Safely and efficiently manage edge nodes through Kubernetes
In the era of 5G and the Internet of Things, millions of billions of devices are connected to the cloud, and several ZB of data are generated. The industry has also begun to pay attention to how to make better use of the core capabilities of cloud computing and give full play to the capabilities of various edge devices: for example, how to efficiently coordinate data processing? How to quickly deploy various applications? How to achieve low latency and weak network autonomy with limited bandwidth?
Alibaba Cloud officially released edge containers in 2019 ACK@Edge The product focuses on the service concept of "cloud standard control, edge moderate autonomy": provide powerful and rich cloud native control capabilities in the cloud, realize business integration such as urban brain, industrial brain, CDNPaaS, IoTPaaS, etc. upward, and complete cloud-side operation and maintenance control by carrying traffic through multi-specification and multi-link solutions downward; On the edge side, the original k8s capabilities are superimposed, such as edge autonomy, cell management, traffic topology, and edge computing power state fine detection.
In terms of technical implementation, Alibaba Cloud ACK@Edge Implemented the core design concept of "Extending your native Kubernetes to Edge"
Kubernetes has "zero" intrusion to ensure full compatibility with the native K8s API. Not changing the core components of Kubernetes does not mean that ACK@Edge It's just a simple Kubernetes Addon. ACK@Edge Through proxy node network traffic, a new layer of encapsulation is added to Kubernets node and application lifecycle management, providing the core management and control capabilities required by edge computing.
ACK@Edge New feature 1: secure interconnection between cloud and cloud, enhanced cloud-edge SDN network communication
In the previous general network model, the edge and cloud are interconnected through the public network, and the edge application cannot directly access the cloud VPC intranet. The newly released enhanced network model, based on Alibaba Cloud's global network infrastructure, provides a secure and fast cloud-side collaborative network. The edge node pool application can directly access the cloud through the VPC intranet, and has better cloud-side network quality and security guarantees compared with ordinary networks.
Specifically, the following four types of access connectivity are supported:
• Edge Pod and Cloud Pod interworking
• Edge Pod and cloud VPC interworking
• Edge nodes access VPC on the cloud in one direction
• One-way access to cloud pods by edge nodes
Under this scheme, cloud-side network traffic will be encrypted and transmitted almost all the way through the Alibaba Cloud intranet, ensuring the quality and security of communication.
ACK@Edge New feature 2: pool management of edge nodes to simplify operation and maintenance complexity
In the edge computing scenario, computing nodes usually have strong specific attributes, such as the same CPU architecture, operator or cloud provider. In order to facilitate management, the traditional method is to use Kubernetes to label nodes for classification management. However, with the increase of node size and the number of labels, the classification operation and maintenance of nodes will become more and more complex.
Alibaba Cloud ACK@Edge The NodePool is introduced, which abstracts the node division in a higher dimension. It is convenient for customers to manage and maintain nodes in different edge areas from the perspective of node pool.
ACK@Edge New feature 3: application unit deployment, easy template creation
The same application will need to be deployed on computing nodes in different regions. Take deployment as an example. The traditional approach is to set the computing nodes in the same region to the same label, and then create multiple deployments. Different deployments select different labels through NodeSelectors, so as to meet the requirement of deploying the same application to different regions.
With the increasing geographical distribution and the differentiated demand for applications in different regions, the operation and maintenance become more and more complex, which is reflected in the following aspects:
• When the image version is upgraded, you need to modify the image version configuration of each deployment.
• It is necessary to customize the naming specification of deployment to indicate the same application.
• For multiple deployments of the same application, except for the characteristics of Name, NodeSelectors and Replicas, other differentiated configurations are relatively small.
United Deployment is an edge container service ACK@Edge The functions provided can be used for unified management of multiple deployments, such as creation, update and deletion, through a higher level of abstraction.
Edge computing cloud native solution ACK@Edge More than one million business containers have been taken over, covering new retail, medical, Internet of Things, industry, water conservancy, transportation and many other industries. We are committed to accelerating the process of cloud computing expanding to edge computing, and jointly building a unified standard for the future cloud native edge computing architecture.
Alibaba Cloud Edge Container ACK@Edge Focus on the service concept of "cloud standard control, moderate autonomy at the edge"; The "cloud edge" has obvious layering and collaborative capabilities. At the same time, ACK@Edge It also provides the whole life cycle management of K8s cluster under central control, supports heterogeneous resources, and realizes the high availability of edge nodes and applications.
Knowledge Base Team
Knowledge Base Team
Knowledge Base Team
Knowledge Base Team
Explore More Special Offers
50,000 email package starts as low as USD 1.99, 120 short messages start at only USD 1.00