Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

在 LINE 私有雲中使用 Managed Kubernetes

1 622 vues

Publié le

The 9th session of LINE TAIWAN TECHPULSE 2018

Publié dans : Technologie
  • Identifiez-vous pour voir les commentaires

在 LINE 私有雲中使用 Managed Kubernetes

  1. 1. INTRODUCTION OF MANAGED K8S SERVICE
  2. 2. KAAS IN LINE PRIVATE CLOUD
  3. 3. BEFORE KAAS VM Kubernetes Kubernetes Container Container Container Container Container Container Container Container Container Container Container Container Developers A in Japan Developers B in Taiwan Private Cloud Private Cloud Developers Application Developer OS VM OS VM OS BM OS BM OS BM OS IaaS Responsibility border ・・・・・・
  4. 4. ● Different Toolset ○ Different Version ○ Different Add-on ○ Different Plugin ● Distributing Knowledge PROBLEMS WE FACED ● Large Operation Cost ○ Deploy Cluster ○ Extend Cluster ○ Troubleshooting Cluster ● Quality of Cluster ○ No HA Configuration ○ No Performance Consideration ○ No Private Cloud Collaboration From Application Developer point of view From Company-wide point of view
  5. 5. OUR MISSION For more than 2000 developers ( 100+ clusters ) KaaS Kubernetes OperatorKubernetes Cluster Performance High Availability Private Cloud Collaboration
  6. 6. PERFORMANCE CONSIDERATION Kubernetes Operator Kubernetes Cluster Performance High Availability Private Cloud Collaboration
  7. 7. HOW USER BUILD CONTAINER NETWORK VM Network (L3 Reachability ensured) Kubernetes Cluster VM VM VM vxlan Container Network Private Cloud Agnostic Encapsulate Overhead
  8. 8. DELEGATE CONTAINER NETWORK TO CLOUD VM Network (L3 Reachability ensured) Kubernetes Cluster vxlan Container Network Less encapsulate overhead Build container network with performance optimization Tenant Network For Container (L2 Reachability ensured) VM VM VM host-gw VXLAN Offload
  9. 9. HIGH AVAILABILITY CONSIDERATION Kubernetes Operator Kubernetes Cluster Performance High Availability Private Cloud Collaboration
  10. 10. etcd etcd etcd 3•etcd 1 TOLERATE 1 NODE FAILURE DESIGN controller controller controller 3 •kube-apiserver •kube-controller-manager •kube-scheduler •kubelet •kube-proxy × × × 2 worker worker worker N •kubelet •kube-proxy - Toleration LimitOur Deployment
  11. 11. SELF HEALING BY REPLACING NODE etcd etcd etcd controller controller controller worker worker worker × × × etcd controller controller When we detect VM shutdown/error in Private Cloud, Unavailable node will be deleted from cluster and new node will be added when the number of unavailable node is lower than toleration limit Delete Delete Delete New New New
  12. 12. PERIODICALLY BACKUP OF ETCD Snapshot of etcd Keep at least 2 days etcd etcd etcd 14:30 14:45 etcd etcd etcd Snapshot as of 14:30 14:40 etcd etcd etcd× ×× Object Storage New New New Kubernetes Cluster Kubernetes Cluster Kubernetes Cluster
  13. 13. PRIVATE CLOUD COLLABORATION Kubernetes Operator Kubernetes Cluster Performance High Availability Private Cloud Collaboration
  14. 14. PERSISTENT VOLUME SUPPORT csi-cinder-provisioner csi-attacher-cinderplugin csi-nodeplugin- cinderplugin csi-nodeplugin- cinderplugin csi-nodeplugin- cinderplugin kind: StorageClass metadata: name: cinder-ssd provisioner: csi-cinderplugin kind: PersistentVolumeClaim spec: storageClassName: cinder-ssd resources: requests: storage: 1G Verified Add-on: Cinder Standalone Persistent Volume Provider Kubernetes Cluster
  15. 15. TYPE LOADBALANCER SUPPORT Custom Controller for Type Loadbalancer In-house Loadbalancer kind: Service spec: selector: app: nginx ports: - protocol: TCP port: 80 targetPort: 80 nodePort: 30000 type: LoadBalancer Create New VIP Add Real Server Develop Add-on: Custom Controller for in-house LB Kubernetes Cluster
  16. 16. PRIVATE CLOUD HAVE VARIOUS SERVICE DNS We provide useful managed service Pod Pod We want to use We want to create record Kubernetes Cluster Service
  17. 17. WHEN USER WANT TO USE ... DNS Pod Pod Create/Configure Pass access information Kubernetes Cluster
  18. 18. CONFIGURE OTHER SERVICE VIA K8S DNS Pod Pod kind: Redis spec: mode: sentinel node: normal kind: Service ==== Redis Instance ==== kind: Secret ==== Redis Credential ==== Kubernetes Cluster Develop Add-on: Custom Controller for Managed Service Custom Controller for Managed Service
  19. 19. HOW WE OPERATE K8S CLUSTER Kubernetes OperatorKubernetes Cluster Performance High Availability Private Cloud Collaboration
  20. 20. OVERVIEW OF KAAS Cluster Operation - Cluster Create - Cluster Update - Add Worker Use Cluster - Deploy application - Scale application Manage Cluster - Deploy - Monitor - Update Private Cloud User Automate Operating Multiple Cluster API Kubernetes Kubernetes Kubernetes
  21. 21. WHY WE USE RANCHER? ● Use attractive ecosystem of Kubernetes - Declarative Operation - Leader election - Data Store (CRD) - Detect Change of Data ● Easy to focus on own business logic ● Easy to implement asynchronous logic ● Retry logic implemented by design Merits from Operator Pattern ● OSS ● Many Active Developers ● Private Cloud Agnostic ● Adopt Operator Pattern Why Rancher?Why Rancher? Merits from Operator Pattern
  22. 22. AFTER K8S AS A SERVICE
  23. 23. • Users can use k8s without strong knowledge • Users are completely free from operating Kubernetes Cluster • Users can make use of our Private Cloud from k8s easily ACCELERATE APPLICATION DEVELOPMENT
  24. 24. THANK YOU

×