Part 2 - Single or Multi-Cluster Kubernetes?
Summary
In this Part 2 post, we make comparisons between single vs multi-cluster and discusses the main benefits of multi-cluster Kubernetes.
Finally, we take a look at what cloud service providers are currently offering in terms of multi-cluster management what an entirely bespoke or DIY Multi-Cluster can mean for you and your business.
If you run enterprise applications and need to scale your multi-cluster Kubernetes then you don’t want to miss Part 3.
Recap
In Part 1 – Kubernetes Control Plane and Loss of Service, draw attention to potential denial of service exposure with standard Kubernetes deployments. We examine why we need a Control Plane to begin with.
Lastly, we explained how the default single control plane in Kubernetes can pose a potentially unacceptable service risk when launching mission critical applications.
What is a Multi-Cluster Architecture?
Comparison: Single vs Multi-Cluster
The chart below illustrates three cluster deployment types on the left, verses three difficulty levels expressed to the right: easy (green), moderate (yellow), difficult (red).
Figure 3. Single vs Multi-Cluster
Despite increased complexity, the ‘Multiple Clusters per tenant‘ option offers enhanced cluster security and reduces the blast radius from any cluster level faults.
To learn more about cluster-level faults, please refer to Part 1.
Conversely, coordinating workload orchestration between multi-clusters and keeping their control plane objects in synchronous becomes a much harder proposition.
On the other hand, using a single cluster eliminates the need for such synchronisations all together but is not suitable for mission critical applications. To understand why, refer back to Part 1.
Multi-Cluster Benefits
Consider the following benefits:
- Workload Isolation: If one cluster breaks, the blast radius is small and impact limited to the workloads that run on that cluster—other clusters are not affected.
- Avoid resource contention: In multi-tenancy clusters, a “noisy neighbour” can cause resource contention between tenants sharing a single cluster. These can be entirely mitigated by isolating workloads onto separate clusters.
- Availability: With your applications spread across different clusters at different datacenters and cloud providers, across regions and availability zones, the risks of service disruption from an infrastructure outage or breach, are greatly diminished.
- Performance At Scale: If your users are spread over a large geographic area, multiple clusters may help you reduce latency and improve performance.
- Ability to separate environments: Its best practice to separate your dev, staging and production clusters and reduce the risk of being served beta or non-production code releases.
- Data sovereignty: Some regulations may require you to store your data at a particular geographical location, datacenter or region. Multi-cluster gives you this flexibility.
Cloud Service Provider - Kubernetes Multi-Clusters
All the Cloud Service Providers (CSPs) today offer their own Kubernetes distributions.
Most of these have some support for multi-cluster management, although their mileage and suitability will differ:
- Amazon EKS Anywhere: is an open-source deployment option for Amazon EKS that allows customers to create and operate Kubernetes clusters on-premises, with optional support offered by AWS. EKS Anywhere supports Bare Metal, CloudStack and VMware vSphere as deployment targets.
- Google Anthos: Google’s Kubernetes-based hybrid cloud platform, can manage clusters running on multiple clouds as well as on-premises. The Control Plane is entirely managed by GKE and Anthos provides support for many of the best in breed, Open Source Controllers such as Gatekeeper, although a lot of rebranding takes place.
- Rancher Fleet: Although SuSE Linux, the owners of fleet, are not strictly CSP’s, it is worth mentioning for its multi-cluster management capabilities. Rancher Fleet is designed specifically to manage multiple clusters at scale and uses GitOps to scale applications across hundreds or even thousands of Kubernetes clusters. Rancher Fleet manages deployments from git repositories using raw Kubernetes YAML, Helm charts, Kustomize, or any combination of the three and follows a pull configurational architecture. The Git repository acts as a single-source-of-truth for the fleet.
- Microsoft Azure Arc allows users to manage and monitor multiple AKS clusters across hybrid and multi-cloud environments, including on-premises and other cloud providers, from a unified control plane. Users can centrally monitor, deploy applications, enforce configurations and policies across clusters.
- VMware Tanzu: VMware’s Kubernetes platform, supports multiple clusters running in any public cloud or on-premises, as long as the clusters conform to CNCF standards.
DIY Multi-Clusters
In a nutshell – You’re in complete control!
Build and operate multi-clusters yourself, with total flexibility over the features available to your clusters, where they run, how they are managed and with what tooling.
High levels of customization means more upfront costs but this initial investment can pay off huge dividends in terms of cost savings and flexibility down the road.
Run these clusters in your own datacenters, in virtually any cloud, find a partner to run them as a managed service for you; or any combination of the above – the freedom is entirely yours.
Conclusion
Multi-cluster deployments offer enhanced security, workload isolation, fault resilience, regulatory complience and global scaling. However, they require coordination for cross-cluster rollouts and control plane synchronization.
Cloud providers: Amazon EKS Anywhere, Google Anthos, and VMware Tanzu support multi-cluster management as does Rancher Fleet.
Alternatively, organizations can build and operate their own bespoke DIY Multi-Clusters. Choice depends on requirement needs and budget considerations.
Next Up
In Part 3 – Kubernetes Multi-Clusters, we take a look at some of the approaches to multi-cluster Kubernetes and present a synopsis on several important ways to unify cluster management, application deployment and Control Plane synchronizaiton.
Finally, we give our conclusions to this 3 part series.
Key points
Approximate reading time
8 min
Share posts
Other posts
Tony Barganski is a Principal Consultant at a tech consultancy in London, where he focuses on meeting the cloud computing needs of London’s financial institutions. Tony consistently delivers impactful solutions and has played a pivotal role in driving business advancements for his clients.
One Response