diff --git a/content/GettingStarted/Layers/_index.md b/content/GettingStarted/Layers/_index.md index 24266c3d801b16019aa9d783f0c9b6a4252068fb..451d05e02273327570e77c1f35075f397fbae313 100644 --- a/content/GettingStarted/Layers/_index.md +++ b/content/GettingStarted/Layers/_index.md @@ -24,7 +24,7 @@ The ceph backend will be used for data heavy part of ceph. And the overlay to allow services running on top of kubernetes to discuss together. -In this step, we'll only install The 2 first one. The overlay will be installed later. +In this step, we'll only install the 2 first one. The overlay will be installed later. ## Layer 2 - kubespray @@ -36,7 +36,7 @@ Or deploy them by hand. We currently use kubespray, but think of not using it fo We personnaly use the following: - containerd - It is the container runtime. Nowadays, the industry is moving from Docker to containerd, so do we. - - kubeadm - It ss developed Upstream Under kubernetes namespace. It is aimed at becoming the defacto installation tool for kubernetes. + - kubeadm - It is developed upstream under kubernetes namespace. It is aimed at becoming the defacto installation tool for kubernetes. - canal with wireguard - it is the Kubernetes overlay network. - nginx-ingress - cert-manager @@ -61,4 +61,4 @@ This is our curated list of operators: ## Layer 7 - web UI -UI to let people self serve. The status of this is clearly [vaporware](https://en.wikipedia.org/wiki/Vaporware), but we hope to release an alpha by begining of 2021 (Except if you have skills and want to work on it already, this would be amazing ;) ). \ No newline at end of file +UI to let people self serve. The status of this is clearly [vaporware](https://en.wikipedia.org/wiki/Vaporware), but we hope to release an alpha by begining of 2021 (Except if you have skills and want to work on it already, this would be amazing ;) ). diff --git a/content/GettingStarted/_index.md b/content/GettingStarted/_index.md index 9a5be4817e59bcadc965a5172608d94cd1665f4b..e16379b7d60d7e73f49766c96b2e09bfc8802c3b 100644 --- a/content/GettingStarted/_index.md +++ b/content/GettingStarted/_index.md @@ -18,8 +18,8 @@ The reference architecture needs 9 machines: - 3 ingresses - 3 compute -Masters are used to coordinate the cluster. They store the state in etcd. They make sure nodes are healthy. They schedule work on the nodes. They are the brain of your cluster. If they are down, the three of them, your workload still functions properly, but you could't change the state of you cluster. +Masters are used to coordinate the cluster. They store the state in etcd. They make sure nodes are healthy. They schedule work on the nodes. They are the brain of your cluster. If they are down, the three of them, your workload still functions properly, but you couldn't change the state of you cluster. Ingresses are where https is terminated. They need to also be highly available. Depending on your hardware setup, you have to find a way to balance traffic. You could use MettalLB for instance. On Hetzner VMs, we use floating IPs. -Compute nodes are where your workload is running. This is where your databases and application servers will run. \ No newline at end of file +Compute nodes are where your workload is running. This is where your databases and application servers will run. diff --git a/content/KubernetesOperators/UpstreamOperator/_index.md b/content/KubernetesOperators/UpstreamOperator/_index.md index f019759bb0fc731466012cc269d9480dbf789e4f..85876f89c15a70cfb162822af013c9ae0b9b0ee2 100644 --- a/content/KubernetesOperators/UpstreamOperator/_index.md +++ b/content/KubernetesOperators/UpstreamOperator/_index.md @@ -7,7 +7,7 @@ Now that Postgres is running, we can deploy our Nextcloud. But first we need to deploy the nextcloud upstream operator. This operator is low level because it would need every information about the backing services. It is a nice building block for projects like libre.sh. -Here is the version alpha we are developing. The goal is to move it's development upstream. We think that this belongs to Nextcloud community to own this. And we'll help bootstrap that. The same way we did with [some](https://github.com/RocketChat/Docker.Official.Image/commit/a951f488fb2a633fc89ad3048eb451aa05dc90ee) [official](https://github.com/nextcloud/docker/commit/8fa384bcd6619b9c19c5efbcdf7248d803e43727) [docker](https://github.com/matomo-org/docker/commit/e6538b90a4c7e7e3d6423d1e4740e674ee42eede) [images](https://github.com/idno/Known-Docker/commit/394e91c21d33914899dd2b0b211be2d7fe4e1837). +Here is the version alpha we are developing. The goal is to move its development upstream. We think that this belongs to Nextcloud community to own this. And we'll help bootstrap that. The same way we did with [some](https://github.com/RocketChat/Docker.Official.Image/commit/a951f488fb2a633fc89ad3048eb451aa05dc90ee) [official](https://github.com/nextcloud/docker/commit/8fa384bcd6619b9c19c5efbcdf7248d803e43727) [docker](https://github.com/matomo-org/docker/commit/e6538b90a4c7e7e3d6423d1e4740e674ee42eede) [images](https://github.com/idno/Known-Docker/commit/394e91c21d33914899dd2b0b211be2d7fe4e1837). Here is how the Nextcloud instance object would look like: @@ -30,7 +30,7 @@ spec: EOF ``` -After some minutes, you'd get an up and running Nextcloud instance. behind the scene it would have provisionned the following: +After some minutes, you'd get an up and running Nextcloud instance. Behind the scenes, it would have provisionned the following: - the deployment with 2 pods with a php container with Nextcloud code - a cron job @@ -38,4 +38,4 @@ After some minutes, you'd get an up and running Nextcloud instance. behind the s - an ingress with a Let's Encrypt certificate - installed Nextcloud -Upstream operators are already nice you'd say. But keep in mind that we are discussing about 7 backing services. So for each Nextcloud instance, you'd need to do the plumbing manually of each backing service manually. Let's go now to the libre.sh operator. \ No newline at end of file +Upstream operators are already nice you'd say. But keep in mind that we are discussing about 7 backing services. So for each Nextcloud instance, you'd need to do the plumbing manually of each backing service manually. Let's go now to the libre.sh operator. diff --git a/content/ProblemToSolve/IndieHostersTale/_index.md b/content/ProblemToSolve/IndieHostersTale/_index.md index 91684a3cd88b879e447a381c756afa2a715552c2..d42be31e061ca5baba6de8daa658101711a87a82 100644 --- a/content/ProblemToSolve/IndieHostersTale/_index.md +++ b/content/ProblemToSolve/IndieHostersTale/_index.md @@ -9,6 +9,6 @@ a young guy started to host WordPresses for his friends on a Raspberry. Then he At this point, they realized that hosting for people is just not profitable at all, or they would need some volume. -If they were capitalistic and rational, IndieHosters would have stop hosting for the people and focus on the bigger clients. Some people say that startup start B2C and end up doing B2B, it is just plain easier. But IndieHosters was not a startup and the tale didn't end up like this. +If they were capitalistic and rational, IndieHosters would have stopped hosting for the people and focused on the bigger clients. Some people say that startups start B2C and end up doing B2B, it is just plain easier. But IndieHosters was not a startup and the tale didn't end up like this. -We think that this tale is what most small free software hosters are experiencing. We want to change this, and here it is how: \ No newline at end of file +We think that this tale is what most small free software hosters are experiencing. We want to change this, and here it is how: diff --git a/content/ProblemToSolve/TheExample/_index.md b/content/ProblemToSolve/TheExample/_index.md index 916fd89a3e65ef601607feb122e984d77bd14a9f..c721af78647b86e1c84fcdcd66f893106bf25efe 100644 --- a/content/ProblemToSolve/TheExample/_index.md +++ b/content/ProblemToSolve/TheExample/_index.md @@ -14,10 +14,10 @@ Before deploying the Nextcloud, we'll need to list the backing services that wou - OpenIdConnect provider for Single Sign On - libre office online -This is to deploy a reliable and scalable Nextcloud instance. For the sake of simplicity, let's say that we just need Postgres. But keep in mind, that we have the other backing services in mind too, and that we can use the same paradigms. +This is to deploy a reliable and scalable Nextcloud instance. For the sake of simplicity, let's say that we just need Postgres. But keep in mind, that we have the other backing services too, and that we can use the same paradigms. We'll assume for the rest of the example that you already got a kubernetes cluster running. -The domain name of the association is `fight.marketing`. You already created a namespace `fight-marketing` and added the annotation `domaine-name: fight.marketing`. +The domain name of the association is `fight.marketing`. You already created a namespace `fight-marketing` and added the annotation `domain-name: fight.marketing`. -Let's now see how we solve our problem with the [kubernetes operators](/kubernetesoperators/). \ No newline at end of file +Let's now see how we solve our problem with the [kubernetes operators](/kubernetesoperators/). diff --git a/content/WhyKubernetes/Misc/_index.md b/content/WhyKubernetes/Misc/_index.md index c7885a1a14f58860b5747086d58ded43f3e8b40e..6a795f015bc5389e7c1ce32df8e54499e3c7fda5 100644 --- a/content/WhyKubernetes/Misc/_index.md +++ b/content/WhyKubernetes/Misc/_index.md @@ -3,13 +3,13 @@ title: Misc weight: 2 --- -## strenghts of kubernetes +## Strengths of kubernetes Industry is moving to kubernetes, so we benefit from the best engineers developing the most amazing platform. We are living the same revolution as when industry moved from hardware to VM. Now we are moving from VMs to containers. The platform is highly available by design and also highly scalable. It can also run on a single host if you want. -## the green argument +## The green argument Another argument for using an orchestration platform like kubernetes is resource consumption. Once you run on a datacenter with green energy and use second hand hardware, what can you do to move further? You have to use more each cpu. @@ -18,7 +18,7 @@ Compared to classic virtualisation, you can put a lot more services with kuberne And because of this reason, kubernetes is greener than classic virtualisation. -## complexity +## Complexity Kubernetes is made to [manage thousands of VMs and hundred of thousands of pods](https://docs.openshift.com/container-platform/4.2/scalability_and_performance/planning-your-environment-according-to-object-limits.html). At this scale, the underlying platform has to be somewhat complex. @@ -41,7 +41,7 @@ As you see, it is pretty simple, and that's why it is reliable, even at the goog In term of network, it is also complex, as you have to span an overlay network between different host and give an IP address to each pod. It is a complex problem to solve, but some smarter people already solved it, so we can rely on such solutions. -## security +## Security Security depends a lot on your threat modeling. @@ -49,18 +49,18 @@ It is a fact that containers are less secured than VMs. But then it depends on w If you want to run free software for people, we think that containers are more than secure enough. We know which code runs on our hardware, and we don't think we need VM level isolation. And if there is a bug in linux containers, we patch. -## single host +## Single host Kubernetes could also run on a single host. Some people might think it would be overkill to run so many processes, for just running one applciation, but why not? There is an effort called [k3s](https://github.com/rancher/k3s), and it is said to run on 150MB of RAM. Now imagine that you can shutdown the control plane, and run it with a cron once a night to update. It could make a good candidate to evolve [lollipopcloud](https://opencollective.com/lollipop-cloud-team/) or even [yunohost](https://yunohost.org/). -## declarative API +## Declarative API The kubernetes API is declarative. It means you declare how the world should look like. For instance, you can say, "My desire is to have a redis instance with these parameters". -This is diffrent than an imperative API. For our redis instance, it would mean to say instead: "Please create a redis instance, then create a service to expose it, and finally, create a secret and configure redis with that." +This is different from an imperative API. For our redis instance, it would mean to say instead: "Please create a redis instance, then create a service to expose it, and finally, create a secret and configure redis with that." In the declarative case, there is no need to detail the flow that modifies the different states. diff --git a/content/WhyKubernetes/Operators/_index.md b/content/WhyKubernetes/Operators/_index.md index 9bc490bef8752fa36356566ed86ce87a5784880e..68fedc5a47401406601512e11700a7f87f839d39 100644 --- a/content/WhyKubernetes/Operators/_index.md +++ b/content/WhyKubernetes/Operators/_index.md @@ -35,6 +35,6 @@ It is probably the first time in IT history that we can collaborate about how to - scale - run highly available -These recipes can now be code. It means they can be tested and shared with a Freesoftware license. +These recipes can now be code. It means they can be tested and shared with a Free Software license. -The combination of kubernetes and operators on not is really appealing as a platform to run free software hosted apps. +The combination of kubernetes and operators is really appealing as a platform to run free software hosted apps. diff --git a/content/WhyKubernetes/TheCloudAPI/_index.md b/content/WhyKubernetes/TheCloudAPI/_index.md index 2ca4442a85e0947a7ea0a54f3e36b5d1ac6e5622..93978a815157c98abef6f4fc4411a54ca89cfd34 100644 --- a/content/WhyKubernetes/TheCloudAPI/_index.md +++ b/content/WhyKubernetes/TheCloudAPI/_index.md @@ -16,7 +16,7 @@ Between the lines, you can read that the intent behind kubernetes is to become, It is not the first time that open source project try to be an abstraction to popular cloud vendors. There are a few like ansible, or terraform. But they failed, because at the end of the day, you need to take care of the little variations of each provider. -## what is a cloud API +## What is a cloud API But what is a cloud API anyway you can ask. It is a way to provision: @@ -32,15 +32,15 @@ In kubernetes, they are called Persistent Volumes (PV), and when you work with k Then, depending on your cloud provider (Google Cloud, AWS, ..) or even being in your own datacenter, you can have a different volume provider taking care of making your desire to have a Volume happen. Even better, you could have different volume providers on the same cluster, all nicely abstracted by this object. -And kubernetes provides this nice abstraction for everyhting you need to run hosted free software, in a beautiful way. +And kubernetes provides this nice abstraction for everything you need to run hosted free software, in a beautiful way. ## Google compete against AWS Another thing to keep in mind is that Google Cloud is a direct competitor of AWS. -At the time of open sourcing Kubernetes, the docker orchestration war already started, and the world was desparetly in need of a nice orchestrator. Google had a bit of experience in this field. And they probably saw a nice opportunity to compete against AWS. +At the time of open sourcing Kubernetes, the docker orchestration war already started, and the world was desperatly in need of a nice orchestrator. Google had a bit of experience in this field. And they probably saw a nice opportunity to compete against AWS. Imagine, if the world adopts Kubernetes, which is what is happening. Then the barrier to exit AWS just became a lot cheaper. -It is not a secret that AWS was one of the last big tech compagny to join the CNCF. And it is probably because, kubernetes is a threat to their business model, to some extent. +It is not a secret that AWS was one of the last big tech compagny to join the CNCF. And it is probably because kubernetes is a threat to their business model, to some extent. ## The last package manager? @@ -52,4 +52,4 @@ WordPress, the code is free software. Great you can install it on your php provi One component of Kubernetes is definitely to address that. To some extent, kubernetes, and/or tools around are becoming the standard package manager. Some popular proprietary vendors like SAP are now shipping their software as a kubernetes package. They tell their customers, just provide us a cluster, we take care of the rest. Even [OpenStack](https://github.com/openstack/openstack-helm) is shipped as a kubernetes package! -For all these reasons, kubernetes is becoming The cloud API, and the OS of your infrastructure, and the package manager to deploy your FLOSS. \ No newline at end of file +For all these reasons, kubernetes is becoming The cloud API, and the OS of your infrastructure, and the package manager to deploy your FLOSS. diff --git a/content/license.md b/content/license.md index 79d0dd302e5a67ff19e57a00906a31acbfde8144..459a89959873a309eda96b978b908b8df8155ade 100644 --- a/content/license.md +++ b/content/license.md @@ -2,6 +2,6 @@ title: License --- -In case you wondered, it is a free software project, not open source. This is a project about human rights, privacy rights, freedom of speech (in the european sense), not about efficient development. This wesbite is public domain and we use AGPL, [your company problably doesn't like](https://opensource.google/docs/using/agpl-policy/), and not MIT. We consider that the greatest freedom, shouldn't be a company freedom to be able to close the source code, but a user freedom to always have it free and libre. +In case you wondered, it is a free software project, not open source. This is a project about human rights, privacy rights, freedom of speech (in the european sense), not about efficient development. This website is public domain and we use AGPL, [your company problably doesn't like](https://opensource.google/docs/using/agpl-policy/), and not MIT. We consider that the greatest freedom, shouldn't be a company freedom to be able to close the source code, but a user freedom to always have it free and libre. -If you are aligned with these values, you are welcome to contribute. If you feel uncomfy, we are sorry, but this is not negociatable. \ No newline at end of file +If you are aligned with these values, you are welcome to contribute. If you feel uncomfy, we are sorry, but this is not negociatable.