Bose and Kubernetes

Posted Jan 3, 2019 6:18 UTC (Thu) by jaymell (guest, #106443)
Parent article: Bose and Kubernetes

Very nice write-up of the discussion. I found it interesting that Kubernetes 'services' (generally virtual IPs routed with iptables NAT'ing) ended up being discarded relatively quickly in the process of addressing bottlenecks. I have recently been dealing with scaling issues in a Kubernetes-based environment and hadn't seriously considered the bottlenecks the additional NAT'ing might be posing.

Bose and Kubernetes

Posted Jan 3, 2019 7:20 UTC (Thu) by zdzichu (subscriber, #17118) [Link]

In general, networking in Kubernetes seem like a temporary solution promoted to production. K8s started with utilizing iptables' NAT rules. This came about 15 years (!!) after Linux world noticed that iptables is not suitable for highly dynamic environments and started to work on better solutions, like nf-hipac (https://lwn.net/Articles/10951/).

Only quite recently k8s gained support for using IPVS (Linux IP Virtual Server) for networking (https://www.youtube.com/watch?v=4-pawkiazEg, Scale Kubernetes to Support 50,000 Services [I] - Haibin Xie & Quinton Hoole).

It is suprising, for Linux-native container solution to skim over Linux networkinging progress. Over the course of history, kubernetes started with obsolete solution (iptables), ignored nftables, only started to utilize a solution devised in 2002 (ipvs)… but began to flirt with eBPF :-) https://kubernetes.io/blog/2017/12/using-ebpf-in-kubernetes/