Running Science/EO application stack on Kubernetes in CloudFerro Cloud
Technologies based on containers have revolutionized the way that applications and workflows get deployed. They greatly reduce overheads linked to system configuration and promote use of micro-services for delivering clean, maintainable software.
One of the key benefits of containers is “plug and play” access to a broad ecosystem of open-source tools. With Kubernetes, this is elevated to yet another dimension. Entire full-stack, production-grade and highly scalable systems can be provisioned with literally a few commands using Kubernetes.
With Kubernetes as a Service on CloudFerro Cloud, we provide a complete solution for provisioning Kubernetes clusters. Some of their key features cover built-in Autoscaling, Auto-Healing, native integration with Storage/Networking and High Availability. Clusters are integrated with OpenStack and have direct access to EODATA repository. A cluster can be created from UI in few minutes, for reference check Create a Kubernetes cluster on CREODIAS CloudFerro Cloud.
An up and running cluster is a good start. Yet, we also aim to equip our customers to run a full-stack solution, with additional tools that are frequently required. Science and EO tools along with other general-use utilities are the key ones we do support and aim to support further.
Once you have your cluster up and running, you can swiftly apply these additional tools from the EO and Science domain:
- Argo Workflows – Argo is a complete container-native system for running complex workflows, which is a great fit e.g., for satellite image batch processing. To try it out you can follow the guide: Install and run Argo Workflows on CloudFerro Cloud Kubernetes. We also provide a GitHub repository with sample workflows and Docker images focused on large scale earth observation image processing.
- MapServer WMS – MapServer is a mature WMS solution for serving interactive maps. We have developed our own Helm chart that launches MapServer instances on Kubernetes and automatically refreshes the deployment based on map file changes. The chart is available and documented on a GitHub repository and can be reused by our clients and partners.
- JupyterHub – you can enable Data Science teams in your organization with own Jupyter workspaces by Installing JupyterHub on Kubernetes in Creodias Cloud. Such deployment on Kubernetes can be further configured for use with OpenID Connect, HTTPS, custom storage setup and other features.
Another range of tools we suggest are linked to enhance your cluster around security, compliance and application performance:
- Hashicorp Vault. Follow the guide Install Hashicorp Vault on Kubernetes in CloudFerro Cloud for deploying a tight control secret management tool for secure storing e.g., passwords, certificates and encryption keys.
- Keda and Prometheus. Check out Keda with Prometheus on Kubernetes in CREODIAS Cloud for enabling scaling your application based on the application traffic, measured with number of HTTP requests.
- Velero. For scheduling backups of your cluster or running migrations, use Velero, which we demonstrate in the knowledge base article: backup your Kubernetes cluster using Velero on CloudFerro Cloud
- CertManager. For adding HTTPS capability to your services smoothly, use the following CertManager guide: Deploy HTTPS services on Kubernetes in CloudFerro Cloud
We are testing other solutions to document integrating them with Kubernetes clusters running on CloudFerro Cloud. The additional tools, which we plan to validate and add to the knowledge base, are:
- Keycloak – a complete Identity Management suite providing advanced IM capabilities out of the box: Single-Sign On, multi-factor authentication, federation to external identity providers, custom authorization flows.
- Noobaa – the tool adds capability to integrate multiple storage backends and expose them over a unified endpoint available via S3 API. From the user perspective this enables setting up multi-cloud storage and addressing related use cases e.g., tiering, mirroring or others.
- Harbor – a dedicated solution for running your own private container registries. Especially relevant for scenarios where such isolation is required or when public registries might not specify certain specific requirements.
We look forward to validating other solutions on CREODIAS Cloud. We would like to hear from you which of them you find especially relevant. Please complete a 2-minute survey about Kubernetes tools you would like to see supported here.
Go to survey.
Author: Paweł Turkowski, Product Manager at CloudFerro.