[CAUTION] Re: [cf-dev] Announcing Cloudfoundry for Kubernetes 0.1.0 release
s/Pivotal/VMWare/ - sorry, still adapting…
From: <cf-dev@...> on behalf of Bernd Krannich <bernd.krannich@...>
Congrats to Sai and the Pivotal team!
From: <cf-dev@...> on behalf of Saikiran Yerram <syerram@...>
Introducing the v0.1.0 alpha version of Cloud Foundry for Kubernetes
Follow the instructions in the How to Deploy document.
The Release Integration team has been developing a Cloud Foundry deployment artifact to install the Cloud Foundry Foundation on a Kubernetes cluster. The deployment artifact contains the new Kubernetes-native CF components, which are built on top of popular Kubernetes projects like kpack, fluentd, and Istio.
The deployment artifact has been available to the community for some time with limited capabilities. The primary goal was to enable CF contributing projects to rapidly iterate on their components.
With the recent integration of buildpacks support, we are excited to release the first version, 0.1, of this product "Cloud Foundry for Kubernetes" (aka "cf-for-k8s"). We will continue to create 0.X releases as new capabilities are added and we improve stability of cf-for-k8s. We plan to establish a release cadence.
App staging with kpack
With the 0.1 release, users can now push an app with source code. In the Cloud Foundry for Bosh, the Cloud Controller issues a staging request to Diego, which detects and builds a droplet with the right Cloud Foundry build packs. Once the droplet is built, it then schedules the app on one or more Diego cells.
In cf-for-k8s, CAPI issues the request to kpack, which uses cloud-native buildpacks to detect the app language and then build the app image. Once the app image is available, the image is pushed to the app registry and a request is sent to Eirini to schedule the app workloads, which are scheduled as one or more K8s pod deployments. Once the app workloads are available, users can curl the app.
The v0.1 release comes with Istio, which enforces encrypted communication between components, app workloads, and ingress gateway. In the Cloud Foundry for Bosh, each component owned the responsibility of managing and enforcing encrypted communication. All of this responsibility is now delegated to Istio.
Istio uses sidecar, which is deployed to every pod, to encrypt communication between all CF components, app workloads and shared resources like the database. In addition, Istio will rotate certificates automatically without requiring any intervention from the component teams or platform engineers.
Manage cf-for-k8s lifecycle with kapp
In the Cloud Foundry for Bosh, Platform engineers and Contributing teams relied on bosh deploy command to install, upgrade or remove Cloud Foundry foundation on VMs.
Kapp provides a similar experience where users can install, upgrade or remove Cloud Foundry on Kubernetes. Unlike kubectl apply command that exits before resources are created in the cluster, kapp waits until all resources are created and continuously provides status updates on the resource availability. In addition, kapp can delete all cf-for-k8s resources in one swoop.
Furthermore, kapp provides resource differences when upgrading to new versions of cf-for-k8s. Platform engineers can audit the differences (new resources, updates to existing resources) between their current foundation and the new version (e.g. new version of cf-for-k8s may bump cluster resource needs).
Templating with ytt
ytt (pronounced spelled out) is a templating tool that understands YAML structure. Product delivery teams can use it to create reusable YAML templates that operators can use for product configuration.
Reusable configuration and built in full featured programming language help ease the burden of configuring complex software. The built in YAML structure helps reduce the mental overhead of YAML construction. You can reuse the same templates in different environments by injecting environment-specific values (via cf-install-values.yml) at deploy time. For example, configuring app registry, your domain certificates and so on.
Furthermore, with the custom validations, and fast and deterministic execution, you can take advantage of faster feedback loops when creating, testing, and deploying templates.
ytt ‘s “overlay” functionality helps users manage the customization of complex software configuration by providing advanced configuration. Using an overlay, you can replace parts or whole of cf-for-k8s templates. For e.g. see `remove-resource-requirements.yml`, which reduces needs for matching resources, so cf-for-k8s can be installed on smaller environments.
The main documentation page for cf-for-k8s contains a variety of resources to help get you started. You can find instructions on deploying CF, guidelines for contributors, and other helpful resources. We eagerly accept PRs if you have corrections, suggestions, etc.
Platform operators define their configuration using a cf-for-k8s “values” file. See the sample-cf-install-values.yml file as suggested by the deploy documentation.
If there are any missing configuration options, we recommend you create a feature request issue in the cf-for-k8s repository. We would like to know more about your usecases.
For a list of known issues with this release, please visit the issues page in the repository. A few notable issues are listed below,
We love feedback. Please file a GitHub issue for bugs, feature requests, or suggestions. Or reach out to us on Cloud Foundry Slack in #cf-for-k8s.
You can see our upcoming prioritized work in our CF Release Integration tracker project.