TY - JOUR
T1 - Multitenant Containers as a Service (CaaS) for Clouds and Edge Clouds
AU - Senel, Berat Can
AU - Mouchet, Maxime
AU - Cappos, Justin
AU - Friedman, Timur
AU - Fourmaux, Olivier
AU - Mcgeer, Rick
N1 - Publisher Copyright:
© 2013 IEEE.
PY - 2023
Y1 - 2023
N2 - In recent years, along with containers, the cloud community has rapidly taken up Kubernetes, the de facto industry standard container orchestration system. All major cloud providers currently offer Kubernetes-based Containers as a Service (CaaS). However, when CaaS is offered to multiple independent consumers, or tenants, a multi-instance approach is used, in which each tenant receives its own separate cluster, which imposes significant overhead due to employing virtual machines for isolation. If CaaS is to be offered not only in the cloud, but also in the edge cloud, where resources are limited, another solution is required. In this paper, drawing upon the scientific literature, we provide a novel classification of Kubernetes multitenancy into three approaches: multi-instance through multiple clusters, multi-instance through multiple control planes, and single-instance native. We propose a single-instance multitenancy framework, meaning tenants are served out of a shared control plane in a single cluster. Our empirical findings show that the single-instance approach imposes a markedly decreased overhead compared to the other two. However, it entails a tradeoff in workload isolation owing to tenants sharing the compute nodes. There are nonetheless means to compensate for such weakened isolation, and we describe how our framework does so. The framework is publicly available as liberally-licensed, free, open-source software that extends Kubernetes. It is in production use within the EdgeNet testbed for researchers.
AB - In recent years, along with containers, the cloud community has rapidly taken up Kubernetes, the de facto industry standard container orchestration system. All major cloud providers currently offer Kubernetes-based Containers as a Service (CaaS). However, when CaaS is offered to multiple independent consumers, or tenants, a multi-instance approach is used, in which each tenant receives its own separate cluster, which imposes significant overhead due to employing virtual machines for isolation. If CaaS is to be offered not only in the cloud, but also in the edge cloud, where resources are limited, another solution is required. In this paper, drawing upon the scientific literature, we provide a novel classification of Kubernetes multitenancy into three approaches: multi-instance through multiple clusters, multi-instance through multiple control planes, and single-instance native. We propose a single-instance multitenancy framework, meaning tenants are served out of a shared control plane in a single cluster. Our empirical findings show that the single-instance approach imposes a markedly decreased overhead compared to the other two. However, it entails a tradeoff in workload isolation owing to tenants sharing the compute nodes. There are nonetheless means to compensate for such weakened isolation, and we describe how our framework does so. The framework is publicly available as liberally-licensed, free, open-source software that extends Kubernetes. It is in production use within the EdgeNet testbed for researchers.
KW - Edge computing
KW - Kubernetes
KW - cloud computing
KW - containers as a service
KW - multitenancy
UR - http://www.scopus.com/inward/record.url?scp=85181790566&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85181790566&partnerID=8YFLogxK
U2 - 10.1109/ACCESS.2023.3344486
DO - 10.1109/ACCESS.2023.3344486
M3 - Article
AN - SCOPUS:85181790566
SN - 2169-3536
VL - 11
SP - 144574
EP - 144601
JO - IEEE Access
JF - IEEE Access
ER -