The Path to Self-Contained CRDs - Advanced Validation and Version Conversion
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Explore the evolution of Custom Resource Definitions (CRDs) in Kubernetes and learn about the potential for self-contained CRDs in this conference talk by Cici Huang from Google. Discover how the introduction of Common Expression Language (CEL) has enhanced CRD validation rules and opened up possibilities for advanced features without relying on admission webhooks. Gain insights into the challenges of multi-version CRDs, the complexities of webhook configurations, and the future roadmap for CRDs in Kubernetes. Understand the impact of these developments on extension authors and cluster administrators, and explore the potential of CEL to replace webhooks entirely. Learn about current available features, upcoming plans, and best practices for policy enforcement and management in Kubernetes.
Syllabus
Intro
The Journey of CRD
Validation is critical
CEL Documentation
CRD Validation Rules
CRD Version Conversion
Declarative Validation
Policy Enforcement in Kubernetes
Policy Management
ValidatingAdmissionPolicy
failurePolicy VS validationActions
Best Practices - Authz Check
Takeaway
Taught by
CNCF [Cloud Native Computing Foundation]