As learning exercise for go and gRPC and to kill some time on airports
and in planes I started to implement a client/server tool using gRPC
in go. While the original idea was to replace a dbus implementation,
I had to find out that gRPC was not suiteable for that case so I used
it to replace my scripts to setup kubernetes on openSUSE Kubic ;)
The result is with kubicd/kubicctl a client/server architecture,
using MutualTLS and certificates for authentication and encrypted
It has RBAC, so you can define which user can do what based on his
Else you can initialize the control plane of the kubernetes master,
add nodes, remove nodes and reboot nodes. You can upgrade the kubernetes
cluster (tested from kubernetes 1.13.4 to 1.14) and download the
Since salt is used to communicate with the nodes, there are the
1. kubicd needs to run on the machine, which should become the
2. salt master needs to run on the same machine
3. all nodes need to be a minion reporting to the salt master.
- on the nodes: echo "master: <hostname>" >
systemctl enable --now salt-minion
- on the master: salt-key -A to accept the minions
kubicd and kubicctl packages are part of the openSUSE Tumbleweed
repositories. So after installation of openSUSE Kubic, you can install
them with "transactional-update pkg install kubicd" on the master node.
We will add them to the openSUSE Kubic media the next days.
kubicctl can run on any machine you like, so even on your personal
Test coverage, documentation and error handling could need quite some
improvements ;), so feel free to create pull requests and file issues.
Any kind of feedback is greatly appreciated!
I also hope that we can improve the salt usage and integrate it into
installer, so that you don't need to setup salt at your own before.
The github project can be found here:
Thorsten Kukuk, Distinguished Engineer, Senior Architect SLES & MicroOS
SUSE Linux GmbH, Maxfeldstr. 5, 90409 Nuernberg, Germany
GF: Felix Imendoerffer, Mary Higgins, Sri Rasiah, HRB 21284 (AG Nuernberg)
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org