The container orchestrator landscape

Posted Aug 23, 2022 19:08 UTC (Tue) by NYKevin (subscriber, #129325)
Parent article: The container orchestrator landscape

Speaking as a Google SRE, looking at k8s "from the other side" as it were, my main problem with it is actually not complexity, but terminology. It's *almost* 1:1 equivalent to Borg, except everything has a different name and it's differently opinionated about certain things. For example, in k8s you have pods which own or manage containers, and then you have a ReplicaSet which owns or manages one or more pods. This is all very sensible and reasonable. In Borg, we would say that you have alloc instances (pods) which own or manage tasks (containers), and then you have an alloc (ReplicaSet) which describes one or more alloc instances. The problem is that Borg also describes the set of tasks as a "job," and this has no direct equivalent in k8s.* Worse, Borg lets you dispense with the alloc altogether, so you can just have a "naked" job that consists of a bunch of tasks (containers) with no pod-like abstraction over them. On the one hand, this means that we don't have to configure the alloc if we don't want or need to. On the other hand, it means that we have two ways of doing things. But the real problem is that, when we're talking about Borg informally, we often say "job" instead of "job or alloc" - which is the one Borg term that doesn't really have a clean equivalent in k8s.

The reverse also happens. Borg doesn't let you submit individual alloc instances (pods) or tasks (containers) without wrapping them up in an alloc (ReplicaSet) or job (see above), so if you just want one copy of something, you have to give Borg a template and say "make one copy of it" instead of submitting the individual object directly, and so in practice we mostly speak of "jobs and allocs" rather than "tasks and alloc instances." But in k8s, you can configure one pod at a time if you really want to.

(For more specifics on how Borg works, read the paper: https://research.google/pubs/pub43438/)

* k8s also defines something called a "job," but it's a completely different thing, not relevant here.

The container orchestrator landscape

Posted Aug 23, 2022 19:12 UTC (Tue) by jordan (subscriber, #110573) [Link] (2 responses)

Could you tell us how widely deployed Borg is vs k8s inside of Google? While I was doing research for this piece, I found some folks saying that Google was mostly still on Borg internally, and k8s was only used for a few Google Cloud offerings, but the most recent thing I could find about that was from 2018 and it seemed too out-of-date and questionably sourced to include in the article.

The container orchestrator landscape

Posted Aug 23, 2022 20:39 UTC (Tue) by NYKevin (subscriber, #129325) [Link] (1 responses)

If it's not public, then somebody probably decided that it shouldn't be public, so I don't think I can go into much detail here without asking the mothership for permission. In general however, I would say that we still use Borg for a lot of things. Beyond that, I'm afraid I would have to refer you to Google's rather meager public k8s documentation.

The container orchestrator landscape

Posted Aug 23, 2022 20:43 UTC (Tue) by NYKevin (subscriber, #129325) [Link]

(Note also that journalists can email press@google.com - I have no idea whether they would be willing to answer questions of this nature.)

The container orchestrator landscape

Posted Aug 23, 2022 20:23 UTC (Tue) by dw (guest, #12017) [Link]

My memory is a little feint after 15 years, but I seem to recall a handful of binaries (no more than 4) that could be manually provisioned on a desktop over lunch using a few kilobyte-sized argvs. That has not been my experience of k8s at all, Borg was a much tidier system that had (at least at that stage) not yet succumbed to enterprization or excessive modularity.