Ali sister REVIEW: on the recently launched KubeCon China 2019, Ali cloud will continue to share the Alibaba large scale cloud native landing practice for users worldwide, cloud original cutting-edge technology and application of life including OpenKruise open source projects, open cloud native application center (Cloud Native App Hub), while the heavy release edge of the container, native cloud application management and delivery systems and other products and services.
The next three days, Ali sister will connect the venue to bring you live coverage.
June 24, 2019 to 26, sponsored by the CNCF native cloud technology conference KubeCon curtain dress in Shanghai, China, Ali cloud container platform team officially announced the heavyweight open source project OpenKruise, based on the many years of large-scale application deployment Alibaba economy the ability to publish and manage best practices precipitation is open to the industry.
OpenKruise on Alibaba is open source cloud Kubernetes native application automation engine. Kruise project derived from the application of Alibaba economies over the past years large-scale application deployment, publish best practices and management, from Ali cloud Kubernetes demand service thousands of customers precipitation.
"Cloud native application automation engine" under the blessing of Ali economies "comprehensive cloud"
With the rise of cloud original concept, more and more applications began to try to work on a cloud native soil. So what is cloud-native? Briefly, the cloud is a native ability to take advantage of the "cloud", efficient construction and delivery of a set of application methodology so that a user of the application container can take advantage of the flexibility and cloud "immutable infrastructure" other focus on their core business value.
Currently, native cloud evolution and upgrade infrastructure Alibaba is also in full swing. And in this whole cloud of Alibaba economy during the internal Ali in large scale Internet scene, we have begun a large number of native cloud concept landing practice, such as lightweight containers of.
Alibaba economies are promoting large-scale application of lightweight containers, so as to achieve the agility and consistent use of container and other features to quickly build capacity in line with the concept of native cloud electricity supplier site delivered to adapt a similar "double October" big promotion of stringent technical requirements. Another example of cloud native application management, Alibaba economies are the Kubernetes projects such as application orchestration and automation capabilities, penetrate to the upper operation and maintenance framework which, driving business applications according to the technical concept of cloud native choreography, delivery, operation.
Among the former biochemical processes in the overall economy of the cloud Alibaba, Ali gradually precipitate a technical team set close to the upstream community standards, adapt to technological concepts and best practices for Internet-scale scene. Among these, the most important is undoubtedly how to automate the application release, operation and management.
OpenKruise: valuable experience from the original biochemical process of cloud Ali economies and best practices
In KubeCon Shanghai, Ali cloud container platform team officially announced the heavyweight open source project OpenKruise (hereinafter referred to as Kruise) of.
Kruise cruise is a homonym, "k" for Kubernetes. The literal meaning is cruising or luxury yachts, cruise control application on moral Kubernetes, full Alibaba years of the application deployment management experience.
Kruise goal is to automate everything on Kubernetes! Kruise project comes from large-scale application deployment Alibaba economies applications over the years, publishing best practices and management team of the group from the container platform operation and maintenance of large-scale applications, large-scale establishment of ability, from Ali cloud Kubernetes demand service thousands of customers precipitation. Kruise leveraging cloud-native community, students practice the essence of integration of Alibaba Cloud original, nurturing community, industry guidelines original biochemical cloud best practices and avoid detours.
OpenKruise on Alibaba is open source cloud Kubernetes native application automation engine. Kruise core is automated, we will solve the different dimensions on Kubernetes automation applications, including deployment, upgrade, elastic scaling capacity, Qos regulation, health checks, migration, restoration and so on. The Kruise open source content primarily in application deployment, upgrades, namely the deployment of a reinforced version of the controller components for the application, upgrade, operation and maintenance. Subsequent, Kruise will sequentially open elastic intelligent scaling capacity components, and the application of self-adjustment capability Qos like.
Kruise Controllers: The Kubernetes "Controller mode" in the end
The following describes Kruise Controllers set for controller applications on Kubernetes components automated deployment management.
As we all know, the core principle Kubernetes project is the "controller mode."
Currently, Kubernetes project has provided a set of default Controller component, such as Deployment, Statefulset, DaemonSet, these Controller provides a rich application deployment and management capabilities. However, with the use of increasingly wide range Kubernetes, the true scale of the enterprise and the business demands of the scene does not match with the upstream Controller functions are increasingly common.
Alibaba example: internal Alibaba Kubernetes cluster requires several services cover 50 BU, the thousands of applications. The body volume is very large, scale and high availability of enormous challenges. At the same time, Kubernetes service on Ali cloud also access the thousands of corporate customers, collect and support a variety of customer needs. These practices demands and finally Ali economy, and ultimately led to the birth Kruise open source projects.
Kruise The first phase consists of the following major open source Controller, follow-up will add more.
Advanced StatefulSet: a wealth release strategy, support in-place upgrade of StatefulSet
Advanced StatefulSet expanded StatefulSet native, added two new features.
- Place upgrade (In-place update strategy)
Native StatefulSet will be destroyed and rebuilt pods when doing rolling update of this scale in Alibaba body mass scenes, a huge price.
- First, all the deleted Pods applications need to be rescheduled again, due to the large number of pod, which is scheduled to bring unnecessary overhead, and worse, re-scheduling of the pod not normally be scheduled, because the resources are occupied, other reasons affinity characteristics. Pod is rescheduled to a new node, the loss of the original native state, although usually can be rebuilt, but still bring additional overhead.
- pods after rescheduling is likely to be distributed on different machines, due to changes in the network topology, we need to re-apply for IP, IP to keep some application-dependent does not work. In addition, the transmission network traffic creates uncertainty .
- Pod for a plurality of containers, the container upgrade sidecar reconstruction result of the main container, generally unacceptable.
Advanced StatefulSet the introduction of in-place upgrade feature that allows, without the destruction of the pod, the container update image. Such benefits are efficiency and stability. Efficiency Obviously, pod does not need to be re-scheduled, or run in the original node, some of the state or local storage can be retained. Maintaining stability reflected in the IP, network topology and traffic is essentially the same structure, stability and Alibaba Ali cloud economies has always been a very important indicator.
- The maximum allowed unavailable example of the configuration (Max Unavailable)
Community native StatefulSet is not allowed to simultaneously upgrade multiple instances of the upgrade process, mainly for some stateful applications that require sequential order upgrades. However, from the customer on the scene of Alibaba, and Ali cloud container platform has learned that many applications do not need to upgrade in order sequential semantics, this problem is caused by low efficiency. In particular, like giant Alibaba some applications, the number of instances scenarios, problem is particularly significant.
MaxUnavailable function is to solve this problem by allowing parallel application instance is upgraded, and remains the largest instance remains unavailable MaxUnavailable number does not exceed the limit.
Broadcast Job: Job-time operating as DaemonSet
Broadcast Job will run until the end of a pod of each node in the cluster above. DaemonSet similar communities, except that DaemonSet always maintained a pod long service running on each node, while BroadcastJob in this pod will eventually end. Compared DaemonSet, no longer consume resources after the end of Broadcast, which is particularly applicable in certain scenarios, such as upgrading the node in some components, some of the detection node configuration is correct and so on.
Sidecar management tool for large-scale scenarios: SidecarSet
Sidecar is a concept in Kubernetes secondary container in the main container and running in the same pod. Sidecar container assembly is generally some basic services, such as monitoring the container, log collection containers.
In a company, the main business of the container and the container base component usually consists of different teams to develop and maintain, and operate multiple teams simultaneously modify the same file or a yaml same API resource object, often produce some conflicts, and not easy to manage. SidecarSet the idea that the main mode of operation and maintenance service container and the secondary packaging decoupling. When business users to submit applications, no sidecar display the specified container from the corresponding container sidecar team responsible for the preparation of rules automatically injected. And vessel operation and maintenance and upgrades when using the Advanced Statefulset place upgrade functionality, business teams and infrastructure teams, respectively, in accordance with the strategy of upgrading its own definition of the respective container, without the need to upgrade coupled together, resulting in unnecessary disruption. Istio fact, the use of functions like the idea of automatic injection sidecar container to the container business, but lack the ability to upgrade sidecar container subsequent operation and maintenance. SidecarSet effectively deploy and manage Sidecar container abstracted.
OpenKruise being recruited for the open source community partners and sub!
Guidelines Kruise community, the core technology is based on the concept of Kubernetes to build more powerful automation capabilities. Currently, Kruise is planning to release more of the Controller to cover more of the scene and a wealth of features such as release strategy, canary released, blue-green released in batches release and so on.
More importantly, OpenKruise is a Umbrella project, OpenKruise Defenders, is the most open attitude toward the global recruit partners and contributors. Yes, we are looking forward to your contributions and OpenKruise able to build a new automation capabilities, or work together to jointly promote the evolution and development of native applications Kubernetes cloud orchestration capabilities.
Original release time: 2019-06-25
author: Future has come
from The Yunqi community partners, " Ali technology " for information may concern " Ali technology ."