Patent Application
20240028416
The present disclosure relates to containerized information handling resources and, more particularly, management of such resources.
As the value and use of information continues to increase, individuals and businesses seek additional ways to process and store information. One option available to users is information handling systems. An information handling system generally processes, compiles, stores, and/or communicates information or data for business, personal, or other purposes thereby allowing users to take advantage of the value of the information. Because technology and information handling needs and requirements vary between different users or applications, information handling systems may also vary regarding what information is handled, how the information is handled, how much information is processed, stored, or communicated, and how quickly and efficiently the information may be processed, stored, or communicated. The variations in information handling systems allow for information handling systems to be general or configured for a specific user or specific use such as financial transaction processing, airline reservations, enterprise data storage, or global communications. In addition, information handling systems may include a variety of hardware and software components that may be configured to process, store, and communicate information and may include one or more computer systems, data storage systems, and networking systems.
Kubernetes has become a very common application platform. To support the large number of applications built on top of Kubernetes, centralized, external cluster management systems must be able to integrate with existing Kubernetes clusters. However, many deployments of Kubernetes are based on vendor-specific implementations, which include not only the Kubernetes core functionality, but also the vendor's platform tools and features. Each of these varied implementations require unique logic and, typically, tooling to manage the cluster infrastructure that supports the Kubernetes implementation. Thus, while conventional Kubernetes cluster management systems permit users to manage the Kubernetes implementation, deploy container-based workloads, and work with Kubernetes-based tools such as kubectl, they do not enable IT administrators to centrally manage external Kubernetes cluster infrastructure.
This deficiency prevents IT administrators from, as examples, scaling cluster infrastructure, either horizontally or vertically and performing Kubernetes version updates. The cluster software has no information about the infrastructure of the hosting platform upon which it is running, thereby eliminating any possibility of the software taking advantage of any platform-specific features and functionality. Instead, the hosting platform is effectively a black box from the software's perspective.
In accordance with teachings disclosed herein, common problems associated with conventional Kubernetes management solutions, including issues identified in the preceding paragraphs, are addressed by systems and methods disclosed herein.
In one aspect, teachings set forth herein disclose a centralized Kubernetes orchestration system containing platform-specific knowledge for one or more managed Kubernetes platforms, including, without limitation, any one or more of VMware Tanzu, Google Kubernetes Engine (GKE), Amazon Elastic Kubernetes Service (EKS), Azure Kubernetes Service (AKS), Red Hat OpenShift, and Docker EE.
Kubernetes orchestration features disclosed herein enable IT administrators to manage not only the Kubernetes deployment itself, but also the configuration of the underlying cluster infrastructure, beneficially enabling centralized management of external Kubernetes clusters using automation with platform-specific tooling. Disclosed methods and systems support tasks including scaling the number and/or size of the cluster nodes up or down, upgrading the Kubernetes version, and adjusting user roles or permissions.
In one aspect, the teachings herein disclose a method for managing remote Kubernetes clusters on one or more managed Kubernetes platforms, e.g. AKS, GKE, Tanzu, etc., with a central orchestrator that includes a plurality of cluster integration interfaces for a corresponding plurality of managed platforms. Prior to invoking the central orchestrator, authentication has been configured for a cluster-admin role bound to a user in the customer organization. A managed Kubernetes platform associated with a remote Kubernetes cluster of interest is selected via one of the cluster integration interfaces. A connection with the managed Kubernetes platform is registered. The connection may include platform account credentials and cluster admin role information, i.e., information corresponding to the authenticated cluster-admin role. A platform-specific microservice (PSM) is then instantiated. The PSM is provisioned with platform-specific logic and tooling. The PSM is configured to connect to the managed Kubernetes platform and retrieve, from the managed Kubernetes platform, an administrative manifest, e.g., a YAML manifest, including one or more administrative artifacts, e.g., pods, services, etc., enabling the central orchestrator to communicate securely with the managed Kubernetes platform and deploy and manage application workloads on the cluster. The cluster of interest may then be imported into the central orchestrator, enabling cluster administrators to invoke the central orchestrator to perform platform-specific management tasks, including cluster infrastructure configuration tasks such as scaling nodes associated with the cluster, updating a Kubernetes version of the cluster, and modifying access/permission roles associated with the cluster. The method may be performed for clusters residing on one or more other managed Kubernetes platforms such that that the central orchestrator provides a single resource enabling cluster administrators to manage all of the customers remote clusters.
In another aspect, the teachings herein disclose an information handling system with a central orchestrator configured to manage remote Kubernetes clusters on one or more managed Kubernetes platforms. The central orchestrator includes a plurality of cluster integration interfaces for a corresponding plurality of managed platforms. Prior to invoking the central orchestrator, authentication has been configured for a cluster-admin role bound to a user in the customer organization. A managed Kubernetes platform associated with a remote Kubernetes cluster of interest is selected via one of the cluster integration interfaces. A connection with the managed Kubernetes platform is registered. The connection may include platform account credentials and cluster admin role information. A PSM provisioned with platform-specific logic and tooling is then instantiated. The PSM is configured to connect to the managed Kubernetes platform and retrieve, from the managed Kubernetes platform, an administrative manifest including one or more administrative artifacts that enable the central orchestrator to communicate securely with the managed Kubernetes platform and deploy and manage application workloads on the cluster. The central orchestrator may then import the cluster of interest to enable cluster administrators to perform platform-specific management tasks, including cluster infrastructure configuration tasks on the cluster. In this manner, the central orchestrator can import one or more clusters from two or more different managed
In accordance with subject matter disclosed in the following description, an information handling system includes
Technical advantages of the present disclosure may be readily apparent to one skilled in the art from the figures, description and claims included herein. The objects and advantages of the embodiments will be realized and achieved at least by the elements, features, and combinations particularly pointed out in the claims.
It is to be understood that both the foregoing general description and the following detailed description are examples and explanatory and are not restrictive of the claims set forth in this disclosure.
A more complete understanding of the present embodiments and advantages thereof may be acquired by referring to the following description taken in conjunction with the accompanying drawings, in which like reference numbers indicate like features, and wherein:
Exemplary embodiments and their advantages are best understood by reference to
For the purposes of this disclosure, an information handling system may include any instrumentality or aggregate of instrumentalities operable to compute, classify, process, transmit, receive, retrieve, originate, switch, store, display, manifest, detect, record, reproduce, handle, or utilize any form of information, intelligence, or data for business, scientific, control, entertainment, or other purposes. For example, an information handling system may be a personal computer, a personal digital assistant (PDA), a consumer electronic device, a network storage device, or any other suitable device and may vary in size, shape, performance, functionality, and price. The information handling system may include memory, one or more processing resources such as a central processing unit (“CPU”), microcontroller, or hardware or software control logic. Additional components of the information handling system may include one or more storage devices, one or more communications ports for communicating with external devices as well as various input/output (“I/O”) devices, such as a keyboard, a mouse, and a video display. The information handling system may also include one or more buses operable to transmit communication between the various hardware components.
Additionally, an information handling system may include firmware for controlling and/or communicating with, for example, hard drives, network circuitry, memory devices, I/O devices, and other peripheral devices. For example, the hypervisor and/or other components may comprise firmware. As used in this disclosure, firmware includes software embedded in an information handling system component used to perform predefined tasks. Firmware is commonly stored in non-volatile memory, or memory that does not lose stored data upon the loss of power. In certain embodiments, firmware associated with an information handling system component is stored in non-volatile memory that is accessible to one or more information handling system components. In the same or alternative embodiments, firmware associated with an information handling system component is stored in non-volatile memory that is dedicated to and comprises part of that component.
For the purposes of this disclosure, computer-readable media may include any instrumentality or aggregation of instrumentalities that may retain data and/or instructions for a period of time. Computer-readable media may include, without limitation, storage media such as a direct access storage device (e.g., a hard disk drive or floppy disk), a sequential access storage device (e.g., a tape disk drive), compact disk, CD-ROM, DVD, random access memory (RAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), and/or flash memory; as well as communications media such as wires, optical fibers, microwaves, radio waves, and other electromagnetic and/or optical carriers; and/or any combination of the foregoing.
For the purposes of this disclosure, information handling resources may broadly refer to any component system, device or apparatus of an information handling system, including without limitation processors, service processors, basic input/output systems (BIOSs), buses, memories, I/O devices and/or interfaces, storage resources, network interfaces, motherboards, and/or any other components and/or elements of an information handling system.
In the following description, details are set forth by way of example to facilitate discussion of the disclosed subject matter. It should be apparent to a person of ordinary skill in the field, however, that the disclosed embodiments are exemplary and not exhaustive of all possible embodiments.
Throughout this disclosure, a hyphenated form of a reference numeral refers to a specific instance of an element and the un-hyphenated form of the reference numeral refers to the element generically. Thus, for example, “device 12-1” refers to an instance of a device class, which may be referred to collectively as “devices 12” and any one of which may be referred to generically as “a device 12”.
As used herein, when two or more elements are referred to as “coupled” to one another, such term indicates that such two or more elements are in electronic communication, mechanical communication, including thermal and fluidic communication, thermal, communication or mechanical communication, as applicable, whether connected indirectly or directly, with or without intervening elements.
Referring now to the drawings, the flow chart of
The method 100 illustrated in
As depicted in
The method 100 illustrated in
The PSM retrieves (operation 122) a Kubernetes manifest, referred to herein as an admin manifest, from a suitable formatted file, e.g., a YAML (yet another markup language) file. As suggested by its name, the admin manifest includes one or more administrative-management artifacts, e.g., pods, services, etc., some or all of which are deployed to the cluster. The admin artifacts enable secure communication with the centralized orchestrator and provide functionality to deploy and manage application workloads on the cluster from the centralized orchestrator. The cluster (and platform) definition is saved in the central orchestration system for access in the future as the user needs to interact with the cluster. After importing the external cluster, the user is free to deploy workloads to the cluster.
Referring now to
The illustrated cluster management system 200 includes an orchestration user interface (OUI) 202 communicatively coupled to central orchestrator 201 and accessible to one or more administrative users 203. The OUI 202 of
Each managed Kubernetes platform 210 may support a unique set of features and, in at least some embodiments, central orchestrator 201 enables, via one or more platform specific microservices 205, the applicable management features on the cluster's hosting platform will be appropriately enabled. For example, if Azure platform 210 is the hosting platform for a cluster of interest 220-1, then at least some AKS-specific features will be enabled for cluster 220-1 within central orchestrator 201. Accordingly, administrator 203 may employ central orchestrator 201 to invoke Azure-specific tools and resources to administer any Azure-hosted cluster, including the supporting infrastructure. Likewise, for Google-hosted clusters 220-2, at least some GKE-specific features would be enabled within central orchestrator 201 via OUI 202.
The illustrated cluster management system 200 beneficially requires no preexisting knowledge regarding any specific Kubernetes distribution. Accordingly, the illustrated cluster management system 200 comprises a centralized cluster manager that enables Kubernetes administrators to apply automated management to the virtualized infrastructure supporting the cluster. Additionally, cluster management system 200 allows for advanced intelligence such as auto scaling infrastructure nodes based on resource thresholds.
Referring now to
This disclosure encompasses all changes, substitutions, variations, alterations, and modifications to the example embodiments herein that a person having ordinary skill in the art would comprehend. Similarly, where appropriate, the appended claims encompass all changes, substitutions, variations, alterations, and modifications to the example embodiments herein that a person having ordinary skill in the art would comprehend. Moreover, reference in the appended claims to an apparatus or system or a component of an apparatus or system being adapted to, arranged to, capable of, configured to, enabled to, operable to, or operative to perform a particular function encompasses that apparatus, system, or component, whether or not it or that particular function is activated, turned on, or unlocked, as long as that apparatus, system, or component is so adapted, arranged, capable, configured, enabled, operable, or operative.
All examples and conditional language recited herein are intended for pedagogical objects to aid the reader in understanding the disclosure and the concepts contributed by the inventor to furthering the art, and are construed as being without limitation to such specifically recited examples and conditions. Although embodiments of the present disclosure have been described in detail, it should be understood that various changes, substitutions, and alterations could be made hereto without departing from the spirit and scope of the disclosure.
