Cloud Native Computing Foundation (CNCF) is an open source software Foundation dedicated to the popularization and sustainable development of Cloud Native technology. Cloud native technology is a suite of software, specifications, and standards that help enterprises and organizations build and run agile, scalable applications in modern, dynamic environments such as public, private, and hybrid clouds. Containers, microservices, microservice governance, declarative apis are representative cloud native technologies. These techniques make loosely coupled systems more resilient, manageable, and easier to monitor and observe. These technologies, combined with powerful automation tools, allow engineers to make arbitrary changes to systems frequently and predictably, with minimal effort. (Before these cloud native technologies and frameworks were adopted, I’m sure you all had to make small changes to any system. That’s what cloud native technology is most expected to bring to the technology team and the business.

CNCF Landscape is mentioned in the annual REPORT of CNCF every year. CNCF Landscape is an important project in CNCF. It was started in November 2016, aiming to provide a resource map for cloud native users and help enterprises and developers to quickly understand the full picture of cloud native system. The CNCF Landscape project has received more than 5,000 stars on Github, indicating that developers and users are paying attention to the project. CNCF Landscape tracks a large number of applications across the ecology by classifying most of the projects and products in cloud native technology.

CNCF Landscape map

The most important outputs of CNCF Landscape include a road map and a panorama. Trail Map is CNCF’s recommendation process for cloud native users to use open source projects and cloud native technologies. At each step of the roadmap, users can choose vendor-supported products or use open source projects themselves.

CNCF Landscape map

The roadmap is broken down into ten steps, each one of which users or platform developers need to think about and address step by step as they implement cloud native technology in the real world:

  1. The container. The most popular containerization technology is Docker, which allows you to containerize applications and dependencies of any size, even some programs running on emulators. You can also slice up your application over time and code future functionality as microservices.

  2. CI/CD (Continuous integration and continuous release). Create a CI/CD environment so that any changes to the source code can be automatically compiled, tested, and deployed to a pre-production or even production environment through the container.

  3. Application choreography. Kubernetes is the most widely used tool on the market in the field of application choreography. Helm Charts can be used to help application developers and publishers upgrade applications running on Kubernetes.

  4. Monitoring and analysis. In this step, the user selects monitoring, logging, and tracing tools for the platform, such as Prometheus for monitoring, Fluentd for logging, and Jaeger for tracing the entire application call chain.

  5. Service brokering, discovery, and governance. CoreDNS, Envoy, and LInkerd can be used for service discovery and service governance, respectively, providing service health checks, request routing, and load balancing.

  6. The network. Software such as Calico, Flannel and Weave Net are used to provide more flexible web capabilities.

  7. Distributed databases and storage. Distributed databases provide greater flexibility and scalability, but require professional container storage to support them.

  8. Flow and message processing. GRPC or NATS can be considered for applications that require higher performance than jSON-REST. GRPC is a generic RPC (remote call) framework (similar to RPC calls in various frameworks), and NATS is a publish/subscribe and load balancing message queue system.

  9. Container image library and runtime environment. Harbor is currently the most popular container image library, and you can choose to use different container runtime environments to run container applications.

  10. Software release. Finally, software such as Notary can be used for secure release of software.

CNCF Landscape map helps users sort out the best process of the whole cloud native application from the practical steps. However, at every step of the process, users need to know what specific software and product options are available, and this is where the CNCF Landscape panorama comes into play (landscape.cncf. IO /).

Panorama of CNCF Landscape

This panorama tries to give users a full picture of the cloud native system from the perspective of the cloud native hierarchy and different functional components, and help users to select appropriate software and tools for support at different component levels. On the whole, it divides the cloud primary ecology into the following layers:

Cloud

At the bottom of the picture are Cloud (public Cloud, including AWS, Google, Azure, Ali, Baidu, Tencent, etc.) and Kubernetes certified service providers (mainly private Cloud, including Xiyun, Lingqiyun, Boyun, Caiyun, DaoCloud, Rancher, etc.)

Provisioning

Once you have a physical machine or virtual machine, you need to prepare a standardized infrastructure for the container before running the containerized service. This is where the Provisioning layer comes in. In the Provisioning layer, there are several functional modules:

  • Automation & Configuration: Used to automate the deployment and Configuration of container platforms and environments, representing tools and vendors including Ansible, Chef, Puppet, VMware, and OpenStack.
  • Container image library: Container image library is one of the core components in the whole CNCF cloud native, because all applications need to be installed and deployed with container image library in the container based operating environment. Container image libraries are divided into public and private ones. Public Container image libraries include Docker official Registry, AWS Elastic Container Registry, Google Container Registry, etc. Among private image libraries, Harbor led by VMware China team has been widely used, and a large number of container platforms are currently building their image warehouses based on Harbor.
  • Security & Compliance: NoF and TUF (The Upgrade Framework) are two major projects in this area, where TUF is an open source Security standard and Notary is one of The implementations. In addition to ensuring the provenance of the software, Notary ensures that the contents of the image are not modified anywhere in the image supply chain without the approval of the container image provider, ensuring that security is seamlessly and uniformly embedded throughout the workflow from development to operations.
  • Key Management: Mainly used for Key Management across the container platform.

Runtime

Runtime layer can be understood as the entire operating environment of the container, which is the most core part of cloud native, including computing, storage and network:

  • Container Runtime: Docker is the most widely known Container Runtime environment, but there are several other Container environments running in production. Containerd is a core CONTAINER runtime that meets the OCI specification and is designed to be embedded in large systems. It was started by Docker Inc and donated to CNCF in March 2017. In addition, CoreOS ‘RKT, a CLI for running application containers on Linux, can also serve as a secure, composable, standards-based container virtualization runtime environment.
  • Cloud-native Storage: At the beginning, the container is a stateless running unit. The file system at the top layer of the container cannot save the files or data written during running. After the container is rebuilt or restarted, the data written will be lost. However, with the gradual application of database, message queue and other middleware in the container environment, the user’s understanding and demand for container persistent storage is more profound and urgent. A more in-depth analysis of container storage is covered later in this article.
  • Cloud-native Network: Network has always been the most flexible part of virtualization technology. At present, most customers mainly use Calico, Flannel, Open vSwitch and other solutions.

Orchestration Management

This layer is mainly responsible for the orchestration and scheduling of container platform, including service discovery and governance, remote invocation, service proxy, micro-service governance and other components, including:

  • Scheduling & Orchestration: Kubernetes is the dominant player in this area, and the container ecosystem based on Kubernetes is developing rapidly. Other programming tools include Mesos, Docker Swarm, and more.
  • Coordination & Service Discovery: An important point in distributed computing is the collaboration between services and service discovery (or node discovery problems). From the old Zookeeper to Consul (default Docker Swarm), which is popular among many Internet vendors and applications in recent years, all can be used for distributed service discovery and configuration. Kubernetes uses CoreOS ‘Etcd by default.
  • Remote Procedure Call: There are usually two ways to communicate between microservices, one is HTTP REST-JSON and the other is RPC, which is more efficient. Common examples include Google’s GRPC, Apache’s Thrift framework, Netflix’s Ribbon and AvRA data serialization framework.

App Definition and Development

This layer is the specific applications and tools that run on the container platform, which can be understood as the container platform’s app store. According to different application scenarios, the application can be classified into the following types: Database (such as MySQL, MariaDB, mongoDB, PostgreSQL, Cassandra, TiDB, etc.), flow processing and message queue (such as Spark, Storm, RocketMQ, Kafka, RabbitMQ, etc.), application and image making (used to encapsulate applications The application can run on standard container platforms such as Helm, Docker Composer, Packer, etc.), CI/CD (most commonly Jenkins, Bamboo developed by Atlassian, etc.).

Platform

From a horizontal perspective, cloud native also includes numerous certified platform vendors.

Observability and Analysis

This section contains a number of tools for platform monitoring (Prometheus, Nagios, Grafana, Zabbix, etc.), logging (Fluentd, ElasticSearch, Logstash), and tracking (Jaeger).

To sum up, the CNCF Landscape panorama contains products and programs with best practices that are mature or widely used in THE CNCF community for users to choose in practical application.

In cloud-native Storage, Yan Rongyun’s YRCloudFile is the only container Storage product listed in CNCF Landscape in China.

Compared to other CNCF Landscape Cloud-Native Storage products and open source solutions, YRCloudFile has a number of unique and important features:

  • Support stateful container in the case of node failure, cross-node second reconstruction, help stateful Pod effectively deal with node failure.
  • Provides fine-grained (PV level) Dr Capability for multiple Data centers (DCS). PVS of different protection levels can be created and used based on service SLA requirements, and the local read priority technology greatly reduces data access latency.
  • Enterprise-class features such as PV Quota and QoS are supported to prevent storage resource preemption between PVS.
  • Supports read and write access modes such as RWX, RWO, and ROX.
  • Provide CSI, FlexVolume interfaces, and complete the docking with many container platform suppliers such as Linchcloud, Harmoncloud, Rancher, Cisco and so on.
  • The PV Hot Spot function quickly locates data access hotspots for upper-layer services, eliminating system access bottlenecks.
  • PV Insight provides Insight into PV internal data distribution and temperature, providing decision-making basis for PV internal data management.
  • Prometheus Exporter and integration with Grafana for integration and unification of monitoring systems.
  • The whole interface presents the association between Pod, PV and PVC in Kubernetes platform.
  • Real-time monitoring of PV performance, historical monitoring records, and alarms.
  • PV dynamic Resize.
  • RDMA support for extreme performance.

Through the above introduction, I believe that we have for many native applications in the cloud, especially container storage areas into practice team of engineers, cios construction provides a clear train of thought and selection standard, we also will be gained in the construction of the cloud native experiences and lessons to share for you, to help customers more smoothly completed the transformation of business to the cloud native.