Heptio Gimbal an open source initiative to unify and manage internet traffic into hybrid cloud environments consisting of multiple Kubernetes clusters and traditional infrastructure technologies including OpenStack. Gimbal builds on established open source projects like Kubernetes, Heptio Contour, and Envoy to provide a robust multi-team load balancing solution that enables businesses to manage traffic across traditional and container-based infrastructure.
Gimbal was developed as a joint effort between Heptio and Yahoo Japan Corporation’s subsidiary, Actapio, to modernize Yahoo Japan’s infrastructure with Kubernetes without impacting the existing infrastructure investments in OpenStack. Actapio recognized that Gimbal would provide a strategic benefit to the larger cloud native community and partnered with Heptio to build a new open source project.
Actapio approached Heptio to architect and co-develop a cloud native load balancing platform to increase their deployment agility and ability to scale web traffic across Kubernetes and OpenStack. They needed a consistent and flexible HTTP load balancing platform that would enable their development teams to manage and route traffic regardless of the upstream deployment platform.
In addition, Actapio desired a platform that is:
- Open source and cloud agnostic to avoid lock-in and leverage commodity hardware
- Scalable to support their massive amount of internet traffic
- Simple and flexible via self-service configuration of routing rules, load balancing strategies, and canary deployments by individual development teams
- Cloud native but legacy friendly by integrating existing systems into a unified traffic tier
Actapio is not alone in these desires. Many large organizations have existing workloads in non-containerized platforms. They want to shift these workloads and development tooling to cloud native platforms like Kubernetes, but encounter similar issues in managing how and where to route traffic in a cloud native way without disrupting their customer experience.
Designing a cloud native load balancing control plane
Heptio Gimbal is not a traditional load balancer. Gimbal is a powerful multi-team, multi-platform load balancing control plane that enables businesses to manage traffic across traditional and container-based infrastructure using cloud native design patterns.
Load balancing systems like Gimbal distribute web traffic across multiple backend applications running in different computing environments. Unlike traditional hardware load balancers, Gimbal runs on open source Kubernetes, so that it can leverage commodity infrastructure rather than expensive proprietary hardware systems. This results in cost-savings and increased scalability and agility for organizations. Additionally, this makes Gimbal cloud-agnostic as well as providing a powerful load balancer for bare metal and on-premises environments.
Specialized hardware load balancers provide high throughput, but are expensive to replace or upgrade and often lack flexibility and programmability for rapid iteration. Gimbal leverages Kubernetes to provide a horizontally scalable deployment platform that makes it easy to upgrade the software. Kubernetes’ native role based access control (RBAC) paired with its extensible and flexible API allow for safe self-service configuration of routing rules by development teams.
Gimbal’s discovery system creates and synchronizes native Kubernetes Service and Endpoint objects to each team’s namespace based on discovered applications in upstream Kubernetes and OpenStack clusters. This allows developers to visualize their upstream applications using standard Kubernetes tooling like kubectl. At launch, Gimbal supports discovering services from Kubernetes 1.7+ and OpenStack Mitaka, but we envision supporting other platforms like Amazon EC2 or VMware in the future. The initial release of Gimbal is designed for environments with routable container networks. In the future, we also plan on adding support for overlay networks or other restricted networking environments.
Routing and policy configurations are managed by Heptio Contour, a Kubernetes Ingress controller using Envoy. Envoy is a high-performance distributed service proxy that can be dynamically configured via robust APIs. Initially, developers and cluster administrators will leverage Kubernetes Ingress objects to define the routing configuration. Later this year, Contour will support a new IngressRoute Custom Resource Definition that will enable more advanced capabilities like weight-shifting, load balancing strategies, and cross-cluster backends. Perhaps more importantly, this new design will enable strong multi-team policy capabilities, a notable deficiency in Kubernetes’ current Ingress architecture. We will be working with the Kubernetes community to take lessons from Gimbal and Contour to help drive the design of upstream Kubernetes Ingress forward.
Observability is essential when operating at significant scale. Gimbal and its dependencies provide Prometheus-compatible metrics that can be used to provide a comprehensive monitoring and alerting system. At launch, Gimbal provides an example deployment of Prometheus, Alertmanager, and Grafana, plus some dashboards to get started quickly.
Learn more
The Gimbal project is available as 0.1 release today on GitHub. It is a technical preview release that we will continue to develop in the open with the community and our partner Actapio. We invite you to try it out and we are excited to work with the Kubernetes and OpenStack communities to continue to refine this project.
Learn more about Heptio at www.heptio.com.
If you’re headed to KubeCon + CloudNativeCon in Copenhagen next week, stop by the Heptio Booth S-C29 to meet technical representatives from Heptio and Actapio.
Introducing Heptio Gimbal: Bridging cloud native and traditional infrastructure was originally published in Heptio on Medium, where people are continuing the conversation by highlighting and responding to this story.