Introducing the v0.1.0 alpha version of Cloud Foundry for Kubernetes
Installation
Follow the instructions in the
How to Deploy document.
Background
The Release Integration team has been developing a Cloud Foundry deployment artifact to install the Cloud Foundry Foundation on a Kubernetes cluster. The deployment
artifact contains the new Kubernetes-native CF components, which are built on top of popular Kubernetes projects like kpack, fluentd, and Istio.
The deployment artifact has been available to the community for some time with limited capabilities. The primary goal was to enable CF contributing projects
to rapidly iterate on their components.
With the recent integration of buildpacks support, we are excited to release the first version, 0.1, of this product "Cloud Foundry for Kubernetes" (aka "cf-for-k8s").
We will continue to create 0.X releases as new capabilities are added and we improve stability of cf-for-k8s. We plan to establish a release cadence.
Highlights
App staging with kpack
With the 0.1 release,
users can now push an app with source code. In the Cloud Foundry for Bosh, the Cloud Controller issues a staging request to Diego, which detects and builds a droplet with the right Cloud Foundry build packs. Once the droplet is built, it then schedules
the app on one or more Diego cells.
In cf-for-k8s,
CAPI issues the request to
kpack, which uses cloud-native buildpacks to detect the app language and then build the app image. Once
the app image is available, the image is pushed to the app registry and a request is sent to Eirini to schedule the app workloads, which are scheduled as one or more K8s pod deployments. Once the app workloads are available, users can curl the app.
Encrypted communication
The v0.1 release comes with Istio, which enforces encrypted communication between components, app workloads, and ingress gateway. In the Cloud Foundry for Bosh,
each component owned the responsibility of managing and enforcing encrypted communication. All of this responsibility is now delegated to Istio.
Istio uses sidecar, which is deployed to every pod, to encrypt communication between all CF components, app workloads and shared resources like the database.
In addition, Istio will rotate certificates automatically without requiring any intervention from the component teams or platform engineers.
Manage cf-for-k8s lifecycle with kapp
In the Cloud Foundry for Bosh, Platform engineers and Contributing teams relied on
bosh deploy command to install, upgrade or remove Cloud Foundry foundation on VMs.
Kapp provides a similar experience where users can install, upgrade
or remove Cloud Foundry on Kubernetes. Unlike kubectl apply
command that exits before resources are created in the cluster, kapp waits until all resources are created and continuously provides status updates on the resource availability. In addition, kapp
can delete all cf-for-k8s resources in one swoop.
Furthermore, kapp provides resource differences when upgrading to new versions of cf-for-k8s. Platform engineers can audit the differences (new resources, updates
to existing resources) between their current foundation and the new version (e.g. new version of cf-for-k8s may bump cluster resource needs).
Templating with ytt
ytt (pronounced spelled out) is a templating tool that understands YAML structure. Product delivery
teams can use it to create reusable YAML templates that operators can use for product configuration.
Reusable configuration and built in full featured programming language help ease the burden of configuring complex software. The built in YAML structure helps
reduce the mental overhead of YAML construction. You can reuse the same templates in different environments by injecting environment-specific values (via cf-install-values.yml) at deploy time. For example, configuring app registry, your domain certificates
and so on.
Furthermore, with the custom validations, and fast and deterministic execution, you can take advantage of faster feedback loops when creating, testing, and
deploying templates.
ytt ‘s “overlay” functionality helps users manage the customization of complex software configuration by providing advanced configuration. Using an overlay,
you can replace parts or whole of cf-for-k8s templates. For e.g. see `remove-resource-requirements.yml`, which reduces needs for matching resources, so cf-for-k8s can be installed on smaller environments.
Documentation
The main
documentation page for cf-for-k8s contains a variety of resources to
help get you started. You can find instructions on deploying CF, guidelines for contributors, and other helpful resources. We eagerly accept PRs if you have corrections, suggestions, etc.
Configuration options
Platform operators define their configuration using a cf-for-k8s “values” file. See the
sample-cf-install-values.yml file as suggested by the
deploy documentation.
-
-
cf-for-k8s has been shown
-
to run on multiple distributions of Kubernetes, including GKE, PKS, AKS, EKS, Minikube and Kind.
-
-
-
Both Docker Hub and Google’s
-
Container Registry can be used as the App Registry.
-
If there are any missing configuration options, we recommend you create a feature request issue in the cf-for-k8s repository. We would like to know more about
your usecases.
Compatibility
Kubernetes
Known Issues
For a list of known issues with this release, please visit the
issues page in the repository. A few notable issues are listed below,
-
-
cf
-
push does not stream app staging logs.
-
-
-
Upgrading
-
cf-for-k8s is not yet supported
-
-
-
Custom
-
buildpacks and cf cli buildpacks related commands are not supported.
-
Feedback
We love feedback. Please file a GitHub issue for bugs, feature requests, or suggestions. Or reach out to us on Cloud Foundry Slack in
#cf-for-k8s.
Coming Next
You can see our upcoming prioritized work in our
CF Release Integration tracker project.
Resources
tools from k14s -
ytt,
kapp,
kbld
--
