10 CLIs I Can Not Live Without!
16:39
Пікірлер
@seanturner7400
@seanturner7400 7 сағат бұрын
Ah yep, didn't know about `envFrom`. Use Kustomize with a `configMapGenerator ` to create a fair number of environment variables across a few different generated config maps, and we're currently loading them line by line.
@Techtips200
@Techtips200 2 күн бұрын
Please cover csi topics and troubleshooting as well
@DevOpsToolkit
@DevOpsToolkit 2 күн бұрын
Adding it to my to-do list...
@PrithviRajKC
@PrithviRajKC 2 күн бұрын
Does the ephemeral storage uses the Node storage to store the data temporarily ?
@DevOpsToolkit
@DevOpsToolkit 2 күн бұрын
`emptyDir` (baked into Kubernetes) does use node storage. There are others that might use external storage for ephemeral volumes. Since storage is implemented through CNI drives, it can be anything and it depends on what your provider has (apart from those like `emptyDir` that are baked-in).
@kUdtiHaEX
@kUdtiHaEX 2 күн бұрын
Prvi!
@amoenus_dev
@amoenus_dev 2 күн бұрын
Really enjoyed this back-to-basics video would love to see more of those❤
@kirkturkey6278
@kirkturkey6278 2 күн бұрын
13:12 -- I have to say, I haven't laughed this hard in some time. LOL My team currently uses the Git Flow and yes, I can confirm, it is maddening. I'm doing what I can to change this. Thank you for such a great video!
@dmitriimrcat
@dmitriimrcat 2 күн бұрын
Viktor, can we call a Kubernetes - cloud operating system?
@DevOpsToolkit
@DevOpsToolkit 2 күн бұрын
I would not call it like that. I think it's more of a base on top of which we or your vendor builds a platform. If you would make an analogy with operating systems, it would be more like a Kernel than an OS distribution. Kernel does not do much by itself but once you compile it and add a bunch of other things you get something like Ubuntu, RedHat OS, Suse, etc.
@JimBrännlund
@JimBrännlund 2 күн бұрын
What about using Helmfile for "bootstrapping" a cluster. eg, installing the initially needed tools/applications (incl. ArgoCD) so once it's bootstrapped, you can use ArgoCD for your own applications?
@DevOpsToolkit
@DevOpsToolkit 2 күн бұрын
That would be using helmfile only for the initial installation of argo CD which would deal with all other apps (including future updates of itself). In such a case, I'm not sure why bother with helmfile and not simply run helm install.
@jimbrannlund4677
@jimbrannlund4677 2 күн бұрын
Thanks for the fast reply! The issue I’m struggling with is how to make it obvious what the preferred order of install/applies are. Also, since Helm can’t handle installing to different namespaces, the dependencies are split in different folders. But it’s possible I’m coming at this the wrong way. I prefer Jsonnet, but we don’t use that at my current job.
@DevOpsToolkit
@DevOpsToolkit 2 күн бұрын
Sync order can be problematic with gitops tools but mostly for Cards created by third party tools. You haven't mentioned that so I'm assuming that's not the your case. For most of other types of resources it should not matter. Kubernetes is asynchronous by nature and resources should get eventually consistent. Part of the reason we're using kubernetes is to avoid orchestration where we decide what is done first, what is second, and so on. The need to define the order of what is done and when it's done often happens when people try to apply the logic from before kubernetes to kubernetes.
@JimBrännlund
@JimBrännlund 2 күн бұрын
@@DevOpsToolkit I guess you mean "Charts" :) And I'm mentioning it now, haha. To be specific when we bootstrap a cluster it's for things like External DNS, Istio, Cert Manager, Metrics Server, ArgoCD etc. So essentially only third party charts. While what you're saying is true, there are some exceptions, specifically w.r.t CRDs. As an example, you can't create a ClusterIssuer until you've applied the Cert Manager chart as that CRD won't exist before it. There are some other examples, where things can get stuck in a bad state due to ill-designed reconciliation loops etc. Granted, those are likely bugs, but it still happens. :) What I like, after a very shallow examination, with Helmfile is that what constitutes (in our case) a bootstrap is very explicitly defined. The question is, is it worth introducing another tool and dependency just for that. :) I really appreciate you taking the time! Merry Christmas!
@DevOpsToolkit
@DevOpsToolkit 2 күн бұрын
Autocorrect keeps changing charts into cards... I honestly think that helmfile is a waste of time. It was great in the past and i used it a lot before we got argo CD and flux. Now it is only a distraction that will lead you to a wrong path. It is incompatible with gitops. Whatever you choose, don't choose to combine both.
@FakhriMrabet
@FakhriMrabet 3 күн бұрын
You talk too much just get into it already
@vaishnokrithika4411
@vaishnokrithika4411 3 күн бұрын
I believe cross plane does work creating helm providers to run helm based packaging in EKS, unfortunately with GKE cluster helm providers doesn’t work because of Google policy of using cloud auth plugin with kubectl. Any insights
@DevOpsToolkit
@DevOpsToolkit 3 күн бұрын
I'm not sure I understood the question. Can you please elaborate?
@IvanRizzante
@IvanRizzante 4 күн бұрын
Thanks for another great video 🎉 I agree that having a clear and most of all tested backup strategy is vital. I don't think that it's a matter of Crossplane vs terraform because terraform can break as anything else and it's state, no matter where it's stored, is the only way you have to manage your resources.
@DryBones111
@DryBones111 4 күн бұрын
Spotify playlists 😄
@kishores8500
@kishores8500 4 күн бұрын
@DevOpsToolkit Can it restore the cross plane composite resources too and I wanted to migrate my cross plane setup from one cluster to another cluster with xrds and the resources deployed it failed . Any best way you can suggest something
@DevOpsToolkit
@DevOpsToolkit 4 күн бұрын
Yes it can. That's what I used as one of the examples in the last video.
@seanmcconkey72
@seanmcconkey72 5 күн бұрын
Utter horse shit. Don't do it.
@ChrisGibbsAus
@ChrisGibbsAus 5 күн бұрын
Thanks for the great Q&A! very informative! Several years ago, we originally picked Swarm for container workloads due to the quicker and easier onboarding experience and less steep learning curve for on-premise workloads that had incredibly simple use-cases. We are still on this platform today but out-growing some of the basic functionality, hearing that "it needs to die", would you care to dive deeper into this idea?
@ChrisGibbsAus
@ChrisGibbsAus 5 күн бұрын
continued watching and funnily enough our exact question that we pondered all those years ago has been answered :)
@DevOpsToolkit
@DevOpsToolkit 5 күн бұрын
Nobody cares about swarm any more. Docker gave up on it and sold it to mirantis. Mirantis bought it mostly to milk it's users a bit longer but is not investing into it either. So, you're using a project that is on life support and that's fine if it's doing what you need it to do just as long as you are not putting any investment into it. Do not put a single hour into swarm since that would be an hour wasted. Use it as-is. P.S. I loved swarm and placed all my bets into it back when it was not sure who will win. However, i had to realize that i lost and move on.
@DryBones111
@DryBones111 5 күн бұрын
It's criminal that AWS doesn't have a good service for these developers who just want it to run, no fuss. Keeps me employed at least.
@markusjohansson4949
@markusjohansson4949 6 күн бұрын
Taskfile does not work as well as Makefile when trying to not do unnecessary work. Makefile uses file timestamp to detect if a target needs to be remade. Taskfile has some basic functionality but does it does not work well enough.
@hellok8s
@hellok8s 6 күн бұрын
Flux HelmRelease CRDsPolicy can manage CRDs, provided the helm chart have crds directory.
@laurentiusjudhianto6631
@laurentiusjudhianto6631 6 күн бұрын
Agree that Kubernetes should be and must be like Hypervisor. Kubernetes is not well understood by alot of dev, becoming an extra work. On top of that, databases (stateful), shared storage and "baking apps" into the containers adds another layer of process to deploy. Its great when jts being used within public cloud. However for onPrem, Kubernetes still runs on just a few physical nodes, kinda limited on the underlying infrastructure config (not really scaling, not really HA, not really redundant). CMIIW
@m19mesoto
@m19mesoto 6 күн бұрын
I like your intro.. 🔥
@perarneng
@perarneng 6 күн бұрын
Agree. Cloudrun is a tech that transparently runs k8s compatible deployments afaik. But in general the missing link here is WebAssembly because then we dont target containers. We build applications and then application orchestors will make more sense. It is coming but it takes some time for the industry to adjust.
@DevOpsToolkit
@DevOpsToolkit 6 күн бұрын
If you are referring to Goigle Cloud Run, it does not use kubernetes.
@perarneng
@perarneng 6 күн бұрын
@DevOpsToolkit True. I remembered it incorrectly. It is knative compatible in its manifests as I understood it. So targeting it could be a good stepping stone to later deploy on k8s+knative 🤩
@DevOpsToolkit
@DevOpsToolkit 6 күн бұрын
Yeah. Knative API, no matter whether self hosted on kubernetes or in Google, is closest to the right abstraction when apps are concerned. It became a bit bloated over time and i still prefer creating my own API but for those looking for a ready-to-go option is is the best we have. The problem, however, are day 2 operations if it's running in kubernetes. Unlike in Google, one would need to know all the underlying tech when running in kubernetes.
@hubstrangers3450
@hubstrangers3450 6 күн бұрын
Thanks...agreed...it should be just part of the OS,
@AymenBenTanfous
@AymenBenTanfous 7 күн бұрын
Would it be possible to manage multiple resources that weren't create by Crossplane via Compositions? I have a large infrastructure composed by EKS clusters and its related AWS resources that I have created via Terraform, and I'm currently testing Crossplane and faced this usecase in order to avoid recreate the whole infra from scratch again and to avoid disruption to the end users.
@DevOpsToolkit
@DevOpsToolkit 7 күн бұрын
If you apply crossplane managed resources that match resources that already exist, crossplane will take control of them.
@DigisDen
@DigisDen 7 күн бұрын
Hi, thanks for the video. I am a great fan of postgres but sometimes need to tun mysql, do you have a recommendation for mysql?
@DevOpsToolkit
@DevOpsToolkit 7 күн бұрын
Have you tried Vitess?
@DigisDen
@DigisDen 7 күн бұрын
@@DevOpsToolkit I haven't tried any mysql in kubernetes, I would usually run the mysql outside of the cluster. I'll definitely take a look at that though, thanks. I have been running the cnpg now for a couple of months after watching your previous video and am very impressed by it so far.
@MattHudsonAtx
@MattHudsonAtx 4 күн бұрын
... Don't?
@guents
@guents 7 күн бұрын
I think the point of the question wasn't if it is possible to run a db on k8s, but if any of the operators out there are reliable enough. My experience is that databases are not designed for such a dynamic environment and an abrupt event often brings the db into an inconsistent state. Is it possible to fix all these issues? Possibly. Has anyone done it... Debatable...
@DevOpsToolkit
@DevOpsToolkit 7 күн бұрын
have you tried cnpg?
@MattHudsonAtx
@MattHudsonAtx 4 күн бұрын
The Crunchy Data postgres operator is pretty solid too
@converter
@converter 7 күн бұрын
Waterfoolish thing 🤣
@prolixalias
@prolixalias 7 күн бұрын
Hey there Viktor! I'm curious how you've managed to get around the error below with teller v2.0.7 and modern .teller.yml format that I borrowed from your crossplane-kubernetes repo: ```Error: Bad service account key: missing field `private_key` at line 9 column 1```
@DevOpsToolkit
@DevOpsToolkit 7 күн бұрын
I don't think I encountered that error. I had others that were caused by 2.x using a new yaml format. I can send you a sample yaml if that helps (it's for gcp).
@prolixalias
@prolixalias 7 күн бұрын
@@DevOpsToolkit Don't you ever sleep? It seems like you're always online... The one I borrowed is below, adjusted to my path/keys: providers: google_secrets_manager: kind: google_secretmanager maps: - id: secrets path: projects/vfarcic keys: upbound-account: UP_ACCOUNT upbound-token: UP_TOKEN aws-access-key-id: AWS_ACCESS_KEY_ID aws-secret-access-key: AWS_SECRET_ACCESS_KEY github-user: GITHUB_USER
@IvanRizzante
@IvanRizzante 8 күн бұрын
Thanks for another great video! I totally agree that running databases on k8s is a mind shifting process more than a challenge itself. Try what it means setting up Postgres + PgPool + Streaming Replication + TLS + Backup and so on by hand and add maintainance on the top, then try what it means writing few lines of yaml and getting the same result done for you by an operator. We're talking about the same difference that there is between going to any hyperscaler and ask "give me a database" and do the job yourself!
@ch4.hayabusa
@ch4.hayabusa 8 күн бұрын
Are there any NoSQL projects like CNPG? I have a hard time imagining Mongo Atlas releasing a competitor for free.
@DevOpsToolkit
@DevOpsToolkit 8 күн бұрын
Not sure... I tend to use mostly PostgreSQL and, occasionally, mySQL which both have Kubernetes-native versions.
@juanbreinlinger
@juanbreinlinger 8 күн бұрын
I can't be more agree with you! Thanks for the video!
@prastamaha4130
@prastamaha4130 8 күн бұрын
But we know that kubernetes has a version lifecycle every 3 months, wouldn't running statefulset like a database be a chellange? especially on services that are sensitive to downtime.
@DevOpsToolkit
@DevOpsToolkit 8 күн бұрын
That would indeed be an issue for DBs that do not run multiple replicas. Still, that is no different from running it outside kubernetes. If you cannot update your VMs for whatever reason you need to keep it as whichever version it is. If you move such a workload to kubernetes, you can still keep kubernetes version fixed. It's not great but it's not worse than without kubernetes.
@LampJustin
@LampJustin 8 күн бұрын
The release cadence is much more relaxed now. AWS and Azure (probably more) started to create LTS versions of kubernetes and just because there's a new kubernetes version, you don't have to upgrade directly. If you have a look into the version skew, you can see that the worker nodes can run 3 minor versions behind. So you could have everything else running v1.31.x and still keep your DB NG in version v1.28.X. When it's eol, just skip all those versions and repeat. To upgrade patch versions you don't even need to drain the whole node, it's enough to restart kubelet and kube-proxy in the new version.
@THEMithrandir09
@THEMithrandir09 8 күн бұрын
In my homelab I provide TrueNAS datsets as PVs/PVCs to k8s for minio and postgres both running in k8s. The nice thing about this is, that I have a git driven k8s cluster using flux and if I want to upgrade I just merge the dependabots PR and if something breaks I just revert the commit and rollback the dataset in TrueNAS Scale.
@gdelignieres
@gdelignieres 2 күн бұрын
Homelab != production ready
@THEMithrandir09
@THEMithrandir09 2 күн бұрын
@gdelignieres never claimed that, just wanted to outline a very clean and simple way to do it.
@perarneng
@perarneng 8 күн бұрын
There has always been the advantage to tap in to the enormous ecosystem around kubernetes such as security, monitoring, policy engines, distributed storage, networking etc. Anything serverside benefits from k8s and its ecosystem 🤩
@wladyx
@wladyx 8 күн бұрын
On my homelab i never upgrade, but do a blue green deployment of clusters, exactly for the same pourpose :)
@SerghijB
@SerghijB 8 күн бұрын
Thank you for sharing your experience! Great and helpful thoughts.
@AlexScherbakov-u3s
@AlexScherbakov-u3s 8 күн бұрын
I really appreciate the awesome videos! Do you happen to have any updates on when the next one will be ready?
@DevOpsToolkit
@DevOpsToolkit 8 күн бұрын
I'm waiting for one of the features to graduate to GA. Once that happens i will do a new chapter/video. Unfortunately, i don't know when that will be.
@ArmenRostamian
@ArmenRostamian 8 күн бұрын
One year later -- would you still recommend Timoni? We're deeply invested into helmfile currently, but helmfile is absolutely excruciating to work with and to debug. It's also really messy if you try to utilize its more "advanced" features...so I'm looking for something else. After looking at KCL, PKL, CUE, YTT and a bunch of others...Tanka and Timoni seemed to stand out the most. What would you say about Timoni a year later? Do you think it's reached "critical mass" adoption, such that it won't slip into obscurity and become unmaintained/archived? Anything you'd recommend over it?
@SuyashSonawane
@SuyashSonawane 8 күн бұрын
Was waiting for this one since your last video on Valero! Thanks for that insight into where Argo falls short. Destroying and re-building clusters rather than in-place upgrades sounds like great practice for DR!
@smthngsmthngsmthngdarkside
@smthngsmthngsmthngdarkside 9 күн бұрын
kubernetes api versions are the same as docker-compose.yml#version field not deps
@sunflash9
@sunflash9 9 күн бұрын
I'm waiting for your up to date, end of the years "best tool for the job" recommendation.
@DevOpsToolkit
@DevOpsToolkit 8 күн бұрын
It's coming... It'll probably be released the first or the second week of January.
@smthngsmthngsmthngdarkside
@smthngsmthngsmthngdarkside 9 күн бұрын
k8s .... > it's as simple as it can get LMAO
@jirityr
@jirityr 9 күн бұрын
Using Velero to backup and restore infrastructure resources created by Crossplane is not very useful. First of all, the backup might not contain the latest state of the resource as described in the video. Second thing is that order of restoration maters. You cannot restore claim together with XR and MR as Crossplane starts creating new XR and MR regardless they been already restored. The right order is to first restore MR, then XR and then the claim. I still think Crossplane is not the right tool for building infrastructure. Terraform is much more reliable and predictable and it keeps the state outside of the cluster (e.g. in a bucket).
@ShamilSattarov
@ShamilSattarov 9 күн бұрын
Create new clusters instead upgrading existing ones - great thought!
@stef9019
@stef9019 9 күн бұрын
Just a sidenote it does keep blowing my mind that out of all tools f*cking Helm became the standard for the K8S landscape... Something about being first... Worst thing is that 80% of Helm users have gaslit themselves into thinking it's okay to work with.
@wladyx
@wladyx 9 күн бұрын
Missed the live one, but very much enjoyed the recording, thank you Viktor and hope to see Scott again, good idea to bring him on as guest!
@DryBones111
@DryBones111 9 күн бұрын
The recovery of crossplane managed resources with non-deterministic external names is really a pain. I really want a better solution to this than Velero. I looked into using crossplane composition functions for this, there's an AWS importer function which kind of works. Need something better though.
@DevOpsToolkit
@DevOpsToolkit 9 күн бұрын
I'm not sure how that could be fixed. Crossplane needs to know what the external name is. Otherwise, it cannot find it. Alternative is to fetch the non-deterministic name from the cluster and add it as `external-name` annotation into the manifest in Git. From there on, Argo CD or Flux would work. However, that can be very time demanding. What could be nice is to have some kind of an operator that would react when MRs are changed and push `external-name` annotation (when it differs from `metadata.name`) to Git. The problem is that I don't see how such an operator could be generic since those would need to be added to Claims which could be based on any schema.
@dam9800
@dam9800 9 күн бұрын
@@DevOpsToolkit I think that the Syngit operator can solve this issue since it pushes the resource after the mutating webhooks execution. By creating a RemoteSyncer that just scope the Crossplane objects
@DevOpsToolkit
@DevOpsToolkit 9 күн бұрын
I have it on my to-do list but did not yet have time to check it out. I'll go through it soon.
@ginjiruu
@ginjiruu 9 күн бұрын
Velero has been most useful for me when (as described in the video) I need to backup something that doesn't already have a better alternative in kubernetes. This is less relevant when using kubernetes in a business environment but pretty useful when using it in a homelab where plenty of stuff just uses sqlite and pvcs or their own weird database interpretation. Most of the time their own docs will just suggest copying the files out of the folder as a backup!
@RonnySharaby
@RonnySharaby 10 күн бұрын
Thank you for the video! While the challenge was well explained, I'm concerned that basing events on replica count might trigger tests on every scaling event. This doesn't seem like the optimal solution for handling such this challenge.
@DevOpsToolkit
@DevOpsToolkit 10 күн бұрын
I'm triggering it (in that video) on ReplicaSets which is not perfect, but still okay in most of the cases (at least when using Deployments). That being said, I don't think that Argo Events is the right tool, but that it is the best we have (among many bad options).
@Kats0unam1
@Kats0unam1 10 күн бұрын
Does using the otel-collector makes sense if you already instrumented your app with Prometheus, Loki and Tempo ?
@DevOpsToolkit
@DevOpsToolkit 10 күн бұрын
Prometheus will fetch metrics from places where metrics exist (e.g. kubernetes API). Your app needs to be instrumented to provide those metrics so you do need to instrument it besides having those tools if you want app-specific metrics to be in Prometheus.
@parashar1505
@parashar1505 10 күн бұрын
amazing video, and such a great content creation technique! You rock, sir!