Wie im Dezember-Newsletter bereits angekündigt, haben wir unser Deployment und die Verwaltung der NETWAYS Managed Kubernetes® Cluster umgestellt. Als Ablöse des vom OpenStack Projekt betriebenen Magnum haben wir uns für das Gardener Projekt entschieden.
Our Reasons for Migrating
When OpenStack Magnum was developed, it was not yet clear which container orchestrator would be the most widely used in the long term. In addition to Kubernetes, Magnum therefore also supports Mesos and Swarm in order to offer a platform that is as open and flexible as possible. This versatility is still reflected today in the API, which is deliberately not tailored exclusively to Kubernetes. In the course of the further development of NETWAYS Managed Kubernetes®, however, we wanted to leverage the strengths of Kubernetes in a more targeted manner and simplify the management of a large number of clusters.
Durch die Migration zu Gardener profitieren wir von einer zielgerichteten, auf Kubernetes zugeschnittenen Architektur, die die tägliche Arbeit mit vielen zu verwaltenden Clustern wesentlich effizienter macht. Gleichzeitig erhalten wir ein modernes, deklaratives Bereitstellungs‑ und Upgrade‑Modell, das sowohl die Zuverlässigkeit als auch die Skalierbarkeit unseres Managed Kubernetes Angebots verbessert.
Why Gardener for Managed Kubernetes?
In fact, a new driver for Magnum has been available for some time now, which takes over the management of managed Kubernetes clusters via ClusterAPI. Although this would also have been an option, the management does not go far enough for us. We would therefore not be able to replace Magnum’s API.
ClusterAPI ist eine sehr gute Technologie, um Cluster zu verwalten. Allerdings managen die Cluster nur sich selbst. Es gibt kein Management für CloudController, CSI-, sowie CNI-Treiber. All dies müsste eigenständig überwacht und eingerichtet werden. Zumindest die Installation würde durch Magnum mit dem neuen Treiber abgenommen werden, allerdings deckt Magnum einige alltägliche Verwaltungsprozesse weiterhin nicht ab.
This is where Gardener comes into play. Gardener takes over the entire lifecycle of the NETWAYS Managed Kubernetes® clusters and manages the aforementioned components as well as installation and upgrades. Each individual component is monitored holistically:
If the user removes or modifies a resource managed by us in their cluster, Gardener notices and corrects this directly. This not only saves us a lot of work, but also helps you as a customer, as the status of the Managed Kubernetes cluster always corresponds to the defined status; there are no deviations.
If there are problems, Gardener corrects them automatically or alerts us immediately if it cannot fix them itself. This allows us to proactively take care of operating your cluster.
In addition, Gardener offers us the opportunity to write extensions/integrations to offer you extended services as part of NETWAYS Managed Kubernetes®. Feel free to contact us if you have any specific ideas and visions, we would be happy to implement them for you!
What Will Change for You in NETWAYS Managed Kubernetes?
Nothing will change for existing clusters. The Managed Kubernetes® clusters managed by OpenStack Magnum will continue to be provided with upgrades and we will maintain the existing support for a long time to come. If a migration to NETWAYS Managed Kubernetes® v2 becomes necessary in the future, we will communicate this in advance.
For new Managed Kubernetes clusters created in a Gardener project in MyNWS, there are a few new features, most of which bring immediate improvements:
- High availability: All NETWAYS Managed Kubernetes® v2 clusters are highly available. Thanks to the abstracted control plane, you will no longer see them in your cluster.
- Encryption: Secrets are automatically encrypted in etcd in NETWAYS Managed Kubernetes® v2 clusters (encryption at rest).
- Certificates and keys: All certificates and keys used by NETWAYS Managed Kubernetes® v2 clusters (e.g. for CA, etcd encryption, token creation) can be easily rotated if required.
- Dynamic scaling: By abstracting the control plane in Managed Kubernetes® v2 clusters, it can be dynamically scaled and adapted to the workload in your cluster. The same naturally applies to your worker pools.
- Cilium als Default-CNI: Mit Cilium bieten wir in NETWAYS Managed Kubernetes® v2 jetzt den Industriestandard in Sachen Containernetzwerk als Default-CNI an. Benötigst du kube-proxy (bspw. für Istio Service Mesh), kannst du alternativ Calico als CNI nutzen.
- NetworkPolicies: Gardener automatically installs some NetworkPolicies in your cluster, which protect administrative applications against east-west traffic.
Otherwise, there is nothing else to consider – NETWAYS Managed Kubernetes® v2 is still a CNCF Certified Kubernetes solution and behaves as you are used to and expect.
And Now?
Falls du bereits ein bestehendes Kubernetes Projekt hast, musst du ein neues Kubernetes Projekt in MyNWS anlegen, um die neuen Features in NETWAYS Managed Kubernetes® v2 nutzen zu können. In deinem neuen Projekt kannst du wie gewohnt neue Cluster anlegen und NETWAYS Managed Kubernetes® v2 erkunden.
For more information, take a look at our docs, where we have summarized the most important differences and innovations.
0 Comments