SlideShare a Scribd company logo

How to deal second interface service discovery and load balancer in kubernetes

M
Meng-Ze Lee

This document discusses how to deal with a second network interface in Kubernetes. It explains that having multiple interfaces is necessary for network functions and OpenStack deployments. CNI plugins like Multus and Genie allow containers to have multiple interfaces. The challenges are that Kubernetes does not have service and endpoint resources for the second interface, and components like CoreDNS and kube-proxy lack related information. To address this, the document proposes establishing a service mechanism, DNS resolution, and load balancing for the second interface. It provides examples of using projects to record pod IPs, DNS servers like CoreDNS, and discusses load balancing algorithms.

Engineering
1 of 40
Download to read offline
How to deal second interface service discovery and load balance in Kubernetes 李孟澤@NUTC 1
Agenda ● Why need multiple interface ● What is CNI ● Does CNI support multiple interface ○ Multus ○ Genie ● Challenge ● What to do ● How to do ● Demo 2
Why need multiple interface ● Deploying Network Functions (NFV) as pods. This requires at least two interfaces. ○ Control Plane Interface ○ User Plane Interface 3
Why need multiple interface 4
Why need multiple interface 5
Why need multiple interface ● Openstack deployments typically use multiple networks for security and QoS isolation (e.g. storage) purposes 6
Why need multiple interface 7
Why need multiple interface 8 ● If we need a high throughput and low latency network ○ SR-IOV ○ DPDK ○ DRMA
Why need multiple interface 9
Why need multiple interface 10
Why need multiple interface 11
What is CNI 12
What is CNI 13 A lot of plugin provide many basic functions in the CNI project,We can combine these basic functions and write new CNI ● bridge ● host-device ● ipvlan ● macvlan ● ptp ● vlan ● loopback
What is CNI 14
Does CNI supprot multiple interface 15 In traditional CNI based networking the orchestrator (Kubernetes) allows to use a single CNI plugin to cater container networking. ● Flannel ● Calico ● Weave ● Canal ● e.t.c..
Does CNI supprot multiple interface 16 Multiple interface support for containers has become a prime requirement in the coming versions ● Proposals to support multiple network interfaces are being discussed currently in the community ○ Multus ○ Genie ○ damn ○ Knitter
CNI-Multus 17 ● Multus is a latin word for "Multi” ● Created by Intel ● Provides multiple network interface in container ● Contact between the container runtime and other plugins
CNI-Genie 18 ● Created by Intel ● Provides multiple network interface in container ● Contact between the container runtime and other plugins CNI Genie
CNI-Multus/Genie 19
CNI-Multus/Genie 20
Challenge 21
● call service by FQDN ○ default.svc.cluster.local Challenge 22
Challenge 23
Challenge 24
Challenge 25
Challenge 26
Challenge 27
Challenge 28
Challenge 29
Challenge 30 ● However, there is no Service and Endpoint resource type for the second network interface on Kubernetes ● Kubernetes coreDNS components cannot get related information ● Kube-proxy component has no related information and cannot create a load balance rule.
What to do 31 ● Establish a Service mechanism for the second network interface ● Establish FQDN resolution component of the second network interface ● Establish a load balancing mechanism for the second network interface
How to do 32 ● Establish a Service mechanism for the second network interface ○ Record the IP of the Pod second network interface ● Establish FQDN resolution component of the second network interface ○ Find a tool that can support DNS resolution ● Establish a load balancing mechanism for the second network interface ○ Provide load balancing algorithm ■ Round Robin ■ Random ■ Resource ■ etc.
How to do-Record the IP of the Pod second network interface 33 The Linker Network provides an open source project that allows users to create a second network interface and assign IP the Pod.
How to do-Record the IP of the Pod second network interface 34 So we may manage the IP of all the second network interfaces just like the IPAM of CNI. At the same time,we can manage all Pod network traffic through OpenvSwitch (OVS) Implement policy routing using Software Defined Networking (SDN), such as Kubernetes Network Policy
How to do-Record the IP of the Pod second network interface 35 But there are a lot of IPs to manage, and we need to record which Deployment has these IPs We need a place to store this information ● etcd ● zookeeper ● mySQL ● etc.
How to do-Find a tool that can support DNS resolution 36 DNS Server can help us resolve FQDN data of the second network interface For example, coreDNS helps Kubernetes Service resolve FQDN Which DNS Servers are suitable and can help us? ● bind9 ● coredns ● PowerDNS ● etc.
Now we have a place to store the Deployment IP data,as well as a DNS resolution tool.What is missing? Of course, Kubernetes' LoadBalance method is still missing. Then randomly throw the Deployment Pod IP that does not become a Random mode,right? In other words... if there is a sequence of throwing Deployment Pod IP is not RR Mode How to do-Provide load balancing algorithm 37
If you can assign or obtain the IP of the second network interface, you will be able to provide service discovery of the second network interface. As long as you can let Kubernetes Pod find your DNS Servers, you can do anything about FQDN. How to do-summary 38
DEMO 39
40 Thank you for your attention

Recommended

Reference design for v mware nsx
Reference design for v mware nsxReference design for v mware nsx
Reference design for v mware nsxsolarisyougood
 
Introduction of kubernetes rancher
Introduction of kubernetes rancherIntroduction of kubernetes rancher
Introduction of kubernetes ranchercyberblack28 Ichikawa
 
[MeetUp][1st] 오리뎅이의_쿠버네티스_네트워킹
[MeetUp][1st] 오리뎅이의_쿠버네티스_네트워킹[MeetUp][1st] 오리뎅이의_쿠버네티스_네트워킹
[MeetUp][1st] 오리뎅이의_쿠버네티스_네트워킹InfraEngineer
 
Openstack Instance Resize
Openstack Instance ResizeOpenstack Instance Resize
Openstack Instance Resizeymtech
 
Using Google Cloud Identity Secure LDAP with pfSense - Netgate Hangout Octobe...
Using Google Cloud Identity Secure LDAP with pfSense - Netgate Hangout Octobe...Using Google Cloud Identity Secure LDAP with pfSense - Netgate Hangout Octobe...
Using Google Cloud Identity Secure LDAP with pfSense - Netgate Hangout Octobe...Netgate
 
Openstack live migration
Openstack live migrationOpenstack live migration
Openstack live migrationymtech
 
[OpenStack 하반기 스터디] Interoperability with ML2: LinuxBridge, OVS and SDN
[OpenStack 하반기 스터디] Interoperability with ML2: LinuxBridge, OVS and SDN[OpenStack 하반기 스터디] Interoperability with ML2: LinuxBridge, OVS and SDN
[OpenStack 하반기 스터디] Interoperability with ML2: LinuxBridge, OVS and SDNOpenStack Korea Community
 
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge MigrationJames Denton
 

Recommended

Reference design for v mware nsx
Reference design for v mware nsxReference design for v mware nsx
Reference design for v mware nsxsolarisyougood
 
Introduction of kubernetes rancher
Introduction of kubernetes rancherIntroduction of kubernetes rancher
Introduction of kubernetes ranchercyberblack28 Ichikawa
 
[MeetUp][1st] 오리뎅이의_쿠버네티스_네트워킹
[MeetUp][1st] 오리뎅이의_쿠버네티스_네트워킹[MeetUp][1st] 오리뎅이의_쿠버네티스_네트워킹
[MeetUp][1st] 오리뎅이의_쿠버네티스_네트워킹InfraEngineer
 
Openstack Instance Resize
Openstack Instance ResizeOpenstack Instance Resize
Openstack Instance Resizeymtech
 
Using Google Cloud Identity Secure LDAP with pfSense - Netgate Hangout Octobe...
Using Google Cloud Identity Secure LDAP with pfSense - Netgate Hangout Octobe...Using Google Cloud Identity Secure LDAP with pfSense - Netgate Hangout Octobe...
Using Google Cloud Identity Secure LDAP with pfSense - Netgate Hangout Octobe...Netgate
 
Openstack live migration
Openstack live migrationOpenstack live migration
Openstack live migrationymtech
 
[OpenStack 하반기 스터디] Interoperability with ML2: LinuxBridge, OVS and SDN
[OpenStack 하반기 스터디] Interoperability with ML2: LinuxBridge, OVS and SDN[OpenStack 하반기 스터디] Interoperability with ML2: LinuxBridge, OVS and SDN
[OpenStack 하반기 스터디] Interoperability with ML2: LinuxBridge, OVS and SDNOpenStack Korea Community
 
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge MigrationJames Denton
 
Moving Applications into Azure Kubernetes
Moving Applications into Azure KubernetesMoving Applications into Azure Kubernetes
Moving Applications into Azure KubernetesHussein Salman
 
Room 3 - 1 - Nguyễn Xuân Trường Lâm - Zero touch on-premise storage infrastru...
Room 3 - 1 - Nguyễn Xuân Trường Lâm - Zero touch on-premise storage infrastru...Room 3 - 1 - Nguyễn Xuân Trường Lâm - Zero touch on-premise storage infrastru...
Room 3 - 1 - Nguyễn Xuân Trường Lâm - Zero touch on-premise storage infrastru...Vietnam Open Infrastructure User Group
 
IMS Authentication with AKAv1 and AKAv2
IMS Authentication with AKAv1 and AKAv2 IMS Authentication with AKAv1 and AKAv2
IMS Authentication with AKAv1 and AKAv2 mohammad norozzudegan
 
Dockers and kubernetes
Dockers and kubernetesDockers and kubernetes
Dockers and kubernetesDr Ganesh Iyer
 
Open vSwitch Introduction
Open vSwitch IntroductionOpen vSwitch Introduction
Open vSwitch IntroductionHungWei Chiu
 
Kubernetes Architecture
Kubernetes Architecture Kubernetes Architecture
Kubernetes ArchitectureKnoldus Inc.
 
VMUGbe 21 Filip Verloy
VMUGbe 21 Filip VerloyVMUGbe 21 Filip Verloy
VMUGbe 21 Filip VerloyFilip Verloy
 
EMEA Airheads- ArubaOS - Cluster Manager
EMEA Airheads- ArubaOS - Cluster ManagerEMEA Airheads- ArubaOS - Cluster Manager
EMEA Airheads- ArubaOS - Cluster ManagerAruba, a Hewlett Packard Enterprise company
 
Kubernetes
KubernetesKubernetes
KubernetesMeng-Ze Lee
 
Intel® QuickAssist Technology Introduction, Applications, and Lab, Including ...
Intel® QuickAssist Technology Introduction, Applications, and Lab, Including ...Intel® QuickAssist Technology Introduction, Applications, and Lab, Including ...
Intel® QuickAssist Technology Introduction, Applications, and Lab, Including ...Michelle Holley
 
[MeetUp][2nd] 오리뎅이의_쿠버네티스_네트워킹_v1.2
[MeetUp][2nd] 오리뎅이의_쿠버네티스_네트워킹_v1.2[MeetUp][2nd] 오리뎅이의_쿠버네티스_네트워킹_v1.2
[MeetUp][2nd] 오리뎅이의_쿠버네티스_네트워킹_v1.2InfraEngineer
 
Room 1 - 1 - Benoit TELLIER - On premise email inbound service with Apache James
Room 1 - 1 - Benoit TELLIER - On premise email inbound service with Apache JamesRoom 1 - 1 - Benoit TELLIER - On premise email inbound service with Apache James
Room 1 - 1 - Benoit TELLIER - On premise email inbound service with Apache JamesVietnam Open Infrastructure User Group
 
Understanding Open vSwitch
Understanding Open vSwitch Understanding Open vSwitch
Understanding Open vSwitch YongKi Kim
 
Containers 101
Containers 101Containers 101
Containers 101Black Duck by Synopsys
 
Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Ryan Jarvinen
 
Deep Dive into Building a Secure & Multi-tenant SaaS Solution with NATS
Deep Dive into Building a Secure & Multi-tenant SaaS Solution with NATSDeep Dive into Building a Secure & Multi-tenant SaaS Solution with NATS
Deep Dive into Building a Secure & Multi-tenant SaaS Solution with NATSNATS
 
VMware Networking, CISCO Nexus 1000V, and CISCO UCS VM-FEX
VMware Networking, CISCO Nexus 1000V, and CISCO UCS VM-FEXVMware Networking, CISCO Nexus 1000V, and CISCO UCS VM-FEX
VMware Networking, CISCO Nexus 1000V, and CISCO UCS VM-FEXDavid Pasek
 
Policy Based Routing
Policy Based RoutingPolicy Based Routing
Policy Based RoutingNetProtocol Xpert
 
Virtualization Architecture & KVM
Virtualization Architecture & KVMVirtualization Architecture & KVM
Virtualization Architecture & KVMPradeep Kumar
 
OpenStack and Kubernetes - A match made for Telco Heaven
OpenStack and Kubernetes - A match made for Telco HeavenOpenStack and Kubernetes - A match made for Telco Heaven
OpenStack and Kubernetes - A match made for Telco HeavenTrinath Somanchi
 
4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes
4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes
4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetesJuraj Hantak
 
Comparison of existing cni plugins for kubernetes
Comparison of existing cni plugins for kubernetesComparison of existing cni plugins for kubernetes
Comparison of existing cni plugins for kubernetesAdam Hamsik
 

More Related Content

What's hot

Moving Applications into Azure Kubernetes
Moving Applications into Azure KubernetesMoving Applications into Azure Kubernetes
Moving Applications into Azure KubernetesHussein Salman
 
Room 3 - 1 - Nguyễn Xuân Trường Lâm - Zero touch on-premise storage infrastru...
Room 3 - 1 - Nguyễn Xuân Trường Lâm - Zero touch on-premise storage infrastru...Room 3 - 1 - Nguyễn Xuân Trường Lâm - Zero touch on-premise storage infrastru...
Room 3 - 1 - Nguyễn Xuân Trường Lâm - Zero touch on-premise storage infrastru...Vietnam Open Infrastructure User Group
 
IMS Authentication with AKAv1 and AKAv2
IMS Authentication with AKAv1 and AKAv2 IMS Authentication with AKAv1 and AKAv2
IMS Authentication with AKAv1 and AKAv2 mohammad norozzudegan
 
Dockers and kubernetes
Dockers and kubernetesDockers and kubernetes
Dockers and kubernetesDr Ganesh Iyer
 
Open vSwitch Introduction
Open vSwitch IntroductionOpen vSwitch Introduction
Open vSwitch IntroductionHungWei Chiu
 
Kubernetes Architecture
Kubernetes Architecture Kubernetes Architecture
Kubernetes ArchitectureKnoldus Inc.
 
VMUGbe 21 Filip Verloy
VMUGbe 21 Filip VerloyVMUGbe 21 Filip Verloy
VMUGbe 21 Filip VerloyFilip Verloy
 
Intel® QuickAssist Technology Introduction, Applications, and Lab, Including ...
Intel® QuickAssist Technology Introduction, Applications, and Lab, Including ...Intel® QuickAssist Technology Introduction, Applications, and Lab, Including ...
Intel® QuickAssist Technology Introduction, Applications, and Lab, Including ...Michelle Holley
 
[MeetUp][2nd] 오리뎅이의_쿠버네티스_네트워킹_v1.2
[MeetUp][2nd] 오리뎅이의_쿠버네티스_네트워킹_v1.2[MeetUp][2nd] 오리뎅이의_쿠버네티스_네트워킹_v1.2
[MeetUp][2nd] 오리뎅이의_쿠버네티스_네트워킹_v1.2InfraEngineer
 
Room 1 - 1 - Benoit TELLIER - On premise email inbound service with Apache James
Room 1 - 1 - Benoit TELLIER - On premise email inbound service with Apache JamesRoom 1 - 1 - Benoit TELLIER - On premise email inbound service with Apache James
Room 1 - 1 - Benoit TELLIER - On premise email inbound service with Apache JamesVietnam Open Infrastructure User Group
 
Understanding Open vSwitch
Understanding Open vSwitch Understanding Open vSwitch
Understanding Open vSwitch YongKi Kim
 
Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Ryan Jarvinen
 
Deep Dive into Building a Secure & Multi-tenant SaaS Solution with NATS
Deep Dive into Building a Secure & Multi-tenant SaaS Solution with NATSDeep Dive into Building a Secure & Multi-tenant SaaS Solution with NATS
Deep Dive into Building a Secure & Multi-tenant SaaS Solution with NATSNATS
 
VMware Networking, CISCO Nexus 1000V, and CISCO UCS VM-FEX
VMware Networking, CISCO Nexus 1000V, and CISCO UCS VM-FEXVMware Networking, CISCO Nexus 1000V, and CISCO UCS VM-FEX
VMware Networking, CISCO Nexus 1000V, and CISCO UCS VM-FEXDavid Pasek
 
Virtualization Architecture & KVM
Virtualization Architecture & KVMVirtualization Architecture & KVM
Virtualization Architecture & KVMPradeep Kumar
 
OpenStack and Kubernetes - A match made for Telco Heaven
OpenStack and Kubernetes - A match made for Telco HeavenOpenStack and Kubernetes - A match made for Telco Heaven
OpenStack and Kubernetes - A match made for Telco HeavenTrinath Somanchi
 

What's hot (20)

Moving Applications into Azure Kubernetes
Moving Applications into Azure KubernetesMoving Applications into Azure Kubernetes
Moving Applications into Azure Kubernetes
 
Room 3 - 1 - Nguyễn Xuân Trường Lâm - Zero touch on-premise storage infrastru...
Room 3 - 1 - Nguyễn Xuân Trường Lâm - Zero touch on-premise storage infrastru...Room 3 - 1 - Nguyễn Xuân Trường Lâm - Zero touch on-premise storage infrastru...
Room 3 - 1 - Nguyễn Xuân Trường Lâm - Zero touch on-premise storage infrastru...
 
IMS Authentication with AKAv1 and AKAv2
IMS Authentication with AKAv1 and AKAv2 IMS Authentication with AKAv1 and AKAv2
IMS Authentication with AKAv1 and AKAv2
 
Dockers and kubernetes
Dockers and kubernetesDockers and kubernetes
Dockers and kubernetes
 
Open vSwitch Introduction
Open vSwitch IntroductionOpen vSwitch Introduction
Open vSwitch Introduction
 
Kubernetes Architecture
Kubernetes Architecture Kubernetes Architecture
Kubernetes Architecture
 
VMUGbe 21 Filip Verloy
VMUGbe 21 Filip VerloyVMUGbe 21 Filip Verloy
VMUGbe 21 Filip Verloy
 
EMEA Airheads- ArubaOS - Cluster Manager
EMEA Airheads- ArubaOS - Cluster ManagerEMEA Airheads- ArubaOS - Cluster Manager
EMEA Airheads- ArubaOS - Cluster Manager
 
Kubernetes
KubernetesKubernetes
Kubernetes
 
Intel® QuickAssist Technology Introduction, Applications, and Lab, Including ...
Intel® QuickAssist Technology Introduction, Applications, and Lab, Including ...Intel® QuickAssist Technology Introduction, Applications, and Lab, Including ...
Intel® QuickAssist Technology Introduction, Applications, and Lab, Including ...
 
[MeetUp][2nd] 오리뎅이의_쿠버네티스_네트워킹_v1.2
[MeetUp][2nd] 오리뎅이의_쿠버네티스_네트워킹_v1.2[MeetUp][2nd] 오리뎅이의_쿠버네티스_네트워킹_v1.2
[MeetUp][2nd] 오리뎅이의_쿠버네티스_네트워킹_v1.2
 
Room 1 - 1 - Benoit TELLIER - On premise email inbound service with Apache James
Room 1 - 1 - Benoit TELLIER - On premise email inbound service with Apache JamesRoom 1 - 1 - Benoit TELLIER - On premise email inbound service with Apache James
Room 1 - 1 - Benoit TELLIER - On premise email inbound service with Apache James
 
Understanding Open vSwitch
Understanding Open vSwitch Understanding Open vSwitch
Understanding Open vSwitch
 
Containers 101
Containers 101Containers 101
Containers 101
 
Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17
 
Deep Dive into Building a Secure & Multi-tenant SaaS Solution with NATS
Deep Dive into Building a Secure & Multi-tenant SaaS Solution with NATSDeep Dive into Building a Secure & Multi-tenant SaaS Solution with NATS
Deep Dive into Building a Secure & Multi-tenant SaaS Solution with NATS
 
VMware Networking, CISCO Nexus 1000V, and CISCO UCS VM-FEX
VMware Networking, CISCO Nexus 1000V, and CISCO UCS VM-FEXVMware Networking, CISCO Nexus 1000V, and CISCO UCS VM-FEX
VMware Networking, CISCO Nexus 1000V, and CISCO UCS VM-FEX
 
Policy Based Routing
Policy Based RoutingPolicy Based Routing
Policy Based Routing
 
Virtualization Architecture & KVM
Virtualization Architecture & KVMVirtualization Architecture & KVM
Virtualization Architecture & KVM
 
OpenStack and Kubernetes - A match made for Telco Heaven
OpenStack and Kubernetes - A match made for Telco HeavenOpenStack and Kubernetes - A match made for Telco Heaven
OpenStack and Kubernetes - A match made for Telco Heaven
 

Similar to How to deal second interface service discovery and load balancer in kubernetes

4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes
4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes
4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetesJuraj Hantak
 
Comparison of existing cni plugins for kubernetes
Comparison of existing cni plugins for kubernetesComparison of existing cni plugins for kubernetes
Comparison of existing cni plugins for kubernetesAdam Hamsik
 
Kubernetes @ Squarespace (SRE Portland Meetup October 2017)
Kubernetes @ Squarespace (SRE Portland Meetup October 2017)Kubernetes @ Squarespace (SRE Portland Meetup October 2017)
Kubernetes @ Squarespace (SRE Portland Meetup October 2017)Kevin Lynch
 
Netflix Container Scheduling and Execution - QCon New York 2016
Netflix Container Scheduling and Execution - QCon New York 2016Netflix Container Scheduling and Execution - QCon New York 2016
Netflix Container Scheduling and Execution - QCon New York 2016aspyker
 
Scheduling a fuller house - Talk at QCon NY 2016
Scheduling a fuller house - Talk at QCon NY 2016Scheduling a fuller house - Talk at QCon NY 2016
Scheduling a fuller house - Talk at QCon NY 2016Sharma Podila
 
PuppetConf 2016: Why Network Automation Matters, and What You Can Do About It...
PuppetConf 2016: Why Network Automation Matters, and What You Can Do About It...PuppetConf 2016: Why Network Automation Matters, and What You Can Do About It...
PuppetConf 2016: Why Network Automation Matters, and What You Can Do About It...Puppet
 
How OpenShift SDN helps to automate
How OpenShift SDN helps to automateHow OpenShift SDN helps to automate
How OpenShift SDN helps to automateIlkka Tengvall
 
Kubernetes @ Squarespace: Kubernetes in the Datacenter
Kubernetes @ Squarespace: Kubernetes in the DatacenterKubernetes @ Squarespace: Kubernetes in the Datacenter
Kubernetes @ Squarespace: Kubernetes in the DatacenterKevin Lynch
 
Service Discovery In Kubernetes
Service Discovery In KubernetesService Discovery In Kubernetes
Service Discovery In KubernetesKnoldus Inc.
 
BPF & Cilium - Turning Linux into a Microservices-aware Operating System
BPF & Cilium - Turning Linux into a Microservices-aware Operating SystemBPF & Cilium - Turning Linux into a Microservices-aware Operating System
BPF & Cilium - Turning Linux into a Microservices-aware Operating SystemThomas Graf
 
USENIX LISA15: How TubeMogul Handles over One Trillion HTTP Requests a Month
USENIX LISA15: How TubeMogul Handles over One Trillion HTTP Requests a MonthUSENIX LISA15: How TubeMogul Handles over One Trillion HTTP Requests a Month
USENIX LISA15: How TubeMogul Handles over One Trillion HTTP Requests a MonthNicolas Brousse
 
Building a Small Datacenter
Building a Small DatacenterBuilding a Small Datacenter
Building a Small Datacenterssuser4b98f0
 
Network plugins for kubernetes
Network plugins for kubernetesNetwork plugins for kubernetes
Network plugins for kubernetesinwin stack
 
Building a Small DC
Building a Small DCBuilding a Small DC
Building a Small DCAPNIC
 
Kubernetes from scratch at veepee sysadmins days 2019
Kubernetes from scratch at veepee sysadmins days 2019Kubernetes from scratch at veepee sysadmins days 2019
Kubernetes from scratch at veepee sysadmins days 2019🔧 Loïc BLOT
 
QNIBTerminal: Understand your datacenter by overlaying multiple information l...
QNIBTerminal: Understand your datacenter by overlaying multiple information l...QNIBTerminal: Understand your datacenter by overlaying multiple information l...
QNIBTerminal: Understand your datacenter by overlaying multiple information l...QNIB Solutions
 
Using Docker Platform to Provide Services
Using Docker Platform to Provide ServicesUsing Docker Platform to Provide Services
Using Docker Platform to Provide ServicesGLC Networks
 
Building a sdn solution for the deployment of web application stacks in docker
Building a sdn solution for the deployment of web application stacks in dockerBuilding a sdn solution for the deployment of web application stacks in docker
Building a sdn solution for the deployment of web application stacks in dockerJorge Juan Mendoza
 

Similar to How to deal second interface service discovery and load balancer in kubernetes (20)

4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes
4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes
4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes
 
Comparison of existing cni plugins for kubernetes
Comparison of existing cni plugins for kubernetesComparison of existing cni plugins for kubernetes
Comparison of existing cni plugins for kubernetes
 
Kubernetes @ Squarespace (SRE Portland Meetup October 2017)
Kubernetes @ Squarespace (SRE Portland Meetup October 2017)Kubernetes @ Squarespace (SRE Portland Meetup October 2017)
Kubernetes @ Squarespace (SRE Portland Meetup October 2017)
 
Netflix Container Scheduling and Execution - QCon New York 2016
Netflix Container Scheduling and Execution - QCon New York 2016Netflix Container Scheduling and Execution - QCon New York 2016
Netflix Container Scheduling and Execution - QCon New York 2016
 
Scheduling a fuller house - Talk at QCon NY 2016
Scheduling a fuller house - Talk at QCon NY 2016Scheduling a fuller house - Talk at QCon NY 2016
Scheduling a fuller house - Talk at QCon NY 2016
 
PuppetConf 2016: Why Network Automation Matters, and What You Can Do About It...
PuppetConf 2016: Why Network Automation Matters, and What You Can Do About It...PuppetConf 2016: Why Network Automation Matters, and What You Can Do About It...
PuppetConf 2016: Why Network Automation Matters, and What You Can Do About It...
 
How OpenShift SDN helps to automate
How OpenShift SDN helps to automateHow OpenShift SDN helps to automate
How OpenShift SDN helps to automate
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101
 
Kubernetes @ Squarespace: Kubernetes in the Datacenter
Kubernetes @ Squarespace: Kubernetes in the DatacenterKubernetes @ Squarespace: Kubernetes in the Datacenter
Kubernetes @ Squarespace: Kubernetes in the Datacenter
 
Service Discovery In Kubernetes
Service Discovery In KubernetesService Discovery In Kubernetes
Service Discovery In Kubernetes
 
BPF & Cilium - Turning Linux into a Microservices-aware Operating System
BPF & Cilium - Turning Linux into a Microservices-aware Operating SystemBPF & Cilium - Turning Linux into a Microservices-aware Operating System
BPF & Cilium - Turning Linux into a Microservices-aware Operating System
 
USENIX LISA15: How TubeMogul Handles over One Trillion HTTP Requests a Month
USENIX LISA15: How TubeMogul Handles over One Trillion HTTP Requests a MonthUSENIX LISA15: How TubeMogul Handles over One Trillion HTTP Requests a Month
USENIX LISA15: How TubeMogul Handles over One Trillion HTTP Requests a Month
 
Building a Small Datacenter
Building a Small DatacenterBuilding a Small Datacenter
Building a Small Datacenter
 
Network plugins for kubernetes
Network plugins for kubernetesNetwork plugins for kubernetes
Network plugins for kubernetes
 
Building a Small DC
Building a Small DCBuilding a Small DC
Building a Small DC
 
Kubernetes from scratch at veepee sysadmins days 2019
Kubernetes from scratch at veepee sysadmins days 2019Kubernetes from scratch at veepee sysadmins days 2019
Kubernetes from scratch at veepee sysadmins days 2019
 
Networking in Openstack - Neutron 101
Networking in Openstack - Neutron 101Networking in Openstack - Neutron 101
Networking in Openstack - Neutron 101
 
QNIBTerminal: Understand your datacenter by overlaying multiple information l...
QNIBTerminal: Understand your datacenter by overlaying multiple information l...QNIBTerminal: Understand your datacenter by overlaying multiple information l...
QNIBTerminal: Understand your datacenter by overlaying multiple information l...
 
Using Docker Platform to Provide Services
Using Docker Platform to Provide ServicesUsing Docker Platform to Provide Services
Using Docker Platform to Provide Services
 
Building a sdn solution for the deployment of web application stacks in docker
Building a sdn solution for the deployment of web application stacks in dockerBuilding a sdn solution for the deployment of web application stacks in docker
Building a sdn solution for the deployment of web application stacks in docker
 

Recently uploaded

Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...
Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...
Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...Call Girls Mumbai
 
"Lesotho Leaps Forward: A Chronicle of Transformative Developments"
"Lesotho Leaps Forward: A Chronicle of Transformative Developments""Lesotho Leaps Forward: A Chronicle of Transformative Developments"
"Lesotho Leaps Forward: A Chronicle of Transformative Developments"mphochane1998
 
Work-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptxWork-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptxJuliansyahHarahap1
 
Thermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - VThermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - VDineshKumar4165
 
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptx
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptxA CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptx
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptxmaisarahman1
 
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdfAldoGarca30
 
Design For Accessibility: Getting it right from the start
Design For Accessibility: Getting it right from the startDesign For Accessibility: Getting it right from the start
Design For Accessibility: Getting it right from the startQuintin Balsdon
 
Wadi Rum luxhotel lodge Analysis case study.pptx
Wadi Rum luxhotel lodge Analysis case study.pptxWadi Rum luxhotel lodge Analysis case study.pptx
Wadi Rum luxhotel lodge Analysis case study.pptxNadaHaitham1
 
School management system project Report.pdf
School management system project Report.pdfSchool management system project Report.pdf
School management system project Report.pdfKamal Acharya
 
Standard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayStandard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayEpec Engineered Technologies
 
Engineering Drawing focus on projection of planes
Engineering Drawing focus on projection of planesEngineering Drawing focus on projection of planes
Engineering Drawing focus on projection of planesRAJNEESHKUMAR341697
 
A Study of Urban Area Plan for Pabna Municipality
A Study of Urban Area Plan for Pabna MunicipalityA Study of Urban Area Plan for Pabna Municipality
A Study of Urban Area Plan for Pabna MunicipalityMorshed Ahmed Rahath
 
Thermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptThermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptDineshKumar4165
 
AIRCANVAS[1].pdf mini project for btech students
AIRCANVAS[1].pdf mini project for btech studentsAIRCANVAS[1].pdf mini project for btech students
AIRCANVAS[1].pdf mini project for btech studentsvanyagupta248
 
Tamil Call Girls Bhayandar WhatsApp +91-9930687706, Best Service
Tamil Call Girls Bhayandar WhatsApp +91-9930687706, Best ServiceTamil Call Girls Bhayandar WhatsApp +91-9930687706, Best Service
Tamil Call Girls Bhayandar WhatsApp +91-9930687706, Best Servicemeghakumariji156
 
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...Amil baba
 

Recently uploaded (20)

FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced LoadsFEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
 
Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...
Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...
Bhubaneswar🌹Call Girls Bhubaneswar ❤Komal 9777949614 💟 Full Trusted CALL GIRL...
 
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak HamilCara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
 
"Lesotho Leaps Forward: A Chronicle of Transformative Developments"
"Lesotho Leaps Forward: A Chronicle of Transformative Developments""Lesotho Leaps Forward: A Chronicle of Transformative Developments"
"Lesotho Leaps Forward: A Chronicle of Transformative Developments"
 
Work-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptxWork-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptx
 
Thermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - VThermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - V
 
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptx
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptxA CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptx
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptx
 
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
1_Introduction + EAM Vocabulary + how to navigate in EAM.pdf
 
Design For Accessibility: Getting it right from the start
Design For Accessibility: Getting it right from the startDesign For Accessibility: Getting it right from the start
Design For Accessibility: Getting it right from the start
 
Wadi Rum luxhotel lodge Analysis case study.pptx
Wadi Rum luxhotel lodge Analysis case study.pptxWadi Rum luxhotel lodge Analysis case study.pptx
Wadi Rum luxhotel lodge Analysis case study.pptx
 
Call Girls in South Ex (delhi) call me [🔝9953056974🔝] escort service 24X7
Call Girls in South Ex (delhi) call me [🔝9953056974🔝] escort service 24X7Call Girls in South Ex (delhi) call me [🔝9953056974🔝] escort service 24X7
Call Girls in South Ex (delhi) call me [🔝9953056974🔝] escort service 24X7
 
School management system project Report.pdf
School management system project Report.pdfSchool management system project Report.pdf
School management system project Report.pdf
 
Integrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - NeometrixIntegrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - Neometrix
 
Standard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayStandard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power Play
 
Engineering Drawing focus on projection of planes
Engineering Drawing focus on projection of planesEngineering Drawing focus on projection of planes
Engineering Drawing focus on projection of planes
 
A Study of Urban Area Plan for Pabna Municipality
A Study of Urban Area Plan for Pabna MunicipalityA Study of Urban Area Plan for Pabna Municipality
A Study of Urban Area Plan for Pabna Municipality
 
Thermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptThermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . ppt
 
AIRCANVAS[1].pdf mini project for btech students
AIRCANVAS[1].pdf mini project for btech studentsAIRCANVAS[1].pdf mini project for btech students
AIRCANVAS[1].pdf mini project for btech students
 
Tamil Call Girls Bhayandar WhatsApp +91-9930687706, Best Service
Tamil Call Girls Bhayandar WhatsApp +91-9930687706, Best ServiceTamil Call Girls Bhayandar WhatsApp +91-9930687706, Best Service
Tamil Call Girls Bhayandar WhatsApp +91-9930687706, Best Service
 
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...
NO1 Top No1 Amil Baba In Azad Kashmir, Kashmir Black Magic Specialist Expert ...
 

How to deal second interface service discovery and load balancer in kubernetes

  • 1. How to deal second interface service discovery and load balance in Kubernetes 李孟澤@NUTC 1
  • 2. Agenda ● Why need multiple interface ● What is CNI ● Does CNI support multiple interface ○ Multus ○ Genie ● Challenge ● What to do ● How to do ● Demo 2
  • 3. Why need multiple interface ● Deploying Network Functions (NFV) as pods. This requires at least two interfaces. ○ Control Plane Interface ○ User Plane Interface 3
  • 4. Why need multiple interface 4
  • 5. Why need multiple interface 5
  • 6. Why need multiple interface ● Openstack deployments typically use multiple networks for security and QoS isolation (e.g. storage) purposes 6
  • 7. Why need multiple interface 7
  • 8. Why need multiple interface 8 ● If we need a high throughput and low latency network ○ SR-IOV ○ DPDK ○ DRMA
  • 9. Why need multiple interface 9
  • 10. Why need multiple interface 10
  • 11. Why need multiple interface 11
  • 13. What is CNI 13 A lot of plugin provide many basic functions in the CNI project,We can combine these basic functions and write new CNI ● bridge ● host-device ● ipvlan ● macvlan ● ptp ● vlan ● loopback
  • 15. Does CNI supprot multiple interface 15 In traditional CNI based networking the orchestrator (Kubernetes) allows to use a single CNI plugin to cater container networking. ● Flannel ● Calico ● Weave ● Canal ● e.t.c..
  • 16. Does CNI supprot multiple interface 16 Multiple interface support for containers has become a prime requirement in the coming versions ● Proposals to support multiple network interfaces are being discussed currently in the community ○ Multus ○ Genie ○ damn ○ Knitter
  • 17. CNI-Multus 17 ● Multus is a latin word for "Multi” ● Created by Intel ● Provides multiple network interface in container ● Contact between the container runtime and other plugins
  • 18. CNI-Genie 18 ● Created by Intel ● Provides multiple network interface in container ● Contact between the container runtime and other plugins CNI Genie
  • 22. ● call service by FQDN ○ default.svc.cluster.local Challenge 22
  • 30. Challenge 30 ● However, there is no Service and Endpoint resource type for the second network interface on Kubernetes ● Kubernetes coreDNS components cannot get related information ● Kube-proxy component has no related information and cannot create a load balance rule.
  • 31. What to do 31 ● Establish a Service mechanism for the second network interface ● Establish FQDN resolution component of the second network interface ● Establish a load balancing mechanism for the second network interface
  • 32. How to do 32 ● Establish a Service mechanism for the second network interface ○ Record the IP of the Pod second network interface ● Establish FQDN resolution component of the second network interface ○ Find a tool that can support DNS resolution ● Establish a load balancing mechanism for the second network interface ○ Provide load balancing algorithm ■ Round Robin ■ Random ■ Resource ■ etc.
  • 33. How to do-Record the IP of the Pod second network interface 33 The Linker Network provides an open source project that allows users to create a second network interface and assign IP the Pod.
  • 34. How to do-Record the IP of the Pod second network interface 34 So we may manage the IP of all the second network interfaces just like the IPAM of CNI. At the same time,we can manage all Pod network traffic through OpenvSwitch (OVS) Implement policy routing using Software Defined Networking (SDN), such as Kubernetes Network Policy
  • 35. How to do-Record the IP of the Pod second network interface 35 But there are a lot of IPs to manage, and we need to record which Deployment has these IPs We need a place to store this information ● etcd ● zookeeper ● mySQL ● etc.
  • 36. How to do-Find a tool that can support DNS resolution 36 DNS Server can help us resolve FQDN data of the second network interface For example, coreDNS helps Kubernetes Service resolve FQDN Which DNS Servers are suitable and can help us? ● bind9 ● coredns ● PowerDNS ● etc.
  • 37. Now we have a place to store the Deployment IP data,as well as a DNS resolution tool.What is missing? Of course, Kubernetes' LoadBalance method is still missing. Then randomly throw the Deployment Pod IP that does not become a Random mode,right? In other words... if there is a sequence of throwing Deployment Pod IP is not RR Mode How to do-Provide load balancing algorithm 37
  • 38. If you can assign or obtain the IP of the second network interface, you will be able to provide service discovery of the second network interface. As long as you can let Kubernetes Pod find your DNS Servers, you can do anything about FQDN. How to do-summary 38
  • 40. 40 Thank you for your attention