"Musty Bits" McGeeKubernetes-native etcd secrets encryption using TPM/HSM
They...they implemented my side project...sobbing rn
GitHub - docent-net/cluster-bare-autoscaler: Cluster Bare Autoscaler is a tool that automatically adjusts the size of the bare-metal Kubernetes cluster.
Cluster Bare Autoscaler is a tool that automatically adjusts the size of the bare-metal Kubernetes cluster. - docent-net/cluster-bare-autoscaler
@seanhood there's a few key changes in my design
1. A full, functional programming language for inflating configuration into manifest files. We publish a versioned library of this as an OCI artifact, and any resources or changes the library doesn't support yet can be done by passing a closure/function to an escape hatch.
2. Kubernetes is THE control plane. Anything that would have been terraform is now Crossplane or ACK or whatever operator. No living in two worlds or picking the best-of-the-worst couplings between TF and K8s
3. The control plane desired stare should include any cross-resource dependencies. It's still GitOps but there should be no need for any write back or chore commits. This is where the custom operator comes in, though potentially Kro could work.
After a couple hours of very less-coding and more-pacing-and-thinking I've wrangled the blockers and have started on actual implementation of the cluster autoscaler.
I can see a couple spots that are going to get much more complex - caching informers, backoffs, tracking desired state, and background reconciliation loops.
Exciting at least! Working for hours to change a handful of lines is ....rewarding but also uncomfortable.
Interesting but what-you'd-expect container caching enhancement to Kubernetes architecture.
Does make me wonder if you could do the caching at the content-addressed-storage layer with distributed s3 and data locality via redirects and maybe presigned URLs...
New Cache Hierarchy for Container Images and OCI Artifact in Kub... Toru Komatsu & Hidehito Yabuuchi
Great post on authoring Kubernetes controllers with examples and lots of onward reading
So you wanna write Kubernetes controllers?
Any company using Kubernetes eventually starts looking into developing their custom controllers. After all, what’s not to like about being able to provision resources with declarative configuration: Control loops are fun, and Kubebuilder makes...
KwoK is hilarious to me. Like I *get* why it exists it's just funny to take the ONE, *absolutely* necessary program for a cluster and be like "naaah, we'll mock it"
#k8s #Kubernetes #k8sDev #KubernetesDev
#k8s #Kubernetes #k8sDev #KubernetesDev
Operator works fine against a cluster, testing framework fails.
Tracked it down and the test call to create my Custom Resource wipes the TypeMeta off it. But...why?
Started wrangling this test framework and the moment I got past just getting it working it revealed a bug to me.
Now that's instant gratification.