►
Description
Join Evan as we explore https://github.com/kcp-dev/kcp, a kubernetes apiserver without most of the built-in Kubernetes types. Learn a bit about the goals of the project, what it's good for now, and what it might be good for in the future.
B
A
So
we've
got,
I
see,
jason
in
the
chat.
We've
got
jason
hall
here
today
and
we'll
be
talking
about
his
program.
I
didn't
get
a
chance
to
set
up
stream
yards,
so
he'll
be
in
chat
and
I'll
be
on
screen,
but
maybe
sometime
we'll
get
him
on
screen
too
we'll
be
talking
about
kcp,
which
is
a
minimal
kubernetes
api
server
and
first,
let's
see.
A
A
There
is
a
shortcut
t
g,
a
k,
dot,
io,
slash
notes
where
you
can
add
any
news
that
you're
aware
of
or
if
you
want
to
take
notes
during
the
stream.
It
makes
it
easier
to
compile
stuff
later
and
yeah
welcome
everyone.
So
the
first
one
is
just
a
head
up
heads
up
that
there
are
patch
releases
next
week,
if
you're
using
docker
shim.
I
think
that
this
may
affect
you
if
you
use
docker
sharing
port
forward.
So
hopefully
you
are
not
in
that
combo.
A
A
So
it's
pretty
cool
to
see
you
know,
kubernetes
is
still
building
and
maturing
and
adding
you
know
adding
these
sorts
of
tools
so
that
you
can
be
sure
that
you
are
getting
the
software
you
know
about
or
that
you
intended
to
get
and
you
can
figure
out.
Is
it
vulnerable
to
this
or
that
upstream
library,
maybe
we'll
do
a
future
episode
on
what
all
that
means.
A
A
It
looks
like
it's
it's
a
lot
since
the
last
one,
so
maybe
maybe
there'll
be
a
tgik
about
that.
One
too
sig
note
is
also
doing
a
bug
scrub
soon.
So
if,
if
you're
interested
in
participating
in
signal,
this
is
probably
a
great
chance
to
get
in
and
figure
out,
you
know,
okay,
which
of
these
issues
are
really
important
and
which
ones
you
know.
Oh,
this
has
been
open
for
two
years
and
maybe
it's
not
even
really
reproducible
anymore.
A
A
A
I
do
have
windows
subsystem
for
linux
and
I'm
going
to
be
using
it
a
lot
today
because
I
don't
think
it'll
be
helpful
to
rake
jason
over
the
calls
for
stuff
that
doesn't
work
on
windows
right
now,
but
there's
lots
of
developers
out
on
windows
and
some
developers
who
only
have
windows.
So
it's
great
that
it's
great
to
see
that
coming
along
as
a
sign
of
maturity
and
then
I
only
had
two
notes
from
the
larger
kubernetes
ecosystem.
A
A
A
A
So
for
those
of
you
who
know
a
little
bit
about
my
background
before
I
moved
over
to
vmware,
I
worked
at
google
and
google's
cloud
run.
Product
actually
exposes
a
kubernetes-like
api
for
the
k
native
custom
resources
and
it
doesn't
expose
the
rest
of
kubernetes
and
you
can
mentally
think
about
it.
A
little
bit
like
hey
I've
got
access
to
this
slice
of
a
kubernetes
cluster.
This
namespace
with
certain
rbac
that
lets
me
see
certain
things
and
then
the
underlying
implementation
that
google
has
for
for
their
managed
cloud
run
product
is
actually
completely
different.
A
It's
built
off
of
the
same
serverless
infrastructure
that
powers
cloud
functions
in
app
engine,
but
it
looks
like
kubernetes
and
you
could
use
a
kubernetes
aware
tool
to
manage
it.
So
you
could
use
something
like
cubecontrol
to
upload
your
manifests,
and
so
kcp
is
an
attempt
to
actually
make
that
simple
and
reusable
infrastructure.
So
that
you
can
use
the
kubernetes
controller
model
to
to
manage
things,
but
you
don't
need
to
actually
do
all
of
the
you.
Don't
actually
need
pods
and
stuff
to
manage
that
you
can
have
controllers
that
sync
things.
A
The
first
example
that
they
have
is
a
demo
that
lets
you
do
multi-cluster
by
creating
deployments
and
then
splitting
them
out
across
multiple
different
actual
physical
clusters.
They
also
point
out
that
you
could
do
this
the
opposite
way.
You
could
give
everybody
their
own
kubernetes
api
server
and
their
own
etcd
that
they
can
beat
up
on
and
then
sync
the
resources
out,
using
a
controller
that
you
run
into
a
common
infrastructure
cluster
using
the.
A
I
think
the
the
local
kubernetes
development,
where
you're
actually
like
when
we're
working
on
canadian
a
lot
of
the
time,
we're
worried
about
the
logic
of
how
does
a
kubernetes
service
or
k-native
service
map
down
onto
like
deployments
and
network
policies
and
whatever
else,
and
you
could
actually
create
these
things.
You
know
create
a
mock
environment
using
kcp
where
you
don't.
You
don't
need
the
whole
real
kubernetes
underneath
reconciling
things
and
you
just
you,
stick
in
custom
resources
for
the
types
that
you
care
about.
A
So
the
I
think
I
think
the
question
was:
what
are
the
use
cases
for
kcp?
So
I
think
kcp
is
infrastructure.
This.
This
is
squarely
as
an
end
user,
you're,
probably
never
going
to
directly
use
kcp.
You
might
use
kcp
within
a
product,
but
you
may
not
even
know
that
it's
using
kcp
it's
oh
there's
a
little
bit
of
output
there,
okay,
well
we'll
see.
A
A
A
You
sync
out,
let's
see
using
something
like
flux,
you
may
sync
a
bunch
of
resources
into
the
cluster
use
crossplane
to
create
rds,
you
know
rds
instances
or
the
like,
and
what
you'd
be
checking
in
at
the
beginning
would
be
yaml
of
what
you
want.
Your
configuration
to
look
like,
and
so
you
have
a
simple
declarative
model
for
what
you
want.
Your
configuration
to
look
like
you
check
it
in
and
then
it
gets
exploded
out
into
resources.
A
It
would
look
a
little
bit
like
terraform
in
some
senses,
but
it
would
be
continuously
reconciled,
whereas
my
understanding
with
terraform
not
having
used
it
a
lot
in
anger,
is
that
you
tend
to
intentionally
do
a
terraform
apply
rather
than
having
it
a
continuously
reconciled
process.
In
the
background.
A
A
A
B
B
A
A
A
B
A
It
looks
like
a
lot
of
this
is
pulling
in
kubernetes
control
plane
stuff
directly,
so
this
is
mostly
aiming
to
actually
build
with
the
kubernetes
code,
with
a
little
bit
of
extra
stuff,
not
to
fork
more
than
is
necessary,
which
I
think
is
a
good
decision,
because
core
kubernetes,
it
may
feel
like
the
kep
process,
is
really
slow.
But
there's
a
lot
of
motion
in
that
repository.
So
keeping
up
with
it
is
challenging.
A
I
was
just
noticing
that
events
were
in
two
different
api
groups,
so
I
don't
actually
have
I'm
gonna.
Take
a
look
at
this
control,
this
cluster
controller
a
little
bit,
but
then
I
think
I'm
actually
gonna
go
off
and
see
if
we
can
get
authorization
working.
Oh,
let's
see
we
get
somewhere
in
here
I
was
told
to
find
my
cubeconfig
here
and
since
this
is
going
to
go
away
real
soon,
I'm
not
too
worried
about
looking
at
this
and
right
now
it
looks
like
we
have
a
user
with
token-based
authentication.
A
A
A
But
it's
really
a
different
approach
and
you
could
imagine
combining
the
two
approaches.
So
if
the
k3s
patches
and
the
kcp
patches
were
mostly
compatible,
you
could
imagine
running
a
kcp
where
okay
yeah
it
sounds
like
they
have
an
ncd
shim.
So
you
could
use
the
etsy.
You
could
use
the
ftd
shim
with
kcp.
A
B
B
B
B
A
A
A
B
A
A
B
A
While
that
is
figuring
out
what
is
available,
let's
go
back,
and
so
this
is
defining
a
new
cluster
type.
So
this
is
we're
going
to
go
through
through
the
official
tutorial
for
a
moment
or
two.
While
I
go
digging
that
out.
Api
version
yeah,
okay,
so
this
is
just
a
this
is
just
a
crd
and
the
spec
has
a
cube
config.
A
B
B
A
A
And
it
looks
like
it's
just
gonna
keep
complaining
that
it
doesn't
know
about
services
and
endpoints,
so
we
can
probably
just
keep
going
from
there
and
I'm
guessing
that's
some
of
the
did.
I
mention
this
was
an
early
project.
This
is
some
of
the
code
that
kcp
would
like
to
clean
up
so
that
they
can
just
say
don't
watch
services
and
endpoints,
but.
B
B
A
B
B
B
A
B
A
A
So
yeah
this
is
one
of
the
fun
things
that
you
get
when
you're
using
etcd
as
a
backing
store
is
unlike,
if
you're,
using
something
like
sql
and
you
do
a
alter
table
like
you
will
you
know
every
other
query
will
see
either
before
the
alter
table
or
after
the
alter
table,
but
because
kubernetes
is
eventually
consistent
and
it's
doing
this
reconciliation
process.
You
can
actually
observe
the
cluster
while
it's
in
the
middle
of
adding
a
new
cut,
a
new
type
and
that
usually
doesn't
go
well.
A
A
A
A
A
B
A
A
B
A
A
A
A
And
it
looks
like
the
deployment
splitter
will
intelligently
figure
out
how
many
to
run
in
each
cluster.
So
I
can
say
I
can
run
something
like
a
horizontal
pod,
auto
scaler
in
my
kcp
cluster
horizontally
scale.
You
know,
okay,
I
should
have
15
deployments
or
15
instances,
and
then
the
deployment
splitter
will
figure
out
how
to
align
them
down
to
lower
level
clusters.
A
A
A
So
you
could
do
the
same
thing
with
cron
job
daman
set
actually
feels
like
it
would
be
really
powerful
because
you
can
have
a
set
of
diamond
sets
like
your
monitor,
all
your
monitoring
agents
or
all
of
your
load
balancers
in
a
single
kcp
cluster
and
then
replicate
it
out
to
multiple
instances
and
kind
of
have
a
policy
that
says
hey.
These
are
the
agents
we
have
running
everywhere.
A
A
A
B
A
B
B
A
A
A
A
A
You
know
trailing
slash
there,
okay
and
so
the
goal
here
is
that
we're
going
to
be
able
to
take
a
token
from
off
zero
we're
gonna
copy
this
over
and
we're
going
to
be
able
to
go
to
auth0,
get
a
token
put
it
into
our
cube,
config
and
use
that
to
authorize
ourselves
using
our
google
account
to
the
kubernetes
cluster,
and
you
could
use
this
for
the
dashboard.
You
could
use
this
for
octant
or
something
like
that.
A
A
Yeah,
I
don't
know
how
much
I
don't
know
how
well
octet
will
work
if,
if
the
you
know,
if
api
resources
that
it
expects
like
deployments,
aren't
there,
you
could
also
see
that,
as
you
know,
our
back
saying.
Oh,
I
won't
let
you
see
it,
but
if
you
go
to
like
api
versions
or
api
resources,
then
it
seems
like
you
might.
A
A
B
A
A
B
A
A
A
A
A
So
now
we'll
do
the
request
to
do
an
authorize,
and
so
this
is
auth
xero.
Sending
me
to
log
in,
I
can
say,
continue
with
google
here's
my
account
now.
So
one
of
the
exciting
things
about
open
id
connect,
I've
just
gotten
a
refresh
token,
but
it's
bound
to
the
audience
of
this
application.
So
if
you
take
it
somewhere
else
that
token
shouldn't
help
you
log
in
anywhere
else,
so
now
we
can
exchange
that
access
code
in
for
a
for
an
id
for
an
id
access.
Token
and.
A
A
A
B
A
B
A
A
A
A
B
A
A
A
A
B
A
B
A
Oh
one
thing
I
learned
that
is
fun
and
exciting
case
matters
here
and,
depending
on
your
google
account,
it
may
not
all
line
up.
In
this
case,
it's
lowercase.
There
are
other
apis
where
you'll
actually
get
things
capitalized,
sometimes
instead,
and
that
was
a
huge
pain
I
want
to
have
to
deal
with
it.
B
B
A
B
B
B
A
B
A
A
You
can
tell
that
because
I
can
say,
keep
control
api
resources
and
I
get
just
this
list,
but
this
curl
command
is
also
pointing
at
the
cluster,
because
it's
got
this
localhost
ipv6
address
it's
kind
of
cool
that
you're
defaulting
to
ipv6,
but
since
it's
localhost
only
that
should
work
unless
someone
is
not
dual
stacked
at
all
and
I'm
guessing
that
they're
just
you're
just
using
whatever
you
get
out
of
the
go.
Libraries.
A
A
A
B
A
B
B
B
A
B
B
A
It'd
be
nice
to
have
the
web
web
hook
stuff
working
too
yeah,
so
jason
is
commenting
in
the
chat
that
you
can
actually
build
kcp
and
your
controllers
into
a
single
binary
for
actually
running
things.
So
you
could
you
know
if
you
wanted
to
have,
for
example,
hey.
This
is
a
service,
a
web
service
that
uses
kcp
and
manages.
I
don't
know
like
akka
serverless,
that
we
were
talking
about
earlier.