|
Share Bear posted:what the hell are they doing, don't they know they can break out configurations into smaller files for specific aspects of services if they're complex? They’re creating all namespaces and related resources for a k8s cluster. It works, but due to terraform being the way it is even a simple diff will be multiple pages.
|
#
?
Jul 15, 2021 23:38
|
|
|
|
| # ? May 3, 2024 05:31 |
|
|
echinopsis posted:Its time to be honest with you all "What if you had 1000 little computers but could control them all as if they were one really big computer. Also you could install programs on the big computer by basically just unzipping them and the program could behave as if it had the entire computer to itself. Also if some of the little computers break then the big computer keeps working while you swap the broken little computers out" Kubernetes is a set of programs you install on the little computers to let you do all that. At least in theory.
|
|
#
?
Jul 15, 2021 23:46
|
|
|
echinopsis posted:Its time to be honest with you all blessed
|
|
#
?
Jul 16, 2021 00:33
|
|
|
echinopsis posted:Its time to be honest with you all my version is that it's a datacenter operating system. all the traditional single-machine OS scheduling/hardware interaction/etc. stuff that you wouldn't want to deal with as an application developer and instead have the kernel do on your behalf, that's what kubernetes is supposed to handle for you, just for lots of networked machines. i have tried to give this explanation to our salespeople and im pretty sure it doesn't really work because lol salespeople don't understand what an operating system is either.
|
|
#
?
Jul 16, 2021 00:45
|
|
|
CMYK BLYAT! posted:there's some very telling bit in a Helm commentary "why this feature is the way it is" post to the effect of "when we started this project, the idea was that you'd maintain your own chart for filling out the specifics of your environments, prod, test, etc. the author and user were expected to be the same person. in practice, we have wound up with chef recipes, where the users are using charts as a shortcut to not understanding how the app they want is deployed" i spent considerable time at my last job trying to explain the probability of helm charts becoming leaky abstractions as people start out trying to hide the underlying manifests only to gradually re-expose every setting. people didn’t particularly care for this argument but i felt pretty vindicated by the time every core chart had been augmented to let users override pod specs entirely. epitaph fucked around with this message at 00:58 on Jul 16, 2021 |
|
#
?
Jul 16, 2021 00:54
|
|
|
Kiss me… K8s
|
|
#
?
Jul 17, 2021 19:43
|
|
|
Sapozhnik posted:"What if you had 1000 little computers but could control them all as if they were one really big computer. Also you could install programs on the big computer by basically just unzipping them and the program could behave as if it had the entire computer to itself. Also if some of the little computers break then the big computer keeps working while you swap the broken little computers out" sounds neat
|
|
#
?
Jul 18, 2021 10:07
|
|
|
CMYK BLYAT! posted:my version is that it's a datacenter operating system. all the traditional single-machine OS scheduling/hardware interaction/etc. stuff that you wouldn't want to deal with as an application developer and instead have the kernel do on your behalf, that's what kubernetes is supposed to handle for you, just for lots of networked machines. the operating system is what shows the start menu so i can play minesweeper
|
|
#
?
Jul 19, 2021 23:33
|
|
|
does anyone have any experience or pro tips for doing more low-level container operations, eg with runc we have environments we can't put docker on, but it seems like we could build images with docker and then run them with rootless runc which would be pretty sweet
|
|
#
?
Jul 20, 2021 13:09
|
|
|
maybe go one level up with containerd apis to start with: https://containerd.io/docs/getting-started/
|
|
#
?
Jul 20, 2021 13:49
|
|
|
has anyone said mark yaml yet?
|
|
#
?
Jul 20, 2021 13:51
|
|
|
Progressive JPEG posted:maybe go one level up with containerd apis to start with: https://containerd.io/docs/getting-started/ unfortunately containerd and podman are not options for me I think
|
|
#
?
Jul 20, 2021 14:54
|
|
|
Kazinsal posted:my favourite hosed up custom config file format is digital anvil's variant of INI for populating databases of object properties where [section]s are actually a class type digital anvil sounds like some wile e coyote poo poo
|
|
#
?
Jul 20, 2021 17:10
|
|
|
Fart Sandwiches posted:has anyone said mark yaml yet? no but lol
|
|
#
?
Jul 20, 2021 17:17
|
|
|
help me auth my containers against AD without loading sidecar my family is dying
|
|
#
?
Jul 21, 2021 10:00
|
|
|
fake your death and move to belize
|
|
#
?
Jul 21, 2021 19:00
|
|
|
I've got a friend who works for EA on Madden, and he showed me their build tools for the K8 cluster and it's literally a bunch of YAML files that themselves don't do anything, but instead call a bunch of random bash scripts that do the actual build. It's mindblowingly stupid but they're printing money off Ultimate Team addicts and have zero incentive to change anything. They don't even have a dev environment for their stuff it's all tested in production, the more he tells me about their development process the more I want to work for EA.
|
|
#
?
Jul 21, 2021 19:22
|
|
|
i refuse to work anywhere thats going to make me work more than 40 hours a week more than a few times a year.
|
|
#
?
Jul 21, 2021 20:04
|
|
|
CRIP EATIN BREAD posted:i refuse to work
|
|
#
?
Jul 21, 2021 20:37
|
|
|
old man yamls at cloud
|
|
#
?
Jul 22, 2021 20:50
|
|
|
i followed a kubernetes tutorial and it didn't make me touch any yaml op
|
|
#
?
Jul 23, 2021 15:55
|
|
|
kubernetes has that special stuck-in-tar sensation you get while waiting for a 30 page google doc with lots of images to open, but on every single CLI invocation somehow
|
|
#
?
Jul 23, 2021 17:28
|
|
|
I don't really see the benefits of using kubernetes over say aws + terraform so far, it seems pretty similar for run of the mill business stuff. I guess if you wanted to run it on your own hardware it would let you do that, but my impression is that most people do it in the cloud anyway
|
|
#
?
Jul 23, 2021 21:09
|
|
|
pointsofdata posted:I don't really see the benefits of using kubernetes over say aws + terraform so far, it seems pretty similar for run of the mill business stuff. have you met financial services companies?
|
|
#
?
Jul 23, 2021 22:23
|
|
|
pointsofdata posted:I don't really see the benefits of using kubernetes over say aws + terraform so far, it seems pretty similar for run of the mill business stuff. but kubernetes is platform-agnostic so instead of writing a bunch of vendor-specific provisioning and deployment scripts, you have nice clean helm charts that deploy to whichever public cloud you’re using! lmao
|
|
#
?
Jul 24, 2021 00:40
|
|
|
pointsofdata posted:I don't really see the benefits of using kubernetes over say aws + terraform so far, it seems pretty similar for run of the mill business stuff. i have to use all three together
|
|
#
?
Jul 24, 2021 03:18
|
|
|
refleks posted:have you met financial services companies? for them there's azure on-prem! pointsofdata posted:I don't really see the benefits of using kubernetes over say aws + terraform so far, it seems pretty similar for run of the mill business stuff choice my friend, choice! a vibrant and diverse ecosystem of cloud computing management software is key to ongoing improvement through competition for example, you can choose between an RBAC system that is practically useless in kubernetes and an RBAC system that is incomprehensible in AWS
|
|
#
?
Jul 24, 2021 03:37
|
|
|
fields of the yamlhim
|
|
#
?
Aug 8, 2021 04:47
|
|
|
why the gently caress are containers even a thing just use jails smdh
|
|
#
?
Aug 8, 2021 04:48
|
|
|
container systems should define an API and ABI where they provide a shared library like libPOSIX.1.2017.so that defines the “container OS” and then everything contained should only be allowed to interact with the world via that and facilities provided by it then we could truly let a thousand flowers bloom
|
|
#
?
Aug 8, 2021 04:52
|
|
|
Shaggar posted:you store configuration in xml documents. yaml is not suitable for anything beyond aggravating its users no you store your configuration in a database, you just encapsulate it in XML for transport to a service and encapsulate a definition of the configuration information service instances need in XML alongside the instance of course but the actual currently-running configs should be stored in a database
|
|
#
?
Aug 8, 2021 04:56
|
|
|
I store my config in git
|
|
#
?
Aug 8, 2021 06:48
|
|
|
eschaton posted:container systems should define an API and ABI where they provide a shared library like libPOSIX.1.2017.so that defines the “container OS” and then everything contained should only be allowed to interact with the world via that and facilities provided by it there are a couple runtimes like gvisor that implement syscalls in userspace that's pretty much this but much easier to adopt and implement
|
|
#
?
Aug 8, 2021 06:58
|
|
|
eschaton posted:container systems should define an API and ABI where they provide a shared library like libPOSIX.1.2017.so that defines the “container OS” and then everything contained should only be allowed to interact with the world via that and facilities provided by it how does this help me distribute my lovely Java applications without caring about whatever cursed OS the host is running?
|
|
#
?
Aug 8, 2021 09:03
|
|
|
eschaton posted:why the gently caress are containers even a thing just use jails smdh yeah just let me find the three engineers with extensive prod experience managing fleets of app instances using BSD jails. i assume they're all more beard than flesh and bone at this point in unrelated news, the k8s blogs have some choice nuggets: > The way PSPs are applied to Pods has proven confusing to nearly everyone that has attempted to use them. wait you mean users didn't get a resource that applies to pods via a binding to the pod's associated serviceaccount and only does anything when you enable the special resource admission controller? i know there has to be some sort of "well, these are the tools we have currently built for these APIs in the kubelet security poo poo, so this is what we're using, gently caress if the ux makes no sense" reason behind why PSPs work this way, but still, lol I JUST WANTED TO FORCE READ ONLY CONTAINER FILESYSTEMS GODDAMNIT KUBERNETES
|
|
#
?
Aug 10, 2021 02:39
|
|
|
owned
|
|
#
?
Aug 10, 2021 15:01
|
|
|
i do enjoy the complete abandonment of even trying to learn about usability in security circles, followed by the surprised pikachu face when people just stop implementing the provided security measures because they're user hostile garbage
|
|
#
?
Aug 10, 2021 19:26
|
|
|
CMYK BLYAT! posted:yeah just let me find the three engineers with extensive prod experience managing fleets of app instances using BSD jails. i assume they're all more beard than flesh and bone at this point just copy what one of the better engineers does
|
|
#
?
Aug 14, 2021 04:46
|
|
|
Bored Online posted:just copy what one of the better engineers does there are no better engineers. we are but a morass of bad engineers; occasionally an okay enough idea bubble percolates up to the top of the swamp muck and pops, scattering scant detritus of goodness across our technology plain
|
|
#
?
Aug 28, 2021 06:07
|
|
|
|
| # ? May 3, 2024 05:31 |
|
|
i thought kubernetes was yaml but cloudformation is even more yaml yaml someone read through the yaml spec and found the tags and thought "yes, this is a good feature"
|
|
#
?
Sep 10, 2021 23:09
|
|