Manage K8S Cluster inside K8S (Lingxian Kong) Cluster in OpenStack - - PowerPoint PPT Presentation

manage k8s cluster inside k8s
SMART_READER_LITE
LIVE PREVIEW

Manage K8S Cluster inside K8S (Lingxian Kong) Cluster in OpenStack - - PowerPoint PPT Presentation

Aug 15, 2023 239 likes •447 views

Manage K8S Cluster inside K8S (Lingxian Kong) Cluster in OpenStack Magnum Nov 5, 2019 1 OpenStack based public cloud in New Zealand with 3 regions Help our customers to build and run private cloud Open source The first

slide-1
SLIDE 1

Manage K8S Cluster inside K8S Cluster in OpenStack Magnum

孔令贤 (Lingxian Kong) Nov 5, 2019

1

slide-2
SLIDE 2

2

❖ OpenStack based public cloud in New Zealand with 3 regions ❖ Help our customers to build and run private cloud ❖ Open source ❖ The first in New Zealand to offer a CNCF certified Kubernetes service (based on Magnum)

slide-3
SLIDE 3

Catalyst Cloud

3

slide-4
SLIDE 4

What is Magnum

4

❖ Container orchestration engine in OpenStack (k8s-as-a-service) ❖ Restful API, multi-tenancy ❖ Leverage OpenStack services: Heat, Glance, Nova, Cinder,

Neutron, Keystone, Swift, Octavia, Barbican, etc.

❖ CNCF certified Kubernetes (v1.11 ~ v1.16, v1.17 coming soon) ❖ Advanced features: auto-scaling, auto-healing, rolling-upgrade

slide-5
SLIDE 5

Magnum Architecture

5

slide-6
SLIDE 6

Workflow

6

❖ Cluster template

  • Public/private cluster
  • Feature customization
  • Addons management
  • Rolling upgrade
  • penstack coe cluster template create seed-cluster \
  • -coe kubernetes \
  • -keypair lingxian_key \
  • -image e1fb5782-fb2d-444a-bb92-428f6c3789fd \
  • -external-network 82e49154-a65c-4541-a9e5-94b9b782f19f \
  • -fixed-network 892bc900-e6bd-4e15-8d0f-6ca9e7bac268 \
  • -fixed-subnet 5bcf4871-9f9e-482f-bdbd-b6627a1533b9 \
  • -dns-nameserver 8.8.8.8 \
  • -flavor k8s --master-flavor k8s \
  • -network-driver calico \
  • -volume-driver cinder \
  • -docker-storage-driver overlay2 \
  • -floating-ip-enabled \
  • -labels \

etcd_volume_size=5,\ kube_tag=v1.12.7,\ master_lb_floating_ip_enabled=true,\ keystone_auth_enabled=false,\ kube_dashboard_enabled=false,\ npd_enabled=false,\ auto_healing_enabled=false,\ heat_container_agent_tag=stein-dev

slide-7
SLIDE 7

Workflow

7

❖ Cluster

  • High availability
  • Features/parameters tweak
  • penstack coe cluster create seed-cluster \
  • -cluster-template seed-cluster \
  • -master-count 1 \
  • -node-count 1
slide-8
SLIDE 8

Problems

8

❖ Slow creation ❖ Scripts management ❖ Control plane management ❖ Addons management ❖ High cost

slide-9
SLIDE 9

Kubernetes in Kubernetes - Seed cluster

9

slide-10
SLIDE 10

Kubernetes in Kubernetes - Customer cluster

10

❖ Customer clusters

  • Masters are managed centrally IN CONTAINERS
  • Kubernetes Operators
  • Helm charts
  • YAML files
  • Worker nodes are VMs located in customer's project
  • Heat
  • Kubernetes Operators
  • Ansible/Terraform
slide-11
SLIDE 11

Kubernetes in Kubernetes - Customer cluster

11

slide-12
SLIDE 12

Kubernetes in Kubernetes - Customer cluster

12

slide-13
SLIDE 13

Kubernetes in Kubernetes - Customer cluster

13

slide-14
SLIDE 14

Kubernetes in Kubernetes - Customer cluster

14

slide-15
SLIDE 15

Workflow

15

  • 1. Cloud administrator creates a seed cluster (VM based) in service tenant
  • 2. Cloud administrator provides kubeconfig file for Magnum
  • 3. Cloud administrator creates customer cluster template
  • 4. Cloud customer creates clusters (container based) in seed cluster
slide-16
SLIDE 16

Kubernetes in Kubernetes in Magnum

16

❖ Unified API ❖ Flexibility ❖ Seed cluster? Customer cluster? Magnum cluster! ❖ Control plane high availability ❖ Control plane maintenance ❖ Fast creation ❖ Enhanced security

slide-17
SLIDE 17

Networking

17

slide-18
SLIDE 18

Future Improvements

18

❖ Cert-manager support in Magnum ❖ Etcd performance tuning ❖ Worker node installation ❖ Control plane compoments deployment

slide-19
SLIDE 19

19

slide-20
SLIDE 20

20