SlideShare una empresa de Scribd logo

An overview of the Kubernetes architecture

Igor Sfiligoi
Igor Sfiligoi

This talk provides a 101 introdution to Kubernetes from a user point of view. Aimed at service providers, it was presented at the GPN Annual Meeting 2019. https://conferences.k-state.edu/gpn/

Tecnología
1 de 22
Descargar para leer sin conexión
An overview of the Kubernetes architecture Presented by Igor Sfiligoi, UCSD Workshop at the Great Plains Network Annual Meeting 2019 GPN Annual Meeting 2019 - Kubernetes Architecture 1
Outline • Kubernetes history • Basic building blocks • Provided bells and whistles • Scheduling • User interface GPN Annual Meeting 2019 - Kubernetes Architecture 2
Kubernetes • Now maintained by Cloud Native Computing Foundation https://kubernetes.io Originally created by Google • With very large and active development community Open source • But also available out-of-the-box on all major Clouds (GCP, AWS and Azure) Can be deployed on-prem GPN Annual Meeting 2019 - Kubernetes Architecture 3
Container based • Typically Docker based Containers are the basic building block • Creating custom ones almost trivial Standard images for many applications exist • If state needed, must be held outside Just remember containers are stateless GPN Annual Meeting 2019 - Kubernetes Architecture 4
Container Orchestration • Once you have many containers on many nodes, you need something to manage the whole • This is usually referred to as Orchestration Attribution: https://kubernetes.io GPN Annual Meeting 2019 - Kubernetes Architecture 5
Packing containers into pods The smallest concept is actually the Pod A Pod is a set of containers • Having a single Container in a Pod OK Containers within a Pod are guaranteed to run alongside • And can share (ephemeral) state Pod Container Container https://kubernetes.io/docs/concepts/workloads/pods/pod/ GPN Annual Meeting 2019 - Kubernetes Architecture 6
Packing Pods into Deployments • If it terminates for whatever reason, it is gone A Pod is ephemeral • Initially launches a single Pod (no obvious benefit) • If a Pod is removed, a new Pod is automatically re-submitted A Deployment is persistent • E.g. for load balancing and horizontal scaling A Deployment can also manage multiple replicas Great for service applications https://kubernetes.io/docs/concepts/workloads/controllers/deployment/ GPN Annual Meeting 2019 - Kubernetes Architecture 7
Configuration management • Kubernetes provides an easy mechanism to inject information into the Container images at runtime Most applications need to be configured Three types of information Environment variables Whole files Secrets https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/ https://kubernetes.io/docs/concepts/configuration/secret/ GPN Annual Meeting 2019 - Kubernetes Architecture 8
Linking to external storage • Most applications will need it! External storage essential for persistency • Local storage • Distributed storage, e.g. CEPH, NFS, etc. • Custom filesystems via CSI – e.g. CVMFS Kubernetes provides the necessary hooks at Pod launch time https://kubernetes.io/docs/concepts/storage/volumes/ https://kubernetes-csi.github.io/docs/ GPN Annual Meeting 2019 - Kubernetes Architecture 9
Networking Each container get its own private IP address A Deployment can be registered as a Service • Gets its own IP address and DNS entry • Traffic routes to the Pods in Deployment based on selected policy (e.g. RR) Service can also serve as a NAT • Routing traffic from WAN using the Kubernetes public IPs https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/ GPN Annual Meeting 2019 - Kubernetes Architecture 10
Networking Each container get its own private IP address A Deployment can be registered as a Service • Gets its own IP address and DNS entry • Traffic routes to the Pods in Deployment based on selected policy (e.g. RR) Service can also serve as a NAT • Routing traffic from WAN using the Kubernetes public IPs https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/ • Unprivileged Pods better for regular users to minimize risk Privileged Pods can get access to the host/public IP • E.g. due to the use of X.509 Useful for Network Servers tied to a specific node GPN Annual Meeting 2019 - Kubernetes Architecture 11
Pod scheduling Kubernetes comes with a pretty decent scheduler Will match Pods to available resources (CPU, Memory, GPU, etc.) • Nodes advertise what is available • Pods specify what they require, may also limit itself to a subset of Nodes • A Pod will start on a Node only if a match can be made There is also a notion of Priorities • If a match for a higher priority Pod cannot be made, the scheduler will kill one or more lower priority Pods to make space for it (if at all possible) https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ GPN Annual Meeting 2019 - Kubernetes Architecture 12
The DaemonSet • E.g. a Monitoring probe Sometimes an application must run on all the nodes • Like a Deployment, but with fixed all-nodes scheduling The DaemonSet automates this https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/ GPN Annual Meeting 2019 - Kubernetes Architecture 13
Users and Permissions Kubernetes does not really have a concept of a “User” Permissions are set as part of the Namespace concept • Anyone having access to a Namespace can operate on the objects inside that Namespace • Including creating, monitoring and modifying them Namespace conceptually provides virtual-private Kubernetes clusters • But very little additional restrictions within • And relatively hard coordinating Pods in separate Namespaces https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ GPN Annual Meeting 2019 - Kubernetes Architecture 14
Users and Permissions Kubernetes does not really have a concept of a “User” Permissions are set as part of the Namespace concept • Anyone having access to a Namespace can operate on the objects inside that Namespace • Including creating, monitoring and modifying them Namespace conceptually provides virtual-private Kubernetes clusters • But very little additional restrictions within • And relatively hard coordinating Pods in separate Namespaces PRP Nautilus provides user management as a side concept. https://nautilus.optiputer.net GPN Annual Meeting 2019 - Kubernetes Architecture 15
Driving Kubernetes GPN Annual Meeting 2019 - Kubernetes Architecture 16
YAML Everywhere • Both for creating/configuring Pods/Deployments/Services • And for querying their (detailed) status Most interactions with Kubernetes will involve YAML documents • Describes itself as “a human friendly markup language” • Uses Python-indentation to indicate nesting YAML is actually quite easy to use https://en.wikipedia.org/wiki/YAML GPN Annual Meeting 2019 - Kubernetes Architecture 17
An example YAML file kind: Deployment metadata: name: osg-collector-prp-sdsc namespace: osg labels: k8s-app: osg-collector-prp spec: template: metadata: labels: k8s-app: osg-collector-prp spec: containers: - name: osg-collector-prp image: sfiligoi/prp-osg-pool:collector ports: - containerPort: 9618 volumeMounts: - name: condordata mountPath: /var/lib/condor - name: configpasswd mountPath: /var/lock/condor/pool_password subPath: pool_password readOnly: true volumes: - name: condordata persistentVolumeClaim: claimName: pvc-xcache11-t2-ucsd-edu-persistent-1 - name: configpasswd secret: secretName: osg-pool-sdsc-config items: - key: pool_password path: pool_password defaultMode: 256 GPN Annual Meeting 2019 - Kubernetes Architecture 18
kubectl • kubectl create -f <filename> - Create new object • kubectl get <type> -n <namespace> - Query existing objects • kubectl edit <type> -n <namespace> <id> - Update existing object • kubectl delete -f <filename> - Delete existing object Most often used cmdline tool https://kubernetes.io/docs/reference/kubectl/ GPN Annual Meeting 2019 - Kubernetes Architecture 19
Installing kubectl • Just a static binary • Available for all major platforms (Linux, MacOS, Windows) • Detailed download instructions at https://kubernetes.io/docs/tasks/tools/install-kubectl/ • Can be used over WAN • Just put the config file in ~/.kube/config Get yours from PRP’s Nautilus GPN Annual Meeting 2019 - Kubernetes Architecture 20
The end GPN Annual Meeting 2019 - Kubernetes Architecture 21
Acknowledgents This work was partially funded by US National Science Foundation (NSF) awards CNS-1456638, CNS-1730158, ACI-1540112, ACI-1541349, OAC-1826967, OAC 1450871, OAC-1659169 and OAC-1841530. GPN Annual Meeting 2019 - Kubernetes Architecture 22

Recomendados

Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes Introduction
Peng Xiao
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes Basics
Eueung Mulyana
 
DevOps with Kubernetes
DevOps with KubernetesDevOps with Kubernetes
DevOps with Kubernetes
EastBanc Tachnologies
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101
Crevise Technologies
 
Getting Started with Kubernetes
Getting Started with Kubernetes Getting Started with Kubernetes
Getting Started with Kubernetes
VMware Tanzu
 
Kubernetes Architecture
Kubernetes Architecture Kubernetes Architecture
Kubernetes Architecture
Knoldus Inc.
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes Introduction
Eric Gustafson
 
Kubernetes
KubernetesKubernetes
Kubernetes
erialc_w
 

Recomendados

Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes Introduction
Peng Xiao
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes Basics
Eueung Mulyana
 
DevOps with Kubernetes
DevOps with KubernetesDevOps with Kubernetes
DevOps with Kubernetes
EastBanc Tachnologies
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101
Crevise Technologies
 
Getting Started with Kubernetes
Getting Started with Kubernetes Getting Started with Kubernetes
Getting Started with Kubernetes
VMware Tanzu
 
Kubernetes Architecture
Kubernetes Architecture Kubernetes Architecture
Kubernetes Architecture
Knoldus Inc.
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes Introduction
Eric Gustafson
 
Kubernetes
KubernetesKubernetes
Kubernetes
erialc_w
 
Kubernetes PPT.pptx
Kubernetes PPT.pptxKubernetes PPT.pptx
Kubernetes PPT.pptx
ssuser0cc9131
 
Introduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopIntroduction to Kubernetes Workshop
Introduction to Kubernetes Workshop
Bob Killen
 
Kubernetes - introduction
Kubernetes - introductionKubernetes - introduction
Kubernetes - introduction
Sparkbit
 
Kubernetes architecture
Kubernetes architectureKubernetes architecture
Kubernetes architecture
Janakiram MSV
 
Quick introduction to Kubernetes
Quick introduction to KubernetesQuick introduction to Kubernetes
Quick introduction to Kubernetes
Eduardo Garcia Moyano
 
Docker Kubernetes Istio
Docker Kubernetes IstioDocker Kubernetes Istio
Docker Kubernetes Istio
Araf Karsh Hamid
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
Raffaele Di Fazio
 
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Edureka!
 
Kubernetes Networking
Kubernetes NetworkingKubernetes Networking
Kubernetes Networking
CJ Cullen
 
Deep dive into Kubernetes Networking
Deep dive into Kubernetes NetworkingDeep dive into Kubernetes Networking
Deep dive into Kubernetes Networking
Sreenivas Makam
 
Room 1 - 4 - Phạm Tường Chiến & Trần Văn Thắng - Deliver managed Kubernetes C...
Room 1 - 4 - Phạm Tường Chiến & Trần Văn Thắng - Deliver managed Kubernetes C...Room 1 - 4 - Phạm Tường Chiến & Trần Văn Thắng - Deliver managed Kubernetes C...
Room 1 - 4 - Phạm Tường Chiến & Trần Văn Thắng - Deliver managed Kubernetes C...
Vietnam Open Infrastructure User Group
 
Kubernetes: A Short Introduction (2019)
Kubernetes: A Short Introduction (2019)Kubernetes: A Short Introduction (2019)
Kubernetes: A Short Introduction (2019)
Megan O'Keefe
 
Autoscaling Kubernetes
Autoscaling KubernetesAutoscaling Kubernetes
Autoscaling Kubernetes
craigbox
 
Free GitOps Workshop + Intro to Kubernetes & GitOps
Free GitOps Workshop + Intro to Kubernetes & GitOpsFree GitOps Workshop + Intro to Kubernetes & GitOps
Free GitOps Workshop + Intro to Kubernetes & GitOps
Weaveworks
 
An intro to Kubernetes operators
An intro to Kubernetes operatorsAn intro to Kubernetes operators
An intro to Kubernetes operators
J On The Beach
 
Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17
Ryan Jarvinen
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes Introduction
Red Hat Developers
 
Kubernetes for Beginners: An Introductory Guide
Kubernetes for Beginners: An Introductory GuideKubernetes for Beginners: An Introductory Guide
Kubernetes for Beginners: An Introductory Guide
Bytemark
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes Basics
Antonin Stoklasek
 
Docker Kubernetes Istio
Docker Kubernetes IstioDocker Kubernetes Istio
Docker Kubernetes Istio
Araf Karsh Hamid
 
Cloud-Native Application and Kubernetes
Cloud-Native Application and KubernetesCloud-Native Application and Kubernetes
Cloud-Native Application and Kubernetes
Alex Glikson
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
Gabriel Carro
 

Más contenido relacionado

La actualidad más candente

Free GitOps Workshop + Intro to Kubernetes & GitOps
Free GitOps Workshop + Intro to Kubernetes & GitOpsFree GitOps Workshop + Intro to Kubernetes & GitOps
Free GitOps Workshop + Intro to Kubernetes & GitOps
Weaveworks
 

La actualidad más candente (20)

Kubernetes PPT.pptx
Kubernetes PPT.pptxKubernetes PPT.pptx
Kubernetes PPT.pptx
 
Introduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopIntroduction to Kubernetes Workshop
Introduction to Kubernetes Workshop
 
Kubernetes - introduction
Kubernetes - introductionKubernetes - introduction
Kubernetes - introduction
 
Kubernetes architecture
Kubernetes architectureKubernetes architecture
Kubernetes architecture
 
Quick introduction to Kubernetes
Quick introduction to KubernetesQuick introduction to Kubernetes
Quick introduction to Kubernetes
 
Docker Kubernetes Istio
Docker Kubernetes IstioDocker Kubernetes Istio
Docker Kubernetes Istio
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
 
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
 
Kubernetes Networking
Kubernetes NetworkingKubernetes Networking
Kubernetes Networking
 
Deep dive into Kubernetes Networking
Deep dive into Kubernetes NetworkingDeep dive into Kubernetes Networking
Deep dive into Kubernetes Networking
 
Room 1 - 4 - Phạm Tường Chiến & Trần Văn Thắng - Deliver managed Kubernetes C...
Room 1 - 4 - Phạm Tường Chiến & Trần Văn Thắng - Deliver managed Kubernetes C...Room 1 - 4 - Phạm Tường Chiến & Trần Văn Thắng - Deliver managed Kubernetes C...
Room 1 - 4 - Phạm Tường Chiến & Trần Văn Thắng - Deliver managed Kubernetes C...
 
Kubernetes: A Short Introduction (2019)
Kubernetes: A Short Introduction (2019)Kubernetes: A Short Introduction (2019)
Kubernetes: A Short Introduction (2019)
 
Autoscaling Kubernetes
Autoscaling KubernetesAutoscaling Kubernetes
Autoscaling Kubernetes
 
Free GitOps Workshop + Intro to Kubernetes & GitOps
Free GitOps Workshop + Intro to Kubernetes & GitOpsFree GitOps Workshop + Intro to Kubernetes & GitOps
Free GitOps Workshop + Intro to Kubernetes & GitOps
 
An intro to Kubernetes operators
An intro to Kubernetes operatorsAn intro to Kubernetes operators
An intro to Kubernetes operators
 
Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes Introduction
 
Kubernetes for Beginners: An Introductory Guide
Kubernetes for Beginners: An Introductory GuideKubernetes for Beginners: An Introductory Guide
Kubernetes for Beginners: An Introductory Guide
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes Basics
 
Docker Kubernetes Istio
Docker Kubernetes IstioDocker Kubernetes Istio
Docker Kubernetes Istio
 

Similar a An overview of the Kubernetes architecture

4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes
4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes
4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes
Juraj Hantak
 
Modern big data and machine learning in the era of cloud, docker and kubernetes
Modern big data and machine learning in the era of cloud, docker and kubernetesModern big data and machine learning in the era of cloud, docker and kubernetes
Modern big data and machine learning in the era of cloud, docker and kubernetes
Slim Baltagi
 
Pydata 2020 containers meetup
Pydata 2020 containers meetup Pydata 2020 containers meetup
Pydata 2020 containers meetup
Walid Shaari
 

Similar a An overview of the Kubernetes architecture (20)

Cloud-Native Application and Kubernetes
Cloud-Native Application and KubernetesCloud-Native Application and Kubernetes
Cloud-Native Application and Kubernetes
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
 
OSDC 2018 | Three years running containers with Kubernetes in Production by T...
OSDC 2018 | Three years running containers with Kubernetes in Production by T...OSDC 2018 | Three years running containers with Kubernetes in Production by T...
OSDC 2018 | Three years running containers with Kubernetes in Production by T...
 
Building Cloud-Native Applications with Kubernetes, Helm and Kubeless
Building Cloud-Native Applications with Kubernetes, Helm and KubelessBuilding Cloud-Native Applications with Kubernetes, Helm and Kubeless
Building Cloud-Native Applications with Kubernetes, Helm and Kubeless
 
From chroot to Docker to Kubernetes
From chroot to Docker to KubernetesFrom chroot to Docker to Kubernetes
From chroot to Docker to Kubernetes
 
Kubernetes from the ground up
Kubernetes from the ground upKubernetes from the ground up
Kubernetes from the ground up
 
A guide of PostgreSQL on Kubernetes
A guide of PostgreSQL on KubernetesA guide of PostgreSQL on Kubernetes
A guide of PostgreSQL on Kubernetes
 
Method of NUMA-Aware Resource Management for Kubernetes 5G NFV Cluster
Method of NUMA-Aware Resource Management for Kubernetes 5G NFV ClusterMethod of NUMA-Aware Resource Management for Kubernetes 5G NFV Cluster
Method of NUMA-Aware Resource Management for Kubernetes 5G NFV Cluster
 
4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes
4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes
4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes
 
Comparison of existing cni plugins for kubernetes
Comparison of existing cni plugins for kubernetesComparison of existing cni plugins for kubernetes
Comparison of existing cni plugins for kubernetes
 
Why kubernetes for Serverless (FaaS)
Why kubernetes for Serverless (FaaS)Why kubernetes for Serverless (FaaS)
Why kubernetes for Serverless (FaaS)
 
Kubernetes for Serverless - Serverless Summit 2017 - Krishna Kumar
Kubernetes for Serverless - Serverless Summit 2017 - Krishna KumarKubernetes for Serverless - Serverless Summit 2017 - Krishna Kumar
Kubernetes for Serverless - Serverless Summit 2017 - Krishna Kumar
 
Kubernetes: https://youtu.be/KnjnQj-FvfQ
Kubernetes: https://youtu.be/KnjnQj-FvfQKubernetes: https://youtu.be/KnjnQj-FvfQ
Kubernetes: https://youtu.be/KnjnQj-FvfQ
 
Modern big data and machine learning in the era of cloud, docker and kubernetes
Modern big data and machine learning in the era of cloud, docker and kubernetesModern big data and machine learning in the era of cloud, docker and kubernetes
Modern big data and machine learning in the era of cloud, docker and kubernetes
 
Webinar- Tea for the Tillerman
Webinar- Tea for the TillermanWebinar- Tea for the Tillerman
Webinar- Tea for the Tillerman
 
Mattia Gandolfi - Improving utilization and portability with Containers and C...
Mattia Gandolfi - Improving utilization and portability with Containers and C...Mattia Gandolfi - Improving utilization and portability with Containers and C...
Mattia Gandolfi - Improving utilization and portability with Containers and C...
 
Deploy at scale with CoreOS Kubernetes and Apache Stratos
Deploy at scale with CoreOS Kubernetes and Apache StratosDeploy at scale with CoreOS Kubernetes and Apache Stratos
Deploy at scale with CoreOS Kubernetes and Apache Stratos
 
Pydata 2020 containers meetup
Pydata 2020 containers meetup Pydata 2020 containers meetup
Pydata 2020 containers meetup
 
Windows containers on Kubernetes
Windows containers on KubernetesWindows containers on Kubernetes
Windows containers on Kubernetes
 
NFV features in kubernetes
NFV features in kubernetesNFV features in kubernetes
NFV features in kubernetes
 

Más de Igor Sfiligoi

Comparing single-node and multi-node performance of an important fusion HPC c...
Comparing single-node and multi-node performance of an important fusion HPC c...Comparing single-node and multi-node performance of an important fusion HPC c...
Comparing single-node and multi-node performance of an important fusion HPC c...
Igor Sfiligoi
 
The anachronism of whole-GPU accounting
The anachronism of whole-GPU accountingThe anachronism of whole-GPU accounting
The anachronism of whole-GPU accounting
Igor Sfiligoi
 
Auto-scaling HTCondor pools using Kubernetes compute resources
Auto-scaling HTCondor pools using Kubernetes compute resourcesAuto-scaling HTCondor pools using Kubernetes compute resources
Auto-scaling HTCondor pools using Kubernetes compute resources
Igor Sfiligoi
 
Managing Cloud networking costs for data-intensive applications by provisioni...
Managing Cloud networking costs for data-intensive applications by provisioni...Managing Cloud networking costs for data-intensive applications by provisioni...
Managing Cloud networking costs for data-intensive applications by provisioni...
Igor Sfiligoi
 
Accelerating Key Bioinformatics Tasks 100-fold by Improving Memory Access
Accelerating Key Bioinformatics Tasks 100-fold by Improving Memory AccessAccelerating Key Bioinformatics Tasks 100-fold by Improving Memory Access
Accelerating Key Bioinformatics Tasks 100-fold by Improving Memory Access
Igor Sfiligoi
 
Using A100 MIG to Scale Astronomy Scientific Output
Using A100 MIG to Scale Astronomy Scientific OutputUsing A100 MIG to Scale Astronomy Scientific Output
Using A100 MIG to Scale Astronomy Scientific Output
Igor Sfiligoi
 
Modest scale HPC on Azure using CGYRO
Modest scale HPC on Azure using CGYROModest scale HPC on Azure using CGYRO
Modest scale HPC on Azure using CGYRO
Igor Sfiligoi
 
Accelerating microbiome research with OpenACC
Accelerating microbiome research with OpenACCAccelerating microbiome research with OpenACC
Accelerating microbiome research with OpenACC
Igor Sfiligoi
 
Demonstrating a Pre-Exascale, Cost-Effective Multi-Cloud Environment for Scie...
Demonstrating a Pre-Exascale, Cost-Effective Multi-Cloud Environment for Scie...Demonstrating a Pre-Exascale, Cost-Effective Multi-Cloud Environment for Scie...
Demonstrating a Pre-Exascale, Cost-Effective Multi-Cloud Environment for Scie...
Igor Sfiligoi
 
Porting and optimizing UniFrac for GPUs
Porting and optimizing UniFrac for GPUsPorting and optimizing UniFrac for GPUs
Porting and optimizing UniFrac for GPUs
Igor Sfiligoi
 
Demonstrating 100 Gbps in and out of the public Clouds
Demonstrating 100 Gbps in and out of the public CloudsDemonstrating 100 Gbps in and out of the public Clouds
Demonstrating 100 Gbps in and out of the public Clouds
Igor Sfiligoi
 

Más de Igor Sfiligoi (20)

Preparing Fusion codes for Perlmutter - CGYRO
Preparing Fusion codes for Perlmutter - CGYROPreparing Fusion codes for Perlmutter - CGYRO
Preparing Fusion codes for Perlmutter - CGYRO
 
O&C Meeting - Evaluation of ARM CPUs for IceCube available through Google Kub...
O&C Meeting - Evaluation of ARM CPUs for IceCube available through Google Kub...O&C Meeting - Evaluation of ARM CPUs for IceCube available through Google Kub...
O&C Meeting - Evaluation of ARM CPUs for IceCube available through Google Kub...
 
Comparing single-node and multi-node performance of an important fusion HPC c...
Comparing single-node and multi-node performance of an important fusion HPC c...Comparing single-node and multi-node performance of an important fusion HPC c...
Comparing single-node and multi-node performance of an important fusion HPC c...
 
The anachronism of whole-GPU accounting
The anachronism of whole-GPU accountingThe anachronism of whole-GPU accounting
The anachronism of whole-GPU accounting
 
Auto-scaling HTCondor pools using Kubernetes compute resources
Auto-scaling HTCondor pools using Kubernetes compute resourcesAuto-scaling HTCondor pools using Kubernetes compute resources
Auto-scaling HTCondor pools using Kubernetes compute resources
 
Speeding up bowtie2 by improving cache-hit rate
Speeding up bowtie2 by improving cache-hit rateSpeeding up bowtie2 by improving cache-hit rate
Speeding up bowtie2 by improving cache-hit rate
 
Performance Optimization of CGYRO for Multiscale Turbulence Simulations
Performance Optimization of CGYRO for Multiscale Turbulence SimulationsPerformance Optimization of CGYRO for Multiscale Turbulence Simulations
Performance Optimization of CGYRO for Multiscale Turbulence Simulations
 
Comparing GPU effectiveness for Unifrac distance compute
Comparing GPU effectiveness for Unifrac distance computeComparing GPU effectiveness for Unifrac distance compute
Comparing GPU effectiveness for Unifrac distance compute
 
Managing Cloud networking costs for data-intensive applications by provisioni...
Managing Cloud networking costs for data-intensive applications by provisioni...Managing Cloud networking costs for data-intensive applications by provisioni...
Managing Cloud networking costs for data-intensive applications by provisioni...
 
Accelerating Key Bioinformatics Tasks 100-fold by Improving Memory Access
Accelerating Key Bioinformatics Tasks 100-fold by Improving Memory AccessAccelerating Key Bioinformatics Tasks 100-fold by Improving Memory Access
Accelerating Key Bioinformatics Tasks 100-fold by Improving Memory Access
 
Using A100 MIG to Scale Astronomy Scientific Output
Using A100 MIG to Scale Astronomy Scientific OutputUsing A100 MIG to Scale Astronomy Scientific Output
Using A100 MIG to Scale Astronomy Scientific Output
 
Using commercial Clouds to process IceCube jobs
Using commercial Clouds to process IceCube jobsUsing commercial Clouds to process IceCube jobs
Using commercial Clouds to process IceCube jobs
 
Modest scale HPC on Azure using CGYRO
Modest scale HPC on Azure using CGYROModest scale HPC on Azure using CGYRO
Modest scale HPC on Azure using CGYRO
 
Data-intensive IceCube Cloud Burst
Data-intensive IceCube Cloud BurstData-intensive IceCube Cloud Burst
Data-intensive IceCube Cloud Burst
 
Scheduling a Kubernetes Federation with Admiralty
Scheduling a Kubernetes Federation with AdmiraltyScheduling a Kubernetes Federation with Admiralty
Scheduling a Kubernetes Federation with Admiralty
 
Accelerating microbiome research with OpenACC
Accelerating microbiome research with OpenACCAccelerating microbiome research with OpenACC
Accelerating microbiome research with OpenACC
 
Demonstrating a Pre-Exascale, Cost-Effective Multi-Cloud Environment for Scie...
Demonstrating a Pre-Exascale, Cost-Effective Multi-Cloud Environment for Scie...Demonstrating a Pre-Exascale, Cost-Effective Multi-Cloud Environment for Scie...
Demonstrating a Pre-Exascale, Cost-Effective Multi-Cloud Environment for Scie...
 
Porting and optimizing UniFrac for GPUs
Porting and optimizing UniFrac for GPUsPorting and optimizing UniFrac for GPUs
Porting and optimizing UniFrac for GPUs
 
Demonstrating 100 Gbps in and out of the public Clouds
Demonstrating 100 Gbps in and out of the public CloudsDemonstrating 100 Gbps in and out of the public Clouds
Demonstrating 100 Gbps in and out of the public Clouds
 
TransAtlantic Networking using Cloud links
TransAtlantic Networking using Cloud linksTransAtlantic Networking using Cloud links
TransAtlantic Networking using Cloud links
 

Último

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Roshan Dwivedi
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 

Último (20)

The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 

An overview of the Kubernetes architecture

  • 1. An overview of the Kubernetes architecture Presented by Igor Sfiligoi, UCSD Workshop at the Great Plains Network Annual Meeting 2019 GPN Annual Meeting 2019 - Kubernetes Architecture 1
  • 2. Outline • Kubernetes history • Basic building blocks • Provided bells and whistles • Scheduling • User interface GPN Annual Meeting 2019 - Kubernetes Architecture 2
  • 3. Kubernetes • Now maintained by Cloud Native Computing Foundation https://kubernetes.io Originally created by Google • With very large and active development community Open source • But also available out-of-the-box on all major Clouds (GCP, AWS and Azure) Can be deployed on-prem GPN Annual Meeting 2019 - Kubernetes Architecture 3
  • 4. Container based • Typically Docker based Containers are the basic building block • Creating custom ones almost trivial Standard images for many applications exist • If state needed, must be held outside Just remember containers are stateless GPN Annual Meeting 2019 - Kubernetes Architecture 4
  • 5. Container Orchestration • Once you have many containers on many nodes, you need something to manage the whole • This is usually referred to as Orchestration Attribution: https://kubernetes.io GPN Annual Meeting 2019 - Kubernetes Architecture 5
  • 6. Packing containers into pods The smallest concept is actually the Pod A Pod is a set of containers • Having a single Container in a Pod OK Containers within a Pod are guaranteed to run alongside • And can share (ephemeral) state Pod Container Container https://kubernetes.io/docs/concepts/workloads/pods/pod/ GPN Annual Meeting 2019 - Kubernetes Architecture 6
  • 7. Packing Pods into Deployments • If it terminates for whatever reason, it is gone A Pod is ephemeral • Initially launches a single Pod (no obvious benefit) • If a Pod is removed, a new Pod is automatically re-submitted A Deployment is persistent • E.g. for load balancing and horizontal scaling A Deployment can also manage multiple replicas Great for service applications https://kubernetes.io/docs/concepts/workloads/controllers/deployment/ GPN Annual Meeting 2019 - Kubernetes Architecture 7
  • 8. Configuration management • Kubernetes provides an easy mechanism to inject information into the Container images at runtime Most applications need to be configured Three types of information Environment variables Whole files Secrets https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/ https://kubernetes.io/docs/concepts/configuration/secret/ GPN Annual Meeting 2019 - Kubernetes Architecture 8
  • 9. Linking to external storage • Most applications will need it! External storage essential for persistency • Local storage • Distributed storage, e.g. CEPH, NFS, etc. • Custom filesystems via CSI – e.g. CVMFS Kubernetes provides the necessary hooks at Pod launch time https://kubernetes.io/docs/concepts/storage/volumes/ https://kubernetes-csi.github.io/docs/ GPN Annual Meeting 2019 - Kubernetes Architecture 9
  • 10. Networking Each container get its own private IP address A Deployment can be registered as a Service • Gets its own IP address and DNS entry • Traffic routes to the Pods in Deployment based on selected policy (e.g. RR) Service can also serve as a NAT • Routing traffic from WAN using the Kubernetes public IPs https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/ GPN Annual Meeting 2019 - Kubernetes Architecture 10
  • 11. Networking Each container get its own private IP address A Deployment can be registered as a Service • Gets its own IP address and DNS entry • Traffic routes to the Pods in Deployment based on selected policy (e.g. RR) Service can also serve as a NAT • Routing traffic from WAN using the Kubernetes public IPs https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/ • Unprivileged Pods better for regular users to minimize risk Privileged Pods can get access to the host/public IP • E.g. due to the use of X.509 Useful for Network Servers tied to a specific node GPN Annual Meeting 2019 - Kubernetes Architecture 11
  • 12. Pod scheduling Kubernetes comes with a pretty decent scheduler Will match Pods to available resources (CPU, Memory, GPU, etc.) • Nodes advertise what is available • Pods specify what they require, may also limit itself to a subset of Nodes • A Pod will start on a Node only if a match can be made There is also a notion of Priorities • If a match for a higher priority Pod cannot be made, the scheduler will kill one or more lower priority Pods to make space for it (if at all possible) https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ GPN Annual Meeting 2019 - Kubernetes Architecture 12
  • 13. The DaemonSet • E.g. a Monitoring probe Sometimes an application must run on all the nodes • Like a Deployment, but with fixed all-nodes scheduling The DaemonSet automates this https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/ GPN Annual Meeting 2019 - Kubernetes Architecture 13
  • 14. Users and Permissions Kubernetes does not really have a concept of a “User” Permissions are set as part of the Namespace concept • Anyone having access to a Namespace can operate on the objects inside that Namespace • Including creating, monitoring and modifying them Namespace conceptually provides virtual-private Kubernetes clusters • But very little additional restrictions within • And relatively hard coordinating Pods in separate Namespaces https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ GPN Annual Meeting 2019 - Kubernetes Architecture 14
  • 15. Users and Permissions Kubernetes does not really have a concept of a “User” Permissions are set as part of the Namespace concept • Anyone having access to a Namespace can operate on the objects inside that Namespace • Including creating, monitoring and modifying them Namespace conceptually provides virtual-private Kubernetes clusters • But very little additional restrictions within • And relatively hard coordinating Pods in separate Namespaces PRP Nautilus provides user management as a side concept. https://nautilus.optiputer.net GPN Annual Meeting 2019 - Kubernetes Architecture 15
  • 16. Driving Kubernetes GPN Annual Meeting 2019 - Kubernetes Architecture 16
  • 17. YAML Everywhere • Both for creating/configuring Pods/Deployments/Services • And for querying their (detailed) status Most interactions with Kubernetes will involve YAML documents • Describes itself as “a human friendly markup language” • Uses Python-indentation to indicate nesting YAML is actually quite easy to use https://en.wikipedia.org/wiki/YAML GPN Annual Meeting 2019 - Kubernetes Architecture 17
  • 18. An example YAML file kind: Deployment metadata: name: osg-collector-prp-sdsc namespace: osg labels: k8s-app: osg-collector-prp spec: template: metadata: labels: k8s-app: osg-collector-prp spec: containers: - name: osg-collector-prp image: sfiligoi/prp-osg-pool:collector ports: - containerPort: 9618 volumeMounts: - name: condordata mountPath: /var/lib/condor - name: configpasswd mountPath: /var/lock/condor/pool_password subPath: pool_password readOnly: true volumes: - name: condordata persistentVolumeClaim: claimName: pvc-xcache11-t2-ucsd-edu-persistent-1 - name: configpasswd secret: secretName: osg-pool-sdsc-config items: - key: pool_password path: pool_password defaultMode: 256 GPN Annual Meeting 2019 - Kubernetes Architecture 18
  • 19. kubectl • kubectl create -f <filename> - Create new object • kubectl get <type> -n <namespace> - Query existing objects • kubectl edit <type> -n <namespace> <id> - Update existing object • kubectl delete -f <filename> - Delete existing object Most often used cmdline tool https://kubernetes.io/docs/reference/kubectl/ GPN Annual Meeting 2019 - Kubernetes Architecture 19
  • 20. Installing kubectl • Just a static binary • Available for all major platforms (Linux, MacOS, Windows) • Detailed download instructions at https://kubernetes.io/docs/tasks/tools/install-kubectl/ • Can be used over WAN • Just put the config file in ~/.kube/config Get yours from PRP’s Nautilus GPN Annual Meeting 2019 - Kubernetes Architecture 20
  • 21. The end GPN Annual Meeting 2019 - Kubernetes Architecture 21
  • 22. Acknowledgents This work was partially funded by US National Science Foundation (NSF) awards CNS-1456638, CNS-1730158, ACI-1540112, ACI-1541349, OAC-1826967, OAC 1450871, OAC-1659169 and OAC-1841530. GPN Annual Meeting 2019 - Kubernetes Architecture 22