IEEE Access (Jan 2023)
Multitenant Containers as a Service (CaaS) for Clouds and Edge Clouds
Abstract
In recent years, along with containers, the cloud community has rapidly taken up Kubernetes, the de facto industry standard container orchestration system. All major cloud providers currently offer Kubernetes-based Containers as a Service (CaaS). However, when CaaS is offered to multiple independent consumers, or tenants, a multi-instance approach is used, in which each tenant receives its own separate cluster, which imposes significant overhead due to employing virtual machines for isolation. If CaaS is to be offered not only in the cloud, but also in the edge cloud, where resources are limited, another solution is required. In this paper, drawing upon the scientific literature, we provide a novel classification of Kubernetes multitenancy into three approaches: multi-instance through multiple clusters, multi-instance through multiple control planes, and single-instance native. We propose a single-instance multitenancy framework, meaning tenants are served out of a shared control plane in a single cluster. Our empirical findings show that the single-instance approach imposes a markedly decreased overhead compared to the other two. However, it entails a tradeoff in workload isolation owing to tenants sharing the compute nodes. There are nonetheless means to compensate for such weakened isolation, and we describe how our framework does so. The framework is publicly available as liberally-licensed, free, open-source software that extends Kubernetes. It is in production use within the EdgeNet testbed for researchers.
Keywords