题记:上周去西雅图参加了KubeCon&CloudNativeCon 2016,不仅见到Dawn、Brendan、Tim以及Sig Node的各路大神,还参加了不少有趣的session。
Compiling to Containers - Brendan Burns, Microsoft
Containers可以看作是现代分布式系统的“汇编语言”,这样分布式系统的管理实际上就成了开发“Container汇编语言”。Brendan还以JavaScript为例,演示了如何基于Metaparticle来支持不同的service pattern:
- Simple Service: simply exposes a function as an HTTP service.
- Scatter/Gather: fans all requests out to all leaf nodes (scatter phase), all responses are then aggregated in a root node (gather phase), this aggregate response is returned to the caller.
- Shard: select a shard (replica) for a request.
- Spread: similar to Shard, but uses a randomized shardingFunction.
Unik: Unikernel Runtime for Kubernetes - Idit Levine, EMC
Unik是一个将应用编译成unikernel的工具,支持rump/OSv/IncludeOS/MirageOS等,编译的结果可以直接跑在公有云或者本地的虚拟机中。
Unik在Kubernetes中实现了一个特殊的runtime,并可以通过kubernetes来管理unik:
- 镜像管理:实际上通过rkt来操作镜像
- Pod管理:one Pod == one VM == one Container,通过调用unik daemon来操作
Technical View: Comparison of Container Orchestration and Management Systems - Lei Zhang, HyperHQ
我司张磊同学的大作,从架构、控制平面、服务发现与负载均衡、调度等各个角度对比Kubernetes/Swarmkit/Mesos等常见容器编排系统,并以hypernetes和Hyper Container Service为例说明为什么kubernetes是一个更好的选择。
Everything You Ever Wanted to Know About Resource Scheduling, But Were Afraid to Ask - Tim Hockin, Google
Kubernetes is fundamentally about resource management:
- CPU/Memory/Disk
- Network/Ports/IP addresses
- PIDs
- GPUs
- Storage
- Power
关于资源管理的三方面:
- Isolation:保证应用可以获取想要的资源并且不影响其他应用,目前基于Requests/Limits只支持cpu和内存
- Sizing:应该给用户分配多少资源呢,没有统一的方法,只能靠benchmark,但精确的benchmark很难,所以Kubernetes提供了Horizontal Pod Autoscaler,未来可能还会有VerticalPodAutoscaler
- Utilization:资源的实际使用情况是啥样的,涉及Priority调度、Quota管理、Overcommit等等。
Slide见这里.
Self-hosted, Scale, and Federation with Kubernetes v1.4 and Beyond - Brandon Philips, CoreOS
基本的idea是用Kubernetes来管理Kubernetes的部署和升级,这也是一个孵化状态的项目bootkube。由于kubelet初始化需要控制平面的配合,bootkube会在一开始的时候会启动一个暂时的控制平面(api-server, scheduler, controller manager),部署完成后再替换回来。
部署前将bootkube作为控制平面:
部署后替换成真正的控制平面:
相关文档
- Incubator BootKube
- Slide
- Design of bootkube
- Blog of self-booted kubernetes
- Kubelet as a Container and Self-Hosted Kubernetes
F2F
- Performance-Sensitive Application Platform
- 高性能应用的场景,比如telecom, HFT等,需要NUMA、GPU、sysctls、hugepage、cpuset等等的支持。
- 一个idea是通过daemonset并配合NodeAllocatable
- CRI blockers and progress
- 1.5的feature基本完成,只剩下一些bug fixes
- per-pod cgroups
- monitoring
- api versioning
- hostport network
- metrics
- CRI validation tests
- auth
- Runtime agnostic debugging tools
- CLI for CRI?
- NodeSpec standardization
- Packaging
最主要的是Runtime CLI Spec和Image Spec rc3。比较有趣的是systemd wrapper / rkt wrapper for OCI runtime-spec CLI,rkt也要加入OCI的大营。
Developer Summit
Scaling the Kubernetes CodeBase
Kubernetes使用github来管理代码库,但现在碰到了明显的瓶颈:从2015年下半年开始merge时间明显加长,open issues和PRs一直再增长,大量无关紧要的github通知等等。未来计划将Kubernetes的代码拆分到多个repo中,kuberentes代码库只保留核心代码,并通过Extension mechanism来支持各种功能:
- Apiserver federation
- Authorization hooks
- Admission-control hooks
- Initializers and finalizers
- ThirdPartyResource
- Kubectl extensions
- Service Broker, Operators
- Controller pattern
- External cloudproviders
- CRI, network, and storage plugins
- Cluster addons: UI, monitoring, logging
- Feature gates, feature discovery, dependency management
更多记录见这里.
其他的Summit简介
- Kubernetes 2017 Features & Roadmaps Roadmap
- Scale the project (tablestakes)
- Reference architectures for application workflows
- Secure multi-tenancy with service catalog
- Production ready cluster lifecycle
- Multi-cloud support for AWS / Azure / on premises
- Cluster Lifecycle Deployment & Upgrade Roadmap
- HA
- Upgrades
- Config Management
- Toolbox vs. guided flow
- Documentation
- Conformance Testing
- PKI
- Documentation and here
- K8s Dev Summit: Outstanding Issues and PRs
- Issues 4600+, PRs 600+,还在不断增长中
- Sig Contribx会跟进处理这个问题
- Multi-tenancy
- Azure & AWS Kubernetes Discussion
- Contrib notes and On developer onboarding
- Compute resource management
- Logging volumes