Modularity Loose coupling is a goal everywhere • simpler • more composable • more extensible Isolate risk with interchangeable parts Sometimes accused of having too many parts -- but most are trivially replaced! Result: A more robust, adaptable system
Cloud Provider Linked as a library (for now) • needs to be extracted for easier customization Supports major public clouds, and some private clouds Interfaces for things like availability zones, VMs, load-balancers ? Used by controllers, admission control,
Container Runtime Not all containers are Docker containers Runtime API abstracts containers and implements pods Runtime API • Linked as a library, but out-of- process plugin is in devel Docker is just the first implementation In devel: • rkt (CoreOS) • hyper_ (Hyper.sh)
Multi-Scheduler ? A scheduler is just a program that uses the Kubernetes API Scheduler Scheduler Scheduler Anyone can write their own • e.g. specialized affinity or isolation • customized for your needs • handle only Pods you care about Pods can “opt in” to alternative schedulers with an annotation (alpha) • default scheduler will ignore them
Network Plugins Introduced in Kubernetes v1.0 • still considered experimental Plugin Uses CNI (CoreOS/appc) in v1.1 • simple exec interface net Plugin • not using Docker libnetwork, • can simply defer to Docker Cluster admins can customize their installs Plugin • DHCP, MACVLAN, Flannel, custom...
Google Cloud Platform
Storage Plugins Introduced in Kubernetes v1.0 • ~20 plugins in-tree so far Linked as a library • APIs: attach, mount, recycle, provision • not all plugins implement all facets • “flex” plugin for out-of-process plugins Plugin Plugin • can (soon) pass-through to Docker Usable directly (from a Pod) or through Plugin PersistentVolumes abstraction
Ingress (L7 LB) Client Services are L3/L4 (IP + port) Many apps are HTTP/HTTPS URL Map Ingress maps incoming traffic to backend services • by HTTP host headers • by HTTP URL paths HAProxy, NGINX, AWS and GCE implementations in progress Now with SSL! BETA in Kubernetes v1.2
3rd Party & API Groups API Server ThirdPartyResource: • store your objects in our API server • CRUD only • creates a new Kind in the API Pods • try ideas or build simple extensions Services Federated API servers: coming soon ReplicaSets • store your objects in your own API server Your • register with our API, we delegate Your3PR API • more control of validation, errors, etc. • creates a new Kind in the API YourAPI
Services & kube-proxy Services are an abstraction: a stable IP that Client fronts N pods Default implementation is iptables, but that is just Service IP one way to do it Other implementations are equally valid • “real” load balancers • VIP • SDN-centric solutions • ...let’s get creative!