Presentation is loading. Please wait.

Presentation is loading. Please wait.

HDFS on Kubernetes -- Lessons Learned

Published byAugust Mikkelsen Modified over 6 years ago

Similar presentations

Presentation on theme: "HDFS on Kubernetes -- Lessons Learned"— Presentation transcript:

1 HDFS on Kubernetes -- Lessons Learned
Kimoon Kim, Pepperdata

2 Agenda Kubernetes intro Spark and HDFS on Kubernetes Demo
Problems we fixed in Spark on K8s -- HDFS data locality, Secure HDFS

3 Kubernetes New open-source cluster manager.
Runs programs in Linux containers. 1000+ contributors and 40,000+ commits. Designed and built for containers

4 “My app was running fine until someone installed their software”
My spark job failed with ClassNotFound exception I had to change my Tomcat port

5 More isolation is good Kubernetes provides each program with:
a lightweight virtual file system -- Docker image an independent set of S/W packages a virtual network interface a unique virtual IP address an entire range of ports Containers create more isolation layers Still very fast This other person install only on his container What if I have a server program like Tomcat Both my Tomcat and your Tomcat can open the same port under different IPs Like having VMS such that each program is the only program running

6 Other isolation layers
Separate process ID space Max memory limit CPU share throttling Mountable volumes Config files -- ConfigMaps Credentials -- Secrets Local storages -- EmptyDir, HostPath Network storages -- PersistentVolumes

7 Kubernetes architecture
Pod, a unit of scheduling and isolation. runs a user program in a primary container holds isolation layers like a virtual IP in an infra container Pod 1 Pod 2 Pod 3 node A node B We have pod 1, 2, and 3. Each pod gets a unique virtual IP address like Virtual pod IPs look very different from physical IP addresses of cluster nodes Becomes important later when looking at Spark and HDFS together

8 Big Data on Kubernetes github.com/apache-spark-on-k8s
Bloomberg, Google, Haiwen, Hyperpilot, Intel, Palantir, Pepperdata, Red Hat, and growing. patching up Spark Driver and Executor code to work on Kubernetes. being upstreamed with SPIP-Spark-on-Kubernetes. Related talk: spark-summit.org/2017/events/apache-spark-on- kubernetes/

9 Spark on Kubernetes Job 1 Job 2 Driver Pod Executor Pod 1 Executor Pod 2 Client Driver Pod Executor Pod 1 Executor Pod 2 Client node A node B

10 What about storage? Spark on Kubernetes supports cloud storages like S3. Your data is often stored on HDFS. Run HDFS itself on Kubernetes -- github.com/apache-spark-on- k8s/kubernetes-HDFS Access remote HDFS running outside Kubernetes

11 HDFS on Kubernetes github.com/apache-spark-on-k8s/kubernetes-HDFS
Job 1 github.com/apache-spark-on-k8s/kubernetes-HDFS Job 2 HDFS Driver Pod Executor Pod 1 Executor Pod 2 Client Driver Pod Executor Pod 1 Executor Pod 2 Client Datanode Pod 2 Namenode Pod Datanode Pod 1 node A node B HostPath HostPath hdfs-namenode-selector = hdfs-namenode-0

12 Demo - Spark on K8s accessing secure HDFS
Launch HDFS on K8s Run a Spark job on K8s to use HDFS Check the job pods

13 Problems we fixed in Spark on K8s
HDFS data locality support -- Send compute to data Node locality Rack locality Where to launch executors Secure HDFS support Executor 1 Executor 2 FAST SLOW Datanode 1 Datanode 2 node A node B HDFS is faster than other distributed storage systems Fast in part because it supports data locality.

14 Solved: Node locality (/fileA → Datanode 1 → ) == Location of Executor 1 (/fileA → Datanode 1 → ) == (Executor 1 → → ) (/fileA → Datanode 1 → ) != (Executor 1 → ) Location of fileA == Location of Executor 1 Read /fileB Driver Executor Pod 1 Executor Pod 2 Read /fileA /fileA /fileB Namenode Pod Datanode Pod 2 Datanode Pod 1 node A node B

15 Solved: Rack locality SLOW 10.0.1.2 10.0.2.2 10.0.0.2 196.0.0.5
(/fileA → Datanode 1 → → Rack 1) == (Executor 1 → → → Rack 1) (/fileA → Datanode 1 → → Rack 1) != (Executor 1 → ) Rack of fileA == Rack of Executor 1 Read /fileB Driver Executor Pod 1 Executor Pod 2 Read /fileA SLOW /fileA /fileB Datanode Pod 1 Datanode Pod 2 Datanode Pod 3 node A node B node C Rack 1 Rack 2

16 Solved: Node preference
Hey K8s, I’d like node A much more for my executors Node affinity Driver Executor Pod 1 Executor Pod 2 /fileA Datanode Pod 2 Datanode Pod 1 /fileB node A node B

17 Rescued data locality! The job was TeraValidate
without data locality fix duration: 25 minutes with data locality fix duration: 10 minutes The job was TeraValidate Two runs processed the same input AWS CloudWatch chart

18 Problems we fixed in Spark on K8s
HDFS data locality support Secure HDFS support Kerberos tickets HDFS tokens Long running jobs

19 encrypted with HDFS’ password
Kerberos, simplified encrypted with A’s password encrypted with session key SK1 Order # SK1 Customer copy Order # SK1 Merchant copy I’m user A. May I talk to HDFS? SK1 Kerberos Server You guys should talk only if the other side knows SK1. I’ll secretly give SK1 only to each of you. I guarantee that the other side is genuine if they know SK1. SK1 copy for User A SK1 copy for HDFS A’s password HDFS’ password User A Ticket to HDFS SK1 copy for HDFS SK1 SK1 HDFS namenode Session 1 Requests/Responses HDFS’ password

20 HDFS Delegation Token Kerberos ticket, no good for executors on cluster nodes. Stamped with the client IP. Give tokens to driver and executors instead. Issued by namenode only if the client has a valid Kerberos ticket. No client IP stamped. Permit for driver and executors to use HDFS on your behalf across all cluster nodes.

21 Solved: Share tokens via K8s Secret
Driver Pod Executor Pod 1 Executor Pod 2 Client Secret 1 Kerberos Namenode Pod Datanode Pod 1 Datanode Pod 2 node A node B

22 Solved: Refresh tokens with K8s microservice
Driver Pod Executor Pod 1 Executor Pod 2 Client Refresh Pod Secret 1 Kerberos Namenode Pod Datanode Pod 2 node A Datanode Pod 1 node B

23 Solved: Keep Secret to yourself with K8s RBAC
Job 1 Job 2 Driver Pod Executor Pod 1 Executor Pod 2 Client Secret 1 Secret 1 Driver Pod Executor Pod 1 Executor Pod 2 Client node A node B

24 Recap Data locality works. Supports secure HDFS. Open problems
Performance? Namenode High Availability

25 github.com/apache-spark-on-k8s
Join us! github.com/apache-spark-on-k8s

Download ppt "HDFS on Kubernetes -- Lessons Learned"

Similar presentations

RASPro is a secure high performance remote application delivery platform through a perfect combination of application hosting and application streaming.

RASPro is a secure high performance remote application delivery platform through a perfect combination of application hosting and application streaming.
Buffers & Spoolers J L Martin 2009. Think about it… All I/O is relatively slow. For most of us, input by typing is painfully slow. From the CPUs point.

Buffers & Spoolers J L Martin Think about it… All I/O is relatively slow. For most of us, input by typing is painfully slow. From the CPUs point.
Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.
P2P data retrieval DHT (Distributed Hash Tables) Partially based on Hellerstein’s presentation at VLDB2004.

P2P data retrieval DHT (Distributed Hash Tables) Partially based on Hellerstein’s presentation at VLDB2004.
PlanetLab Operating System support* *a work in progress.

PlanetLab Operating System support* *a work in progress.
Introduction to Virtualization

Introduction to Virtualization
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
MongoDB Sharding and its Threats

MongoDB Sharding and its Threats
Google Distributed System and Hadoop Lakshmi Thyagarajan.

Google Distributed System and Hadoop Lakshmi Thyagarajan.
Take An Internal Look at Hadoop Hairong Kuang Grid Team, Yahoo! Inc

Take An Internal Look at Hadoop Hairong Kuang Grid Team, Yahoo! Inc
Cloud Computing for the Enterprise November 18th, 2011. This work is licensed under a Creative Commons.

Cloud Computing for the Enterprise November 18th, This work is licensed under a Creative Commons.
Module 13: Configuring Availability of Network Resources and Content.

Module 13: Configuring Availability of Network Resources and Content.
Windows Azure Conference 2014 Running Docker on Windows Azure.

Windows Azure Conference 2014 Running Docker on Windows Azure.
UNIX System Administration OS Kernal Copyright 2002, Dr. Ken Hoganson All rights reserved. OS Kernel Concept Kernel or MicroKernel Concept: An OS architecture-design.

UNIX System Administration OS Kernal Copyright 2002, Dr. Ken Hoganson All rights reserved. OS Kernel Concept Kernel or MicroKernel Concept: An OS architecture-design.
Module 7: Fundamentals of Administering Windows Server 2008.

Module 7: Fundamentals of Administering Windows Server 2008.
608D CloudStack 3.0 Omer Palo Readiness Specialist, WW Tech Support Readiness May 8, 2012.

608D CloudStack 3.0 Omer Palo Readiness Specialist, WW Tech Support Readiness May 8, 2012.
Cisco Confidential © 2010 Cisco and/or its affiliates. All rights reserved. 1 MSE Virtual Appliance Presenter Name: Patrick Nicholson.

Cisco Confidential © 2010 Cisco and/or its affiliates. All rights reserved. 1 MSE Virtual Appliance Presenter Name: Patrick Nicholson.
1 Week #10Business Continuity Backing Up Data Configuring Shadow Copies Providing Server and Service Availability.

1 Week #10Business Continuity Backing Up Data Configuring Shadow Copies Providing Server and Service Availability.
Android Security Auditing Slides and projects at samsclass.info.

Android Security Auditing Slides and projects at samsclass.info.
Cloud Computing is a Nebulous Subject Or how I learned to love VDF on Amazon.

Cloud Computing is a Nebulous Subject Or how I learned to love VDF on Amazon.

Similar presentations

Ads by Google