KubeCon 2016: Self-hosted, Scale, and Federation with Kubernetes v1.4 and Beyond

Brandon Philips @brandonphilips | [email protected] | coreos.com Kubernetes v1.4 and
Beyond Self-hosted, Scale, and Federation Stickers at the Front

90+ Projects on GitHub, 1,000+ Contributors OPEN SOURCE Secure solutions,
support plans, training + more ENTERPRISE CoreOS is Running the World’s Containers Linux

Scaling With etcd v3

etcd Overview • Introduced in 2013 by CoreOS • Primary
datastore of Kubernetes • Replicated consistent key/value • Revisions and event stream • Auto-leader election for availability

http://play.etcd.io Quick Demo of Why etcd

- etcd v2.0 could support ~1000 node - Snapshot: ~200MB
- etcd v3.0 tested on ~3000 node + history - Snapshot: 1GB+ - Testing underway for 5000+ nodes Other parts of Kubernetes are scaling limit now etcd v3 + Kubernetes API

Performance - 1k Keys

Performance - etcd v2 - 600K keys Snapshot caused performance
degradation

Performance - etcd v2 - 600K keys Snapshot triggered elections

Performance - Zookeeper Defaults

Performance - Zookeeper Defaults Snapshot triggered election

Performance - etcd3 /zk snapshot disabled

Memory - 512MB data - 2M 256B keys 10GB 2.4GB
0.8GB

Tons of Testing for Reliability

- etcd v2.0 could support ~1000 node - Snapshot: ~200MB
- etcd v3.0 tested on ~3000 node + history - Snapshot: 1GB+ - Testing underway for 5000+ nodes Other parts of Kubernetes are scaling limit now etcd v3 + Kubernetes API

etcd Operator • Operates etcd clusters on k8s • Handles
common tasks: ◦ Resize ◦ Upgrade ◦ Backup ◦ Healing • Configured by resource

Self-Hosted The Big Ideas

gcc // gcc source code #include <stdio.h> int main() {
compile_c(argv[1]); } gcc

go // golang source code package main import "os" func
main() { compile_go(os.Args[1:]) } go

$ uname -s minix $ gcc linux.c

$ uname -s linux $ gcc linux.c

Self-Hosted Applied to Kubernetes

AWS APIs kube-aws kargo kops k8s API kubectl AWS VPC
v1.4.3 EC2 EC2 EC2 EBS EBS EBS

AWS APIs kube-aws kargo kops k8s API kubectl AWS VPC
v1.4.4 EC2 EC2 EC2 EBS EBS EBS

Azure APIs k8s API kubectl VirtualNet v1.4.3 VM VM VM
PD PD PD

Azure APIs k8s API kubectl VirtualNet v1.4.4 VM VM VM
PD PD PD

k8s API kubectl Ethernet v1.4.3 Bare Metal Bare Metal Bare
Metal SAN SAN SAN

k8s API kubectl Ethernet v1.4.4 Bare Metal Bare Metal Bare
Metal SAN SAN SAN

- Use Kubernetes compute, net, storage abstractions and APIs -
Let infrastructure tools focus on infrastructure - Foundation to automate cluster upgrades Self-hosting Goals

Kubernetes Running Kubernetes $ kubectl -n kube-system get daemonsets NAME
DESIRED CURRENT NODE-SELECTOR AGE kube-apiserver 2 2 master=true 4d kube-proxy 3 3 <none> 4d $ kubectl -n kube-system get deployments NAME DESIRED CURRENT UP-TO-DATE kube-controller-manager 1 1 1 kube-scheduler 2 2 2

$ kubectl edit deployments kube-scheduler Kubernetes Upgrading Kubernetes

Self-Hosted Trying it Out

Bootkube Quickstart Vagrant, AWS, GCE Quickstart github.com/kubernetes-incubator/bootkube

Self-Hosted Next Steps

KubeCeption: A Story of Self-Hosted Kubernetes Aaron Levy, CoreOS Tomorrow
9am Willow B For more information

Federation The Big Ideas

API Server • API server is state of Kubernetes •
Designed for single failure domain • Can handle 1000s of machines

Federation API Server

Federation API Server • Holds state for multiple clusters •
Spans multiple failure domains • Coordinates between clusters not for clusters

Federation Scheduling

Federation API kubelet apiserver scheduler controller

Federation API kubelet apiserver scheduler controller kubelet apiserver scheduler controller

kubelet apiserver scheduler controller nginx Federation API kubelet apiserver scheduler
controller nginx

Federation Services

controller nginx

controller nginx nginx service

Federation High-Availability

LoadBalancer federation-apiserver New York San Francisco federation-controller etcd federation-apiserver federation-controller
etcd LoadBalancer

LoadBalancer federation-apiserver New York San Francisco federation-controller Federation Control Plane
A: A: etcd federation-apiserver federation-controller etcd LoadBalancer kubernetes-federation.example.com A: A:

LoadBalancer federation-apiserver New York San Francisco federation-controller kubernetes-federation.example.com A: 50.31.17.12
A: 72.45.32.48 etcd federation-apiserver federation-controller etcd LoadBalancer

Federation Support Today • Ingress/Services • Namespaces • ReplicaSets •
Secrets • DNS (Cloud provider)

Federation Next Steps

Federation Next Steps • Try out the federation setup guides
◦ Kelsey's works easier than the official guides • Get involved with SIG Federation

A Shared Vision Self-hosted, etcd, Federation

Kubernetes Controlled Kubernetes

Leveraging Tested Designs

• Make self-hosted default for Kubernetes clusters • Easy to
operate etcd for single and federated • Bring federation to market on these technologies My Goals from Here

tectonic.com/summit - @TectonicSummit December 12 & 13 2016 - New
York City

Thank you! Brandon Philips @brandonphilips | [email protected] | tectonic.com We’re
hiring in all departments! Email: [email protected] Positions: coreos.com/ careers

KubeCon 2016: Self-hosted, Scale, and Federation with Kubernetes v1.4 and Beyond

KubeCon 2016: Self-hosted, Scale, and Federation with Kubernetes v1.4 and Beyond

More Decks by Brandon Philips

Other Decks in Programming

Featured

Transcript