The documentation says that to access a minishift-deployed VM you can use `minishift ssh` to log in, but what if you want to use other tooling (like Ansible) to get in there? How can you use standard ssh commands to connect?
In the interest of simplifying the development and deployment of Kubevirt, we decided to make sure it was possible to run with minishift. After downloading and running the minishift binary, I had a working minishift cluster. However, in order to deploy the api-server to the cluster, I needed an external IP; otherwise I’d get the error:
service "" is invalid spec.externalIPs: Forbidden: externalIPs have been disabled
Here is how I got around this error.
I spent the past six work days in a courthouse as a juror. It was a civil case, involving a house repair after a burst pipe flooded it. Verdict went in at around 3 PM (Aug. 2)
There is so much you don’t know on a jury. You can only consider the evidence placed before you…and sometimes you have to forget something you learned before the witness reacts to the word “Objection.”
It was a construction case, and, despite having grown up as the son (and sometimes employee) of a construction contractor, they chose me anyway. I don’t think it colored my reasoning anyway.
Based on this incomplete information, we had to award money to one or the other; doing nothing was, in effect, awarding money to the client who had not paid.
While I did not agree with the other eleven people on the jury about all of the outcomes (there were several charges both ways) I was very thankful to have all of them share the burden of making the decision. I can only imaging the burden carried by a judge in arbitration.
On the other hand, in arbitration, the judge can do research. We couldn’t. We had to even forget things we know about construction (like you postpone work on the outside to get the people back inside) if it was not presented as evidence.
I was very thankful to have my dad to talk this over with afterwards as he has fifty plus years in the construction industry. He clarified some of my assumptions (based on the incomplete information I gave him) and I think I can let go of my doubts. I can sleep soundly tonight knowing I did the best I could, and that, most likely, justice was served.
The number one thing I took away from this experience is, with anything involving contracting, or money in general, is to get everything in writing, communicate as clearly as possible. Aside from covering you for a future lawsuit, it might help prevent that lawsuit by keeping the other person on track. Run your business such that someone else could step in and take over from you, and know exactly what you were doing…or you can hand over what you want to a brand new contractor and they could take over. Obviously, that is a high bar to clear, but the better you do, the better for all involved.
Bottom line up front:
cluster/vagrant/sync_build.sh cluster/kubectl.sh delete -f manifests/virt-controller.yaml cluster/kubectl.sh create -f manifests/virt-controller.yaml
When tests fail, as they often will, the debugger can greatly shorten the time it takes to figure out why. The Kubevirt functional tests run essentially as a remote client. Getting a debuggable setup is not that different from my earlier post on running virt-launcher in the debugger.
While developing Kubevirt, I often want to step through my code. My most recent tasks have involved the virt-controller process. Here’s how I debug them.
Organization is essential to scale. Compare the two images of cabling a data center:
Obviously, the top image appears much more organized. I don’t think it is accidental that the better organized approach is visible in the larger data center. In order to scale, you need organization. If you have a small number of servers, a haphazard cabling scheme is less likely to impact your ability to trace and fix network problems. Such an approach would not work for a million-node data center.
The same is true of code. Without many of the visual cues we use to navigate the real world, tracking code can be very difficult. Thus, code can degenerate into chaos as fast or faster than physical devices. Indeed, the long standing name for poorly organized code is “Spaghetti Code” which is an analogy to the same kind of linear mess we can visualize with the network cables.
Dependency injection provides a tool to help minimize the chaos. Instead of wires run across the data center direct from one machine to another, the well organized scheme routes them to intermediate switches and routers in a standardized way. Just so, dependency injection provides an mediator between components, removing the need for one component to know the approach used to create the specific instance.
The guiding rule is that dependency injection separates object use from object construction.
Constructor Dependency Injection
Of the three forms of Dependency Injection that Martin Fowler enumerates, only the constructor form enforces that an object always meets its invariants. The idea is that, once the constructor returns the object should be valid. Whenever I start working with a new language, or return to an old language, I try to figure out how best to do dependency injection using constructors.
I have a second design criteria, which is that I should continue to program exclusively in that language. Using a marshaling language like XML or YAML as a way to describe how objects interact breaks a lot of the development flow, especially when working with a debugger. Thus, I want to be able to describe my object relationships inside the programming language.
With these two goals in mind, I started looking in to dependency injection in Go.
It has been enjoyable to learn the Kubevirt code base and coding in Go. However, unless the code gets deployed to servers, no one will use it in production. I’ve been learning OpenShift as an integration point for Kubevirt. Here are my notes for getting it up and running. This is not quite production grade, but should help write a proper deployment mechanism.
From December 2011 until December 2016, my professional life was driven by OpenStack Keystone development. As I’ve made an effort to diversify myself a bit since then, I’ve also had the opportunity to reflect on our approach, and perhaps see somethings I would like to do differently in the future.
While trying to launch kubevirt containers in OpenShift, I continually tripped over problems regarding authorization.