logo
allArticlesConferencesPresentations

Kubernetes is Your Platform: Design Patterns For Extensible Controllers

Conference:  KubeCon + CloudNativeCon Europe 2022

2022-05-18

Authors:   Fabrizio Pandini, Rafael Fernández López

Summary

The presentation discusses the extensible design pattern for Kubernetes controllers and the challenges and opportunities in developing them as a community.
  • The extensible design pattern allows for running plugins in a separate process with a dedicated security context and the ability to add or remove plugins at any time.
  • The pattern requires careful consideration of dependencies with external services and organizational implications.
  • The community needs to work together to solve problems such as documenting behavioral dependencies and defining contracts for extensibility points.
  • Frameworks and libraries can be developed to make implementing extensible controllers easier and more standardized.
The speaker gives an example of a plugin that requires a different security context than the core controller and the benefits of running it in a separate process. They also discuss the challenges of documenting behavioral dependencies and the need for a community framework to make implementing extensible controllers easier.

Abstract

Developing Controllers -- as well as other Kubernetes native extensions like admission webhooks -- is quickly becoming a mainstream practice to solve problems in a Kubernetes native way; but while developing a simple controller is pretty straightforward, things become complex as soon as you have behavioral dependencies with other components. But don't worry, this talk will provide you with reusable design patterns derived from the concrete experience and the hard lessons learned by the maintainers of Cluster API and Kubewarden, two projects built around the idea of extensible controllers. How to develop a plug-in system for your controller/admission webhook? How to add to your controller the capability to do RPC calls to pluggable external components? How to orchestrate many controllers co-operating in solving complex tasks? Come to this talk, we got you covered!Click here to view captioning/translation in the MeetingPlay platform!
Materials:
Slides
Tags:
Kubernetes
Controllers
Admission Webhooks
Cluster API
Kubewarden

Post a comment

Related work

What If... Kube-Apiserver Could be Extended Via WebAssembly?

Conference:  KubeCon + CloudNativeCon Europe 2022
Authors: Flavio Castelli
2022-05-19

Tutorial: How to Build a K8s Admission Controller from Scratch!

Conference:  Cloud Native SecurityCon North America 2023
Authors: Angela Gizzi, Stephen Giguere, Matt Johnson

Migrating From PodSecurityPolicy

Conference:  KubeCon + CloudNativeCon North America 2022
Authors: Tim Allclair, Sam Stoelinga
2022-10-27

Webhook Fatigue? You're Not Alone: Introducing the CEL Expression Language Features Solving This Problem

Conference:  KubeCon + CloudNativeCon North America 2022
Authors: Joe Betz
2022-10-27

Learnings From Providing A Platform API With Kubernetes And Crossplane

Conference:  KubeCon + CloudNativeCon Europe 2022
Authors: Jan Willies, Hannes Blut
2022-05-19

Safe, Dynamic Middleware with Dapr and WebAssembly

Conference:  KubeCon + CloudNativeCon Europe 2023
Authors: Mauricio Salatino, Adrian Cole
2023-04-20