Jib Kubecon 2018 Talkbuild 100MB layer 50MB layer registry send github.com/GoogleContainerTools/jib Docker registry Set of layers, container configurations, and manifests build 100MB layer 50MB layer registry cached 100MB layer 40MB layer registry 9MB layer 1MB layer github.com/GoogleContainerTools/jib 1MB layer Docker registry Set of layers, container configurations, and manifests build 100MB layer 40MB 40MB layer registry 9MB layer send github.com/GoogleContainerTools/jib Jib does an optimized build like FROM gcr.io/distroless/java COPY target/dependencies /app/dependencies COPY target/resources0 码力 | 90 页 | 2.84 MB | 1 年前3- Serverless Kubernetes - 理想,现实和未来-张维成本优化:按需创建,支持spot和预留实例劵 • Kubernetes兼容性: deployment/statfulset/job/service/ingress/CRD • ALB Ingress: 基于SLB 7 layer • Knative serving on ASK:automatic scaling in knative • 集成ARMS, SLS Elastic Container Instance ASK-Scheduler K8S API Server • 基于云产品控制器降低Kubernetes集群的复杂度 • 使用PrivateZone代替coredns服务发现 • 使用SLB layer-7(ALB)作为默认Ingress Private Zone ALB Serverless容器基础设施 - ECI • 更低的计算成本:弹性成本要低于ECS,long run应用成本要接近ECS包年包月0 码力 | 20 页 | 2.27 MB | 1 年前3
- 基于 Kubernetes 构建标准可扩展的云原生应用管理平台-孙健波、周正喜Scaler K8s Operators Kubernetes + OAM K8s Plugin HPA Deployment scale-to-0 Function Unified Model Layer Platform Capability Pool 统一的模型层 平台统一“能力池” 模块化的交付系统 - GitOps “应用”配置 Git (as source of truth) KubeVela = OAM Kubernetes Runtime + Capability Center + UI (Cli + Dashboard) KubeVela Ø User interface layer - CLI/Dashboard/Appfile Ø KubeVela core - OAM Kubernetes Runtime to provide application level0 码力 | 27 页 | 3.60 MB | 9 月前3
- 秘钥管理秘钥Turtles all the way down - Securely managing Kubernetes Secretsfile system etcd Recommendation: Use two-layers of encryption, e.g., full-disk & application-layer … then tries to decrypt it https://xkcd.com/538/, https://xkcd.com/license.html Key rotation summary ● Use encryption based on your threat model, e.g., two layers, like full-disk + application-layer ● Rotate keys regularly to limit the impact of a potential key compromise ● Use envelope encryption0 码力 | 52 页 | 2.84 MB | 1 年前3
- QCon北京2018/QCon北京2018-《Kubernetes-+面向未来的开发和部署》-Michael+Chendifferent CaaS and PaaS systems • NSX Infra layer: Implements the logic that creates topologies, attaches logical ports, etc. based on triggers from the Adapter layer • NSX API Client: Implements a standardized0 码力 | 42 页 | 10.97 MB | 1 年前3
- Kubernetes开源书 - 周立"key1" : "value1", "key2" : "value2" } 类似以下信息可记录到Annotation中: 由declarative configuration layer管理的字段。将这些字段附加为Annotation,可将它们与客户端或服务器设置的默 认值、⾃动⽣成的字段或以及auto-sizing或auto-scaling的系统所设置的字段区分开。 构建信 要使⽤Horizontal Pod Autoscaler的⾃定义指标,您必须在部署集群时设置必要的配置: Enable the API aggregation layer (启⽤API聚合层) 使⽤API aggregation layer注册资源指标API和⾃定义指标API。 这两个API server必须在您的集群上运⾏。 资源指标API :可使⽤Heapster的资源指标API实现,⽅法是运⾏Heapster时将其 请注意,可使⽤ --master 或 --kubeconfig 标志; --master 将会覆盖 --kubeconfig ,如果两者都被指定。 这些标志指定API aggregation layer的位置,允许Controller Manager与 API server通信。 在Kubernetes 1.7中,Kubernetes提供的标准聚合层与kube-apiserver⼀起运⾏,因此可使⽤0 码力 | 135 页 | 21.02 MB | 1 年前3
- 01. K8s扩展功能解析provides • Extended with additional APIs • Build your own API server • Requirements of aggregation layer • Running Kubernetes 1.7 Cluster • Enable apiserver flags © 2017 Rancher Labs, Inc. Setup an Extension0 码力 | 12 页 | 1.08 MB | 1 年前3
- Serverless Kubernetes - KubeConcheck … • Service: LoadBalancer, Headless, Service Discovery(PrivateZone) • Ingress: Aliyun 7-Layer LoadBalancer • Volumes: emptyDir, NFS, SecretVolume, ConfigMapVolume • Secret, ConfigMap • ServiceAccount0 码力 | 16 页 | 4.25 MB | 1 年前3
- Kubernetes Native DevOps Practicek8s Job controller and cluster autoscaler, can also use container probe if needed Infrastructure Layer Cloud provider insufficient resource remove / add nodes vCenter openstack Extensibility /0 码力 | 21 页 | 6.39 MB | 1 年前3
共 9 条
- 1