From f107ce3b1ba1b1276ed1d63666f28d066029ec08 Mon Sep 17 00:00:00 2001 From: Mossroy Date: Wed, 23 Feb 2022 16:37:10 +0000 Subject: [PATCH 1/5] Fix typo --- content/license.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/license.md b/content/license.md index 79d0dd3..459a899 100644 --- a/content/license.md +++ b/content/license.md @@ -2,6 +2,6 @@ title: License --- -In case you wondered, it is a free software project, not open source. This is a project about human rights, privacy rights, freedom of speech (in the european sense), not about efficient development. This wesbite is public domain and we use AGPL, [your company problably doesn't like](https://opensource.google/docs/using/agpl-policy/), and not MIT. We consider that the greatest freedom, shouldn't be a company freedom to be able to close the source code, but a user freedom to always have it free and libre. +In case you wondered, it is a free software project, not open source. This is a project about human rights, privacy rights, freedom of speech (in the european sense), not about efficient development. This website is public domain and we use AGPL, [your company problably doesn't like](https://opensource.google/docs/using/agpl-policy/), and not MIT. We consider that the greatest freedom, shouldn't be a company freedom to be able to close the source code, but a user freedom to always have it free and libre. -If you are aligned with these values, you are welcome to contribute. If you feel uncomfy, we are sorry, but this is not negociatable. \ No newline at end of file +If you are aligned with these values, you are welcome to contribute. If you feel uncomfy, we are sorry, but this is not negociatable. -- GitLab From a7093b17e04e66dc508c153f431ca67dfbfe1c38 Mon Sep 17 00:00:00 2001 From: Mossroy Date: Wed, 23 Feb 2022 16:44:01 +0000 Subject: [PATCH 2/5] Grammar and style fixes (open to discussion) --- content/ProblemToSolve/IndieHostersTale/_index.md | 4 ++-- content/ProblemToSolve/TheExample/_index.md | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/content/ProblemToSolve/IndieHostersTale/_index.md b/content/ProblemToSolve/IndieHostersTale/_index.md index 91684a3..d42be31 100644 --- a/content/ProblemToSolve/IndieHostersTale/_index.md +++ b/content/ProblemToSolve/IndieHostersTale/_index.md @@ -9,6 +9,6 @@ a young guy started to host WordPresses for his friends on a Raspberry. Then he At this point, they realized that hosting for people is just not profitable at all, or they would need some volume. -If they were capitalistic and rational, IndieHosters would have stop hosting for the people and focus on the bigger clients. Some people say that startup start B2C and end up doing B2B, it is just plain easier. But IndieHosters was not a startup and the tale didn't end up like this. +If they were capitalistic and rational, IndieHosters would have stopped hosting for the people and focused on the bigger clients. Some people say that startups start B2C and end up doing B2B, it is just plain easier. But IndieHosters was not a startup and the tale didn't end up like this. -We think that this tale is what most small free software hosters are experiencing. We want to change this, and here it is how: \ No newline at end of file +We think that this tale is what most small free software hosters are experiencing. We want to change this, and here it is how: diff --git a/content/ProblemToSolve/TheExample/_index.md b/content/ProblemToSolve/TheExample/_index.md index 916fd89..c721af7 100644 --- a/content/ProblemToSolve/TheExample/_index.md +++ b/content/ProblemToSolve/TheExample/_index.md @@ -14,10 +14,10 @@ Before deploying the Nextcloud, we'll need to list the backing services that wou - OpenIdConnect provider for Single Sign On - libre office online -This is to deploy a reliable and scalable Nextcloud instance. For the sake of simplicity, let's say that we just need Postgres. But keep in mind, that we have the other backing services in mind too, and that we can use the same paradigms. +This is to deploy a reliable and scalable Nextcloud instance. For the sake of simplicity, let's say that we just need Postgres. But keep in mind, that we have the other backing services too, and that we can use the same paradigms. We'll assume for the rest of the example that you already got a kubernetes cluster running. -The domain name of the association is `fight.marketing`. You already created a namespace `fight-marketing` and added the annotation `domaine-name: fight.marketing`. +The domain name of the association is `fight.marketing`. You already created a namespace `fight-marketing` and added the annotation `domain-name: fight.marketing`. -Let's now see how we solve our problem with the [kubernetes operators](/kubernetesoperators/). \ No newline at end of file +Let's now see how we solve our problem with the [kubernetes operators](/kubernetesoperators/). -- GitLab From 759597de6bc899659f3bac175b6ffceec8b2b988 Mon Sep 17 00:00:00 2001 From: Mossroy Date: Wed, 23 Feb 2022 17:03:17 +0000 Subject: [PATCH 3/5] Some more typos and other fixes --- content/GettingStarted/Layers/_index.md | 6 +++--- content/GettingStarted/_index.md | 4 ++-- .../KubernetesOperators/UpstreamOperator/_index.md | 6 +++--- content/WhyKubernetes/Misc/_index.md | 14 +++++++------- content/WhyKubernetes/Operators/_index.md | 4 ++-- content/WhyKubernetes/TheCloudAPI/_index.md | 10 +++++----- 6 files changed, 22 insertions(+), 22 deletions(-) diff --git a/content/GettingStarted/Layers/_index.md b/content/GettingStarted/Layers/_index.md index 24266c3..451d05e 100644 --- a/content/GettingStarted/Layers/_index.md +++ b/content/GettingStarted/Layers/_index.md @@ -24,7 +24,7 @@ The ceph backend will be used for data heavy part of ceph. And the overlay to allow services running on top of kubernetes to discuss together. -In this step, we'll only install The 2 first one. The overlay will be installed later. +In this step, we'll only install the 2 first one. The overlay will be installed later. ## Layer 2 - kubespray @@ -36,7 +36,7 @@ Or deploy them by hand. We currently use kubespray, but think of not using it fo We personnaly use the following: - containerd - It is the container runtime. Nowadays, the industry is moving from Docker to containerd, so do we. - - kubeadm - It ss developed Upstream Under kubernetes namespace. It is aimed at becoming the defacto installation tool for kubernetes. + - kubeadm - It is developed upstream under kubernetes namespace. It is aimed at becoming the defacto installation tool for kubernetes. - canal with wireguard - it is the Kubernetes overlay network. - nginx-ingress - cert-manager @@ -61,4 +61,4 @@ This is our curated list of operators: ## Layer 7 - web UI -UI to let people self serve. The status of this is clearly [vaporware](https://en.wikipedia.org/wiki/Vaporware), but we hope to release an alpha by begining of 2021 (Except if you have skills and want to work on it already, this would be amazing ;) ). \ No newline at end of file +UI to let people self serve. The status of this is clearly [vaporware](https://en.wikipedia.org/wiki/Vaporware), but we hope to release an alpha by begining of 2021 (Except if you have skills and want to work on it already, this would be amazing ;) ). diff --git a/content/GettingStarted/_index.md b/content/GettingStarted/_index.md index 9a5be48..e16379b 100644 --- a/content/GettingStarted/_index.md +++ b/content/GettingStarted/_index.md @@ -18,8 +18,8 @@ The reference architecture needs 9 machines: - 3 ingresses - 3 compute -Masters are used to coordinate the cluster. They store the state in etcd. They make sure nodes are healthy. They schedule work on the nodes. They are the brain of your cluster. If they are down, the three of them, your workload still functions properly, but you could't change the state of you cluster. +Masters are used to coordinate the cluster. They store the state in etcd. They make sure nodes are healthy. They schedule work on the nodes. They are the brain of your cluster. If they are down, the three of them, your workload still functions properly, but you couldn't change the state of you cluster. Ingresses are where https is terminated. They need to also be highly available. Depending on your hardware setup, you have to find a way to balance traffic. You could use MettalLB for instance. On Hetzner VMs, we use floating IPs. -Compute nodes are where your workload is running. This is where your databases and application servers will run. \ No newline at end of file +Compute nodes are where your workload is running. This is where your databases and application servers will run. diff --git a/content/KubernetesOperators/UpstreamOperator/_index.md b/content/KubernetesOperators/UpstreamOperator/_index.md index f019759..b6508de 100644 --- a/content/KubernetesOperators/UpstreamOperator/_index.md +++ b/content/KubernetesOperators/UpstreamOperator/_index.md @@ -7,7 +7,7 @@ Now that Postgres is running, we can deploy our Nextcloud. But first we need to deploy the nextcloud upstream operator. This operator is low level because it would need every information about the backing services. It is a nice building block for projects like libre.sh. -Here is the version alpha we are developing. The goal is to move it's development upstream. We think that this belongs to Nextcloud community to own this. And we'll help bootstrap that. The same way we did with [some](https://github.com/RocketChat/Docker.Official.Image/commit/a951f488fb2a633fc89ad3048eb451aa05dc90ee) [official](https://github.com/nextcloud/docker/commit/8fa384bcd6619b9c19c5efbcdf7248d803e43727) [docker](https://github.com/matomo-org/docker/commit/e6538b90a4c7e7e3d6423d1e4740e674ee42eede) [images](https://github.com/idno/Known-Docker/commit/394e91c21d33914899dd2b0b211be2d7fe4e1837). +Here is the version alpha we are developing. The goal is to move its development upstream. We think that this belongs to Nextcloud community to own this. And we'll help bootstrap that. The same way we did with [some](https://github.com/RocketChat/Docker.Official.Image/commit/a951f488fb2a633fc89ad3048eb451aa05dc90ee) [official](https://github.com/nextcloud/docker/commit/8fa384bcd6619b9c19c5efbcdf7248d803e43727) [docker](https://github.com/matomo-org/docker/commit/e6538b90a4c7e7e3d6423d1e4740e674ee42eede) [images](https://github.com/idno/Known-Docker/commit/394e91c21d33914899dd2b0b211be2d7fe4e1837). Here is how the Nextcloud instance object would look like: @@ -30,7 +30,7 @@ spec: EOF ``` -After some minutes, you'd get an up and running Nextcloud instance. behind the scene it would have provisionned the following: +After some minutes, you'd get an up and running Nextcloud instance. bBehind the scene, it would have provisionned the following: - the deployment with 2 pods with a php container with Nextcloud code - a cron job @@ -38,4 +38,4 @@ After some minutes, you'd get an up and running Nextcloud instance. behind the s - an ingress with a Let's Encrypt certificate - installed Nextcloud -Upstream operators are already nice you'd say. But keep in mind that we are discussing about 7 backing services. So for each Nextcloud instance, you'd need to do the plumbing manually of each backing service manually. Let's go now to the libre.sh operator. \ No newline at end of file +Upstream operators are already nice you'd say. But keep in mind that we are discussing about 7 backing services. So for each Nextcloud instance, you'd need to do the plumbing manually of each backing service manually. Let's go now to the libre.sh operator. diff --git a/content/WhyKubernetes/Misc/_index.md b/content/WhyKubernetes/Misc/_index.md index c7885a1..6a795f0 100644 --- a/content/WhyKubernetes/Misc/_index.md +++ b/content/WhyKubernetes/Misc/_index.md @@ -3,13 +3,13 @@ title: Misc weight: 2 --- -## strenghts of kubernetes +## Strengths of kubernetes Industry is moving to kubernetes, so we benefit from the best engineers developing the most amazing platform. We are living the same revolution as when industry moved from hardware to VM. Now we are moving from VMs to containers. The platform is highly available by design and also highly scalable. It can also run on a single host if you want. -## the green argument +## The green argument Another argument for using an orchestration platform like kubernetes is resource consumption. Once you run on a datacenter with green energy and use second hand hardware, what can you do to move further? You have to use more each cpu. @@ -18,7 +18,7 @@ Compared to classic virtualisation, you can put a lot more services with kuberne And because of this reason, kubernetes is greener than classic virtualisation. -## complexity +## Complexity Kubernetes is made to [manage thousands of VMs and hundred of thousands of pods](https://docs.openshift.com/container-platform/4.2/scalability_and_performance/planning-your-environment-according-to-object-limits.html). At this scale, the underlying platform has to be somewhat complex. @@ -41,7 +41,7 @@ As you see, it is pretty simple, and that's why it is reliable, even at the goog In term of network, it is also complex, as you have to span an overlay network between different host and give an IP address to each pod. It is a complex problem to solve, but some smarter people already solved it, so we can rely on such solutions. -## security +## Security Security depends a lot on your threat modeling. @@ -49,18 +49,18 @@ It is a fact that containers are less secured than VMs. But then it depends on w If you want to run free software for people, we think that containers are more than secure enough. We know which code runs on our hardware, and we don't think we need VM level isolation. And if there is a bug in linux containers, we patch. -## single host +## Single host Kubernetes could also run on a single host. Some people might think it would be overkill to run so many processes, for just running one applciation, but why not? There is an effort called [k3s](https://github.com/rancher/k3s), and it is said to run on 150MB of RAM. Now imagine that you can shutdown the control plane, and run it with a cron once a night to update. It could make a good candidate to evolve [lollipopcloud](https://opencollective.com/lollipop-cloud-team/) or even [yunohost](https://yunohost.org/). -## declarative API +## Declarative API The kubernetes API is declarative. It means you declare how the world should look like. For instance, you can say, "My desire is to have a redis instance with these parameters". -This is diffrent than an imperative API. For our redis instance, it would mean to say instead: "Please create a redis instance, then create a service to expose it, and finally, create a secret and configure redis with that." +This is different from an imperative API. For our redis instance, it would mean to say instead: "Please create a redis instance, then create a service to expose it, and finally, create a secret and configure redis with that." In the declarative case, there is no need to detail the flow that modifies the different states. diff --git a/content/WhyKubernetes/Operators/_index.md b/content/WhyKubernetes/Operators/_index.md index 9bc490b..68fedc5 100644 --- a/content/WhyKubernetes/Operators/_index.md +++ b/content/WhyKubernetes/Operators/_index.md @@ -35,6 +35,6 @@ It is probably the first time in IT history that we can collaborate about how to - scale - run highly available -These recipes can now be code. It means they can be tested and shared with a Freesoftware license. +These recipes can now be code. It means they can be tested and shared with a Free Software license. -The combination of kubernetes and operators on not is really appealing as a platform to run free software hosted apps. +The combination of kubernetes and operators is really appealing as a platform to run free software hosted apps. diff --git a/content/WhyKubernetes/TheCloudAPI/_index.md b/content/WhyKubernetes/TheCloudAPI/_index.md index 2ca4442..93978a8 100644 --- a/content/WhyKubernetes/TheCloudAPI/_index.md +++ b/content/WhyKubernetes/TheCloudAPI/_index.md @@ -16,7 +16,7 @@ Between the lines, you can read that the intent behind kubernetes is to become, It is not the first time that open source project try to be an abstraction to popular cloud vendors. There are a few like ansible, or terraform. But they failed, because at the end of the day, you need to take care of the little variations of each provider. -## what is a cloud API +## What is a cloud API But what is a cloud API anyway you can ask. It is a way to provision: @@ -32,15 +32,15 @@ In kubernetes, they are called Persistent Volumes (PV), and when you work with k Then, depending on your cloud provider (Google Cloud, AWS, ..) or even being in your own datacenter, you can have a different volume provider taking care of making your desire to have a Volume happen. Even better, you could have different volume providers on the same cluster, all nicely abstracted by this object. -And kubernetes provides this nice abstraction for everyhting you need to run hosted free software, in a beautiful way. +And kubernetes provides this nice abstraction for everything you need to run hosted free software, in a beautiful way. ## Google compete against AWS Another thing to keep in mind is that Google Cloud is a direct competitor of AWS. -At the time of open sourcing Kubernetes, the docker orchestration war already started, and the world was desparetly in need of a nice orchestrator. Google had a bit of experience in this field. And they probably saw a nice opportunity to compete against AWS. +At the time of open sourcing Kubernetes, the docker orchestration war already started, and the world was desperatly in need of a nice orchestrator. Google had a bit of experience in this field. And they probably saw a nice opportunity to compete against AWS. Imagine, if the world adopts Kubernetes, which is what is happening. Then the barrier to exit AWS just became a lot cheaper. -It is not a secret that AWS was one of the last big tech compagny to join the CNCF. And it is probably because, kubernetes is a threat to their business model, to some extent. +It is not a secret that AWS was one of the last big tech compagny to join the CNCF. And it is probably because kubernetes is a threat to their business model, to some extent. ## The last package manager? @@ -52,4 +52,4 @@ WordPress, the code is free software. Great you can install it on your php provi One component of Kubernetes is definitely to address that. To some extent, kubernetes, and/or tools around are becoming the standard package manager. Some popular proprietary vendors like SAP are now shipping their software as a kubernetes package. They tell their customers, just provide us a cluster, we take care of the rest. Even [OpenStack](https://github.com/openstack/openstack-helm) is shipped as a kubernetes package! -For all these reasons, kubernetes is becoming The cloud API, and the OS of your infrastructure, and the package manager to deploy your FLOSS. \ No newline at end of file +For all these reasons, kubernetes is becoming The cloud API, and the OS of your infrastructure, and the package manager to deploy your FLOSS. -- GitLab From 0f52c1d36b63321805f2f912c530acd0d5c393d5 Mon Sep 17 00:00:00 2001 From: Mossroy Date: Wed, 23 Feb 2022 17:05:47 +0000 Subject: [PATCH 4/5] Fix a typo (mine, this time...) --- content/KubernetesOperators/UpstreamOperator/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/KubernetesOperators/UpstreamOperator/_index.md b/content/KubernetesOperators/UpstreamOperator/_index.md index b6508de..89b163d 100644 --- a/content/KubernetesOperators/UpstreamOperator/_index.md +++ b/content/KubernetesOperators/UpstreamOperator/_index.md @@ -30,7 +30,7 @@ spec: EOF ``` -After some minutes, you'd get an up and running Nextcloud instance. bBehind the scene, it would have provisionned the following: +After some minutes, you'd get an up and running Nextcloud instance. Behind the scene, it would have provisionned the following: - the deployment with 2 pods with a php container with Nextcloud code - a cron job -- GitLab From a04c1cc6a675727738325af2809a5e47b0d6755c Mon Sep 17 00:00:00 2001 From: Mossroy Date: Wed, 23 Feb 2022 17:07:24 +0000 Subject: [PATCH 5/5] Fix "behind the scenes" expression --- content/KubernetesOperators/UpstreamOperator/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/KubernetesOperators/UpstreamOperator/_index.md b/content/KubernetesOperators/UpstreamOperator/_index.md index 89b163d..85876f8 100644 --- a/content/KubernetesOperators/UpstreamOperator/_index.md +++ b/content/KubernetesOperators/UpstreamOperator/_index.md @@ -30,7 +30,7 @@ spec: EOF ``` -After some minutes, you'd get an up and running Nextcloud instance. Behind the scene, it would have provisionned the following: +After some minutes, you'd get an up and running Nextcloud instance. Behind the scenes, it would have provisionned the following: - the deployment with 2 pods with a php container with Nextcloud code - a cron job -- GitLab