22.05.2018Build Your Serverless Container Cloud withOpenStack and KubernetesKevin ZhaoSenior Software Engineer on Arm.OpenStack Zun Core Reviewerkevin.zhao@arm.com
AgendaWhat is Serverless Container CloudDemoZun and Container CapsuleFAQ’sBuild the Serverless Cloud
What is Serverless Container Cloud
Traditional Container Cloud Provision the clusterfirst, pay much effort incluster management Cluster level multitenant isolation Low resource utilizationCloud Infrastructure
Serverless Means “Clusterless”Run container without managingservers or clusters.Ability Run container right way with onecommand Container level multiple tenantsupport Hypervisor level security isolationAzure Container Instance
Build a clusterJust one command
Serverless container technology is coolBut I need to work with Kubernetes
VMVMPod PodPod PodPod PodPod PodKubeletKubeletPod Pod PodPod Pod PodDeployment/TaskApplicationarchitecturePod Pod PodPod Pod PodKubernetescontrol planeInfrastructurearchitecture
OpenStack asa Virtual Kubelet Node For user, Kubernetes on topOpenStack as a Virtual Kubelet nodeDeploy workloads on this virtual nodeuse kubectl and the backendrealization is Zun. For user, nothing different. User onlyneeds to focus on the containers. Node1Node2
For building serverless container cloud,what do you need initiallyStandalone OpenStack and KubernetesNetwork connectedOpenStack provisionedKubernetes
Zun and Container CapsuleZun IntroductionWine container fromAncient China
Zun – Container Service Container Service of OpenStack Provide the ability of provisioning and managingcontainers without caring underlying infrastructure.Characteristics Container as the first class resource Individual IP Address/vCPU/MemoryGoal of Zun Make users focus on their application Pay just what they need(Clusterless)
Zun – Container Service
provisioning ntainer utron(Network)
Try Zun
How to implement Pod in Zun
Zun and Container CapsuleContainer Capsule
Container CapsuleComponent One Sandbox container Multiple containers Multiple volumesCharacteristic Basic unit in Zun Co-Scheduled/Co-located Share the network namespace Share the resource limits
Unified OpenStack APIBMGlanceUnified ImageRepositoryCinderUnified BlockDeviceVMKeystoneNEUTRONUnified NetworkKURYRUnifiedAuthentication
Capsule TemplateSupport type: Yaml JsonKubernetes friendly
Capsule APIPOST /v1/capsules zun capsule-create –f demo.yamlGET /v1/capsules Zun capsule-listGET /v1/capsules/{uuid} Zun capsule-describe uuid / name DELETE /v1/capsules/{uuid} Zun capsule-delete uuid / name
Build Serverless Container CloudKubernetes on top, Zun backend
Virtual-Kubelet Kubelet implementation,masquerades container service asKubelet node. Kubernetes on top, programmedback. Intermediary to map Kubernetesrequests and resource to containerservice
Virtual-Kubelet Goal
CreatePodVirtual-kubelet structureInfo CacheResourceManagerRecord Podinfo from K8sBackend DriverVkubelet K8s clientGophercloudMainProviderProcess
CreatePodVirtual-kubelet cretsRegister NodeK8s clientSyncPod/NodeRegister Node:1. Capacity(), get virtual node info.Fill into k8s node object.2. Call:k8sClient.CoreV1().Nodes().Create(node)Sync Pod and Node:1. Watch pod requests from K8s.Update resource manager.2. Periodic task to update Nodeand Pod status from provider toK8s.
CreatePodVirtual-kubelet OperationVkubeletMainProcessReconcile:1. Create:GetPods from RM,GetPods from Provider,CreatePod if noDeletionTimeStamp2. Delete:GetPods from provider,Check into RM, if notexist, DeletePod fromProvider
Virtual-kubelet Zun supportCommunication:1.Gophercloud for ZunCapsule API support in Gophercloud2.Virtual Kubelet Zun clientConnect Zun by GophercloudResource Providing:1.Capsule will be the backend realization of Pod2.Provider essential functions for pod and node management
Pod Create ProcessKubectlCreate podVK podwatcherFind pod requestZunCapsule createResourceManagerVKReconcileAdd Pod toresource managerGet pod from ZunCompare withresource managerProviderProvidergophercloudcapsule createCreatePodRemap attributefrom pod to capsule
Future Enhanced the virtual kubelet support forconfigmap and secretEnhanced Capsule implementation and operationAligned with Kubernetes related attributeCinder multiple attach for container
Talk is cheapShow me the demo
You are welcome to join usWiki: https://wiki.openstack.org/wiki/ZunIRC: #openstack-zunIntegration of Openstack Zun with KatacontainersMayth23 ,2:40pm-3:20pm, Room 109Zun Project UpdateMayth24 ,3:30pm-3:50pm, Room 212
tackFoundation
OpenStack and Kubernetes Kevin Zhao Senior Software Engineer on Arm. OpenStack Zun Core Reviewer kevin.zhao@arm.com 22.05.2018. What is Serverless Container Cloud . architecture VM VM Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod Pod. Node1 N
AWS Serverless Application Model Developer Guide Benefits of using AWS SAM What is the AWS Serverless Application Model (AWS SAM)? The AWS Serverless Application Model (AWS SAM) is an open-source framework that you can use to build serverless applications on AWS.
Hacking Serverless Runtimes Serverless technology is getting increasingly ubiquitous in the enterprise and startup communities. As micro-services multiply and single purpose services grow, how do you audit and defend serverless runtimes? The advantages of serverless runtimes are clear: increased
serverless architecture and how future research can over-come those limitations (Sec. 4). By sharing these design patterns with the wider research and development com-munity, we hope to encourage others to develop more se-curity applications using serverless architecture and ex-plore similar
the implementation of a new performance-focused serverless platform, and comparing its performance to existing offerings. II. PROTOTYPE DESIGN We have developed a performance-oriented serverless com-puting platform1 to study serverless implementation considera-tions and provide a baseline for existing platform comparison.
Serverless computing: An evolution of cloud computing Serverless computing is an evolution of cloud computing service models -from Infrastructure-as-a-Service (IaaS) to Platform-as-a-Service (PaaS) to Function-as-a-Service (FaaS). While IaaS abstracts the underlying infrastructure to provide virtual machines for ready consumption and
container container container container container networking storage registry security logs & metrics container orchestration & cluster management (kubernetes) fedora / centos / red hat enterprise linux container runtime & packaging (docker) atomic host infrastructure automation & cockpit
container container container container container networking storage registry security logs & metrics container orchestration & cluster management (kubernetes) fedora / centos / red hat enterprise linux container runtime & packaging (docker) atomic host infrastructure automation & cockpit
USING INQUIRY-BASED APPROACHES IN TRADITIONAL PRACTICAL ACTIVITIES Luca Szalay1, Zoltán Tóth2 1Eötvös LorándUniversity, Faculty of Science, Institute of Chemistry, Pázmány Pétersétány1/A, H-1117 Budapest, Hungary, luca@chem.elte.hu 2University of Debrecen, Faculty of Science and Technology, Department of Inorganic and Analytical Chemistry,, Egyetem tér1., H-4010 Debrecen, Hungary,