Samenvatting

Kubernetes adoption has grown drastically since its release in 2014. Today, Kubernetes has become the de-facto standard to deploy and orchestrate containerized applications. Avisi Managed Environments (AME) is a cloud-agnostic platform that provides fully managed Kubernetes clusters that host mission-critical applications and data.
There are plans to grow the platform and attract more enterprise customers. However, AME presents limitations for certain use cases such as jurisdiction compliance, disaster recovery, high availability, multi-/hybrid-cloud strategies, and more. To solve the above use cases, the Kubernetes environments need to stretch beyond the boundaries of a single region or cloud provider. It is not practical to stretch a single Kubernetes cluster, however, multi-cluster architectures have the potential to address the issue.
Kubernetes multi-cluster architectures introduce primarily two types of challenges: network connectivity and orchestration of workloads across clusters. While networking in a single cluster has been standardized, the solutions that extend it to multi-clusters are novel and unexplored. This graduation project aims to evaluate a wide range of multi-cluster connectivity solutions and propose an architecture that meets the requirements and accounts for the constraints of the current platform.  
A literature study focused primarily on the Cloud Native Computing Foundation (CNCF) resources helped to determine nine potential solutions. The research shows that most projects have not yet reached a production-ready status and that there is no single solution to satisfy all AME use cases. Multi-criteria analysis and prototyping led to three final architecture proposals based on Linkerd, Liqo, and NSM.
Linkerd is the simplest architecture that enables direct L7 connectivity between services in different clusters which covers most generic use cases. Liqo can flatten L3 networking across AME clusters using secure VPN tunnels. Moreover, Liqo architecture provides multi-cluster orchestration capabilities that drastically simplify deploying to and operating a multi-cluster environment. NSM is best-suited for scenarios when applications require lower-level network features or non-standard protocols that use Ethernet/IP payloads at L2/L3.
The proposed designs were tested with proof-of-concept using test Kubernetes clusters and mock applications. Further investigation is required to evaluate proposed architectures with real applications.