Adding documentation for Topology Aware Hints
This commit is contained in:
Rob Scott
parent
be14fc367d
commit
b9ec368cfc
|
|
@ -15,7 +15,16 @@ weight: 10
|
|||
|
||||
<!-- overview -->
|
||||
|
||||
{{< feature-state for_k8s_version="v1.17" state="alpha" >}}
|
||||
{{< feature-state for_k8s_version="v1.21" state="deprecated" >}}
|
||||
|
||||
{{< note >}}
|
||||
|
||||
This feature, specifically the alpha topologyKeys API, is deprecated in
|
||||
Kubernetes v1.21. [Topology Aware
|
||||
Hints](/docs/concepts/services-networking/topology-aware-hints) was introduced
|
||||
in Kubernetes v1.21 and provides similar functionality.
|
||||
|
||||
{{</ note >}}
|
||||
|
||||
_Service Topology_ enables a service to route traffic based upon the Node
|
||||
topology of the cluster. For example, a service can specify that traffic be
|
||||
|
|
|
|||
|
|
@ -0,0 +1,156 @@
|
|||
---
|
||||
reviewers:
|
||||
- robscott
|
||||
title: Topology Aware Hints
|
||||
content_type: concept
|
||||
weight: 10
|
||||
---
|
||||
|
||||
|
||||
<!-- overview -->
|
||||
|
||||
{{< feature-state for_k8s_version="v1.21" state="alpha" >}}
|
||||
|
||||
_Topology Aware Hints_ enable topology aware routing by including suggestions
|
||||
for how clients should consume endpoints. This approach adds metadata to enable
|
||||
consumers of Endpoint(Slice) to be able to route traffic closer to where it is
|
||||
originated. For example, users can route traffic within a locality to reduce
|
||||
costs and improve performance.
|
||||
|
||||
<!-- body -->
|
||||
|
||||
## Motivation
|
||||
|
||||
Kubernetes clusters are increasingly deployed in multi-zone environments.
|
||||
_Topology Aware Hints_ provides a mechanism to help keep traffic within the zone
|
||||
it originated from. This concept is commonly referred to as "Topology Aware
|
||||
Routing". When calculating the endpoints for a Service, the EndpointSlice
|
||||
controller considers the topology (region and zone) of each endpoint and
|
||||
populates the hints field to allocate it to a zone. These hints are then
|
||||
consumed by components like kube-proxy as they configure how requests are
|
||||
routed.
|
||||
|
||||
## Using Topology Aware Hints
|
||||
|
||||
You can enable Topology Aware Hints for a Service by setting the
|
||||
`service.kubernetes.io/topology-aware-hints` annotation to `auto`. This tells
|
||||
the EndpointSlice controller to set topology hints if it is deemed safe.
|
||||
Importantly, this does not guarantee that hints will always be set.
|
||||
|
||||
## How it Works
|
||||
|
||||
The functionality enabling this feature is split into two components: The
|
||||
EndpointSlice controller and Kube-Proxy. This provides a high level overview of
|
||||
how each component implements this feature.
|
||||
|
||||
### EndpointSlice controller
|
||||
|
||||
The EndpointSlice controller is responsible for setting hints on EndpointSlices
|
||||
when this feature is enabled. The controller allocates a proportional amount of
|
||||
endpoints to each zone. This proportion is based on the
|
||||
[allocatable](/docs/tasks/administer-cluster/reserve-compute-resources/#node-allocatable)
|
||||
CPU cores for nodes running in that zone. For example, if one zone had 2 CPU
|
||||
cores and another zone only had 1 CPU core, the controller would allocated twice
|
||||
as many endpoints to the zone with 2 CPU cores.
|
||||
|
||||
The following example shows what an EndpointSlice looks like when hints have
|
||||
been populated:
|
||||
|
||||
```yaml
|
||||
apiVersion: discovery.k8s.io/v1
|
||||
kind: EndpointSlice
|
||||
metadata:
|
||||
name: example-hints
|
||||
labels:
|
||||
kubernetes.io/service-name: example-svc
|
||||
addressType: IPv4
|
||||
ports:
|
||||
- name: http
|
||||
protocol: TCP
|
||||
port: 80
|
||||
endpoints:
|
||||
- addresses:
|
||||
- "10.1.2.3"
|
||||
conditions:
|
||||
ready: true
|
||||
hostname: pod-1
|
||||
zone: zone-a
|
||||
hints:
|
||||
forZones:
|
||||
- name: "zone-a"
|
||||
```
|
||||
|
||||
### Kube-Proxy
|
||||
|
||||
Kube-Proxy filters the endpoints it routes to based on the hints set by the
|
||||
EndpointSlice controller. In most cases, this means that kube-proxy will route
|
||||
to endpoints in the same zone. Sometimes the controller allocates endpoints from
|
||||
a different zone to ensure more even distribution of endpoints between zones.
|
||||
This would result in some traffic being routed to other zones.
|
||||
|
||||
## Safeguards
|
||||
|
||||
The Kubernetes control plane and the kube-proxy on each node apply some
|
||||
safeguard rules before using Topology Aware Hints. If these don't check out,
|
||||
kube-proxy selects endpoints from anywhere in your cluster, regardless of the
|
||||
zone.
|
||||
|
||||
1. **Insufficient number of endpoints:** If there are less endpoints than zones
|
||||
in a cluster, the controller will not assign any hints.
|
||||
|
||||
2. **Impossible to achieve balanced allocation:** In some cases, it will be
|
||||
impossible to achieve a balanced allocation of endpoints among zones. For
|
||||
example, if zone-a is twice as large as zone-b, but there are only 2
|
||||
endpoints, an endpoint allocated to zone-a may receive twice as much traffic
|
||||
as zone-b. The controller wil not assign hints if it can't get this "expected
|
||||
overload" value below an acceptable threshold for each zone. Importantly this
|
||||
is not based on real-time feedback. It is still possible for individual
|
||||
endpoints to become overloaded.
|
||||
|
||||
3. **One or more Nodes has insufficient information:** If any node does not have
|
||||
a `topology.kubernetes.io/zone` label or is not reporting a value for
|
||||
allocatable CPU, the control plane does not set any topology-aware endpoint
|
||||
hints and so kube-proxy does not filter endpoints by zone.
|
||||
|
||||
4. **One or more endpoints does not have a zone hint:** When this happens,
|
||||
kube-proxy assumes that a transition from or to Topology Aware Hints is
|
||||
underway. Filtering endpoints for a Service in this state would be dangerous
|
||||
so Kube-Proxy falls back to using all endpoints.
|
||||
|
||||
5. **A zone is not represented in hints:** If kube-proxy is unable to find at
|
||||
least one endpoint with a hint targeting the zone it is running in, it will
|
||||
fall back to using endpoints from all zones. This is most likely to happen as
|
||||
a new zone is being added to a cluster.
|
||||
|
||||
## Constraints
|
||||
|
||||
* Topology Aware Hints are not used when either `externalTrafficPolicy` or
|
||||
`internalTrafficPolicy` is set to `Local` on a Service. It is possible to use
|
||||
both features in the same cluster on different Services, just not on the same
|
||||
Service.
|
||||
|
||||
* This approach will not work well for Services that have a large proportion of
|
||||
traffic originating from a subset of zones. Instead this assumes that incoming
|
||||
traffic will be roughly proportional to the capacity of the Nodes in each
|
||||
zone.
|
||||
|
||||
* The EndpointSlice controller ignores unready nodes as it calculates the
|
||||
proportions of each zone. This could have unintended consequences if a large
|
||||
portion of nodes are unready.
|
||||
|
||||
* The EndpointSlice controller does not take into account {{< glossary_tooltip
|
||||
text="tolerations" term_id="toleration" >}} when deploying calculating the
|
||||
proportions of each zone. If the Pods backing a Service are limited to a
|
||||
subset of Nodes in the cluster, this will not be taken into account.
|
||||
|
||||
* This may not work well with autoscaling. For example, if a lot of traffic is
|
||||
originating from a single zone, only the endpoints allocated to that zone will
|
||||
be handling that traffic. That could result in {{< glossary_tooltip
|
||||
text="Horizontal Pod Autoscaler" term_id="horizontal-pod-autoscaler" >}}
|
||||
either not picking up on this event, or newly added pods starting in a
|
||||
different zone.
|
||||
|
||||
## {{% heading "whatsnext" %}}
|
||||
|
||||
* Read about [enabling Topology Aware Hints](/docs/tasks/administer-cluster/enabling-topology-aware-hints)
|
||||
* Read [Connecting Applications with Services](/docs/concepts/services-networking/connect-applications-service/)
|
||||
|
|
@ -171,6 +171,7 @@ different Kubernetes components.
|
|||
| `StorageVersionHash` | `true` | Beta | 1.15 | |
|
||||
| `Sysctls` | `true` | Beta | 1.11 | |
|
||||
| `TTLAfterFinished` | `false` | Alpha | 1.12 | |
|
||||
| `TopologyAwareHints` | `false` | Alpha | 1.21 | |
|
||||
| `TopologyManager` | `false` | Alpha | 1.16 | 1.17 |
|
||||
| `TopologyManager` | `true` | Beta | 1.18 | |
|
||||
| `ValidateProxyRedirects` | `false` | Alpha | 1.12 | 1.13 |
|
||||
|
|
@ -779,6 +780,10 @@ Each feature gate is designed for enabling/disabling a specific feature:
|
|||
- `TokenRequest`: Enable the `TokenRequest` endpoint on service account resources.
|
||||
- `TokenRequestProjection`: Enable the injection of service account tokens into a
|
||||
Pod through a [`projected` volume](/docs/concepts/storage/volumes/#projected).
|
||||
- `TopologyAwareHints`: Enables topology aware routing based on topology hints
|
||||
in EndpointSlices. See [Topology Aware
|
||||
Hints](/docs/concepts/services-networking/topology-aware-hints/) for more
|
||||
details.
|
||||
- `TopologyManager`: Enable a mechanism to coordinate fine-grained hardware resource
|
||||
assignments for different components in Kubernetes. See
|
||||
[Control Topology Management Policies on a node](/docs/tasks/administer-cluster/topology-manager/).
|
||||
|
|
|
|||
|
|
@ -8,9 +8,12 @@ content_type: task
|
|||
---
|
||||
|
||||
<!-- overview -->
|
||||
This page provides an overview of enabling Service Topology in Kubernetes.
|
||||
|
||||
{{< feature-state for_k8s_version="v1.21" state="deprecated" >}}
|
||||
|
||||
This feature, specifically the alpha topologyKeys API, is deprecated in
|
||||
Kubernetes v1.21. [Topology Aware
|
||||
Hints](/docs/concepts/services-networking/topology-aware-hints) was introduced
|
||||
in Kubernetes v1.21 and provides similar functionality.
|
||||
|
||||
## {{% heading "prerequisites" %}}
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,39 @@
|
|||
---
|
||||
reviewers:
|
||||
- robscott
|
||||
title: Enabling Topology Aware Hints
|
||||
content_type: task
|
||||
min-kubernetes-server-version: 1.21
|
||||
---
|
||||
|
||||
<!-- overview -->
|
||||
{{< feature-state for_k8s_version="v1.21" state="alpha" >}}
|
||||
|
||||
_Topology Aware Hints_ enable topology aware routing with topology hints
|
||||
included in EndpointSlices. This approach tries to keep traffic close to where
|
||||
it originated from. This can result in decreased costs and improved performance.
|
||||
|
||||
## {{% heading "prerequisites" %}}
|
||||
|
||||
{{< include "task-tutorial-prereqs.md" >}} {{< version-check >}}
|
||||
|
||||
The following prerequisite is needed in order to enable topology aware hints:
|
||||
|
||||
* {{< glossary_tooltip text="Kube-proxy" term_id="kube-proxy" >}} running in
|
||||
iptables mode or IPVS mode
|
||||
* Ensure that you have not disabled EndpointSlices
|
||||
|
||||
## Enable Topology Aware Hints
|
||||
|
||||
To enable service topology, enable the `TopologyAwareHints` [feature
|
||||
gate](docs/reference/command-line-tools-reference/feature-gates/) for the
|
||||
kube-apiserver, kube-controller-manager, and kube-proxy:
|
||||
|
||||
```
|
||||
--feature-gates="TopologyAwareHints=true"
|
||||
```
|
||||
|
||||
## {{% heading "whatsnext" %}}
|
||||
|
||||
* Read about [Topology Aware Hints](/docs/concepts/services-networking/topology-aware-hints) for Services
|
||||
* Read [Connecting Applications with Services](/docs/concepts/services-networking/connect-applications-service/)
|
||||
Loading…
Reference in New Issue