Table of contents
- About KubeSphere
- What is Kubernetes
- Getting Started with KubeSphere
- Why use KubeSphere?
- Benefits to Different Teams
- Features of KubeSphere
- 1. Identity and Access Management
- 2. Multi-tenancy
- 3. Kubernetes DevOps
- 4. Service Mesh (Istio-based)
- 5. KubeEdge Integration
- 6. Cloud-Native Observability
- 7. Kubernetes multi-cluster management
- 8. Multiple Storage and Networking Solutions
- 9. App Store
- 10. Metering and Billing
- 11. GPU Workloads Scheduling and Monitoring
- Feature Map
- Architecture of KubeSphere
- KubeSphere Roadmap
- Conclusion
- Connect with KubeSphere
- Resources
- Key
About KubeSphere
KubeSphere is a distributed operating system for cloud-native application management, using Kubernetes as its kernel. It provides a plug-and-play architecture, allowing third-party applications to be seamlessly integrated into its ecosystem.
KubeSphere is also a multi-tenant enterprise-grade open-source Kubernetes container platform with full-stack automated IT operations and streamlined DevOps workflows. It provides developer-friendly wizard web UI, helping enterprises to build out a more robust and feature-rich Kubernetes platform, which includes the most common functionalities needed for enterprise Kubernetes strategies.
There was a lot of technical jargon in the above paragraph, it will all be clear in "Why use KubeSphere" section.
Note - Look for the full forms of abbreviations in Key.
What is Kubernetes
Kubernetes is a portable, extensible, open-source platform for managing containerized workloads and services, that facilitates both declarative configuration and automation. Google open-sourced the Kubernetes project in 2014.
Kubernetes provides you with a framework to run distributed systems resiliently. It takes care of scaling and failover for your application, provides deployment patterns, and more.
To know more about Kubernetes check out my blog A Simple Guide to Kubernetes
Getting Started with KubeSphere
Make sure that you read and match the Prerequesites here.
Installing on Kubernetes
As KubeSphere is a Distributed Operating System that uses Kubernetes as a kernel it can be directly installed on top of Kubernetes.
Check out the installation steps here.
Note - You need to have the Kubernetes cluster configured and running before you can install KubeShpere on Kubernetes.
Check out this page to Install on an existing Kubernetes cluster hosted on cloud or on-premises.
You will see this on your console.
Installing on Linux
For those who are new to KubeSphere and looking for a quick way to discover the container platform, the all-in-one mode is the best choice to get started. It features rapid deployment and hassle-free configurations with KubeSphere and Kubernetes all provisioned on your machine. Install using KubeKey
You can access the official in-depth documentation to install and get KubeShpere running on Linux.
Other Installations on Linux - Overview, Provisioning Kubernetes cluster.
Why use KubeSphere?
We will dissect and understand the definition used while describing KubeSphere and understand why should you use KubeSphere.
- Multi-tenancy is what enables different teams to securely deploy and maintain containerized applications from the cloud to the edge.
- Open-source - A CNCF-certified Kubernetes platform, 100% open-source, built and improved by the community.
- Easy to Run - Can be deployed on an existing Kubernetes cluster or Linux machines, also supports online and air-gapped installation.
- Modular and Pluggable - Functionalities are modularized and loosely coupled with the platform. You can choose the modules according to your business needs.
Benefits to Different Teams
As mentioned in the About section, KubeSphere is a multi-tenant enterprise-grade open-source Kubernetes container platform with full-stack automated IT operations and streamlined DevOps workflows.
It allows developers to deploy code with several clicks on the friendly console and brings integrated observability and powerful DevOps strategies to the Ops team.
It also helps the Infra team to install and maintain the Kubernetes cluster with efficient, flexible network solutions which avoid locking teams into a single-vendor ecosystem.
For Infra Team
Automated installation, scaling, and upgrades from cloud to data center.
- It improves your resource utilization and reduces internal infrastructure costs.
- Provides Security enhancements and supports multiple storage and network solutions.
- Deliver a trustworthy and certified Kubernetes platform and distribution.
- Supports multi-cloud and multi-cluster Kubernetes management, avoiding vendor lock-in(soon to be included feature).
For Developers
Liberates developers from creating complicated YAML, enabling them to focus on business needs.
- Creates a smooth user experience and reduces the learning curve of the cloud-native stack. Providing a plug-and-play architecture.
- Provides toolkits and deployment automation tailored for any application environment.
- Offers out-of-the-box toolkits for building reproducible images from source code, improving development efficiency.
- Supports application lifecycle management, accelerating time to market deployment.
For Operations Team
Builds a one-stop enterprise-grade DevOps framework to be used.
- It provides centralized log collection, monitoring, alerting, events, and audit logs from infrastructure to applications.
- Streamlined process of continuous deployment, test, release, upgrade and scale.
- Better tracking, routing, and optimized communications within Kubernetes for cloud-native applications.
- Easy to use web terminal and graphical panel, satisfying the needs of different users.
For End-User
Running and using applications on Kubernetes is easy and intuitive, it provides an abstraction while maintaining the powerful features of Kubernetes.
- Deploy and upgrade applications with one click to the transparent underlying infrastructure.
- Provide on-demand container resources and HPA, hardening the reliability and flexibility of your applications.
- Import any Helm repository in seconds to visually deploy and upgrade applications.
- Supports operation in the application store, including metering and billing for applications (soon to be included feature).
Features of KubeSphere
1. Identity and Access Management
Identity and access management, or IAM, is the security discipline that makes it possible for the right entities (people or things) to use the right resources (applications or data) when they need to, without interference, using the devices they want to use.
Supports, CAS, OIDC, IDaaS, LDAP, LDAPS, and search filter.
2. Multi-tenancy
Provide unified authentication with fine-grained roles and a three-tier authorization system and support AD/LDAP authentication.
You can add a user group, can be assigned to a group, and invite a group to a workspace or a project.
3. Kubernetes DevOps
Run CI/CD pipelines in Kubernetes clusters to implement automated code checkout, testing, code analysis, building, deploying, and releasing.
Out-of-the-box CI/CD Pipelines
- Easy integration with SCM including GitLab/GitHub/BitBucket/SVN to simplify continuous integration
- Graphical editing panels designed to visualize and simplify CI/CD pipeline creation without writing any Jenkinsfile
- Easy SonarQube Integration to implement source code quality analysis and view results on the KubeSphere console
- Dependency cache available for tools like Maven running in Kubernetes Pods to accelerate image building and workloads deployment across Kubernetes Clusters
Built-in Automation Toolkits
- Source-to-Image builds reproducible container images from source code without writing any Dockerfile and deploys workloads to Kubernetes clusters
- Binary-to-Image builds your artifacts into runnable images and deploys workloads to Kubernetes clusters
- Automating image building and pushing to any registry and achieving continuous deployment to Kubernetes clusters
- Excellent resiliency and recoverability as you can copy pipelines and run them concurrently as well as rebuild and rerun S2I/B2I whenever a patch is needed
Use Jenkins Pipeline for DevOps on top of Kubernetes
- Kubernetes combined with Git to facilitate continuous integration with code repositories and boost continuous delivery of cloud-native applications
- Efficient DevOps teamwork through the KubeSphere multi-tenant system on the basis of Kubernetes RBAC to achieve better access control in CI/CD workflows
- Powerful DevOps observability with dynamic logs for S2I/B2I builds and pipelines to help you manage Kubernetes DevOps resources with ease
- Auditing, alerting, and notifications are available for pipelines to ensure quick identification and resolution of issues throughout CI/CD workflows
- Git webhooks for SCM pipelines to automatically trigger a Jenkins build when new commits are submitted to a branch
Learn More, KubeSphere with DevOps Workflow In Action
4. Service Mesh (Istio-based)
Unified UI to integrate and manage tools including Istio, Envoy, and Jaeger for running and scaling microservices on Kubernetes for the distributed systems.
Service Mesh Traffic management
- Canary release provides canary rollouts and staged rollouts with percentage-based traffic splits
- Blue-green deployment allows the new version of an application to be deployed in a separate environment and tested for functionality and performance
- Traffic mirroring is a powerful, risk-free method of testing your app versions as it sends a copy of live traffic to a mirrored Service
- Circuit breakers allow users to set limits for calls to individual hosts within a Service
Microservices Visualization
KubeSphere has the ability to visualize the connections between microservices and the topology of how they interconnect. It supports service mesh graph traffic direction flow, inbound, and outbound.
Distributed Tracing for Kubernetes
Based on Jaeger, KubeSpher enables users to track how each Service interacts with each other. It brings a deeper understanding of request latency, bottlenecks, serialization, and parallelism via visualization.
Supports adding router components.
Learn more, See Kubernetes Service Mesh in Action.
5. KubeEdge Integration
KubeSphere integrated KubeEdge to enable users to deploy applications on the edge devices and view logs and monitor metrics of them on the console.
KubeEdge is an open-source system for extending native containerized application orchestration capabilities to hosts at the edge. It supports multiple edge protocols and looks to provide unified management of cloud and edge applications and resources.
Enable and Verify KubeEdge before and after Installation
To implement the multi-node installation of KubeSphere on Linux, you need to create a configuration file with all KubeSphere Components.
After you install KubeSphere on Kubernetes, you need to enable KubeEdge first in the cluster configuration.YAML file.
Verification of the component can be carried out on the dashboard as well as through kubectl.
You can find the steps to follow on the Official Documentation Page Here.
6. Cloud-Native Observability
Multi-dimensional monitoring, events, and auditing logs are supported; multi-tenant log quey and collection, alerting and notification are built-in.
Multi-dimensional Kubernetes Monitoring
- Infrastructure monitoring provides K8s control plane and cluster node metrics
- Application resources monitoring includes CPU, memory, network, and storage metrics
- Resource usage ranking by node, workspace, and project - Service component monitoring for users to quickly locate component failures
- Custom metrics support includes application custom metrics dashboard (in v3.0.0)
Kubernetes Log Collection and Management
- Multi-tenant log management ensures different tenants can only see their own log information
- Multi-level log queries include projects, workloads, Pods, containers, and keywords, supporting drilling into each level to locate the issues
- Support multiple log collection platforms, such as Elasticsearch, Kafka and Fluentd
- Service component monitoring for users to quickly locate component failures
Flexible Kubernetes Alerting and Notification
- Rich alerting rules based on multi-tenancy and multi-dimensional monitoring metrics
- Flexible alerting policy allows you to customize an alerting policy that contains multiple alerting rules
- Multi-level monitoring metrics for alerting, ranging from infrastructure to workloads
- Flexible alerting rules allow you to customize the detection period, duration, and alerting priority of monitoring metrics
- Integration with AlertManager supports multiple notification channels (in v3.0.0)
Learn More, See Kubernetes and Microservices Observability in Action
7. Kubernetes multi-cluster management
Provides a centralized control plane to manage multiple Kubernetes clusters, and supports propagation of an app to multiple K8s clusters across different cloud providers.
- Supports configuring cluster controller resync period, some users need to update the cluster components more quickly.
- Lightweight member cluster installation, supporting running kubesphere without Redis, Idap, and so on.
- Can validate member cluster configuration if the member cluster config(e.g. jwtSecret) is not the same as the host cluster, which can reduce the complexity of joining clusters.
8. Multiple Storage and Networking Solutions
Support GlusterFS, CephRBD, NFS, and LocalPV solutions, and provide CSI plugins to consume storage from multiple cloud providers.
Provides a load balancer OpenELB for bare metal Kubernetes, and offers network policy management, support Calico and Flannel CNI
9. App Store
KubeSphere provides users with an App Store for Helm-based applications and offers application lifecycle management on the back of OpenPitrix, an open-source web-based system to package, deploy and manage different types of apps.
The KubeSphere App Store allows ISVs, developers, and users to upload, test, install, and release apps with just several clicks in a one-stop-shop.
Learn more from KubeSphere App Store Documentation Page.
10. Metering and Billing
KubeSphere metering helps you track resource consumption within a given cluster or workspace at a granular level.
Different tenants with different roles can only see the data to which they have access. Besides, you can also set prices for varied resources to see billing information.
Learn more from the Metering and Billing Section of the Documentation Page.
11. GPU Workloads Scheduling and Monitoring
Create GPU workloads on the GUI, schedule GPU resources, and manage GPU resource quotas by the tenant.
Feature Map
Architecture of KubeSphere
KubeSphere uses a loosely-coupled architecture that separated the frontend from the backend.
External systems can access the components of the backend through the REST APIs.
KubeSphere Roadmap
Open-source projects have a defined roadmap for their future growth which is collectively decided upon, by all the participants.
The KubeSphere RoadMap lists the planned features and everyone is welcome to raise a proposal and contribute your ideas.
You can have a look at the KubeSphere Roadmap and understand how an open-source project plans and works on its features.
How to contribute💎
If you are new to contributing,
- You can find the roadmap page of the community
- Look for open features
- Choose what interests you
- Hop on to the community communication channel and look for others who are working on the same feature.
- Congratulations✨ You started your open-source contribution journey.
Conclusion
You have learned about KubeSphere, how to get started and its features, and its architecture. It is truly a full-stack solution for automated IT operations with a streamlined DevOps Workflow.
I am a big advocate of learning and implementing, and I encourage you to do the same by setting up KubeSphere for yourself or for your organization.
Share your experience using KubeSphere as "KubeSphere Experiment Notes" by writing a blog about it, making a video, or a Twitter thread!
You can take ideas from the User Case Studies Page and share your experiences.
Working with a command-line is cool but when you are working in an enterprise environment, a simple GUI which makes your job easy is a gift. KubeSphere is a very powerful tool in my opinion which provides you with complete solutions, now you literally have no excuses to not use Kubernetes.
In the process of writing the In-Depth Guide for KubeSphere, I too learned a lot and was amazed by the comprehensive list of solutions provided. Cheers to learning together!✨
Connect with KubeSphere
KubeSphere is open-source, built, and improved by the community. The community page walks you through how to get started contributing to KubeSphere. The development guide explains how to set up a development environment.
Connect through,
- KubeSphere's Facebook
- Follow on KubeSphere's Twitter
- KubeSphere's LinkedIn
- KubeSphere's Slack Channel
- Get KubeSphere's Commercial Support team to contact you.
Submit any KubeSphere bugs, issues, and feature requests to KubeSphere Github Issue.
Resources
- KubeSphere: One Kubernetes Platform for Full Stack Solutions & Management (Video)
- Multi-cluster Management With KubeSphere on Civo (Video)
- KubeSphere.io
- KubeSphere Documentation
- KubeSphere's YouTube
- KubeSphere's GitHub Repo
- KubeSphere's Medium Blogs
- KubeEdge
- A complete walkthrough to KubeSphere DevOps System
- Bookinfo Canary Release on Kubernetes using Istio, Jaeger and KubeSphere
- Kubernetes and Microservices Observability on KubeSphere
- OpenPitrix
Key
- GUI - Graphical User Interface
- DevOps - Smashing together Development and Operations
- IT - Information Technology
- API - Application Program Interface
- REST - REpresentational State Transfer
- GPU - Graphics Processing Unit
- ISV - Independent Software Vendor
- NFS - Network File System
- FS - File system
- ELB - Elastic Load Balancing
- CSI - Common System Interface
- CNI - Container Network Interface
- SCM - System Configuration Management
- CI/CD - Continous Integration and Continous Deployment
- CI/CDCD - Continous Integration, Continous Delivery and Continous Deployment
- S2I - Source to image
- B2I - Business to Individual
- RBAC - Role-based access control
- SVN - Subversion
- AD - Active Directory
- LDAP - Lightweight Directory Access Protocol
- LDAPS - LDAP over SSL
- SSL - Secure Sockets Layer
- CAS - Central Authentication Service
- OIDC - OpenID Connect
- ID - Identity
- IDaaS - Identity as a Service
- HPA - HorizontalPodAutoscaler
- CNCF - Cloud Native Computing Foundation
- UI - User Interface
- CRI - Container Runtime Interface