List of Leading Kubernetes Distributions by Dmitry Netis & Jordan Rupar / 5.21.2020

Total Page:16

File Type:pdf, Size:1020Kb

List of Leading Kubernetes Distributions by Dmitry Netis & Jordan Rupar / 5.21.2020 List of Leading Kubernetes Distributions By Dmitry Netis & Jordan Rupar / 5.21.2020 Q Advisors assembled a list of prominent Kubernetes software distributions leading the container revolution. A "distribution" is a software bundle that incorporates Kubernetes, as well as container orchestration and management tools. Because Kubernetes is a complex piece of software that is difficult to set up, configure, run and maintain, these distributions offer complete solutions for application hosting and life-cycle management that can be run locally or as a cloud-hosted option. Company Description Apache Mesos is a cluster management tool which can manage container orchestration originally created by Twitter and released as an open source. It is being used by companies like eBay, Airbnb, etc. Mesos is a competitor to Kubernetes. It can be used to manage physical servers and virtual machines (VMs) running workloads, as well as containers. It has an efficient framework called Marathon for deploying and managing Kubernetes containers on a Mesos cluster. Canonical has its own Kubernetes distribution, which hails from the makers of Ubuntu Linux, which also runs underneath. The distribution supports both CPU and GPU workloads. Canonical partnered with Rancher Labs, which is a container management platform that manages multiple Kubernetes distribution clusters. CoreOS Tectonic is one of the most prominent Kubernetes distributions advancing container revolution. The CoreOS operating system (formerly Container Linux) enables updates to OS that can be slipped into product environments without taking down other running applications. CoreOS was acquired by IBM Red Hat in early 2019. Docker is the embodiment of containers. Since 2014, Docker has had its own clustering and orchestration system, Docker Swarm, which, until recently, was a main competitor to Kubernetes. Docker’s fortunes changed quite a bit over the years, from leading the container revolution to becoming somewhat of an afterthought after Google open-sourced Kubernetes - and the rest of the industry adopted it. In 2017, Docker announced it would be adding Kubernetes with its Docker Enterprise 2.0 platform, acknowledging that Kubernetes is more suitable than Swarm for managing complex container environments. In 2019, Docker Enterprise was sold to Mirantis. It still has a healthy business with large enterprises, with about a third of Fortune 100 and a fifth of Global 500 companies using Docker Enterprise. Gravity, a production-hardened Kubernetes distribution, comes from Gravitational, the maker of open source Linux distribution. Gravity is positioned as a private SaaS platform or for running Kubernetes-as-a-service on top of bare metal or multiple cloud providers. 1 Q Advisors - List of Leading Kubernetes Distributions Company Description Heptio Kubernetes Subscription (HKS) is a paid support service for enterprises that manages open source Kubernetes configurations and is similar in many ways to Red Hat’s Linux support model. Heptio was founded by the original creators of Kubernetes and acquired by VMware in 2018. Kontena Pharos distribution is an enterprise-grade management tool which comes with consulting and support services, much like Red Hat’s Linux offering. The paid version of the Kubernetes management platform includes a dashboard, distributed storage system, backup, and load balancing, among other features. Pivotal offers an enterprise-grade Kubenetes framework called Pivotal Container Service (PKS), which closely integrates with the VMware virtualization environments. In fact, PKS is a joint VMware-Pivotal project. Its Kubo project is used in Pivotal’s Cloud Foundry to launch and manage Kubernetes clusters. Rancher Labs has incorporated Kubernetes into its container management platform. Rancher 2.0 is a new Kubernetes distribution sitting atop Linux hosts, Docker containers, and Kubernetes nodes, orchestrating all those clusters. It is capable of orchestrating cloud native infrastructure from Amazon EKS (Elastic Container Service for Kubernetes), Google (Kubernetes Engine), Azure (Kubernetes Service), and other clouds. Red Hat OpenShift is a platform-as-a-service offering, originally using Heroku to package applications into containers. It later standardized on Docker for container images and runtime standard and adopted Kubernetes as an orchestration tool. The abstraction and automation layer in OpenShift is used to alleviate a fair amount of administrative burden when deploying Kubernetes. SUSE distribution uses containers-as-a-service platform (SUSE CaaS Platform). It is best known for its Linux distribution, which became popular in Europe. SUSE combines a bare-metal micro OS that runs containers, Kubernetes for container orchestration, a built-in image registry, and cluster configuration tools in one distribution package. SUSE CaaS Platform allows containers to be run across multiple clouds and bare metal data centers. 2.
Recommended publications
  • Myriad: Resource Sharing Beyond Boundaries
    Resource Sharing Beyond Boundaries Mohit Soni Santosh Marella Adam Bordelon Anoop Dawar Ben Hindman Brandon Gulla Danese Cooper Darin Johnson Jim Klucar Kannan Rajah Ken Sipe Luciano Resende Meghdoot Bhattacharya Paul Reed Renan DelValle Ruth Harris Shingo Omura Swapnil Daingade Ted Dunning Will Ochandarena Yuliya Feldman Zhongyue Luo Agenda What's up with Datacenters these days? Apache Mesos vs. Apache Hadoop/YARN? Why would you want/need both? Resource Sharing with Apache Myriad What's running on your datacenter? Tier 1 services Tier 2 services High Priority Batch Best Effort, backfill Requirements Programming models based on resources, not machines Custom resource types Custom scheduling algorithms: Fast vs. careful/slow Lightweight executors, fast task launch time Multi-tenancy, utilization, strong isolation Hadoop and More Support Hadoop/BigData ecosystem Support arbitrary (legacy) processes/containers Connect Big Data to non-Hadoop apps, share data, resources Mesos from 10,000 feet Open Source Apache project Cluster Resource Manager Scalable to 10,000s of nodes Fault-tolerant, no SPOF Multi-tenancy, Resource Isolation Improved resource utilization Mesos is more than Yet Another Resource Negotiator Long-running services; real-time jobs Native Docker; cgroups for years; Isolate cpu/mem/disk/net/other Distributed systems SDK; ~200 loc for a new app Core written in C++ for performance, Apps in any language Why two resource managers? Static Partitioning sucks Hadoop teams fine with isolated clusters, but Ops team unhappy; slow
    [Show full text]
  • Kubernetes Security Guide Contents
    Kubernetes Security Guide Contents Intro 4 CHAPTER 1 Securing your container images and CI/CD pipeline 6 Image scanning 6 What is image scanning 7 Docker image scanning open source tools 7 Open source Docker scanning tool: Anchore Engine 8 Securing your CI/CD pipeline 9 Image scanning in CI/CD 10 CHAPTER 2 Securing Kubernetes Control Plane 14 Kubelet security 14 Access to the kubelet API 15 Kubelet access to Kubernetes API 16 RBAC example, accessing the kubelet API with curl 16 Kubernetes API audit and security log 17 Audit log policies configuration 19 Extending the Kubernetes API using security admission controllers 20 Securing Kubernetes etcd 23 PKI-based authentication for etcd 23 etcd peer-to-peer TLS 23 Kubernetes API to etcd cluster TLS 24 Using a trusted Docker registry 24 Kubernetes trusted image collections: Banning non trusted registry 26 Kubernetes TLS certificates rotation and expiration 26 Kubernetes kubelet TLS certificate rotation 27 Kubernetes serviceAccount token rotation 28 Kubernetes user TLS certificate rotation 29 Securing Kubernetes hosts 29 Kubernetes 2 Security Guide Using a minimal host OS 30 Update system patches 30 Node recycling 30 Running CIS benchmark security tests 31 CHAPTER 3 Understanding Kubernetes RBAC 32 Kubernetes role-based access control (RBAC) 32 RBAC configuration: API server flags 34 How to create Kubernetes users and serviceAccounts 34 How to create a Kubernetes serviceAccount step by step 35 How to create a Kubernetes user step by step 37 Using an external user directory 40 CHAPTER 4 Security
    [Show full text]
  • Is 'Distributed' Worth It? Benchmarking Apache Spark with Mesos
    Is `Distributed' worth it? Benchmarking Apache Spark with Mesos N. Satra (ns532) January 13, 2015 Abstract A lot of research focus lately has been on building bigger dis- tributed systems to handle `Big Data' problems. This paper exam- ines whether typical problems for web-scale companies really benefits from the parallelism offered by these systems, or can be handled by a single machine without synchronisation overheads. Repeated runs of a movie review sentiment analysis task in Apache Spark were carried out using Apache Mesos and Mesosphere, on Google Compute Engine clusters of various sizes. Only a marginal improvement in run-time was observed on a distributed system as opposed to a single node. 1 Introduction Research in high performance computing and `big data' has recently focussed on distributed computing. The reason is three-pronged: • The rapidly decreasing cost of commodity machines, compared to the slower decline in prices of high performance or supercomputers. • The availability of cloud environments like Amazon EC2 or Google Compute Engine that let users access large numbers of computers on- demand, without upfront investment. • The development of frameworks and tools that provide easy-to-use id- ioms for distributed computing and managing such large clusters of machines. Large corporations like Google or Yahoo are working on petabyte-scale problems which simply can't be handled by single computers [9]. However, 1 smaller companies and research teams with much more manageable sizes of data have jumped on the bandwagon, using the tools built by the larger com- panies, without always analysing the performance tradeoffs. It has reached the stage where researchers are suggesting using the same MapReduce idiom hammer on all problems, whether they are nails or not [7].
    [Show full text]
  • Running Legacy VM's Along with Containers in Kubernetes!
    Running Legacy VM’s along with containers in Kubernetes Delusion or Reality? Kunal Kushwaha NTT Open Source Software Center Copyright©2019 NTT Corp. All Rights Reserved. About me • Work @ NTT Open Source Software Center • Collaborator (Core developer) for libpod (podman) • Contributor KubeVirt, buildkit and other related projects • Docker Community Leader @ Tokyo Chapter Copyright©2019 NTT Corp. All Rights Reserved. 2 Growth of Containers in Companies Adoption of containers in production has significantly increased Credits: CNCF website Copyright©2019 NTT Corp. All Rights Reserved. 3 Growth of Container Orchestration usage Adoption of container orchestrator like Kubernetes have also increased significantly on public as well private clouds. Credits: CNCF website Copyright©2019 NTT Corp. All Rights Reserved. 4 Infrastructure landscape app-2 app-2 app-M app-1 app-2 app-N app-1 app-1 app-N VM VM VM kernel VM Platform VM Platform Existing Products New Products • The application infrastructure is fragmented as most of old application still running on traditional infrastructure. • Fragmentation means more work & increase in cost Copyright©2019 NTT Corp. All Rights Reserved. 5 What keeps applications away from Containers • Lack of knowledge / Too complex to migrate in containers. • Dependency on custom kernel parameters. • Application designed for a custom kernel. • Application towards the end of life. Companies prefer to re-write application, rather than directly migrating them to containers. https://dzone.com/guides/containers-orchestration-and-beyond Copyright©2019 NTT Corp. All Rights Reserved. 6 Ideal World app-2 app-2 app-M app-1 app-2 app-N app-1 app-1 app-N VM VM VM kernel VM Platform • Applications in VM and containers can be managed with same control plane • Management/ Governance Policies like RBAC, Network etc.
    [Show full text]
  • Final Report CS 5604: Information Storage and Retrieval
    Final Report CS 5604: Information Storage and Retrieval Integration and Implementation (INT) Team: Alex Hicks, Cherie Poland, Suraj Gupta, Xingyu Long, Yash Mahajan, Mohit Thazhath, Hsinhan Hsieh December 18, 2020 Instructed by Professor Edward A. Fox Virginia Polytechnic Institute and State University Blacksburg, VA 24061 Abstract The first major goal of this project is to build a state-of-the-art information storage, retrieval, and analysis system that utilizes the latest technology and industry methods. This system is leveraged to accomplish another major goal, supporting modern search and browse capabilities for a large collection of tweets from the Twitter social media platform, web pages, and electronic theses and dissertations (ETDs). The backbone of the information system is a Docker container cluster running with Rancher and Kubernetes. Information retrieval and visualization is accomplished with containers in a pipelined fashion, whether in the cluster or on virtual machines, for Elasticsearch and Kibana, respectively. In addition to traditional searching and browsing, the system supports full-text and metadata searching. Search results include facets as a modern means of browsing among related documents. The system supports text analysis and machine learning to reveal new properties of collection data. These new properties assist in the generation of available facets. Recommendations are also presented with search results based on associations among documents and with logged user activity. The information system is co-designed by five teams of Virginia Tech graduate students, all members of the same computer science class, CS 5604. Although the project is an academic exercise, it is the practice of the teams to work and interact as though they are groups within a company developing a product.
    [Show full text]
  • The Dzone Guide to Volume Ii
    THE D ZONE GUIDE TO MODERN JAVA VOLUME II BROUGHT TO YOU IN PARTNERSHIP WITH DZONE.COM/GUIDES DZONE’S 2016 GUIDE TO MODERN JAVA Dear Reader, TABLE OF CONTENTS 3 EXECUTIVE SUMMARY Why isn’t Java dead after more than two decades? A few guesses: Java is (still) uniquely portable, readable to 4 KEY RESEARCH FINDINGS fresh eyes, constantly improving its automatic memory management, provides good full-stack support for high- 10 THE JAVA 8 API DESIGN PRINCIPLES load web services, and enjoys a diverse and enthusiastic BY PER MINBORG community, mature toolchain, and vigorous dependency 13 PROJECT JIGSAW IS COMING ecosystem. BY NICOLAI PARLOG Java is growing with us, and we’re growing with Java. Java 18 REACTIVE MICROSERVICES: DRIVING APPLICATION 8 just expanded our programming paradigm horizons (add MODERNIZATION EFFORTS Church and Curry to Kay and Gosling) and we’re still learning BY MARKUS EISELE how to mix functional and object-oriented code. Early next 21 CHECKLIST: 7 HABITS OF SUPER PRODUCTIVE JAVA DEVELOPERS year Java 9 will add a wealth of bigger-picture upgrades. 22 THE ELEMENTS OF MODERN JAVA STYLE But Java remains vibrant for many more reasons than the BY MICHAEL TOFINETTI robustness of the language and the comprehensiveness of the platform. JVM languages keep multiplying (Kotlin went 28 12 FACTORS AND BEYOND IN JAVA GA this year!), Android keeps increasing market share, and BY PIETER HUMPHREY AND MARK HECKLER demand for Java developers (measuring by both new job 31 DIVING DEEPER INTO JAVA DEVELOPMENT posting frequency and average salary) remains high. The key to the modernization of Java is not a laundry-list of JSRs, but 34 INFOGRAPHIC: JAVA'S IMPACT ON THE MODERN WORLD rather the energy of the Java developer community at large.
    [Show full text]
  • Ovirt and Docker Integration
    oVirt and Docker Integration October 2014 Federico Simoncelli Principal Software Engineer – Red Hat oVirt and Docker Integration, Oct 2014 1 Agenda ● Deploying an Application (Old-Fashion and Docker) ● Ecosystem: Kubernetes and Project Atomic ● Current Status of Integration ● oVirt Docker User-Interface Plugin ● “Dockerized” oVirt Engine ● Docker on Virtualization ● Possible Future Integration ● Managing Containers as VMs ● Future Multi-Purpose Data Center oVirt and Docker Integration, Oct 2014 2 Deploying an Application (Old-Fashion) ● Deploying an instance of Etherpad # yum search etherpad Warning: No matches found for: etherpad No matches found $ unzip etherpad-lite-1.4.1.zip $ cd etherpad-lite-1.4.1 $ vim README.md ... ## GNU/Linux and other UNIX-like systems You'll need gzip, git, curl, libssl develop libraries, python and gcc. *For Debian/Ubuntu*: `apt-get install gzip git-core curl python libssl-dev pkg- config build-essential` *For Fedora/CentOS*: `yum install gzip git-core curl python openssl-devel && yum groupinstall "Development Tools"` *For FreeBSD*: `portinstall node, npm, git (optional)` Additionally, you'll need [node.js](http://nodejs.org) installed, Ideally the latest stable version, be careful of installing nodejs from apt. ... oVirt and Docker Integration, Oct 2014 3 Installing Dependencies (Old-Fashion) ● 134 new packages required $ yum install gzip git-core curl python openssl-devel Transaction Summary ================================================================================ Install 2 Packages (+14 Dependent
    [Show full text]
  • Container and Kernel-Based Virtual Machine (KVM) Virtualization for Network Function Virtualization (NFV)
    Container and Kernel-Based Virtual Machine (KVM) Virtualization for Network Function Virtualization (NFV) White Paper August 2015 Order Number: 332860-001US YouLegal Lines andmay Disclaimers not use or facilitate the use of this document in connection with any infringement or other legal analysis concerning Intel products described herein. You agree to grant Intel a non-exclusive, royalty-free license to any patent claim thereafter drafted which includes subject matter disclosed herein. No license (express or implied, by estoppel or otherwise) to any intellectual property rights is granted by this document. All information provided here is subject to change without notice. Contact your Intel representative to obtain the latest Intel product specifications and roadmaps. The products described may contain design defects or errors known as errata which may cause the product to deviate from published specifications. Current characterized errata are available on request. Copies of documents which have an order number and are referenced in this document may be obtained by calling 1-800-548-4725 or by visiting: http://www.intel.com/ design/literature.htm. Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Learn more at http:// www.intel.com/ or from the OEM or retailer. Results have been estimated or simulated using internal Intel analysis or architecture simulation or modeling, and provided to you for informational purposes. Any differences in your system hardware, software or configuration may affect your actual performance. For more complete information about performance and benchmark results, visit www.intel.com/benchmarks. Tests document performance of components on a particular test, in specific systems.
    [Show full text]
  • Kubernetes As an Availability Manager for Microservice Based Applications Leila Abdollahi Vayghan
    Kubernetes as an Availability Manager for Microservice Based Applications Leila Abdollahi Vayghan A Thesis in the Department of Computer Science and Software Engineering Presented in Partial Fulfillment of the Requirements for the Degree of Master of Computer Science at Concordia University Montreal, Quebec, Canada August 2019 © Leila Abdollahi Vayghan, 2019 CONCORDIA UNIVERSITY SCHOOL OF GRADUATE STUDIES This is to certify that the thesis prepared By: Leila Abdollahi Vayghan Entitled: Kubernetes as an Availability Manager for Microservice Based Applications and submitted in partial fulfillment of the requirements for the degree of Master in Computer Science complies with the regulations of the University and meets the accepted standards with respect to originality and quality. Signed by the final examining committee: ________________________________________________ Chair Dr. P. Rigby ________________________________________________ Internal Examiner Dr. D. Goswami ________________________________________________ Internal Examiner Dr. J. Rilling ________________________________________________ Co-Supervisor Dr. F. Khendek ________________________________________________ Co-Supervisor Dr. M. Toeroe Approved by: ___________________________________ Dr. L. Narayanan, Chair Department of Computer Science and Software Engineering _______________ 2019___ __________________________________ Dr. Amir Asif, Dean, Faculty of Engineering and Computer Science ii ABSTRACT Kubernetes as an Availability Manager for Microservice Based Applications Leila
    [Show full text]
  • Immutable Infrastructure, Containers, & the Future of Microservices
    Immutable infrastructure, containers, & the future of microservices Adam Miller Senior Software Engineer, Red Hat 2015-07-25 What we'll cover in this session ● Define “microservices” ● Define “containers” in the context of Linux systems ● Container Implementations in Linux ● What Immutable Infrastructure is – Example of what Immutable Infrastructure deployment workflow looks like ● Red Hat Enterprise Linux Atomic Host – How RHEL Atomic enables and enhances these concepts ● Kubernetes – Orchestrating the Immutable Infrastructure ● OpenShift – Enabling the development and container building pipeline Microservices Microservices are not entirely new. ● The vocabulary term is “new-ish” (2012 – James Lewis and Martin Fowler) ● The idea is very old – Microkernels have existed since the 1980s – Could argue that system admins have been doing this with shell scripts and pipes for years ● Applying this concept to services higher in Monolithic Kernel Microkernel the stack is a newer trend based Operating System based Operating System – Application Heavily influenced by popular technologies System Call such as web microframeworks and containers. user mode VFS IPC, File System Application UNIX Device File IPC Server Driver Server Scheduler, Virtual Memory kernel mode Device Drivers, Dispatcher, ... Basic IPC, Virtual Memory, Scheduling Hardware Hardware What are Microservices? ● Services, “the UNIX Way” – Do one thing, do it well. – Decouple tightly coupled services, make the architecture more modular. ● Loosely coupled services using programming language agnostic APIs for communication – Example: REST APIs The mythical cloud The mythical cloud Micro services Containers What are containers? ● Operating-system-level Virtualization – We (the greater Linux community) like to call them “containers” ● OK, so what is Operating-system-level Virtualization? – The multitenant isolation of multiple user Traditional OS Containers space instances or namespaces.
    [Show full text]
  • Kubernetes As an Availability Manager for Microservice Applications
    Kubernetes as an Availability Manager for Microservice Applications Leila Abdollahi Vayghan Mohamed Aymen Saied Maria Toeroe Ferhat Khendek Engineering and Computer Engineering and Computer Ericsson Inc. Engineering and Computer Science Science Montreal, Canada Science Concordia University Concordia University [email protected] Concordia University Montreal, Canada Montreal, Canada Montreal, Canada [email protected] [email protected] [email protected] Abstract— The move towards the microservice based services that can be deployed and scaled independently by fully architecture is well underway. In this architectural style, small and automated deployment machinery, with minimum centralized loosely coupled modules are developed, deployed, and scaled management [2]. Microservices are built around separate independently to compose cloud-native applications. However, for business functionalities. Each microservice runs in its own carrier-grade service providers to migrate to the microservices process and communicates through lightweight mechanisms, architectural style, availability remains a concern. Kubernetes is often using APIs [3]. Microservices address the drawbacks of an open source platform that defines a set of building blocks which monolithic applications. They are small and can restart faster at collectively provide mechanisms for deploying, maintaining, the time of upgrade or failure recovery. Microservices are scaling, and healing containerized microservices. Thus, loosely coupled, and failure of one microservice will not affect Kubernetes hides the complexity of microservice orchestration while managing their availability. In a preliminary work we other microservices of the system. The fine granularity of this evaluated Kubernetes, using its default configuration, from the architectural style makes the scaling more flexible and more availability perspective in a private cloud settings.
    [Show full text]
  • A Single Platform for Container Orchestration and Data Services
    A SINGLE PLATFORM FOR CONTAINER ORCHESTRATION AND DATA SERVICES MESOSPHERE DC/OS WITH KUBERNETES EASES ENTERPRISE ADOPTION OF NEW TECHNOLOGIES FOR DIGITAL TRANSFORMATION EXECUTIVE SUMMARY Digital disruption is occurring across many industries as technology improvements, ranging from mobile and social to Internet of Things (IoT), are shifting customer behavior and market context. Enterprises mastering digital business technologies are positioned to take advantage of this trend, while poorly equipped incumbents are left behind. This is so widely recognized that achieving a faster pace of innovation is commonly considered a mission-critical investment. Achieving the goals of the investment depends on an organization’s ability to rapidly: ● Iterate in application development – continuously delivering improvements, ● Extract value from data – focused on immediate decision making and response with “fast data” as well as in-depth analytical investigation with “big data”. Best practice rapid application development requires the use of tools like Kubernetes, which serves as a container orchestrator supporting cloud-native methods of continuous deployment, DevOps, and microservices architecture for running stateless applications such as web and application servers. To maximize value from an organization’s data in determining insights and actions requires another set of tools from a diverse, evolving set of stateful (i.e. data store) applications like Spark, Cassandra, and Kafka. Open source tools and cloud computing are a great start, but their rate of change and complexity to operate (i.e. upgrade, scale, etc.) are challenging for most organizations to embrace. Organizations commonly seek a platform integrating a set of tools into a solution. The struggle has been to find a platform that addresses ease of running both cloud-native, stateless applications and data-intensive, stateful applications.
    [Show full text]