E4 Container Platform

Kubernetes is a container management system originally developed in Google’s labs. In 2015, Google released Kubernetes as open-source, giving the source code to the Cloud Native Computing Foundation (CNCF), a vendor-agnostic nonprofit organization which manages the development, maintenance and evolution of the principal projects in the area of container technology and gathers the best developers, vendors and end users on a global scale. To date, 80,000 different developers have collaborated on the development of projects managed by the CNCF.

In brief, Kubernetes enables container technology to be placed into operation, automating and simplifying the daily workflow associated with containers themselves. First of all, Kubernetes automates deployment, scaling (scalability) and the management of containerized applications on a server cluster (bare metal or virtual). Kubernetes also enables the automatic management and monitoring of base container infrastructure (CPUs, RAM, storage, network, etc.), the centralizing of logs, and alert setting at various levels.

The deployment of a single container on a notebook, workstation or server is fairly simple today, but the situation gets complicated when it is a question of executing multi-container applications in a production environment: one can end up having to deal with hundreds or even thousands of containers, in cases in which various applications are used which were developed following the principles of micro-service architecture. All these containers must be distributed, managed and interconnected with the outside world, and the complexity of deployment, scheduling and load balancing operations grows exponentially. To think of managing these operations in manual mode means having to allocate many human resources to this type of activity, with the almost mathematical certainty that sooner or later something will go wrong! It’s thus obvious why there is the need for an “infrastructure” able to orchestrate containers, the main function of Kubernetes.

• Cost reduction: containers are isolated “packages” which include everything the application needs to execute. More containers can share the same operating system and the same network connection. This approach is much more efficient compared to the creation of a virtual machine with its own operating system for each application. Containers are light, isolated from each other, efficient (they access HW resources directly) and take up fewer resources, contributing to data center (and hardware) cost optimization.
• Ease of use and portability: The isolation which container technology offers permits the execution of containerized applications in the same way in very different environments: from laptops to any public cloud, on virtual machines or bare metal. The same container can be copied in development, test and production environments and will continue to work in the same way, significantly simplifying software development and release processes with a resulting faster time-to-market. This aspect offers opportunities which, at a first glance, may not be very evident: if the company’s goal is to improve customer relations, containerization gives you the possibility to quickly respond to customer requests to correct a bug, for example, or to introduce new functionality which your customers will naturally appreciate.
• Scalability and modularity: containers can be made operational in very short timeframes; this permits the instant scaling of a containerized application to respond to a sudden increase in the load generated from user requests, for example. Containers also make the task of subdividing a complex application into many single interconnected components, each with its own specific function, very easy; it is thus possible to update and scale the components in an independent manner.

• A mature, tested architecture: The design of the current version of Kubernetes is based on the significant operating experience of over 10 years of use delivering Google’s main services (especially Gmail and YouTube): the experience of Google engineers who contributed to maintaining the largest container platform in the world!
• Exceptional community support: the widespread adoption and constant growth in popularity of Kubernetes have favored the development of a large community of active users and developers as well as the support of the main leaders in the ITC market and public cloud providers.
• Advanced functionality: Kubernetes supports a wide range of workloads, permitting easy stateless and stateful hosting or hosting which requires the processing of large quantities of data. The flexibility of Kubernetes permits optimal support of a wide range of use cases and the hosting of the most complex applications.
• Portability: Kubernetes is 100% open-source and can be distributed across any infrastructure, permitting the deployment and management of containerized applications in one or more public or private cloud environments, in dedicated virtual machines or bare metal systems. Kubernetes avoids infrastructure and cloud provider lock-in and makes it possible to implement hybrid-cloud and multi-cloud configurations.
• Scalability: Kubernetes ensures high efficiency in infrastructure resource use and offers scalability on different levels:
  • Horizontal scalability: it’s possible to add or remove new servers easily in a Kubernetes infrastructure to optimally manage computing and storage resources available to workloads.
  • Automatic scalability: in a Kubernetes infrastructure, it is possible to automatically modify the number of operating containers serving any workload based on CPU use or other metrics described in the application deployment phase.
  • Replication scalability: the “Replica Controller” verifies that the cluster has a specified number of pods available to it (a group of containers) which are equivalent in execution. If too many pods are present, the Replica Controller terminates the unnecessary pods, otherwise it starts the missing pods.
• High Reliability: Kubernetes can be configured in an infrastructure without a single point of failure and is planned to ensure high availability of the applications it hosts, through:
  • Health check & Self-Healing: Kubernetes is able to protect applications it hosts against failures, constantly monitoring the state of health of cluster nodes and operating containers; Kubernetes also offers self-healing and auto-replacement functionality: if a container or a pod fails because of an error, Kubernetes automatically restores it. 
  • Load Balancing: Kubernetes is equipped with integrated load balancing services which automatically handle load balancing among pods, permitting the rapid rebalancing of resources to respond to peaks in incidental traffic
• Designed for Devops: one of the main advantages of container technology is its ability to accelerate the software development, testing and release process. Kubernetes is designed for “continuous deployment” and offers various functionalities which are useful for this purpose:
  • Automatic Rollout and rollback: performing a deployment of a new version of applications is a simple and secure process: Kubernetes manages the operation ensuring no user downtime; thanks to constant monitoring of the integrity of the container, Kubernetes is able to monitor the state of the new version during an update and to “turn off” the old one only when the new one is functioning perfectly. In case of error, the infrastructure automatically executes a rollback.
  • Canary Deployment: Kubernetes permits the testing of a new deployment in production in parallel with the prior version, before putting the new version online and deleting the old one
• Security: Kubernetes also offers various functionalities to secure the applications or services it hosts, for example ensuring that sensitive information (such as passwords or SSH keys) is saved in a secure manner in “Kubernetes secrets”, outside the running containers

From the point of view of architectural choices, Kaptain is available in 3 distinct flavors: SS, LS and DS and 3 different sized resources: Small, Medium and Large

The SS (Shared external Storage) flavor is characterized by an unlimited number of node workers in which the storage component is provided by NFS devices outside the infrastructure but connected to it. The SS flavor thus relies on three shared storage areas.

Il flavour LS (Local software defined Storage) invece prevede che ognuno dei nodi worker abbia a bordo dischi dedicati all’erogazione di volumi ed il componente software Rook che ne consente la fruizione da parte dei container applicativi che girano sui medesimi nodi. Nel taglio LS abbiamo la presenza di uno storage software defined anche se non ancora distribuito.

Il flavour DS (Distributed software defined Storage) ospita a bordo di ognuno dei nodi anche Ceph, prodotto di software defined storage che consente di astrarre la componente disco resa disponibile da ogni worker e farla accedere dagli applicativi containerizzati.

High Performance Platform: E4 means “When Performance Matters”. This motto has been so internalized by our engineers that, when they designed the E4 Container Platform, they worked keeping in mind the most burdensome containerized workloads in terms of resources. The result was a design which uses key components typical of HPC infrastructure such as all-flash disks, GPUs and high performance networking. The result is a platform which is able to access powerful high speed distributed storage resources which are able to use the GPUs for the workloads they support efficiently.

Easy & powerful UI: The E4 container Platform, in addition to classic terminal tools (kubectl), provides a powerful graphic interface which is accessible from the web, both for the user and the administrator; thanks to the deployment of Rancher Server (version 2.3.5, in a high reliability configuration) within the infrastructure, the user has an interface which simplifies the most complex operations and provides access to a rich catalogue of open-source applications which can be installed with a simple mouse click.

Integrability: the E4 Container Platform is designed to be integrated easily with the customer’s data center services, ensuring the possibility of using both pre-existing authentication systems (AD, LDAP, openID, etc.), and NAS type storage resources.

Monitoring and Metering: The E4 Container Platform integrates infrastructure for distributed monitoring and logging of all the cluster subsystems and workloads hosted by it. The components which have been integrated to offer this functionality are Grafana, Prometeous and InfluxDB, all configured to be able to use a small subset of available resources to the maximum in order to not affect the efficiency of the application and service workloads distributed on the platform.

Storage Orchestration: the E4 Container platform can be configured for use in self-provisioning of external storage resources (NFS) or to integrate distributed storage systems based on high performance Ceph or GlusterFS thanks to the used of NVMe technologies and low latency, high bandwidth interconnections. The integrated storage resources are naturally horizontally scalable and can be configured so that users can allocate them in self-provisioning mode for their workload. 

Storage Orchestration: the E4 Container platform can be configured for use in self-provisioning of external storage resources (NFS) or to integrate distributed storage systems based on high performance Ceph or GlusterFS thanks to the used of NVMe technologies and low latency, high bandwidth interconnections. The integrated storage resources are naturally horizontally scalable and can be configured so that users can allocate them for their workload in self-provisioning mode.