Try โ€‚โ€‰HackMD

Contributor's Summit!

@thockin

Coming soon to Kubernetes

  • kube-proxy with IPVS
    • currently beta
  • core DNS
    • currently beta
  • pod "ready++"
    • allow external systems to participate in rolling updates
    • adds configuration to pod to easily verify readiness
    • design agreed upon, alpha (maybe) in 1.11

Ingress

The lowest common-denominator API

  • too many annotations, most non-portable = :-1:
    We expect more!
  • exploring a revamp:
    • up-level the baseline
    • find a better model

Istio

(as a potential solution)

  • maturing rapidly with good APIs and support

Topology and node-local Services

  • demand for node-local but how to go about it?
    • spcial-case topology?
    • client-side choice

Multi-network

Tackling scenarios like NFV
A pod can be in multiple networks at once (though this was not the design)

  • need deeper changes like multiple pod IPs but also need to avoid repeating old mistakes
  • SIG-Network WG designing a PoC โ€“ If interested jump on SIG-network WG weekly call

Net Plugins vs Device Plugins

  • These plugins do not coordinate today and are difficult to work around
  • Resources WG and networking SIG are discussing this challenging problem

Net Plugins, gRPC, Services

  • tighter coupling between netplugins and kube-proxy could be useful
  • kube-proxy daemon set could make things easier

IPv6

  • beta but no support for dual-stack (v4 & v6 at the same time)
  • Need deeper changes like multiple pod IPs (need to change the pod APIโ€“see Multi-network)

Services v3

  • Services + Endpoints have a grab-bag of features which is not ideal
  • Need to start segmenting the "core" API group
    • write API in a way that is more obvious
    • split things out and reflect it in API
  • Opportunity to rethink and refactor:
    • Endpoints -> Endpoint

DNS Reboot

  • We abuse DNS and mess up our DNS schema
    • it's possible to write queries in DNS that take over names
    • @thockin has a doc with more information about the details of this
    • Why can't I use more than 6 web domains? bugzilla circa 1996
  • Changing it is hard (if we care about compatbility)
  • Can we fix DNS spec or use "enlightened" DNS servers

Questions:

  • Consistent mechanism to continue progress but maintain backwards compatability

  • External DNS was not mentioned โ€“ blue/green traffic switching

    • synchronizes kubernetes resources into various Kubernetes services
    • it's in incubator right now (deprecated)
    • unsure of the future trajectory
    • widely used in production
    • relies sometimes on annotations and ingress

  • Device plugins. . .spiraling around and hoping for eventual convergence/simplification

  • Core DNS: prototyping and demonstrations of alternate solutions

    • loss of packets are a problem โ€“ long tail of latency
    • encourage cloud providers to support gRPC

  • Istio can't be required/default: still green

    • today we can't proclaim that Kubernetes must support Istio
    • probably not enough community support this year (not everyone is using it at this point)

  • no comment on kubernetes 2.0 โ€“ no current plan to move here

Take Aways:

  • This is not a comprehensive list of everything that is up and coming
  • A lot of work went into all of these projects
Last changed by 
โ€‰
L
0
1388
Published on HackMD