KCD Suisse Romande 2025

When 99.999% Isn't Enough: Exploring Swisscom Kubernetes and Particle Accelerator Observability

Welcome, Engineers. Today we aren't just deploying containers; we are building a feedback loop. We will deploy a simulated particle accelerator to a Kubernetes cluster and use OpenMetrics to tune its performance in real-time. Follow the protocol below to initialize your environment.

01 Bootstrap – Create the Kubernetes Cluster

Get Authenticated

You should have received a small paper card containing your personal login and password.

Use these credentials to sign in at: https://ze2zz7yjlt.ks.private.cloud.swisscom.ch/

Use Login with Demo OIDC.

Keep this page open β€” you will need it for the next steps.

Create Your Kubernetes Cluster

The cluster will be created using the web-based wizard provided for the workshop.

All the steps for this phase are already documented in the workshop slides. Please download the PDF and follow the instructions from slide 16 to slide 37, which walk you through the entire cluster creation process.

πŸ“„ Download the Workshop Slides (PDF)

πŸ“„ Download the Workshop Slides (PDF) First Part Swisscom

Once your cluster is fully created, return to this page to continue with the next steps.

02 Init – Install tools

Install Kubectl

Follow the official Kubernetes instructions depending on your OS:

πŸ”— Official Guide – Install kubectl 

# Test your installation
kubectl version --client

Configure API Access

Use the kubeconfig file you downloaded in Step 01.

# Linux / macOS
export KUBECONFIG=~/Downloads/kubeconfig-xxxxxxxxxx.yaml

# Windows PowerShell
$env:KUBECONFIG="C:\Users\YourUser\Downloads\kubeconfig-xxxxxxxxxx.yaml"

Validate Access

$ kubectl get pods -A
NAMESPACE       NAME                                    READY   STATUS    RESTARTS   AGE
ingress-nginx   ingress-nginx-controller-549886-cpg2d   1/1     Running   0          6h42m
ingress-nginx   ingress-nginx-controller-549886-plbz5   1/1     Running   0          6h42m
kube-system     cilium-m7wf6                            1/1     Running   0          10h
kube-system     cilium-operator-74668d995-hrpjh         1/1     Running   0          10h
kube-system     coredns-5d6489bb45-n4rrx                1/1     Running   0          10h
kube-system     coredns-5d6489bb45-v6mt2                1/1     Running   0          10h
kube-system     envoy-agent-jndgw                       2/2     Running   0          10h
kube-system     hubble-relay-795945d857-xgqvw           1/1     Running   0          10h
kube-system     hubble-ui-556747b9c9-q6q29              2/2     Running   0          10h
kube-system     konnectivity-agent-7f7d9474dd-4pxjv     1/1     Running   0          10h
kube-system     konnectivity-agent-7f7d9474dd-gkp5s     1/1     Running   0          10h
kube-system     metrics-server-7bd6766f9d-5grc8         1/1     Running   0          10h
…

04 Run – Deploy the lab and play with the metrics

βš›οΈ Openmetrics Particle Accelerator Lab

This project is a small experimental β€œlab” designed to demonstrate how easily OpenMetrics metrics can be integrated into a business application for Prometheus monitoring.

It simulates a very simple particle accelerator where a particle (represented by a moving ball) travels around a ring and receives periodic β€œkicks” to accelerate and reach (almost) the speed of light.

  • If the kick is too strong, the system overloads. πŸ’₯
  • If the experiment runs too long, it automatically shuts down. πŸ›‘

The goal is to tune the KICK_POWER variable to reach the optimal speed without triggering an overload.

The project illustrates how operational metrics can be embedded directly into an application’s logic β€” allowing developers to observe its internal state and performance through Prometheus.

Establish Uplink (Port Forward)

To access all internal services from your local machine, you only need a single port-forward to the Ingress Controller.

Before you run any kubectl command, make sure your KUBECONFIG environment variable is correctly set. 

# Linux / macOS
export KUBECONFIG=~/Downloads/kubeconfig-xxxxxxxxxx.yaml
# Windows PowerShell
$env:KUBECONFIG="C:\Users\YourUser\Downloads\kubeconfig-xxxxxxxxxx.yaml"

Once KUBECONFIG is set, you can establish the uplink. This port-forward gives local access to all workshop interfaces. 

$ kubectl -n ingress-nginx \
    port-forward deploy/ingress-nginx-ingress-nginx-controller \
    8080:80

Important: Keep this terminal open for the entire workshop. If the command stops, all upstream access to the lab will be interrupted.

The Feedback Loop

Your environment includes four web interfaces you will use during the workshop:

Restart the Lab (CLI)

In case something goes wrong during the workshop, you can restart the lab using the following command: 

$ kubectl rollout restart deployment \
    -n openmetrics-accelerator-lab \
    -l app.kubernetes.io/component=lab

Restart the Lab (CLI)

You can also restart the lab directly from the CLI:

$ kubectl rollout restart deployment \
    -n openmetrics-accelerator-lab \
    -l app.kubernetes.io/component=lab

Extra Step – Implement a new metric

In app.py, you can add a kick_count counter:

from prometheus_client import Counter

kick_count = Counter('kick_count', 'Kick Count')

@app.route('/kick_power')
def kick():
    ...
    kick_count.inc()
    ...

Useful references:

πŸ“š Further Reading

Curious to explore more about Prometheus, metrics, and application observability?

05 Discover – Observability tools using EBPF

Observe Using eBPF

To explore system activity using eBPF, run a debug session with Inspektor Gadget:

kubectl debug --profile=sysadmin $(kubectl get node -o name) -ti \
    --image=ghcr.io/inspektor-gadget/ig:latest -- \
    ig run trace_exec:latest \
    --filter k8s.namespace==openmetrics-accelerator-lab
kubectl debug --profile=sysadmin $(kubectl get node -o name) -ti \
    --image=ghcr.io/inspektor-gadget/ig:latest -- \
        ig run trace_tcp:latest --connect-only

This launches a privileged ephemeral debug pod and attaches the trace_exec gadget.