Looking around, containers, Kubernetes, and cloud native technologies are becoming more and more popular among enterprises, as Kubernetes has become the standard for large-scale deployment of containerized applications. With its rapid iterative development, enterprises also face various complex problems and challenges in the actual application deployment process. How to overcome the technical difficulties of K8S and make it serve container application better has become the focus of attention.
On August 17, UCan Afternoon tea Shanghai station — “Cloud native Kubernetes development and operation and maintenance” technology salon site, six senior technical experts around K8S landing practice for a full discussion.
Zhang Miaolei: The practice and application of Kubernetes cluster in cloud platform
Launched in 2014, K8S aims to serve as a platform for container-managed scheduling within a cluster. Users only need to care about putting content into containers, and entrust scheduling and operation to K8S. In order to make K8S run more smoothly and perfect in the production environment, UK8S launched by UCloud as a public cloud manufacturer provides a lot of expansion capabilities in addition to generality.
For example, in the network scheme of Pod, by virtue of the underlying network capacity of cloud manufacturers, through providing SecondIP, it can get through with other products on the cloud to avoid performance loss caused by using packet scheme. As for service access, UK8S of public cloud can be well provided by plug-ins. Users can automatically associate and use ULB products by creating a Loadbalancer service inside the cluster. It also supports non-SNAT loadbalancer, allowing pods to get the source IP address directly.
Storage, K8S in the original PV cluster administrator or third party to achieve. UK8S also provides an automated implementation in conjunction with UCloud storage products, in both block storage and file storage. You only need to create a PVC in the cluster. The preset StorageClass automatically creates a CORRESPONDING PV and associates it with the UDisk/UFS for fast access.
Zhang Pengbo: UK8S creates a stable and easy-to-use Kubernetes service
K8S is essentially a weak tenant concept that is isolated through a namespace. But UCloud’s UK8S, launched in 2018 as a public cloud K8S service, faces a strong demand for tenant segregation that would otherwise be unacceptable to users. To this end, we propose the idea that all resources in K8S should be exclusive to users.
This is reflected in the VPC network. K8S clusters of different users are distributed in different VPCS, and the network is completely isolated. Secondly, tenant isolation of resources, including computing resource isolation such as UHost, Node and Master isolation, and complete isolation of storage plug-ins, including block storage and file storage. In order to improve ease of use and maintainability, UK8S also provides targeted solutions, such as providing one-click create/delete cluster function, supporting automatic expansion of cluster scale, supporting API Service access through the Internet, providing cross-availability robustness, etc. The cluster management HA architecture is shown below:
In addition, the combination of UK8S and UCloud bare metal product Golden Wing physics machine is also introduced. The TCO for physical leasing is very competitive, and if you want to run K8S, it provides pre-installed K8S services, and storage and load balancing can be deployed with it. UK8S is expected to expand its service to more than 30 available areas in the second half of the year and offer features such as a new version of the app Store.
Lexin Medical Wei Feilong: Kubernetes in lexin health exploration and practice
One of lexin Medical’s main products is Lexin Bracelet, and the back-end service interacts with users through App. The service has been fully operational on K8S since 2016, when it was a self-built cluster. There are many problems with self-build, such as running the same image in test, development, and production environments, and packaging the service configuration as an image in the traditional way is a problem. In addition, in the previous installation process, we manually installed binary files one by one, which needed to download software packages one by one and configure verification, which was very time-consuming. Recently, WE started to use kubeadm tool to achieve rapid installation. The kubernetes-SIGs image cannot be downloaded during self-built K8S cluster. You need to change the image address and install it again.
Due to the high maintenance costs, all services have now been migrated to UK8S. The benefits are that there is no need to care about previously installed components, and the management of network and storage is easier. Wei finally introduced the use of Apollo configuration center, compared to the previous open source configuration center to save more than 10 seconds of startup time. As well as using Jenkins to carry out parallel Pipeline release, as long as there is a release failure, the operation will be terminated, saving the development waiting time.
Liu Tuo: Application of K8S in StepFlow project
StepFlow, which stands for workflow engine, can orchestrate microservice apis in a flow way and build applications without writing any code. StepFlow architecture is designed with the concept of microservices, so it naturally comes to container deployment. However, the team encountered many challenges on the road to containerization, such as how to properly plan resources, how to solve high availability, and how to interconnect services. A cure is not a good idea, but UCloud’s internal-facing K8S platform KUN is the solution.
For resource management, KUN can easily achieve high availability and distribution across availability zones, as well as being completely transparent to business. You can configure services to interconnect services, manage configurations, and monitor logs. Community support is also better, as many of the cloud-native components in CNCF can be used directly. The KUN platform frees up the productivity of the business side to focus on upper-level image production, automated test sets, grayscale systems, and more. The whole project of StepFlow is based on KUN. Within a short period of time, a CI/CD Pipeline has been realized, achieving the effect of one-click deployment, which can be said to be a successful practice of building applications based on cloud native standards.
CAI Shu: Service grid scheme based on Kong
Kong is currently one of the most popular API gateways. First, it is intelligent and easy to use. It can integrate with micro-services, deal with dynamic routing, and do fine-grained analysis and statistics for micro-services at the bottom. Second, it is simple and flexible, supports containerized deployment, and provides installation packages. Management functions are provided through plug-ins, which are rich enough to form a community. Throughput and latency are also good.
The application scenarios of Kong are as follows: 1) As an entrance, traffic can enter through the gateway; Second, visualization of microservices; The third is black/gray flow cleaning, dependent on feature recognition; The fourth is micro-service support, which is convenient to use after binding with the service registry. In addition, there are traffic visualization and micro-service quality management. The technical implementation is Nginx at the bottom, OpenResty at the top, and Clustering at the top, which ensures that the configuration works in real time when scaling horizontally. On top of that, the RESTful interface does not need to modify the Nginx configuration file, but is done through code calls.
First year Science and Technology Wang Haifeng: small and medium-sized team K8S landing road
K8S technology is relatively complex, limited by manpower more need to understand how to be simple landing. Wang Haifeng thinks that the first is to think clearly about the key points, such as what basic services are needed to ensure the landing of large applications, how to build a set of simple external procedures, how to use a unified K8S environment offline and online to ensure the consistency of development and testing, how to design a unified K8S interface, etc.
In the practice of first Year technology, the Windows server was first used for practical reasons, mainly to take advantage of its account credential features. Secondly, Jenkins was used to trigger the external browser-side DevOps process, and the process line was solved simply by batch processing and script. Rancher is used to deploy the environment on three physical machines offline. In order to reduce operation and maintenance manpower, UCloud mirror library and UK8S are directly used for the online environment, saving cluster maintenance energy. Dandelion third-party services are used to connect online and offline to provide DevOps communication. On the communication of K8S cluster, REST style API is adopted, and the deployment and deletion of API can be designed by using Curl’s Post and Delete methods.
For more technical content of this lecture, please pay attention to “UCloud technology” public account reply “K8S” to obtain the lecturer’s speech PPT.