Last week, the Cloud Native Days China Nanjing Station Meetup was successfully held. Zhang Xiao, the technical director of the large container team of "DaoCloud Daoke", used the theme of "DaoCloud and Karmada to create a new generation of enterprise-level multi-cloud platform" at the meeting , and communicated with the Karmada community and its Together with our partners, we will share practical experience in cloud-native multi-cloud and multi-cluster production . The content of the speech is organized as follows for readers to eat.
01
needs and concerns
In February of this year, CNCF released a survey. According to the data, 96% of enterprises have adopted Kubernetes, and 79% of them are using the Kubernetes platform that has been purchased and officially certified by CNCF. Because Kubernetes is actually a relatively complex platform, which integrates various functions such as computing, storage, network, scheduling and orchestration, it would be very energy-intensive and cost-intensive for an enterprise to develop, operate and maintain such a platform by itself. For many large enterprises, in order to meet the increasingly large and complex business development needs on the cloud and avoid vendor lock-in, they will inevitably have multiple clusters and purchase Kubernetes platforms from multiple vendors . Then the question arises, how to efficiently and uniformly manage multiple clusters in the face of troubles such as numerous clusters, business dispersion, and cluster boundary restrictions?
Therefore, based on the needs and troubles of customers, "DaoCloud" started the research on multi-cloud products, and sorted out eight key points: cloud provider diversity, change agility, flexibility and scalability, strong security, Improve network performance, strengthen risk management, avoid vendor lock-in, and drive innovation.
02
Why choose
Karmada
First of all, "DaoCloud Taoke" conducted extensive research, comparison and screening of various open source projects in the community, and finally chose the cloud-native multi-cloud orchestration open source project Karmada. Among them, one of the most prominent points of Karmada is that it allows users to use multiple clusters like a single cluster . This means that users can get started with the enterprise-level multi-cloud platform developed based on Karmada without spending too much learning costs, because users have already laid a solid foundation when learning Kubernetes in the early stage. Through Karmada's core capability - Kubernetes' native API compatibility , users can adapt to Karmada's multi-cluster management platform without having to make too many modifications to the original Kubernetes platform. At the same time, Karmada also has features and functions such as open neutrality, farewell to binding, out-of-the-box, centralized management, rich cluster scheduling strategies and traffic management solutions.
Then, "DaoCloud Taoke" developed an enterprise-level multi-cloud management function module-KairShip based on Karmada, which aims to help users move their business from off-cloud to on-cloud, and smoothly switch from single cloud to multi-cloud, so that users do not need to pay attention to the underlying infrastructure differences, without too much acceptance of new concepts. Now KairShip has been perfectly integrated into the latest next-generation cloud operating system "Cloud Native Application Cloud Platform DaoCloud Enterprise 5.0" released by "DaoCloud Taoke", through the application workbench, observability, global management, cloud native applications, The combination of multi-cloud orchestration, container management and other functional modules realizes the core capabilities of multi-cluster management such as one-click creation of multi-cloud cluster instances, multi-cloud management permissions, application cross-cluster distribution, storage and configuration cross-cluster creation, cross-cluster resource retrieval, and cross-cluster failover .
Source: Speech PPT
03
Productization
and future exploration
In KairShip, "DaoCloud Daoke" has done some product research and development . In the basic components , the KairShip Apiserver responsible for API requests, the KairShip Controller Manager that implements synchronous control logic such as permissions, and the network tunnel that supports public cloud, private cloud, and edge scene network interoperability have been developed. At the same time, some open source components are introduced , such as: Karmada operator that supports Karmada instance LCM, Clusterpedia that supports multi-cloud resource retrieval query acceleration, and CloudTTY that provides Karmada host browser terminal capabilities. Among them, Clusterpedia and CloudTTY are cloud-native projects independently open sourced by "DaoCloud".
Source: Speech PPT
KairShip has three very important capabilities. The first is the realization of multi-cloud and multi-instance . This function is mainly to meet two customer needs. One is that the customer environment requires multiple Karmada instances; the other is to quickly access each cluster with one click and shield the basic settings such as the underlying network. Therefore, "DaoCloud Daoke" contributed an open source component Karmada operator to the Karmada open source community. Based on the Karmada community helm charts, the controller collects sub-cluster overview information into the Karmada instance to realize the rapid creation, update, uninstallation and D1 D2 of the Karmada instance. maintenance, and support sub-clusters to quickly connect to Karmada instances with one click.
Source: Speech PPT
The second is multi-cloud permissions . The biggest headache for enterprise-level product functions is permission issues. How to isolate permission issues in the Karmada application orchestration process? Can different departments use Karmada to achieve multi-tenant isolation? "DaoCloud" adds Karmada Host as an ordinary cluster to the cluster management of the entire DCE 5.0, and abstracts the key features (RBAC) at the same time, and connects with the multi-tenant center, so that the Karmada instance level can realize the synchronization and verification of logical layer permissions , and use the KairShip Apiserver layer to verify API permissions, so as to realize multi-cloud permission management.
The third is multi-cloud resource retrieval . How to view resources in multiple clusters (instances) uniformly? "DaoCloud" aggregates multi-cluster resources through ClusterPedia, and provides a more powerful retrieval function on the basis of being compatible with K8s OpenAPI, allowing users to obtain any resources they want in multi-clusters faster and more conveniently. As a multi-cloud complex retrieval tool that has been incubated in the CNCF sandbox, ClusterPedia has many advantages , such as: support for requesting attached relational resources when querying resources; compatible with Kubernetes OpenAPI, you can directly use kubectl for multi-cluster retrieval without any dependencies; compatible with collecting different The version of cluster resources is not restricted by the version of the main cluster; unified main cluster and multi-cluster resource retrieval entry; resource collection high performance, low memory, etc.
At the end of the sharing, Zhang Xiao said that thanks to the continuous development of the Karmada community and the improvement of all aspects, "DaoCloud Daoke" focuses on user experience improvement and other enterprise-level functions, making differentiated supplements. And actively contribute most of the functions back to the community, and insist on being friends of time. As mentioned above, the Karmada operator capability contributed to the community hopes to be optimized together with the community partners to bring value to more users.
Next, the Karmada community will focus on east-west network traffic issues of multi-cloud applications (Karmada + Istio), Karmada-host control plane high availability (ETCD), smooth upgrade of Karmada instances, how data services in multi-cloud environments can better support multi-cloud applications, etc. aspects of function development. Developers are welcome to join the community, use, discuss and contribute together.
Source: Speech PPT