Ask Sendai

Red Hat’s Diane Mueller andSebastien Pahldive deep on the Kubernetes Operators at KubeCon 2018. Source: redhat.com

Istio Multicluster is a feature of Istio–the basis of Red Hat OpenShift Service Mesh–that allows for the extension of the service mesh across multiple Kubernetes or Red Hat OpenShift clusters. The primary goal of this feature is to enable control of services deployed across multiple clusters with a single control plane. The main requirement for Istio multicluster to work is that the pods in the mesh and the Istio control plane can talk to each other.

With datacenters spread across the globe, users are increasingly looking at ways to spread their applications and services across multiple locales or clusters. This need is driven by multiple use cases: from providing high availability, spreading load across multiple clusters while being resilient to individual cluster failures; to avoiding provider lock-in by using hybrid cloud … With datacenters spread across the globe, users are increasingly looking at ways to spread their applications and services across multiple locales or clusters.

I’ve provisioned Kubernetes clusters on bare metal before and have some examples here on how it can be done with CoreOS ( Warning the content is rather old now and not maintained ) In the beginning a bunch of tools & methods was considered: For network CNI kube-router was used as I became one of the maintainers for it some time ago after writing most of the metrics for it.

Helm is one of the best things about Kubernetes. (Which is why we talk about it in great depth here.) Rather than setting up an entirely new environment and configuring each kube object manually, you can now use Helm and Helm Charts—the template for different Kubernetes setups—to automate 90% of the work. For more on Helm Charts in full and how they’re designed to be flexible and robust, don’t forget to check out our Spotlight on Helm articles first.

Kiam: Iterating for Security and ReliabilityPaul InglesBlockedUnblockFollowFollowingMay 1Kiam bridges Kubernetes’ Pods with Amazon’s Identity and Access Management (IAM). It makes it easy to assign short-lived AWS security credentials to your application. We created Kiam in 2017 to quickly address correctness issues we had running kube2iam in our production clusters. We’ve made a number of changes to it’s original design to make it more secure, reliable and easier to operate. This article covers a little of the story that led to us creating Kiam and more about what makes it novel.

At Ibotta, we chose kube2iam to assign AWS IAM Roles to containers running in our Kubernetes cluster. Lately, we’ve run into some issues with it—specifically when running a job that scores all of our service repos. This spins up a number of pods in parallel and has often failed to correctly access roles. After further investigation, the future of the project seems to be uncertain and there are other issues logged around race conditions, etc.

The Kubernetes platform’s evolution allows organizations to revisit how they develop new applications using microservices and containers. As with any new technology there can be the temptation to “move everything to containers”, yet history shows the length of such transitions is measured in years, or even decades. With a major part of the current application landscape residing in virtual machines, the mission of the open source KubeVirt project is to re-imagine virtualization in a Kubernetes world – enabling the use of Kubernetes as a converged platform for running and managing both application containers and virtual machines side by side.

Deploying applications to a kubernetes cluster is well defined and can in some cases be as simple as kubectl create -f app.yaml. The user’s story to deploy apps across multiple clusters has not been that simple. How should an app workload be distributed? Should the app resources be replicated into all clusters, or replicated into selected clusters or partitioned into clusters? How is the access to clusters managed? What happens if some of the resources, which user wants to distribute pre-exist in all or fewer clusters in some form.

We come to you with a new Kublr release that brings more automation control for Kubernetes deployment and in multiple environments. Kublr 1.11 is here and we are about to take a closer look at all the new and shiny features. Kublris a Kubernetes ally that delivers an open, easy-to-use, enterprise-grade Kubernetes platform that’s not tied to a single cloud, PaaS or OS and today we welcome its new release.