 Hello everybody and welcome to our session about cluster management with the open source tool Punk for KDesk. My name is Benedikt Geltisberger and I'm going to introduce you today into Punk. So let's start. We move over here. So I'm the co-CTO at Mojinias and I work with Kubernetes for now since 2018, so a couple of years and I'm focusing on the API of Kubernetes and also on just Kubernetes usage as a DevOps engineer. I'm also a full-stake developer and my go-to language is Go and I have a background in iOS development but this has been a long time ago. In my free time I love building custom Linux machines and gaming rigs. Okay, so let's start. So what is Punk for KDesk? Punk for KDesk is a lightweight Kubernetes manager with built-in team collaboration and this is the main point because there are a lot of tools for Kubernetes management like K9S and Kubernetes Lens and they are awesome. Really we are using them all day long but we were missing an essential part when it comes to working with a lot of Kubernetes clusters from different vendors or different hyperscalers, it's a huge problem to share access. So for example you have a problem with a Kubernetes cluster and you simply want a colleague to look at the problem and you have to share somehow the Kube config. You have to work with the same IAM authentication mechanism if you go to AWS or have the same access using Google Cloud GCP and so it's a lot of work. If you simply want your colleague to just jump in and help you with your problem or just to look up logs or access a pod, whatever you name it and then you have to share the config and sharing configs is really a sensitive topic because they contain a lot of sensitive information and so we decided on creating a software where you can set up a lot of context and then share them with your colleagues, friends or whatever and without actually sharing the Kube config file. So if some of your colleagues might leave the company or if they simply don't have the need to access a cluster anymore, you can revoke access and the colleague will be instantly forbidden to access the resource and you don't have to revoke your cluster certificates or stuff like that. So it's an easy way to handle multiple clusters and multi-cloud. So yeah, we already have a web application, I discussed that earlier. We have a CLI which also supports all features of the web app and we also have a nice YAML editor and terminal access to pods. It's really nice with X-Term.js, it's really like a native experience when accessing. We also support RBAC and Ingress Controllers, multiple ones at the moment, using X-Ingress Controller and Traffic and we also have proxy support if you don't like to enable Ingress. Okay, so why would you use Punk? Yeah, you would use it to enable better collaboration with your colleagues in a multi-cloud environment. And our agenda for today is we are going to install Punk into a cluster. We are going to manage the workloads and resources, so I give you a quick demo on the features you already know when you know K9S or Cubelands. We are going to invite team members and manage the access roles and in the end we are going to remove Punk from the cluster and make everything clean again. So it's easy to just drop in Punk into your cluster and then remove it again without any hassle. Okay, so we also have a website for Punk. It's PunkDef for convenience reasons, so you can simply jump into our GitHub repository and look up the readme for installation. We also have a Slack, so if you want to participate and we are really looking forward for you guys to participate in this project, then jump into it, bring up new feature ideas or just start coding with us, we are really looking forward to that. And now I would say we just jump into the demo. Okay, so now we can close offers and start a new terminal. I'm going to make this window a little bit smaller and move it here and I'm going to start up a new terminal. So first of all I'm going to access this website and it is Punk.Def. So it's easy to remember, scroll down to installation. We support Mac OS and Linux using brew and for Windows we use Scoop, which is really convenient. So all the features I'm telling you about today also work with Windows and also we are supporting WSL too. Okay, so let's just copy it, go back to our terminal and type in the installation commands. So it will take a little bit until the installation is finished. Yeah, I already have the newest version of Punk, so we can proceed. So let's fire up Punk. If I start Punk, I get a small introduction, what Punk does, what the first commands can be and stuff like that. And so we are simply going to run Punk install. Oh, you also have obviously help here. You can see all possible commands here, sub commands. And we are going to do installation and when you don't select the parameter minus I, you simply have a local instance which is not accessible from the Internet. But if you set up your ingress, we will determine your ingress controller and set it up accordingly to point to for example here punk.localhost. So just let us start it. So first of all, we always tell you what context you are operating on. So you don't accidentally install it into the wrong context. So and now Punk is already installed. So what happened here? We installed a lot of different Kubernetes workloads into the cluster to make the operator run. And we created in first an initial administration user. It has a random email address for security reasons and a random password. So please save this data in a safe spot because we will never be able to see it again. Okay, so I am going to copy the email address here and then go to the browser. Type in punk.localhost enter. So now type in the username, copy the password, put it here and log into punk. So now we are logged into punk and we already get a lot of information here like basic information about the cluster statistics and some settings over here and also the context switcher. But we will come to that later. First of all, I give you a short overview about the features. So here's a list of all namespaces which is available and we have a huge load of different workloads which are possible to adjust here. So let's jump into the namespaces and select for example the punk namespace. We just created. So if you go to Yammer, you can also like set up a new label for example, like test label with test and save it. So now this workload is already updated. If you run into any errors, we will tell you and yeah, that's simply it. You can describe and crud stuff with Yammer. Okay, so more fancy now. Let's go to the pods and if you jump into let's say here, there's a traffic pod. You also have a log overview where you can see all logs describe and Yammer also and you have a terminal. For example here, if I type in hit the terminal, I have an external jazz terminal open to the pod and I can start working with it. For example, if I do something like this, I see what's installed here. That's great already, but I can also do fancy stuff like running top. That's also cool. Full screen mode works and I can do apk at htop, which is a little bit more fancy. If I run htop, you can see that also we are doing color support and resizing. If I do some resizing here, resizing works as well and that's it. So I can leave it again and you have a fully fledged terminal here to work with and it's really easy to connect like this and here you go. Okay, so let's jump to the next feature and from my point of view or not obviously it's the main point if I want to add different contexts. So I have my own context here. This is the context I installed when I ran the application in Docker desktop, which it's currently running in. So if I add a new context and I've prepared the context for that here. It's a K3S cluster we use for GPU operations. Like we have a cluster there with Nvidia support where our Lama 2 models are running right inside our office here and we use it for testing and playing around with AI stuff. And I want to use this to demonstrate how easy it is to set up a different cluster. So I select it here and I drag it over. So now it's uploaded and I can import it. If there are multiple contexts in your config file, we will also show them to you and you can select which ones you want to import. So now you see here there's a new context, the name was default, which is a little bit confusing. So let's do something like GPU cluster offers, save it, then do a refresh. And so we have a GPU cluster here. So what we can now do is we can simply switch between these contexts. And so for example, if I now hit the GPU cluster context and I go to the pods, I can see that one of our Lama instances is running here and all the Nvidia stuff for the GPU setup. And I can also do the same. I can simply jump into it and have some terminal fun. Okay, so and you can do it with hundreds of clusters and hundreds of contacts. And now you have a lot of contacts imported to your application. And now you want to share it with one of your coworkers coworkers coworkers. And so let's do that. So I jump back to the terminal. So we will have these features in a few days also in the web application, but we always start with programming the CLI features and then improving the web application. So let's start. So punk user list. So this is the currently added users. And now we are going to add a user. So this user will have the access role reader. So the user can access most of the resources which are not security relevant in a reading manner. For example, a reader cannot access secrets. If you want a secret access, you need to have access level user or admin. So let's set up the user. So we have a new user Matthew Jeff Davis. Nice randomization. So let's copy it. Oh, yeah. So and this user can now lock into punk and see the resources which are available to him or her. So let's jump into the. So you can already see here Matthew Jeff Davis is now one member of this team. Okay. So this is basically it. And we are going to rapidly improve punk for KHS. So we will have a bunch of more cool features. And we are really looking forward for people who would like to participate in doing and working this project. So create new features, create code. Maybe just share ideas with us and let us build something really cool. Thanks a lot for your intention and for your time. And I wish you a great day. Bye bye.