A Guide to Stateful Kubernetes: Federation and Multi-Cluster Explained
February 09, 2021

Cyril Plisko
Replix

So, you've finally decided to use Kubernetes for stateful applications? Congrats! (And good luck.)

But first, let's put the Champagne back on the ice and talk about data — the chain that binds your stateful architecture to a single location. If you're only using a single region, you're in luck, but what happens when the same application needs to run on multiple regions? Or, even worse, multiple clouds?

Stateless applications use service meshes so that the application layer could communicate across clusters. But stateful applications are a different animal. They require you to have available synced data. 

Now you are faced with some tough questions. How can you ensure that your application is running consistently if the distance between the application and its data varies? How would you solve that issue? Perhaps it’s better to not venture into that mess at all?

Stateful Challenges Come at Scale. Remember the CAP Theorem?

If I'm running a database on a Kubernetes cluster, all the pods require access to a local volume to store and read data. In other words, any entry that was done with one pod should be seen by the rest of the pods.

Consistency, or the requirement that every read is updated with the latest write, sounds simple. But if your goal is to enjoy the true benefit of distributed network availability, limiting yourself to applications that run close to their data with as little room as possible for error is not enough.

Not a problem, you might say. I'll set up a centralized database to take care of all my pod's and cluster’s stateful requests.

Congrats, you've just introduced a single point of failure to unite them all; if something happens, none of your pods will have access to data, a double-edged sword that breaks the partition tolerance.

Balance is key, and the tradeoff between consistency, availability, and partitioning is of paramount importance. Could we solve this by simply adding another cluster?

What is Multi-Cluster, and What to Do with It?

Once you've designed and coded your application and you've built containers, in theory, all that is left is the simple task of running them. But getting from code to up and running is not nearly as simple, as anyone who has ever built a containerized application will attest.

Before deploying to the production environment, you need to run various dev/test/stage cycles. You also need to think of scale — your production application may need to run in many different places for reasons like horizontal scalability, resiliency, or close proximity to end-users.

Multi-cluster is a deployment strategy that runs multiple Kubernetes clusters. Running multiple clusters is common, but the issues start when you need pods to communicate with one another.

Multi-cluster is a strategy to deploy containerized applications across multiple Kubernetes Clusters.

Multi-cluster use cases:

Improved application availability: A cluster that does not have another cluster is a source of failure. Having multiple cloned clusters that can failover in case a main cluster is damaged provides higher regional performance.

Support for large organizations:  Running multiple clusters in different environments. Multi-clustering will consolidate all clusters into a single management portal, giving the ability to deploy applications across multiple availability zones and clusters. By standardizing the cluster creation across environments, overhead can be reduced as well as  time to market for features and updates. In addition, multi-cluster deployments are easily scalable.

Isolation: The ability to un-multicluster by creating individual fault domains. Updating of the clusters can be phased to reduce the impact of faulty versions or malicious code.

Performance: The closer the application's proximity to the end-user, the lower the latency and the risk to data in transit.

Compliance: There are laws in many countries that govern where you can store users' data. Depending on the regulations, you might have to store the data from users in China within the country. Having a system that spans multiple regions enables you to do just that. If you only have a data center in the US, then you're going to have a tough time working with a global user-base.

Federating Stateful Applications

The idea behind federation is to provide a single configuration to manage the application across multiple clusters or regions.

Federation use cases:

Reduced Configuration Management Complexity: A single location to consolidate cluster management. In this use case, the data is not shared across the application, and it works well for stateless applications.

High Availability (HA): Add cluster redundancy for business continuity (BCP), which is also a good solution for stateless applications.

Stateless applications enjoy the true benefits of multi-cluster and federated Kubernetes; stateful is a different story

The portability of stateless applications gives them the ability to run anywhere, but not all applications are stateless; most applications are dependent on data, data that does not act by the same rule book as stateless applications.

Data binds the application to its storage locations. A physical location becomes an app dependency, and every request from the data creates latency according to its distance from the application resulting in service inconsistency.

When it comes to stateful applications, you can solve those problems by treating your state just as you do your containers.Instead of forcing the application to run where the data happened to be originally provisioned, the data needs to follow the application.

Cyril Plisko is Founder and CTO of Replix
Share this

Industry News

February 02, 2023

Red Hat announced a multi-stage alliance to offer customers a greater choice of operating systems to run on Oracle Cloud Infrastructure (OCI).

February 02, 2023

Snow Software announced a new global partner program designed to enable partners to support customers as they face complex market challenges around managing cost and mitigating risk, while delivering value more efficiently and effectively with Snow.

February 02, 2023

Contrast Security announced the launch of its new partner program, the Security Innovation Alliance (SIA), which is a global ecosystem of system integrators (SIs), cloud, channel and technology alliances.

February 01, 2023

Red Hat introduced new security and compliance capabilities for the Red Hat OpenShift enterprise Kubernetes platform.

February 01, 2023

Jetpack.io formally launched with Devbox Cloud, a managed service offering for Devbox.

February 01, 2023

Jellyfish launched Life Cycle Explorer, a new solution that identifies bottlenecks in the life cycle of engineering work to help teams adapt workflow processes and more effectively deliver value to customers.

January 31, 2023

Ably announced the Ably Terraform provider.

January 31, 2023

Checkmarx announced the immediate availability of Supply Chain Threat Intelligence, which delivers detailed threat intelligence on hundreds of thousands of malicious packages, contributor reputation, malicious behavior and more.

January 31, 2023

Qualys announced its new GovCloud platform along with the achievement of FedRAMP Ready status at the High impact level, from the Federal Risk and Authorization Management Program (FedRAMP).

January 30, 2023

F5 announced the general availability of F5 NGINXaaS for Azure, an integrated solution co-developed by F5 and Microsoft that empowers enterprises to deliver secure, high-performance applications in the cloud.

January 30, 2023

Tenable announced Tenable Ventures, a corporate investment program.

January 26, 2023

Ubuntu Pro, Canonical’s comprehensive subscription for secure open source and compliance, is now generally available.

January 26, 2023

Mirantis, freeing developers to create their most valuable code, today announced that it has acquired the Santa Clara, California-based Shipa to add automated application discovery, operations, security, and observability to the Lens Kubernetes Platform.

January 25, 2023

SmartBear has integrated the powerful contract testing capabilities of PactFlow with SwaggerHub.

January 25, 2023

Venafi introduced TLS Protect for Kubernetes.