OpenShift 3.x: Features/Functions/Future · Formalizing K8S proposal process (KEP) Continuing...
Transcript of OpenShift 3.x: Features/Functions/Future · Formalizing K8S proposal process (KEP) Continuing...
OpenShift 3.x: Features/Functions/Future
OpenShift Commons Gathering - Austin, Tx December 5, 2017
Clayton Coleman - Architect, Red HatMike Barrett - Product Manager, Red Hat OpenShift
1.8 WAS BIGGER THAN EVER
● 2000+ pull requests and 2500 commits● 380+ committers● 39 features across 29 SIGs and 5 WG● 1.8: 4 features to stable, 16 features to beta● 1.9: 2 features to stable, 16 features to beta
And that’s just the technical part
COMMUNITY IS THE BEST FEATURE
● Kubernetes Steering Committee formed● New top level SIG - SIG-Architecture● Formalizing K8S proposal process (KEP)● Continuing investment in the community
Everyone is welcome here!
Focus Areas Over the Next Year
Cloud-Native & Traditional Apps● RHOAR cloud-native frameworks● Service Catalog / Brokers● Windows Containers● RHOADS intelligent apps● Service Mesh / Istio
Middleware & ISVs● ISV certifications & packaged apps● Fuse Online, RHOM, and other services
Invest in New Services● NFV / Telco + Containers● Serverless● Analytics & ML/AI● HPC & Low Latency● High-Performance MFV
Developer Experience● Focus on simplified, app-centrix UXD● Enable OpenShift.io for hybrid● Incorporate Dev Tools acquisitions
Core Platform Features● CRI-O investment● Security enhancements● Logging & Metrics● OVN
Install, Upgrades & Management● Ansible install/upgrade enhancements● Deliver CloudForms CM-Ops in CF 4.6● Cluster Federation ● OCP+CNS integrated monitoring/Mgmt● OCP+OSP integration enhancements
APPLICATIONS & SERVICES CORE PLATFORM FEATURES
STABILITY IS A FEATURE
● Strong focus on fixing bugs since 1.72605 issues resolved since 1.7 (June 30th)
● Mature existing features to beta or stable 40 features moved to beta or stable
● Production mattersRefine, polish, scale, tighten
EVENTS AND SCALE
● Events expose important transient info to users
● Key debugging tool● In large clusters, excessive
events observed● FIX: Streamline sources● FIX: Client-side rate limit● 1.9: Server-side throttle
master
Nodes
master
NodesNodes Nodes
Before:100 event/s
After:3 event/s
DENSE CLUSTER SCALING● On very dense clusters
clients retrieve a lot of data
● Alpha: gzip compression● Alpha: clients can receive
results in chunks● Result: reduce 95th
percentile latencies and improve client experience
master
LIST Pods (3.5MB)
master
LIST PodsResults returned in chunks of 500
20KB 20KB 20KB
20KB ...
MONITORING
● Prometheus cluster monitoring tech preview in OpenShift 3.7
● Fixed 10+ bugs around component monitoring
● Used experience at scale to guide new metrics
● Improve observability
Improvements in network and memory use before and after etcd3 migration
METRICS AND AUTOSCALING
● Beta metrics API for pods and nodes, replacing heapster
● Custom metrics API to expose arbitrary application metrics
● HPA v2 autoscaler targeting custom metrics● Improve visibility into HPA status● Lay foundations for usage based scheduling
EXTENSIBILITY EVERYWHERE
● FlexVolumes can more easily be deployed○ New opportunities for node extension
● Custom resource definitions support validation● Admission webhooks move to beta● CRI continues to mature (see CRI-O)
NETWORKING
● Improvements to service load balancing○ Iptables performance and scale improvements○ Beta IPVS kube-proxy implementation
■ Promises better failover handling and detection● Network policy improvements
○ Pod egress support added to NetworkPolicy● IPv6 Alpha support in Kubernetes 1.9
STORAGE
● Local storage○ Scheduler assigns local disk, just like CPU○ PVCs that are bound to that node○ Still in alpha, but helping improve a number of
key areas:■ Scheduler awareness of nodes and volumes■ Local IO isolation and guarantees■ Resource accounting for disk
● Resize and Snapshotting
PERFORMANCE SENSITIVE APPS
● Goal○ Support more workload types○ With better performance○ Without sacrificing reliability
● Focus areas○ CPU management○ Device plugins○ HugePages
BETTER CONTAINER RUNTIME
CRI-O is nearing production readiness
Performance, reliability, and overhead improvements.
OPENSHIFT SERVICE CATALOG
OpenShiftAnsibleBroker
OpenShiftTemplateBroker
AWSServiceBroker
OtherServiceBrokers
ANSIBLE
OPENSHIFT
AMAZON WEB SERVICES
OTHER COMPATIBLE SERVICES
Ansible Playbook Bundles
OpenShiftTemplates
PublicCloudServices
OtherServices
Service BrokersExpose and Provision Services
SERVICE BROKERS
NEW!
Service Catalog - What’s Next
Injection of Binding Data
Objective: reduce manual steps
After a service is provisioned, and bound, a secret is created
secret will be added to a deployment configuration using PodPreset
Deployment Config Change trigger will cause redeployment of pods, which will include binding data.
Service Governance
Objective: allow fine-grained control on who can provision and bind to services.
Scenario: in my organization developers can only provision and bind to development services. Production apps have access to services tagged as production-ready and are controlled by a different group
INSTALL AND UPGRADE
● Multi-Version upgrades○ Rolling update versions during OCP upgrade (i.e. 3.7 to 3.9)○ Under investigation for targeted “LTS” versions (3.9)
● Provider-specific installs○ Configures OpenShift Container Platform & underlying
infrastructure, based on reference architecture recommendations
○ AWS and OpenStack initially; Azure, Google and VMWare next
CLOUD NODES
● Build Golden Images for most cloud providers○ Same configuration path as today w/ Ansible
● Bootstrap nodes from the masters○ Centralized master config, cert management○ Nodes check in, download config, run pods
● Leads to autoscaling node groups● Problematic nodes can just be deleted
● Containerized (aka podified) CF○ Installed on OpenShift with Installer or
Template● OpenShift Provider for Prometheus
○ Metrics and Alerts in container dashboards
○ Alerts management ● Chargeback
○ By Allocation (vs. Usage)
MANAGEMENT Object Relationships, Usage, CrossLinking
(SOME) 1.10 GOALS● Stability and bug fixes (obv!)● Everything is extensible● Scaling improvements
● Initializers and webhook admission being used internally
● De-scheduler● Priority and preemption● More node level improvements
in resource management
● Better core multitenancy● Get volume snapshots and
resizing to beta● Better Prometheus
integration into metrics● Block device support
SERVERLESS COMPUTING
Service Microservice Function
f( )> Single Purpose> Stateless> Independently Scalable> Automated
> Single Action> Event-sourced> Ephemeral
> Autonomous> Loosely-coupled
APP CONFIG & DEFINITION
● No core “application” concept in Kubernetes○ Define conventions for user-defined apps○ Leads to be better ecosystem experience
● Work to simplify and improve config mgmt in K8s○ Better Ansible tooling○ Reuse more work across different solutions
● Improve interoperation across clusters
Istio
● Intelligent Routing and Load
Balancing
● Resilience Across Languages
and Platforms
● Telemetry and Reporting
● Policy Enforcement
OCPGateway(for outbound/as a consumer API
control)
north
south
service billing
Gateway(for inbound API control)
service booking service invoicing
west east
Envoy proxy
SERVICE MESH