How to set up k0s Kubernetes: A quick and dirty guide

The post How to set up k0s Kubernetes: A quick and dirty guide appeared first on Mirantis | Pure Play Open Cloud.
For a couple of weeks now, we’ve been talking about the k0s project, a simple way to get Kubernetes up and running.  In this quick and dirty guide, we’ll give you all the background you need to get started.
The Kubernetes architecture of k0s consists of a single binary that includes everything you need to run Kubernetes on any system that includes the Linux kernel.  Putting it to use is straightforward:

Download the k0s binary
Create a server to instantiate the Kubernetes control plane
Create a Kubernetes worker
Access the cluster

Of course you can add additional controllers or servers, but let’s start with the very simplest version:  a single server running everything you need.
Create a single node Kubernetes cluster with k0s
The first thing we need to do is create a server that will act as the k0s controller.  Note that I didn’t say controller node; you can see Jussi Nummelin’s blog for an explanation of the particular way in which k0s implements the Kubernetes architecture, but the controller processes run directly on the host, and not in pods, so there’s no “master” node.
The host itself doesn’t have to be huge; for this blog I used an AWS t2.medium instance (2 CPUs, 4GB RAM) running Amazon Linux 2.  Just make sure that port 6443 is open so that you can contact the cluster later.
Now you can install k0s with a simple one line command:
sudo curl -sSLf k0s.sh | sudo sh
(Note that there’s no “magic” k0s.sh script you’re missing.  This is the same as sudo curl -sSLf http://k0s.sh | sudo sh)
Once the script downloads, all you need to do is start the server:
sudo k0s server –enable-worker &
That’s it.
You can avoid getting bowled over with logging messages by instead using:
sudo k0s server –enable-worker </dev/null &>/dev/null &
You could also start just the server and create the worker somewhere else, but we’ll talk more about that in a minute.  Now let’s access the new cluster.
Access the k0s cluster
Accessing the cluster is a matter of simply installing kubectl (if necessary) and pointing to the KUBECONFIG file.
When you create the server, k0s creates a KUBECONFIG file for you, so copy it to your working directory and point to it:
sudo cp /var/lib/k0s/pki/admin.conf ~/admin.conf
export KUBECONFIG=~/admin.conf
Now you can access the cluster itself:
kubectl get namespaces
NAME              STATUS   AGE
default           Active   5m32s
kube-node-lease   Active   5m34s
kube-public       Active   5m34s
kube-system       Active   5m34s
Notice that if you look for the nodes, there is no master node:. Remember, k0s implements the control plane as naked processes.
kubectl get nodes
NAME             STATUS   ROLES    AGE    VERSION
ip-172-31-8-33   Ready    <none>   5m1s   v1.19.3
But what happens if we try to access the cluster from another server, such as via a tool such as Lens?
Accessing k0s from outside the cluster: Customizing the k0s Kubernetes cluster
Now let’s look at accessing the cluster from an external server.  We can easily get the KUBECONFIG file:
scp -i k0s.pem ec2-user@<SERVER_IP>:~/admin.conf .
export KUBECONFIG=admin.conf
From there, we’ll want to use the public IP address of the server rather than localhost, so open the admin.conf file and edit the server address.  For example, in my case, the public IP of my server is 52.10.92.152:
apiVersion: v1
clusters:
– cluster:
server: https://52.10.92.152:6443
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURBRENDQWVpZ0F3SUJBZ0lVRzhGakJZVVNZOFBrOWNjcTVhK3lFenNBNXAwd0RRWUpLb1pJaHZjTkFRRUwKQlFBd0dERVdNQlFHQTFVRUF4TU5hM1ZpWlhKdVpYUmxjeTFqWVRBZUZ3MHlNREV4TWpNd016TXpNREJhR…

Now if we were to test this connection, we’d see something odd.
kubectl version
Client Version: version.Info{Major:”1″, Minor:”19″, GitVersion:”v1.19.0″, GitCommit:”e19964183377d0ec2052d1f1fa930c4d7575bd50″, GitTreeState:”clean”, BuildDate:”2020-08-26T14:30:33Z”, GoVersion:”go1.15″, Compiler:”gc”, Platform:”windows/amd64″}
Unable to connect to the server: x509: certificate is valid for 127.0.0.1, 172.31.8.33, 172.31.8.33, 172.31.8.33, 10.96.0.1, not 52.10.92.152
So we’re making the connection, and Kubernetes is working, but the credentials are incorrect.  To solve this problem, we need to configure k0s to include the public IP address.
To start, we can export the actual configuration file k0s will use:
sudo k0s default-config > k0s.yaml
We can then edit that file to add the public IP, and any other address at which we want to call the server:
apiVersion: k0s.k0sproject.io/v1beta1
kind: Cluster
metadata:
name: k0s
spec:
api:
address: 172.31.8.33
sans:
– 172.31.8.33
– 172.31.8.33
– 52.10.92.152
extraArgs: {}
controllerManager:
extraArgs: {}
scheduler:
extraArgs: {}
storage:
type: etcd
kine: null
etcd:
peerAddress: 172.31.8.33
network:
podCIDR: 10.244.0.0/16
serviceCIDR: 10.96.0.0/12
provider: calico
calico:
mode: vxlan
vxlanPort: 4789
vxlanVNI: 4096

Next restart the k0s server. Because it’s running as a background process, the easiest way to do this is to simply restart the machine, then restart k0s:
sudo k0s server –enable-worker &
From here everything should Just Work; the KUBECONFIG file stays the same:
kubectl version
Client Version: version.Info{Major:”1″, Minor:”19″, GitVersion:”v1.19.0″, GitCommit:”e19964183377d0ec2052d1f1fa930c4d7575bd50″, GitTreeState:”clean”, BuildDate:”2020-08-26T14:30:33Z”, GoVersion:”go1.15″, Compiler:”gc”, Platform:”windows/amd64″}
Server Version: version.Info{Major:”1″, Minor:”19″, GitVersion:”v1.19.3″, GitCommit:”1e11e4a2108024935ecfcb2912226cedeafd99df”, GitTreeState:”clean”, BuildDate:”2020-11-11T20:21:36Z”, GoVersion:”go1.15.4″, Compiler:”gc”, Platform:”linux/amd64″}
You can also access the Kubernetes cluster with Lens by importing the KUBECONFIG.
Add additional nodes to the Kubernetes cluster
Scaling the cluster is just a matter of adding additional worker nodes or control planes. To do that, you’re going to need a token so the new server knows where to “phone home”. To generate that, go to the control plane:
k0s token create –role=worker
Obviously, in this case we’re creating a new worker node.  You’ll wind up with a really long string of text such as:
H4sIAAAAAAAC/2yV0Y7iOhKG7/speIGZYycwpxtpLyZgBwIxY8dlJ74LcYZAnBBCGtKs9t1XzcxIu9K5K1f9+n7Lsup/ybujKvvr8dzOJzf8Urj361D21/nLl8nvev4ymUwm17K/lf18Ug1Dd53/9Rf+2/vq46+vX31//m069Z+iouyH489jkQ/ll/x9qM79cfj4YvMhn0+2CRq2CV4IsJE8BkuhIkjARBxREM8ZGhY1jhIQgSBsybXqDKJ+AlFgkFPiUYV5HRmlmNnRoN9pdiqkqja+o2XLApZ+v1skhIZuu8ddlK/MSdZUCLhvuKOBRZYIZRl3dMUlVQLoVMKsirHptKs2VnUZNOOplPSilQgMGD9eOSaImkrdMYvwN5l2TJCoEm1xLw/dnxn935mEqC2JuXClFgbNNK8pU0SkdknNXplZ1mAd0y6TqTBxrXzjWZoDDmJil+DT1cKxKDsxAqAWXFHFgaAEImIRfWoTRG+fbwIgNuJUj4k2Yo/GSwzFQ5Ea21ZV3DdqJ6000rV5YxIFh41Br57Ba79MFTXSabuk5zxUZ5nG9xyGkyDTMVHfe1YrY0IcMXe4JSSiuXIKlhHOkIEyZKBSg8BxnD/Mujyc77BSjx3N+iKluVTnj3gVxBqmvvGpA1dgvXRLvYp7mYohTxnX4YjzU7RV3ut9j88986b3Ag0CMGNlas+2ji6LpvA2XpUomX2opTE2HJZlSo86XE/F8TruqHvfEZpmzYzJZjzHYOKSBlJoK/K22pQy7uNavPNH5vPU1SDXnsDFJoHDNCe4YvUbk+HhpkI+TaRI9aprdaN2GV57WetcDEWfLzOUeW871bzds1MQ5pDdWWqrzUPFWw/PRBtFW4+J/HsHVkbpHhSTsJ7tidMljQabKmN0NLNt8MOc3FWmNMlQtEjUYcz8SNnQcBMKynyC42X0zrVlvKaB8DqR11GwqHHAiA1ipWqxspQf33wAFVjkFrzpAiBRK51ZQ40XXGdTARFwEAHA4SZhfReIjEoLYjBNeR2B1vG0COtNvhIQO3HM0niqaJerlE/L5hWXZNorQne8sX2hqz6HYmYfwecffIiaBhKx4NM/98+ocGvPtsGuOA5Ek1mjDt2Ce+NHhkRrH8zFyjUK22P2MXgQ2ladTMZTty5OgnKotCbDKFJz2hM1JqvgaFD30ErdsjS7m4fd7pYCWczWi5MZEvJm2GIIslZxtjSyeAhPhfHNYuILNDttUYUV5ahsA1FqGPWK+rIRIDxbs1asi1YEpol6CKuLaSgkTbbJfSvLpR2s300zn8LeZzf5cLdd6pgO6WVP7h97sKMljoJUs7zmD4nED+1oLGp6grDok6UxQNmHQviy02tPfe9kTsa7BJtlaTHdNxneK/deoA52cL1tvegae2+UUbvereBum8IT8HaL26CRtUmVDC5GsiYmHS1klTJZjDtpr4vm9RajyN/iIGLp4WFOxlmCRrMUUxsO25KwXqRUJ83IchJhaCqyRdW3QkcO2i4FhO7xyhL14A+r3yIZWpw0fLMPVZVj5f+QaPN7N1NZ8wNHKlHEhQmwQBF47uUtP//rZTJp86acT2p0fSnO7VCOw6+Y+FX/iok/mfFUfTber8/T+7505fBlfz4P16HPu/+nvfd92Q5f/pCezfrY2vlkcW5/Hg8vXV/+LPuyLcrrfPLv/7x8Up/mvyH/gH8aP68wnOuynU9qN15n+Ovl56OyaLj8ffC+9f3x9PLfAAAA////I+m0AwcAAA==
This may seem excessive, but this is actually just a KUBECONFIG that’s been BASE64-encoded. The benefit here is that you can put the worker node anywhere, as long as it can access the control plane over the network.
To create the worker, instantiate a new server (if necessary) and install k0s:
sudo curl -sSLf k0s.sh | sudo sh
Then just go ahead and join the cluster:
sudo k0s worker “long-join-token”
As in:
k0s worker “H4sIAAAAAAAC/2yV0Y7i…”
Now if you were to go back to kubectl and check for nodes, you’d see the new node in your list, as in:
kubectl get nodes
NAME               STATUS   ROLES    AGE   VERSION
ip-172-31-14-157   Ready    <none>   81s   v1.19.3
ip-172-31-8-33     Ready    <none>   11h   v1.19.3
You can also increase the robustness of the cluster by creating an additional control plane.  Again, start by creating the token:
k0s token create –role=controller
And again, on your new server, install k0s and start the server just as you started the worker:
sudo curl -sSLf k0s.sh | sudo sh
sudo k0s server “long-join-token” &
As in:
sudo k0s server “H4sIAAAAAAAC/3RV0Y…” &
This time, though, if you check for nodes, you won’t see the addition, because there are no master nodes in the k0s Kubernetes architecture:
kubectl get nodes
NAME               STATUS   ROLES    AGE   VERSION
ip-172-31-14-157   Ready    <none>   23m   v1.19.3
ip-172-31-8-33     Ready    <none>   11h   v1.19.3
Note that until the community creates a command for leaving the cluster (currently in progress) if something happens to your second controller, the cluster itself will be borked, so don’t add this unless you need to.
Where to go from here
k0s is exciting, but it’s still pretty young, so work is simultaneously very fast but the community would very much like any feedback or contributions. Meanwhile, we’d like to hear when you’re doing with k0s, and what you’d like to see us talk about, so let us know in the comments!
The post How to set up k0s Kubernetes: A quick and dirty guide appeared first on Mirantis | Pure Play Open Cloud.
Quelle: Mirantis

Join Us in Honoring Transgender Day of Remembrance

Today, November 20th, people around the world pause to bear witness to Transgender Day of Remembrance, a day dedicated to honoring the memory of those murdered because of anti-transgender prejudice. Transgender Day of Remembrance reminds us to fight against forces that devalue transgender lives every day. To bring awareness to this important day, we want to pause to share a few stories of transgender people who have found their voice on WordPress.com. We posed a question: “What does Transgender Day of Remembrance mean to you?” Below, we’ve shared a few responses from creators on our platform.

We welcome you to share your own response on your site. In the meantime, read slowly and soak in the hard-fought words of the brave voices who are willing to share their experiences. 

Dr. SA Smythe (They/Them) of essaysmythe.com:

Some of us have been counted, but most of us are counted out—unthought and unthinkable. And so we do it ourselves. We account for Tony McDade. We are accountable to Muhlaysia Booker. We recall Riah Milton. We recollect the fierce life of one of our greatest contemporary remembrancers, the trans griot Monica Roberts. We name the nonbinary people who continue to be treated as unnameable as we slip through the matrix of binary gender. The competing racialized pandemics of our time continues to be intensified for trans people, especially Black trans women, in this year as with any other. We live with that reality and demand non-trans people do the same because our resilience is nothing without their reckoning for the violence they allow to continue against us. Trans Day of Remembrance is not only about how trans people have been stolen from us too soon, but how we continue to survive and thrive and persist against all odds. Has there ever been anything as beautiful as that?Read more

Laura Kate Dale (She/Her) of laurakbuzz.com:

Going and spending some time in the company of other trans people was wonderful. I got to see trans people from a variety of backgrounds, some who had grown old and found love, and see proof that I could live a long and happy life as a trans woman. But the tone of the evening was contrasted by sitting with the knowledge of why we were all gathered, the knowledge of far too many lives cut far too short. I was surrounded by the trans people who had survived and thrived, as well as the memories of those who had not.Read more

Nicole Eldridge (She/Her) of transgendersupport.org:

My name is Nicole Eldridge. I’ve been transgender since third grade. As I started to transition, I would read stories online about transgender people dying. This is absolutely terrifying if you want to do what they did. I never gave up and transitioned. Transgender Day of Remembrance means to me that we remember the transgender people that have died and carry out their goal of an equal future for all transgender people. Every time I listen to a Transgender Day of Remembrance speech, it brings me back to Martin Luther King’s speech, “I Have a Dream.” What King said about everyone being equal and having equal opportunities is so true when I hear the transgender people’s names who have died. It breaks my heart to hear all of the transgender people that died for the year. In spite of the hatred toward transgender people, I rise above it all and help transgender people all over the world with my website transgendersupport.org. This is what Transgender Day of Remembrance means to me.

Tallulah Ker-Oldfield (She/Her) of transrites.wordpress.com

Trans people are nothing new. Gender and its expressions have been changing throughout cultures, and trans people have existed throughout history with notable examples in the many ancient pantheons, including deities. There’s nothing new to consider, no trans question – we’ve been here all along, and the only terrible things that happened because of it happened to us… ***And so I’m remembering trans lives lost this year, and trans lives filled with trauma, and everything that trans people have to do to simply… be. If you ever thought this year was scary, oppressive, isolating, challenging to get through and potentially fatal to be around people… you’ve been living a lot of the worst parts of the trans experience. Yet I’m remembering the powerful joy of my community, how our bonds through the pandemic have been strong, how well accustomed we immediately became to 2020, having lived our own version of it for most of our lives, creating found families, love, laughter, understanding and sometimes rainbows out of the unforgiving raw material of compromise.Read more

To read more writing by transgender people, explore these sites on WordPress.com:

letsqueerthingsup.comautistichoya.nettransprov.wordpress.comgendermom.wordpress.com

We pride ourselves on being a platform where anyone can share their perspective, and we’re honored to be able to create a space for the personal stories of transgender-identifying individuals. Take the time to read their words and remember that it’s not enough to honor transgender people just one day each year. What we do matters every day. Follow these sites and others you come upon and, as a result, show your support in the days to come. 
Quelle: RedHat Stack

Mirantis is at KubeCon. Join our live experts!

The post Mirantis is at KubeCon. Join our live experts! appeared first on Mirantis | Pure Play Open Cloud.
The CNCF’s KubeCon + CloudNativeCon North America 2020 is officially underway, and it’s an exciting time for developers and technologists to gather to discuss the latest in the Kubernetes and Cloud Native communities. Mirantis, a proud gold-level sponsor for this year’s event, would like to invite you to check out our virtual booth (located in Gold-Hall B), which showcases our latest innovations to help our customers ship code faster. 
To help you navigate everything we have to offer, our Kubernetes and Cloud Native experts will be standing by to chat with you about optimizing your company’s cloud infrastructure, or about one of the many other Kubernetes-related projects Mirantis is involved in including the latest Lens Kubernetes IDE update and the launch of a new, pure upstream Kubernetes distribution: k0s.

Come visit the virtual Mirantis booth at KubeCon in Gold-Hall B!
Mirantis Cloud Native Platform
At front and center is Mirantis Cloud Native Platform, which encompasses all our technological offerings that allow our customers to ship their code faster, on private and public clouds, or on bare metal, all at that highest level of security and certification that you have come to expect from a Mirantis offering. 
The individual components highlighted in more detail at our virtual booth include:

Mirantis Kubernetes Engine (formerly Docker Enterprise/UCP): Enterprise-ready K8s and Swarm orchestration, deployed and managed anywhere
Mirantis Secure Registry (formerly Docker Trusted Registry): Store, share, and manage container images in your own private registry, all with maximum security
Mirantis Container Runtime (formerly Docker Engine – Enterprise): The industry-leading enterprise container engine, based off the industry standard 
Mirantis Container Cloud (formerly Docker Enterprise Container Cloud): Centralized multi-cluster and multi-cloud deployment and management with increased visibility and enhanced control, all continuously updated with zero downtime

Lens 4.0
For all the do-it-yourself developers in attendance this year, the biggest release of Lens, the world’s most popular Kubernetes IDE, is coming soon! Lens 4.0, currently available as a Beta, runs on any OS, and can be downloaded directly to your desktop. Lens 4.0 features drastic improvements made in two specific areas: 

Extension API: Now you can add any K8s integrated component, toolkit, or service to optimize Lens through custom visualization and analysis.
Logs UI improvements: Efficiently debug problems and monitor activity in real time with the Logs UI, now featuring an improved user interface, faster rendering performance, access to logs from past containers, and so much more. 

Introducing k0s
Mirantis is excited to announce the launch of an all new Kubernetes distribution called k0s. Created by the same team that brought you Lens, this open source project runs anywhere, with no operating system dependencies other than the Linux Kernel, and 1 line installation. Suitable for use cases ranging from local development to large scale production deployments, k0s offers flexibility and compatibility for all users, as well as a host of other features, including:

Zero friction: Drastically reduces complexity when installing/running a conformant K8s distribution, essentially reducing developer friction to zero
Zero dependencies: Distributed as a single binary with no host OS requirements besides the kernel, all vulnerabilities and performance issues are fixed directly in the distribution
Zero overhead: Designed to be super lightweight and flexible, requiring minimal resources 
Zero cost: Open source software that is 100% free, and always will be
Zero downtime: Comes with automated lifecycle management so you can upgrade your clusters while your applications keep running

K0s was designed to be the only open source Kubernetes distribution that you will ever need, applicable to a variety of use cases ranging from typical cloud deployments to more specialized edge computing/IoT-type instances. We feel pretty confident that you’ll love k0s and how easy it makes Kubernetes. Get started now, or talk some more with one of our Kubernetes experts at our virtual booth. 
Connect with us at KubeCon
We would love to hear from you at our virtual booth, open now through the end of the conference (11/20). Here, you can schedule and attend a demo for one of the many Mirantis offerings, or simply talk with some of our experts to learn more about Lens, k0s, and any other Mirantis Cloud Native Platform offering that can help optimize your business. We also have an awesome video showcasing some of the updates coming to Lens with the release of version 4.0, as well as a demo on how to get started with Mirantis Container Cloud.
If any of these cutting-edge products or offerings caught your eye, please stop by our virtual booth. And if you are unable to attend KubeCon + CloudNativeCon, you can still visit our website and schedule a meeting with one of our experts. We look forward to hearing from you, and if you are in attendance this week, we will be in Gold-Hall B. 
The post Mirantis is at KubeCon. Join our live experts! appeared first on Mirantis | Pure Play Open Cloud.
Quelle: Mirantis

RDO Victoria Released

RDO Victoria ReleasedThe RDO community is pleased to announce the general availability of the RDO build for OpenStack Victoria for RPM-based distributions, CentOS Linux and Red Hat Enterprise Linux. RDO is suitable for building private, public, and hybrid clouds. Victoria is the 22nd release from the OpenStack project, which is the work of more than 1,000 contributors from around the world.The release is already available on the CentOS mirror network at http://mirror.centos.org/centos/8/cloud/x86_64/openstack-victoria/.The RDO community project curates, packages, builds, tests and maintains a complete OpenStack component set for RHEL and CentOS Linux and is a member of the CentOS Cloud Infrastructure SIG. The Cloud Infrastructure SIG focuses on delivering a great user experience for CentOS Linux users looking to build and maintain their own on-premise, public or hybrid clouds.All work on RDO and on the downstream release, Red Hat OpenStack Platform, is 100% open source, with all code changes going upstream first.PLEASE NOTE: RDO Victoria provides packages for CentOS8 and python 3 only. Please use the Train release, for CentOS7 and python 2.7.Interesting things in the Victoria release include:

With the Victoria release, source tarballs are validated using the upstream GPG signature. This certifies that the source is identical to what is released upstream and ensures the integrity of the packaged source code.
With the Victoria release, openvswitch/ovn are not shipped as part of RDO. Instead RDO relies on builds from the CentOS NFV SIG.
Some new packages have been added to RDO during the Victoria release:

ansible-collections-openstack: This package includes OpenStack modules and plugins which are supported by the OpenStack community to help with the management of OpenStack infrastructure.
ansible-tripleo-ipa-server: This package contains Ansible for configuring the FreeIPA server for TripleO.
python-ibmcclient: This package contains the python library to communicate with HUAWEI iBMC based systems.
puppet-powerflex: This package contains the puppet module needed to deploy PowerFlex with TripleO.
The following packages have been retired from the RDO OpenStack distribution in the Victoria release:

The Congress project, an open policy framework for the cloud, has been retired upstream and from the RDO project in the Victoria release.
neutron-fwaas, the Firewall as a Service driver for neutron, is no longer maintained and has been removed from RDO.

Other highlights of the broader upstream OpenStack project may be read via https://releases.openstack.org/victoria/highlights.ContributorsDuring the Victoria cycle, we saw the following new RDO contributors:Amy Marrich (spotz)Daniel Pawlik Douglas Mendizábal Lance Bragstad Martin Chacon PizaPaul Leimer Pooja Jadhav Qianbiao NG Rajini Karthik Sandeep Yadav Sergii Golovatiuk Steve Baker Welcome to all of you and Thank You So Much for participating!But we wouldn’t want to overlook anyone. A super massive Thank You to all 58 contributors who participated in producing this release. This list includes commits to rdo-packages, rdo-infra, and redhat-website repositories:Adam Kimball Ade Lee Alan PevecAlex Schultz Alfredo Moralejo Amol KahatAmy Marrich (spotz)Arx Cruz Bhagyashri Shewale Bogdan Dobrelya Cédric Jeanneret Chandan Kumar Damien Ciabrini Daniel Pawlik Dmitry Tantsur Douglas Mendizábal Emilien Macchi Eric Harney Francesco Pantano Gabriele Cerami Gael Chamoulaud Gorka Eguileor Grzegorz Grasza Harald Jensås Iury Gregory Melo FerreiraJakub Libosvar Javier Pena Joel Capitao Jon Schlueter Lance Bragstad Lon Hohberger Luigi Toscano Marios Andreou Martin Chacon PizaMathieu Bultel Matthias Runge Michele Baldessari Mike Turek Nicolas Hicher Paul Leimer Pooja Jadhav Qianbiao.NG Rabi Mishra Rafael Folco Rain LeanderRajini Karthik Riccardo Pittau Ronelle Landy Sagi Shnaidman Sandeep Yadav Sergii Golovatiuk Slawek Kaplonski Soniya Vyas Sorin Sbarnea Steve Baker Tobias Urdin Wes Hayutin Yatin Karel The Next Release CycleAt the end of one release, focus shifts immediately to the next release i.e Wallaby.Get StartedThere are three ways to get started with RDO.To spin up a proof of concept cloud, quickly, and on limited hardware, try an All-In-One Packstack installation. You can run RDO on a single node to get a feel for how it works.For a production deployment of RDO, use TripleO and you’ll be running a production cloud in short order.Finally, for those that don’t have any hardware or physical resources, there’s the OpenStack Global Passport Program. This is a collaborative effort between OpenStack public cloud providers to let you experience the freedom, performance and interoperability of open source infrastructure. You can quickly and easily gain access to OpenStack infrastructure via trial programs from participating OpenStack public cloud providers around the world.Get HelpThe RDO Project has our users@lists.rdoproject.org for RDO-specific users and operators. For more developer-oriented content we recommend joining the dev@lists.rdoproject.org mailing list. Remember to post a brief introduction about yourself and your RDO story. The mailing lists archives are all available at https://mail.rdoproject.org. You can also find extensive documentation on RDOproject.org.The #rdo channel on Freenode IRC is also an excellent place to find and give help.We also welcome comments and requests on the CentOS devel mailing list and the CentOS and TripleO IRC channels (#centos, #centos-devel, and #tripleo on irc.freenode.net), however we have a more focused audience within the RDO venues.Get InvolvedTo get involved in the OpenStack RPM packaging effort, check out the RDO contribute pages, peruse the CentOS Cloud SIG page, and inhale the RDO packaging documentation.Join us in #rdo and #tripleo on the Freenode IRC network and follow us on Twitter @RDOCommunity. You can also find us on Facebook and YouTube.
Quelle: RDO

How the Lens Extension API lets you add on to an already great Kubernetes IDE

The post How the Lens Extension API lets you add on to an already great Kubernetes IDE appeared first on Mirantis | Pure Play Open Cloud.
You may already know Lens as the Kubernetes IDE that makes it simple for developers to work with Kubernetes and Kubernetes objects, but what if you could customize it for the way you work and what information you see from your cluster?

Today we’re announcing Lens 4.0 and the Lens Extensions API, which lets you quickly code lightweight integrations that customize Lens for your own tools and workflows. The  REACT.js-based Extensions API enables extensions to work through the Lens user interface, leverage Lens’ ability to manage access and permissions, and automate around Helm and kubectl. 

The Extensions API makes it possible to add new tabs and screens to Lens, and to work with custom resources, so you can do things like integrate your own CI/CD workflows, databases, and even your own internal corporate applications, to speed your workflow.

But you don’t have to build your own extensions to benefit from the API, because partners in the Lens and Kubernetes ecosystems are already building their own integrations that enable you to use their products with Lens.  By extending Lens to show information beyond the core Kubernetes constructs we’re able to build more comprehensive situational awareness and help Kubernetes users get more value out of their clusters.

Many of the extensions announced today revolved around improving security.  For example, Aqua’s Starboard project brings security information natively into Kubernetes in the form of custom resources. By extending Lens to display these resources, the integration makes security information easily accessible and actionable for Kubernetes users. 

“Aqua’s open source project Starboard makes security reports from a variety of tools and vendors available as Kubernetes-native resources,” said Liz Rice, VP Open Source Engineering, Aqua Security. “The new Lens API allows us to make such security information accessible to developers within their IDE, giving them immediate and actionable information about potential security risks in their K8s deployment, in an approach that’s true to DevSecOps principles.”

Carbonetes evaluates your code for risks (vulnerabilities, SCA, licenses, bill of materials, malware, and secrets), compares those results against company policy, and recommends the most efficient fix. Carbonetes integrates seamlessly into your CI/CD pipeline with plug-ins, enabling full automation.

“Carbonetes is excited to provide enhanced security insights in conjunction with Lens’ amazing cluster monitoring platform,” said Mike Hogan, CEO of Carbonetes, “In addition to addressing compliance and security risks in runtime clusters, Carbonetes streamlines the process of building new and more secure containers, protecting your cluster against stale images, outdated open source tools, policy drift, and more.”

Thanks to the Extensions API, Lens will even help you with projects that rely on specialized hardware.  Entrust hardware security modules are hardened devices designed to safeguard and manage cryptographic keys. Validated to FIPS 140-2 level 3 and Common Criteria EAL4+ and offered as on-premises appliance, or as a service, nShield delivers enhanced key generation, signing, and encryption to protect sensitive containerized data and transactions.

“Having recently completed the integration and certification of our FIPS-validated nShield hardware security modules (HSMs) with the [Mirantis Kubernetes Engine (formerly Docker Enterprise)] container platform from Mirantis, Entrust looks forward to continuing the development of our high assurance security solutions to provide developers not only quick and easy access to cryptographic capabilities, but also greater visibility over their Kubernetes cluster deployments,” said Tony Crossman, Director of Business Development at Entrust. “Entrust nShield is the first certified HSM in the market to deliver enhanced security to the Docker Enterprise container platform. The new certified integration provides a root of trust, enabling developers to add robust cryptographic services offered by Entrust nShield HSMs to containerized applications.”

That’s not to say that the Lens Extension API is only for security issues.  For example, Kong Enterprise is a service connectivity platform that provides technology teams at multi-cloud and hybrid organizations the “architectural freedom” to build APIs and services anywhere. 

Kong’s service connectivity platform provides a flexible, technology-agnostic platform that supports any cloud, platform, protocol and architecture. Kong Enterprise supports the full lifecycle of service management, enabling users to easily design, test, secure, deploy, monitor, monetize and version their APIs.

A Kong Lens extension would enable admins to better control and manage all Kubenetes objects under Kong’s domain. For example, the plugin will provide a visual representation of all dependencies a given Kubernetes Ingress has in terms of Kong policies.

The Extensions API lets you focus on the user experience.  For example, integrated KubeLinter static analysis for YAML files and Helm charts, combined with StackRox Kubernetes-native security info, policies, and recommendations, provides Lens users powerful security tools that always stay in context across their clusters.

“Introducing an Extensions API to Lens is a game-changer for Kubernetes operators and developers, because it will foster an ecosystem of cloud-native tools that can be used in context with the full power of Kubernetes controls at the users’ fingertips,” said Viswajith Venugopal, StackRox software engineer and lead developer of KubeLinter. “At StackRox, we initiated the open source project KubeLinter to help incorporate production-ready policies into developer workflows when working with Kubernetes YAMLs and Helm charts, and we look forward to integrating KubeLinter with Lens for a more seamless user experience.”

StackRox delivers the industry’s first Kubernetes-native security platform that enables organizations to secure their cloud-native apps from build to deploy to runtime.

The StackRox Kubernetes Security Platform leverages Kubernetes as a common framework for security controls across DevOps and Security teams. KubeLinter, a new open source static analysis tool recently launched by StackRox, helps Kubernetes users identify misconfigurations in their deployments.

The Extensions API is also helping Ambassador Labs to improve your ability to use Lens for one of it’s greatest strengths: troubleshooting.  “We are thrilled to partner with Mirantis on a Telepresence plugin for Lens. With Lens and Telepresence, users will be able to quickly code, debug, and troubleshoot cloud-native applications on Kubernetes faster than ever before,”  Ambassador CEO Richard Li said.

Ambassador Labs makes the popular open source projects Kubernetes Ambassador Edge Stack and Telepresence. The plug-in integrates Telepresence with Lens, making it possible for Kubernetes developers to quickly and easily test changes to their Kubernetes services locally while bridging to a remote Kubernetes cluster.

Extensions are even enabling Lens to branch out into machine learning-enabled optimization.  

“Carbon Relay is thrilled to be the Kubernetes Optimization partner of choice for Lens. The Lens IDE enables users to easily manage, develop, debug, monitor, and troubleshoot their apps across a fleet of Kubernetes clusters on any infrastructure. We extend upon the Lens IDE by delivering machine learning-powered optimization, affording users performance reliability and cost-efficiencies without sacrificing scale.” Joe Wykes, Chief Sales Officer for Carbon Relay said.

Carbon Relay combines cloud-native performance testing with machine learning-powered optimization, and the Carbon Relay platform helps DevOps teams build optimization into their CI/CD workflow to proactively ensure performance, reliability, and cost-efficiency.

As you can see, Lens is branching out, and fast!  If you haven’t tried it yet, you can get it here. If you are already a Lens user, you are probably thinking about how you can use the Extensions API to your advantage (aside from bugging your favorite vendors to build their own plugins).  If so, watch this space for instructions on building your own Lens plugin! The post How the Lens Extension API lets you add on to an already great Kubernetes IDE appeared first on Mirantis | Pure Play Open Cloud.
Quelle: Mirantis

Mirantis Lens Adds Extension API, Offering Seamless Integration with any Kubernetes Integrated Component, Toolkit, or Service

The post Mirantis Lens Adds Extension API, Offering Seamless Integration with any Kubernetes Integrated Component, Toolkit, or Service appeared first on Mirantis | Pure Play Open Cloud.
Mirantis Lens Adds Extension API, Offering Seamless Integration with any Kubernetes Integrated Component, Toolkit, or Service

World’s most popular Kubernetes IDE provides a simplified, consistent entry point for developers, testers, integrators, and DevOps, to ship code faster at scale

Campbell, CA, November 12, 2020 — Mirantis, the open cloud company behind the popular Lens Kubernetes IDE project, today announced a new Extensions API, enabling rapid development of extensions for seamless integration with any Kubernetes integrated component, toolkit, or service. In conjunction with the announcement, Mirantis and makers of many popular CNCF projects announced Lens extensions.

The Extensions API and first batch of Extensions are expected to be generally available around KubeCon Virtual North America 2020, but are already available for partners.

The world’s most popular Kubernetes integrated development environment (IDE) with more than one million downloads, Lens provides developers with a cloud native IDE that contains all the popular development tools. The Extension API and Extensions made in collaboration with many popular CNCF projects, opens up the world to Kubernetes developers greatly simplifying creating, shipping, and running cloud-native applications.

Download Lens from the project website https://k8slens.dev. 

Using Lens Extensions, users can add custom visualizations and functionality to support their preferred cloud native technologies and to accelerate their development workflows. The extensions API will provide a wide array of options for extension authors to plug directly into the Lens IDE. Extensions can also be used in conjunction with services deployed from the Helm chart repository for a fully integrated experience.

“Extensions API will unlock collaboration with technology vendors and transform Lens into a fully featured cloud native development IDE that we can extend and enhance without limits,” said Miska Kaipiainen, co-founder of Lens OSS project and senior director of Engineering at Mirantis. “If you are a vendor, Lens will provide the best channel to reach tens of thousands of active Kubernetes developers and gain distribution to your technology in a way that did not exist before. At the same time, the users of Lens enjoy quality features, technologies and integrations easier than ever.” 

Several partners in the Lens ecosystem today announced support for Lens extensions: Kubernetes security vendors Aqua and Carbonetes, API gateway maker Ambassador Labs (formerly Datawire), and AIOps pioneer Carbon Relay. Other partners are actively building extensions including nCipher (hardware-based key management), API gateway maker Kong, and container security solution provider StackRox. Hear more from partners here.

“Introducing an extensions API to Lens is a game-changer for Kubernetes operators and developers, because it will foster an ecosystem of cloud-native tools that can be used in context with the full power of Kubernetes controls, at the user’s fingertips,” said Viswajith Venugopal, StackRox software engineer and developer of KubeLinter. “We look forward to integrating KubeLinter with Lens for a more seamless user experience.”

“Kubernetes is an amazingly powerful technology, but it’s complex,” said Daniel Terry, lead designer, SEB Bank, Sweden. “This can be challenging for developers whose priorities are to ship code as fast as possible, not manage infrastructure. At SEB, we believe that Lens will help our developers overcome this challenge, simplifying Kubernetes and driving results for both novices and experts. We’re excited that the extensions in Lens 4.0 will enable other Kubernetes related services to integrate smoothly across the full Lens user experience, making the Kubernetes journey for our developers much easier.” 

Key Features at a Glance

Easiest Way to Run Kubernetes. Learn by Doing: Lens installs anywhere, eliminates the need to wrangle credentials, and provides an intuitive, clean user interface that hides kubectl complexity and coordinates access to code editors, version control, the Docker CLI, and other desktop and remote tools. Thanks to the intuitive interface, novices can quickly and safely learn and get up to speed working with the Kubernetes architecture without being overwhelmed by complexity. Power users have productivity but with full granular control, when they need it.
Unified, Secure, Multi-cluster Management On Any Platform: Lens provides agentless read and write management for any number of Kubernetes clusters from an intuitive desktop application. Clusters can be local (e.g. minikube) or external (e.g. Mirantis Kubernetes Engine, EKS, AKS, GKE, Pharos, UCP, Rancher, Tanzu or OpenShift) and are added simply by importing the kubeconfig with cluster details. RBAC security is preserved, as Lens uses the standard kubectl API.
Observability and Remediation: Lens provides the insight and ability to go from observation to actionable in the fastest way possible. Users see all relevant graphs and resource utilization charts integrated into the dashboard via Prometheus. When there is an alert the user clicks on it to get detailed status, consumption, and configuration on the pod in question. The user can then immediately access the logs to search for error messages and if needed one-click to get a terminal session to take any actions.
Helm Chart Service Deployment: Users can quickly search or browse Helm charts for kubernetes-deployable services. Once chosen a one-click install button deploys the Helm chart to the currently selected Kubernetes cluster. Services can be upgraded with a single click when new versions are available. 

Join the Lens Family on Slack: k8slens.slack.com.
The post Mirantis Lens Adds Extension API, Offering Seamless Integration with any Kubernetes Integrated Component, Toolkit, or Service appeared first on Mirantis | Pure Play Open Cloud.
Quelle: Mirantis

Congratulations to the K0s team on their new Kubernetes distribution!

The post Congratulations to the K0s team on their new Kubernetes distribution! appeared first on Mirantis | Pure Play Open Cloud.
We’ve got a lot going on here at Mirantis, and one thing that’s flown under the radar is the K0s project, a real game-changer of a small, fast, robust, easy-to-use Kubernetes distribution.

As Adam Parco said on his blog (and believe me, he’s excited about this!):  “It is created by the team behind Lens, the Kubernetes IDE project. This new open source project is the spiritual successor to the Pharos Kubernetes distro that was also developed and maintained by the team. I like to say that k0s does for Kubernetes what Docker did for containers.”

We’ll be talking more about K0s in the days to come, but in the meantime we wanted to extend our heartiest congratulations to the team that has worked so hard on it!The post Congratulations to the K0s team on their new Kubernetes distribution! appeared first on Mirantis | Pure Play Open Cloud.
Quelle: Mirantis

Learn from the experts: Create a successful blog with our brand new course

WordPress.com is excited to announce our newest offering: a course just for beginning bloggers where you’ll learn everything you need to know about blogging from the most trusted experts in the industry. We have helped millions of blogs get up and running, we know what works, and we want you to to know everything we know. This course provides all the fundamental skills and inspiration you need to get your blog started, an interactive community forum, and content updated annually. 

How it works: Upon registering, you will receive access to review the lessons at your own pace. Our curriculum includes:

Foundations of bloggingGetting started with block basicsBuilding your blogUnderstanding audiences Designing your blogWriting for the internetBranding and growing your blogEarning money with your blog 

You’ll also be able to connect with WordPress.com experts and other aspiring bloggers, who will create content alongside you. Beyond the modules, this course provides: 

Monthly office hours with WordPress experts to answer your questions A certificate of completionAccess to a private blogging community onlineVirtual meetups scheduled quarterly

Cost: A $49 annual subscription gives you access to all of these on-demand blogging resources, community events, and course updates. That way, you won’t have to waste time looking for answers all over the web—you’ll be able to get started right away.

Join by Thursday, December 10th and enjoy 50% off with code WPCOURSES50.

We are looking forward to reading your new blogs soon!

Register now

Quelle: RedHat Stack

The Spearhead Theme: A Minimal Design and Clean Slate for All Content Creators

When AngelList and Venture Hacks co-founder Babak Nivi came to us and wanted to donate a theme, our team was excited to work on the design to make it available to everyone on WordPress.com for free. Designed by Cece Yu and originally developed for the Spearhead podcast, the new Spearhead theme is fully block-powered and the first among our themes to support dark mode.

Spearhead works seamlessly with the block editor, supporting a wide range of blocks — Audio, Video, Image, TikTok, Loom, and many more — so you can customize posts and pages as you like and showcase various types of content, from podcast episodes to video tutorials and more. And while Spearhead shines as a theme for media, its sparse design also displays long-form writing and text and images beautifully.

Spearhead comes with some block patterns, or collections of predefined blocks, to give you a boost as you start building your site. There are a couple of patterns you can use to show a list of places where people can listen to your podcast, as well as a custom archive page.

Being the first theme on WordPress.com to support dark mode, Spearhead’s default color scheme has a white background, but if your operating system shifts into dark mode, the theme will change and display a dark background with light text.

Our team especially loves the theme’s clean design, which lets the content you create shine through. Your listeners and readers can sit back with their cup of coffee — headphones on — and enjoy your latest episode and read along with the transcript!

Explore the Spearhead demo site to see the design in action, and then visit the Spearhead page to activate the theme.

Activate the Spearhead theme

Quelle: RedHat Stack