Multus CNI กับ CDN Configuration — วิธีใช้
Multus CNI
Multus CNI Meta CNI Plugin Kubernetes Pod หลาย Network Interfaces Secondary Networks Data Plane แยก Management Data Storage SR-IOV High Performance
CDN Content Delivery Network เซิร์ฟเวอร์กระจายทั่วโลก Cache เนื้อหาใกล้ผู้ใช้ ลด Latency Cloudflare CloudFront Fastly Akamai
Multus CNI Setup
=== Multus CNI Installation และ Configuration ===
1. ติดตั้ง Multus CNI
kubectl apply -f https://raw.githubusercontent.com/k8snetworkplumbingwg/multus-cni/master/deployments/multus-daemonset-thick.yml
2. ตรวจสอบ
kubectl get pods -n kube-system | grep multus
kubectl get network-attachment-definitions
3. NetworkAttachmentDefinition — กำหนด Secondary Network
apiVersion: k8s.cni.cncf.io/v1
kind: NetworkAttachmentDefinition
metadata:
name: data-network
spec:
config: |
{
"cniVersion": "0.3.1",
"type": "macvlan",
"master": "eth1",
"mode": "bridge",
"ipam": {
"type": "host-local",
"subnet": "10.10.0.0/16",
"rangeStart": "10.10.1.20",
"rangeEnd": "10.10.3.250",
"routes": [{"dst": "0.0.0.0/0"}],
"gateway": "10.10.0.1"
}
}
4. SR-IOV Network (High Performance)
apiVersion: k8s.cni.cncf.io/v1
kind: NetworkAttachmentDefinition
metadata:
name: sriov-net
annotations:
k8s.v1.cni.cncf.io/resourceName: intel.com/sriov_netdevice
spec:
config: |
{
"cniVersion": "0.3.1",
"type": "sriov",
"vlan": 100,
"ipam": {
"type": "host-local",
"subnet": "10.20.0.0/24"
}
}
5. Pod with Multiple Networks
apiVersion: v1
kind: Pod
metadata:
name: cdn-edge
annotations:
k8s.v1.cni.cncf.io/networks: data-network, sriov-net
spec:
containers:
- name: edge-server
image: nginx:latest
ports:
- containerPort: 80
resources:
limits:
intel.com/sriov_netdevice: "1"
network_types = {
"macvlan": {
"description": "สร้าง Virtual NIC จาก Physical NIC",
"performance": "ดี ใกล้เคียง Physical",
"use_case": "ทั่วไป แยก Network",
},
"ipvlan": {
"description": "คล้าย macvlan แต่ใช้ MAC เดียวกัน",
"performance": "ดี",
"use_case": "เมื่อ Switch จำกัด MAC Address",
},
"SR-IOV": {
"description": "Hardware Virtualization ตรงจาก NIC",
"performance": "ดีมาก ใกล้เคียง Bare Metal",
"use_case": "High Performance, NFV, CDN Edge",
},
"bridge": {
"description": "Linux Bridge เชื่อม Network",
"performance": "ปานกลาง",
"use_case": "ทดสอบ Development",
},
}
print("Multus CNI Network Types:")
for net_type, info in network_types.items():
print(f"\n [{net_type}]")
for key, value in info.items():
print(f" {key}: {value}")
CDN Configuration
# cdn_config.py — CDN Configuration
from dataclasses import dataclass, field
from typing import List, Dict
@dataclass
class CDNEdge:
location: str
ip: str
capacity: str
networks: List[str]
class CDNArchitecture:
"""CDN Architecture with Multus CNI"""
def __init__(self):
self.edges: List[CDNEdge] = []
def add_edge(self, edge: CDNEdge):
self.edges.append(edge)
def show_topology(self):
print(f"\n{'='*55}")
print(f"CDN Edge Network Topology")
print(f"{'='*55}")
for edge in self.edges:
print(f"\n [{edge.location}] {edge.ip}")
print(f" Capacity: {edge.capacity}")
print(f" Networks: {', '.join(edge.networks)}")
def cache_config(self):
"""CDN Cache Configuration"""
cache_rules = {
"Static Assets": {
"pattern": "*.js, *.css, *.png, *.jpg, *.woff2",
"ttl": "1 year (31536000s)",
"cache_control": "public, max-age=31536000, immutable",
},
"HTML Pages": {
"pattern": "*.html",
"ttl": "5 minutes (300s)",
"cache_control": "public, max-age=300, s-maxage=600",
},
"API Responses": {
"pattern": "/api/*",
"ttl": "0 (no cache) หรือ 60s",
"cache_control": "private, no-cache หรือ max-age=60",
},
"Video/Audio": {
"pattern": "*.mp4, *.webm, *.mp3",
"ttl": "1 week (604800s)",
"cache_control": "public, max-age=604800",
},
}
print(f"\n CDN Cache Rules:")
for content, rule in cache_rules.items():
print(f"\n [{content}]")
for key, value in rule.items():
print(f" {key}: {value}")
cdn = CDNArchitecture()
edges = [
CDNEdge("Bangkok (TH)", "10.10.1.10", "100 Gbps",
["Management (eth0)", "Data (eth1-macvlan)", "Storage (eth2-sriov)"]),
CDNEdge("Singapore (SG)", "10.10.2.10", "100 Gbps",
["Management (eth0)", "Data (eth1-macvlan)"]),
CDNEdge("Tokyo (JP)", "10.10.3.10", "50 Gbps",
["Management (eth0)", "Data (eth1-macvlan)"]),
CDNEdge("US West (US)", "10.10.4.10", "100 Gbps",
["Management (eth0)", "Data (eth1-sriov)"]),
]
for edge in edges:
cdn.add_edge(edge)
cdn.show_topology()
cdn.cache_config()
# CDN Providers
providers = {
"Cloudflare": {"type": "Global CDN + Security", "free_tier": "Yes", "edge_locations": "300+"},
"AWS CloudFront": {"type": "AWS Integrated CDN", "free_tier": "1TB/month", "edge_locations": "450+"},
"Fastly": {"type": "Edge Computing CDN", "free_tier": "Limited", "edge_locations": "80+"},
"Akamai": {"type": "Enterprise CDN", "free_tier": "No", "edge_locations": "4000+"},
"Bunny CDN": {"type": "Budget CDN", "free_tier": "Trial", "edge_locations": "120+"},
}
print(f"\n\nCDN Providers:")
for provider, info in providers.items():
print(f" {provider}: {info['type']} | Edges: {info['edge_locations']} | Free: {info['free_tier']}")Nginx CDN Edge Config
nginx_cdn.conf — Nginx CDN Edge Configuration
# nginx.conf สำหรับ CDN Edge Server
worker_processes auto;
worker_rlimit_nofile 65535;
events {
worker_connections 65535;
multi_accept on;
use epoll;
}
http {
# Performance
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
keepalive_requests 1000;
# Cache Path
proxy_cache_path /var/cache/nginx
levels=1:2
keys_zone=cdn_cache:100m
max_size=50g
inactive=7d
use_temp_path=off;
# Upstream Origin
upstream origin {
server origin.example.com:443;
keepalive 64;
}
server {
listen 80;
listen 443 ssl http2;
server_name cdn.example.com;
# SSL
ssl_certificate /etc/nginx/ssl/cert.pem;
ssl_certificate_key /etc/nginx/ssl/key.pem;
ssl_protocols TLSv1.2 TLSv1.3;
# Static Assets — Cache 1 Year
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff2)$ {
proxy_pass https://origin;
proxy_cache cdn_cache;
proxy_cache_valid 200 365d;
proxy_cache_key $uri$is_args$args;
add_header X-Cache-Status $upstream_cache_status;
add_header Cache-Control "public, max-age=31536000, immutable";
}
# HTML — Cache 5 Minutes
location ~* \.html$ {
proxy_pass https://origin;
proxy_cache cdn_cache;
proxy_cache_valid 200 5m;
add_header X-Cache-Status $upstream_cache_status;
}
# API — No Cache
location /api/ {
proxy_pass https://origin;
proxy_cache off;
add_header Cache-Control "private, no-cache";
}
# Purge Cache
location /purge/ {
allow 10.0.0.0/8;
deny all;
proxy_cache_purge cdn_cache $uri;
}
}
}
nginx_optimizations = {
"sendfile": "ส่งไฟล์โดยตรงจาก Kernel ไม่ผ่าน User Space",
"tcp_nopush": "ส่ง Headers และ Data พร้อมกัน",
"keepalive": "ใช้ Connection ซ้ำ ลด Handshake",
"proxy_cache": "Cache Response จาก Origin",
"gzip": "บีบอัดข้อมูลก่อนส่ง",
"http2": "Multiplexing หลาย Request บน Connection เดียว",
"ssl_session_cache": "Cache SSL Session ลด Handshake",
}
print("Nginx CDN Optimizations:")
for opt, desc in nginx_optimizations.items():
print(f" {opt}: {desc}")
Best Practices
- Multus: แยก Management Network กับ Data Network ชัดเจน
- SR-IOV: ใช้ SR-IOV สำหรับ High Throughput CDN Edge Servers
- CDN Cache: Static Assets cache นาน API cache สั้นหรือไม่ cache
- Cache-Control: ใช้ immutable สำหรับ Versioned Assets
- Purge: มี Cache Purge API สำหรับ Content Update
- Monitoring: ติดตาม Cache Hit Ratio ควรมากกว่า 90%
Multus CNI คืออะไร
Meta CNI Plugin Kubernetes Pod หลาย Network Interfaces Secondary Networks แยก Management Data Storage SR-IOV High Performance NFV