kubernetes on openstack @ebay
TRANSCRIPT
Kubernetes on Openstack@
Ashwin RaveendraneBay Cloud Engineering
What is Kubernetes
A lean, portable, extensible platform for managing cloud native applications
- container packaged- dynamically scheduled - declarative state
- microservices oriented
neutron keystone cinder nova swift
work streams
Networking
IAM
Storage
Cluster setup and Management
Container Registry
Networking
• Leverage cloud native networking solution
Pods needs cluster wide routable IPs
Each node requires a CIDR block
Performance and Manageability
• Neutron private networks within cluster
• Assign one neutron network/subnet per node
Networking: future
• Pure Layer 3 networking with BGP
• Policy based distributed firewall
• IPV6
Kube APIs requires identity and access management
• Leverage keystone as the IAM service
•map keystone projects == kube namespaces
• use keystone authentication and RBAC
IAM
ABAC policy based plugin
Integrate keystone into kubectl cli flow for tokens
Offer a native IAM service for cloud native applications
IAM: future
Storage
Stateful workload needs high performancepersistent storage
• leverage openstack cinder
• Storage plugin manages pod volume lifecycle automatically
Storage: future• Native distributed storage
• Swift based storage sidecars
Cluster Setup and Management
• openstack apis, custom scripts, cloud-init, salt stack
• disk-image-builder based pipeline for building compute images for minions
• swift for storing non-dockerized build artifacts
Cluster Setup and Mgmt: future
• multi cloud-provider cluster setup and management using declarative state
• federated cluster management for hybrid clouds patterns (cluster federation)
Container Registry
Container registry needs access control • Keystone for ACLs
Container registry needs dependable storage• Swift as backing storage
Container Registry: future
• Notary support
• Scale
thank you