Federated Kubevirt

Federated KubeVirt

Federated KubeVirt is a reference implementation of deploying and managing KubeVirt across multiple Kubernetes clusters using Federation-v2.

Federation-v2 is an API and control-plane for actively managing multiple Kubernetes clusters and applications in those clusters. This makes Federation-v2 a viable solution for managing KubeVirt deployments that span multiple Kubernetes clusters.

Federation-v2 Deployment

We assume federation is already deployed (using latest stable version) and you have configured your two clusters with context cluster1 and cluster2

Federated KubeVirt Deployment

We create KubeVirt namespace on first cluster:

kubectl create ns kubevirt

We then create a placement for this namespace to get replicated to the second cluster.

kubectl create -f federated_namespace.yaml

NOTE: This yaml file was generated for version 0.14.0. but feel free to edit in order to use a more recent version of the operator

We create the federated objects required as per kubevirt deployment:

kubefed2 enable ClusterRoleBinding
kubefed2 enable CustomResourceDefinition

And federated kubevirt itself, with placements so that it gets deployed at both sites.

kubectl create -f federated_kubevirt-operator.yaml

This gets KubeVirt operator deployed at both sites, which creates the Custom Resource definition KubeVirt. We then deploy kubevirt by federating this CRD and creates an instance of it.

kubefed2 enable kubevirts
kubectl create -f federated_kubevirt-cr.yaml

To help starting/stopping vms and connecting to consoles, we install virtctl (which is aware of contexts):

wget https://github.com/kubevirt/kubevirt/releases/download/$VERSION/virtctl-$VERSION-linux-amd64
mv virtctl-$VERSION-linux-amd64 /usr/bin/virtctl
chmod +x /usr/bin/virtctl

KubeVirt Deployment Verification

Verify that all KubeVirt pods are running in the clusters:

$ for c in cluster1 cluster2; do kubectl get pods -n kubevirt --context ${c} ; done
NAME                               READY     STATUS    RESTARTS   AGE
virt-api-578cff4f56-2dsml          1/1       Running   0          3m
virt-api-578cff4f56-8mk27          1/1       Running   0          3m
virt-controller-7d8c4fbc4c-pfwll   1/1       Running   0          3m
virt-controller-7d8c4fbc4c-xvlvr   1/1       Running   0          3m
virt-handler-plfg7                 1/1       Running   0          3m
virt-operator-67c86544f7-pnjjk     1/1       Running   0          5m
NAME                               READY     STATUS    RESTARTS   AGE
virt-api-578cff4f56-jjbmf          1/1       Running   0          3m
virt-api-578cff4f56-m6g2c          1/1       Running   0          3m
virt-controller-7d8c4fbc4c-tt9tz   1/1       Running   0          3m
virt-controller-7d8c4fbc4c-zf6hh   1/1       Running   0          3m
virt-handler-bldss                 1/1       Running   0          3m
virt-operator-67c86544f7-zz5jc     1/1       Running   0          5m

Now that KubeVirt is up and created its own custom resource types, we federate them:

kubefed2 enable virtualmachines
kubefed2 enable virtualmachineinstances
kubefed2 enable virtualmachineinstancepresets
kubefed2 enable virtualmachineinstancereplicasets
kubefed2 enable virtualmachineinstancemigrations

For demo purposes, we also federate persistent volume claims:

kubefed2 enable persistentvolumeclaim

Demo Workflow

We create a federated persistent volume claim, pointing to an existing pv created at both sites, against the same nfs server:

kubectl create -f federated_pvc.yaml

We then create a federated virtualmachine, with a placement so that itโ€™s only created at cluster1

kubectl create -f federated_vm.yaml

We can check how its underlying pod only got created at one site:

$ for c in cluster1 cluster2; do kubectl get pods --context ${c} ; done
NAME                          READY     STATUS    RESTARTS   AGE
virt-launcher-testvm2-9dq48   2/2       Running   0          6m
No resources found.

Once the vm is up, we connect to it and format its secondary disk, put some data there

Playing with placement resource, we have it stopping at cluster1 and launch at cluster2.

kubectl patch federatedvirtualmachineplacements  testvm2 --type=merge -p '{"spec":{"clusterNames": ["cluster2"]}}'

We can then connect there and see how the data is still available!!!

Final Thoughts

Federating KubeVirt allows interesting use cases around kubevirt like disaster recovery scenarios.

More over, the pattern used to federate this product can be seen as a generic way to federate modern applications:

  • federate operator
  • federate the CRD deploying the app (either at both sites or selectively)
  • federate the CRDS handled by the app