SlideShare a Scribd company logo

Kubernetes API code-base tour

S
Stefan Schimanski

Kubernetes contributor summit code-base tour of how to implement APIs.

Software
1 of 28
Download to read offline
API Codebase Tour Stefan Schimanski / @the_sttts / Red Hat Hacking the kube-apiserver
Defining API types
v1alpha1 types: staging/src/k8s.io/api/auditregistration/v1alpha1 • types.go – actual Golang types (with JSON and Proto tags) • register.go – registration code: AddToScheme internal types: pkg/apis/auditregistration • types.go – internal (hub) Golang types (without JSON/Proto) • register.go – registration code: AddToScheme Installer: pkg/apis/auditregistration/install: func Install(scheme *runtime.Scheme) Golang types
Scheme: register Golang types & Golang funcs w/ GroupVersionKind k8s.io/apimachinery/pkg/runtime.Scheme GroupVersionKinds conversions defaulters reflect.Type Scheme Codec
v1alpha1 types: staging/src/k8s.io/api/auditregistration/v1alpha1 • types.go – actual Golang types (with JSON and Proto tags) • register.go – registration code: AddToScheme internal types: pkg/apis/auditregistration • types.go – internal (hub) Golang types (without JSON/Proto) • register.go – registration code: AddToScheme Installer: pkg/apis/auditregistration/install: func Install(scheme *runtime.Scheme) Golang types
Conversions: pkg/apis/auditregistration/v1alpha1 • conversion.go – custom conversions • zz_generated.conversion.go – generated conversions Defaults: zz_generated_defaults.go DeepCopy: zz_generated_deepcopy.go Generated Code not in k8s.io/api!
Serving the API
apiserver binary generic apiserver in k8s.io/apiserver 404 authentication authorization impersonation panic recovery request-timeout audit max-in-flight handlerchain mux data flow calls back to knows no API groups yetScheme empty /version /apis /openapi/v2 /swagger.json /healthz /metrics
apiserver binary generic apiserver in k8s.io/apiserver 404 authentication authorization impersonation panic recovery request-timeout audit max-in-flight handlerchain mux data flow calls back to knows no API groups yetScheme empty /version /apis /openapi/v2 /swagger.json /healthz /metrics
func DefaultBuildHandlerChain(apiHandler http.Handler, c *Config) http.Handler { handler := genericapifilters.WithAuthorization(apiHandler, ...) handler = genericfilters.WithMaxInFlightLimit(handler, ...) handler = genericapifilters.WithImpersonation(handler, ...) handler = genericapifilters.WithAudit(handler, ...) failedHandler := genericapifilters.Unauthorized(...) failedHandler = genericapifilters.WithFailedAuthenticationAudit(failedHandler, ...) handler = genericapifilters.WithAuthentication(handler, ..., failedHandler, ...) handler = genericfilters.WithCORS(handler, ...) handler = genericfilters.WithTimeoutForNonLongRunningRequests(handler, ...) handler = genericfilters.WithWaitGroup(handler, ...) handler = genericapifilters.WithRequestInfo(handler, ...) handler = genericfilters.WithPanicRecovery(handler) return handler } k8s.io/apiserver/pkg/server/config.go
kube-apiserver generic apiserver 404 authentication authorization impersonation panic recovery request-timeout audit max-in-flight handlerchain mux data flow calls back to knows no API groups yetScheme /version /apis /openapi/v2 /swagger.json /healthz /metrics core/v1 Podcore/v1 Podcore/v1 Pod
kube-apiserver apiserver 404 resource handler request conversion& defaulting REST logic result conversion validation admission decoding GET CREATE LIST UPDATE DELETE WATCH PATCH encoding mutating webhooks validating webhooks authentication authorization impersonation panic recovery request-timeout audit max-in-flight handlerchain mux data flow calls back to Scheme core/v1 Podcore/v1 Podcore/v1 Pod via InstallAPIGroup(info)
kube-apiserver apiserver resource handlerresource handler 404 resource handler request conversion& defaulting REST logic result conversion validation admission decoding GET CREATE LIST UPDATE DELETE WATCH PATCH encoding mutating webhooks validating webhooks authentication authorization impersonation panic recovery request-timeout audit max-in-flight handlerchain Scheme core/v1 Podcore/v1 Podcore/v1 Pod data flow calls back to mux no storage logic yet
kube-apiserver apiserver resource handlerresource handler 404 etcd resource handler request conversion& defaulting storage conversion & defaulting REST logic result conversion validation admission decoding GET CREATE LIST UPDATE DELETE WATCH PATCH encoding mutating webhooks validating webhooks authentication authorization impersonation panic recovery request-timeout audit max-in-flight handlerchain API Group “core”API Group “core”API Group “core” PodStoragePodStoragePodStorage Generic Registry Pod Strategy - PrepareForUpdate - PrepareForCreate - Validate ... create update ...mux Scheme core/v1 Podcore/v1 Podcore/v1 Pod data flow calls back to
kube-apiserver apiserver resource handlerresource handler 404 etcd resource handler request conversion& defaulting storage conversion & defaulting REST logic result conversion validation admission decoding GET CREATE LIST UPDATE DELETE WATCH PATCH encoding mutating webhooks validating webhooks authentication authorization impersonation panic recovery request-timeout audit max-in-flight handlerchain API Group “core”API Group “core”API Group “core” PodStoragePodStoragePodStorage Generic Registry Pod Strategy - PrepareForUpdate - PrepareForCreate - Validate ... create update ...mux Scheme core/v1 Podcore/v1 Podcore/v1 Pod data flow calls back to v1 v1 v1 int int v1 int v1 int v2 v1 int int v1 hub/internal version
kube-apiserver apiserver resource handlerresource handler 404 etcd resource handler request conversion& defaulting storage conversion & defaulting REST logic result conversion validation admission decoding GET CREATE LIST UPDATE DELETE WATCH PATCH encoding mutating webhooks validating webhooks authentication authorization impersonation panic recovery request-timeout audit max-in-flight handlerchain API Group “core”API Group “core”API Group “core” PodStoragePodStoragePodStorage Generic Registry Pod Strategy - PrepareForUpdate - PrepareForCreate - Validate ... create update ...mux Scheme core/v1 Podcore/v1 Podcore/v1 Pod data flow calls back to conversions defaulting
kube-apiserver CRDs aggregator kube- aggregator & CRDs apiserver resource handlerresource handler 404 etcdaggregated apiservers resource handler request conversion& defaulting storage conversion & defaulting REST logic result conversion validation admission decoding GET CREATE LIST UPDATE DELETE WATCH PATCH encoding mutating webhooks validating webhooks authentication authorization impersonation panic recovery request-timeout audit max-in-flight handlerchain API Group “core”API Group “core”API Group “core” PodStoragePodStoragePodStorage Generic Registry Pod Strategy - PrepareForUpdate - PrepareForCreate - Validate ... create update ...mux Scheme core/v1 Podcore/v1 Podcore/v1 Pod data flow calls back to
kube-apiserver kube- aggregator apiserver resource handlerresource handler 404 etcdaggregated apiservers resource handler request conversion& defaulting storage conversion & defaulting REST logic result conversion validation admission decoding GET CREATE LIST UPDATE DELETE WATCH PATCH encoding mutating webhooks validating webhooks authentication authorization impersonation panic recovery request-timeout audit max-in-flight handlerchain API Group “core”API Group “core”API Group “core” PodStoragePodStoragePodStorage Generic Registry Pod Strategy - PrepareForUpdate - PrepareForCreate - Validate ... create update ...mux Scheme core/v1 Podcore/v1 Podcore/v1 Pod data flow calls back to pkg/registry pkg/apis + k8s.io/api k8s.io/apiserver/pkg/endpoints/handlers k8s.io/apiserver/pkg/admission k8s.io/apiserver/plugin/pkg/admission plugins/pkg/admission k8s.io/apiserver/pkg/endpoints/filters k8s.io/kube-aggregator k8s.io/apiextensions-apiserver k8s.io/apiserver/pkg/storage/etcd3 k8s.io/apiserver/pkg/registry/generic
API Group “core”API Group “core”API Group “auditregistration.k8s.io” PodStoragePodStorageAuditSinkStorage Generic Registry AuditSink Strategy - PrepareForUpdate - PrepareForCreate - Validate ... create update ... staging/src/k8s.io/apiserver/pkg/registry/generic/registry pkg/apis/auditregistration/validation “The registry” of a resource
Plumbing into kube-apiserver pkg/master/import_known_versions.go import ( _ "k8s.io/kubernetes/pkg/apis/auditregistration/install" ) pkg/master/master.go import ( auditregistrationrest "k8s.io/kubernetes/pkg/registry/auditregistration/rest" ) restStorageProviders := []RESTStorageProvider{ auditregistrationrest.RESTStorageProvider{}, autoscalingrest.RESTStorageProvider{}, … } apiserver.InstallAPIs(…, restStorageProviders…) legacyscheme.Scheme installs handlers into the mux func init()
Build system plumbing • hack/.golint_failures ignore lint errors due to generated code • hack/lib/init.sh add to KUBE_AVAILABLE_GROUP_VERSIONS, used by many hack/ scripts • hack/update-generated-protobuf-dockerized.sh generate Protobuf code, independent from KUBE_AVAILABLE_GROUP_VERSIONS for some reason
$ make WHAT=cmd/hyperkube $ RUNTIME_CONFIG=auditregistration.k8s.io/v1alpha1=true hack/local-up-cluster.sh $ kubectl get --raw /apis | grep auditregistration.k8s.io
Live Debugging
kube-apiserver CRDs aggregator kube- aggregator & CRDs apiserver resource handlerresource handler 404 etcdaggregated apiservers resource handler request conversion& defaulting storage conversion & defaulting REST logic result conversion validation admission decoding GET CREATE LIST UPDATE DELETE WATCH PATCH encoding mutating webhooks validating webhooks authentication authorization impersonation panic recovery request-timeout audit max-in-flight handlerchain API Group “core”API Group “core”API Group “core” PodStoragePodStoragePodStorage Generic Registry Pod Strategy - PrepareForUpdate - PrepareForCreate - Validate ... create update ...mux Scheme core/v1 Podcore/v1 Podcore/v1 Pod data flow calls back to
Live Debugging * perfectly written down in xmudrii’s https://xmudrii.com/posts/debugging-kubernetes/ *
kube-apiserver CRDs aggregator kube- aggregator & CRDs apiserver resource handlerresource handler 404 etcdaggregated apiservers resource handler request conversion& defaulting storage conversion & defaulting REST logic result conversion validation admission decoding GET CREATE LIST UPDATE DELETE WATCH PATCH encoding mutating webhooks validating webhooks authentication authorization impersonation panic recovery request-timeout audit max-in-flight handlerchain API Group “core”API Group “core”API Group “core” PodStoragePodStoragePodStorage Generic Registry Pod Strategy - PrepareForUpdate - PrepareForCreate - Validate ... create update ...mux Scheme core/v1 Podcore/v1 Podcore/v1 Pod data flow calls back to
@lavalamp’s “Live API Code Review” after the break

Recommended

Amazon EKS로 간단한 웹 애플리케이션 구축하기 - 김주영 (AWS) :: AWS Community Day Online 2021
Amazon EKS로 간단한 웹 애플리케이션 구축하기 - 김주영 (AWS) :: AWS Community Day Online 2021Amazon EKS로 간단한 웹 애플리케이션 구축하기 - 김주영 (AWS) :: AWS Community Day Online 2021
Amazon EKS로 간단한 웹 애플리케이션 구축하기 - 김주영 (AWS) :: AWS Community Day Online 2021AWSKRUG - AWS한국사용자모임
 
Kubernetes Deployment Strategies
Kubernetes Deployment StrategiesKubernetes Deployment Strategies
Kubernetes Deployment StrategiesAbdennour TM
 
Extending kubernetes with CustomResourceDefinitions
Extending kubernetes with CustomResourceDefinitionsExtending kubernetes with CustomResourceDefinitions
Extending kubernetes with CustomResourceDefinitionsStefan Schimanski
 
Kubecon US 2019: Kubernetes Multitenancy WG Deep Dive
Kubecon US 2019: Kubernetes Multitenancy WG Deep DiveKubecon US 2019: Kubernetes Multitenancy WG Deep Dive
Kubecon US 2019: Kubernetes Multitenancy WG Deep DiveSanjeev Rampal
 
[CNCF TAG-Runtime 2022-10-06] Lima
[CNCF TAG-Runtime 2022-10-06] Lima[CNCF TAG-Runtime 2022-10-06] Lima
[CNCF TAG-Runtime 2022-10-06] LimaAkihiro Suda
 
Kubernetes Architecture - beyond a black box - Part 1
Kubernetes Architecture - beyond a black box - Part 1Kubernetes Architecture - beyond a black box - Part 1
Kubernetes Architecture - beyond a black box - Part 1Hao H. Zhang
 
Kubernetes Networking 101
Kubernetes Networking 101Kubernetes Networking 101
Kubernetes Networking 101Weaveworks
 
Microservices, Kubernetes and Istio - A Great Fit!
Microservices, Kubernetes and Istio - A Great Fit!Microservices, Kubernetes and Istio - A Great Fit!
Microservices, Kubernetes and Istio - A Great Fit!Animesh Singh
 

Recommended

Amazon EKS로 간단한 웹 애플리케이션 구축하기 - 김주영 (AWS) :: AWS Community Day Online 2021
Amazon EKS로 간단한 웹 애플리케이션 구축하기 - 김주영 (AWS) :: AWS Community Day Online 2021Amazon EKS로 간단한 웹 애플리케이션 구축하기 - 김주영 (AWS) :: AWS Community Day Online 2021
Amazon EKS로 간단한 웹 애플리케이션 구축하기 - 김주영 (AWS) :: AWS Community Day Online 2021AWSKRUG - AWS한국사용자모임
 
Kubernetes Deployment Strategies
Kubernetes Deployment StrategiesKubernetes Deployment Strategies
Kubernetes Deployment StrategiesAbdennour TM
 
Extending kubernetes with CustomResourceDefinitions
Extending kubernetes with CustomResourceDefinitionsExtending kubernetes with CustomResourceDefinitions
Extending kubernetes with CustomResourceDefinitionsStefan Schimanski
 
Kubecon US 2019: Kubernetes Multitenancy WG Deep Dive
Kubecon US 2019: Kubernetes Multitenancy WG Deep DiveKubecon US 2019: Kubernetes Multitenancy WG Deep Dive
Kubecon US 2019: Kubernetes Multitenancy WG Deep DiveSanjeev Rampal
 
[CNCF TAG-Runtime 2022-10-06] Lima
[CNCF TAG-Runtime 2022-10-06] Lima[CNCF TAG-Runtime 2022-10-06] Lima
[CNCF TAG-Runtime 2022-10-06] LimaAkihiro Suda
 
Kubernetes Architecture - beyond a black box - Part 1
Kubernetes Architecture - beyond a black box - Part 1Kubernetes Architecture - beyond a black box - Part 1
Kubernetes Architecture - beyond a black box - Part 1Hao H. Zhang
 
Kubernetes Networking 101
Kubernetes Networking 101Kubernetes Networking 101
Kubernetes Networking 101Weaveworks
 
Microservices, Kubernetes and Istio - A Great Fit!
Microservices, Kubernetes and Istio - A Great Fit!Microservices, Kubernetes and Istio - A Great Fit!
Microservices, Kubernetes and Istio - A Great Fit!Animesh Singh
 
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...Edureka!
 
Kubernetes API - deep dive into the kube-apiserver
Kubernetes API - deep dive into the kube-apiserverKubernetes API - deep dive into the kube-apiserver
Kubernetes API - deep dive into the kube-apiserverStefan Schimanski
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101Crevise Technologies
 
gRPC vs REST: let the battle begin!
gRPC vs REST: let the battle begin!gRPC vs REST: let the battle begin!
gRPC vs REST: let the battle begin!Alex Borysov
 
Terraform
TerraformTerraform
TerraformMarcelo Serpa
 
Introduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopIntroduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopBob Killen
 
Kubernetes #1 intro
Kubernetes #1 introKubernetes #1 intro
Kubernetes #1 introTerry Cho
 
Building Netty Servers
Building Netty ServersBuilding Netty Servers
Building Netty ServersDani Solà Lagares
 
Automation with Packer and TerraForm
Automation with Packer and TerraFormAutomation with Packer and TerraForm
Automation with Packer and TerraFormWesley Charles Blake
 
Reactive Card Magic: Understanding Spring WebFlux and Project Reactor
Reactive Card Magic: Understanding Spring WebFlux and Project ReactorReactive Card Magic: Understanding Spring WebFlux and Project Reactor
Reactive Card Magic: Understanding Spring WebFlux and Project ReactorVMware Tanzu
 
An Introduction to OAuth 2
An Introduction to OAuth 2An Introduction to OAuth 2
An Introduction to OAuth 2Aaron Parecki
 
Ansible - Hands on Training
Ansible - Hands on TrainingAnsible - Hands on Training
Ansible - Hands on TrainingMehmet Ali Aydın
 
Kubernetes Interview Questions And Answers | Kubernetes Tutorial | Kubernetes...
Kubernetes Interview Questions And Answers | Kubernetes Tutorial | Kubernetes...Kubernetes Interview Questions And Answers | Kubernetes Tutorial | Kubernetes...
Kubernetes Interview Questions And Answers | Kubernetes Tutorial | Kubernetes...Edureka!
 
Mastering kubernetes ingress nginx
Mastering kubernetes ingress nginxMastering kubernetes ingress nginx
Mastering kubernetes ingress nginxSidhartha Mani
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetesGabriel Carro
 
Event Sourcing & CQRS, Kafka, Rabbit MQ
Event Sourcing & CQRS, Kafka, Rabbit MQEvent Sourcing & CQRS, Kafka, Rabbit MQ
Event Sourcing & CQRS, Kafka, Rabbit MQAraf Karsh Hamid
 
Kubernetes - A Comprehensive Overview
Kubernetes - A Comprehensive OverviewKubernetes - A Comprehensive Overview
Kubernetes - A Comprehensive OverviewBob Killen
 
An intro to Kubernetes operators
An intro to Kubernetes operatorsAn intro to Kubernetes operators
An intro to Kubernetes operatorsJ On The Beach
 
Kubernetes architecture
Kubernetes architectureKubernetes architecture
Kubernetes architectureJanakiram MSV
 
Container based CI/CD on GitHub Actions
Container based CI/CD on GitHub ActionsContainer based CI/CD on GitHub Actions
Container based CI/CD on GitHub ActionsCasey Lee
 
Gohan
GohanGohan
GohanNachi Ueno
 
Running gRPC Services for Serving Legacy API on Kubernetes
Running gRPC Services for Serving Legacy API on KubernetesRunning gRPC Services for Serving Legacy API on Kubernetes
Running gRPC Services for Serving Legacy API on KubernetesSungwon Lee
 

More Related Content

What's hot

Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...Edureka!
 
Kubernetes API - deep dive into the kube-apiserver
Kubernetes API - deep dive into the kube-apiserverKubernetes API - deep dive into the kube-apiserver
Kubernetes API - deep dive into the kube-apiserverStefan Schimanski
 
gRPC vs REST: let the battle begin!
gRPC vs REST: let the battle begin!gRPC vs REST: let the battle begin!
gRPC vs REST: let the battle begin!Alex Borysov
 
Introduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopIntroduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopBob Killen
 
Kubernetes #1 intro
Kubernetes #1 introKubernetes #1 intro
Kubernetes #1 introTerry Cho
 
Automation with Packer and TerraForm
Automation with Packer and TerraFormAutomation with Packer and TerraForm
Automation with Packer and TerraFormWesley Charles Blake
 
Reactive Card Magic: Understanding Spring WebFlux and Project Reactor
Reactive Card Magic: Understanding Spring WebFlux and Project ReactorReactive Card Magic: Understanding Spring WebFlux and Project Reactor
Reactive Card Magic: Understanding Spring WebFlux and Project ReactorVMware Tanzu
 
An Introduction to OAuth 2
An Introduction to OAuth 2An Introduction to OAuth 2
An Introduction to OAuth 2Aaron Parecki
 
Kubernetes Interview Questions And Answers | Kubernetes Tutorial | Kubernetes...
Kubernetes Interview Questions And Answers | Kubernetes Tutorial | Kubernetes...Kubernetes Interview Questions And Answers | Kubernetes Tutorial | Kubernetes...
Kubernetes Interview Questions And Answers | Kubernetes Tutorial | Kubernetes...Edureka!
 
Mastering kubernetes ingress nginx
Mastering kubernetes ingress nginxMastering kubernetes ingress nginx
Mastering kubernetes ingress nginxSidhartha Mani
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetesGabriel Carro
 
Event Sourcing & CQRS, Kafka, Rabbit MQ
Event Sourcing & CQRS, Kafka, Rabbit MQEvent Sourcing & CQRS, Kafka, Rabbit MQ
Event Sourcing & CQRS, Kafka, Rabbit MQAraf Karsh Hamid
 
Kubernetes - A Comprehensive Overview
Kubernetes - A Comprehensive OverviewKubernetes - A Comprehensive Overview
Kubernetes - A Comprehensive OverviewBob Killen
 
An intro to Kubernetes operators
An intro to Kubernetes operatorsAn intro to Kubernetes operators
An intro to Kubernetes operatorsJ On The Beach
 
Kubernetes architecture
Kubernetes architectureKubernetes architecture
Kubernetes architectureJanakiram MSV
 
Container based CI/CD on GitHub Actions
Container based CI/CD on GitHub ActionsContainer based CI/CD on GitHub Actions
Container based CI/CD on GitHub ActionsCasey Lee
 

What's hot (20)

Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
 
Kubernetes API - deep dive into the kube-apiserver
Kubernetes API - deep dive into the kube-apiserverKubernetes API - deep dive into the kube-apiserver
Kubernetes API - deep dive into the kube-apiserver
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101
 
gRPC vs REST: let the battle begin!
gRPC vs REST: let the battle begin!gRPC vs REST: let the battle begin!
gRPC vs REST: let the battle begin!
 
Terraform
TerraformTerraform
Terraform
 
Introduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopIntroduction to Kubernetes Workshop
Introduction to Kubernetes Workshop
 
Kubernetes #1 intro
Kubernetes #1 introKubernetes #1 intro
Kubernetes #1 intro
 
Building Netty Servers
Building Netty ServersBuilding Netty Servers
Building Netty Servers
 
Automation with Packer and TerraForm
Automation with Packer and TerraFormAutomation with Packer and TerraForm
Automation with Packer and TerraForm
 
Reactive Card Magic: Understanding Spring WebFlux and Project Reactor
Reactive Card Magic: Understanding Spring WebFlux and Project ReactorReactive Card Magic: Understanding Spring WebFlux and Project Reactor
Reactive Card Magic: Understanding Spring WebFlux and Project Reactor
 
An Introduction to OAuth 2
An Introduction to OAuth 2An Introduction to OAuth 2
An Introduction to OAuth 2
 
Ansible - Hands on Training
Ansible - Hands on TrainingAnsible - Hands on Training
Ansible - Hands on Training
 
Kubernetes Interview Questions And Answers | Kubernetes Tutorial | Kubernetes...
Kubernetes Interview Questions And Answers | Kubernetes Tutorial | Kubernetes...Kubernetes Interview Questions And Answers | Kubernetes Tutorial | Kubernetes...
Kubernetes Interview Questions And Answers | Kubernetes Tutorial | Kubernetes...
 
Mastering kubernetes ingress nginx
Mastering kubernetes ingress nginxMastering kubernetes ingress nginx
Mastering kubernetes ingress nginx
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
 
Event Sourcing & CQRS, Kafka, Rabbit MQ
Event Sourcing & CQRS, Kafka, Rabbit MQEvent Sourcing & CQRS, Kafka, Rabbit MQ
Event Sourcing & CQRS, Kafka, Rabbit MQ
 
Kubernetes - A Comprehensive Overview
Kubernetes - A Comprehensive OverviewKubernetes - A Comprehensive Overview
Kubernetes - A Comprehensive Overview
 
An intro to Kubernetes operators
An intro to Kubernetes operatorsAn intro to Kubernetes operators
An intro to Kubernetes operators
 
Kubernetes architecture
Kubernetes architectureKubernetes architecture
Kubernetes architecture
 
Container based CI/CD on GitHub Actions
Container based CI/CD on GitHub ActionsContainer based CI/CD on GitHub Actions
Container based CI/CD on GitHub Actions
 

Similar to Kubernetes API code-base tour

Running gRPC Services for Serving Legacy API on Kubernetes
Running gRPC Services for Serving Legacy API on KubernetesRunning gRPC Services for Serving Legacy API on Kubernetes
Running gRPC Services for Serving Legacy API on KubernetesSungwon Lee
 
High quality ap is with api platform
High quality ap is with api platformHigh quality ap is with api platform
High quality ap is with api platformNelson Kopliku
 
Usable APIs at Scale
Usable APIs at ScaleUsable APIs at Scale
Usable APIs at ScaleTim Burks
 
API Workshop: Deep dive into REST APIs
API Workshop: Deep dive into REST APIsAPI Workshop: Deep dive into REST APIs
API Workshop: Deep dive into REST APIsTom Johnson
 
Araport Workshop Tutorial 2: Authentication and the Agave Profiles Service
Araport Workshop Tutorial 2: Authentication and the Agave Profiles ServiceAraport Workshop Tutorial 2: Authentication and the Agave Profiles Service
Araport Workshop Tutorial 2: Authentication and the Agave Profiles Servicestevemock
 
RESTful web APIs (build, document, manage)
RESTful web APIs (build, document, manage)RESTful web APIs (build, document, manage)
RESTful web APIs (build, document, manage)Cisco DevNet
 
Build and Manage Your APIs with Amazon API Gateway
Build and Manage Your APIs with Amazon API GatewayBuild and Manage Your APIs with Amazon API Gateway
Build and Manage Your APIs with Amazon API GatewayAmazon Web Services
 
Developing Brilliant and Powerful APIs in Ruby & Python
Developing Brilliant and Powerful APIs in Ruby & PythonDeveloping Brilliant and Powerful APIs in Ruby & Python
Developing Brilliant and Powerful APIs in Ruby & PythonSmartBear
 
Champaign-Urbana Javascript Meetup Talk (Jan 2020)
Champaign-Urbana Javascript Meetup Talk (Jan 2020)Champaign-Urbana Javascript Meetup Talk (Jan 2020)
Champaign-Urbana Javascript Meetup Talk (Jan 2020)Susan Potter
 
Improving DroidBox
Improving DroidBoxImproving DroidBox
Improving DroidBoxKelwin Yang
 
Building Better Web APIs with Rails
Building Better Web APIs with RailsBuilding Better Web APIs with Rails
Building Better Web APIs with RailsAll Things Open
 
Amazon API Gateway
Amazon API GatewayAmazon API Gateway
Amazon API GatewayMark Bate
 
Design Summit - RESTful API Overview - John Hardy
Design Summit - RESTful API Overview - John HardyDesign Summit - RESTful API Overview - John Hardy
Design Summit - RESTful API Overview - John HardyManageIQ
 
Alfresco Development Framework Basic
Alfresco Development Framework BasicAlfresco Development Framework Basic
Alfresco Development Framework BasicMario Romano
 
Amazon Web Service - Basics
Amazon Web Service - BasicsAmazon Web Service - Basics
Amazon Web Service - BasicsSang-Min Park
 
Apigility – Lightning Fast API Development - OSSCamp 2014
Apigility – Lightning Fast API Development - OSSCamp 2014 Apigility – Lightning Fast API Development - OSSCamp 2014
Apigility – Lightning Fast API Development - OSSCamp 2014 OSSCube
 

Similar to Kubernetes API code-base tour (20)

Gohan
GohanGohan
Gohan
 
Running gRPC Services for Serving Legacy API on Kubernetes
Running gRPC Services for Serving Legacy API on KubernetesRunning gRPC Services for Serving Legacy API on Kubernetes
Running gRPC Services for Serving Legacy API on Kubernetes
 
High quality ap is with api platform
High quality ap is with api platformHigh quality ap is with api platform
High quality ap is with api platform
 
Usable APIs at Scale
Usable APIs at ScaleUsable APIs at Scale
Usable APIs at Scale
 
Intro to CloudStack API
Intro to CloudStack APIIntro to CloudStack API
Intro to CloudStack API
 
Crafting APIs
Crafting APIsCrafting APIs
Crafting APIs
 
API Workshop: Deep dive into REST APIs
API Workshop: Deep dive into REST APIsAPI Workshop: Deep dive into REST APIs
API Workshop: Deep dive into REST APIs
 
Araport Workshop Tutorial 2: Authentication and the Agave Profiles Service
Araport Workshop Tutorial 2: Authentication and the Agave Profiles ServiceAraport Workshop Tutorial 2: Authentication and the Agave Profiles Service
Araport Workshop Tutorial 2: Authentication and the Agave Profiles Service
 
RESTful web APIs (build, document, manage)
RESTful web APIs (build, document, manage)RESTful web APIs (build, document, manage)
RESTful web APIs (build, document, manage)
 
Build and Manage Your APIs with Amazon API Gateway
Build and Manage Your APIs with Amazon API GatewayBuild and Manage Your APIs with Amazon API Gateway
Build and Manage Your APIs with Amazon API Gateway
 
Developing Brilliant and Powerful APIs in Ruby & Python
Developing Brilliant and Powerful APIs in Ruby & PythonDeveloping Brilliant and Powerful APIs in Ruby & Python
Developing Brilliant and Powerful APIs in Ruby & Python
 
Codeigniter
CodeigniterCodeigniter
Codeigniter
 
Champaign-Urbana Javascript Meetup Talk (Jan 2020)
Champaign-Urbana Javascript Meetup Talk (Jan 2020)Champaign-Urbana Javascript Meetup Talk (Jan 2020)
Champaign-Urbana Javascript Meetup Talk (Jan 2020)
 
Improving DroidBox
Improving DroidBoxImproving DroidBox
Improving DroidBox
 
Building Better Web APIs with Rails
Building Better Web APIs with RailsBuilding Better Web APIs with Rails
Building Better Web APIs with Rails
 
Amazon API Gateway
Amazon API GatewayAmazon API Gateway
Amazon API Gateway
 
Design Summit - RESTful API Overview - John Hardy
Design Summit - RESTful API Overview - John HardyDesign Summit - RESTful API Overview - John Hardy
Design Summit - RESTful API Overview - John Hardy
 
Alfresco Development Framework Basic
Alfresco Development Framework BasicAlfresco Development Framework Basic
Alfresco Development Framework Basic
 
Amazon Web Service - Basics
Amazon Web Service - BasicsAmazon Web Service - Basics
Amazon Web Service - Basics
 
Apigility – Lightning Fast API Development - OSSCamp 2014
Apigility – Lightning Fast API Development - OSSCamp 2014 Apigility – Lightning Fast API Development - OSSCamp 2014
Apigility – Lightning Fast API Development - OSSCamp 2014
 

More from Stefan Schimanski

Cutting the Kubernetes Monorepo in pieces
Cutting the Kubernetes Monorepo in piecesCutting the Kubernetes Monorepo in pieces
Cutting the Kubernetes Monorepo in piecesStefan Schimanski
 
Extending Kubernetes – Admission webhooks
Extending Kubernetes – Admission webhooksExtending Kubernetes – Admission webhooks
Extending Kubernetes – Admission webhooksStefan Schimanski
 
KubeCon EU 2018 – Sig API Machinery Deep Dive
KubeCon EU 2018 – Sig API Machinery Deep DiveKubeCon EU 2018 – Sig API Machinery Deep Dive
KubeCon EU 2018 – Sig API Machinery Deep DiveStefan Schimanski
 
Cutting the Kubernetes Monorepo in pieces – never learnt more about git
Cutting the Kubernetes Monorepo in pieces – never learnt more about gitCutting the Kubernetes Monorepo in pieces – never learnt more about git
Cutting the Kubernetes Monorepo in pieces – never learnt more about gitStefan Schimanski
 
Git deep dive – chopping Kubernetes
Git deep dive – chopping KubernetesGit deep dive – chopping Kubernetes
Git deep dive – chopping KubernetesStefan Schimanski
 
Meetup - Principles of the kube api and how to extend it
Meetup - Principles of the kube api and how to extend itMeetup - Principles of the kube api and how to extend it
Meetup - Principles of the kube api and how to extend itStefan Schimanski
 
Extend and build on Kubernetes
Extend and build on KubernetesExtend and build on Kubernetes
Extend and build on KubernetesStefan Schimanski
 
Kubernetes Architecture and Introduction – Paris Kubernetes Meetup
Kubernetes Architecture and Introduction – Paris Kubernetes MeetupKubernetes Architecture and Introduction – Paris Kubernetes Meetup
Kubernetes Architecture and Introduction – Paris Kubernetes MeetupStefan Schimanski
 
Kubernetes Architecture and Introduction
Kubernetes Architecture and IntroductionKubernetes Architecture and Introduction
Kubernetes Architecture and IntroductionStefan Schimanski
 
Kubernetes on Top of Mesos on Top of DCOS
Kubernetes on Top of Mesos on Top of DCOSKubernetes on Top of Mesos on Top of DCOS
Kubernetes on Top of Mesos on Top of DCOSStefan Schimanski
 
An Introduction to the Kubernetes API
An Introduction to the Kubernetes APIAn Introduction to the Kubernetes API
An Introduction to the Kubernetes APIStefan Schimanski
 
Cluster Networking with Docker
Cluster Networking with DockerCluster Networking with Docker
Cluster Networking with DockerStefan Schimanski
 

More from Stefan Schimanski (15)

Cutting the Kubernetes Monorepo in pieces
Cutting the Kubernetes Monorepo in piecesCutting the Kubernetes Monorepo in pieces
Cutting the Kubernetes Monorepo in pieces
 
Extending Kubernetes – Admission webhooks
Extending Kubernetes – Admission webhooksExtending Kubernetes – Admission webhooks
Extending Kubernetes – Admission webhooks
 
KubeCon EU 2018 – Sig API Machinery Deep Dive
KubeCon EU 2018 – Sig API Machinery Deep DiveKubeCon EU 2018 – Sig API Machinery Deep Dive
KubeCon EU 2018 – Sig API Machinery Deep Dive
 
Cutting the Kubernetes Monorepo in pieces – never learnt more about git
Cutting the Kubernetes Monorepo in pieces – never learnt more about gitCutting the Kubernetes Monorepo in pieces – never learnt more about git
Cutting the Kubernetes Monorepo in pieces – never learnt more about git
 
Git deep dive – chopping Kubernetes
Git deep dive – chopping KubernetesGit deep dive – chopping Kubernetes
Git deep dive – chopping Kubernetes
 
Extending the Kube API
Extending the Kube APIExtending the Kube API
Extending the Kube API
 
Meetup - Principles of the kube api and how to extend it
Meetup - Principles of the kube api and how to extend itMeetup - Principles of the kube api and how to extend it
Meetup - Principles of the kube api and how to extend it
 
Extend and build on Kubernetes
Extend and build on KubernetesExtend and build on Kubernetes
Extend and build on Kubernetes
 
Elastic etcd
Elastic etcdElastic etcd
Elastic etcd
 
Kubernetes Architecture and Introduction – Paris Kubernetes Meetup
Kubernetes Architecture and Introduction – Paris Kubernetes MeetupKubernetes Architecture and Introduction – Paris Kubernetes Meetup
Kubernetes Architecture and Introduction – Paris Kubernetes Meetup
 
Kubernetes Architecture and Introduction
Kubernetes Architecture and IntroductionKubernetes Architecture and Introduction
Kubernetes Architecture and Introduction
 
Kubernetes on Top of Mesos on Top of DCOS
Kubernetes on Top of Mesos on Top of DCOSKubernetes on Top of Mesos on Top of DCOS
Kubernetes on Top of Mesos on Top of DCOS
 
An Introduction to the Kubernetes API
An Introduction to the Kubernetes APIAn Introduction to the Kubernetes API
An Introduction to the Kubernetes API
 
Cluster Networking with Docker
Cluster Networking with DockerCluster Networking with Docker
Cluster Networking with Docker
 
Beyond static configuration
Beyond static configurationBeyond static configuration
Beyond static configuration
 

Recently uploaded

Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionSolGuruz
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceCALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceanilsa9823
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...panagenda
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Steffen Staab
 

Recently uploaded (20)

Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceCALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 

Kubernetes API code-base tour

  • 1. API Codebase Tour Stefan Schimanski / @the_sttts / Red Hat Hacking the kube-apiserver
  • 3.
  • 4. v1alpha1 types: staging/src/k8s.io/api/auditregistration/v1alpha1 • types.go – actual Golang types (with JSON and Proto tags) • register.go – registration code: AddToScheme internal types: pkg/apis/auditregistration • types.go – internal (hub) Golang types (without JSON/Proto) • register.go – registration code: AddToScheme Installer: pkg/apis/auditregistration/install: func Install(scheme *runtime.Scheme) Golang types
  • 5. Scheme: register Golang types & Golang funcs w/ GroupVersionKind k8s.io/apimachinery/pkg/runtime.Scheme GroupVersionKinds conversions defaulters reflect.Type Scheme Codec
  • 6. v1alpha1 types: staging/src/k8s.io/api/auditregistration/v1alpha1 • types.go – actual Golang types (with JSON and Proto tags) • register.go – registration code: AddToScheme internal types: pkg/apis/auditregistration • types.go – internal (hub) Golang types (without JSON/Proto) • register.go – registration code: AddToScheme Installer: pkg/apis/auditregistration/install: func Install(scheme *runtime.Scheme) Golang types
  • 7. Conversions: pkg/apis/auditregistration/v1alpha1 • conversion.go – custom conversions • zz_generated.conversion.go – generated conversions Defaults: zz_generated_defaults.go DeepCopy: zz_generated_deepcopy.go Generated Code not in k8s.io/api!
  • 9. apiserver binary generic apiserver in k8s.io/apiserver 404 authentication authorization impersonation panic recovery request-timeout audit max-in-flight handlerchain mux data flow calls back to knows no API groups yetScheme empty /version /apis /openapi/v2 /swagger.json /healthz /metrics
  • 10. apiserver binary generic apiserver in k8s.io/apiserver 404 authentication authorization impersonation panic recovery request-timeout audit max-in-flight handlerchain mux data flow calls back to knows no API groups yetScheme empty /version /apis /openapi/v2 /swagger.json /healthz /metrics
  • 11. func DefaultBuildHandlerChain(apiHandler http.Handler, c *Config) http.Handler { handler := genericapifilters.WithAuthorization(apiHandler, ...) handler = genericfilters.WithMaxInFlightLimit(handler, ...) handler = genericapifilters.WithImpersonation(handler, ...) handler = genericapifilters.WithAudit(handler, ...) failedHandler := genericapifilters.Unauthorized(...) failedHandler = genericapifilters.WithFailedAuthenticationAudit(failedHandler, ...) handler = genericapifilters.WithAuthentication(handler, ..., failedHandler, ...) handler = genericfilters.WithCORS(handler, ...) handler = genericfilters.WithTimeoutForNonLongRunningRequests(handler, ...) handler = genericfilters.WithWaitGroup(handler, ...) handler = genericapifilters.WithRequestInfo(handler, ...) handler = genericfilters.WithPanicRecovery(handler) return handler } k8s.io/apiserver/pkg/server/config.go
  • 12. kube-apiserver generic apiserver 404 authentication authorization impersonation panic recovery request-timeout audit max-in-flight handlerchain mux data flow calls back to knows no API groups yetScheme /version /apis /openapi/v2 /swagger.json /healthz /metrics core/v1 Podcore/v1 Podcore/v1 Pod
  • 14. kube-apiserver apiserver resource handlerresource handler 404 resource handler request conversion& defaulting REST logic result conversion validation admission decoding GET CREATE LIST UPDATE DELETE WATCH PATCH encoding mutating webhooks validating webhooks authentication authorization impersonation panic recovery request-timeout audit max-in-flight handlerchain Scheme core/v1 Podcore/v1 Podcore/v1 Pod data flow calls back to mux no storage logic yet
  • 15. kube-apiserver apiserver resource handlerresource handler 404 etcd resource handler request conversion& defaulting storage conversion & defaulting REST logic result conversion validation admission decoding GET CREATE LIST UPDATE DELETE WATCH PATCH encoding mutating webhooks validating webhooks authentication authorization impersonation panic recovery request-timeout audit max-in-flight handlerchain API Group “core”API Group “core”API Group “core” PodStoragePodStoragePodStorage Generic Registry Pod Strategy - PrepareForUpdate - PrepareForCreate - Validate ... create update ...mux Scheme core/v1 Podcore/v1 Podcore/v1 Pod data flow calls back to
  • 16. kube-apiserver apiserver resource handlerresource handler 404 etcd resource handler request conversion& defaulting storage conversion & defaulting REST logic result conversion validation admission decoding GET CREATE LIST UPDATE DELETE WATCH PATCH encoding mutating webhooks validating webhooks authentication authorization impersonation panic recovery request-timeout audit max-in-flight handlerchain API Group “core”API Group “core”API Group “core” PodStoragePodStoragePodStorage Generic Registry Pod Strategy - PrepareForUpdate - PrepareForCreate - Validate ... create update ...mux Scheme core/v1 Podcore/v1 Podcore/v1 Pod data flow calls back to v1 v1 v1 int int v1 int v1 int v2 v1 int int v1 hub/internal version
  • 17. kube-apiserver apiserver resource handlerresource handler 404 etcd resource handler request conversion& defaulting storage conversion & defaulting REST logic result conversion validation admission decoding GET CREATE LIST UPDATE DELETE WATCH PATCH encoding mutating webhooks validating webhooks authentication authorization impersonation panic recovery request-timeout audit max-in-flight handlerchain API Group “core”API Group “core”API Group “core” PodStoragePodStoragePodStorage Generic Registry Pod Strategy - PrepareForUpdate - PrepareForCreate - Validate ... create update ...mux Scheme core/v1 Podcore/v1 Podcore/v1 Pod data flow calls back to conversions defaulting
  • 18. kube-apiserver CRDs aggregator kube- aggregator & CRDs apiserver resource handlerresource handler 404 etcdaggregated apiservers resource handler request conversion& defaulting storage conversion & defaulting REST logic result conversion validation admission decoding GET CREATE LIST UPDATE DELETE WATCH PATCH encoding mutating webhooks validating webhooks authentication authorization impersonation panic recovery request-timeout audit max-in-flight handlerchain API Group “core”API Group “core”API Group “core” PodStoragePodStoragePodStorage Generic Registry Pod Strategy - PrepareForUpdate - PrepareForCreate - Validate ... create update ...mux Scheme core/v1 Podcore/v1 Podcore/v1 Pod data flow calls back to
  • 19. kube-apiserver kube- aggregator apiserver resource handlerresource handler 404 etcdaggregated apiservers resource handler request conversion& defaulting storage conversion & defaulting REST logic result conversion validation admission decoding GET CREATE LIST UPDATE DELETE WATCH PATCH encoding mutating webhooks validating webhooks authentication authorization impersonation panic recovery request-timeout audit max-in-flight handlerchain API Group “core”API Group “core”API Group “core” PodStoragePodStoragePodStorage Generic Registry Pod Strategy - PrepareForUpdate - PrepareForCreate - Validate ... create update ...mux Scheme core/v1 Podcore/v1 Podcore/v1 Pod data flow calls back to pkg/registry pkg/apis + k8s.io/api k8s.io/apiserver/pkg/endpoints/handlers k8s.io/apiserver/pkg/admission k8s.io/apiserver/plugin/pkg/admission plugins/pkg/admission k8s.io/apiserver/pkg/endpoints/filters k8s.io/kube-aggregator k8s.io/apiextensions-apiserver k8s.io/apiserver/pkg/storage/etcd3 k8s.io/apiserver/pkg/registry/generic
  • 20. API Group “core”API Group “core”API Group “auditregistration.k8s.io” PodStoragePodStorageAuditSinkStorage Generic Registry AuditSink Strategy - PrepareForUpdate - PrepareForCreate - Validate ... create update ... staging/src/k8s.io/apiserver/pkg/registry/generic/registry pkg/apis/auditregistration/validation “The registry” of a resource
  • 21. Plumbing into kube-apiserver pkg/master/import_known_versions.go import ( _ "k8s.io/kubernetes/pkg/apis/auditregistration/install" ) pkg/master/master.go import ( auditregistrationrest "k8s.io/kubernetes/pkg/registry/auditregistration/rest" ) restStorageProviders := []RESTStorageProvider{ auditregistrationrest.RESTStorageProvider{}, autoscalingrest.RESTStorageProvider{}, … } apiserver.InstallAPIs(…, restStorageProviders…) legacyscheme.Scheme installs handlers into the mux func init()
  • 22. Build system plumbing • hack/.golint_failures ignore lint errors due to generated code • hack/lib/init.sh add to KUBE_AVAILABLE_GROUP_VERSIONS, used by many hack/ scripts • hack/update-generated-protobuf-dockerized.sh generate Protobuf code, independent from KUBE_AVAILABLE_GROUP_VERSIONS for some reason
  • 23. $ make WHAT=cmd/hyperkube $ RUNTIME_CONFIG=auditregistration.k8s.io/v1alpha1=true hack/local-up-cluster.sh $ kubectl get --raw /apis | grep auditregistration.k8s.io
  • 25. kube-apiserver CRDs aggregator kube- aggregator & CRDs apiserver resource handlerresource handler 404 etcdaggregated apiservers resource handler request conversion& defaulting storage conversion & defaulting REST logic result conversion validation admission decoding GET CREATE LIST UPDATE DELETE WATCH PATCH encoding mutating webhooks validating webhooks authentication authorization impersonation panic recovery request-timeout audit max-in-flight handlerchain API Group “core”API Group “core”API Group “core” PodStoragePodStoragePodStorage Generic Registry Pod Strategy - PrepareForUpdate - PrepareForCreate - Validate ... create update ...mux Scheme core/v1 Podcore/v1 Podcore/v1 Pod data flow calls back to
  • 26. Live Debugging * perfectly written down in xmudrii’s https://xmudrii.com/posts/debugging-kubernetes/ *
  • 27. kube-apiserver CRDs aggregator kube- aggregator & CRDs apiserver resource handlerresource handler 404 etcdaggregated apiservers resource handler request conversion& defaulting storage conversion & defaulting REST logic result conversion validation admission decoding GET CREATE LIST UPDATE DELETE WATCH PATCH encoding mutating webhooks validating webhooks authentication authorization impersonation panic recovery request-timeout audit max-in-flight handlerchain API Group “core”API Group “core”API Group “core” PodStoragePodStoragePodStorage Generic Registry Pod Strategy - PrepareForUpdate - PrepareForCreate - Validate ... create update ...mux Scheme core/v1 Podcore/v1 Podcore/v1 Pod data flow calls back to
  • 28. @lavalamp’s “Live API Code Review” after the break