couchbase server with coreos and kubernetes: couchbase connect 2015
TRANSCRIPT
Couchbase Server withCoreOS & Kubernetes
Brian "redbeard" HarringtonPrincipal Architect, CoreOS
Traun LeydenSr. Software Engineer, Couchbase
TraunLeydenSr. Software [email protected]/tleydentwitter.com/tleyden
Brian “Redbeard”Harrington
Principal [email protected]/brianredbeardtwitter.com/brianredbeardbrianredbeard.com
COUCHBASE
SERVER
K8S
K8SKUBERNETES
PEANUT BUTTER & JELLY (CC) SHAWN CARPENTER
090301.020.PORTKLANG (CC) BY JGMORAD
090301.020.PORTKLANG (CC) BY JGMORAD
APPLICATIONCONTAINERS
CONT 100
CONT 100
CONTAINERSARE NOTLIGHTWEIGHT VMS
CONTAINERS SERVEA DIFFERENTPURPOSE
LINUX KERNELNAMESPACES
USERLAND
USERLAND
LINUX KERNEL
Red Hat
LINUX KERNEL
Debian
LINUX KERNEL
CoreOS
LINUX KERNEL
USERLAND
LINUX KERNEL
lo = 127.0.0.1eth0 = 10.10.10.1uid = 1000ports =
::25::53::80::143
LINUX KERNEL
lo = 127.0.0.1eth0 = 10.10.10.1uid = 1000ports =
::25::53::80::143
LINUX KERNEL
lo = 127.0.0.1eth0 = 10.10.10.1uid = 1000ports =
::25::53::80::143
lo = 127.0.0.1eth0 = 10.10.10.3uid = 1000ports =
::21::23::8080::59000
LINUX KERNEL
lo = 127.0.0.1eth0 = 10.10.10.1uid = 1000ports =
::25::53::80::143
lo = 127.0.0.1eth0 = 10.10.10.2uid = 1000ports =
::22::53::80::110
lo = 127.0.0.1eth0 = 10.10.10.3uid = 1000ports =
::21::23::8080::59000
LINUX KERNEL
PID: 10 |- /bin/bashUID: 1000
PID: 10 |- /bin/tcshUID: 1000
10.10.10.1
Red Hat CoreOSDebian
LINUX KERNEL
Linux != UNIX
Linux != UNIX™
CAPABILITIES
IF UID == 0 {exec();
}
$ ping 8.8.8.8
setuid 0;
$ ls -i /bin/ping$ hexedit /dev/sda1
2.2 Kernel -CAP_CHOWNCAP_KILLetc
2.4 Kernel -CAP_MKNODCAP_LEASEetc
2.6.37 Kernel -CAP_SYSLOGetc
3.0 Kernel -CAP_WAKE_ALARMetc
3.5 Kernel -CAP_BLOCK_SUSPENDetc
it's not perfect:
CAP_SYS_ADMIN
MOVING ON...
WEIMARANER FIGUREHEAD (CC) BY INGRID TAYLAR
WEIMARANER FIGUREHEAD (CC) BY INGRID TAYLAR
KUBERNETES
POD
REPLICATION CONTROLLER
REPLICATION COUNT = 1
REPLICATION COUNT = 3
REPLICATION COUNT = 5
REPLICATION COUNT = 3
service
SKY PUZZLE (CC) BY JARED TARBELL
SOME COMPELLING PHOTO (CC) BY A USER