Kubernetes currently has two load balancing mode: userspace and IPTables. They both have limitation on scalability and performance. We introduced IPVS as third kube-proxy mode which scales kubernetes load balancer to support 50,000 services. Beyond that, control plane needs to be optimized in order to deploy 50,000 services. We will introduce alternative solutions and our prototypes with detailed performance data.
ジュニパーネットワークス Multi Chassis LAGの概要、基本機能、設定方法についてご説明いたします。
Cilium is an open source project which provides networking, security and load balancing for application services that are deployed using Linux container technologies by using the native eBPF technology in the Linux kernel. In this presentation we talked about: - The evolution of the BPF filters and explained the advantages of eBPF Filters and its use cases today in Linux especially on how Cilium networking utilizes the eBPF Filters to secure the Kubernetes workload with increased performance when compared to legacy iptables. - How Cilium uses SOCKMAP for layer 7 policy enforcement - How Cilium integrates with Istio and handles L7 Network Policies with Envoy Proxies. - The new features since the last release such as running Kubernetes cluster without kube-proxy, providing clusterwide NetworkPolicies, providing fully distributed networking and security observability platform for cloud native workloads etc.
Cilium is an open source software that provides networking and security for Kubernetes. It implements Kubernetes networking, security policies, load balancing, and service mesh capabilities using eBPF. Cilium provides multi-cluster networking by coupling multiple Kubernetes clusters into a cluster mesh with a shared control plane. It also offers a sidecar-less service mesh that uses eBPF and Envoy for L4 and L7 traffic management instead of injecting proxies into each pod. Demos showed Cilium's multi-cluster load balancing and policies as well as its service mesh capabilities.
The document discusses Kubernetes networking. It describes how Kubernetes networking allows pods to have routable IPs and communicate without NAT, unlike Docker networking which uses NAT. It covers how services provide stable virtual IPs to access pods, and how kube-proxy implements services by configuring iptables on nodes. It also discusses the DNS integration using SkyDNS and Ingress for layer 7 routing of HTTP traffic. Finally, it briefly mentions network plugins and how Kubernetes is designed to be open and customizable.
Yuki Nishiwaki / Samir Ibradzic (LINE Corporation) OpenStack Summit Vancouver, May 2018 https://www.openstack.org/summit/vancouver-2018/summit-schedule/global-search?t=Yuki%20Nishiwaki
Cloud Native Days Online 2021で発表した際に使った資料です。 尺の都合上カットしたスライドも含んでいるため、実際に話した際に使ったスライドよりも多いです。
This document discusses cloud native computing and the Cloud Native Computing Foundation (CNCF). It defines cloud native as a new paradigm for developing, deploying, and running applications using open source software like microservices, containers, and container orchestration. The CNCF is responsible for building sustainable ecosystems of cloud native software and serves as the home for many fastest growing open source projects like Kubernetes, Prometheus, and Envoy. The document outlines CNCF projects at different maturity levels and describes how cloud native technologies empower organizations to build scalable distributed applications using open standards.
2017年11月14日開催 『サイバーエージェントとさくらインターネットのインフラ談義』のスライド資料です
タイトル:NFVアプリケーションをOpenStack上で動かす為に 講師:橋口 厚志(NEC) アジェンダ: - NFV概要 - 独自基盤時代 - OpenStack改造時代 - OpenStack利用時代、そしてこれから
Kube-proxy is a Kubernetes component responsible to re-conciliate the state of the Service resources. This component can be configured in four different modes: userspace, iptables, IPVS or Kernel space (Windows). In big scales, the IPVS mode offers better performance resulting in an attractive offer. In this session, I'll try to explain the IPVS internals, and how Kubernetes automates the management of services through basic examples.
2023년 4월 6일에 진행한 "레드햇 오픈스택 17 저자 직강 + 스터디 그룹" 1주차 세션 슬라이드입니다.
え、まって。その並列分散処理、Kafkaのしくみでもできるの? Apache Kafkaの機能を利用した大規模ストリームデータの並列分散処理 (NTTデータ テクノロジーカンファレンス 2019 講演資料、2019/09/05) NTTデータ 技術革新統括本部 システム技術本部生産技術部 インテグレーション技術センタ データ活用チーム 佐々木 徹
Container Runtime Meetup #3の発表資料です。 高レベルコンテナランタイムcontainerdの概要を紹介しています。 https://runtime.connpass.com/event/198071/
Red Hat OpenShift Container Platform で利用できるストレージである、Red Hat OpenShift Container Storage の紹介資料です。