Kubernetes SDN performance and architecture

•

7 likes•3,079 views

Jakub Pavlik

OpenStack Summit Barcelona 2016

Technology

Copyright © 2016 Mirantis, Inc. All rights reserved
www.mirantis.com
Kubernetes SDN
Performance and
Architecture
Jakub Pavlik
Marek Celoud

Copyright © 2016 Mirantis, Inc. All rights reserved
Presentation Agenda
1. Overlay vs Non-Overlay
2. Calico
3. OpenContrail
4. Connection/comparison
5. Q&A

Copyright © 2016 Mirantis, Inc. All rights reserved
About us
Marek Celoud
mceloud@mirantis.com
@MCeloud
Jakub Pavlík
jpavlik@mirantis.com
@JakubPav

Copyright © 2016 Mirantis, Inc. All rights reserved
Networking in Kubernetes
● Networking in containers used to be an issue
● Kubernetes solved the biggest problems of port mapping
● Different approaches for different use cases
● Overlay vs. Non-overlay
● Multitenancy and security
● Performance and scaling
● Multiple plugins similar like OpenStack Neutron

Copyright © 2016 Mirantis, Inc. All rights reserved
Network solutions in Kubernetes
SDNs:
● Calico
● OpenContrail
● Romana
● Weave
● Contiv
● OpenVSwitch
● ...

Copyright © 2016 Mirantis, Inc. All rights reserved
Overlay vs. Non-overlay
Common Overlay concerns:
● Loose benefit of simplicity
● Loose performance
● Difficult to maintain and
troubleshoot
Overlay benefits:
● Multitenancy, Security,
Micro-segmentation
● L2, L3, EVPN, L3VPN
capability
● Analytics
From performance perspective not using an overlay, it is still
necessary to use an internal bridge to demux the container
virtual-ethernet interface pairs.
“The key aspect to consider is operational complexity!”
Pedro Marques

Copyright © 2016 Mirantis, Inc. All rights reserved
Test environment
● Run various functional and performance tests
● Calico bare metal
● OpenContrail bare metal
● OpenContrail running on Kubernetes with Calico
● OpenContrail and Kubernetes next together
● Calico in OpenStack with OpenContrail
● OpenContrail Kubernetes in OpenStack with OpenContrail
● 100 nodes with 32GB RAM with 8 CPUs and 2x 10Gb links

Copyright © 2016 Mirantis, Inc. All rights reserved
Calico

Copyright © 2016 Mirantis, Inc. All rights reserved
Calico Overview
● CNI network plugin
● BIRD routing daemon
● Etcd
● Confd
● Felix
● Pure L3

Copyright © 2016 Mirantis, Inc. All rights reserved
Calico
Calico
Pros:
● No overhead
● Reduce Complexity
● Using standard
protocols
Cons:
● Underlay depended
● No L2

Copyright © 2016 Mirantis, Inc. All rights reserved
Calico with k8s
● Using CNI
● Calico 0.22.0 version with kubernetes 1.4
● Kubernetes Policy for security

Copyright © 2016 Mirantis, Inc. All rights reserved
Production consideration for Calico
● Use separate etcd cluster for Calico
● Use at least etcd v3
● Disable BGP full mesh peering
● Do not run Calico in k8s manifests, but as separated
systemd/docker

Copyright © 2016 Mirantis, Inc. All rights reserved
OpenContrail

Copyright © 2016 Mirantis, Inc. All rights reserved
OpenContrail Overview
● Overlay SDN
● Control, config, analytics, database, agent
● Multiple encapsulations (MPLSoverGRE/UDP, VXLAN)
● Uses (usually) physical gateways

Copyright © 2016 Mirantis, Inc. All rights reserved
OpenContrail overview

Copyright © 2016 Mirantis, Inc. All rights reserved
OpenContrail overview
OpenContrail
Pros:
● Underlay agnostic
● Advanced networking
features
● Uses physical
gateways
Cons:
● Overhead
● Complex

Copyright © 2016 Mirantis, Inc. All rights reserved
OpenContrail with s8s
● Network manager which provides bridge between Contrail
and k8s
● Using ECMP instead of kube-proxy (iptables) balancing
● Networks created based on labels in manifests
● Security and Multi-tenancy done by policy
● Contrail 3.0.3 supports Kubernetes 1.4

Copyright © 2016 Mirantis, Inc. All rights reserved
Production consideration for OpenContrail
● Separate Cassandra cluster for analytics
● Use physical routers as gateways

Copyright © 2016 Mirantis, Inc. All rights reserved
Comparison

Copyright © 2016 Mirantis, Inc. All rights reserved
Performance

Copyright © 2016 Mirantis, Inc. All rights reserved
Why not both?

Copyright © 2016 Mirantis, Inc. All rights reserved
Multi-cloud examples
● Connection
Baremetal, VMs,
container
● Run k8s on top of
OpenStack with
same Contrail (VM
sub-interfaces)

Copyright © 2016 Mirantis, Inc. All rights reserved
Kubernetes production findings
● build own binaries (Mirantis Downstream) instead of
reusing existing docker containers with unknown origin
● use single or high available cluster setup
● run ETCD control services in systemd not only in
manifests and docker
● cleanup from mixing bash, salt, and unrelated features for
production
● manage native SSL cert by Salt or external cert entity
● pull images from private docker registry with
authentication

Copyright © 2016 Mirantis, Inc. All rights reserved
Calico vs OpenContrail comparison

Copyright © 2016 Mirantis, Inc. All rights reserved
MCP

Copyright © 2016 Mirantis, Inc. All rights reserved
Q&A
Thank you for your time

Copyright © 2016 Mirantis, Inc. All rights reserved
Backup Slides

What's hot

Calico to secure host interfaces

D.Rajesh Kumar

Calico integration

Anirban Sen Chowdhary

Microservices: AutoScaling in Hyper-Microservice Architecture | Nguyễn Trung ...

Vietnam Open Infrastructure User Group

Open Stack Days israel Keynote 2017

Nati Shalom

Keynote by Lew Tucker, VP and CTO of Cloud Computing at Cisco, at OpenStack Silicon Valley 2015. As more companies move to software-driven infrastructures, OpenStack opens up new possibilities for traditional network service providers, media production, and content providers. Micro-services, and carrier-grade service delivery become the new watchwords for those companies looking to disrupt traditional players with virtualized services running on OpenStack.

OpenStack: Changing the Face of Service Delivery

Mirantis

Triangle Kubernetes Meetup: Container cloud networking - Contiv for K8S & Ope...

Sanjeev Rampal

Getting started with project calico

Anirban Sen Chowdhary

Container Networking Meetup March 31 2016

Andrew Randall

(Open)Stacking Containers

Ken Thompson

Introduction to the Container Networking and Security

Cloud 66

Calico using rkt

Anirban Sen Chowdhary

Simple, Scalable and Secure Networking for Data Centers with Project Calico

Emma Gordon

Open contrailmeetup

Daisuke Nakajima

How we built Packet's bare metal cloud platform

Packet

Intro to creating kubernetes operators

Juraj Hantak

At Iguane Solutions, a lot of our "DevOps" tools are developed in Golang, and we have a good amount of experience in contributing to the Goca. I'll review just what contributions we make, as well as how we use Goca with different tools, on a daily basis, to manage and monitor our OpenNebula cloud. I will delve into the concept of Infrastructure as Code - deployment of VM instances on cloud, as well as, also address the metrics collection of deployed VMs. Finally, I will present how we can abstract VM management with automation tools thanks to GOCA.

OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...

OpenNebula Project

NetApp Hybrid Cloud with OpenNebula

OpenNebula Project

Drive into calico architecture

Anirban Sen Chowdhary

Let's Talk about Packet

Packet

Deploying OpenStack Services with Linux Containers - Brisbane OpenStack Meetu...

Ken Thompson

What's hot (20)

Calico to secure host interfaces

Calico integration

Microservices: AutoScaling in Hyper-Microservice Architecture | Nguyễn Trung ...

Open Stack Days israel Keynote 2017

OpenStack: Changing the Face of Service Delivery

Triangle Kubernetes Meetup: Container cloud networking - Contiv for K8S & Ope...

Getting started with project calico

Container Networking Meetup March 31 2016

(Open)Stacking Containers

Introduction to the Container Networking and Security

Calico using rkt

Simple, Scalable and Secure Networking for Data Centers with Project Calico

Open contrailmeetup

How we built Packet's bare metal cloud platform

Intro to creating kubernetes operators

OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...

NetApp Hybrid Cloud with OpenNebula

Drive into calico architecture

Let's Talk about Packet

Deploying OpenStack Services with Linux Containers - Brisbane OpenStack Meetu...

Similar to Kubernetes SDN performance and architecture

The Cloud Convergence: OpenStack and Kubernetes.

Ihor Dvoretskyi

What's new in open stack juno (pnw os meetup)

aedocw

4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes

Juraj Hantak

Comparison of existing cni plugins for kubernetes

Adam Hamsik

Production Plone on OpenStack Cloud

Serg Melikyan

Cinder Update, OpenInfra Meetup Q3 China, 2020-09-26

Brian Rosmaita

BlackStor - World's fastest & most reliable Cloud Native Software Defined Sto...

Michal Němec

Modern Software Development

Angel Conde Manjon

cn-series-se-presentation.pptx

eli lama sabachtani sinaga

OpenShift Commons Webinar presented on March 2 2017 OpenShift networking works great out of the box, right? So why would you consider anything else? This briefing examines an alternative approach that has benefits for many scenarios – from tightly securing a few high value AWS instances to scaling a large private cloud deployment. Come learn about how how Calico differs from traditional solutions like OpenShift SDN, and see how Calico has now been integrated with Kubernetes and OpenShift to provide a smooth deployment experience, and lessons learned across hundreds of enterprise users.

Simplifying and Securing your OpenShift Network with Project Calico

Andrew Randall

For many DevOps teams, Kubernetes has become an enterprise IT mandate, but like previous waves of infrastructure change, Kubernetes security best practices must be followed throughout the container life cycle. Join us for a discussion around Kubernetes security challenges and best practices. You will learn how to: Stay on top of ongoing Kubernetes hygiene by hardening your nodes, employing RBAC best practices, etc.; Secure your production workloads; Thwart an attack, with a live demo.

Kubernetes Security Best Practices for DevOps

DevOps.com

Container Attached Storage (CAS) with OpenEBS - SDC 2018

OpenEBS

Production ready kubernetes

Arnaud MAZIN

Edge Computing along with 5G promises to revolutionize customer experience with immersive applications that we can only imagine at this point. The edge will include PNFs, VNFs, and mobile-edge applications; requiring containers, virtual machines and bare-metal compute. But while edge computing promises numerous new revenue streams, managing and orchestrating these edge infrastructure environments is not going to be a seamless, instant process. In this webinar, experts in NFV orchestration discuss the concerns you must address in the transition to the edge, and show how you can use available open source tools to create a single management environment for PNFs, VNFs, and mobile-edge applications.

Edge Computing: A Unified Infrastructure for all the Different Pieces

Cloudify Community

Performance is not an Option - gRPC and Cassandra

Dave Bechberger

Enhancing Kubernetes with Autoscaling & Hybrid Cloud IaaS

Matt Baldwin

Top 5 benefits of docker

John Zaccone

Webinar Session - https://youtu.be/_5MfGMf8PG4 In this webinar, we share how the Container Attached Storage pattern makes performance tuning more tractable, by giving each workload its own storage system, thereby decreasing the variables needed to understand and tune performance. We then introduce MayaStor, a breakthrough in the use of containers and Kubernetes as a data plane. MayaStor is the first containerized data engine available that delivers near the theoretical maximum performance of underlying systems. MayaStor performance scales with the underlying hardware and has been shown, for example, to deliver in excess of 10 million IOPS in a particular environment.

Webinar: OpenEBS - Still Free and now FASTEST Kubernetes storage

MayaData Inc

The rise of microservices details how the software infrastructure of the future are changing. As corporations strive for competitive advantage, they must redesign their brownfield legacy applications and move them to the cloud. Agile Cloud applications follow microservices and cloudnative development patterns. Microservices architectures are enabled by Docker and Kubernetes. Both software are hosted by CNCF. microservices architectures are being enhanced with a service mesh layer which simplifies the communication and management of cloudnative applications.

The rise of microservices

Cloud Technology Experts

OSDC 2018 | Self Hosted Bare Metal Kubernetes for SMEs by Thomas Toppe

NETWAYS

Similar to Kubernetes SDN performance and architecture (20)

The Cloud Convergence: OpenStack and Kubernetes.

What's new in open stack juno (pnw os meetup)

4. CNCF kubernetes Comparison of-existing-cni-plugins-for-kubernetes

Comparison of existing cni plugins for kubernetes

Production Plone on OpenStack Cloud

Cinder Update, OpenInfra Meetup Q3 China, 2020-09-26

BlackStor - World's fastest & most reliable Cloud Native Software Defined Sto...

Modern Software Development

cn-series-se-presentation.pptx

Simplifying and Securing your OpenShift Network with Project Calico

Kubernetes Security Best Practices for DevOps

Container Attached Storage (CAS) with OpenEBS - SDC 2018

Production ready kubernetes

Edge Computing: A Unified Infrastructure for all the Different Pieces

Performance is not an Option - gRPC and Cassandra

Enhancing Kubernetes with Autoscaling & Hybrid Cloud IaaS

Top 5 benefits of docker

Webinar: OpenEBS - Still Free and now FASTEST Kubernetes storage

The rise of microservices

OSDC 2018 | Self Hosted Bare Metal Kubernetes for SMEs by Thomas Toppe

More from Jakub Pavlik

Operators experience and perspective on SDN with VLANs and L3 Networks

Jakub Pavlik

SmartCity IoT on Kubernetes and OpenStack

Jakub Pavlik

OpenContrail Experience tcp cloud OpenStack Summit Tokyo

Jakub Pavlik

tcp cloud & AVG User Story. Does your IT department’s left hand talk to the right hand? Finally ours does at http://www.avg.com/eu-en/homepage! This is the story of OpenStack as our salvation, and important lessons learned in technology and IT politics. Our appsdev team’s devops abilities were being held ransom on vCenter, so we wanted public cloud agility for dev/test/staging. With the help of our IT partner…Full session details here: http://awe.sm/r9Ekr

OpenStack Ousts vCenter for DevOps and Unites IT Silos at AVG Technologies

Jakub Pavlik

OpenContrail Implementations

Jakub Pavlik

OpenStack High Availability

Jakub Pavlik

OpenContrail deployment experience

Jakub Pavlik

More from Jakub Pavlik (7)

Operators experience and perspective on SDN with VLANs and L3 Networks

SmartCity IoT on Kubernetes and OpenStack

OpenContrail Experience tcp cloud OpenStack Summit Tokyo

OpenStack Ousts vCenter for DevOps and Unites IT Silos at AVG Technologies

OpenContrail Implementations

OpenStack High Availability

OpenContrail deployment experience

Recently uploaded

In this keynote, Asanka Abeysinghe, CTO,WSO2 will explore the shift towards platformless technology ecosystems and their importance in driving digital adaptability and innovation. We will discuss strategies for leveraging decentralized architectures and integrating diverse technologies, with a focus on building resilient, flexible, and future-ready IT infrastructures. We will also highlight WSO2's roadmap, emphasizing our commitment to supporting this transformative journey with our evolving product suite.

Platformless Horizons for Digital Adaptability

WSO2

💉💊+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHABI}}+971581248768 +971581248768 Mtp-Kit (500MG) Prices » Dubai [(+971581248768**)] Abortion Pills For Sale In Dubai, UAE, Mifepristone and Misoprostol Tablets Available In Dubai, UAE CONTACT DR.Maya Whatsapp +971581248768 We Have Abortion Pills / Cytotec Tablets /Mifegest Kit Available in Dubai, Sharjah, Abudhabi, Ajman, Alain, Fujairah, Ras Al Khaimah, Umm Al Quwain, UAE, Buy cytotec in Dubai +971581248768''''Abortion Pills near me DUBAI | ABU DHABI|UAE. Price of Misoprostol, Cytotec” +971581248768' Dr.DEEM ''BUY ABORTION PILLS MIFEGEST KIT, MISOPROTONE, CYTOTEC PILLS IN DUBAI, ABU DHABI,UAE'' Contact me now via What's App…… abortion Pills Cytotec also available Oman Qatar Doha Saudi Arabia Bahrain Above all, Cytotec Abortion Pills are Available In Dubai / UAE, you will be very happy to do abortion in Dubai we are providing cytotec 200mg abortion pill in Dubai, UAE. Medication abortion offers an alternative to Surgical Abortion for women in the early weeks of pregnancy. We only offer abortion pills from 1 week-6 Months. We then advise you to use surgery if its beyond 6 months. Our Abu Dhabi, Ajman, Al Ain, Dubai, Fujairah, Ras Al Khaimah (RAK), Sharjah, Umm Al Quwain (UAQ) United Arab Emirates Abortion Clinic provides the safest and most advanced techniques for providing non-surgical, medical and surgical abortion methods for early through late second trimester, including the Abortion By Pill Procedure (RU 486, Mifeprex, Mifepristone, early options French Abortion Pill), Tamoxifen, Methotrexate and Cytotec (Misoprostol). The Abu Dhabi, United Arab Emirates Abortion Clinic performs Same Day Abortion Procedure using medications that are taken on the first day of the office visit and will cause the abortion to occur generally within 4 to 6 hours (as early as 30 minutes) for patients who are 3 to 12 weeks pregnant. When Mifepristone and Misoprostol are used, 50% of patients complete in 4 to 6 hours; 75% to 80% in 12 hours; and 90% in 24 hours. We use a regimen that allows for completion without the need for surgery 99% of the time. All advanced second trimester and late term pregnancies at our Tampa clinic (17 to 24 weeks or greater) can be completed within 24 hours or less 99% of the time without the need surgery. The procedure is completed with minimal to no complications. Our Women's Health Center located in Abu Dhabi, United Arab Emirates, uses the latest medications for medical abortions (RU-486, Mifeprex, Mifegyne, Mifepristone, early options French abortion pill), Methotrexate and Cytotec (Misoprostol). The safety standards of our Abu Dhabi, United Arab Emirates Abortion Doctors remain unparalleled. They consistently maintain the lowest complication rates throughout the nation. Our Physicians and staff are always available to answer questions and care for women in one of the most difficult times in their lives. The decision to have an abortion at the Abortion Cl

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Juan lago vázquez

ICT role in 21st century education and its challenges

rafiqahmad00786416

Understanding the FAA Part 107 License ..

Christopher Logan Kennedy

FWD Group - Insurer Innovation Award 2024

The Digital Insurer

Following the popularity of “Cloud Revolution: Exploring the New Wave of Serverless Spatial Data,” we’re thrilled to announce this much-anticipated encore webinar. In this sequel, we’ll dive deeper into the Cloud-Native realm by uncovering practical applications and FME support for these new formats, including COGs, COPC, FlatGeoBuf, GeoParquet, STAC, and ZARR. Building on the foundation laid by industry leaders Michelle Roby of Radiant Earth and Chris Holmes of Planet in the first webinar, this second part offers an in-depth look at the real-world application and behind-the-scenes dynamics of these cutting-edge formats. We will spotlight specific use-cases and workflows, showcasing their efficiency and relevance in practical scenarios. Discover the vast possibilities each format holds, highlighted through detailed discussions and demonstrations. Our expert speakers will dissect the key aspects and provide critical takeaways for effective use, ensuring attendees leave with a thorough understanding of how to apply these formats in their own projects. Elevate your understanding of how FME supports these cutting-edge technologies, enhancing your ability to manage, share, and analyze spatial data. Whether you’re building on knowledge from our initial session or are new to the serverless spatial data landscape, this webinar is your gateway to mastering cloud-native formats in your workflows.

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Safe Software

Discover the innovative features and strategic vision that keep WSO2 an industry leader. Explore the exciting 2024 roadmap of WSO2 API management, showcasing innovations, unified APIM/APK control plane, natural language API interaction, and cloud native agility. Discover how open source solutions, microservices architecture, and cloud native technologies unlock seamless API management in today's dynamic landscapes. Leave with a clear blueprint to revolutionize your API journey and achieve industry success!

WSO2's API Vision: Unifying Control, Empowering Developers

WSO2

Dubai, often portrayed as a shimmering oasis in the desert, faces its own set of challenges, including the occasional threat of flooding. Despite its reputation for opulence and modernity, the emirate is not immune to the forces of nature. In recent years, Dubai has experienced sporadic but significant floods, testing the resilience of its infrastructure and communities. Among the critical lifelines in this bustling metropolis is the Dubai International Airport, a bustling hub that connects the city to the world. This article explores the intersection of Dubai flood events and the resilience demonstrated by the Dubai International Airport in the face of such challenges.

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

Orbitshub

The Good, the Bad and the Governed - Why is governance a dirty word? David O'Neill, Chief Operating Officer - APIContext Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

apidays

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on the deployment of external web forms using Jotform for Bonterra Impact Management. This solution can be customized to your organization’s needs and deployed to support the common use cases below: - Intake and consent - Assessments - Surveys - Applications - Program registration Interested in deploying web form automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Jeffrey Haguewood

Join our latest Connector Corner webinar to discover how UiPath Integration Service revolutionizes API-centric automation in a 'Quote to Cash' process—and how that automation empowers businesses to accelerate revenue generation. A comprehensive demo will explore connecting systems, GenAI, and people, through powerful pre-built connectors designed to speed process cycle times. Speakers: James Dickson, Senior Software Engineer Charlie Greenberg, Host, Product Marketing Manager

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

DianaGray10

presentation ICT roal in 21st century education

jfdjdjcjdnsjd

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...

Zilliz

Passkeys: Developing APIs to enable passwordless authentication Cody Salas, Sr Developer Advocate | Solutions Architect - Yubico Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

apidays

[BuildWithAI] Introduction to Gemini.pdf

Sandro Moreira

AWS Community Day CPH - Three problems of Terraform

Andrey Devyatkin

Exploring Multimodal Embeddings with Milvus

Zilliz

Vector Search -An Introduction in Oracle Database 23ai.pptx

Remote DBA Services

Angeliki Cooney has spent over twenty years at the forefront of the life sciences industry, working out of Wynantskill, NY. She is highly regarded for her dedication to advancing the development and accessibility of innovative treatments for chronic diseases, rare disorders, and cancer. Her professional journey has centered on strategic consulting for biopharmaceutical companies, facilitating digital transformation, enhancing omnichannel engagement, and refining strategic commercial practices. Angeliki's innovative contributions include pioneering several software-as-a-service (SaaS) products for the life sciences sector, earning her three patents. As the Senior Vice President of Life Sciences at Avenga, Angeliki orchestrated the firm's strategic entry into the U.S. market. Avenga, a renowned digital engineering and consulting firm, partners with significant entities in the pharmaceutical and biotechnology fields. Her leadership was instrumental in expanding Avenga's client base and establishing its presence in the competitive U.S. market.

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...

Angeliki Cooney

Recently uploaded (20)

Platformless Horizons for Digital Adaptability

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

ICT role in 21st century education and its challenges

Understanding the FAA Part 107 License ..

FWD Group - Insurer Innovation Award 2024

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

WSO2's API Vision: Unifying Control, Empowering Developers

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

presentation ICT roal in 21st century education

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

[BuildWithAI] Introduction to Gemini.pdf

AWS Community Day CPH - Three problems of Terraform

Exploring Multimodal Embeddings with Milvus

Vector Search -An Introduction in Oracle Database 23ai.pptx

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...

Kubernetes SDN performance and architecture

4. Copyright © 2016 Mirantis, Inc. All rights reserved Networking in Kubernetes ● Networking in containers used to be an issue ● Kubernetes solved the biggest problems of port mapping ● Different approaches for different use cases ● Overlay vs. Non-overlay ● Multitenancy and security ● Performance and scaling ● Multiple plugins similar like OpenStack Neutron

6. Copyright © 2016 Mirantis, Inc. All rights reserved Overlay vs. Non-overlay Common Overlay concerns: ● Loose benefit of simplicity ● Loose performance ● Difficult to maintain and troubleshoot Overlay benefits: ● Multitenancy, Security, Micro-segmentation ● L2, L3, EVPN, L3VPN capability ● Analytics From performance perspective not using an overlay, it is still necessary to use an internal bridge to demux the container virtual-ethernet interface pairs. “The key aspect to consider is operational complexity!” Pedro Marques

7. Copyright © 2016 Mirantis, Inc. All rights reserved Test environment ● Run various functional and performance tests ● Calico bare metal ● OpenContrail bare metal ● OpenContrail running on Kubernetes with Calico ● OpenContrail and Kubernetes next together ● Calico in OpenStack with OpenContrail ● OpenContrail Kubernetes in OpenStack with OpenContrail ● 100 nodes with 32GB RAM with 8 CPUs and 2x 10Gb links

13. Copyright © 2016 Mirantis, Inc. All rights reserved Production consideration for Calico ● Use separate etcd cluster for Calico ● Use at least etcd v3 ● Disable BGP full mesh peering ● Do not run Calico in k8s manifests, but as separated systemd/docker

15. Copyright © 2016 Mirantis, Inc. All rights reserved OpenContrail Overview ● Overlay SDN ● Control, config, analytics, database, agent ● Multiple encapsulations (MPLSoverGRE/UDP, VXLAN) ● Uses (usually) physical gateways

18. Copyright © 2016 Mirantis, Inc. All rights reserved OpenContrail with s8s ● Network manager which provides bridge between Contrail and k8s ● Using ECMP instead of kube-proxy (iptables) balancing ● Networks created based on labels in manifests ● Security and Multi-tenancy done by policy ● Contrail 3.0.3 supports Kubernetes 1.4

24. Copyright © 2016 Mirantis, Inc. All rights reserved Kubernetes production findings ● build own binaries (Mirantis Downstream) instead of reusing existing docker containers with unknown origin ● use single or high available cluster setup ● run ETCD control services in systemd not only in manifests and docker ● cleanup from mixing bash, salt, and unrelated features for production ● manage native SSL cert by Salt or external cert entity ● pull images from private docker registry with authentication

Kubernetes SDN performance and architecture

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Kubernetes SDN performance and architecture

Similar to Kubernetes SDN performance and architecture (20)

More from Jakub Pavlik

More from Jakub Pavlik (7)

Recently uploaded

Recently uploaded (20)

Kubernetes SDN performance and architecture