I'm joined by Wayne Witzel, a Software Engineer at VMware leading the Octant project for Kubernetes, a web GUI to help developers gain insight into their apps on K8s.
- Unedited Live recording with demos on YouTube
- Wayne Witzel on Twitter
- Octant Project website
- Octant on Twitter
- GitHub Plugins
- Making Plugins
- The Monaco embeddable editor
- Visual Studio Code
- Kubernetes Labels
What is DevOps and Docker Talk?
Interviews and Q&A from my weekly YouTube Live show. Topics cover Docker and container tools like Kubernetes, Swarm, Cloud Native development, Cloud tech, DevOps, GitOps, DevSecOps, and the full software lifecycle supply chain. Full YouTube shows and more info available at https://podcast.bretfisher.com
Bret: This is DevOps and Docker talk.
And I'm your host
I talk weekly on the internet@Bret.live on YouTube, and sometimes I have guests.
Sometimes it's just you and me with questions and answers.
Hopefully I have some more answers.
Hopefully you have some questions.
Come join us live on Thursdays at 1:00 PM.
Thanks so much to my Patreon supporters.
You can get my weekly updates on what I'm creating and updating in the world of
open source and Docker containers, Kubernetes, cloud native, all things, DevOps.
You can support my efforts there at Patreon.com/bretfisher.
Thank you so much to my now over 100 supporters.
And just like the last podcast I am back after a long break, eight months or so from 2020 to 2021.
I'm pulling some more episodes from last year out of
the archives that I thought were too good to pass up.
This one is with my guests from VMware Wayne.
And Wayne joined me to show off the Octant project, which is sponsored by VMware.
A few of their staff spend their time focused on this open source
project, which is essentially a web UI for local developers.
That are using Kubernetes locally.
So it's not necessarily a production web interface, but more focused on local awareness and
troubleshooting and seeing what's going on in your cluster, editing things that are in your cluster.
We go through an extensive demo, which I will skip out later in the show.
So this podcast will really just be the conversation about it.
Not so much walking through the interface while you listened to us, clicking around.
And In the show notes, you'll see a link to the full length YouTube live with the full demo.
Now on with the show.
I'm going to be a new person on this topic.
So I'm going to learn along with you and on the show we have Wayne Witzel from VMware.
How are you doing?
Witzel: Hey, how's it going, Brian?
Thanks for having me on the show.
Yeah, it's gone.
Bret: And we are actually, again, this is actually a couple of weeks in a row.
I feel like we've you're you are just three hours away from me.
We could actually make the real world if they weren't quite right.
I'm over in Durham, North Carolina.
Which is actually, it's a really nice day out today.
And where he's right over the border.
So in case you're not on the east coast of America, we are right
there in the middle, on the east coast, not far from the ocean.
And , it turns out , we're both working from home cause that's what we're doing in the states.
Like a lot of countries nowadays.
So this is actually it's actually works out.
Remind me, you are.
You are the dev lead or the team lead on the Octant project, right?
I'm a team lead for the Octant project.
There's a total of four of us.
The tech lead and kind of the original creator of the project is Brian Lyles.
And then there's two other members of the team full time , besides myself,
which is , Sam Fu and , Mulan, which I can't correctly pronounce his last name.
That happens to me on the show all the time.
So hopefully I got Witzel right.
, so have you been at VMware a while, was this like your first project at VMware?
How did that happen?
Witzel: Uh, Yes.
So I was originally at, Heptio and that was acquired by
VMware , a little over a year and a half ago , uh, December of.
I believe it was right.
Yeah, I think so.
December of 2018.
So, uh, When I was at Heptio I was working on a project , at the time it was called arc.
It's now called Valero.
It's a backup and recovery tool for Kubernetes clusters.
And then I had some time away , due to some medical issues.
I had a pituitary tumor that I had to take out.
And so I had a three month recovery period.
So when I came back, there was this new project Octant
and that's what I've been working on for the last , year.
Bret: Oh yeah.
That sounds like quite a journey.
Yeah, cause , yeah, definitely.
I've talked to a lot of people that have worked at Heptio
or had worked at Heptio when it was , still a thing.
And it's still , it's, it's really cool to see the work coming out of that.
Everything from the Kubernetes Fridays to, all this open source work that's happening at VMware.
So this is actually, I think you're the second VMware guest on this show.
. That we're having on in three months.
So this has got to turning into like a VMware show
lately, which is pretty cool because it's all open source.
It's all Kubernetes.
And , it's been pretty fun.
Before we get into like really diving into Octant , you
mentioned something earlier that I need to talk about.
Cause I think a lot of us don't have experience with this.
You recently had baby goats.
Well, I didn't.
Yeah, but our, our goats who we have had , uh, some kids.
So our goat Mac, we have three goats.
We have macaroni Mellon and , Marsala and macaroni gave birth , yesterday
morning to two baby goats , a girl named noodle and a boy named nougat.
Bret: Nice new gate.
That's a great name.
Are those, are these Scouts go goats?
Gouts these goats for uh, like, are you doing it for milk, for entertainment?
For what's the reason here?
Witzel: So yeah, the milk , entertainment , keep, so we are on 18 acres, so
we have a lot of , area that can be grazed in and they help keep that down.
And then we also process , boy goats for meat.
Bret: Oh, okay.
The , the goats on tables and like goat standing on
things is a constant meme that I love on the internet.
Do you have Instagram accounts for your goats?
Is this a thing?
Witzel: So yeah, the, if you follow the rightest living Instagram account that's my wife is
in charge of all that and there is a constant stream of baby goat stuff happening right now.
Witzel: that's yeah.
That's pretty cool.
The goats on tables, goat, yoga, all that kind of stuff.
If you're around goats and you watch them , you learn that you don't want them walking on.
Are they are indiscriminate bathroom users.
They, they do not care where they were when they're going.
Bret: They're probably, I would imagine they're not a potty trained animal.
Not at all.
I forgot about the goat yoga that , I just recently stumbled
onto that and I, I can't imagine it, like those hooves look pretty
Witzel: uncomfortable, so well, so on the bit, the little kid goats, they're very soft.
They're not hard to get, so it's not that bad, but as I said, you,
yeah, you don't generally, you want to avoid just being under goats.
Bret: All right.
So in, in comments we have , your goats that were adorable from Clayton.
I don't know if you know Clayton.
Witzel: do know Clayton.
He's a good friend of mine.
Bret: It's always good to have friends trolling you in the chat.
I intentionally invited him because he, I knew he would,
Bret: he knew he'd throw some stuff in there, okay.
So I asked you this earlier, but , to recap , how does one go about getting goats?
If someone's interested in guts.
So I would, if someone wanted to get goats, the steps that I, that we took and that I
would recommend other people take is to buy a goat care book and read it, find a local
farmer who raises goats and see if they will teach you about kitting and raising goats.
And just generally, like a lot of places have goat classes.
We, we attended a goat class at a local place called prodigal farm.
And then you buy goats.
People willingly sell them all over and you just there's the reason
you want to go to a class and read a book is because there are rules.
You want to check certain things about goats and there are certain
traits and characteristics of a goat that you don't want to buy.
So one of the big rules was never take a free goat.
There's a reason they're free.
It's like a, is it?
Yeah, it's kind a free puppy.
There's a rule about real free puppies.
. Good advice.
So anyone out there.
Now you have all the goat facts, like you're ready to start your goat adventure.
So yeah, you didn't know that this was podcast is going to be about goats, but it is no.
And when your goats come into milk, remember that you, even with the
babies on them, they produce more milk than the babies will consume.
So you have to milk them every day.
That is not it's not a good thing for someone who doesn't want to do something every
It's definitely, there's definitely chores.
They're not self maintaining animals.
Witzel: like cats are like the best animal for anyone who
just wants to like occasionally do stuff with their hands.
Just get it
Bret: right on my terms.
Not your terms.
We have a new puppy, so I definitely understand that whole oh, this is so inconvenient.
I'm trying to work from home.
But , we're lucky because we don't have to deal with kids and
puppies, but , I have friends with both and that's , that's a lot.
Witzel: That's a lot.
It seems like way too
So we've covered goats and I feel like people are ready to hear
about this Okta thing, which I just recently learned about.
And my first thought was, okay, this is a Kubernetes gooey.
How is it different from other gooeys?
So what is the, like the origin story of how this came about?
So how it came about was Brian Lyles and Joe beta had a conversation about tooling
developer tooling, specifically for Kubernetes and how the like new developers
coming into Kubernetes had to have a lot of information to even get started.
And then even once they had the information, once it was all deployed in Kubernetes, Understanding
how all these different services and resources were interacting with each other was very difficult.
So it stemmed from this desire to have a tool that made it easier to understand how
things were operating in your cluster, as well as making it easier to get those things
into your cluster and view them and see them updating and just following along.
So that's kind of where it came from.
And then I was introduced to the project , about a year
ago and started working on it and , instantly just.
I fell in love with the project.
All of the sentiment that's in that idea.
I really relate to , I know what I have to know about Kubernetes to build Okta, but ideally I would
know nothing about Kubernetes and I would just be able to build my application and deploy it and
it would work and there'll be a tool like Okta that would just help me understand how it all works
and help me understand how to get it from the dev state, that building things out into running it.
What I'm hearing is this this isn't really meant to be like your
production dashboard for your clusters in the cloud or something like that.
This is more of a dev tool, maybe.
Or is it right
It's right now, it's very much focused to be a dev tool.
There are some, there are operators who do use it as a way to view things.
The way its current permission model works.
It's an all or nothing model.
So for people who aren't familiar with Kubernetes and running it generally
there's some tooling like cube, CTL where you'll create a local cube config.
And then you'll just use your command line tooling, your CLI tools.
Octant kind of follows in that sit in those same footsteps where Octant
just looks for a local cube config and then the permissions you have to
your cluster or their permissions, you get to navigate and view things with.
So there is no actual deploying Okta and setting up Okta it or anything like that.
You just download the binary, run it and it uses your actual
true permissions to help you navigate your, Kubernetes
So it's sort of that convenience factor of not having to worry about creating your, our
back situation or having a web gooey for managing the users inside of it and all of that.
So that's yeah.
It's probably saves you a lot of coding on the, on your end.
Witzel: There is a strong desire to get this in cluster.
And that's something we have in our backlog and we're working towards, but it
was something that we intentionally did not put in there to start because we really
wanted to focus on driving forward with features and useful things for developers.
And then later address that whole in cluster, our back permissions.
How does it work
Bret: thing, right?
. Cause I think at this point it's you know, we've got.
A lot of the tool choices out there for gooeys around
Kubernetes, because obviously there's a lot to it.
, it's tricky.
I think sometimes to figure out as a, whether you're an operator or a developer and what your
use case is trying to figure out which one of these tools is the right tool for that job.
, okay, so we've established right now, it's not ideal as a cluster operators tool,
simply due to the fact that it's not designed for a web permissions and stuff like that.
Is it, would you consider a troubleshooting tool for local, like my local
Kubernetes and diving into why this container is, or which containers are
responding and, crash loop, back-off kind of situations, stuff like that.
Witzel: Yes, absolutely.
And that was one of the first things that we addressed and tried to tackle with the
tool , Brian created this view, which was called, it's called the resource viewer.
And it's like a, it's a graph view of your resource in the cluster
and all of the connections and everything , and a nice graph.
And then , we have statuses of the objects.
And so while you're viewing this graph, you can see that everything's green or that this is red.
And then you can, from that graph, drill down into the individual resources and, get
that more information about can't find the image or whatever it happens to be there.
And you can also directly link in and look at container logs and things like that.
Yeah, it definitely helps you navigate that.
Here's an error , that I think a lot of people, when
you first start using , Kubernetes, I know for me.
I would run, deploy, and then, you do status , but what do you need the status of?
Do you need it up to the deployment of the replica set of the pod of the the service?
Did you typo the service name versus the deployment name and all
of these things that are really hard to surface with the CLI tools?
Cause you're just looking at this wall of text and so getting it into a graph, showing those
connections , or not showing the connections, if you're expecting a service to be part of the
graph and it's not there, that's a big indicator that maybe there's an issue with the service.
Bret: When students are going through my courses they're first learning containers, right?
And so this, they often will have this experience where they're trying to containerize something.
And there's something just not quite right with their Docker file, or maybe they're trying to
use Docker Compose and they're composed files messed up and they realize they don't have really
great observability of what's happening right now is the container restarting, is it stopped?
And so they, you know, they run a bunch of commands, right?
Docker, PS, like Docker, PS, DeShay, like they're trying to figure out , uh, oh.
And, And those tools don't exactly output the best combination of is it the app itself or is it the
Docker file that the command is like, it was the command failing was the image of the wrong name.
Like people misspelling, genetics all the time when they're new to
the engine X and they're not used to typing it a thousand times.
But once they get that past that struggle and they start to learn orchestration
with Kubernetes, that's often the next step is their Yammel isn't right.
Or, I'm telling them, Hey, you should be using apply.
You can learn the run in the create commands, but you really start to need to focus on applied.
Cause that's like what you're gonna end up using in production.
And even the described command is a lot to sift through and it's not
colored , typically I will, for myself, even after playing with
this stuff for awhile, it ends up being three or four terminal windows.
I got open and I got one looking at events and I got one ready to receive the logs
with some external logging tool that because I want to see all the paws or whatever.
And , it sounds like this is a scenario where I could just have my app window
where I'm maybe running cube control commands for just apply and get, but
everything else I'm going to need to see is all just in this one browser tab.
Is that kind of how the experience goes?
And that's our goal.
There are some things that we're not surfacing yet, but essentially our goal is to move
, everything up from , a cube CTL command up into Okta so that you're no longer having to.
Pipe things out to, to, Jason parsers to then get the nested value that you
want from the Yammel that's output, from a described command and all of these
things that you have to do now, it's just it's the string of commands, like
Unix commands that you have to pipe together is just it's not , I don't know.
I don't even know.
It's so confusing even to me and I do it all the time.
So I'm one of the biggest users of Okta.
Like I run Octant all day long.
Yes, I develop it and I work on it, but I also, I
run it to look at my things and to help me develop.
And it's really changed my workflow and the way I do things.
Is this a read only type of tool or are there opportunities to fix things like, can I do edits in it
So we have, right now we have a select, a number of fields that are editable.
We are working on full on edit, even up to the point of
pasting in Yammel or uploading a file and having it be applied.
We just recently added in the ability to create new objects via our API.
our internal Lockton API is really just a wrapper around
the Kubernetes API that gives us a little more control.
So that way Octant can do things in the way that it expects them to be done , from like a
, Process standpoint, not from a Kubernetes API standpoint, we really just are encapsulating that API.
But yeah, so we have, you can like edit container images and change the links that, the names
of deployments and things like that you can , modify the number of replicas that something has.
What else do we have?
I think that's, those are the three big ones is the
container images, replica sets , and , service names.
So we're, we just recently incorporated the Monaco editor for those who aren't familiar as the same.
Open source editor that backs , vs code.
And so we just added that as our default viewer for the Yammel view, it's currently
set to read only, but the idea is that we were going to be creating a smart
editor in Octa that will , allow you to do like smart editing of your object.
So as you're typing in, like this uses this config you'll get type ahead
and you'll get, or you'll get a red squiggly line and then you hover and
it says this config doesn't exist in this namespace, things like that.
So things that, that kind of point in the right direction and help you
build your Yammel in real time, we're going to be incorporating that
into the Yammel editor because it's backed by an actual, IDE tool now.
, Bret: that's really cool.
It's pretty fascinating lately, how people have created ways to use the
vs code web view or whatever you want to call that kind of approach to things.
And I don't know, is it called IntelliSense inside of vs code?
Is that there?
I don't know,
Witzel: that's what I call it still.
And then depending on the person I say it to, they need
instantly know what I'm talking about or they're like,
Whether or not they've used visual studio in their past life.
I'm sure it's a trademark to term, but it is kind of a,
autocomplete maybe, but that's not really all in debt, yeah.
I see what you're saying.
That's really cool.
I think that, obviously we're not, it doesn't sound like we're trying
to hide the fact that cube control is there and that we can use it.
But , when you, like you said, when you really just want to focus on development,
focus on your app that's one of the things, one of my beats, really with trying to
use orchestration locally, while you're developing is you end up getting so bogged down
typically with the management of the infrastructure that you're no longer focusing on
your app development and you spend now 10% of your time is no longer app development.
Getting this thing to work.
And I felt like, you know, flashback six, seven years, we were leaving
that world when we got rid of Vagrant and VMs and we were just managing it
with Docker desktop, or, some sort of Docker set up or container set up.
And we started to learn about things like Docker Compose.
I felt like we were finally on a road to some consistent tooling around taking
multiple apps, running them all together locally to make this thing work.
And , I haven't, it's interesting cause I, for a while now I've
been really not convinced that we need to be running towards local
orchestration tools for development, but I know that there's legitimate.
You know, Use cases out there when you want to test with , service
mesh or you have a situation where you have really using a proxy
for your microservices, getting back and forth between each other.
Like Trying to do that without some level of orchestration ends up, usually with people making
a bunch of different tools that simulate the production, but are nothing like those tools.
And now they have these tools they have to manage in parallel.
I know it's one of those things where I'm, I don't
yet have wait that sweet setup that I'm excited about.
And so I'm really curious at how this , if I gave
it a shot , I don't do a ton of development work.
I'm mostly more on the DevOps side right now, so I'm mostly just sitting in Yammel.
I'm interested to see how this would really, if I kept it up and running how this would
change my workflow , and have me spending less time at the cube control command line.
I hear you've got some demos.
Yeah, we checked
Witzel: some of that out.
Yeah, we can do that.
I was just going to show just kind of high-level walkthrough of kind of what Okta
does and nothing too deep, but just for people who haven't seen it before, so
And on your , on the website, it did talk about that.
Like right now you basically run a shell command and then it, does a
bunch of automation in the background and then brings this web console up.
But that may be in the future.
It's going to be its own gooey.
Witzel: yeah, we're currently working on making an electron app, so it'll it just similar
to slack and the S code and other tools it'll be its own, , Double click executable
that, that especially folks who are, who develop on windows machines , and even to
some degree , Narcos machines are just used to, that app format, , right now, if you
get the ECC and you run it on , a windows, it just says, this is the command line app.
And it's not very, it's not a very friendly way to
like we get a lot of people were like, what do I do?
It's command line.
So yeah, we wanna, we want to lift that experience up so that you don't even have to think about it.
Bret: Thank you so much for being on the show.
This has been great.
Learned a lot about this tool.
I felt like I just did this podcast for me, for selfish reasons.
I just kinda wanted to learn and you were willing to be on the show.
So thank you for that.
That was great.
Where can people find you on the internet?
We have your Twitter handle down there.
That's WW I T Z E L 3 on Twitter.
That's really it.
Oh , and the Octant slack channel on the Kubernetes slack.
So community has a slack.
There's a, there's an Octant channel on that Kubernetes slack in there.
I'm also wwitzel3.
Bret: All right.
That was the end of the interview with Wayne.
You can check more out of Octant at octant.dev that's octant.dev of course
all the links are in the show Thanks so much to my Patreon supporters.
You can get my weekly updates on what I'm creating and updating in the world of
open source and Docker containers, Kubernetes, cloud native, all things, DevOps.
You can support my efforts there at Patreon.com/bretfisher
Thank you so much to my now over 100 supporters.
I'll see you in the next episode.