K8S meetup

Last Saturday on 19th Jan 2019, I attended an interesting event meetup event by name "Joint Meetup with Kubernetes & OpenShift + CloudNativeCon Meetup Group of Bangalore"  jointly hosted by (1) Bangalore CNCF Meetup (2) Docker Bangalore and (3) Kubernetes & Openshift India Community meetup groups

Krishna Kumar (Huawei) shared his experience from recent KubeCon event. He showed the book and asked about "The illustrated Children's guide to k8s" the Phippy story. Surprisingly very few were aware about it. The book was just to spice up KubeCon events. He shared some numbers about event: 

* 8000 people attended it in person, 
* 2000 people attended over live stream
50+ announcements. He covered some major announcements at slidedeck. 
250+ exhibitions
* 47 hands-on session. They are called pre-conf sessions and post-conf sessions.
* Many people wrote excellent recap about Kubecon at their blog. Krishna shared top most 15 recaps in PPT slide deck. 

He noticed, plenty of job posting. All organisations are are hiring k8s experts. 

Everyone is saying K8S is complex. However OpenShift is making it easy. 

At CNCF, all software projects belongs to any one out of three categories of (1) Graduated, (2) Incubating and (3) Sandbox 

He talked about some of the sessions, that he could attend. (1) Operator Framework: It is about adding domain knowledge about how to bring up specific application using custom controller at k8s (2) The session about Helm was for 2.5 hours, out of that 1.5 hour was just for Questions and Answers ! (3) Kustomize is about 1 YMAL refer to multiple YAML files. (4) Application Special Interest Group (APP SIG) (5) CNAB (Cloud Native Application Bundles) 

He also discussed about k8s application deployment : several options and comparison among few options. 

The "k8s day india" event is scheduled at Infosys on March 23. 

Reference: https://www.slideshare.net/mKrishnaKumar1/kubecon-seattle-2018-recap-application-deployment-aspects


Rajkavitha Kodhandapani talked about "Special Interest Groups - Docs". Everyone wants to use k8s, develop tools for k8s. However very few are contributing for k8s documentation. She motivated all to contribute. 

Reference: https://www.slideshare.net/RajakavithaKodhandap/kubecon-2018seattle

Abhishek Kumar discussed about Helm, Airflow scheduler, flower service etc. Helm Chart is about Multiple K8s resources into single logical deployment unit. 

Key concepts about Helm are: 

1. chart
2. repository
3. release

Few commands:

helm create "mychart"
it creates directory tree. Keep all K8s component at respective folder. 

helm install --debug --dry-run "mychart"
it will just show the final templates after setting values. 

"helm search" search on public repository, that has URL : https://kubernetes-charts-incubator.storage.googleapis.com/

helm list
helm delete
helm list --deleted
helm rollback "name" "version number"
helm fetch //just to download 


Suraj Deskmujh from Kinvolk talked about "K8S security updates"

He talked about Service Account. Then recent changes/updates like: 

1. Now every pod gets a different service account. It will valid for fixed limited duration only. 
2. New API
2.1. TokenRequest
2.1. TokenRequestProjection
2.3. BoundServiceAccountTokenVolume
3. RuntimeClass, now we can change docker to rocket, etc. It is still under Work in Progress" stage. 
4. New API
PodSpec : runetimeClassName
5. NodeRestriction
Earlier, it was possible to modify kubelet config from pod. Now node can see only secrets of pods. 
6. Encrypting secret data
aescbc, secretbox, aesgcm, kms
7. Dynamic Audit Backend with AuditSink new API

Now "Bug bounty" program is coming to K8s

He insist all to join slack.k8s.io and channels #in-dev and #in-users




Aditya Konarde from RedHat gave updates from SRE (Site Reliability Engineering) perspective


* K8s is now mature. LTS
* Observability and Life Cycle is importance
* Many vendors to manage k8s cluster
* Serverless, istio, service mesh
* Prometheus used for monitoring k8s. 
* Thanos, Cortex and M3 tools are for long term retention of metrics from Prometheus. 
* New additions: Prometheus Operator, Grafana's Loki (It merges metrics and log), Istio
* The trend is: DaemonSet + kernel patch for monitoring and security within kernel mods. 
* GitOps https://github.com/app-sre/qontract-server


Docker-con update by Ajeet Singh from DellEMC 

He talked about "Docker Desktop" :
  • "Docker for Mac" and "Docker for Windows' are not "Docker Desktop"
  • Docker Desktop supports both Docker Swarm and K8s. We just need to enable it. 
  • Docker Desktop Enterprise edition has app designer interface. 
  • Docker Desktop Enterprise has customize application template. 
  • Docker Desktop Enterprise will be available in 1H 2019. At present only for preview. 
  • As such Linux does not need Docker Desktop. Let it be only for MAC and Windows. 

CNAB (Cloud Native Application Bundle) 


4. No single solution for defining and packaging these Multi-service, Multi-format distributed application. Now CNAB package. 
3. Composite APIs (ARM, Terraform) and tooling
2. Low level APIS (JSON, REST)
1. VM, containers, storage

CNAB is package format specification for bundling, installing and managing distributed apps. It uses technologies : JSON, Docker container, OpenPGP

Duffle is Package manger for cloud. 
Reference : https://github.com/garethr/docker-app-cnab-examples

Docker-assemble builds docker image without using DOCKER_FILE. It analyzes your app, dependencies and give Docker image. It is uiltn on top of buildKit. At present it is enterprise edition feature. It supports many languages including Java.

With Docker application Package, we can push multi-service app, not only Docker image. 
Reference : https://github.com/docker/app

He demonstrated Compose on K8s. Now with Docker Compose file itself, one can deploy using (1) K8s and (2) Docker Swarm  
Compose on K8S guide for minikube / Azure AKS /GKE



He used https://asciinema.org/ to record+play remote Linux CLI session and demonstrated. 


Post a Comment