tldr - powered by Generative AI

• CRDs and other use cases require validation and policy enforcement that cannot be supported by structural schema and OpenAPI V3 validation
• Webhooks have been the only solution for these use cases, but they are difficult to configure and can cause controlling outages
• Common Expression Language (CEL) is a simpler solution that has been successfully integrated with Kubernetes data system for both CRD and native types
• CEL comes with a standard library and an extended library, and it is easy to extend and embed
• CEL can be used for validation, policy enforcement, and authorization checks
• The presentation offers examples of CEL code and use cases, and it mentions future plans for mutating admission policy and client-side validation 2

tldr - powered by Generative AI

• CSI provisional behavior is divided into five steps
• The feature became Alpha in Kubernetes 1.26
• The scope is only provision of PVC from close namespace data source
• Currently supported data source is volume snapshot and persistent Emporium
• In this feature, we plan to support any volume data source

tldr - powered by Generative AI

• Scaling Prometheus can be challenging due to issues with data aggregation and network failures
• Existing solutions such as Federation, remote read, and Thanos require manual maintenance and expertise
• A managed service that leverages Prometheus as a node agent can mitigate scaling issues and separate state and query concerns
• The service forwards metrics data to a remote back end and leverages Kubernetes resource and Daemon set to achieve the setup
• Google's Monarch provides the capacity needed to offer a prom ql compatible API and long-term retention of metrics

tldr - powered by Generative AI

• Breaking down the model into more resources
• Writing a complete schema is required for V1 CRDs
• Use Cube CTL explain to ensure a complete schema
• OpenAPI schemas allow for validation and defaulting without expensive network round trips
• Testing methodologies are important to ensure the resiliency of the controller and code in production

tldr - powered by Generative AI

• Planet Scale is a managed service with cool features based on open-source VTS project
• Crossplane is used to implement a Planet Scale provider in a composition with WordPress
• Composition is used to create resources with configuration
• The presentation provides step-by-step instructions on how to implement the Planet Scale provider and use it in a composition with WordPress

tldr - powered by Generative AI

• Custom resources are used to extend the K8s API server with a declarative API
• Initial attempts to install thousands of CRDs revealed severe performance issues related to the API server
• Profiling tools can be used to troubleshoot API server performance issues
• Real world data can help pinpoint the root causes of scaling issues
• Insights into the mechanics of CRDs are provided
• Tips for getting changes into upstream and moving the ecosystem forward are shared

tldr - powered by Generative AI

• The MCS API is a standardized way of managing services across multiple Kubernetes clusters.
• Submariner is a tool that implements the MCS API and allows for easy connectivity between clusters.
• The presentation demonstrates how to set up a headless service in Submariner and access it from a different cluster.
• Other community projects, such as Istio and SIG Network's Gateway API, are also implementing parts of the MCS API.
• The audience is invited to try out Submariner and get involved in the development of the MCS API and other multi-cluster projects.