How to build scalable, reliable and stable Kubernetes cluster atop OpenStack.

Similar documents
Kubernetes: Twelve KeyFeatures

Kubernetes introduction. Container orchestration

An Introduction to Kubernetes

CONTAINERS AND MICROSERVICES WITH CONTRAIL

Kuryr & Fuxi. OpenStack networking and storage for Docker Swarm containers. Hongbin Lu Antoni Segura Puimedon

Evolution of Kubernetes in One Year From Technical View

Project Kuryr. Here comes advanced services for containers networking. Antoni Segura

Kubernetes and the CNI: Where we are and What s Next Casey Callendrello RedHat / CoreOS

Kubernetes - Networking. Konstantinos Tsakalozos

Kubernetes 101. Doug Davis, STSM September, 2017

Kubernetes on Openstack

Bringing Security and Multitenancy. Lei (Harry) Zhang

Kubernetes and the CNI: Where we are and What s Next Casey Callendrello RedHat / CoreOS

Kubernetes. An open platform for container orchestration. Johannes M. Scheuermann. Karlsruhe,

Container Networking and Openstack. Fernando Sanchez Fawad Khaliq March, 2016

Docker All The Things

Federated Prometheus Monitoring at Scale

Datacenter Network Solutions Group

Managing and Protecting Persistent Volumes for Kubernetes. Xing Yang, Huawei and Jay Bryant, Lenovo

Scaling Jenkins with Docker and Kubernetes Carlos

Package your Java Application using Docker and Kubernetes. Arun

Kubernetes 1.9 Features and Future

Stackube Documentation

Triangle Kubernetes Meet Up #3 (June 9, 2016) From Beginner to Expert

agenda PAE Docker Docker PAE

OPENSTACK + KUBERNETES + HYPERCONTAINER. The Container Platform for NFV

Container Orchestration on Amazon Web Services. Arun

Scheduling in Kubernetes October, 2017

Full Scalable Media Cloud Solution with Kubernetes Orchestration. Zhenyu Wang, Xin(Owen)Zhang

Kubernetes Integration with Virtuozzo Storage

Continuous delivery while migrating to Kubernetes


Understanding and Evaluating Kubernetes. Haseeb Tariq Anubhavnidhi Archie Abhashkumar

Container-Native Storage

Infoblox IPAM Driver for Kubernetes User's Guide

Building a Kubernetes on Bare-Metal Cluster to Serve Wikipedia. Alexandros Kosiaris Giuseppe Lavagetto

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

OpenStack Magnum Hands-on. By Saulius Alisauskas and Bryan Havenstein

Launching StarlingX. The Journey to Drive Compute to the Edge Pilot Project Supported by the OpenStack

Kubernetes - Load Balancing For Virtual Machines (Pods)

Infoblox IPAM Driver for Kubernetes. Page 1

Securing Microservice Interactions in Openstack and Kubernetes

Multiple Networks and Isolation in Kubernetes. Haibin Michael Xie / Principal Architect Huawei

Project Calico v3.2. Overview. Architecture and Key Components. Project Calico provides network security for containers and virtual machine workloads.

Virtual Infrastructure: VMs and Containers

Secure Kubernetes Container Workloads

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

The speed of containers, the security of VMs

Internals of Docking Storage with Kubernetes Workloads

What s New in Red Hat OpenShift Container Platform 3.4. Torben Jäger Red Hat Solution Architect

Kubernetes: What s New

VMware Integrated OpenStack with Kubernetes Getting Started Guide. VMware Integrated OpenStack 4.1

OpenShift Hyper-Converged Infrastructure Bare Metal Deployment with Containerized Gluster

Designing MQ deployments for the cloud generation

Question: 2 Kubernetes changed the name of cluster members to "Nodes." What were they called before that? Choose the correct answer:

What s New in K8s 1.3

How to build and run OCI containers

Taming Distributed Pets with Kubernetes

S Implementing DevOps and Hybrid Cloud

Weiting Chen Zhen Fan

NFV go-live. Where are my containers? Franck Baudin Sr Principal Product Manager - OpenStack NFV May 9, 2018

Buenos Aires 31 de Octubre de 2018

Project Kuryr. Antoni Segura Puimedon (apuimedo) Gal Sagie (gsagie)

Kubernetes Container Networking with NSX-T Data Center Deep Dive

Container Attached Storage (CAS) and OpenEBS

A day in the life of a log message Kyle Liberti, Josef

How Container Runtimes matter in Kubernetes?

What s New in K8s 1.3

Dan Williams Networking Services, Red Hat

OpenStack Magnum Pike and the CERN cloud. Spyros

Continuous Delivery of Micro Applications with Jenkins, Docker & Kubernetes at Apollo

K8s(Kubernetes) and SDN for Multi-access Edge Computing deployment

Maximizing Network Throughput for Container Based Storage David Borman Quantum

K8s(Kubernetes) and SDN for Multi-access Edge Computing deployment

OpenShift 3 Technical Architecture. Clayton Coleman, Dan McPherson Lead Engineers

Project Calico v3.1. Overview. Architecture and Key Components

FROM MONOLITH TO DOCKER DISTRIBUTED APPLICATIONS

Kubernetes, Persistent Volumes and the Pure Service Orchestrator. Simon Dodsley, Director of New Stack Technologies

Code: Slides:

The speed of containers, the security of VMs. KataContainers.io

Cloud & container monitoring , Lars Michelsen Check_MK Conference #4

Infoblox Kubernetes1.0.0 IPAM Plugin

TensorFlow on vivo

INSTALLATION RUNBOOK FOR Iron.io + IronWorker

Introduction to Kubernetes

Table of Contents HOL NET

Simplify Container Networking With ican. Huawei Cloud Network Lab

A REFERENCE ARCHITECTURE FOR DEPLOYING WSO2 MIDDLEWARE ON KUBERNETES

Red Hat Enterprise Linux Atomic Host 7 Getting Started with Kubernetes

Table of Contents HOL CNA

IBM 开源技术微讲堂容器技术与微服务系列

Operating Within Normal Parameters: Monitoring Kubernetes

Two years of on Kubernetes

Microservices. Chaos Kontrolle mit Kubernetes. Robert Kubis - Developer Advocate,

Wolfram Richter Red Hat. OpenShift Container Netzwerk aus Sicht der Workload

Getting Started with VMware Integrated OpenStack with Kubernetes. VMware Integrated OpenStack 5.1

Building an on premise Kubernetes cluster DANNY TURNER

Contrail Networking: Evolve your cloud with Containers

Kuber-what?! Learn about Kubernetes

Dataplane Networking journey in Containers

Transcription:

How to build scalable, reliable and stable Kubernetes cluster atop OpenStack Bo Wang HouMing Wang bo.wang@easystack.cn houming.wang@easystack.cn

Cluster resources management Cluster data persistence Contents Integrate kuryr-kubernetes as CNI plugin Integrate manila as storage provisioner

Architecture of Kubernetes Cluster master nodes slave nodes apiserver kube-proxy scheduler controller manager etcd flanneld kube-proxy end-user pods flanneld kubelet docker kubelet docker containers system daemons

Cluster Resource Management why Pods and system daemons compete for resources Pods can consume all the available capacity on a node by default Resource starvation System daemons crash and pods evicting What ever happened in our environment: kube-proxy, prometheus were evicted dockerd does not response in time etcd cluster crash

Cluster Resource Management how categories components solution ref kubernetes system daemons kubelet,docker configure kube-reserved OS system daemons etcd,flanneld,apiserver configure --system-reserved eviction thresholds kubelet configure --eviction-hard kube-system pods end-user pods kube-scheduler, kube-controller, kube-proxy, prometheus, fluentd configure guaranteed QoS class configure needed QoS class [1] [1] [1] [2] [2] [1] Reserve Compute Resources for System Daemons: https://kubernetes.io/docs/tasks/administer-cluster/reserve-compute-resources/ [2] Configure Quality of Service for Pods: https://kubernetes.io/docs/tasks/configure-pod-container/quality-service-pod/

Cluster Resource Management example Node Capacity 32Gi of memory, 16 CPUs and 100Gi of Storage kube-reserved --kube-reserved=cpu=1,memory=2gi,ephemeral-storage=1gi system-reserved --system-reserved=cpu=500m,memory=1gi,ephemeral-storage=1gi eviction-threshold --eviction-hard=memory.available<500mi,nodefs.available<10% available for pods 14.5 CPUs, 28.5Gi memory, 98Gi local storage pod eviction occurs in the following order: BestEffort Burstable Guaranteed

Cluster resources management Cluster data persistence Contents Integrate kuryr-kubernetes as CNI plugin Integrate manila as storage provisioner

Cluster Data Persistence All cluster data stored in local storage of VM instance. VM destroyed, data lost. move essential data into persistent volumes separately as needed. etcd data monitor data kubernetes object resources, container network configurations nodes info, pods info Done in upstream [1] https://bugs.launchpad.net/magnum/+bug/1697655 [2] https://review.openstack.org/#/c/473789/ configure volumes for prometheus pods logging data kubernetes daemons log, system daemons logs, container logs configure volumes for elasticsearch pods

Etcd Cluster Independent Deployment Fast disks are the most critical factor for etcd deployment performance and stability. etcd is very sensitive to disk write latency. Few etcd deployments require a lot of CPU capacity. [1] master nodes apiserver flanneld LB slave nodes flanneld etcd nodes etcd high performance volumes [1] https://github.com/coreos/etcd/blob/master/documentation/op-guide/hardware.md

Cluster resources management Cluster data persistence Contents Integrate kuryr-kubernetes as CNI plugin Integrate manila as storage provisioner

Integrate kuryr-kubernetes as CNI plugin eth1 No IP eth0 eth0 eth1 10.0.0.5 10.0.0.6 No IP kuryr bridge tap-xxx tap-yyy k8s api server kubelet kuryr bridge tap-xxx tap-yyy eth0 Pod1 eth0 Pod2 kubelet kuryr-cni eth0 Pod1 eth0 Pod2 10.0.0.7 10.0.0.8 iptables kuryr-cni kuryr controller 10.0.0.9 10.0.0.10 iptables kube-proxy kube-proxy master node Neutron Server slave node

Integrate kuryr-kubernetes as CNI plugin difference with upstream reasons ref kuryr only for ip allocation kube-proxy for service --> pod 1. iptables has better performance than neutron lbaasv2 2. kuryr does not support k8s services in following kinds: LoadBalancer; NodePort; Endpoint-less; Specify cluster ip [1] [2] add implementation of portmapping into kuryr-cni cni plugin should support hostport [3] network topology of pods and vms stop watching k8s events kubelet --> kuryr-cni --> kuryr-controller with kube-proxy, macvlan do not go through the host system iptables trunk port is not enabled in our product in theory, watching events should have better performance but in our test, kuryr-cni came into time out errors against concurrent pods creating. simplify the process to sequential call [4] [1] https://bugs.launchpad.net/kuryr-kubernetes/+bug/1684118 [2] https://bugs.launchpad.net/kuryr-kubernetes/+bug/1697942 [3] https://github.com/kubernetes-incubator/bootkube/issues/662 [4] https://github.com/kubernetes/kubernetes/issues/53089

Cluster resources management Cluster data persistence Contents Integrate kuryr-kubernetes as CNI plugin Integrate manila as storage provisioner

Integrate manila as storage provisioner Deployments/RC with one replica Pod Deployments/RC with multi-replicas Pod1 Pod2 Pod3 ReadWriteMany ReadWriteOnce Cinder persistent volume NFS persistent volume Block Storage Shared File System Cinder Manila

Integrate manila as storage provisioner Manually leveraging manila to provide NFS PV for k8s pods nfs-pv.yaml Manila get share export location Create share k8s Create PV with share location Create PVC match PV nfs-pvc.yaml Create share network Create Pods mount PVC Multiple pods read/write share

Integrate manila as storage provisioner Add manila as an external storage provisioner[1][2] to provide PV dynamically for Pods manila storage class: K8s cluster kubeconfig cloudconfig k8s apiserver watch PVC events easystack manila provisioner pods [3] manila pvc: openstack manila [1] https://kubernetes.io/docs/concepts/storage/persistent-volumes/ [2] https://github.com/kubernetes-incubator/external-storage/ [3] https://github.com/kubernetes-incubator/external-storage/pull/429

Magnum Q: Cloud these happen in magnum? A: Yes, we did all these work based on internal magnum. Related BP in magnum launchpad: etcd cluster independent deployment: https://blueprints.launchpad.net/magnum/+spec/deploy-etcd-cluster-independently integrate kuryr-kubernetes with magnum: https://blueprints.launchpad.net/magnum/+spec/integrate-kuryr-kubernetes integrate manila with magnum: https://blueprints.launchpad.net/magnum/+spec/magnum-manila-integration

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback