Microsoft has put forward a new proposal to bring an optional type syntax to JavaScript, which could make JavaScript natively come with some of the features of TypeScript, making the TypeScript language faster and easier to use. Specifically, the proposal calls for Type Annotations to be added to JavaScript code, allowing type annotations to be checked by external type checkers. At runtime, the JavaScript engine would ignore these annotations and treat these types as annotations.

The previous article “Kubernetes Multi-Cluster Management: Kubefed (Federation v2)” gave a brief introduction to the basic concepts and working principles of Federation v2, and this article focuses on the use of Kubefed. The experimental environment for this article is v0.1.0-rc6. 1 2 $ kubefedctl version kubefedctl version: version.Info{Version:"v0.1.0-rc6", GitCommit:"7586b42f4f477f1912caf28287fa2e0a7f68f407", GitTreeState:"clean", BuildDate:"2019-08-17T03:55:05Z", GoVersion:"go1.12.5", Compiler:"gc", Platform:"linux/amd64"} Installation The installation of Federation v2 is divided into two parts, one is Controller Plan and

Why Federation v1 was deprecated Federation v1 entered Beta in Kubernetes v1.6, but it was deprecated until Kubernetes v1.11 or so. The reason for the deprecation was because the development team felt that the practice of cluster federation was more difficult than expected and that there were many issues that the v1 architecture did not take into account, such as Control plane components can affect the overall cluster efficiency due to problems that occur.

Each component of Kubernetes has certain timed tasks, such as log processing, querying of tasks, cache usage, etc. Timed tasks in Kubernetes are implemented through wait packages, such as starting a probe check in a Kubelet. 1 2 3 4 5 6 7 // Start syncing probe status. This should only be called once. func (m *manager) Start() { // Start syncing readiness. go wait.Forever(m.updateReadiness, 0) // Start syncing startup. go wait.

What is a container Linux container technology A Linux container is a process with specific isolation provided by the Linux Kernel. Linux container technology allows you to package or isolate your application and its entire runtime environment (including all required files) together. This allows users to easily migrate applications between environments while retaining the full functionality of the application. Docker’s problem Docker is a famous open source container engine, which

chartmuseum is an open source Helm Chart Repository that supports a variety of backend stores including GCS, S3, etc. API chartmuseum provides several APIs to implement the capabilities of the Helm Chart Repository. Helm related APIs GET /index.yaml - Get the helm chart list when executing helm repo add chartmuseum http://localhost:8080/ GET /charts/mychart-0.1.0.tgz - Download the corresponding chart when you run helm install chartmuseum/mychart. GET /charts/mychart-0.1.0.tgz.prov - execute helm install with the --verify flag to get the provenance file for verification Chart related API POST /api/charts - upload a new chart POST /api/prov - upload a new provenance file (record provenance for integrity verification) DELETE /api/charts/<name>/<version> - Delete a chart version and the associated provenance file GET /api/charts - list all charts GET /api/charts/<name> - List all versions of a chart GET /api/charts/<name>/<version> - Get description information for a specific version of a chart GET / - welcome page GET /health - returns 200 OK Install chartmuseum GoFish 1 2 3 gofish install chartmuseum ==> Installing chartmuseum.

When you consider adding to your application based on the capabilities of Kubernetes, it’s like opening a Pandora’s Box, and you don’t know exactly what’s in that box, just as you don’t know what is, or will be, happening to the Kubernetes cluster and the applications on it that you rely on. No matter what architecture is chosen and what runtime the underlying layer is based on, observability always has a very high priority.

The previous article, How to Extend a Kubernetes Cluster with CRD, explained what CRD is and what capabilities it can provide through a demo. This article continues to build on that demo (https://github.com/Coderhypo/KubeService) and explains how to build a CRD Controller. CRD Controller For the CRD (CustomResourceDefinition) itself, it is not too much to understand it as just a Schema of OpenApi, because that is its only ability and role, but for the broader statement: “CRD is used to implement xx functions”, it is actually the CRD Controller that is responsible for implementing the functions.

What is a CRD CRD itself is a Kubernetes built-in resource type, which stands for CustomResourceDefinition, and can be viewed with the kubectl get command to see the CRD resources defined within the cluster. 1 2 3 4 # kubectl get crd NAME CREATED AT apps.app.o0w0o.cn 2019-07-25T07:02:47Z microservices.app.o0w0o.cn 2019-07-25T07:02:47Z After talking to people about CRD, I found that there are some common misconceptions about CRD, so some concepts need to be clarified in advance:

The database used by Open Hackathon is MongoDB, and in containerization, the security of data is a top priority. Storage issues Stateful applications need to use PersistentVolume when deployed on Kubernetes, but if the underlying PV storage is unreliable, even with PV, data security is still not guaranteed. In a general usage scenario, the application needs to define a PersistentVolumeClaim to describe the required storage resources and use the PersistentVolumeClaim in the Pod, and the cluster will create or find a PersistentVolumeClaim based on the description in the PersistentVolumeClaim.

With the release of Kubernetes 1.14, it was discovered that the Yaml management tool kustomize, which was only for the Kube interest group, was integrated into kubectl, so that you can use kubectl apply -k to apply kustomization.yaml from the specified directory to the cluster. What is kustomize Using the tool definitely starts with figuring out where the tool is located. kustomize (Github link) is described in the code repository as.

Kaniko is one of the tools created by Google. It is used to build docker images on Kubernetes without privileges and is described in github (https://github.com/GoogleContainerTools/kaniko) as follows: kaniko is a tool to build container images from a Dockerfile, inside a container or Kubernetes cluster. How it works Traditional Docker build is a Docker daemon that executes sequentially on the host using a privileged user (root) and generates each layer of the image according to the Dockerfile.

Recently, Service Mesh has become more and more popular and popular, and various community discussions have emerged. In the face of such a hot technology, we have some questions: What exactly is Service Mesh and what does it solve? In this article, we try to briefly explain the architectural design of Service Mesh and introduce its popular solution, Istio. Starting with distributed systems Modern applications rarely use monolithic architectures anymore, and when distributed architectures become mainstream, network calls between system components become a natural problem.

WSGI is a term often referred to in Python Web development, and is defined in Wikipedia as follows. The Python Web Server Gateway Interface (abbreviated WSGI) is a simple and generic interface between a web server and a web application or framework defined for the Python language. Since WSGI was developed, similar interfaces have appeared in many other languages. As defined, WSGI is not a server, not an API, not

When participating in interviews, Linux processes should be considered a must for me, because many languages don’t bother to implement a set of process management and scheduling, but instead borrow directly from the operating system, especially the Python community which sees no need to duplicate the wheel in this area and uses a simple wrapper around system calls. As a result, it’s hard to really know what’s going to happen to the concurrent code you write if you don’t know much about Linux processes.

It is the essence of an operating system to provide the ability to run programs. And in Linux, light and correspondingly fast process management is one of its good features. In this article, the focus is on the description, and life cycle of Linux processes. Descriptors and task structures A process is a program in execution and usually includes some resources, such as files, pending signals, internal kernel data, processor state, memory space, and one or more threads of execution.

This article will explain the basic operations of concurrent programming in Python. Concurrency and parallelism are twin brothers, and the concepts are often confused. Joe Armstrong, the father of Erlang, has a very interesting diagram that illustrates these two concepts. One of my personal preferences is that concurrency is macro-parallel and micro-serial. GIL While Python comes with great class libraries to support multithreaded/processed programming, it is well known that Python

JetBrains CEO Maxim Shafirov made an announcement yesterday that JetBrains will indefinitely suspend sales and R&D activities in Russia , as well as indefinitely suspend sales in Belarus. In his announcement, Shafirov mentioned that JetBrains condemns the attacks launched by the Russian government and chooses to stand with the people of Ukraine, including their colleagues and families. JetBrains was founded 22 years ago in Prague, the capital of the Czech Republic.

GitLab CEO Sid Sijbrandij published a blog about some of the actions GitLab has taken since the Russian-Ukrainian war broke out. Sijbrandij said GitLab is deeply saddened by the Russian government’s unprovoked and unjustified military invasion of Ukraine, the horrific violence against a sovereign nation and its people, and the terrible impact on everyone in the region, including GitLab team members and family and friends. gitLab extends its sympathies to all those affected by the violence and uncertainty.

A container acts as an instance of a image, a runtime for stateless applications in the images. Stateless is so-called because the lifecycle of a container is very flexible. When a container’s lifecycle ends, the data generated during that time does not persist, but is removed with the deletion of the container. However, most applications are for data now, so the persistence of containers is explored here. Storage for containers Before we discuss container persistence, let’s explore what data storage looks like without persistence, i.