Ingressの種類と最近のIngress事情 @GKE 〜Network Endpoint Groups (NEGs)〜 @Container SIG Meet-up 2018 Fall / containersig-fall-2018-ingress-gke-neg

Transcript

1. Masaya Aoyama
   CyberAgent adtech studio
   Ingressͷछྨͱ࠷ۙͷIngressࣄ৘ @GKE
   ʙNetwork Endpoint Groups (NEGs)ʙ
   @Container SIG Meet-up 2018 Fall
   MasayaAoyama @amsy810
   Masaya Aoyama
   CyberAgent adtech studio
   Ingressͷछྨͱ࠷ۙͷIngressࣄ৘ @GKE
   ʙNetwork Endpoint Groups (NEGs)ʙ
   @Container SIG Meet-up 2018 Fall
   MasayaAoyama @amsy810
   

   View Slide

2. Japan Container Days v18.04 Keynote
   Cloud Native Meetup Tokyo Organizer (+ KubeCon + JKD)
   CKA #138CKAD #2
   
   Kubernetes @ThinkIT
   OpenStack / Kubernetes Contributor
   Masaya Aoyama (@amsy810)
   Infrastructure Engineer
   

   View Slide

3. what is Ingress
   page
   03
   L7 LoadBalancing
   extensions/v1beta1
   
   NodePort Service
   Ingress
   Ingress
   L4 LoadBalancing
   v1
   
   
   LoadBalancer + iptables
   Service (type: LoadBalancer)
   

   View Slide

4. what is Ingress
   page
   04
   
   
   
   Y^Y^Y^Y^Y^Y^Y^Y^Y^Y^Y
   

   View Slide

5. 02
   Pod-Offloaded Ingress
   K8s"8Nginx Pod
   L7.#+!(9+ L4 Service LoadBalancer:
   03
   Pod-Native Network Ingress
   Cloud Provider Ingress70
   Pod-Native Network, LB-%Pod45
   01
   Cloud Provider Ingress
   GCPAWSAzure &
   L7 Load Balancer6'
   Type of Ingress implementation
   LoadBalancer (L7)
   Node Node
   NIC NIC
   VM Network
   Pod
   Network
   Pod Pod Pod
   type: NodePort
   kube-proxy
   (iptables)
   kube-proxy
   (iptables)
   *123
   )/LB$Router
   

   View Slide

6. 02
   Pod-Offloaded Ingress
   K8s&+7S
   Nginx Pod
   L7E8/B6=U+ L4 Service LoadBalancerV
   03
   Pod-Native Network Ingress
   Cloud Provider IngressR1H
   Pod-Native Network0CLBD:PodOP
   01
   Cloud Provider Ingress
   GCPAWSAzure;.
   L7 Load Balancer Q<
   Type of Ingress implementation
   LoadBalancer (L7)
   Node Node
   NIC NIC
   VM Network
   Pod
   Network
   Pod Pod Pod
   type: NodePort
   kube-proxy
   (iptables)
   kube-proxy
   (iptables)
   2?T(*"#&))K
   NodePort%*!G5*'
   30000-32767U2800 ServicesV
   $ !Source IPSNAT@
   X-Forwarded-For Header-, 2I
   Cloud Provider6L …
   43AJMN >FLB9Router
   

   View Slide

7. 02
   Pod-Offloaded Ingress
   K8s"8Nginx Pod
   L7.#+!(9+ L4 Service LoadBalancer:
   03
   Pod-Native Network Ingress
   Cloud Provider Ingress70
   Pod-Native Network, LB-%Pod45
   01
   Cloud Provider Ingress
   GCPAWSAzure &
   L7 Load Balancer6'
   Type of Ingress implementation
   LoadBalancer (L4)
   Node Node
   NIC NIC
   VM Network
   Pod
   Network
   Pod Pod Pod
   type: LoadBalancer
   kube-proxy
   (iptables)
   kube-proxy
   (iptables)
   Pod Pod
   Pod
   *123
   )/LB$Router
   

   View Slide

8. 02
   Pod-Offloaded Ingress
   K8s& +3O
   Nginx Pod
   L7B4-?2:Q+ L4 Service LoadBalancerR
   03
   Pod-Native Network Ingress
   Cloud Provider IngressN/D
   Pod-Native Network.@LBA7PodKL
   01
   Cloud Provider Ingress
   GCPAWSAzure8,
   L7 Load Balancer M9
   Type of Ingress implementation
   LoadBalancer (L4)
   Node Node
   NIC NIC
   VM Network
   Pod
   Network
   Pod Pod Pod
   type: LoadBalancer
   kube-proxy
   (iptables)
   kube-proxy
   (iptables)
   Pod Pod
   Pod
   & CPU/Memory'*=J
   Nginx Pod*')5G
   10>EHI ;CLB6Router
   03
   Pod-Native Network Ingress
   Cloud Provider IngressN/D
   Pod-Native Network.@LBA7PodKL
   3%!"Source IPSNAT=
   

   View Slide

9. 02
   Pod-Offloaded Ingress
   K8s"8Nginx Pod
   L7.#+!(9+ L4 Service LoadBalancer:
   03
   Pod-Native Network Ingress
   Cloud Provider Ingress70
   Pod-Native Network, LB-%Pod45
   01
   Cloud Provider Ingress
   GCPAWSAzure &
   L7 Load Balancer6'
   *123
   )/LB$Router
   Type of Ingress implementation
   LoadBalancer (L7)
   Node Node
   NIC NIC
   VM Network
   Pod
   Network
   Pod Pod Pod
   kube-proxy
   (iptables)
   kube-proxy
   (iptables)
   

   View Slide

10. GKE with NEGs #%
    "
    Kubernetes 1.10
    VPC-Native Network'IP alias(
    !GKE
    'Pod Network
    $& (
    
    AWS
    alb-ingress-conrtroller
    amazon-vpc-cni-k8s
    By AWS Conatiner Hero mumoshu
    Node Node
    NIC NIC
    VM Network
    Pod
    Network
    Pod Pod Pod
    Router VM
    

    View Slide

11. 03
    Pod-Native Network Ingress
    Cloud Provider IngressR1H
    Pod-Native Network0CLBD:PodOP
    01
    Cloud Provider Ingress
    GCPAWSAzure;.
    L7 Load Balancer Q<
    43AJMN >FLB9Router
    Type of Ingress implementation
    LoadBalancer (L7)
    Node Node
    NIC NIC
    VM Network
    Pod
    Network
    Pod Pod Pod
    kube-proxy
    (iptables)
    kube-proxy
    (iptables)
    02
    Pod-Offloaded Ingress
    K8s&+7S
    Nginx Pod
    L7E8/B6=U+ L4 Service LoadBalancerV
    03
    Pod-Native Network Ingress
    Cloud Provider IngressR1H
    Pod-Native Network0CLBD:PodOP
    2?T(*"#&))K
    NodePort%*!G5*'
    30000-32767U2800 ServicesV
    $ !Source IPSNAT@
    X-Forwarded-For Header-, 2I
    Cloud Provider6L …
    

    View Slide

12. To be continue…
    page
    012
    type: LoadBalaner
    GKE-likeIngress Controller
    
    *
    NEGs…
    * Japan Container Days v18.04 – Keynote session
    https://speakerdeck.com/masayaaoyama/saibaezientoniokerupuraibetokontenaji-pan-akewozhi-eruji-shu
    

    View Slide

13. 
    Using Container-native Load Balancing
    https://cloud.google.com/kubernetes-engine/docs/how-to/container-native-load-balancing
    Container Native Load Balancing on GKE (Cloud Next '18)
    https://www.youtube.com/watch?v=ficroL6bS-w
    Cloud Load Balancing Deep Dive and Best Practices (Cloud Next '18)
    https://www.youtube.com/watch?v=J5HJ1y6PeyE
    

    View Slide

14. Thank you for your attension
    follow me: @amsy810
    

    View Slide