Kcp: Towards 1,000,000 Clusters, Name^WWorkspaced CRDs

The presentation discusses the KCP machine, a generalized API server built on Kubernetes, and its three dimensions of extension.

• The KCP machine is a generalized API server built on Kubernetes that can be extended in three dimensions.
• The first dimension is the addition of one million workspaces, each of which is like a small Kubernetes cluster.
• The second dimension involves creating services between the workspaces and programming controllers that are multi-workspace aware.
• The third dimension involves adding locality over the planet and eventual consistency for global state.
• The KCP machine can be used to build multi-tenant services and has various use cases, such as end-to-end testing of controllers and modeling company hierarchies in workspaces.
• The goal of the KCP machine is to make clusters uninteresting and allow for easy and cheap creation of workspaces.
• The presentation emphasizes that the KCP machine is not meant to replace Kubernetes, but rather to generalize it for other use cases beyond container orchestration.

The presenter uses the analogy of a Turing machine in computer science to explain the KCP machine's potential for computing anything, but also emphasizes the importance of considering what tasks can be done elegantly on the machine. The KCP machine is meant to be a generalized tool for various use cases beyond container orchestration, and its three dimensions of extension allow for easy and cheap creation of workspaces with multi-tenant services and eventual consistency for global state.

In 2014, namespaces were added to Kubernetes. Many tried to implement multi-tenancy on-top, with limited success. What if namespaces are just the wrong tool, and we better invest into cluster-like isolation called workspaces, built deeply into the apiserver. The kcp project explors Kubernetes - with logical cluster support to implement workspaces - with ability to scale horizontally via sharding, towards 1,000,000 clusters - with novel API service models disrupting CRDs. In contrast to other projects like vcluster or OpenClusterManager, kcp challenges years old decisions in Kubernetes by going deep into API-Machinery and apiserver. Strategically, we reduce the size of clusters to those of namespaces, and by that open up the space between workspaces for innovation, while within a workspace kcp is just Kubernetes. Outline: 1. from namespaces to workspaces 2. APIExport and APIBindings, identity based security 3. scaling up kcp to 1,000,000 workspaces.