Kubernetes has been developing for many years in the cloud-native world and has also evolved numerous specialized projects related to managing its lifecycle, such as Kops and Rancher. VMware, on the other hand, has launched a project named Cluster API to leverage Kubernetes' own capabilities for managing other Kubernetes clusters. This article will briefly introduce the Cluster API project.
Table of Contents
What is Cluster-API?
Cluster API is a subproject of Kubernetes, focused on providing a declarative API and tooling to simplify the provisioning, upgrading, and management of multiple Kubernetes clusters.
Originally developed by the Kubernetes Special Interest Group (SIG) Cluster Lifecycle, it uses Kubernetes-style APIs and patterns to automate the lifecycle management of clusters running on various infrastructure platforms. It includes foundational infrastructure components required for cluster deployment, such as virtual machines, networks, load balancers, and routing, and defines Kubernetes clusters using a model similar to how applications are deployed and managed on Kubernetes. This enables consistent and reproducible cluster deployments across diverse infrastructure environments.
In short, Cluster API uses various Custom Resource Definitions to define a Kubernetes cluster, and corresponding components to fetch these definitions and deploy and manage the associated clusters.
Objective:
- Use the declarative API to manage the full lifecycle of Kubernetes clusters (creation, expansion, upgrade, deletion) across different environments, including local and remote.
- Operate in diverse environments, including on-premises and cloud.
- Define common operations, provide pre-configured implementations, and offer extensible interfaces to support other implementations.
Non-objective:
- Integrate these APIs into the Kubernetes core.
- Manage underlying infrastructure not required by Kubernetes.
- Manage Kubernetes clusters provided by multiple underlying infrastructure providers.
Why use Cluster-API
Cluster-API simplifies managing the Kubernetes lifecycle and makes it easier to operate.
Kubernetes 是一個複雜的系統,而管理整個集群的生命週期是一件更複雜的事情。Cluster-API 能夠使部署和管理多個不同集群變得簡單,可以實現一致並且可重複的集群管理和部署。而投過其提供各種不同 API 的方式,能夠替換本身底層實作模式,讓使用者能夠根據需求替換所需的基礎設施提供者和部署方式等。
Supports multiple cloud providers
Cluster API 在設計時就使用了提供接口的方式給服務提供者撰寫自己的 provider,因此在使用者可以根據自己需求選擇所需的 provider,如 Infrastructure Provider 就有 AWS, Azure, GCP, OpenStack 等。
Limitations of Cluster-API
Security
由於管理集群持有所有被管理的集群的憑證,這使其成為潛在的安全目標。獲得對管理集群的訪問權限可能會給攻擊者進一步獲得對所有集群的訪問權限,特別是如果集群由不同租戶擁有。
Advanced features
一些進階功能目前還沒有被實作,例如身份驗證、備份和還原、日誌/監控等,以及尚未整合其他基本的 add-ons 安裝。
目前這方面在社群中有些討論,詳細可以去看一下 roadmap discussion
Summary
Cluster-API provides a tool that allows users to manage other Kubernetes clusters using Kubernetes' native declarative API. Multiple different providers are already available for users to choose from, but there are still many opportunities to integrate further. Users can explore whether this roadmap also fits their needs, or contribute to further development of the offered model.
Reference
Cluster-API documentation
O'Reilly
Copyright Notice: All articles in this blog are licensed under CC BY-NC-SA 4.0 unless otherwise stated.