June 24, 2019 to 26, a native cloud technology conference organized by the KubeCon Cloud Native Computing Foundation (CNCF) + CloudNativeCon + Open Source Summit (Shanghai) in Shanghai, China will soon curtain dress. On this KubeCon, Ali cloud will provide users worldwide to share Alibaba large scale cloud native landing practice, cloud original cutting-edge technology and application of life including OpenKruise open source projects, open cloud native application center (Cloud Native App Hub), while the heavy release edge of the container, native cloud application management and delivery systems and other products and services.
Ali "cloud native" under the "cloud native application automation engine" blessing
With the rise of cloud original concept, more and more applications began to try to work on a cloud native soil. So what is the original cloud, in short, it is a set of cloud native ability to take advantage of the "cloud", efficient construction and delivery of a set of application methodology so that a user of the container can be sufficiently applied by the elastic cloud "not advantages change infrastructure "and to focus on their core business value.
Currently, native cloud evolution and upgrade infrastructure Alibaba is also in full swing. In the process of the cloud of Alibaba, the internal Ali in large scale Internet scene, has begun a large number of native cloud concept landing practice, such as lightweight containers of Ali Baba economies are promoting large-scale application of light the order of the container, so as to achieve agile use of containers, and other features to quickly build consistent ability to meet the original concept of cloud electricity supplier site delivery to meet the stringent technical requirements of similar big promotion "double eleven"; another example of native cloud applications management, Alibaba will Kubernetes economies are items such as application orchestration and automation capabilities, which penetrate into the operation and maintenance of the upper frame, driving business applications organized according to the technical concept of cloud native, delivery and operation.
Among the former biochemical processes in the overall economy of the cloud Alibaba, Ali gradually precipitate a technical team set close to the upstream community standards, adapt to technological concepts and best practices for Internet-scale scene. Among these, the most important is undoubtedly how to automate the application release, operation and management.
OpenKruise: valuable experience from the original biochemical process of cloud Ali economies and best practices
In KubeCon Shanghai, Ali cloud container platform team officially announced the heavyweight project - OpenKruise (hereinafter referred to as Kruise) open source.
Kruise cruise is a homonym, 'k' for Kubernetes. Literally cruising, luxury yacht. Automatic cruise on the application of moral Kubernetes, full Alibaba years of the application deployment management experience.
Kruise goal is to automate everything on Kubernetes! Kruise project comes from large-scale application deployment Alibaba economies applications over the years, publishing best practices and management team of the group from the container platform operation and maintenance of large-scale applications, large-scale establishment of ability, from Ali cloud Kubernetes demand service thousands of customers precipitation. Kruise leveraging cloud-native community, students practice the essence of integration of Alibaba Cloud original, nurturing community, industry guidelines original biochemical cloud best practices and avoid detours.
Kruise core is automated, we will solve the different dimensions on Kubernetes automation applications, including deployment, upgrade, elastic scaling capacity, Qos regulation, health checks, migration, restoration and so on. The Kruise open source content primarily in application deployment, upgrades, namely a set level and enhance the deployment and operation and maintenance version controller components for the application. Subsequent, Kruise will sequentially open elastic intelligent scaling capacity components, and the application of self-adjustment capability Qos like.
Kruise Controllers: The Kubernetes "Controller mode" in the end
The following describes Kruise Controllers - one for application on Kubernetes controller components automated deployment management. As we all know, the core principle Kubernetes project is the "controller mode." Currently, Kubernetes project has provided a set of default Controller component, such as Deployment, Statefulset, DaemonSet, these Controller provides a rich application deployment and management capabilities. However, with the use of increasingly wide range Kubernetes, the true scale of the enterprise and the business demands of the scene does not match with the upstream Controller functions are increasingly common. Alibaba example: internal Alibaba Kubernetes cluster requires several services cover 50 BU, the thousands of applications. The body volume is very large, scale and high availability of enormous challenges. At the same time, Kubernetes service on Ali cloud also access the thousands of corporate customers, collect and support a variety of customer needs. These practices demands and finally Ali economy, and ultimately led to the birth Kruise open source projects.
Kruise The first phase consists of the following major open source Controller, follow-up will add more.
Advanced StatefulSet - has a wealth release strategy, support in-place upgrade of StatefulSet
Advanced StatefulSet expanded StatefulSet native, added two new features.
1) in-place upgrade (In-place update strategy) native StatefulSet will be destroyed and rebuilt pods when doing rolling update of this scale in Alibaba body mass scenes, a huge price.
a) First, Pods all the deleted applications need to be rescheduled again, due to the large number of pod, which brought the scheduling unnecessary overhead, and worse, re-scheduling of the pod not normally be scheduled, because the resources are other reasons occupancy, affinity characteristics. Pod is rescheduled to a new node, the loss of the original native state, although usually can be rebuilt, but still bring additional overhead.
b) pods after rescheduling is likely to be distributed on different machines, due to changes in the network topology, we need to re-apply for IP, IP to keep some application-dependent does not work. In addition, the transmission network traffic brought no uncertainty.
c) Pod plurality of containers, the container for the resulting upgraded sidecar reconstruction of the main container, generally unacceptable.
Advanced StatefulSet the introduction of in-place upgrade feature that allows, without the destruction of the pod, the container update image. Such benefits are, efficiency and stability. Efficiency Obviously, pod does not need to be re-scheduled, or run in the original node, some of the state or local storage can be retained. Maintaining stability reflected in the IP, network topology and traffic is essentially the same structure, stability and Alibaba Ali cloud economies has always been a very important indicator.
2) the maximum allowable unavailable example of the configuration (Max Unavailable)
Community native StatefulSet is not allowed to simultaneously upgrade multiple instances of the upgrade process, mainly for some stateful applications that require sequential order upgrades. However, from the customer on the scene of Alibaba, and Ali cloud container platform has learned that many applications do not need to upgrade in order sequential semantics, this problem is caused by low efficiency. In particular, like giant Alibaba some applications, the number of instances scenarios, problem is particularly significant. MaxUnavailable official functions in order to solve this problem by allowing parallel application instance is upgraded, and always keep the maximum number of instances unavailable MaxUnavailable not exceed the limit.
Broadcast Job - Job-time operating as DaemonSet
Broadcast Job will run until the end of a pod of each node in the cluster above. DaemonSet similar communities, except that DaemonSet always maintained a pod long service running on each node, while BroadcastJob in this pod will eventually end. Compared DaemonSet, no longer consume resources after the end of Broadcast, which is particularly applicable in certain scenarios, such as upgrading the node in some components, some of the detection node configuration is correct and so on.
SidecarSet - Sidecar management tool for large-scale scenarios
Sidecar 在Kubernetes中是一个辅助容器的概念,和主容器跑在同一个pod中。Sidecar容器一般是一些基础服务组件如monitoring容器,log collection容器等。在一个公司中,主业务容器,和基础组件容器通常由不同的团队开发和维护,多个团队同时操作和修改同一份yaml文件,同一个API资源对象,时常会产生一些冲突,且不便于管理。SidecarSet的理念在于将主业务容器和辅助容器的运维模式解耦。当业务用户提交应用时,不需要显示指定sidecar容器,由sidecar容器相应的团队编写规则负责自动注入。并且在容器运维和升级时候,利用Advanced Statefulset 原地升级的功能,业务团队,和基础架构团队分别按照自己定义的策略升级各自相应的容器,而不需要耦合在一起升级,产生不必要的影响。Istio 其实采用类似的思想自动给业务容器注入sidecar容器的功能,但是其缺乏sidecar容器后续升级运维的能力。SidecarSet有效地把Sidecar容器的部署和管理抽象出来。
OpenKruise 正在面向开源社区招募合作伙伴与子项目!
Kruise 社区的准则,是基于Kubernetes 的核心技术理念来构建更强大的自动化能力。目前,Kruise 正在计划发布更多的Controller来覆盖更多的场景和功能比如丰富的发布策略,金丝雀发布,蓝绿发布,分批发布等等。
更为重要的是,OpenKruise 是一个 Umbrella 项目,OpenKruise 的维护者们,正以最开放的姿态面向全球招募合作伙伴和贡献者。没错,我们非常期待您能够为 OpenKruise 贡献和共建新的自动化能力,或者一起来共同推 Kubernetes 云原生应用编排能力的演进与发展。
原文链接
本文为云栖社区原创内容,未经允许不得转载。