploaded (20)

PDF
Smart Trailers 2025 Update with History and Overview
Paul Menig
 
PDF
Building Real-Time Digital Twins with IBM Maximo & ArcGIS Indoors
Safe Software
 
PDF
DevBcn - Building 10x Organizations Using Modern Productivity Metrics
Justin Reock
 
PPTX
OpenID AuthZEN - Analyst Briefing July 2025
David Brossard
 
PPTX
Q2 FY26 Tableau User Group Leader Quarterly Call
lward7
 
PDF
Agentic AI lifecycle for Enterprise Hyper-Automation
Debmalya Biswas
 
PDF
HubSpot Main Hub: A Unified Growth Platform
Jaswinder Singh
 
PDF
Jak MŚP w Europie Środkowo-Wschodniej odnajdują się w świecie AI
dominikamizerska1
 
PDF
SWEBOK Guide and Software Services Engineering Education
Hironori Washizaki
 
PDF
Chris Elwell Woburn, MA - Passionate About IT Innovation
Chris Elwell Woburn, MA
 
PDF
Achieving Consistent and Reliable AI Code Generation - Medusa AI
medusaaico
 
PPTX
COMPARISON OF RASTER ANALYSIS TOOLS OF QGIS AND ARCGIS
Sharanya Sarkar
 
PPTX
From Sci-Fi to Reality: Exploring AI Evolution
Svetlana Meissner
 
PPTX
Webinar: Introduction to LF Energy EVerest
DanBrown980551
 
PDF
HCIP-Data Center Facility Deployment V2.0 Training Material (Without Remarks ...
mcastillo49
 
PDF
How Startups Are Growing Faster with App Developers in Australia.pdf
India App Developer
 
PPTX
AI Penetration Testing Essentials: A Cybersecurity Guide for 2025
defencerabbit Team
 
PDF
Transcript: New from BookNet Canada for 2025: BNC BiblioShare - Tech Forum 2025
BookNet Canada
 
PPTX
AUTOMATION AND ROBOTICS IN PHARMA INDUSTRY.pptx
sameeraaabegumm
 
PDF
July Patch Tuesday
Ivanti
 
Smart Trailers 2025 Update with History and Overview
Paul Menig
 
Building Real-Time Digital Twins with IBM Maximo & ArcGIS Indoors
Safe Software
 
DevBcn - Building 10x Organizations Using Modern Productivity Metrics
Justin Reock
 
OpenID AuthZEN - Analyst Briefing July 2025
David Brossard
 
Q2 FY26 Tableau User Group Leader Quarterly Call
lward7
 
Agentic AI lifecycle for Enterprise Hyper-Automation
Debmalya Biswas
 
HubSpot Main Hub: A Unified Growth Platform
Jaswinder Singh
 
Jak MŚP w Europie Środkowo-Wschodniej odnajdują się w świecie AI
dominikamizerska1
 
SWEBOK Guide and Software Services Engineering Education
Hironori Washizaki
 
Chris Elwell Woburn, MA - Passionate About IT Innovation
Chris Elwell Woburn, MA
 
Achieving Consistent and Reliable AI Code Generation - Medusa AI
medusaaico
 
COMPARISON OF RASTER ANALYSIS TOOLS OF QGIS AND ARCGIS
Sharanya Sarkar
 
From Sci-Fi to Reality: Exploring AI Evolution
Svetlana Meissner
 
Webinar: Introduction to LF Energy EVerest
DanBrown980551
 
HCIP-Data Center Facility Deployment V2.0 Training Material (Without Remarks ...
mcastillo49
 
How Startups Are Growing Faster with App Developers in Australia.pdf
India App Developer
 
AI Penetration Testing Essentials: A Cybersecurity Guide for 2025
defencerabbit Team
 
Transcript: New from BookNet Canada for 2025: BNC BiblioShare - Tech Forum 2025
BookNet Canada
 
AUTOMATION AND ROBOTICS IN PHARMA INDUSTRY.pptx
sameeraaabegumm
 
July Patch Tuesday
Ivanti
 

KubeCon EU 2016: Kubernetes and the Potential for Higher Level Interfaces

  • 1. Kubernetes and the Potential for Higher Level Interfaces Puppet Labs Gareth Rushgrove Ecosystems, APIs and user needs
  • 4. Human and computer interfaces Concepts and demos Ecosystems and interoperability Gareth Rushgrove - - -
  • 5. The User Interface(s) of Kubernetes What do we mean by user and interface?
  • 6. The user context matters Gareth Rushgrove
  • 9. Building something new Running in production Gareth Rushgrove - -
  • 12. kubectl is a user interface Gareth Rushgrove
  • 13. YAML is a user interface Gareth Rushgrove
  • 14. Gareth Rushgrove Dashboard is a user interface Gareth Rushgrove
  • 15. The API is a user interface Gareth Rushgrove
  • 16. Client libraries are a user interface Gareth Rushgrove
  • 17. Different interfaces are useful in different contexts Gareth Rushgrove
  • 18. Different people might use different interfaces to achieve different tasks Gareth Rushgrove
  • 19. Out of the box Just enough user interface
  • 21. $ kubectl controls the Kubernetes cluster manager. Find more information at https://github.com/kubernetes/kubernetes. Usage: kubectl [flags] kubectl [command] Available Commands: get Display one or many resources describe Show details of a specific resource or group of resources create Create a resource by filename or stdin replace Replace a resource by filename or stdin. patch Update field(s) of a resource by stdin. delete Delete resources by filenames, stdin, resources and names, or by resources and label selector. edit Edit a resource on the server A universal interface for actions on a Kubernetes cluster Gareth Rushgrove
  • 24. template: metadata: labels: app: guestbook tier: frontend spec: containers: - name: php-redis image: gcr.io/google_samples/gb-frontend:v4 resources: requests: cpu: 100m memory: 100Mi env: - name: GET_HOSTS_FROM value: dns # If your cluster config does not include a dns service, then to A data format describing desired state Gareth Rushgrove
  • 25. API wire format as user interface Gareth Rushgrove
  • 26. But isn’t YAML declarative? And other user interface tales
  • 28. Code plus data has advantages over data alone Gareth Rushgrove
  • 29. The language to represent the data should be a simple, data-only format such as JSON or YAML, and programmatic modification of this data should be done in a real programming language Gareth Rushgrove Borg, Omega, and Kubernetes, ACM Queue,Volume 14, issue 1 http://queue.acm.org/detail.cfm?id=2898444 “
  • 30. Avoid repetition Combine external inputs Correctness Abstractions Gareth Rushgrove - - - -
  • 31. So why are so many people hand writing YAML? Gareth Rushgrove
  • 32. Changes with kubectle patch diverge from the model $ kubectl patch --help Update field(s) of a resource using strategic merge patch JSON and YAML formats are accepted. Usage: kubectl patch (-f FILENAME | TYPE NAME) -p PATCH [flags] Examples: # Partially update a node using strategic merge patch kubectl patch node k8s-node-1 -p '{"spec":{"unschedulable":true}}' Gareth Rushgrove
  • 33. $ kubectl apply --help Apply a configuration to a resource by filename or stdin. JSON and YAML formats are accepted. Usage: kubectl apply -f FILENAME [flags] Examples: # Apply the configuration in pod.json to a pod. $ kubectl apply -f ./pod.json And kubectl apply requires the full object serialisation Gareth Rushgrove
  • 34. A familiar Kubernetes Pod definition in YAML Gareth Rushgrove
  • 35. What happens if you run the same YAML file twice? Gareth Rushgrove
  • 36. How many times do you have to repeat the same label? Gareth Rushgrove
  • 37. kubectl is actually pretty low-level Gareth Rushgrove
  • 38. kubectl get pod mypod -o yaml | sed 's/(image: myimage):.*$/1:v4/' | kubectl replace -f - This is from the official kubectl help. It pipes to sed. Gareth Rushgrove
  • 39. Declarative code with an idempotent runtime model Gareth Rushgrove
  • 40. Describe what you want Gareth Rushgrove
  • 41. Converge from any state Gareth Rushgrove
  • 42. The same Kubernetes Pod described in Puppet Gareth Rushgrove
  • 43. $ puppet apply examples/init.pp --test Info: Loading facts Notice: Compiled catalog for gareths in environment production in 1.24 seconds Info: Applying configuration version '1453298602' Info: Checking if sample-pod exists Info: Creating kubernetes_pod sample-pod Notice: /Stage[main]/Main/Kubernetes_pod[sample-pod]/ensure: created Notice: Applied catalog in 0.23 seconds Running without that Pod already existing will create it Gareth Rushgrove
  • 44. Running a second time, nothing changes because the Pod already existsGareth Rushgrove $ puppet apply examples/init.pp --test Info: Loading facts Notice: Compiled catalog for garethr in environment production in 1.33 seconds Info: Applying configuration version '1453298688' Info: Checking if sample-pod exists Notice: Applied catalog in 0.15 seconds
  • 45. $ puppet resource kubernetes_pod sample-pod kubernetes_pod { 'sample-pod': ensure => 'present', metadata => { 'creationTimestamp' => '2016-01-20T14:03:23Z', 'name' => 'sample-pod', 'namespace' => 'default', 'resourceVersion' => '4579', 'selfLink' => '/api/v1/namespaces/default/pods/sample-pod’, 'uid' => '91c8a550-bf7e-11e5-816e-42010af001b1' }, spec => { 'containers' => [{ ‘image' => 'nginx', 'imagePullPolicy' => 'IfNotPresent', 'name' => ‘container-name', 'resources' => {'requests' => {'cpu' => '100m'}}, 'terminationMessagePat [{'mountPath' => '/var/run/secrets/kubernetes.io/serviceaccount', 'name' 'dnsPolicy' => 'ClusterFirst', 'nodeName' => 'gke-guestbook-dc15a31a-nod puppet resource allows for interrogating an existing Kubernetes installationGareth Rushgrove
  • 46. $ kubectl describe pod sample-pod Name: sample-pod Namespace: default Image(s): nginx Node: gke-guestbook-dc15a31a-node-fyb6/10.240. Start Time: Wed, 20 Jan 2016 14:03:23 +0000 Labels: <none> Status: Running Reason: Message: IP: 10.24.1.7 Replication Controllers: <none> Containers: container-name: Container ID: docker://542389c5b2a98616ba3a8001029bc4a3f00d7c0 Image: nginx Image ID: docker://407195ab8b07 The same information is still accessible via other tooling Gareth Rushgrove
  • 48. DEMO
  • 49. Gareth Rushgrove More details on the official Kubernetes blog Gareth Rushgrove
  • 52. Gareth Rushgrove Deis is an open source PaaS that provides a Heroku- inspired workflow, using Kubernetes under the hoodGareth Rushgrove
  • 53. Interactive CLI to login Gareth Rushgrove $ deis login http://deis.example.com username: deis password: Logged in as deis
  • 54. Create configs locally with the CLI Gareth Rushgrove $ deis create Creating application... done, created boring-huntress Git remote deis added
  • 55. $ git push deis master Counting objects: 95, done. Delta compression using up to 8 threads. Compressing objects: 100% (52/52), done. Writing objects: 100% (95/95), 20.24 KiB | 0 bytes/s, done. Total 95 (delta 41), reused 85 (delta 37) -----> Ruby app detected -----> Compiling Ruby/Rack -----> Using Ruby version: ruby-1.9.3 -----> Installing dependencies using 1.5.2 Running: bundle install --without development:test --path vendor/bundle --binstubs vendor/bundle/bin -j4 --deployment Fetching gem metadata from http://rubygems.org/.......... Fetching additional metadata from http://rubygems.org/.. Using bundler (1.5.2) Installing tilt (1.3.6) Installing rack (1.5.2) The switch to Git for deployment Gareth Rushgrove
  • 56. Set config using CLI Gareth Rushgrove $ deis config:set FOO=1 BAR=baz && deis config:pull $ cat .env FOO=1 BAR=baz $ echo "TIDE=high" >> .env $ deis config:push Creating config... done, v4 === yuppie-earthman DEIS_APP: yuppie-earthman FOO: 1 BAR: baz TIDE: high
  • 57. $ deis scale web=8 Scaling processes... but first, coffee! done in 20s === boring-huntress Processes --- web: web.1 up (v2) web.2 up (v2) web.3 up (v2) web.4 up (v2) web.5 up (v2) web.6 up (v2) web.7 up (v2) web.8 up (v2) Scale using the CLI Gareth Rushgrove
  • 58. Replication Controllers, Services and Pods are implementation details Gareth Rushgrove
  • 59. Kubernetes is an implementation details from the point of view of the user Gareth Rushgrove
  • 60. Kubernetes is NOT an implementation details from the point of view of the administrator Gareth Rushgrove
  • 62. The challenges of git as a user interface Gareth Rushgrove
  • 66. Gareth Rushgrove Helm, a package manager for Kubernetes Gareth Rushgrove
  • 67. $ helm install redis-cluster ---> Running `kubectl create -f` ... services/redis-sentinel pods/redis-master replicationcontrollers/redis replicationcontrollers/redis-sentinel ---> Done Help provides distribution tools, plus wraps kubectl Gareth Rushgrove
  • 68. Helm as a user interface Gareth Rushgrove
  • 69. Gareth Rushgrove Charts as a place to share low level descriptions Gareth Rushgrove
  • 70. name: jenkins home: https://jenkins-ci.org/ version: 0.2.0 description: The leading open-source continuous integration server. maintainers: - Matt Fisher <[email protected]> details: Jenkins is the leading open-source continuous integration server. Chart.yaml metadata format Gareth Rushgrove
  • 71. Gareth Rushgrove Or, what is the Kubernetes equivalent to MPM metadata? Gareth Rushgrove
  • 72. The importance of sharing metadata Gareth Rushgrove
  • 73. Metadata as a first class user interface Gareth Rushgrove
  • 74. If the API is the point of interoperability, how can it evolve safely? Gareth Rushgrove
  • 75. Gareth Rushgrove Swagger is a specification for describing APIs Gareth Rushgrove
  • 76. Gareth Rushgrove Now being developed by the Open API Initiative Gareth Rushgrove
  • 77. "type": "integer", "format": "int32", "description": "The port on each node on which this service is exposed when type=NodePort or LoadBalancer. Usually assigned by the system. If specified, it will be allocated to the service if unused or else creation of the service will fail. Default is to auto-allocate a port if the ServiceType of this Service requires one. More info: http://releases.k8s.io/HEAD/docs/user- guide/services.md#type--nodeport" } } }, "v1.ServiceStatus": { "id": "v1.ServiceStatus", "description": "ServiceStatus represents the current status of a service.", "properties": { "loadBalancer": { "$ref": "v1.LoadBalancerStatus", "description": "LoadBalancer contains the current status of the load-balancer, if one is present." The Kubernetes API spec is ~14,000 lines of JSON Gareth Rushgrove
  • 78. Some client libraries, including the Puppet module, are generated from the Swagger spec Gareth Rushgrove
  • 80. Standards mean going slow in the right places Gareth Rushgrove
  • 81. So we can go fast everywhere else Gareth Rushgrove
  • 83. Interoperable because of a stable set of APIs Gareth Rushgrove
  • 84. Platforms exposing high level interfaces, without limiting access to lower level ones Gareth Rushgrove
  • 85. Allow for different use-cases and different life-cycles on the same infrastructure Gareth Rushgrove