AlviStack is a Hong Kong based Kubernetes distribution, passing CNCF Kubernetes Conformance Test, and now submitting as CNCF sandbox project. This workshop will share about how AlviStack works, a quick demo with Kubernetes deployment, and some on going public contribution roadmap.
https://2022.hkoscon.org/edisonwong/
10. What is AlviStack?
●
1st
Hong Kong based Kubernetes Distribution
– https://github.com/alvistack/ansible-collection-kubernetes
●
CNCF conformance test passed
– https://github.com/cncf/k8s-conformance/pull/1896
●
DevOps with Ansible
●
Production ready
●
Infra and OS independent
●
Apache License 2.0
11. What is AlviStack? (cont.)
●
GitHub project since 2017
– https://github.com/alvistack/
– Repositories: 509
●
Open Build Service Packages: 733
– https://build.opensuse.org/project/show/home:alvistack
●
Vagrant Boxes: 54
– https://app.vagrantup.com/alvistack
●
Docker Image: 75
– https://hub.docker.com/u/alvistack
19. What is AlviStack? (cont.)
●
Submitting as CNCF certified distribution
– Conformance test with sonobuoy
– Join Linux Foundation and CNCF
– Interview with CNCF China director
– Etc…
21. Packaging with OBS
●
Kubernetes installation is complicated
– Kubernetes package repo conflict with Kubic CRI-O repo
– Missing package dependency for legacy LTS OS
– Latest Kubernetes tool chain may broken and you would
like to rollback to previous release (!?)
– Manual deployment with static binary is always a bad idea
for daily operation management (??)
22.
23. Packaging with OBS (cont.)
●
openSUSE Open Build Service (OBS)
– Handle both RPM and DEB packaging
– Auto rebuild when dependent package get updated
– Provide repo management and package signing
– (HACK) Support multiple version of package within
Single-Fat-Repo
24.
25. Packaging with OBS (cont.)
●
With OBS we package for
– Ansible, Kubernetes, CRI-O, Podman, etc
– Update legacy tool chain from OS
●
Hotfix if required
– Bug report to upstream
– But never wait for upstream (well, sometime endlessly...)
●
Greatly simplify package delivery, dependency management,
configuration changes, install and upgrade, etc etc etc...
26.
27. DevOps with Ansible
●
Ansible is great BUT…
– Kubespary conflict with ceph-ansible...
– Most Ansible Roles are not reusable (ALL-or-
NOTHING)
– Some OS (e.g. openSUSE) support are not
generally available...
28. DevOps with Ansible (cont.)
●
AlviStack copy-cat from Kubespray and ceph-
ansible at the beginning, but improve with:
– Split all Ansible Role as independent and reusable,
e.g. OS bootstrap, SSHD, Python, Ansible, etc
– Add missing OS support
– Individually CI with Vagrant + Libvirt + multiple OS
29. DevOps with Ansible (cont.)
●
Once individual Ansible Role get ready, now
reuse as:
– Bare metal or VM deployment with Ansible
Collection
– Vagrant Box and Docker Image provision with
Packer + Ansible Provisioner
30. DevOps with Ansible (cont.)
●
Production ready Kubernetes with
– CRI: CRI-O + crun (i.e. without Docker)
– CNI: Cilium with network policy support
– CSI: csi-cephfs with PVC RWX support
– Ingress Nginx + cert-manager support
31. CI with Vagrant
●
CI for Ceph + Kubernetes is complicated
– Ceph OSD need a real block device for provision
– Kubernetes need flexible cgroup and network support
– Multiple instances is required for cluster test
●
Most CI platform (e.g. Github Action, GitLab Runner)
default docker-based solution is not suitable
32. CI with Vagrant (cont.)
●
AlviStack combine:
– Github as public repo
– GitLab CI as CI agent
– Self-hosted GitLab Runner with nested virtualization support
– 1st
layer Vagrant Box running each CI individually
– 2nd
layer Vagrant Box for different OS or multiple instances
– (HACK) ALL Vagrant Box running on tmpfs (in-memory!!)
– (HACK) Shared Vagrant Box and GitLab cache with Ceph FS
33.
34. CI with Vagrant (cont.)
●
All CI steps could be implemented with
local development environment
●
Test cases also written in Ansible and
manage with Molecule
35. Why Should I try AlviStack?
●
Design for Hong Kong
●
Infra Independent
●
OS Independent
●
Zero Config with Auto Detect
●
Cost Effective Operation
36. Design for Hong Kong
●
Most HK customer have no choose with
their own infra and OS, e.g.
– Private cloud with VMWare ESXi or OpenStack...
– Public cloud with EKS or AKS or GKE...
– RHEL or Ubuntu or openSUSE or etc etc etc…
37. Design for Hong Kong (cont.)
●
Most HK customer do not care HOW your DR
works BUT asking for 99.99 SLA…
– Yes, Kubernetes is the best answer now a day
– But No, customer only looking for their
application running smoothly, e.g. a Drupal
website as official homepage
38. Infra Independent
●
AlviStack only require standard VM and
networking, e.g. CPU, RAM, Disk,
Networking
●
AlviStack support cooperate network
with outgoing HTTP/HTTPS proxy
39. OS Independent
●
Support legacy LTS OS, e.g.
– Ubuntu 18.04, 20.04
●
Support recent LTS OS, e.g.
– Ubuntu 22.04
●
(Limited) Support upstream rolling release, e.g.
– Debian Testing
40. Zero Config with Auto Detect
●
Default configuration is design for
– 2 core CPU
– 8GB RAM
– All-in-one with CephFS and Kubernetes
●
Auto detect hostname, disk, network interface, etc etc etc…
●
Support override for advanced customization
41. Cost Effective Operation
●
100% Open Source Software
●
Unified user experience
●
Support scale up from All-in-one to multi-
master to additional worker node
●
No vendor lock-in to specific infra or OS
43. Roadmap
●
(WIP) Join Linux Foundation and CNCF
– Submit AlviStack as CNCF sandbox project
●
(WIP) New company (AlviStack) formation for customer paid support service
– Submit new company for HKSTP incubation
●
Recruit co-maintainer with sponsorship
●
Partner with HKOS and CNCF China for community events, e.g.
– Training section
– Workshop
– Special Interest Groups (SIG)
– Case study sharing
45. Contact Us
●
Address: Unit 326, 3/F, Building 16W, No.16 Science Park
West Avenue, Hong Kong Science Park, Shatin, N.T.
●
Phone: +852 3576 3812
●
Fax: +852 3753 3663
●
Email: sales@pantarei-design.com
●
Web: http://pantarei-design.com