how to build scalable reliable and stable kubernetes
play

How to build scalable, reliable and stable Kubernetes cluster atop - PowerPoint PPT Presentation

Sep 02, 2022 •188 likes •378 views

How to build scalable, reliable and stable Kubernetes cluster atop OpenStack Bo Wang bo.wang@easystack.cn HouMing Wang houming.wang@easystack.cn Cluster resources management Cluster data persistence Contents Integrate

  1. How to build scalable, reliable and stable Kubernetes cluster atop OpenStack Bo Wang bo.wang@easystack.cn HouMing Wang houming.wang@easystack.cn

  2. Cluster resources management Cluster data persistence Contents Integrate kuryr-kubernetes as CNI plugin Integrate manila as storage provisioner

  3. Architecture of Kubernetes Cluster master nodes slave nodes kube-proxy apiserver end-user pods kube-proxy flanneld etcd scheduler kubelet controller manager flanneld docker kubelet containers docker system daemons

  4. Cluster Resource Management – why Pods and system daemons compete for resources Pods can consume all the available capacity on a node by default Resource starvation What ever happened in our environment: • kube-proxy, prometheus were evicted • dockerd does not response in time • etcd cluster crash System daemons crash and pods evicting

  5. Cluster Resource Management – how categories components solution ref kubernetes system daemons kubelet , docker configure [1] –kube-reserved etcd , flanneld , apiserver OS system daemons configure [1] --system-reserved eviction thresholds kubelet configure [1] --eviction-hard kube-system pods kube-scheduler, configure [2] kube-controller, kube-proxy, guaranteed QoS class prometheus, fluentd end-user pods configure [2] needed QoS class [1] Reserve Compute Resources for System Daemons: https://kubernetes.io/docs/tasks/administer-cluster/reserve-compute-resources/ [2] Configure Quality of Service for Pods: https://kubernetes.io/docs/tasks/configure-pod-container/quality-service-pod/

  6. Cluster Resource Management – example Node Capacity 32Gi of memory, 16 CPUs and 100Gi of Storage kube-reserved --kube-reserved=cpu=1,memory=2Gi,ephemeral-storage=1Gi system-reserved --system-reserved=cpu=500m,memory=1Gi,ephemeral-storage=1Gi eviction-threshold --eviction-hard=memory.available<500Mi,nodefs.available<10% available for pods 14.5 CPUs, 28.5Gi memory, 98Gi local storage pod eviction occurs in the following order: • BestEffort • Burstable • Guaranteed

  7. Cluster resources management Cluster data persistence Contents Integrate kuryr-kubernetes as CNI plugin Integrate manila as storage provisioner

  8. Cluster Data Persistence All cluster data stored in local storage of VM instance. VM destroyed, data lost. move essential data into persistent volumes separately as needed. etcd data kubernetes object resources, Done in upstream container network configurations [1] https://bugs.launchpad.net/magnum/+bug/1697655 [2] https://review.openstack.org/#/c/473789/ monitor data nodes info, configure volumes for prometheus pods pods info logging data kubernetes daemons log, configure volumes for elasticsearch pods system daemons logs, container logs

  9. Etcd Cluster Independent Deployment “Fast disks are the most critical factor for etcd deployment performance and stability. etcd is very sensitive to disk write latency.” “Few etcd deployments require a lot of CPU capacity.” [1] slave nodes master nodes LB apiserver flanneld flanneld etcd nodes etcd high performance volumes [1] https://github.com/coreos/etcd/blob/master/Documentation/op-guide/hardware.md

  10. Cluster resources management Cluster data persistence Contents Integrate kuryr-kubernetes as CNI plugin Integrate manila as storage provisioner

  11. Integrate kuryr-kubernetes as CNI plugin eth0 eth1 eth0 eth1 No IP No IP 10.0.0.6 10.0.0.5 kuryr bridge kuryr bridge k8s api server kubelet tap-xxx tap-xxx tap-yyy tap-yyy eth0 eth0 kubele t eth0 eth0 kuryr-cni Pod1 Pod2 Pod1 Pod2 10.0.0.9 10.0.0.7 10.0.0.10 10.0.0.8 kuryr kuryr-cni controller iptables iptables kube-proxy kube-proxy master node slave node Neutron Server

  12. Integrate kuryr-kubernetes as CNI plugin difference with upstream reasons ref kuryr only for ip allocation 1. iptables has better performance than neutron lbaasv2 kube-proxy for service --> pod 2. kuryr does not support k8s services in following kinds: [1] [2] LoadBalancer; NodePort; Endpoint-less; Specify cluster ip add implementation of portmapping into cni plugin should support hostPort [3] kuryr-cni network topology of pods and vms with kube-proxy, macvlan do not go through the host system [4] iptables trunk port is not enabled in our product stop watching k8s events in theory, watching events should have better performance kubelet --> kuryr-cni --> kuryr-controller but in our test, kuryr-cni came into time out errors against concurrent pods creating. simplify the process to sequential call [1] https://bugs.launchpad.net/kuryr-kubernetes/+bug/1684118 [2] https://bugs.launchpad.net/kuryr-kubernetes/+bug/1697942 [3] https://github.com/kubernetes-incubator/bootkube/issues/662 [4] https://github.com/kubernetes/kubernetes/issues/53089

  13. Cluster resources management Cluster data persistence Contents Integrate kuryr-kubernetes as CNI plugin Integrate manila as storage provisioner

  14. Integrate manila as storage provisioner Deployments/RC with one replica Deployments/RC with multi-replicas Pod Pod1 Pod2 Pod3 ReadWriteMany ReadWriteOnce Cinder NFS persistent volume persistent volume Block Storage Shared File System Cinder Manila

  15. Integrate manila as storage provisioner Manually leveraging manila to provide NFS PV for k8s pods nfs-pv.yaml Manila k8s get share Create PV with export location share location Create share Create PVC match PV nfs-pvc.yaml Create share network Create Pods mount PVC Multiple pods read/write share

  16. Integrate manila as storage provisioner Add manila as an external storage provisioner[1][2] to provide PV dynamically for Pods manila storage class: K8s cluster kubeconfig cloudconfig watch easystack manila k8s PVC events provisioner pods apiserver manila pvc: [3] openstack manila [1] https://kubernetes.io/docs/concepts/storage/persistent-volumes/ [2] https://github.com/kubernetes-incubator/external-storage/ [3] https://github.com/kubernetes-incubator/external-storage/pull/429

  17. Magnum Q: Cloud these happen in magnum? A: Yes, we did all these work based on internal magnum. Related BP in magnum launchpad: etcd cluster independent deployment: https://blueprints.launchpad.net/magnum/+spec/deploy-etcd-cluster-independently • integrate kuryr-kubernetes with magnum: https://blueprints.launchpad.net/magnum/+spec/integrate-kuryr-kubernetes • integrate manila with magnum: https://blueprints.launchpad.net/magnum/+spec/magnum-manila-integration •

Recommend

How to Build Reliable, Scalable Filesystem Solution Using Cloud Infrastructure Sasikanth

How to Build Reliable, Scalable Filesystem Solution Using Cloud Infrastructure Sasikanth

How to Build Reliable, Scalable Filesystem Solution Using Cloud Infrastructure Sasikanth Eda (sasikanth.eda@in.ibm.com) Master Inventor, Software Engineer IBM Agenda How Cloud is Falling Short for HPC / Technical Computing Introduction

821 views • 23 slides
Katalog-Sync Reliable Integration of Consul and Kubernetes Me: Thomas Jackson Head of Core

Katalog-Sync Reliable Integration of Consul and Kubernetes Me: Thomas Jackson Head of Core

Katalog-Sync Reliable Integration of Consul and Kubernetes Me: Thomas Jackson Head of Core Infrastructure @ Wish Work experience: Network Engineer Corporate IT Small Startups Freelance Work LinkedIn

1.01k views • 44 slides
Lessons Learned: Building Scalable &amp; Elastic Akka Clusters on Google Managed Kubernetes -

Lessons Learned: Building Scalable &amp; Elastic Akka Clusters on Google Managed Kubernetes -

Lessons Learned: Building Scalable &amp; Elastic Akka Clusters on Google Managed Kubernetes - Timo Mechler &amp; Charles Adetiloye About MavenCode MavenCode is a Data Analytics software company offering training, product development, and

426 views • 18 slides
Airflow on Kubernetes: Containerizing your Workflows By Michael Hewitt Agenda Kubernetes

Airflow on Kubernetes: Containerizing your Workflows By Michael Hewitt Agenda Kubernetes

Airflow on Kubernetes: Containerizing your Workflows By Michael Hewitt Agenda Kubernetes Overview 1 Airflows integration with Kubernetes 2 Deployment of Airflow on Kubernetes 3 Kubernetes Pod Operator and its benefits 4 DAG Development

2.79k views • 14 slides
SeerSuite: Developing a Scalable and Reliable Application Framework for Building Digital

SeerSuite: Developing a Scalable and Reliable Application Framework for Building Digital

SeerSuite: Developing a Scalable and Reliable Application Framework for Building Digital Libraries by Crawling the Web Pradeep Teregowda*, Isaac Councill # , Juan Fernandez*, Shuyi Zheng*, Madian Khabsa*, C. Lee Giles* * Pennsylvania State

586 views • 31 slides
CI/CD WITH KUBERNETES THE GOOD, THE BAD AND THE UGLY HAGAI BAREL ABOUT ME Father of two

CI/CD WITH KUBERNETES THE GOOD, THE BAD AND THE UGLY HAGAI BAREL ABOUT ME Father of two

CI/CD WITH KUBERNETES THE GOOD, THE BAD AND THE UGLY HAGAI BAREL ABOUT ME Father of two and husband of one Expert in Distributed, Containerized, Scalable Cloud Engineering team lead at Nuvo Group Applications and CI/CD

298 views • 11 slides
Armada Kubernetes multi-cluster batch scheduler 1 / 12 Introduction G-Research - Compute

Armada Kubernetes multi-cluster batch scheduler 1 / 12 Introduction G-Research - Compute

Armada Kubernetes multi-cluster batch scheduler 1 / 12 Introduction G-Research - Compute Platform Engineering Team We build tools around HTCondor clusters and Kubernetes clusters 2 / 12 Agenda 1. Project requirements 2. Current options 3.

732 views • 12 slides
Build a backend with TypeScript using Nest.js RICHARD MOOT DEVELOPER EVANGELIST @ SQUARE What

Build a backend with TypeScript using Nest.js RICHARD MOOT DEVELOPER EVANGELIST @ SQUARE What

Build a backend with TypeScript using Nest.js RICHARD MOOT DEVELOPER EVANGELIST @ SQUARE What is NestJS? A progressive Node.js framework for building efficient, reliable and scalable server-side applications. Huh? Nest provides an

763 views • 73 slides
KAN AN Group Reliable | Stable | Proven Partner ISO 9001 8 padziernika | Event/Recipient

KAN AN Group Reliable | Stable | Proven Partner ISO 9001 8 padziernika | Event/Recipient

8 padziernika | Event/Recipient 2018 KAN AN Group Reliable | Stable | Proven Partner ISO 9001 8 padziernika | Event/Recipient 2018 Marcin Roko Market Executive Manager Export Overseas Mail: mrozko@kan-therm.com phone: 0048 695

857 views • 33 slides
Continuous Kubernetes Security @sublimino and @controlplaneio Im: - Andy - Dev-like -

Continuous Kubernetes Security @sublimino and @controlplaneio Im: - Andy - Dev-like -

Continuous Kubernetes Security @sublimino and @controlplaneio Im: - Andy - Dev-like - Sec-ish - Ops-y Is this Kubernetes cluster secure? EPIC FAIL GIF How secure is Kubernetes? What this Kubernetes talk is about Common Pwns

1.18k views • 113 slides
Reliable Adaptive Lightweight Multicast Protocol Ken Tang, Scalable Network Technologies Katia

Reliable Adaptive Lightweight Multicast Protocol Ken Tang, Scalable Network Technologies Katia

Reliable Adaptive Lightweight Multicast Protocol Ken Tang, Scalable Network Technologies Katia Obraczka, UC Santa Cruz Sung-Ju Lee, Hewlett-Packard Laboratories Mario Gerla, UCLA Overview Ad hoc network introduction QualNet network

246 views • 21 slides
Kubernetes Matthias Haeussler Mirna Alaisami Overview Overview Kubernetes is an open-source

Kubernetes Matthias Haeussler Mirna Alaisami Overview Overview Kubernetes is an open-source

Kubernetes Matthias Haeussler Mirna Alaisami Overview Overview Kubernetes is an open-source platform designed to automate deploying , scaling , and operating application containers . Kubernetes v1.0 was released in 2015. It utilizes

916 views • 52 slides
Fam Famil ily y Mi Mini nistry stry VIS ISIO ION To build happy, stable and

Fam Famil ily y Mi Mini nistry stry VIS ISIO ION To build happy, stable and

Fam Famil ily y Mi Mini nistry stry VIS ISIO ION To build happy, stable and Christ-centered families MIS ISSIO ION Empowerment of families through sacraments, seminars, family celebrations, counselling and temporal support GO GOAL

667 views • 12 slides
K8s or Die! You must do Kubernetes. Or should you? If so when, where, why? How?! Marco Ceppi

K8s or Die! You must do Kubernetes. Or should you? If so when, where, why? How?! Marco Ceppi

K8s or Die! You must do Kubernetes. Or should you? If so when, where, why? How?! Marco Ceppi @marcoceppi Ryan Beisner @ryanbeisner Why Kubernetes Computing in the modern age Virtual Process Machines Containers Traditional Container

516 views • 24 slides
Scalable and Reliable Data Broadcast with Kascade ephane Martin, Tomasz Buchert, Pierric Willemet,

Scalable and Reliable Data Broadcast with Kascade ephane Martin, Tomasz Buchert, Pierric Willemet,

Context Related work Kascade Experimental validation Conclusion and future work Scalable and Reliable Data Broadcast with Kascade ephane Martin, Tomasz Buchert, Pierric Willemet, Olivier Richard (2) , St Emmanuel Jeanvoine, Lucas Nussbaum

920 views • 32 slides
ABOUT STARTING OFFSHORE : We care about your success. Our main target is to build reliable,

ABOUT STARTING OFFSHORE : We care about your success. Our main target is to build reliable,

ABOUT STARTING OFFSHORE : We care about your success. Our main target is to build reliable, long-term business relationships and to provide a high level of service. Whether you are looking for an offshore entity or forming an offshore company,

311 views • 8 slides
Building a scalable, reliable and maintainable execution infrastructure for your Selenium Tests

Building a scalable, reliable and maintainable execution infrastructure for your Selenium Tests

Selenium Grid Building a scalable, reliable and maintainable execution infrastructure for your Selenium Tests @MICHAEL_PALOTAS

1.14k views • 22 slides
From Laptop to the World With Kubernetes @saturnism @googlecloud #kubernetes Ray Tsang

From Laptop to the World With Kubernetes @saturnism @googlecloud #kubernetes Ray Tsang

From Laptop to the World With Kubernetes @saturnism @googlecloud #kubernetes Ray Tsang Developer Advocate Google Cloud Platform @saturnism | +RayTsang @saturnism @googlecloud #kubernetes Ray Tsang Developer Architect Traveler

1.29k views • 65 slides
Contributing to kubernetes Who am I? Senior Software Engineer at Gojek Organizer at Kubernetes

Contributing to kubernetes Who am I? Senior Software Engineer at Gojek Organizer at Kubernetes

Contributing to kubernetes Who am I? Senior Software Engineer at Gojek Organizer at Kubernetes &amp; Cloud Native Meetups in Jakarta and Bandung https://www.meetup.com/jakarta-kubernetes/ https://www.meetup.com/Microservice-JKT/ You can find

709 views • 47 slides
Build Your Serverless Container Cloud with OpenStack and Kubernetes Kevin Zhao Senior Software

Build Your Serverless Container Cloud with OpenStack and Kubernetes Kevin Zhao Senior Software

22.05.2018 Build Your Serverless Container Cloud with OpenStack and Kubernetes Kevin Zhao Senior Software Engineer on Arm. OpenStack Zun Core Reviewer kevin.zhao@arm.com Agenda What is Serverless Container Cloud Demo Zun and Container

750 views • 35 slides
Developing Kubernetes Services at Airbnb Scale @MELANIECEBULA What is kubernetes?

Developing Kubernetes Services at Airbnb Scale @MELANIECEBULA What is kubernetes?

@MELANIECEBULA / MARCH 2019 / CON LONDON Developing Kubernetes Services at Airbnb Scale @MELANIECEBULA What is kubernetes? @MELANIECEBULA Who am I? A BRIEF HISTORY @MELANIECEBULA Why Microservices? 4000000 3000000 2000000 MONOLITH

1.74k views • 111 slides
The AWS Mission Enable businesses and developers to use web services to build scalable,

The AWS Mission Enable businesses and developers to use web services to build scalable,

The AWS Mission Enable businesses and developers to use web services to build scalable, sophisticated applications. AWS Q2 2016 Recap Jeff Barr, Director of AWS Evangelism June 21, 2016 #AWSQ2 Agenda Jeff Barr Introduction AWS Data Points

753 views • 38 slides
Computational molecular engineering: Scalable simulation and reliable modelling Martin Horsch

Computational molecular engineering: Scalable simulation and reliable modelling Martin Horsch

Laboratory of Engineering Thermodynamics (LTD) Prof. Dr.-Ing. H. Hasse Computational molecular engineering: Scalable simulation and reliable modelling Martin Horsch Laboratory of Engineering Thermodynamics, University of Kaiserslautern

247 views • 23 slides
Base64 is not encryption A better story for Kubernetes secrets @sethvargo Developer Relations

Base64 is not encryption A better story for Kubernetes secrets @sethvargo Developer Relations

Base64 is not encryption A better story for Kubernetes secrets @sethvargo Developer Relations Engineer What's a secret? Secret (noun) Credentials, configurations, API keys, or other pieces of information needed by an application at build

594 views • 44 slides

More recommend