By Suhang
The management of devices and applications in data centers is a complex and challenging task, primarily due to the following difficulties:
• Complex network topology
• Diverse heterogeneous devices
• Difficulty in achieving unified O&M and monitoring
• Low resource utilization
Alibaba Cloud Container Service for Kubernetes (ACK) Edge (ACK Edge) provides a distributed cloud-native platform that hosts the standard Kubernetes control plane in the cloud, enabling devices distributed across one or more data centers to be uniformly integrated into a single cluster.
ACK Edge provides the following benefits:
• Unified container network plane: ACK Edge provides a unified application network plane through CNI plug-ins.
• Higher resource utilization: ACK Edge dynamically allocates workloads according to application requirements through the scheduling capabilities of the containerized platform.
• Unified management interface: ACK Edge enables deployment, monitoring, and O&M of applications through the API server.
• Elastic scalability: ACK Edge achieves scaling of ECS, ECI, and other elastic computing instances through node pools in the cloud.
As the complexity and flexibility requirements for network connectivity increase during the construction of distributed containerized platforms, CNI plug-ins become crucial for building efficient, secure, and flexible container networks. Common CNI plug-ins include Calico, Flannel, and Cilium.
In distributed cloud container platforms, common CNI plug-ins adopt an overlay model. Specifically, they build a virtual network based on the existing physical network, and encapsulate packets within network tunnels using tunneling protocols such as VXLAN or Wireguard. This approach does not require complex configurations of the underlying physical network. However, the intricate encapsulation by tunneling protocols reduces the efficiency and throughput of container network communications. Additionally, this leads to drawbacks such as layered separation between the container network plane and the physical network plane, as well as poor configurability.
Terway Edge is an underlay container network solution provided by ACK Edge for distributed cloud scenarios. It directly communicates between containers through physical routes and switches without encapsulating data packets. This greatly reduces overhead and improves throughput. It supports efficient, scalable, and stable container network communication in distributed cloud scenarios, as shown in the following figure.
In the cloud-edge collaboration architecture, an ACK cluster can be divided into two parts: the cloud VPC (Virtual Private Cloud) and the edge IDC (Internet Data Center).
In a cloud VPC, each pod container is assigned an internal IP address of the VPC. Containers communicate with each other through vSwitches and virtual route tables.
In an edge IDC, each pod container is assigned a virtual IP address, and a route is configured on the node. Containers communicate with each other through the host network stack and switches of nodes. In addition, the Terway Edge plug-in supports designating certain nodes within a local area network as route publishers, which publish container routes to switches using the Border Gateway Protocol (BGP). This enables communication between containers in complex network topologies.
The advantages of Terway Edge compared with general overlay container networks:
• Terway Edge boosts network communication efficiency and throughput by more than 15%.
• Terway Edge supports a smoother transition of services from traditional architectures to cloud-native architectures.
• Terway Edge seamlessly integrates with a richer variety of cloud products, such as ECI and load balancers.
• Terway Edge provides greater flexibility for network communication both inside and outside the cluster.
Now, let's take a look at a real-world use case to see how the network capabilities of Terway Edge can be utilized.
This customer is mainly engaged in AI model training and inference services. They adopted ACK Edge to manage both their cloud-based ECS instances and on-premises IDC resources uniformly. Cloud ECS instances primarily handle inference tasks and control plane components for AI training, while the data center focuses on AI training jobs.
Their network requirements include:
• High-efficiency network transmission for AI training.
• Dependence on cloud products such as AI suites and load balancers for AI inference services.
• The need for client-side developer devices to access pod containers within the cluster for operations like maintenance, debugging, and monitoring.
By adopting the Terway Edge network plug-in, the customer achieved the following benefits:
• The Terway Edge plug-in enables the container network and the host network to be on the same network plane. This allows the customer's business to smoothly transition from traditional bare-metal training environments to containerized infrastructure, enabling seamless integration with various cloud products.
• The Terway Edge plug-in ensures that client-side developers can directly operate pod containers in the cluster to improve R&D efficiency.
How to Build a High-availability Architecture Based on Alibaba Cloud Service Mesh
A Flexible Serverless Elasticity Solution for Workload-level Management
194 posts | 33 followers
FollowAlibaba Container Service - November 21, 2024
Alibaba Clouder - April 26, 2021
Alibaba Cloud Native Community - November 5, 2020
Alibaba Container Service - April 12, 2024
Alibaba Cloud New Products - September 11, 2020
Alibaba Clouder - July 15, 2020
194 posts | 33 followers
Follow
Container Service for Kubernetes
Alibaba Cloud Container Service for Kubernetes is a fully managed cloud container management service that supports native Kubernetes and integrates with other Alibaba Cloud products.
Learn More
ACK One
Provides a control plane to allow users to manage Kubernetes clusters that run based on different infrastructure resources
Learn More
Container Registry
A secure image hosting platform providing containerized image lifecycle management
Learn More
Cloud-Native Applications Management Solution
Accelerate and secure the development, deployment, and management of containerized applications cost-effectively.
Learn MoreMore Posts by Alibaba Container Service
