- 快召唤伙伴们来围观吧
- 微博 QQ QQ空间 贴吧
- 文档嵌入链接
- 复制
- 微信扫一扫分享
- 已成功复制到剪贴板
Convergence of Virtual Machines and Containers Orchestration
展开查看详情
1 . Convergence of VM and containers orchestration using KubeVirt Chunfu Wen chwen@redhat.com
2 .Agenda ● Context Introduction ● What Is Kubevirt And How It Feel ● Kubevirt Architecture And Design ● Demo #INSERT LC3DESIGNATOR, IF NEEDED
3 .FIRST A LITTLE HISTORY Virtual Machines #INSERT LC3DESIGNATOR, IF NEEDED
4 .FIRST A LITTLE HISTORY A Virtual Machines Containers #INSERT LC3DESIGNATOR, IF NEEDED
5 . Virtualization VS Containers VS VM virtualizes the hardware container isolates the process
6 .VIRTUAL MACHINES VS CONTAINERS Virtual Machine Container Application Application Bins/Libs Bins/Libs Guest OS Container Host Each of these attributes can be a positive or a negative for a given workload. Increasingly organizations have a mix of both. #LC3 INSERT DESIGNATOR, IF NEEDED
7 .EXISTING SYSTEMS TREAT THESE SEPARATELY Container Virtual Machine Virtual Machine Container RHEL RHEL RHEL Physical Machine Physical Machine Physical Machine #INSERT LC3DESIGNATOR, IF NEEDED
8 . WHAT ABOUT EXISTING WORKLOADS? CONTAINER INFRASTRUCTURE AND ORCHESTRATION Container Application and Kubernetes orchestration as provided by OpenShift are A becoming the standard for new applications. VIRTUALIZED WORKLOADS Virtualized Workloads are not going anywhere fast! Business reasons (cost, time to market) and technical reasons (older/different operating system) CONVERGING INFRASTRUCTURE How can we bring these two worlds closer together? #INSERT LC3DESIGNATOR, IF NEEDED
9 .So,if…. ● VMS are just user processes ○ VM and containers already share some isolation technologies ,selinux and cgroup ● Kubernetes manage clustered containers,which are user processes ● Get a converged infrastructure A #INSERT LC3DESIGNATOR, IF NEEDED
10 .Concept of Proof Pod Container Replace Container Virtual Machine #INSERT LC3DESIGNATOR, IF NEEDED
11 .One Typical Benefit Scenario ● Windows guest VM access containerized mysql Pod Service Virtual Machine MySql Container #INSERT LC3DESIGNATOR, IF NEEDED
12 . OpenShift = Enterprise K8s + Docker Build, Deploy and Manage Containerized Apps CONTAINER CONTAINER CONTAINER CONTAINER CONTAINER SELF-SERVICE SERVICE CATALOG (LANGUAGE RUNTIMES, MIDDLEWARE, DATABASES, …) BUILD AUTOMATION DEPLOYMENT AUTOMATION APPLICATION LIFECYCLE MANAGEMENT (CI / CD) CONTAINER ORCHESTRATION & CLUSTER MANAGEMENT (KUBERNETES) LOGS & NETWORKING STORAGE REGISTRY SECURITY METRICS INFRASTRUCTURE AUTOMATION & COCKPIT OCI CONTAINER RUNTIME & PACKAGING ATOMIC HOST / RED HAT ENTERPRISE LINUX # LC3
13 .Enter kubevirt Kubenest+Libvirt? “Virtual Machine management addon to Kubernetes that extends Kubernetes in a way that allows it to schedule VM workloads side by side with container workloads.” #INSERT LC3DESIGNATOR, IF NEEDED
14 .Explore more ● Extends OpenShift/Kubernetes to support orchestration of virtual machine workloads alongside application container workloads in the same cluster. ● Developer centric approach to virtualization that drops directly into existing Openshift/Kubernetes clusters ○ Implemented as a CustomResouceDefinition ● Aims to provide as Kubernetes-native an experience to working with VMs As possible ○ Integrates directly with other Kubernetes concepts (like Persistent Volumes, Pod networking) ○ Manager virtual machines like Pods! ● Scheduling, networking, and storage are all delegated to Kubernetes, while KubeVirt provides the virtualization functionality #INSERT LC3DESIGNATOR, IF NEEDED
15 . How Kubevirt Feel? #INSERT LC3DESIGNATOR, IF NEEDED
16 .FIrst Look At Pod Object kind: Pod What is a Pod? metadata: name: nginx “A pod (as in a pod of whales or pea pod) is a group of one labels: or more containers (such as Docker containers), with name: nginx shared storage/network, and a specification for how to run spec: the containers.” * containers: - name: nginx image: nginx:latest ports: - containerPort: 80 nodeSelector: cpu: fast status: phase: Running * https://kubernetes.io/docs/concepts/workloads/pods/pod/#what-is-a-pod #INSERT LC3DESIGNATOR, IF NEEDED
17 .The VirtualMachine Object kind: VirtualMachine We have the typical Pod like structure: metadata: ● Metadata section name: testvm ● Specification section spec: ● Typical Pod features like domain: ○ nodeSelector devices: ○ affinity type: ● Status section PersistentVolumeClaim device: disk Behind the scene a Pod is created, scheduled and we source: make sure that the VM starts correctly inside. name: myVolumeClaim nodeSelector: cpu: fast status: phase: Running #INSERT LC3DESIGNATOR, IF NEEDED
18 .CustomResourceDefinition:vm-resource.yaml apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition CustomResourceDefinition Extend metadata: the Kubernetes API: creationTimestamp: null ● create a new labels: CustomResourceDefinition (CRD), the kubevirt.io: "" Kubernetes API Server reacts by name: virtualmachines.kubevirt.io creating a new RESTful resource path spec: ● After the CustomResourceDefinition group: kubevirt.io object has been created, you can names: create custom objects. Custom objects kind: VirtualMachine can contain custom fields plural: virtualmachines shortNames: - vm - vms singular: virtualmachine scope: Namespaced validation: #INSERT LC3DESIGNATOR, IF NEEDED
19 .The Typical Kubectl Feeling kind: VirtualMachine Typical Pod commands: metadata: ● kubectl create -f mypodspec.yaml name: testvm ● kubectl delete mypod spec: ● kubectl exec mypod -it /bin/bash domain: devices: Typical Virtual Machine commands: graphics: ● kubectl create -f myvmspec.yaml - type: spice ● kubectl delete testvm consoles: ● kubectl plugin virt console testvm - type: pty ● kubectl plugin virt spice testvm #INSERT LC3DESIGNATOR, IF NEEDED
20 . Architecture #INSERT LC3DESIGNATOR, IF NEEDED
21 .Kubevirt Architecture Internal #INSERT LC3DESIGNATOR, IF NEEDED
22 .Components(1/5) virt-controller: ● This controller is responsible for monitoring the VM (CRDs) and managing the associated pods. Currently the controller will make sure to create and manage the life-cycle of the pods associated to the VM objects. ● A VM object will always be associated to a pod during it's life-time, however, due to i.e. migration of a VM the pod instance might change over time. #INSERT LC3DESIGNATOR, IF NEEDED
23 .Components(2/5) VM (CRD): ● Machine type ● CPU type ● Amount of RAM and vCPUs ● Number and type of NICs #INSERT LC3DESIGNATOR, IF NEEDED
24 .Components(3/5) virt-launcher: ● For every VM object one pod is created. This pod's primary container runs the virt-launcher KubeVirt component. ● Virt launcher will take care to launch a VM process for every pod which is associated to a VM object whenever it is getting scheduled on a host. ● The main purpose of the virt-launcher Pod is to provide the cgroups and namespaces, which will be used to host the VM process. ● Virt-handler signals virt-launcher to start a VM by passing the VM's CRD object to virt-launcher. virt-launcher then uses a local libvirtd instance within its container to start the VM. From there virt-launcher monitors the VM process and terminates once the VM has exited. #INSERT LC3DESIGNATOR, IF NEEDED
25 .Components(4/5) virt-handler: ● Every host needs a single instance of virt-handler. It can be delivered as a DaemonSet. ● Virt-handler is also reactive and is watching for changes of the VM object, once detected it will perform all necessary operations to change a VM to meet the required state. ● Report domain state and spec changes to the cluster. #INSERT LC3DESIGNATOR, IF NEEDED LC3
26 .Components(5/5) libvirtd: ● An instance of libvirtd is present in every VM pod. virt-launcher uses libvirtd to manage the life-cycle of the VM process.. #INSERT LC3DESIGNATOR, IF NEEDED LC3
27 . DEMO INSERT DESIGNATOR, IF NEEDED LC3 # LC3
28 . Deep dive into it INSERT DESIGNATOR, IF NEEDED LC3 # LC3
29 .Workflow: Create and Delete a VM INSERT DESIGNATOR, IF NEEDED LC3 # LC3