Cluster federation in Kubernetes takes the concept of high availability to the next level by making clusters resilient. Multiple distributed clusters can be federated to ensure that the workload is available in at least one cluster. 

Federation makes it easy to manage multiple clusters. It does so by providing 2 major building blocks:

  • Sync resources across clusters: Federation provides the ability to keep resources in multiple clusters in sync. For example, you can ensure that the same deployment exists in multiple clusters.
  • Cross cluster discovery: Federation provides the ability to auto-configure DNS servers and load balancers with backends from all clusters. For example, you can ensure that a global VIP or DNS record can be used to access backends from multiple clusters.

Some other use cases that federation enables are:

  • High Availability: By spreading load across clusters and auto configuring DNS servers and load balancers, federation minimises the impact of cluster failure.
  • Avoiding provider lock-in: By making it easier to migrate applications across clusters, federation prevents cluster provider lock-in.

Federation is not helpful unless you have multiple clusters. Some of the reasons why you might want multiple clusters are:

  • Low latency: Having clusters in multiple regions minimises latency by serving users from the cluster that is closest to them.
  • Fault isolation: It might be better to have multiple small clusters rather than a single large cluster for fault isolation (for example: multiple clusters in different availability zones of a cloud provider).
  • Scalability: There are scalability limits to a single kubernetes cluster (For more details: Kubernetes Scaling and Performance Goals).
  • Hybrid cloud: You can have multiple clusters on different cloud providers or on-premises data centers.

Caveats

While there are a lot of attractive use cases for federation, there are also some caveats:

  • Increased network bandwidth and cost: The federation control plane watches all clusters to ensure that the current state is as expected. This can lead to significant network cost if the clusters are running in different regions on a cloud provider or on different cloud providers.
  • Reduced cross cluster isolation: A bug in the federation control plane can impact all clusters. This is mitigated by keeping the logic in federation control plane to a minimum. It mostly delegates to the control plane in kubernetes clusters whenever it can. The design and implementation also errs on the side of safety and avoiding multi-cluster outage.
  • Maturity: The federation project is relatively new and is not very mature. Not all resources are available and many are still alpha.

Set up Cluster Federation using Kubefed

Run the below commands to install kubefed:

$ git clone https://github.com/kubernetes/federation.git
$ cd federation/
$ make
$ make quick-release
$ docker load -i _output/release-images/amd64/fcp-amd64.tar
# Tag to your REGISTRY/REPO/IMAGENAME[:TAG]
$ docker tag gcr.io/google_containers/fcp-amd64:v1.9.0-alpha.2.60_430416309f9e58-dirty REGISTRY/REPO/IMAGENAME[:TAG]

# push to your registrydocker
$ docker push REGISTRY/REPO/IMAGENAME[:TAG]

$ _output/dockerized/bin/linux/amd64/kubefed init federation \
--host-cluster-context=HOST_CLUSTER_CONTEXT \
--image=REGISTRY/REPO/IMAGENAME[:TAG] \
--dns-provider="PROVIDER" \
--dns-zone-name="YOUR_ZONE"

When you use kubefed init, you must provide the following:

  • Federation name
  • --host-cluster-context, the kubeconfig context for the host cluster
  • --dns-provider, one of 'google-clouddns', aws-route53 or coredns
  • --dns-zone-name, a domain name suffix for your federated services

Once the federation control plane is initialized, query the namespaces:

kubectl get namespace --context=federation

If you do not see the default namespace listed (this is due to a bug). Create it yourself with the following command:

kubectl create namespace default --context=federation

Adding a cluster to a federation

After you’ve deployed a federation control plane, you’ll need to make that control plane aware of the clusters it should manage.

To join clusters into the federation.

Change the context:kubectl config use-context federation

Join the cluster to the federation, using kubefed join, and make sure you provide the following:

  • The name of the cluster that you are joining to the federation
  • --host-cluster-context, the kubeconfig context for the host cluster

For example, this command adds the cluster cluster2 to the federation running on host cluster cluster1:

kubefed join cluster2 --host-cluster-context=cluster1

Listing Clusters

To list the clusters available in your federation, you can use kubectl by running:

kubectl --context=federation get clusters

The --context=federation flag tells kubectl to submit the request to the Federation apiserver instead of sending it to a Kubernetes cluster.

Feel free to ask any questions in the comments section below. Hope you find  this article helpful.

Leave a comment

Your email address will not be published. Required fields are marked *