Setup Kubernetes Federation Between Clusters AWS User Group Taiwan

About Me ⽩白凱仁(Kyle Bai) • Interested in emerging technologies. • COSCUP, Kubernetes Day and OpenStack Day Speaker • OpenStack and Kubernetes Projects Contributor(100+ PR) • Certified Kubernetes Administrator @kairen(k2r2.bai@gmail.com) https://kairen.github.io/

Why Federation?

Multiple clusters • Serving users from clusters closest to them. • Avoiding provider lock-in: By making it easier to migrate applications across clusters, federation prevents cluster provider lock-in. • High availability: Ability to federate clusters across different regions/ cloud providers.

Federation Federation makes it easy to manage multiple clusters. • Sync resources across clusters: Federation provides the ability to keep resources in multiple clusters in sync. • Cross cluster discovery: Federation provides the ability to auto-configure DNS servers and load balancers with backends from all clusters.

Federation pros • Keep your app synced across clusters. • Configure network resources (services, ingress) to route traffic across clusters. • Single place to apply policies. • Policy-based Resource Placement(OPA).

Use cases for Federation • Geographically Distributed Deployments: Spread Deployments across clusters in different parts of the world. • Hybrid Cloud: Extend Deployments from on-premise clusters to the cloud. • Application Migration: Simplify the migration of applications from on- premise to the cloud or between cloud providers.

Federation cons • Increased network bandwidth and cost: The federation control plane watches all clusters to ensure that the current state is as expected. • Reduced cross cluster isolation: A bug in the federation control plane can impact all clusters. • Maturity: The federation project is relatively new and is not very mature. • Not all resources are available and many are still alpha and beta.

Federation support API resources • Cluster • ConfigMap • DaemonSets • Deployment • Events • HPA • Ingress • Jobs • Namespaces • ReplicaSets • Secrets • Services * Only support API version for extensions/v1beta1, v1

Federation Architecture

Overview Federation Control Plane Federated Resources Federated Clusters

Federation API Server The Kubernetes federation API server validates and configures data for the API objects which include pods, services, replicationcontrollers, and others.

Federation Controller Manager The federation controller manager is a daemon that embeds the core control loops shipped with federation. • Watches Federation API Server • Clusters - federation/v1beta1/cluster • API Resources - v1/foo • Watches All Kubernetes Clusters • API Resources - v1/foo • Reconciles • Compare and update • Handles cascading deletion

How to place? • Placement can be controlled per-resource via annotations. • Annotations supported: • federation.kubernetes.io/replica-set-preferences • federation.kubernetes.io/deployment-preferences • federation.alpha.kubernetes.io/cluster-selector • federation-controller evaluates annotations to produce final placement

How to setup Kubernetes Federation on AWS

Architecture

No content

Prerequisites(1/2) • In this lab, we will deploy clusters in different AWS regions: • US West: Oregon (us-west-2) • US East: Ohio (us-east-2) • Asia: Tokyo(ap-northeast-1) • Install the following tools on host: • kubectl • kubefed: if os is Mac OS X, you need build from Federation source code. • kops • AWS CLI

Prerequisites(2/2) Amazon Web Services: • IAM: Identity and Access Management. • EC2: Kubernetes cluster. • ELB: Kubernetes service load balancer. • Route53: Public domain for Kubernetes API, Service, … etc • S3: Store kops state. • VPC: Cluster Network. Godaddy: • Buy your own domain name.

Live setup and demo!!! (Boom!!!) https://github.com/kairen/aws-k8s-federation

Thanks