INDEX
########################################################### 2024-01-05 10:00 ########################################################### Devops Toolkit... How to Create a Complete Internal Developer Platform https://www.youtube.com/watch?v=Rg98GoEHBd4 IDP is an internal dev platform which allows devs to not deal with devops Create a control plane that manages K8s, aws, etc. with interfaces - stored in git A control plane is a single entry point: crossplane (has preloaded features) Anything that is not relevant to people is hidden - customised items is visible kubectl get crds # Lists all the low-level resources for kubernetes kubectl explain CRD_NAME --recursive # Shows documentation about a crd # crossplane/app.yaml apiVersion: devopstoolkitseries.com/v1alpha1 kind: AppClaim metadata: name: silly-demo spec: id: silly-demo compositionSeelctor: matchLabels: type: backend-db-aws location: local parameters: namespace: deveopment image: vfarcic/silly-demo:latest port: 8080 host: acme.com db: version: "14.0" size: medium # Do not interact directly with cluster - apply to git for desired state ArgoCD is a useful tool for managing kubernetes with git tracking helm upgrade --install argocd argo-cd --repo ... --namespace argocd \ --create-namespace --values argocd/helm-values.yaml --wait # Install argocd # Open the website, login and run it kubectl apply --filename argocd/project.yaml kubectl apply --filename argocd/apps.yaml Extend kubernetes with schemas as kubernetes resources - use schemahero Move manfiest files into the infra/ folder, git commit and push Can manage secrets with "external-secrets" - commit manifests for that For a GUI, use Port - give it blueprints, credentials and a manifest for k8 For CI/CD, can use github actions
########################################################### 2024-01-07 18:40 ########################################################### Devops Toolkit... Metacontroller - Custom Kubernetes Controllers https://www.youtube.com/watch?v=3xkLYOpXy2U CRDs and controllers define extensions to kubernetes - main value of ecosystem Metacontroller is an addon to extend CRDs and manage controllers # crds.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: apps.devopstoolkitseries.com spec: group: devopstoolkitseries.com names: kind: App plural: apps singular: app scope: Namespaced versions: - name: v1 served: true storage: true schema: openAPIV3Schema: type: object properties: spec: type: object properties: image: type: string port: type: integer default: 99999 ... [cpuLimit memLimit cpuReq memReq host replicas] required: - image - host subresources: status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: slacks.devopstoolkitseries.com spec: group: devopstoolkitseries.com names: kind: Slack plural: slacks singular: slack shortNames: - sl scope: Cluster versions: - name: v1 served: true storage: true schema: openAPIV3Schema: x-kubernetes-preserve-unknown-fields: true # Can define anything without issue subresources: status: {} kubectl apply -f crds.yaml # Creates "apps" and "slacks" so can create these resources kubectl explain apps --recursive # Explains all spec you can fill in So now you can define resources based on these definitions # slack.yaml apiVersion: devopstoolkitseries.com/v1 kind: Slack metadata: name: apps spec: {} # my-app.yaml apiVersion: devopstoolkitseries.com/v1 kind: App metadata: name: my-app spec: image: vfarcic/silly-demo:1.0.6 port: 8080 host: silly-demo.127.0.0.1.nip.io kubectl apply -f slack.yaml; kubectl apply -n production -f app.yaml But there is no controller that does anything - resources just exist in a database Controllers are split into listeners and actioners # composite-controllers.yaml apiVersion: metacontroller.k8s.io/v1alpha1 kind: CompositeController metadata: name: app spec: generateSelector: true parentResource: # This is the resource that should be listened for apiversion: devopstoolkitseries.com/v1 resource: apps childResources: # What should be created/managed by controller after listening - apiVersion: apps/v1 resource: deployments updateStrategy: method: InPlace - apiVersion: v1 resource: services updateStrategy: method: InPlace - apiVersion: networking.k8s.io/v1 resource: ingresses updateStrategy: method: InPlace hooks: sync: webhook: # Send a hook to something to do an actual action url: http://app-controller.controllers/sync --- apiVersion: metacontroller.k8s.io/v1alpha1 kind: CompositeController metadata: name: slack spec: generateSelector: true parentResource: # When "app" resource is made, send signal to slack controller apiVersion: devopstoolkitseries.com/v1 resource: apps hooks: syc: webhook: url: http://slack-controller.controllers:8080/slack kubectl apply -f composite-controllers.yaml So a composite controller is just a pipeline of making resources with webhooks in the middle Now say there is some app on 8080 that sends data to Slack and a webserver on 80 - anything kubectl -n controllers create configmap app --from-file=app.py # Have a deployment that runs app.py, a service for it and similarly for slack app kubectl -n controllers apply -f controllers.yaml kubectl -n controllers log -selector app=slack-controller # Can see message running kubectl -n production get all,ingresses # See app and ingress is generated automatically # If you update a manifest it will reconfigure all sub-resources # Works the same for deleting in a hierarchy
########################################################### 2024-01-24 23:00 ########################################################### Devops Toolkit... How to Shift Left https://www.youtube.com/watch?v=AtbS1u2j7po Left = end-user communicating development. Right = infrastructure specialist Shift left = enable developers to be more self sufficient with infrastructure Need opinionated systems that are easy to consume by teams on left How can users create clusters for themselves? Can make a basic cluster schema # cluster.yaml apIVersion: devopstoolkitseries.com/v1alpha1 kind: CompositeKubernetesCluster # Very opinionated cluster definition metadata: name: team-a label: cluster-owner: vfarcic spec: compositionRef: name: cluster-google # Could be cluster-aws or cluster-azure parameters: nodeSize: small # Could be large or medium - don't need specifics for cloud # minNodeCount: 2 # Will be allowed to scale writeConnectionSecretToRef: namespace: team-a # Store secrets relative to a namespace (named BY the infra team) name: cluster kubectl apply -f cluster.yaml # Better, should push this to git and some other tool runs it # definition.yaml (defines the interface used by others to create infrastructure) apiVersion: apiextensions.crossplane.io/v1 kind: CompositeResourceDefinition # Can be used by providers to build ... properties: version: description: The Kubernetes version for the cluster type: string nodeSize: description: he size of all nodes; small, medium, large type: string minNodeCount: description: The minimum number of nodes type: integer default: 1 required: - nodeSize # So only the nodeSize is required to be set ... additionalPrinterColumns: - name: clusterName type: string jsonPath: ".status.clusterName" - name: controlPlane type: string jsonPath: ".status.clusterPlaneStatus" - name: odePool type: string jsonPath: ".status.nodePoolStatus" # azure.yaml (provider definition) apiVersion: apiextensions.crossplane.io/v1 kind: Composition ... spec: compositeTypeRef: apiversion: devopstoolkitseries.com/v1alpha1 kind: CompositeKubernetesCluster patchSets: - name: metadata patches: - fromFieldPath: metadata.labels resources: - name: resourcegroup base: apiVersion: azure.crossplane.io/v1alpha3 kind: ResourceGroup spec: location: eastus patches: - type: ToCompositeFieldPath fromfieldPath: metadata.name toFieldPath: metadata.labels.resourcegroup With crossplane compositions you map yaml definitions to resources (e.g. small = t2.micro) Can configure cluster in any opinionated way, for different providers kubectl get compositekubernetescluster # Get info about a custom made cluster # Can also set what columns are displayed by kubectl Essentially lets you manage AWS resources using kubernetes resource definitions So deleting this "cluster" resource actually removes AWS resources # Extract secret key for cluster from aws server kubectl -n team-a get secret cluster --output jsonpath="{.data.kubeconfig}" | base64 -d